picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
Systemd/src
History
Lennart Poettering 98e4fcec36 dynamic-user: don't use a UID that currently owns IPC objects (#6962) 
This fixes a mostly theoretical potential security hole: if for some
reason we failed to remove IPC objects created for a dynamic user (maybe
because a MAC/SElinux erronously prohibited), then we should not hand
out the same UID again until they are successfully removed.

With this commit we'll enumerate the IPC objects currently existing, and
step away from using a UID for the dynamic UID logic if there are any
matching it.
2017-10-04 21:40:01 +02:00
..
ac-power build-sys: drop automake support 2017-07-18 10:04:44 -04:00
activate tree-wide: make use of getpid_cached() wherever we can 2017-07-20 20:27:24 +02:00
analyze build-sys: use #if Y instead of #ifdef Y everywhere 2017-10-04 12:09:29 +02:00
ask-password build-sys: drop automake support 2017-07-18 10:04:44 -04:00
backlight build-sys: drop automake support 2017-07-18 10:04:44 -04:00
basic Merge pull request #6975 from sourcejedi/logind_pid_0_v2 2017-10-04 21:33:52 +02:00
binfmt exec-util,conf-files: skip non-executable files in execute_directories() 2017-09-13 11:42:31 +02:00
boot build-sys: use #if Y instead of #ifdef Y everywhere 2017-10-04 12:09:29 +02:00
busctl busctl: monitor - ignore the final NameLost message 2017-05-25 17:37:50 +02:00
cgls build-sys: drop automake support 2017-07-18 10:04:44 -04:00
cgroups-agent build-sys: drop automake support 2017-07-18 10:04:44 -04:00
cgtop build-sys: drop automake support 2017-07-18 10:04:44 -04:00
core dynamic-user: don't use a UID that currently owns IPC objects (#6962) 2017-10-04 21:40:01 +02:00
coredump build-sys: use #if Y instead of #ifdef Y everywhere 2017-10-04 12:09:29 +02:00
cryptsetup tree-wide: use IN_SET macro (#6977) 2017-10-04 16:01:32 +02:00
debug-generator build-sys: drop automake support 2017-07-18 10:04:44 -04:00
delta build-sys: use #if Y instead of #ifdef Y everywhere 2017-10-04 12:09:29 +02:00
detect-virt build-sys: drop automake support 2017-07-18 10:04:44 -04:00
dissect build-sys: drop automake support 2017-07-18 10:04:44 -04:00
environment-d-generator exec-util,conf-files: skip non-executable files in execute_directories() 2017-09-13 11:42:31 +02:00
escape escape: fix systemd-escape description text 2017-07-31 18:01:42 +02:00
firstboot "Don't fear the fsync()" 2017-08-17 20:26:36 +01:00
fsck Merge pull request #6974 from keszybz/clean-up-defines 2017-10-04 19:25:30 +02:00
fstab-generator tree-wide: fput[cs]() → fput[cs]_unlocked() wherever that makes sense (#6396) 2017-07-21 10:35:45 +02:00
getty-generator getty-generator: shift relevant comment to above tty_is_vc() 2017-08-07 17:23:41 +01:00
gpt-auto-generator build-sys: use #if Y instead of #ifdef Y everywhere 2017-10-04 12:09:29 +02:00
hibernate-resume build-sys: drop automake support 2017-07-18 10:04:44 -04:00
hostname build-sys: use #if Y instead of #ifdef Y everywhere 2017-10-04 12:09:29 +02:00
hwdb exec-util,conf-files: skip non-executable files in execute_directories() 2017-09-13 11:42:31 +02:00
import Merge pull request #6974 from keszybz/clean-up-defines 2017-10-04 19:25:30 +02:00
initctl tree-wide: make use of getpid_cached() wherever we can 2017-07-20 20:27:24 +02:00
journal Merge pull request #6974 from keszybz/clean-up-defines 2017-10-04 19:25:30 +02:00
journal-remote build-sys: use #if Y instead of #ifdef Y everywhere 2017-10-04 12:09:29 +02:00
kernel-install build-sys: drop automake support 2017-07-18 10:04:44 -04:00
libsystemd Merge pull request #6974 from keszybz/clean-up-defines 2017-10-04 19:25:30 +02:00
libsystemd-network tree-wide: use IN_SET macro (#6977) 2017-10-04 16:01:32 +02:00
libudev meson: move library version defines to the top (#6939) 2017-09-28 19:24:16 +02:00
locale Merge pull request #6974 from keszybz/clean-up-defines 2017-10-04 19:25:30 +02:00
