]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/main.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
man: improve wording of systemctl's --after/--before
[thirdparty/systemd.git] / src / core / main.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <stdio.h>
23 #include <errno.h>
24 #include <string.h>
25 #include <unistd.h>
26 #include <sys/types.h>
27 #include <sys/stat.h>
28 #include <getopt.h>
29 #include <signal.h>
30 #include <sys/wait.h>
31 #include <fcntl.h>
32 #include <sys/prctl.h>
33 #include <sys/mount.h>
34
35 #ifdef HAVE_VALGRIND_VALGRIND_H
36 #include <valgrind/valgrind.h>
37 #endif
38 #ifdef HAVE_SECCOMP
39 #include <seccomp.h>
40 #endif
41
42 #include "sd-daemon.h"
43 #include "sd-messages.h"
44 #include "sd-bus.h"
45 #include "manager.h"
46 #include "log.h"
47 #include "load-fragment.h"
48 #include "fdset.h"
49 #include "special.h"
50 #include "conf-parser.h"
51 #include "missing.h"
52 #include "label.h"
53 #include "build.h"
54 #include "strv.h"
55 #include "def.h"
56 #include "virt.h"
57 #include "architecture.h"
58 #include "watchdog.h"
59 #include "path-util.h"
60 #include "switch-root.h"
61 #include "capability.h"
62 #include "killall.h"
63 #include "env-util.h"
64 #include "hwclock.h"
65 #include "fileio.h"
66 #include "dbus-manager.h"
67 #include "bus-error.h"
68 #include "bus-util.h"
69
70 #include "mount-setup.h"
71 #include "loopback-setup.h"
72 #include "hostname-setup.h"
73 #include "machine-id-setup.h"
74 #include "selinux-setup.h"
75 #include "ima-setup.h"
76 #include "smack-setup.h"
77 #ifdef HAVE_KMOD
78 #include "kmod-setup.h"
79 #endif
80
81 static enum {
82 ACTION_RUN,
83 ACTION_HELP,
84 ACTION_VERSION,
85 ACTION_TEST,
86 ACTION_DUMP_CONFIGURATION_ITEMS,
87 ACTION_DONE
88 } arg_action = ACTION_RUN;
89 static char *arg_default_unit = NULL;
90 static SystemdRunningAs arg_running_as = _SYSTEMD_RUNNING_AS_INVALID;
91 static bool arg_dump_core = true;
92 static bool arg_crash_shell = false;
93 static int arg_crash_chvt = -1;
94 static bool arg_confirm_spawn = false;
95 static ShowStatus arg_show_status = _SHOW_STATUS_UNSET;
96 static bool arg_switched_root = false;
97 static char ***arg_join_controllers = NULL;
98 static ExecOutput arg_default_std_output = EXEC_OUTPUT_JOURNAL;
99 static ExecOutput arg_default_std_error = EXEC_OUTPUT_INHERIT;
100 static usec_t arg_default_restart_usec = DEFAULT_RESTART_USEC;
101 static usec_t arg_default_timeout_start_usec = DEFAULT_TIMEOUT_USEC;
102 static usec_t arg_default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC;
103 static usec_t arg_default_start_limit_interval = DEFAULT_START_LIMIT_INTERVAL;
104 static unsigned arg_default_start_limit_burst = DEFAULT_START_LIMIT_BURST;
105 static usec_t arg_runtime_watchdog = 0;
106 static usec_t arg_shutdown_watchdog = 10 * USEC_PER_MINUTE;
107 static char **arg_default_environment = NULL;
108 static struct rlimit *arg_default_rlimit[_RLIMIT_MAX] = {};
109 static uint64_t arg_capability_bounding_set_drop = 0;
110 static nsec_t arg_timer_slack_nsec = (nsec_t) -1;
111 static Set* arg_syscall_archs = NULL;
112 static FILE* arg_serialization = NULL;
113 static bool arg_default_cpu_accounting = false;
114 static bool arg_default_blockio_accounting = false;
115 static bool arg_default_memory_accounting = false;
116
117 static void nop_handler(int sig) {}
118
119 noreturn static void crash(int sig) {
120
121 if (getpid() != 1)
122 /* Pass this on immediately, if this is not PID 1 */
123 raise(sig);
124 else if (!arg_dump_core)
125 log_error("Caught <%s>, not dumping core.", signal_to_string(sig));
126 else {
127 struct sigaction sa = {
128 .sa_handler = nop_handler,
129 .sa_flags = SA_NOCLDSTOP|SA_RESTART,
130 };
131 pid_t pid;
132
133 /* We want to wait for the core process, hence let's enable SIGCHLD */
134 sigaction(SIGCHLD, &sa, NULL);
135
136 pid = fork();
137 if (pid < 0)
138 log_error("Caught <%s>, cannot fork for core dump: %m", signal_to_string(sig));
139
140 else if (pid == 0) {
141 struct rlimit rl = {};
142
143 /* Enable default signal handler for core dump */
144 zero(sa);
145 sa.sa_handler = SIG_DFL;
146 sigaction(sig, &sa, NULL);
147
148 /* Don't limit the core dump size */
149 rl.rlim_cur = RLIM_INFINITY;
150 rl.rlim_max = RLIM_INFINITY;
151 setrlimit(RLIMIT_CORE, &rl);
152
153 /* Just to be sure... */
154 chdir("/");
155
156 /* Raise the signal again */
157 raise(sig);
158
159 assert_not_reached("We shouldn't be here...");
160 _exit(1);
161
162 } else {
163 siginfo_t status;
164 int r;
165
166 /* Order things nicely. */
167 r = wait_for_terminate(pid, &status);
168 if (r < 0)
169 log_error("Caught <%s>, waitpid() failed: %s", signal_to_string(sig), strerror(-r));
170 else if (status.si_code != CLD_DUMPED)
171 log_error("Caught <%s>, core dump failed.", signal_to_string(sig));
172 else
173 log_error("Caught <%s>, dumped core as pid "PID_FMT".", signal_to_string(sig), pid);
174 }
175 }
176
177 if (arg_crash_chvt)
178 chvt(arg_crash_chvt);
179
180 if (arg_crash_shell) {
181 struct sigaction sa = {
182 .sa_handler = SIG_IGN,
183 .sa_flags = SA_NOCLDSTOP|SA_NOCLDWAIT|SA_RESTART,
184 };
185 pid_t pid;
186
187 log_info("Executing crash shell in 10s...");
188 sleep(10);
189
190 /* Let the kernel reap children for us */
191 assert_se(sigaction(SIGCHLD, &sa, NULL) == 0);
192
193 pid = fork();
194 if (pid < 0)
195 log_error("Failed to fork off crash shell: %m");
196 else if (pid == 0) {
197 make_console_stdio();
198 execl("/bin/sh", "/bin/sh", NULL);
199
200 log_error("execl() failed: %m");
201 _exit(1);
202 }
203
204 log_info("Successfully spawned crash shell as pid "PID_FMT".", pid);
205 }
206
207 log_info("Freezing execution.");
208 freeze();
209 }
210
211 static void install_crash_handler(void) {
212 struct sigaction sa = {
213 .sa_handler = crash,
214 .sa_flags = SA_NODEFER,
215 };
216
217 sigaction_many(&sa, SIGNALS_CRASH_HANDLER, -1);
218 }
219
220 static int console_setup(bool do_reset) {
221 int tty_fd, r;
222
223 /* If we are init, we connect stdin/stdout/stderr to /dev/null
224 * and make sure we don't have a controlling tty. */
225
226 release_terminal();
227
228 if (!do_reset)
229 return 0;
230
231 tty_fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
232 if (tty_fd < 0) {
233 log_error("Failed to open /dev/console: %s", strerror(-tty_fd));
234 return -tty_fd;
235 }
236
237 /* We don't want to force text mode.
