mirror of
https://github.com/systemd/systemd-stable.git
synced 2025-01-25 06:03:40 +03:00
Use new default-user-shell option instead of hard-coding bash in nspawn and user-record
Defaults to /bin/bash, no changes in the default configuration The fallback shell for non-root users is as-specified, and the interactive shell for nspawn sessions is started as exec(default-user-shell, "-" + basename(default-user-shell), ...) before falling through to bash and sh
This commit is contained in:
parent
505df87ea8
commit
53350c7bba
@ -760,6 +760,10 @@ conf.set('TIME_EPOCH', time_epoch)
|
|||||||
|
|
||||||
conf.set('CLOCK_VALID_RANGE_USEC_MAX', get_option('clock-valid-range-usec-max'))
|
conf.set('CLOCK_VALID_RANGE_USEC_MAX', get_option('clock-valid-range-usec-max'))
|
||||||
|
|
||||||
|
default_user_shell = get_option('default-user-shell')
|
||||||
|
conf.set_quoted('DEFAULT_USER_SHELL', default_user_shell)
|
||||||
|
conf.set_quoted('DEFAULT_USER_SHELL_NAME', fs.name(default_user_shell))
|
||||||
|
|
||||||
foreach tuple : [['system-alloc-uid-min', 'SYS_UID_MIN', 1], # Also see login.defs(5).
|
foreach tuple : [['system-alloc-uid-min', 'SYS_UID_MIN', 1], # Also see login.defs(5).
|
||||||
['system-uid-max', 'SYS_UID_MAX', 999],
|
['system-uid-max', 'SYS_UID_MAX', 999],
|
||||||
['system-alloc-gid-min', 'SYS_GID_MIN', 1],
|
['system-alloc-gid-min', 'SYS_GID_MIN', 1],
|
||||||
|
@ -220,6 +220,8 @@ option('time-epoch', type : 'integer', value : '-1',
|
|||||||
description : 'time epoch for time clients')
|
description : 'time epoch for time clients')
|
||||||
option('clock-valid-range-usec-max', type : 'integer', value : '473364000000000', # 15 years
|
option('clock-valid-range-usec-max', type : 'integer', value : '473364000000000', # 15 years
|
||||||
description : 'maximum value in microseconds for the difference between RTC and epoch, exceeding which is considered an RTC error')
|
description : 'maximum value in microseconds for the difference between RTC and epoch, exceeding which is considered an RTC error')
|
||||||
|
option('default-user-shell', type : 'string', value : '/bin/bash',
|
||||||
|
description : 'default interactive shell')
|
||||||
|
|
||||||
option('system-alloc-uid-min', type : 'integer', value : '-1',
|
option('system-alloc-uid-min', type : 'integer', value : '-1',
|
||||||
description : 'minimum system UID used when allocating')
|
description : 'minimum system UID used when allocating')
|
||||||
|
@ -3550,10 +3550,13 @@ static int inner_child(
|
|||||||
/* If we cannot change the directory, we'll end up in /, that is expected. */
|
/* If we cannot change the directory, we'll end up in /, that is expected. */
|
||||||
(void) chdir(home ?: "/root");
|
(void) chdir(home ?: "/root");
|
||||||
|
|
||||||
execle("/bin/bash", "-bash", NULL, env_use);
|
execle(DEFAULT_USER_SHELL, "-" DEFAULT_USER_SHELL_NAME, NULL, env_use);
|
||||||
execle("/bin/sh", "-sh", NULL, env_use);
|
if (!streq(DEFAULT_USER_SHELL, "/bin/bash"))
|
||||||
|
execle("/bin/bash", "-bash", NULL, env_use);
|
||||||
|
if (!streq(DEFAULT_USER_SHELL, "/bin/sh"))
|
||||||
|
execle("/bin/sh", "-sh", NULL, env_use);
|
||||||
|
|
||||||
exec_target = "/bin/bash, /bin/sh";
|
exec_target = DEFAULT_USER_SHELL ", /bin/bash, /bin/sh";
|
||||||
}
|
}
|
||||||
|
|
||||||
return log_error_errno(errno, "execv(%s) failed: %m", exec_target);
|
return log_error_errno(errno, "execv(%s) failed: %m", exec_target);
|
||||||
|
@ -1747,7 +1747,7 @@ const char *user_record_shell(UserRecord *h) {
|
|||||||
return "/bin/sh";
|
return "/bin/sh";
|
||||||
|
|
||||||
if (user_record_disposition(h) == USER_REGULAR)
|
if (user_record_disposition(h) == USER_REGULAR)
|
||||||
return "/bin/bash";
|
return DEFAULT_USER_SHELL;
|
||||||
|
|
||||||
return NOLOGIN;
|
return NOLOGIN;
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user