From owner-dev-commits-src-all@freebsd.org Thu Mar 4 03:38:58 2021 Return-Path: Delivered-To: dev-commits-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4E2FA55FF68; Thu, 4 Mar 2021 03:38:58 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Drc6V1bTyz4ZjS; Thu, 4 Mar 2021 03:38:58 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: from mail-qt1-f178.google.com (mail-qt1-f178.google.com [209.85.160.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) (Authenticated sender: kevans) by smtp.freebsd.org (Postfix) with ESMTPSA id 2477B286EF; Thu, 4 Mar 2021 03:38:58 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: by mail-qt1-f178.google.com with SMTP id v64so19429469qtd.5; Wed, 03 Mar 2021 19:38:58 -0800 (PST) X-Gm-Message-State: AOAM533FFE/HVOKWIQe9R8ik8xeCeSCgzQ/N1F9RpJ6wPTOFm6C2go/b pVj3luheiAx/6/u83fqB7nGT6+KrCd1at8rieio= X-Google-Smtp-Source: ABdhPJzjikhqxAksAvydvS9msgBM+4lmV+U+O/Y2iSQ7tRoeV+tnz3tY91n2ppK/IgwYjBwn6UKFffFPQCjW9FdJobo= X-Received: by 2002:ac8:5bcb:: with SMTP id b11mr2414038qtb.310.1614829137449; Wed, 03 Mar 2021 19:38:57 -0800 (PST) MIME-Version: 1.0 References: <202103031828.123ISTI5001652@gitrepo.freebsd.org> <2c9e447a-d139-fb48-d9b5-85bfae1ff30f@FreeBSD.org> In-Reply-To: <2c9e447a-d139-fb48-d9b5-85bfae1ff30f@FreeBSD.org> From: Kyle Evans Date: Wed, 3 Mar 2021 21:38:46 -0600 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: git: 55deb0a5f089 - main - service(8): use an environment more consistent with init(8) To: Kubilay Kocak Cc: src-committers , "" , dev-commits-src-main@freebsd.org Content-Type: text/plain; charset="UTF-8" X-BeenThere: dev-commits-src-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commit messages for all branches of the src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Mar 2021 03:38:58 -0000 On Wed, Mar 3, 2021 at 5:45 PM Kubilay Kocak wrote: > > On 4/03/2021 5:28 am, Kyle Evans wrote: > > The branch main has been updated by kevans: > > > > URL: https://cgit.FreeBSD.org/src/commit/?id=55deb0a5f089c8a27cfc1666655b93881c2b47ae > > > > commit 55deb0a5f089c8a27cfc1666655b93881c2b47ae > > Author: Andrew Gierth > > AuthorDate: 2021-03-03 18:25:11 +0000 > > Commit: Kyle Evans > > CommitDate: 2021-03-03 18:25:11 +0000 > > > > service(8): use an environment more consistent with init(8) > > > > init(8) sets the "daemon" login class without specifying a pw > > entry (so no substitutions are done on the variables). service(8)'s > > use of env -L had the effect of specifying root's pw entry, with two > > effects: getpwnam and getpwuid are being called, which may not be > > entirely safe depending on what nsswitch is up to and what stage of > > boot we are at, and substitutions would have been done. > > > > Fix by teaching env(8) to allow -L -/classname to set the class > > environment with no pw entry at all specified, and use it in > > service(8). > > > > PR: 253959 > > Is MFC'able to stable/* or might there be backward compatibility issue? Indeed, I'll be MFC'ing this in some ~days. Thanks, Kyle Evans