Issue ai-bolit not able to run as on-demand service in container server environment

[Liwindo]

Server operating system version

Ubuntu 20.04 ESM

Plesk version and microupdate number

18.0.72

Hi,
I have since the rework of Imunify the issue that ai-bolt will not run as expected. Due to the latest Plesk patch I decided to perform finally some analysis and according to ChatGPT it's related how the tool is designed:

Ah, now it’s clear why the service won’t start:
Failed to create cgroup /Imunify.slice/Imunify-Scan.slice/Imunify-Scan-aibolit.slice/aibolit-resident.service: Permission denied
status=219/CGROUP

The issue is not with ai-bolit itself, but with the cgroup slices that the service tries to use.
The path /Imunify.slice/Imunify-Scan.slice/Imunify-Scan-aibolit.slice is normally created by systemd with root privileges, but in your environment (likely shared hosting or a restrictive container/VM), even root services are not allowed to create their own slices under /Imunify.slice.
That’s why the service immediately fails with 219/CGROUP.

---

Consequences​

• As long as the slice Imunify-Scan-aibolit.slice cannot be created, the resident service cannot run.
• Even if you create the slice under /etc/systemd/system, systemd will block it if you don’t have permission to create sub-slices.
• This is typical in shared hosting or restrictive container environments.

Is it possible to fix that?