| Commit message (Collapse) | Author | Age |
| |
|
|
|
|
|
| |
This is necessary for some system users where the "login shell" is
set to a specific binary.
|
|
|
|
|
|
| |
This is the first error message when running unprivileged, and the message is
unspecific, so let's at least add some logging at debug level to make this less
confusing.
|
|
|
|
|
|
|
|
|
|
|
| |
This is quite ugly, but provides us with an avenue for moving
distributions to define the "nobody" user properly without breaking legacy
systems that us the name for other stuff.
The idea is basically, that the distribution adopts the new definition
of "nobody" (and thus recompiles systemd with it) and then touches
/etc/systemd/dont-synthesize-nobody on legacy systems to turn off
possibly conflicting synthesizing of the nobody name by systemd.
|
|
|
|
|
| |
Let's use newa() and use the right type for storing sysconf() return
values.
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
We don't have plural in the name of any other -util files and this
inconsistency trips me up every time I try to type this file name
from memory. "formats-util" is even hard to pronounce.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's drop the caching of the setgroups /proc field for now. While there's a
strict regime in place when it changes states, let's better not cache it since
we cannot really be sure we follow that regime correctly.
More importantly however, this is not in performance sensitive code, and
there's no indication the cache is really beneficial, hence let's drop the
caching and make things a bit simpler.
Also, while we are at it, rework the error handling a bit, and always return
negative errno-style error codes, following our usual coding style. This has
the benefit that we can sensible hanld read_one_line_file() errors, without
having to updat errno explicitly.
|
|
|
|
| |
It might be blocked through /proc/PID/setgroups
|
|
|
|
|
|
|
| |
This adds a new call get_user_creds_clean(), which is just like
get_user_creds() but returns NULL in the home/shell parameters if they contain
no useful information. This code previously lived in execute.c, but by
generalizing this we can reuse it in run.c.
|
|
|
|
|
|
|
| |
This way we can reuse them for validating User=/Group= settings in unit files
(to be added in a later commit).
Also, add some tests for them.
|
| |
|
| |
|
|
|
|
|
|
|
| |
Otherwise building may fail with:
src/basic/user-util.c: In function 'get_home_dir':
src/basic/user-util.c:343:9: error: implicit declaration of function 'secure_getenv' [-Werror=implicit-function-declaration]
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- src/basic/capability-util.[hc]
- src/basic/cgroup-util.[hc]
- src/basic/fd-util.[hc]
- src/basic/fs-util.[hc]
- src/basic/memfd-util.[hc]
- src/basic/path-util.[hc]
- src/basic/socket-util.[hc]
- src/basic/terminal-util.[hc]
- src/basic/user-util.[hc]
- src/basic/xattr-util.[hc]
|
|
The util.[hc] files have been stripped of a lot of functions, that
got sorted into various new files representing the type of
utility.
This commit adds the missing files.
|