Merge pull request #7640 from keszybz/tainting-updates

Tainting updates

6 files changed, 39 insertions, 9 deletions

diff --git a/TODO b/TODO
index 9f8327ca28..0c20012b29 100644
--- a/TODO
+++ b/TODO
@@ -657,6 +657,11 @@ Features:
     Benefit: nspawn --ephemeral would start working nicely with the journal.
   - assign MESSAGE_ID to log messages about failed services
 
+* add a test if all entries in the catalog are properly formatted.
+    (Adding dashes in a catalog entry currently results in the catalog entry
+     being silently skipped. journalctl --update-catalog must warn about this,
+     and we should also have a unit test to check that all our message are OK.)
+
 * document:
   - document that deps in [Unit] sections ignore Alias= fields in
     [Install] units of other units, unless those units are disabled
diff --git a/catalog/meson.build b/catalog/meson.build
index baebd45ea4..69f970388a 100644
--- a/catalog/meson.build
+++ b/catalog/meson.build
@@ -44,3 +44,7 @@ foreach file : in_files
                 install : true,
                 install_dir : catalogdir)
 endforeach
+
+meson.add_install_script('sh', '-c',
+                         'test -n "$DESTDIR" || @0@/journalctl --update-catalog'
+                         .format(rootbindir))
diff --git a/catalog/systemd.catalog.in b/catalog/systemd.catalog.in
index 412ea8aa16..118fe860fe 100644
--- a/catalog/systemd.catalog.in
+++ b/catalog/systemd.catalog.in
@@ -359,3 +359,20 @@ Defined-By: systemd
 Support: %SUPPORT_URL%
 
 The unit @UNIT@ completed and consumed the indicated resources.
+
+-- 50876a9db00f4c40bde1a2ad381c3a1b
+Subject: The system is configured in a way that might cause problems
+Defined-By: systemd
+Support: %SUPPORT_URL%
+
+The following "tags" are possible:
+- "split-usr" — /usr is a separate file system and was not mounted when systemd
+  was booted
+- "cgroups-missing" — the kernel was compiled without cgroup support or access
+  to expected interface files is resticted
+- "var-run-bad" — /var/run is not a symlink to /run
+- "overflowuid-not-65534" — the kernel user ID used for "unknown" users (with
+  NFS or user namespaces) is not 65534
+- "overflowgid-not-65534" — the kernel group ID used for "unknown" users (with
+  NFS or user namespaces) is not 65534
+Current system is tagged as @TAINT@.
diff --git a/src/core/main.c b/src/core/main.c
index d79e183a72..2ad5073368 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -38,6 +38,7 @@
 
 #include "sd-bus.h"
 #include "sd-daemon.h"
+#include "sd-messages.h"
 
 #include "alloc-util.h"
 #include "architecture.h"
@@ -2420,7 +2421,11 @@ int main(int argc, char *argv[]) {
 
                 taint = manager_taint_string(m);
                 if (!isempty(taint))
-                        log_notice("System is tainted: %s", taint);
+                        log_struct(LOG_NOTICE,
+                                   LOG_MESSAGE("System is tainted: %s", taint),
+                                   "TAINT=%s", taint,
+                                   "MESSAGE_ID=" SD_MESSAGE_TAINTED_STR,
+                                   NULL);
         }
 
         if (arg_action == ACTION_TEST) {
diff --git a/src/core/manager.c b/src/core/manager.c
index e85accbbca..81c4d5289b 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -3872,14 +3872,17 @@ char *manager_taint_string(Manager *m) {
         char *buf, *e;
         int r;
 
+        /* Returns a "taint string", e.g. "local-hwclock:var-run-bad".
+         * Only things that are detected at runtime should be tagged
+         * here. For stuff that is set during compilation, emit a warning
+         * in the configuration phase. */
+
         assert(m);
 
         buf = new(char, sizeof("split-usr:"
                                "cgroups-missing:"
                                "local-hwclock:"
                                "var-run-bad:"
-                               "weird-nobody-user:"
-                               "weird-nobody-group:"
                                "overflowuid-not-65534:"
                                "overflowgid-not-65534:"));
         if (!buf)
@@ -3901,12 +3904,6 @@ char *manager_taint_string(Manager *m) {
         if (r < 0 || !PATH_IN_SET(destination, "../run", "/run"))
                 e = stpcpy(e, "var-run-bad:");
 
-        if (!streq(NOBODY_USER_NAME, "nobody"))
-                e = stpcpy(e, "weird-nobody-user:");
-
-        if (!streq(NOBODY_GROUP_NAME, "nobody"))
-                e = stpcpy(e, "weird-nobody-group:");
-
         r = read_one_line_file("/proc/sys/kernel/overflowuid", &overflowuid);
         if (r >= 0 && !streq(overflowuid, "65534"))
                 e = stpcpy(e, "overflowuid-not-65534:");
diff --git a/src/systemd/sd-messages.h b/src/systemd/sd-messages.h
index 874329ff8c..5a3f78bdbc 100644
--- a/src/systemd/sd-messages.h
+++ b/src/systemd/sd-messages.h
@@ -70,6 +70,8 @@ _SD_BEGIN_DECLARATIONS;
 #define SD_MESSAGE_TIMEZONE_CHANGE        SD_ID128_MAKE(45,f8,2f,4a,ef,7a,4b,bf,94,2c,e8,61,d1,f2,09,90)
 #define SD_MESSAGE_TIMEZONE_CHANGE_STR    SD_ID128_MAKE_STR(45,f8,2f,4a,ef,7a,4b,bf,94,2c,e8,61,d1,f2,09,90)
 
+#define SD_MESSAGE_TAINTED                SD_ID128_MAKE(50,87,6a,9d,b0,0f,4c,40,bd,e1,a2,ad,38,1c,3a,1b)
+#define SD_MESSAGE_TAINTED_STR            SD_ID128_MAKE_STR(50,87,6a,9d,b0,0f,4c,40,bd,e1,a2,ad,38,1c,3a,1b)
 #define SD_MESSAGE_STARTUP_FINISHED       SD_ID128_MAKE(b0,7a,24,9c,d0,24,41,4a,82,dd,00,cd,18,13,78,ff)
 #define SD_MESSAGE_STARTUP_FINISHED_STR   SD_ID128_MAKE_STR(b0,7a,24,9c,d0,24,41,4a,82,dd,00,cd,18,13,78,ff)
 #define SD_MESSAGE_USER_STARTUP_FINISHED \