]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/main.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
test-unit-file: add test for semicolon escaping
[thirdparty/systemd.git] / src / core / main.c
CommitLineData
d6c9574f 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
60918275 2
a7334b09
LP		 3/***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
a7334b09
LP		 11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 16 Lesser General Public License for more details.
a7334b09 17
5430f7f2 18 You should have received a copy of the GNU Lesser General Public License
a7334b09
LP		 19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20***/
21
60918275
LP		 22#include <stdio.h>
23#include <errno.h>
24#include <string.h>
16354eff 25#include <unistd.h>
4ade7963
LP		 26#include <sys/types.h>
27#include <sys/stat.h>
f170852a 28#include <getopt.h>
97c4f35c 29#include <signal.h>
4fc935ca 30#include <sys/wait.h>
80876c20 31#include <fcntl.h>
f3b6a3ed 32#include <sys/prctl.h>
664f88a7 33#include <sys/mount.h>
60918275 34
54b434b1
LP		 35#ifdef HAVE_VALGRIND_VALGRIND_H
36#include <valgrind/valgrind.h>
37#endif
b64a3d86
LP		 38#ifdef HAVE_SECCOMP
39#include <seccomp.h>
40#endif
54b434b1 41
718db961
LP		 42#include "sd-daemon.h"
43#include "sd-messages.h"
44#include "sd-bus.h"
60918275 45#include "manager.h"
16354eff 46#include "log.h"
302e8c4c 47#include "load-fragment.h"
a16e1123 48#include "fdset.h"
514f4ef5 49#include "special.h"
487393e9 50#include "conf-parser.h"
ad780f19 51#include "missing.h"
e51bc1a2 52#include "label.h"
b87c2aa6 53#include "pager.h"
302e27c8 54#include "build.h"
06d4c99a 55#include "strv.h"
f6a6225e 56#include "def.h"
b52aae1d 57#include "virt.h"
d9d93745 58#include "architecture.h"
e96d6be7 59#include "watchdog.h"
664f88a7 60#include "path-util.h"
41669317 61#include "switch-root.h"
ec8927ca 62#include "capability.h"
bd3fa1d2 63#include "killall.h"
0c4025d1 64#include "env-util.h"
24efb112 65#include "clock-util.h"
718db961
LP		 66#include "fileio.h"
67#include "dbus-manager.h"
68#include "bus-error.h"
69#include "bus-util.h"
60918275 70
b6e66135
LP		 71#include "mount-setup.h"
72#include "loopback-setup.h"
b6e66135
LP		 73#include "hostname-setup.h"
74#include "machine-id-setup.h"
b6e66135
LP		 75#include "selinux-setup.h"
76#include "ima-setup.h"
ffbd2c4d 77#include "smack-setup.h"
718db961 78#include "kmod-setup.h"
b6e66135 79
f170852a
LP		 80static enum {
81 ACTION_RUN,
e965d56d 82 ACTION_HELP,
9ba0bc4e 83 ACTION_VERSION,
e537352b 84 ACTION_TEST,
4288f619
LP		 85 ACTION_DUMP_CONFIGURATION_ITEMS,
86 ACTION_DONE
fa0f4d8a 87} arg_action = ACTION_RUN;
fa0f4d8a 88static char *arg_default_unit = NULL;
67445f4e 89static SystemdRunningAs arg_running_as = _SYSTEMD_RUNNING_AS_INVALID;
fa0f4d8a
LP		 90static bool arg_dump_core = true;
91static bool arg_crash_shell = false;
92static int arg_crash_chvt = -1;
93static bool arg_confirm_spawn = false;
b6e2f329 94static ShowStatus arg_show_status = _SHOW_STATUS_UNSET;
bf4df7c3 95static bool arg_switched_root = false;
b87c2aa6 96static int arg_no_pager = -1;
0c85a4f3 97static char ***arg_join_controllers = NULL;
706343f4 98static ExecOutput arg_default_std_output = EXEC_OUTPUT_JOURNAL;
0a494f1f 99static ExecOutput arg_default_std_error = EXEC_OUTPUT_INHERIT;
1f19a534
OS		 100static usec_t arg_default_restart_usec = DEFAULT_RESTART_USEC;
101static usec_t arg_default_timeout_start_usec = DEFAULT_TIMEOUT_USEC;
102static usec_t arg_default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC;
3f41e1e5
LN		 103static usec_t arg_default_start_limit_interval = DEFAULT_START_LIMIT_INTERVAL;
104static unsigned arg_default_start_limit_burst = DEFAULT_START_LIMIT_BURST;
e96d6be7
LP		 105static usec_t arg_runtime_watchdog = 0;
106static usec_t arg_shutdown_watchdog = 10 * USEC_PER_MINUTE;
97d0e5f8 107static char **arg_default_environment = NULL;
517d56b1 108static struct rlimit *arg_default_rlimit[_RLIMIT_MAX] = {};
ec8927ca 109static uint64_t arg_capability_bounding_set_drop = 0;
3a43da28 110static nsec_t arg_timer_slack_nsec = NSEC_INFINITY;
bd8f585b 111static usec_t arg_default_timer_accuracy_usec = 1 * USEC_PER_MINUTE;
d3b1c508
LP		 112static Set* arg_syscall_archs = NULL;
113static FILE* arg_serialization = NULL;
085afe36
LP		 114static bool arg_default_cpu_accounting = false;
115static bool arg_default_blockio_accounting = false;
116static bool arg_default_memory_accounting = false;
4fc935ca 117
d3b1c508 118static void nop_handler(int sig) {}
6f5e3f35 119
b87c2aa6
ZJS		 120static void pager_open_if_enabled(void) {
121
122 if (arg_no_pager <= 0)
123 return;
124
125 pager_open(false);
126}
127
919ce0b7 128noreturn static void crash(int sig) {
97c4f35c 129
abb26902
LP		 130 if (getpid() != 1)
131 /* Pass this on immediately, if this is not PID 1 */
132 raise(sig);
133 else if (!arg_dump_core)
4104970e 134 log_emergency("Caught <%s>, not dumping core.", signal_to_string(sig));
97c4f35c 135 else {
b92bea5d
ZJS		 136 struct sigaction sa = {
137 .sa_handler = nop_handler,
138 .sa_flags = SA_NOCLDSTOP|SA_RESTART,
139 };
97c4f35c
LP		 140 pid_t pid;
141
6f5e3f35 142 /* We want to wait for the core process, hence let's enable SIGCHLD */
abb26902 143 sigaction(SIGCHLD, &sa, NULL);
6f5e3f35 144
e62d8c39
ZJS		 145 pid = fork();
146 if (pid < 0)
56f64d95 147 log_emergency_errno(errno, "Caught <%s>, cannot fork for core dump: %m", signal_to_string(sig));
97c4f35c
LP		 148
149 else if (pid == 0) {
b92bea5d 150 struct rlimit rl = {};
97c4f35c
LP		 151
152 /* Enable default signal handler for core dump */
153 zero(sa);
154 sa.sa_handler = SIG_DFL;
abb26902 155 sigaction(sig, &sa, NULL);
97c4f35c
LP		 156
157 /* Don't limit the core dump size */
97c4f35c
LP		 158 rl.rlim_cur = RLIM_INFINITY;
159 rl.rlim_max = RLIM_INFINITY;
160 setrlimit(RLIMIT_CORE, &rl);
161
162 /* Just to be sure... */
abb26902 163 chdir("/");
97c4f35c
LP		 164
165 /* Raise the signal again */
166 raise(sig);
167
168 assert_not_reached("We shouldn't be here...");
169 _exit(1);
4fc935ca
LP		 170
171 } else {
8e12a6ae
LP		 172 siginfo_t status;
173 int r;
4fc935ca
LP		 174
175 /* Order things nicely. */
e62d8c39
ZJS		 176 r = wait_for_terminate(pid, &status);
177 if (r < 0)
da927ba9 178 log_emergency_errno(r, "Caught <%s>, waitpid() failed: %m", signal_to_string(sig));
8e12a6ae 179 else if (status.si_code != CLD_DUMPED)
4104970e 180 log_emergency("Caught <%s>, core dump failed.", signal_to_string(sig));
4fc935ca 181 else
4104970e 182 log_emergency("Caught <%s>, dumped core as pid "PID_FMT".", signal_to_string(sig), pid);
97c4f35c
LP		 183 }
184 }
185
fa0f4d8a
LP		 186 if (arg_crash_chvt)
187 chvt(arg_crash_chvt);
601f6a1e 188
fa0f4d8a 189 if (arg_crash_shell) {
b92bea5d
ZJS		 190 struct sigaction sa = {
191 .sa_handler = SIG_IGN,
192 .sa_flags = SA_NOCLDSTOP|SA_NOCLDWAIT|SA_RESTART,
193 };
6f5e3f35 194 pid_t pid;
8c43883a 195
4fc935ca
LP		 196 log_info("Executing crash shell in 10s...");
197 sleep(10);
198
6f5e3f35 199 /* Let the kernel reap children for us */
6f5e3f35 200 assert_se(sigaction(SIGCHLD, &sa, NULL) == 0);
8c43883a 201
cd3bd60a
LP		 202 pid = fork();
203 if (pid < 0)
56f64d95 204 log_emergency_errno(errno, "Failed to fork off crash shell: %m");
6f5e3f35 205 else if (pid == 0) {
cd3bd60a 206 make_console_stdio();
6f5e3f35
LP		 207 execl("/bin/sh", "/bin/sh", NULL);
208
56f64d95 209 log_emergency_errno(errno, "execl() failed: %m");
6f5e3f35
LP		 210 _exit(1);
211 }
c99b188e 212
ccd06097 213 log_info("Successfully spawned crash shell as pid "PID_FMT".", pid);
4fc935ca
LP		 214 }
215
4104970e 216 log_emergency("Freezing execution.");
97c4f35c
LP		 217 freeze();
218}
219
220static void install_crash_handler(void) {
b92bea5d
ZJS		 221 struct sigaction sa = {
222 .sa_handler = crash,
223 .sa_flags = SA_NODEFER,
224 };
97c4f35c 225
1b91d3e8 226 sigaction_many(&sa, SIGNALS_CRASH_HANDLER, -1);
97c4f35c 227}
f170852a 228
56d96fc0
LP		 229static int console_setup(void) {
230 _cleanup_close_ int tty_fd = -1;
231 int r;
80876c20 232
512947d4 233 tty_fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
23bbb0de
MS		 234 if (tty_fd < 0)
235 return log_error_errno(tty_fd, "Failed to open /dev/console: %m");
80876c20 236
56d96fc0
LP		 237 /* We don't want to force text mode. plymouth may be showing
238 * pictures already from initrd. */
512947d4 239 r = reset_terminal_fd(tty_fd, false);
23bbb0de
MS		 240 if (r < 0)
241 return log_error_errno(r, "Failed to reset /dev/console: %m");
843d2643 242
56d96fc0 243 return 0;
80876c20
LP		 244}
245
f170852a
LP		 246static int set_default_unit(const char *u) {
247 char *c;
248
249 assert(u);
250
bf4df7c3
LP		 251 c = strdup(u);
252 if (!c)
f170852a
LP		 253 return -ENOMEM;
254
fa0f4d8a
LP		 255 free(arg_default_unit);
256 arg_default_unit = c;
bf4df7c3 257
f170852a
LP		 258 return 0;
259}
260
059cb385 261static int parse_proc_cmdline_item(const char *key, const char *value) {
f170852a
LP		 262
263 static const char * const rlmap[] = {
ed370f5d 264 "emergency", SPECIAL_EMERGENCY_TARGET,
