The systemd.service keys like
ExecStartPre etc accept special prefixes to, for example, run a command as root even though the service runs as a user.
Systemd service units are implemented here. As you can see, there’s no way to specify that the script commands run as
root instead of the User (other than making your own script and going via serviceConfig).
-> What would be a good way of configuring that?
Also note that we don’t have a way to say that a unit should run as a certain user, apart from passing the username to
serviceConfig.User, which is a bit of a hack IMHO.
-> Would it not be better to have a
user config key that accepts a real config.users object, which means it can be checked for existence?