238 * plymouth may be showing pictures already from initrd. */
239 r = reset_terminal_fd(tty_fd, false);
240 if (r < 0)
241 log_error("Failed to reset /dev/console: %s", strerror(-r));
242
243 close_nointr_nofail(tty_fd);
244 return r;
245 }
246
247 static int set_default_unit(const char *u) {
248 char *c;
249
250 assert(u);
251
252 c = strdup(u);
253 if (!c)
254 return -ENOMEM;
255
256 free(arg_default_unit);
257 arg_default_unit = c;
258
259 return 0;
260 }
261
262 static int parse_proc_cmdline_item(const char *key, const char *value) {
263
264 static const char * const rlmap[] = {
265 "emergency", SPECIAL_EMERGENCY_TARGET,
266 "-b", SPECIAL_EMERGENCY_TARGET,
267 "single", SPECIAL_RESCUE_TARGET,
268 "-s", SPECIAL_RESCUE_TARGET,
269 "s", SPECIAL_RESCUE_TARGET,
270 "S", SPECIAL_RESCUE_TARGET,
271 "1", SPECIAL_RESCUE_TARGET,
272 "2", SPECIAL_RUNLEVEL2_TARGET,
273 "3", SPECIAL_RUNLEVEL3_TARGET,
274 "4", SPECIAL_RUNLEVEL4_TARGET,
275 "5", SPECIAL_RUNLEVEL5_TARGET,
276 };
277 int r;
278
279 assert(key);
280
281 if (streq(key, "systemd.unit") && value) {
282
283 if (!in_initrd())
284 return set_default_unit(value);
285
286 } else if (streq(key, "rd.systemd.unit") && value) {
287
288 return set_default_unit(value);
289
290 } else if (streq(key, "systemd.log_target") && value) {
291
292 if (log_set_target_from_string(value) < 0)
293 log_warning("Failed to parse log target %s. Ignoring.", value);
294
295 } else if (streq(key, "systemd.log_level") && value) {
296
297 if (log_set_max_level_from_string(value) < 0)
298 log_warning("Failed to parse log level %s. Ignoring.", value);
299
300 } else if (streq(key, "systemd.log_color") && value) {
301
302 if (log_show_color_from_string(value) < 0)
303 log_warning("Failed to parse log color setting %s. Ignoring.", value);
304
305 } else if (streq(key, "systemd.log_location") && value) {
306
307 if (log_show_location_from_string(value) < 0)
308 log_warning("Failed to parse log location setting %s. Ignoring.", value);
309
310 } else if (streq(key, "systemd.dump_core") && value) {
311
312 r = parse_boolean(value);
313 if (r < 0)
314 log_warning("Failed to parse dump core switch %s. Ignoring.", value);
315 else
316 arg_dump_core = r;
317
318 } else if (streq(key, "systemd.crash_shell") && value) {
319
320 r = parse_boolean(value);
321 if (r < 0)
322 log_warning("Failed to parse crash shell switch %s. Ignoring.", value);
323 else
324 arg_crash_shell = r;
325
326 } else if (streq(key, "systemd.crash_chvt") && value) {
327
328 if (safe_atoi(value, &r) < 0)
329 log_warning("Failed to parse crash chvt switch %s. Ignoring.", value);
330 else
331 arg_crash_chvt = r;
332
333 } else if (streq(key, "systemd.confirm_spawn") && value) {
334
335 r = parse_boolean(value);
336 if (r < 0)
337 log_warning("Failed to parse confirm spawn switch %s. Ignoring.", value);
338 else
339 arg_confirm_spawn = r;
340
341 } else if (streq(key, "systemd.show_status") && value) {
342
343 r = parse_show_status(value, &arg_show_status);
344 if (r < 0)
345 log_warning("Failed to parse show status switch %s. Ignoring.", value);
346
347 } else if (streq(key, "systemd.default_standard_output") && value) {
348
349 r = exec_output_from_string(value);
350 if (r < 0)
351 log_warning("Failed to parse default standard output switch %s. Ignoring.", value);
352 else
353 arg_default_std_output = r;
354
355 } else if (streq(key, "systemd.default_standard_error") && value) {
356
357 r = exec_output_from_string(value);
358 if (r < 0)
359 log_warning("Failed to parse default standard error switch %s. Ignoring.", value);
360 else
361 arg_default_std_error = r;
362
363 } else if (streq(key, "systemd.setenv") && value) {
364
365 if (env_assignment_is_valid(value)) {
366 char **env;
367
368 env = strv_env_set(arg_default_environment, value);
369 if (env)
370 arg_default_environment = env;
371 else
372 log_warning("Setting environment variable '%s' failed, ignoring: %s", value, strerror(ENOMEM));
373 } else
374 log_warning("Environment variable name '%s' is not valid. Ignoring.", value);
375
376 } else if (!streq(key, "systemd.restore_state") &&
377 !streq(key, "systemd.gpt_auto") &&
378 (startswith(key, "systemd.") || startswith(key, "rd.systemd."))) {
379
380 const char *c;
381
382 /* Ignore systemd.journald.xyz and friends */
383 c = key;
384 if (startswith(c, "rd."))
385 c += 3;
386 if (startswith(c, "systemd."))
387 c += 8;
388 if (c[strcspn(c, ".=")] != '.') {
389
390 log_warning("Unknown kernel switch %s. Ignoring.", key);
391
392 log_info("Supported kernel switches:\n"
393 "systemd.unit=UNIT Default unit to start\n"
394 "rd.systemd.unit=UNIT Default unit to start when run in initrd\n"
395 "systemd.dump_core=0|1 Dump core on crash\n"
396 "systemd.crash_shell=0|1 Run shell on crash\n"
397 "systemd.crash_chvt=N Change to VT #N on crash\n"
398 "systemd.confirm_spawn=0|1 Confirm every process spawn\n"
399 "systemd.show_status=0|1|auto Show status updates on the console during bootup\n"
400 "systemd.log_target=console|kmsg|journal|journal-or-kmsg|syslog|syslog-or-kmsg|null\n"
401 " Log target\n"
402 "systemd.log_level=LEVEL Log level\n"
403 "systemd.log_color=0|1 Highlight important log messages\n"
404 "systemd.log_location=0|1 Include code location in log messages\n"
405 "systemd.default_standard_output=null|tty|syslog|syslog+console|kmsg|kmsg+console|journal|journal+console\n"
406 " Set default log output for services\n"
407 "systemd.default_standard_error=null|tty|syslog|syslog+console|kmsg|kmsg+console|journal|journal+console\n"
408 " Set default log error output for services\n"
409 "systemd.setenv=ASSIGNMENT Set an environment variable for all spawned processes\n"
410 "systemd.restore_state=0|1 Restore backlight/rfkill state at boot\n");
411 }
412
413 } else if (streq(key, "quiet") && !value) {
414
415 if (arg_show_status == _SHOW_STATUS_UNSET)
416 arg_show_status = SHOW_STATUS_AUTO;
417
418 } else if (streq(key, "debug") && !value) {
419
420 /* Log to kmsg, the journal socket will fill up before the
421 * journal is started and tools running during that time
422 * will block with every log message for for 60 seconds,
423 * before they give up. */
424 log_set_max_level(LOG_DEBUG);
425 log_set_target(detect_container(NULL) > 0 ? LOG_TARGET_CONSOLE : LOG_TARGET_KMSG);
426
427 } else if (!in_initrd() && !value) {
428 unsigned i;
429
430 /* SysV compatibility */
431 for (i = 0; i < ELEMENTSOF(rlmap); i += 2)
432 if (streq(key, rlmap[i]))
433 return set_default_unit(rlmap[i+1]);
434 }
435
436 return 0;
437 }
438
439 #define DEFINE_SETTER(name, func, descr) \
440 static int name(const char *unit, \
441 const char *filename, \
442 unsigned line, \
443 const char *section, \
444 unsigned section_line, \
445 const char *lvalue, \
446 int ltype, \
447 const char *rvalue, \
448 void *data, \
449 void *userdata) { \
450 \
451 int r; \
452 \
453 assert(filename); \
454 assert(lvalue); \
455 assert(rvalue); \
456 \
457 r = func(rvalue); \
458 if (r < 0) \
459 log_syntax(unit, LOG_ERR, filename, line, -r, \
460 "Invalid " descr "'%s': %s", \
461 rvalue, strerror(-r)); \
462 \
463 return 0; \
464 }
465
466 DEFINE_SETTER(config_parse_level2, log_set_max_level_from_string, "log level")
467 DEFINE_SETTER(config_parse_target, log_set_target_from_string, "target")
468 DEFINE_SETTER(config_parse_color, log_show_color_from_string, "color" )
469 DEFINE_SETTER(config_parse_location, log_show_location_from_string, "location")
470
471 static int config_parse_cpu_affinity2(
472 const char *unit,
473 const char *filename,
474 unsigned line,
475 const char *section,
476 unsigned section_line,
477 const char *lvalue,
