]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/main.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Generate systemd-fsck-root.service in the initramfs
[thirdparty/systemd.git] / src / core / main.c
CommitLineData
d6c9574f 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
60918275 2
a7334b09
LP		 3/***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
a7334b09
LP		 11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 16 Lesser General Public License for more details.
a7334b09 17
5430f7f2 18 You should have received a copy of the GNU Lesser General Public License
a7334b09
LP		 19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20***/
21
60918275
LP		 22#include <stdio.h>
23#include <errno.h>
24#include <string.h>
16354eff 25#include <unistd.h>
4ade7963 26#include <sys/stat.h>
f170852a 27#include <getopt.h>
97c4f35c 28#include <signal.h>
80876c20 29#include <fcntl.h>
f3b6a3ed 30#include <sys/prctl.h>
664f88a7 31#include <sys/mount.h>
60918275 32
54b434b1
LP		 33#ifdef HAVE_VALGRIND_VALGRIND_H
34#include <valgrind/valgrind.h>
35#endif
b64a3d86
LP		 36#ifdef HAVE_SECCOMP
37#include <seccomp.h>
38#endif
54b434b1 39
718db961 40#include "sd-daemon.h"
718db961 41#include "sd-bus.h"
16354eff 42#include "log.h"
a16e1123 43#include "fdset.h"
514f4ef5 44#include "special.h"
487393e9 45#include "conf-parser.h"
ad780f19 46#include "missing.h"
b87c2aa6 47#include "pager.h"
302e27c8 48#include "build.h"
06d4c99a 49#include "strv.h"
f6a6225e 50#include "def.h"
b52aae1d 51#include "virt.h"
d9d93745 52#include "architecture.h"
e96d6be7 53#include "watchdog.h"
41669317 54#include "switch-root.h"
ec8927ca 55#include "capability.h"
bd3fa1d2 56#include "killall.h"
0c4025d1 57#include "env-util.h"
24efb112 58#include "clock-util.h"
718db961 59#include "fileio.h"
718db961
LP		 60#include "bus-error.h"
61#include "bus-util.h"
d7b8eec7
LP		 62#include "selinux-util.h"
63#include "manager.h"
64#include "dbus-manager.h"
65#include "load-fragment.h"
60918275 66
b6e66135
LP		 67#include "mount-setup.h"
68#include "loopback-setup.h"
b6e66135
LP		 69#include "hostname-setup.h"
70#include "machine-id-setup.h"
b6e66135
LP		 71#include "selinux-setup.h"
72#include "ima-setup.h"
ffbd2c4d 73#include "smack-setup.h"
718db961 74#include "kmod-setup.h"
6482f626 75#include "formats-util.h"
0b452006 76#include "process-util.h"
288a74cc 77#include "terminal-util.h"
b6e66135 78
f170852a
LP		 79static enum {
80 ACTION_RUN,
e965d56d 81 ACTION_HELP,
9ba0bc4e 82 ACTION_VERSION,
e537352b 83 ACTION_TEST,
4288f619
LP		 84 ACTION_DUMP_CONFIGURATION_ITEMS,
85 ACTION_DONE
fa0f4d8a 86} arg_action = ACTION_RUN;
fa0f4d8a 87static char *arg_default_unit = NULL;
67445f4e 88static SystemdRunningAs arg_running_as = _SYSTEMD_RUNNING_AS_INVALID;
fa0f4d8a
LP		 89static bool arg_dump_core = true;
90static bool arg_crash_shell = false;
91static int arg_crash_chvt = -1;
92static bool arg_confirm_spawn = false;
b6e2f329 93static ShowStatus arg_show_status = _SHOW_STATUS_UNSET;
bf4df7c3 94static bool arg_switched_root = false;
b87c2aa6 95static int arg_no_pager = -1;
0c85a4f3 96static char ***arg_join_controllers = NULL;
706343f4 97static ExecOutput arg_default_std_output = EXEC_OUTPUT_JOURNAL;
0a494f1f 98static ExecOutput arg_default_std_error = EXEC_OUTPUT_INHERIT;
1f19a534
OS		 99static usec_t arg_default_restart_usec = DEFAULT_RESTART_USEC;
100static usec_t arg_default_timeout_start_usec = DEFAULT_TIMEOUT_USEC;
101static usec_t arg_default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC;
3f41e1e5
LN		 102static usec_t arg_default_start_limit_interval = DEFAULT_START_LIMIT_INTERVAL;
103static unsigned arg_default_start_limit_burst = DEFAULT_START_LIMIT_BURST;
e96d6be7
LP		 104static usec_t arg_runtime_watchdog = 0;
105static usec_t arg_shutdown_watchdog = 10 * USEC_PER_MINUTE;
97d0e5f8 106static char **arg_default_environment = NULL;
517d56b1 107static struct rlimit *arg_default_rlimit[_RLIMIT_MAX] = {};
ec8927ca 108static uint64_t arg_capability_bounding_set_drop = 0;
3a43da28 109static nsec_t arg_timer_slack_nsec = NSEC_INFINITY;
bd8f585b 110static usec_t arg_default_timer_accuracy_usec = 1 * USEC_PER_MINUTE;
d3b1c508
LP		 111static Set* arg_syscall_archs = NULL;
112static FILE* arg_serialization = NULL;
085afe36
LP		 113static bool arg_default_cpu_accounting = false;
114static bool arg_default_blockio_accounting = false;
115static bool arg_default_memory_accounting = false;
4fc935ca 116
d3b1c508 117static void nop_handler(int sig) {}
6f5e3f35 118
b87c2aa6
ZJS		 119static void pager_open_if_enabled(void) {
120
121 if (arg_no_pager <= 0)
122 return;
123
124 pager_open(false);
125}
126
919ce0b7 127noreturn static void crash(int sig) {
97c4f35c 128
abb26902
LP		 129 if (getpid() != 1)
130 /* Pass this on immediately, if this is not PID 1 */
131 raise(sig);
132 else if (!arg_dump_core)
4104970e 133 log_emergency("Caught <%s>, not dumping core.", signal_to_string(sig));
97c4f35c 134 else {
b92bea5d
ZJS		 135 struct sigaction sa = {
136 .sa_handler = nop_handler,
137 .sa_flags = SA_NOCLDSTOP|SA_RESTART,
138 };
97c4f35c
LP		 139 pid_t pid;
140
6f5e3f35 141 /* We want to wait for the core process, hence let's enable SIGCHLD */
abb26902 142 sigaction(SIGCHLD, &sa, NULL);
6f5e3f35 143
ee05e779 144 pid = raw_clone(SIGCHLD, NULL);
e62d8c39 145 if (pid < 0)
56f64d95 146 log_emergency_errno(errno, "Caught <%s>, cannot fork for core dump: %m", signal_to_string(sig));
97c4f35c
LP		 147
148 else if (pid == 0) {
b92bea5d 149 struct rlimit rl = {};
97c4f35c
LP		 150
151 /* Enable default signal handler for core dump */
152 zero(sa);
153 sa.sa_handler = SIG_DFL;
abb26902 154 sigaction(sig, &sa, NULL);
97c4f35c
LP		 155
156 /* Don't limit the core dump size */
97c4f35c
LP		 157 rl.rlim_cur = RLIM_INFINITY;
158 rl.rlim_max = RLIM_INFINITY;
159 setrlimit(RLIMIT_CORE, &rl);
160
161 /* Just to be sure... */
e62d9b81 162 (void) chdir("/");
97c4f35c
LP		 163
164 /* Raise the signal again */
ee05e779
ZJS		 165 pid = raw_getpid();
166 kill(pid, sig); /* raise() would kill the parent */
97c4f35c
LP		 167
168 assert_not_reached("We shouldn't be here...");
169 _exit(1);
4fc935ca 170 } else {
8e12a6ae
LP		 171 siginfo_t status;
172 int r;
4fc935ca
LP		 173
174 /* Order things nicely. */
e62d8c39
ZJS		 175 r = wait_for_terminate(pid, &status);
176 if (r < 0)
da927ba9 177 log_emergency_errno(r, "Caught <%s>, waitpid() failed: %m", signal_to_string(sig));
8e12a6ae 178 else if (status.si_code != CLD_DUMPED)
ee05e779
ZJS		 179 log_emergency("Caught <%s>, core dump failed (child "PID_FMT", code=%s, status=%i/%s).",
180 signal_to_string(sig),
181 pid, sigchld_code_to_string(status.si_code),
182 status.si_status,
183 strna(status.si_code == CLD_EXITED
184 ? exit_status_to_string(status.si_status, EXIT_STATUS_FULL)
185 : signal_to_string(status.si_status)));
4fc935ca 186 else
4104970e 187 log_emergency("Caught <%s>, dumped core as pid "PID_FMT".", signal_to_string(sig), pid);
97c4f35c
LP		 188 }
189 }
190
fa0f4d8a
LP		 191 if (arg_crash_chvt)
192 chvt(arg_crash_chvt);
601f6a1e 193
