mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-24 21:34:08 +03:00
execute: implement privilige dropping properly
This commit is contained in:
parent
e141400362
commit
81a2b7ceda
365
execute.c
365
execute.c
@ -32,6 +32,8 @@
|
||||
#include <linux/sched.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/stat.h>
|
||||
#include <grp.h>
|
||||
#include <pwd.h>
|
||||
|
||||
#include "execute.h"
|
||||
#include "strv.h"
|
||||
@ -293,7 +295,217 @@ static int setup_input(const ExecContext *context) {
|
||||
}
|
||||
}
|
||||
|
||||
int exec_spawn(const ExecCommand *command, const ExecContext *context, int *fds, unsigned n_fds, pid_t *ret) {
|
||||
static int get_group_creds(const char *groupname, gid_t *gid) {
|
||||
struct group *g;
|
||||
unsigned long lu;
|
||||
|
||||
assert(groupname);
|
||||
assert(gid);
|
||||
|
||||
/* We enforce some special rules for gid=0: in order to avoid
|
||||
* NSS lookups for root we hardcode its data. */
|
||||
|
||||
if (streq(groupname, "root") || streq(groupname, "0")) {
|
||||
*gid = 0;
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (safe_atolu(groupname, &lu) >= 0) {
|
||||
errno = 0;
|
||||
g = getgrgid((gid_t) lu);
|
||||
} else {
|
||||
errno = 0;
|
||||
g = getgrnam(groupname);
|
||||
}
|
||||
|
||||
if (!g)
|
||||
return errno != 0 ? -errno : -ESRCH;
|
||||
|
||||
*gid = g->gr_gid;
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int get_user_creds(const char **username, uid_t *uid, gid_t *gid, const char **home) {
|
||||
struct passwd *p;
|
||||
unsigned long lu;
|
||||
|
||||
assert(username);
|
||||
assert(*username);
|
||||
assert(uid);
|
||||
assert(gid);
|
||||
assert(home);
|
||||
|
||||
/* We enforce some special rules for uid=0: in order to avoid
|
||||
* NSS lookups for root we hardcode its data. */
|
||||
|
||||
if (streq(*username, "root") || streq(*username, "0")) {
|
||||
*username = "root";
|
||||
*uid = 0;
|
||||
*gid = 0;
|
||||
*home = "/root";
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (safe_atolu(*username, &lu) >= 0) {
|
||||
errno = 0;
|
||||
p = getpwuid((uid_t) lu);
|
||||
|
||||
/* If there are multiple users with the same id, make
|
||||
* sure to leave $USER to the configured value instead
|
||||
* of the first occurence in the database. However if
|
||||
* the uid was configured by a numeric uid, then let's
|
||||
* pick the real username from /etc/passwd. */
|
||||
if (*username && p)
|
||||
*username = p->pw_name;
|
||||
} else {
|
||||
errno = 0;
|
||||
p = getpwnam(*username);
|
||||
}
|
||||
|
||||
if (!p)
|
||||
return errno != 0 ? -errno : -ESRCH;
|
||||
|
||||
*uid = p->pw_uid;
|
||||
*gid = p->pw_gid;
|
||||
*home = p->pw_dir;
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int enforce_groups(const ExecContext *context, const char *username, gid_t gid) {
|
||||
bool keep_groups = false;
|
||||
int r;
|
||||
|
||||
assert(context);
|
||||
|
||||
/* Lookup and ser GID and supplementary group list. Here too
|
||||
* we avoid NSS lookups for gid=0. */
|
||||
|
||||
if (context->group || username) {
|
||||
|
||||
if (context->group)
|
||||
if ((r = get_group_creds(context->group, &gid)) < 0)
|
||||
return r;
|
||||
|
||||
/* First step, initialize groups from /etc/groups */
|
||||
if (username && gid != 0) {
|
||||
if (initgroups(username, gid) < 0)
|
||||
return -errno;
|
||||
|
||||
keep_groups = true;
|
||||
}
|
||||
|
||||
