From: Mike Yuan Date: Tue, 23 Apr 2024 14:20:57 +0000 (+0800) Subject: core/manager: rearrange taint tags X-Git-Tag: v256-rc1~37^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ea81442892da6bd8c3175bb2571aafb1abf84f79;p=thirdparty%2Fsystemd.git core/manager: rearrange taint tags --- diff --git a/catalog/systemd.catalog.in b/catalog/systemd.catalog.in index 87022f40faf..3bf9b6cffbc 100644 --- a/catalog/systemd.catalog.in +++ b/catalog/systemd.catalog.in @@ -558,11 +558,24 @@ Defined-By: systemd Support: %SUPPORT_URL% The following "tags" are possible: -- "var-run-bad" — /var/run is not a symlink to /run +- "unmerged-usr" - /bin, /sbin, /lib* are not symlinks to their counterparts + under /usr/ +- "var-run-bad" — /var/run is not a symlink to /run/ +- "cgroupsv1" - the system is using the deprecated cgroup v1 hierarchy +- "local-hwclock" - the local hardware clock (RTC) is configured to be in + local time rather than UTC +- "support-ended" - the system is running past the end of support declared + by the vendor +- "old-kernel" - the system is running a kernel version that is older than + the minimum supported by this version of systemd - "overflowuid-not-65534" — the kernel user ID used for "unknown" users (with NFS or user namespaces) is not 65534 - "overflowgid-not-65534" — the kernel group ID used for "unknown" users (with NFS or user namespaces) is not 65534 +- "short-uid-range" - the UID range assigned to the running systemd instance + covers less than 0…65534 +- "short-gid-range" - the GID range assigned to the running systemd instance + covers less than 0…65534 Current system is tagged as @TAINT@. -- fe6faa94e7774663a0da52717891d8ef diff --git a/man/org.freedesktop.systemd1.xml b/man/org.freedesktop.systemd1.xml index 3aa1d0de571..1c5b7d38f5c 100644 --- a/man/org.freedesktop.systemd1.xml +++ b/man/org.freedesktop.systemd1.xml @@ -1665,13 +1665,21 @@ node /org/freedesktop/systemd1 { . + + + var-run-bad + + /run/ does not exist or /var/run is not a + symlink to /run/. + + cgroupsv1 - The system is using the old cgroup hierarchy. + The system is using the deprecated cgroup v1 hierarchy. @@ -1705,15 +1713,6 @@ node /org/freedesktop/systemd1 { - - var-run-bad - - /run/ does not exist or /var/run is not a - symlink to /run/. - - - - overflowuid-not-65534 overflowgid-not-65534 @@ -1732,8 +1731,6 @@ node /org/freedesktop/systemd1 { - - FirmwareTimestamp, FirmwareTimestampMonotonic, diff --git a/src/core/manager.c b/src/core/manager.c index 856bbd823c4..35e08e5f771 100644 --- a/src/core/manager.c +++ b/src/core/manager.c @@ -4849,6 +4849,11 @@ char* manager_taint_string(const Manager *m) { if (readlink_malloc("/bin", &usrbin) < 0 || !PATH_IN_SET(usrbin, "usr/bin", "/usr/bin")) stage[n++] = "unmerged-usr"; + _cleanup_free_ char *destination = NULL; + if (readlink_malloc("/var/run", &destination) < 0 || + !PATH_IN_SET(destination, "../run", "/run")) + stage[n++] = "var-run-bad"; + if (cg_all_unified() == 0) stage[n++] = "cgroupsv1"; @@ -4858,10 +4863,10 @@ char* manager_taint_string(const Manager *m) { if (os_release_support_ended(NULL, /* quiet= */ true, NULL) > 0) stage[n++] = "support-ended"; - _cleanup_free_ char *destination = NULL; - if (readlink_malloc("/var/run", &destination) < 0 || - !PATH_IN_SET(destination, "../run", "/run")) - stage[n++] = "var-run-bad"; + struct utsname uts; + assert_se(uname(&uts) >= 0); + if (strverscmp_improved(uts.release, KERNEL_BASELINE_VERSION) < 0) + stage[n++] = "old-kernel"; _cleanup_free_ char *overflowuid = NULL, *overflowgid = NULL; if (read_one_line_file("/proc/sys/kernel/overflowuid", &overflowuid) >= 0 && @@ -4871,11 +4876,6 @@ char* manager_taint_string(const Manager *m) { !streq(overflowgid, "65534")) stage[n++] = "overflowgid-not-65534"; - struct utsname uts; - assert_se(uname(&uts) >= 0); - if (strverscmp_improved(uts.release, KERNEL_BASELINE_VERSION) < 0) - stage[n++] = "old-kernel"; - if (short_uid_range("/proc/self/uid_map") > 0) stage[n++] = "short-uid-range"; if (short_uid_range("/proc/self/gid_map") > 0)