478 int ltype,
479 const char *rvalue,
480 void *data,
481 void *userdata) {
482
483 char *w;
484 size_t l;
485 char *state;
486 cpu_set_t *c = NULL;
487 unsigned ncpus = 0;
488
489 assert(filename);
490 assert(lvalue);
491 assert(rvalue);
492
493 FOREACH_WORD_QUOTED(w, l, rvalue, state) {
494 char *t;
495 int r;
496 unsigned cpu;
497
498 if (!(t = strndup(w, l)))
499 return log_oom();
500
501 r = safe_atou(t, &cpu);
502 free(t);
503
504 if (!c)
505 if (!(c = cpu_set_malloc(&ncpus)))
506 return log_oom();
507
508 if (r < 0 || cpu >= ncpus) {
509 log_syntax(unit, LOG_ERR, filename, line, -r,
510 "Failed to parse CPU affinity '%s'", rvalue);
511 CPU_FREE(c);
512 return -EBADMSG;
513 }
514
515 CPU_SET_S(cpu, CPU_ALLOC_SIZE(ncpus), c);
516 }
517
518 if (c) {
519 if (sched_setaffinity(0, CPU_ALLOC_SIZE(ncpus), c) < 0)
520 log_warning_unit(unit, "Failed to set CPU affinity: %m");
521
522 CPU_FREE(c);
523 }
524
525 return 0;
526 }
527
528 static int config_parse_show_status(
529 const char* unit,
530 const char *filename,
531 unsigned line,
532 const char *section,
533 unsigned section_line,
534 const char *lvalue,
535 int ltype,
536 const char *rvalue,
537 void *data,
538 void *userdata) {
539
540 int k;
541 ShowStatus *b = data;
542
543 assert(filename);
544 assert(lvalue);
545 assert(rvalue);
546 assert(data);
547
548 k = parse_show_status(rvalue, b);
549 if (k < 0) {
550 log_syntax(unit, LOG_ERR, filename, line, -k,
551 "Failed to parse show status setting, ignoring: %s", rvalue);
552 return 0;
553 }
554
555 return 0;
556 }
557
558 static void strv_free_free(char ***l) {
559 char ***i;
560
561 if (!l)
562 return;
563
564 for (i = l; *i; i++)
565 strv_free(*i);
566
567 free(l);
568 }
569
570 static void free_join_controllers(void) {
571 strv_free_free(arg_join_controllers);
572 arg_join_controllers = NULL;
573 }
574
575 static int config_parse_join_controllers(const char *unit,
576 const char *filename,
577 unsigned line,
578 const char *section,
579 unsigned section_line,
580 const char *lvalue,
581 int ltype,
582 const char *rvalue,
583 void *data,
584 void *userdata) {
585
586 unsigned n = 0;
587 char *state, *w;
588 size_t length;
589
590 assert(filename);
591 assert(lvalue);
592 assert(rvalue);
593
594 free_join_controllers();
595
596 FOREACH_WORD_QUOTED(w, length, rvalue, state) {
597 char *s, **l;
598
599 s = strndup(w, length);
600 if (!s)
601 return log_oom();
602
603 l = strv_split(s, ",");
604 free(s);
605
606 strv_uniq(l);
607
608 if (strv_length(l) <= 1) {
609 strv_free(l);
610 continue;
611 }
612
613 if (!arg_join_controllers) {
614 arg_join_controllers = new(char**, 2);
615 if (!arg_join_controllers) {
616 strv_free(l);
617 return log_oom();
618 }
619
620 arg_join_controllers[0] = l;
621 arg_join_controllers[1] = NULL;
622
623 n = 1;
624 } else {
625 char ***a;
626 char ***t;
627
628 t = new0(char**, n+2);
629 if (!t) {
630 strv_free(l);
631 return log_oom();
632 }
633
634 n = 0;
635
636 for (a = arg_join_controllers; *a; a++) {
637
638 if (strv_overlap(*a, l)) {
639 if (strv_extend_strv(&l, *a) < 0) {
640 strv_free(l);
641 strv_free_free(t);
642 return log_oom();
643 }
644
645 } else {
646 char **c;
647
648 c = strv_copy(*a);
649 if (!c) {
650 strv_free(l);
651 strv_free_free(t);
652 return log_oom();
653 }
654
655 t[n++] = c;
656 }
657 }
658
659 t[n++] = strv_uniq(l);
660
661 strv_free_free(arg_join_controllers);
662 arg_join_controllers = t;
663 }
664 }
665
666 return 0;
667 }
668
669 static int parse_config_file(void) {
670
671 const ConfigTableItem items[] = {
672 { "Manager", "LogLevel", config_parse_level2, 0, NULL },
673 { "Manager", "LogTarget", config_parse_target, 0, NULL },
674 { "Manager", "LogColor", config_parse_color, 0, NULL },
675 { "Manager", "LogLocation", config_parse_location, 0, NULL },
676 { "Manager", "DumpCore", config_parse_bool, 0, &arg_dump_core },
677 { "Manager", "CrashShell", config_parse_bool, 0, &arg_crash_shell },
678 { "Manager", "ShowStatus", config_parse_show_status, 0, &arg_show_status },
679 { "Manager", "CrashChVT", config_parse_int, 0, &arg_crash_chvt },
680 { "Manager", "CPUAffinity", config_parse_cpu_affinity2, 0, NULL },
681 { "Manager", "JoinControllers", config_parse_join_controllers, 0, &arg_join_controllers },
682 { "Manager", "RuntimeWatchdogSec", config_parse_sec, 0, &arg_runtime_watchdog },
683 { "Manager", "ShutdownWatchdogSec", config_parse_sec, 0, &arg_shutdown_watchdog },
684 { "Manager", "CapabilityBoundingSet", config_parse_bounding_set, 0, &arg_capability_bounding_set_drop },
685 #ifdef HAVE_SECCOMP
686 { "Manager", "SystemCallArchitectures", config_parse_syscall_archs, 0, &arg_syscall_archs },
687 #endif
688 { "Manager", "TimerSlackNSec", config_parse_nsec, 0, &arg_timer_slack_nsec },
689 { "Manager", "DefaultStandardOutput", config_parse_output, 0, &arg_default_std_output },
690 { "Manager", "DefaultStandardError", config_parse_output, 0, &arg_default_std_error },
691 { "Manager", "DefaultTimeoutStartSec", config_parse_sec, 0, &arg_default_timeout_start_usec },
692 { "Manager", "DefaultTimeoutStopSec", config_parse_sec, 0, &arg_default_timeout_stop_usec },
693 { "Manager", "DefaultRestartSec", config_parse_sec, 0, &arg_default_restart_usec },
694 { "Manager", "DefaultStartLimitInterval", config_parse_sec, 0, &arg_default_start_limit_interval },
695 { "Manager", "DefaultStartLimitBurst", config_parse_unsigned, 0, &arg_default_start_limit_burst },
696 { "Manager", "DefaultEnvironment", config_parse_environ, 0, &arg_default_environment },
697 { "Manager", "DefaultLimitCPU", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CPU] },
698 { "Manager", "DefaultLimitFSIZE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_FSIZE] },
699 { "Manager", "DefaultLimitDATA", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_DATA] },
700 { "Manager", "DefaultLimitSTACK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_STACK] },
701 { "Manager", "DefaultLimitCORE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CORE] },
702 { "Manager", "DefaultLimitRSS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RSS] },
703 { "Manager", "DefaultLimitNOFILE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NOFILE] },
704 { "Manager", "DefaultLimitAS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_AS] },
705 { "Manager", "DefaultLimitNPROC", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NPROC] },
706 { "Manager", "DefaultLimitMEMLOCK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MEMLOCK] },
707 { "Manager", "DefaultLimitLOCKS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_LOCKS] },
708 { "Manager", "DefaultLimitSIGPENDING", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_SIGPENDING] },
709 { "Manager", "DefaultLimitMSGQUEUE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MSGQUEUE] },
710 { "Manager", "DefaultLimitNICE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NICE] },
711 { "Manager", "DefaultLimitRTPRIO", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTPRIO] },
712 { "Manager", "DefaultLimitRTTIME", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTTIME] },
713 { "Manager", "DefaultCPUAccounting", config_parse_bool, 0, &arg_default_cpu_accounting },
714 { "Manager", "DefaultBlockIOAccounting", config_parse_bool, 0, &arg_default_blockio_accounting },
715 { "Manager", "DefaultMemoryAccounting", config_parse_bool, 0, &arg_default_memory_accounting },
716 {}
717 };
718
719 _cleanup_fclose_ FILE *f;
720 const char *fn;
721 int r;
722
723 fn = arg_running_as == SYSTEMD_SYSTEM ? PKGSYSCONFDIR "/system.conf" : PKGSYSCONFDIR "/user.conf";
724 f = fopen(fn, "re");
