Submission type

• Bug report

systemd version the issue has been seen with

systemd 232

Used distribution

Linux ubuntu 4.10.0-19-generic #21-Ubuntu SMP Thu Apr 6 17:04:57 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

In case of bug report: Expected behaviour you didn't see

systemd rejects invalid value to "user=" and throws bold warning, doesn't run the process

In case of bug report: Unexpected behaviour you saw

systemd considers a
user=_syntactically_invalid
like
foobar=
I.E. it ignores the correctly detected "user=" and runs the process with default root privileges.

This is highly surprising, unexpected (by the average user) and dangerous behavior.
Systemd should not bother at all about syntactical correctness of value at right-side of "user=" and simply leave it to the system to check if the particular system allows and knows a user of that name.

*1: It's not systemd's call to enforce anything about "syntactically correct names" here
*2: systemd MUST NOT run jobs as root when a "user=" been given, no matter what (except "root") is on the value side.

Rationale: it's considered highly dangerous to run a job as root when that job obviously is not meant to run as root, since admin gave "user=" parameter.
Syntax of user names gets enforced elsewhere, systemd must not duplicate any such policies unless it's creating a new user(name)

In case of bug report: Steps to reproduce the problem

see #6237