]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/main.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
core: split out the core loop out of main()
[thirdparty/systemd.git] / src / core / main.c
CommitLineData
53e1b683 1/* SPDX-License-Identifier: LGPL-2.1+ */
a7334b09
LP		 2/***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6
7 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
a7334b09
LP		 10 (at your option) any later version.
11
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 15 Lesser General Public License for more details.
a7334b09 16
5430f7f2 17 You should have received a copy of the GNU Lesser General Public License
a7334b09
LP		 18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
19***/
20
60918275 21#include <errno.h>
3dfc9763 22#include <fcntl.h>
f170852a 23#include <getopt.h>
97c4f35c 24#include <signal.h>
3dfc9763
LP		 25#include <stdio.h>
26#include <string.h>
664f88a7 27#include <sys/mount.h>
3dfc9763 28#include <sys/prctl.h>
b9e74c39 29#include <sys/reboot.h>
3dfc9763
LP		 30#include <sys/stat.h>
31#include <unistd.h>
349cc4a5 32#if HAVE_SECCOMP
b64a3d86
LP		 33#include <seccomp.h>
34#endif
349cc4a5 35#if HAVE_VALGRIND_VALGRIND_H
3dfc9763
LP		 36#include <valgrind/valgrind.h>
37#endif
54b434b1 38
718db961 39#include "sd-bus.h"
cf0fbc49 40#include "sd-daemon.h"
3dfc9763 41
b5efdb8a 42#include "alloc-util.h"
d9d93745 43#include "architecture.h"
3dfc9763
LP		 44#include "build.h"
45#include "bus-error.h"
46#include "bus-util.h"
430f0182 47#include "capability-util.h"
24efb112 48#include "clock-util.h"
3dfc9763 49#include "conf-parser.h"
618234a5 50#include "cpu-set-util.h"
3dfc9763
LP		 51#include "dbus-manager.h"
52#include "def.h"
eee8b7ab 53#include "emergency-action.h"
3dfc9763 54#include "env-util.h"
3ffd4af2 55#include "fd-util.h"
3dfc9763 56#include "fdset.h"
718db961 57#include "fileio.h"
f97b34a6 58#include "format-util.h"
f4f15635 59#include "fs-util.h"
3dfc9763
LP		 60#include "hostname-setup.h"
61#include "ima-setup.h"
62#include "killall.h"
63#include "kmod-setup.h"
d7b8eec7 64#include "load-fragment.h"
3dfc9763 65#include "log.h"
b6e66135 66#include "loopback-setup.h"
b6e66135 67#include "machine-id-setup.h"
3dfc9763
LP		 68#include "manager.h"
69#include "missing.h"
70#include "mount-setup.h"
71#include "pager.h"
6bedfcbb 72#include "parse-util.h"
7d5ceb64 73#include "path-util.h"
4e731273 74#include "proc-cmdline.h"
3dfc9763 75#include "process-util.h"
8869a0b4 76#include "raw-clone.h"
78f22b97 77#include "rlimit-util.h"
349cc4a5 78#if HAVE_SECCOMP
83f12b27
FS		 79#include "seccomp-util.h"
80#endif
b6e66135 81#include "selinux-setup.h"
3dfc9763
LP		 82#include "selinux-util.h"
83#include "signal-util.h"
ffbd2c4d 84#include "smack-setup.h"
3dfc9763 85#include "special.h"
8fcde012 86#include "stat-util.h"
15a5e950 87#include "stdio-util.h"
3dfc9763
LP		 88#include "strv.h"
89#include "switch-root.h"
90#include "terminal-util.h"
8612da97 91#include "umask-util.h"
b1d4f8e1 92#include "user-util.h"
3dfc9763
LP		 93#include "virt.h"
94#include "watchdog.h"
b6e66135 95
f170852a
LP		 96static enum {
97 ACTION_RUN,
e965d56d 98 ACTION_HELP,
9ba0bc4e 99 ACTION_VERSION,
e537352b 100 ACTION_TEST,
494294d6 101 ACTION_DUMP_CONFIGURATION_ITEMS
fa0f4d8a 102} arg_action = ACTION_RUN;
fa0f4d8a 103static char *arg_default_unit = NULL;
463d0d15 104static bool arg_system = false;
fa0f4d8a 105static bool arg_dump_core = true;
fa0f4d8a 106static int arg_crash_chvt = -1;
b9e74c39
LP		 107static bool arg_crash_shell = false;
108static bool arg_crash_reboot = false;
7d5ceb64 109static char *arg_confirm_spawn = NULL;
b6e2f329 110static ShowStatus arg_show_status = _SHOW_STATUS_UNSET;
bf4df7c3 111static bool arg_switched_root = false;
ea4b98e6 112static bool arg_no_pager = false;
0c85a4f3 113static char ***arg_join_controllers = NULL;
706343f4 114static ExecOutput arg_default_std_output = EXEC_OUTPUT_JOURNAL;
0a494f1f 115static ExecOutput arg_default_std_error = EXEC_OUTPUT_INHERIT;
1f19a534
OS		 116static usec_t arg_default_restart_usec = DEFAULT_RESTART_USEC;
117static usec_t arg_default_timeout_start_usec = DEFAULT_TIMEOUT_USEC;
118static usec_t arg_default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC;
3f41e1e5
LN		 119static usec_t arg_default_start_limit_interval = DEFAULT_START_LIMIT_INTERVAL;
120static unsigned arg_default_start_limit_burst = DEFAULT_START_LIMIT_BURST;
e96d6be7
LP		 121static usec_t arg_runtime_watchdog = 0;
122static usec_t arg_shutdown_watchdog = 10 * USEC_PER_MINUTE;
97d0e5f8 123static char **arg_default_environment = NULL;
517d56b1 124static struct rlimit *arg_default_rlimit[_RLIMIT_MAX] = {};
a103496c 125static uint64_t arg_capability_bounding_set = CAP_ALL;
3a43da28 126static nsec_t arg_timer_slack_nsec = NSEC_INFINITY;
bd8f585b 127static usec_t arg_default_timer_accuracy_usec = 1 * USEC_PER_MINUTE;
d3b1c508
LP		 128static Set* arg_syscall_archs = NULL;
129static FILE* arg_serialization = NULL;
085afe36 130static bool arg_default_cpu_accounting = false;
13c31542 131static bool arg_default_io_accounting = false;
377bfd2d 132static bool arg_default_ip_accounting = false;
085afe36
LP		 133static bool arg_default_blockio_accounting = false;
134static bool arg_default_memory_accounting = false;
9ded9cd1 135static bool arg_default_tasks_accounting = true;
79baeeb9 136static uint64_t arg_default_tasks_max = UINT64_MAX;
ee48dbd5 137static sd_id128_t arg_machine_id = {};
ae8c7939 138static EmergencyAction arg_cad_burst_action = EMERGENCY_ACTION_REBOOT_FORCE;
4fc935ca 139
b9e74c39
LP		 140noreturn static void freeze_or_reboot(void) {
141
142 if (arg_crash_reboot) {
143 log_notice("Rebooting in 10s...");
144 (void) sleep(10);
145
146 log_notice("Rebooting now...");
147 (void) reboot(RB_AUTOBOOT);
148 log_emergency_errno(errno, "Failed to reboot: %m");
149 }
150
151 log_emergency("Freezing execution.");
152 freeze();
153}
154
919ce0b7 155noreturn static void crash(int sig) {
7d06dad9
MS		 156 struct sigaction sa;
157 pid_t pid;
97c4f35c 158
df0ff127 159 if (getpid_cached() != 1)
abb26902 160 /* Pass this on immediately, if this is not PID 1 */
92ca4cac 161 (void) raise(sig);
abb26902 162 else if (!arg_dump_core)
4104970e 163 log_emergency("Caught <%s>, not dumping core.", signal_to_string(sig));
97c4f35c 164 else {
7d06dad9 165 sa = (struct sigaction) {
189d5bac 166 .sa_handler = nop_signal_handler,
b92bea5d
ZJS		 167 .sa_flags = SA_NOCLDSTOP|SA_RESTART,
168 };
97c4f35c 169
6f5e3f35 170 /* We want to wait for the core process, hence let's enable SIGCHLD */
92ca4cac 171 (void) sigaction(SIGCHLD, &sa, NULL);
6f5e3f35 172
8869a0b4 173 pid = raw_clone(SIGCHLD);
e62d8c39 174 if (pid < 0)
56f64d95 175 log_emergency_errno(errno, "Caught <%s>, cannot fork for core dump: %m", signal_to_string(sig));
97c4f35c 176 else if (pid == 0) {
97c4f35c 177 /* Enable default signal handler for core dump */
15a90032 178
92ca4cac
LP		 179 sa = (struct sigaction) {
180 .sa_handler = SIG_DFL,
181 };
182 (void) sigaction(sig, &sa, NULL);
97c4f35c 183
15a90032
LP		 184 /* Don't limit the coredump size */
185 (void) setrlimit(RLIMIT_CORE, &RLIMIT_MAKE_CONST(RLIM_INFINITY));
97c4f35c
LP		 186
187 /* Just to be sure... */
e62d9b81 188 (void) chdir("/");
97c4f35c
LP		 189
190 /* Raise the signal again */
ee05e779 191 pid = raw_getpid();
92ca4cac 192 (void) kill(pid, sig); /* raise() would kill the parent */
97c4f35c
LP		 193
194 assert_not_reached("We shouldn't be here...");
92ca4cac 195 _exit(EXIT_FAILURE);
4fc935ca 196 } else {
8e12a6ae
LP		 197 siginfo_t status;
198 int r;
4fc935ca
LP		 199
200 /* Order things nicely. */
e62d8c39
ZJS		 201 r = wait_for_terminate(pid, &status);
202 if (r < 0)
da927ba9 203 log_emergency_errno(r, "Caught <%s>, waitpid() failed: %m", signal_to_string(sig));
8e12a6ae 204 else if (status.si_code != CLD_DUMPED)
ee05e779
ZJS		 205 log_emergency("Caught <%s>, core dump failed (child "PID_FMT", code=%s, status=%i/%s).",
206 signal_to_string(sig),
207 pid, sigchld_code_to_string(status.si_code),
208 status.si_status,
209 strna(status.si_code == CLD_EXITED
38107f5a 210 ? exit_status_to_string(status.si_status, EXIT_STATUS_MINIMAL)
ee05e779 211 : signal_to_string(status.si_status)));
4fc935ca 212 else
4104970e 213 log_emergency("Caught <%s>, dumped core as pid "PID_FMT".", signal_to_string(sig), pid);
97c4f35c
LP		 214 }
215 }
216
b9e74c39 217 if (arg_crash_chvt >= 0)
92ca4cac 218 (void) chvt(arg_crash_chvt);
601f6a1e 219
7d06dad9
MS		 220 sa = (struct sigaction) {
221 .sa_handler = SIG_IGN,
222 .sa_flags = SA_NOCLDSTOP|SA_NOCLDWAIT|SA_RESTART,
223 };
224
225 /* Let the kernel reap children for us */
226 (void) sigaction(SIGCHLD, &sa, NULL);
8c43883a 227
7d06dad9 228 if (arg_crash_shell) {
b9e74c39 229 log_notice("Executing crash shell in 10s...");
92ca4cac 230 (void) sleep(10);
4fc935ca 231
8869a0b4 232 pid = raw_clone(SIGCHLD);
cd3bd60a 233 if (pid < 0)
56f64d95 234 log_emergency_errno(errno, "Failed to fork off crash shell: %m");
6f5e3f35 235 else if (pid == 0) {
b9e74c39 236 (void) setsid();
92ca4cac
LP		 237 (void) make_console_stdio();
238 (void) execle("/bin/sh", "/bin/sh", NULL, environ);
6f5e3f35 239
ee05e779 240 log_emergency_errno(errno, "execle() failed: %m");
92ca4cac 241 _exit(EXIT_FAILURE);
b9e74c39
LP		 242 } else {
243 log_info("Spawned crash shell as PID "PID_FMT".", pid);
4cf0b03b 244 (void) wait_for_terminate(pid, NULL);
b9e74c39 245 }
4fc935ca
LP		 246 }
247
b9e74c39 248 freeze_or_reboot();
97c4f35c
LP		 249}
250
251static void install_crash_handler(void) {
297d563d 252 static const struct sigaction sa = {
b92bea5d 253 .sa_handler = crash,
297d563d 254 .sa_flags = SA_NODEFER, /* So that we can raise the signal again from the signal handler */
b92bea5d 255 };
297d563d 256 int r;
97c4f35c 257
297d563d
LP		 258 /* We ignore the return value here, since, we don't mind if we
259 * cannot set up a crash handler */
260 r = sigaction_many(&sa, SIGNALS_CRASH_HANDLER, -1);
261 if (r < 0)
262 log_debug_errno(r, "I had trouble setting up the crash handler, ignoring: %m");
97c4f35c 263}
f170852a 264
56d96fc0
LP		 265static int console_setup(void) {
266 _cleanup_close_ int tty_fd = -1;
267 int r;
80876c20 268
512947d4 269 tty_fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
23bbb0de
MS		 270 if (tty_fd < 0)
271 return log_error_errno(tty_fd, "Failed to open /dev/console: %m");
80876c20 272
56d96fc0
LP		 273 /* We don't want to force text mode. plymouth may be showing
274 * pictures already from initrd. */
512947d4 275 r = reset_terminal_fd(tty_fd, false);
23bbb0de
MS		 276 if (r < 0)
277 return log_error_errno(r, "Failed to reset /dev/console: %m");
843d2643 278
56d96fc0 279 return 0;
80876c20
LP		 280}
281
b9e74c39
LP		 282static int parse_crash_chvt(const char *value) {
283 int b;
284
285 if (safe_atoi(value, &arg_crash_chvt) >= 0)