fa0f4d8a 194 if (arg_crash_shell) {
b92bea5d
ZJS		 195 struct sigaction sa = {
196 .sa_handler = SIG_IGN,
197 .sa_flags = SA_NOCLDSTOP|SA_NOCLDWAIT|SA_RESTART,
198 };
6f5e3f35 199 pid_t pid;
8c43883a 200
4fc935ca
LP		 201 log_info("Executing crash shell in 10s...");
202 sleep(10);
203
6f5e3f35 204 /* Let the kernel reap children for us */
6f5e3f35 205 assert_se(sigaction(SIGCHLD, &sa, NULL) == 0);
8c43883a 206
ee05e779 207 pid = raw_clone(SIGCHLD, NULL);
cd3bd60a 208 if (pid < 0)
56f64d95 209 log_emergency_errno(errno, "Failed to fork off crash shell: %m");
6f5e3f35 210 else if (pid == 0) {
cd3bd60a 211 make_console_stdio();
ee05e779 212 execle("/bin/sh", "/bin/sh", NULL, environ);
6f5e3f35 213
ee05e779 214 log_emergency_errno(errno, "execle() failed: %m");
6f5e3f35 215 _exit(1);
ee05e779
ZJS		 216 } else
217 log_info("Successfully spawned crash shell as PID "PID_FMT".", pid);
4fc935ca
LP		 218 }
219
4104970e 220 log_emergency("Freezing execution.");
97c4f35c
LP		 221 freeze();
222}
223
224static void install_crash_handler(void) {
297d563d 225 static const struct sigaction sa = {
b92bea5d 226 .sa_handler = crash,
297d563d 227 .sa_flags = SA_NODEFER, /* So that we can raise the signal again from the signal handler */
b92bea5d 228 };
297d563d 229 int r;
97c4f35c 230
297d563d
LP		 231 /* We ignore the return value here, since, we don't mind if we
232 * cannot set up a crash handler */
233 r = sigaction_many(&sa, SIGNALS_CRASH_HANDLER, -1);
234 if (r < 0)
235 log_debug_errno(r, "I had trouble setting up the crash handler, ignoring: %m");
97c4f35c 236}
f170852a 237
56d96fc0
LP		 238static int console_setup(void) {
239 _cleanup_close_ int tty_fd = -1;
240 int r;
80876c20 241
512947d4 242 tty_fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
23bbb0de
MS		 243 if (tty_fd < 0)
244 return log_error_errno(tty_fd, "Failed to open /dev/console: %m");
80876c20 245
56d96fc0
LP		 246 /* We don't want to force text mode. plymouth may be showing
247 * pictures already from initrd. */
512947d4 248 r = reset_terminal_fd(tty_fd, false);
23bbb0de
MS		 249 if (r < 0)
250 return log_error_errno(r, "Failed to reset /dev/console: %m");
843d2643 251
56d96fc0 252 return 0;
80876c20
LP		 253}
254
f170852a
LP		 255static int set_default_unit(const char *u) {
256 char *c;
257
258 assert(u);
259
bf4df7c3
LP		 260 c = strdup(u);
261 if (!c)
f170852a
LP		 262 return -ENOMEM;
263
fa0f4d8a
LP		 264 free(arg_default_unit);
265 arg_default_unit = c;
bf4df7c3 266
f170852a
LP		 267 return 0;
268}
269
059cb385 270static int parse_proc_cmdline_item(const char *key, const char *value) {
f170852a
LP		 271
272 static const char * const rlmap[] = {
ed370f5d 273 "emergency", SPECIAL_EMERGENCY_TARGET,
099663ff 274 "-b", SPECIAL_EMERGENCY_TARGET,
5329ab10 275 "rescue", SPECIAL_RESCUE_TARGET,
ed370f5d
LP		 276 "single", SPECIAL_RESCUE_TARGET,
277 "-s", SPECIAL_RESCUE_TARGET,
278 "s", SPECIAL_RESCUE_TARGET,
279 "S", SPECIAL_RESCUE_TARGET,
280 "1", SPECIAL_RESCUE_TARGET,
d5d8429a
LP		 281 "2", SPECIAL_MULTI_USER_TARGET,
282 "3", SPECIAL_MULTI_USER_TARGET,
283 "4", SPECIAL_MULTI_USER_TARGET,
284 "5", SPECIAL_GRAPHICAL_TARGET,
f170852a 285 };
059cb385 286 int r;
f170852a 287
059cb385 288 assert(key);
5192bd19 289
059cb385 290 if (streq(key, "systemd.unit") && value) {
bf4df7c3
LP		 291
292 if (!in_initrd())
059cb385 293 return set_default_unit(value);
bf4df7c3 294
059cb385 295 } else if (streq(key, "rd.systemd.unit") && value) {
bf4df7c3 296
ca05941b
LP		 297 if (in_initrd())
298 return set_default_unit(value);
f170852a 299
059cb385 300 } else if (streq(key, "systemd.dump_core") && value) {
4fc935ca 301
059cb385 302 r = parse_boolean(value);
fb472900 303 if (r < 0)
059cb385 304 log_warning("Failed to parse dump core switch %s. Ignoring.", value);
4fc935ca 305 else
fa0f4d8a 306 arg_dump_core = r;
4fc935ca 307
059cb385 308 } else if (streq(key, "systemd.crash_shell") && value) {
4fc935ca 309
059cb385 310 r = parse_boolean(value);
fb472900 311 if (r < 0)
059cb385 312 log_warning("Failed to parse crash shell switch %s. Ignoring.", value);
4fc935ca 313 else
fa0f4d8a 314 arg_crash_shell = r;
5e7ee61c 315
059cb385 316 } else if (streq(key, "systemd.crash_chvt") && value) {
5e7ee61c 317
059cb385
LP		 318 if (safe_atoi(value, &r) < 0)
319 log_warning("Failed to parse crash chvt switch %s. Ignoring.", value);
5e7ee61c 320 else
059cb385 321 arg_crash_chvt = r;
5e7ee61c 322
059cb385 323 } else if (streq(key, "systemd.confirm_spawn") && value) {
601f6a1e 324
059cb385
LP		 325 r = parse_boolean(value);
326 if (r < 0)
327 log_warning("Failed to parse confirm spawn switch %s. Ignoring.", value);
601f6a1e 328 else
059cb385 329 arg_confirm_spawn = r;
601f6a1e 330
059cb385 331 } else if (streq(key, "systemd.show_status") && value) {
9e58ff9c 332
059cb385 333 r = parse_show_status(value, &arg_show_status);
d450b6f2 334 if (r < 0)
059cb385
LP		 335 log_warning("Failed to parse show status switch %s. Ignoring.", value);
336
337 } else if (streq(key, "systemd.default_standard_output") && value) {
0a494f1f 338
059cb385 339 r = exec_output_from_string(value);
fb472900 340 if (r < 0)
059cb385 341 log_warning("Failed to parse default standard output switch %s. Ignoring.", value);
0a494f1f
LP		 342 else
343 arg_default_std_output = r;
0a494f1f 344
059cb385
LP		 345 } else if (streq(key, "systemd.default_standard_error") && value) {
346
347 r = exec_output_from_string(value);
fb472900 348 if (r < 0)
059cb385 349 log_warning("Failed to parse default standard error switch %s. Ignoring.", value);
0a494f1f
LP		 350 else
351 arg_default_std_error = r;
9e7c5357 352
059cb385
LP		 353 } else if (streq(key, "systemd.setenv") && value) {
354
355 if (env_assignment_is_valid(value)) {
e21fea24
KS		 356 char **env;
357
059cb385 358 env = strv_env_set(arg_default_environment, value);
e21fea24
KS		 359 if (env)
360 arg_default_environment = env;
361 else
279d3c9c 362 log_warning_errno(ENOMEM, "Setting environment variable '%s' failed, ignoring: %m", value);
e21fea24 363 } else
059cb385 364 log_warning("Environment variable name '%s' is not valid. Ignoring.", value);
9e58ff9c 365
059cb385 366 } else if (streq(key, "quiet") && !value) {
d7b15e0a 367
b6e2f329 368 if (arg_show_status == _SHOW_STATUS_UNSET)
d450b6f2 369 arg_show_status = SHOW_STATUS_AUTO;
059cb385
LP		 370
371 } else if (streq(key, "debug") && !value) {
d7b15e0a 372
1de1c9c3
LP		 373 /* Note that log_parse_environment() handles 'debug'
374 * too, and sets the log level to LOG_DEBUG. */
d7b15e0a 375
b2103dcc
KS		 376 if (detect_container(NULL) > 0)
377 log_set_target(LOG_TARGET_CONSOLE);
059cb385
LP		 378
379 } else if (!in_initrd() && !value) {
f170852a
LP		 380 unsigned i;
381
382 /* SysV compatibility */
f170852a 383 for (i = 0; i < ELEMENTSOF(rlmap); i += 2)
059cb385 384 if (streq(key, rlmap[i]))
f170852a
LP		 385 return set_default_unit(rlmap[i+1]);
386 }
387
388 return 0;
389}
390
e8e581bf
ZJS		 391#define DEFINE_SETTER(name, func, descr) \
392 static int name(const char *unit, \
393 const char *filename, \
394 unsigned line, \