/* Second step, set our gids */
|
||||
if (setresgid(gid, gid, gid) < 0)
|
||||
return -errno;
|
||||
}
|
||||
|
||||
if (context->supplementary_groups) {
|
||||
int ngroups_max, k;
|
||||
gid_t *gids;
|
||||
char **i;
|
||||
|
||||
/* Final step, initialize any manually set supplementary groups */
|
||||
ngroups_max = (int) sysconf(_SC_NGROUPS_MAX);
|
||||
|
||||
if (!(gids = new(gid_t, ngroups_max)))
|
||||
return -ENOMEM;
|
||||
|
||||
if (keep_groups) {
|
||||
if ((k = getgroups(ngroups_max, gids)) < 0) {
|
||||
free(gids);
|
||||
return -errno;
|
||||
}
|
||||
} else
|
||||
k = 0;
|
||||
|
||||
STRV_FOREACH(i, context->supplementary_groups) {
|
||||
|
||||
if (k >= ngroups_max) {
|
||||
free(gids);
|
||||
return -E2BIG;
|
||||
}
|
||||
|
||||
if ((r = get_group_creds(*i, gids+k)) < 0) {
|
||||
free(gids);
|
||||
return r;
|
||||
}
|
||||
|
||||
k++;
|
||||
}
|
||||
|
||||
if (setgroups(k, gids) < 0) {
|
||||
free(gids);
|
||||
return -errno;
|
||||
}
|
||||
|
||||
free(gids);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int enforce_user(const ExecContext *context, uid_t uid) {
|
||||
int r;
|
||||
assert(context);
|
||||
|
||||
/* Sets (but doesn't lookup) the uid and make sure we keep the
|
||||
* capabilities while doing so. */
|
||||
|
||||
if (context->capabilities) {
|
||||
cap_t d;
|
||||
static const cap_value_t bits[] = {
|
||||
CAP_SETUID, /* Necessary so that we can run setresuid() below */
|
||||
CAP_SETPCAP /* Necessary so that we can set PR_SET_SECUREBITS later on */
|
||||
};
|
||||
|
||||
/* First step: If we need to keep capabilities but
|
||||
* drop privileges we need to make sure we keep our
|
||||
* caps, whiel we drop priviliges. */
|
||||
if (uid != 0)
|
||||
if (prctl(PR_SET_SECUREBITS, context->secure_bits|SECURE_KEEP_CAPS) < 0)
|
||||
return -errno;
|
||||
|
||||
/* Second step: set the capabilites. This will reduce
|
||||
* the capabilities to the minimum we need. */
|
||||
|
||||
if (!(d = cap_dup(context->capabilities)))
|
||||
return -errno;
|
||||
|
||||
if (cap_set_flag(d, CAP_EFFECTIVE, ELEMENTSOF(bits), bits, CAP_SET) < 0 ||
|
||||
cap_set_flag(d, CAP_PERMITTED, ELEMENTSOF(bits), bits, CAP_SET) < 0) {
|
||||
r = -errno;
|
||||
cap_free(d);
|
||||
return r;
|
||||
}
|
||||
|
||||
if (cap_set_proc(d) < 0) {
|
||||
r = -errno;
|
||||
cap_free(d);
|
||||
return r;
|
||||
}
|
||||
|
||||
cap_free(d);
|
||||
}
|
||||
|
||||
/* Third step: actually set the uids */
|
||||
if (setresuid(uid, uid, uid) < 0)
|
||||
return -errno;
|
||||
|
||||
/* At this point we should have all necessary capabilities but
|
||||
are otherwise a normal user. However, the caps might got
|
||||
corrupted due to the setresuid() so we need clean them up
|
||||
later. This is done outside of this call. */
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int exec_spawn(const ExecCommand *command,
|
||||
const ExecContext *context,
|
||||
int *fds, unsigned n_fds,
|
||||
bool apply_permissions,
|
||||
bool apply_chroot,
|
||||
pid_t *ret) {
|
||||
|
||||
pid_t pid;
|
||||
|
||||
assert(command);
|
||||
@ -301,15 +513,19 @@ int exec_spawn(const ExecCommand *command, const ExecContext *context, int *fds,
|
||||
assert(ret);
|
||||
assert(fds || n_fds <= 0);
|
||||
|
||||
log_debug("about to execute %s", command->path);
|
||||
log_debug("About to execute %s", command->path);
|
||||
|
||||
if ((pid = fork()) < 0)
|
||||
return -errno;
|
||||
|
||||
