hostname-setup: do not trigger assertion when uname() is prohibited by seccomp

gethostname_full() is used in nss-myhostname, and hence random
application may indirectly call it. When an application with a too strict
seccomp filter loads the nss module, the application may trigger the
assertion.

Partially fixes #38582.

diff --git a/src/shared/hostname-setup.c b/src/shared/hostname-setup.c
index 0d21e0482d16d95b564393320ca62c51534b56b9..ac13d06fb2345ef25263a709d9cc64b0bd4b4018 100644 (file)
--- a/src/shared/hostname-setup.c
+++ b/src/shared/hostname-setup.c
@@ -316,7 +316,8 @@ int gethostname_full(GetHostnameFlags flags, char **ret) {
 
         assert(ret);
 
-        assert_se(uname(&u) >= 0);
+        if (uname(&u) < 0)
+                return -errno;
 
         s = u.nodename;
         if (isempty(s) || streq(s, "(none)") ||