286 return 0;
287
288 b = parse_boolean(value);
289 if (b < 0)
290 return b;
291
292 if (b > 0)
293 arg_crash_chvt = 0; /* switch to where kmsg goes */
294 else
295 arg_crash_chvt = -1; /* turn off switching */
296
297 return 0;
298}
299
7d5ceb64
FB		 300static int parse_confirm_spawn(const char *value, char **console) {
301 char *s;
302 int r;
303
304 r = value ? parse_boolean(value) : 1;
305 if (r == 0) {
306 *console = NULL;
307 return 0;
308 }
309
310 if (r > 0) /* on with default tty */
311 s = strdup("/dev/console");
312 else if (is_path(value)) /* on with fully qualified path */
313 s = strdup(value);
314 else /* on with only a tty file name, not a fully qualified path */
315 s = strjoin("/dev/", value);
316 if (!s)
317 return -ENOMEM;
318 *console = s;
319 return 0;
320}
321
ee48dbd5 322static int set_machine_id(const char *m) {
e042eab7 323 sd_id128_t t;
8b26cdbd 324 assert(m);
ee48dbd5 325
e042eab7 326 if (sd_id128_from_string(m, &t) < 0)
ee48dbd5
NC		 327 return -EINVAL;
328
e042eab7 329 if (sd_id128_is_null(t))
ee48dbd5
NC		 330 return -EINVAL;
331
e042eab7 332 arg_machine_id = t;
ee48dbd5
NC		 333 return 0;
334}
335
96287a49 336static int parse_proc_cmdline_item(const char *key, const char *value, void *data) {
f170852a 337
059cb385 338 int r;
f170852a 339
059cb385 340 assert(key);
5192bd19 341
1d84ad94 342 if (STR_IN_SET(key, "systemd.unit", "rd.systemd.unit")) {
bf4df7c3 343
1d84ad94
LP		 344 if (proc_cmdline_value_missing(key, value))
345 return 0;
bf4df7c3 346
1d84ad94
LP		 347 if (!unit_name_is_valid(value, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
348 log_warning("Unit name specified on %s= is not valid, ignoring: %s", key, value);
349 else if (in_initrd() == !!startswith(key, "rd.")) {
350 if (free_and_strdup(&arg_default_unit, value) < 0)
351 return log_oom();
352 }
f170852a 353
1d84ad94 354 } else if (proc_cmdline_key_streq(key, "systemd.dump_core")) {
4fc935ca 355
1d84ad94 356 r = value ? parse_boolean(value) : true;
fb472900 357 if (r < 0)
059cb385 358 log_warning("Failed to parse dump core switch %s. Ignoring.", value);
4fc935ca 359 else
fa0f4d8a 360 arg_dump_core = r;
4fc935ca 361
1d84ad94 362 } else if (proc_cmdline_key_streq(key, "systemd.crash_chvt")) {
b9e74c39 363
1d84ad94
LP		 364 if (!value)
365 arg_crash_chvt = 0; /* turn on */
366 else if (parse_crash_chvt(value) < 0)
b9e74c39
LP		 367 log_warning("Failed to parse crash chvt switch %s. Ignoring.", value);
368
1d84ad94 369 } else if (proc_cmdline_key_streq(key, "systemd.crash_shell")) {
4fc935ca 370
1d84ad94 371 r = value ? parse_boolean(value) : true;
fb472900 372 if (r < 0)
059cb385 373 log_warning("Failed to parse crash shell switch %s. Ignoring.", value);
4fc935ca 374 else
fa0f4d8a 375 arg_crash_shell = r;
5e7ee61c 376
1d84ad94 377 } else if (proc_cmdline_key_streq(key, "systemd.crash_reboot")) {
5e7ee61c 378
1d84ad94 379 r = value ? parse_boolean(value) : true;
b9e74c39
LP		 380 if (r < 0)
381 log_warning("Failed to parse crash reboot switch %s. Ignoring.", value);
5e7ee61c 382 else
b9e74c39 383 arg_crash_reboot = r;
5e7ee61c 384
1d84ad94
LP		 385 } else if (proc_cmdline_key_streq(key, "systemd.confirm_spawn")) {
386 char *s;
7d5ceb64 387
1d84ad94 388 r = parse_confirm_spawn(value, &s);
059cb385 389 if (r < 0)
7d5ceb64 390 log_warning_errno(r, "Failed to parse confirm_spawn switch %s. Ignoring.", value);
1d84ad94
LP		 391 else {
392 free(arg_confirm_spawn);
393 arg_confirm_spawn = s;
394 }
601f6a1e 395
1d84ad94 396 } else if (proc_cmdline_key_streq(key, "systemd.show_status")) {
9e58ff9c 397
1d84ad94
LP		 398 if (value) {
399 r = parse_show_status(value, &arg_show_status);
400 if (r < 0)
401 log_warning("Failed to parse show status switch %s. Ignoring.", value);
402 } else
403 arg_show_status = SHOW_STATUS_YES;
059cb385 404
1d84ad94
LP		 405 } else if (proc_cmdline_key_streq(key, "systemd.default_standard_output")) {
406
407 if (proc_cmdline_value_missing(key, value))
408 return 0;
0a494f1f 409
059cb385 410 r = exec_output_from_string(value);
fb472900 411 if (r < 0)
059cb385 412 log_warning("Failed to parse default standard output switch %s. Ignoring.", value);
0a494f1f
LP		 413 else
414 arg_default_std_output = r;
0a494f1f 415
1d84ad94
LP		 416 } else if (proc_cmdline_key_streq(key, "systemd.default_standard_error")) {
417
418 if (proc_cmdline_value_missing(key, value))
419 return 0;
059cb385
LP		 420
421 r = exec_output_from_string(value);
fb472900 422 if (r < 0)
059cb385 423 log_warning("Failed to parse default standard error switch %s. Ignoring.", value);
0a494f1f
LP		 424 else
425 arg_default_std_error = r;
9e7c5357 426
1d84ad94
LP		 427 } else if (streq(key, "systemd.setenv")) {
428
429 if (proc_cmdline_value_missing(key, value))
430 return 0;
059cb385
LP		 431
432 if (env_assignment_is_valid(value)) {
e21fea24
KS		 433 char **env;
434
059cb385 435 env = strv_env_set(arg_default_environment, value);
1d84ad94
LP		 436 if (!env)
437 return log_oom();
438
439 arg_default_environment = env;
e21fea24 440 } else
059cb385 441 log_warning("Environment variable name '%s' is not valid. Ignoring.", value);
9e58ff9c 442
1d84ad94
LP		 443 } else if (proc_cmdline_key_streq(key, "systemd.machine_id")) {
444
445 if (proc_cmdline_value_missing(key, value))
446 return 0;
447
448 r = set_machine_id(value);
449 if (r < 0)
450 log_warning("MachineID '%s' is not valid. Ignoring.", value);
ee48dbd5 451
1d84ad94
LP		 452 } else if (proc_cmdline_key_streq(key, "systemd.default_timeout_start_sec")) {
453
454 if (proc_cmdline_value_missing(key, value))
455 return 0;
456
457 r = parse_sec(value, &arg_default_timeout_start_usec);
458 if (r < 0)
459 log_warning_errno(r, "Failed to parse default start timeout: %s, ignoring.", value);
460
461 if (arg_default_timeout_start_usec <= 0)
462 arg_default_timeout_start_usec = USEC_INFINITY;
ee48dbd5 463
059cb385 464 } else if (streq(key, "quiet") && !value) {
d7b15e0a 465
b6e2f329 466 if (arg_show_status == _SHOW_STATUS_UNSET)
d450b6f2 467 arg_show_status = SHOW_STATUS_AUTO;
059cb385
LP		 468
469 } else if (streq(key, "debug") && !value) {
d7b15e0a 470
1de1c9c3
LP		 471 /* Note that log_parse_environment() handles 'debug'
472 * too, and sets the log level to LOG_DEBUG. */
d7b15e0a 473
75f86906 474 if (detect_container() > 0)
b2103dcc 475 log_set_target(LOG_TARGET_CONSOLE);
059cb385 476
dcd61450 477 } else if (!value) {
e2c9a131 478 const char *target;
f170852a
LP		 479
480 /* SysV compatibility */
e2c9a131
EV		 481 target = runlevel_to_target(key);
482 if (target)
483 return free_and_strdup(&arg_default_unit, target);
f170852a
LP		 484 }
485
486 return 0;
487}
488
e8e581bf
ZJS		 489#define DEFINE_SETTER(name, func, descr) \
490 static int name(const char *unit, \
491 const char *filename, \
492 unsigned line, \
493 const char *section, \
71a61510 494 unsigned section_line, \
e8e581bf
ZJS		 495 const char *lvalue, \
496 int ltype, \
497 const char *rvalue, \
498 void *data, \
499 void *userdata) { \
500 \
501 int r; \
502 \
503 assert(filename); \
504 assert(lvalue); \
505 assert(rvalue); \
506 \
507 r = func(rvalue); \
508 if (r < 0) \
d1cefe0a
LP		 509 log_syntax(unit, LOG_ERR, filename, line, r, \
510 "Invalid " descr "'%s': %m", \
511 rvalue); \
e8e581bf
ZJS		 512 \
513 return 0; \
514 }
487393e9 515
e8e581bf
ZJS		 516DEFINE_SETTER(config_parse_level2, log_set_max_level_from_string, "log level")
517DEFINE_SETTER(config_parse_target, log_set_target_from_string, "target")
518DEFINE_SETTER(config_parse_color, log_show_color_from_string, "color" )
519DEFINE_SETTER(config_parse_location, log_show_location_from_string, "location")
487393e9 520
4d7213b2
LP		 521static int config_parse_cpu_affinity2(
522 const char *unit,
523 const char *filename,
524 unsigned line,
525 const char *section,
526 unsigned section_line,
527 const char *lvalue,
528 int ltype,
529 const char *rvalue,
530 void *data,
531 void *userdata) {
487393e9 532
4b40bc38 533 _cleanup_cpu_free_ cpu_set_t *c = NULL;
f5c72b73 534 int ncpus;
487393e9 535
765d143b 536 ncpus = parse_cpu_set_and_warn(rvalue, &c, unit, filename, line, lvalue);
f5c72b73
FB		 537 if (ncpus < 0)
538 return ncpus;
487393e9 539
f5c72b73 540 if (sched_setaffinity(0, CPU_ALLOC_SIZE(ncpus), c) < 0)
25f027c5 541 log_warning_errno(errno, "Failed to set CPU affinity: %m");
487393e9 542
487393e9
LP		 543 return 0;
544}
545
4d7213b2
LP		 546static int config_parse_show_status(
547 const char* unit,
548 const char *filename,
549 unsigned line,
550 const char *section,
551 unsigned section_line,
552 const char *lvalue,
553 int ltype,
554 const char *rvalue,
555 void *data,
556 void *userdata) {
557
558 int k;
559 ShowStatus *b = data;
560
561 assert(filename);
562 assert(lvalue);
563 assert(rvalue);
564 assert(data);
565
566 k = parse_show_status(rvalue, b);
567 if (k < 0) {
12ca818f 568 log_syntax(unit, LOG_ERR, filename, line, k, "Failed to parse show status setting, ignoring: %s", rvalue);
4d7213b2
LP		 569 return 0;
570 }
571
572 return 0;
573}
574
5db98187
LP		 575static int config_parse_output_restricted(
576 const char* unit,
577 const char *filename,
578 unsigned line,
579 const char *section,
580 unsigned section_line,
581 const char *lvalue,
582 int ltype,
583 const char *rvalue,
584 void *data,
585 void *userdata) {
586
587 ExecOutput t, *eo = data;
588
589 assert(filename);
590 assert(lvalue);
591 assert(rvalue);
592 assert(data);
593
594 t = exec_output_from_string(rvalue);
595 if (t < 0) {
596 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse output type, ignoring: %s", rvalue);
597 return 0;
598 }
599
600 if (IN_SET(t, EXEC_OUTPUT_SOCKET, EXEC_OUTPUT_NAMED_FD, EXEC_OUTPUT_FILE)) {
601 log_syntax(unit, LOG_ERR, filename, line, 0, "Standard output types socket, fd:, file: are not supported as defaults, ignoring: %s", rvalue);
602 return 0;
603 }
604
605 *eo = t;
606 return 0;
607}
608
b9e74c39
LP		 609static int config_parse_crash_chvt(
610 const char* unit,
611 const char *filename,
612 unsigned line,
613 const char *section,
614 unsigned section_line,
615 const char *lvalue,
616 int ltype,
617 const char *rvalue,
618 void *data,
619 void *userdata) {
620
621 int r;
622
623 assert(filename);
624 assert(lvalue);
625 assert(rvalue);
b9e74c39
LP		 626
627 r = parse_crash_chvt(rvalue);
628 if (r < 0) {
629 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CrashChangeVT= setting, ignoring: %s", rvalue);
630 return 0;
631 }
632
633 return 0;
634}
635
e8e581bf
ZJS		 636static int config_parse_join_controllers(const char *unit,
637 const char *filename,
638 unsigned line,
639 const char *section,
71a61510 640 unsigned section_line,
e8e581bf
ZJS		 641 const char *lvalue,
642 int ltype,
643 const char *rvalue,
644 void *data,
645 void *userdata) {
0c85a4f3 646
3875c85b 647 const char *whole_rvalue = rvalue;
