mirror of
https://github.com/systemd/systemd.git
synced 2024-12-25 01:34:28 +03:00
creds: make available to all ExecStartPre= and ExecStart= processes
Fixes https://github.com/systemd/systemd/issues/27275
This commit is contained in:
parent
1034dfd0d8
commit
c9210b7470
@ -2649,6 +2649,7 @@ static void service_run_next_control(Service *s) {
|
|||||||
s->control_command,
|
s->control_command,
|
||||||
timeout,
|
timeout,
|
||||||
EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL|
|
EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL|
|
||||||
|
(IN_SET(s->state, SERVICE_CONDITION, SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST, SERVICE_RUNNING, SERVICE_RELOAD) ? EXEC_WRITE_CREDENTIALS : 0)|
|
||||||
(IN_SET(s->control_command_id, SERVICE_EXEC_CONDITION, SERVICE_EXEC_START_PRE, SERVICE_EXEC_STOP_POST) ? EXEC_APPLY_TTY_STDIN : 0)|
|
(IN_SET(s->control_command_id, SERVICE_EXEC_CONDITION, SERVICE_EXEC_START_PRE, SERVICE_EXEC_STOP_POST) ? EXEC_APPLY_TTY_STDIN : 0)|
|
||||||
(IN_SET(s->control_command_id, SERVICE_EXEC_STOP, SERVICE_EXEC_STOP_POST) ? EXEC_SETENV_RESULT : 0)|
|
(IN_SET(s->control_command_id, SERVICE_EXEC_STOP, SERVICE_EXEC_STOP_POST) ? EXEC_SETENV_RESULT : 0)|
|
||||||
(IN_SET(s->control_command_id, SERVICE_EXEC_START_PRE, SERVICE_EXEC_START) ? EXEC_SETENV_MONITOR_RESULT : 0)|
|
(IN_SET(s->control_command_id, SERVICE_EXEC_START_PRE, SERVICE_EXEC_START) ? EXEC_SETENV_MONITOR_RESULT : 0)|
|
||||||
@ -2688,7 +2689,7 @@ static void service_run_next_main(Service *s) {
|
|||||||
r = service_spawn(s,
|
r = service_spawn(s,
|
||||||
s->main_command,
|
s->main_command,
|
||||||
s->timeout_start_usec,
|
s->timeout_start_usec,
|
||||||
EXEC_PASS_FDS|EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN|EXEC_SET_WATCHDOG|EXEC_SETENV_MONITOR_RESULT,
|
EXEC_PASS_FDS|EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN|EXEC_SET_WATCHDOG|EXEC_SETENV_MONITOR_RESULT|EXEC_WRITE_CREDENTIALS,
|
||||||
&pid);
|
&pid);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
goto fail;
|
goto fail;
|
||||||
|
@ -131,6 +131,14 @@ if systemctl --version | grep -q -- +OPENSSL ; then
|
|||||||
rm /tmp/test-54-plaintext /tmp/test-54-ciphertext
|
rm /tmp/test-54-plaintext /tmp/test-54-ciphertext
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# https://github.com/systemd/systemd/issues/27275
|
||||||
|
systemd-run -p DynamicUser=yes -p 'LoadCredential=os:/etc/os-release' \
|
||||||
|
-p 'ExecStartPre=true' \
|
||||||
|
-p 'ExecStartPre=systemd-creds cat os' \
|
||||||
|
--wait \
|
||||||
|
--pipe \
|
||||||
|
true | cmp /etc/os-release
|
||||||
|
|
||||||
systemd-analyze log-level info
|
systemd-analyze log-level info
|
||||||
|
|
||||||
echo OK >/testok
|
echo OK >/testok
|
||||||
|
Loading…
Reference in New Issue
Block a user