diff options
| -rw-r--r-- | man/machinectl.xml | 18 | ||||
| -rw-r--r-- | man/systemd-run.xml | 7 | ||||
| -rw-r--r-- | man/systemd.exec.xml | 19 | ||||
| -rw-r--r-- | src/basic/user-util.c | 12 | ||||
| -rw-r--r-- | src/core/socket.c | 2 | ||||
| -rw-r--r-- | src/machine/image-dbus.c | 1 | ||||
| -rw-r--r-- | src/nspawn/nspawn.c | 7 | ||||
| -rw-r--r-- | src/nss-mymachines/nss-mymachines.c | 12 | ||||
| -rw-r--r-- | src/nss-systemd/nss-systemd.c | 26 | ||||
| -rw-r--r-- | src/shared/install.c | 8 | ||||
| -rw-r--r-- | src/tmpfiles/tmpfiles.c | 4 | ||||
| -rw-r--r-- | units/systemd-journal-catalog-update.service.in | 2 |
12 files changed, 61 insertions, 57 deletions
diff --git a/man/machinectl.xml b/man/machinectl.xml index 8bebdcf9a1..38cf919a78 100644 --- a/man/machinectl.xml +++ b/man/machinectl.xml @@ -428,6 +428,9 @@ user may be selected. Use <option>--setenv=</option> to set environment variables for the executed process.</para> + <para>Note that <command>machinectl shell</command> does not propagate the exit code/status of the invoked + shell process. Use <command>systemd-run</command> instead if that information is required (see below).</para> + <para>When using the <command>shell</command> command without arguments, (thus invoking the executed shell or command on the local host), it is in many ways similar to a <citerefentry @@ -440,12 +443,15 @@ environment variables or resource limits, among other properties.</para> - <para>Note that - <citerefentry><refentrytitle>systemd-run</refentrytitle><manvolnum>1</manvolnum></citerefentry> - may be used in place of the <command>shell</command> command, - and allows more detailed, low-level configuration of the - invoked unit. However, it is frequently more privileged than - the <command>shell</command> command.</para></listitem> + <para>Note that <citerefentry><refentrytitle>systemd-run</refentrytitle><manvolnum>1</manvolnum></citerefentry> + with its <option>--machine=</option> switch may be used in place of the <command>machinectl shell</command> + command, and allows non-interactive operation, more detailed and low-level configuration of the invoked unit, + as well as access to runtime and exit code/status information of the invoked shell process. In particular, use + <command>systemd-run</command>'s <option>--wait</option> switch to propagate exit status information of the + invoked process. Use <command>systemd-run</command>'s <option>--pty</option> switch for acquiring an + interactive shell, similar to <command>machinectl shell</command>. In general, <command>systemd-run</command> + is preferable for scripting purposes. However, note that <command>systemd-run</command> might require higher + privileges than <command>machinectl shell</command>.</para></listitem> </varlistentry> <varlistentry> diff --git a/man/systemd-run.xml b/man/systemd-run.xml index 2ad8cb0835..8d881f15d6 100644 --- a/man/systemd-run.xml +++ b/man/systemd-run.xml @@ -221,7 +221,12 @@ <listitem><para>When invoking the command, the transient service connects its standard input and output to the terminal <command>systemd-run</command> is invoked on, via a pseudo TTY device. This allows running binaries - that expect interactive user input as services, such as interactive command shells.</para></listitem> + that expect interactive user input as services, such as interactive command shells.</para> + + <para>Note that + <citerefentry><refentrytitle>machinectl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s + <command>shell</command> command is usually a better alternative for requesting a new, interactive login + session on the local host or a local container.</para></listitem> </varlistentry> <varlistentry> diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml index 68af3857da..e29ebf8659 100644 --- a/man/systemd.exec.xml +++ b/man/systemd.exec.xml @@ -859,14 +859,17 @@ <varlistentry> <term><varname>PAMName=</varname></term> - <listitem><para>Sets the PAM service name to set up a session - as. If set, the executed process will be registered as a PAM - session under the specified service name. This is only useful - in conjunction with the <varname>User=</varname> setting. If - not set, no PAM session will be opened for the executed - processes. See - <citerefentry project='man-pages'><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry> - for details.