git.ipfire.org Git - thirdparty/systemd.git/commit

shared/specifier: fix %u/%U/%g/%G when called as unprivileged user

We would resolve those specifiers to the calling user/group. This is mostly OK
when done in the manager, because the manager generally operates as root
in system mode, and a non-root in user mode. It would still be wrong if
called with --test though. But in systemctl, this would be generally wrong,
since we can call 'systemctl --system' as a normal user, either for testing
or even for actual operation with '--root=…'.

When operating in --global mode, %u/%U/%g/%G should return an error.

The information whether we're operating in system mode, user mode, or global
mode is passed as the data pointer to specifier_group_name(), specifier_user_name(),
specifier_group_id(), specifier_user_id(). We can't use userdata, because
it's already used for other things.

author	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
	Wed, 9 Mar 2022 21:29:19 +0000 (22:29 +0100)
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
	Tue, 29 Mar 2022 14:17:56 +0000 (16:17 +0200)
commit	172e9cc3ee3dcca288d04c744984a9a3b2a0d008
tree	146359ba4b1d7203810ae6a130bca8b046442502	tree \| snapshot
parent	4a84db4c0c2eef6f40da35347c95dfa6b6e3d139	commit \| diff

src/core/unit-printf.c		diff \| blob \| blame \| history
src/shared/install-printf.c		diff \| blob \| blame \| history
src/shared/install-printf.h		diff \| blob \| blame \| history
src/shared/install.c		diff \| blob \| blame \| history
src/shared/specifier.c		diff \| blob \| blame \| history
src/shared/specifier.h		diff \| blob \| blame \| history
src/test/test-load-fragment.c		diff \| blob \| blame \| history
src/test/test-specifier.c		diff \| blob \| blame \| history
src/tmpfiles/tmpfiles.c		diff \| blob \| blame \| history
test/test-systemctl-enable.sh		diff \| blob \| blame \| history
test/test-systemd-tmpfiles.py		diff \| blob \| blame \| history