mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-25 23:21:33 +03:00
execute: add one more ExecFlags flag, for controlling unconditional directory chowning
Let's decouple the Manager object from the execution logic a bit more here too, and simply pass along the fact whether we should unconditionally chown the runtime/... directories via the ExecFlags field too.
This commit is contained in:
parent
af635cf377
commit
8679efde21
@ -1843,7 +1843,6 @@ static int setup_exec_directory(
|
||||
const ExecParameters *params,
|
||||
uid_t uid,
|
||||
gid_t gid,
|
||||
bool manager_is_system,
|
||||
ExecDirectoryType type,
|
||||
int *exit_status) {
|
||||
|
||||
@ -1865,7 +1864,7 @@ static int setup_exec_directory(
|
||||
if (!params->prefix[type])
|
||||
return 0;
|
||||
|
||||
if (manager_is_system) {
|
||||
if (params->flags & EXEC_CHOWN_DIRECTORIES) {
|
||||
if (!uid_is_valid(uid))
|
||||
uid = 0;
|
||||
if (!gid_is_valid(gid))
|
||||
@ -2601,7 +2600,7 @@ static int exec_child(
|
||||
}
|
||||
|
||||
for (dt = 0; dt < _EXEC_DIRECTORY_MAX; dt++) {
|
||||
r = setup_exec_directory(context, params, uid, gid, MANAGER_IS_SYSTEM(unit->manager), dt, exit_status);
|
||||
r = setup_exec_directory(context, params, uid, gid, dt, exit_status);
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
|
@ -260,12 +260,13 @@ typedef enum ExecFlags {
|
||||
EXEC_APPLY_TTY_STDIN = 1U << 2,
|
||||
EXEC_NEW_KEYRING = 1U << 3,
|
||||
EXEC_PASS_LOG_UNIT = 1U << 4, /* Whether to pass the unit name to the service's journal stream connection */
|
||||
EXEC_CHOWN_DIRECTORIES = 1U << 5, /* chown() the runtime/state/cache/log directories to the user we run as, under all conditions */
|
||||
|
||||
/* The following are not used by execute.c, but by consumers internally */
|
||||
EXEC_PASS_FDS = 1U << 5,
|
||||
EXEC_IS_CONTROL = 1U << 6,
|
||||
EXEC_SETENV_RESULT = 1U << 7,
|
||||
EXEC_SET_WATCHDOG = 1U << 8,
|
||||
EXEC_PASS_FDS = 1U << 6,
|
||||
EXEC_IS_CONTROL = 1U << 7,
|
||||
EXEC_SETENV_RESULT = 1U << 8,
|
||||
EXEC_SET_WATCHDOG = 1U << 9,
|
||||
} ExecFlags;
|
||||
|
||||
struct ExecParameters {
|
||||
|
@ -3422,7 +3422,7 @@ int manager_set_exec_params(Manager *m, ExecParameters *p) {
|
||||
p->cgroup_supported = m->cgroup_supported;
|
||||
p->prefix = m->prefix;
|
||||
|
||||
SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT, MANAGER_IS_SYSTEM(m));
|
||||
SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(m));
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user