systemd/backport-execute-Fix-migration-from-DynamicUser-yes-to-no.patch

From 578dc69f2a60d6282acc2d06ce8a3bf8a9d8ada0 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Fri, 6 Mar 2020 15:56:28 +0900
Subject: [PATCH 0007/6858] execute: Fix migration from DynamicUser=yes to no

Closes #12131.
Reference: https://github.com/systemd/systemd/pull/15033/commits/578dc69f2a60d6282acc2d06ce8a3bf8a9d8ada0
Conflict: remove the last arguement "NULL" of function "chase_symlinks"
---
 src/core/execute.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/src/core/execute.c b/src/core/execute.c
index 4595bb12dc..46b5c99ada 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -2247,7 +2247,7 @@ static int setup_exec_directory(
 
                         if (type != EXEC_DIRECTORY_CONFIGURATION &&
                             readlink_and_make_absolute(p, &target) >= 0) {
-                                _cleanup_free_ char *q = NULL;
+                                _cleanup_free_ char *q = NULL, *q_resolved = NULL, *target_resolved = NULL;
 
                                 /* This already exists and is a symlink? Interesting. Maybe it's one created
                                  * by DynamicUser=1 (see above)?
@@ -2256,13 +2256,22 @@ static int setup_exec_directory(
                                  * since they all support the private/ symlink logic at least in some
                                  * configurations, see above. */
 
+                                r = chase_symlinks(target, NULL, 0, &target_resolved);
+                                if (r < 0)
+                                        goto fail;
+
                                 q = path_join(params->prefix[type], "private", *rt);
                                 if (!q) {
                                         r = -ENOMEM;
                                         goto fail;
                                 }
 
-                                if (path_equal(q, target)) {
+                                /* /var/lib or friends may be symlinks. So, let's chase them also. */
+                                r = chase_symlinks(q, NULL, CHASE_NONEXISTENT, &q_resolved);
+                                if (r < 0)
+                                        goto fail;
+
+                                if (path_equal(q_resolved, target_resolved)) {
 
                                         /* Hmm, apparently DynamicUser= was once turned on for this service,
                                          * but is no longer. Let's move the directory back up. */
-- 
2.23.0
Fix migration from DynamicUser=yes to no. Signed-off-by: ExtinctFire <shenyining_00@126.com> 2021-06-03 19:08:58 +08:00			`From 578dc69f2a60d6282acc2d06ce8a3bf8a9d8ada0 Mon Sep 17 00:00:00 2001`
			`From: Yu Watanabe <watanabe.yu+github@gmail.com>`
			`Date: Fri, 6 Mar 2020 15:56:28 +0900`
			`Subject: [PATCH 0007/6858] execute: Fix migration from DynamicUser=yes to no`

			`Closes #12131.`
			`Reference: https://github.com/systemd/systemd/pull/15033/commits/578dc69f2a60d6282acc2d06ce8a3bf8a9d8ada0`
			`Conflict: remove the last arguement "NULL" of function "chase_symlinks"`
			`---`
			`src/core/execute.c \| 13 +++++++++++--`
			`1 file changed, 11 insertions(+), 2 deletions(-)`

			`diff --git a/src/core/execute.c b/src/core/execute.c`
			`index 4595bb12dc..46b5c99ada 100644`
			`--- a/src/core/execute.c`
			`+++ b/src/core/execute.c`
			`@@ -2247,7 +2247,7 @@ static int setup_exec_directory(`

			`if (type != EXEC_DIRECTORY_CONFIGURATION &&`
			`readlink_and_make_absolute(p, &target) >= 0) {`
			`- _cleanup_free_ char *q = NULL;`
			`+ _cleanup_free_ char q = NULL, q_resolved = NULL, *target_resolved = NULL;`

			`/* This already exists and is a symlink? Interesting. Maybe it's one created`
			`* by DynamicUser=1 (see above)?`
			`@@ -2256,13 +2256,22 @@ static int setup_exec_directory(`
			`* since they all support the private/ symlink logic at least in some`
			`* configurations, see above. */`

			`+ r = chase_symlinks(target, NULL, 0, &target_resolved);`
			`+ if (r < 0)`
			`+ goto fail;`
			`+`
			`q = path_join(params->prefix[type], "private", *rt);`
			`if (!q) {`
			`r = -ENOMEM;`
			`goto fail;`
			`}`

			`- if (path_equal(q, target)) {`
			`+ /* /var/lib or friends may be symlinks. So, let's chase them also. */`
			`+ r = chase_symlinks(q, NULL, CHASE_NONEXISTENT, &q_resolved);`
			`+ if (r < 0)`
			`+ goto fail;`
			`+`
			`+ if (path_equal(q_resolved, target_resolved)) {`

			`/* Hmm, apparently DynamicUser= was once turned on for this service,`
			`* but is no longer. Let's move the directory back up. */`
			`--`
			`2.23.0`