network: set DynamicUser= to systemd-networkd.service

author: Yu Watanabe <watanabe.yu+github@gmail.com> 2018-05-22 15:37:34 +0200
committer: Yu Watanabe <watanabe.yu+github@gmail.com> 2018-05-22 15:37:34 +0200
commit: d4e9e574ea0b5d23598a317e68399584d229568b (patch)
tree: 1c1bffeae5e358d02d95be07776cf020e7f3569b
parent: resolve: enable DynamicUser= for systemd-resolved.service (diff)
download: systemd-d4e9e574ea0b5d23598a317e68399584d229568b.tar.xz
systemd-d4e9e574ea0b5d23598a317e68399584d229568b.zip
4 files changed, 6 insertions, 9 deletions
diff --git a/src/network/networkd-manager.c b/src/network/networkd-manager.c
index 34c496f552..f02b13e28b 100644
--- a/src/network/networkd-manager.c
+++ b/src/network/networkd-manager.c
@@ -155,7 +155,7 @@ int manager_connect_bus(Manager *m) {
         if (r < 0)
                 return log_error_errno(r, "Failed to add network enumerator: %m");
 
-        r = sd_bus_request_name_async(m->bus, NULL, "org.freedesktop.network1", 0, NULL, NULL);
+        r = bus_request_name_async_may_reload_dbus(m->bus, NULL, "org.freedesktop.network1", 0, NULL);
         if (r < 0)
                 return log_error_errno(r, "Failed to request name: %m");
 
diff --git a/sysusers.d/systemd.conf.m4 b/sysusers.d/systemd.conf.m4
index 0e9919b7c2..2315b56e3f 100644
--- a/sysusers.d/systemd.conf.m4
+++ b/sysusers.d/systemd.conf.m4
@@ -6,9 +6,6 @@
 #  (at your option) any later version.
 
 g systemd-journal   - -
-m4_ifdef(`ENABLE_NETWORKD',
-u systemd-network   - "systemd Network Management"
-)m4_dnl
 m4_ifdef(`ENABLE_COREDUMP',
 u systemd-coredump  - "systemd Core Dumper"
 )m4_dnl
diff --git a/tmpfiles.d/systemd.conf.m4 b/tmpfiles.d/systemd.conf.m4
index d39c9cbbcf..222a42422d 100644
--- a/tmpfiles.d/systemd.conf.m4
+++ b/tmpfiles.d/systemd.conf.m4
@@ -17,9 +17,9 @@ d /run/systemd/users 0755 root root -
 d /run/systemd/machines 0755 root root -
 d /run/systemd/shutdown 0755 root root -
 m4_ifdef(`ENABLE_NETWORKD',
-d /run/systemd/netif 0755 systemd-network systemd-network -
-d /run/systemd/netif/links 0755 systemd-network systemd-network -
-d /run/systemd/netif/leases 0755 systemd-network systemd-network -
+d /run/systemd/netif 0755 root root -
+d /run/systemd/netif/links 0755 root root -
+d /run/systemd/netif/leases 0755 root root -
 )m4_dnl
 
 d /run/log 0755 root root -
diff --git a/units/systemd-networkd.service.in b/units/systemd-networkd.service.in
index d05b334722..adb219a01d 100644
--- a/units/systemd-networkd.service.in
+++ b/units/systemd-networkd.service.in
@@ -13,7 +13,7 @@ Documentation=man:systemd-networkd.service(8)
 ConditionCapability=CAP_NET_ADMIN
 DefaultDependencies=no
 # systemd-udevd.service can be dropped once tuntap is moved to netlink
-After=systemd-udevd.service network-pre.target systemd-sysusers.service systemd-sysctl.service
+After=systemd-udevd.service network-pre.target systemd-sysctl.service
 Before=network.target multi-user.target shutdown.target
 Conflicts=shutdown.target
 Wants=network.target
@@ -25,9 +25,9 @@ RestartSec=0
 ExecStart=!!@rootlibexecdir@/systemd-networkd
 WatchdogSec=3min
 User=systemd-network
+DynamicUser=yes
 CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW
 AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW
-ProtectSystem=strict
 ProtectHome=yes
 ProtectControlGroups=yes
 ProtectKernelModules=yes
author	Yu Watanabe <watanabe.yu+github@gmail.com>	2018-05-22 15:37:34 +0200
committer	Yu Watanabe <watanabe.yu+github@gmail.com>	2018-05-22 15:37:34 +0200
commit	d4e9e574ea0b5d23598a317e68399584d229568b (patch)
tree	1c1bffeae5e358d02d95be07776cf020e7f3569b
parent	resolve: enable DynamicUser= for systemd-resolved.service (diff)
download	systemd-d4e9e574ea0b5d23598a317e68399584d229568b.tar.xz systemd-d4e9e574ea0b5d23598a317e68399584d229568b.zip