llmnrd icon indicating copy to clipboard operation
llmnrd copied to clipboard
verified publisher icon tklauser

llmnrd: consider starting as non-root by default in systemd service example

Open andhe opened this issue 9 years ago • 3 comments

Hi.

Not very familiar with llmnrd right now, but reading #4 makes me think llmnrd does not need to (or even should not?) be started as root. Thus please consider using the User= and Group= directives in the shipped etc/llmnrd.service file.

(Even better would probably be to have a dedicated user/group, but I don't see how you as upstream could do that. You probably need to leave that integration to distro maintainers. Thus shipping an example using User=nobody and Group=nogroup is probably the best you can do. That user/group should be available on all distros by default I assume.)

andhe avatar Dec 23 '16 12:12 andhe

You might also want to investigate if the DynamicUser directive would suite the needs of llmnrd. I'm being told it's fairly new so if you want the unit to work on older systems/systemd-versions you might want to hold off on using that. I was also told that if this directive is used you can not save persistant files, but I guess that's not a problem (rather a benefit) for llmnrd.

andhe avatar Dec 23 '16 13:12 andhe

Not very familiar with llmnrd right now, but reading #4 makes me think llmnrd does not need to (or even should not?) be started as root. Thus please consider using the User= and Group= directives in the shipped etc/llmnrd.service file.

Thanks for your feedback! Indeed it shouldn't even be necessary to start llmnrd as root as it doesn't need to bind() to a privileged port. Issue #4 stems from the "early" days of llmnrd where I didn't really know what I was doing ;) it should in that case just be closed as wontfix.

(Even better would probably be to have a dedicated user/group, but I don't see how you as upstream could do that. You probably need to leave that integration to distro maintainers. Thus shipping an example using User=nobody and Group=nogroup is probably the best you can do. That user/group should be available on all distros by default I assume.)

Yes, that sounds like a decent thing to do. The systemd service file should really just serve as a starting ground for users and distros to base their service file upon.

But then again I'm not even sure anymore whether a systemd service file should be shipped as part of llmnrd anymore [1], as systemd-resolved can respond to LLMNR queries since version 217 (IIRC) and users who have systemd enabled will probably have no need for llmnrd.

[1] I initially created the service file for a system where we used an older systemd version which didn't support LLMNRD yet.

tklauser avatar Dec 23 '16 15:12 tklauser

You might also want to investigate if the DynamicUser directive would suite the needs of llmnrd. I'm being told it's fairly new so if you want the unit to work on older systems/systemd-versions you might want to hold off on using that. I was also told that if this directive is used you can not save persistant files, but I guess that's not a problem (rather a benefit) for llmnrd.

Thanks for the hint. I didn't know about the DynamicUser directive. llmnrd shouldn't need to save persistent files and it would even be a benefit security-wise if it were restricted from writing files.

tklauser avatar Dec 23 '16 15:12 tklauser