099663ff 265 "-b", SPECIAL_EMERGENCY_TARGET,
5329ab10 266 "rescue", SPECIAL_RESCUE_TARGET,
ed370f5d
LP		 267 "single", SPECIAL_RESCUE_TARGET,
268 "-s", SPECIAL_RESCUE_TARGET,
269 "s", SPECIAL_RESCUE_TARGET,
270 "S", SPECIAL_RESCUE_TARGET,
271 "1", SPECIAL_RESCUE_TARGET,
272 "2", SPECIAL_RUNLEVEL2_TARGET,
273 "3", SPECIAL_RUNLEVEL3_TARGET,
274 "4", SPECIAL_RUNLEVEL4_TARGET,
275 "5", SPECIAL_RUNLEVEL5_TARGET,
f170852a 276 };
059cb385 277 int r;
f170852a 278
059cb385 279 assert(key);
5192bd19 280
059cb385 281 if (streq(key, "systemd.unit") && value) {
bf4df7c3
LP		 282
283 if (!in_initrd())
059cb385 284 return set_default_unit(value);
bf4df7c3 285
059cb385 286 } else if (streq(key, "rd.systemd.unit") && value) {
bf4df7c3 287
ca05941b
LP		 288 if (in_initrd())
289 return set_default_unit(value);
f170852a 290
059cb385 291 } else if (streq(key, "systemd.dump_core") && value) {
4fc935ca 292
059cb385 293 r = parse_boolean(value);
fb472900 294 if (r < 0)
059cb385 295 log_warning("Failed to parse dump core switch %s. Ignoring.", value);
4fc935ca 296 else
fa0f4d8a 297 arg_dump_core = r;
4fc935ca 298
059cb385 299 } else if (streq(key, "systemd.crash_shell") && value) {
4fc935ca 300
059cb385 301 r = parse_boolean(value);
fb472900 302 if (r < 0)
059cb385 303 log_warning("Failed to parse crash shell switch %s. Ignoring.", value);
4fc935ca 304 else
fa0f4d8a 305 arg_crash_shell = r;
5e7ee61c 306
059cb385 307 } else if (streq(key, "systemd.crash_chvt") && value) {
5e7ee61c 308
059cb385
LP		 309 if (safe_atoi(value, &r) < 0)
310 log_warning("Failed to parse crash chvt switch %s. Ignoring.", value);
5e7ee61c 311 else
059cb385 312 arg_crash_chvt = r;
5e7ee61c 313
059cb385 314 } else if (streq(key, "systemd.confirm_spawn") && value) {
601f6a1e 315
059cb385
LP		 316 r = parse_boolean(value);
317 if (r < 0)
318 log_warning("Failed to parse confirm spawn switch %s. Ignoring.", value);
601f6a1e 319 else
059cb385 320 arg_confirm_spawn = r;
601f6a1e 321
059cb385 322 } else if (streq(key, "systemd.show_status") && value) {
9e58ff9c 323
059cb385 324 r = parse_show_status(value, &arg_show_status);
d450b6f2 325 if (r < 0)
059cb385
LP		 326 log_warning("Failed to parse show status switch %s. Ignoring.", value);
327
328 } else if (streq(key, "systemd.default_standard_output") && value) {
0a494f1f 329
059cb385 330 r = exec_output_from_string(value);
fb472900 331 if (r < 0)
059cb385 332 log_warning("Failed to parse default standard output switch %s. Ignoring.", value);
0a494f1f
LP		 333 else
334 arg_default_std_output = r;
0a494f1f 335
059cb385
LP		 336 } else if (streq(key, "systemd.default_standard_error") && value) {
337
338 r = exec_output_from_string(value);
fb472900 339 if (r < 0)
059cb385 340 log_warning("Failed to parse default standard error switch %s. Ignoring.", value);
0a494f1f
LP		 341 else
342 arg_default_std_error = r;
9e7c5357 343
059cb385
LP		 344 } else if (streq(key, "systemd.setenv") && value) {
345
346 if (env_assignment_is_valid(value)) {
e21fea24
KS		 347 char **env;
348
059cb385 349 env = strv_env_set(arg_default_environment, value);
e21fea24
KS		 350 if (env)
351 arg_default_environment = env;
352 else
279d3c9c 353 log_warning_errno(ENOMEM, "Setting environment variable '%s' failed, ignoring: %m", value);
e21fea24 354 } else
059cb385 355 log_warning("Environment variable name '%s' is not valid. Ignoring.", value);
9e58ff9c 356
059cb385 357 } else if (streq(key, "quiet") && !value) {
d7b15e0a
LP		 358
359 log_set_max_level(LOG_NOTICE);
360
b6e2f329 361 if (arg_show_status == _SHOW_STATUS_UNSET)
d450b6f2 362 arg_show_status = SHOW_STATUS_AUTO;
059cb385
LP		 363
364 } else if (streq(key, "debug") && !value) {
d7b15e0a 365
1de1c9c3
LP		 366 /* Note that log_parse_environment() handles 'debug'
367 * too, and sets the log level to LOG_DEBUG. */
d7b15e0a 368
b2103dcc
KS		 369 if (detect_container(NULL) > 0)
370 log_set_target(LOG_TARGET_CONSOLE);
059cb385
LP		 371
372 } else if (!in_initrd() && !value) {
f170852a
LP		 373 unsigned i;
374
375 /* SysV compatibility */
f170852a 376 for (i = 0; i < ELEMENTSOF(rlmap); i += 2)
059cb385 377 if (streq(key, rlmap[i]))
f170852a
LP		 378 return set_default_unit(rlmap[i+1]);
379 }
380
381 return 0;
382}
383
e8e581bf
ZJS		 384#define DEFINE_SETTER(name, func, descr) \
385 static int name(const char *unit, \
386 const char *filename, \
387 unsigned line, \
388 const char *section, \
71a61510 389 unsigned section_line, \
e8e581bf
ZJS		 390 const char *lvalue, \
391 int ltype, \
392 const char *rvalue, \
393 void *data, \
394 void *userdata) { \
395 \
396 int r; \
397 \
398 assert(filename); \
399 assert(lvalue); \
400 assert(rvalue); \
401 \
402 r = func(rvalue); \
403 if (r < 0) \
404 log_syntax(unit, LOG_ERR, filename, line, -r, \
405 "Invalid " descr "'%s': %s", \
406 rvalue, strerror(-r)); \
407 \
408 return 0; \
409 }
487393e9 410
e8e581bf
ZJS		 411DEFINE_SETTER(config_parse_level2, log_set_max_level_from_string, "log level")
412DEFINE_SETTER(config_parse_target, log_set_target_from_string, "target")
413DEFINE_SETTER(config_parse_color, log_show_color_from_string, "color" )
414DEFINE_SETTER(config_parse_location, log_show_location_from_string, "location")
487393e9 415
4d7213b2
LP		 416static int config_parse_cpu_affinity2(
417 const char *unit,
418 const char *filename,
419 unsigned line,
420 const char *section,
421 unsigned section_line,
422 const char *lvalue,
423 int ltype,
424 const char *rvalue,
425 void *data,
426 void *userdata) {
487393e9 427
a2a5291b 428 const char *word, *state;
487393e9 429 size_t l;
487393e9
LP		 430 cpu_set_t *c = NULL;
431 unsigned ncpus = 0;
432
433 assert(filename);
434 assert(lvalue);
435 assert(rvalue);
436
a2a5291b 437 FOREACH_WORD_QUOTED(word, l, rvalue, state) {
487393e9
LP		 438 char *t;
439 int r;
440 unsigned cpu;
441
a2a5291b 442 if (!(t = strndup(word, l)))
14212119 443 return log_oom();
487393e9
LP		 444
445 r = safe_atou(t, &cpu);
446 free(t);
447
448 if (!c)
449 if (!(c = cpu_set_malloc(&ncpus)))
14212119 450 return log_oom();
487393e9
LP		 451
452 if (r < 0 || cpu >= ncpus) {
e8e581bf
ZJS		 453 log_syntax(unit, LOG_ERR, filename, line, -r,
454 "Failed to parse CPU affinity '%s'", rvalue);
487393e9
LP		 455 CPU_FREE(c);
456 return -EBADMSG;
457 }
458
459 CPU_SET_S(cpu, CPU_ALLOC_SIZE(ncpus), c);
460 }
b2fadec6
ZJS		 461 if (!isempty(state))
462 log_syntax(unit, LOG_ERR, filename, line, EINVAL,
463 "Trailing garbage, ignoring.");
487393e9
LP		 464
465 if (c) {
466 if (sched_setaffinity(0, CPU_ALLOC_SIZE(ncpus), c) < 0)
79008bdd 467 log_unit_warning(unit, "Failed to set CPU affinity: %m");
487393e9
LP		 468
469 CPU_FREE(c);
470 }
471
472 return 0;
473}
474
4d7213b2
LP		 475static int config_parse_show_status(
476 const char* unit,
477 const char *filename,
478 unsigned line,
479 const char *section,
480 unsigned section_line,
481 const char *lvalue,
482 int ltype,
483 const char *rvalue,
484 void *data,
485 void *userdata) {
486
487 int k;
488 ShowStatus *b = data;
489
490 assert(filename);
491 assert(lvalue);
492 assert(rvalue);
493 assert(data);
494
495 k = parse_show_status(rvalue, b);
496 if (k < 0) {
497 log_syntax(unit, LOG_ERR, filename, line, -k,
498 "Failed to parse show status setting, ignoring: %s", rvalue);
499 return 0;
500 }
501
502 return 0;
503}
504
0c85a4f3
LP		 505static void strv_free_free(char ***l) {
506 char ***i;
507
508 if (!l)
509 return;
510
511 for (i = l; *i; i++)
512 strv_free(*i);
513
514 free(l);
515}
516
517static void free_join_controllers(void) {
0c85a4f3
LP		 518 strv_free_free(arg_join_controllers);
519 arg_join_controllers = NULL;
520}
521
e8e581bf
ZJS		 522static int config_parse_join_controllers(const char *unit,
523 const char *filename,
524 unsigned line,
525 const char *section,
71a61510 526 unsigned section_line,
e8e581bf
ZJS		 527 const char *lvalue,
528 int ltype,
529 const char *rvalue,
530 void *data,
531 void *userdata) {
0c85a4f3
LP		 532
533 unsigned n = 0;
a2a5291b 534 const char *word, *state;
0c85a4f3
LP		 535 size_t length;
536
537 assert(filename);
538 assert(lvalue);
539 assert(rvalue);
540
541 free_join_controllers();
542
a2a5291b 543 FOREACH_WORD_QUOTED(word, length, rvalue, state) {
0c85a4f3
LP		 544 char *s, **l;
545
a2a5291b 546 s = strndup(word, length);
0c85a4f3 547 if (!s)
14212119 548 return log_oom();
0c85a4f3
LP		 549
550 l = strv_split(s, ",");
551 free(s);
552
553 strv_uniq(l);
554
555 if (strv_length(l) <= 1) {
556 strv_free(l);
557 continue;
558 }
559
560 if (!arg_join_controllers) {
561 arg_join_controllers = new(char**, 2);
562 if (!arg_join_controllers) {
563 strv_free(l);
14212119 564 return log_oom();
0c85a4f3
LP		 565 }
566
567 arg_join_controllers[0] = l;
568 arg_join_controllers[1] = NULL;
569
570 n = 1;
571 } else {
572 char ***a;
573 char ***t;
574
575 t = new0(char**, n+2);
576 if (!t) {
577 strv_free(l);
14212119 578 return log_oom();
0c85a4f3
LP		 579 }
580
581 n = 0;
582
583 for (a = arg_join_controllers; *a; a++) {
584
585 if (strv_overlap(*a, l)) {
