From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Tue, 26 May 2026 12:55:42 +0000 (+0200)
Subject: nspawn: mark --bind-user-shell=/BindUserShell= as trusted
X-Git-Tag: v261-rc2~10
X-Git-Url: http://git.ipfire.org/gitweb/index.cgi?a=commitdiff_plain;h=2e117e270dc3d5032bf471da02e35951b3511f3e;p=thirdparty%2Fsystemd.git

nspawn: mark --bind-user-shell=/BindUserShell= as trusted

Similarly to --bind-user=/BindUser=.

Follow-up for a9e860f22eee540a0a6819034e110572c9c8b9fd.

Reported-by: omkhar <omkhar@users.noreply.github.com>
---

diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 16ea48eaf88..7f7ceac3183 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -4986,8 +4986,13 @@ static int merge_settings(Settings *settings, const char *path) {
 
         if (!FLAGS_SET(arg_settings_mask, SETTING_BIND_USER_SHELL) &&
             settings->bind_user_shell_set) {
-                free_and_replace(arg_bind_user_shell, settings->bind_user_shell);
-                arg_bind_user_shell_copy = settings->bind_user_shell_copy;
+
+                if (!arg_settings_trusted)
+                        log_warning("Ignoring bind user shell setting, file %s is not trusted.", path);
+                else {
+                        free_and_replace(arg_bind_user_shell, settings->bind_user_shell);
+                        arg_bind_user_shell_copy = settings->bind_user_shell_copy;
+                }
         }
 
         if ((arg_settings_mask & SETTING_NOTIFY_READY) == 0 &&