]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/main.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
util: move string_is_safe() to string-util.[ch]
[thirdparty/systemd.git] / src / core / main.c
CommitLineData
d6c9574f 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
60918275 2
a7334b09
LP		 3/***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
a7334b09
LP		 11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 16 Lesser General Public License for more details.
a7334b09 17
5430f7f2 18 You should have received a copy of the GNU Lesser General Public License
a7334b09
LP		 19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20***/
21
60918275 22#include <errno.h>
3dfc9763 23#include <fcntl.h>
f170852a 24#include <getopt.h>
97c4f35c 25#include <signal.h>
3dfc9763
LP		 26#include <stdio.h>
27#include <string.h>
664f88a7 28#include <sys/mount.h>
3dfc9763 29#include <sys/prctl.h>
b9e74c39 30#include <sys/reboot.h>
3dfc9763
LP		 31#include <sys/stat.h>
32#include <unistd.h>
b64a3d86
LP		 33#ifdef HAVE_SECCOMP
34#include <seccomp.h>
35#endif
3dfc9763
LP		 36#ifdef HAVE_VALGRIND_VALGRIND_H
37#include <valgrind/valgrind.h>
38#endif
54b434b1 39
718db961 40#include "sd-daemon.h"
718db961 41#include "sd-bus.h"
3dfc9763 42
d9d93745 43#include "architecture.h"
3dfc9763
LP		 44#include "build.h"
45#include "bus-error.h"
46#include "bus-util.h"
ec8927ca 47#include "capability.h"
24efb112 48#include "clock-util.h"
3dfc9763 49#include "conf-parser.h"
618234a5 50#include "cpu-set-util.h"
3dfc9763
LP		 51#include "dbus-manager.h"
52#include "def.h"
53#include "env-util.h"
3ffd4af2 54#include "fd-util.h"
3dfc9763 55#include "fdset.h"
718db961 56#include "fileio.h"
24882e06 57#include "formats-util.h"
f4f15635 58#include "fs-util.h"
3dfc9763
LP		 59#include "hostname-setup.h"
60#include "ima-setup.h"
61#include "killall.h"
62#include "kmod-setup.h"
d7b8eec7 63#include "load-fragment.h"
3dfc9763 64#include "log.h"
b6e66135 65#include "loopback-setup.h"
b6e66135 66#include "machine-id-setup.h"
3dfc9763
LP		 67#include "manager.h"
68#include "missing.h"
69#include "mount-setup.h"
70#include "pager.h"
6bedfcbb 71#include "parse-util.h"
3dfc9763 72#include "process-util.h"
78f22b97 73#include "rlimit-util.h"
b6e66135 74#include "selinux-setup.h"
3dfc9763
LP		 75#include "selinux-util.h"
76#include "signal-util.h"
ffbd2c4d 77#include "smack-setup.h"
3dfc9763
LP		 78#include "special.h"
79#include "strv.h"
80#include "switch-root.h"
81#include "terminal-util.h"
b1d4f8e1 82#include "user-util.h"
3dfc9763
LP		 83#include "virt.h"
84#include "watchdog.h"
b6e66135 85
f170852a
LP		 86static enum {
87 ACTION_RUN,
e965d56d 88 ACTION_HELP,
9ba0bc4e 89 ACTION_VERSION,
e537352b 90 ACTION_TEST,
4288f619
LP		 91 ACTION_DUMP_CONFIGURATION_ITEMS,
92 ACTION_DONE
fa0f4d8a 93} arg_action = ACTION_RUN;
fa0f4d8a 94static char *arg_default_unit = NULL;
b2c23da8 95static ManagerRunningAs arg_running_as = _MANAGER_RUNNING_AS_INVALID;
fa0f4d8a 96static bool arg_dump_core = true;
fa0f4d8a 97static int arg_crash_chvt = -1;
b9e74c39
LP		 98static bool arg_crash_shell = false;
99static bool arg_crash_reboot = false;
fa0f4d8a 100static bool arg_confirm_spawn = false;
b6e2f329 101static ShowStatus arg_show_status = _SHOW_STATUS_UNSET;
bf4df7c3 102static bool arg_switched_root = false;
b87c2aa6 103static int arg_no_pager = -1;
0c85a4f3 104static char ***arg_join_controllers = NULL;
706343f4 105static ExecOutput arg_default_std_output = EXEC_OUTPUT_JOURNAL;
0a494f1f 106static ExecOutput arg_default_std_error = EXEC_OUTPUT_INHERIT;
1f19a534
OS		 107static usec_t arg_default_restart_usec = DEFAULT_RESTART_USEC;
108static usec_t arg_default_timeout_start_usec = DEFAULT_TIMEOUT_USEC;
109static usec_t arg_default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC;
3f41e1e5
LN		 110static usec_t arg_default_start_limit_interval = DEFAULT_START_LIMIT_INTERVAL;
111static unsigned arg_default_start_limit_burst = DEFAULT_START_LIMIT_BURST;
e96d6be7
LP		 112static usec_t arg_runtime_watchdog = 0;
113static usec_t arg_shutdown_watchdog = 10 * USEC_PER_MINUTE;
97d0e5f8 114static char **arg_default_environment = NULL;
517d56b1 115static struct rlimit *arg_default_rlimit[_RLIMIT_MAX] = {};
ec8927ca 116static uint64_t arg_capability_bounding_set_drop = 0;
3a43da28 117static nsec_t arg_timer_slack_nsec = NSEC_INFINITY;
bd8f585b 118static usec_t arg_default_timer_accuracy_usec = 1 * USEC_PER_MINUTE;
d3b1c508
LP		 119static Set* arg_syscall_archs = NULL;
120static FILE* arg_serialization = NULL;
085afe36
LP		 121static bool arg_default_cpu_accounting = false;
122static bool arg_default_blockio_accounting = false;
123static bool arg_default_memory_accounting = false;
03a7b521 124static bool arg_default_tasks_accounting = false;
4fc935ca 125
b87c2aa6
ZJS		 126static void pager_open_if_enabled(void) {
127
128 if (arg_no_pager <= 0)
129 return;
130
131 pager_open(false);
132}
133
b9e74c39
LP		 134noreturn static void freeze_or_reboot(void) {
135
136 if (arg_crash_reboot) {
137 log_notice("Rebooting in 10s...");
138 (void) sleep(10);
139
140 log_notice("Rebooting now...");
141 (void) reboot(RB_AUTOBOOT);
142 log_emergency_errno(errno, "Failed to reboot: %m");
143 }
144
145 log_emergency("Freezing execution.");
146 freeze();
147}
148
919ce0b7 149noreturn static void crash(int sig) {
7d06dad9
MS		 150 struct sigaction sa;
151 pid_t pid;
97c4f35c 152
abb26902
LP		 153 if (getpid() != 1)
154 /* Pass this on immediately, if this is not PID 1 */
92ca4cac 155 (void) raise(sig);
abb26902 156 else if (!arg_dump_core)
4104970e 157 log_emergency("Caught <%s>, not dumping core.", signal_to_string(sig));
97c4f35c 158 else {
7d06dad9 159 sa = (struct sigaction) {
189d5bac 160 .sa_handler = nop_signal_handler,
b92bea5d
ZJS		 161 .sa_flags = SA_NOCLDSTOP|SA_RESTART,
162 };
97c4f35c 163
6f5e3f35 164 /* We want to wait for the core process, hence let's enable SIGCHLD */
92ca4cac 165 (void) sigaction(SIGCHLD, &sa, NULL);
6f5e3f35 166
ee05e779 167 pid = raw_clone(SIGCHLD, NULL);
e62d8c39 168 if (pid < 0)
56f64d95 169 log_emergency_errno(errno, "Caught <%s>, cannot fork for core dump: %m", signal_to_string(sig));
97c4f35c 170 else if (pid == 0) {
92ca4cac
LP		 171 struct rlimit rl = {
172 .rlim_cur = RLIM_INFINITY,
173 .rlim_max = RLIM_INFINITY,
174 };
97c4f35c
LP		 175
176 /* Enable default signal handler for core dump */
92ca4cac
LP		 177 sa = (struct sigaction) {
178 .sa_handler = SIG_DFL,
179 };
180 (void) sigaction(sig, &sa, NULL);
97c4f35c
LP		 181
182 /* Don't limit the core dump size */
92ca4cac 183 (void) setrlimit(RLIMIT_CORE, &rl);
97c4f35c
LP		 184
185 /* Just to be sure... */
e62d9b81 186 (void) chdir("/");
97c4f35c
LP		 187
188 /* Raise the signal again */
ee05e779 189 pid = raw_getpid();
92ca4cac 190 (void) kill(pid, sig); /* raise() would kill the parent */
97c4f35c
LP		 191
192 assert_not_reached("We shouldn't be here...");
92ca4cac 193 _exit(EXIT_FAILURE);
4fc935ca 194 } else {
8e12a6ae
LP		 195 siginfo_t status;
196 int r;
4fc935ca
LP		 197
198 /* Order things nicely. */
e62d8c39
ZJS		 199 r = wait_for_terminate(pid, &status);
200 if (r < 0)
da927ba9 201 log_emergency_errno(r, "Caught <%s>, waitpid() failed: %m", signal_to_string(sig));
8e12a6ae 202 else if (status.si_code != CLD_DUMPED)
ee05e779
ZJS		 203 log_emergency("Caught <%s>, core dump failed (child "PID_FMT", code=%s, status=%i/%s).",
204 signal_to_string(sig),
205 pid, sigchld_code_to_string(status.si_code),
206 status.si_status,
207 strna(status.si_code == CLD_EXITED
208 ? exit_status_to_string(status.si_status, EXIT_STATUS_FULL)
209 : signal_to_string(status.si_status)));
4fc935ca 210 else
4104970e 211 log_emergency("Caught <%s>, dumped core as pid "PID_FMT".", signal_to_string(sig), pid);
97c4f35c
LP		 212 }
213 }
214
b9e74c39 215 if (arg_crash_chvt >= 0)
92ca4cac 216 (void) chvt(arg_crash_chvt);
601f6a1e 217
7d06dad9
MS		 218 sa = (struct sigaction) {
219 .sa_handler = SIG_IGN,
220 .sa_flags = SA_NOCLDSTOP|SA_NOCLDWAIT|SA_RESTART,
221 };
222
223 /* Let the kernel reap children for us */
224 (void) sigaction(SIGCHLD, &sa, NULL);
8c43883a 225
7d06dad9 226 if (arg_crash_shell) {
b9e74c39 227 log_notice("Executing crash shell in 10s...");
92ca4cac 228 (void) sleep(10);
4fc935ca 229
ee05e779 230 pid = raw_clone(SIGCHLD, NULL);
cd3bd60a 231 if (pid < 0)
56f64d95 232 log_emergency_errno(errno, "Failed to fork off crash shell: %m");
6f5e3f35 233 else if (pid == 0) {
b9e74c39 234 (void) setsid();
92ca4cac
LP		 235 (void) make_console_stdio();
236 (void) execle("/bin/sh", "/bin/sh", NULL, environ);
6f5e3f35 237
ee05e779 238 log_emergency_errno(errno, "execle() failed: %m");
92ca4cac 239 _exit(EXIT_FAILURE);
b9e74c39
LP		 240 } else {
241 log_info("Spawned crash shell as PID "PID_FMT".", pid);
4cf0b03b 242 (void) wait_for_terminate(pid, NULL);
b9e74c39 243 }
4fc935ca
LP		 244 }
245
b9e74c39 246 freeze_or_reboot();
97c4f35c
LP		 247}
248
249static void install_crash_handler(void) {
297d563d 250 static const struct sigaction sa = {
b92bea5d 251 .sa_handler = crash,
297d563d 252 .sa_flags = SA_NODEFER, /* So that we can raise the signal again from the signal handler */
b92bea5d 253 };
297d563d 254 int r;
97c4f35c 255
297d563d
LP		 256 /* We ignore the return value here, since, we don't mind if we
257 * cannot set up a crash handler */
258 r = sigaction_many(&sa, SIGNALS_CRASH_HANDLER, -1);
259 if (r < 0)
260 log_debug_errno(r, "I had trouble setting up the crash handler, ignoring: %m");
97c4f35c 261}
f170852a 262
56d96fc0
LP		 263static int console_setup(void) {
