Re: [systemd-devel] Github systemd issue 6237

On Mon, Jul 10, 2017 at 4:41 PM, Lennart Poettering wrote: > On Mon, 10.07.17 15:58, Lennart Poettering (lenn...@poettering.net) wrote: > >> On Mon, 10.07.17 15:16, Jan Synacek (jsyna...@redhat.com) wrote: >> >> > On Mon, Jul 10, 2017 at 12:42 PM, Lennart Poettering >> >

Re: [systemd-devel] Github systemd issue 6237

On Mon, 10.07.17 17:45, Zbigniew Jędrzejewski-Szmek (zbys...@in.waw.pl) wrote: > On Mon, Jul 10, 2017 at 06:40:00PM +0200, Lennart Poettering wrote: > > On Mon, 10.07.17 18:36, Lennart Poettering (lenn...@poettering.net) wrote: > > > > > > After all (as other people said) systemd has no such

Re: [systemd-devel] Github systemd issue 6237

On Mon, Jul 10, 2017 at 06:40:00PM +0200, Lennart Poettering wrote: > On Mon, 10.07.17 18:36, Lennart Poettering (lenn...@poettering.net) wrote: > > > > After all (as other people said) systemd has no such requirements > > > itself. It is true that such user names are confusing and > > >

Re: [systemd-devel] Github systemd issue 6237

On Mon, 10.07.17 15:29, Zbigniew Jędrzejewski-Szmek (zbys...@in.waw.pl) wrote: > > On current Fedora, the current regex useradd enforces appears to be > > this: > > > > [a-zA-Z0-9._][a-zA-Z0-9._-]{0,30}[a-zA-Z0-9._-$]? > > > > If I read things correctly at least... (the trailing $ appears

Re: [systemd-devel] Github systemd issue 6237

On Mon, 10.07.17 18:36, Lennart Poettering (lenn...@poettering.net) wrote: > > After all (as other people said) systemd has no such requirements > > itself. It is true that such user names are confusing and > > non-portable, but if the local admin has or wants to have such an > > account for

Re: [systemd-devel] Github systemd issue 6237

On Mon, Jul 10, 2017 at 4:03 PM, Lennart Poettering wrote: > On current Fedora, the current regex useradd enforces appears to be > this: > > [a-zA-Z0-9._][a-zA-Z0-9._-]{0,30}[a-zA-Z0-9._-$]? So, it *does* allow for usernames starting with numbers...

Re: [systemd-devel] Github systemd issue 6237

On Mon, Jul 10, 2017 at 05:03:09PM +0200, Lennart Poettering wrote: > On Mon, 10.07.17 22:23, Michael Chapman (m...@very.puzzling.org) wrote: > > > > Well, it took 3 years or so, until someone noticed the strict rules we > > > enforce. I seriously doubt that naming system users in such unsafe > >

Re: [systemd-devel] Github systemd issue 6237

On Mon, 10.07.17 22:23, Michael Chapman (m...@very.puzzling.org) wrote: > > Well, it took 3 years or so, until someone noticed the strict rules we > > enforce. I seriously doubt that naming system users in such unsafe > > ways is really that wide-spread usage. > > That _could_ be because people

Re: [systemd-devel] Github systemd issue 6237

On Mon, 10.07.17 15:58, Lennart Poettering (lenn...@poettering.net) wrote: > On Mon, 10.07.17 15:16, Jan Synacek (jsyna...@redhat.com) wrote: > > > On Mon, Jul 10, 2017 at 12:42 PM, Lennart Poettering > > wrote: > > > Now, because this is so weakly defined, we hence do

Re: [systemd-devel] Github systemd issue 6237

Am Montag, den 10.07.2017, 12:57 +0200 schrieb Reindl Harald: > > Am 10.07.2017 um 12:55 schrieb Lennart Poettering: > > > > > > The "nobody" user has special semantics on Linux: it's where things > > are mapped to that can't be mapped otherwise. It's used by user > > namspacing, by NFS and

Re: [systemd-devel] Github systemd issue 6237

On Mon, 10.07.17 15:16, Jan Synacek (jsyna...@redhat.com) wrote: > On Mon, Jul 10, 2017 at 12:42 PM, Lennart Poettering > wrote: > > Now, because this is so weakly defined, we hence do not follow POSIX > > rules, but filter out more that might be dangerous. Specifically:

Re: [systemd-devel] Github systemd issue 6237

On Mon, Jul 10, 2017 at 12:42 PM, Lennart Poettering wrote: > Now, because this is so weakly defined, we hence do not follow POSIX > rules, but filter out more that might be dangerous. Specifically: > > 1. We do not permit empty usernames > 2. We don't permit the first

