]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/main.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #7560 from poettering/refactor-main
[thirdparty/systemd.git] / src / core / main.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
11
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
16
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
19 ***/
20
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <getopt.h>
24 #include <signal.h>
25 #include <stdio.h>
26 #include <string.h>
27 #include <sys/mount.h>
28 #include <sys/prctl.h>
29 #include <sys/reboot.h>
30 #include <sys/stat.h>
31 #include <unistd.h>
32 #if HAVE_SECCOMP
33 #include <seccomp.h>
34 #endif
35 #if HAVE_VALGRIND_VALGRIND_H
36 #include <valgrind/valgrind.h>
37 #endif
38
39 #include "sd-bus.h"
40 #include "sd-daemon.h"
41
42 #include "alloc-util.h"
43 #include "architecture.h"
44 #include "build.h"
45 #include "bus-error.h"
46 #include "bus-util.h"
47 #include "capability-util.h"
48 #include "clock-util.h"
49 #include "conf-parser.h"
50 #include "cpu-set-util.h"
51 #include "dbus-manager.h"
52 #include "def.h"
53 #include "emergency-action.h"
54 #include "env-util.h"
55 #include "fd-util.h"
56 #include "fdset.h"
57 #include "fileio.h"
58 #include "format-util.h"
59 #include "fs-util.h"
60 #include "hostname-setup.h"
61 #include "ima-setup.h"
62 #include "killall.h"
63 #include "kmod-setup.h"
64 #include "load-fragment.h"
65 #include "log.h"
66 #include "loopback-setup.h"
67 #include "machine-id-setup.h"
68 #include "manager.h"
69 #include "missing.h"
70 #include "mount-setup.h"
71 #include "pager.h"
72 #include "parse-util.h"
73 #include "path-util.h"
74 #include "proc-cmdline.h"
75 #include "process-util.h"
76 #include "raw-clone.h"
77 #include "rlimit-util.h"
78 #if HAVE_SECCOMP
79 #include "seccomp-util.h"
80 #endif
81 #include "selinux-setup.h"
82 #include "selinux-util.h"
83 #include "signal-util.h"
84 #include "smack-setup.h"
85 #include "special.h"
86 #include "stat-util.h"
87 #include "stdio-util.h"
88 #include "strv.h"
89 #include "switch-root.h"
90 #include "terminal-util.h"
91 #include "umask-util.h"
92 #include "user-util.h"
93 #include "virt.h"
94 #include "watchdog.h"
95
96 static enum {
97 ACTION_RUN,
98 ACTION_HELP,
99 ACTION_VERSION,
100 ACTION_TEST,
101 ACTION_DUMP_CONFIGURATION_ITEMS
102 } arg_action = ACTION_RUN;
103 static char *arg_default_unit = NULL;
104 static bool arg_system = false;
105 static bool arg_dump_core = true;
106 static int arg_crash_chvt = -1;
107 static bool arg_crash_shell = false;
108 static bool arg_crash_reboot = false;
109 static char *arg_confirm_spawn = NULL;
110 static ShowStatus arg_show_status = _SHOW_STATUS_UNSET;
111 static bool arg_switched_root = false;
112 static bool arg_no_pager = false;
113 static char ***arg_join_controllers = NULL;
114 static ExecOutput arg_default_std_output = EXEC_OUTPUT_JOURNAL;
115 static ExecOutput arg_default_std_error = EXEC_OUTPUT_INHERIT;
116 static usec_t arg_default_restart_usec = DEFAULT_RESTART_USEC;
117 static usec_t arg_default_timeout_start_usec = DEFAULT_TIMEOUT_USEC;
118 static usec_t arg_default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC;
119 static usec_t arg_default_start_limit_interval = DEFAULT_START_LIMIT_INTERVAL;
120 static unsigned arg_default_start_limit_burst = DEFAULT_START_LIMIT_BURST;
121 static usec_t arg_runtime_watchdog = 0;
122 static usec_t arg_shutdown_watchdog = 10 * USEC_PER_MINUTE;
123 static char **arg_default_environment = NULL;
124 static struct rlimit *arg_default_rlimit[_RLIMIT_MAX] = {};
125 static uint64_t arg_capability_bounding_set = CAP_ALL;
126 static nsec_t arg_timer_slack_nsec = NSEC_INFINITY;
127 static usec_t arg_default_timer_accuracy_usec = 1 * USEC_PER_MINUTE;
128 static Set* arg_syscall_archs = NULL;
129 static FILE* arg_serialization = NULL;
130 static bool arg_default_cpu_accounting = false;
131 static bool arg_default_io_accounting = false;
132 static bool arg_default_ip_accounting = false;
133 static bool arg_default_blockio_accounting = false;
134 static bool arg_default_memory_accounting = false;
135 static bool arg_default_tasks_accounting = true;
136 static uint64_t arg_default_tasks_max = UINT64_MAX;
137 static sd_id128_t arg_machine_id = {};
138 static EmergencyAction arg_cad_burst_action = EMERGENCY_ACTION_REBOOT_FORCE;
139
140 noreturn static void freeze_or_reboot(void) {
141
142 if (arg_crash_reboot) {
143 log_notice("Rebooting in 10s...");
144 (void) sleep(10);
145
146 log_notice("Rebooting now...");
147 (void) reboot(RB_AUTOBOOT);
148 log_emergency_errno(errno, "Failed to reboot: %m");
149 }
150
151 log_emergency("Freezing execution.");
152 freeze();
153 }
154
155 noreturn static void crash(int sig) {
156 struct sigaction sa;
157 pid_t pid;
158
159 if (getpid_cached() != 1)
160 /* Pass this on immediately, if this is not PID 1 */
161 (void) raise(sig);
162 else if (!arg_dump_core)
163 log_emergency("Caught <%s>, not dumping core.", signal_to_string(sig));
164 else {
165 sa = (struct sigaction) {
166 .sa_handler = nop_signal_handler,
167 .sa_flags = SA_NOCLDSTOP|SA_RESTART,
168 };
169
170 /* We want to wait for the core process, hence let's enable SIGCHLD */
171 (void) sigaction(SIGCHLD, &sa, NULL);
172
173 pid = raw_clone(SIGCHLD);
174 if (pid < 0)
175 log_emergency_errno(errno, "Caught <%s>, cannot fork for core dump: %m", signal_to_string(sig));
176 else if (pid == 0) {
177 /* Enable default signal handler for core dump */
178
179 sa = (struct sigaction) {
180 .sa_handler = SIG_DFL,
181 };
182 (void) sigaction(sig, &sa, NULL);
183
184 /* Don't limit the coredump size */
185 (void) setrlimit(RLIMIT_CORE, &RLIMIT_MAKE_CONST(RLIM_INFINITY));
186
187 /* Just to be sure... */
188 (void) chdir("/");
189
190 /* Raise the signal again */
191 pid = raw_getpid();
192 (void) kill(pid, sig); /* raise() would kill the parent */
193
194 assert_not_reached("We shouldn't be here...");
195 _exit(EXIT_FAILURE);
196 } else {
197 siginfo_t status;
198 int r;
199
200 /* Order things nicely. */
201 r = wait_for_terminate(pid, &status);
202 if (r < 0)
203 log_emergency_errno(r, "Caught <%s>, waitpid() failed: %m", signal_to_string(sig));
204 else if (status.si_code != CLD_DUMPED)
205 log_emergency("Caught <%s>, core dump failed (child "PID_FMT", code=%s, status=%i/%s).",
206 signal_to_string(sig),
207 pid, sigchld_code_to_string(status.si_code),
208 status.si_status,
209 strna(status.si_code == CLD_EXITED
210 ? exit_status_to_string(status.si_status, EXIT_STATUS_MINIMAL)
211 : signal_to_string(status.si_status)));
212 else
213 log_emergency("Caught <%s>, dumped core as pid "PID_FMT".", signal_to_string(sig), pid);
214 }
215 }
216
217 if (arg_crash_chvt >= 0)
218 (void) chvt(arg_crash_chvt);
219
220 sa = (struct sigaction) {
221 .sa_handler = SIG_IGN,
222 .sa_flags = SA_NOCLDSTOP|SA_NOCLDWAIT|SA_RESTART,
223 };
224
225 /* Let the kernel reap children for us */
226 (void) sigaction(SIGCHLD, &sa, NULL);
227
228 if (arg_crash_shell) {
229 log_notice("Executing crash shell in 10s...");
230 (void) sleep(10);
231
232 pid = raw_clone(SIGCHLD);
233 if (pid < 0)
234 log_emergency_errno(errno, "Failed to fork off crash shell: %m");
235 else if (pid == 0) {
236 (void) setsid();
237 (void) make_console_stdio();
238 (void) execle("/bin/sh", "/bin/sh", NULL, environ);
239
240 log_emergency_errno(errno, "execle() failed: %m");
241 _exit(EXIT_FAILURE);
242 } else {
243 log_info("Spawned crash shell as PID "PID_FMT".", pid);
244 (void) wait_for_terminate(pid, NULL);
245 }
246 }
247
248 freeze_or_reboot();
249 }
250
251 static void install_crash_handler(void) {
252 static const struct sigaction sa = {
253 .sa_handler = crash,
254 .sa_flags = SA_NODEFER, /* So that we can raise the signal again from the signal handler */
255 };
256 int r;
257
258 /* We ignore the return value here, since, we don't mind if we
259 * cannot set up a crash handler */
260 r = sigaction_many(&sa, SIGNALS_CRASH_HANDLER, -1);
261 if (r < 0)
262 log_debug_errno(r, "I had trouble setting up the crash handler, ignoring: %m");
263 }
264
265 static int console_setup(void) {
266 _cleanup_close_ int tty_fd = -1;
267 int r;
268
269 tty_fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
270 if (tty_fd < 0)
271 return log_error_errno(tty_fd, "Failed to open /dev/console: %m");
272
273 /* We don't want to force text mode. plymouth may be showing
274 * pictures already from initrd. */
275 r = reset_terminal_fd(tty_fd, false);
276 if (r < 0)
277 return log_error_errno(r, "Failed to reset /dev/console: %m");
278
279 return 0;
280 }
281
282 static int parse_crash_chvt(const char *value) {
283 int b;
284
285 if (safe_atoi(value, &arg_crash_chvt) >= 0)
286 return 0;
287
288 b = parse_boolean(value);
289 if (b < 0)
290 return b;
291
292 if (b > 0)
293 arg_crash_chvt = 0; /* switch to where kmsg goes */
294 else
295 arg_crash_chvt = -1; /* turn off switching */
296
297 return 0;
298 }
299
300 static int parse_confirm_spawn(const char *value, char **console) {
301 char *s;
302 int r;
303
304 r = value ? parse_boolean(value) : 1;
305 if (r == 0) {
306 *console = NULL;
307 return 0;
308 }
309
310 if (r > 0) /* on with default tty */
311 s = strdup("/dev/console");
312 else if (is_path(value)) /* on with fully qualified path */
313 s = strdup(value);
314 else /* on with only a tty file name, not a fully qualified path */
315 s = strjoin("/dev/", value);
316 if (!s)
317 return -ENOMEM;
318 *console = s;
319 return 0;
320 }
321
322 static int set_machine_id(const char *m) {
323 sd_id128_t t;