725 if (!f) {
726 if (errno == ENOENT)
727 return 0;
728
729 log_warning("Failed to open configuration file '%s': %m", fn);
730 return 0;
731 }
732
733 r = config_parse(NULL, fn, f, "Manager\0", config_item_table_lookup, (void*) items, false, false, NULL);
734 if (r < 0)
735 log_warning("Failed to parse configuration file: %s", strerror(-r));
736
737 return 0;
738 }
739
740 static int parse_argv(int argc, char *argv[]) {
741
742 enum {
743 ARG_LOG_LEVEL = 0x100,
744 ARG_LOG_TARGET,
745 ARG_LOG_COLOR,
746 ARG_LOG_LOCATION,
747 ARG_UNIT,
748 ARG_SYSTEM,
749 ARG_USER,
750 ARG_TEST,
751 ARG_VERSION,
752 ARG_DUMP_CONFIGURATION_ITEMS,
753 ARG_DUMP_CORE,
754 ARG_CRASH_SHELL,
755 ARG_CONFIRM_SPAWN,
756 ARG_SHOW_STATUS,
757 ARG_DESERIALIZE,
758 ARG_SWITCHED_ROOT,
759 ARG_DEFAULT_STD_OUTPUT,
760 ARG_DEFAULT_STD_ERROR
761 };
762
763 static const struct option options[] = {
764 { "log-level", required_argument, NULL, ARG_LOG_LEVEL },
765 { "log-target", required_argument, NULL, ARG_LOG_TARGET },
766 { "log-color", optional_argument, NULL, ARG_LOG_COLOR },
767 { "log-location", optional_argument, NULL, ARG_LOG_LOCATION },
768 { "unit", required_argument, NULL, ARG_UNIT },
769 { "system", no_argument, NULL, ARG_SYSTEM },
770 { "user", no_argument, NULL, ARG_USER },
771 { "test", no_argument, NULL, ARG_TEST },
772 { "help", no_argument, NULL, 'h' },
773 { "version", no_argument, NULL, ARG_VERSION },
774 { "dump-configuration-items", no_argument, NULL, ARG_DUMP_CONFIGURATION_ITEMS },
775 { "dump-core", optional_argument, NULL, ARG_DUMP_CORE },
776 { "crash-shell", optional_argument, NULL, ARG_CRASH_SHELL },
777 { "confirm-spawn", optional_argument, NULL, ARG_CONFIRM_SPAWN },
778 { "show-status", optional_argument, NULL, ARG_SHOW_STATUS },
779 { "deserialize", required_argument, NULL, ARG_DESERIALIZE },
780 { "switched-root", no_argument, NULL, ARG_SWITCHED_ROOT },
781 { "default-standard-output", required_argument, NULL, ARG_DEFAULT_STD_OUTPUT, },
782 { "default-standard-error", required_argument, NULL, ARG_DEFAULT_STD_ERROR, },
783 {}
784 };
785
786 int c, r;
787
788 assert(argc >= 1);
789 assert(argv);
790
791 if (getpid() == 1)
792 opterr = 0;
793
794 while ((c = getopt_long(argc, argv, "hDbsz:", options, NULL)) >= 0)
795
796 switch (c) {
797
798 case ARG_LOG_LEVEL:
799 r = log_set_max_level_from_string(optarg);
800 if (r < 0) {
801 log_error("Failed to parse log level %s.", optarg);
802 return r;
803 }
804
805 break;
806
807 case ARG_LOG_TARGET:
808 r = log_set_target_from_string(optarg);
809 if (r < 0) {
810 log_error("Failed to parse log target %s.", optarg);
811 return r;
812 }
813
814 break;
815
816 case ARG_LOG_COLOR:
817
818 if (optarg) {
819 r = log_show_color_from_string(optarg);
820 if (r < 0) {
821 log_error("Failed to parse log color setting %s.", optarg);
822 return r;
823 }
824 } else
825 log_show_color(true);
826
827 break;
828
829 case ARG_LOG_LOCATION:
830 if (optarg) {
831 r = log_show_location_from_string(optarg);
832 if (r < 0) {
833 log_error("Failed to parse log location setting %s.", optarg);
834 return r;
835 }
836 } else
837 log_show_location(true);
838
839 break;
840
841 case ARG_DEFAULT_STD_OUTPUT:
842 r = exec_output_from_string(optarg);
843 if (r < 0) {
844 log_error("Failed to parse default standard output setting %s.", optarg);
845 return r;
846 } else
847 arg_default_std_output = r;
848 break;
849
850 case ARG_DEFAULT_STD_ERROR:
851 r = exec_output_from_string(optarg);
852 if (r < 0) {
853 log_error("Failed to parse default standard error output setting %s.", optarg);
854 return r;
855 } else
856 arg_default_std_error = r;
857 break;
858
859 case ARG_UNIT:
860
861 r = set_default_unit(optarg);
862 if (r < 0) {
863 log_error("Failed to set default unit %s: %s", optarg, strerror(-r));
864 return r;
865 }
866
867 break;
868
869 case ARG_SYSTEM:
870 arg_running_as = SYSTEMD_SYSTEM;
871 break;
872
873 case ARG_USER:
874 arg_running_as = SYSTEMD_USER;
875 break;
876
877 case ARG_TEST:
878 arg_action = ACTION_TEST;
879 break;
880
881 case ARG_VERSION:
882 arg_action = ACTION_VERSION;
883 break;
884
885 case ARG_DUMP_CONFIGURATION_ITEMS:
886 arg_action = ACTION_DUMP_CONFIGURATION_ITEMS;
887 break;
888
889 case ARG_DUMP_CORE:
890 r = optarg ? parse_boolean(optarg) : 1;
891 if (r < 0) {
892 log_error("Failed to parse dump core boolean %s.", optarg);
893 return r;
894 }
895 arg_dump_core = r;
896 break;
897
898 case ARG_CRASH_SHELL:
899 r = optarg ? parse_boolean(optarg) : 1;
900 if (r < 0) {
901 log_error("Failed to parse crash shell boolean %s.", optarg);
902 return r;
903 }
904 arg_crash_shell = r;
905 break;
906
907 case ARG_CONFIRM_SPAWN:
908 r = optarg ? parse_boolean(optarg) : 1;
909 if (r < 0) {
910 log_error("Failed to parse confirm spawn boolean %s.", optarg);
911 return r;
912 }
913 arg_confirm_spawn = r;
914 break;
915
916 case ARG_SHOW_STATUS:
917 if (optarg) {
918 r = parse_show_status(optarg, &arg_show_status);
919 if (r < 0) {
920 log_error("Failed to parse show status boolean %s.", optarg);
921 return r;
922 }
923 } else
924 arg_show_status = SHOW_STATUS_YES;
925 break;
926
927 case ARG_DESERIALIZE: {
928 int fd;
929 FILE *f;
930
931 r = safe_atoi(optarg, &fd);
932 if (r < 0 || fd < 0) {
933 log_error("Failed to parse deserialize option %s.", optarg);
934 return r < 0 ? r : -EINVAL;
935 }
936
937 fd_cloexec(fd, true);
938
939 f = fdopen(fd, "r");
940 if (!f) {
941 log_error("Failed to open serialization fd: %m");
942 return -errno;
943 }
944
945 if (arg_serialization)
946 fclose(arg_serialization);
947
948 arg_serialization = f;
949
950 break;
951 }
952
953 case ARG_SWITCHED_ROOT:
954 arg_switched_root = true;
955 break;
956
957 case 'h':
958 arg_action = ACTION_HELP;
959 break;
960
961 case 'D':
962 log_set_max_level(LOG_DEBUG);
963 break;
964
965 case 'b':
966 case 's':
967 case 'z':
968 /* Just to eat away the sysvinit kernel
969 * cmdline args without getopt() error
970 * messages that we'll parse in
971 * parse_proc_cmdline_word() or ignore. */
972
973 case '?':
974 default:
975 if (getpid() != 1) {
976 log_error("Unknown option code %c", c);
977 return -EINVAL;
978 }
979
980 break;
981 }
982
983 if (optind < argc && getpid() != 1) {
984 /* Hmm, when we aren't run as init system
985 * let's complain about excess arguments */
986
987 log_error("Excess arguments.");
988 return -EINVAL;
989 }
990
991 if (detect_container(NULL) > 0) {
992 char **a;
993
994 /* All /proc/cmdline arguments the kernel didn't
995 * understand it passed to us. We're not really
996 * interested in that usually since /proc/cmdline is
997 * more interesting and complete. With one exception:
998 * if we are run in a container /proc/cmdline is not
999 * relevant for the container, hence we rely on argv[]
1000 * instead. */
1001
1002 for (a = argv; a < argv + argc; a++) {
1003 _cleanup_free_ char *w;
1004 char *value;
1005
1006 w = strdup(*a);
1007 if (!w)
1008 return log_oom();
1009
1010 value = strchr(w, '=');
1011 if (value)
1012 *(value++) = 0;
1013
1014 r = parse_proc_cmdline_item(w, value);
1015 if (r < 0) {
1016 log_error("Failed on cmdline argument %s: %s", *a, strerror(-r));
1017 return r;
1018 }
1019 }
1020 }
1021
1022 return 0;
1023 }
1024
1025 static int help(void) {
1026
1027 printf("%s [OPTIONS...]\n\n"
1028 "Starts up and maintains the system or user services.\n\n"
1029 " -h --help Show this help\n"
1030 " --test Determine startup sequence, dump it and exit\n"
1031 " --dump-configuration-items Dump understood unit configuration items\n"
1032 " --unit=UNIT Set default unit\n"
1033 " --system Run a system instance, even if PID != 1\n"
1034 " --user Run a user instance\n"
