I am trying to make one of my .service units as secure as possible, and I've come across a seemingly weird behavior when RestrictSUIDSGID=true is set. Namely, the following system call is failing.
openat2(0, "/var/lib/acg/[email protected]", {flags=O_RDONLY, resolve=RESOLVE_NO_SYMLINKS}, 24) = -1 ENOSYS (Function not implemented) (how.mode is set to 0, as required when how.flags does not include O_CREAT or O_TMPFILE.) When RestrictSUIDSGID is not set, this call succeeds. Note that the permissions of the file being opened are 0644, and no part of its path has the SUID of SGID bits set. Any suggestions on what might be going on here or what my program should be doing differently to make this call work would be appreciated. This error is preventing me from setting DynamicUser=true, because it implies RestrictSUIDSGID=true. -- ======================================================================== If your user interface is intuitive in retrospect ... it isn't intuitive ========================================================================
