diff options
| author | Yu Watanabe <watanabe.yu+github@gmail.com> | 2020-02-03 12:18:02 +0100 |
|---|---|---|
| committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2020-02-03 13:51:07 +0100 |
| commit | 50152bb1c5c311e97e9eeec3b09044925b6e3663 (patch) | |
| tree | b44f6ce67f8708b6505787a9593d53ac7a665952 | |
| parent | journal: drop unreachable path (diff) | |
| download | systemd-50152bb1c5c311e97e9eeec3b09044925b6e3663.tar.xz systemd-50152bb1c5c311e97e9eeec3b09044925b6e3663.zip | |
core: call dynamic_user_acquire() only when 'group' is non-null
When unit is reloaded, and the reloaded unit has bad-setting, then
unit_patch_contexts() is not called and exec_context::user and group
may not be configured.
A minimum reproducer for the case is:
- step 1.
$ sudo systemctl edit --full hoge.service
[Service]
oneshot
ExecStart=sleep 1h
- step 2.
$ sudo systemctl start hoge.service
- step 3.
$ sudo systemctl edit --full hoge.service
[Service]
Type=oneshot
ExecStart=@bindir@/sleep 1h
DynamicUser=yes
Then pid1 crashed.
Fixes #14733.
| -rw-r--r-- | src/core/dynamic-user.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/core/dynamic-user.c b/src/core/dynamic-user.c index e00109ee4a..f1819b36bc 100644 --- a/src/core/dynamic-user.c +++ b/src/core/dynamic-user.c @@ -770,7 +770,7 @@ int dynamic_creds_acquire(DynamicCreds *creds, Manager *m, const char *user, con if (creds->user && (!group || streq_ptr(user, group))) creds->group = dynamic_user_ref(creds->user); - else { + else if (group) { r = dynamic_user_acquire(m, group, &creds->group); if (r < 0) { if (acquired) |