1035 " --dump-core[=0|1] Dump core on crash\n"
1036 " --crash-shell[=0|1] Run shell on crash\n"
1037 " --confirm-spawn[=0|1] Ask for confirmation when spawning processes\n"
1038 " --show-status[=0|1] Show status updates on the console during bootup\n"
1039 " --log-target=TARGET Set log target (console, journal, syslog, kmsg, journal-or-kmsg, syslog-or-kmsg, null)\n"
1040 " --log-level=LEVEL Set log level (debug, info, notice, warning, err, crit, alert, emerg)\n"
1041 " --log-color[=0|1] Highlight important log messages\n"
1042 " --log-location[=0|1] Include code location in log messages\n"
1043 " --default-standard-output= Set default standard output for services\n"
1044 " --default-standard-error= Set default standard error output for services\n",
1045 program_invocation_short_name);
1046
1047 return 0;
1048 }
1049
1050 static int version(void) {
1051 puts(PACKAGE_STRING);
1052 puts(SYSTEMD_FEATURES);
1053
1054 return 0;
1055 }
1056
1057 static int prepare_reexecute(Manager *m, FILE **_f, FDSet **_fds, bool switching_root) {
1058 FILE *f = NULL;
1059 FDSet *fds = NULL;
1060 int r;
1061
1062 assert(m);
1063 assert(_f);
1064 assert(_fds);
1065
1066 r = manager_open_serialization(m, &f);
1067 if (r < 0) {
1068 log_error("Failed to create serialization file: %s", strerror(-r));
1069 goto fail;
1070 }
1071
1072 /* Make sure nothing is really destructed when we shut down */
1073 m->n_reloading ++;
1074 bus_manager_send_reloading(m, true);
1075
1076 fds = fdset_new();
1077 if (!fds) {
1078 r = -ENOMEM;
1079 log_error("Failed to allocate fd set: %s", strerror(-r));
1080 goto fail;
1081 }
1082
1083 r = manager_serialize(m, f, fds, switching_root);
1084 if (r < 0) {
1085 log_error("Failed to serialize state: %s", strerror(-r));
1086 goto fail;
1087 }
1088
1089 if (fseeko(f, 0, SEEK_SET) < 0) {
1090 log_error("Failed to rewind serialization fd: %m");
1091 goto fail;
1092 }
1093
1094 r = fd_cloexec(fileno(f), false);
1095 if (r < 0) {
1096 log_error("Failed to disable O_CLOEXEC for serialization: %s", strerror(-r));
1097 goto fail;
1098 }
1099
1100 r = fdset_cloexec(fds, false);
1101 if (r < 0) {
1102 log_error("Failed to disable O_CLOEXEC for serialization fds: %s", strerror(-r));
1103 goto fail;
1104 }
1105
1106 *_f = f;
1107 *_fds = fds;
1108
1109 return 0;
1110
1111 fail:
1112 fdset_free(fds);
1113
1114 if (f)
1115 fclose(f);
1116
1117 return r;
1118 }
1119
1120 static int bump_rlimit_nofile(struct rlimit *saved_rlimit) {
1121 struct rlimit nl;
1122 int r;
1123
1124 assert(saved_rlimit);
1125
1126 /* Save the original RLIMIT_NOFILE so that we can reset it
1127 * later when transitioning from the initrd to the main
1128 * systemd or suchlike. */
1129 if (getrlimit(RLIMIT_NOFILE, saved_rlimit) < 0) {
1130 log_error("Reading RLIMIT_NOFILE failed: %m");
1131 return -errno;
1132 }
1133
1134 /* Make sure forked processes get the default kernel setting */
1135 if (!arg_default_rlimit[RLIMIT_NOFILE]) {
1136 struct rlimit *rl;
1137
1138 rl = newdup(struct rlimit, saved_rlimit, 1);
1139 if (!rl)
1140 return log_oom();
1141
1142 arg_default_rlimit[RLIMIT_NOFILE] = rl;
1143 }
1144
1145 /* Bump up the resource limit for ourselves substantially */
1146 nl.rlim_cur = nl.rlim_max = 64*1024;
1147 r = setrlimit_closest(RLIMIT_NOFILE, &nl);
1148 if (r < 0) {
1149 log_error("Setting RLIMIT_NOFILE failed: %s", strerror(-r));
1150 return r;
1151 }
1152
1153 return 0;
1154 }
1155
1156 static void test_mtab(void) {
1157 char *p;
1158
1159 /* Check that /etc/mtab is a symlink */
1160
1161 if (readlink_malloc("/etc/mtab", &p) >= 0) {
1162 bool b;
1163
1164 b = streq(p, "/proc/self/mounts") || streq(p, "/proc/mounts");
1165 free(p);
1166
1167 if (b)
1168 return;
1169 }
1170
1171 log_warning("/etc/mtab is not a symlink or not pointing to /proc/self/mounts. "
1172 "This is not supported anymore. "
1173 "Please make sure to replace this file by a symlink to avoid incorrect or misleading mount(8) output.");
1174 }
1175
1176 static void test_usr(void) {
1177
1178 /* Check that /usr is not a separate fs */
1179
1180 if (dir_is_empty("/usr") <= 0)
1181 return;
1182
1183 log_warning("/usr appears to be on its own filesytem and is not already mounted. This is not a supported setup. "
1184 "Some things will probably break (sometimes even silently) in mysterious ways. "
1185 "Consult http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken for more information.");
1186 }
1187
1188 static void test_cgroups(void) {
1189
1190 if (access("/proc/cgroups", F_OK) >= 0)
1191 return;
1192
1193 log_warning("CONFIG_CGROUPS was not set when your kernel was compiled. "
1194 "Systems without control groups are not supported. "
1195 "We will now sleep for 10s, and then continue boot-up. "
1196 "Expect breakage and please do not file bugs. "
1197 "Instead fix your kernel and enable CONFIG_CGROUPS. "
1198 "Consult http://0pointer.de/blog/projects/cgroups-vs-cgroups.html for more information.");
1199
1200 sleep(10);
1201 }
1202
1203 static int initialize_join_controllers(void) {
1204 /* By default, mount "cpu" + "cpuacct" together, and "net_cls"
1205 * + "net_prio". We'd like to add "cpuset" to the mix, but
1206 * "cpuset" does't really work for groups with no initialized
1207 * attributes. */
1208
1209 arg_join_controllers = new(char**, 3);
1210 if (!arg_join_controllers)
1211 return -ENOMEM;
1212
1213 arg_join_controllers[0] = strv_new("cpu", "cpuacct", NULL);
1214 arg_join_controllers[1] = strv_new("net_cls", "net_prio", NULL);
1215 arg_join_controllers[2] = NULL;
1216
1217 if (!arg_join_controllers[0] || !arg_join_controllers[1]) {
1218 free_join_controllers();
1219 return -ENOMEM;
1220 }
1221
1222 return 0;
1223 }
1224
1225 static int enforce_syscall_archs(Set *archs) {
1226 #ifdef HAVE_SECCOMP
1227 scmp_filter_ctx *seccomp;
1228 Iterator i;
1229 void *id;
1230 int r;
1231
1232 seccomp = seccomp_init(SCMP_ACT_ALLOW);
1233 if (!seccomp)
1234 return log_oom();
1235
1236 SET_FOREACH(id, arg_syscall_archs, i) {
1237 r = seccomp_arch_add(seccomp, PTR_TO_UINT32(id) - 1);
1238 if (r == -EEXIST)
1239 continue;
1240 if (r < 0) {
1241 log_error("Failed to add architecture to seccomp: %s", strerror(-r));
1242 goto finish;
1243 }
1244 }
1245
1246 r = seccomp_attr_set(seccomp, SCMP_FLTATR_CTL_NNP, 0);
1247 if (r < 0) {
1248 log_error("Failed to unset NO_NEW_PRIVS: %s", strerror(-r));
1249 goto finish;
1250 }
1251
1252 r = seccomp_load(seccomp);
1253 if (r < 0)
1254 log_error("Failed to add install architecture seccomp: %s", strerror(-r));
1255
1256 finish:
1257 seccomp_release(seccomp);
1258 return r;
1259 #else
1260 return 0;
1261 #endif
1262 }
1263
1264 static int status_welcome(void) {
1265 _cleanup_free_ char *pretty_name = NULL, *ansi_color = NULL;
1266 int r;
1267
1268 r = parse_env_file("/etc/os-release", NEWLINE,
1269 "PRETTY_NAME", &pretty_name,
1270 "ANSI_COLOR", &ansi_color,
1271 NULL);
1272
1273 if (r < 0 && r != -ENOENT)
1274 log_warning("Failed to read /etc/os-release: %s", strerror(-r));
1275
1276 return status_printf(NULL, false, false,
1277 "\nWelcome to \x1B[%sm%s\x1B[0m!\n",
1278 isempty(ansi_color) ? "1" : ansi_color,
1279 isempty(pretty_name) ? "Linux" : pretty_name);
1280 }
1281
1282 int main(int argc, char *argv[]) {
1283 Manager *m = NULL;
1284 int r, retval = EXIT_FAILURE;
1285 usec_t before_startup, after_startup;
1286 char timespan[FORMAT_TIMESPAN_MAX];
1287 FDSet *fds = NULL;
1288 bool reexecute = false;
1289 const char *shutdown_verb = NULL;
1290 dual_timestamp initrd_timestamp = { 0ULL, 0ULL };
1291 dual_timestamp userspace_timestamp = { 0ULL, 0ULL };
1292 dual_timestamp kernel_timestamp = { 0ULL, 0ULL };