Re: [systemd-devel] Github systemd issue 6237

On Mon, 10 Jul 2017, Lennart Poettering wrote: On Mon, 10.07.17 21:15, Michael Chapman (m...@very.puzzling.org) wrote: Now, I do think that systemd has the duty to complain about any system user names outside of the safe range. Not only for security reasons, but also for portability and

Re: [systemd-devel] Github systemd issue 6237

On Mon, 10.07.17 21:15, Michael Chapman (m...@very.puzzling.org) wrote: > > Now, I do think that systemd has the duty to complain about any system > > user names outside of the safe range. Not only for security reasons, > > but also for portability and compatibility reasons: I think we should > >

Re: [systemd-devel] Github systemd issue 6237

On Mon, 10 Jul 2017, Lennart Poettering wrote: On Thu, 06.07.17 13:21, Michael Chapman (m...@very.puzzling.org) wrote: On Thu, 6 Jul 2017, Zbigniew Jędrzejewski-Szmek wrote: On Thu, Jul 06, 2017 at 01:43:32AM +0200, Reindl Harald wrote: well, it even don't look but pretend it can't while it

Re: [systemd-devel] Github systemd issue 6237

On Mon, 10 Jul 2017, Lennart Poettering wrote: On Thu, 06.07.17 09:36, Michael Chapman (m...@very.puzzling.org) wrote: User=0day fails a syntactic validation, not a semantic validation. systemd never even checks to see whether the user exists when the unit is loaded. And nor should it! The

Re: [systemd-devel] Github systemd issue 6237

Am 10.07.2017 um 12:42 schrieb Lennart Poettering: (I do accept though that it's a valid discussion whether systemd's current behaviour of warning and skipping invalid User= rvalues is the best choice, instead of erroring out completely.) and *that* is the real point of the whole issue - if

Re: [systemd-devel] Github systemd issue 6237

Am 10.07.2017 um 12:55 schrieb Lennart Poettering: On Thu, 06.07.17 10:34, Reindl Harald (h.rei...@thelounge.net) wrote: Am 06.07.2017 um 09:59 schrieb Jonathan de Boyne Pollard: Reindl Harald: > at least fall back to “nobody” Jonathan de Boyne Pollard: > That idea is wrong. > >

Re: [systemd-devel] Github systemd issue 6237

On Thu, 06.07.17 10:34, Reindl Harald (h.rei...@thelounge.net) wrote: > > > Am 06.07.2017 um 09:59 schrieb Jonathan de Boyne Pollard: > > Reindl Harald: > > > at least fall back to “nobody” > > > > Jonathan de Boyne Pollard: > > > That idea is wrong. > > > > > >

Re: [systemd-devel] Github systemd issue 6237

On Thu, 06.07.17 09:36, Michael Chapman (m...@very.puzzling.org) wrote: > User=0day fails a syntactic validation, not a semantic validation. systemd > never even checks to see whether the user exists when the unit is loaded. > And nor should it! The user must be allowed to not exist at unit-load

Re: [systemd-devel] Github systemd issue 6237

On Thu, 06.07.17 13:21, Michael Chapman (m...@very.puzzling.org) wrote: > On Thu, 6 Jul 2017, Zbigniew Jędrzejewski-Szmek wrote: > > On Thu, Jul 06, 2017 at 01:43:32AM +0200, Reindl Harald wrote: > > > well, it even don't look but pretend it can't while it does which is > > > the worst type of

Re: [systemd-devel] Github systemd issue 6237

Am 08.07.2017 um 08:29 schrieb Michael Chapman: On Sat, 8 Jul 2017, Kai Krakow wrote: Am Sat, 8 Jul 2017 08:05:44 +0200 schrieb Kai Krakow : Am Sat, 8 Jul 2017 11:39:02 +1000 (AEST) schrieb Michael Chapman : On Sat, 8 Jul 2017, Kai Krakow

Re: [systemd-devel] Github systemd issue 6237

On Sat, 8 Jul 2017, Kai Krakow wrote: Am Sat, 8 Jul 2017 08:05:44 +0200 schrieb Kai Krakow : Am Sat, 8 Jul 2017 11:39:02 +1000 (AEST) schrieb Michael Chapman : On Sat, 8 Jul 2017, Kai Krakow wrote: [...] The bug here is that a leading number

Re: [systemd-devel] Github systemd issue 6237

Am Sat, 8 Jul 2017 08:05:44 +0200 schrieb Kai Krakow : > Am Sat, 8 Jul 2017 11:39:02 +1000 (AEST) > schrieb Michael Chapman : > > > On Sat, 8 Jul 2017, Kai Krakow wrote: > > [...] > > > The bug here is that a leading number will "convert" to the

