git.ipfire.org Git - thirdparty/systemd.git/commit

author	Michal Sekletar <msekleta@redhat.com>
	Mon, 19 Dec 2022 16:58:49 +0000 (17:58 +0100)
committer	Michal Sekletar <msekleta@redhat.com>
	Mon, 19 Dec 2022 17:33:24 +0000 (18:33 +0100)
commit	d5e5bc2fe9eaa4697c22b84007f18bda29756573
tree	7e7fc1da35cee6af0b0d0f9653c41270fc6f7fc3	tree \| snapshot
parent	03ee26168f0f32e6e0b9a172b75a5189b0ca2c05	commit \| diff

units: allow systemd-userdbd to change process name

rename_process() requires CAP_SYS_RESOURCE so let's make sure it is in
our permitted set after execve() by adding in to the bounding set.

Previously,
systemd-userdbd.service - User Database Manager
     Loaded: loaded (/usr/lib/systemd/system/systemd-userdbd.service; indirect; preset: disabled)
     Active: active (running) since Mon 2022-12-19 17:07:21 CET; 17min ago
TriggeredBy: ● systemd-userdbd.socket
       Docs: man:systemd-userdbd.service(8)
   Main PID: 1880 (systemd-userdbd)
     Status: "Processing requests..."
      Tasks: 4 (limit: 2272)
     Memory: 5.2M
        CPU: 244ms
     CGroup: /system.slice/systemd-userdbd.service
             ├─1880 /usr/lib/systemd/systemd-userdbd
             ├─2270 systemd-userwork
             ├─2271 systemd-userwork
             └─2272 systemd-userwork

Now,
    Loaded: loaded (/usr/lib/systemd/system/systemd-userdbd.service; indirect; preset: disabled)
     Active: active (running) since Mon 2022-12-19 17:27:02 CET; 15s ago
TriggeredBy: ● systemd-userdbd.socket
       Docs: man:systemd-userdbd.service(8)
   Main PID: 2404 (systemd-userdbd)
     Status: "Processing requests..."
      Tasks: 4 (limit: 2272)
     Memory: 5.5M
        CPU: 89ms
     CGroup: /system.slice/systemd-userdbd.service
             ├─2404 /usr/lib/systemd/systemd-userdbd
             ├─2407 "systemd-userwork: waiting..."
             ├─2408 "systemd-userwork: waiting..."
             └─2409 "systemd-userwork: waiting..."