f960fa45c1
In make_credential_host_secret, the credential.secret file is generated first as a temporary anonymous file that is later instantiated with linkat(2). This system call requires CAP_DAC_READ_SEARCH capability when the flag AT_EMPTY_PATH is used. This patch check if the capability is effective, and if not uses the alternative codepath for creating named temporary files. Non-root users can now create per-user credentials with: export SYSTEMD_CREDENTIAL_SECRET=$HOME/.config/systemd/credential.secret systemd-creds setup Signed-off-by: Alberto Planas <aplanas@suse.com> (cherry picked from commit 1615578f2792fdeecaf65606861bd3db9eb949c3) (cherry picked from commit 432ec5a654d5b8b123472ab64b29d9b5baf3cbf2) (cherry picked from commit d7c8b1b7095b3e80b4e0dc354e1d69cb987c075e)
System and Service Manager
Details
Most documentation is available on systemd's web site.
Assorted, older, general information about systemd can be found in the systemd Wiki.
Information about build requirements is provided in the README file.
Consult our NEWS file for information about what's new in the most recent systemd versions.
Please see the Code Map for information about this repository's layout and content.
Please see the Hacking guide for information on how to hack on systemd and test your modifications.
Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.
When preparing patches for systemd, please follow our Coding Style Guidelines.
If you are looking for support, please contact our mailing list or join our IRC channel.
Stable branches with backported patches are available in the stable repo.