From: Mike Yuan <me@yhndnzj.com>
Date: Sat, 8 Nov 2025 02:20:13 +0000 (+0100)
Subject: core/exec-credential: remove no longer needed per-cred atomic update logic
X-Git-Tag: v259-rc1~92^2~2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=bc48ac39c432e808a6e28951ea194267553895eb;p=thirdparty%2Fsystemd.git

core/exec-credential: remove no longer needed per-cred atomic update logic

Now that we guarantee at higher level that we work on unique
credential dir, this becomes unnecessary.
---

diff --git a/src/core/exec-credential.c b/src/core/exec-credential.c
index d2b83073694..7321868d5d5 100644
--- a/src/core/exec-credential.c
+++ b/src/core/exec-credential.c
@@ -29,7 +29,6 @@
 #include "siphash24.h"
 #include "stat-util.h"
 #include "strv.h"
-#include "tmpfile-util.h"
 #include "user-util.h"
 
 ExecSetCredential* exec_set_credential_free(ExecSetCredential *sc) {
@@ -320,7 +319,6 @@ static int write_credential(
                 gid_t gid,
                 bool ownership_ok) {
 
-        _cleanup_free_ char *tmp = NULL;
         _cleanup_close_ int fd = -EBADF;
         int r;
 
@@ -328,16 +326,10 @@ static int write_credential(
         assert(id);
         assert(data || size == 0);
 
-        r = tempfn_random_child("", "cred", &tmp);
-        if (r < 0)
-                return r;
-
-        fd = openat(dfd, tmp, O_CREAT|O_RDWR|O_CLOEXEC|O_EXCL|O_NOFOLLOW|O_NOCTTY, 0600);
+        fd = openat(dfd, id, O_CREAT|O_EXCL|O_WRONLY|O_CLOEXEC, 0600);
         if (fd < 0)
                 return -errno;
 
-        CLEANUP_TMPFILE_AT(dfd, tmp);
-
         r = loop_write(fd, data, size);
         if (r < 0)
                 return r;
@@ -359,11 +351,6 @@ static int write_credential(
                         return r;
         }
 
-        r = RET_NERRNO(renameat(dfd, tmp, dfd, id));
-        if (r < 0)
-                return r;
-
-        tmp = mfree(tmp); /* disarm CLEANUP_TMPFILE_AT() */
         return 0;
 }