324 assert(m);
325
326 if (sd_id128_from_string(m, &t) < 0)
327 return -EINVAL;
328
329 if (sd_id128_is_null(t))
330 return -EINVAL;
331
332 arg_machine_id = t;
333 return 0;
334 }
335
336 static int parse_proc_cmdline_item(const char *key, const char *value, void *data) {
337
338 int r;
339
340 assert(key);
341
342 if (STR_IN_SET(key, "systemd.unit", "rd.systemd.unit")) {
343
344 if (proc_cmdline_value_missing(key, value))
345 return 0;
346
347 if (!unit_name_is_valid(value, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
348 log_warning("Unit name specified on %s= is not valid, ignoring: %s", key, value);
349 else if (in_initrd() == !!startswith(key, "rd.")) {
350 if (free_and_strdup(&arg_default_unit, value) < 0)
351 return log_oom();
352 }
353
354 } else if (proc_cmdline_key_streq(key, "systemd.dump_core")) {
355
356 r = value ? parse_boolean(value) : true;
357 if (r < 0)
358 log_warning("Failed to parse dump core switch %s. Ignoring.", value);
359 else
360 arg_dump_core = r;
361
362 } else if (proc_cmdline_key_streq(key, "systemd.crash_chvt")) {
363
364 if (!value)
365 arg_crash_chvt = 0; /* turn on */
366 else if (parse_crash_chvt(value) < 0)
367 log_warning("Failed to parse crash chvt switch %s. Ignoring.", value);
368
369 } else if (proc_cmdline_key_streq(key, "systemd.crash_shell")) {
370
371 r = value ? parse_boolean(value) : true;
372 if (r < 0)
373 log_warning("Failed to parse crash shell switch %s. Ignoring.", value);
374 else
375 arg_crash_shell = r;
376
377 } else if (proc_cmdline_key_streq(key, "systemd.crash_reboot")) {
378
379 r = value ? parse_boolean(value) : true;
380 if (r < 0)
381 log_warning("Failed to parse crash reboot switch %s. Ignoring.", value);
382 else
383 arg_crash_reboot = r;
384
385 } else if (proc_cmdline_key_streq(key, "systemd.confirm_spawn")) {
386 char *s;
387
388 r = parse_confirm_spawn(value, &s);
389 if (r < 0)
390 log_warning_errno(r, "Failed to parse confirm_spawn switch %s. Ignoring.", value);
391 else {
392 free(arg_confirm_spawn);
393 arg_confirm_spawn = s;
394 }
395
396 } else if (proc_cmdline_key_streq(key, "systemd.show_status")) {
397
398 if (value) {
399 r = parse_show_status(value, &arg_show_status);
400 if (r < 0)
401 log_warning("Failed to parse show status switch %s. Ignoring.", value);
402 } else
403 arg_show_status = SHOW_STATUS_YES;
404
405 } else if (proc_cmdline_key_streq(key, "systemd.default_standard_output")) {
406
407 if (proc_cmdline_value_missing(key, value))
408 return 0;
409
410 r = exec_output_from_string(value);
411 if (r < 0)
412 log_warning("Failed to parse default standard output switch %s. Ignoring.", value);
413 else
414 arg_default_std_output = r;
415
416 } else if (proc_cmdline_key_streq(key, "systemd.default_standard_error")) {
417
418 if (proc_cmdline_value_missing(key, value))
419 return 0;
420
421 r = exec_output_from_string(value);
422 if (r < 0)
423 log_warning("Failed to parse default standard error switch %s. Ignoring.", value);
424 else
425 arg_default_std_error = r;
426
427 } else if (streq(key, "systemd.setenv")) {
428
429 if (proc_cmdline_value_missing(key, value))
430 return 0;
431
432 if (env_assignment_is_valid(value)) {
433 char **env;
434
435 env = strv_env_set(arg_default_environment, value);
436 if (!env)
437 return log_oom();
438
439 arg_default_environment = env;
440 } else
441 log_warning("Environment variable name '%s' is not valid. Ignoring.", value);
442
443 } else if (proc_cmdline_key_streq(key, "systemd.machine_id")) {
444
445 if (proc_cmdline_value_missing(key, value))
446 return 0;
447
448 r = set_machine_id(value);
449 if (r < 0)
450 log_warning("MachineID '%s' is not valid. Ignoring.", value);
451
452 } else if (proc_cmdline_key_streq(key, "systemd.default_timeout_start_sec")) {
453
454 if (proc_cmdline_value_missing(key, value))
455 return 0;
456
457 r = parse_sec(value, &arg_default_timeout_start_usec);
458 if (r < 0)
459 log_warning_errno(r, "Failed to parse default start timeout: %s, ignoring.", value);
460
461 if (arg_default_timeout_start_usec <= 0)
462 arg_default_timeout_start_usec = USEC_INFINITY;
463
464 } else if (streq(key, "quiet") && !value) {
465
466 if (arg_show_status == _SHOW_STATUS_UNSET)
467 arg_show_status = SHOW_STATUS_AUTO;
468
469 } else if (streq(key, "debug") && !value) {
470
471 /* Note that log_parse_environment() handles 'debug'
472 * too, and sets the log level to LOG_DEBUG. */
473
474 if (detect_container() > 0)
475 log_set_target(LOG_TARGET_CONSOLE);
476
477 } else if (!value) {
478 const char *target;
479
480 /* SysV compatibility */
481 target = runlevel_to_target(key);
482 if (target)
483 return free_and_strdup(&arg_default_unit, target);
484 }
485
486 return 0;
487 }
488
489 #define DEFINE_SETTER(name, func, descr) \
490 static int name(const char *unit, \
491 const char *filename, \
492 unsigned line, \
493 const char *section, \
494 unsigned section_line, \
495 const char *lvalue, \
496 int ltype, \
497 const char *rvalue, \
498 void *data, \
499 void *userdata) { \
500 \
501 int r; \
502 \
503 assert(filename); \
504 assert(lvalue); \
505 assert(rvalue); \
506 \
507 r = func(rvalue); \
508 if (r < 0) \
509 log_syntax(unit, LOG_ERR, filename, line, r, \
510 "Invalid " descr "'%s': %m", \
511 rvalue); \
512 \
513 return 0; \
514 }
515
516 DEFINE_SETTER(config_parse_level2, log_set_max_level_from_string, "log level")
517 DEFINE_SETTER(config_parse_target, log_set_target_from_string, "target")
518 DEFINE_SETTER(config_parse_color, log_show_color_from_string, "color" )
519 DEFINE_SETTER(config_parse_location, log_show_location_from_string, "location")
520
521 static int config_parse_cpu_affinity2(
522 const char *unit,
523 const char *filename,
524 unsigned line,
525 const char *section,
526 unsigned section_line,
527 const char *lvalue,
528 int ltype,
529 const char *rvalue,
530 void *data,
531 void *userdata) {
532
533 _cleanup_cpu_free_ cpu_set_t *c = NULL;
534 int ncpus;
535
536 ncpus = parse_cpu_set_and_warn(rvalue, &c, unit, filename, line, lvalue);
537 if (ncpus < 0)
538 return ncpus;
539
540 if (sched_setaffinity(0, CPU_ALLOC_SIZE(ncpus), c) < 0)
541 log_warning_errno(errno, "Failed to set CPU affinity: %m");
542
543 return 0;
544 }
545
546 static int config_parse_show_status(
547 const char* unit,
548 const char *filename,
549 unsigned line,
550 const char *section,
551 unsigned section_line,
552 const char *lvalue,
553 int ltype,
554 const char *rvalue,
555 void *data,
556 void *userdata) {
557
558 int k;
559 ShowStatus *b = data;
560
561 assert(filename);
562 assert(lvalue);
563 assert(rvalue);
564 assert(data);
565
566 k = parse_show_status(rvalue, b);
567 if (k < 0) {
568 log_syntax(unit, LOG_ERR, filename, line, k, "Failed to parse show status setting, ignoring: %s", rvalue);
569 return 0;
570 }
571
572 return 0;
573 }
574
575 static int config_parse_output_restricted(
576 const char* unit,
577 const char *filename,
578 unsigned line,
579 const char *section,
580 unsigned section_line,
581 const char *lvalue,
582 int ltype,
583 const char *rvalue,
584 void *data,
585 void *userdata) {
586
587 ExecOutput t, *eo = data;
588
589 assert(filename);
590 assert(lvalue);
591 assert(rvalue);
592 assert(data);
593
594 t = exec_output_from_string(rvalue);
595 if (t < 0) {
596 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse output type, ignoring: %s", rvalue);
597 return 0;
598 }
599
600 if (IN_SET(t, EXEC_OUTPUT_SOCKET, EXEC_OUTPUT_NAMED_FD, EXEC_OUTPUT_FILE)) {
601 log_syntax(unit, LOG_ERR, filename, line, 0, "Standard output types socket, fd:, file: are not supported as defaults, ignoring: %s", rvalue);
602 return 0;
603 }
604
605 *eo = t;
606 return 0;
607 }
608
609 static int config_parse_crash_chvt(
610 const char* unit,
611 const char *filename,
612 unsigned line,
613 const char *section,
614 unsigned section_line,
615 const char *lvalue,
616 int ltype,
617 const char *rvalue,
618 void *data,
619 void *userdata) {
620
621 int r;
622
623 assert(filename);
624 assert(lvalue);
625 assert(rvalue);
626
627 r = parse_crash_chvt(rvalue);
628 if (r < 0) {
629 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CrashChangeVT= setting, ignoring: %s", rvalue);
630 return 0;
631 }
632
633 return 0;
634 }
635
636 static int config_parse_join_controllers(const char *unit,
637 const char *filename,
638 unsigned line,
639 const char *section,
640 unsigned section_line,
641 const char *lvalue,
642 int ltype,
643 const char *rvalue,
644 void *data,
645 void *userdata) {
646
647 const char *whole_rvalue = rvalue;
648 unsigned n = 0;
649
650 assert(filename);
651 assert(lvalue);
652 assert(rvalue);
653
654 arg_join_controllers = strv_free_free(arg_join_controllers);
655
656 for (;;) {
657 _cleanup_free_ char *word = NULL;
658 char **l;
659 int r;
660
661 r = extract_first_word(&rvalue, &word, NULL, EXTRACT_QUOTES);
662 if (r < 0) {
663 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid value for %s: %s", lvalue, whole_rvalue);
664 return r;
665 }
666 if (r == 0)
667 break;
668
669 l = strv_split(word, ",");
670 if (!l)
671 return log_oom();
672 strv_uniq(l);
673
674 if (strv_length(l) <= 1) {
675 strv_free(l);
676 continue;
677 }
678
679 if (!arg_join_controllers) {
680 arg_join_controllers = new(char**, 2);
681 if (!arg_join_controllers) {
682 strv_free(l);
683 return log_oom();
684 }
685
686 arg_join_controllers[0] = l;
687 arg_join_controllers[1] = NULL;
688
689 n = 1;
690 } else {
691 char ***a;
692 char ***t;
693
694 t = new0(char**, n+2);
695 if (!t) {
696 strv_free(l);
697 return log_oom();
