git: 55deb0a5f089 - main - service(8): use an environment more consistent with init(8)
Kyle Evans
kevans at freebsd.org
Thu Mar 4 03:38:58 UTC 2021
On Wed, Mar 3, 2021 at 5:45 PM Kubilay Kocak <koobs at freebsd.org> wrote:
>
> On 4/03/2021 5:28 am, Kyle Evans wrote:
> > The branch main has been updated by kevans:
> >
> > URL: https://cgit.FreeBSD.org/src/commit/?id=55deb0a5f089c8a27cfc1666655b93881c2b47ae
> >
> > commit 55deb0a5f089c8a27cfc1666655b93881c2b47ae
> > Author: Andrew Gierth <andrew at tao146.riddles.org.uk>
> > AuthorDate: 2021-03-03 18:25:11 +0000
> > Commit: Kyle Evans <kevans at FreeBSD.org>
> > CommitDate: 2021-03-03 18:25:11 +0000
> >
> > service(8): use an environment more consistent with init(8)
> >
> > init(8) sets the "daemon" login class without specifying a pw
> > entry (so no substitutions are done on the variables). service(8)'s
> > use of env -L had the effect of specifying root's pw entry, with two
> > effects: getpwnam and getpwuid are being called, which may not be
> > entirely safe depending on what nsswitch is up to and what stage of
> > boot we are at, and substitutions would have been done.
> >
> > Fix by teaching env(8) to allow -L -/classname to set the class
> > environment with no pw entry at all specified, and use it in
> > service(8).
> >
> > PR: 253959
>
> Is MFC'able to stable/* or might there be backward compatibility issue?
Indeed, I'll be MFC'ing this in some ~days.
Thanks,
Kyle Evans
More information about the dev-commits-src-all
mailing list