[systemd-devel] [ANNOUNCE] systemd v229
Dave Reisner
d at falconindy.com
Fri Feb 12 01:09:03 UTC 2016
On Thu, Feb 11, 2016 at 10:26:51PM +0100, Reindl Harald wrote:
>
> Am 11.02.2016 um 22:19 schrieb Dave Reisner:
> >On Thu, Feb 11, 2016 at 05:50:08PM +0100, Lennart Poettering wrote:
> >>I just tagged the v229 release of systemd. Enjoy!
> >>
> >>CHANGES WITH 229:
> >>
> >><snip>
> >>
> >> * When the stacktrace is extracted from processes of system users, this
> >> is now done as "systemd-coredump" user, in order to sandbox this
> >> potentially security sensitive parsing operation. (Note that when
> >> processing coredumps of normal users this is done under the user ID
> >> of process that crashed, as before.) Packagers should take notice
> >> that it is now necessary to create the "systemd-coredump" system user
> >> and group at package installation time.
> >>
> >
> >Why is it left to downstream to create this user? What makes it
> >different from the other 4 users which systemd already creates?
>
> systemd don't create any user. nowhere, rpm-scritrs downstream does
You're mistaken. See /usr/lib/sysusers.d/{basic,systemd,systemd-remote}.conf and
systemd-sysusers(8). The curious absence of systemd-coredump from
sysusers.d/systemd.conf is what I'm asking about here.
More information about the systemd-devel
mailing list