e3e45d4f 586 if (strv_extend_strv(&l, *a) < 0) {
0c85a4f3
LP		 587 strv_free(l);
588 strv_free_free(t);
14212119 589 return log_oom();
0c85a4f3
LP		 590 }
591
0c85a4f3
LP		 592 } else {
593 char **c;
594
595 c = strv_copy(*a);
596 if (!c) {
597 strv_free(l);
598 strv_free_free(t);
14212119 599 return log_oom();
0c85a4f3
LP		 600 }
601
602 t[n++] = c;
603 }
604 }
605
606 t[n++] = strv_uniq(l);
607
608 strv_free_free(arg_join_controllers);
609 arg_join_controllers = t;
610 }
611 }
b2fadec6
ZJS		 612 if (!isempty(state))
613 log_syntax(unit, LOG_ERR, filename, line, EINVAL,
614 "Trailing garbage, ignoring.");
0c85a4f3
LP		 615
616 return 0;
617}
618
487393e9
LP		 619static int parse_config_file(void) {
620
f975e971 621 const ConfigTableItem items[] = {
d3b1c508
LP		 622 { "Manager", "LogLevel", config_parse_level2, 0, NULL },
623 { "Manager", "LogTarget", config_parse_target, 0, NULL },
624 { "Manager", "LogColor", config_parse_color, 0, NULL },
625 { "Manager", "LogLocation", config_parse_location, 0, NULL },
626 { "Manager", "DumpCore", config_parse_bool, 0, &arg_dump_core },
627 { "Manager", "CrashShell", config_parse_bool, 0, &arg_crash_shell },
628 { "Manager", "ShowStatus", config_parse_show_status, 0, &arg_show_status },
629 { "Manager", "CrashChVT", config_parse_int, 0, &arg_crash_chvt },
630 { "Manager", "CPUAffinity", config_parse_cpu_affinity2, 0, NULL },
631 { "Manager", "JoinControllers", config_parse_join_controllers, 0, &arg_join_controllers },
632 { "Manager", "RuntimeWatchdogSec", config_parse_sec, 0, &arg_runtime_watchdog },
633 { "Manager", "ShutdownWatchdogSec", config_parse_sec, 0, &arg_shutdown_watchdog },
634 { "Manager", "CapabilityBoundingSet", config_parse_bounding_set, 0, &arg_capability_bounding_set_drop },
89fffa27 635#ifdef HAVE_SECCOMP
d3b1c508 636 { "Manager", "SystemCallArchitectures", config_parse_syscall_archs, 0, &arg_syscall_archs },
89fffa27 637#endif
d3b1c508 638 { "Manager", "TimerSlackNSec", config_parse_nsec, 0, &arg_timer_slack_nsec },
bd8f585b 639 { "Manager", "DefaultTimerAccuracySec", config_parse_sec, 0, &arg_default_timer_accuracy_usec },
d3b1c508
LP		 640 { "Manager", "DefaultStandardOutput", config_parse_output, 0, &arg_default_std_output },
641 { "Manager", "DefaultStandardError", config_parse_output, 0, &arg_default_std_error },
642 { "Manager", "DefaultTimeoutStartSec", config_parse_sec, 0, &arg_default_timeout_start_usec },
643 { "Manager", "DefaultTimeoutStopSec", config_parse_sec, 0, &arg_default_timeout_stop_usec },
644 { "Manager", "DefaultRestartSec", config_parse_sec, 0, &arg_default_restart_usec },
645 { "Manager", "DefaultStartLimitInterval", config_parse_sec, 0, &arg_default_start_limit_interval },
646 { "Manager", "DefaultStartLimitBurst", config_parse_unsigned, 0, &arg_default_start_limit_burst },
647 { "Manager", "DefaultEnvironment", config_parse_environ, 0, &arg_default_environment },
648 { "Manager", "DefaultLimitCPU", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CPU] },
649 { "Manager", "DefaultLimitFSIZE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_FSIZE] },
650 { "Manager", "DefaultLimitDATA", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_DATA] },
651 { "Manager", "DefaultLimitSTACK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_STACK] },
652 { "Manager", "DefaultLimitCORE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CORE] },
653 { "Manager", "DefaultLimitRSS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RSS] },
654 { "Manager", "DefaultLimitNOFILE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NOFILE] },
655 { "Manager", "DefaultLimitAS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_AS] },
656 { "Manager", "DefaultLimitNPROC", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NPROC] },
657 { "Manager", "DefaultLimitMEMLOCK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MEMLOCK] },
658 { "Manager", "DefaultLimitLOCKS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_LOCKS] },
659 { "Manager", "DefaultLimitSIGPENDING", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_SIGPENDING] },
660 { "Manager", "DefaultLimitMSGQUEUE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MSGQUEUE] },
661 { "Manager", "DefaultLimitNICE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NICE] },
662 { "Manager", "DefaultLimitRTPRIO", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTPRIO] },
663 { "Manager", "DefaultLimitRTTIME", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTTIME] },
085afe36
LP		 664 { "Manager", "DefaultCPUAccounting", config_parse_bool, 0, &arg_default_cpu_accounting },
665 { "Manager", "DefaultBlockIOAccounting", config_parse_bool, 0, &arg_default_blockio_accounting },
666 { "Manager", "DefaultMemoryAccounting", config_parse_bool, 0, &arg_default_memory_accounting },
d3b1c508 667 {}
487393e9
LP		 668 };
669
1b907b5c 670 const char *fn, *conf_dirs_nulstr;
487393e9 671
19adb8a3 672 fn = arg_running_as == SYSTEMD_SYSTEM ? PKGSYSCONFDIR "/system.conf" : PKGSYSCONFDIR "/user.conf";
1b907b5c
JT		 673 conf_dirs_nulstr = arg_running_as == SYSTEMD_SYSTEM ? CONF_DIRS_NULSTR("systemd/system.conf") : CONF_DIRS_NULSTR("systemd/user.conf");
674 config_parse_many(fn, conf_dirs_nulstr, "Manager\0",
675 config_item_table_lookup, items, false, NULL);
487393e9 676
487393e9
LP		 677 return 0;
678}
679
f170852a
LP		 680static int parse_argv(int argc, char *argv[]) {
681
682 enum {
683 ARG_LOG_LEVEL = 0x100,
684 ARG_LOG_TARGET,
bbe63281
LP		 685 ARG_LOG_COLOR,
686 ARG_LOG_LOCATION,
2f198e2f 687 ARG_UNIT,
edb9aaa8 688 ARG_SYSTEM,
af2d49f7 689 ARG_USER,
e537352b 690 ARG_TEST,
b87c2aa6 691 ARG_NO_PAGER,
9ba0bc4e 692 ARG_VERSION,
80876c20 693 ARG_DUMP_CONFIGURATION_ITEMS,
9e58ff9c
LP		 694 ARG_DUMP_CORE,
695 ARG_CRASH_SHELL,
a16e1123 696 ARG_CONFIRM_SPAWN,
9e58ff9c 697 ARG_SHOW_STATUS,
4288f619 698 ARG_DESERIALIZE,
2660882b 699 ARG_SWITCHED_ROOT,
0a494f1f
LP		 700 ARG_DEFAULT_STD_OUTPUT,
701 ARG_DEFAULT_STD_ERROR
f170852a
LP		 702 };
703
704 static const struct option options[] = {
a16e1123
LP		 705 { "log-level", required_argument, NULL, ARG_LOG_LEVEL },
706 { "log-target", required_argument, NULL, ARG_LOG_TARGET },
bbe63281
LP		 707 { "log-color", optional_argument, NULL, ARG_LOG_COLOR },
708 { "log-location", optional_argument, NULL, ARG_LOG_LOCATION },
2f198e2f 709 { "unit", required_argument, NULL, ARG_UNIT },
edb9aaa8 710 { "system", no_argument, NULL, ARG_SYSTEM },
af2d49f7 711 { "user", no_argument, NULL, ARG_USER },
a16e1123 712 { "test", no_argument, NULL, ARG_TEST },
b87c2aa6 713 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
a16e1123 714 { "help", no_argument, NULL, 'h' },
9ba0bc4e 715 { "version", no_argument, NULL, ARG_VERSION },
a16e1123 716 { "dump-configuration-items", no_argument, NULL, ARG_DUMP_CONFIGURATION_ITEMS },
a5d87bf0
LP		 717 { "dump-core", optional_argument, NULL, ARG_DUMP_CORE },
718 { "crash-shell", optional_argument, NULL, ARG_CRASH_SHELL },
719 { "confirm-spawn", optional_argument, NULL, ARG_CONFIRM_SPAWN },
6e98720f 720 { "show-status", optional_argument, NULL, ARG_SHOW_STATUS },
a16e1123 721 { "deserialize", required_argument, NULL, ARG_DESERIALIZE },
2660882b 722 { "switched-root", no_argument, NULL, ARG_SWITCHED_ROOT },
0a494f1f
LP		 723 { "default-standard-output", required_argument, NULL, ARG_DEFAULT_STD_OUTPUT, },
724 { "default-standard-error", required_argument, NULL, ARG_DEFAULT_STD_ERROR, },
fb472900 725 {}
f170852a
LP		 726 };
727
728 int c, r;
729
730 assert(argc >= 1);
731 assert(argv);
732
b770165a
LP		 733 if (getpid() == 1)
734 opterr = 0;
735
099663ff 736 while ((c = getopt_long(argc, argv, "hDbsz:", options, NULL)) >= 0)
f170852a
LP		 737
738 switch (c) {
739
740 case ARG_LOG_LEVEL:
fb472900
ZJS		 741 r = log_set_max_level_from_string(optarg);
742 if (r < 0) {
f170852a
LP		 743 log_error("Failed to parse log level %s.", optarg);
744 return r;
745 }
746
747 break;
748
749 case ARG_LOG_TARGET:
fb472900
ZJS		 750 r = log_set_target_from_string(optarg);
751 if (r < 0) {
f170852a
LP		 752 log_error("Failed to parse log target %s.", optarg);
753 return r;
754 }
755
756 break;
757
bbe63281
LP		 758 case ARG_LOG_COLOR:
759
d0b170c8 760 if (optarg) {
fb472900
ZJS		 761 r = log_show_color_from_string(optarg);
762 if (r < 0) {
d0b170c8
LP		 763 log_error("Failed to parse log color setting %s.", optarg);
764 return r;
765 }
766 } else
767 log_show_color(true);
bbe63281
LP		 768
769 break;
770
771 case ARG_LOG_LOCATION:
d0b170c8 772 if (optarg) {
fb472900
ZJS		 773 r = log_show_location_from_string(optarg);
774 if (r < 0) {
d0b170c8
LP		 775 log_error("Failed to parse log location setting %s.", optarg);
776 return r;
777 }
778 } else
779 log_show_location(true);
bbe63281
LP		 780
781 break;
782
0a494f1f 783 case ARG_DEFAULT_STD_OUTPUT:
fb472900
ZJS		 784 r = exec_output_from_string(optarg);
785 if (r < 0) {
0a494f1f
LP		 786 log_error("Failed to parse default standard output setting %s.", optarg);
787 return r;
788 } else
789 arg_default_std_output = r;
790 break;
791
792 case ARG_DEFAULT_STD_ERROR:
