From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 27 Jun 2023 09:19:47 +0000 (+0200)
Subject: execute: don't bother with chowning StateDirectory= and friends in user mode
X-Git-Tag: v254-rc1~84^2~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f5bb36dcfe71dab3f79e8e6133a2f4260d91f213;p=thirdparty%2Fsystemd.git

execute: don't bother with chowning StateDirectory= and friends in user mode
---

diff --git a/src/core/execute.c b/src/core/execute.c
index 652ff444221..d850a680221 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -2738,6 +2738,11 @@ static int setup_exec_directory(
                 if (r < 0)
                         goto fail;
 
+                /* Skip the rest (which deals with ownership) in user mode, since ownership changes are not
+                 * available to user code anyway */
+                if (params->runtime_scope != RUNTIME_SCOPE_SYSTEM)
+                        continue;
+
                 /* Then, change the ownership of the whole tree, if necessary. When dynamic users are used we
                  * drop the suid/sgid bits, since we really don't want SUID/SGID files for dynamic UID/GID
                  * assignments to exist. */