395 const char *section, \
71a61510 396 unsigned section_line, \
e8e581bf
ZJS		 397 const char *lvalue, \
398 int ltype, \
399 const char *rvalue, \
400 void *data, \
401 void *userdata) { \
402 \
403 int r; \
404 \
405 assert(filename); \
406 assert(lvalue); \
407 assert(rvalue); \
408 \
409 r = func(rvalue); \
410 if (r < 0) \
411 log_syntax(unit, LOG_ERR, filename, line, -r, \
412 "Invalid " descr "'%s': %s", \
413 rvalue, strerror(-r)); \
414 \
415 return 0; \
416 }
487393e9 417
e8e581bf
ZJS		 418DEFINE_SETTER(config_parse_level2, log_set_max_level_from_string, "log level")
419DEFINE_SETTER(config_parse_target, log_set_target_from_string, "target")
420DEFINE_SETTER(config_parse_color, log_show_color_from_string, "color" )
421DEFINE_SETTER(config_parse_location, log_show_location_from_string, "location")
487393e9 422
4d7213b2
LP		 423static int config_parse_cpu_affinity2(
424 const char *unit,
425 const char *filename,
426 unsigned line,
427 const char *section,
428 unsigned section_line,
429 const char *lvalue,
430 int ltype,
431 const char *rvalue,
432 void *data,
433 void *userdata) {
487393e9 434
a2a5291b 435 const char *word, *state;
487393e9 436 size_t l;
487393e9
LP		 437 cpu_set_t *c = NULL;
438 unsigned ncpus = 0;
439
440 assert(filename);
441 assert(lvalue);
442 assert(rvalue);
443
a2a5291b 444 FOREACH_WORD_QUOTED(word, l, rvalue, state) {
487393e9
LP		 445 char *t;
446 int r;
447 unsigned cpu;
448
a2a5291b 449 if (!(t = strndup(word, l)))
14212119 450 return log_oom();
487393e9
LP		 451
452 r = safe_atou(t, &cpu);
453 free(t);
454
455 if (!c)
456 if (!(c = cpu_set_malloc(&ncpus)))
14212119 457 return log_oom();
487393e9
LP		 458
459 if (r < 0 || cpu >= ncpus) {
e8e581bf
ZJS		 460 log_syntax(unit, LOG_ERR, filename, line, -r,
461 "Failed to parse CPU affinity '%s'", rvalue);
487393e9
LP		 462 CPU_FREE(c);
463 return -EBADMSG;
464 }
465
466 CPU_SET_S(cpu, CPU_ALLOC_SIZE(ncpus), c);
467 }
b2fadec6
ZJS		 468 if (!isempty(state))
469 log_syntax(unit, LOG_ERR, filename, line, EINVAL,
470 "Trailing garbage, ignoring.");
487393e9
LP		 471
472 if (c) {
473 if (sched_setaffinity(0, CPU_ALLOC_SIZE(ncpus), c) < 0)
79008bdd 474 log_unit_warning(unit, "Failed to set CPU affinity: %m");
487393e9
LP		 475
476 CPU_FREE(c);
477 }
478
479 return 0;
480}
481
4d7213b2
LP		 482static int config_parse_show_status(
483 const char* unit,
484 const char *filename,
485 unsigned line,
486 const char *section,
487 unsigned section_line,
488 const char *lvalue,
489 int ltype,
490 const char *rvalue,
491 void *data,
492 void *userdata) {
493
494 int k;
495 ShowStatus *b = data;
496
497 assert(filename);
498 assert(lvalue);
499 assert(rvalue);
500 assert(data);
501
502 k = parse_show_status(rvalue, b);
503 if (k < 0) {
504 log_syntax(unit, LOG_ERR, filename, line, -k,
505 "Failed to parse show status setting, ignoring: %s", rvalue);
506 return 0;
507 }
508
509 return 0;
510}
511
0c85a4f3
LP		 512static void strv_free_free(char ***l) {
513 char ***i;
514
515 if (!l)
516 return;
517
518 for (i = l; *i; i++)
519 strv_free(*i);
520
521 free(l);
522}
523
524static void free_join_controllers(void) {
0c85a4f3
LP		 525 strv_free_free(arg_join_controllers);
526 arg_join_controllers = NULL;
527}
528
e8e581bf
ZJS		 529static int config_parse_join_controllers(const char *unit,
530 const char *filename,
531 unsigned line,
532 const char *section,
71a61510 533 unsigned section_line,
e8e581bf
ZJS		 534 const char *lvalue,
535 int ltype,
536 const char *rvalue,
537 void *data,
538 void *userdata) {
0c85a4f3
LP		 539
540 unsigned n = 0;
a2a5291b 541 const char *word, *state;
0c85a4f3
LP		 542 size_t length;
543
544 assert(filename);
545 assert(lvalue);
546 assert(rvalue);
547
548 free_join_controllers();
549
a2a5291b 550 FOREACH_WORD_QUOTED(word, length, rvalue, state) {
0c85a4f3
LP		 551 char *s, **l;
552
a2a5291b 553 s = strndup(word, length);
0c85a4f3 554 if (!s)
14212119 555 return log_oom();
0c85a4f3
LP		 556
557 l = strv_split(s, ",");
558 free(s);
559
560 strv_uniq(l);
561
562 if (strv_length(l) <= 1) {
563 strv_free(l);
564 continue;
565 }
566
567 if (!arg_join_controllers) {
568 arg_join_controllers = new(char**, 2);
569 if (!arg_join_controllers) {
570 strv_free(l);
14212119 571 return log_oom();
0c85a4f3
LP		 572 }
573
574 arg_join_controllers[0] = l;
575 arg_join_controllers[1] = NULL;
576
577 n = 1;
578 } else {
579 char ***a;
580 char ***t;
581
582 t = new0(char**, n+2);
583 if (!t) {
584 strv_free(l);
14212119 585 return log_oom();
0c85a4f3
LP		 586 }
587
588 n = 0;
589
590 for (a = arg_join_controllers; *a; a++) {
591
592 if (strv_overlap(*a, l)) {
e3e45d4f 593 if (strv_extend_strv(&l, *a) < 0) {
0c85a4f3
LP		 594 strv_free(l);
595 strv_free_free(t);
14212119 596 return log_oom();
0c85a4f3
LP		 597 }
598
0c85a4f3
LP		 599 } else {
600 char **c;
601
602 c = strv_copy(*a);
603 if (!c) {
604 strv_free(l);
605 strv_free_free(t);
14212119 606 return log_oom();
0c85a4f3
LP		 607 }
608
609 t[n++] = c;
610 }
611 }
612
613 t[n++] = strv_uniq(l);
614
615 strv_free_free(arg_join_controllers);
616 arg_join_controllers = t;
617 }
618 }
b2fadec6
ZJS		 619 if (!isempty(state))
620 log_syntax(unit, LOG_ERR, filename, line, EINVAL,
621 "Trailing garbage, ignoring.");
0c85a4f3
LP		 622
623 return 0;
624}
625
487393e9
LP		 626static int parse_config_file(void) {
627
f975e971 628 const ConfigTableItem items[] = {
d3b1c508
LP		 629 { "Manager", "LogLevel", config_parse_level2, 0, NULL },
630 { "Manager", "LogTarget", config_parse_target, 0, NULL },
631 { "Manager", "LogColor", config_parse_color, 0, NULL },
632 { "Manager", "LogLocation", config_parse_location, 0, NULL },
633 { "Manager", "DumpCore", config_parse_bool, 0, &arg_dump_core },
634 { "Manager", "CrashShell", config_parse_bool, 0, &arg_crash_shell },
635 { "Manager", "ShowStatus", config_parse_show_status, 0, &arg_show_status },
636 { "Manager", "CrashChVT", config_parse_int, 0, &arg_crash_chvt },
637 { "Manager", "CPUAffinity", config_parse_cpu_affinity2, 0, NULL },
638 { "Manager", "JoinControllers", config_parse_join_controllers, 0, &arg_join_controllers },
639 { "Manager", "RuntimeWatchdogSec", config_parse_sec, 0, &arg_runtime_watchdog },
640 { "Manager", "ShutdownWatchdogSec", config_parse_sec, 0, &arg_shutdown_watchdog },
641 { "Manager", "CapabilityBoundingSet", config_parse_bounding_set, 0, &arg_capability_bounding_set_drop },
89fffa27 642#ifdef HAVE_SECCOMP
d3b1c508 643 { "Manager", "SystemCallArchitectures", config_parse_syscall_archs, 0, &arg_syscall_archs },
89fffa27 644#endif
d3b1c508 645 { "Manager", "TimerSlackNSec", config_parse_nsec, 0, &arg_timer_slack_nsec },
bd8f585b 646 { "Manager", "DefaultTimerAccuracySec", config_parse_sec, 0, &arg_default_timer_accuracy_usec },
d3b1c508
LP		 647 { "Manager", "DefaultStandardOutput", config_parse_output, 0, &arg_default_std_output },
648 { "Manager", "DefaultStandardError", config_parse_output, 0, &arg_default_std_error },
649 { "Manager", "DefaultTimeoutStartSec", config_parse_sec, 0, &arg_default_timeout_start_usec },
