From 054d9609e1639a725e9a29af086c1585bacc43ff Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>

Date: Thu, 6 Aug 2015 21:34:15 -0400

Subject: [PATCH] manager: put bin before sbin for user instances

Traditionally, user logins had a $PATH in which /bin was before /sbin, while

root logins had a $PATH with /sbin first. This allows the tricks that

consolehelper is doing to work. But even if we ignore consolehelper, having the

path in this order might have been used by admins for other purposes, and

keeping the order in user sessions will make it easier the adoption of systemd

user sessions a bit easier.

Fixes #733.

https://bugzilla.redhat.com/show_bug.cgi?id=1744059

OOM handling in manager_default_environment wasn't really correct.

Now the (theorertical) malloc failure in strv_new() is handled.

Please note that this has no effect on:

- systems with merged /bin-/sbin (e.g. arch)

- when there are no binaries that differ between the two locations.

  E.g. on my F30 laptop there is exactly one program that is affected:

  /usr/bin/setup -> consolehelper.

  There is less and less stuff that relies on consolehelper, but there's still

  some.

So for "clean" systems this makes no difference, but helps with legacy setups.

$ dnf repoquery --releasever=31 --qf %{name} --whatrequires usermode

anaconda-live

audit-viewer

beesu

chkrootkit

driftnet

drobo-utils-gui

hddtemp

mate-system-log

mock

pure-ftpd

setuptool

subscription-manager

system-config-httpd

system-config-rootpassword

system-switch-java

system-switch-mail

usermode-gtk

vpnc-consoleuser

wifi-radar

xawtv

---

 man/systemd.exec.xml  | 35 +++++++++++++++++++++--------------

 src/basic/path-util.h |  8 ++++++++

 src/core/manager.c    | 23 +++++++++++++++++++----

 3 files changed, 48 insertions(+), 18 deletions(-)

diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml

index fbbfd4f5146..5cb83afa578 100644

--- a/man/systemd.exec.xml

+++ b/man/systemd.exec.xml

@@ -2152,16 +2152,17 @@ StandardInputData=SWNrIHNpdHplIGRhIHVuJyBlc3NlIEtsb3BzLAp1ZmYgZWVtYWwga2xvcHAncy

       <varlistentry>

         <term><varname>LogExtraFields=</varname></term>

-        <listitem><para>Configures additional log metadata fields to include in all log records generated by processes

-        associated with this unit. This setting takes one or more journal field assignments in the format

-        <literal>FIELD=VALUE</literal> separated by whitespace. See

-        <citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry> for

-        details on the journal field concept. Even though the underlying journal implementation permits binary field

-        values, this setting accepts only valid UTF-8 values. To include space characters in a journal field value,

-        enclose the assignment in double quotes ("). The usual specifiers are expanded in all assignments (see

-        below). Note that this setting is not only useful for attaching additional metadata to log records of a unit,

-        but given that all fields and values are indexed may also be used to implement cross-unit log record

-        matching. Assign an empty string to reset the list.</para></listitem>

+        <listitem><para>Configures additional log metadata fields to include in all log records generated by

+        processes associated with this unit. This setting takes one or more journal field assignments in the

+        format <literal>FIELD=VALUE</literal> separated by whitespace. See

+        <citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry>

+        for details on the journal field concept. Even though the underlying journal implementation permits

+        binary field values, this setting accepts only valid UTF-8 values. To include space characters in a

+        journal field value, enclose the assignment in double quotes ("). 

+        The usual specifiers are expanded in all assignments (see below). Note that this setting is not only

+        useful for attaching additional metadata to log records of a unit, but given that all fields and

+        values are indexed may also be used to implement cross-unit log record matching. Assign an empty

+        string to reset the list.</para></listitem>

       </varlistentry>

       <varlistentry>

@@ -2355,10 +2356,16 @@ StandardInputData=SWNrIHNpdHplIGRhIHVuJyBlc3NlIEtsb3BzLAp1ZmYgZWVtYWwga2xvcHAncy

       <varlistentry>

         <term><varname>$PATH</varname></term>

-        <listitem><para>Colon-separated list of directories to use

-        when launching executables. systemd uses a fixed value of

-        <filename>/usr/local/sbin</filename>:<filename>/usr/local/bin</filename>:<filename>/usr/sbin</filename>:<filename>/usr/bin</filename>:<filename>/sbin</filename>:<filename>/bin</filename>.