0c85a4f3 648 unsigned n = 0;
0c85a4f3
LP		 649
650 assert(filename);
651 assert(lvalue);
652 assert(rvalue);
653
fe382237 654 arg_join_controllers = strv_free_free(arg_join_controllers);
0c85a4f3 655
d4ebeb4f
FB		 656 for (;;) {
657 _cleanup_free_ char *word = NULL;
658 char **l;
659 int r;
0c85a4f3 660
9a82ab95 661 r = extract_first_word(&rvalue, &word, NULL, EXTRACT_QUOTES);
3875c85b
FB		 662 if (r < 0) {
663 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid value for %s: %s", lvalue, whole_rvalue);
d4ebeb4f 664 return r;
3875c85b 665 }
d4ebeb4f
FB		 666 if (r == 0)
667 break;
0c85a4f3 668
d4ebeb4f 669 l = strv_split(word, ",");
1592ec21 670 if (!l)
aa8aeac0 671 return log_oom();
0c85a4f3
LP		 672 strv_uniq(l);
673
674 if (strv_length(l) <= 1) {
675 strv_free(l);
676 continue;
677 }
678
679 if (!arg_join_controllers) {
680 arg_join_controllers = new(char**, 2);
681 if (!arg_join_controllers) {
682 strv_free(l);
14212119 683 return log_oom();
0c85a4f3
LP		 684 }
685
686 arg_join_controllers[0] = l;
687 arg_join_controllers[1] = NULL;
688
689 n = 1;
690 } else {
691 char ***a;
692 char ***t;
693
694 t = new0(char**, n+2);
695 if (!t) {
696 strv_free(l);
14212119 697 return log_oom();
0c85a4f3
LP		 698 }
699
700 n = 0;
701
702 for (a = arg_join_controllers; *a; a++) {
703
704 if (strv_overlap(*a, l)) {
e287086b 705 if (strv_extend_strv(&l, *a, false) < 0) {
0c85a4f3
LP		 706 strv_free(l);
707 strv_free_free(t);
14212119 708 return log_oom();
0c85a4f3
LP		 709 }
710
0c85a4f3
LP		 711 } else {
712 char **c;
713
714 c = strv_copy(*a);
715 if (!c) {
716 strv_free(l);
717 strv_free_free(t);
14212119 718 return log_oom();
0c85a4f3
LP		 719 }
720
721 t[n++] = c;
722 }
723 }
724
725 t[n++] = strv_uniq(l);
726
727 strv_free_free(arg_join_controllers);
728 arg_join_controllers = t;
729 }
730 }
d4ebeb4f 731 if (!isempty(rvalue))
12ca818f 732 log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
0c85a4f3
LP		 733
734 return 0;
735}
736
487393e9
LP		 737static int parse_config_file(void) {
738
f975e971 739 const ConfigTableItem items[] = {
d3b1c508
LP		 740 { "Manager", "LogLevel", config_parse_level2, 0, NULL },
741 { "Manager", "LogTarget", config_parse_target, 0, NULL },
742 { "Manager", "LogColor", config_parse_color, 0, NULL },
743 { "Manager", "LogLocation", config_parse_location, 0, NULL },
744 { "Manager", "DumpCore", config_parse_bool, 0, &arg_dump_core },
b9e74c39
LP		 745 { "Manager", "CrashChVT", /* legacy */ config_parse_crash_chvt, 0, NULL },
746 { "Manager", "CrashChangeVT", config_parse_crash_chvt, 0, NULL },
d3b1c508 747 { "Manager", "CrashShell", config_parse_bool, 0, &arg_crash_shell },
b9e74c39 748 { "Manager", "CrashReboot", config_parse_bool, 0, &arg_crash_reboot },
d3b1c508 749 { "Manager", "ShowStatus", config_parse_show_status, 0, &arg_show_status },
d3b1c508
LP		 750 { "Manager", "CPUAffinity", config_parse_cpu_affinity2, 0, NULL },
751 { "Manager", "JoinControllers", config_parse_join_controllers, 0, &arg_join_controllers },
752 { "Manager", "RuntimeWatchdogSec", config_parse_sec, 0, &arg_runtime_watchdog },
753 { "Manager", "ShutdownWatchdogSec", config_parse_sec, 0, &arg_shutdown_watchdog },
a103496c 754 { "Manager", "CapabilityBoundingSet", config_parse_capability_set, 0, &arg_capability_bounding_set },
349cc4a5 755#if HAVE_SECCOMP
d3b1c508 756 { "Manager", "SystemCallArchitectures", config_parse_syscall_archs, 0, &arg_syscall_archs },
89fffa27 757#endif
d3b1c508 758 { "Manager", "TimerSlackNSec", config_parse_nsec, 0, &arg_timer_slack_nsec },
bd8f585b 759 { "Manager", "DefaultTimerAccuracySec", config_parse_sec, 0, &arg_default_timer_accuracy_usec },
5db98187
LP		 760 { "Manager", "DefaultStandardOutput", config_parse_output_restricted,0, &arg_default_std_output },
761 { "Manager", "DefaultStandardError", config_parse_output_restricted,0, &arg_default_std_error },
d3b1c508
LP		 762 { "Manager", "DefaultTimeoutStartSec", config_parse_sec, 0, &arg_default_timeout_start_usec },
763 { "Manager", "DefaultTimeoutStopSec", config_parse_sec, 0, &arg_default_timeout_stop_usec },
764 { "Manager", "DefaultRestartSec", config_parse_sec, 0, &arg_default_restart_usec },
f0367da7
LP		 765 { "Manager", "DefaultStartLimitInterval", config_parse_sec, 0, &arg_default_start_limit_interval }, /* obsolete alias */
766 { "Manager", "DefaultStartLimitIntervalSec",config_parse_sec, 0, &arg_default_start_limit_interval },
d3b1c508
LP		 767 { "Manager", "DefaultStartLimitBurst", config_parse_unsigned, 0, &arg_default_start_limit_burst },
768 { "Manager", "DefaultEnvironment", config_parse_environ, 0, &arg_default_environment },
d0a7c5f6
LP		 769 { "Manager", "DefaultLimitCPU", config_parse_limit, RLIMIT_CPU, arg_default_rlimit },
770 { "Manager", "DefaultLimitFSIZE", config_parse_limit, RLIMIT_FSIZE, arg_default_rlimit },
771 { "Manager", "DefaultLimitDATA", config_parse_limit, RLIMIT_DATA, arg_default_rlimit },
772 { "Manager", "DefaultLimitSTACK", config_parse_limit, RLIMIT_STACK, arg_default_rlimit },
773 { "Manager", "DefaultLimitCORE", config_parse_limit, RLIMIT_CORE, arg_default_rlimit },
774 { "Manager", "DefaultLimitRSS", config_parse_limit, RLIMIT_RSS, arg_default_rlimit },
775 { "Manager", "DefaultLimitNOFILE", config_parse_limit, RLIMIT_NOFILE, arg_default_rlimit },
776 { "Manager", "DefaultLimitAS", config_parse_limit, RLIMIT_AS, arg_default_rlimit },
777 { "Manager", "DefaultLimitNPROC", config_parse_limit, RLIMIT_NPROC, arg_default_rlimit },
778 { "Manager", "DefaultLimitMEMLOCK", config_parse_limit, RLIMIT_MEMLOCK, arg_default_rlimit },
779 { "Manager", "DefaultLimitLOCKS", config_parse_limit, RLIMIT_LOCKS, arg_default_rlimit },
780 { "Manager", "DefaultLimitSIGPENDING", config_parse_limit, RLIMIT_SIGPENDING, arg_default_rlimit },
781 { "Manager", "DefaultLimitMSGQUEUE", config_parse_limit, RLIMIT_MSGQUEUE, arg_default_rlimit },
782 { "Manager", "DefaultLimitNICE", config_parse_limit, RLIMIT_NICE, arg_default_rlimit },
783 { "Manager", "DefaultLimitRTPRIO", config_parse_limit, RLIMIT_RTPRIO, arg_default_rlimit },
784 { "Manager", "DefaultLimitRTTIME", config_parse_limit, RLIMIT_RTTIME, arg_default_rlimit },
085afe36 785 { "Manager", "DefaultCPUAccounting", config_parse_bool, 0, &arg_default_cpu_accounting },
13c31542 786 { "Manager", "DefaultIOAccounting", config_parse_bool, 0, &arg_default_io_accounting },
377bfd2d 787 { "Manager", "DefaultIPAccounting", config_parse_bool, 0, &arg_default_ip_accounting },
085afe36
LP		 788 { "Manager", "DefaultBlockIOAccounting", config_parse_bool, 0, &arg_default_blockio_accounting },
789 { "Manager", "DefaultMemoryAccounting", config_parse_bool, 0, &arg_default_memory_accounting },
03a7b521 790 { "Manager", "DefaultTasksAccounting", config_parse_bool, 0, &arg_default_tasks_accounting },
0af20ea2 791 { "Manager", "DefaultTasksMax", config_parse_tasks_max, 0, &arg_default_tasks_max },
ae8c7939 792 { "Manager", "CtrlAltDelBurstAction", config_parse_emergency_action, 0, &arg_cad_burst_action },
d3b1c508 793 {}
487393e9
LP		 794 };
795
1b907b5c 796 const char *fn, *conf_dirs_nulstr;
487393e9 797
463d0d15 798 fn = arg_system ?
75eb6154
LP		 799 PKGSYSCONFDIR "/system.conf" :
800 PKGSYSCONFDIR "/user.conf";
801
463d0d15 802 conf_dirs_nulstr = arg_system ?
75eb6154
LP		 803 CONF_PATHS_NULSTR("systemd/system.conf.d") :
804 CONF_PATHS_NULSTR("systemd/user.conf.d");
805
bcde742e 806 (void) config_parse_many_nulstr(fn, conf_dirs_nulstr, "Manager\0", config_item_table_lookup, items, CONFIG_PARSE_WARN, NULL);
36c16a7c
LP		 807
808 /* Traditionally "0" was used to turn off the default unit timeouts. Fix this up so that we used USEC_INFINITY
809 * like everywhere else. */
810 if (arg_default_timeout_start_usec <= 0)
811 arg_default_timeout_start_usec = USEC_INFINITY;
812 if (arg_default_timeout_stop_usec <= 0)
813 arg_default_timeout_stop_usec = USEC_INFINITY;
487393e9 814
487393e9
LP		 815 return 0;
816}
817
85cb4151 818static void set_manager_defaults(Manager *m) {
06af2a04
TB		 819
820 assert(m);
821
822 m->default_timer_accuracy_usec = arg_default_timer_accuracy_usec;
823 m->default_std_output = arg_default_std_output;
824 m->default_std_error = arg_default_std_error;
825 m->default_timeout_start_usec = arg_default_timeout_start_usec;
826 m->default_timeout_stop_usec = arg_default_timeout_stop_usec;
827 m->default_restart_usec = arg_default_restart_usec;
828 m->default_start_limit_interval = arg_default_start_limit_interval;
829 m->default_start_limit_burst = arg_default_start_limit_burst;
830 m->default_cpu_accounting = arg_default_cpu_accounting;
13c31542 831 m->default_io_accounting = arg_default_io_accounting;
377bfd2d 832 m->default_ip_accounting = arg_default_ip_accounting;
06af2a04
TB		 833 m->default_blockio_accounting = arg_default_blockio_accounting;
834 m->default_memory_accounting = arg_default_memory_accounting;
03a7b521 835 m->default_tasks_accounting = arg_default_tasks_accounting;
0af20ea2 836 m->default_tasks_max = arg_default_tasks_max;
06af2a04
TB		 837
838 manager_set_default_rlimits(m, arg_default_rlimit);
839 manager_environment_add(m, NULL, arg_default_environment);
840}
841
7b46fc6a
LP		 842static void set_manager_settings(Manager *m) {
843
844 assert(m);
845
846 m->confirm_spawn = arg_confirm_spawn;
847 m->runtime_watchdog = arg_runtime_watchdog;
848 m->shutdown_watchdog = arg_shutdown_watchdog;
849 m->cad_burst_action = arg_cad_burst_action;
850
851 manager_set_show_status(m, arg_show_status);
852}
853
f170852a
LP		 854static int parse_argv(int argc, char *argv[]) {
855
856 enum {
857 ARG_LOG_LEVEL = 0x100,
858 ARG_LOG_TARGET,
bbe63281
LP		 859 ARG_LOG_COLOR,
860 ARG_LOG_LOCATION,
2f198e2f 861 ARG_UNIT,
edb9aaa8 862 ARG_SYSTEM,
af2d49f7 863 ARG_USER,
e537352b 864 ARG_TEST,
b87c2aa6 865 ARG_NO_PAGER,
9ba0bc4e 866 ARG_VERSION,
80876c20 867 ARG_DUMP_CONFIGURATION_ITEMS,
9e58ff9c 868 ARG_DUMP_CORE,
b9e74c39 869 ARG_CRASH_CHVT,
9e58ff9c 870 ARG_CRASH_SHELL,
b9e74c39 871 ARG_CRASH_REBOOT,
a16e1123 872 ARG_CONFIRM_SPAWN,
9e58ff9c 873 ARG_SHOW_STATUS,
4288f619 874 ARG_DESERIALIZE,
2660882b 875 ARG_SWITCHED_ROOT,
0a494f1f 876 ARG_DEFAULT_STD_OUTPUT,
ee48dbd5
NC		 877 ARG_DEFAULT_STD_ERROR,
878 ARG_MACHINE_ID
f170852a
LP		 879 };
880
881 static const struct option options[] = {
a16e1123
LP		 882 { "log-level", required_argument, NULL, ARG_LOG_LEVEL },
883 { "log-target", required_argument, NULL, ARG_LOG_TARGET },
bbe63281
LP		 884 { "log-color", optional_argument, NULL, ARG_LOG_COLOR },
885 { "log-location", optional_argument, NULL, ARG_LOG_LOCATION },
2f198e2f 886 { "unit", required_argument, NULL, ARG_UNIT },
edb9aaa8 887 { "system", no_argument, NULL, ARG_SYSTEM },
af2d49f7 888 { "user", no_argument, NULL, ARG_USER },
a16e1123 889 { "test", no_argument, NULL, ARG_TEST },
b87c2aa6 890 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
