this post was submitted on 09 Jul 2025
133 points (84.8% liked)
Linux
8394 readers
301 users here now
A community for everything relating to the GNU/Linux operating system (except the memes!)
Also, check out:
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Not true. I run them rootless on my server as we speak. :)
Same here; Rootless Podman Quadlets gang unite (there is two of us in total)
Make that 3!
How do you do that? Please link a description. This has been a major stumbling block for me
Are you placing your service files in
~/.config/containers/systemdof the home dir of the user you want them to run as?Here is a link: https://linuxconfig.org/how-to-run-podman-containers-under-systemd-with-quadlet
Yeah, that works, but it means the services cannot be managed by systemctl as root anymore. Or am I missing something?
You can if you want to. But I don’t think that is best practice. The idea of quadlets is the bring Linux norms to containers. You contain and manage all permissions for that container in that user.
I personally have completely separated users and selinux mls contexts for each container group (formerly docker compose file) and I manage them thusly. It’s more annoying but it substantially more secure.
This being said I think you can do it as root. I think this might work but I am not certain
sudo systemctl --user -M theuser@ status myunit.service