From f7dc3ab9f43b67abcbd34062b9352ab42debec49 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 21 May 2014 09:31:22 +0900
Subject: logind: don't apply RemoveIPC= to system users

We shouldn't destroy IPC objects of system users on logout.

http://lists.freedesktop.org/archives/systemd-devel/2014-April/018373.html

This introduces SYSTEM_UID_MAX defined to the maximum UID of system
users. This value is determined compile-time, either as configure switch
or from /etc/login.defs. (We don't read that file at runtime, since this
is really a choice for a system builder, not the end user.)

While we are at it we then also update journald to use SYSTEM_UID_MAX
when we decide whether to split out log data for a specific client.
---
 src/core/systemd.pc.in        | 2 ++
 src/journal/journald-server.c | 2 +-
 src/shared/clean-ipc.c        | 4 ++--
 3 files changed, 5 insertions(+), 3 deletions(-)

(limited to 'src')

diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in
index de0f6494e9..f8bccb5d6a 100644
--- a/src/core/systemd.pc.in
+++ b/src/core/systemd.pc.in
@@ -19,6 +19,8 @@ systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/run/systemd/user:/u
 systemdsystemgeneratordir=@systemgeneratordir@
 systemdusergeneratordir=@usergeneratordir@
 catalogdir=@catalogdir@
+systemuidmax=@systemuidmax@
+systemgidmax=@systemgidmax@
 
 Name: systemd
 Description: systemd System and Service Manager
diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index 0439caf909..381d80a938 100644
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -258,7 +258,7 @@ static JournalFile* find_journal(Server *s, uid_t uid) {
         if (s->runtime_journal)
                 return s->runtime_journal;
 
-        if (uid <= 0)
+        if (uid <= SYSTEM_UID_MAX)
                 return s->system_journal;
 
         r = sd_id128_get_machine(&machine);
diff --git a/src/shared/clean-ipc.c b/src/shared/clean-ipc.c
index ddd42cc2b2..cb1722614e 100644
--- a/src/shared/clean-ipc.c
+++ b/src/shared/clean-ipc.c
@@ -332,8 +332,8 @@ fail:
 int clean_ipc(uid_t uid) {
         int ret = 0, r;
 
-        /* Refuse to clean IPC of the root user */
-        if (uid == 0)
+        /* Refuse to clean IPC of the root and system users */
+        if (uid <= SYSTEM_UID_MAX)
                 return 0;
 
         r = clean_sysvipc_shm(uid);
-- 
cgit v1.2.3-54-g00ecf