From: Lennart Poettering <lennart@poettering.net>
Date: Sat, 2 Dec 2017 12:02:44 +0000 (+0100)
Subject: coredump,journal: do not do ACL magic for processes of dynamic UIDs
X-Git-Tag: v236~56^2~8
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4e72397b00ab23607635ce6725573554f235101a;p=thirdparty%2Fsystemd.git

coredump,journal: do not do ACL magic for processes of dynamic UIDs

Dynamic UIDs should be treated like system users in this regard.
---

diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c
index eda7d78be21..cf56a8ad267 100644
--- a/src/coredump/coredump.c
+++ b/src/coredump/coredump.c
@@ -165,7 +165,7 @@ static int fix_acl(int fd, uid_t uid) {
 
         assert(fd >= 0);
 
-        if (uid_is_system(uid))
+        if (uid_is_system(uid) || uid_is_dynamic(uid))
                 return 0;
 
         /* Make sure normal users can read (but not write or delete)
diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index cc45591c098..06c64a46e2e 100644
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -248,7 +248,7 @@ static void server_add_acls(JournalFile *f, uid_t uid) {
         assert(f);
 
 #if HAVE_ACL
-        if (uid_is_system(uid))
+        if (uid_is_system(uid) || uid_is_dynamic(uid))
                 return;
 
         r = add_acls_for_user(f->fd, uid);