]> git.ipfire.org Git - thirdparty/systemd.git/commitdiff
projects / thirdparty / systemd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4c1dea4)
core: call dynamic_user_acquire() only when 'group' is non-null 14747/head
authorYu Watanabe <watanabe.yu+github@gmail.com>
Mon, 3 Feb 2020 11:18:02 +0000 (20:18 +0900)
committerYu Watanabe <watanabe.yu+github@gmail.com>
Mon, 3 Feb 2020 12:51:07 +0000 (21:51 +0900)
When unit is reloaded, and the reloaded unit has bad-setting, then
unit_patch_contexts() is not called and exec_context::user and group
may not be configured.

A minimum reproducer for the case is:
- step 1.
$ sudo systemctl edit --full hoge.service
[Service]
oneshot
ExecStart=sleep 1h

- step 2.
$ sudo systemctl start hoge.service

- step 3.
$ sudo systemctl edit --full hoge.service
[Service]
Type=oneshot
ExecStart=@bindir@/sleep 1h
DynamicUser=yes

Then pid1 crashed.

Fixes #14733.

src/core/dynamic-user.c patch | blob | blame | history

diff --git a/src/core/dynamic-user.c b/src/core/dynamic-user.c
index e00109ee4ac979dd97999560d47c9e79d9d95718..f1819b36bc2350ebddb2becad0dd7228d2e0ec20 100644 (file)
--- a/src/core/dynamic-user.c
+++ b/src/core/dynamic-user.c
@@ -770,7 +770,7 @@ int dynamic_creds_acquire(DynamicCreds *creds, Manager *m, const char *user, con
 
                 if (creds->user && (!group || streq_ptr(user, group)))
                         creds->group = dynamic_user_ref(creds->user);
-                else {
+                else if (group) {
                         r = dynamic_user_acquire(m, group, &creds->group);
                         if (r < 0) {
                                 if (acquired)
Unnamed repository; edit this file 'description' to name the repository.