fb472900
ZJS		 793 r = exec_output_from_string(optarg);
794 if (r < 0) {
0a494f1f
LP		 795 log_error("Failed to parse default standard error output setting %s.", optarg);
796 return r;
797 } else
798 arg_default_std_error = r;
799 break;
800
2f198e2f 801 case ARG_UNIT:
f170852a 802
fb472900 803 r = set_default_unit(optarg);
23bbb0de
MS		 804 if (r < 0)
805 return log_error_errno(r, "Failed to set default unit %s: %m", optarg);
f170852a
LP		 806
807 break;
808
edb9aaa8 809 case ARG_SYSTEM:
67445f4e 810 arg_running_as = SYSTEMD_SYSTEM;
edb9aaa8 811 break;
a5dab5ce 812
af2d49f7 813 case ARG_USER:
67445f4e 814 arg_running_as = SYSTEMD_USER;
a5dab5ce 815 break;
a5dab5ce 816
e965d56d 817 case ARG_TEST:
fa0f4d8a 818 arg_action = ACTION_TEST;
b87c2aa6
ZJS		 819 if (arg_no_pager < 0)
820 arg_no_pager = true;
821 break;
822
823 case ARG_NO_PAGER:
824 arg_no_pager = true;
e965d56d
LP		 825 break;
826
9ba0bc4e
ZJS		 827 case ARG_VERSION:
828 arg_action = ACTION_VERSION;
829 break;
830
e537352b 831 case ARG_DUMP_CONFIGURATION_ITEMS:
fa0f4d8a 832 arg_action = ACTION_DUMP_CONFIGURATION_ITEMS;
e537352b
LP		 833 break;
834
9e58ff9c 835 case ARG_DUMP_CORE:
a5d87bf0
LP		 836 r = optarg ? parse_boolean(optarg) : 1;
837 if (r < 0) {
838 log_error("Failed to parse dump core boolean %s.", optarg);
839 return r;
840 }
841 arg_dump_core = r;
9e58ff9c
LP		 842 break;
843
844 case ARG_CRASH_SHELL:
a5d87bf0
LP		 845 r = optarg ? parse_boolean(optarg) : 1;
846 if (r < 0) {
847 log_error("Failed to parse crash shell boolean %s.", optarg);
848 return r;
849 }
850 arg_crash_shell = r;
9e58ff9c
LP		 851 break;
852
80876c20 853 case ARG_CONFIRM_SPAWN:
a5d87bf0
LP		 854 r = optarg ? parse_boolean(optarg) : 1;
855 if (r < 0) {
856 log_error("Failed to parse confirm spawn boolean %s.", optarg);
857 return r;
858 }
859 arg_confirm_spawn = r;
80876c20
LP		 860 break;
861
9e58ff9c 862 case ARG_SHOW_STATUS:
d450b6f2
ZJS		 863 if (optarg) {
864 r = parse_show_status(optarg, &arg_show_status);
865 if (r < 0) {
866 log_error("Failed to parse show status boolean %s.", optarg);
867 return r;
868 }
869 } else
870 arg_show_status = SHOW_STATUS_YES;
6e98720f 871 break;
a5d87bf0 872
a16e1123
LP		 873 case ARG_DESERIALIZE: {
874 int fd;
875 FILE *f;
876
01e10de3
LP		 877 r = safe_atoi(optarg, &fd);
878 if (r < 0 || fd < 0) {
a16e1123 879 log_error("Failed to parse deserialize option %s.", optarg);
01e10de3 880 return r < 0 ? r : -EINVAL;
a16e1123
LP		 881 }
882
01e10de3
LP		 883 fd_cloexec(fd, true);
884
885 f = fdopen(fd, "r");
4a62c710
MS		 886 if (!f)
887 return log_error_errno(errno, "Failed to open serialization fd: %m");
a16e1123 888
d3b1c508
LP		 889 if (arg_serialization)
890 fclose(arg_serialization);
a16e1123 891
d3b1c508 892 arg_serialization = f;
a16e1123
LP		 893
894 break;
895 }
896
2660882b 897 case ARG_SWITCHED_ROOT:
bf4df7c3 898 arg_switched_root = true;
d03bc1b8
HH		 899 break;
900
f170852a 901 case 'h':
fa0f4d8a 902 arg_action = ACTION_HELP;
b87c2aa6
ZJS		 903 if (arg_no_pager < 0)
904 arg_no_pager = true;
f170852a
LP		 905 break;
906
1d2e23ab
LP		 907 case 'D':
908 log_set_max_level(LOG_DEBUG);
909 break;
910
099663ff
LP		 911 case 'b':
912 case 's':
913 case 'z':
914 /* Just to eat away the sysvinit kernel
915 * cmdline args without getopt() error
916 * messages that we'll parse in
917 * parse_proc_cmdline_word() or ignore. */
f170852a 918
099663ff 919 case '?':
601185b4 920 if (getpid() != 1)
099663ff 921 return -EINVAL;
601185b4
ZJS		 922 else
923 return 0;
099663ff 924
601185b4
ZJS		 925 default:
926 assert_not_reached("Unhandled option code.");
f170852a
LP		 927 }
928
d821e6d6
LP		 929 if (optind < argc && getpid() != 1) {
930 /* Hmm, when we aren't run as init system
931 * let's complain about excess arguments */
932
933 log_error("Excess arguments.");
934 return -EINVAL;
935 }
936
f170852a
LP		 937 return 0;
938}
939
940static int help(void) {
941
2e33c433 942 printf("%s [OPTIONS...]\n\n"
af2d49f7 943 "Starts up and maintains the system or user services.\n\n"
e537352b 944 " -h --help Show this help\n"
e537352b 945 " --test Determine startup sequence, dump it and exit\n"
b87c2aa6 946 " --no-pager Do not pipe output into a pager\n"
80876c20 947 " --dump-configuration-items Dump understood unit configuration items\n"
9e58ff9c 948 " --unit=UNIT Set default unit\n"
edb9aaa8 949 " --system Run a system instance, even if PID != 1\n"
af2d49f7 950 " --user Run a user instance\n"
a5d87bf0
LP		 951 " --dump-core[=0|1] Dump core on crash\n"
952 " --crash-shell[=0|1] Run shell on crash\n"
953 " --confirm-spawn[=0|1] Ask for confirmation when spawning processes\n"
6e98720f 954 " --show-status[=0|1] Show status updates on the console during bootup\n"
c1dc6153 955 " --log-target=TARGET Set log target (console, journal, kmsg, journal-or-kmsg, null)\n"
9e58ff9c 956 " --log-level=LEVEL Set log level (debug, info, notice, warning, err, crit, alert, emerg)\n"
2218198b 957 " --log-color[=0|1] Highlight important log messages\n"
0a494f1f
LP		 958 " --log-location[=0|1] Include code location in log messages\n"
959 " --default-standard-output= Set default standard output for services\n"
960 " --default-standard-error= Set default standard error output for services\n",
5b6319dc 961 program_invocation_short_name);
f170852a
LP		 962
963 return 0;
964}
965
9ba0bc4e
ZJS		 966static int version(void) {
967 puts(PACKAGE_STRING);
9ba0bc4e
ZJS		 968 puts(SYSTEMD_FEATURES);
969
970 return 0;
971}
972
b3680f49 973static int prepare_reexecute(Manager *m, FILE **_f, FDSet **_fds, bool switching_root) {
a16e1123
LP		 974 FILE *f = NULL;
975 FDSet *fds = NULL;
976 int r;
977
978 assert(m);
979 assert(_f);
980 assert(_fds);
981
6b78f9b4
LP		 982 r = manager_open_serialization(m, &f);
983 if (r < 0) {
da927ba9 984 log_error_errno(r, "Failed to create serialization file: %m");
a16e1123
LP		 985 goto fail;
986 }
987
71445ae7
LP		 988 /* Make sure nothing is really destructed when we shut down */
989 m->n_reloading ++;
718db961 990 bus_manager_send_reloading(m, true);
71445ae7 991
6b78f9b4
LP		 992 fds = fdset_new();
993 if (!fds) {
a16e1123 994 r = -ENOMEM;
da927ba9 995 log_error_errno(r, "Failed to allocate fd set: %m");
a16e1123
LP		 996 goto fail;
997 }
998
b3680f49 999 r = manager_serialize(m, f, fds, switching_root);
6b78f9b4 1000 if (r < 0) {
da927ba9 1001 log_error_errno(r, "Failed to serialize state: %m");
a16e1123
LP		 1002 goto fail;
1003 }
1004
1005 if (fseeko(f, 0, SEEK_SET) < 0) {
56f64d95 1006 log_error_errno(errno, "Failed to rewind serialization fd: %m");
a16e1123
LP		 1007 goto fail;
1008 }
1009
6b78f9b4
LP		 1010 r = fd_cloexec(fileno(f), false);
1011 if (r < 0) {
da927ba9 1012 log_error_errno(r, "Failed to disable O_CLOEXEC for serialization: %m");
a16e1123
LP		 1013 goto fail;
1014 }
1015
6b78f9b4
LP		 1016 r = fdset_cloexec(fds, false);
1017 if (r < 0) {
da927ba9 1018 log_error_errno(r, "Failed to disable O_CLOEXEC for serialization fds: %m");
a16e1123
LP		 1019 goto fail;
1020 }
1021
1022 *_f = f;
1023 *_fds = fds;
1024
1025 return 0;
1026
1027fail:
1028 fdset_free(fds);
1029
1030 if (f)
1031 fclose(f);
1032
1033 return r;
1034}
1035
4096d6f5
LP		 1036static int bump_rlimit_nofile(struct rlimit *saved_rlimit) {
1037 struct rlimit nl;
1038 int r;
1039
1040 assert(saved_rlimit);
1041
1042 /* Save the original RLIMIT_NOFILE so that we can reset it
1043 * later when transitioning from the initrd to the main
1044 * systemd or suchlike. */
4a62c710
MS		 1045 if (getrlimit(RLIMIT_NOFILE, saved_rlimit) < 0)
1046 return log_error_errno(errno, "Reading RLIMIT_NOFILE failed: %m");
4096d6f5
LP		 1047
1048 /* Make sure forked processes get the default kernel setting */
1049 if (!arg_default_rlimit[RLIMIT_NOFILE]) {
1050 struct rlimit *rl;
1051
1052 rl = newdup(struct rlimit, saved_rlimit, 1);
1053 if (!rl)
1054 return log_oom();
1055
1056 arg_default_rlimit[RLIMIT_NOFILE] = rl;
1057 }
1058
1059 /* Bump up the resource limit for ourselves substantially */
1060 nl.rlim_cur = nl.rlim_max = 64*1024;
1061 r = setrlimit_closest(RLIMIT_NOFILE, &nl);
23bbb0de
MS		 1062 if (r < 0)
1063 return log_error_errno(r, "Setting RLIMIT_NOFILE failed: %m");
4096d6f5
LP		 1064
1065 return 0;
1066}
1067
6ee5bbf8 1068static void test_mtab(void) {
6ee5bbf8 1069
5b4c0131
LP		 1070 static const char ok[] =
1071 "/proc/self/mounts\0"
1072 "/proc/mounts\0"
1073 "../proc/self/mounts\0"
1074 "../proc/mounts\0";
80758717 1075
5b4c0131
LP		 1076 _cleanup_free_ char *p = NULL;
1077 int r;
6ee5bbf8 1078
5b4c0131
LP		 1079 /* Check that /etc/mtab is a symlink to the right place or
1080 * non-existing. But certainly not a file, or a symlink to
1081 * some weird place... */
6ee5bbf8 1082
5b4c0131
LP		 1083 r = readlink_malloc("/etc/mtab", &p);
1084 if (r == -ENOENT)
1085 return;
1086 if (r >= 0 && nulstr_contains(ok, p))
1087 return;
6ee5bbf8 1088
80758717
LP		 1089 log_warning("/etc/mtab is not a symlink or not pointing to /proc/self/mounts. "
1090 "This is not supported anymore. "
1091 "Please make sure to replace this file by a symlink to avoid incorrect or misleading mount(8) output.");
1092}
1093
1094static void test_usr(void) {
80758717 1095
ed1c99fc 1096 /* Check that /usr is not a separate fs */
80758717 1097
871c44a7
LP		 1098 if (dir_is_empty("/usr") <= 0)
1099 return;
1100
2376ce13 1101 log_warning("/usr appears to be on its own filesytem and is not already mounted. This is not a supported setup. "
871c44a7
LP		 1102 "Some things will probably break (sometimes even silently) in mysterious ways. "
1103 "Consult http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken for more information.");
1104}
1105
a07fdfa3
LP		 1106static int initialize_join_controllers(void) {
1107 /* By default, mount "cpu" + "cpuacct" together, and "net_cls"
1108 * + "net_prio". We'd like to add "cpuset" to the mix, but
1109 * "cpuset" does't really work for groups with no initialized
1110 * attributes. */
1111
1112 arg_join_controllers = new(char**, 3);
1113 if (!arg_join_controllers)
1114 return -ENOMEM;
1115
1116 arg_join_controllers[0] = strv_new("cpu", "cpuacct", NULL);
a07fdfa3 1117 arg_join_controllers[1] = strv_new("net_cls", "net_prio", NULL);
a6b26d90
ZJS		 1118 arg_join_controllers[2] = NULL;
1119
1120 if (!arg_join_controllers[0] || !arg_join_controllers[1]) {
1121 free_join_controllers();
a07fdfa3 1122 return -ENOMEM;
a6b26d90 1123 }
a07fdfa3 1124
a07fdfa3
LP		 1125 return 0;
1126}
1127
d3b1c508
LP		 1128static int enforce_syscall_archs(Set *archs) {
1129#ifdef HAVE_SECCOMP
1130 scmp_filter_ctx *seccomp;
1131 Iterator i;
1132 void *id;
1133 int r;
1134
1135 seccomp = seccomp_init(SCMP_ACT_ALLOW);
1136 if (!seccomp)
1137 return log_oom();
1138
1139 SET_FOREACH(id, arg_syscall_archs, i) {
1140 r = seccomp_arch_add(seccomp, PTR_TO_UINT32(id) - 1);
1141 if (r == -EEXIST)
1142 continue;
1143 if (r < 0) {
da927ba9 1144 log_error_errno(r, "Failed to add architecture to seccomp: %m");
d3b1c508
LP		 1145 goto finish;
1146 }
1147 }
1148
8a8bf3c0
LP		 1149 r = seccomp_attr_set(seccomp, SCMP_FLTATR_CTL_NNP, 0);
1150 if (r < 0) {
da927ba9 1151 log_error_errno(r, "Failed to unset NO_NEW_PRIVS: %m");
8a8bf3c0
LP		 1152 goto finish;
1153 }
1154
d3b1c508
LP		 1155 r = seccomp_load(seccomp);
1156 if (r < 0)
da927ba9 1157 log_error_errno(r, "Failed to add install architecture seccomp: %m");
d3b1c508
LP		 1158
1159finish:
1160 seccomp_release(seccomp);
1161 return r;
1162#else
1163 return 0;
1164#endif
1165}
1166
b6e2f329
LP		 1167static int status_welcome(void) {
1168 _cleanup_free_ char *pretty_name = NULL, *ansi_color = NULL;
1169 int r;
1170
1171 r = parse_env_file("/etc/os-release", NEWLINE,
1172 "PRETTY_NAME", &pretty_name,
1173 "ANSI_COLOR", &ansi_color,
1174 NULL);
5ae4d543
LP		 1175 if (r == -ENOENT) {
1176 r = parse_env_file("/usr/lib/os-release", NEWLINE,
1177 "PRETTY_NAME", &pretty_name,
1178 "ANSI_COLOR", &ansi_color,
1179 NULL);
1180 }
b6e2f329
LP		 1181
1182 if (r < 0 && r != -ENOENT)
da927ba9 1183 log_warning_errno(r, "Failed to read os-release file: %m");
b6e2f329
LP		 1184
1185 return status_printf(NULL, false, false,
1186 "\nWelcome to \x1B[%sm%s\x1B[0m!\n",
1187 isempty(ansi_color) ? "1" : ansi_color,
1188 isempty(pretty_name) ? "Linux" : pretty_name);
1189}
1190
fdd25311
LP		 1191static int write_container_id(void) {
1192 const char *c;
1193
1194 c = getenv("container");
1195 if (isempty(c))
1196 return 0;
1197
1198 return write_string_file("/run/systemd/container", c);
1199}
1200
60918275
LP		 1201int main(int argc, char *argv[]) {
1202 Manager *m = NULL;
22f4096c 1203 int r, retval = EXIT_FAILURE;
9d76d730
LP		 1204 usec_t before_startup, after_startup;
1205 char timespan[FORMAT_TIMESPAN_MAX];
a16e1123
LP		 1206 FDSet *fds = NULL;
1207 bool reexecute = false;
b9080b03 1208 const char *shutdown_verb = NULL;
e9ddabc2 1209 dual_timestamp initrd_timestamp = { 0ULL, 0ULL };
c3a170f3
HH		 1210 dual_timestamp userspace_timestamp = { 0ULL, 0ULL };
1211 dual_timestamp kernel_timestamp = { 0ULL, 0ULL };
c2e0d600
TA		 1212 dual_timestamp security_start_timestamp = { 0ULL, 0ULL };
1213 dual_timestamp security_finish_timestamp = { 0ULL, 0ULL };
5d6b1584 1214 static char systemd[] = "systemd";
2660882b 1215 bool skip_setup = false;
d3b1c508 1216 unsigned j;
0b3325e7 1217 bool loaded_policy = false;
e96d6be7 1218 bool arm_reboot_watchdog = false;
bf4df7c3 1219 bool queue_default_job = false;
5f5c2f38 1220 bool empty_etc = false;
41669317 1221 char *switch_root_dir = NULL, *switch_root_init = NULL;
4096d6f5 1222 static struct rlimit saved_rlimit_nofile = { 0, 0 };
cb6531be 1223 const char *error_message = NULL;
27b14a22 1224
058dc6f3 1225#ifdef HAVE_SYSV_COMPAT
2cb1a60d 1226 if (getpid() != 1 && strstr(program_invocation_short_name, "init")) {
35b8ca3a 1227 /* This is compatibility support for SysV, where
2cb1a60d
LP		 1228 * calling init as a user is identical to telinit. */
1229
1230 errno = -ENOENT;
1231 execv(SYSTEMCTL_BINARY_PATH, argv);
56f64d95 1232 log_error_errno(errno, "Failed to exec " SYSTEMCTL_BINARY_PATH ": %m");
2cb1a60d
LP		 1233 return 1;
1234 }
058dc6f3 1235#endif
2cb1a60d 1236
c3a170f3
HH		 1237 dual_timestamp_from_monotonic(&kernel_timestamp, 0);
1238 dual_timestamp_get(&userspace_timestamp);
1239
0b3325e7
LP		 1240 /* Determine if this is a reexecution or normal bootup. We do
1241 * the full command line parsing much later, so let's just
1242 * have a quick peek here. */
db813c2a
LP		 1243 if (strv_find(argv+1, "--deserialize"))
1244 skip_setup = true;
0b3325e7 1245
2660882b
LP		 1246 /* If we have switched root, do all the special setup
1247 * things */
db813c2a
LP		 1248 if (strv_find(argv+1, "--switched-root"))
1249 skip_setup = false;
d03bc1b8 1250
f3b6a3ed
LP		 1251 /* If we get started via the /sbin/init symlink then we are
1252 called 'init'. After a subsequent reexecution we are then
1253 called 'systemd'. That is confusing, hence let's call us
1254 systemd right-away. */
f3b6a3ed
LP		 1255 program_invocation_short_name = systemd;
1256 prctl(PR_SET_NAME, systemd);
5d6b1584 1257
9a0e6896
LP		 1258 saved_argv = argv;
1259 saved_argc = argc;
f3b6a3ed 1260
2cc59dbf 1261 log_show_color(isatty(STDERR_FILENO) > 0);
c1dc6153 1262 log_set_upgrade_syslog_to_journal(true);
bbe63281 1263
90dc8c2e
MG		 1264 /* Disable the umask logic */
1265 if (getpid() == 1)
1266 umask(0);
1267
a866073d 1268 if (getpid() == 1 && detect_container(NULL) <= 0) {
4f8d551f 1269
a866073d 1270 /* Running outside of a container as PID 1 */
67445f4e 1271 arg_running_as = SYSTEMD_SYSTEM;
a866073d
LP		 1272 make_null_stdio();
1273 log_set_target(LOG_TARGET_KMSG);
1274 log_open();
1275
21bf2ab0 1276 if (in_initrd())
c3a170f3 1277 initrd_timestamp = userspace_timestamp;
c3ba6250 1278
2660882b 1279 if (!skip_setup) {
8f838d8a 1280 mount_setup_early();
c2e0d600 1281 dual_timestamp_get(&security_start_timestamp);
cb6531be
ZJS		 1282 if (mac_selinux_setup(&loaded_policy) < 0) {
1283 error_message = "Failed to load SELinux policy";
0b3325e7 1284 goto finish;
cb6531be
ZJS		 1285 } else if (ima_setup() < 0) {
1286 error_message = "Failed to load IMA policy";
81611586 1287 goto finish;
cb6531be
ZJS		 1288 } else if (mac_smack_setup(&loaded_policy) < 0) {
1289 error_message = "Failed to load SMACK policy";
ffbd2c4d 1290 goto finish;
cb6531be 1291 }
c2e0d600 1292 dual_timestamp_get(&security_finish_timestamp);
81611586 1293 }
0b3325e7 1294
cb6531be
ZJS		 1295 if (mac_selinux_init(NULL) < 0) {
1296 error_message = "Failed to initialize SELinux policy";
0ff4cdd9 1297 goto finish;
cb6531be 1298 }
7948c4df 1299
72edcff5 1300 if (!skip_setup) {
24efb112 1301 if (clock_is_localtime() > 0) {
0b3325e7 1302 int min;
7948c4df 1303
c264aeab
KS		 1304 /*
1305 * The very first call of settimeofday() also does a time warp in the kernel.
1306 *
1307 * In the rtc-in-local time mode, we set the kernel's timezone, and rely on
1308 * external tools to take care of maintaining the RTC and do all adjustments.
1309 * This matches the behavior of Windows, which leaves the RTC alone if the
1310 * registry tells that the RTC runs in UTC.
1311 */
24efb112 1312 r = clock_set_timezone(&min);
0b3325e7 1313 if (r < 0)
da927ba9 1314 log_error_errno(r, "Failed to apply local time delta, ignoring: %m");
0b3325e7
LP		 1315 else
1316 log_info("RTC configured in localtime, applying delta of %i minutes to system time.", min);
19e65613
KS		 1317 } else if (!in_initrd()) {
1318 /*
c264aeab 1319 * Do a dummy very first call to seal the kernel's time warp magic.
19e65613
KS		 1320 *
1321 * Do not call this this from inside the initrd. The initrd might not
1322 * carry /etc/adjtime with LOCAL, but the real system could be set up
1323 * that way. In such case, we need to delay the time-warp or the sealing
1324 * until we reach the real system.
c264aeab
KS		 1325 *
1326 * Do no set the kernel's timezone. The concept of local time cannot
1327 * be supported reliably, the time will jump or be incorrect at every daylight
1328 * saving time change. All kernel local time concepts will be treated
1329 * as UTC that way.
