[systemd-devel] [ANNOUNCE] systemd v229

Dave Reisner d at falconindy.com
Fri Feb 12 01:09:03 UTC 2016


On Thu, Feb 11, 2016 at 10:26:51PM +0100, Reindl Harald wrote:
> 
> Am 11.02.2016 um 22:19 schrieb Dave Reisner:
> >On Thu, Feb 11, 2016 at 05:50:08PM +0100, Lennart Poettering wrote:
> >>I just tagged the v229 release of systemd. Enjoy!
> >>
> >>CHANGES WITH 229:
> >>
> >><snip>
> >>
> >>         * When the stacktrace is extracted from processes of system users, this
> >>           is now done as "systemd-coredump" user, in order to sandbox this
> >>           potentially security sensitive parsing operation. (Note that when
> >>           processing coredumps of normal users this is done under the user ID
> >>           of process that crashed, as before.) Packagers should take notice
> >>           that it is now necessary to create the "systemd-coredump" system user
> >>           and group at package installation time.
> >>
> >
> >Why is it left to downstream to create this user? What makes it
> >different from the other 4 users which systemd already creates?
> 
> systemd don't create any user. nowhere, rpm-scritrs downstream does

You're mistaken. See /usr/lib/sysusers.d/{basic,systemd,systemd-remote}.conf and
systemd-sysusers(8). The curious absence of systemd-coredump from
sysusers.d/systemd.conf is what I'm asking about here.


More information about the systemd-devel mailing list