Fine-tuning schedule-permission system vs user #569
Description
Hello. This is related to PR #470, specifically as it relates to #517.
To summarize, while there is now an option to schedule things to be run as a specific user without that user being logged in ("schedule-permission: user"), that option requires a system systemd service file/timer.
To achieve that goal, the documentation says to run resticprofile schedule via sudo. This is all well-and-good if you want to give your logged-in user this ability. This does not work in the scenario described in #517, where the whole idea is to have a restricted system user run resticprofile with "read-as-root" capabilities.
The problem is that those users typically don't have a shell and are not part of the sudoers group, and so you can't sudo as them.
I think the scenario being described needs essentially a "system" schedule permission, but with an addition of a 'User=...' bit to the systemd unit file.