From f4481b55c9aeedfb8e53c25063542add00e21991 Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" Date: Mon, 29 Jul 2024 16:23:15 -0700 Subject: [PATCH] xfs_scrub: use dynamic users when running as a systemd service Five years ago, systemd introduced the DynamicUser directive that allocates a new unique user/group id, runs a service with those ids, and deletes them after the service exits. This is a good replacement for User=nobody, since it eliminates the threat of nobody-services messing with each other. Make this transition ahead of all the other security tightenings that will land in the next few patches, and add credits for the people who suggested the change and reviewed it. Link: https://0pointer.net/blog/dynamic-users-with-systemd.html Suggested-by: Helle Vaanzinn Reviewed-by: Christoph Hellwig Signed-off-by: Darrick J. Wong --- scrub/xfs_scrub@.service.in | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/scrub/xfs_scrub@.service.in b/scrub/xfs_scrub@.service.in index 855fe4de..52068add 100644 --- a/scrub/xfs_scrub@.service.in +++ b/scrub/xfs_scrub@.service.in @@ -17,7 +17,6 @@ ProtectHome=read-only PrivateTmp=no AmbientCapabilities=CAP_SYS_ADMIN CAP_FOWNER CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH CAP_SYS_RAWIO NoNewPrivileges=yes -User=nobody Environment=SERVICE_MODE=1 ExecStart=@sbindir@/xfs_scrub @scrub_args@ %f SyslogIdentifier=%N @@ -31,3 +30,6 @@ Nice=19 # Create the service underneath the scrub background service slice so that we # can control resource usage. Slice=system-xfs_scrub.slice + +# Dynamically create a user that isn't root +DynamicUser=true -- 2.47.3