]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1fae13f) | patch
network/tuntap: deny non-system users/groups from owning Tun/Tap interfaces 37294/head
authorYu Watanabe <watanabe.yu+github@gmail.com>
Tue, 29 Apr 2025 14:16:02 +0000 (23:16 +0900)
committerYu Watanabe <watanabe.yu+github@gmail.com>
Wed, 30 Apr 2025 11:31:00 +0000 (20:31 +0900)
commit940441b44c7040d62ae58b66bf124e9a0dae578d
treecab8c998d127c60d3b6d205e0b793d62b8ea9a0etree | snapshot
parent1fae13fbecf48d32ca46f81e87a316bd252ed084commit | diff
network/tuntap: deny non-system users/groups from owning Tun/Tap interfaces

This is analogous to #36123, but for Tun/Tap interfaces created by
systemd-networkd.

If a regular user account want to control a Tun/Tap interface, then
assign the interface to a system group, e.g., vpn, and add the user
to the group.

Closes #37279.
NEWS diff | blob | blame | history
man/systemd.netdev.xml diff | blob | blame | history
src/network/netdev/tuntap.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.