650 { "Manager", "DefaultTimeoutStopSec", config_parse_sec, 0, &arg_default_timeout_stop_usec },
651 { "Manager", "DefaultRestartSec", config_parse_sec, 0, &arg_default_restart_usec },
652 { "Manager", "DefaultStartLimitInterval", config_parse_sec, 0, &arg_default_start_limit_interval },
653 { "Manager", "DefaultStartLimitBurst", config_parse_unsigned, 0, &arg_default_start_limit_burst },
654 { "Manager", "DefaultEnvironment", config_parse_environ, 0, &arg_default_environment },
655 { "Manager", "DefaultLimitCPU", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CPU] },
656 { "Manager", "DefaultLimitFSIZE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_FSIZE] },
657 { "Manager", "DefaultLimitDATA", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_DATA] },
658 { "Manager", "DefaultLimitSTACK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_STACK] },
659 { "Manager", "DefaultLimitCORE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CORE] },
660 { "Manager", "DefaultLimitRSS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RSS] },
661 { "Manager", "DefaultLimitNOFILE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NOFILE] },
662 { "Manager", "DefaultLimitAS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_AS] },
663 { "Manager", "DefaultLimitNPROC", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NPROC] },
664 { "Manager", "DefaultLimitMEMLOCK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MEMLOCK] },
665 { "Manager", "DefaultLimitLOCKS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_LOCKS] },
666 { "Manager", "DefaultLimitSIGPENDING", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_SIGPENDING] },
667 { "Manager", "DefaultLimitMSGQUEUE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MSGQUEUE] },
668 { "Manager", "DefaultLimitNICE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NICE] },
669 { "Manager", "DefaultLimitRTPRIO", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTPRIO] },
670 { "Manager", "DefaultLimitRTTIME", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTTIME] },
085afe36
LP		 671 { "Manager", "DefaultCPUAccounting", config_parse_bool, 0, &arg_default_cpu_accounting },
672 { "Manager", "DefaultBlockIOAccounting", config_parse_bool, 0, &arg_default_blockio_accounting },
673 { "Manager", "DefaultMemoryAccounting", config_parse_bool, 0, &arg_default_memory_accounting },
d3b1c508 674 {}
487393e9
LP		 675 };
676
1b907b5c 677 const char *fn, *conf_dirs_nulstr;
487393e9 678
19adb8a3 679 fn = arg_running_as == SYSTEMD_SYSTEM ? PKGSYSCONFDIR "/system.conf" : PKGSYSCONFDIR "/user.conf";
1b907b5c
JT		 680 conf_dirs_nulstr = arg_running_as == SYSTEMD_SYSTEM ? CONF_DIRS_NULSTR("systemd/system.conf") : CONF_DIRS_NULSTR("systemd/user.conf");
681 config_parse_many(fn, conf_dirs_nulstr, "Manager\0",
682 config_item_table_lookup, items, false, NULL);
487393e9 683
487393e9
LP		 684 return 0;
685}
686
f170852a
LP		 687static int parse_argv(int argc, char *argv[]) {
688
689 enum {
690 ARG_LOG_LEVEL = 0x100,
691 ARG_LOG_TARGET,
bbe63281
LP		 692 ARG_LOG_COLOR,
693 ARG_LOG_LOCATION,
2f198e2f 694 ARG_UNIT,
edb9aaa8 695 ARG_SYSTEM,
af2d49f7 696 ARG_USER,
e537352b 697 ARG_TEST,
b87c2aa6 698 ARG_NO_PAGER,
9ba0bc4e 699 ARG_VERSION,
80876c20 700 ARG_DUMP_CONFIGURATION_ITEMS,
9e58ff9c
LP		 701 ARG_DUMP_CORE,
702 ARG_CRASH_SHELL,
a16e1123 703 ARG_CONFIRM_SPAWN,
9e58ff9c 704 ARG_SHOW_STATUS,
4288f619 705 ARG_DESERIALIZE,
2660882b 706 ARG_SWITCHED_ROOT,
0a494f1f
LP		 707 ARG_DEFAULT_STD_OUTPUT,
708 ARG_DEFAULT_STD_ERROR
f170852a
LP		 709 };
710
711 static const struct option options[] = {
a16e1123
LP		 712 { "log-level", required_argument, NULL, ARG_LOG_LEVEL },
713 { "log-target", required_argument, NULL, ARG_LOG_TARGET },
bbe63281
LP		 714 { "log-color", optional_argument, NULL, ARG_LOG_COLOR },
715 { "log-location", optional_argument, NULL, ARG_LOG_LOCATION },
2f198e2f 716 { "unit", required_argument, NULL, ARG_UNIT },
edb9aaa8 717 { "system", no_argument, NULL, ARG_SYSTEM },
af2d49f7 718 { "user", no_argument, NULL, ARG_USER },
a16e1123 719 { "test", no_argument, NULL, ARG_TEST },
b87c2aa6 720 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
a16e1123 721 { "help", no_argument, NULL, 'h' },
9ba0bc4e 722 { "version", no_argument, NULL, ARG_VERSION },
a16e1123 723 { "dump-configuration-items", no_argument, NULL, ARG_DUMP_CONFIGURATION_ITEMS },
a5d87bf0
LP		 724 { "dump-core", optional_argument, NULL, ARG_DUMP_CORE },
725 { "crash-shell", optional_argument, NULL, ARG_CRASH_SHELL },
726 { "confirm-spawn", optional_argument, NULL, ARG_CONFIRM_SPAWN },
6e98720f 727 { "show-status", optional_argument, NULL, ARG_SHOW_STATUS },
a16e1123 728 { "deserialize", required_argument, NULL, ARG_DESERIALIZE },
2660882b 729 { "switched-root", no_argument, NULL, ARG_SWITCHED_ROOT },
0a494f1f
LP		 730 { "default-standard-output", required_argument, NULL, ARG_DEFAULT_STD_OUTPUT, },
731 { "default-standard-error", required_argument, NULL, ARG_DEFAULT_STD_ERROR, },
fb472900 732 {}
f170852a
LP		 733 };
734
735 int c, r;
736
737 assert(argc >= 1);
738 assert(argv);
739
b770165a
LP		 740 if (getpid() == 1)
741 opterr = 0;
742
099663ff 743 while ((c = getopt_long(argc, argv, "hDbsz:", options, NULL)) >= 0)
f170852a
LP		 744
745 switch (c) {
746
747 case ARG_LOG_LEVEL:
fb472900
ZJS		 748 r = log_set_max_level_from_string(optarg);
749 if (r < 0) {
f170852a
LP		 750 log_error("Failed to parse log level %s.", optarg);
751 return r;
752 }
753
754 break;
755
756 case ARG_LOG_TARGET:
fb472900
ZJS		 757 r = log_set_target_from_string(optarg);
758 if (r < 0) {
f170852a
LP		 759 log_error("Failed to parse log target %s.", optarg);
760 return r;
761 }
762
763 break;
764
bbe63281
LP		 765 case ARG_LOG_COLOR:
766
d0b170c8 767 if (optarg) {
fb472900
ZJS		 768 r = log_show_color_from_string(optarg);
769 if (r < 0) {
d0b170c8
LP		 770 log_error("Failed to parse log color setting %s.", optarg);
771 return r;
772 }
773 } else
774 log_show_color(true);
bbe63281
LP		 775
776 break;
777
778 case ARG_LOG_LOCATION:
d0b170c8 779 if (optarg) {
fb472900
ZJS		 780 r = log_show_location_from_string(optarg);
781 if (r < 0) {
d0b170c8
LP		 782 log_error("Failed to parse log location setting %s.", optarg);
783 return r;
784 }
785 } else
786 log_show_location(true);
bbe63281
LP		 787
788 break;
789
0a494f1f 790 case ARG_DEFAULT_STD_OUTPUT:
fb472900
ZJS		 791 r = exec_output_from_string(optarg);
792 if (r < 0) {
0a494f1f
LP		 793 log_error("Failed to parse default standard output setting %s.", optarg);
794 return r;
795 } else
796 arg_default_std_output = r;
797 break;
798
799 case ARG_DEFAULT_STD_ERROR:
fb472900
ZJS		 800 r = exec_output_from_string(optarg);
801 if (r < 0) {
0a494f1f
LP		 802 log_error("Failed to parse default standard error output setting %s.", optarg);
803 return r;
804 } else
805 arg_default_std_error = r;
806 break;
807
2f198e2f 808 case ARG_UNIT:
f170852a 809
fb472900 810 r = set_default_unit(optarg);
23bbb0de
MS		 811 if (r < 0)
812 return log_error_errno(r, "Failed to set default unit %s: %m", optarg);
f170852a
LP		 813