264 _cleanup_close_ int tty_fd = -1;
265 int r;
80876c20 266
512947d4 267 tty_fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
23bbb0de
MS		 268 if (tty_fd < 0)
269 return log_error_errno(tty_fd, "Failed to open /dev/console: %m");
80876c20 270
56d96fc0
LP		 271 /* We don't want to force text mode. plymouth may be showing
272 * pictures already from initrd. */
512947d4 273 r = reset_terminal_fd(tty_fd, false);
23bbb0de
MS		 274 if (r < 0)
275 return log_error_errno(r, "Failed to reset /dev/console: %m");
843d2643 276
56d96fc0 277 return 0;
80876c20
LP		 278}
279
b9e74c39
LP		 280static int parse_crash_chvt(const char *value) {
281 int b;
282
283 if (safe_atoi(value, &arg_crash_chvt) >= 0)
284 return 0;
285
286 b = parse_boolean(value);
287 if (b < 0)
288 return b;
289
290 if (b > 0)
291 arg_crash_chvt = 0; /* switch to where kmsg goes */
292 else
293 arg_crash_chvt = -1; /* turn off switching */
294
295 return 0;
296}
297
059cb385 298static int parse_proc_cmdline_item(const char *key, const char *value) {
f170852a
LP		 299
300 static const char * const rlmap[] = {
ed370f5d 301 "emergency", SPECIAL_EMERGENCY_TARGET,
099663ff 302 "-b", SPECIAL_EMERGENCY_TARGET,
5329ab10 303 "rescue", SPECIAL_RESCUE_TARGET,
ed370f5d
LP		 304 "single", SPECIAL_RESCUE_TARGET,
305 "-s", SPECIAL_RESCUE_TARGET,
306 "s", SPECIAL_RESCUE_TARGET,
307 "S", SPECIAL_RESCUE_TARGET,
308 "1", SPECIAL_RESCUE_TARGET,
d5d8429a
LP		 309 "2", SPECIAL_MULTI_USER_TARGET,
310 "3", SPECIAL_MULTI_USER_TARGET,
311 "4", SPECIAL_MULTI_USER_TARGET,
312 "5", SPECIAL_GRAPHICAL_TARGET,
f170852a 313 };
059cb385 314 int r;
f170852a 315
059cb385 316 assert(key);
5192bd19 317
059cb385 318 if (streq(key, "systemd.unit") && value) {
bf4df7c3
LP		 319
320 if (!in_initrd())
e6e242ad 321 return free_and_strdup(&arg_default_unit, value);
bf4df7c3 322
059cb385 323 } else if (streq(key, "rd.systemd.unit") && value) {
bf4df7c3 324
ca05941b 325 if (in_initrd())
e6e242ad 326 return free_and_strdup(&arg_default_unit, value);
f170852a 327
059cb385 328 } else if (streq(key, "systemd.dump_core") && value) {
4fc935ca 329
059cb385 330 r = parse_boolean(value);
fb472900 331 if (r < 0)
059cb385 332 log_warning("Failed to parse dump core switch %s. Ignoring.", value);
4fc935ca 333 else
fa0f4d8a 334 arg_dump_core = r;
4fc935ca 335
b9e74c39
LP		 336 } else if (streq(key, "systemd.crash_chvt") && value) {
337
338 if (parse_crash_chvt(value) < 0)
339 log_warning("Failed to parse crash chvt switch %s. Ignoring.", value);
340
059cb385 341 } else if (streq(key, "systemd.crash_shell") && value) {
4fc935ca 342
059cb385 343 r = parse_boolean(value);
fb472900 344 if (r < 0)
059cb385 345 log_warning("Failed to parse crash shell switch %s. Ignoring.", value);
4fc935ca 346 else
fa0f4d8a 347 arg_crash_shell = r;
5e7ee61c 348
b9e74c39 349 } else if (streq(key, "systemd.crash_reboot") && value) {
5e7ee61c 350
b9e74c39
LP		 351 r = parse_boolean(value);
352 if (r < 0)
353 log_warning("Failed to parse crash reboot switch %s. Ignoring.", value);
5e7ee61c 354 else
b9e74c39 355 arg_crash_reboot = r;
5e7ee61c 356
059cb385 357 } else if (streq(key, "systemd.confirm_spawn") && value) {
601f6a1e 358
059cb385
LP		 359 r = parse_boolean(value);
360 if (r < 0)
361 log_warning("Failed to parse confirm spawn switch %s. Ignoring.", value);
601f6a1e 362 else
059cb385 363 arg_confirm_spawn = r;
601f6a1e 364
059cb385 365 } else if (streq(key, "systemd.show_status") && value) {
9e58ff9c 366
059cb385 367 r = parse_show_status(value, &arg_show_status);
d450b6f2 368 if (r < 0)
059cb385
LP		 369 log_warning("Failed to parse show status switch %s. Ignoring.", value);
370
371 } else if (streq(key, "systemd.default_standard_output") && value) {
0a494f1f 372
059cb385 373 r = exec_output_from_string(value);
fb472900 374 if (r < 0)
059cb385 375 log_warning("Failed to parse default standard output switch %s. Ignoring.", value);
0a494f1f
LP		 376 else
377 arg_default_std_output = r;
0a494f1f 378
059cb385
LP		 379 } else if (streq(key, "systemd.default_standard_error") && value) {
380
381 r = exec_output_from_string(value);
fb472900 382 if (r < 0)
059cb385 383 log_warning("Failed to parse default standard error switch %s. Ignoring.", value);
0a494f1f
LP		 384 else
385 arg_default_std_error = r;
9e7c5357 386
059cb385
LP		 387 } else if (streq(key, "systemd.setenv") && value) {
388
389 if (env_assignment_is_valid(value)) {
e21fea24
KS		 390 char **env;
391
059cb385 392 env = strv_env_set(arg_default_environment, value);
e21fea24
KS		 393 if (env)
394 arg_default_environment = env;
395 else
279d3c9c 396 log_warning_errno(ENOMEM, "Setting environment variable '%s' failed, ignoring: %m", value);
e21fea24 397 } else
059cb385 398 log_warning("Environment variable name '%s' is not valid. Ignoring.", value);
9e58ff9c 399
059cb385 400 } else if (streq(key, "quiet") && !value) {
d7b15e0a 401
b6e2f329 402 if (arg_show_status == _SHOW_STATUS_UNSET)
d450b6f2 403 arg_show_status = SHOW_STATUS_AUTO;
059cb385
LP		 404
405 } else if (streq(key, "debug") && !value) {
d7b15e0a 406
1de1c9c3
LP		 407 /* Note that log_parse_environment() handles 'debug'
408 * too, and sets the log level to LOG_DEBUG. */
d7b15e0a 409
75f86906 410 if (detect_container() > 0)
b2103dcc 411 log_set_target(LOG_TARGET_CONSOLE);
059cb385
LP		 412
413 } else if (!in_initrd() && !value) {
f170852a
LP		 414 unsigned i;
415
416 /* SysV compatibility */
f170852a 417 for (i = 0; i < ELEMENTSOF(rlmap); i += 2)
059cb385 418 if (streq(key, rlmap[i]))
e6e242ad 419 return free_and_strdup(&arg_default_unit, rlmap[i+1]);
f170852a
LP		 420 }
421
422 return 0;
423}
424
e8e581bf
ZJS		 425#define DEFINE_SETTER(name, func, descr) \
426 static int name(const char *unit, \
427 const char *filename, \
428 unsigned line, \
429 const char *section, \
71a61510 430 unsigned section_line, \
e8e581bf
ZJS		 431 const char *lvalue, \
432 int ltype, \
433 const char *rvalue, \
434 void *data, \
435 void *userdata) { \
436 \
437 int r; \
438 \
439 assert(filename); \
440 assert(lvalue); \
441 assert(rvalue); \
442 \
443 r = func(rvalue); \
444 if (r < 0) \
d1cefe0a
LP		 445 log_syntax(unit, LOG_ERR, filename, line, r, \
446 "Invalid " descr "'%s': %m", \
447 rvalue); \
e8e581bf
ZJS		 448 \
449 return 0; \
450 }
487393e9 451
e8e581bf
ZJS		 452DEFINE_SETTER(config_parse_level2, log_set_max_level_from_string, "log level")
453DEFINE_SETTER(config_parse_target, log_set_target_from_string, "target")
454DEFINE_SETTER(config_parse_color, log_show_color_from_string, "color" )
455DEFINE_SETTER(config_parse_location, log_show_location_from_string, "location")
487393e9 456
4d7213b2
LP		 457static int config_parse_cpu_affinity2(
458 const char *unit,
459 const char *filename,
460 unsigned line,
461 const char *section,
462 unsigned section_line,
463 const char *lvalue,
464 int ltype,
465 const char *rvalue,
466 void *data,
467 void *userdata) {
487393e9 468
4b40bc38 469 _cleanup_cpu_free_ cpu_set_t *c = NULL;
f5c72b73 470 int ncpus;
487393e9 471
765d143b 472 ncpus = parse_cpu_set_and_warn(rvalue, &c, unit, filename, line, lvalue);
f5c72b73
FB		 473 if (ncpus < 0)
474 return ncpus;
487393e9 475
f5c72b73
FB		 476 if (sched_setaffinity(0, CPU_ALLOC_SIZE(ncpus), c) < 0)
477 log_warning("Failed to set CPU affinity: %m");
487393e9 478
487393e9
LP		 479 return 0;
480}
481
4d7213b2
LP		 482static int config_parse_show_status(
483 const char* unit,
484 const char *filename,
485 unsigned line,
486 const char *section,
487 unsigned section_line,
488 const char *lvalue,
489 int ltype,
490 const char *rvalue,
491 void *data,
492 void *userdata) {
493
494 int k;
495 ShowStatus *b = data;
496
497 assert(filename);
498 assert(lvalue);
499 assert(rvalue);
500 assert(data);
501
502 k = parse_show_status(rvalue, b);
503 if (k < 0) {
12ca818f 504 log_syntax(unit, LOG_ERR, filename, line, k, "Failed to parse show status setting, ignoring: %s", rvalue);
4d7213b2
LP		 505 return 0;
506 }
507
508 return 0;
509}
510
b9e74c39
LP		 511static int config_parse_crash_chvt(
512 const char* unit,
513 const char *filename,
514 unsigned line,
515 const char *section,
516 unsigned section_line,
517 const char *lvalue,
518 int ltype,
519 const char *rvalue,
520 void *data,
521 void *userdata) {
522
523 int r;
524
525 assert(filename);
526 assert(lvalue);
527 assert(rvalue);
b9e74c39
LP		 528
529 r = parse_crash_chvt(rvalue);
530 if (r < 0) {
531 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CrashChangeVT= setting, ignoring: %s", rvalue);
532 return 0;
533 }
534
535 return 0;
536}
537
e8e581bf
ZJS		 538static int config_parse_join_controllers(const char *unit,
539 const char *filename,
540 unsigned line,
541 const char *section,
71a61510 542 unsigned section_line,
e8e581bf
ZJS		 543 const char *lvalue,
544 int ltype,
545 const char *rvalue,
546 void *data,
547 void *userdata) {
0c85a4f3 548
3875c85b 549 const char *whole_rvalue = rvalue;
0c85a4f3 550 unsigned n = 0;
0c85a4f3
LP		 551
552 assert(filename);
553 assert(lvalue);
554 assert(rvalue);
555
fe382237 556 arg_join_controllers = strv_free_free(arg_join_controllers);
0c85a4f3 557
d4ebeb4f
FB		 558 for (;;) {
559 _cleanup_free_ char *word = NULL;
560 char **l;
561 int r;
0c85a4f3 562
d4ebeb4f 563 r = extract_first_word(&rvalue, &word, WHITESPACE, EXTRACT_QUOTES);
3875c85b
FB		 564 if (r < 0) {
565 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid value for %s: %s", lvalue, whole_rvalue);
d4ebeb4f 566 return r;
3875c85b 567 }
d4ebeb4f
FB		 568 if (r == 0)
569 break;
0c85a4f3 570
d4ebeb4f 571 l = strv_split(word, ",");
