picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

core: make "taint" string logic a bit more generic and output it at boot 

The tainting logic existed for a long time, but was hidden inside the
bus interfaces. Let's give it a small bit more coverage, by logging its
value early at boot during initialization.
This commit is contained in:
Lennart Poettering 2017-12-07 11:27:07 +01:00
parent e97b7b5a9c
commit af6b0ecc4c
4 changed files with 60 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/core/dbus-manager.c
View File

@ -27,7 +27,6 @@
#include "architecture.h"
#include "build.h"
#include "bus-common-errors.h"
#include "clock-util.h"
#include "dbus-execute.h"
#include "dbus-job.h"
#include "dbus-manager.h"
@ -140,33 +139,18 @@ static int property_get_tainted(
void *userdata,
sd_bus_error *error) {
char buf[sizeof("split-usr:cgroups-missing:local-hwclock:var-run-bad:")] = "", *e = buf;
_cleanup_free_ char *destination = NULL;
_cleanup_free_ char *s = NULL;
Manager *m = userdata;
int r;
assert(bus);
assert(reply);
assert(m);
if (m->taint_usr)
e = stpcpy(e, "split-usr:");
s = manager_taint_string(m);
if (!s)
return log_oom();
if (access("/proc/cgroups", F_OK) < 0)
e = stpcpy(e, "cgroups-missing:");
if (clock_is_localtime(NULL) > 0)
e = stpcpy(e, "local-hwclock:");
r = readlink_malloc("/var/run", &destination);
if (r < 0 || !PATH_IN_SET(destination, "../run", "/run"))
e = stpcpy(e, "var-run-bad:");
/* remove the last ':' */
if (e != buf)
e[-1] = 0;
return sd_bus_message_append(reply, "s", buf);
return sd_bus_message_append(reply, "s", s);
}
static int property_get_log_target(

8
src/core/main.c
View File

@ -2394,6 +2394,14 @@ int main(int argc, char *argv[]) {
"Loaded units and determined initial transaction in %s.",
format_timespan(timespan, sizeof(timespan), after_startup - before_startup, 100 * USEC_PER_MSEC));
if (arg_system) {
_cleanup_free_ char *taint;
taint = manager_taint_string(m);
if (!isempty(taint))
log_notice("System is tainted: %s", taint);
}
if (arg_action == ACTION_TEST) {
printf("-> By units:\n");
manager_dump_units(m, stdout, "\t");

45
src/core/manager.c
View File

@ -48,6 +48,7 @@
#include "bus-kernel.h"
#include "bus-util.h"
#include "clean-ipc.h"
#include "clock-util.h"
#include "dbus-job.h"
#include "dbus-manager.h"
#include "dbus-unit.h"
@ -3851,6 +3852,50 @@ int manager_dispatch_user_lookup_fd(sd_event_source *source, int fd, uint32_t re
return 0;
}
char *manager_taint_string(Manager *m) {
_cleanup_free_ char *destination = NULL;
char *buf, *e;
int r;
assert(m);
buf = new(char, sizeof("split-usr:"
"cgroups-missing:"
"local-hwclock:"
"var-run-bad:"
"weird-nobody-user:"
"weird-nobody-group:"));
if (!buf)
return NULL;
e = buf;
if (m->taint_usr)
e = stpcpy(e, "split-usr:");
if (access("/proc/cgroups", F_OK) < 0)
e = stpcpy(e, "cgroups-missing:");
if (clock_is_localtime(NULL) > 0)
e = stpcpy(e, "local-hwclock:");
r = readlink_malloc("/var/run", &destination);
if (r < 0 || !PATH_IN_SET(destination, "../run", "/run"))
e = stpcpy(e, "var-run-bad:");
if (!streq(NOBODY_USER_NAME, "nobody"))
e = stpcpy(e, "weird-nobody-user:");
if (!streq(NOBODY_GROUP_NAME, "nobody"))
e = stpcpy(e, "weird-nobody-group:");
/* remove the last ':' */
if (e != buf)
e[-1] = 0;
return buf;
}
static const char *const manager_state_table[_MANAGER_STATE_MAX] = {
[MANAGER_INITIALIZING] = "initializing",
[MANAGER_STARTING] = "starting",

2
src/core/manager.h
View File

@ -435,6 +435,8 @@ void manager_deserialize_uid_refs_one(Manager *m, const char *value);
void manager_serialize_gid_refs(Manager *m, FILE *f);
void manager_deserialize_gid_refs_one(Manager *m, const char *value);
char *manager_taint_string(Manager *m);
const char *manager_state_to_string(ManagerState m) _const_;
ManagerState manager_state_from_string(const char *s) _pure_;