[systemd-devel] systemd-tmpfiles, unsafe path transitions

[Lennart Poettering]

On Mi, 26.03.25 17:51, James Muir (jamesmui) (jamesmui at cisco.com) wrote:

> I am doing dev work on a linux system and I am mounting the root filesystem via NFS to make my work-flow easier.
>
> Unfortunately, the directory I am NFS mounting is not owned by root, and this causes some of the directives processed by the systemd-tmpfiles utility during boot (e.g. in systemd-tmpfiles-setup.service) to fail due to unsafe path transitions:
>
>     Detected unsafe path transition / (owned by <numeric-id>) -> /run (owned by root) during canonicalization of run/log/…
>
> Is there a conf option or an environment variable I can use to disable the unsafe path transition check?

No there is not. It's a security hole what you are doing there...

> Failing that, is there a way I can change the ownership systemd-tmpfiles sees?

Why not just fix the ownership of the root inode? i.e. actually fix
the original problem that causes the message to show?

Lennart

--
Lennart Poettering, Berlin