19e65613 1330 */
c264aeab 1331 clock_reset_timewarp();
72edcff5
KS		 1332 }
1333 }
a866073d
LP		 1334
1335 /* Set the default for later on, but don't actually
1336 * open the logs like this for now. Note that if we
1337 * are transitioning from the initrd there might still
1338 * be journal fd open, and we shouldn't attempt
1339 * opening that before we parsed /proc/cmdline which
1340 * might redirect output elsewhere. */
1341 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
1342
1343 } else if (getpid() == 1) {
a866073d 1344 /* Running inside a container, as PID 1 */
67445f4e 1345 arg_running_as = SYSTEMD_SYSTEM;
a866073d 1346 log_set_target(LOG_TARGET_CONSOLE);
99f09825 1347 log_close_console(); /* force reopen of /dev/console */
a866073d
LP		 1348 log_open();
1349
1350 /* For the later on, see above... */
1351 log_set_target(LOG_TARGET_JOURNAL);
1352
c3a170f3
HH		 1353 /* clear the kernel timestamp,
1354 * because we are in a container */
1355 kernel_timestamp.monotonic = 0ULL;
1356 kernel_timestamp.realtime = 0ULL;
a866073d 1357
c3a170f3 1358 } else {
a866073d 1359 /* Running as user instance */
67445f4e 1360 arg_running_as = SYSTEMD_USER;
eeecf6e6 1361 log_set_target(LOG_TARGET_AUTO);
871e5809 1362 log_open();
c3a170f3
HH		 1363
1364 /* clear the kernel timestamp,
1365 * because we are not PID 1 */
1366 kernel_timestamp.monotonic = 0ULL;
1367 kernel_timestamp.realtime = 0ULL;
bbe63281 1368 }
a5dab5ce 1369
0c85a4f3 1370 /* Initialize default unit */
6afa301b
LP		 1371 r = set_default_unit(SPECIAL_DEFAULT_TARGET);
1372 if (r < 0) {
da927ba9 1373 log_emergency_errno(r, "Failed to set default unit %s: %m", SPECIAL_DEFAULT_TARGET);
cb6531be 1374 error_message = "Failed to set default unit";
f170852a 1375 goto finish;
14212119 1376 }
60918275 1377
a07fdfa3 1378 r = initialize_join_controllers();
cb6531be
ZJS		 1379 if (r < 0) {
1380 error_message = "Failed to initalize cgroup controllers";
0c85a4f3 1381 goto finish;
cb6531be 1382 }
0c85a4f3 1383
f170852a
LP		 1384 /* Mount /proc, /sys and friends, so that /proc/cmdline and
1385 * /proc/$PID/fd is available. */
c1dae1b3 1386 if (getpid() == 1) {
f84f9974
LP		 1387
1388 /* Load the kernel modules early, so that we kdbus.ko is loaded before kdbusfs shall be mounted */
2e75e2a8
DM		 1389 if (!skip_setup)
1390 kmod_setup();
2e75e2a8 1391
0c85a4f3 1392 r = mount_setup(loaded_policy);
cb6531be
ZJS		 1393 if (r < 0) {
1394 error_message = "Failed to mount API filesystems";
8efe3c01 1395 goto finish;
cb6531be 1396 }
0c85a4f3 1397 }
4ade7963
LP		 1398
1399 /* Reset all signal handlers. */
1400 assert_se(reset_all_signal_handlers() == 0);
1401
9a34ec5f 1402 ignore_signals(SIGNALS_IGNORE, -1);
078e4539 1403
cb6531be
ZJS		 1404 if (parse_config_file() < 0) {
1405 error_message = "Failed to parse config file";
487393e9 1406 goto finish;
cb6531be 1407 }
487393e9 1408
b5884878
LP		 1409 if (arg_running_as == SYSTEMD_SYSTEM) {
1410 r = parse_proc_cmdline(parse_proc_cmdline_item);
1411 if (r < 0)
da927ba9 1412 log_warning_errno(r, "Failed to parse kernel command line, ignoring: %m");
b5884878 1413 }
f170852a 1414
1de1c9c3
LP		 1415 /* Note that this also parses bits from the kernel command
1416 * line, including "debug". */
f170852a
LP		 1417 log_parse_environment();
1418
cb6531be
ZJS		 1419 if (parse_argv(argc, argv) < 0) {
1420 error_message = "Failed to parse commandline arguments";
f170852a 1421 goto finish;
cb6531be 1422 }
f170852a 1423
6bae23a0
TB		 1424 if (arg_action == ACTION_TEST &&
1425 geteuid() == 0) {
b5c6cf87
LP		 1426 log_error("Don't run test mode as root.");
1427 goto finish;
1428 }
1429
6bae23a0
TB		 1430 if (arg_running_as == SYSTEMD_USER &&
1431 arg_action == ACTION_RUN &&
1432 sd_booted() <= 0) {
1433 log_error("Trying to run as user instance, but the system has not been booted with systemd.");
1434 goto finish;
1435 }
1436
67445f4e 1437 if (arg_running_as == SYSTEMD_SYSTEM &&
fe783b03
LP		 1438 arg_action == ACTION_RUN &&
1439 running_in_chroot() > 0) {
1440 log_error("Cannot be run in a chroot() environment.");
1441 goto finish;
1442 }
1443
0d8c31ff
ZJS		 1444 if (arg_action == ACTION_TEST)
1445 skip_setup = true;
1446
b87c2aa6
ZJS		 1447 pager_open_if_enabled();
1448
fa0f4d8a 1449 if (arg_action == ACTION_HELP) {
f170852a
LP		 1450 retval = help();
1451 goto finish;
9ba0bc4e
ZJS		 1452 } else if (arg_action == ACTION_VERSION) {
1453 retval = version();
1454 goto finish;
fa0f4d8a 1455 } else if (arg_action == ACTION_DUMP_CONFIGURATION_ITEMS) {
e537352b 1456 unit_dump_config_items(stdout);
22f4096c 1457 retval = EXIT_SUCCESS;
e537352b 1458 goto finish;
fa0f4d8a 1459 } else if (arg_action == ACTION_DONE) {
22f4096c 1460 retval = EXIT_SUCCESS;
4288f619 1461 goto finish;
f170852a
LP		 1462 }
1463
8be28fb1
KS		 1464 if (arg_running_as == SYSTEMD_USER &&
1465 !getenv("XDG_RUNTIME_DIR")) {
1466 log_error("Trying to run as user instance, but $XDG_RUNTIME_DIR is not set.");
1467 goto finish;
1468 }
1469
fa0f4d8a 1470 assert_se(arg_action == ACTION_RUN || arg_action == ACTION_TEST);
f170852a 1471
871e5809
LP		 1472 /* Close logging fds, in order not to confuse fdset below */
1473 log_close();
1474
a16e1123 1475 /* Remember open file descriptors for later deserialization */
01e10de3
LP		 1476 r = fdset_new_fill(&fds);
1477 if (r < 0) {
da927ba9 1478 log_emergency_errno(r, "Failed to allocate fd set: %m");
cb6531be 1479 error_message = "Failed to allocate fd set";
01e10de3
LP		 1480 goto finish;
1481 } else
1482 fdset_cloexec(fds, true);
a16e1123 1483
d3b1c508
LP		 1484 if (arg_serialization)
1485 assert_se(fdset_remove(fds, fileno(arg_serialization)) >= 0);
a16e1123 1486
90dc8c2e 1487 if (arg_running_as == SYSTEMD_SYSTEM)
80876c20
LP		 1488 /* Become a session leader if we aren't one yet. */
1489 setsid();
4ade7963 1490
befb5b6a
LP		 1491 /* Move out of the way, so that we won't block unmounts */
1492 assert_se(chdir("/") == 0);
1493
2146621b
LP		 1494 /* Reset the console, but only if this is really init and we
1495 * are freshly booted */
56d96fc0
LP		 1496 if (arg_running_as == SYSTEMD_SYSTEM && arg_action == ACTION_RUN) {
1497
1498 /* If we are init, we connect stdin/stdout/stderr to
1499 * /dev/null and make sure we don't have a controlling
1500 * tty. */
1501 release_terminal();
1502
1503 if (getpid() == 1 && !skip_setup)
1504 console_setup();
1505 }
4ade7963 1506
18149b9f 1507 /* Open the logging devices, if possible and necessary */
843d2643 1508 log_open();
4ade7963 1509
b6e2f329
LP		 1510 if (arg_show_status == _SHOW_STATUS_UNSET)
1511 arg_show_status = SHOW_STATUS_YES;
1512
5373d602
LP		 1513 /* Make sure we leave a core dump without panicing the
1514 * kernel. */
ab422445 1515 if (getpid() == 1) {
4fc935ca 1516 install_crash_handler();
97c4f35c 1517
0c85a4f3
LP		 1518 r = mount_cgroup_controllers(arg_join_controllers);
1519 if (r < 0)
1520 goto finish;
1521 }
1522
67445f4e 1523 if (arg_running_as == SYSTEMD_SYSTEM) {
c20f5ac7
LP		 1524 const char *virtualization = NULL;
1525
0d8c31ff
ZJS		 1526 log_info(PACKAGE_STRING " running in %ssystem mode. (" SYSTEMD_FEATURES ")",
1527 arg_action == ACTION_TEST ? "test " : "" );
c20f5ac7
LP		 1528
1529 detect_virtualization(&virtualization);
1530 if (virtualization)
1531 log_info("Detected virtualization '%s'.", virtualization);
1532
fdd25311
LP		 1533 write_container_id();
1534
d9d93745
LP		 1535 log_info("Detected architecture '%s'.", architecture_to_string(uname_architecture()));
1536
26a1efdf
LP		 1537 if (in_initrd())
1538 log_info("Running in initial RAM disk.");
1539
3408ba01
LP		 1540 /* Let's check whether /etc is already populated. We
1541 * don't actually really check for that, but use
1542 * /etc/machine-id as flag file. This allows container
1543 * managers and installers to provision a couple of
1544 * files already. If the container manager wants to
1545 * provision the machine ID itself it should pass
ee33e53a 1546 * $container_uuid to PID 1. */
3408ba01 1547
baa1bdf7 1548 empty_etc = access("/etc/machine-id", F_OK) < 0;
5f5c2f38
LP		 1549 if (empty_etc)
1550 log_info("Running with unpopulated /etc.");
d8160f21 1551 } else {
1f97091d
LP		 1552 _cleanup_free_ char *t;
1553
1554 t = uid_to_name(getuid());
0d8c31ff
ZJS		 1555 log_debug(PACKAGE_STRING " running in %suser mode for user "UID_FMT"/%s. (" SYSTEMD_FEATURES ")",
1556 arg_action == ACTION_TEST ? " test" : "", getuid(), t);
d8160f21 1557 }
a5dab5ce 1558
67445f4e 1559 if (arg_running_as == SYSTEMD_SYSTEM && !skip_setup) {
d450b6f2 1560 if (arg_show_status > 0 || plymouth_running())
888c6216
LP		 1561 status_welcome();
1562
888c6216 1563 hostname_setup();
489388fb 1564 machine_id_setup(NULL);
888c6216 1565 loopback_setup();
490aed58 1566
6ee5bbf8 1567 test_mtab();
80758717 1568 test_usr();
af5bc85d 1569 }
302e8c4c 1570
67445f4e 1571 if (arg_running_as == SYSTEMD_SYSTEM && arg_runtime_watchdog > 0)
e96d6be7
LP		 1572 watchdog_set_timeout(&arg_runtime_watchdog);
1573
3a43da28 1574 if (arg_timer_slack_nsec != NSEC_INFINITY)
aa0f64ac 1575 if (prctl(PR_SET_TIMERSLACK, arg_timer_slack_nsec) < 0)