1293 dual_timestamp security_start_timestamp = { 0ULL, 0ULL };
1294 dual_timestamp security_finish_timestamp = { 0ULL, 0ULL };
1295 static char systemd[] = "systemd";
1296 bool skip_setup = false;
1297 unsigned j;
1298 bool loaded_policy = false;
1299 bool arm_reboot_watchdog = false;
1300 bool queue_default_job = false;
1301 char *switch_root_dir = NULL, *switch_root_init = NULL;
1302 static struct rlimit saved_rlimit_nofile = { 0, 0 };
1303
1304 #ifdef HAVE_SYSV_COMPAT
1305 if (getpid() != 1 && strstr(program_invocation_short_name, "init")) {
1306 /* This is compatibility support for SysV, where
1307 * calling init as a user is identical to telinit. */
1308
1309 errno = -ENOENT;
1310 execv(SYSTEMCTL_BINARY_PATH, argv);
1311 log_error("Failed to exec " SYSTEMCTL_BINARY_PATH ": %m");
1312 return 1;
1313 }
1314 #endif
1315
1316 dual_timestamp_from_monotonic(&kernel_timestamp, 0);
1317 dual_timestamp_get(&userspace_timestamp);
1318
1319 /* Determine if this is a reexecution or normal bootup. We do
1320 * the full command line parsing much later, so let's just
1321 * have a quick peek here. */
1322 if (strv_find(argv+1, "--deserialize"))
1323 skip_setup = true;
1324
1325 /* If we have switched root, do all the special setup
1326 * things */
1327 if (strv_find(argv+1, "--switched-root"))
1328 skip_setup = false;
1329
1330 /* If we get started via the /sbin/init symlink then we are
1331 called 'init'. After a subsequent reexecution we are then
1332 called 'systemd'. That is confusing, hence let's call us
1333 systemd right-away. */
1334 program_invocation_short_name = systemd;
1335 prctl(PR_SET_NAME, systemd);
1336
1337 saved_argv = argv;
1338 saved_argc = argc;
1339
1340 log_show_color(isatty(STDERR_FILENO) > 0);
1341
1342 /* Disable the umask logic */
1343 if (getpid() == 1)
1344 umask(0);
1345
1346 if (getpid() == 1 && detect_container(NULL) <= 0) {
1347
1348 /* Running outside of a container as PID 1 */
1349 arg_running_as = SYSTEMD_SYSTEM;
1350 make_null_stdio();
1351 log_set_target(LOG_TARGET_KMSG);
1352 log_open();
1353
1354 if (in_initrd())
1355 initrd_timestamp = userspace_timestamp;
1356
1357 if (!skip_setup) {
1358 mount_setup_early();
1359 dual_timestamp_get(&security_start_timestamp);
1360 if (selinux_setup(&loaded_policy) < 0)
1361 goto finish;
1362 if (ima_setup() < 0)
1363 goto finish;
1364 if (smack_setup(&loaded_policy) < 0)
1365 goto finish;
1366 dual_timestamp_get(&security_finish_timestamp);
1367 }
1368
1369 if (label_init(NULL) < 0)
1370 goto finish;
1371
1372 if (!skip_setup) {
1373 if (hwclock_is_localtime() > 0) {
1374 int min;
1375
1376 /* The first-time call to settimeofday() does a time warp in the kernel */
1377 r = hwclock_set_timezone(&min);
1378 if (r < 0)
1379 log_error("Failed to apply local time delta, ignoring: %s", strerror(-r));
1380 else
1381 log_info("RTC configured in localtime, applying delta of %i minutes to system time.", min);
1382 } else if (!in_initrd()) {
1383 /*
1384 * Do dummy first-time call to seal the kernel's time warp magic
1385 *
1386 * Do not call this this from inside the initrd. The initrd might not
1387 * carry /etc/adjtime with LOCAL, but the real system could be set up
1388 * that way. In such case, we need to delay the time-warp or the sealing
1389 * until we reach the real system.
1390 */
1391 hwclock_reset_timezone();
1392
1393 /* Tell the kernel our timezone */
1394 r = hwclock_set_timezone(NULL);
1395 if (r < 0)
1396 log_error("Failed to set the kernel's timezone, ignoring: %s", strerror(-r));
1397 }
1398 }
1399
1400 /* Set the default for later on, but don't actually
1401 * open the logs like this for now. Note that if we
1402 * are transitioning from the initrd there might still
1403 * be journal fd open, and we shouldn't attempt
1404 * opening that before we parsed /proc/cmdline which
1405 * might redirect output elsewhere. */
1406 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
1407
1408 } else if (getpid() == 1) {
1409 /* Running inside a container, as PID 1 */
1410 arg_running_as = SYSTEMD_SYSTEM;
1411 log_set_target(LOG_TARGET_CONSOLE);
1412 log_close_console(); /* force reopen of /dev/console */
1413 log_open();
1414
1415 /* For the later on, see above... */
1416 log_set_target(LOG_TARGET_JOURNAL);
1417
1418 /* clear the kernel timestamp,
1419 * because we are in a container */
1420 kernel_timestamp.monotonic = 0ULL;
1421 kernel_timestamp.realtime = 0ULL;
1422
1423 } else {
1424 /* Running as user instance */
1425 arg_running_as = SYSTEMD_USER;
1426 log_set_target(LOG_TARGET_AUTO);
1427 log_open();
1428
1429 /* clear the kernel timestamp,
1430 * because we are not PID 1 */
1431 kernel_timestamp.monotonic = 0ULL;
1432 kernel_timestamp.realtime = 0ULL;
1433 }
1434
1435 /* Initialize default unit */
1436 r = set_default_unit(SPECIAL_DEFAULT_TARGET);
1437 if (r < 0) {
1438 log_error("Failed to set default unit %s: %s", SPECIAL_DEFAULT_TARGET, strerror(-r));
1439 goto finish;
1440 }
1441
1442 r = initialize_join_controllers();
1443 if (r < 0)
1444 goto finish;
1445
1446 /* Mount /proc, /sys and friends, so that /proc/cmdline and
1447 * /proc/$PID/fd is available. */
1448 if (getpid() == 1) {
1449 r = mount_setup(loaded_policy);
1450 if (r < 0)
1451 goto finish;
1452 }
1453
1454 /* Reset all signal handlers. */
1455 assert_se(reset_all_signal_handlers() == 0);
1456
1457 ignore_signals(SIGNALS_IGNORE, -1);
1458
1459 if (parse_config_file() < 0)
1460 goto finish;
1461
1462 if (arg_running_as == SYSTEMD_SYSTEM)
1463 if (parse_proc_cmdline(parse_proc_cmdline_item) < 0)
1464 goto finish;
1465
1466 log_parse_environment();
1467
1468 if (parse_argv(argc, argv) < 0)
1469 goto finish;
1470
1471 if (arg_action == ACTION_TEST &&
1472 geteuid() == 0) {
1473 log_error("Don't run test mode as root.");
1474 goto finish;
1475 }
1476
1477 if (arg_running_as == SYSTEMD_USER &&
1478 arg_action == ACTION_RUN &&
1479 sd_booted() <= 0) {
1480 log_error("Trying to run as user instance, but the system has not been booted with systemd.");
1481 goto finish;
1482 }
1483
1484 if (arg_running_as == SYSTEMD_SYSTEM &&
1485 arg_action == ACTION_RUN &&
1486 running_in_chroot() > 0) {
1487 log_error("Cannot be run in a chroot() environment.");
1488 goto finish;
1489 }
1490
1491 if (arg_action == ACTION_HELP) {
1492 retval = help();
1493 goto finish;
1494 } else if (arg_action == ACTION_VERSION) {
1495 retval = version();
1496 goto finish;
1497 } else if (arg_action == ACTION_DUMP_CONFIGURATION_ITEMS) {
1498 unit_dump_config_items(stdout);
1499 retval = EXIT_SUCCESS;
1500 goto finish;
1501 } else if (arg_action == ACTION_DONE) {
1502 retval = EXIT_SUCCESS;
1503 goto finish;
1504 }
1505
1506 if (arg_running_as == SYSTEMD_USER &&
1507 !getenv("XDG_RUNTIME_DIR")) {
1508 log_error("Trying to run as user instance, but $XDG_RUNTIME_DIR is not set.");
1509 goto finish;
1510 }
1511
1512 assert_se(arg_action == ACTION_RUN || arg_action == ACTION_TEST);
1513
1514 /* Close logging fds, in order not to confuse fdset below */
1515 log_close();
1516
1517 /* Remember open file descriptors for later deserialization */
1518 r = fdset_new_fill(&fds);
1519 if (r < 0) {
1520 log_error("Failed to allocate fd set: %s", strerror(-r));
1521 goto finish;
1522 } else
1523 fdset_cloexec(fds, true);
1524
1525 if (arg_serialization)
1526 assert_se(fdset_remove(fds, fileno(arg_serialization)) >= 0);
1527
1528 if (arg_running_as == SYSTEMD_SYSTEM)
1529 /* Become a session leader if we aren't one yet. */
1530 setsid();
1531
1532 /* Move out of the way, so that we won't block unmounts */
1533 assert_se(chdir("/") == 0);
1534