698 }
699
700 n = 0;
701
702 for (a = arg_join_controllers; *a; a++) {
703
704 if (strv_overlap(*a, l)) {
705 if (strv_extend_strv(&l, *a, false) < 0) {
706 strv_free(l);
707 strv_free_free(t);
708 return log_oom();
709 }
710
711 } else {
712 char **c;
713
714 c = strv_copy(*a);
715 if (!c) {
716 strv_free(l);
717 strv_free_free(t);
718 return log_oom();
719 }
720
721 t[n++] = c;
722 }
723 }
724
725 t[n++] = strv_uniq(l);
726
727 strv_free_free(arg_join_controllers);
728 arg_join_controllers = t;
729 }
730 }
731 if (!isempty(rvalue))
732 log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
733
734 return 0;
735 }
736
737 static int parse_config_file(void) {
738
739 const ConfigTableItem items[] = {
740 { "Manager", "LogLevel", config_parse_level2, 0, NULL },
741 { "Manager", "LogTarget", config_parse_target, 0, NULL },
742 { "Manager", "LogColor", config_parse_color, 0, NULL },
743 { "Manager", "LogLocation", config_parse_location, 0, NULL },
744 { "Manager", "DumpCore", config_parse_bool, 0, &arg_dump_core },
745 { "Manager", "CrashChVT", /* legacy */ config_parse_crash_chvt, 0, NULL },
746 { "Manager", "CrashChangeVT", config_parse_crash_chvt, 0, NULL },
747 { "Manager", "CrashShell", config_parse_bool, 0, &arg_crash_shell },
748 { "Manager", "CrashReboot", config_parse_bool, 0, &arg_crash_reboot },
749 { "Manager", "ShowStatus", config_parse_show_status, 0, &arg_show_status },
750 { "Manager", "CPUAffinity", config_parse_cpu_affinity2, 0, NULL },
751 { "Manager", "JoinControllers", config_parse_join_controllers, 0, &arg_join_controllers },
752 { "Manager", "RuntimeWatchdogSec", config_parse_sec, 0, &arg_runtime_watchdog },
753 { "Manager", "ShutdownWatchdogSec", config_parse_sec, 0, &arg_shutdown_watchdog },
754 { "Manager", "CapabilityBoundingSet", config_parse_capability_set, 0, &arg_capability_bounding_set },
755 #if HAVE_SECCOMP
756 { "Manager", "SystemCallArchitectures", config_parse_syscall_archs, 0, &arg_syscall_archs },
757 #endif
758 { "Manager", "TimerSlackNSec", config_parse_nsec, 0, &arg_timer_slack_nsec },
759 { "Manager", "DefaultTimerAccuracySec", config_parse_sec, 0, &arg_default_timer_accuracy_usec },
760 { "Manager", "DefaultStandardOutput", config_parse_output_restricted,0, &arg_default_std_output },
761 { "Manager", "DefaultStandardError", config_parse_output_restricted,0, &arg_default_std_error },
762 { "Manager", "DefaultTimeoutStartSec", config_parse_sec, 0, &arg_default_timeout_start_usec },
763 { "Manager", "DefaultTimeoutStopSec", config_parse_sec, 0, &arg_default_timeout_stop_usec },
764 { "Manager", "DefaultRestartSec", config_parse_sec, 0, &arg_default_restart_usec },
765 { "Manager", "DefaultStartLimitInterval", config_parse_sec, 0, &arg_default_start_limit_interval }, /* obsolete alias */
766 { "Manager", "DefaultStartLimitIntervalSec",config_parse_sec, 0, &arg_default_start_limit_interval },
767 { "Manager", "DefaultStartLimitBurst", config_parse_unsigned, 0, &arg_default_start_limit_burst },
768 { "Manager", "DefaultEnvironment", config_parse_environ, 0, &arg_default_environment },
769 { "Manager", "DefaultLimitCPU", config_parse_limit, RLIMIT_CPU, arg_default_rlimit },
770 { "Manager", "DefaultLimitFSIZE", config_parse_limit, RLIMIT_FSIZE, arg_default_rlimit },
771 { "Manager", "DefaultLimitDATA", config_parse_limit, RLIMIT_DATA, arg_default_rlimit },
772 { "Manager", "DefaultLimitSTACK", config_parse_limit, RLIMIT_STACK, arg_default_rlimit },
773 { "Manager", "DefaultLimitCORE", config_parse_limit, RLIMIT_CORE, arg_default_rlimit },
774 { "Manager", "DefaultLimitRSS", config_parse_limit, RLIMIT_RSS, arg_default_rlimit },
775 { "Manager", "DefaultLimitNOFILE", config_parse_limit, RLIMIT_NOFILE, arg_default_rlimit },
776 { "Manager", "DefaultLimitAS", config_parse_limit, RLIMIT_AS, arg_default_rlimit },
777 { "Manager", "DefaultLimitNPROC", config_parse_limit, RLIMIT_NPROC, arg_default_rlimit },
778 { "Manager", "DefaultLimitMEMLOCK", config_parse_limit, RLIMIT_MEMLOCK, arg_default_rlimit },
779 { "Manager", "DefaultLimitLOCKS", config_parse_limit, RLIMIT_LOCKS, arg_default_rlimit },
780 { "Manager", "DefaultLimitSIGPENDING", config_parse_limit, RLIMIT_SIGPENDING, arg_default_rlimit },
781 { "Manager", "DefaultLimitMSGQUEUE", config_parse_limit, RLIMIT_MSGQUEUE, arg_default_rlimit },
782 { "Manager", "DefaultLimitNICE", config_parse_limit, RLIMIT_NICE, arg_default_rlimit },
783 { "Manager", "DefaultLimitRTPRIO", config_parse_limit, RLIMIT_RTPRIO, arg_default_rlimit },
784 { "Manager", "DefaultLimitRTTIME", config_parse_limit, RLIMIT_RTTIME, arg_default_rlimit },
785 { "Manager", "DefaultCPUAccounting", config_parse_bool, 0, &arg_default_cpu_accounting },
786 { "Manager", "DefaultIOAccounting", config_parse_bool, 0, &arg_default_io_accounting },
787 { "Manager", "DefaultIPAccounting", config_parse_bool, 0, &arg_default_ip_accounting },
788 { "Manager", "DefaultBlockIOAccounting", config_parse_bool, 0, &arg_default_blockio_accounting },
789 { "Manager", "DefaultMemoryAccounting", config_parse_bool, 0, &arg_default_memory_accounting },
790 { "Manager", "DefaultTasksAccounting", config_parse_bool, 0, &arg_default_tasks_accounting },
791 { "Manager", "DefaultTasksMax", config_parse_tasks_max, 0, &arg_default_tasks_max },
792 { "Manager", "CtrlAltDelBurstAction", config_parse_emergency_action, 0, &arg_cad_burst_action },
793 {}
794 };
795
796 const char *fn, *conf_dirs_nulstr;
797
798 fn = arg_system ?
799 PKGSYSCONFDIR "/system.conf" :
800 PKGSYSCONFDIR "/user.conf";
801
802 conf_dirs_nulstr = arg_system ?
803 CONF_PATHS_NULSTR("systemd/system.conf.d") :
804 CONF_PATHS_NULSTR("systemd/user.conf.d");
805
806 (void) config_parse_many_nulstr(fn, conf_dirs_nulstr, "Manager\0", config_item_table_lookup, items, CONFIG_PARSE_WARN, NULL);
807
808 /* Traditionally "0" was used to turn off the default unit timeouts. Fix this up so that we used USEC_INFINITY
809 * like everywhere else. */
810 if (arg_default_timeout_start_usec <= 0)
811 arg_default_timeout_start_usec = USEC_INFINITY;
812 if (arg_default_timeout_stop_usec <= 0)
813 arg_default_timeout_stop_usec = USEC_INFINITY;
814
815 return 0;
816 }
817
818 static void set_manager_defaults(Manager *m) {
819
820 assert(m);
821
822 m->default_timer_accuracy_usec = arg_default_timer_accuracy_usec;
823 m->default_std_output = arg_default_std_output;
824 m->default_std_error = arg_default_std_error;
825 m->default_timeout_start_usec = arg_default_timeout_start_usec;
826 m->default_timeout_stop_usec = arg_default_timeout_stop_usec;
827 m->default_restart_usec = arg_default_restart_usec;
828 m->default_start_limit_interval = arg_default_start_limit_interval;
829 m->default_start_limit_burst = arg_default_start_limit_burst;
830 m->default_cpu_accounting = arg_default_cpu_accounting;
831 m->default_io_accounting = arg_default_io_accounting;
832 m->default_ip_accounting = arg_default_ip_accounting;
833 m->default_blockio_accounting = arg_default_blockio_accounting;
834 m->default_memory_accounting = arg_default_memory_accounting;
835 m->default_tasks_accounting = arg_default_tasks_accounting;
836 m->default_tasks_max = arg_default_tasks_max;
837
838 manager_set_default_rlimits(m, arg_default_rlimit);
839 manager_environment_add(m, NULL, arg_default_environment);
840 }
841
842 static void set_manager_settings(Manager *m) {
843
844 assert(m);
845
846 m->confirm_spawn = arg_confirm_spawn;
847 m->runtime_watchdog = arg_runtime_watchdog;
848 m->shutdown_watchdog = arg_shutdown_watchdog;
849 m->cad_burst_action = arg_cad_burst_action;
850
851 manager_set_show_status(m, arg_show_status);
852 }
853
854 static int parse_argv(int argc, char *argv[]) {
855
856 enum {
857 ARG_LOG_LEVEL = 0x100,
858 ARG_LOG_TARGET,
859 ARG_LOG_COLOR,
860 ARG_LOG_LOCATION,
861 ARG_UNIT,
862 ARG_SYSTEM,
863 ARG_USER,
864 ARG_TEST,
865 ARG_NO_PAGER,
866 ARG_VERSION,
867 ARG_DUMP_CONFIGURATION_ITEMS,
868 ARG_DUMP_CORE,
869 ARG_CRASH_CHVT,
870 ARG_CRASH_SHELL,
871 ARG_CRASH_REBOOT,
872 ARG_CONFIRM_SPAWN,
873 ARG_SHOW_STATUS,
874 ARG_DESERIALIZE,
875 ARG_SWITCHED_ROOT,
876 ARG_DEFAULT_STD_OUTPUT,
877 ARG_DEFAULT_STD_ERROR,
878 ARG_MACHINE_ID
879 };
880
881 static const struct option options[] = {
882 { "log-level", required_argument, NULL, ARG_LOG_LEVEL },
883 { "log-target", required_argument, NULL, ARG_LOG_TARGET },
884 { "log-color", optional_argument, NULL, ARG_LOG_COLOR },
885 { "log-location", optional_argument, NULL, ARG_LOG_LOCATION },
886 { "unit", required_argument, NULL, ARG_UNIT },
887 { "system", no_argument, NULL, ARG_SYSTEM },
888 { "user", no_argument, NULL, ARG_USER },
889 { "test", no_argument, NULL, ARG_TEST },
890 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
891 { "help", no_argument, NULL, 'h' },
892 { "version", no_argument, NULL, ARG_VERSION },
893 { "dump-configuration-items", no_argument, NULL, ARG_DUMP_CONFIGURATION_ITEMS },
894 { "dump-core", optional_argument, NULL, ARG_DUMP_CORE },
895 { "crash-chvt", required_argument, NULL, ARG_CRASH_CHVT },
896 { "crash-shell", optional_argument, NULL, ARG_CRASH_SHELL },
897 { "crash-reboot", optional_argument, NULL, ARG_CRASH_REBOOT },
898 { "confirm-spawn", optional_argument, NULL, ARG_CONFIRM_SPAWN },
899 { "show-status", optional_argument, NULL, ARG_SHOW_STATUS },
900 { "deserialize", required_argument, NULL, ARG_DESERIALIZE },
901 { "switched-root", no_argument, NULL, ARG_SWITCHED_ROOT },
902 { "default-standard-output", required_argument, NULL, ARG_DEFAULT_STD_OUTPUT, },
903 { "default-standard-error", required_argument, NULL, ARG_DEFAULT_STD_ERROR, },
