[pulseaudio-discuss] [PATCH] systemd: disable socket activation for root
Tanu Kaskinen
tanuk at iki.fi
Wed Feb 8 12:36:28 UTC 2017
On Fri, 2017-02-03 at 10:17 -0300, Felipe Sateler wrote:
> On 3 February 2017 at 05:51, Tanu Kaskinen <tanuk at iki.fi> wrote:
> > We disallow autospawning for root, but when using systemd socket
> > activation to start pulseaudio, that replaces the autospawning
> > mechanism, and there was no similar "root protection" in socket
> > activation. This patch disables the socket activation for root.
> >
> > Thanks to Felipe Sateler for coming up with the idea of using
> > ConditionPathIsReadWrite=!/run.
>
> I'm sorry but I'll have to take this back. This check only checks if
> the path is mounted read-write, not if the calling process has the
> necessary permissions.
>
> https://github.com/systemd/systemd/blob/master/src/shared/condition.c#L405
> https://github.com/systemd/systemd/blob/master/src/basic/stat-util.c#L126
>
> :(
Well, that's disappointing (and shame on me - I should have tested the
patch better).
I think using ExecStartPre as Ahmed first suggested is the best
solution. It should do exactly what we want. The admin capability check
can have some corner cases where it does the wrong thing.
--
Tanu
https://www.patreon.com/tanuk
More information about the pulseaudio-discuss
mailing list