core: call dynamic_user_acquire() only when 'group' is non-null
When unit is reloaded, and the reloaded unit has bad-setting, then unit_patch_contexts() is not called and exec_context::user and group may not be configured. A minimum reproducer for the case is: - step 1. $ sudo systemctl edit --full hoge.service [Service] oneshot ExecStart=sleep 1h - step 2. $ sudo systemctl start hoge.service - step 3. $ sudo systemctl edit --full hoge.service [Service] Type=oneshot ExecStart=@bindir@/sleep 1h DynamicUser=yes Then pid1 crashed. Fixes #14733.
This commit is contained in:
parent
4c1dea42b5
commit
50152bb1c5
|
@ -770,7 +770,7 @@ int dynamic_creds_acquire(DynamicCreds *creds, Manager *m, const char *user, con
|
||||||
|
|
||||||
if (creds->user && (!group || streq_ptr(user, group)))
|
if (creds->user && (!group || streq_ptr(user, group)))
|
||||||
creds->group = dynamic_user_ref(creds->user);
|
creds->group = dynamic_user_ref(creds->user);
|
||||||
else {
|
else if (group) {
|
||||||
r = dynamic_user_acquire(m, group, &creds->group);
|
r = dynamic_user_acquire(m, group, &creds->group);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
if (acquired)
|
if (acquired)
|
||||||
|
|
Loading…
Reference in a new issue