Am 06.11.20 um 14:57 schrieb Leon Fauster: > Hi, > > following requirement is needed here (forced by application > migration from C6->C8): > > I have two services running under supervision by systemd. > > ServiceA: runs as user AppUser > ServiceB: runs as user AppUser > > ServiceB can see "all" processes from AppUser (ps aux) > running by systemd (in fact it sees no other processes). > So ServiceB can see the processes of ServiceA. > > I have also a cron job that runs every 5 minutes as user AppUser. > > Now the problem is, that ServiceB via ps aux can't see the process of > the cron job albeit running by the same AppUser. > > Which security feature of systemd can be altered to allow seeing all > or at least AppUser's processes? > > ServiceA as only this "features": > PrivateTmp=true > > ServiceB as only this features: > PrivateTmp=true > RuntimeDirectory=calculation > RuntimeDirectoryMode=0755 > > Any hints would be great! Okay, I got it now. The problem was SELinux related instead systemd. Just a unconfined vs confined domain context that mismatched ... -- Leon