904 { "machine-id", required_argument, NULL, ARG_MACHINE_ID },
905 {}
906 };
907
908 int c, r;
909
910 assert(argc >= 1);
911 assert(argv);
912
913 if (getpid_cached() == 1)
914 opterr = 0;
915
916 while ((c = getopt_long(argc, argv, "hDbsz:", options, NULL)) >= 0)
917
918 switch (c) {
919
920 case ARG_LOG_LEVEL:
921 r = log_set_max_level_from_string(optarg);
922 if (r < 0) {
923 log_error("Failed to parse log level %s.", optarg);
924 return r;
925 }
926
927 break;
928
929 case ARG_LOG_TARGET:
930 r = log_set_target_from_string(optarg);
931 if (r < 0) {
932 log_error("Failed to parse log target %s.", optarg);
933 return r;
934 }
935
936 break;
937
938 case ARG_LOG_COLOR:
939
940 if (optarg) {
941 r = log_show_color_from_string(optarg);
942 if (r < 0) {
943 log_error("Failed to parse log color setting %s.", optarg);
944 return r;
945 }
946 } else
947 log_show_color(true);
948
949 break;
950
951 case ARG_LOG_LOCATION:
952 if (optarg) {
953 r = log_show_location_from_string(optarg);
954 if (r < 0) {
955 log_error("Failed to parse log location setting %s.", optarg);
956 return r;
957 }
958 } else
959 log_show_location(true);
960
961 break;
962
963 case ARG_DEFAULT_STD_OUTPUT:
964 r = exec_output_from_string(optarg);
965 if (r < 0) {
966 log_error("Failed to parse default standard output setting %s.", optarg);
967 return r;
968 } else
969 arg_default_std_output = r;
970 break;
971
972 case ARG_DEFAULT_STD_ERROR:
973 r = exec_output_from_string(optarg);
974 if (r < 0) {
975 log_error("Failed to parse default standard error output setting %s.", optarg);
976 return r;
977 } else
978 arg_default_std_error = r;
979 break;
980
981 case ARG_UNIT:
982 r = free_and_strdup(&arg_default_unit, optarg);
983 if (r < 0)
984 return log_error_errno(r, "Failed to set default unit %s: %m", optarg);
985
986 break;
987
988 case ARG_SYSTEM:
989 arg_system = true;
990 break;
991
992 case ARG_USER:
993 arg_system = false;
994 break;
995
996 case ARG_TEST:
997 arg_action = ACTION_TEST;
998 break;
999
1000 case ARG_NO_PAGER:
1001 arg_no_pager = true;
1002 break;
1003
1004 case ARG_VERSION:
1005 arg_action = ACTION_VERSION;
1006 break;
1007
1008 case ARG_DUMP_CONFIGURATION_ITEMS:
1009 arg_action = ACTION_DUMP_CONFIGURATION_ITEMS;
1010 break;
1011
1012 case ARG_DUMP_CORE:
1013 if (!optarg)
1014 arg_dump_core = true;
1015 else {
1016 r = parse_boolean(optarg);
1017 if (r < 0)
1018 return log_error_errno(r, "Failed to parse dump core boolean: %s", optarg);
1019 arg_dump_core = r;
1020 }
1021 break;
1022
1023 case ARG_CRASH_CHVT:
1024 r = parse_crash_chvt(optarg);
1025 if (r < 0)
1026 return log_error_errno(r, "Failed to parse crash virtual terminal index: %s", optarg);
1027 break;
1028
1029 case ARG_CRASH_SHELL:
1030 if (!optarg)
1031 arg_crash_shell = true;
1032 else {
1033 r = parse_boolean(optarg);
1034 if (r < 0)
1035 return log_error_errno(r, "Failed to parse crash shell boolean: %s", optarg);
1036 arg_crash_shell = r;
1037 }
1038 break;
1039
1040 case ARG_CRASH_REBOOT:
1041 if (!optarg)
1042 arg_crash_reboot = true;
1043 else {
1044 r = parse_boolean(optarg);
1045 if (r < 0)
1046 return log_error_errno(r, "Failed to parse crash shell boolean: %s", optarg);
1047 arg_crash_reboot = r;
1048 }
1049 break;
1050
1051 case ARG_CONFIRM_SPAWN:
1052 arg_confirm_spawn = mfree(arg_confirm_spawn);
1053
1054 r = parse_confirm_spawn(optarg, &arg_confirm_spawn);
1055 if (r < 0)
1056 return log_error_errno(r, "Failed to parse confirm spawn option: %m");
1057 break;
1058
1059 case ARG_SHOW_STATUS:
1060 if (optarg) {
1061 r = parse_show_status(optarg, &arg_show_status);
1062 if (r < 0) {
1063 log_error("Failed to parse show status boolean %s.", optarg);
1064 return r;
1065 }
1066 } else
1067 arg_show_status = SHOW_STATUS_YES;
1068 break;
1069
1070 case ARG_DESERIALIZE: {
1071 int fd;
1072 FILE *f;
1073
1074 r = safe_atoi(optarg, &fd);
1075 if (r < 0 || fd < 0) {
1076 log_error("Failed to parse deserialize option %s.", optarg);
1077 return -EINVAL;
1078 }
1079
1080 (void) fd_cloexec(fd, true);
1081
1082 f = fdopen(fd, "r");
1083 if (!f)
1084 return log_error_errno(errno, "Failed to open serialization fd: %m");
1085
1086 safe_fclose(arg_serialization);
1087 arg_serialization = f;
1088
1089 break;
1090 }
1091
1092 case ARG_SWITCHED_ROOT:
1093 arg_switched_root = true;
1094 break;
1095
1096 case ARG_MACHINE_ID:
1097 r = set_machine_id(optarg);
1098 if (r < 0)
1099 return log_error_errno(r, "MachineID '%s' is not valid.", optarg);
1100 break;
1101
1102 case 'h':
1103 arg_action = ACTION_HELP;
1104 break;
1105
1106 case 'D':
1107 log_set_max_level(LOG_DEBUG);
1108 break;
1109
1110 case 'b':
1111 case 's':
1112 case 'z':
1113 /* Just to eat away the sysvinit kernel
1114 * cmdline args without getopt() error
1115 * messages that we'll parse in
1116 * parse_proc_cmdline_word() or ignore. */
1117
1118 case '?':
1119 if (getpid_cached() != 1)
1120 return -EINVAL;
1121 else
1122 return 0;
1123
1124 default:
1125 assert_not_reached("Unhandled option code.");
1126 }
1127
1128 if (optind < argc && getpid_cached() != 1) {
1129 /* Hmm, when we aren't run as init system
1130 * let's complain about excess arguments */
1131
1132 log_error("Excess arguments.");
1133 return -EINVAL;
1134 }
1135
1136 return 0;
1137 }
1138
1139 static int help(void) {
1140
1141 printf("%s [OPTIONS...]\n\n"
1142 "Starts up and maintains the system or user services.\n\n"
1143 " -h --help Show this help\n"
1144 " --version Show version\n"
1145 " --test Determine startup sequence, dump it and exit\n"
1146 " --no-pager Do not pipe output into a pager\n"
1147 " --dump-configuration-items Dump understood unit configuration items\n"
1148 " --unit=UNIT Set default unit\n"
1149 " --system Run a system instance, even if PID != 1\n"
1150 " --user Run a user instance\n"
1151 " --dump-core[=BOOL] Dump core on crash\n"
1152 " --crash-vt=NR Change to specified VT on crash\n"
1153 " --crash-reboot[=BOOL] Reboot on crash\n"
1154 " --crash-shell[=BOOL] Run shell on crash\n"
1155 " --confirm-spawn[=BOOL] Ask for confirmation when spawning processes\n"
1156 " --show-status[=BOOL] Show status updates on the console during bootup\n"
1157 " --log-target=TARGET Set log target (console, journal, kmsg, journal-or-kmsg, null)\n"
1158 " --log-level=LEVEL Set log level (debug, info, notice, warning, err, crit, alert, emerg)\n"
1159 " --log-color[=BOOL] Highlight important log messages\n"
1160 " --log-location[=BOOL] Include code location in log messages\n"
1161 " --default-standard-output= Set default standard output for services\n"
1162 " --default-standard-error= Set default standard error output for services\n",
1163 program_invocation_short_name);
1164
1165 return 0;
1166 }
1167
1168 static int prepare_reexecute(Manager *m, FILE **_f, FDSet **_fds, bool switching_root) {
1169 _cleanup_fdset_free_ FDSet *fds = NULL;
1170 _cleanup_fclose_ FILE *f = NULL;
1171 int r;
1172
1173 assert(m);
1174 assert(_f);
1175 assert(_fds);
1176
1177 r = manager_open_serialization(m, &f);
1178 if (r < 0)
1179 return log_error_errno(r, "Failed to create serialization file: %m");
1180
1181 /* Make sure nothing is really destructed when we shut down */
1182 m->n_reloading++;
1183 bus_manager_send_reloading(m, true);
1184
1185 fds = fdset_new();
1186 if (!fds)
1187 return log_oom();
1188
1189 r = manager_serialize(m, f, fds, switching_root);
1190 if (r < 0)
1191 return log_error_errno(r, "Failed to serialize state: %m");
1192
1193 if (fseeko(f, 0, SEEK_SET) == (off_t) -1)
1194 return log_error_errno(errno, "Failed to rewind serialization fd: %m");
1195
1196 r = fd_cloexec(fileno(f), false);
1197 if (r < 0)
1198 return log_error_errno(r, "Failed to disable O_CLOEXEC for serialization: %m");
1199
1200 r = fdset_cloexec(fds, false);
1201 if (r < 0)
1202 return log_error_errno(r, "Failed to disable O_CLOEXEC for serialization fds: %m");
1203
1204 *_f = f;
1205 *_fds = fds;
1206
1207 f = NULL;
1208 fds = NULL;
1209
1210 return 0;
1211 }
1212
1213 static int bump_rlimit_nofile(struct rlimit *saved_rlimit) {
1214 struct rlimit nl;
1215 int r;
1216 int min_max;
1217 _cleanup_free_ char *nr_open = NULL;
1218
1219 assert(saved_rlimit);
1220
1221 /* Save the original RLIMIT_NOFILE so that we can reset it
1222 * later when transitioning from the initrd to the main
1223 * systemd or suchlike. */
1224 if (getrlimit(RLIMIT_NOFILE, saved_rlimit) < 0)
1225 return log_warning_errno(errno, "Reading RLIMIT_NOFILE failed, ignoring: %m");
1226
1227 /* Make sure forked processes get the default kernel setting */
1228 if (!arg_default_rlimit[RLIMIT_NOFILE]) {
1229 struct rlimit *rl;
1230
1231 rl = newdup(struct rlimit, saved_rlimit, 1);
1232 if (!rl)
1233 return log_oom();
1234
1235 arg_default_rlimit[RLIMIT_NOFILE] = rl;
1236 }
1237
1238 /* Get current RLIMIT_NOFILE maximum compiled into the kernel. */
1239 r = read_one_line_file("/proc/sys/fs/nr_open", &nr_open);
1240 if (r >= 0)
1241 r = safe_atoi(nr_open, &min_max);
1242 /* If we fail, fallback to the hard-coded kernel limit of 1024 * 1024. */
1243 if (r < 0)
1244 min_max = 1024 * 1024;
1245
1246 /* Bump up the resource limit for ourselves substantially */
1247 nl.rlim_cur = nl.rlim_max = min_max;
1248 r = setrlimit_closest(RLIMIT_NOFILE, &nl);
1249 if (r < 0)
1250 return log_warning_errno(r, "Setting RLIMIT_NOFILE failed, ignoring: %m");
1251
1252 return 0;
1253 }
1254
1255 static int bump_rlimit_memlock(struct rlimit *saved_rlimit) {
1256 int r;
1257
1258 assert(saved_rlimit);
1259 assert(getuid() == 0);
1260
