Bug 1778384

Summary: systemd doesn't reset ownership of StateDirectory if directory already exists
Product: Red Hat Enterprise Linux 8 Reporter: Michal Sekletar <msekleta>
Component: systemdAssignee: Michal Sekletar <msekleta>
Status: CLOSED ERRATA QA Contact: Frantisek Sumsal <fsumsal>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 8.1CC: systemd-maint-list, tgunders
Target Milestone: rcFlags: msekleta: mirror+
Target Release: 8.0   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: systemd-239-20.el8 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-04-28 16:45:29 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Michal Sekletar 2019-11-30 14:31:43 UTC 
Description of problem:
$subject

Version-Release number of selected component (if applicable):
systemd-239-19.el8.x86_64

How reproducible:
always

Steps to Reproduce:
0. Add test user
useradd --system foobar

1. Define a test service,

# /etc/systemd/system/test.service
[Service]
User=foobar
StateDirectory=foobar
ExecStart=/bin/sleep 1000

2. Create /var/lib/foobar as root
mkdir /var/lib/foobar

3. Run the test service
systemctl daemon-reload
systemctl start test.service

Actual results:
/bin/sleep binary is running as foobar user, but StateDirectory /var/lib/foobar is still owned by root.


Expected results:
StateDirectory /var/lib/foobar should be owned by foobar user.


Additional info:
Upstream has fixed this behavior already. We need to backport,
https://github.com/systemd/systemd/commit/206e9864de460dd79d9edd7bedb47dee168765e1

Thanks to Tom Gundersen for the report!
Comment 1 Michal Sekletar 2019-11-30 15:31:04 UTC 
Backport at,

https://github.com/systemd-rhel/rhel-8/pull/44
Comment 7 errata-xmlrpc 2020-04-28 16:45:29 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:1794