1535 /* Reset the console, but only if this is really init and we
1536 * are freshly booted */
1537 if (arg_running_as == SYSTEMD_SYSTEM && arg_action == ACTION_RUN)
1538 console_setup(getpid() == 1 && !skip_setup);
1539
1540 /* Open the logging devices, if possible and necessary */
1541 log_open();
1542
1543 if (arg_show_status == _SHOW_STATUS_UNSET)
1544 arg_show_status = SHOW_STATUS_YES;
1545
1546 /* Make sure we leave a core dump without panicing the
1547 * kernel. */
1548 if (getpid() == 1) {
1549 install_crash_handler();
1550
1551 r = mount_cgroup_controllers(arg_join_controllers);
1552 if (r < 0)
1553 goto finish;
1554 }
1555
1556 if (arg_running_as == SYSTEMD_SYSTEM) {
1557 const char *virtualization = NULL;
1558
1559 log_info(PACKAGE_STRING " running in system mode. (" SYSTEMD_FEATURES ")");
1560
1561 detect_virtualization(&virtualization);
1562 if (virtualization)
1563 log_info("Detected virtualization '%s'.", virtualization);
1564
1565 log_info("Detected architecture '%s'.", architecture_to_string(uname_architecture()));
1566
1567 if (in_initrd())
1568 log_info("Running in initial RAM disk.");
1569
1570 } else {
1571 _cleanup_free_ char *t = uid_to_name(getuid());
1572 log_debug(PACKAGE_STRING " running in user mode for user "PID_FMT"/%s. (" SYSTEMD_FEATURES ")",
1573 getuid(), t);
1574 }
1575
1576 if (arg_running_as == SYSTEMD_SYSTEM && !skip_setup) {
1577 if (arg_show_status > 0 || plymouth_running())
1578 status_welcome();
1579
1580 #ifdef HAVE_KMOD
1581 if (detect_container(NULL) <= 0)
1582 kmod_setup();
1583 #endif
1584 hostname_setup();
1585 machine_id_setup("");
1586 loopback_setup();
1587
1588 test_mtab();
1589 test_usr();
1590 test_cgroups();
1591 }
1592
1593 if (arg_running_as == SYSTEMD_SYSTEM && arg_runtime_watchdog > 0)
1594 watchdog_set_timeout(&arg_runtime_watchdog);
1595
1596 if (arg_timer_slack_nsec != (nsec_t) -1)
1597 if (prctl(PR_SET_TIMERSLACK, arg_timer_slack_nsec) < 0)
1598 log_error("Failed to adjust timer slack: %m");
1599
1600 if (arg_capability_bounding_set_drop) {
1601 r = capability_bounding_set_drop_usermode(arg_capability_bounding_set_drop);
1602 if (r < 0) {
1603 log_error("Failed to drop capability bounding set of usermode helpers: %s", strerror(-r));
1604 goto finish;
1605 }
1606 r = capability_bounding_set_drop(arg_capability_bounding_set_drop, true);
1607 if (r < 0) {
1608 log_error("Failed to drop capability bounding set: %s", strerror(-r));
1609 goto finish;
1610 }
1611 }
1612
1613 if (arg_syscall_archs) {
1614 r = enforce_syscall_archs(arg_syscall_archs);
1615 if (r < 0)
1616 goto finish;
1617 }
1618
1619 if (arg_running_as == SYSTEMD_USER) {
1620 /* Become reaper of our children */
1621 if (prctl(PR_SET_CHILD_SUBREAPER, 1) < 0) {
1622 log_warning("Failed to make us a subreaper: %m");
1623 if (errno == EINVAL)
1624 log_info("Perhaps the kernel version is too old (< 3.4?)");
1625 }
1626 }
1627
1628 if (arg_running_as == SYSTEMD_SYSTEM)
1629 bump_rlimit_nofile(&saved_rlimit_nofile);
1630
1631 r = manager_new(arg_running_as, &m);
1632 if (r < 0) {
1633 log_error("Failed to allocate manager object: %s", strerror(-r));
1634 goto finish;
1635 }
1636
1637 m->confirm_spawn = arg_confirm_spawn;
1638 m->default_std_output = arg_default_std_output;
1639 m->default_std_error = arg_default_std_error;
1640 m->default_restart_usec = arg_default_restart_usec;
1641 m->default_timeout_start_usec = arg_default_timeout_start_usec;
1642 m->default_timeout_stop_usec = arg_default_timeout_stop_usec;
1643 m->default_start_limit_interval = arg_default_start_limit_interval;
1644 m->default_start_limit_burst = arg_default_start_limit_burst;
1645 m->default_cpu_accounting = arg_default_cpu_accounting;
1646 m->default_blockio_accounting = arg_default_blockio_accounting;
1647 m->default_memory_accounting = arg_default_memory_accounting;
1648 m->runtime_watchdog = arg_runtime_watchdog;
1649 m->shutdown_watchdog = arg_shutdown_watchdog;
1650 m->userspace_timestamp = userspace_timestamp;
1651 m->kernel_timestamp = kernel_timestamp;
1652 m->initrd_timestamp = initrd_timestamp;
1653 m->security_start_timestamp = security_start_timestamp;
1654 m->security_finish_timestamp = security_finish_timestamp;
1655
1656 manager_set_default_rlimits(m, arg_default_rlimit);
1657 manager_environment_add(m, NULL, arg_default_environment);
1658 manager_set_show_status(m, arg_show_status);
1659
1660 /* Remember whether we should queue the default job */
1661 queue_default_job = !arg_serialization || arg_switched_root;
1662
1663 before_startup = now(CLOCK_MONOTONIC);
1664
1665 r = manager_startup(m, arg_serialization, fds);
1666 if (r < 0)
1667 log_error("Failed to fully start up daemon: %s", strerror(-r));
1668
1669 /* This will close all file descriptors that were opened, but
1670 * not claimed by any unit. */
1671 fdset_free(fds);
1672 fds = NULL;
1673
1674 if (arg_serialization) {
1675 fclose(arg_serialization);
1676 arg_serialization = NULL;
1677 }
1678
1679 if (queue_default_job) {
1680 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1681 Unit *target = NULL;
1682 Job *default_unit_job;
1683
1684 log_debug("Activating default unit: %s", arg_default_unit);
1685
1686 r = manager_load_unit(m, arg_default_unit, NULL, &error, &target);
1687 if (r < 0)
1688 log_error("Failed to load default target: %s", bus_error_message(&error, r));
1689 else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND)
1690 log_error("Failed to load default target: %s", strerror(-target->load_error));
1691 else if (target->load_state == UNIT_MASKED)
1692 log_error("Default target masked.");
1693
1694 if (!target || target->load_state != UNIT_LOADED) {
1695 log_info("Trying to load rescue target...");
1696
1697 r = manager_load_unit(m, SPECIAL_RESCUE_TARGET, NULL, &error, &target);
1698 if (r < 0) {
1699 log_error("Failed to load rescue target: %s", bus_error_message(&error, r));
1700 goto finish;
1701 } else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND) {
1702 log_error("Failed to load rescue target: %s", strerror(-target->load_error));
1703 goto finish;
1704 } else if (target->load_state == UNIT_MASKED) {
1705 log_error("Rescue target masked.");
1706 goto finish;
1707 }
1708 }
1709
1710 assert(target->load_state == UNIT_LOADED);
1711
1712 if (arg_action == ACTION_TEST) {
1713 printf("-> By units:\n");
1714 manager_dump_units(m, stdout, "\t");
1715 }
1716
1717 r = manager_add_job(m, JOB_START, target, JOB_ISOLATE, false, &error, &default_unit_job);
1718 if (r == -EPERM) {
1719 log_debug("Default target could not be isolated, starting instead: %s", bus_error_message(&error, r));
1720
1721 r = manager_add_job(m, JOB_START, target, JOB_REPLACE, false, &error, &default_unit_job);
1722 if (r < 0) {
1723 log_error("Failed to start default target: %s", bus_error_message(&error, r));
1724 goto finish;
1725 }
1726 } else if (r < 0) {
1727 log_error("Failed to isolate default target: %s", bus_error_message(&error, r));
1728 goto finish;
1729 }
1730
1731 m->default_unit_job_id = default_unit_job->id;
1732
1733 after_startup = now(CLOCK_MONOTONIC);
1734 log_full(arg_action == ACTION_TEST ? LOG_INFO : LOG_DEBUG,
1735 "Loaded units and determined initial transaction in %s.",
1736 format_timespan(timespan, sizeof(timespan), after_startup - before_startup, 0));
1737
1738 if (arg_action == ACTION_TEST) {
1739 printf("-> By jobs:\n");
1740 manager_dump_jobs(m, stdout, "\t");
1741 retval = EXIT_SUCCESS;
1742 goto finish;
1743 }
1744 }
1745
1746 for (;;) {
1747 r = manager_loop(m);
1748 if (r < 0) {
1749 log_error("Failed to run mainloop: %s", strerror(-r));
1750 goto finish;
1751 }
1752
1753 switch (m->exit_code) {
1754
