2025-09-22 21:34:46 +02:00
7 changed files with 5 additions and 44 deletions
--- a/man/org.freedesktop.machine1.xml
+++ b/man/org.freedesktop.machine1.xml
@ -336,8 +336,7 @@ node /org/freedesktop/machine1 {
      be either <literal>container</literal> or <literal>vm</literal> indicating whether the machine to
      register is of the respective class. The leader PID should be the host PID of the init process of the
      container or the encapsulating process of the VM. If the root directory of the container is known and
-      available in the host's hierarchy, it should be passed (note that this is for informational purposes
-      only, and will not be used otherwise). Otherwise, pass the empty string instead. Finally, the
+      available in the host's hierarchy, it should be passed. Otherwise, pass the empty string instead. Finally, the
      scope properties are passed as array in the same way as to PID1's
      <function>StartTransientUnit()</function> method. Calling this method will internally register a transient scope
      unit for the calling client (utilizing the passed scope_properties) and move the leader PID into
--- a/mkosi/mkosi.conf.d/opensuse/mkosi.conf
+++ b/mkosi/mkosi.conf.d/opensuse/mkosi.conf
@ -28,7 +28,6 @@ VolatilePackages=
        systemd-resolved
        systemd-sysvcompat
        systemd-testsuite
-        systemd-ukify
        udev

 # We install gawk, gzip, grep, xz, sed, rsync and docbook-xsl-stylesheets here explicitly so that the busybox
--- a/mkosi/mkosi.conf.d/opensuse/mkosi.conf.d/pkgenv.conf
+++ b/mkosi/mkosi.conf.d/opensuse/mkosi.conf.d/pkgenv.conf
@ -5,5 +5,5 @@ Environment=
        GIT_URL=https://github.com/bmwiedemann/openSUSE
        GIT_SUBDIR=packages/s/systemd
        GIT_BRANCH=master
-        GIT_COMMIT=7d9cf5c934705c175766eaa688baa503da84e06a
+        GIT_COMMIT=2dc224ae5d446e928519315f4d46f76d1e34b8a8
        PKG_SUBDIR=opensuse
--- a/src/machine/machine-varlink.c
+++ b/src/machine/machine-varlink.c
@ -15,7 +15,6 @@
 #include "machine-varlink.h"
 #include "machined.h"
 #include "mount-util.h"
-#include "namespace-util.h"
 #include "operation.h"
 #include "pidref.h"
 #include "socket-util.h"
@ -137,7 +136,7 @@ int vl_method_register(sd_varlink *link, sd_json_variant *parameters, sd_varlink
                { "leaderProcessId",     SD_JSON_VARIANT_OBJECT,        machine_pidref,           offsetof(Machine, leader),               SD_JSON_STRICT    },
                { "supervisor",          _SD_JSON_VARIANT_TYPE_INVALID, machine_pidref,           offsetof(Machine, supervisor),           SD_JSON_STRICT    },
                { "supervisorProcessId", SD_JSON_VARIANT_OBJECT,        machine_pidref,           offsetof(Machine, supervisor),           SD_JSON_STRICT    },
-                { "rootDirectory",       SD_JSON_VARIANT_STRING,        json_dispatch_path,       offsetof(Machine, root_directory),       SD_JSON_STRICT    },
+                { "rootDirectory",       SD_JSON_VARIANT_STRING,        json_dispatch_path,       offsetof(Machine, root_directory),       0                 },
                { "ifIndices",           SD_JSON_VARIANT_ARRAY,         machine_ifindices,        0,                                       0                 },
                { "vSockCid",            _SD_JSON_VARIANT_TYPE_INVALID, machine_cid,              offsetof(Machine, vsock_cid),            0                 },
                { "sshAddress",          SD_JSON_VARIANT_STRING,        sd_json_dispatch_string,  offsetof(Machine, ssh_address),          SD_JSON_STRICT    },
@ -187,15 +186,6 @@ int vl_method_register(sd_varlink *link, sd_json_variant *parameters, sd_varlink
        if (r < 0)
                return r;

-        /* Ensure an unprivileged user cannot claim any process they don't control as their own machine */
-        if (machine->uid != 0) {
-                r = process_is_owned_by_uid(&machine->leader, machine->uid);
-                if (r < 0)
-                        return r;
-                if (r == 0)
-                        return sd_varlink_error(link, SD_VARLINK_ERROR_PERMISSION_DENIED, NULL);
-        }
-
        r = machine_link(manager, machine);
        if (r == -EEXIST)
                return sd_varlink_error(link, VARLINK_ERROR_MACHINE_EXISTS, NULL);
--- a/src/machine/machine.h
+++ b/src/machine/machine.h
@ -45,8 +45,6 @@ typedef struct Machine {

        char *state_file;
        char *service;
-        /* Note that the root directory is accepted as-is from the caller, including unprivileged users, so
-         * do not use it for anything but informational purposes. */
        char *root_directory;

        char *unit;
--- a/src/machine/machined-dbus.c
+++ b/src/machine/machined-dbus.c
@ -29,7 +29,6 @@
 #include "machine-dbus.h"
 #include "machine-pool.h"
 #include "machined.h"
-#include "namespace-util.h"
 #include "operation.h"
 #include "os-util.h"
 #include "path-util.h"
@ -322,15 +321,6 @@ static int method_create_or_register_machine(
        if (r < 0)
                return r;

-        /* Ensure an unprivileged user cannot claim any process they don't control as their own machine */
-        if (uid != 0) {
-                r = process_is_owned_by_uid(&leader_pidref, uid);
-                if (r < 0)
-                        return r;
-                if (r == 0)
-                        return sd_bus_error_set(error, SD_BUS_ERROR_ACCESS_DENIED, "Only root may register machines for other users");
-        }
-
        const char *details[] = {
                "name",  name,
                "class", machine_class_to_string(c),
--- a/test/units/TEST-13-NSPAWN.unpriv.sh
+++ b/test/units/TEST-13-NSPAWN.unpriv.sh
@ -15,7 +15,7 @@ fi
 at_exit() {
    rm -rf /home/testuser/.local/state/machines/zurps ||:
    machinectl terminate zurps ||:
-    rm -f /etc/polkit-1/rules.d/registermachinetest.rules
+    rm -f /usr/share/polkit-1/rules.d/registermachinetest.rules
 }

 trap at_exit EXIT
@ -33,8 +33,7 @@ systemd-dissect --shift /home/testuser/.local/state/machines/zurps foreign

 # Install a PK rule that allows 'testuser' user to register a machine even
 # though they are not on an fg console, just for testing
-mkdir -p /etc/polkit-1/rules.d
-cat >/etc/polkit-1/rules.d/registermachinetest.rules <<'EOF'
+cat >/usr/share/polkit-1/rules.d/registermachinetest.rules <<'EOF'
 polkit.addRule(function(action, subject) {
    if (action.id == "org.freedesktop.machine1.register-machine" &&
        subject.user == "testuser") {
@ -55,18 +54,4 @@ machinectl terminate zurps

 (! run0 -u testuser systemctl is-active --user systemd-nspawn@zurps.service)

-(! run0 -u testuser \
-    busctl call \
-        org.freedesktop.machine1 \
-        /org/freedesktop/machine1 \
-        org.freedesktop.machine1.Manager \
-        RegisterMachine \
-        'sayssus' \
-        shouldnotwork1 \
-        16 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 \
-        "" \
-        container \
-        "$(systemctl show -p MainPID --value systemd-logind.service)" \
-        "$PWD")
-
 loginctl disable-linger testuser