diff --git a/src/core/execute.c b/src/core/execute.c index de6ea283665..a0c58ac255e 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -2698,7 +2698,6 @@ static int load_credential( } struct load_cred_args { - Set *seen_creds; const ExecContext *context; const ExecParameters *params; bool encrypted; @@ -2735,14 +2734,12 @@ static int load_cred_recurse_dir_cb( if (!credential_name_valid(sub_id)) return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "Credential would get ID %s, which is not valid, refusing", sub_id); - if (set_contains(args->seen_creds, sub_id)) { + if (faccessat(args->dfd, sub_id, F_OK, AT_SYMLINK_NOFOLLOW) >= 0) { log_debug("Skipping credential with duplicated ID %s at %s", sub_id, path); return RECURSE_DIR_CONTINUE; } - - r = set_put_strdup(&args->seen_creds, sub_id); - if (r < 0) - return r; + if (errno != ENOENT) + return log_debug_errno(errno, "Failed to test if credential %s exists: %m", sub_id); r = load_credential( args->context, @@ -2772,7 +2769,6 @@ static int acquire_credentials( uint64_t left = CREDENTIALS_TOTAL_SIZE_MAX; _cleanup_close_ int dfd = -1; - _cleanup_set_free_ Set *seen_creds = NULL; ExecLoadCredential *lc; ExecSetCredential *sc; int r; @@ -2784,10 +2780,6 @@ static int acquire_credentials( if (dfd < 0) return -errno; - seen_creds = set_new(&string_hash_ops_free); - if (!seen_creds) - return -ENOMEM; - /* First, load credentials off disk (or acquire via AF_UNIX socket) */ HASHMAP_FOREACH(lc, context->load_credentials) { _cleanup_close_ int sub_fd = -1; @@ -2804,10 +2796,6 @@ static int acquire_credentials( if (sub_fd < 0) { /* Regular file */ - r = set_put_strdup(&seen_creds, lc->id); - if (r < 0) - return r; - r = load_credential( context, params, @@ -2834,7 +2822,6 @@ static int acquire_credentials( RECURSE_DIR_IGNORE_DOT|RECURSE_DIR_ENSURE_TYPE, load_cred_recurse_dir_cb, &(struct load_cred_args) { - .seen_creds = seen_creds, .context = context, .params = params, .encrypted = lc->encrypted,