1755 case MANAGER_EXIT:
1756 retval = EXIT_SUCCESS;
1757 log_debug("Exit.");
1758 goto finish;
1759
1760 case MANAGER_RELOAD:
1761 log_info("Reloading.");
1762 r = manager_reload(m);
1763 if (r < 0)
1764 log_error("Failed to reload: %s", strerror(-r));
1765 break;
1766
1767 case MANAGER_REEXECUTE:
1768
1769 if (prepare_reexecute(m, &arg_serialization, &fds, false) < 0)
1770 goto finish;
1771
1772 reexecute = true;
1773 log_notice("Reexecuting.");
1774 goto finish;
1775
1776 case MANAGER_SWITCH_ROOT:
1777 /* Steal the switch root parameters */
1778 switch_root_dir = m->switch_root;
1779 switch_root_init = m->switch_root_init;
1780 m->switch_root = m->switch_root_init = NULL;
1781
1782 if (!switch_root_init)
1783 if (prepare_reexecute(m, &arg_serialization, &fds, true) < 0)
1784 goto finish;
1785
1786 reexecute = true;
1787 log_notice("Switching root.");
1788 goto finish;
1789
1790 case MANAGER_REBOOT:
1791 case MANAGER_POWEROFF:
1792 case MANAGER_HALT:
1793 case MANAGER_KEXEC: {
1794 static const char * const table[_MANAGER_EXIT_CODE_MAX] = {
1795 [MANAGER_REBOOT] = "reboot",
1796 [MANAGER_POWEROFF] = "poweroff",
1797 [MANAGER_HALT] = "halt",
1798 [MANAGER_KEXEC] = "kexec"
1799 };
1800
1801 assert_se(shutdown_verb = table[m->exit_code]);
1802 arm_reboot_watchdog = m->exit_code == MANAGER_REBOOT;
1803
1804 log_notice("Shutting down.");
1805 goto finish;
1806 }
1807
1808 default:
1809 assert_not_reached("Unknown exit code.");
1810 }
1811 }
1812
1813 finish:
1814 if (m) {
1815 manager_free(m);
1816 m = NULL;
1817 }
1818
1819 for (j = 0; j < ELEMENTSOF(arg_default_rlimit); j++) {
1820 free(arg_default_rlimit[j]);
1821 arg_default_rlimit[j] = NULL;
1822 }
1823
1824 free(arg_default_unit);
1825 arg_default_unit = NULL;
1826
1827 free_join_controllers();
1828
1829 strv_free(arg_default_environment);
1830 arg_default_environment = NULL;
1831
1832 set_free(arg_syscall_archs);
1833 arg_syscall_archs = NULL;
1834
1835 label_finish();
1836
1837 if (reexecute) {
1838 const char **args;
1839 unsigned i, args_size;
1840
1841 /* Close and disarm the watchdog, so that the new
1842 * instance can reinitialize it, but doesn't get
1843 * rebooted while we do that */
1844 watchdog_close(true);
1845
1846 /* Reset the RLIMIT_NOFILE to the kernel default, so
1847 * that the new systemd can pass the kernel default to
1848 * its child processes */
1849 if (saved_rlimit_nofile.rlim_cur > 0)
1850 setrlimit(RLIMIT_NOFILE, &saved_rlimit_nofile);
1851
1852 if (switch_root_dir) {
1853 /* Kill all remaining processes from the
1854 * initrd, but don't wait for them, so that we
1855 * can handle the SIGCHLD for them after
1856 * deserializing. */
1857 broadcast_signal(SIGTERM, false, true);
1858
1859 /* And switch root */
1860 r = switch_root(switch_root_dir);
1861 if (r < 0)
1862 log_error("Failed to switch root, ignoring: %s", strerror(-r));
1863 }
1864
1865 args_size = MAX(6, argc+1);
1866 args = newa(const char*, args_size);
1867
1868 if (!switch_root_init) {
1869 char sfd[16];
1870
1871 /* First try to spawn ourselves with the right
1872 * path, and with full serialization. We do
1873 * this only if the user didn't specify an
1874 * explicit init to spawn. */
1875
1876 assert(arg_serialization);
1877 assert(fds);
1878
1879 snprintf(sfd, sizeof(sfd), "%i", fileno(arg_serialization));
1880 char_array_0(sfd);
1881
1882 i = 0;
1883 args[i++] = SYSTEMD_BINARY_PATH;
1884 if (switch_root_dir)
1885 args[i++] = "--switched-root";
1886 args[i++] = arg_running_as == SYSTEMD_SYSTEM ? "--system" : "--user";
1887 args[i++] = "--deserialize";
1888 args[i++] = sfd;
1889 args[i++] = NULL;
1890
1891 /* do not pass along the environment we inherit from the kernel or initrd */
1892 if (switch_root_dir)
1893 clearenv();
1894
1895 assert(i <= args_size);
1896 execv(args[0], (char* const*) args);
1897 }
1898
1899 /* Try the fallback, if there is any, without any
1900 * serialization. We pass the original argv[] and
1901 * envp[]. (Well, modulo the ordering changes due to
1902 * getopt() in argv[], and some cleanups in envp[],
1903 * but let's hope that doesn't matter.) */
1904
1905 if (arg_serialization) {
1906 fclose(arg_serialization);
1907 arg_serialization = NULL;
1908 }
1909
1910 if (fds) {
1911 fdset_free(fds);
1912 fds = NULL;
1913 }
1914
1915 /* Reopen the console */
1916 make_console_stdio();
1917
1918 for (j = 1, i = 1; j < (unsigned) argc; j++)
1919 args[i++] = argv[j];
1920 args[i++] = NULL;
1921 assert(i <= args_size);
1922
1923 if (switch_root_init) {
1924 args[0] = switch_root_init;
1925 execv(args[0], (char* const*) args);
1926 log_warning("Failed to execute configured init, trying fallback: %m");
1927 }
1928
1929 args[0] = "/sbin/init";
1930 execv(args[0], (char* const*) args);
1931
1932 if (errno == ENOENT) {
1933 log_warning("No /sbin/init, trying fallback");
1934
1935 args[0] = "/bin/sh";
1936 args[1] = NULL;
1937 execv(args[0], (char* const*) args);
1938 log_error("Failed to execute /bin/sh, giving up: %m");
1939 } else
1940 log_warning("Failed to execute /sbin/init, giving up: %m");
1941 }
1942
1943 if (arg_serialization) {
1944 fclose(arg_serialization);
1945 arg_serialization = NULL;
1946 }
1947
1948 if (fds) {
1949 fdset_free(fds);
1950 fds = NULL;
1951 }
1952
1953 #ifdef HAVE_VALGRIND_VALGRIND_H
1954 /* If we are PID 1 and running under valgrind, then let's exit
1955 * here explicitly. valgrind will only generate nice output on
1956 * exit(), not on exec(), hence let's do the former not the
1957 * latter here. */
1958 if (getpid() == 1 && RUNNING_ON_VALGRIND)
1959 return 0;
1960 #endif
1961
1962 if (shutdown_verb) {
1963 char log_level[DECIMAL_STR_MAX(int) + 1];
1964 const char* command_line[9] = {
1965 SYSTEMD_SHUTDOWN_BINARY_PATH,
1966 shutdown_verb,
1967 "--log-level", log_level,
1968 "--log-target",
1969 };
1970 unsigned pos = 5;
1971 _cleanup_strv_free_ char **env_block = NULL;
1972
1973 assert(command_line[pos] == NULL);
1974 env_block = strv_copy(environ);
1975
1976 snprintf(log_level, sizeof(log_level), "%d", log_get_max_level());
1977
1978 switch (log_get_target()) {
1979 case LOG_TARGET_KMSG:
1980 case LOG_TARGET_JOURNAL_OR_KMSG:
1981 case LOG_TARGET_SYSLOG_OR_KMSG:
1982 command_line[pos++] = "kmsg";
1983 break;
1984
1985 case LOG_TARGET_CONSOLE:
1986 default:
1987 command_line[pos++] = "console";
1988 break;
1989 };
1990
1991 if (log_get_show_color())
1992 command_line[pos++] = "--log-color";
1993
1994 if (log_get_show_location())
1995 command_line[pos++] = "--log-location";
1996
1997 assert(pos < ELEMENTSOF(command_line));
1998
1999 if (arm_reboot_watchdog && arg_shutdown_watchdog > 0) {
2000 char *e;
2001
2002 /* If we reboot let's set the shutdown
2003 * watchdog and tell the shutdown binary to
2004 * repeatedly ping it */
2005 watchdog_set_timeout(&arg_shutdown_watchdog);
2006 watchdog_close(false);
2007
2008 /* Tell the binary how often to ping, ignore failure */
2009 if (asprintf(&e, "WATCHDOG_USEC="USEC_FMT, arg_shutdown_watchdog) > 0)
2010 strv_push(&env_block, e);
2011 } else
2012 watchdog_close(true);
2013
2014 /* Avoid the creation of new processes forked by the
2015 * kernel; at this point, we will not listen to the
2016 * signals anyway */
2017 if (detect_container(NULL) <= 0)
2018 cg_uninstall_release_agent(SYSTEMD_CGROUP_CONTROLLER);
2019
2020 execve(SYSTEMD_SHUTDOWN_BINARY_PATH, (char **) command_line, env_block);
2021 log_error("Failed to execute shutdown binary, %s: %m",
2022 getpid() == 1 ? "freezing" : "quitting");
2023 }
2024
2025 if (getpid() == 1)
2026 freeze();
2027
2028 return retval;
2029 }
Unnamed repository; edit this file 'description' to name the repository.