review.tizen.org Git - platform/upstream/systemd.git/commit

author	Lennart Poettering <lennart@poettering.net>
	Tue, 17 Jul 2018 09:47:14 +0000 (11:47 +0200)
committer	Lennart Poettering <lennart@poettering.net>
	Wed, 25 Jul 2018 20:48:11 +0000 (22:48 +0200)
commit	5686391b006ee82d8a4559067ad9818e3e631247
tree	2d5bcfcf0838a3abd120bde1a7145acf2492b3b6	tree \| snapshot
parent	ce0d60a7c4e07c5bdfed9f076bd48752287f0777	commit \| diff

core: introduce new Type=exec service type

Users are often surprised that "systemd-run" command lines like
"systemd-run -p User=idontexist /bin/true" will return successfully,
even though the logs show that the process couldn't be invoked, as the
user "idontexist" doesn't exist. This is because Type=simple will only
wait until fork() succeeded before returning start-up success.

This patch adds a new service type Type=exec, which is very similar to
Type=simple, but waits until the child process completed the execve()
before returning success. It uses a pipe that has O_CLOEXEC set for this
logic, so that the kernel automatically sends POLLHUP on it when the
execve() succeeded but leaves the pipe open if not. This means PID 1
waits exactly until the execve() succeeded in the child, and not longer
and not shorter, which is the desired functionality.

Making use of this new functionality, the command line
"systemd-run -p User=idontexist -p Type=exec /bin/true" will now fail,
as expected.

src/core/execute.c		diff \| blob \| history
src/core/execute.h		diff \| blob \| history
src/core/mount.c		diff \| blob \| history
src/core/service.c		diff \| blob \| history
src/core/service.h		diff \| blob \| history
src/core/socket.c		diff \| blob \| history
src/core/swap.c		diff \| blob \| history