On Wed, 5 Jul 2017, Colin Guthrie wrote:
Reindl Harald wrote on 04/07/17 19:50:
When new configuration options are added, the same unit file can
almost always be used with older systemd, and it'll just warn & ignore
the parts it doesn't understand. Similarly, various configuration
options might be unavailable on some architectures and with some
compilation options. The current behaviour of warn&ignore provides
for "soft degradation" in those cases.
frankly a new option on the left side is a completly different thing
than a invalid value - just silently continue with invalid values of
existing options is playing a danergous game in a crucial component like
systemd
It's a rare thing :p but I have to agree with you here!
I'd say if "User=-notauser" then silently failing and using root is
acceptable as per the usual semantics of "- prefix suppresses errors",
but "User=notauser" should fail IMO.
I'm pretty sure you'll find that it does. Specifically, it will fail when
the child process for the command being executed attempts to map the
username to a UID.
The issue being discussed here is that systemd considers "0day" to be
_syntactically_ invalid for a username. See the valid_user_group_name()
function in basic/user-util.c.
(In my opinion, we shouldn't be this restrictive. POSIX permits usernames
that start with a digit, and just because certain other utilities can't
deal with them doesn't mean systemd need forbid them.)
So the directive fails the syntactic check for User=, just like
Zbigniew's example of User="my name is pretty!".
I do think we ought to have a list of "critical" directives, such that any
syntactic error in those directives causes the unit load state to be
"error". For better or worse, people simply don't look at logs, so
they'll never notice that important directives in their units are being
ignored.
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel
