| Message ID | 20180308142509.26795-1-anssi.hannula@bitwise.fi |
|---|---|
| State | Accepted |
| Commit | 183d2097ffef5d8d7e1ac07d3b613ecacdd8c876 |
| Headers | show |
| Series | systemd: do not use host system-uid/gid ranges | expand |
Anssi, All, On 2018-03-08 16:25 +0200, Anssi Hannula spake thusly: > systemd meson.build uses values from host /etc/login.defs if > system-uid-max and system-gid-max build options are not explicitly > specified. > > Avoid that by setting system-uid-max and system-gid-max to 999 which is > the systemd default if SYSTEM_UID_MAX and SYSTEM_GID_MAX are not set in > /etc/login.defs. > > Signed-off-by: Anssi Hannula <anssi.hannula@bitwise.fi> Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Would we need to do something with dynamic-uid-min, dynamic-uid-max, and so on? Regards, Yann E. MORIN. > --- > package/systemd/systemd.mk | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk > index 8c22c08..3bc322c 100644 > --- a/package/systemd/systemd.mk > +++ b/package/systemd/systemd.mk > @@ -40,6 +40,8 @@ SYSTEMD_CONF_OPTS += \ > -Dldconfig=false \ > -Ddefault-dnssec=no \ > -Dtests=false \ > + -Dsystem-uid-max=999 \ > + -Dsystem-gid-max=999 \ > -Dtelinit-path=$(TARGET_DIR)/sbin/telinit \ > -Dkill-path=/usr/bin/kill \ > -Dkmod-path=/usr/bin/kmod \ > -- > 2.8.3 >
On 8.3.2018 18:27, Yann E. MORIN wrote: > Anssi, All, > > On 2018-03-08 16:25 +0200, Anssi Hannula spake thusly: >> systemd meson.build uses values from host /etc/login.defs if >> system-uid-max and system-gid-max build options are not explicitly >> specified. >> >> Avoid that by setting system-uid-max and system-gid-max to 999 which is >> the systemd default if SYSTEM_UID_MAX and SYSTEM_GID_MAX are not set in >> /etc/login.defs. >> >> Signed-off-by: Anssi Hannula <anssi.hannula@bitwise.fi> > Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr> > > Would we need to do something with dynamic-uid-min, dynamic-uid-max, and > so on? I don't think so, for the other uid/gid options the defaults seemed sane and did not depend on the host system. >> --- >> package/systemd/systemd.mk | 2 ++ >> 1 file changed, 2 insertions(+) >> >> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk >> index 8c22c08..3bc322c 100644 >> --- a/package/systemd/systemd.mk >> +++ b/package/systemd/systemd.mk >> @@ -40,6 +40,8 @@ SYSTEMD_CONF_OPTS += \ >> -Dldconfig=false \ >> -Ddefault-dnssec=no \ >> -Dtests=false \ >> + -Dsystem-uid-max=999 \ >> + -Dsystem-gid-max=999 \ >> -Dtelinit-path=$(TARGET_DIR)/sbin/telinit \ >> -Dkill-path=/usr/bin/kill \ >> -Dkmod-path=/usr/bin/kmod \ >> -- >> 2.8.3 >>
>>>>> "Anssi" == Anssi Hannula <anssi.hannula@bitwise.fi> writes: > systemd meson.build uses values from host /etc/login.defs if > system-uid-max and system-gid-max build options are not explicitly > specified. > Avoid that by setting system-uid-max and system-gid-max to 999 which is > the systemd default if SYSTEM_UID_MAX and SYSTEM_GID_MAX are not set in > /etc/login.defs. > Signed-off-by: Anssi Hannula <anssi.hannula@bitwise.fi> Committed, thanks.
>>>>> "Anssi" == Anssi Hannula <anssi.hannula@bitwise.fi> writes: > systemd meson.build uses values from host /etc/login.defs if > system-uid-max and system-gid-max build options are not explicitly > specified. > Avoid that by setting system-uid-max and system-gid-max to 999 which is > the systemd default if SYSTEM_UID_MAX and SYSTEM_GID_MAX are not set in > /etc/login.defs. > Signed-off-by: Anssi Hannula <anssi.hannula@bitwise.fi> Committed to 2018.02.x, thanks.
diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk index 8c22c08..3bc322c 100644 --- a/package/systemd/systemd.mk +++ b/package/systemd/systemd.mk @@ -40,6 +40,8 @@ SYSTEMD_CONF_OPTS += \ -Dldconfig=false \ -Ddefault-dnssec=no \ -Dtests=false \ + -Dsystem-uid-max=999 \ + -Dsystem-gid-max=999 \ -Dtelinit-path=$(TARGET_DIR)/sbin/telinit \ -Dkill-path=/usr/bin/kill \ -Dkmod-path=/usr/bin/kmod \
systemd meson.build uses values from host /etc/login.defs if system-uid-max and system-gid-max build options are not explicitly specified. Avoid that by setting system-uid-max and system-gid-max to 999 which is the systemd default if SYSTEM_UID_MAX and SYSTEM_GID_MAX are not set in /etc/login.defs. Signed-off-by: Anssi Hannula <anssi.hannula@bitwise.fi> --- package/systemd/systemd.mk | 2 ++ 1 file changed, 2 insertions(+)