1261 /* BPF_MAP_TYPE_LPM_TRIE bpf maps are charged against RLIMIT_MEMLOCK, even though we have CAP_IPC_LOCK which
1262 * should normally disable such checks. We need them to implement IPAccessAllow= and IPAccessDeny=, hence let's
1263 * bump the value high enough for the root user. */
1264
1265 if (getrlimit(RLIMIT_MEMLOCK, saved_rlimit) < 0)
1266 return log_warning_errno(errno, "Reading RLIMIT_MEMLOCK failed, ignoring: %m");
1267
1268 r = setrlimit_closest(RLIMIT_MEMLOCK, &RLIMIT_MAKE_CONST(1024ULL*1024ULL*16ULL));
1269 if (r < 0)
1270 return log_warning_errno(r, "Setting RLIMIT_MEMLOCK failed, ignoring: %m");
1271
1272 return 0;
1273 }
1274
1275 static void test_usr(void) {
1276
1277 /* Check that /usr is not a separate fs */
1278
1279 if (dir_is_empty("/usr") <= 0)
1280 return;
1281
1282 log_warning("/usr appears to be on its own filesystem and is not already mounted. This is not a supported setup. "
1283 "Some things will probably break (sometimes even silently) in mysterious ways. "
1284 "Consult http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken for more information.");
1285 }
1286
1287 static int initialize_join_controllers(void) {
1288 /* By default, mount "cpu" + "cpuacct" together, and "net_cls"
1289 * + "net_prio". We'd like to add "cpuset" to the mix, but
1290 * "cpuset" doesn't really work for groups with no initialized
1291 * attributes. */
1292
1293 arg_join_controllers = new(char**, 3);
1294 if (!arg_join_controllers)
1295 return -ENOMEM;
1296
1297 arg_join_controllers[0] = strv_new("cpu", "cpuacct", NULL);
1298 if (!arg_join_controllers[0])
1299 goto oom;
1300
1301 arg_join_controllers[1] = strv_new("net_cls", "net_prio", NULL);
1302 if (!arg_join_controllers[1])
1303 goto oom;
1304
1305 arg_join_controllers[2] = NULL;
1306 return 0;
1307
1308 oom:
1309 arg_join_controllers = strv_free_free(arg_join_controllers);
1310 return -ENOMEM;
1311 }
1312
1313 static int enforce_syscall_archs(Set *archs) {
1314 #if HAVE_SECCOMP
1315 int r;
1316
1317 if (!is_seccomp_available())
1318 return 0;
1319
1320 r = seccomp_restrict_archs(arg_syscall_archs);
1321 if (r < 0)
1322 return log_error_errno(r, "Failed to enforce system call architecture restrication: %m");
1323 #endif
1324 return 0;
1325 }
1326
1327 static int status_welcome(void) {
1328 _cleanup_free_ char *pretty_name = NULL, *ansi_color = NULL;
1329 int r;
1330
1331 r = parse_env_file("/etc/os-release", NEWLINE,
1332 "PRETTY_NAME", &pretty_name,
1333 "ANSI_COLOR", &ansi_color,
1334 NULL);
1335 if (r == -ENOENT)
1336 r = parse_env_file("/usr/lib/os-release", NEWLINE,
1337 "PRETTY_NAME", &pretty_name,
1338 "ANSI_COLOR", &ansi_color,
1339 NULL);
1340
1341 if (r < 0 && r != -ENOENT)
1342 log_warning_errno(r, "Failed to read os-release file: %m");
1343
1344 if (log_get_show_color())
1345 return status_printf(NULL, false, false,
1346 "\nWelcome to \x1B[%sm%s\x1B[0m!\n",
1347 isempty(ansi_color) ? "1" : ansi_color,
1348 isempty(pretty_name) ? "Linux" : pretty_name);
1349 else
1350 return status_printf(NULL, false, false,
1351 "\nWelcome to %s!\n",
1352 isempty(pretty_name) ? "Linux" : pretty_name);
1353 }
1354
1355 static int write_container_id(void) {
1356 const char *c;
1357 int r;
1358
1359 c = getenv("container");
1360 if (isempty(c))
1361 return 0;
1362
1363 RUN_WITH_UMASK(0022)
1364 r = write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE);
1365 if (r < 0)
1366 return log_warning_errno(r, "Failed to write /run/systemd/container, ignoring: %m");
1367
1368 return 1;
1369 }
1370
1371 static int bump_unix_max_dgram_qlen(void) {
1372 _cleanup_free_ char *qlen = NULL;
1373 unsigned long v;
1374 int r;
1375
1376 /* Let's bump the net.unix.max_dgram_qlen sysctl. The kernel
1377 * default of 16 is simply too low. We set the value really
1378 * really early during boot, so that it is actually applied to
1379 * all our sockets, including the $NOTIFY_SOCKET one. */
1380
1381 r = read_one_line_file("/proc/sys/net/unix/max_dgram_qlen", &qlen);
1382 if (r < 0)
1383 return log_warning_errno(r, "Failed to read AF_UNIX datagram queue length, ignoring: %m");
1384
1385 r = safe_atolu(qlen, &v);
1386 if (r < 0)
1387 return log_warning_errno(r, "Failed to parse AF_UNIX datagram queue length, ignoring: %m");
1388
1389 if (v >= DEFAULT_UNIX_MAX_DGRAM_QLEN)
1390 return 0;
1391
1392 qlen = mfree(qlen);
1393 if (asprintf(&qlen, "%lu\n", DEFAULT_UNIX_MAX_DGRAM_QLEN) < 0)
1394 return log_oom();
1395
1396 r = write_string_file("/proc/sys/net/unix/max_dgram_qlen", qlen, 0);
1397 if (r < 0)
1398 return log_full_errno(IN_SET(r, -EROFS, -EPERM, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
1399 "Failed to bump AF_UNIX datagram queue length, ignoring: %m");
1400
1401 return 1;
1402 }
1403
1404 static int fixup_environment(void) {
1405 _cleanup_free_ char *term = NULL;
1406 int r;
1407
1408 /* We expect the environment to be set correctly
1409 * if run inside a container. */
1410 if (detect_container() > 0)
1411 return 0;
1412
1413 /* When started as PID1, the kernel uses /dev/console
1414 * for our stdios and uses TERM=linux whatever the
1415 * backend device used by the console. We try to make
1416 * a better guess here since some consoles might not
1417 * have support for color mode for example.
1418 *
1419 * However if TERM was configured through the kernel
1420 * command line then leave it alone. */
1421
1422 r = proc_cmdline_get_key("TERM", 0, &term);
1423 if (r < 0)
1424 return r;
1425 if (r == 0) {
1426 term = strdup(default_term_for_tty("/dev/console"));
1427 if (!term)
1428 return -ENOMEM;
1429 }
1430
1431 if (setenv("TERM", term, 1) < 0)
1432 return -errno;
1433
1434 return 0;
1435 }
1436
1437 static void redirect_telinit(int argc, char *argv[]) {
1438
1439 /* This is compatibility support for SysV, where calling init as a user is identical to telinit. */
1440
1441 #if HAVE_SYSV_COMPAT
1442 if (getpid_cached() == 1)
1443 return;
1444
1445 if (!strstr(program_invocation_short_name, "init"))
1446 return;
1447
1448 execv(SYSTEMCTL_BINARY_PATH, argv);
1449 log_error_errno(errno, "Failed to exec " SYSTEMCTL_BINARY_PATH ": %m");
1450 exit(1);
1451 #endif
1452 }
1453
1454 static int become_shutdown(
1455 const char *shutdown_verb,
1456 int retval) {
1457
1458 char log_level[DECIMAL_STR_MAX(int) + 1],
1459 exit_code[DECIMAL_STR_MAX(uint8_t) + 1];
1460
1461 const char* command_line[11] = {
1462 SYSTEMD_SHUTDOWN_BINARY_PATH,
1463 shutdown_verb,
1464 "--log-level", log_level,
1465 "--log-target",
1466 };
1467
1468 _cleanup_strv_free_ char **env_block = NULL;
1469 size_t pos = 5;
1470 int r;
1471
1472 assert(shutdown_verb);
1473 assert(command_line[pos] == NULL);
1474 env_block = strv_copy(environ);
1475
1476 xsprintf(log_level, "%d", log_get_max_level());
1477
1478 switch (log_get_target()) {
1479
1480 case LOG_TARGET_KMSG:
1481 case LOG_TARGET_JOURNAL_OR_KMSG:
1482 case LOG_TARGET_SYSLOG_OR_KMSG:
1483 command_line[pos++] = "kmsg";
1484 break;
1485
1486 case LOG_TARGET_NULL:
1487 command_line[pos++] = "null";
1488 break;
1489
1490 case LOG_TARGET_CONSOLE:
1491 default:
1492 command_line[pos++] = "console";
1493 break;
1494 };
1495
1496 if (log_get_show_color())
1497 command_line[pos++] = "--log-color";
1498
1499 if (log_get_show_location())
1500 command_line[pos++] = "--log-location";
1501
1502 if (streq(shutdown_verb, "exit")) {
1503 command_line[pos++] = "--exit-code";
1504 command_line[pos++] = exit_code;
1505 xsprintf(exit_code, "%d", retval);
1506 }
1507
1508 assert(pos < ELEMENTSOF(command_line));
1509
1510 if (streq(shutdown_verb, "reboot") &&
1511 arg_shutdown_watchdog > 0 &&
1512 arg_shutdown_watchdog != USEC_INFINITY) {
1513
1514 char *e;
1515
1516 /* If we reboot let's set the shutdown
1517 * watchdog and tell the shutdown binary to
1518 * repeatedly ping it */
1519 r = watchdog_set_timeout(&arg_shutdown_watchdog);
1520 watchdog_close(r < 0);
1521
1522 /* Tell the binary how often to ping, ignore failure */
1523 if (asprintf(&e, "WATCHDOG_USEC="USEC_FMT, arg_shutdown_watchdog) > 0)
1524 (void) strv_push(&env_block, e);
1525 } else
1526 watchdog_close(true);
1527
1528 /* Avoid the creation of new processes forked by the
1529 * kernel; at this point, we will not listen to the
1530 * signals anyway */
1531 if (detect_container() <= 0)
1532 (void) cg_uninstall_release_agent(SYSTEMD_CGROUP_CONTROLLER);
1533
1534 execve(SYSTEMD_SHUTDOWN_BINARY_PATH, (char **) command_line, env_block);
1535 return -errno;
1536 }
1537
1538 static void initialize_clock(void) {
1539 int r;
1540
1541 if (clock_is_localtime(NULL) > 0) {
1542 int min;
1543
1544 /*
1545 * The very first call of settimeofday() also does a time warp in the kernel.
1546 *
1547 * In the rtc-in-local time mode, we set the kernel's timezone, and rely on external tools to take care
1548 * of maintaining the RTC and do all adjustments. This matches the behavior of Windows, which leaves
1549 * the RTC alone if the registry tells that the RTC runs in UTC.
1550 */
1551 r = clock_set_timezone(&min);
1552 if (r < 0)
1553 log_error_errno(r, "Failed to apply local time delta, ignoring: %m");
1554 else
1555 log_info("RTC configured in localtime, applying delta of %i minutes to system time.", min);
1556
1557 } else if (!in_initrd()) {
1558 /*
1559 * Do a dummy very first call to seal the kernel's time warp magic.
1560 *
1561 * Do not call this from inside the initrd. The initrd might not carry /etc/adjtime with LOCAL, but the
1562 * real system could be set up that way. In such case, we need to delay the time-warp or the sealing
1563 * until we reach the real system.