</para></listitem> + <listitem><para>Sets the PAM service name to set up a session as. If set, the executed process will be + registered as a PAM session under the specified service name. This is only useful in conjunction with the + <varname>User=</varname> setting, and is otherwise ignored. If not set, no PAM session will be opened for the + executed processes. See <citerefentry + project='man-pages'><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry> for + details.</para> + + <para>Note that for each unit making use of this option a PAM session handler process will be maintained as + part of the unit and stays around as long as the unit is active, to ensure that appropriate actions can be + taken when the unit and hence the PAM session terminates. This process is named <literal>(sd-pam)</literal> and + is an immediate child process of the unit's main process.</para></listitem> </varlistentry> <varlistentry> diff --git a/src/basic/user-util.c b/src/basic/user-util.c index 938533d2e7..c619dad527 100644 --- a/src/basic/user-util.c +++ b/src/basic/user-util.c @@ -46,6 +46,8 @@ bool uid_is_valid(uid_t uid) { + /* Also see POSIX IEEE Std 1003.1-2008, 2016 Edition, 3.436. */ + /* Some libc APIs use UID_INVALID as special placeholder */ if (uid == (uid_t) UINT32_C(0xFFFFFFFF)) return false; @@ -519,7 +521,15 @@ bool valid_user_group_name(const char *u) { const char *i; long sz; - /* Checks if the specified name is a valid user/group name. */ + /* Checks if the specified name is a valid user/group name. Also see POSIX IEEE Std 1003.1-2008, 2016 Edition, + * 3.437. We are a bit stricter here however. Specifically we deviate from POSIX rules: + * + * - We don't allow any dots (this would break chown syntax which permits dots as user/group name separator) + * - We require that names fit into the appropriate utmp field + * - We don't allow empty user names + * + * Note that other systems are even more restrictive, and don't permit underscores or uppercase characters. + */ if (isempty(u)) return false; diff --git a/src/core/socket.c b/src/core/socket.c index 0960a30039..b88bd51245 100644 --- a/src/core/socket.c +++ b/src/core/socket.c @@ -448,7 +448,7 @@ static int socket_verify(Socket *s) { return 0; if (!s->ports) { - log_unit_error(UNIT(s), "Unit lacks Listen setting. Refusing."); + log_unit_error(UNIT(s), "Unit has no Listen setting (e.g. ListenStream=, ListenDatagram=, ListenFIFO, ...). Refusing."); return -EINVAL; } diff --git a/src/machine/image-dbus.c b/src/machine/image-dbus.c index e2fb882393..a7b9d1f9ef 100644 --- a/src/machine/image-dbus.c +++ b/src/machine/image-dbus.c @@ -293,7 +293,6 @@ int bus_image_method_set_limit( static int directory_image_get_os_release(Image *image, char ***ret, sd_bus_error *error) { _cleanup_free_ char *path = NULL; - _cleanup_close_ int fd = -1; int r; assert(image); diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index faf1ecc5df..e366f642c7 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -1425,12 +1425,9 @@ static int copy_devnodes(const char *dest) { } else { if (mknod(to, st.st_mode, st.st_rdev) < 0) { - /* - * This is some sort of protection too against - * recursive userns chown on shared /dev/ - */ + /* Explicitly warn the user when /dev is already populated. */ if (errno == EEXIST) - log_notice("%s/dev/ should be an empty directory", dest); + log_notice("%s/dev is pre-mounted and pre-populated. If a pre-mounted /dev is provided it needs to be an unpopulated file system.", dest); if (errno != EPERM) return log_error_errno(errno, "mknod(%s) failed: %m", to); diff --git a/src/nss-mymachines/nss-mymachines.c b/src/nss-mymachines/nss-mymachines.c index 895f61c462..fac37faea5 100644 --- a/src/nss-mymachines/nss-mymachines.c +++ b/src/nss-mymachines/nss-mymachines.c @@ -512,10 +512,8 @@ enum nss_status _nss_mymachines_getpwuid_r( BLOCK_SIGNALS(NSS_SIGNALS_BLOCK); - if (!uid_is_valid(uid)) { - r = -EINVAL; - goto fail; - } + if (!uid_is_valid(uid)) + goto not_found; /* We consider all uids < 65536 host uids */ if (uid < HOST_UID_LIMIT) @@ -686,10 +684,8 @@ enum nss_status _nss_mymachines_getgrgid_r( BLOCK_SIGNALS(NSS_SIGNALS_BLOCK); - if (!gid_is_valid(gid)) { - r = -EINVAL; - goto fail; - } + if (!gid_is_valid(gid)) + goto not_found; /* We consider all gids < 65536 host gids */ if (gid < HOST_GID_LIMIT) diff --git a/src/nss-systemd/nss-systemd.c b/src/nss-systemd/nss-systemd.c index c80972742b..fd5064c937 100644 --- a/src/nss-systemd/nss-systemd.c +++ b/src/nss-systemd/nss-systemd.c @@ -123,10 +123,10 @@ enum nss_status _nss_systemd_getpwnam_r( assert(name); assert(pwd); - if (!valid_user_group_name(name)) { - r = -EINVAL; - goto fail; - } + /* If the username is not valid, then we don't know it. Ideally libc would filter these for us anyway. We don't + * generate EINVAL here, because it isn't really out business to complain about invalid user names. */ + if (!valid_user_group_name(name)) + goto not_found; /* Synthesize entries for the root and nobody users, in case they are missing in /etc/passwd */ if (streq(name, root_passwd.pw_name)) { @@ -227,10 +227,8 @@ enum nss_status _nss_systemd_getpwuid_r( BLOCK_SIGNALS(NSS_SIGNALS_BLOCK); - if (!uid_is_valid(uid)) { - r = -EINVAL; - goto fail; - } + if (!uid_is_valid(uid)) + goto not_found; /* Synthesize data for the root user and for nobody in case they are missing from /etc/passwd */ if (uid == root_passwd.pw_uid) { @@ -329,10 +327,8 @@ enum nss_status _nss_systemd_getgrnam_r( assert(name); assert(gr); - if (!valid_user_group_name(name)) { - r = -EINVAL; - goto fail; - } + if (!valid_user_group_name(name)) + goto not_found; /* Synthesize records for root and nobody, in case they are missing form /etc/group */ if (streq(name, root_group.gr_name)) { @@ -430,10 +426,8 @@ enum nss_status _nss_systemd_getgrgid_r( BLOCK_SIGNALS(NSS_SIGNALS_BLOCK); - if (!gid_is_valid(gid)) { - r = -EINVAL; - goto fail; - } + if (!gid_is_valid(gid)) + goto not_found; /* Synthesize records for root and nobody, in case they are missing from /etc/group */ if (gid == root_group.gr_gid) { diff --git a/src/shared/install.c b/src/shared/install.c index 474426d927..4e047157cc 100644 --- a/src/shared/install.c +++ b/src/shared/install.c @@ -1567,18 +1567,12 @@ static int install_info_symlink_wants( if (strv_isempty(list)) return 0; - if (unit_name_is_valid(i->name, UNIT_NAME_TEMPLATE)) { + if (unit_name_is_valid(i->name, UNIT_NAME_TEMPLATE) && i->default_instance) { UnitFileInstallInfo instance = { .type = _UNIT_FILE_TYPE_INVALID, }; _cleanup_free_ char *path = NULL; - /* Don't install any symlink if there's no default - * instance configured */ - - if (!i->default_instance) - return 0; - r = unit_name_replace_instance(i->name, i->default_instance, &buf); if (r < 0) return r; diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c index 79f75e165b..f4ce9791fb 100644 --- a/src/tmpfiles/tmpfiles.c +++ b/src/tmpfiles/tmpfiles.c @@ -649,7 +649,7 @@ static int path_set_perms(Item *i, const char *path) { else { log_debug("chmod \"%s\" to mode %o", path, m); if (chmod(fn, m) < 0) - return log_error_errno(errno, "chmod(%s) failed: %m", path); + return log_error_errno(errno, "chmod() of %s via %s failed: %m", path, fn); } } @@ -662,7 +662,7 @@ static int path_set_perms(Item *i, const char *path) { if (chown(fn, i->uid_set ? i->uid : UID_INVALID, i->gid_set ? i->gid : GID_INVALID) < 0) - return log_error_errno(errno, "chown(%s) failed: %m", path); + return log_error_errno(errno, "chown() of %s via %s failed: %m", path, fn); } } diff --git a/units/systemd-journal-catalog-update.service.in b/units/systemd-journal-catalog-update.service.in index 6370dd478f..276f052b1a 100644 --- a/units/systemd-journal-catalog-update.service.in +++ b/units/systemd-journal-catalog-update.service.in @@ -12,7 +12,7 @@ DefaultDependencies=no Conflicts=shutdown.target After=local-fs.target Before=sysinit.target shutdown.target systemd-update-done.service -ConditionNeedsUpdate=/etc +ConditionNeedsUpdate=/var [Service] Type=oneshot |