a16e1123 891 { "help", no_argument, NULL, 'h' },
9ba0bc4e 892 { "version", no_argument, NULL, ARG_VERSION },
a16e1123 893 { "dump-configuration-items", no_argument, NULL, ARG_DUMP_CONFIGURATION_ITEMS },
a5d87bf0 894 { "dump-core", optional_argument, NULL, ARG_DUMP_CORE },
b9e74c39 895 { "crash-chvt", required_argument, NULL, ARG_CRASH_CHVT },
a5d87bf0 896 { "crash-shell", optional_argument, NULL, ARG_CRASH_SHELL },
b9e74c39 897 { "crash-reboot", optional_argument, NULL, ARG_CRASH_REBOOT },
a5d87bf0 898 { "confirm-spawn", optional_argument, NULL, ARG_CONFIRM_SPAWN },
6e98720f 899 { "show-status", optional_argument, NULL, ARG_SHOW_STATUS },
a16e1123 900 { "deserialize", required_argument, NULL, ARG_DESERIALIZE },
2660882b 901 { "switched-root", no_argument, NULL, ARG_SWITCHED_ROOT },
0a494f1f
LP		 902 { "default-standard-output", required_argument, NULL, ARG_DEFAULT_STD_OUTPUT, },
903 { "default-standard-error", required_argument, NULL, ARG_DEFAULT_STD_ERROR, },
ee48dbd5 904 { "machine-id", required_argument, NULL, ARG_MACHINE_ID },
fb472900 905 {}
f170852a
LP		 906 };
907
908 int c, r;
909
910 assert(argc >= 1);
911 assert(argv);
912
df0ff127 913 if (getpid_cached() == 1)
b770165a
LP		 914 opterr = 0;
915
099663ff 916 while ((c = getopt_long(argc, argv, "hDbsz:", options, NULL)) >= 0)
f170852a
LP		 917
918 switch (c) {
919
920 case ARG_LOG_LEVEL:
fb472900
ZJS		 921 r = log_set_max_level_from_string(optarg);
922 if (r < 0) {
f170852a
LP		 923 log_error("Failed to parse log level %s.", optarg);
924 return r;
925 }
926
927 break;
928
929 case ARG_LOG_TARGET:
fb472900
ZJS		 930 r = log_set_target_from_string(optarg);
931 if (r < 0) {
f170852a
LP		 932 log_error("Failed to parse log target %s.", optarg);
933 return r;
934 }
935
936 break;
937
bbe63281
LP		 938 case ARG_LOG_COLOR:
939
d0b170c8 940 if (optarg) {
fb472900
ZJS		 941 r = log_show_color_from_string(optarg);
942 if (r < 0) {
d0b170c8
LP		 943 log_error("Failed to parse log color setting %s.", optarg);
944 return r;
945 }
946 } else
947 log_show_color(true);
bbe63281
LP		 948
949 break;
950
951 case ARG_LOG_LOCATION:
d0b170c8 952 if (optarg) {
fb472900
ZJS		 953 r = log_show_location_from_string(optarg);
954 if (r < 0) {
d0b170c8
LP		 955 log_error("Failed to parse log location setting %s.", optarg);
956 return r;
957 }
958 } else
959 log_show_location(true);
bbe63281
LP		 960
961 break;
962
0a494f1f 963 case ARG_DEFAULT_STD_OUTPUT:
fb472900
ZJS		 964 r = exec_output_from_string(optarg);
965 if (r < 0) {
0a494f1f
LP		 966 log_error("Failed to parse default standard output setting %s.", optarg);
967 return r;
968 } else
969 arg_default_std_output = r;
970 break;
971
972 case ARG_DEFAULT_STD_ERROR:
fb472900
ZJS		 973 r = exec_output_from_string(optarg);
974 if (r < 0) {
0a494f1f
LP		 975 log_error("Failed to parse default standard error output setting %s.", optarg);
976 return r;
977 } else
978 arg_default_std_error = r;
979 break;
980
2f198e2f 981 case ARG_UNIT:
e6e242ad 982 r = free_and_strdup(&arg_default_unit, optarg);
23bbb0de
MS		 983 if (r < 0)
984 return log_error_errno(r, "Failed to set default unit %s: %m", optarg);
f170852a
LP		 985
986 break;
987
edb9aaa8 988 case ARG_SYSTEM:
463d0d15 989 arg_system = true;
edb9aaa8 990 break;
a5dab5ce 991
af2d49f7 992 case ARG_USER:
463d0d15 993 arg_system = false;
a5dab5ce 994 break;
a5dab5ce 995
e965d56d 996 case ARG_TEST:
fa0f4d8a 997 arg_action = ACTION_TEST;
b87c2aa6
ZJS		 998 break;
999
1000 case ARG_NO_PAGER:
1001 arg_no_pager = true;
e965d56d
LP		 1002 break;
1003
9ba0bc4e
ZJS		 1004 case ARG_VERSION:
1005 arg_action = ACTION_VERSION;
1006 break;
1007
e537352b 1008 case ARG_DUMP_CONFIGURATION_ITEMS:
fa0f4d8a 1009 arg_action = ACTION_DUMP_CONFIGURATION_ITEMS;
e537352b
LP		 1010 break;
1011
9e58ff9c 1012 case ARG_DUMP_CORE:
b9e74c39
LP		 1013 if (!optarg)
1014 arg_dump_core = true;
1015 else {
1016 r = parse_boolean(optarg);
1017 if (r < 0)
1018 return log_error_errno(r, "Failed to parse dump core boolean: %s", optarg);
1019 arg_dump_core = r;
a5d87bf0 1020 }
b9e74c39
LP		 1021 break;
1022
1023 case ARG_CRASH_CHVT:
1024 r = parse_crash_chvt(optarg);
1025 if (r < 0)
1026 return log_error_errno(r, "Failed to parse crash virtual terminal index: %s", optarg);
9e58ff9c
LP		 1027 break;
1028
1029 case ARG_CRASH_SHELL:
b9e74c39
LP		 1030 if (!optarg)
1031 arg_crash_shell = true;
1032 else {
1033 r = parse_boolean(optarg);
1034 if (r < 0)
1035 return log_error_errno(r, "Failed to parse crash shell boolean: %s", optarg);
1036 arg_crash_shell = r;
1037 }
1038 break;
1039
1040 case ARG_CRASH_REBOOT:
1041 if (!optarg)
1042 arg_crash_reboot = true;
1043 else {
1044 r = parse_boolean(optarg);
1045 if (r < 0)
1046 return log_error_errno(r, "Failed to parse crash shell boolean: %s", optarg);
1047 arg_crash_reboot = r;
a5d87bf0 1048 }
9e58ff9c
LP		 1049 break;
1050
80876c20 1051 case ARG_CONFIRM_SPAWN:
7d5ceb64
FB		 1052 arg_confirm_spawn = mfree(arg_confirm_spawn);
1053
1054 r = parse_confirm_spawn(optarg, &arg_confirm_spawn);
1055 if (r < 0)
1056 return log_error_errno(r, "Failed to parse confirm spawn option: %m");
80876c20
LP		 1057 break;
1058
9e58ff9c 1059 case ARG_SHOW_STATUS:
d450b6f2
ZJS		 1060 if (optarg) {
1061 r = parse_show_status(optarg, &arg_show_status);
1062 if (r < 0) {
1063 log_error("Failed to parse show status boolean %s.", optarg);
1064 return r;
1065 }
1066 } else
1067 arg_show_status = SHOW_STATUS_YES;
6e98720f 1068 break;
a5d87bf0 1069
a16e1123
LP		 1070 case ARG_DESERIALIZE: {
1071 int fd;
1072 FILE *f;
1073
01e10de3
LP		 1074 r = safe_atoi(optarg, &fd);
1075 if (r < 0 || fd < 0) {
a16e1123 1076 log_error("Failed to parse deserialize option %s.", optarg);
b9e74c39 1077 return -EINVAL;
a16e1123
LP		 1078 }
1079
b9e74c39 1080 (void) fd_cloexec(fd, true);
01e10de3
LP		 1081
1082 f = fdopen(fd, "r");
4a62c710
MS		 1083 if (!f)
1084 return log_error_errno(errno, "Failed to open serialization fd: %m");
a16e1123 1085
74ca738f 1086 safe_fclose(arg_serialization);
d3b1c508 1087 arg_serialization = f;
a16e1123
LP		 1088
1089 break;
1090 }
1091
2660882b 1092 case ARG_SWITCHED_ROOT:
bf4df7c3 1093 arg_switched_root = true;
d03bc1b8
HH		 1094 break;
1095
ee48dbd5
NC		 1096 case ARG_MACHINE_ID:
1097 r = set_machine_id(optarg);
54500613
LP		 1098 if (r < 0)
1099 return log_error_errno(r, "MachineID '%s' is not valid.", optarg);
ee48dbd5
NC		 1100 break;
1101
f170852a 1102 case 'h':
fa0f4d8a 1103 arg_action = ACTION_HELP;
f170852a
LP		 1104 break;
1105
1d2e23ab
LP		 1106 case 'D':
1107 log_set_max_level(LOG_DEBUG);
1108 break;
1109
099663ff
LP		 1110 case 'b':
1111 case 's':
1112 case 'z':
1113 /* Just to eat away the sysvinit kernel
1114 * cmdline args without getopt() error
1115 * messages that we'll parse in
1116 * parse_proc_cmdline_word() or ignore. */
f170852a 1117
099663ff 1118 case '?':
df0ff127 1119 if (getpid_cached() != 1)
099663ff 1120 return -EINVAL;
601185b4
ZJS		 1121 else
1122 return 0;
099663ff 1123
601185b4
ZJS		 1124 default:
1125 assert_not_reached("Unhandled option code.");
f170852a
LP		 1126 }
1127
df0ff127 1128 if (optind < argc && getpid_cached() != 1) {
d821e6d6
LP		 1129 /* Hmm, when we aren't run as init system
1130 * let's complain about excess arguments */
1131
1132 log_error("Excess arguments.");
1133 return -EINVAL;
1134 }
1135
f170852a
LP		 1136 return 0;
1137}
1138
1139static int help(void) {
1140
2e33c433 1141 printf("%s [OPTIONS...]\n\n"
af2d49f7 1142 "Starts up and maintains the system or user services.\n\n"
e537352b 1143 " -h --help Show this help\n"
cb4069d9 1144 " --version Show version\n"
e537352b 1145 " --test Determine startup sequence, dump it and exit\n"
b87c2aa6 1146 " --no-pager Do not pipe output into a pager\n"
80876c20 1147 " --dump-configuration-items Dump understood unit configuration items\n"
9e58ff9c 1148 " --unit=UNIT Set default unit\n"
edb9aaa8 1149 " --system Run a system instance, even if PID != 1\n"
af2d49f7 1150 " --user Run a user instance\n"
b9e74c39
LP		 1151 " --dump-core[=BOOL] Dump core on crash\n"
1152 " --crash-vt=NR Change to specified VT on crash\n"
1153 " --crash-reboot[=BOOL] Reboot on crash\n"
1154 " --crash-shell[=BOOL] Run shell on crash\n"
1155 " --confirm-spawn[=BOOL] Ask for confirmation when spawning processes\n"
1156 " --show-status[=BOOL] Show status updates on the console during bootup\n"
c1dc6153 1157 " --log-target=TARGET Set log target (console, journal, kmsg, journal-or-kmsg, null)\n"
9e58ff9c 1158 " --log-level=LEVEL Set log level (debug, info, notice, warning, err, crit, alert, emerg)\n"
b9e74c39
LP		 1159 " --log-color[=BOOL] Highlight important log messages\n"
1160 " --log-location[=BOOL] Include code location in log messages\n"
0a494f1f
LP		 1161 " --default-standard-output= Set default standard output for services\n"
1162 " --default-standard-error= Set default standard error output for services\n",
5b6319dc 1163 program_invocation_short_name);
f170852a
LP		 1164
1165 return 0;
1166}
1167
b3680f49 1168static int prepare_reexecute(Manager *m, FILE **_f, FDSet **_fds, bool switching_root) {
48b90859
LP		 1169 _cleanup_fdset_free_ FDSet *fds = NULL;
1170 _cleanup_fclose_ FILE *f = NULL;
a16e1123
LP		 1171 int r;
1172
1173 assert(m);
1174 assert(_f);
1175 assert(_fds);
1176
6b78f9b4 1177 r = manager_open_serialization(m, &f);
48b90859
LP		 1178 if (r < 0)
1179 return log_error_errno(r, "Failed to create serialization file: %m");
a16e1123 1180
71445ae7 1181 /* Make sure nothing is really destructed when we shut down */
313cefa1 1182 m->n_reloading++;
718db961 1183 bus_manager_send_reloading(m, true);
71445ae7 1184
6b78f9b4 1185 fds = fdset_new();
48b90859
LP		 1186 if (!fds)
1187 return log_oom();
a16e1123 1188
b3680f49 1189 r = manager_serialize(m, f, fds, switching_root);
48b90859
LP		 1190 if (r < 0)
1191 return log_error_errno(r, "Failed to serialize state: %m");
a16e1123 1192
48b90859
LP		 1193 if (fseeko(f, 0, SEEK_SET) == (off_t) -1)
1194 return log_error_errno(errno, "Failed to rewind serialization fd: %m");
a16e1123 1195
6b78f9b4 1196 r = fd_cloexec(fileno(f), false);
48b90859
LP		 1197 if (r < 0)
1198 return log_error_errno(r, "Failed to disable O_CLOEXEC for serialization: %m");
a16e1123 1199
6b78f9b4 1200 r = fdset_cloexec(fds, false);
48b90859
LP		 1201 if (r < 0)
1202 return log_error_errno(r, "Failed to disable O_CLOEXEC for serialization fds: %m");
a16e1123
LP		 1203
1204 *_f = f;
1205 *_fds = fds;
1206
48b90859
LP		 1207 f = NULL;
1208 fds = NULL;
a16e1123 1209
48b90859 1210 return 0;
a16e1123
LP		 1211}
1212
4096d6f5
LP		 1213static int bump_rlimit_nofile(struct rlimit *saved_rlimit) {
1214 struct rlimit nl;
1215 int r;
6385cb31
CB		 1216 int min_max;
1217 _cleanup_free_ char *nr_open = NULL;
4096d6f5
LP		 1218
1219 assert(saved_rlimit);
1220
1221 /* Save the original RLIMIT_NOFILE so that we can reset it