814 break;
815
edb9aaa8 816 case ARG_SYSTEM:
67445f4e 817 arg_running_as = SYSTEMD_SYSTEM;
edb9aaa8 818 break;
a5dab5ce 819
af2d49f7 820 case ARG_USER:
67445f4e 821 arg_running_as = SYSTEMD_USER;
a5dab5ce 822 break;
a5dab5ce 823
e965d56d 824 case ARG_TEST:
fa0f4d8a 825 arg_action = ACTION_TEST;
b87c2aa6
ZJS		 826 if (arg_no_pager < 0)
827 arg_no_pager = true;
828 break;
829
830 case ARG_NO_PAGER:
831 arg_no_pager = true;
e965d56d
LP		 832 break;
833
9ba0bc4e
ZJS		 834 case ARG_VERSION:
835 arg_action = ACTION_VERSION;
836 break;
837
e537352b 838 case ARG_DUMP_CONFIGURATION_ITEMS:
fa0f4d8a 839 arg_action = ACTION_DUMP_CONFIGURATION_ITEMS;
e537352b
LP		 840 break;
841
9e58ff9c 842 case ARG_DUMP_CORE:
a5d87bf0
LP		 843 r = optarg ? parse_boolean(optarg) : 1;
844 if (r < 0) {
845 log_error("Failed to parse dump core boolean %s.", optarg);
846 return r;
847 }
848 arg_dump_core = r;
9e58ff9c
LP		 849 break;
850
851 case ARG_CRASH_SHELL:
a5d87bf0
LP		 852 r = optarg ? parse_boolean(optarg) : 1;
853 if (r < 0) {
854 log_error("Failed to parse crash shell boolean %s.", optarg);
855 return r;
856 }
857 arg_crash_shell = r;
9e58ff9c
LP		 858 break;
859
80876c20 860 case ARG_CONFIRM_SPAWN:
a5d87bf0
LP		 861 r = optarg ? parse_boolean(optarg) : 1;
862 if (r < 0) {
863 log_error("Failed to parse confirm spawn boolean %s.", optarg);
864 return r;
865 }
866 arg_confirm_spawn = r;
80876c20
LP		 867 break;
868
9e58ff9c 869 case ARG_SHOW_STATUS:
d450b6f2
ZJS		 870 if (optarg) {
871 r = parse_show_status(optarg, &arg_show_status);
872 if (r < 0) {
873 log_error("Failed to parse show status boolean %s.", optarg);
874 return r;
875 }
876 } else
877 arg_show_status = SHOW_STATUS_YES;
6e98720f 878 break;
a5d87bf0 879
a16e1123
LP		 880 case ARG_DESERIALIZE: {
881 int fd;
882 FILE *f;
883
01e10de3
LP		 884 r = safe_atoi(optarg, &fd);
885 if (r < 0 || fd < 0) {
a16e1123 886 log_error("Failed to parse deserialize option %s.", optarg);
01e10de3 887 return r < 0 ? r : -EINVAL;
a16e1123
LP		 888 }
889
01e10de3
LP		 890 fd_cloexec(fd, true);
891
892 f = fdopen(fd, "r");
4a62c710
MS		 893 if (!f)
894 return log_error_errno(errno, "Failed to open serialization fd: %m");
a16e1123 895
d3b1c508
LP		 896 if (arg_serialization)
897 fclose(arg_serialization);
a16e1123 898
d3b1c508 899 arg_serialization = f;
a16e1123
LP		 900
901 break;
902 }
903
2660882b 904 case ARG_SWITCHED_ROOT:
bf4df7c3 905 arg_switched_root = true;
d03bc1b8
HH		 906 break;
907
f170852a 908 case 'h':
fa0f4d8a 909 arg_action = ACTION_HELP;
b87c2aa6
ZJS		 910 if (arg_no_pager < 0)
911 arg_no_pager = true;
f170852a
LP		 912 break;
913
1d2e23ab
LP		 914 case 'D':
915 log_set_max_level(LOG_DEBUG);
916 break;
917
099663ff
LP		 918 case 'b':
919 case 's':
920 case 'z':
921 /* Just to eat away the sysvinit kernel
922 * cmdline args without getopt() error
923 * messages that we'll parse in
924 * parse_proc_cmdline_word() or ignore. */
f170852a 925
099663ff 926 case '?':
601185b4 927 if (getpid() != 1)
099663ff 928 return -EINVAL;
601185b4
ZJS		 929 else
930 return 0;
099663ff 931
601185b4
ZJS		 932 default:
933 assert_not_reached("Unhandled option code.");
f170852a
LP		 934 }
935
d821e6d6
LP		 936 if (optind < argc && getpid() != 1) {
937 /* Hmm, when we aren't run as init system
938 * let's complain about excess arguments */
939
940 log_error("Excess arguments.");
941 return -EINVAL;
942 }
943
f170852a
LP		 944 return 0;
945}
946
947static int help(void) {
948
2e33c433 949 printf("%s [OPTIONS...]\n\n"
af2d49f7 950 "Starts up and maintains the system or user services.\n\n"
e537352b 951 " -h --help Show this help\n"
e537352b 952 " --test Determine startup sequence, dump it and exit\n"
b87c2aa6 953 " --no-pager Do not pipe output into a pager\n"
80876c20 954 " --dump-configuration-items Dump understood unit configuration items\n"
9e58ff9c 955 " --unit=UNIT Set default unit\n"
edb9aaa8 956 " --system Run a system instance, even if PID != 1\n"
af2d49f7 957 " --user Run a user instance\n"
a5d87bf0
LP		 958 " --dump-core[=0|1] Dump core on crash\n"
959 " --crash-shell[=0|1] Run shell on crash\n"
960 " --confirm-spawn[=0|1] Ask for confirmation when spawning processes\n"
6e98720f 961 " --show-status[=0|1] Show status updates on the console during bootup\n"
c1dc6153 962 " --log-target=TARGET Set log target (console, journal, kmsg, journal-or-kmsg, null)\n"
9e58ff9c 963 " --log-level=LEVEL Set log level (debug, info, notice, warning, err, crit, alert, emerg)\n"
2218198b 964 " --log-color[=0|1] Highlight important log messages\n"
0a494f1f
LP		 965 " --log-location[=0|1] Include code location in log messages\n"
966 " --default-standard-output= Set default standard output for services\n"
967 " --default-standard-error= Set default standard error output for services\n",
5b6319dc 968 program_invocation_short_name);
f170852a
LP		 969
970 return 0;
971}
972
9ba0bc4e
ZJS		 973static int version(void) {
974 puts(PACKAGE_STRING);
9ba0bc4e
ZJS		 975 puts(SYSTEMD_FEATURES);
976
977 return 0;
978}
979
b3680f49 980static int prepare_reexecute(Manager *m, FILE **_f, FDSet **_fds, bool switching_root) {
a16e1123
LP		 981 FILE *f = NULL;
982 FDSet *fds = NULL;
983 int r;
984
985 assert(m);
986 assert(_f);
987 assert(_fds);
988
6b78f9b4
LP		 989 r = manager_open_serialization(m, &f);
990 if (r < 0) {
da927ba9 991 log_error_errno(r, "Failed to create serialization file: %m");
a16e1123
LP		 992 goto fail;
993 }
994
71445ae7
LP		 995 /* Make sure nothing is really destructed when we shut down */
996 m->n_reloading ++;
718db961 997 bus_manager_send_reloading(m, true);
71445ae7 998
6b78f9b4
LP		 999 fds = fdset_new();
1000 if (!fds) {
a16e1123 1001 r = -ENOMEM;
da927ba9 1002 log_error_errno(r, "Failed to allocate fd set: %m");
a16e1123
LP		 1003 goto fail;
1004 }
1005
b3680f49 1006 r = manager_serialize(m, f, fds, switching_root);
6b78f9b4 1007 if (r < 0) {
da927ba9 1008 log_error_errno(r, "Failed to serialize state: %m");
a16e1123
LP		 1009 goto fail;
1010 }
1011
1012 if (fseeko(f, 0, SEEK_SET) < 0) {
56f64d95 1013 log_error_errno(errno, "Failed to rewind serialization fd: %m");
a16e1123
LP		 1014 goto fail;
1015 }
1016
6b78f9b4
LP		 1017 r = fd_cloexec(fileno(f), false);
1018 if (r < 0) {
da927ba9 1019 log_error_errno(r, "Failed to disable O_CLOEXEC for serialization: %m");
a16e1123
LP		 1020 goto fail;
1021 }
1022
6b78f9b4
LP		 1023 r = fdset_cloexec(fds, false);
1024 if (r < 0) {
da927ba9 1025 log_error_errno(r, "Failed to disable O_CLOEXEC for serialization fds: %m");
a16e1123
LP		 1026 goto fail;
1027 }
1028
1029 *_f = f;
1030 *_fds = fds;
1031
1032 return 0;
1033
1034fail:
1035 fdset_free(fds);
1036
1037 if (f)
1038 fclose(f);
1039
1040 return r;
1041}
1042
4096d6f5
LP		 1043static int bump_rlimit_nofile(struct rlimit *saved_rlimit) {
1044 struct rlimit nl;
1045 int r;
1046
1047 assert(saved_rlimit);
1048
1049 /* Save the original RLIMIT_NOFILE so that we can reset it
1050 * later when transitioning from the initrd to the main
1051 * systemd or suchlike. */
4a62c710
MS		 1052 if (getrlimit(RLIMIT_NOFILE, saved_rlimit) < 0)
