From: Zbigniew Jędrzejewski-Szmek Date: Thu, 14 Dec 2017 11:44:21 +0000 (+0100) Subject: core: drop taints for nobody user/group names X-Git-Tag: v236~3^2~3 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=198ce9324844a947567ae4b3e3f4e68e8f07df8d;p=platform%2Fupstream%2Fsystemd.git core: drop taints for nobody user/group names We have a check and warning at compile time. The user cannot do anything about this at runtime, and all other taints are about checks that happen at runtime and are specific to that system (and at least potentially correctable). (The logic in the compilation-time check was updated to treat "nogroup" as OK, but not the runtime check. But I think it's better to remove the runtime check for this altogether, so this becomes moot.) --- diff --git a/src/core/manager.c b/src/core/manager.c index 0681bbb..ff49173 100644 --- a/src/core/manager.c +++ b/src/core/manager.c @@ -3872,14 +3872,17 @@ char *manager_taint_string(Manager *m) { char *buf, *e; int r; + /* Returns a "taint string", e.g. "local-hwclock:var-run-bad". + * Only things that are detected at runtime should be tagged + * here. For stuff that is set during compilation, emit a warning + * in the configuration phase. */ + assert(m); buf = new(char, sizeof("split-usr:" "cgroups-missing:" "local-hwclock:" "var-run-bad:" - "weird-nobody-user:" - "weird-nobody-group:" "overflowuid-not-65534:" "overflowgid-not-65534:")); if (!buf) @@ -3901,12 +3904,6 @@ char *manager_taint_string(Manager *m) { if (r < 0 || !PATH_IN_SET(destination, "../run", "/run")) e = stpcpy(e, "var-run-bad:"); - if (!streq(NOBODY_USER_NAME, "nobody")) - e = stpcpy(e, "weird-nobody-user:"); - - if (!streq(NOBODY_GROUP_NAME, "nobody")) - e = stpcpy(e, "weird-nobody-group:"); - r = read_one_line_file("/proc/sys/kernel/overflowuid", &overflowuid); if (r >= 0 && !streq(overflowuid, "65534")) e = stpcpy(e, "overflowuid-not-65534:");