Re: [systemd-devel] [PATCH] unit: add specifiers for user name and home directory
On Fri, 16.12.11 23:11, Ran Benita (ran...@gmail.com) wrote: And please pass uid and gid as NULL, get_user_creds() can deal with that. +return strdup(home); Otherwise looks fine. Thanks! May I also ask why specifier expansion is not allowed in Exec= lines? I think it's useful, and it works fine when I patch it. Is it problematic in any way? Hmm, it is allowed. In getty@.service for example, we have this: ExecStart=-/sbin/agetty %I 38400 and it works fine? Hmm, yes that works. I see service_spawn() expands the command arguments, but not the path, which is what I tried. I previously looked at config_parse_exec() in load-fragment.c. So my question becomes, why not expand the path? (It seems intentional). Yupp, it is intentional. This has to do with SELinux semantics. We need to label sockets services are supposed to get passed according to the service label (i.e. the label of the process binary). Since we create the sockets before actually starting the services we need to be able to determine the binary path of all future services at the time we initialize the sockets. But that is very hard if the process binary is determined dynamically at initialization time of the service. Hence we disallow dynamic service binary paths, since I didn't want to to allow different configuration options on SELinux and non-SELinux systems, in order to ensure that unit files people write are compatible with all setups. Does that make some sense? Lennart -- Lennart Poettering - Red Hat, Inc. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] unit: add specifiers for user name and home directory
On Thu, Dec 15, 2011 at 04:01:05PM +0100, Lennart Poettering wrote: On Fri, 09.12.11 03:00, Ran Benita (ran...@gmail.com) wrote: +_username = username; +r = get_user_creds(_username, uid, gid, home); +free(username); +if (r) +return NULL; + +/* specifier == '~' */ Do we really want '~' here, and not 'h'? Sounds a bit weird to me to chain up weird characters like % and ~ in a sequence. %h might be less of a surprise to the user? And please pass uid and gid as NULL, get_user_creds() can deal with that. +return strdup(home); Otherwise looks fine. Thanks! May I also ask why specifier expansion is not allowed in Exec= lines? I think it's useful, and it works fine when I patch it. Is it problematic in any way? Ran ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] unit: add specifiers for user name and home directory
On Fri, 16.12.11 12:41, Ran Benita (ran...@gmail.com) wrote: On Thu, Dec 15, 2011 at 04:01:05PM +0100, Lennart Poettering wrote: On Fri, 09.12.11 03:00, Ran Benita (ran...@gmail.com) wrote: +_username = username; +r = get_user_creds(_username, uid, gid, home); +free(username); +if (r) +return NULL; + +/* specifier == '~' */ Do we really want '~' here, and not 'h'? Sounds a bit weird to me to chain up weird characters like % and ~ in a sequence. %h might be less of a surprise to the user? And please pass uid and gid as NULL, get_user_creds() can deal with that. +return strdup(home); Otherwise looks fine. Thanks! May I also ask why specifier expansion is not allowed in Exec= lines? I think it's useful, and it works fine when I patch it. Is it problematic in any way? Hmm, it is allowed. In getty@.service for example, we have this: ExecStart=-/sbin/agetty %I 38400 and it works fine? Lennart -- Lennart Poettering - Red Hat, Inc. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] unit: add specifiers for user name and home directory