1053 return log_error_errno(errno, "Reading RLIMIT_NOFILE failed: %m");
4096d6f5
LP		 1054
1055 /* Make sure forked processes get the default kernel setting */
1056 if (!arg_default_rlimit[RLIMIT_NOFILE]) {
1057 struct rlimit *rl;
1058
1059 rl = newdup(struct rlimit, saved_rlimit, 1);
1060 if (!rl)
1061 return log_oom();
1062
1063 arg_default_rlimit[RLIMIT_NOFILE] = rl;
1064 }
1065
1066 /* Bump up the resource limit for ourselves substantially */
1067 nl.rlim_cur = nl.rlim_max = 64*1024;
1068 r = setrlimit_closest(RLIMIT_NOFILE, &nl);
23bbb0de
MS		 1069 if (r < 0)
1070 return log_error_errno(r, "Setting RLIMIT_NOFILE failed: %m");
4096d6f5
LP		 1071
1072 return 0;
1073}
1074
6ee5bbf8 1075static void test_mtab(void) {
6ee5bbf8 1076
5b4c0131
LP		 1077 static const char ok[] =
1078 "/proc/self/mounts\0"
1079 "/proc/mounts\0"
1080 "../proc/self/mounts\0"
1081 "../proc/mounts\0";
80758717 1082
5b4c0131
LP		 1083 _cleanup_free_ char *p = NULL;
1084 int r;
6ee5bbf8 1085
5b4c0131
LP		 1086 /* Check that /etc/mtab is a symlink to the right place or
1087 * non-existing. But certainly not a file, or a symlink to
1088 * some weird place... */
6ee5bbf8 1089
5b4c0131
LP		 1090 r = readlink_malloc("/etc/mtab", &p);
1091 if (r == -ENOENT)
1092 return;
1093 if (r >= 0 && nulstr_contains(ok, p))
1094 return;
6ee5bbf8 1095
80758717
LP		 1096 log_warning("/etc/mtab is not a symlink or not pointing to /proc/self/mounts. "
1097 "This is not supported anymore. "
1098 "Please make sure to replace this file by a symlink to avoid incorrect or misleading mount(8) output.");
1099}
1100
1101static void test_usr(void) {
80758717 1102
ed1c99fc 1103 /* Check that /usr is not a separate fs */
80758717 1104
871c44a7
LP		 1105 if (dir_is_empty("/usr") <= 0)
1106 return;
1107
8b173b5e 1108 log_warning("/usr appears to be on its own filesystem and is not already mounted. This is not a supported setup. "
871c44a7
LP		 1109 "Some things will probably break (sometimes even silently) in mysterious ways. "
1110 "Consult http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken for more information.");
1111}
1112
a07fdfa3
LP		 1113static int initialize_join_controllers(void) {
1114 /* By default, mount "cpu" + "cpuacct" together, and "net_cls"
1115 * + "net_prio". We'd like to add "cpuset" to the mix, but
f131770b 1116 * "cpuset" doesn't really work for groups with no initialized
a07fdfa3
LP		 1117 * attributes. */
1118
1119 arg_join_controllers = new(char**, 3);
1120 if (!arg_join_controllers)
1121 return -ENOMEM;
1122
1123 arg_join_controllers[0] = strv_new("cpu", "cpuacct", NULL);
a07fdfa3 1124 arg_join_controllers[1] = strv_new("net_cls", "net_prio", NULL);
a6b26d90
ZJS		 1125 arg_join_controllers[2] = NULL;
1126
1127 if (!arg_join_controllers[0] || !arg_join_controllers[1]) {
1128 free_join_controllers();
a07fdfa3 1129 return -ENOMEM;
a6b26d90 1130 }
a07fdfa3 1131
a07fdfa3
LP		 1132 return 0;
1133}
1134
d3b1c508
LP		 1135static int enforce_syscall_archs(Set *archs) {
1136#ifdef HAVE_SECCOMP
1137 scmp_filter_ctx *seccomp;
1138 Iterator i;
1139 void *id;
1140 int r;
1141
1142 seccomp = seccomp_init(SCMP_ACT_ALLOW);
1143 if (!seccomp)
1144 return log_oom();
1145
1146 SET_FOREACH(id, arg_syscall_archs, i) {
1147 r = seccomp_arch_add(seccomp, PTR_TO_UINT32(id) - 1);
1148 if (r == -EEXIST)
1149 continue;
1150 if (r < 0) {
da927ba9 1151 log_error_errno(r, "Failed to add architecture to seccomp: %m");
d3b1c508
LP		 1152 goto finish;
1153 }
1154 }
1155
8a8bf3c0
LP		 1156 r = seccomp_attr_set(seccomp, SCMP_FLTATR_CTL_NNP, 0);
1157 if (r < 0) {
da927ba9 1158 log_error_errno(r, "Failed to unset NO_NEW_PRIVS: %m");
8a8bf3c0
LP		 1159 goto finish;
1160 }
1161
d3b1c508
LP		 1162 r = seccomp_load(seccomp);
1163 if (r < 0)
da927ba9 1164 log_error_errno(r, "Failed to add install architecture seccomp: %m");
d3b1c508
LP		 1165
1166finish:
1167 seccomp_release(seccomp);
1168 return r;
1169#else
1170 return 0;
1171#endif
1172}
1173
b6e2f329
LP		 1174static int status_welcome(void) {
1175 _cleanup_free_ char *pretty_name = NULL, *ansi_color = NULL;
1176 int r;
1177
1178 r = parse_env_file("/etc/os-release", NEWLINE,
1179 "PRETTY_NAME", &pretty_name,
1180 "ANSI_COLOR", &ansi_color,
1181 NULL);
5ae4d543
LP		 1182 if (r == -ENOENT) {
1183 r = parse_env_file("/usr/lib/os-release", NEWLINE,
1184 "PRETTY_NAME", &pretty_name,
1185 "ANSI_COLOR", &ansi_color,
1186 NULL);
1187 }
b6e2f329
LP		 1188
1189 if (r < 0 && r != -ENOENT)
da927ba9 1190 log_warning_errno(r, "Failed to read os-release file: %m");
b6e2f329
LP		 1191
1192 return status_printf(NULL, false, false,
1193 "\nWelcome to \x1B[%sm%s\x1B[0m!\n",
1194 isempty(ansi_color) ? "1" : ansi_color,
1195 isempty(pretty_name) ? "Linux" : pretty_name);
1196}
1197
fdd25311
LP		 1198static int write_container_id(void) {
1199 const char *c;
1200
1201 c = getenv("container");
1202 if (isempty(c))
1203 return 0;
1204
1205 return write_string_file("/run/systemd/container", c);
1206}
1207
60918275
LP		 1208int main(int argc, char *argv[]) {
1209 Manager *m = NULL;
22f4096c 1210 int r, retval = EXIT_FAILURE;
9d76d730
LP		 1211 usec_t before_startup, after_startup;
1212 char timespan[FORMAT_TIMESPAN_MAX];
a16e1123
LP		 1213 FDSet *fds = NULL;
1214 bool reexecute = false;
b9080b03 1215 const char *shutdown_verb = NULL;
86caf095
LP		 1216 dual_timestamp initrd_timestamp = DUAL_TIMESTAMP_NULL;
1217 dual_timestamp userspace_timestamp = DUAL_TIMESTAMP_NULL;
1218 dual_timestamp kernel_timestamp = DUAL_TIMESTAMP_NULL;
1219 dual_timestamp security_start_timestamp = DUAL_TIMESTAMP_NULL;
1220 dual_timestamp security_finish_timestamp = DUAL_TIMESTAMP_NULL;
5d6b1584 1221 static char systemd[] = "systemd";
2660882b 1222 bool skip_setup = false;
d3b1c508 1223 unsigned j;
0b3325e7 1224 bool loaded_policy = false;
e96d6be7 1225 bool arm_reboot_watchdog = false;
bf4df7c3 1226 bool queue_default_job = false;
5f5c2f38 1227 bool empty_etc = false;
41669317 1228 char *switch_root_dir = NULL, *switch_root_init = NULL;
86caf095 1229 struct rlimit saved_rlimit_nofile = RLIMIT_MAKE_CONST(0);
cb6531be 1230 const char *error_message = NULL;
27b14a22 1231
058dc6f3 1232#ifdef HAVE_SYSV_COMPAT
2cb1a60d 1233 if (getpid() != 1 && strstr(program_invocation_short_name, "init")) {
35b8ca3a 1234 /* This is compatibility support for SysV, where
2cb1a60d
LP		 1235 * calling init as a user is identical to telinit. */
1236
1237 errno = -ENOENT;
1238 execv(SYSTEMCTL_BINARY_PATH, argv);
56f64d95 1239 log_error_errno(errno, "Failed to exec " SYSTEMCTL_BINARY_PATH ": %m");
2cb1a60d
LP		 1240 return 1;
1241 }
058dc6f3 1242#endif
2cb1a60d 1243
c3a170f3
HH		 1244 dual_timestamp_from_monotonic(&kernel_timestamp, 0);
1245 dual_timestamp_get(&userspace_timestamp);
1246
0b3325e7
LP		 1247 /* Determine if this is a reexecution or normal bootup. We do
1248 * the full command line parsing much later, so let's just
1249 * have a quick peek here. */
db813c2a
LP		 1250 if (strv_find(argv+1, "--deserialize"))
1251 skip_setup = true;
0b3325e7 1252
2660882b
LP		 1253 /* If we have switched root, do all the special setup
