core/manager: rearrange taint tags

2024-10-04 15:21:01 +00:00 · 2024-04-23 22:20:57 +08:00 · 2024-04-23 22:20:57 +08:00 · ea81442892
parent 2b28dfe6e6
commit ea81442892
3 changed files with 32 additions and 22 deletions
--- a/catalog/systemd.catalog.in
+++ b/catalog/systemd.catalog.in
@ -558,11 +558,24 @@ Defined-By: systemd
 Support: %SUPPORT_URL%

 The following "tags" are possible:
- "var-run-bad" — /var/run is not a symlink to /run
+- "unmerged-usr" - /bin, /sbin, /lib* are not symlinks to their counterparts
+  under /usr/
+- "var-run-bad" — /var/run is not a symlink to /run/
+- "cgroupsv1" - the system is using the deprecated cgroup v1 hierarchy
+- "local-hwclock" - the local hardware clock (RTC) is configured to be in
+  local time rather than UTC
+- "support-ended" - the system is running past the end of support declared
+  by the vendor
+- "old-kernel" - the system is running a kernel version that is older than
+  the minimum supported by this version of systemd
 - "overflowuid-not-65534" — the kernel user ID used for "unknown" users (with
  NFS or user namespaces) is not 65534
 - "overflowgid-not-65534" — the kernel group ID used for "unknown" users (with
  NFS or user namespaces) is not 65534
+- "short-uid-range" - the UID range assigned to the running systemd instance
+  covers less than 0…65534
+- "short-gid-range" - the GID range assigned to the running systemd instance
+  covers less than 0…65534
 Current system is tagged as @TAINT@.

 -- fe6faa94e7774663a0da52717891d8ef
--- a/man/org.freedesktop.systemd1.xml
+++ b/man/org.freedesktop.systemd1.xml
@ -1665,13 +1665,21 @@ node /org/freedesktop/systemd1 {
          </ulink>.</para>

          <xi:include href="version-info.xml" xpointer="v252"/></listitem>
+        </varlistentry>

+        <varlistentry>
+          <term><literal>var-run-bad</literal></term>
+
+          <listitem><para><filename>/run/</filename> does not exist or <filename>/var/run</filename> is not a
+          symlink to <filename>/run/</filename>.</para>
+
+          <xi:include href="version-info.xml" xpointer="v252"/></listitem>
        </varlistentry>

        <varlistentry>
          <term><literal>cgroupsv1</literal></term>

-          <listitem><para>The system is using the old cgroup hierarchy.</para>
+          <listitem><para>The system is using the deprecated cgroup v1 hierarchy.</para>

          <xi:include href="version-info.xml" xpointer="v252"/></listitem>
        </varlistentry>
@ -1705,15 +1713,6 @@ node /org/freedesktop/systemd1 {
          <xi:include href="version-info.xml" xpointer="v252"/></listitem>
        </varlistentry>

-        <varlistentry>
-          <term><literal>var-run-bad</literal></term>
-
-          <listitem><para><filename>/run/</filename> does not exist or <filename>/var/run</filename> is not a
-          symlink to <filename>/run/</filename>.</para>
-
-          <xi:include href="version-info.xml" xpointer="v252"/></listitem>
-        </varlistentry>
-
        <varlistentry>
          <term><literal>overflowuid-not-65534</literal></term>
          <term><literal>overflowgid-not-65534</literal></term>
@ -1732,8 +1731,6 @@ node /org/freedesktop/systemd1 {

          <xi:include href="version-info.xml" xpointer="v252"/></listitem>
        </varlistentry>
-
-        <!-- mtab-not-symlink was removed in b492ce8a22d4527c1372b2d3fbd580627d70c917 -->
      </variablelist>

      <para><varname>FirmwareTimestamp</varname>, <varname>FirmwareTimestampMonotonic</varname>,
--- a/src/core/manager.c
+++ b/src/core/manager.c
@ -4849,6 +4849,11 @@ char* manager_taint_string(const Manager *m) {
        if (readlink_malloc("/bin", &usrbin) < 0 || !PATH_IN_SET(usrbin, "usr/bin", "/usr/bin"))
                stage[n++] = "unmerged-usr";

+        _cleanup_free_ char *destination = NULL;
+        if (readlink_malloc("/var/run", &destination) < 0 ||
+            !PATH_IN_SET(destination, "../run", "/run"))
+                stage[n++] = "var-run-bad";
+
        if (cg_all_unified() == 0)
                stage[n++] = "cgroupsv1";

@ -4858,10 +4863,10 @@ char* manager_taint_string(const Manager *m) {
        if (os_release_support_ended(NULL, /* quiet= */ true, NULL) > 0)
                stage[n++] = "support-ended";

-        _cleanup_free_ char *destination = NULL;
-        if (readlink_malloc("/var/run", &destination) < 0 ||
-            !PATH_IN_SET(destination, "../run", "/run"))
-                stage[n++] = "var-run-bad";
+        struct utsname uts;
+        assert_se(uname(&uts) >= 0);
+        if (strverscmp_improved(uts.release, KERNEL_BASELINE_VERSION) < 0)
+                stage[n++] = "old-kernel";

        _cleanup_free_ char *overflowuid = NULL, *overflowgid = NULL;
        if (read_one_line_file("/proc/sys/kernel/overflowuid", &overflowuid) >= 0 &&
@ -4871,11 +4876,6 @@ char* manager_taint_string(const Manager *m) {
            !streq(overflowgid, "65534"))
                stage[n++] = "overflowgid-not-65534";

-        struct utsname uts;
-        assert_se(uname(&uts) >= 0);
-        if (strverscmp_improved(uts.release, KERNEL_BASELINE_VERSION) < 0)
-                stage[n++] = "old-kernel";
-
        if (short_uid_range("/proc/self/uid_map") > 0)
                stage[n++] = "short-uid-range";
        if (short_uid_range("/proc/self/gid_map") > 0)