Date: Thu, 4 Mar 2021 10:45:11 +1100 From: Kubilay Kocak <koobs@FreeBSD.org> To: Kyle Evans <kevans@FreeBSD.org>, src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: Re: git: 55deb0a5f089 - main - service(8): use an environment more consistent with init(8) Message-ID: <2c9e447a-d139-fb48-d9b5-85bfae1ff30f@FreeBSD.org> In-Reply-To: <202103031828.123ISTI5001652@gitrepo.freebsd.org> References: <202103031828.123ISTI5001652@gitrepo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 4/03/2021 5:28 am, Kyle Evans wrote: > The branch main has been updated by kevans: > > URL: https://cgit.FreeBSD.org/src/commit/?id=55deb0a5f089c8a27cfc1666655b93881c2b47ae > > commit 55deb0a5f089c8a27cfc1666655b93881c2b47ae > Author: Andrew Gierth <andrew@tao146.riddles.org.uk> > AuthorDate: 2021-03-03 18:25:11 +0000 > Commit: Kyle Evans <kevans@FreeBSD.org> > CommitDate: 2021-03-03 18:25:11 +0000 > > service(8): use an environment more consistent with init(8) > > init(8) sets the "daemon" login class without specifying a pw > entry (so no substitutions are done on the variables). service(8)'s > use of env -L had the effect of specifying root's pw entry, with two > effects: getpwnam and getpwuid are being called, which may not be > entirely safe depending on what nsswitch is up to and what stage of > boot we are at, and substitutions would have been done. > > Fix by teaching env(8) to allow -L -/classname to set the class > environment with no pw entry at all specified, and use it in > service(8). > > PR: 253959 Is MFC'able to stable/* or might there be backward compatibility issue?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2c9e447a-d139-fb48-d9b5-85bfae1ff30f>