1254 * things */
db813c2a
LP		 1255 if (strv_find(argv+1, "--switched-root"))
1256 skip_setup = false;
d03bc1b8 1257
f3b6a3ed
LP		 1258 /* If we get started via the /sbin/init symlink then we are
1259 called 'init'. After a subsequent reexecution we are then
1260 called 'systemd'. That is confusing, hence let's call us
1261 systemd right-away. */
f3b6a3ed
LP		 1262 program_invocation_short_name = systemd;
1263 prctl(PR_SET_NAME, systemd);
5d6b1584 1264
9a0e6896
LP		 1265 saved_argv = argv;
1266 saved_argc = argc;
f3b6a3ed 1267
2cc59dbf 1268 log_show_color(isatty(STDERR_FILENO) > 0);
c1dc6153 1269 log_set_upgrade_syslog_to_journal(true);
bbe63281 1270
90dc8c2e
MG		 1271 /* Disable the umask logic */
1272 if (getpid() == 1)
1273 umask(0);
1274
a866073d 1275 if (getpid() == 1 && detect_container(NULL) <= 0) {
4f8d551f 1276
a866073d 1277 /* Running outside of a container as PID 1 */
67445f4e 1278 arg_running_as = SYSTEMD_SYSTEM;
a866073d
LP		 1279 make_null_stdio();
1280 log_set_target(LOG_TARGET_KMSG);
1281 log_open();
1282
21bf2ab0 1283 if (in_initrd())
c3a170f3 1284 initrd_timestamp = userspace_timestamp;
c3ba6250 1285
2660882b 1286 if (!skip_setup) {
8f838d8a 1287 mount_setup_early();
c2e0d600 1288 dual_timestamp_get(&security_start_timestamp);
cb6531be
ZJS		 1289 if (mac_selinux_setup(&loaded_policy) < 0) {
1290 error_message = "Failed to load SELinux policy";
0b3325e7 1291 goto finish;
cb6531be
ZJS		 1292 } else if (ima_setup() < 0) {
1293 error_message = "Failed to load IMA policy";
81611586 1294 goto finish;
cb6531be
ZJS		 1295 } else if (mac_smack_setup(&loaded_policy) < 0) {
1296 error_message = "Failed to load SMACK policy";
ffbd2c4d 1297 goto finish;
cb6531be 1298 }
c2e0d600 1299 dual_timestamp_get(&security_finish_timestamp);
81611586 1300 }
0b3325e7 1301
cb6531be
ZJS		 1302 if (mac_selinux_init(NULL) < 0) {
1303 error_message = "Failed to initialize SELinux policy";
0ff4cdd9 1304 goto finish;
cb6531be 1305 }
7948c4df 1306
72edcff5 1307 if (!skip_setup) {
24efb112 1308 if (clock_is_localtime() > 0) {
0b3325e7 1309 int min;
7948c4df 1310
c264aeab
KS		 1311 /*
1312 * The very first call of settimeofday() also does a time warp in the kernel.
1313 *
1314 * In the rtc-in-local time mode, we set the kernel's timezone, and rely on
1315 * external tools to take care of maintaining the RTC and do all adjustments.
1316 * This matches the behavior of Windows, which leaves the RTC alone if the
1317 * registry tells that the RTC runs in UTC.
1318 */
24efb112 1319 r = clock_set_timezone(&min);
0b3325e7 1320 if (r < 0)
da927ba9 1321 log_error_errno(r, "Failed to apply local time delta, ignoring: %m");
0b3325e7
LP		 1322 else
1323 log_info("RTC configured in localtime, applying delta of %i minutes to system time.", min);
19e65613
KS		 1324 } else if (!in_initrd()) {
1325 /*
c264aeab 1326 * Do a dummy very first call to seal the kernel's time warp magic.
19e65613
KS		 1327 *
1328 * Do not call this this from inside the initrd. The initrd might not
1329 * carry /etc/adjtime with LOCAL, but the real system could be set up
1330 * that way. In such case, we need to delay the time-warp or the sealing
1331 * until we reach the real system.
c264aeab
KS		 1332 *
1333 * Do no set the kernel's timezone. The concept of local time cannot
1334 * be supported reliably, the time will jump or be incorrect at every daylight
1335 * saving time change. All kernel local time concepts will be treated
1336 * as UTC that way.
19e65613 1337 */
c264aeab 1338 clock_reset_timewarp();
72edcff5
KS		 1339 }
1340 }
a866073d
LP		 1341
1342 /* Set the default for later on, but don't actually
1343 * open the logs like this for now. Note that if we
1344 * are transitioning from the initrd there might still
1345 * be journal fd open, and we shouldn't attempt
1346 * opening that before we parsed /proc/cmdline which
1347 * might redirect output elsewhere. */
1348 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
1349
1350 } else if (getpid() == 1) {
a866073d 1351 /* Running inside a container, as PID 1 */
67445f4e 1352 arg_running_as = SYSTEMD_SYSTEM;
a866073d 1353 log_set_target(LOG_TARGET_CONSOLE);
99f09825 1354 log_close_console(); /* force reopen of /dev/console */
a866073d
LP		 1355 log_open();
1356
1357 /* For the later on, see above... */
1358 log_set_target(LOG_TARGET_JOURNAL);
1359
c3a170f3
HH		 1360 /* clear the kernel timestamp,
1361 * because we are in a container */
1362 kernel_timestamp.monotonic = 0ULL;
1363 kernel_timestamp.realtime = 0ULL;
a866073d 1364
c3a170f3 1365 } else {
a866073d 1366 /* Running as user instance */
67445f4e 1367 arg_running_as = SYSTEMD_USER;
eeecf6e6 1368 log_set_target(LOG_TARGET_AUTO);
871e5809 1369 log_open();
c3a170f3
HH		 1370
1371 /* clear the kernel timestamp,
1372 * because we are not PID 1 */
1373 kernel_timestamp.monotonic = 0ULL;
1374 kernel_timestamp.realtime = 0ULL;
bbe63281 1375 }
a5dab5ce 1376
0c85a4f3 1377 /* Initialize default unit */
6afa301b
LP		 1378 r = set_default_unit(SPECIAL_DEFAULT_TARGET);
1379 if (r < 0) {
da927ba9 1380 log_emergency_errno(r, "Failed to set default unit %s: %m", SPECIAL_DEFAULT_TARGET);
cb6531be 1381 error_message = "Failed to set default unit";
f170852a 1382 goto finish;
14212119 1383 }
60918275 1384
a07fdfa3 1385 r = initialize_join_controllers();
cb6531be
ZJS		 1386 if (r < 0) {
1387 error_message = "Failed to initalize cgroup controllers";
0c85a4f3 1388 goto finish;
cb6531be 1389 }
0c85a4f3 1390
f170852a
LP		 1391 /* Mount /proc, /sys and friends, so that /proc/cmdline and
1392 * /proc/$PID/fd is available. */
c1dae1b3 1393 if (getpid() == 1) {
f84f9974
LP		 1394
1395 /* Load the kernel modules early, so that we kdbus.ko is loaded before kdbusfs shall be mounted */
2e75e2a8
DM		 1396 if (!skip_setup)
1397 kmod_setup();
2e75e2a8 1398
0c85a4f3 1399 r = mount_setup(loaded_policy);
cb6531be
ZJS		 1400 if (r < 0) {
1401 error_message = "Failed to mount API filesystems";
8efe3c01 1402 goto finish;
cb6531be 1403 }
0c85a4f3 1404 }
4ade7963
LP		 1405
1406 /* Reset all signal handlers. */
1407 assert_se(reset_all_signal_handlers() == 0);
1408
9a34ec5f 1409 ignore_signals(SIGNALS_IGNORE, -1);
078e4539 1410
cb6531be
ZJS		 1411 if (parse_config_file() < 0) {
1412 error_message = "Failed to parse config file";
487393e9 1413 goto finish;
cb6531be 1414 }
487393e9 1415
b5884878
LP		 1416 if (arg_running_as == SYSTEMD_SYSTEM) {
1417 r = parse_proc_cmdline(parse_proc_cmdline_item);
1418 if (r < 0)
da927ba9 1419 log_warning_errno(r, "Failed to parse kernel command line, ignoring: %m");
b5884878 1420 }
f170852a 1421
1de1c9c3
LP		 1422 /* Note that this also parses bits from the kernel command
1423 * line, including "debug". */
f170852a
LP		 1424 log_parse_environment();
1425
cb6531be
ZJS		 1426 if (parse_argv(argc, argv) < 0) {
1427 error_message = "Failed to parse commandline arguments";
f170852a 1428 goto finish;
cb6531be 1429 }
f170852a 1430
6bae23a0
TB		 1431 if (arg_action == ACTION_TEST &&
1432 geteuid() == 0) {
b5c6cf87
LP		 1433 log_error("Don't run test mode as root.");