login Merge pull request #6975 from sourcejedi/logind_pid_0_v2 2017-10-04 21:33:52 +02:00
machine Merge pull request #6975 from sourcejedi/logind_pid_0_v2 2017-10-04 21:33:52 +02:00
machine-id-setup build-sys: drop automake support 2017-07-18 10:04:44 -04:00
modules-load exec-util,conf-files: skip non-executable files in execute_directories() 2017-09-13 11:42:31 +02:00
mount mount: always show the user-provided argument when umount can't be done 2017-09-07 16:16:47 -03:00
network Merge pull request #6974 from keszybz/clean-up-defines 2017-10-04 19:25:30 +02:00
notify build-sys: drop automake support 2017-07-18 10:04:44 -04:00
nspawn build-sys: use #if Y instead of #ifdef Y everywhere 2017-10-04 12:09:29 +02:00
nss-myhostname tree-wide: use !IN_SET(..) for a != b && a != c && … 2017-10-02 13:09:56 +02:00
nss-mymachines nss: use secure_getenv for behaviour-modifying booleans (#6817) 2017-09-14 09:20:27 +02:00
nss-resolve tree-wide: use IN_SET macro (#6977) 2017-10-04 16:01:32 +02:00
nss-systemd nss-systemd: if cannot open bus, then try to read user info directly (#6971) 2017-10-04 19:29:36 +02:00
path build-sys: drop automake support 2017-07-18 10:04:44 -04:00
quotacheck build-sys: use #if Y instead of #ifdef Y everywhere 2017-10-04 12:09:29 +02:00
random-seed build-sys: drop automake support 2017-07-18 10:04:44 -04:00
rc-local-generator build-sys: drop automake support 2017-07-18 10:04:44 -04:00
remount-fs build-sys: drop automake support 2017-07-18 10:04:44 -04:00
reply-password build-sys: drop automake support 2017-07-18 10:04:44 -04:00
resolve Merge pull request #6974 from keszybz/clean-up-defines 2017-10-04 19:25:30 +02:00
rfkill rfkill: Delay writes until exit (#5768) 2017-09-01 12:17:02 +02:00
run run: also show IP traffic accounting data on "systemd-run --wait" 2017-09-26 23:51:14 +02:00
shared dynamic-user: don't use a UID that currently owns IPC objects (#6962) 2017-10-04 21:40:01 +02:00
sleep fileio: make write_string_stream() accept flags parameter 2017-09-22 20:55:34 +02:00
socket-proxy tree-wide: use IN_SET macro (#6977) 2017-10-04 16:01:32 +02:00
stdio-bridge tree-wide: when %m is used in log_*, always specify errno explicitly 2017-05-19 14:24:03 -04:00
sulogin-shell sulogin-shell: switch from shell implementation to a C implementation (#6698) 2017-09-08 18:21:37 +02:00
sysctl exec-util,conf-files: skip non-executable files in execute_directories() 2017-09-13 11:42:31 +02:00
system-update-generator build-sys: drop automake support 2017-07-18 10:04:44 -04:00
systemctl Merge pull request #6975 from sourcejedi/logind_pid_0_v2 2017-10-04 21:33:52 +02:00
systemd core: whenever a unit terminates, log its consumed resources to the journal 2017-09-22 15:28:05 +02:00
sysusers Merge pull request #6974 from keszybz/clean-up-defines 2017-10-04 19:25:30 +02:00
sysv-generator tree-wide: use IN_SET where possible 2017-10-02 13:09:54 +02:00
test Merge pull request #6992 from keszybz/fix-test-copy 2017-10-04 20:00:14 +02:00
timedate build-sys: use #if Y instead of #ifdef Y everywhere 2017-10-04 12:09:29 +02:00
timesync build-sys: use #if Y instead of #ifdef Y everywhere 2017-10-04 12:09:29 +02:00
tmpfiles Merge pull request #6974 from keszybz/clean-up-defines 2017-10-04 19:25:30 +02:00
tty-ask-password-agent tree-wide: use IN_SET macro (#6977) 2017-10-04 16:01:32 +02:00
udev udevadm,basic: replace nulstr_contains with STR_IN_SET (#6965) 2017-10-04 19:32:12 +02:00
update-done build-sys: drop automake support 2017-07-18 10:04:44 -04:00
update-utmp Merge pull request #6974 from keszybz/clean-up-defines 2017-10-04 19:25:30 +02:00
user-sessions build-sys: drop automake support 2017-07-18 10:04:44 -04:00
vconsole build-sys: use #if Y instead of #ifdef Y everywhere 2017-10-04 12:09:29 +02:00
veritysetup tree-wide: use IN_SET where possible 2017-10-02 13:09:54 +02:00
volatile-root build-sys: drop automake support 2017-07-18 10:04:44 -04:00