56f64d95 1576 log_error_errno(errno, "Failed to adjust timer slack: %m");
aa0f64ac 1577
ec8927ca 1578 if (arg_capability_bounding_set_drop) {
31c885e9 1579 r = capability_bounding_set_drop_usermode(arg_capability_bounding_set_drop);
ec8927ca 1580 if (r < 0) {
da927ba9 1581 log_emergency_errno(r, "Failed to drop capability bounding set of usermode helpers: %m");
cb6531be 1582 error_message = "Failed to drop capability bounding set of usermode helpers";
ec8927ca
LP		 1583 goto finish;
1584 }
31c885e9 1585 r = capability_bounding_set_drop(arg_capability_bounding_set_drop, true);
939b8f14 1586 if (r < 0) {
da927ba9 1587 log_emergency_errno(r, "Failed to drop capability bounding set: %m");
cb6531be 1588 error_message = "Failed to drop capability bounding set";
939b8f14
LP		 1589 goto finish;
1590 }
ec8927ca
LP		 1591 }
1592
d3b1c508
LP		 1593 if (arg_syscall_archs) {
1594 r = enforce_syscall_archs(arg_syscall_archs);
cb6531be
ZJS		 1595 if (r < 0) {
1596 error_message = "Failed to set syscall architectures";
d3b1c508 1597 goto finish;
cb6531be 1598 }
d3b1c508
LP		 1599 }
1600
67445f4e 1601 if (arg_running_as == SYSTEMD_USER) {
d4447f4d 1602 /* Become reaper of our children */
8b8ffe68 1603 if (prctl(PR_SET_CHILD_SUBREAPER, 1) < 0) {
56f64d95 1604 log_warning_errno(errno, "Failed to make us a subreaper: %m");
8b8ffe68 1605 if (errno == EINVAL)
ddfa5101 1606 log_info("Perhaps the kernel version is too old (< 3.4?)");
8b8ffe68 1607 }
d4447f4d
AK		 1608 }
1609
5f5c2f38 1610 if (arg_running_as == SYSTEMD_SYSTEM) {
4096d6f5
LP		 1611 bump_rlimit_nofile(&saved_rlimit_nofile);
1612
5f5c2f38
LP		 1613 if (empty_etc) {
1614 r = unit_file_preset_all(UNIT_FILE_SYSTEM, false, NULL, UNIT_FILE_PRESET_FULL, false, NULL, 0);
1615 if (r < 0)
da927ba9 1616 log_warning_errno(r, "Failed to populate /etc with preset unit settings, ignoring: %m");
5f5c2f38
LP		 1617 else
1618 log_info("Populated /etc with preset unit settings.");
1619 }
1620 }
1621
0d8c31ff 1622 r = manager_new(arg_running_as, arg_action == ACTION_TEST, &m);
e96d6be7 1623 if (r < 0) {
da927ba9 1624 log_emergency_errno(r, "Failed to allocate manager object: %m");
cb6531be 1625 error_message = "Failed to allocate manager object";
60918275
LP		 1626 goto finish;
1627 }
1628
9e58ff9c 1629 m->confirm_spawn = arg_confirm_spawn;
bd8f585b 1630 m->default_timer_accuracy_usec = arg_default_timer_accuracy_usec;
0a494f1f
LP		 1631 m->default_std_output = arg_default_std_output;
1632 m->default_std_error = arg_default_std_error;
1f19a534
OS		 1633 m->default_restart_usec = arg_default_restart_usec;
1634 m->default_timeout_start_usec = arg_default_timeout_start_usec;
1635 m->default_timeout_stop_usec = arg_default_timeout_stop_usec;
3f41e1e5
LN		 1636 m->default_start_limit_interval = arg_default_start_limit_interval;
1637 m->default_start_limit_burst = arg_default_start_limit_burst;
085afe36
LP		 1638 m->default_cpu_accounting = arg_default_cpu_accounting;
1639 m->default_blockio_accounting = arg_default_blockio_accounting;
1640 m->default_memory_accounting = arg_default_memory_accounting;
e96d6be7
LP		 1641 m->runtime_watchdog = arg_runtime_watchdog;
1642 m->shutdown_watchdog = arg_shutdown_watchdog;
2928b0a8 1643
c3a170f3
HH		 1644 m->userspace_timestamp = userspace_timestamp;
1645 m->kernel_timestamp = kernel_timestamp;
c3a170f3 1646 m->initrd_timestamp = initrd_timestamp;
c2e0d600
TA		 1647 m->security_start_timestamp = security_start_timestamp;
1648 m->security_finish_timestamp = security_finish_timestamp;
9e58ff9c 1649
c93ff2e9 1650 manager_set_default_rlimits(m, arg_default_rlimit);
b6e2f329 1651 manager_environment_add(m, NULL, arg_default_environment);
27d340c7 1652 manager_set_show_status(m, arg_show_status);
e2680723 1653 manager_set_first_boot(m, empty_etc);
27d340c7 1654
bf4df7c3 1655 /* Remember whether we should queue the default job */
d3b1c508 1656 queue_default_job = !arg_serialization || arg_switched_root;
bf4df7c3 1657
9d76d730
LP		 1658 before_startup = now(CLOCK_MONOTONIC);
1659
d3b1c508 1660 r = manager_startup(m, arg_serialization, fds);
e96d6be7 1661 if (r < 0)
da927ba9 1662 log_error_errno(r, "Failed to fully start up daemon: %m");
a16e1123 1663
bf4df7c3
LP		 1664 /* This will close all file descriptors that were opened, but
1665 * not claimed by any unit. */
01e10de3 1666 fdset_free(fds);
6c081276 1667 fds = NULL;
f50e0a01 1668
d3b1c508
LP		 1669 if (arg_serialization) {
1670 fclose(arg_serialization);
1671 arg_serialization = NULL;
bf4df7c3
LP		 1672 }
1673
1674 if (queue_default_job) {
718db961 1675 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1c27d3f3 1676 Unit *target = NULL;
bacbccb7 1677 Job *default_unit_job;
398ef8ba 1678
fa0f4d8a 1679 log_debug("Activating default unit: %s", arg_default_unit);
a16e1123 1680
e96d6be7 1681 r = manager_load_unit(m, arg_default_unit, NULL, &error, &target);
718db961
LP		 1682 if (r < 0)
1683 log_error("Failed to load default target: %s", bus_error_message(&error, r));
1684 else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND)
c33b3297 1685 log_error_errno(target->load_error, "Failed to load default target: %m");
ac155bb8 1686 else if (target->load_state == UNIT_MASKED)
6daf4f90 1687 log_error("Default target masked.");
27b14a22 1688
ac155bb8 1689 if (!target || target->load_state != UNIT_LOADED) {
a16e1123 1690 log_info("Trying to load rescue target...");
1c27d3f3 1691
e96d6be7
LP		 1692 r = manager_load_unit(m, SPECIAL_RESCUE_TARGET, NULL, &error, &target);
1693 if (r < 0) {
4104970e 1694 log_emergency("Failed to load rescue target: %s", bus_error_message(&error, r));
cb6531be 1695 error_message = "Failed to load rescue target";
a16e1123 1696 goto finish;
11ddb6f4 1697 } else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND) {
c33b3297 1698 log_emergency_errno(target->load_error, "Failed to load rescue target: %m");
cb6531be 1699 error_message = "Failed to load rescue target";
1c27d3f3 1700 goto finish;
ac155bb8 1701 } else if (target->load_state == UNIT_MASKED) {
4104970e 1702 log_emergency("Rescue target masked.");
cb6531be 1703 error_message = "Rescue target masked";
00dc5d76 1704 goto finish;
a16e1123
LP		 1705 }
1706 }
37d88da7 1707
ac155bb8 1708 assert(target->load_state == UNIT_LOADED);
00dc5d76 1709
fa0f4d8a 1710 if (arg_action == ACTION_TEST) {
40d50879 1711 printf("-> By units:\n");
a16e1123
LP		 1712 manager_dump_units(m, stdout, "\t");
1713 }
1714
95f1b47d 1715 r = manager_add_job(m, JOB_START, target, JOB_ISOLATE, false, &error, &default_unit_job);
ab17a050 1716 if (r == -EPERM) {
718db961 1717 log_debug("Default target could not be isolated, starting instead: %s", bus_error_message(&error, r));
ab17a050
LP		 1718
1719 r = manager_add_job(m, JOB_START, target, JOB_REPLACE, false, &error, &default_unit_job);
1720 if (r < 0) {
4104970e 1721 log_emergency("Failed to start default target: %s", bus_error_message(&error, r));
cb6531be 1722 error_message = "Failed to start default target";
ab17a050
LP		 1723 goto finish;
1724 }
1725 } else if (r < 0) {
4104970e 1726 log_emergency("Failed to isolate default target: %s", bus_error_message(&error, r));
cb6531be 1727 error_message = "Failed to isolate default target";
37d88da7
LP		 1728 goto finish;
1729 }
ab17a050 1730
bacbccb7 1731 m->default_unit_job_id = default_unit_job->id;
60918275 1732
07672f49
LP		 1733 after_startup = now(CLOCK_MONOTONIC);
1734 log_full(arg_action == ACTION_TEST ? LOG_INFO : LOG_DEBUG,
1735 "Loaded units and determined initial transaction in %s.",
fdb14b7e 1736 format_timespan(timespan, sizeof(timespan), after_startup - before_startup, 100 * USEC_PER_MSEC));
07672f49 1737
fa0f4d8a 1738 if (arg_action == ACTION_TEST) {
40d50879 1739 printf("-> By jobs:\n");
a16e1123 1740 manager_dump_jobs(m, stdout, "\t");
22f4096c 1741 retval = EXIT_SUCCESS;
a16e1123
LP		 1742 goto finish;
1743 }
e965d56d 1744 }
d46de8a1 1745
a16e1123 1746 for (;;) {
e96d6be7
LP		 1747 r = manager_loop(m);
1748 if (r < 0) {
da927ba9 1749 log_emergency_errno(r, "Failed to run main loop: %m");
cb6531be 1750 error_message = "Failed to run main loop";
a16e1123
LP		 1751 goto finish;
1752 }
11dd41ce 1753
a16e1123 1754 switch (m->exit_code) {
e965d56d 1755
a16e1123 1756 case MANAGER_EXIT:
22f4096c 1757 retval = EXIT_SUCCESS;
a16e1123
LP		 1758 log_debug("Exit.");
1759 goto finish;
e965d56d 1760
a16e1123 1761 case MANAGER_RELOAD:
e015090f 1762 log_info("Reloading.");
e96d6be7
LP		 1763 r = manager_reload(m);
1764 if (r < 0)
da927ba9 1765 log_error_errno(r, "Failed to reload: %m");
a16e1123 1766 break;
cea8e32e 1767
a16e1123 1768 case MANAGER_REEXECUTE:
664f88a7 1769
cb6531be
ZJS		 1770 if (prepare_reexecute(m, &arg_serialization, &fds, false) < 0) {
1771 error_message = "Failed to prepare for reexection";
a16e1123 1772 goto finish;
cb6531be 1773 }
60918275 1774
a16e1123 1775 reexecute = true;
e015090f 1776 log_notice("Reexecuting.");
a16e1123
LP		 1777 goto finish;
1778
664f88a7
LP		 1779 case MANAGER_SWITCH_ROOT:
1780 /* Steal the switch root parameters */
41669317 1781 switch_root_dir = m->switch_root;