1564 *
1565 * Do no set the kernel's timezone. The concept of local time cannot be supported reliably, the time
1566 * will jump or be incorrect at every daylight saving time change. All kernel local time concepts will
1567 * be treated as UTC that way.
1568 */
1569 (void) clock_reset_timewarp();
1570 }
1571
1572 r = clock_apply_epoch();
1573 if (r < 0)
1574 log_error_errno(r, "Current system time is before build time, but cannot correct: %m");
1575 else if (r > 0)
1576 log_info("System time before build time, advancing clock.");
1577 }
1578
1579 static void initialize_coredump(bool skip_setup) {
1580
1581 if (getpid_cached() != 1)
1582 return;
1583
1584 /* Don't limit the core dump size, so that coredump handlers such as systemd-coredump (which honour the limit)
1585 * will process core dumps for system services by default. */
1586 if (setrlimit(RLIMIT_CORE, &RLIMIT_MAKE_CONST(RLIM_INFINITY)) < 0)
1587 log_warning_errno(errno, "Failed to set RLIMIT_CORE: %m");
1588
1589 /* But at the same time, turn off the core_pattern logic by default, so that no coredumps are stored
1590 * until the systemd-coredump tool is enabled via sysctl. */
1591 if (!skip_setup)
1592 (void) write_string_file("/proc/sys/kernel/core_pattern", "|/bin/false", 0);
1593 }
1594
1595 static void do_reexecute(
1596 int argc,
1597 char *argv[],
1598 const struct rlimit *saved_rlimit_nofile,
1599 const struct rlimit *saved_rlimit_memlock,
1600 FDSet *fds,
1601 const char *switch_root_dir,
1602 const char *switch_root_init,
1603 const char **ret_error_message) {
1604
1605 unsigned i, j, args_size;
1606 const char **args;
1607 int r;
1608
1609 assert(saved_rlimit_nofile);
1610 assert(saved_rlimit_memlock);
1611 assert(ret_error_message);
1612
1613 /* Close and disarm the watchdog, so that the new instance can reinitialize it, but doesn't get rebooted while
1614 * we do that */
1615 watchdog_close(true);
1616
1617 /* Reset the RLIMIT_NOFILE to the kernel default, so that the new systemd can pass the kernel default to its
1618 * child processes */
1619
1620 if (saved_rlimit_nofile->rlim_cur > 0)
1621 (void) setrlimit(RLIMIT_NOFILE, saved_rlimit_nofile);
1622 if (saved_rlimit_memlock->rlim_cur != (rlim_t) -1)
1623 (void) setrlimit(RLIMIT_MEMLOCK, saved_rlimit_memlock);
1624
1625 if (switch_root_dir) {
1626 /* Kill all remaining processes from the initrd, but don't wait for them, so that we can handle the
1627 * SIGCHLD for them after deserializing. */
1628 broadcast_signal(SIGTERM, false, true);
1629
1630 /* And switch root with MS_MOVE, because we remove the old directory afterwards and detach it. */
1631 r = switch_root(switch_root_dir, "/mnt", true, MS_MOVE);
1632 if (r < 0)
1633 log_error_errno(r, "Failed to switch root, trying to continue: %m");
1634 }
1635
1636 args_size = MAX(6, argc+1);
1637 args = newa(const char*, args_size);
1638
1639 if (!switch_root_init) {
1640 char sfd[DECIMAL_STR_MAX(int) + 1];
1641
1642 /* First try to spawn ourselves with the right path, and with full serialization. We do this only if
1643 * the user didn't specify an explicit init to spawn. */
1644
1645 assert(arg_serialization);
1646 assert(fds);
1647
1648 xsprintf(sfd, "%i", fileno(arg_serialization));
1649
1650 i = 0;
1651 args[i++] = SYSTEMD_BINARY_PATH;
1652 if (switch_root_dir)
1653 args[i++] = "--switched-root";
1654 args[i++] = arg_system ? "--system" : "--user";
1655 args[i++] = "--deserialize";
1656 args[i++] = sfd;
1657 args[i++] = NULL;
1658
1659 assert(i <= args_size);
1660
1661 /*
1662 * We want valgrind to print its memory usage summary before reexecution. Valgrind won't do this is on
1663 * its own on exec(), but it will do it on exit(). Hence, to ensure we get a summary here, fork() off
1664 * a child, let it exit() cleanly, so that it prints the summary, and wait() for it in the parent,
1665 * before proceeding into the exec().
1666 */
1667 valgrind_summary_hack();
1668
1669 (void) execv(args[0], (char* const*) args);
1670 log_debug_errno(errno, "Failed to execute our own binary, trying fallback: %m");
1671 }
1672
1673 /* Try the fallback, if there is any, without any serialization. We pass the original argv[] and envp[]. (Well,
1674 * modulo the ordering changes due to getopt() in argv[], and some cleanups in envp[], but let's hope that
1675 * doesn't matter.) */
1676
1677 arg_serialization = safe_fclose(arg_serialization);
1678 fds = fdset_free(fds);
1679
1680 /* Reopen the console */
1681 (void) make_console_stdio();
1682
1683 for (j = 1, i = 1; j < (unsigned) argc; j++)
1684 args[i++] = argv[j];
1685 args[i++] = NULL;
1686 assert(i <= args_size);
1687
1688 /* Reenable any blocked signals, especially important if we switch from initial ramdisk to init=... */
1689 (void) reset_all_signal_handlers();
1690 (void) reset_signal_mask();
1691
1692 if (switch_root_init) {
1693 args[0] = switch_root_init;
1694 (void) execv(args[0], (char* const*) args);
1695 log_warning_errno(errno, "Failed to execute configured init, trying fallback: %m");
1696 }
1697
1698 args[0] = "/sbin/init";
1699 (void) execv(args[0], (char* const*) args);
1700 r = -errno;
1701
1702 manager_status_printf(NULL, STATUS_TYPE_EMERGENCY,
1703 ANSI_HIGHLIGHT_RED " !! " ANSI_NORMAL,
1704 "Failed to execute /sbin/init");
1705
1706 if (r == -ENOENT) {
1707 log_warning("No /sbin/init, trying fallback");
1708
1709 args[0] = "/bin/sh";
1710 args[1] = NULL;
1711 (void) execv(args[0], (char* const*) args);
1712 log_error_errno(errno, "Failed to execute /bin/sh, giving up: %m");
1713 } else
1714 log_warning_errno(r, "Failed to execute /sbin/init, giving up: %m");
1715
1716 *ret_error_message = "Failed to execute fallback shell";
1717 }
1718
1719 static int invoke_main_loop(
1720 Manager *m,
1721 bool *ret_reexecute,
1722 int *ret_retval, /* Return parameters relevant for shutting down */
1723 const char **ret_shutdown_verb, /* … */
1724 FDSet **ret_fds, /* Return parameters for reexecuting */
1725 char **ret_switch_root_dir, /* … */
1726 char **ret_switch_root_init, /* … */
1727 const char **ret_error_message) {
1728
1729 int r;
1730
1731 assert(m);
1732 assert(ret_reexecute);
1733 assert(ret_retval);
1734 assert(ret_shutdown_verb);
1735 assert(ret_fds);
1736 assert(ret_switch_root_dir);
1737 assert(ret_switch_root_init);
1738 assert(ret_error_message);
1739
1740 for (;;) {
1741 r = manager_loop(m);
1742 if (r < 0) {
1743 *ret_error_message = "Failed to run main loop";
1744 return log_emergency_errno(r, "Failed to run main loop: %m");
1745 }
1746
1747 switch (m->exit_code) {
1748
1749 case MANAGER_RELOAD:
1750 log_info("Reloading.");
1751
1752 r = parse_config_file();
1753 if (r < 0)
1754 log_warning_errno(r, "Failed to parse config file, ignoring: %m");
1755
1756 set_manager_defaults(m);
1757
1758 r = manager_reload(m);
1759 if (r < 0)
1760 log_warning_errno(r, "Failed to reload, ignoring: %m");
1761
1762 break;
1763
1764 case MANAGER_REEXECUTE:
1765
1766 r = prepare_reexecute(m, &arg_serialization, ret_fds, false);
1767 if (r < 0) {
1768 *ret_error_message = "Failed to prepare for reexecution";
1769 return r;
1770 }
1771
1772 log_notice("Reexecuting.");
1773
1774 *ret_reexecute = true;
1775 *ret_retval = EXIT_SUCCESS;
1776 *ret_shutdown_verb = NULL;
1777 *ret_switch_root_dir = *ret_switch_root_init = NULL;
1778
1779 return 0;
1780
1781 case MANAGER_SWITCH_ROOT:
1782 if (!m->switch_root_init) {
1783 r = prepare_reexecute(m, &arg_serialization, ret_fds, true);
1784 if (r < 0) {
1785 *ret_error_message = "Failed to prepare for reexecution";
1786 return r;
1787 }
1788 } else
1789 *ret_fds = NULL;
1790
1791 log_notice("Switching root.");
1792
1793 *ret_reexecute = true;
1794 *ret_retval = EXIT_SUCCESS;
1795 *ret_shutdown_verb = NULL;
1796
1797 /* Steal the switch root parameters */
1798 *ret_switch_root_dir = m->switch_root;
1799 *ret_switch_root_init = m->switch_root_init;
1800 m->switch_root = m->switch_root_init = NULL;
1801
1802 return 0;
1803
1804 case MANAGER_EXIT:
1805
1806 if (MANAGER_IS_USER(m)) {
1807 log_debug("Exit.");
1808
1809 *ret_reexecute = false;
1810 *ret_retval = m->return_value;
1811 *ret_shutdown_verb = NULL;
1812 *ret_fds = NULL;
1813 *ret_switch_root_dir = *ret_switch_root_init = NULL;
1814
1815 return 0;
1816 }
1817
1818 _fallthrough_;
1819 case MANAGER_REBOOT:
1820 case MANAGER_POWEROFF:
1821 case MANAGER_HALT:
1822 case MANAGER_KEXEC: {
1823 static const char * const table[_MANAGER_EXIT_CODE_MAX] = {
1824 [MANAGER_EXIT] = "exit",
1825 [MANAGER_REBOOT] = "reboot",
1826 [MANAGER_POWEROFF] = "poweroff",
1827 [MANAGER_HALT] = "halt",
1828 [MANAGER_KEXEC] = "kexec"
1829 };
1830
1831 log_notice("Shutting down.");
1832
1833 *ret_reexecute = false;
1834 *ret_retval = m->return_value;
1835 assert_se(*ret_shutdown_verb = table[m->exit_code]);
1836 *ret_fds = NULL;
1837 *ret_switch_root_dir = *ret_switch_root_init = NULL;
1838
1839 return 0;
1840 }
1841
1842 default:
1843 assert_not_reached("Unknown exit code.");
1844 }
1845 }
1846 }
1847
1848 static void log_execution_mode(bool *ret_first_boot) {
1849 assert(ret_first_boot);
1850
1851 if (arg_system) {
1852 int v;
1853
1854 log_info(PACKAGE_STRING " running in %ssystem mode. (" SYSTEMD_FEATURES ")",
1855 arg_action == ACTION_TEST ? "test " : "" );
1856
1857 v = detect_virtualization();
1858 if (v > 0)
1859 log_info("Detected virtualization %s.", virtualization_to_string(v));
1860
1861 log_info("Detected architecture %s.", architecture_to_string(uname_architecture()));
1862
1863 if (in_initrd()) {
1864 *ret_first_boot = false;
1865 log_info("Running in initial RAM disk.");
1866 } else {
1867 /* Let's check whether we are in first boot, i.e. whether /etc is still unpopulated. We use
1868 * /etc/machine-id as flag file, for this: if it exists we assume /etc is populated, if it
