]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 4449fa2) | patch
systemd: add hostname fallback when polkit is not available
authorLuca Boccassi <luca.boccassi@microsoft.com>
Thu, 18 Feb 2021 18:36:20 +0000 (18:36 +0000)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Fri, 19 Feb 2021 10:59:57 +0000 (10:59 +0000)
commit07a8f1629662d4d66d056d95be3cb9e749242274
treef78bbc19d15156a4a103168a43ecb51a56bb4941tree | snapshot
parent4449fa226e94f7124215c5ead43aadda7967f3afcommit | diff
systemd: add hostname fallback when polkit is not available

When polkit is not available, networkd will not have permissions
to call hostnamed's dbus methods, as it runs without privileges.
To solve this, when building without polkit, make a new PACKAGECONFIG
'polkit_hostnamed_fallback' available which changes hostnamed so that
it runs as the 'systemd-network' user, the same as networkd, so that
the authorization works (and also with CAP_SYS_ADMIN since it loses
root).
Also run it with a separate 'systemd-hostname' group which also owns
the bus, to avoid giving the 'systemd-network' additional privileges.

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-core/systemd/systemd/00-hostnamed-network-user.conf [new file with mode: 0644] blob
meta/recipes-core/systemd/systemd/org.freedesktop.hostname1_no_polkit.conf [new file with mode: 0644] blob
meta/recipes-core/systemd/systemd_247.3.bb diff | blob | history
Mirror of the official openembedded-core repository