1592ec21 572 if (!l)
aa8aeac0 573 return log_oom();
0c85a4f3
LP		 574 strv_uniq(l);
575
576 if (strv_length(l) <= 1) {
577 strv_free(l);
578 continue;
579 }
580
581 if (!arg_join_controllers) {
582 arg_join_controllers = new(char**, 2);
583 if (!arg_join_controllers) {
584 strv_free(l);
14212119 585 return log_oom();
0c85a4f3
LP		 586 }
587
588 arg_join_controllers[0] = l;
589 arg_join_controllers[1] = NULL;
590
591 n = 1;
592 } else {
593 char ***a;
594 char ***t;
595
596 t = new0(char**, n+2);
597 if (!t) {
598 strv_free(l);
14212119 599 return log_oom();
0c85a4f3
LP		 600 }
601
602 n = 0;
603
604 for (a = arg_join_controllers; *a; a++) {
605
606 if (strv_overlap(*a, l)) {
e287086b 607 if (strv_extend_strv(&l, *a, false) < 0) {
0c85a4f3
LP		 608 strv_free(l);
609 strv_free_free(t);
14212119 610 return log_oom();
0c85a4f3
LP		 611 }
612
0c85a4f3
LP		 613 } else {
614 char **c;
615
616 c = strv_copy(*a);
617 if (!c) {
618 strv_free(l);
619 strv_free_free(t);
14212119 620 return log_oom();
0c85a4f3
LP		 621 }
622
623 t[n++] = c;
624 }
625 }
626
627 t[n++] = strv_uniq(l);
628
629 strv_free_free(arg_join_controllers);
630 arg_join_controllers = t;
631 }
632 }
d4ebeb4f 633 if (!isempty(rvalue))
12ca818f 634 log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
0c85a4f3
LP		 635
636 return 0;
637}
638
487393e9
LP		 639static int parse_config_file(void) {
640
f975e971 641 const ConfigTableItem items[] = {
d3b1c508
LP		 642 { "Manager", "LogLevel", config_parse_level2, 0, NULL },
643 { "Manager", "LogTarget", config_parse_target, 0, NULL },
644 { "Manager", "LogColor", config_parse_color, 0, NULL },
645 { "Manager", "LogLocation", config_parse_location, 0, NULL },
646 { "Manager", "DumpCore", config_parse_bool, 0, &arg_dump_core },
b9e74c39
LP		 647 { "Manager", "CrashChVT", /* legacy */ config_parse_crash_chvt, 0, NULL },
648 { "Manager", "CrashChangeVT", config_parse_crash_chvt, 0, NULL },
d3b1c508 649 { "Manager", "CrashShell", config_parse_bool, 0, &arg_crash_shell },
b9e74c39 650 { "Manager", "CrashReboot", config_parse_bool, 0, &arg_crash_reboot },
d3b1c508 651 { "Manager", "ShowStatus", config_parse_show_status, 0, &arg_show_status },
d3b1c508
LP		 652 { "Manager", "CPUAffinity", config_parse_cpu_affinity2, 0, NULL },
653 { "Manager", "JoinControllers", config_parse_join_controllers, 0, &arg_join_controllers },
654 { "Manager", "RuntimeWatchdogSec", config_parse_sec, 0, &arg_runtime_watchdog },
655 { "Manager", "ShutdownWatchdogSec", config_parse_sec, 0, &arg_shutdown_watchdog },
656 { "Manager", "CapabilityBoundingSet", config_parse_bounding_set, 0, &arg_capability_bounding_set_drop },
89fffa27 657#ifdef HAVE_SECCOMP
d3b1c508 658 { "Manager", "SystemCallArchitectures", config_parse_syscall_archs, 0, &arg_syscall_archs },
89fffa27 659#endif
d3b1c508 660 { "Manager", "TimerSlackNSec", config_parse_nsec, 0, &arg_timer_slack_nsec },
bd8f585b 661 { "Manager", "DefaultTimerAccuracySec", config_parse_sec, 0, &arg_default_timer_accuracy_usec },
d3b1c508
LP		 662 { "Manager", "DefaultStandardOutput", config_parse_output, 0, &arg_default_std_output },
663 { "Manager", "DefaultStandardError", config_parse_output, 0, &arg_default_std_error },
664 { "Manager", "DefaultTimeoutStartSec", config_parse_sec, 0, &arg_default_timeout_start_usec },
665 { "Manager", "DefaultTimeoutStopSec", config_parse_sec, 0, &arg_default_timeout_stop_usec },
666 { "Manager", "DefaultRestartSec", config_parse_sec, 0, &arg_default_restart_usec },
667 { "Manager", "DefaultStartLimitInterval", config_parse_sec, 0, &arg_default_start_limit_interval },
668 { "Manager", "DefaultStartLimitBurst", config_parse_unsigned, 0, &arg_default_start_limit_burst },
669 { "Manager", "DefaultEnvironment", config_parse_environ, 0, &arg_default_environment },
670 { "Manager", "DefaultLimitCPU", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CPU] },
671 { "Manager", "DefaultLimitFSIZE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_FSIZE] },
672 { "Manager", "DefaultLimitDATA", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_DATA] },
673 { "Manager", "DefaultLimitSTACK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_STACK] },
674 { "Manager", "DefaultLimitCORE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CORE] },
675 { "Manager", "DefaultLimitRSS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RSS] },
676 { "Manager", "DefaultLimitNOFILE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NOFILE] },
677 { "Manager", "DefaultLimitAS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_AS] },
678 { "Manager", "DefaultLimitNPROC", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NPROC] },
679 { "Manager", "DefaultLimitMEMLOCK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MEMLOCK] },
680 { "Manager", "DefaultLimitLOCKS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_LOCKS] },
681 { "Manager", "DefaultLimitSIGPENDING", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_SIGPENDING] },
682 { "Manager", "DefaultLimitMSGQUEUE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MSGQUEUE] },
683 { "Manager", "DefaultLimitNICE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NICE] },
684 { "Manager", "DefaultLimitRTPRIO", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTPRIO] },
685 { "Manager", "DefaultLimitRTTIME", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTTIME] },
085afe36
LP		 686 { "Manager", "DefaultCPUAccounting", config_parse_bool, 0, &arg_default_cpu_accounting },
687 { "Manager", "DefaultBlockIOAccounting", config_parse_bool, 0, &arg_default_blockio_accounting },
688 { "Manager", "DefaultMemoryAccounting", config_parse_bool, 0, &arg_default_memory_accounting },
03a7b521 689 { "Manager", "DefaultTasksAccounting", config_parse_bool, 0, &arg_default_tasks_accounting },
d3b1c508 690 {}
487393e9
LP		 691 };
692
1b907b5c 693 const char *fn, *conf_dirs_nulstr;
487393e9 694
b2c23da8
LP		 695 fn = arg_running_as == MANAGER_SYSTEM ? PKGSYSCONFDIR "/system.conf" : PKGSYSCONFDIR "/user.conf";
696 conf_dirs_nulstr = arg_running_as == MANAGER_SYSTEM ? CONF_DIRS_NULSTR("systemd/system.conf") : CONF_DIRS_NULSTR("systemd/user.conf");
1b907b5c
JT		 697 config_parse_many(fn, conf_dirs_nulstr, "Manager\0",
698 config_item_table_lookup, items, false, NULL);
487393e9 699
487393e9
LP		 700 return 0;
701}
702
06af2a04
TB		 703static void manager_set_defaults(Manager *m) {
704
705 assert(m);
706
707 m->default_timer_accuracy_usec = arg_default_timer_accuracy_usec;
708 m->default_std_output = arg_default_std_output;
709 m->default_std_error = arg_default_std_error;
710 m->default_timeout_start_usec = arg_default_timeout_start_usec;
711 m->default_timeout_stop_usec = arg_default_timeout_stop_usec;
712 m->default_restart_usec = arg_default_restart_usec;
713 m->default_start_limit_interval = arg_default_start_limit_interval;
714 m->default_start_limit_burst = arg_default_start_limit_burst;
715 m->default_cpu_accounting = arg_default_cpu_accounting;
716 m->default_blockio_accounting = arg_default_blockio_accounting;
717 m->default_memory_accounting = arg_default_memory_accounting;
03a7b521 718 m->default_tasks_accounting = arg_default_tasks_accounting;
06af2a04
TB		 719
720 manager_set_default_rlimits(m, arg_default_rlimit);
721 manager_environment_add(m, NULL, arg_default_environment);
722}
723
f170852a
LP		 724static int parse_argv(int argc, char *argv[]) {
725
726 enum {
727 ARG_LOG_LEVEL = 0x100,
728 ARG_LOG_TARGET,
bbe63281
LP		 729 ARG_LOG_COLOR,
730 ARG_LOG_LOCATION,
2f198e2f 731 ARG_UNIT,
edb9aaa8 732 ARG_SYSTEM,
af2d49f7 733 ARG_USER,
e537352b 734 ARG_TEST,
b87c2aa6 735 ARG_NO_PAGER,
9ba0bc4e 736 ARG_VERSION,
80876c20 737 ARG_DUMP_CONFIGURATION_ITEMS,
9e58ff9c 738 ARG_DUMP_CORE,
b9e74c39 739 ARG_CRASH_CHVT,
9e58ff9c 740 ARG_CRASH_SHELL,
b9e74c39 741 ARG_CRASH_REBOOT,
a16e1123 742 ARG_CONFIRM_SPAWN,
9e58ff9c 743 ARG_SHOW_STATUS,
4288f619 744 ARG_DESERIALIZE,
2660882b 745 ARG_SWITCHED_ROOT,
0a494f1f
LP		 746 ARG_DEFAULT_STD_OUTPUT,
747 ARG_DEFAULT_STD_ERROR
f170852a
LP		 748 };
749
750 static const struct option options[] = {
a16e1123
LP		 751 { "log-level", required_argument, NULL, ARG_LOG_LEVEL },
752 { "log-target", required_argument, NULL, ARG_LOG_TARGET },
bbe63281
LP		 753 { "log-color", optional_argument, NULL, ARG_LOG_COLOR },
754 { "log-location", optional_argument, NULL, ARG_LOG_LOCATION },
2f198e2f 755 { "unit", required_argument, NULL, ARG_UNIT },
edb9aaa8 756 { "system", no_argument, NULL, ARG_SYSTEM },
af2d49f7 757 { "user", no_argument, NULL, ARG_USER },
a16e1123 758 { "test", no_argument, NULL, ARG_TEST },
b87c2aa6 759 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
a16e1123 760 { "help", no_argument, NULL, 'h' },
9ba0bc4e 761 { "version", no_argument, NULL, ARG_VERSION },
a16e1123 762 { "dump-configuration-items", no_argument, NULL, ARG_DUMP_CONFIGURATION_ITEMS },
a5d87bf0 763 { "dump-core", optional_argument, NULL, ARG_DUMP_CORE },
b9e74c39 764 { "crash-chvt", required_argument, NULL, ARG_CRASH_CHVT },
a5d87bf0 765 { "crash-shell", optional_argument, NULL, ARG_CRASH_SHELL },
b9e74c39 766 { "crash-reboot", optional_argument, NULL, ARG_CRASH_REBOOT },
a5d87bf0 767 { "confirm-spawn", optional_argument, NULL, ARG_CONFIRM_SPAWN },
6e98720f 768 { "show-status", optional_argument, NULL, ARG_SHOW_STATUS },
a16e1123 769 { "deserialize", required_argument, NULL, ARG_DESERIALIZE },
2660882b 770 { "switched-root", no_argument, NULL, ARG_SWITCHED_ROOT },
0a494f1f
LP		 771 { "default-standard-output", required_argument, NULL, ARG_DEFAULT_STD_OUTPUT, },