1869 * doesn't it's unpopulated. This allows container managers and installers to provision a
1870 * couple of files already. If the container manager wants to provision the machine ID itself
1871 * it should pass $container_uuid to PID 1. */
1872
1873 *ret_first_boot = access("/etc/machine-id", F_OK) < 0;
1874 if (*ret_first_boot)
1875 log_info("Running with unpopulated /etc.");
1876 }
1877 } else {
1878 _cleanup_free_ char *t;
1879
1880 t = uid_to_name(getuid());
1881 log_debug(PACKAGE_STRING " running in %suser mode for user " UID_FMT "/%s. (" SYSTEMD_FEATURES ")",
1882 arg_action == ACTION_TEST ? " test" : "", getuid(), strna(t));
1883
1884 *ret_first_boot = false;
1885 }
1886 }
1887
1888 static int initialize_runtime(
1889 bool skip_setup,
1890 struct rlimit *saved_rlimit_nofile,
1891 struct rlimit *saved_rlimit_memlock,
1892 const char **ret_error_message) {
1893
1894 int r;
1895
1896 assert(ret_error_message);
1897
1898 /* Sets up various runtime parameters. Many of these initializations are conditionalized:
1899 *
1900 * - Some only apply to --system instances
1901 * - Some only apply to --user instances
1902 * - Some only apply when we first start up, but not when we reexecute
1903 */
1904
1905 if (arg_system && !skip_setup) {
1906 if (arg_show_status > 0)
1907 status_welcome();
1908
1909 hostname_setup();
1910 machine_id_setup(NULL, arg_machine_id, NULL);
1911 loopback_setup();
1912 bump_unix_max_dgram_qlen();
1913 test_usr();
1914 write_container_id();
1915 }
1916
1917 if (arg_system && arg_runtime_watchdog > 0 && arg_runtime_watchdog != USEC_INFINITY)
1918 watchdog_set_timeout(&arg_runtime_watchdog);
1919
1920 if (arg_timer_slack_nsec != NSEC_INFINITY)
1921 if (prctl(PR_SET_TIMERSLACK, arg_timer_slack_nsec) < 0)
1922 log_error_errno(errno, "Failed to adjust timer slack: %m");
1923
1924 if (arg_system && !cap_test_all(arg_capability_bounding_set)) {
1925 r = capability_bounding_set_drop_usermode(arg_capability_bounding_set);
1926 if (r < 0) {
1927 *ret_error_message = "Failed to drop capability bounding set of usermode helpers";
1928 return log_emergency_errno(r, "Failed to drop capability bounding set of usermode helpers: %m");
1929 }
1930
1931 r = capability_bounding_set_drop(arg_capability_bounding_set, true);
1932 if (r < 0) {
1933 *ret_error_message = "Failed to drop capability bounding set";
1934 return log_emergency_errno(r, "Failed to drop capability bounding set: %m");
1935 }
1936 }
1937
1938 if (arg_syscall_archs) {
1939 r = enforce_syscall_archs(arg_syscall_archs);
1940 if (r < 0) {
1941 *ret_error_message = "Failed to set syscall architectures";
1942 return r;
1943 }
1944 }
1945
1946 if (!arg_system)
1947 /* Become reaper of our children */
1948 if (prctl(PR_SET_CHILD_SUBREAPER, 1) < 0)
1949 log_warning_errno(errno, "Failed to make us a subreaper: %m");
1950
1951 if (arg_system) {
1952 /* Bump up RLIMIT_NOFILE for systemd itself */
1953 (void) bump_rlimit_nofile(saved_rlimit_nofile);
1954 (void) bump_rlimit_memlock(saved_rlimit_memlock);
1955 }
1956
1957 return 0;
1958 }
1959
1960 static int do_queue_default_job(
1961 Manager *m,
1962 const char **ret_error_message) {
1963
1964 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1965 Job *default_unit_job;
1966 Unit *target = NULL;
1967 int r;
1968
1969 log_debug("Activating default unit: %s", arg_default_unit);
1970
1971 r = manager_load_unit(m, arg_default_unit, NULL, &error, &target);
1972 if (r < 0)
1973 log_error("Failed to load default target: %s", bus_error_message(&error, r));
1974 else if (IN_SET(target->load_state, UNIT_ERROR, UNIT_NOT_FOUND))
1975 log_error_errno(target->load_error, "Failed to load default target: %m");
1976 else if (target->load_state == UNIT_MASKED)
1977 log_error("Default target masked.");
1978
1979 if (!target || target->load_state != UNIT_LOADED) {
1980 log_info("Trying to load rescue target...");
1981
1982 r = manager_load_unit(m, SPECIAL_RESCUE_TARGET, NULL, &error, &target);
1983 if (r < 0) {
1984 *ret_error_message = "Failed to load rescue target";
1985 return log_emergency_errno(r, "Failed to load rescue target: %s", bus_error_message(&error, r));
1986 } else if (IN_SET(target->load_state, UNIT_ERROR, UNIT_NOT_FOUND)) {
1987 *ret_error_message = "Failed to load rescue target";
1988 return log_emergency_errno(target->load_error, "Failed to load rescue target: %m");
1989 } else if (target->load_state == UNIT_MASKED) {
1990 *ret_error_message = "Rescue target masked";
1991 log_emergency("Rescue target masked.");
1992 return -ERFKILL;
1993 }
1994 }
1995
1996 assert(target->load_state == UNIT_LOADED);
1997
1998 r = manager_add_job(m, JOB_START, target, JOB_ISOLATE, &error, &default_unit_job);
1999 if (r == -EPERM) {
2000 log_debug_errno(r, "Default target could not be isolated, starting instead: %s", bus_error_message(&error, r));
2001
2002 sd_bus_error_free(&error);
2003
2004 r = manager_add_job(m, JOB_START, target, JOB_REPLACE, &error, &default_unit_job);
2005 if (r < 0) {
2006 *ret_error_message = "Failed to start default target";
2007 return log_emergency_errno(r, "Failed to start default target: %s", bus_error_message(&error, r));
2008 }
2009
2010 } else if (r < 0) {
2011 *ret_error_message = "Failed to isolate default target";
2012 return log_emergency_errno(r, "Failed to isolate default target: %s", bus_error_message(&error, r));
2013 }
2014
2015 m->default_unit_job_id = default_unit_job->id;
2016
2017 return 0;
2018 }
2019
2020 static void free_arguments(void) {
2021 size_t j;
2022
2023 /* Frees all arg_* variables, with the exception of arg_serialization */
2024
2025 for (j = 0; j < ELEMENTSOF(arg_default_rlimit); j++)
2026 arg_default_rlimit[j] = mfree(arg_default_rlimit[j]);
2027
2028 arg_default_unit = mfree(arg_default_unit);
2029 arg_confirm_spawn = mfree(arg_confirm_spawn);
2030 arg_join_controllers = strv_free_free(arg_join_controllers);
2031 arg_default_environment = strv_free(arg_default_environment);
2032 arg_syscall_archs = set_free(arg_syscall_archs);
2033 }
2034
2035 int main(int argc, char *argv[]) {
2036 Manager *m = NULL;
2037 int r, retval = EXIT_FAILURE;
2038 usec_t before_startup, after_startup;
2039 char timespan[FORMAT_TIMESPAN_MAX];
2040 FDSet *fds = NULL;
2041 bool reexecute = false;
2042 const char *shutdown_verb = NULL;
2043 dual_timestamp initrd_timestamp = DUAL_TIMESTAMP_NULL;
2044 dual_timestamp userspace_timestamp = DUAL_TIMESTAMP_NULL;
2045 dual_timestamp kernel_timestamp = DUAL_TIMESTAMP_NULL;
2046 dual_timestamp security_start_timestamp = DUAL_TIMESTAMP_NULL;
2047 dual_timestamp security_finish_timestamp = DUAL_TIMESTAMP_NULL;
2048 static char systemd[] = "systemd";
2049 bool skip_setup = false;
2050 bool loaded_policy = false;
2051 bool queue_default_job = false;
2052 bool first_boot = false;
2053 char *switch_root_dir = NULL, *switch_root_init = NULL;
2054 struct rlimit saved_rlimit_nofile = RLIMIT_MAKE_CONST(0), saved_rlimit_memlock = RLIMIT_MAKE_CONST((rlim_t) -1);
2055 const char *error_message = NULL;
2056
2057 redirect_telinit(argc, argv);
2058
2059 dual_timestamp_from_monotonic(&kernel_timestamp, 0);
2060 dual_timestamp_get(&userspace_timestamp);
2061
2062 /* Determine if this is a reexecution or normal bootup. We do
2063 * the full command line parsing much later, so let's just
2064 * have a quick peek here. */
2065 if (strv_find(argv+1, "--deserialize"))
2066 skip_setup = true;
2067
2068 /* If we have switched root, do all the special setup
2069 * things */
2070 if (strv_find(argv+1, "--switched-root"))
2071 skip_setup = false;
2072
2073 /* If we get started via the /sbin/init symlink then we are
2074 called 'init'. After a subsequent reexecution we are then
2075 called 'systemd'. That is confusing, hence let's call us
2076 systemd right-away. */
2077 program_invocation_short_name = systemd;
2078 (void) prctl(PR_SET_NAME, systemd);
2079
2080 saved_argv = argv;
2081 saved_argc = argc;
2082
2083 log_set_upgrade_syslog_to_journal(true);
2084
2085 if (getpid_cached() == 1) {
2086 /* Disable the umask logic */
2087 umask(0);
2088
2089 /* Always reopen /dev/console when running as PID 1 or one of its pre-execve() children. This is
2090 * important so that we never end up logging to any foreign stderr, for example if we have to log in a
2091 * child process right before execve()'ing the actual binary, at a point in time where socket
2092 * activation stderr/stdout area already set up. */
2093 log_set_always_reopen_console(true);
2094 }
2095
2096 if (getpid_cached() == 1 && detect_container() <= 0) {
2097
2098 /* Running outside of a container as PID 1 */
2099 arg_system = true;
2100 log_set_target(LOG_TARGET_KMSG);
2101 log_open();
2102
2103 if (in_initrd())
2104 initrd_timestamp = userspace_timestamp;
2105
2106 if (!skip_setup) {
2107 r = mount_setup_early();
2108 if (r < 0) {
2109 error_message = "Failed to mount early API filesystems";
2110 goto finish;
2111 }
2112
2113 dual_timestamp_get(&security_start_timestamp);
2114 if (mac_selinux_setup(&loaded_policy) < 0) {
2115 error_message = "Failed to load SELinux policy";
2116 goto finish;
2117 } else if (mac_smack_setup(&loaded_policy) < 0) {
2118 error_message = "Failed to load SMACK policy";
2119 goto finish;
2120 } else if (ima_setup() < 0) {
2121 error_message = "Failed to load IMA policy";
2122 goto finish;
2123 }
2124 dual_timestamp_get(&security_finish_timestamp);
2125 }
2126
2127 if (mac_selinux_init() < 0) {
2128 error_message = "Failed to initialize SELinux policy";
2129 goto finish;
2130 }
2131
2132 if (!skip_setup)
2133 initialize_clock();
2134
2135 /* Set the default for later on, but don't actually
2136 * open the logs like this for now. Note that if we
2137 * are transitioning from the initrd there might still