if (pid == 0) {
|
||||
char **e, **f = NULL;
|
||||
int i, r;
|
||||
sigset_t ss;
|
||||
const char *username = NULL, *home = NULL;
|
||||
uid_t uid = (uid_t) -1;
|
||||
gid_t gid = (gid_t) -1;
|
||||
char **our_env = NULL, **final_env = NULL;
|
||||
unsigned n_env = 0;
|
||||
|
||||
/* child */
|
||||
|
||||
@ -348,17 +564,6 @@ int exec_spawn(const ExecCommand *command, const ExecContext *context, int *fds,
|
||||
}
|
||||
}
|
||||
|
||||
if (context->root_directory)
|
||||
if (chroot(context->root_directory) < 0) {
|
||||
r = EXIT_CHROOT;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if (chdir(context->working_directory ? context->working_directory : "/") < 0) {
|
||||
r = EXIT_CHDIR;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if (context->nice_set)
|
||||
if (setpriority(PRIO_PROCESS, 0, context->nice) < 0) {
|
||||
r = EXIT_NICE;
|
||||
@ -396,6 +601,51 @@ int exec_spawn(const ExecCommand *command, const ExecContext *context, int *fds,
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if (context->user) {
|
||||
username = context->user;
|
||||
if (get_user_creds(&username, &uid, &gid, &home) < 0) {
|
||||
r = EXIT_USER;
|
||||
goto fail;
|
||||
}
|
||||
}
|
||||
|
||||
if (apply_permissions)
|
||||
if (enforce_groups(context, username, uid) < 0) {
|
||||
r = EXIT_GROUP;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if (apply_chroot) {
|
||||
if (context->root_directory)
|
||||
if (chroot(context->root_directory) < 0) {
|
||||
r = EXIT_CHROOT;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if (chdir(context->working_directory ? context->working_directory : "/") < 0) {
|
||||
r = EXIT_CHDIR;
|
||||
goto fail;
|
||||
}
|
||||
} else {
|
||||
|
||||
char *d;
|
||||
|
||||
if (asprintf(&d, "%s/%s",
|
||||
context->root_directory ? context->root_directory : "",
|
||||
context->working_directory ? context->working_directory : "") < 0) {
|
||||
r = EXIT_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if (chdir(d) < 0) {
|
||||
free(d);
|
||||
r = EXIT_CHDIR;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
free(d);
|
||||
}
|
||||
|
||||
if (close_fds(fds, n_fds) < 0 ||
|
||||
shift_fds(fds, n_fds) < 0 ||
|
||||
flags_fds(fds, n_fds, context->non_blocking) < 0) {
|
||||
@ -403,59 +653,78 @@ int exec_spawn(const ExecCommand *command, const ExecContext *context, int *fds,
|
||||
goto fail;
|
||||
}
|
||||
|
||||
for (i = 0; i < RLIMIT_NLIMITS; i++) {
|
||||
if (!context->rlimit[i])
|
||||
continue;
|
||||
if (apply_permissions) {
|
||||
|
||||
if (setrlimit(i, context->rlimit[i]) < 0) {
|
||||
r = EXIT_LIMITS;
|
||||
goto fail;
|
||||
for (i = 0; i < RLIMIT_NLIMITS; i++) {
|
||||
if (!context->rlimit[i])
|
||||
continue;
|
||||
|
||||
if (setrlimit(i, context->rlimit[i]) < 0) {
|
||||
r = EXIT_LIMITS;
|
||||
goto fail;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (context->secure_bits) {
|
||||
if (context->user)
|
||||
if (enforce_user(context, uid) < 0) {
|
||||
r = EXIT_USER;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if (prctl(PR_SET_SECUREBITS, context->secure_bits) < 0) {
|
||||
r = EXIT_SECUREBITS;
|
||||
goto fail;
|
||||
}
|
||||
}
|
||||
|
||||
if (n_fds > 0) {
|
||||
char a[64], b[64];
|
||||
char *listen_env[3] = {
|
||||
a,
|
||||
b,
|
||||
NULL
|
||||
};
|
||||
|
||||
snprintf(a, sizeof(a), "LISTEN_PID=%llu", (unsigned long long) getpid());
|
||||
snprintf(b, sizeof(b), "LISTEN_FDS=%u", n_fds);
