network: create runtime sub-directories after drop_privileges()

For old kernels not supporting AmbientCapabilities=, networkd is
started as root with limited capabilities. Then, networkd cannot
chown the directories under runtime directory as
CapabilityBoundingSet= does not contains enough capabilities.
This makes these directories are created after dropping privileges.
Thus, networkd does not need to chown them anymore.

Fixes #7863.

diff --git a/src/network/networkd.c b/src/network/networkd.c
index 9243384..79c15d4 100644 (file)
--- a/src/network/networkd.c
+++ b/src/network/networkd.c
@@ -53,24 +53,13 @@ int main(int argc, char *argv[]) {
                 goto out;
         }
 
-        /* Always create the directories people can create inotify
-         * watches in. */
+        /* Create runtime directory. This is not necessary when networkd is
+         * started with "RuntimeDirectory=systemd/netif", or after
+         * systemd-tmpfiles-setup.service. */
         r = mkdir_safe_label("/run/systemd/netif", 0755, uid, gid, false);
         if (r < 0)
                 log_warning_errno(r, "Could not create runtime directory: %m");
 
-        r = mkdir_safe_label("/run/systemd/netif/links", 0755, uid, gid, false);
-        if (r < 0)
-                log_warning_errno(r, "Could not create runtime directory 'links': %m");
-
-        r = mkdir_safe_label("/run/systemd/netif/leases", 0755, uid, gid, false);
-        if (r < 0)
-                log_warning_errno(r, "Could not create runtime directory 'leases': %m");
-
-        r = mkdir_safe_label("/run/systemd/netif/lldp", 0755, uid, gid, false);
-        if (r < 0)
-                log_warning_errno(r, "Could not create runtime directory 'lldp': %m");
-
         /* Drop privileges, but only if we have been started as root. If we are not running as root we assume all
          * privileges are already dropped. */
         if (geteuid() == 0) {
@@ -83,6 +72,21 @@ int main(int argc, char *argv[]) {
                         goto out;
         }
 
+        /* Always create the directories people can create inotify watches in.
+         * It is necessary to create the following subdirectories after drop_privileges()
+         * to support old kernels not supporting AmbientCapabilities=. */
+        r = mkdir_safe_label("/run/systemd/netif/links", 0755, uid, gid, false);
+        if (r < 0)
+                log_warning_errno(r, "Could not create runtime directory 'links': %m");
+
+        r = mkdir_safe_label("/run/systemd/netif/leases", 0755, uid, gid, false);
+        if (r < 0)
+                log_warning_errno(r, "Could not create runtime directory 'leases': %m");
+
+        r = mkdir_safe_label("/run/systemd/netif/lldp", 0755, uid, gid, false);
+        if (r < 0)
+                log_warning_errno(r, "Could not create runtime directory 'lldp': %m");
+
         assert_se(sigprocmask_many(SIG_BLOCK, NULL, SIGTERM, SIGINT, -1) >= 0);
 
         r = sd_event_default(&event);