From cf3f3ffcd0da1ef5512bf4a2dce4e0e1861acbc7 Mon Sep 17 00:00:00 2001 From: Lubomir Rintel Date: Thu, 25 Jan 2018 17:23:14 +0100 Subject: service: set User=root so that gio doesn't have to look into /etc/passwd GVfs' libgvfsdbus.so GIo module, when automatically loaded, attempts to discover if there's a session D-Bus instance to use. It tries real hard to get the socket name it would use -- in absence of XDG_RUNTIME_DIR it decides to make it up with user's home directory. When HOME is unset too, it just tries to figure it out by looking into /etc/passwd. Which upsets SELinux that would better not see us looking into it. We trigger the load of the GIo modules, by using the GFile API to access the the ports in /dev. They're utterly uesless to us, but there doesn't seem to be a way to disable their load. Oh well. For now, let's just ensure HOME is set and the problematic path in glib is not taken. --- data/ModemManager.service.in | 1 + 1 file changed, 1 insertion(+) (limited to 'data') diff --git a/data/ModemManager.service.in b/data/ModemManager.service.in index 47867769..420d22b1 100644 --- a/data/ModemManager.service.in +++ b/data/ModemManager.service.in @@ -13,6 +13,7 @@ ProtectHome=true PrivateTmp=true RestrictAddressFamilies=AF_NETLINK AF_UNIX NoNewPrivileges=true +User=root [Install] WantedBy=multi-user.target -- cgit v1.2.3-70-g09d2