772 { "default-standard-error", required_argument, NULL, ARG_DEFAULT_STD_ERROR, },
fb472900 773 {}
f170852a
LP		 774 };
775
776 int c, r;
777
778 assert(argc >= 1);
779 assert(argv);
780
b770165a
LP		 781 if (getpid() == 1)
782 opterr = 0;
783
099663ff 784 while ((c = getopt_long(argc, argv, "hDbsz:", options, NULL)) >= 0)
f170852a
LP		 785
786 switch (c) {
787
788 case ARG_LOG_LEVEL:
fb472900
ZJS		 789 r = log_set_max_level_from_string(optarg);
790 if (r < 0) {
f170852a
LP		 791 log_error("Failed to parse log level %s.", optarg);
792 return r;
793 }
794
795 break;
796
797 case ARG_LOG_TARGET:
fb472900
ZJS		 798 r = log_set_target_from_string(optarg);
799 if (r < 0) {
f170852a
LP		 800 log_error("Failed to parse log target %s.", optarg);
801 return r;
802 }
803
804 break;
805
bbe63281
LP		 806 case ARG_LOG_COLOR:
807
d0b170c8 808 if (optarg) {
fb472900
ZJS		 809 r = log_show_color_from_string(optarg);
810 if (r < 0) {
d0b170c8
LP		 811 log_error("Failed to parse log color setting %s.", optarg);
812 return r;
813 }
814 } else
815 log_show_color(true);
bbe63281
LP		 816
817 break;
818
819 case ARG_LOG_LOCATION:
d0b170c8 820 if (optarg) {
fb472900
ZJS		 821 r = log_show_location_from_string(optarg);
822 if (r < 0) {
d0b170c8
LP		 823 log_error("Failed to parse log location setting %s.", optarg);
824 return r;
825 }
826 } else
827 log_show_location(true);
bbe63281
LP		 828
829 break;
830
0a494f1f 831 case ARG_DEFAULT_STD_OUTPUT:
fb472900
ZJS		 832 r = exec_output_from_string(optarg);
833 if (r < 0) {
0a494f1f
LP		 834 log_error("Failed to parse default standard output setting %s.", optarg);
835 return r;
836 } else
837 arg_default_std_output = r;
838 break;
839
840 case ARG_DEFAULT_STD_ERROR:
fb472900
ZJS		 841 r = exec_output_from_string(optarg);
842 if (r < 0) {
0a494f1f
LP		 843 log_error("Failed to parse default standard error output setting %s.", optarg);
844 return r;
845 } else
846 arg_default_std_error = r;
847 break;
848
2f198e2f 849 case ARG_UNIT:
f170852a 850
e6e242ad 851 r = free_and_strdup(&arg_default_unit, optarg);
23bbb0de
MS		 852 if (r < 0)
853 return log_error_errno(r, "Failed to set default unit %s: %m", optarg);
f170852a
LP		 854
855 break;
856
edb9aaa8 857 case ARG_SYSTEM:
b2c23da8 858 arg_running_as = MANAGER_SYSTEM;
edb9aaa8 859 break;
a5dab5ce 860
af2d49f7 861 case ARG_USER:
b2c23da8 862 arg_running_as = MANAGER_USER;
a5dab5ce 863 break;
a5dab5ce 864
e965d56d 865 case ARG_TEST:
fa0f4d8a 866 arg_action = ACTION_TEST;
b87c2aa6
ZJS		 867 if (arg_no_pager < 0)
868 arg_no_pager = true;
869 break;
870
871 case ARG_NO_PAGER:
872 arg_no_pager = true;
e965d56d
LP		 873 break;
874
9ba0bc4e
ZJS		 875 case ARG_VERSION:
876 arg_action = ACTION_VERSION;
877 break;
878
e537352b 879 case ARG_DUMP_CONFIGURATION_ITEMS:
fa0f4d8a 880 arg_action = ACTION_DUMP_CONFIGURATION_ITEMS;
e537352b
LP		 881 break;
882
9e58ff9c 883 case ARG_DUMP_CORE:
b9e74c39
LP		 884 if (!optarg)
885 arg_dump_core = true;
886 else {
887 r = parse_boolean(optarg);
888 if (r < 0)
889 return log_error_errno(r, "Failed to parse dump core boolean: %s", optarg);
890 arg_dump_core = r;
a5d87bf0 891 }
b9e74c39
LP		 892 break;
893
894 case ARG_CRASH_CHVT:
895 r = parse_crash_chvt(optarg);
896 if (r < 0)
897 return log_error_errno(r, "Failed to parse crash virtual terminal index: %s", optarg);
9e58ff9c
LP		 898 break;
899
900 case ARG_CRASH_SHELL:
b9e74c39
LP		 901 if (!optarg)
902 arg_crash_shell = true;
903 else {
904 r = parse_boolean(optarg);
905 if (r < 0)
906 return log_error_errno(r, "Failed to parse crash shell boolean: %s", optarg);
907 arg_crash_shell = r;
908 }
909 break;
910
911 case ARG_CRASH_REBOOT:
912 if (!optarg)
913 arg_crash_reboot = true;
914 else {
915 r = parse_boolean(optarg);
916 if (r < 0)
917 return log_error_errno(r, "Failed to parse crash shell boolean: %s", optarg);
918 arg_crash_reboot = r;
a5d87bf0 919 }
9e58ff9c
LP		 920 break;
921
80876c20 922 case ARG_CONFIRM_SPAWN:
a5d87bf0
LP		 923 r = optarg ? parse_boolean(optarg) : 1;
924 if (r < 0) {
925 log_error("Failed to parse confirm spawn boolean %s.", optarg);
926 return r;
927 }
928 arg_confirm_spawn = r;
80876c20
LP		 929 break;
930
9e58ff9c 931 case ARG_SHOW_STATUS:
d450b6f2
ZJS		 932 if (optarg) {
933 r = parse_show_status(optarg, &arg_show_status);
934 if (r < 0) {
935 log_error("Failed to parse show status boolean %s.", optarg);
936 return r;
937 }
938 } else
939 arg_show_status = SHOW_STATUS_YES;
6e98720f 940 break;
a5d87bf0 941
a16e1123
LP		 942 case ARG_DESERIALIZE: {
943 int fd;
944 FILE *f;
945
01e10de3
LP		 946 r = safe_atoi(optarg, &fd);
947 if (r < 0 || fd < 0) {
a16e1123 948 log_error("Failed to parse deserialize option %s.", optarg);
b9e74c39 949 return -EINVAL;
a16e1123
LP		 950 }
951
b9e74c39 952 (void) fd_cloexec(fd, true);
01e10de3
LP		 953
954 f = fdopen(fd, "r");
4a62c710
MS		 955 if (!f)
956 return log_error_errno(errno, "Failed to open serialization fd: %m");
a16e1123 957
74ca738f 958 safe_fclose(arg_serialization);
d3b1c508 959 arg_serialization = f;
a16e1123
LP		 960
961 break;
962 }
963
2660882b 964 case ARG_SWITCHED_ROOT:
bf4df7c3 965 arg_switched_root = true;
d03bc1b8
HH		 966 break;
967
f170852a 968 case 'h':
fa0f4d8a 969 arg_action = ACTION_HELP;
b87c2aa6
ZJS		 970 if (arg_no_pager < 0)
971 arg_no_pager = true;
f170852a
LP		 972 break;
973
1d2e23ab
LP		 974 case 'D':
975 log_set_max_level(LOG_DEBUG);
976 break;
977
099663ff
LP		 978 case 'b':
979 case 's':
980 case 'z':
981 /* Just to eat away the sysvinit kernel
982 * cmdline args without getopt() error
983 * messages that we'll parse in
984 * parse_proc_cmdline_word() or ignore. */
f170852a 985
099663ff 986 case '?':
601185b4 987 if (getpid() != 1)
099663ff 988 return -EINVAL;
601185b4
ZJS		 989 else
990 return 0;
099663ff 991
601185b4
ZJS		 992 default:
993 assert_not_reached("Unhandled option code.");
f170852a
LP		 994 }
995
d821e6d6
LP		 996 if (optind < argc && getpid() != 1) {
997 /* Hmm, when we aren't run as init system
998 * let's complain about excess arguments */
999
1000 log_error("Excess arguments.");
1001 return -EINVAL;
1002 }
1003
f170852a
LP		 1004 return 0;
1005}
1006
1007static int help(void) {
1008
2e33c433 1009 printf("%s [OPTIONS...]\n\n"
af2d49f7 1010 "Starts up and maintains the system or user services.\n\n"
e537352b 1011 " -h --help Show this help\n"
e537352b 1012 " --test Determine startup sequence, dump it and exit\n"
b87c2aa6 1013 " --no-pager Do not pipe output into a pager\n"
80876c20 1014 " --dump-configuration-items Dump understood unit configuration items\n"
9e58ff9c 1015 " --unit=UNIT Set default unit\n"
edb9aaa8 1016 " --system Run a system instance, even if PID != 1\n"
af2d49f7 1017 " --user Run a user instance\n"
b9e74c39
LP		 1018 " --dump-core[=BOOL] Dump core on crash\n"
1019 " --crash-vt=NR Change to specified VT on crash\n"
1020 " --crash-reboot[=BOOL] Reboot on crash\n"
1021 " --crash-shell[=BOOL] Run shell on crash\n"
1022 " --confirm-spawn[=BOOL] Ask for confirmation when spawning processes\n"
1023 " --show-status[=BOOL] Show status updates on the console during bootup\n"
c1dc6153 1024 " --log-target=TARGET Set log target (console, journal, kmsg, journal-or-kmsg, null)\n"
9e58ff9c 1025 " --log-level=LEVEL Set log level (debug, info, notice, warning, err, crit, alert, emerg)\n"
b9e74c39
LP		 1026 " --log-color[=BOOL] Highlight important log messages\n"
1027 " --log-location[=BOOL] Include code location in log messages\n"
0a494f1f
LP		 1028 " --default-standard-output= Set default standard output for services\n"
1029 " --default-standard-error= Set default standard error output for services\n",
5b6319dc 1030 program_invocation_short_name);
f170852a
LP		 1031
1032 return 0;
1033}
1034
b3680f49 1035static int prepare_reexecute(Manager *m, FILE **_f, FDSet **_fds, bool switching_root) {
48b90859
LP		 1036 _cleanup_fdset_free_ FDSet *fds = NULL;
1037 _cleanup_fclose_ FILE *f = NULL;
a16e1123
LP		 1038 int r;
1039
1040 assert(m);
1041 assert(_f);
1042 assert(_fds);
1043
6b78f9b4 1044 r = manager_open_serialization(m, &f);
48b90859
LP		 1045 if (r < 0)
1046 return log_error_errno(r, "Failed to create serialization file: %m");
a16e1123 1047
71445ae7
LP		 1048 /* Make sure nothing is really destructed when we shut down */
1049 m->n_reloading ++;
718db961 1050 bus_manager_send_reloading(m, true);
71445ae7 1051
6b78f9b4 1052 fds = fdset_new();
48b90859
LP		 1053 if (!fds)
1054 return log_oom();
a16e1123 1055
b3680f49 1056 r = manager_serialize(m, f, fds, switching_root);
48b90859
LP		 1057 if (r < 0)
1058 return log_error_errno(r, "Failed to serialize state: %m");
a16e1123 1059
48b90859
LP		 1060 if (fseeko(f, 0, SEEK_SET) == (off_t) -1)
1061 return log_error_errno(errno, "Failed to rewind serialization fd: %m");
a16e1123 1062
6b78f9b4 1063 r = fd_cloexec(fileno(f), false);
48b90859
LP		 1064 if (r < 0)
1065 return log_error_errno(r, "Failed to disable O_CLOEXEC for serialization: %m");
a16e1123 1066
6b78f9b4 1067 r = fdset_cloexec(fds, false);
48b90859
LP		 1068 if (r < 0)
1069 return log_error_errno(r, "Failed to disable O_CLOEXEC for serialization fds: %m");
a16e1123
LP		 1070
1071 *_f = f;
1072 *_fds = fds;
1073
48b90859
LP		 1074 f = NULL;
1075 fds = NULL;
a16e1123 1076
48b90859 1077 return 0;
a16e1123
LP		 1078}
1079
4096d6f5
LP		 1080static int bump_rlimit_nofile(struct rlimit *saved_rlimit) {
1081 struct rlimit nl;
1082 int r;
1083
1084 assert(saved_rlimit);
1085
1086 /* Save the original RLIMIT_NOFILE so that we can reset it
1087 * later when transitioning from the initrd to the main
