diff options
author | Lennart Poettering <lennart@poettering.net> | 2021-08-30 13:21:55 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2021-08-30 13:37:06 +0200 |
commit | 966f3a246c8c804d8a9c9d393f03c5c3fe0dd393 (patch) | |
tree | 72462bc7b61b2a4f9d3bf9ff7761003da6e89db1 /src | |
parent | 93d2e0b6b0dd91d1a4aa89bfed56b3285a5070cb (diff) | |
download | systemd-966f3a246c8c804d8a9c9d393f03c5c3fe0dd393.tar.gz |
run/mount/systemctl: don't fork off PolicyKit/ask-pw agent when in --user mode
When we are in --user mode there's no point in doing PolicyKit/ask-pw
because both of these systems are only used by system-level services.
Let's disable the two agents for that automaticlly hence.
Prompted by: #20576
Diffstat (limited to 'src')
-rw-r--r-- | src/mount/mount-tool.c | 3 | ||||
-rw-r--r-- | src/run/run.c | 4 | ||||
-rw-r--r-- | src/systemctl/systemctl.c | 5 |
3 files changed, 12 insertions, 0 deletions
diff --git a/src/mount/mount-tool.c b/src/mount/mount-tool.c index b0de83b8d0..8b1cb247e9 100644 --- a/src/mount/mount-tool.c +++ b/src/mount/mount-tool.c @@ -332,6 +332,9 @@ static int parse_argv(int argc, char *argv[]) { assert_not_reached(); } + if (arg_user) + arg_ask_password = false; + if (arg_user && arg_transport != BUS_TRANSPORT_LOCAL) return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Execution in user context is not supported on non-local systems."); diff --git a/src/run/run.c b/src/run/run.c index fb38571228..664153137d 100644 --- a/src/run/run.c +++ b/src/run/run.c @@ -507,6 +507,10 @@ static int parse_argv(int argc, char *argv[]) { assert_not_reached(); } + /* If we are talking to the per-user instance PolicyKit isn't going to help */ + if (arg_user) + arg_ask_password = false; + with_trigger = !!arg_path_property || !!arg_socket_property || arg_with_timer; /* currently, only single trigger (path, socket, timer) unit can be created simultaneously */ diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c index f5ecc1f60f..e2a8aef114 100644 --- a/src/systemctl/systemctl.c +++ b/src/systemctl/systemctl.c @@ -925,6 +925,11 @@ static int systemctl_parse_argv(int argc, char *argv[]) { assert_not_reached(); } + /* If we are in --user mode, there's no point in talking to PolicyKit or the infra to query system + * passwords */ + if (arg_scope != UNIT_FILE_SYSTEM) + arg_ask_password = false; + if (arg_transport == BUS_TRANSPORT_REMOTE && arg_scope != UNIT_FILE_SYSTEM) return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Cannot access user instance remotely."); |