diff options
| author | Lennart Poettering <lennart@poettering.net> | 2016-02-08 23:35:24 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2016-02-10 16:09:24 +0100 |
| commit | 888e378da2dbf4520e68a9d7e59712a3cd5a830f (patch) | |
| tree | d280cb63970f5d511d208861e4faaf7427ca6161 | |
| parent | 15a900327aba7dc4dc886affe1ae22d3b759b193 (diff) | |
coredump: dump priviliges when processing system coredumps
Let's add an extra-safety net and change UID/GID to the "systemd-coredump" user when processing coredumps from system
user. For coredumps of normal users we keep the current logic of processing the coredumps from the user id the coredump
was created under.
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=87354
| -rw-r--r-- | Makefile.am | 1 | ||||
| -rw-r--r-- | README | 3 | ||||
| -rw-r--r-- | configure.ac | 1 | ||||
| -rw-r--r-- | src/coredump/coredump.c | 16 | ||||
| -rw-r--r-- | sysusers.d/systemd.conf.m4 | 3 |
5 files changed, 20 insertions, 4 deletions
diff --git a/Makefile.am b/Makefile.am index 87744d784c..125319fe48 100644 --- a/Makefile.am +++ b/Makefile.am @@ -4870,7 +4870,6 @@ nodist_systemunit_DATA += \ GENERAL_ALIASES += \ $(systemunitdir)/systemd-timesyncd.service $(pkgsysconfdir)/system/sysinit.target.wants/systemd-timesyncd.service - nodist_pkgsysconf_DATA += \ src/timesync/timesyncd.conf @@ -203,6 +203,9 @@ USERS AND GROUPS: Similarly, the kdbus dbus1 proxy daemon requires the "systemd-bus-proxy" system user and group to exist. + Similarly, the coredump support requires the + "systemd-coredump" system user and group to exist. + NSS: systemd ships with three NSS modules: diff --git a/configure.ac b/configure.ac index 0374b3f39b..d05d0ba31f 100644 --- a/configure.ac +++ b/configure.ac @@ -1106,6 +1106,7 @@ have_coredump=no AC_ARG_ENABLE(coredump, AS_HELP_STRING([--disable-coredump], [disable coredump hook])) if test "x$enable_coredump" != "xno"; then have_coredump=yes + M4_DEFINES="$M4_DEFINES -DENABLE_COREDUMP" fi AM_CONDITIONAL(ENABLE_COREDUMP, [test "$have_coredump" = "yes"]) diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c index 9e056436ea..085909c20c 100644 --- a/src/coredump/coredump.c +++ b/src/coredump/coredump.c @@ -569,9 +569,19 @@ static int change_uid_gid(const char *context[]) { if (r < 0) return r; - r = parse_gid(context[CONTEXT_GID], &gid); - if (r < 0) - return r; + if (uid <= SYSTEM_UID_MAX) { + const char *user = "systemd-coredump"; + + r = get_user_creds(&user, &uid, &gid, NULL, NULL); + if (r < 0) { + log_warning_errno(r, "Cannot resolve %s user. Proceeding to dump core as root: %m", user); + uid = gid = 0; + } + } else { + r = parse_gid(context[CONTEXT_GID], &gid); + if (r < 0) + return r; + } return drop_privileges(uid, gid, 0); } diff --git a/sysusers.d/systemd.conf.m4 b/sysusers.d/systemd.conf.m4 index 81b1d79c37..317240a9fd 100644 --- a/sysusers.d/systemd.conf.m4 +++ b/sysusers.d/systemd.conf.m4 @@ -16,3 +16,6 @@ u systemd-resolve - "systemd Resolver" m4_ifdef(`ENABLE_TIMESYNCD', u systemd-timesync - "systemd Time Synchronization" )m4_dnl +m4_ifdef(`ENABLE_COREDUMP', +u systemd-coredump - "systemd Core Dumper" +)m4_dnl |