http://bugzilla.opensuse.org/show_bug.cgi?id=1207698 http://bugzilla.opensuse.org/show_bug.cgi?id=1207698#c2 --- Comment #2 from Frederic Crozat <fcrozat@suse.com> --- (In reply to Christian Boltz from comment #1)
OK, that means
/{etc,run,run/host,/usr/lib}/userdb/ r, /{etc,run,run/host,/usr/lib}/userdb/*.user r,
One question before I submit a patch: Are all files in these directories named *.user, or should reading more (or even all) files in these directories be allowed?
After checking systemd code and doc (see https://www.freedesktop.org/software/systemd/man/nss-systemd.html ), files allowed should be *.user, *.group, *.user-privileged, *.group-privileged, as well as symlinks (same naming convention). -- You are receiving this mail because: You are on the CC list for the bug.