|
||||
|
||||
a[sizeof(a)-1] = 0;
|
||||
b[sizeof(b)-1] = 0;
|
||||
|
||||
if (context->environment) {
|
||||
if (!(f = strv_merge(listen_env, context->environment))) {
|
||||
r = EXIT_MEMORY;
|
||||
if (context->capabilities)
|
||||
if (cap_set_proc(context->capabilities) < 0) {
|
||||
r = EXIT_CAPABILITIES;
|
||||
goto fail;
|
||||
}
|
||||
e = f;
|
||||
} else
|
||||
e = listen_env;
|
||||
}
|
||||
|
||||
} else
|
||||
e = context->environment;
|
||||
if (!(our_env = new0(char*, 6))) {
|
||||
r = EXIT_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
execve(command->path, command->argv, e);
|
||||
if (n_fds > 0)
|
||||
if (asprintf(our_env + n_env++, "LISTEN_PID=%llu", (unsigned long long) getpid()) < 0 ||
|
||||
asprintf(our_env + n_env++, "LISTEN_FDS=%u", n_fds) < 0) {
|
||||
r = EXIT_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if (home)
|
||||
if (asprintf(our_env + n_env++, "HOME=%s", home) < 0) {
|
||||
r = EXIT_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if (username)
|
||||
if (asprintf(our_env + n_env++, "LOGNAME=%s", username) < 0 ||
|
||||
asprintf(our_env + n_env++, "USER=%s", username) < 0) {
|
||||
r = EXIT_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if (!(final_env = strv_env_merge(environ, our_env, context->environment, NULL))) {
|
||||
r = EXIT_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
execve(command->path, command->argv, final_env);
|
||||
r = EXIT_EXEC;
|
||||
|
||||
fail:
|
||||
strv_free(f);
|
||||
strv_free(our_env);
|
||||
strv_free(final_env);
|
||||
|
||||
_exit(r);
|
||||
}
|
||||
|
||||
|
||||
log_debug("executed %s as %llu", command->path, (unsigned long long) pid);
|
||||
log_debug("Forked %s as %llu", command->path, (unsigned long long) pid);
|
||||
|
||||
*ret = pid;
|
||||
return 0;
|
||||
|
15
execute.h
15
execute.h
@ -97,7 +97,6 @@ struct ExecContext {
|
||||
int syslog_priority;
|
||||
char *syslog_identifier;
|
||||
|
||||
/* FIXME: all privs related settings need to be enforced */
|
||||
cap_t capabilities;
|
||||
int secure_bits;
|
||||
uint64_t capability_bounding_set_drop;
|
||||
@ -137,16 +136,24 @@ typedef enum ExitStatus {
|
||||
EXIT_SIGNAL_MASK,
|
||||
EXIT_INPUT,
|
||||
EXIT_OUTPUT,
|
||||
EXIT_CHROOT,
|
||||
EXIT_CHROOT, /* 210 */
|
||||
EXIT_PGID,
|
||||
EXIT_IOPRIO,
|
||||
EXIT_TIMERSLACK,
|
||||
EXIT_SECUREBITS,
|
||||
EXIT_SETSCHEDULER,
|
||||
EXIT_CPUAFFINITY
|
||||
EXIT_CPUAFFINITY,
|
||||
EXIT_GROUP,
|
||||
EXIT_USER,
|
||||
EXIT_CAPABILITIES
|
||||
} ExitStatus;
|
||||
|
||||
int exec_spawn(const ExecCommand *command, const ExecContext *context, int *fds, unsigned n_fds, pid_t *ret);
|
||||
int exec_spawn(const ExecCommand *command,
|
||||
const ExecContext *context,
|
||||
int *fds, unsigned n_fds,
|
||||
bool apply_permissions,
|
||||
bool apply_chroot,
|
||||
pid_t *ret);
|
||||
|
||||
void exec_command_free_list(ExecCommand *c);
|
||||
void exec_command_free_array(ExecCommand **c, unsigned n);
|
||||
|
@ -1094,6 +1094,8 @@ static int load_from_path(Unit *u, const char *path) {
|
||||
{ "TimeoutSec", config_parse_usec, &u->service.timeout_usec, "Service" },
|
||||
{ "Type", config_parse_service_type, &u->service, "Service" },
|
||||
{ "Restart", config_parse_service_restart, &u->service, "Service" },
|
||||
{ "PermissionsStartOnly", config_parse_bool, &u->service.permissions_start_only, "Service" },
|
||||