1222 * later when transitioning from the initrd to the main
1223 * systemd or suchlike. */
4a62c710 1224 if (getrlimit(RLIMIT_NOFILE, saved_rlimit) < 0)
3ce40911 1225 return log_warning_errno(errno, "Reading RLIMIT_NOFILE failed, ignoring: %m");
4096d6f5
LP		 1226
1227 /* Make sure forked processes get the default kernel setting */
1228 if (!arg_default_rlimit[RLIMIT_NOFILE]) {
1229 struct rlimit *rl;
1230
1231 rl = newdup(struct rlimit, saved_rlimit, 1);
1232 if (!rl)
1233 return log_oom();
1234
1235 arg_default_rlimit[RLIMIT_NOFILE] = rl;
1236 }
1237
6385cb31
CB		 1238 /* Get current RLIMIT_NOFILE maximum compiled into the kernel. */
1239 r = read_one_line_file("/proc/sys/fs/nr_open", &nr_open);
d387cfdd 1240 if (r >= 0)
6385cb31
CB		 1241 r = safe_atoi(nr_open, &min_max);
1242 /* If we fail, fallback to the hard-coded kernel limit of 1024 * 1024. */
1243 if (r < 0)
1244 min_max = 1024 * 1024;
1245
4096d6f5 1246 /* Bump up the resource limit for ourselves substantially */
6385cb31 1247 nl.rlim_cur = nl.rlim_max = min_max;
4096d6f5 1248 r = setrlimit_closest(RLIMIT_NOFILE, &nl);
23bbb0de 1249 if (r < 0)
3ce40911 1250 return log_warning_errno(r, "Setting RLIMIT_NOFILE failed, ignoring: %m");
4096d6f5
LP		 1251
1252 return 0;
1253}
1254
fb3ae275
LP		 1255static int bump_rlimit_memlock(struct rlimit *saved_rlimit) {
1256 int r;
1257
1258 assert(saved_rlimit);
1259 assert(getuid() == 0);
1260
1261 /* BPF_MAP_TYPE_LPM_TRIE bpf maps are charged against RLIMIT_MEMLOCK, even though we have CAP_IPC_LOCK which
1262 * should normally disable such checks. We need them to implement IPAccessAllow= and IPAccessDeny=, hence let's
1263 * bump the value high enough for the root user. */
1264
1265 if (getrlimit(RLIMIT_MEMLOCK, saved_rlimit) < 0)
1266 return log_warning_errno(errno, "Reading RLIMIT_MEMLOCK failed, ignoring: %m");
1267
1268 r = setrlimit_closest(RLIMIT_MEMLOCK, &RLIMIT_MAKE_CONST(1024ULL*1024ULL*16ULL));
1269 if (r < 0)
1270 return log_warning_errno(r, "Setting RLIMIT_MEMLOCK failed, ignoring: %m");
1271
1272 return 0;
1273}
1274
80758717 1275static void test_usr(void) {
80758717 1276
ed1c99fc 1277 /* Check that /usr is not a separate fs */
80758717 1278
871c44a7
LP		 1279 if (dir_is_empty("/usr") <= 0)
1280 return;
1281
8b173b5e 1282 log_warning("/usr appears to be on its own filesystem and is not already mounted. This is not a supported setup. "
871c44a7
LP		 1283 "Some things will probably break (sometimes even silently) in mysterious ways. "
1284 "Consult http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken for more information.");
1285}
1286
a07fdfa3
LP		 1287static int initialize_join_controllers(void) {
1288 /* By default, mount "cpu" + "cpuacct" together, and "net_cls"
1289 * + "net_prio". We'd like to add "cpuset" to the mix, but
f131770b 1290 * "cpuset" doesn't really work for groups with no initialized
a07fdfa3
LP		 1291 * attributes. */
1292
1293 arg_join_controllers = new(char**, 3);
1294 if (!arg_join_controllers)
1295 return -ENOMEM;
1296
1297 arg_join_controllers[0] = strv_new("cpu", "cpuacct", NULL);
fe382237
LP		 1298 if (!arg_join_controllers[0])
1299 goto oom;
a6b26d90 1300
fe382237
LP		 1301 arg_join_controllers[1] = strv_new("net_cls", "net_prio", NULL);
1302 if (!arg_join_controllers[1])
1303 goto oom;
a07fdfa3 1304
fe382237 1305 arg_join_controllers[2] = NULL;
a07fdfa3 1306 return 0;
fe382237
LP		 1307
1308oom:
1309 arg_join_controllers = strv_free_free(arg_join_controllers);
1310 return -ENOMEM;
a07fdfa3
LP		 1311}
1312
d3b1c508 1313static int enforce_syscall_archs(Set *archs) {
349cc4a5 1314#if HAVE_SECCOMP
d3b1c508
LP		 1315 int r;
1316
83f12b27
FS		 1317 if (!is_seccomp_available())
1318 return 0;
1319
469830d1 1320 r = seccomp_restrict_archs(arg_syscall_archs);
d3b1c508 1321 if (r < 0)
469830d1 1322 return log_error_errno(r, "Failed to enforce system call architecture restrication: %m");
d3b1c508 1323#endif
469830d1 1324 return 0;
d3b1c508
LP		 1325}
1326
b6e2f329
LP		 1327static int status_welcome(void) {
1328 _cleanup_free_ char *pretty_name = NULL, *ansi_color = NULL;
1329 int r;
1330
1331 r = parse_env_file("/etc/os-release", NEWLINE,
1332 "PRETTY_NAME", &pretty_name,
1333 "ANSI_COLOR", &ansi_color,
1334 NULL);
ece174c5 1335 if (r == -ENOENT)
5ae4d543
LP		 1336 r = parse_env_file("/usr/lib/os-release", NEWLINE,
1337 "PRETTY_NAME", &pretty_name,
1338 "ANSI_COLOR", &ansi_color,
1339 NULL);
b6e2f329
LP		 1340
1341 if (r < 0 && r != -ENOENT)
da927ba9 1342 log_warning_errno(r, "Failed to read os-release file: %m");
b6e2f329 1343
dc9b5816
ZJS		 1344 if (log_get_show_color())
1345 return status_printf(NULL, false, false,
1346 "\nWelcome to \x1B[%sm%s\x1B[0m!\n",
1347 isempty(ansi_color) ? "1" : ansi_color,
1348 isempty(pretty_name) ? "Linux" : pretty_name);
1349 else
1350 return status_printf(NULL, false, false,
1351 "\nWelcome to %s!\n",
1352 isempty(pretty_name) ? "Linux" : pretty_name);
b6e2f329
LP		 1353}
1354
fdd25311
LP		 1355static int write_container_id(void) {
1356 const char *c;
19854865 1357 int r;
fdd25311
LP		 1358
1359 c = getenv("container");
1360 if (isempty(c))
1361 return 0;
1362
8612da97
LP		 1363 RUN_WITH_UMASK(0022)
1364 r = write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE);
19854865 1365 if (r < 0)
f1f849b0 1366 return log_warning_errno(r, "Failed to write /run/systemd/container, ignoring: %m");
19854865
LP		 1367
1368 return 1;
1369}
1370
1371static int bump_unix_max_dgram_qlen(void) {
1372 _cleanup_free_ char *qlen = NULL;
1373 unsigned long v;
1374 int r;
1375
1376 /* Let's bump the net.unix.max_dgram_qlen sysctl. The kernel
1377 * default of 16 is simply too low. We set the value really
1378 * really early during boot, so that it is actually applied to
1379 * all our sockets, including the $NOTIFY_SOCKET one. */
1380
1381 r = read_one_line_file("/proc/sys/net/unix/max_dgram_qlen", &qlen);
1382 if (r < 0)
1383 return log_warning_errno(r, "Failed to read AF_UNIX datagram queue length, ignoring: %m");
1384
1385 r = safe_atolu(qlen, &v);
1386 if (r < 0)
1387 return log_warning_errno(r, "Failed to parse AF_UNIX datagram queue length, ignoring: %m");
1388
1389 if (v >= DEFAULT_UNIX_MAX_DGRAM_QLEN)
1390 return 0;
1391
1392 qlen = mfree(qlen);
1393 if (asprintf(&qlen, "%lu\n", DEFAULT_UNIX_MAX_DGRAM_QLEN) < 0)
1394 return log_oom();
1395
1396 r = write_string_file("/proc/sys/net/unix/max_dgram_qlen", qlen, 0);
1397 if (r < 0)
1398 return log_full_errno(IN_SET(r, -EROFS, -EPERM, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
1399 "Failed to bump AF_UNIX datagram queue length, ignoring: %m");
1400
1401 return 1;
fdd25311
LP		 1402}
1403
32391275
FB		 1404static int fixup_environment(void) {
1405 _cleanup_free_ char *term = NULL;
1406 int r;
1407
84af7821
LP		 1408 /* We expect the environment to be set correctly
1409 * if run inside a container. */
1410 if (detect_container() > 0)
1411 return 0;
1412
32391275
FB		 1413 /* When started as PID1, the kernel uses /dev/console
1414 * for our stdios and uses TERM=linux whatever the
1415 * backend device used by the console. We try to make
1416 * a better guess here since some consoles might not
1417 * have support for color mode for example.
1418 *
1419 * However if TERM was configured through the kernel
1420 * command line then leave it alone. */
1421
1d84ad94 1422 r = proc_cmdline_get_key("TERM", 0, &term);
32391275
FB		 1423 if (r < 0)
1424 return r;
32391275 1425 if (r == 0) {
6af760f3 1426 term = strdup(default_term_for_tty("/dev/console"));
32391275 1427 if (!term)
84af7821 1428 return -ENOMEM;
32391275
FB		 1429 }
1430
1431 if (setenv("TERM", term, 1) < 0)
1432 return -errno;
1433
1434 return 0;
1435}
1436
6808a0bc
LP		 1437static void redirect_telinit(int argc, char *argv[]) {
1438
1439 /* This is compatibility support for SysV, where calling init as a user is identical to telinit. */
1440
1441#if HAVE_SYSV_COMPAT
1442 if (getpid_cached() == 1)
1443 return;
1444
1445 if (!strstr(program_invocation_short_name, "init"))
1446 return;
1447
1448 execv(SYSTEMCTL_BINARY_PATH, argv);
1449 log_error_errno(errno, "Failed to exec " SYSTEMCTL_BINARY_PATH ": %m");
1450 exit(1);
1451#endif
1452}
1453
4a36297c
LP		 1454static int become_shutdown(
1455 const char *shutdown_verb,
7eb35049 1456 int retval) {
4a36297c
LP		 1457
1458 char log_level[DECIMAL_STR_MAX(int) + 1],
1459 exit_code[DECIMAL_STR_MAX(uint8_t) + 1];
1460
1461 const char* command_line[11] = {
1462 SYSTEMD_SHUTDOWN_BINARY_PATH,
1463 shutdown_verb,
1464 "--log-level", log_level,
1465 "--log-target",
1466 };
1467
1468 _cleanup_strv_free_ char **env_block = NULL;
1469 size_t pos = 5;
1470 int r;
1471
7eb35049 1472 assert(shutdown_verb);
4a36297c
LP		 1473 assert(command_line[pos] == NULL);
1474 env_block = strv_copy(environ);
1475
1476 xsprintf(log_level, "%d", log_get_max_level());
1477
1478 switch (log_get_target()) {
1479
1480 case LOG_TARGET_KMSG:
1481 case LOG_TARGET_JOURNAL_OR_KMSG:
1482 case LOG_TARGET_SYSLOG_OR_KMSG:
1483 command_line[pos++] = "kmsg";
1484 break;
1485
1486 case LOG_TARGET_NULL:
1487 command_line[pos++] = "null";
1488 break;
1489
1490 case LOG_TARGET_CONSOLE:
1491 default:
1492 command_line[pos++] = "console";
1493 break;
1494 };
1495
1496 if (log_get_show_color())
1497 command_line[pos++] = "--log-color";
1498
1499 if (log_get_show_location())
1500 command_line[pos++] = "--log-location";
1501
1502 if (streq(shutdown_verb, "exit")) {
1503 command_line[pos++] = "--exit-code";
1504 command_line[pos++] = exit_code;
1505 xsprintf(exit_code, "%d", retval);
1506 }
1507
1508 assert(pos < ELEMENTSOF(command_line));
1509
7eb35049
LP		 1510 if (streq(shutdown_verb, "reboot") &&
1511 arg_shutdown_watchdog > 0 &&
1512 arg_shutdown_watchdog != USEC_INFINITY) {
1513
4a36297c
LP		 1514 char *e;
1515
1516 /* If we reboot let's set the shutdown
1517 * watchdog and tell the shutdown binary to
1518 * repeatedly ping it */
1519 r = watchdog_set_timeout(&arg_shutdown_watchdog);
1520 watchdog_close(r < 0);
1521
1522 /* Tell the binary how often to ping, ignore failure */
1523 if (asprintf(&e, "WATCHDOG_USEC="USEC_FMT, arg_shutdown_watchdog) > 0)
1524 (void) strv_push(&env_block, e);
1525 } else
1526 watchdog_close(true);
1527
1528 /* Avoid the creation of new processes forked by the
1529 * kernel; at this point, we will not listen to the
1530 * signals anyway */
1531 if (detect_container() <= 0)
1532 (void) cg_uninstall_release_agent(SYSTEMD_CGROUP_CONTROLLER);
1533
1534 execve(SYSTEMD_SHUTDOWN_BINARY_PATH, (char **) command_line, env_block);
1535 return -errno;
1536}
1537
e839bafd
LP		 1538static void initialize_clock(void) {
1539 int r;
1540
1541 if (clock_is_localtime(NULL) > 0) {
1542 int min;
1543
1544 /*
1545 * The very first call of settimeofday() also does a time warp in the kernel.