1088 * systemd or suchlike. */
4a62c710
MS		 1089 if (getrlimit(RLIMIT_NOFILE, saved_rlimit) < 0)
1090 return log_error_errno(errno, "Reading RLIMIT_NOFILE failed: %m");
4096d6f5
LP		 1091
1092 /* Make sure forked processes get the default kernel setting */
1093 if (!arg_default_rlimit[RLIMIT_NOFILE]) {
1094 struct rlimit *rl;
1095
1096 rl = newdup(struct rlimit, saved_rlimit, 1);
1097 if (!rl)
1098 return log_oom();
1099
1100 arg_default_rlimit[RLIMIT_NOFILE] = rl;
1101 }
1102
1103 /* Bump up the resource limit for ourselves substantially */
1104 nl.rlim_cur = nl.rlim_max = 64*1024;
1105 r = setrlimit_closest(RLIMIT_NOFILE, &nl);
23bbb0de
MS		 1106 if (r < 0)
1107 return log_error_errno(r, "Setting RLIMIT_NOFILE failed: %m");
4096d6f5
LP		 1108
1109 return 0;
1110}
1111
6ee5bbf8 1112static void test_mtab(void) {
6ee5bbf8 1113
5b4c0131
LP		 1114 static const char ok[] =
1115 "/proc/self/mounts\0"
1116 "/proc/mounts\0"
1117 "../proc/self/mounts\0"
1118 "../proc/mounts\0";
80758717 1119
5b4c0131
LP		 1120 _cleanup_free_ char *p = NULL;
1121 int r;
6ee5bbf8 1122
5b4c0131
LP		 1123 /* Check that /etc/mtab is a symlink to the right place or
1124 * non-existing. But certainly not a file, or a symlink to
1125 * some weird place... */
6ee5bbf8 1126
5b4c0131
LP		 1127 r = readlink_malloc("/etc/mtab", &p);
1128 if (r == -ENOENT)
1129 return;
1130 if (r >= 0 && nulstr_contains(ok, p))
1131 return;
6ee5bbf8 1132
bcce7187
DM		 1133 log_error("/etc/mtab is not a symlink or not pointing to /proc/self/mounts. "
1134 "This is not supported anymore. "
f7cd3d5f 1135 "Please replace /etc/mtab with a symlink to /proc/self/mounts.");
b9e74c39 1136 freeze_or_reboot();
80758717
LP		 1137}
1138
1139static void test_usr(void) {
80758717 1140
ed1c99fc 1141 /* Check that /usr is not a separate fs */
80758717 1142
871c44a7
LP		 1143 if (dir_is_empty("/usr") <= 0)
1144 return;
1145
8b173b5e 1146 log_warning("/usr appears to be on its own filesystem and is not already mounted. This is not a supported setup. "
871c44a7
LP		 1147 "Some things will probably break (sometimes even silently) in mysterious ways. "
1148 "Consult http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken for more information.");
1149}
1150
a07fdfa3
LP		 1151static int initialize_join_controllers(void) {
1152 /* By default, mount "cpu" + "cpuacct" together, and "net_cls"
1153 * + "net_prio". We'd like to add "cpuset" to the mix, but
f131770b 1154 * "cpuset" doesn't really work for groups with no initialized
a07fdfa3
LP		 1155 * attributes. */
1156
1157 arg_join_controllers = new(char**, 3);
1158 if (!arg_join_controllers)
1159 return -ENOMEM;
1160
1161 arg_join_controllers[0] = strv_new("cpu", "cpuacct", NULL);
fe382237
LP		 1162 if (!arg_join_controllers[0])
1163 goto oom;
a6b26d90 1164
fe382237
LP		 1165 arg_join_controllers[1] = strv_new("net_cls", "net_prio", NULL);
1166 if (!arg_join_controllers[1])
1167 goto oom;
a07fdfa3 1168
fe382237 1169 arg_join_controllers[2] = NULL;
a07fdfa3 1170 return 0;
fe382237
LP		 1171
1172oom:
1173 arg_join_controllers = strv_free_free(arg_join_controllers);
1174 return -ENOMEM;
a07fdfa3
LP		 1175}
1176
d3b1c508
LP		 1177static int enforce_syscall_archs(Set *archs) {
1178#ifdef HAVE_SECCOMP
1179 scmp_filter_ctx *seccomp;
1180 Iterator i;
1181 void *id;
1182 int r;
1183
1184 seccomp = seccomp_init(SCMP_ACT_ALLOW);
1185 if (!seccomp)
1186 return log_oom();
1187
1188 SET_FOREACH(id, arg_syscall_archs, i) {
1189 r = seccomp_arch_add(seccomp, PTR_TO_UINT32(id) - 1);
1190 if (r == -EEXIST)
1191 continue;
1192 if (r < 0) {
da927ba9 1193 log_error_errno(r, "Failed to add architecture to seccomp: %m");
d3b1c508
LP		 1194 goto finish;
1195 }
1196 }
1197
8a8bf3c0
LP		 1198 r = seccomp_attr_set(seccomp, SCMP_FLTATR_CTL_NNP, 0);
1199 if (r < 0) {
da927ba9 1200 log_error_errno(r, "Failed to unset NO_NEW_PRIVS: %m");
8a8bf3c0
LP		 1201 goto finish;
1202 }
1203
d3b1c508
LP		 1204 r = seccomp_load(seccomp);
1205 if (r < 0)
da927ba9 1206 log_error_errno(r, "Failed to add install architecture seccomp: %m");
d3b1c508
LP		 1207
1208finish:
1209 seccomp_release(seccomp);
1210 return r;
1211#else
1212 return 0;
1213#endif
1214}
1215
b6e2f329
LP		 1216static int status_welcome(void) {
1217 _cleanup_free_ char *pretty_name = NULL, *ansi_color = NULL;
1218 int r;
1219
1220 r = parse_env_file("/etc/os-release", NEWLINE,
1221 "PRETTY_NAME", &pretty_name,
1222 "ANSI_COLOR", &ansi_color,
1223 NULL);
ece174c5 1224 if (r == -ENOENT)
5ae4d543
LP		 1225 r = parse_env_file("/usr/lib/os-release", NEWLINE,
1226 "PRETTY_NAME", &pretty_name,
1227 "ANSI_COLOR", &ansi_color,
1228 NULL);
b6e2f329
LP		 1229
1230 if (r < 0 && r != -ENOENT)
da927ba9 1231 log_warning_errno(r, "Failed to read os-release file: %m");
b6e2f329
LP		 1232
1233 return status_printf(NULL, false, false,
1234 "\nWelcome to \x1B[%sm%s\x1B[0m!\n",
1235 isempty(ansi_color) ? "1" : ansi_color,
1236 isempty(pretty_name) ? "Linux" : pretty_name);
1237}
1238
fdd25311
LP		 1239static int write_container_id(void) {
1240 const char *c;
1241
1242 c = getenv("container");
1243 if (isempty(c))
1244 return 0;
1245
4c1fc3e4 1246 return write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE);
fdd25311
LP		 1247}
1248
60918275
LP		 1249int main(int argc, char *argv[]) {
1250 Manager *m = NULL;
22f4096c 1251 int r, retval = EXIT_FAILURE;
9d76d730
LP		 1252 usec_t before_startup, after_startup;
1253 char timespan[FORMAT_TIMESPAN_MAX];
a16e1123
LP		 1254 FDSet *fds = NULL;
1255 bool reexecute = false;
b9080b03 1256 const char *shutdown_verb = NULL;
86caf095
LP		 1257 dual_timestamp initrd_timestamp = DUAL_TIMESTAMP_NULL;
1258 dual_timestamp userspace_timestamp = DUAL_TIMESTAMP_NULL;
1259 dual_timestamp kernel_timestamp = DUAL_TIMESTAMP_NULL;
1260 dual_timestamp security_start_timestamp = DUAL_TIMESTAMP_NULL;
1261 dual_timestamp security_finish_timestamp = DUAL_TIMESTAMP_NULL;
5d6b1584 1262 static char systemd[] = "systemd";
2660882b 1263 bool skip_setup = false;
d3b1c508 1264 unsigned j;
0b3325e7 1265 bool loaded_policy = false;
e96d6be7 1266 bool arm_reboot_watchdog = false;
bf4df7c3 1267 bool queue_default_job = false;
5f5c2f38 1268 bool empty_etc = false;
41669317 1269 char *switch_root_dir = NULL, *switch_root_init = NULL;
86caf095 1270 struct rlimit saved_rlimit_nofile = RLIMIT_MAKE_CONST(0);
cb6531be 1271 const char *error_message = NULL;
27b14a22 1272
058dc6f3 1273#ifdef HAVE_SYSV_COMPAT
2cb1a60d 1274 if (getpid() != 1 && strstr(program_invocation_short_name, "init")) {
35b8ca3a 1275 /* This is compatibility support for SysV, where
2cb1a60d
LP		 1276 * calling init as a user is identical to telinit. */
1277
1278 errno = -ENOENT;
1279 execv(SYSTEMCTL_BINARY_PATH, argv);
56f64d95 1280 log_error_errno(errno, "Failed to exec " SYSTEMCTL_BINARY_PATH ": %m");
2cb1a60d
LP		 1281 return 1;
1282 }
058dc6f3 1283#endif
2cb1a60d 1284
c3a170f3
HH		 1285 dual_timestamp_from_monotonic(&kernel_timestamp, 0);
1286 dual_timestamp_get(&userspace_timestamp);
1287
0b3325e7
LP		 1288 /* Determine if this is a reexecution or normal bootup. We do
1289 * the full command line parsing much later, so let's just
1290 * have a quick peek here. */
db813c2a
LP		 1291 if (strv_find(argv+1, "--deserialize"))
1292 skip_setup = true;
0b3325e7 1293
2660882b
LP		 1294 /* If we have switched root, do all the special setup
1295 * things */
db813c2a
LP		 1296 if (strv_find(argv+1, "--switched-root"))
1297 skip_setup = false;
d03bc1b8 1298
f3b6a3ed
LP		 1299 /* If we get started via the /sbin/init symlink then we are
1300 called 'init'. After a subsequent reexecution we are then
1301 called 'systemd'. That is confusing, hence let's call us
1302 systemd right-away. */
f3b6a3ed
LP		 1303 program_invocation_short_name = systemd;
1304 prctl(PR_SET_NAME, systemd);
5d6b1584 1305
9a0e6896
LP		 1306 saved_argv = argv;
1307 saved_argc = argc;
f3b6a3ed 1308
2cc59dbf 1309 log_show_color(isatty(STDERR_FILENO) > 0);
c1dc6153 1310 log_set_upgrade_syslog_to_journal(true);
bbe63281 1311
90dc8c2e
MG		 1312 /* Disable the umask logic */
1313 if (getpid() == 1)
1314 umask(0);
1315
75f86906 1316 if (getpid() == 1 && detect_container() <= 0) {
4f8d551f 1317
a866073d 1318 /* Running outside of a container as PID 1 */
b2c23da8 1319 arg_running_as = MANAGER_SYSTEM;
a866073d
LP		 1320 make_null_stdio();
1321 log_set_target(LOG_TARGET_KMSG);
1322 log_open();
1323
21bf2ab0 1324 if (in_initrd())
c3a170f3 1325 initrd_timestamp = userspace_timestamp;
c3ba6250 1326
2660882b 1327 if (!skip_setup) {
8f838d8a 1328 mount_setup_early();
c2e0d600 1329 dual_timestamp_get(&security_start_timestamp);
cb6531be
ZJS		 1330 if (mac_selinux_setup(&loaded_policy) < 0) {
1331 error_message = "Failed to load SELinux policy";
0b3325e7 1332 goto finish;
cb6531be
ZJS		 1333 } else if (ima_setup() < 0) {
1334 error_message = "Failed to load IMA policy";
81611586 1335 goto finish;
cb6531be
ZJS		 1336 } else if (mac_smack_setup(&loaded_policy) < 0) {
1337 error_message = "Failed to load SMACK policy";
ffbd2c4d 1338 goto finish;
cb6531be 1339 }
c2e0d600 1340 dual_timestamp_get(&security_finish_timestamp);
81611586 1341 }
0b3325e7 1342
cb6531be
ZJS		 1343 if (mac_selinux_init(NULL) < 0) {
1344 error_message = "Failed to initialize SELinux policy";
0ff4cdd9 1345 goto finish;
cb6531be 1346 }
7948c4df 1347
72edcff5 1348 if (!skip_setup) {
24efb112 1349 if (clock_is_localtime() > 0) {
0b3325e7 1350 int min;
7948c4df 1351
c264aeab
KS		 1352 /*
1353 * The very first call of settimeofday() also does a time warp in the kernel.