{ "RootDirectoryStartOnly", config_parse_bool, &u->service.root_directory_start_only, "Service" },
|
||||
EXEC_CONTEXT_CONFIG_ITEMS(u->service.exec_context, "Service"),
|
||||
|
||||
{ "ListenStream", config_parse_listen, &u->socket, "Socket" },
|
||||
@ -1250,7 +1252,9 @@ int unit_load_fragment(Unit *u) {
|
||||
else
|
||||
c = NULL;
|
||||
|
||||
if (c && (c->output == EXEC_OUTPUT_KERNEL || c->output == EXEC_OUTPUT_SYSLOG)) {
|
||||
if (c &&
|
||||
(c->output == EXEC_OUTPUT_KERNEL || c->output == EXEC_OUTPUT_SYSLOG) &&
|
||||
u->meta.manager->running_as != MANAGER_SESSION) {
|
||||
int k;
|
||||
|
||||
/* If syslog or kernel logging is requested, make sure
|
||||
|
83
service.c
83
service.c
@ -557,6 +557,8 @@ static int service_init(Unit *u) {
|
||||
s->state = SERVICE_DEAD;
|
||||
|
||||
s->sysv_start_priority = -1;
|
||||
s->permissions_start_only = false;
|
||||
s->root_directory_start_only = false;
|
||||
|
||||
RATELIMIT_INIT(s->ratelimit, 10*USEC_PER_SEC, 5);
|
||||
|
||||
@ -595,8 +597,12 @@ static void service_dump(Unit *u, FILE *f, const char *prefix) {
|
||||
prefix2 = p2 ? p2 : prefix;
|
||||
|
||||
fprintf(f,
|
||||
"%sService State: %s\n",
|
||||
prefix, service_state_to_string(s->state));
|
||||
"%sService State: %s\n"
|
||||
"%sPermissionsStartOnly: %s\n"
|
||||
"%sRootDirectoryStartOnly: %s\n",
|
||||
prefix, service_state_to_string(s->state),
|
||||
prefix, yes_no(s->permissions_start_only),
|
||||
prefix, yes_no(s->root_directory_start_only));
|
||||
|
||||
if (s->pid_file)
|
||||
fprintf(f,
|
||||
@ -859,7 +865,15 @@ fail:
|
||||
return r;
|
||||
}
|
||||
|
||||
static int service_spawn(Service *s, ExecCommand *c, bool timeout, bool pass_fds, pid_t *_pid) {
|
||||
static int service_spawn(
|
||||
Service *s,
|
||||
ExecCommand *c,
|
||||
bool timeout,
|
||||
bool pass_fds,
|
||||
bool apply_permissions,
|
||||
bool apply_chroot,
|
||||
pid_t *_pid) {
|
||||
|
||||
pid_t pid;
|
||||
int r;
|
||||
int *fds = NULL;
|
||||
@ -879,7 +893,12 @@ static int service_spawn(Service *s, ExecCommand *c, bool timeout, bool pass_fds
|
||||
} else
|
||||
unit_unwatch_timer(UNIT(s), &s->timer_watch);
|
||||
|
||||
if ((r = exec_spawn(c, &s->exec_context, fds, n_fds, &pid)) < 0)
|
||||
if ((r = exec_spawn(c,
|
||||
&s->exec_context,
|
||||
fds, n_fds,
|
||||
apply_permissions,
|
||||
apply_chroot,
|
||||
&pid)) < 0)
|
||||
goto fail;
|
||||
|
||||
if ((r = unit_watch_pid(UNIT(s), pid)) < 0)
|
||||
@ -935,7 +954,13 @@ static void service_enter_stop_post(Service *s, bool success) {
|
||||
s->failure = true;
|
||||
|
||||
if ((s->control_command = s->exec_command[SERVICE_EXEC_STOP_POST]))
|
||||
if ((r = service_spawn(s, s->control_command, true, false, &s->control_pid)) < 0)
|
||||
if ((r = service_spawn(s,
|
||||
s->control_command,
|
||||
true,
|
||||
false,
|
||||
!s->permissions_start_only,
|
||||
!s->root_directory_start_only,
|
||||
&s->control_pid)) < 0)
|
||||
goto fail;
|
||||
|
||||
|
||||
@ -1011,7 +1036,13 @@ static void service_enter_stop(Service *s, bool success) {
|
||||
s->failure = true;
|
||||
|
||||
if ((s->control_command = s->exec_command[SERVICE_EXEC_STOP]))
|
||||
if ((r = service_spawn(s, s->control_command, true, false, &s->control_pid)) < 0)
|
||||
if ((r = service_spawn(s,
|
||||
s->control_command,
|
||||
true,
|
||||
false,
|
||||
!s->permissions_start_only,
|
||||
!s->root_directory_start_only,
|
||||
&s->control_pid)) < 0)
|
||||
goto fail;