On Fri, Dec 16, 2011 at 05:10:45PM +0100, Lennart Poettering wrote: On Fri, 16.12.11 12:41, Ran Benita (ran...@gmail.com) wrote: On Thu, Dec 15, 2011 at 04:01:05PM +0100, Lennart Poettering wrote: On Fri, 09.12.11 03:00, Ran Benita (ran...@gmail.com) wrote: +_username = username; +r = get_user_creds(_username, uid, gid, home); +free(username); +if (r) +return NULL; + +/* specifier == '~' */ Do we really want '~' here, and not 'h'? Sounds a bit weird to me to chain up weird characters like % and ~ in a sequence. %h might be less of a surprise to the user? And please pass uid and gid as NULL, get_user_creds() can deal with that. +return strdup(home); Otherwise looks fine. Thanks! May I also ask why specifier expansion is not allowed in Exec= lines? I think it's useful, and it works fine when I patch it. Is it problematic in any way? Hmm, it is allowed. In getty@.service for example, we have this: ExecStart=-/sbin/agetty %I 38400 and it works fine? Hmm, yes that works. I see service_spawn() expands the command arguments, but not the path, which is what I tried. I previously looked at config_parse_exec() in load-fragment.c. So my question becomes, why not expand the path? (It seems intentional). Ran ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] unit: add specifiers for user name and home directory
On Fri, 09.12.11 03:00, Ran Benita (ran...@gmail.com) wrote: +_username = username; +r = get_user_creds(_username, uid, gid, home); +free(username); +if (r) +return NULL; + +/* specifier == '~' */ Do we really want '~' here, and not 'h'? Sounds a bit weird to me to chain up weird characters like % and ~ in a sequence. %h might be less of a surprise to the user? And please pass uid and gid as NULL, get_user_creds() can deal with that. +return strdup(home); Otherwise looks fine. Thanks! Lennart -- Lennart Poettering - Red Hat, Inc. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] unit: add specifiers for user name and home directory
Currently there is no way to refer to the user's name or home directory
from within a unit file. This is mainly a problem for unit files
intended for a --user systemd instance, where you might want to set the
user's home directory in WorkingDirectory, or otherwise refer to the
user's name.
This patch add two specifiers, %u and %~, for the user's name and home
directory. Note that these refer to the user who's running the instance,
and is otherwise unaffected by User=, RootDirectory=, etc.
---
man/systemd.unit.xml | 10 ++
src/unit.c | 26 ++
2 files changed, 36 insertions(+), 0 deletions(-)
diff --git a/man/systemd.unit.xml b/man/systemd.unit.xml
index 897f99f..59868d5 100644
--- a/man/systemd.unit.xml
+++ b/man/systemd.unit.xml
@@ -258,6 +258,16 @@
entryRuntime socket dir/entry
entryThis is either /run (for the system manager) or
$XDG_RUNTIME_DIR (for user managers)./entry
/row
+ row
+entryliteral%u/literal/entry
+entryUser name/entry
+entryThis is the name of the user who is running the
systemd instance./entry
+ /row
+ row
+entryliteral%~/literal/entry
+entryUser home directory/entry
+entryThis is the home directory of the user who is
running the systemd instance./entry
+ /row
/tbody
/tgroup
/table
diff --git a/src/unit.c b/src/unit.c
index 018e986..b1e2bca 100644
--- a/src/unit.c
+++ b/src/unit.c
@@ -2133,6 +2133,30 @@ static char *specifier_runtime(char specifier, void
*data, void *userdata) {
return strdup(/run);
}
+static char *specifier_user_details(char specifier, void *data, void
*userdata) {
+int r;
+char *username;
+const char *home, *_username;
+uid_t uid;
+gid_t gid;
+
+username = getlogname_malloc();
+if (!username)
+return NULL;
+
+if (specifier == 'u')
+return username;
+
+_username = username;
+r = get_user_creds(_username, uid, gid, home);
+free(username);
+if (r)
+return NULL;
+
+/* specifier == '~' */
+return strdup(home);
+}
+
char *unit_name_printf(Unit *u, const char* format) {
/*
@@ -2182,6 +2206,8 @@ char *unit_full_printf(Unit *u, const char *format) {
{ 'r', specifier_cgroup_root, NULL },
{ 'R', specifier_cgroup_root, NULL },
{ 't', specifier_runtime, NULL },
+{ 'u', specifier_user_details,NULL },
+{ '~', specifier_user_details,NULL },
{ 0, NULL, NULL }
};
--
1.7.7.4
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
