run smaemd as nonprivileged user

[wolfgangr]

May I take disclaimers verbatim and expect smaemd not beeing thoroughly scrutinized and tightly maintained for security vulnerabilities ;-) ?
So may be, as a first level of protection, it's a good Idea to have the demon running 24/7 at somewhat restricted rights than root?

Towards this goal, this is what my /etc/systemd/system/smaemd.service looks like:

[Unit]
Description=SMA Energymeter measurement daemon
After=network.target

[Service]
Type=simple
User=daemon
ExecStartPre=/usr/bin/mkdir -p /dev/shm/smaemd/data
ExecStartPre=/usr/bin/mkdir -p /dev/shm/smaemd/status
ExecStart=/opt/smaemd/sma-daemon.py start_systemd
ExecStop=/opt/smaemd/sma-daemon.py stop
PIDFile=/var/run/smaemd.pid
# ExecStartPost= nothing
Restart=always

[Install]
WantedBy=multi-user.target

User daemon I think is already configured in many Linux installations. I think it has neither shell nor home, so it's pretty much restricted.
You see that I generate folders in /dev/shm for the output of status and simplefilewriter.
Those folders have to match the configuration in /etc/smaemd/config.

It's important that those can be regenerated by the user configured. If this fails, demon will not start.
So, when I change the user, I have to remove those folder manually.
May be that, by default, those files are written to /dev/shm. At least I found some there, belonging to root:root.
May be that was the reason for failure to start the demon when I first time tried to set it to something less than root.

[datenschuft]

In the last commit a separate user was used for the systemd-uit