How can I grant a user group permission to start/stop a custom service?

I have a service that exists in the root directory and I want to give user group admin permissions to run the service. The service exists in /root/home/custom_service/service.service I tried chgrp admin ./home/custom_service/ then chmod g+rx ./home/custom_service/ When I check the permissions with ls -l ./home/custom_service/ I get -rw-r-xr-- 1 root admin 449 May 30 11:23 service.service When I try and run the service from my testUsr account (which is in the group admin) this is the result: I ran: systemctl start service.service Result: ==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units === Authentication is required to manage system services or units. Authenticating as: scarycall Password: polkit-agent-helper-1: pam_authenticate failed: Permission denied ==== AUTHENTICATION FAILED === Failed to start service.service: Access denied See system logs and 'systemctl status service.service' for details. Note: I am able to run the service from root. ---------------------------------------------------------------------- UPDATE: Here is my polkit rule file: Array.prototype.includes = function(variable) { for (var i = 0; i < this.length; i++) { if (this[i] === variable) { return true; } } return false; } polkit.addRule(function(action, subject) { var allowed = { units: [ // Here you can add units that you want to allow admin users to manage. "service.service" ], actions: [ "org.freedesktop.systemd1.manage-units" ], verbs: [ "start", "stop", "restart" ] } var unit_name = action.lookup("unit"); polkit.log("Action" + action); polkit.log("Unit=" + unit_name); polkit.log("Action ID=" + action.id); polkit.log("Verb=" + action.lookup("verb")); polkit.log("Subject=" + subject); if (allowed.actions.includes(action.id) && allowed.units.includes(unit_name) && allowed.verbs.includes(action.lookup("verb")) && subject.isInGroup("admin") ) { return polkit.Result.YES; } }); The system I am running on has systemd version 219 which does not pass unit or verb through the action. Here is what the logs from this rule look like: /etc/polkit-1/rules.d/10-insight-service.rules:23: Action[Action id='org.freedesktop.systemd1.manage-units /etc/polkit-1/rules.d/10-insight-service.rules:24: Unit=undefined /etc/polkit-1/rules.d/10-insight-service.rules:25: Action ID=org.freedesktop.systemd1.manage-units /etc/polkit-1/rules.d/10-insight-service.rules:26: Verb=undefined /etc/polkit-1/rules.d/10-insight-service.rules:27: Subject=[Subject pid=13762 user='testUsr' groups=admin seat='' session='2072' local=false active=true] The unit and verb details were not added until v226 seen here: https://github.com/systemd/systemd/commit/88ced61bf9673407f4b15bf51b1b408fd78c149d **RESOLUTION:** Because the system I am running on runs an older version of systemd it does not support the unit or verb details of action. So I resolved to use sudo permissions and that worked. In the sudoer file I added: %admin ALL= NOPASSWD: /bin/systemctl start service.service %admin ALL= NOPASSWD: /bin/systemctl stop service.service %admin ALL= NOPASSWD: /bin/systemctl restart service.service %admin ALL= NOPASSWD: /bin/systemctl status service.service