]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 20b569a) | patch
execute: pass ambient caps from PAM through to invoked service
authorLennart Poettering <lennart@poettering.net>
Wed, 22 Feb 2023 12:06:29 +0000 (13:06 +0100)
committerLennart Poettering <lennart@poettering.net>
Thu, 23 Feb 2023 11:53:09 +0000 (12:53 +0100)
commit638fd8ccb84c0856ed0c95ab970aa00f72004aa0
tree8e9a8b49a0cf8c8bc568261bb3e7403ae53ffc5ctree | snapshot
parent20b569a4c69088f5e5430dae71363069ff0bd651commit | diff
execute: pass ambient caps from PAM through to invoked service

If a PAM service sets some ambient caps, we should honour that, hence
query it, and merge it with our own ambient settings.

This needs to be done manually since otherwise dropping privs via
setresuid() will undo all such caps, and we need to manually tweak
things to keep them.
src/core/execute.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.