Re: [systemd-devel] Github systemd issue 6237

Am Sat, 8 Jul 2017 11:39:02 +1000 (AEST) schrieb Michael Chapman : > On Sat, 8 Jul 2017, Kai Krakow wrote: > [...] > > The bug here is that a leading number will "convert" to the number > > and it actually runs with the UID specified that way: 0day = 0, > > 7days = 7. >

Re: [systemd-devel] Github systemd issue 6237

Am 07.07.2017 um 21:55 schrieb Kai Krakow: Am Tue, 4 Jul 2017 21:23:01 + (UTC) schrieb Alexander Bisogiannis : On Tue, 04 Jul 2017 17:21:01 +, Zbigniew Jędrzejewski-Szmek wrote: If you need root permissions to create a unit, then it's not a security issue. An

Re: [systemd-devel] Github systemd issue 6237

On Sat, 8 Jul 2017, Kai Krakow wrote: [...] The bug here is that a leading number will "convert" to the number and it actually runs with the UID specified that way: 0day = 0, 7days = 7. No, this is not the case. Only all-digit User= values are treated as UIDs.

Re: [systemd-devel] Github systemd issue 6237

Am Tue, 4 Jul 2017 21:23:01 + (UTC) schrieb Alexander Bisogiannis : > On Tue, 04 Jul 2017 17:21:01 +, Zbigniew Jędrzejewski-Szmek wrote: > > > If you need root permissions to create a unit, then it's not a > > security issue. An annoyance at most. > > The fact that

Re: [systemd-devel] Github systemd issue 6237

On Wed, Jul 05, 2017 at 08:10:15PM +1000, Michael Chapman wrote: > On Wed, 5 Jul 2017, Colin Guthrie wrote: > >Reindl Harald wrote on 04/07/17 19:50: > >>>When new configuration options are added, the same unit file can > >>>almost always be used with older systemd, and it'll just warn & ignore >

Re: [systemd-devel] Github systemd issue 6237

Am 06.07.2017 um 09:59 schrieb Jonathan de Boyne Pollard: Reindl Harald: > at least fall back to “nobody” Jonathan de Boyne Pollard: > That idea is wrong. > > https://news.ycombinator.com/item?id=14681377#14682059 Reindl Harald: > better than a stupid [...] Not really, no. It's the

Re: [systemd-devel] Github systemd issue 6237

Reindl Harald: > at least fall back to “nobody” Jonathan de Boyne Pollard: > That idea is wrong. > > https://news.ycombinator.com/item?id=14681377#14682059 Reindl Harald: > better than a stupid [...] Not really, no. It's the same category of error, in fact: substituting an account other than

Re: [systemd-devel] Github systemd issue 6237

Am Mittwoch, den 05.07.2017, 20:10 +1000 schrieb Michael Chapman: > I'm pretty sure you'll find that it does. Specifically, it will fail when > the child process for the command being executed attempts to map the > username to a UID. > > The issue being discussed here is that systemd considers

Re: [systemd-devel] Github systemd issue 6237

On Thu, 6 Jul 2017, Zbigniew Jędrzejewski-Szmek wrote: On Thu, Jul 06, 2017 at 01:43:32AM +0200, Reindl Harald wrote: well, it even don't look but pretend it can't while it does which is the worst type of operations possible - as long as "adduser" of the underlying OS accepts and create

Re: [systemd-devel] Github systemd issue 6237

On Thu, Jul 06, 2017 at 01:43:32AM +0200, Reindl Harald wrote: > > > Am 06.07.2017 um 01:36 schrieb Michael Chapman: > >Note that the semantic validations you're talking about here -- > >things like "does the user exist?" -- are _not_ preemptive. They > >are fatal: the child process will exit

Re: [systemd-devel] Github systemd issue 6237

Am 06.07.2017 um 01:36 schrieb Michael Chapman: Note that the semantic validations you're talking about here -- things like "does the user exist?" -- are _not_ preemptive. They are fatal: the child process will exit unsuccessfully as the command is executed if the settings will not be able

Re: [systemd-devel] Github systemd issue 6237

On Thu, 6 Jul 2017, Felipe Sateler wrote: On Tue, 04 Jul 2017 18:39:15 +, Zbigniew Jędrzejewski-Szmek wrote: Essentially, User=0day is the same as Usre=0day and the same as User="my name is pretty!". I think this is the root of the disagreement. Systemd tries to allow units written for

Re: [systemd-devel] Github systemd issue 6237

Am 05.07.2017 um 20:34 schrieb Jonathan de Boyne Pollard: Reindl Harald: at least fall back to "nobody" That idea is wrong. https://news.ycombinator.com/item?id=14681377#14682059 better than a stupid "i fall back to root because i think i make the rules and not the underlying operating