1546 *
1547 * In the rtc-in-local time mode, we set the kernel's timezone, and rely on external tools to take care
1548 * of maintaining the RTC and do all adjustments. This matches the behavior of Windows, which leaves
1549 * the RTC alone if the registry tells that the RTC runs in UTC.
1550 */
1551 r = clock_set_timezone(&min);
1552 if (r < 0)
1553 log_error_errno(r, "Failed to apply local time delta, ignoring: %m");
1554 else
1555 log_info("RTC configured in localtime, applying delta of %i minutes to system time.", min);
1556
1557 } else if (!in_initrd()) {
1558 /*
1559 * Do a dummy very first call to seal the kernel's time warp magic.
1560 *
1561 * Do not call this from inside the initrd. The initrd might not carry /etc/adjtime with LOCAL, but the
1562 * real system could be set up that way. In such case, we need to delay the time-warp or the sealing
1563 * until we reach the real system.
1564 *
1565 * Do no set the kernel's timezone. The concept of local time cannot be supported reliably, the time
1566 * will jump or be incorrect at every daylight saving time change. All kernel local time concepts will
1567 * be treated as UTC that way.
1568 */
1569 (void) clock_reset_timewarp();
1570 }
1571
1572 r = clock_apply_epoch();
1573 if (r < 0)
1574 log_error_errno(r, "Current system time is before build time, but cannot correct: %m");
1575 else if (r > 0)
1576 log_info("System time before build time, advancing clock.");
1577}
1578
1e41242e
LP		 1579static void initialize_coredump(bool skip_setup) {
1580
1581 if (getpid_cached() != 1)
1582 return;
1583
1584 /* Don't limit the core dump size, so that coredump handlers such as systemd-coredump (which honour the limit)
1585 * will process core dumps for system services by default. */
1586 if (setrlimit(RLIMIT_CORE, &RLIMIT_MAKE_CONST(RLIM_INFINITY)) < 0)
1587 log_warning_errno(errno, "Failed to set RLIMIT_CORE: %m");
1588
1589 /* But at the same time, turn off the core_pattern logic by default, so that no coredumps are stored
1590 * until the systemd-coredump tool is enabled via sysctl. */
1591 if (!skip_setup)
1592 (void) write_string_file("/proc/sys/kernel/core_pattern", "|/bin/false", 0);
1593}
1594
3c7878f9
LP		 1595static void do_reexecute(
1596 int argc,
1597 char *argv[],
1598 const struct rlimit *saved_rlimit_nofile,
1599 const struct rlimit *saved_rlimit_memlock,
1600 FDSet *fds,
1601 const char *switch_root_dir,
1602 const char *switch_root_init,
1603 const char **ret_error_message) {
1604
1605 unsigned i, j, args_size;
1606 const char **args;
1607 int r;
1608
1609 assert(saved_rlimit_nofile);
1610 assert(saved_rlimit_memlock);
1611 assert(ret_error_message);
1612
1613 /* Close and disarm the watchdog, so that the new instance can reinitialize it, but doesn't get rebooted while
1614 * we do that */
1615 watchdog_close(true);
1616
1617 /* Reset the RLIMIT_NOFILE to the kernel default, so that the new systemd can pass the kernel default to its
1618 * child processes */
1619
1620 if (saved_rlimit_nofile->rlim_cur > 0)
1621 (void) setrlimit(RLIMIT_NOFILE, saved_rlimit_nofile);
1622 if (saved_rlimit_memlock->rlim_cur != (rlim_t) -1)
1623 (void) setrlimit(RLIMIT_MEMLOCK, saved_rlimit_memlock);
1624
1625 if (switch_root_dir) {
1626 /* Kill all remaining processes from the initrd, but don't wait for them, so that we can handle the
1627 * SIGCHLD for them after deserializing. */
1628 broadcast_signal(SIGTERM, false, true);
1629
1630 /* And switch root with MS_MOVE, because we remove the old directory afterwards and detach it. */
1631 r = switch_root(switch_root_dir, "/mnt", true, MS_MOVE);
1632 if (r < 0)
1633 log_error_errno(r, "Failed to switch root, trying to continue: %m");
1634 }
1635
1636 args_size = MAX(6, argc+1);
1637 args = newa(const char*, args_size);
1638
1639 if (!switch_root_init) {
1640 char sfd[DECIMAL_STR_MAX(int) + 1];
1641
1642 /* First try to spawn ourselves with the right path, and with full serialization. We do this only if
1643 * the user didn't specify an explicit init to spawn. */
1644
1645 assert(arg_serialization);
1646 assert(fds);
1647
1648 xsprintf(sfd, "%i", fileno(arg_serialization));
1649
1650 i = 0;
1651 args[i++] = SYSTEMD_BINARY_PATH;
1652 if (switch_root_dir)
1653 args[i++] = "--switched-root";
1654 args[i++] = arg_system ? "--system" : "--user";
1655 args[i++] = "--deserialize";
1656 args[i++] = sfd;
1657 args[i++] = NULL;
1658
1659 assert(i <= args_size);
1660
1661 /*
1662 * We want valgrind to print its memory usage summary before reexecution. Valgrind won't do this is on
1663 * its own on exec(), but it will do it on exit(). Hence, to ensure we get a summary here, fork() off
1664 * a child, let it exit() cleanly, so that it prints the summary, and wait() for it in the parent,
1665 * before proceeding into the exec().
1666 */
1667 valgrind_summary_hack();
1668
1669 (void) execv(args[0], (char* const*) args);
1670 log_debug_errno(errno, "Failed to execute our own binary, trying fallback: %m");
1671 }
1672
1673 /* Try the fallback, if there is any, without any serialization. We pass the original argv[] and envp[]. (Well,
1674 * modulo the ordering changes due to getopt() in argv[], and some cleanups in envp[], but let's hope that
1675 * doesn't matter.) */
1676
1677 arg_serialization = safe_fclose(arg_serialization);
1678 fds = fdset_free(fds);
1679
1680 /* Reopen the console */
1681 (void) make_console_stdio();
1682
1683 for (j = 1, i = 1; j < (unsigned) argc; j++)
1684 args[i++] = argv[j];
1685 args[i++] = NULL;
1686 assert(i <= args_size);
1687
1688 /* Reenable any blocked signals, especially important if we switch from initial ramdisk to init=... */
1689 (void) reset_all_signal_handlers();
1690 (void) reset_signal_mask();
1691
1692 if (switch_root_init) {
1693 args[0] = switch_root_init;
1694 (void) execv(args[0], (char* const*) args);
1695 log_warning_errno(errno, "Failed to execute configured init, trying fallback: %m");
1696 }
1697
1698 args[0] = "/sbin/init";
1699 (void) execv(args[0], (char* const*) args);
1700 r = -errno;
1701
1702 manager_status_printf(NULL, STATUS_TYPE_EMERGENCY,
1703 ANSI_HIGHLIGHT_RED " !! " ANSI_NORMAL,
1704 "Failed to execute /sbin/init");
1705
1706 if (r == -ENOENT) {
1707 log_warning("No /sbin/init, trying fallback");
1708
1709 args[0] = "/bin/sh";
1710 args[1] = NULL;
1711 (void) execv(args[0], (char* const*) args);
1712 log_error_errno(errno, "Failed to execute /bin/sh, giving up: %m");
1713 } else
1714 log_warning_errno(r, "Failed to execute /sbin/init, giving up: %m");
1715
1716 *ret_error_message = "Failed to execute fallback shell";
1717}
1718
7eb35049
LP		 1719static int invoke_main_loop(
1720 Manager *m,
1721 bool *ret_reexecute,
1722 int *ret_retval, /* Return parameters relevant for shutting down */
1723 const char **ret_shutdown_verb, /* … */
1724 FDSet **ret_fds, /* Return parameters for reexecuting */
1725 char **ret_switch_root_dir, /* … */
1726 char **ret_switch_root_init, /* … */
1727 const char **ret_error_message) {
1728
1729 int r;
1730
1731 assert(m);
1732 assert(ret_reexecute);
1733 assert(ret_retval);
1734 assert(ret_shutdown_verb);
1735 assert(ret_fds);
1736 assert(ret_switch_root_dir);
1737 assert(ret_switch_root_init);
1738 assert(ret_error_message);
1739
1740 for (;;) {
1741 r = manager_loop(m);
1742 if (r < 0) {
1743 *ret_error_message = "Failed to run main loop";
1744 return log_emergency_errno(r, "Failed to run main loop: %m");
1745 }
1746
1747 switch (m->exit_code) {
1748
1749 case MANAGER_RELOAD:
1750 log_info("Reloading.");
1751
1752 r = parse_config_file();
1753 if (r < 0)
1754 log_warning_errno(r, "Failed to parse config file, ignoring: %m");
1755
1756 set_manager_defaults(m);
1757
1758 r = manager_reload(m);
1759 if (r < 0)
1760 log_warning_errno(r, "Failed to reload, ignoring: %m");
1761
1762 break;
1763
1764 case MANAGER_REEXECUTE:
1765
1766 r = prepare_reexecute(m, &arg_serialization, ret_fds, false);
1767 if (r < 0) {
1768 *ret_error_message = "Failed to prepare for reexecution";
1769 return r;
1770 }
1771
1772 log_notice("Reexecuting.");
1773
1774 *ret_reexecute = true;
1775 *ret_retval = EXIT_SUCCESS;
1776 *ret_shutdown_verb = NULL;
1777 *ret_switch_root_dir = *ret_switch_root_init = NULL;
1778
1779 return 0;
1780
1781 case MANAGER_SWITCH_ROOT:
1782 if (!m->switch_root_init) {
1783 r = prepare_reexecute(m, &arg_serialization, ret_fds, true);
1784 if (r < 0) {
1785 *ret_error_message = "Failed to prepare for reexecution";
1786 return r;
1787 }
1788 } else
1789 *ret_fds = NULL;
1790
1791 log_notice("Switching root.");
1792
1793 *ret_reexecute = true;
1794 *ret_retval = EXIT_SUCCESS;
1795 *ret_shutdown_verb = NULL;
1796
1797 /* Steal the switch root parameters */
1798 *ret_switch_root_dir = m->switch_root;
1799 *ret_switch_root_init = m->switch_root_init;
1800 m->switch_root = m->switch_root_init = NULL;
1801
1802 return 0;
1803
1804 case MANAGER_EXIT:
1805
1806 if (MANAGER_IS_USER(m)) {
1807 log_debug("Exit.");
1808
1809 *ret_reexecute = false;
1810 *ret_retval = m->return_value;
1811 *ret_shutdown_verb = NULL;
1812 *ret_fds = NULL;
1813 *ret_switch_root_dir = *ret_switch_root_init = NULL;
1814
1815 return 0;
1816 }
1817
1818 _fallthrough_;
1819 case MANAGER_REBOOT:
1820 case MANAGER_POWEROFF:
1821 case MANAGER_HALT:
1822 case MANAGER_KEXEC: {
1823 static const char * const table[_MANAGER_EXIT_CODE_MAX] = {
1824 [MANAGER_EXIT] = "exit",
1825 [MANAGER_REBOOT] = "reboot",
1826 [MANAGER_POWEROFF] = "poweroff",
1827 [MANAGER_HALT] = "halt",
1828 [MANAGER_KEXEC] = "kexec"
1829 };
1830
1831 log_notice("Shutting down.");
1832
1833 *ret_reexecute = false;
1834 *ret_retval = m->return_value;
1835 assert_se(*ret_shutdown_verb = table[m->exit_code]);
1836 *ret_fds = NULL;
1837 *ret_switch_root_dir = *ret_switch_root_init = NULL;
1838
1839 return 0;
1840 }
1841
1842 default:
1843 assert_not_reached("Unknown exit code.");
1844 }
1845 }
1846}
1847
60918275
LP		 1848int main(int argc, char *argv[]) {
1849 Manager *m = NULL;
22f4096c 1850 int r, retval = EXIT_FAILURE;
9d76d730
LP		 1851 usec_t before_startup, after_startup;
1852 char timespan[FORMAT_TIMESPAN_MAX];
a16e1123
LP		 1853 FDSet *fds = NULL;
1854 bool reexecute = false;
b9080b03 1855 const char *shutdown_verb = NULL;
86caf095
LP		 1856 dual_timestamp initrd_timestamp = DUAL_TIMESTAMP_NULL;
1857 dual_timestamp userspace_timestamp = DUAL_TIMESTAMP_NULL;
1858 dual_timestamp kernel_timestamp = DUAL_TIMESTAMP_NULL;
1859 dual_timestamp security_start_timestamp = DUAL_TIMESTAMP_NULL;
1860 dual_timestamp security_finish_timestamp = DUAL_TIMESTAMP_NULL;
5d6b1584 1861 static char systemd[] = "systemd";
2660882b 1862 bool skip_setup = false;
d3b1c508 1863 unsigned j;
0b3325e7 1864 bool loaded_policy = false;
bf4df7c3 1865 bool queue_default_job = false;
fd130612 1866 bool first_boot = false;
41669317 1867 char *switch_root_dir = NULL, *switch_root_init = NULL;
