Comment 6 for bug 1869024
Revision history for this message
| Simon Déziel (sdeziel) wrote Re: [Bug 1869024] Re: add support for DynamicUser feature of systemd | #6 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
On 2020-04-10 1:16 p.m., Jamie Strandboge wrote:
> The abstraction is meant to cover the client, not systemd internal
> specifics. A client simply accessing that DBus API won't need it and a
> client simply accessing those sockets won't need it. It very well might
> be that a profiled application is using some *ctl command from systemd
> that would need it, but in that case said command would need to be added
> to the policy and the boot-id could be added at that time.
I don't know as squid, named and samba (to name a few) generate many
denials trying to read /proc/sys/
are explicitly trying to use the DynamicUser feature. Could it be just a
side effect of how nsswitch.conf is setup by default?
$ grep systemd /etc/nsswitch.conf
passwd: files systemd
group: files systemd
Maybe you'd prefer this to be reported/discussed in a separated LP?
Regards,
Simon