Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 3 Mar 2021 21:38:46 -0600
From:      Kyle Evans <kevans@freebsd.org>
To:        Kubilay Kocak <koobs@freebsd.org>
Cc:        src-committers <src-committers@freebsd.org>,  "<dev-commits-src-all@freebsd.org>" <dev-commits-src-all@freebsd.org>, dev-commits-src-main@freebsd.org
Subject:   Re: git: 55deb0a5f089 - main - service(8): use an environment more consistent with init(8)
Message-ID:  <CACNAnaE-wht5AbJ8c%2BpuXu4V3meA1tGbhx=YfzZmYJhbdbSeNA@mail.gmail.com>
In-Reply-To: <2c9e447a-d139-fb48-d9b5-85bfae1ff30f@FreeBSD.org>
References:  <202103031828.123ISTI5001652@gitrepo.freebsd.org> <2c9e447a-d139-fb48-d9b5-85bfae1ff30f@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Wed, Mar 3, 2021 at 5:45 PM Kubilay Kocak <koobs@freebsd.org> wrote:
>
> On 4/03/2021 5:28 am, Kyle Evans wrote:
> > The branch main has been updated by kevans:
> >
> > URL: https://cgit.FreeBSD.org/src/commit/?id=55deb0a5f089c8a27cfc1666655b93881c2b47ae
> >
> > commit 55deb0a5f089c8a27cfc1666655b93881c2b47ae
> > Author:     Andrew Gierth <andrew@tao146.riddles.org.uk>
> > AuthorDate: 2021-03-03 18:25:11 +0000
> > Commit:     Kyle Evans <kevans@FreeBSD.org>
> > CommitDate: 2021-03-03 18:25:11 +0000
> >
> >      service(8): use an environment more consistent with init(8)
> >
> >      init(8) sets the "daemon" login class without specifying a pw
> >      entry (so no substitutions are done on the variables). service(8)'s
> >      use of env -L had the effect of specifying root's pw entry, with two
> >      effects: getpwnam and getpwuid are being called, which may not be
> >      entirely safe depending on what nsswitch is up to and what stage of
> >      boot we are at, and substitutions would have been done.
> >
> >      Fix by teaching env(8) to allow -L -/classname to set the class
> >      environment with no pw entry at all specified, and use it in
> >      service(8).
> >
> >      PR:             253959
>
> Is MFC'able to stable/* or might there be backward compatibility issue?

Indeed, I'll be MFC'ing this in some ~days.

Thanks,

Kyle Evans

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CACNAnaE-wht5AbJ8c%2BpuXu4V3meA1tGbhx=YfzZmYJhbdbSeNA>