Re: [systemd-devel] Github systemd issue 6237

Reindl Harald: > > at least fall back to "nobody" > That idea is wrong. https://news.ycombinator.com/item?id=14681377#14682059___ systemd-devel mailing list systemd-devel@lists.freedesktop.org

Re: [systemd-devel] Github systemd issue 6237

On Tue, 04 Jul 2017 18:39:15 +, Zbigniew Jędrzejewski-Szmek wrote: > Essentially, User=0day is the same as Usre=0day and the same as User="my > name is pretty!". I think this is the root of the disagreement. Systemd tries to allow units written for version X to run on versions earlier than

Re: [systemd-devel] Github systemd issue 6237

Am 05.07.2017 um 12:32 schrieb Michael Chapman: In Wed, 5 Jul 2017, Reindl Harald wrote: The issue being discussed here is that systemd considers "0day" to be _syntactically_ invalid for a username. See the valid_user_group_name() function in basic/user-util.c. yes and hence it should

Re: [systemd-devel] Github systemd issue 6237

In Wed, 5 Jul 2017, Reindl Harald wrote: Am 05.07.2017 um 12:10 schrieb Michael Chapman: On Wed, 5 Jul 2017, Colin Guthrie wrote: > Reindl Harald wrote on 04/07/17 19:50: > > > When new configuration options are added, the same unit file can > > > almost always be used with older systemd,

Re: [systemd-devel] Github systemd issue 6237

On Wed, 5 Jul 2017, Colin Guthrie wrote: Reindl Harald wrote on 04/07/17 19:50: When new configuration options are added, the same unit file can almost always be used with older systemd, and it'll just warn & ignore the parts it doesn't understand. Similarly, various configuration options might

Re: [systemd-devel] Github systemd issue 6237

Am 05.07.2017 um 12:10 schrieb Michael Chapman: On Wed, 5 Jul 2017, Colin Guthrie wrote: Reindl Harald wrote on 04/07/17 19:50: When new configuration options are added, the same unit file can almost always be used with older systemd, and it'll just warn & ignore the parts it doesn't

Re: [systemd-devel] Github systemd issue 6237

Reindl Harald wrote on 04/07/17 19:50: >> When new configuration options are added, the same unit file can >> almost always be used with older systemd, and it'll just warn & ignore >> the parts it doesn't understand. Similarly, various configuration >> options might be unavailable on some

Re: [systemd-devel] Github systemd issue 6237

On Tue, 04 Jul 2017 17:21:01 +, Zbigniew Jędrzejewski-Szmek wrote: > If you need root permissions to create a unit, then it's not a security > issue. An annoyance at most. The fact that you need to be root to create a unit file is irrelevant. Systemd is running a service as a different user

Re: [systemd-devel] Github systemd issue 6237

Am 04.07.2017 um 20:39 schrieb Zbigniew Jędrzejewski-Szmek: On Tue, Jul 04, 2017 at 07:36:02PM +0200, Reindl Harald wrote: Am 04.07.2017 um 19:21 schrieb Zbigniew Jędrzejewski-Szmek: My question is: Is this a bug with a BZ against rhel/centos7 (as my understanding is that this affects EL7

Re: [systemd-devel] Github systemd issue 6237

On Tue, Jul 04, 2017 at 07:36:02PM +0200, Reindl Harald wrote: > > > Am 04.07.2017 um 19:21 schrieb Zbigniew Jędrzejewski-Szmek: > >>My question is: > >> > >>Is this a bug with a BZ against rhel/centos7 (as my understanding is that > >>this affects EL7 too)? > >> > >>If there is no BZ and based

Re: [systemd-devel] Github systemd issue 6237

Am 04.07.2017 um 19:21 schrieb Zbigniew Jędrzejewski-Szmek: My question is: Is this a bug with a BZ against rhel/centos7 (as my understanding is that this affects EL7 too)? If there is no BZ and based on the wording of the second to last comment by poettering, will this be fixed/changed in a

Re: [systemd-devel] Github systemd issue 6237

On Tue, Jul 04, 2017 at 04:59:23PM +, Alexander Bisogiannis wrote: > Hi all, > > https://github.com/systemd/systemd/issues/6237 > > Apologies for asking here, but since the discussion is locked in Github I > thought to ask here. > > This was marked as "not a bug", but in later comments the

[systemd-devel] Github systemd issue 6237

Hi all, https://github.com/systemd/systemd/issues/6237 Apologies for asking here, but since the discussion is locked in Github I thought to ask here. This was marked as "not a bug", but in later comments the wording suggests that systemd behaviour will change and if the username in a unit