diff options
| author | Lennart Poettering <lennart@poettering.net> | 2018-07-17 11:47:14 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2018-07-25 22:48:11 +0200 |
| commit | 5686391b006ee82d8a4559067ad9818e3e631247 (patch) | |
| tree | 2d5bcfcf0838a3abd120bde1a7145acf2492b3b6 /src/core/swap.c | |
| parent | execute: use our usual syntax for defining bit masks (diff) | |
| download | systemd-5686391b006ee82d8a4559067ad9818e3e631247.tar.xz systemd-5686391b006ee82d8a4559067ad9818e3e631247.zip | |
core: introduce new Type=exec service type
Users are often surprised that "systemd-run" command lines like
"systemd-run -p User=idontexist /bin/true" will return successfully,
even though the logs show that the process couldn't be invoked, as the
user "idontexist" doesn't exist. This is because Type=simple will only
wait until fork() succeeded before returning start-up success.
This patch adds a new service type Type=exec, which is very similar to
Type=simple, but waits until the child process completed the execve()
before returning success. It uses a pipe that has O_CLOEXEC set for this
logic, so that the kernel automatically sends POLLHUP on it when the
execve() succeeded but leaves the pipe open if not. This means PID 1
waits exactly until the execve() succeeded in the child, and not longer
and not shorter, which is the desired functionality.
Making use of this new functionality, the command line
"systemd-run -p User=idontexist -p Type=exec /bin/true" will now fail,
as expected.
Diffstat (limited to 'src/core/swap.c')
| -rw-r--r-- | src/core/swap.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/core/swap.c b/src/core/swap.c index b78b1aa266..e01e61e56d 100644 --- a/src/core/swap.c +++ b/src/core/swap.c @@ -606,6 +606,7 @@ static int swap_spawn(Swap *s, ExecCommand *c, pid_t *_pid) { .stdin_fd = -1, .stdout_fd = -1, .stderr_fd = -1, + .exec_fd = -1, }; pid_t pid; int r; |