2138 * be journal fd open, and we shouldn't attempt
2139 * opening that before we parsed /proc/cmdline which
2140 * might redirect output elsewhere. */
2141 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
2142
2143 } else if (getpid_cached() == 1) {
2144 /* Running inside a container, as PID 1 */
2145 arg_system = true;
2146 log_set_target(LOG_TARGET_CONSOLE);
2147 log_close_console(); /* force reopen of /dev/console */
2148 log_open();
2149
2150 /* For later on, see above... */
2151 log_set_target(LOG_TARGET_JOURNAL);
2152
2153 /* clear the kernel timestamp,
2154 * because we are in a container */
2155 kernel_timestamp = DUAL_TIMESTAMP_NULL;
2156 } else {
2157 /* Running as user instance */
2158 arg_system = false;
2159 log_set_target(LOG_TARGET_AUTO);
2160 log_open();
2161
2162 /* clear the kernel timestamp,
2163 * because we are not PID 1 */
2164 kernel_timestamp = DUAL_TIMESTAMP_NULL;
2165 }
2166
2167 initialize_coredump(skip_setup);
2168
2169 if (arg_system) {
2170 if (fixup_environment() < 0) {
2171 error_message = "Failed to fix up PID1 environment";
2172 goto finish;
2173 }
2174
2175 /* Try to figure out if we can use colors with the console. No
2176 * need to do that for user instances since they never log
2177 * into the console. */
2178 log_show_color(colors_enabled());
2179 r = make_null_stdio();
2180 if (r < 0)
2181 log_warning_errno(r, "Failed to redirect standard streams to /dev/null: %m");
2182 }
2183
2184 r = initialize_join_controllers();
2185 if (r < 0) {
2186 error_message = "Failed to initialize cgroup controllers";
2187 goto finish;
2188 }
2189
2190 /* Mount /proc, /sys and friends, so that /proc/cmdline and
2191 * /proc/$PID/fd is available. */
2192 if (getpid_cached() == 1) {
2193
2194 /* Load the kernel modules early. */
2195 if (!skip_setup)
2196 kmod_setup();
2197
2198 r = mount_setup(loaded_policy);
2199 if (r < 0) {
2200 error_message = "Failed to mount API filesystems";
2201 goto finish;
2202 }
2203 }
2204
2205 /* Reset all signal handlers. */
2206 (void) reset_all_signal_handlers();
2207 (void) ignore_signals(SIGNALS_IGNORE, -1);
2208
2209 arg_default_tasks_max = system_tasks_max_scale(DEFAULT_TASKS_MAX_PERCENTAGE, 100U);
2210
2211 if (parse_config_file() < 0) {
2212 error_message = "Failed to parse config file";
2213 goto finish;
2214 }
2215
2216 if (arg_system) {
2217 r = proc_cmdline_parse(parse_proc_cmdline_item, NULL, 0);
2218 if (r < 0)
2219 log_warning_errno(r, "Failed to parse kernel command line, ignoring: %m");
2220 }
2221
2222 /* Note that this also parses bits from the kernel command
2223 * line, including "debug". */
2224 log_parse_environment();
2225
2226 if (parse_argv(argc, argv) < 0) {
2227 error_message = "Failed to parse commandline arguments";
2228 goto finish;
2229 }
2230
2231 /* Initialize default unit */
2232 if (!arg_default_unit) {
2233 arg_default_unit = strdup(SPECIAL_DEFAULT_TARGET);
2234 if (!arg_default_unit) {
2235 r = log_oom();
2236 error_message = "Failed to set default unit";
2237 goto finish;
2238 }
2239 }
2240
2241 if (arg_action == ACTION_TEST &&
2242 geteuid() == 0) {
2243 log_error("Don't run test mode as root.");
2244 goto finish;
2245 }
2246
2247 if (!arg_system &&
2248 arg_action == ACTION_RUN &&
2249 sd_booted() <= 0) {
2250 log_error("Trying to run as user instance, but the system has not been booted with systemd.");
2251 goto finish;
2252 }
2253
2254 if (arg_system &&
2255 arg_action == ACTION_RUN &&
2256 running_in_chroot() > 0) {
2257 log_error("Cannot be run in a chroot() environment.");
2258 goto finish;
2259 }
2260
2261 if (IN_SET(arg_action, ACTION_TEST, ACTION_HELP)) {
2262 pager_open(arg_no_pager, false);
2263 skip_setup = true;
2264 }
2265
2266 if (arg_action == ACTION_HELP) {
2267 retval = help();
2268 goto finish;
2269 } else if (arg_action == ACTION_VERSION) {
2270 retval = version();
2271 goto finish;
2272 } else if (arg_action == ACTION_DUMP_CONFIGURATION_ITEMS) {
2273 pager_open(arg_no_pager, false);
2274 unit_dump_config_items(stdout);
2275 retval = EXIT_SUCCESS;
2276 goto finish;
2277 }
2278
2279 if (!arg_system &&
2280 !getenv("XDG_RUNTIME_DIR")) {
2281 log_error("Trying to run as user instance, but $XDG_RUNTIME_DIR is not set.");
2282 goto finish;
2283 }
2284
2285 assert_se(IN_SET(arg_action, ACTION_RUN, ACTION_TEST));
2286
2287 /* Close logging fds, in order not to confuse fdset below */
2288 log_close();
2289
2290 /* Remember open file descriptors for later deserialization */
2291 if (arg_action == ACTION_RUN) {
2292 r = fdset_new_fill(&fds);
2293 if (r < 0) {
2294 log_emergency_errno(r, "Failed to allocate fd set: %m");
2295 error_message = "Failed to allocate fd set";
2296 goto finish;
2297 } else
2298 fdset_cloexec(fds, true);
2299
2300 if (arg_serialization)
2301 assert_se(fdset_remove(fds, fileno(arg_serialization)) >= 0);
2302
2303 if (arg_system)
2304 /* Become a session leader if we aren't one yet. */
2305 setsid();
2306 }
2307
2308 /* Move out of the way, so that we won't block unmounts */
2309 assert_se(chdir("/") == 0);
2310
2311 /* Reset the console, but only if this is really init and we
2312 * are freshly booted */
2313 if (arg_system && arg_action == ACTION_RUN) {
2314
2315 /* If we are init, we connect stdin/stdout/stderr to
2316 * /dev/null and make sure we don't have a controlling
2317 * tty. */
2318 release_terminal();
2319
2320 if (getpid_cached() == 1 && !skip_setup)
2321 console_setup();
2322 }
2323
2324 /* Open the logging devices, if possible and necessary */
2325 log_open();
2326
2327 if (arg_show_status == _SHOW_STATUS_UNSET)
2328 arg_show_status = SHOW_STATUS_YES;
2329
2330 /* Make sure we leave a core dump without panicing the
2331 * kernel. */
2332 if (getpid_cached() == 1) {
2333 install_crash_handler();
2334
2335 r = mount_cgroup_controllers(arg_join_controllers);
2336 if (r < 0)
2337 goto finish;
2338 }
2339
2340 log_execution_mode(&first_boot);
2341
2342 if (arg_action == ACTION_RUN) {
2343 r = initialize_runtime(skip_setup,
2344 &saved_rlimit_nofile,
2345 &saved_rlimit_memlock,
2346 &error_message);
2347 if (r < 0)
2348 goto finish;
2349 }
2350
2351 r = manager_new(arg_system ? UNIT_FILE_SYSTEM : UNIT_FILE_USER,
2352 arg_action == ACTION_TEST ? MANAGER_TEST_FULL : 0,
2353 &m);
2354 if (r < 0) {
2355 log_emergency_errno(r, "Failed to allocate manager object: %m");
2356 error_message = "Failed to allocate manager object";
2357 goto finish;
2358 }
2359
2360 m->timestamps[MANAGER_TIMESTAMP_KERNEL] = kernel_timestamp;
2361 m->timestamps[MANAGER_TIMESTAMP_INITRD] = initrd_timestamp;
2362 m->timestamps[MANAGER_TIMESTAMP_USERSPACE] = userspace_timestamp;
2363 m->timestamps[MANAGER_TIMESTAMP_SECURITY_START] = security_start_timestamp;
2364 m->timestamps[MANAGER_TIMESTAMP_SECURITY_FINISH] = security_finish_timestamp;
2365
2366 set_manager_defaults(m);
2367 set_manager_settings(m);
2368 manager_set_first_boot(m, first_boot);
2369
2370 /* Remember whether we should queue the default job */
2371 queue_default_job = !arg_serialization || arg_switched_root;
2372
2373 before_startup = now(CLOCK_MONOTONIC);
2374
2375 r = manager_startup(m, arg_serialization, fds);
2376 if (r < 0) {
2377 log_error_errno(r, "Failed to fully start up daemon: %m");
2378 goto finish;
2379 }
2380
2381 /* This will close all file descriptors that were opened, but not claimed by any unit. */
2382 fds = fdset_free(fds);
2383 arg_serialization = safe_fclose(arg_serialization);
2384
2385 if (queue_default_job) {
2386 r = do_queue_default_job(m, &error_message);
2387 if (r < 0)
2388 goto finish;
2389 }
2390
2391 after_startup = now(CLOCK_MONOTONIC);
2392
2393 log_full(arg_action == ACTION_TEST ? LOG_INFO : LOG_DEBUG,
2394 "Loaded units and determined initial transaction in %s.",
2395 format_timespan(timespan, sizeof(timespan), after_startup - before_startup, 100 * USEC_PER_MSEC));
2396
2397 if (arg_action == ACTION_TEST) {
2398 printf("-> By units:\n");
2399 manager_dump_units(m, stdout, "\t");
2400
2401 printf("-> By jobs:\n");
2402 manager_dump_jobs(m, stdout, "\t");
2403 retval = EXIT_SUCCESS;
2404 goto finish;
2405 }
2406
2407 r = invoke_main_loop(m,
2408 &reexecute,
2409 &retval,
2410 &shutdown_verb,
2411 &fds,
2412 &switch_root_dir,
2413 &switch_root_init,
2414 &error_message);
2415
2416 finish:
2417 pager_close();
2418
2419 if (m)
2420 arg_shutdown_watchdog = m->shutdown_watchdog;
2421
2422 m = manager_free(m);
2423
2424 free_arguments();
2425 mac_selinux_finish();
2426
2427 if (reexecute)
2428 do_reexecute(argc, argv,
2429 &saved_rlimit_nofile,
2430 &saved_rlimit_memlock,
2431 fds,
2432 switch_root_dir,
2433 switch_root_init,
2434 &error_message); /* This only returns if reexecution failed */
2435
2436 arg_serialization = safe_fclose(arg_serialization);
2437 fds = fdset_free(fds);
2438
2439 #if HAVE_VALGRIND_VALGRIND_H
2440 /* If we are PID 1 and running under valgrind, then let's exit
2441 * here explicitly. valgrind will only generate nice output on
2442 * exit(), not on exec(), hence let's do the former not the
2443 * latter here. */
2444 if (getpid_cached() == 1 && RUNNING_ON_VALGRIND)
2445 return 0;
2446 #endif
2447
2448 if (shutdown_verb) {
2449 r = become_shutdown(shutdown_verb, retval);
2450
2451 log_error_errno(r, "Failed to execute shutdown binary, %s: %m", getpid_cached() == 1 ? "freezing" : "quitting");
2452 error_message = "Failed to execute shutdown binary";
2453 }
2454
2455 if (getpid_cached() == 1) {
2456 if (error_message)
2457 manager_status_printf(NULL, STATUS_TYPE_EMERGENCY,
2458 ANSI_HIGHLIGHT_RED "!!!!!!" ANSI_NORMAL,
2459 "%s, freezing.", error_message);
2460 freeze_or_reboot();
2461 }
2462
2463 return retval;
2464 }
Unnamed repository; edit this file 'description' to name the repository.