[systemd-devel] Github systemd issue 6237

Reindl Harald h.reindl at thelounge.net
Wed Jul 5 10:17:33 UTC 2017 


Am 05.07.2017 um 12:10 schrieb Michael Chapman:
> On Wed, 5 Jul 2017, Colin Guthrie wrote:
>> Reindl Harald wrote on 04/07/17 19:50:
>>>> When new configuration options are added, the same unit file can
>>>> almost always be used with older systemd, and it'll just warn & ignore
>>>> the parts it doesn't understand. Similarly, various configuration
>>>> options might be unavailable on some architectures and with some
>>>> compilation options. The current behaviour of warn&ignore provides
>>>> for "soft degradation" in those cases.
>>>
>>> frankly a new option on the left side is a completly different thing
>>> than a invalid value - just silently continue with invalid values of
>>> existing options is playing a danergous game in a crucial component like
>>> systemd
>>
>> It's a rare thing :p but I have to agree with you here!
>>
>> I'd say if "User=-notauser" then silently failing and using root is
>> acceptable as per the usual semantics of "- prefix suppresses errors",
>> but "User=notauser" should fail IMO.
> 
> I'm pretty sure you'll find that it does. Specifically, it will fail 
> when the child process for the command being executed attempts to map 
> the username to a UID.
> 
> The issue being discussed here is that systemd considers "0day" to be 
> _syntactically_ invalid for a username. See the valid_user_group_name() 
> function in basic/user-util.c.

yes and hence it should FAIL the service and not behave silently like 
the left side of a param is unknown on a older version - a invalid VALUE 
in a config has to fail until it's makred with a dash to silent be 
ignored in case of errors

> (In my opinion, we shouldn't be this restrictive. POSIX permits 
> usernames that start with a digit, and just because certain other 
> utilities can't deal with them doesn't mean systemd need forbid them.)

that whole check is by all respect nonsense - if the user *exists* in 
the system you can't pretend it's invalid - if it would be invalid it 
could not have been created to begin with

> So the directive fails the syntactic check for User=, just like 
> Zbigniew's example of User="my name is pretty!".
> 
> I do think we ought to have a list of "critical" directives, such that 
> any syntactic error in those directives causes the unit load state to be 
> "error". For better or worse, people simply don't look at logs, so 
> they'll never notice that important directives in their units are being 
> ignored

and that is the problem - at least fall back to "nobody" but for the 
sake of god not to root

More information about the systemd-devel mailing list