fb3ae275 1868 struct rlimit saved_rlimit_nofile = RLIMIT_MAKE_CONST(0), saved_rlimit_memlock = RLIMIT_MAKE_CONST((rlim_t) -1);
cb6531be 1869 const char *error_message = NULL;
27b14a22 1870
6808a0bc 1871 redirect_telinit(argc, argv);
2cb1a60d 1872
c3a170f3
HH		 1873 dual_timestamp_from_monotonic(&kernel_timestamp, 0);
1874 dual_timestamp_get(&userspace_timestamp);
1875
0b3325e7
LP		 1876 /* Determine if this is a reexecution or normal bootup. We do
1877 * the full command line parsing much later, so let's just
1878 * have a quick peek here. */
db813c2a
LP		 1879 if (strv_find(argv+1, "--deserialize"))
1880 skip_setup = true;
0b3325e7 1881
2660882b
LP		 1882 /* If we have switched root, do all the special setup
1883 * things */
db813c2a
LP		 1884 if (strv_find(argv+1, "--switched-root"))
1885 skip_setup = false;
d03bc1b8 1886
f3b6a3ed
LP		 1887 /* If we get started via the /sbin/init symlink then we are
1888 called 'init'. After a subsequent reexecution we are then
1889 called 'systemd'. That is confusing, hence let's call us
1890 systemd right-away. */
f3b6a3ed 1891 program_invocation_short_name = systemd;
eee8b7ab 1892 (void) prctl(PR_SET_NAME, systemd);
5d6b1584 1893
9a0e6896
LP		 1894 saved_argv = argv;
1895 saved_argc = argc;
f3b6a3ed 1896
c1dc6153 1897 log_set_upgrade_syslog_to_journal(true);
bbe63281 1898
df0ff127 1899 if (getpid_cached() == 1) {
48a601fe 1900 /* Disable the umask logic */
90dc8c2e
MG		 1901 umask(0);
1902
48a601fe
LP		 1903 /* Always reopen /dev/console when running as PID 1 or one of its pre-execve() children. This is
1904 * important so that we never end up logging to any foreign stderr, for example if we have to log in a
1905 * child process right before execve()'ing the actual binary, at a point in time where socket
1906 * activation stderr/stdout area already set up. */
1907 log_set_always_reopen_console(true);
1908 }
1909
df0ff127 1910 if (getpid_cached() == 1 && detect_container() <= 0) {
4f8d551f 1911
a866073d 1912 /* Running outside of a container as PID 1 */
463d0d15 1913 arg_system = true;
a866073d
LP		 1914 log_set_target(LOG_TARGET_KMSG);
1915 log_open();
1916
21bf2ab0 1917 if (in_initrd())
c3a170f3 1918 initrd_timestamp = userspace_timestamp;
c3ba6250 1919
2660882b 1920 if (!skip_setup) {
d723cd65
AK		 1921 r = mount_setup_early();
1922 if (r < 0) {
eee8b7ab 1923 error_message = "Failed to mount early API filesystems";
d723cd65
AK		 1924 goto finish;
1925 }
eee8b7ab 1926
c2e0d600 1927 dual_timestamp_get(&security_start_timestamp);
cb6531be
ZJS		 1928 if (mac_selinux_setup(&loaded_policy) < 0) {
1929 error_message = "Failed to load SELinux policy";
0b3325e7 1930 goto finish;
cb6531be
ZJS		 1931 } else if (mac_smack_setup(&loaded_policy) < 0) {
1932 error_message = "Failed to load SMACK policy";
ffbd2c4d 1933 goto finish;
96694e99
IP		 1934 } else if (ima_setup() < 0) {
1935 error_message = "Failed to load IMA policy";
1936 goto finish;
cb6531be 1937 }
c2e0d600 1938 dual_timestamp_get(&security_finish_timestamp);
81611586 1939 }
0b3325e7 1940
c3dacc8b 1941 if (mac_selinux_init() < 0) {
cb6531be 1942 error_message = "Failed to initialize SELinux policy";
0ff4cdd9 1943 goto finish;
cb6531be 1944 }
7948c4df 1945
e839bafd
LP		 1946 if (!skip_setup)
1947 initialize_clock();
a866073d
LP		 1948
1949 /* Set the default for later on, but don't actually
1950 * open the logs like this for now. Note that if we
1951 * are transitioning from the initrd there might still
1952 * be journal fd open, and we shouldn't attempt
1953 * opening that before we parsed /proc/cmdline which
1954 * might redirect output elsewhere. */
1955 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
1956
df0ff127 1957 } else if (getpid_cached() == 1) {
a866073d 1958 /* Running inside a container, as PID 1 */
463d0d15 1959 arg_system = true;
a866073d 1960 log_set_target(LOG_TARGET_CONSOLE);
99f09825 1961 log_close_console(); /* force reopen of /dev/console */
a866073d
LP		 1962 log_open();
1963
eee8b7ab 1964 /* For later on, see above... */
a866073d
LP		 1965 log_set_target(LOG_TARGET_JOURNAL);
1966
c3a170f3
HH		 1967 /* clear the kernel timestamp,
1968 * because we are in a container */
0f5f63c3 1969 kernel_timestamp = DUAL_TIMESTAMP_NULL;
c3a170f3 1970 } else {
a866073d 1971 /* Running as user instance */
463d0d15 1972 arg_system = false;
eeecf6e6 1973 log_set_target(LOG_TARGET_AUTO);
871e5809 1974 log_open();
c3a170f3
HH		 1975
1976 /* clear the kernel timestamp,
1977 * because we are not PID 1 */
6513d561 1978 kernel_timestamp = DUAL_TIMESTAMP_NULL;
bbe63281 1979 }
a5dab5ce 1980
1e41242e 1981 initialize_coredump(skip_setup);
15a90032 1982
6edefe0b 1983 if (arg_system) {
84af7821
LP		 1984 if (fixup_environment() < 0) {
1985 error_message = "Failed to fix up PID1 environment";
1986 goto finish;
1987 }
32391275 1988
3a18b604
FB		 1989 /* Try to figure out if we can use colors with the console. No
1990 * need to do that for user instances since they never log
1991 * into the console. */
1992 log_show_color(colors_enabled());
c76cf844
AK		 1993 r = make_null_stdio();
1994 if (r < 0)
1995 log_warning_errno(r, "Failed to redirect standard streams to /dev/null: %m");
3a18b604
FB		 1996 }
1997
a07fdfa3 1998 r = initialize_join_controllers();
cb6531be 1999 if (r < 0) {
ff9b60f3 2000 error_message = "Failed to initialize cgroup controllers";
0c85a4f3 2001 goto finish;
cb6531be 2002 }
0c85a4f3 2003
f170852a
LP		 2004 /* Mount /proc, /sys and friends, so that /proc/cmdline and
2005 * /proc/$PID/fd is available. */
df0ff127 2006 if (getpid_cached() == 1) {
f84f9974 2007
a132bef0 2008 /* Load the kernel modules early. */
2e75e2a8
DM		 2009 if (!skip_setup)
2010 kmod_setup();
2e75e2a8 2011
0c85a4f3 2012 r = mount_setup(loaded_policy);
cb6531be
ZJS		 2013 if (r < 0) {
2014 error_message = "Failed to mount API filesystems";
8efe3c01 2015 goto finish;
cb6531be 2016 }
0c85a4f3 2017 }
4ade7963
LP		 2018
2019 /* Reset all signal handlers. */
ce30c8dc
LP		 2020 (void) reset_all_signal_handlers();
2021 (void) ignore_signals(SIGNALS_IGNORE, -1);
078e4539 2022
f5058264 2023 arg_default_tasks_max = system_tasks_max_scale(DEFAULT_TASKS_MAX_PERCENTAGE, 100U);
79baeeb9 2024
cb6531be
ZJS		 2025 if (parse_config_file() < 0) {
2026 error_message = "Failed to parse config file";
487393e9 2027 goto finish;
cb6531be 2028 }
487393e9 2029
463d0d15 2030 if (arg_system) {
1d84ad94 2031 r = proc_cmdline_parse(parse_proc_cmdline_item, NULL, 0);
b5884878 2032 if (r < 0)
da927ba9 2033 log_warning_errno(r, "Failed to parse kernel command line, ignoring: %m");
b5884878 2034 }
f170852a 2035
1de1c9c3
LP		 2036 /* Note that this also parses bits from the kernel command
2037 * line, including "debug". */
f170852a
LP		 2038 log_parse_environment();
2039
cb6531be
ZJS		 2040 if (parse_argv(argc, argv) < 0) {
2041 error_message = "Failed to parse commandline arguments";
f170852a 2042 goto finish;
cb6531be 2043 }
f170852a 2044
10c961b9
AK		 2045 /* Initialize default unit */
2046 if (!arg_default_unit) {
f6dd106c
AK		 2047 arg_default_unit = strdup(SPECIAL_DEFAULT_TARGET);
2048 if (!arg_default_unit) {
2049 r = log_oom();
10c961b9
AK		 2050 error_message = "Failed to set default unit";
2051 goto finish;
2052 }
2053 }
2054
6bae23a0
TB		 2055 if (arg_action == ACTION_TEST &&
2056 geteuid() == 0) {
b5c6cf87
LP		 2057 log_error("Don't run test mode as root.");
2058 goto finish;
2059 }
2060
463d0d15 2061 if (!arg_system &&
6bae23a0
TB		 2062 arg_action == ACTION_RUN &&
2063 sd_booted() <= 0) {
2064 log_error("Trying to run as user instance, but the system has not been booted with systemd.");
2065 goto finish;
2066 }
2067
463d0d15 2068 if (arg_system &&
fe783b03
LP		 2069 arg_action == ACTION_RUN &&
2070 running_in_chroot() > 0) {
2071 log_error("Cannot be run in a chroot() environment.");
2072 goto finish;
2073 }
2074
4c701096 2075 if (IN_SET(arg_action, ACTION_TEST, ACTION_HELP)) {
ea4b98e6 2076 pager_open(arg_no_pager, false);
74e7579c
AK		 2077 skip_setup = true;
2078 }
b87c2aa6 2079
fa0f4d8a 2080 if (arg_action == ACTION_HELP) {
f170852a
LP		 2081 retval = help();
2082 goto finish;
9ba0bc4e
ZJS		 2083 } else if (arg_action == ACTION_VERSION) {
2084 retval = version();
2085 goto finish;
fa0f4d8a 2086 } else if (arg_action == ACTION_DUMP_CONFIGURATION_ITEMS) {
13811bf9 2087 pager_open(arg_no_pager, false);
e537352b 2088 unit_dump_config_items(stdout);
22f4096c 2089 retval = EXIT_SUCCESS;
e537352b 2090 goto finish;
f170852a
LP		 2091 }
2092
463d0d15 2093 if (!arg_system &&
8be28fb1
KS		 2094 !getenv("XDG_RUNTIME_DIR")) {
2095 log_error("Trying to run as user instance, but $XDG_RUNTIME_DIR is not set.");
2096 goto finish;
2097 }
2098
4c701096 2099 assert_se(IN_SET(arg_action, ACTION_RUN, ACTION_TEST));
f170852a 2100
871e5809
LP		 2101 /* Close logging fds, in order not to confuse fdset below */
2102 log_close();
2103
a16e1123 2104 /* Remember open file descriptors for later deserialization */
dea374e8
LP		 2105 if (arg_action == ACTION_RUN) {
2106 r = fdset_new_fill(&fds);
2107 if (r < 0) {
2108 log_emergency_errno(r, "Failed to allocate fd set: %m");
2109 error_message = "Failed to allocate fd set";
2110 goto finish;
2111 } else
2112 fdset_cloexec(fds, true);
a16e1123 2113
dea374e8
LP		 2114 if (arg_serialization)
2115 assert_se(fdset_remove(fds, fileno(arg_serialization)) >= 0);
a16e1123 2116
dea374e8
LP		 2117 if (arg_system)
2118 /* Become a session leader if we aren't one yet. */
2119 setsid();
2120 }
4ade7963 2121
befb5b6a 2122 /* Move out of the way, so that we won't block unmounts */
d250afe7 2123 assert_se(chdir("/") == 0);
befb5b6a 2124
2146621b
LP		 2125 /* Reset the console, but only if this is really init and we
2126 * are freshly booted */
463d0d15 2127 if (arg_system && arg_action == ACTION_RUN) {
56d96fc0
LP		 2128
2129 /* If we are init, we connect stdin/stdout/stderr to
2130 * /dev/null and make sure we don't have a controlling
2131 * tty. */
2132 release_terminal();
2133
df0ff127 2134 if (getpid_cached() == 1 && !skip_setup)
56d96fc0
LP		 2135 console_setup();
2136 }
4ade7963 2137
18149b9f 2138 /* Open the logging devices, if possible and necessary */
843d2643 2139 log_open();
4ade7963 2140
b6e2f329
LP		 2141 if (arg_show_status == _SHOW_STATUS_UNSET)
2142 arg_show_status = SHOW_STATUS_YES;
2143
5373d602
LP		 2144 /* Make sure we leave a core dump without panicing the
2145 * kernel. */
df0ff127 2146 if (getpid_cached() == 1) {
4fc935ca 2147 install_crash_handler();
97c4f35c 2148
0c85a4f3
LP		 2149 r = mount_cgroup_controllers(arg_join_controllers);
2150 if (r < 0)
2151 goto finish;
2152 }
2153
463d0d15 2154 if (arg_system) {
75f86906 2155 int v;
c20f5ac7 2156
0d8c31ff
ZJS		 2157 log_info(PACKAGE_STRING " running in %ssystem mode. (" SYSTEMD_FEATURES ")",
2158 arg_action == ACTION_TEST ? "test " : "" );
c20f5ac7 2159
75f86906