1354 *
1355 * In the rtc-in-local time mode, we set the kernel's timezone, and rely on
1356 * external tools to take care of maintaining the RTC and do all adjustments.
1357 * This matches the behavior of Windows, which leaves the RTC alone if the
1358 * registry tells that the RTC runs in UTC.
1359 */
24efb112 1360 r = clock_set_timezone(&min);
0b3325e7 1361 if (r < 0)
da927ba9 1362 log_error_errno(r, "Failed to apply local time delta, ignoring: %m");
0b3325e7
LP		 1363 else
1364 log_info("RTC configured in localtime, applying delta of %i minutes to system time.", min);
19e65613
KS		 1365 } else if (!in_initrd()) {
1366 /*
c264aeab 1367 * Do a dummy very first call to seal the kernel's time warp magic.
19e65613
KS		 1368 *
1369 * Do not call this this from inside the initrd. The initrd might not
1370 * carry /etc/adjtime with LOCAL, but the real system could be set up
1371 * that way. In such case, we need to delay the time-warp or the sealing
1372 * until we reach the real system.
c264aeab
KS		 1373 *
1374 * Do no set the kernel's timezone. The concept of local time cannot
1375 * be supported reliably, the time will jump or be incorrect at every daylight
1376 * saving time change. All kernel local time concepts will be treated
1377 * as UTC that way.
19e65613 1378 */
c264aeab 1379 clock_reset_timewarp();
72edcff5
KS		 1380 }
1381 }
a866073d
LP		 1382
1383 /* Set the default for later on, but don't actually
1384 * open the logs like this for now. Note that if we
1385 * are transitioning from the initrd there might still
1386 * be journal fd open, and we shouldn't attempt
1387 * opening that before we parsed /proc/cmdline which
1388 * might redirect output elsewhere. */
1389 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
1390
1391 } else if (getpid() == 1) {
a866073d 1392 /* Running inside a container, as PID 1 */
b2c23da8 1393 arg_running_as = MANAGER_SYSTEM;
a866073d 1394 log_set_target(LOG_TARGET_CONSOLE);
99f09825 1395 log_close_console(); /* force reopen of /dev/console */
a866073d
LP		 1396 log_open();
1397
1398 /* For the later on, see above... */
1399 log_set_target(LOG_TARGET_JOURNAL);
1400
c3a170f3
HH		 1401 /* clear the kernel timestamp,
1402 * because we are in a container */
1403 kernel_timestamp.monotonic = 0ULL;
1404 kernel_timestamp.realtime = 0ULL;
a866073d 1405
c3a170f3 1406 } else {
a866073d 1407 /* Running as user instance */
b2c23da8 1408 arg_running_as = MANAGER_USER;
eeecf6e6 1409 log_set_target(LOG_TARGET_AUTO);
871e5809 1410 log_open();
c3a170f3
HH		 1411
1412 /* clear the kernel timestamp,
1413 * because we are not PID 1 */
6513d561 1414 kernel_timestamp = DUAL_TIMESTAMP_NULL;
bbe63281 1415 }
a5dab5ce 1416
0c85a4f3 1417 /* Initialize default unit */
e6e242ad 1418 r = free_and_strdup(&arg_default_unit, SPECIAL_DEFAULT_TARGET);
6afa301b 1419 if (r < 0) {
da927ba9 1420 log_emergency_errno(r, "Failed to set default unit %s: %m", SPECIAL_DEFAULT_TARGET);
cb6531be 1421 error_message = "Failed to set default unit";
f170852a 1422 goto finish;
14212119 1423 }
60918275 1424
a07fdfa3 1425 r = initialize_join_controllers();
cb6531be 1426 if (r < 0) {
ff9b60f3 1427 error_message = "Failed to initialize cgroup controllers";
0c85a4f3 1428 goto finish;
cb6531be 1429 }
0c85a4f3 1430
f170852a
LP		 1431 /* Mount /proc, /sys and friends, so that /proc/cmdline and
1432 * /proc/$PID/fd is available. */
c1dae1b3 1433 if (getpid() == 1) {
f84f9974
LP		 1434
1435 /* Load the kernel modules early, so that we kdbus.ko is loaded before kdbusfs shall be mounted */
2e75e2a8
DM		 1436 if (!skip_setup)
1437 kmod_setup();
2e75e2a8 1438
0c85a4f3 1439 r = mount_setup(loaded_policy);
cb6531be
ZJS		 1440 if (r < 0) {
1441 error_message = "Failed to mount API filesystems";
8efe3c01 1442 goto finish;
cb6531be 1443 }
0c85a4f3 1444 }
4ade7963
LP		 1445
1446 /* Reset all signal handlers. */
ce30c8dc
LP		 1447 (void) reset_all_signal_handlers();
1448 (void) ignore_signals(SIGNALS_IGNORE, -1);
078e4539 1449
cb6531be
ZJS		 1450 if (parse_config_file() < 0) {
1451 error_message = "Failed to parse config file";
487393e9 1452 goto finish;
cb6531be 1453 }
487393e9 1454
b2c23da8 1455 if (arg_running_as == MANAGER_SYSTEM) {
b5884878
LP		 1456 r = parse_proc_cmdline(parse_proc_cmdline_item);
1457 if (r < 0)
da927ba9 1458 log_warning_errno(r, "Failed to parse kernel command line, ignoring: %m");
b5884878 1459 }
f170852a 1460
1de1c9c3
LP		 1461 /* Note that this also parses bits from the kernel command
1462 * line, including "debug". */
f170852a
LP		 1463 log_parse_environment();
1464
cb6531be
ZJS		 1465 if (parse_argv(argc, argv) < 0) {
1466 error_message = "Failed to parse commandline arguments";
f170852a 1467 goto finish;
cb6531be 1468 }
f170852a 1469
6bae23a0
TB		 1470 if (arg_action == ACTION_TEST &&
1471 geteuid() == 0) {
b5c6cf87
LP		 1472 log_error("Don't run test mode as root.");
1473 goto finish;
1474 }
1475
b2c23da8 1476 if (arg_running_as == MANAGER_USER &&
6bae23a0
TB		 1477 arg_action == ACTION_RUN &&
1478 sd_booted() <= 0) {
1479 log_error("Trying to run as user instance, but the system has not been booted with systemd.");
1480 goto finish;
1481 }
1482
b2c23da8 1483 if (arg_running_as == MANAGER_SYSTEM &&
fe783b03
LP		 1484 arg_action == ACTION_RUN &&
1485 running_in_chroot() > 0) {
1486 log_error("Cannot be run in a chroot() environment.");
1487 goto finish;
1488 }
1489
0d8c31ff
ZJS		 1490 if (arg_action == ACTION_TEST)
1491 skip_setup = true;
1492
b87c2aa6
ZJS		 1493 pager_open_if_enabled();
1494
fa0f4d8a 1495 if (arg_action == ACTION_HELP) {
f170852a
LP		 1496 retval = help();
1497 goto finish;
9ba0bc4e
ZJS		 1498 } else if (arg_action == ACTION_VERSION) {
1499 retval = version();
1500 goto finish;
fa0f4d8a 1501 } else if (arg_action == ACTION_DUMP_CONFIGURATION_ITEMS) {
e537352b 1502 unit_dump_config_items(stdout);
22f4096c 1503 retval = EXIT_SUCCESS;
e537352b 1504 goto finish;
fa0f4d8a 1505 } else if (arg_action == ACTION_DONE) {
22f4096c 1506 retval = EXIT_SUCCESS;
4288f619 1507 goto finish;
f170852a
LP		 1508 }
1509
b2c23da8 1510 if (arg_running_as == MANAGER_USER &&
8be28fb1
KS		 1511 !getenv("XDG_RUNTIME_DIR")) {
1512 log_error("Trying to run as user instance, but $XDG_RUNTIME_DIR is not set.");
1513 goto finish;
1514 }
1515
fa0f4d8a 1516 assert_se(arg_action == ACTION_RUN || arg_action == ACTION_TEST);
f170852a 1517
871e5809
LP		 1518 /* Close logging fds, in order not to confuse fdset below */
1519 log_close();
1520
a16e1123 1521 /* Remember open file descriptors for later deserialization */
01e10de3
LP		 1522 r = fdset_new_fill(&fds);
1523 if (r < 0) {
da927ba9 1524 log_emergency_errno(r, "Failed to allocate fd set: %m");
cb6531be 1525 error_message = "Failed to allocate fd set";
01e10de3
LP		 1526 goto finish;
1527 } else
1528 fdset_cloexec(fds, true);
a16e1123 1529
d3b1c508
LP		 1530 if (arg_serialization)
1531 assert_se(fdset_remove(fds, fileno(arg_serialization)) >= 0);
a16e1123 1532
b2c23da8 1533 if (arg_running_as == MANAGER_SYSTEM)
80876c20
LP		 1534 /* Become a session leader if we aren't one yet. */
1535 setsid();
4ade7963 1536
befb5b6a 1537 /* Move out of the way, so that we won't block unmounts */
d250afe7 1538 assert_se(chdir("/") == 0);
befb5b6a 1539
2146621b
LP		 1540 /* Reset the console, but only if this is really init and we
1541 * are freshly booted */
b2c23da8 1542 if (arg_running_as == MANAGER_SYSTEM && arg_action == ACTION_RUN) {
56d96fc0
LP		 1543
1544 /* If we are init, we connect stdin/stdout/stderr to
1545 * /dev/null and make sure we don't have a controlling
1546 * tty. */
1547 release_terminal();
1548
1549 if (getpid() == 1 && !skip_setup)
1550 console_setup();
1551 }
4ade7963 1552
18149b9f 1553 /* Open the logging devices, if possible and necessary */
843d2643 1554 log_open();
4ade7963 1555
b6e2f329
LP		 1556 if (arg_show_status == _SHOW_STATUS_UNSET)
1557 arg_show_status = SHOW_STATUS_YES;
1558
5373d602
LP		 1559 /* Make sure we leave a core dump without panicing the
1560 * kernel. */
ab422445 1561 if (getpid() == 1) {
4fc935ca 1562 install_crash_handler();
97c4f35c 1563
0c85a4f3
LP		 1564 r = mount_cgroup_controllers(arg_join_controllers);
1565 if (r < 0)
1566 goto finish;
1567 }
1568
b2c23da8 1569 if (arg_running_as == MANAGER_SYSTEM) {
75f86906 1570 int v;
c20f5ac7 1571
0d8c31ff
ZJS		 1572 log_info(PACKAGE_STRING " running in %ssystem mode. (" SYSTEMD_FEATURES ")",
1573 arg_action == ACTION_TEST ? "test " : "" );
c20f5ac7 1574
75f86906
LP		 1575 v = detect_virtualization();
1576 if (v > 0)
1577 log_info("Detected virtualization %s.", virtualization_to_string(v));
c20f5ac7 1578
fdd25311
LP		 1579 write_container_id();
1580
d3f86679 1581 log_info("Detected architecture %s.", architecture_to_string(uname_architecture()));
d9d93745 1582
26a1efdf
LP		 1583 if (in_initrd())
1584 log_info("Running in initial RAM disk.");
1585
3408ba01
LP		 1586 /* Let's check whether /etc is already populated. We
1587 * don't actually really check for that, but use
1588 * /etc/machine-id as flag file. This allows container
1589 * managers and installers to provision a couple of
1590 * files already. If the container manager wants to
1591 * provision the machine ID itself it should pass
ee33e53a 1592 * $container_uuid to PID 1. */
3408ba01 1593
baa1bdf7 1594 empty_etc = access("/etc/machine-id", F_OK) < 0;
5f5c2f38
LP		 1595 if (empty_etc)