664f88a7
LP		 1782 switch_root_init = m->switch_root_init;
1783 m->switch_root = m->switch_root_init = NULL;
1784
1785 if (!switch_root_init)
cb6531be
ZJS		 1786 if (prepare_reexecute(m, &arg_serialization, &fds, true) < 0) {
1787 error_message = "Failed to prepare for reexection";
664f88a7 1788 goto finish;
cb6531be 1789 }
664f88a7
LP		 1790
1791 reexecute = true;
1792 log_notice("Switching root.");
1793 goto finish;
1794
b9080b03
FF		 1795 case MANAGER_REBOOT:
1796 case MANAGER_POWEROFF:
1797 case MANAGER_HALT:
1798 case MANAGER_KEXEC: {
1799 static const char * const table[_MANAGER_EXIT_CODE_MAX] = {
1800 [MANAGER_REBOOT] = "reboot",
1801 [MANAGER_POWEROFF] = "poweroff",
1802 [MANAGER_HALT] = "halt",
1803 [MANAGER_KEXEC] = "kexec"
1804 };
1805
1806 assert_se(shutdown_verb = table[m->exit_code]);
e96d6be7 1807 arm_reboot_watchdog = m->exit_code == MANAGER_REBOOT;
b9080b03
FF		 1808
1809 log_notice("Shutting down.");
1810 goto finish;
1811 }
1812
a16e1123
LP		 1813 default:
1814 assert_not_reached("Unknown exit code.");
1815 }
1816 }
f170852a 1817
60918275 1818finish:
b87c2aa6
ZJS		 1819 pager_close();
1820
06d8d842 1821 m = manager_free(m);
60918275 1822
d3b1c508 1823 for (j = 0; j < ELEMENTSOF(arg_default_rlimit); j++) {
4096d6f5 1824 free(arg_default_rlimit[j]);
d3b1c508
LP		 1825 arg_default_rlimit[j] = NULL;
1826 }
c93ff2e9 1827
fa0f4d8a 1828 free(arg_default_unit);
d3b1c508
LP		 1829 arg_default_unit = NULL;
1830
0c85a4f3 1831 free_join_controllers();
b9cd2ec1 1832
d3b1c508
LP		 1833 strv_free(arg_default_environment);
1834 arg_default_environment = NULL;
1835
1836 set_free(arg_syscall_archs);
1837 arg_syscall_archs = NULL;
1838
cc56fafe 1839 mac_selinux_finish();
b2bb3dbe 1840
a16e1123 1841 if (reexecute) {
664f88a7 1842 const char **args;
e564a982 1843 unsigned i, args_size;
a16e1123 1844
664f88a7
LP		 1845 /* Close and disarm the watchdog, so that the new
1846 * instance can reinitialize it, but doesn't get
1847 * rebooted while we do that */
1848 watchdog_close(true);
a16e1123 1849
4096d6f5
LP		 1850 /* Reset the RLIMIT_NOFILE to the kernel default, so
1851 * that the new systemd can pass the kernel default to
1852 * its child processes */
1853 if (saved_rlimit_nofile.rlim_cur > 0)
1854 setrlimit(RLIMIT_NOFILE, &saved_rlimit_nofile);
1855
41669317 1856 if (switch_root_dir) {
cee530bb
LP		 1857 /* Kill all remaining processes from the
1858 * initrd, but don't wait for them, so that we
1859 * can handle the SIGCHLD for them after
1860 * deserializing. */
0bee65f0 1861 broadcast_signal(SIGTERM, false, true);
bd3fa1d2 1862
5a4bf02f
HH		 1863 /* And switch root with MS_MOVE, because we remove the old directory afterwards and detach it. */
1864 r = switch_root(switch_root_dir, "/mnt", true, MS_MOVE);
41669317 1865 if (r < 0)
da927ba9 1866 log_error_errno(r, "Failed to switch root, trying to continue: %m");
41669317 1867 }
a16e1123 1868
d03bc1b8 1869 args_size = MAX(6, argc+1);
e564a982 1870 args = newa(const char*, args_size);
a16e1123 1871
664f88a7
LP		 1872 if (!switch_root_init) {
1873 char sfd[16];
a16e1123 1874
664f88a7
LP		 1875 /* First try to spawn ourselves with the right
1876 * path, and with full serialization. We do
1877 * this only if the user didn't specify an
1878 * explicit init to spawn. */
edb9aaa8 1879
d3b1c508 1880 assert(arg_serialization);
664f88a7 1881 assert(fds);
edb9aaa8 1882
d3b1c508 1883 snprintf(sfd, sizeof(sfd), "%i", fileno(arg_serialization));
664f88a7 1884 char_array_0(sfd);
edb9aaa8 1885
664f88a7
LP		 1886 i = 0;
1887 args[i++] = SYSTEMD_BINARY_PATH;
41669317 1888 if (switch_root_dir)
2660882b 1889 args[i++] = "--switched-root";
67445f4e 1890 args[i++] = arg_running_as == SYSTEMD_SYSTEM ? "--system" : "--user";
664f88a7
LP		 1891 args[i++] = "--deserialize";
1892 args[i++] = sfd;
1893 args[i++] = NULL;
edb9aaa8 1894
ce8aba56
KS		 1895 /* do not pass along the environment we inherit from the kernel or initrd */
1896 if (switch_root_dir)
1897 clearenv();
1898
e564a982 1899 assert(i <= args_size);
664f88a7
LP		 1900 execv(args[0], (char* const*) args);
1901 }
6e98720f 1902
664f88a7
LP		 1903 /* Try the fallback, if there is any, without any
1904 * serialization. We pass the original argv[] and
1905 * envp[]. (Well, modulo the ordering changes due to
1906 * getopt() in argv[], and some cleanups in envp[],
1907 * but let's hope that doesn't matter.) */
a16e1123 1908
d3b1c508
LP		 1909 if (arg_serialization) {
1910 fclose(arg_serialization);
1911 arg_serialization = NULL;
b8f83232 1912 }
a16e1123 1913
b8f83232 1914 if (fds) {
664f88a7 1915 fdset_free(fds);
b8f83232
LP		 1916 fds = NULL;
1917 }
a16e1123 1918
a504223d
HH		 1919 /* Reopen the console */
1920 make_console_stdio();
1921
d3b1c508 1922 for (j = 1, i = 1; j < (unsigned) argc; j++)
664f88a7 1923 args[i++] = argv[j];
a16e1123 1924 args[i++] = NULL;
e564a982 1925 assert(i <= args_size);
b8f83232 1926
1b6d7fa7 1927 /* Reenable any blocked signals, especially important
5a85ca1c 1928 * if we switch from initial ramdisk to init=... */
9bfcda95 1929 reset_all_signal_handlers();
1b6d7fa7 1930 reset_signal_mask();
5a85ca1c 1931
b8f83232
LP		 1932 if (switch_root_init) {
1933 args[0] = switch_root_init;
1934 execv(args[0], (char* const*) args);
56f64d95 1935 log_warning_errno(errno, "Failed to execute configured init, trying fallback: %m");
b8f83232
LP		 1936 }
1937
1938 args[0] = "/sbin/init";
a16e1123
LP		 1939 execv(args[0], (char* const*) args);
1940
745e2fb7
KS		 1941 if (errno == ENOENT) {
1942 log_warning("No /sbin/init, trying fallback");
b8f83232 1943
745e2fb7
KS		 1944 args[0] = "/bin/sh";
1945 args[1] = NULL;
1946 execv(args[0], (char* const*) args);
56f64d95 1947 log_error_errno(errno, "Failed to execute /bin/sh, giving up: %m");
745e2fb7 1948 } else
56f64d95 1949 log_warning_errno(errno, "Failed to execute /sbin/init, giving up: %m");
a16e1123
LP		 1950 }
1951
d3b1c508
LP		 1952 if (arg_serialization) {
1953 fclose(arg_serialization);
1954 arg_serialization = NULL;
1955 }
a16e1123 1956
d3b1c508 1957 if (fds) {
a16e1123 1958 fdset_free(fds);
d3b1c508
LP		 1959 fds = NULL;
1960 }
a16e1123 1961
54b434b1
LP		 1962#ifdef HAVE_VALGRIND_VALGRIND_H
1963 /* If we are PID 1 and running under valgrind, then let's exit
1964 * here explicitly. valgrind will only generate nice output on
1965 * exit(), not on exec(), hence let's do the former not the
1966 * latter here. */
1967 if (getpid() == 1 && RUNNING_ON_VALGRIND)
1968 return 0;
1969#endif
1970
b9080b03 1971 if (shutdown_verb) {
b1e90ec5
ZJS		 1972 char log_level[DECIMAL_STR_MAX(int) + 1];
1973 const char* command_line[9] = {
b9080b03
FF		 1974 SYSTEMD_SHUTDOWN_BINARY_PATH,
1975 shutdown_verb,
b1e90ec5
ZJS		 1976 "--log-level", log_level,
1977 "--log-target",
b9080b03 1978 };
b1e90ec5 1979 unsigned pos = 5;
e3e45d4f 1980 _cleanup_strv_free_ char **env_block = NULL;
15bd5aee
LP		 1981
1982 assert(command_line[pos] == NULL);
e3e45d4f 1983 env_block = strv_copy(environ);
b9080b03 1984
b1e90ec5
ZJS		 1985 snprintf(log_level, sizeof(log_level), "%d", log_get_max_level());
1986
1987 switch (log_get_target()) {
1988 case LOG_TARGET_KMSG:
1989 case LOG_TARGET_JOURNAL_OR_KMSG:
1990 case LOG_TARGET_SYSLOG_OR_KMSG:
1991 command_line[pos++] = "kmsg";
1992 break;
1993
1994 case LOG_TARGET_CONSOLE:
1995 default:
1996 command_line[pos++] = "console";
1997 break;
1998 };
1999
2000 if (log_get_show_color())
2001 command_line[pos++] = "--log-color";
2002
2003 if (log_get_show_location())
2004 command_line[pos++] = "--log-location";
2005
26abdc73 2006 assert(pos < ELEMENTSOF(command_line));
b1e90ec5 2007
e96d6be7 2008 if (arm_reboot_watchdog && arg_shutdown_watchdog > 0) {
e3e45d4f 2009 char *e;
d18f337c 2010
e96d6be7
LP		 2011 /* If we reboot let's set the shutdown
2012 * watchdog and tell the shutdown binary to
2013 * repeatedly ping it */
2014 watchdog_set_timeout(&arg_shutdown_watchdog);
2015 watchdog_close(false);
2016
e3e45d4f
SP		 2017 /* Tell the binary how often to ping, ignore failure */
2018 if (asprintf(&e, "WATCHDOG_USEC="USEC_FMT, arg_shutdown_watchdog) > 0)
2019 strv_push(&env_block, e);
2020 } else
e96d6be7
LP		 2021 watchdog_close(true);
2022
66713f77
LP		 2023 /* Avoid the creation of new processes forked by the
2024 * kernel; at this point, we will not listen to the
2025 * signals anyway */
2026 if (detect_container(NULL) <= 0)
2027 cg_uninstall_release_agent(SYSTEMD_CGROUP_CONTROLLER);
ad929bcc 2028
d18f337c 2029 execve(SYSTEMD_SHUTDOWN_BINARY_PATH, (char **) command_line, env_block);
56f64d95 2030 log_error_errno(errno, "Failed to execute shutdown binary, %s: %m",
b1e90ec5 2031 getpid() == 1 ? "freezing" : "quitting");
b9080b03
FF		 2032 }
2033
cb6531be
ZJS		 2034 if (getpid() == 1) {
2035 if (error_message)
2036 manager_status_printf(NULL, STATUS_TYPE_EMERGENCY,
2037 ANSI_HIGHLIGHT_RED_ON "!!!!!!" ANSI_HIGHLIGHT_OFF,
2038 "%s, freezing.", error_message);
c3b3c274 2039 freeze();
cb6531be 2040 }
c3b3c274 2041
60918275
LP		 2042 return retval;
2043}
Unnamed repository; edit this file 'description' to name the repository.