mirror of
https://github.com/systemd/systemd.git
synced 2024-12-25 01:34:28 +03:00
3d2157e707
This flag was added indb6aedab92
with the justification that locale environment variables should be preserved by the user session. However, the companion patch to drop the UnsetEnvironment= directive blocking these variables was never merged, so the intended change was never effected. While the patch was ineffective toward its stated goal, the "-p" option does have material negative consequences for the user session in systemd — environment variables to support the use of credentials and memory pressure directives, such as $CREDENTIALS_DIRECTORY and $MEMORY_PRESSURE_WATCH, which are now directly used by agetty and login, get leaked into the user session potentially breaking applications that rely on these values. E.g. systemd-ask-password fails from the tty when $CREDENTIALS_DIRECTORY has been leaked from agetty, because it expects to be able to access credentials in $CREDENTIALS_DIRECTORY. This effectively revertsdb6aedab92
. References:db6aedab92
(units: Tell login to preserve environment (#6023), 2017-05-24)
46 lines
1.3 KiB
SYSTEMD
46 lines
1.3 KiB
SYSTEMD
# SPDX-License-Identifier: LGPL-2.1-or-later
|
|
#
|
|
# This file is part of systemd.
|
|
#
|
|
# systemd is free software; you can redistribute it and/or modify it
|
|
# under the terms of the GNU Lesser General Public License as published by
|
|
# the Free Software Foundation; either version 2.1 of the License, or
|
|
# (at your option) any later version.
|
|
|
|
[Unit]
|
|
Description=Console Getty
|
|
Documentation=man:agetty(8) man:systemd-getty-generator(8)
|
|
After=systemd-user-sessions.service plymouth-quit-wait.service getty-pre.target
|
|
{% if HAVE_SYSV_COMPAT %}
|
|
After=rc-local.service
|
|
{% endif %}
|
|
Before=getty.target
|
|
|
|
# OCI containers may be run without a console
|
|
ConditionPathExists=/dev/console
|
|
|
|
[Service]
|
|
# The '-o' option value tells agetty to replace 'login' arguments with '--' for
|
|
# safety, and then the entered username.
|
|
ExecStart=-/sbin/agetty -o '-- \\u' --noreset --noclear --keep-baud 115200,57600,38400,9600 - ${TERM}
|
|
Type=idle
|
|
Restart=always
|
|
UtmpIdentifier=cons
|
|
StandardInput=tty
|
|
StandardOutput=tty
|
|
TTYPath=/dev/console
|
|
TTYReset=yes
|
|
TTYVHangup=yes
|
|
{% if not ENABLE_LOGIND %}
|
|
KillMode=process
|
|
{% endif %}
|
|
IgnoreSIGPIPE=no
|
|
SendSIGHUP=yes
|
|
ImportCredential=tty.console.agetty.*:agetty.
|
|
ImportCredential=tty.console.login.*:login.
|
|
ImportCredential=agetty.*
|
|
ImportCredential=login.*
|
|
|
|
[Install]
|
|
WantedBy=getty.target
|