1596 log_info("Running with unpopulated /etc.");
d8160f21 1597 } else {
1f97091d
LP		 1598 _cleanup_free_ char *t;
1599
1600 t = uid_to_name(getuid());
0d8c31ff
ZJS		 1601 log_debug(PACKAGE_STRING " running in %suser mode for user "UID_FMT"/%s. (" SYSTEMD_FEATURES ")",
1602 arg_action == ACTION_TEST ? " test" : "", getuid(), t);
d8160f21 1603 }
a5dab5ce 1604
b2c23da8 1605 if (arg_running_as == MANAGER_SYSTEM && !skip_setup) {
031886ed 1606 if (arg_show_status > 0)
888c6216
LP		 1607 status_welcome();
1608
888c6216 1609 hostname_setup();
489388fb 1610 machine_id_setup(NULL);
888c6216 1611 loopback_setup();
490aed58 1612
6ee5bbf8 1613 test_mtab();
80758717 1614 test_usr();
af5bc85d 1615 }
302e8c4c 1616
b2c23da8 1617 if (arg_running_as == MANAGER_SYSTEM && arg_runtime_watchdog > 0)
e96d6be7
LP		 1618 watchdog_set_timeout(&arg_runtime_watchdog);
1619
3a43da28 1620 if (arg_timer_slack_nsec != NSEC_INFINITY)
aa0f64ac 1621 if (prctl(PR_SET_TIMERSLACK, arg_timer_slack_nsec) < 0)
56f64d95 1622 log_error_errno(errno, "Failed to adjust timer slack: %m");
aa0f64ac 1623
ec8927ca 1624 if (arg_capability_bounding_set_drop) {
31c885e9 1625 r = capability_bounding_set_drop_usermode(arg_capability_bounding_set_drop);
ec8927ca 1626 if (r < 0) {
da927ba9 1627 log_emergency_errno(r, "Failed to drop capability bounding set of usermode helpers: %m");
cb6531be 1628 error_message = "Failed to drop capability bounding set of usermode helpers";
ec8927ca
LP		 1629 goto finish;
1630 }
31c885e9 1631 r = capability_bounding_set_drop(arg_capability_bounding_set_drop, true);
939b8f14 1632 if (r < 0) {
da927ba9 1633 log_emergency_errno(r, "Failed to drop capability bounding set: %m");
cb6531be 1634 error_message = "Failed to drop capability bounding set";
939b8f14
LP		 1635 goto finish;
1636 }
ec8927ca
LP		 1637 }
1638
d3b1c508
LP		 1639 if (arg_syscall_archs) {
1640 r = enforce_syscall_archs(arg_syscall_archs);
cb6531be
ZJS		 1641 if (r < 0) {
1642 error_message = "Failed to set syscall architectures";
d3b1c508 1643 goto finish;
cb6531be 1644 }
d3b1c508
LP		 1645 }
1646
61b9b203 1647 if (arg_running_as == MANAGER_USER)
d4447f4d 1648 /* Become reaper of our children */
61b9b203 1649 if (prctl(PR_SET_CHILD_SUBREAPER, 1) < 0)
56f64d95 1650 log_warning_errno(errno, "Failed to make us a subreaper: %m");
d4447f4d 1651
b2c23da8 1652 if (arg_running_as == MANAGER_SYSTEM) {
4096d6f5
LP		 1653 bump_rlimit_nofile(&saved_rlimit_nofile);
1654
5f5c2f38 1655 if (empty_etc) {
304b3079 1656 r = unit_file_preset_all(UNIT_FILE_SYSTEM, false, NULL, UNIT_FILE_PRESET_ENABLE_ONLY, false, NULL, 0);
5f5c2f38 1657 if (r < 0)
da927ba9 1658 log_warning_errno(r, "Failed to populate /etc with preset unit settings, ignoring: %m");
5f5c2f38
LP		 1659 else
1660 log_info("Populated /etc with preset unit settings.");
1661 }
1662 }
1663
0d8c31ff 1664 r = manager_new(arg_running_as, arg_action == ACTION_TEST, &m);
e96d6be7 1665 if (r < 0) {
da927ba9 1666 log_emergency_errno(r, "Failed to allocate manager object: %m");
cb6531be 1667 error_message = "Failed to allocate manager object";
60918275
LP		 1668 goto finish;
1669 }
1670
9e58ff9c 1671 m->confirm_spawn = arg_confirm_spawn;
e96d6be7
LP		 1672 m->runtime_watchdog = arg_runtime_watchdog;
1673 m->shutdown_watchdog = arg_shutdown_watchdog;
c3a170f3
HH		 1674 m->userspace_timestamp = userspace_timestamp;
1675 m->kernel_timestamp = kernel_timestamp;
c3a170f3 1676 m->initrd_timestamp = initrd_timestamp;
c2e0d600
TA		 1677 m->security_start_timestamp = security_start_timestamp;
1678 m->security_finish_timestamp = security_finish_timestamp;
9e58ff9c 1679
06af2a04 1680 manager_set_defaults(m);
27d340c7 1681 manager_set_show_status(m, arg_show_status);
e2680723 1682 manager_set_first_boot(m, empty_etc);
27d340c7 1683
bf4df7c3 1684 /* Remember whether we should queue the default job */
d3b1c508 1685 queue_default_job = !arg_serialization || arg_switched_root;
bf4df7c3 1686
9d76d730
LP		 1687 before_startup = now(CLOCK_MONOTONIC);
1688
d3b1c508 1689 r = manager_startup(m, arg_serialization, fds);
e96d6be7 1690 if (r < 0)
da927ba9 1691 log_error_errno(r, "Failed to fully start up daemon: %m");
a16e1123 1692
bf4df7c3
LP		 1693 /* This will close all file descriptors that were opened, but
1694 * not claimed by any unit. */
2feceb5e 1695 fds = fdset_free(fds);
f50e0a01 1696
74ca738f 1697 arg_serialization = safe_fclose(arg_serialization);
bf4df7c3
LP		 1698
1699 if (queue_default_job) {
718db961 1700 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1c27d3f3 1701 Unit *target = NULL;
bacbccb7 1702 Job *default_unit_job;
398ef8ba 1703
fa0f4d8a 1704 log_debug("Activating default unit: %s", arg_default_unit);
a16e1123 1705
e96d6be7 1706 r = manager_load_unit(m, arg_default_unit, NULL, &error, &target);
718db961
LP		 1707 if (r < 0)
1708 log_error("Failed to load default target: %s", bus_error_message(&error, r));
1709 else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND)
c33b3297 1710 log_error_errno(target->load_error, "Failed to load default target: %m");
ac155bb8 1711 else if (target->load_state == UNIT_MASKED)
6daf4f90 1712 log_error("Default target masked.");
27b14a22 1713
ac155bb8 1714 if (!target || target->load_state != UNIT_LOADED) {
a16e1123 1715 log_info("Trying to load rescue target...");
1c27d3f3 1716
e96d6be7
LP		 1717 r = manager_load_unit(m, SPECIAL_RESCUE_TARGET, NULL, &error, &target);
1718 if (r < 0) {
4104970e 1719 log_emergency("Failed to load rescue target: %s", bus_error_message(&error, r));
cb6531be 1720 error_message = "Failed to load rescue target";
a16e1123 1721 goto finish;
11ddb6f4 1722 } else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND) {
c33b3297 1723 log_emergency_errno(target->load_error, "Failed to load rescue target: %m");
cb6531be 1724 error_message = "Failed to load rescue target";
1c27d3f3 1725 goto finish;
ac155bb8 1726 } else if (target->load_state == UNIT_MASKED) {
4104970e 1727 log_emergency("Rescue target masked.");
cb6531be 1728 error_message = "Rescue target masked";
00dc5d76 1729 goto finish;
a16e1123
LP		 1730 }
1731 }
37d88da7 1732
ac155bb8 1733 assert(target->load_state == UNIT_LOADED);
00dc5d76 1734
fa0f4d8a 1735 if (arg_action == ACTION_TEST) {
40d50879 1736 printf("-> By units:\n");
a16e1123
LP		 1737 manager_dump_units(m, stdout, "\t");
1738 }
1739
95f1b47d 1740 r = manager_add_job(m, JOB_START, target, JOB_ISOLATE, false, &error, &default_unit_job);
ab17a050 1741 if (r == -EPERM) {
718db961 1742 log_debug("Default target could not be isolated, starting instead: %s", bus_error_message(&error, r));
ab17a050
LP		 1743
1744 r = manager_add_job(m, JOB_START, target, JOB_REPLACE, false, &error, &default_unit_job);
1745 if (r < 0) {
4104970e 1746 log_emergency("Failed to start default target: %s", bus_error_message(&error, r));
cb6531be 1747 error_message = "Failed to start default target";
ab17a050
LP		 1748 goto finish;
1749 }
1750 } else if (r < 0) {
4104970e 1751 log_emergency("Failed to isolate default target: %s", bus_error_message(&error, r));
cb6531be 1752 error_message = "Failed to isolate default target";
37d88da7
LP		 1753 goto finish;
1754 }
ab17a050 1755
bacbccb7 1756 m->default_unit_job_id = default_unit_job->id;
60918275 1757
07672f49
LP		 1758 after_startup = now(CLOCK_MONOTONIC);
1759 log_full(arg_action == ACTION_TEST ? LOG_INFO : LOG_DEBUG,
1760 "Loaded units and determined initial transaction in %s.",
fdb14b7e 1761 format_timespan(timespan, sizeof(timespan), after_startup - before_startup, 100 * USEC_PER_MSEC));
07672f49 1762
fa0f4d8a 1763 if (arg_action == ACTION_TEST) {
40d50879 1764 printf("-> By jobs:\n");
a16e1123 1765 manager_dump_jobs(m, stdout, "\t");
22f4096c 1766 retval = EXIT_SUCCESS;
a16e1123
LP		 1767 goto finish;
1768 }
e965d56d 1769 }
d46de8a1 1770
a16e1123 1771 for (;;) {
e96d6be7
LP		 1772 r = manager_loop(m);
1773 if (r < 0) {
da927ba9 1774 log_emergency_errno(r, "Failed to run main loop: %m");
cb6531be 1775 error_message = "Failed to run main loop";
a16e1123
LP		 1776 goto finish;
1777 }
11dd41ce 1778
a16e1123 1779 switch (m->exit_code) {
e965d56d 1780
a16e1123 1781 case MANAGER_RELOAD:
e015090f 1782 log_info("Reloading.");
06af2a04
TB		 1783
1784 r = parse_config_file();
1785 if (r < 0)
1786 log_error("Failed to parse config file.");
1787
1788 manager_set_defaults(m);
1789
e96d6be7
LP		 1790 r = manager_reload(m);
1791 if (r < 0)
da927ba9 1792 log_error_errno(r, "Failed to reload: %m");
a16e1123 1793 break;
cea8e32e 1794
a16e1123 1795 case MANAGER_REEXECUTE:
664f88a7 1796
cb6531be 1797 if (prepare_reexecute(m, &arg_serialization, &fds, false) < 0) {
6b9af963 1798 error_message = "Failed to prepare for reexecution";
a16e1123 1799 goto finish;
cb6531be 1800 }
60918275 1801
a16e1123 1802 reexecute = true;
e015090f 1803 log_notice("Reexecuting.");
a16e1123
LP		 1804 goto finish;
1805
664f88a7
LP		 1806 case MANAGER_SWITCH_ROOT:
1807 /* Steal the switch root parameters */
41669317 1808 switch_root_dir = m->switch_root;
664f88a7
LP		 1809 switch_root_init = m->switch_root_init;
1810 m->switch_root = m->switch_root_init = NULL;
1811
1812 if (!switch_root_init)
cb6531be 1813 if (prepare_reexecute(m, &arg_serialization, &fds, true) < 0) {
6b9af963 1814 error_message = "Failed to prepare for reexecution";
664f88a7 1815 goto finish;
cb6531be 1816 }
664f88a7
LP		 1817
1818 reexecute = true;