|
||||
|
||||
service_set_state(s, SERVICE_STOP);
|
||||
@ -1031,7 +1062,13 @@ static void service_enter_start_post(Service *s) {
|
||||
assert(s);
|
||||
|
||||
if ((s->control_command = s->exec_command[SERVICE_EXEC_START_POST]))
|
||||
if ((r = service_spawn(s, s->control_command, true, false, &s->control_pid)) < 0)
|
||||
if ((r = service_spawn(s,
|
||||
s->control_command,
|
||||
true,
|
||||
false,
|
||||
!s->permissions_start_only,
|
||||
!s->root_directory_start_only,
|
||||
&s->control_pid)) < 0)
|
||||
goto fail;
|
||||
|
||||
|
||||
@ -1056,7 +1093,13 @@ static void service_enter_start(Service *s) {
|
||||
assert(s->exec_command[SERVICE_EXEC_START]);
|
||||
assert(!s->exec_command[SERVICE_EXEC_START]->command_next);
|
||||
|
||||
if ((r = service_spawn(s, s->exec_command[SERVICE_EXEC_START], s->type == SERVICE_FORKING, true, &pid)) < 0)
|
||||
if ((r = service_spawn(s,
|
||||
s->exec_command[SERVICE_EXEC_START],
|
||||
s->type == SERVICE_FORKING,
|
||||
true,
|
||||
true,
|
||||
true,
|
||||
&pid)) < 0)
|
||||
goto fail;
|
||||
|
||||
service_set_state(s, SERVICE_START);
|
||||
@ -1099,7 +1142,13 @@ static void service_enter_start_pre(Service *s) {
|
||||
assert(s);
|
||||
|
||||
if ((s->control_command = s->exec_command[SERVICE_EXEC_START_PRE]))
|
||||
if ((r = service_spawn(s, s->control_command, true, false, &s->control_pid)) < 0)
|
||||
if ((r = service_spawn(s,
|
||||
s->control_command,
|
||||
true,
|
||||
false,
|
||||
!s->permissions_start_only,
|
||||
!s->root_directory_start_only,
|
||||
&s->control_pid)) < 0)
|
||||
goto fail;
|
||||
|
||||
service_set_state(s, SERVICE_START_PRE);
|
||||
@ -1137,7 +1186,13 @@ static void service_enter_reload(Service *s) {
|
||||
assert(s);
|
||||
|
||||
if ((s->control_command = s->exec_command[SERVICE_EXEC_RELOAD]))
|
||||
if ((r = service_spawn(s, s->control_command, true, false, &s->control_pid)) < 0)
|
||||
if ((r = service_spawn(s,
|
||||
s->control_command,
|
||||
true,
|
||||
false,
|
||||
!s->permissions_start_only,
|
||||
!s->root_directory_start_only,
|
||||
&s->control_pid)) < 0)
|
||||
goto fail;
|
||||
|
||||
service_set_state(s, SERVICE_RELOAD);
|
||||
@ -1164,7 +1219,13 @@ static void service_run_next(Service *s, bool success) {
|
||||
|
||||
s->control_command = s->control_command->command_next;
|
||||
|
||||
if ((r = service_spawn(s, s->control_command, true, false, &s->control_pid)) < 0)
|
||||
if ((r = service_spawn(s,
|
||||
s->control_command,
|
||||
true,
|
||||
false,
|
||||
!s->permissions_start_only,
|
||||
!s->root_directory_start_only,
|
||||
&s->control_pid)) < 0)
|
||||
goto fail;
|
||||
|
||||
return;
|
||||
|
@ -88,6 +88,9 @@ struct Service {
|
||||
ExecCommand* exec_command[_SERVICE_EXEC_MAX];
|
||||
ExecContext exec_context;
|
||||
|
||||
bool permissions_start_only;
|
||||
bool root_directory_start_only;
|
||||
|
||||
ServiceState state;
|
||||
|
||||
ExecStatus main_exec_status;
|
||||
|
2
socket.c
2
socket.c
@ -394,7 +394,7 @@ static int socket_spawn(Socket *s, ExecCommand *c, bool timeout, pid_t *_pid) {
|
||||
} else
|
||||
unit_unwatch_timer(UNIT(s), &s->timer_watch);
|
||||
|
||||
if ((r = exec_spawn(c, &s->exec_context, NULL, 0, &pid)) < 0)
|
||||
if ((r = exec_spawn(c, &s->exec_context, NULL, 0, true, true, &pid)) < 0)
|
||||
goto fail;
|
||||
|
||||
if ((r = unit_watch_pid(UNIT(s), pid)) < 0)
|
||||
|
Loading…
Reference in New Issue
Block a user