/* If this is D-Bus, tell the nss-systemd module, since it relies on being able to use D-Bus look up dynamic
* users via PID 1, possibly dead-locking the dbus daemon. This way it will not use D-Bus to resolve names, but
* check the database directly. */
- if (unit_has_name(u, SPECIAL_DBUS_SERVICE)) {
+ if (p->flags & EXEC_NSS_BYPASS_BUS) {
x = strdup("SYSTEMD_NSS_BYPASS_BUS=1");
if (!x)
return -ENOMEM;
EXEC_NEW_KEYRING = 1U << 3,
EXEC_PASS_LOG_UNIT = 1U << 4, /* Whether to pass the unit name to the service's journal stream connection */
EXEC_CHOWN_DIRECTORIES = 1U << 5, /* chown() the runtime/state/cache/log directories to the user we run as, under all conditions */
+ EXEC_NSS_BYPASS_BUS = 1U << 6, /* Set the SYSTEMD_NSS_BYPASS_BUS environment variable, to disable nss-systemd for dbus */
/* The following are not used by execute.c, but by consumers internally */
- EXEC_PASS_FDS = 1U << 6,
- EXEC_IS_CONTROL = 1U << 7,
- EXEC_SETENV_RESULT = 1U << 8,
- EXEC_SET_WATCHDOG = 1U << 9,
+ EXEC_PASS_FDS = 1U << 7,
+ EXEC_IS_CONTROL = 1U << 8,
+ EXEC_SETENV_RESULT = 1U << 9,
+ EXEC_SET_WATCHDOG = 1U << 10,
} ExecFlags;
struct ExecParameters {
/* System services should get a new keyring by default. */
SET_FLAG(exec_params.flags, EXEC_NEW_KEYRING, MANAGER_IS_SYSTEM(UNIT(s)->manager));
+
+ /* System D-Bus needs nss-systemd disabled, so that we don't deadlock */
+ SET_FLAG(exec_params.flags, EXEC_NSS_BYPASS_BUS,
+ MANAGER_IS_SYSTEM(UNIT(s)->manager) && unit_has_name(UNIT(s), SPECIAL_DBUS_SERVICE));
+
exec_params.argv = c->argv;
exec_params.environment = final_env;
exec_params.fds = fds;
projects / thirdparty / systemd.git / commitdiff
