util: Drop spawn_with_login_uid function (!94) · Merge requests · accountsservice / accountsservice

Ray Strode requested to merge no-more-loginuid-spoofing into main Mar 28, 2022

accountsservice will try to run commands under the loginuid of the caller that initiates a command. This gives a better trail in the audit log of who is doing what.

Many systems now use CONFIG_AUDIT_LOGINUID_IMMUTABLE, though, making loginuid spoofing not even possible.

Furthermore, some versions of systemd seem to be failing to handle putting /proc/self/loginuid in the ReadWritePaths list failing with an error:

Failed to mount /run/systemd/unit-root/proc/844/loginuid to /run/systemd/unit-root/proc/844/loginuid: Permission denied accounts-daemon.service: Failed to set up mount namespacing: /run/systemd/unit-root/proc/844/loginuid: Permission denied accounts-daemon.service: Failed at step NAMESPACE spawning /usr/libexec/accounts-daemon: Permission denied

This commit drops all mentions of loginuid to workaround that error.

Closes: #102 (closed)

util: Drop spawn_with_login_uid function

Merge request reports