1819 log_notice("Switching root.");
1820 goto finish;
1821
287419c1 1822 case MANAGER_EXIT:
97792515
LP		 1823 retval = m->return_value;
1824
8ebfe0cb 1825 if (m->running_as == MANAGER_USER) {
8ebfe0cb
DH		 1826 log_debug("Exit.");
1827 goto finish;
1828 }
1829
1830 /* fallthrough */
b9080b03
FF		 1831 case MANAGER_REBOOT:
1832 case MANAGER_POWEROFF:
1833 case MANAGER_HALT:
1834 case MANAGER_KEXEC: {
1835 static const char * const table[_MANAGER_EXIT_CODE_MAX] = {
287419c1 1836 [MANAGER_EXIT] = "exit",
b9080b03
FF		 1837 [MANAGER_REBOOT] = "reboot",
1838 [MANAGER_POWEROFF] = "poweroff",
1839 [MANAGER_HALT] = "halt",
1840 [MANAGER_KEXEC] = "kexec"
1841 };
1842
1843 assert_se(shutdown_verb = table[m->exit_code]);
e96d6be7 1844 arm_reboot_watchdog = m->exit_code == MANAGER_REBOOT;
b9080b03
FF		 1845
1846 log_notice("Shutting down.");
1847 goto finish;
1848 }
1849
a16e1123
LP		 1850 default:
1851 assert_not_reached("Unknown exit code.");
1852 }
1853 }
f170852a 1854
60918275 1855finish:
b87c2aa6
ZJS		 1856 pager_close();
1857
97792515 1858 if (m)
81f5fc2d 1859 arg_shutdown_watchdog = m->shutdown_watchdog;
fe382237 1860
06d8d842 1861 m = manager_free(m);
60918275 1862
1f6b4113 1863 for (j = 0; j < ELEMENTSOF(arg_default_rlimit); j++)
a1e58e8e 1864 arg_default_rlimit[j] = mfree(arg_default_rlimit[j]);
c93ff2e9 1865
97b11eed 1866 arg_default_unit = mfree(arg_default_unit);
fe382237 1867 arg_join_controllers = strv_free_free(arg_join_controllers);
97b11eed 1868 arg_default_environment = strv_free(arg_default_environment);
525d3cc7 1869 arg_syscall_archs = set_free(arg_syscall_archs);
d3b1c508 1870
cc56fafe 1871 mac_selinux_finish();
b2bb3dbe 1872
a16e1123 1873 if (reexecute) {
664f88a7 1874 const char **args;
e564a982 1875 unsigned i, args_size;
a16e1123 1876
664f88a7
LP		 1877 /* Close and disarm the watchdog, so that the new
1878 * instance can reinitialize it, but doesn't get
1879 * rebooted while we do that */
1880 watchdog_close(true);
a16e1123 1881
4096d6f5
LP		 1882 /* Reset the RLIMIT_NOFILE to the kernel default, so
1883 * that the new systemd can pass the kernel default to
1884 * its child processes */
1885 if (saved_rlimit_nofile.rlim_cur > 0)
92ca4cac 1886 (void) setrlimit(RLIMIT_NOFILE, &saved_rlimit_nofile);
4096d6f5 1887
41669317 1888 if (switch_root_dir) {
cee530bb
LP		 1889 /* Kill all remaining processes from the
1890 * initrd, but don't wait for them, so that we
1891 * can handle the SIGCHLD for them after
1892 * deserializing. */
0bee65f0 1893 broadcast_signal(SIGTERM, false, true);
bd3fa1d2 1894
5a4bf02f
HH		 1895 /* And switch root with MS_MOVE, because we remove the old directory afterwards and detach it. */
1896 r = switch_root(switch_root_dir, "/mnt", true, MS_MOVE);
41669317 1897 if (r < 0)
da927ba9 1898 log_error_errno(r, "Failed to switch root, trying to continue: %m");
41669317 1899 }
a16e1123 1900
d03bc1b8 1901 args_size = MAX(6, argc+1);
e564a982 1902 args = newa(const char*, args_size);
a16e1123 1903
664f88a7 1904 if (!switch_root_init) {
5ffa8c81 1905 char sfd[DECIMAL_STR_MAX(int) + 1];
a16e1123 1906
664f88a7
LP		 1907 /* First try to spawn ourselves with the right
1908 * path, and with full serialization. We do
1909 * this only if the user didn't specify an
1910 * explicit init to spawn. */
edb9aaa8 1911
d3b1c508 1912 assert(arg_serialization);
664f88a7 1913 assert(fds);
edb9aaa8 1914
5ffa8c81 1915 xsprintf(sfd, "%i", fileno(arg_serialization));
edb9aaa8 1916
664f88a7
LP		 1917 i = 0;
1918 args[i++] = SYSTEMD_BINARY_PATH;
41669317 1919 if (switch_root_dir)
2660882b 1920 args[i++] = "--switched-root";
b2c23da8 1921 args[i++] = arg_running_as == MANAGER_SYSTEM ? "--system" : "--user";
664f88a7
LP		 1922 args[i++] = "--deserialize";
1923 args[i++] = sfd;
1924 args[i++] = NULL;
edb9aaa8 1925
ce8aba56
KS		 1926 /* do not pass along the environment we inherit from the kernel or initrd */
1927 if (switch_root_dir)
92ca4cac 1928 (void) clearenv();
ce8aba56 1929
e564a982 1930 assert(i <= args_size);
92ca4cac 1931 (void) execv(args[0], (char* const*) args);
664f88a7 1932 }
6e98720f 1933
664f88a7
LP		 1934 /* Try the fallback, if there is any, without any
1935 * serialization. We pass the original argv[] and
1936 * envp[]. (Well, modulo the ordering changes due to
1937 * getopt() in argv[], and some cleanups in envp[],
1938 * but let's hope that doesn't matter.) */
a16e1123 1939
74ca738f 1940 arg_serialization = safe_fclose(arg_serialization);
2feceb5e 1941 fds = fdset_free(fds);
a16e1123 1942
a504223d 1943 /* Reopen the console */
92ca4cac 1944 (void) make_console_stdio();
a504223d 1945
d3b1c508 1946 for (j = 1, i = 1; j < (unsigned) argc; j++)
664f88a7 1947 args[i++] = argv[j];
a16e1123 1948 args[i++] = NULL;
e564a982 1949 assert(i <= args_size);
b8f83232 1950
1b6d7fa7 1951 /* Reenable any blocked signals, especially important
5a85ca1c 1952 * if we switch from initial ramdisk to init=... */
ce30c8dc
LP		 1953 (void) reset_all_signal_handlers();
1954 (void) reset_signal_mask();
5a85ca1c 1955
b8f83232
LP		 1956 if (switch_root_init) {
1957 args[0] = switch_root_init;
92ca4cac 1958 (void) execv(args[0], (char* const*) args);
56f64d95 1959 log_warning_errno(errno, "Failed to execute configured init, trying fallback: %m");
b8f83232
LP		 1960 }
1961
1962 args[0] = "/sbin/init";
92ca4cac 1963 (void) execv(args[0], (char* const*) args);
a16e1123 1964
745e2fb7
KS		 1965 if (errno == ENOENT) {
1966 log_warning("No /sbin/init, trying fallback");
b8f83232 1967
745e2fb7
KS		 1968 args[0] = "/bin/sh";
1969 args[1] = NULL;
92ca4cac 1970 (void) execv(args[0], (char* const*) args);
56f64d95 1971 log_error_errno(errno, "Failed to execute /bin/sh, giving up: %m");
745e2fb7 1972 } else
56f64d95 1973 log_warning_errno(errno, "Failed to execute /sbin/init, giving up: %m");
a16e1123
LP		 1974 }
1975
74ca738f 1976 arg_serialization = safe_fclose(arg_serialization);
2feceb5e 1977 fds = fdset_free(fds);
a16e1123 1978
54b434b1
LP		 1979#ifdef HAVE_VALGRIND_VALGRIND_H
1980 /* If we are PID 1 and running under valgrind, then let's exit
1981 * here explicitly. valgrind will only generate nice output on
1982 * exit(), not on exec(), hence let's do the former not the
1983 * latter here. */
1984 if (getpid() == 1 && RUNNING_ON_VALGRIND)
1985 return 0;
1986#endif
1987
b9080b03 1988 if (shutdown_verb) {
b1e90ec5 1989 char log_level[DECIMAL_STR_MAX(int) + 1];
287419c1
AC		 1990 char exit_code[DECIMAL_STR_MAX(uint8_t) + 1];
1991 const char* command_line[11] = {
b9080b03
FF		 1992 SYSTEMD_SHUTDOWN_BINARY_PATH,
1993 shutdown_verb,
b1e90ec5
ZJS		 1994 "--log-level", log_level,
1995 "--log-target",
b9080b03 1996 };
b1e90ec5 1997 unsigned pos = 5;
e3e45d4f 1998 _cleanup_strv_free_ char **env_block = NULL;
15bd5aee
LP		 1999
2000 assert(command_line[pos] == NULL);
e3e45d4f 2001 env_block = strv_copy(environ);
b9080b03 2002
5ffa8c81 2003 xsprintf(log_level, "%d", log_get_max_level());
b1e90ec5
ZJS		 2004
2005 switch (log_get_target()) {
92ca4cac 2006
b1e90ec5
ZJS		 2007 case LOG_TARGET_KMSG:
2008 case LOG_TARGET_JOURNAL_OR_KMSG:
2009 case LOG_TARGET_SYSLOG_OR_KMSG:
2010 command_line[pos++] = "kmsg";
2011 break;
2012
10f00ff1
ILG		 2013 case LOG_TARGET_NULL:
2014 command_line[pos++] = "null";
2015 break;
2016
b1e90ec5
ZJS		 2017 case LOG_TARGET_CONSOLE:
2018 default:
2019 command_line[pos++] = "console";
2020 break;
2021 };
2022
2023 if (log_get_show_color())
2024 command_line[pos++] = "--log-color";
2025
2026 if (log_get_show_location())
2027 command_line[pos++] = "--log-location";
2028
287419c1
AC		 2029 if (streq(shutdown_verb, "exit")) {
2030 command_line[pos++] = "--exit-code";
2031 command_line[pos++] = exit_code;
97792515 2032 xsprintf(exit_code, "%d", retval);
287419c1
AC		 2033 }
2034
26abdc73 2035 assert(pos < ELEMENTSOF(command_line));
b1e90ec5 2036
e96d6be7 2037 if (arm_reboot_watchdog && arg_shutdown_watchdog > 0) {
e3e45d4f 2038 char *e;
d18f337c 2039
e96d6be7
LP		 2040 /* If we reboot let's set the shutdown
2041 * watchdog and tell the shutdown binary to
2042 * repeatedly ping it */
c2cc6b9a
LP		 2043 r = watchdog_set_timeout(&arg_shutdown_watchdog);
2044 watchdog_close(r < 0);
e96d6be7 2045
e3e45d4f
SP		 2046 /* Tell the binary how often to ping, ignore failure */
2047 if (asprintf(&e, "WATCHDOG_USEC="USEC_FMT, arg_shutdown_watchdog) > 0)
92ca4cac 2048 (void) strv_push(&env_block, e);
e3e45d4f 2049 } else
e96d6be7
LP		 2050 watchdog_close(true);
2051
66713f77
LP		 2052 /* Avoid the creation of new processes forked by the
2053 * kernel; at this point, we will not listen to the
2054 * signals anyway */
75f86906 2055 if (detect_container() <= 0)
e155a0aa 2056 (void) cg_uninstall_release_agent(SYSTEMD_CGROUP_CONTROLLER);
ad929bcc 2057
d18f337c 2058 execve(SYSTEMD_SHUTDOWN_BINARY_PATH, (char **) command_line, env_block);
56f64d95 2059 log_error_errno(errno, "Failed to execute shutdown binary, %s: %m",
b1e90ec5 2060 getpid() == 1 ? "freezing" : "quitting");
b9080b03
FF		 2061 }
2062
cb6531be
ZJS		 2063 if (getpid() == 1) {
2064 if (error_message)
2065 manager_status_printf(NULL, STATUS_TYPE_EMERGENCY,
1fc464f6 2066 ANSI_HIGHLIGHT_RED "!!!!!!" ANSI_NORMAL,
cb6531be 2067 "%s, freezing.", error_message);
b9e74c39 2068 freeze_or_reboot();
cb6531be 2069 }
c3b3c274 2070
60918275
LP		 2071 return retval;
2072}
Unnamed repository; edit this file 'description' to name the repository.