-        </para></listitem>

+        <listitem><para>Colon-separated list of directories to use when launching

+        executables. <command>systemd</command> uses a fixed value of

+        <literal><filename>/usr/local/sbin</filename>:<filename>/usr/local/bin</filename>:<filename>/usr/sbin</filename>:<filename>/usr/bin</filename></literal>

+        in the system manager. When compiled for systems with "unmerged /usr" (<filename>/bin</filename> is

+        not a symlink to <filename>/usr/bin</filename>),

+        <literal>:<filename>/sbin</filename>:<filename>/bin</filename></literal> is appended. In case of the

+        the user manager, each <filename>bin/</filename> and <filename>sbin/</filename> pair is switched, so

+        that programs from <filename>/usr/bin</filename> have higher priority than programs from

+        <filename>/usr/sbin</filename>, etc. It is recommended to not rely on this in any way, and have only

+        one program with a given name in <varname>$PATH</varname>.</para></listitem>

       </varlistentry>

       <varlistentry>

diff --git a/src/basic/path-util.h b/src/basic/path-util.h

index 1f46cd65c96..71fb7041a3c 100644

--- a/src/basic/path-util.h

+++ b/src/basic/path-util.h

@@ -11,30 +11,38 @@

 #include "time-util.h"

 #define PATH_SPLIT_SBIN_BIN(x) x "sbin:" x "bin"

+#define PATH_SPLIT_BIN_SBIN(x) x "bin:" x "sbin"

 #define PATH_SPLIT_SBIN_BIN_NULSTR(x) x "sbin\0" x "bin\0"

 #define PATH_NORMAL_SBIN_BIN(x) x "bin"

+#define PATH_NORMAL_BIN_SBIN(x) x "bin"

 #define PATH_NORMAL_SBIN_BIN_NULSTR(x) x "bin\0"

 #if HAVE_SPLIT_BIN

 #  define PATH_SBIN_BIN(x) PATH_SPLIT_SBIN_BIN(x)

+#  define PATH_BIN_SBIN(x) PATH_SPLIT_BIN_SBIN(x)

 #  define PATH_SBIN_BIN_NULSTR(x) PATH_SPLIT_SBIN_BIN_NULSTR(x)

 #else

 #  define PATH_SBIN_BIN(x) PATH_NORMAL_SBIN_BIN(x)

+#  define PATH_BIN_SBIN(x) PATH_NORMAL_BIN_SBIN(x)

 #  define PATH_SBIN_BIN_NULSTR(x) PATH_NORMAL_SBIN_BIN_NULSTR(x)

 #endif

 #define DEFAULT_PATH_NORMAL PATH_SBIN_BIN("/usr/local/") ":" PATH_SBIN_BIN("/usr/")

+#define DEFAULT_USER_PATH_NORMAL PATH_BIN_SBIN("/usr/local/") ":" PATH_BIN_SBIN("/usr/")

 #define DEFAULT_PATH_NORMAL_NULSTR PATH_SBIN_BIN_NULSTR("/usr/local/") PATH_SBIN_BIN_NULSTR("/usr/")

 #define DEFAULT_PATH_SPLIT_USR DEFAULT_PATH_NORMAL ":" PATH_SBIN_BIN("/")

+#define DEFAULT_USER_PATH_SPLIT_USR DEFAULT_PATH_NORMAL ":" PATH_BIN_SBIN("/")

 #define DEFAULT_PATH_SPLIT_USR_NULSTR DEFAULT_PATH_NORMAL_NULSTR PATH_SBIN_BIN_NULSTR("/")

 #define DEFAULT_PATH_COMPAT PATH_SPLIT_SBIN_BIN("/usr/local/") ":" PATH_SPLIT_SBIN_BIN("/usr/") ":" PATH_SPLIT_SBIN_BIN("/")

 #if HAVE_SPLIT_USR

 #  define DEFAULT_PATH DEFAULT_PATH_SPLIT_USR

+#  define DEFAULT_USER_PATH DEFAULT_USER_PATH_SPLIT_USR

 #  define DEFAULT_PATH_NULSTR DEFAULT_PATH_SPLIT_USR_NULSTR

 #else

 #  define DEFAULT_PATH DEFAULT_PATH_NORMAL

+#  define DEFAULT_USER_PATH DEFAULT_USER_PATH_NORMAL

 #  define DEFAULT_PATH_NULSTR DEFAULT_PATH_NORMAL_NULSTR

 #endif

diff --git a/src/core/manager.c b/src/core/manager.c

index 8d691a19c3d..91a601e8fd8 100644

--- a/src/core/manager.c

+++ b/src/core/manager.c

@@ -603,6 +603,8 @@ static char** sanitize_environment(char **l) {

 }

 int manager_default_environment(Manager *m) {

+        int r;

+

         assert(m);

         m->transient_environment = strv_free(m->transient_environment);

@@ -616,16 +618,29 @@ int manager_default_environment(Manager *m) {

                  * /proc/self/environ valid; it is used for tagging

                  * the init process inside containers. */

                 m->transient_environment = strv_new("PATH=" DEFAULT_PATH);

+                if (!m->transient_environment)

+                        return log_oom();

                 /* Import locale variables LC_*= from configuration */

                 (void) locale_setup(&m->transient_environment);

-        } else

+        } else {

+                _cleanup_free_ char *k = NULL;

+

                 /* The user manager passes its own environment

-                 * along to its children. */

+                 * along to its children, except for $PATH. */

                 m->transient_environment = strv_copy(environ);

+                if (!m->transient_environment)

+                        return log_oom();

-        if (!m->transient_environment)

-                return log_oom();

+                k = strdup("PATH=" DEFAULT_USER_PATH);

+                if (!k)

+                        return log_oom();

+

+                r = strv_env_replace(&m->transient_environment, k);

+                if (r < 0)

+                        return log_oom();

+                TAKE_PTR(k);

+        }

         sanitize_environment(m->transient_environment);