Re: systemd fails to parse user that should run service

[Simon McVittie <smcv () debian org>]

On Thu, 06 Jul 2017 at 00:02:58 +0200, Kristian Fiskerstrand wrote:
> On 07/05/2017 11:58 PM, Simon McVittie wrote:
> > systemd does have a (public, and publically-archived) mailing list, which
> > has a current thread on the subject of this issue.
> >
> > In particular the mail in that thread from Felipe Sateler, and some of
> > the discussion on the upstream bug, touches on reasons why neither
> > "if anything is not as expected, reject the whole unit" nor the current
> > behaviour is right. I suspect the resolution is likely to be something
> > in between.
>
> It would be useful with a reference to the thread in question so this
> can be further looked into.

The systemd mailing list is indexed by major search engines. I
deliberately didn't provide a link, in the hope that a small barrier to
entry will lead to fewer responses reiterating what has already been said,
and a correspondingly greater chance of a response not getting lost in
the noise from someone who has read the context and will propose a
patch that achieves the desired result without breaking intended
functionality (in particular "graceful degradation" when units released
in upstream projects are interpreted by an older systemd, so that
upstreams can opt-in to new security hardening flags without making their
software inoperable in currently-deployed systemd versions).

Of course, if I was an exemplary open source developer I would have been
spending my free time on writing that patch instead of getting drawn into
conversations on oss-security, so perhaps this is partially my fault now.

    S