snap: auto-import will not try to auto-create users on managed devices#9293
Closed
mvo5 wants to merge 1 commit intocanonical:masterfrom
Closed
snap: auto-import will not try to auto-create users on managed devices#9293mvo5 wants to merge 1 commit intocanonical:masterfrom
mvo5 wants to merge 1 commit intocanonical:masterfrom
Conversation
The `snap auto-import` code right will always try to create all known system-users when it imports any assertions. However this leads to systemd errors and a degraded boot when a device is already managed and a removable device with a user assertion is attached to the device. This commit changes the auto-import code to only try to create known users if the device is unmanaged. It will still import assertions thought. This fixes https://bugs.launchpad.net/newparis/+bug/1893331
anonymouse64
approved these changes
Sep 14, 2020
Contributor
anonymouse64
left a comment
anonymouse64
left a comment
There was a problem hiding this comment.
LGTM, thanks for this
mvo5
added
the
Needs Samuele review
pedronis
reviewed
Sep 17, 2020
| } | ||
|
|
||
| // only try to create users for unmanaged devices | ||
| isManaged, err := x.isManaged() |
Contributor
There was a problem hiding this comment.
My preference would be to make this a problem of the daemon, by having a new flag option "automatic" in the request. It would also replace for this use case the other current flags we set, that would make it easier to support later as we discussed recently having system-user users that are not sudoers. With the current approach the decision is done here which would be the wrong place then.
Contributor
Author
|
Closing in favor of #9498 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The
snap auto-importcode right will always try to create allknown system-users when it imports any assertions. However this
leads to systemd errors and a degraded boot when a device is already
managed and a removable device with a user assertion is attached
to the device.
This commit changes the auto-import code to only try to create
known users if the device is unmanaged. It will still import
assertions thought.
This fixes https://bugs.launchpad.net/newparis/+bug/1893331