LP		 2160 v = detect_virtualization();
2161 if (v > 0)
2162 log_info("Detected virtualization %s.", virtualization_to_string(v));
c20f5ac7 2163
fdd25311
LP		 2164 write_container_id();
2165
d3f86679 2166 log_info("Detected architecture %s.", architecture_to_string(uname_architecture()));
d9d93745 2167
26a1efdf
LP		 2168 if (in_initrd())
2169 log_info("Running in initial RAM disk.");
fd130612
LP		 2170 else {
2171 /* Let's check whether we are in first boot, i.e. whether /etc is still unpopulated. We use
2172 * /etc/machine-id as flag file, for this: if it exists we assume /etc is populated, if it
2173 * doesn't it's unpopulated. This allows container managers and installers to provision a
2174 * couple of files already. If the container manager wants to provision the machine ID itself
2175 * it should pass $container_uuid to PID 1. */
2176
2177 first_boot = access("/etc/machine-id", F_OK) < 0;
2178 if (first_boot)
2179 log_info("Running with unpopulated /etc.");
2180 }
d8160f21 2181 } else {
1f97091d
LP		 2182 _cleanup_free_ char *t;
2183
2184 t = uid_to_name(getuid());
a68aef7a
LP		 2185 log_debug(PACKAGE_STRING " running in %suser mode for user " UID_FMT "/%s. (" SYSTEMD_FEATURES ")",
2186 arg_action == ACTION_TEST ? " test" : "", getuid(), strna(t));
d8160f21 2187 }
a5dab5ce 2188
dea374e8
LP		 2189 if (arg_action == ACTION_RUN) {
2190 if (arg_system && !skip_setup) {
2191 if (arg_show_status > 0)
2192 status_welcome();
888c6216 2193
dea374e8
LP		 2194 hostname_setup();
2195 machine_id_setup(NULL, arg_machine_id, NULL);
2196 loopback_setup();
2197 bump_unix_max_dgram_qlen();
490aed58 2198
dea374e8
LP		 2199 test_usr();
2200 }
302e8c4c 2201
dea374e8
LP		 2202 if (arg_system && arg_runtime_watchdog > 0 && arg_runtime_watchdog != USEC_INFINITY)
2203 watchdog_set_timeout(&arg_runtime_watchdog);
e96d6be7 2204
dea374e8
LP		 2205 if (arg_timer_slack_nsec != NSEC_INFINITY)
2206 if (prctl(PR_SET_TIMERSLACK, arg_timer_slack_nsec) < 0)
2207 log_error_errno(errno, "Failed to adjust timer slack: %m");
aa0f64ac 2208
dea374e8
LP		 2209 if (arg_system && !cap_test_all(arg_capability_bounding_set)) {
2210 r = capability_bounding_set_drop_usermode(arg_capability_bounding_set);
2211 if (r < 0) {
2212 log_emergency_errno(r, "Failed to drop capability bounding set of usermode helpers: %m");
2213 error_message = "Failed to drop capability bounding set of usermode helpers";
2214 goto finish;
2215 }
2216 r = capability_bounding_set_drop(arg_capability_bounding_set, true);
2217 if (r < 0) {
2218 log_emergency_errno(r, "Failed to drop capability bounding set: %m");
2219 error_message = "Failed to drop capability bounding set";
2220 goto finish;
2221 }
939b8f14 2222 }
ec8927ca 2223
dea374e8
LP		 2224 if (arg_syscall_archs) {
2225 r = enforce_syscall_archs(arg_syscall_archs);
2226 if (r < 0) {
2227 error_message = "Failed to set syscall architectures";
2228 goto finish;
2229 }
cb6531be 2230 }
d3b1c508 2231
dea374e8
LP		 2232 if (!arg_system)
2233 /* Become reaper of our children */
2234 if (prctl(PR_SET_CHILD_SUBREAPER, 1) < 0)
2235 log_warning_errno(errno, "Failed to make us a subreaper: %m");
d4447f4d 2236
fb3ae275 2237 if (arg_system) {
dea374e8
LP		 2238 /* Bump up RLIMIT_NOFILE for systemd itself */
2239 (void) bump_rlimit_nofile(&saved_rlimit_nofile);
fb3ae275
LP		 2240 (void) bump_rlimit_memlock(&saved_rlimit_memlock);
2241 }
dea374e8 2242 }
4096d6f5 2243
e0a3da1f
ZJS		 2244 r = manager_new(arg_system ? UNIT_FILE_SYSTEM : UNIT_FILE_USER,
2245 arg_action == ACTION_TEST ? MANAGER_TEST_FULL : 0,
2246 &m);
e96d6be7 2247 if (r < 0) {
da927ba9 2248 log_emergency_errno(r, "Failed to allocate manager object: %m");
cb6531be 2249 error_message = "Failed to allocate manager object";
60918275
LP		 2250 goto finish;
2251 }
2252
9f9f0342
LP		 2253 m->timestamps[MANAGER_TIMESTAMP_KERNEL] = kernel_timestamp;
2254 m->timestamps[MANAGER_TIMESTAMP_INITRD] = initrd_timestamp;
2255 m->timestamps[MANAGER_TIMESTAMP_USERSPACE] = userspace_timestamp;
2256 m->timestamps[MANAGER_TIMESTAMP_SECURITY_START] = security_start_timestamp;
2257 m->timestamps[MANAGER_TIMESTAMP_SECURITY_FINISH] = security_finish_timestamp;
9e58ff9c 2258
85cb4151 2259 set_manager_defaults(m);
7b46fc6a 2260 set_manager_settings(m);
fd130612 2261 manager_set_first_boot(m, first_boot);
27d340c7 2262
bf4df7c3 2263 /* Remember whether we should queue the default job */
d3b1c508 2264 queue_default_job = !arg_serialization || arg_switched_root;
bf4df7c3 2265
9d76d730
LP		 2266 before_startup = now(CLOCK_MONOTONIC);
2267
d3b1c508 2268 r = manager_startup(m, arg_serialization, fds);
58f88d92 2269 if (r < 0) {
da927ba9 2270 log_error_errno(r, "Failed to fully start up daemon: %m");
58f88d92
ZJS		 2271 goto finish;
2272 }
a16e1123 2273
bf4df7c3
LP		 2274 /* This will close all file descriptors that were opened, but
2275 * not claimed by any unit. */
2feceb5e 2276 fds = fdset_free(fds);
f50e0a01 2277
74ca738f 2278 arg_serialization = safe_fclose(arg_serialization);
bf4df7c3
LP		 2279
2280 if (queue_default_job) {
4afd3348 2281 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1c27d3f3 2282 Unit *target = NULL;
bacbccb7 2283 Job *default_unit_job;
398ef8ba 2284
fa0f4d8a 2285 log_debug("Activating default unit: %s", arg_default_unit);
a16e1123 2286
e96d6be7 2287 r = manager_load_unit(m, arg_default_unit, NULL, &error, &target);
718db961
LP		 2288 if (r < 0)
2289 log_error("Failed to load default target: %s", bus_error_message(&error, r));
4c701096 2290 else if (IN_SET(target->load_state, UNIT_ERROR, UNIT_NOT_FOUND))
c33b3297 2291 log_error_errno(target->load_error, "Failed to load default target: %m");
ac155bb8 2292 else if (target->load_state == UNIT_MASKED)
6daf4f90 2293 log_error("Default target masked.");
27b14a22 2294
ac155bb8 2295 if (!target || target->load_state != UNIT_LOADED) {
a16e1123 2296 log_info("Trying to load rescue target...");
1c27d3f3 2297
e96d6be7
LP		 2298 r = manager_load_unit(m, SPECIAL_RESCUE_TARGET, NULL, &error, &target);
2299 if (r < 0) {
4104970e 2300 log_emergency("Failed to load rescue target: %s", bus_error_message(&error, r));
cb6531be 2301 error_message = "Failed to load rescue target";
a16e1123 2302 goto finish;
4c701096 2303 } else if (IN_SET(target->load_state, UNIT_ERROR, UNIT_NOT_FOUND)) {
c33b3297 2304 log_emergency_errno(target->load_error, "Failed to load rescue target: %m");
cb6531be 2305 error_message = "Failed to load rescue target";
1c27d3f3 2306 goto finish;
ac155bb8 2307 } else if (target->load_state == UNIT_MASKED) {
4104970e 2308 log_emergency("Rescue target masked.");
cb6531be 2309 error_message = "Rescue target masked";
00dc5d76 2310 goto finish;
a16e1123
LP		 2311 }
2312 }
37d88da7 2313
ac155bb8 2314 assert(target->load_state == UNIT_LOADED);
00dc5d76 2315
fa0f4d8a 2316 if (arg_action == ACTION_TEST) {
40d50879 2317 printf("-> By units:\n");
a16e1123
LP		 2318 manager_dump_units(m, stdout, "\t");
2319 }
2320
4bd29fe5 2321 r = manager_add_job(m, JOB_START, target, JOB_ISOLATE, &error, &default_unit_job);
ab17a050 2322 if (r == -EPERM) {
718db961 2323 log_debug("Default target could not be isolated, starting instead: %s", bus_error_message(&error, r));
ab17a050 2324
5022ce71
LP		 2325 sd_bus_error_free(&error);
2326
4bd29fe5 2327 r = manager_add_job(m, JOB_START, target, JOB_REPLACE, &error, &default_unit_job);
ab17a050 2328 if (r < 0) {
4104970e 2329 log_emergency("Failed to start default target: %s", bus_error_message(&error, r));
cb6531be 2330 error_message = "Failed to start default target";
ab17a050
LP		 2331 goto finish;
2332 }
2333 } else if (r < 0) {
4104970e 2334 log_emergency("Failed to isolate default target: %s", bus_error_message(&error, r));
cb6531be 2335 error_message = "Failed to isolate default target";
37d88da7
LP		 2336 goto finish;
2337 }
ab17a050 2338
bacbccb7 2339 m->default_unit_job_id = default_unit_job->id;
60918275 2340
07672f49
LP		 2341 after_startup = now(CLOCK_MONOTONIC);
2342 log_full(arg_action == ACTION_TEST ? LOG_INFO : LOG_DEBUG,
2343 "Loaded units and determined initial transaction in %s.",
fdb14b7e 2344 format_timespan(timespan, sizeof(timespan), after_startup - before_startup, 100 * USEC_PER_MSEC));
07672f49 2345
fa0f4d8a 2346 if (arg_action == ACTION_TEST) {
40d50879 2347 printf("-> By jobs:\n");
a16e1123 2348 manager_dump_jobs(m, stdout, "\t");
22f4096c 2349 retval = EXIT_SUCCESS;
a16e1123
LP		 2350 goto finish;
2351 }
e965d56d 2352 }
d46de8a1 2353
7eb35049
LP		 2354 r = invoke_main_loop(m,
2355 &reexecute,
2356 &retval,
2357 &shutdown_verb,
2358 &fds,
2359 &switch_root_dir,
2360 &switch_root_init,
2361 &error_message);
f170852a 2362
60918275 2363finish:
b87c2aa6
ZJS		 2364 pager_close();
2365
97792515 2366 if (m)
81f5fc2d 2367 arg_shutdown_watchdog = m->shutdown_watchdog;
fe382237 2368
06d8d842 2369 m = manager_free(m);
60918275 2370
1f6b4113 2371 for (j = 0; j < ELEMENTSOF(arg_default_rlimit); j++)
a1e58e8e 2372 arg_default_rlimit[j] = mfree(arg_default_rlimit[j]);
c93ff2e9 2373
97b11eed 2374 arg_default_unit = mfree(arg_default_unit);
7d5ceb64 2375 arg_confirm_spawn = mfree(arg_confirm_spawn);
fe382237 2376 arg_join_controllers = strv_free_free(arg_join_controllers);
97b11eed 2377 arg_default_environment = strv_free(arg_default_environment);
525d3cc7 2378 arg_syscall_archs = set_free(arg_syscall_archs);
d3b1c508 2379
cc56fafe 2380 mac_selinux_finish();
b2bb3dbe 2381
3c7878f9
LP		 2382 if (reexecute)
2383 do_reexecute(argc, argv,
2384 &saved_rlimit_nofile,
2385 &saved_rlimit_memlock,
2386 fds,
2387 switch_root_dir,
2388 switch_root_init,
2389 &error_message); /* This only returns if reexecution failed */
a16e1123 2390
74ca738f 2391 arg_serialization = safe_fclose(arg_serialization);
2feceb5e 2392 fds = fdset_free(fds);
a16e1123 2393
349cc4a5 2394#if HAVE_VALGRIND_VALGRIND_H
54b434b1
LP		 2395 /* If we are PID 1 and running under valgrind, then let's exit
2396 * here explicitly. valgrind will only generate nice output on
2397 * exit(), not on exec(), hence let's do the former not the
2398 * latter here. */
df0ff127 2399 if (getpid_cached() == 1 && RUNNING_ON_VALGRIND)
54b434b1
LP		 2400 return 0;
2401#endif
2402
b9080b03 2403 if (shutdown_verb) {
7eb35049 2404 r = become_shutdown(shutdown_verb, retval);
ad929bcc 2405
4a36297c 2406 log_error_errno(r, "Failed to execute shutdown binary, %s: %m", getpid_cached() == 1 ? "freezing" : "quitting");
9b9881d7 2407 error_message = "Failed to execute shutdown binary";
b9080b03
FF		 2408 }
2409
df0ff127 2410 if (getpid_cached() == 1) {
cb6531be
ZJS		 2411 if (error_message)
2412 manager_status_printf(NULL, STATUS_TYPE_EMERGENCY,
1fc464f6 2413 ANSI_HIGHLIGHT_RED "!!!!!!" ANSI_NORMAL,
cb6531be 2414 "%s, freezing.", error_message);
b9e74c39 2415 freeze_or_reboot();
cb6531be 2416 }
c3b3c274 2417
60918275
LP		 2418 return retval;
2419}
Unnamed repository; edit this file 'description' to name the repository.