1434 goto finish;
1435 }
1436
6bae23a0
TB		 1437 if (arg_running_as == SYSTEMD_USER &&
1438 arg_action == ACTION_RUN &&
1439 sd_booted() <= 0) {
1440 log_error("Trying to run as user instance, but the system has not been booted with systemd.");
1441 goto finish;
1442 }
1443
67445f4e 1444 if (arg_running_as == SYSTEMD_SYSTEM &&
fe783b03
LP		 1445 arg_action == ACTION_RUN &&
1446 running_in_chroot() > 0) {
1447 log_error("Cannot be run in a chroot() environment.");
1448 goto finish;
1449 }
1450
0d8c31ff
ZJS		 1451 if (arg_action == ACTION_TEST)
1452 skip_setup = true;
1453
b87c2aa6
ZJS		 1454 pager_open_if_enabled();
1455
fa0f4d8a 1456 if (arg_action == ACTION_HELP) {
f170852a
LP		 1457 retval = help();
1458 goto finish;
9ba0bc4e
ZJS		 1459 } else if (arg_action == ACTION_VERSION) {
1460 retval = version();
1461 goto finish;
fa0f4d8a 1462 } else if (arg_action == ACTION_DUMP_CONFIGURATION_ITEMS) {
e537352b 1463 unit_dump_config_items(stdout);
22f4096c 1464 retval = EXIT_SUCCESS;
e537352b 1465 goto finish;
fa0f4d8a 1466 } else if (arg_action == ACTION_DONE) {
22f4096c 1467 retval = EXIT_SUCCESS;
4288f619 1468 goto finish;
f170852a
LP		 1469 }
1470
8be28fb1
KS		 1471 if (arg_running_as == SYSTEMD_USER &&
1472 !getenv("XDG_RUNTIME_DIR")) {
1473 log_error("Trying to run as user instance, but $XDG_RUNTIME_DIR is not set.");
1474 goto finish;
1475 }
1476
fa0f4d8a 1477 assert_se(arg_action == ACTION_RUN || arg_action == ACTION_TEST);
f170852a 1478
871e5809
LP		 1479 /* Close logging fds, in order not to confuse fdset below */
1480 log_close();
1481
a16e1123 1482 /* Remember open file descriptors for later deserialization */
01e10de3
LP		 1483 r = fdset_new_fill(&fds);
1484 if (r < 0) {
da927ba9 1485 log_emergency_errno(r, "Failed to allocate fd set: %m");
cb6531be 1486 error_message = "Failed to allocate fd set";
01e10de3
LP		 1487 goto finish;
1488 } else
1489 fdset_cloexec(fds, true);
a16e1123 1490
d3b1c508
LP		 1491 if (arg_serialization)
1492 assert_se(fdset_remove(fds, fileno(arg_serialization)) >= 0);
a16e1123 1493
90dc8c2e 1494 if (arg_running_as == SYSTEMD_SYSTEM)
80876c20
LP		 1495 /* Become a session leader if we aren't one yet. */
1496 setsid();
4ade7963 1497
befb5b6a
LP		 1498 /* Move out of the way, so that we won't block unmounts */
1499 assert_se(chdir("/") == 0);
1500
2146621b
LP		 1501 /* Reset the console, but only if this is really init and we
1502 * are freshly booted */
56d96fc0
LP		 1503 if (arg_running_as == SYSTEMD_SYSTEM && arg_action == ACTION_RUN) {
1504
1505 /* If we are init, we connect stdin/stdout/stderr to
1506 * /dev/null and make sure we don't have a controlling
1507 * tty. */
1508 release_terminal();
1509
1510 if (getpid() == 1 && !skip_setup)
1511 console_setup();
1512 }
4ade7963 1513
18149b9f 1514 /* Open the logging devices, if possible and necessary */
843d2643 1515 log_open();
4ade7963 1516
b6e2f329
LP		 1517 if (arg_show_status == _SHOW_STATUS_UNSET)
1518 arg_show_status = SHOW_STATUS_YES;
1519
5373d602
LP		 1520 /* Make sure we leave a core dump without panicing the
1521 * kernel. */
ab422445 1522 if (getpid() == 1) {
4fc935ca 1523 install_crash_handler();
97c4f35c 1524
0c85a4f3
LP		 1525 r = mount_cgroup_controllers(arg_join_controllers);
1526 if (r < 0)
1527 goto finish;
1528 }
1529
67445f4e 1530 if (arg_running_as == SYSTEMD_SYSTEM) {
c20f5ac7
LP		 1531 const char *virtualization = NULL;
1532
0d8c31ff
ZJS		 1533 log_info(PACKAGE_STRING " running in %ssystem mode. (" SYSTEMD_FEATURES ")",
1534 arg_action == ACTION_TEST ? "test " : "" );
c20f5ac7
LP		 1535
1536 detect_virtualization(&virtualization);
1537 if (virtualization)
d3f86679 1538 log_info("Detected virtualization %s.", virtualization);
c20f5ac7 1539
fdd25311
LP		 1540 write_container_id();
1541
d3f86679 1542 log_info("Detected architecture %s.", architecture_to_string(uname_architecture()));
d9d93745 1543
26a1efdf
LP		 1544 if (in_initrd())
1545 log_info("Running in initial RAM disk.");
1546
3408ba01
LP		 1547 /* Let's check whether /etc is already populated. We
1548 * don't actually really check for that, but use
1549 * /etc/machine-id as flag file. This allows container
1550 * managers and installers to provision a couple of
1551 * files already. If the container manager wants to
1552 * provision the machine ID itself it should pass
ee33e53a 1553 * $container_uuid to PID 1. */
3408ba01 1554
baa1bdf7 1555 empty_etc = access("/etc/machine-id", F_OK) < 0;
5f5c2f38
LP		 1556 if (empty_etc)
1557 log_info("Running with unpopulated /etc.");
d8160f21 1558 } else {
1f97091d
LP		 1559 _cleanup_free_ char *t;
1560
1561 t = uid_to_name(getuid());
0d8c31ff
ZJS		 1562 log_debug(PACKAGE_STRING " running in %suser mode for user "UID_FMT"/%s. (" SYSTEMD_FEATURES ")",
1563 arg_action == ACTION_TEST ? " test" : "", getuid(), t);
d8160f21 1564 }
a5dab5ce 1565
67445f4e 1566 if (arg_running_as == SYSTEMD_SYSTEM && !skip_setup) {
031886ed 1567 if (arg_show_status > 0)
888c6216
LP		 1568 status_welcome();
1569
888c6216 1570 hostname_setup();
489388fb 1571 machine_id_setup(NULL);
888c6216 1572 loopback_setup();
490aed58 1573
6ee5bbf8 1574 test_mtab();
80758717 1575 test_usr();
af5bc85d 1576 }
302e8c4c 1577
67445f4e 1578 if (arg_running_as == SYSTEMD_SYSTEM && arg_runtime_watchdog > 0)
e96d6be7
LP		 1579 watchdog_set_timeout(&arg_runtime_watchdog);
1580
3a43da28 1581 if (arg_timer_slack_nsec != NSEC_INFINITY)
aa0f64ac 1582 if (prctl(PR_SET_TIMERSLACK, arg_timer_slack_nsec) < 0)
56f64d95 1583 log_error_errno(errno, "Failed to adjust timer slack: %m");
aa0f64ac 1584
ec8927ca 1585 if (arg_capability_bounding_set_drop) {
31c885e9 1586 r = capability_bounding_set_drop_usermode(arg_capability_bounding_set_drop);
ec8927ca 1587 if (r < 0) {
da927ba9 1588 log_emergency_errno(r, "Failed to drop capability bounding set of usermode helpers: %m");
cb6531be 1589 error_message = "Failed to drop capability bounding set of usermode helpers";
ec8927ca
LP		 1590 goto finish;
1591 }
31c885e9 1592 r = capability_bounding_set_drop(arg_capability_bounding_set_drop, true);
939b8f14 1593 if (r < 0) {
da927ba9 1594 log_emergency_errno(r, "Failed to drop capability bounding set: %m");
cb6531be 1595 error_message = "Failed to drop capability bounding set";
939b8f14
LP		 1596 goto finish;
1597 }
ec8927ca
LP		 1598 }
1599
d3b1c508
LP		 1600 if (arg_syscall_archs) {
1601 r = enforce_syscall_archs(arg_syscall_archs);
cb6531be
ZJS		 1602 if (r < 0) {
1603 error_message = "Failed to set syscall architectures";
d3b1c508 1604 goto finish;
cb6531be 1605 }
d3b1c508
LP		 1606 }
1607
67445f4e 1608 if (arg_running_as == SYSTEMD_USER) {
d4447f4d 1609 /* Become reaper of our children */
8b8ffe68 1610 if (prctl(PR_SET_CHILD_SUBREAPER, 1) < 0) {
56f64d95 1611 log_warning_errno(errno, "Failed to make us a subreaper: %m");
8b8ffe68 1612 if (errno == EINVAL)
ddfa5101 1613 log_info("Perhaps the kernel version is too old (< 3.4?)");
8b8ffe68 1614 }
d4447f4d
AK		 1615 }
1616
5f5c2f38 1617 if (arg_running_as == SYSTEMD_SYSTEM) {
4096d6f5
LP		 1618 bump_rlimit_nofile(&saved_rlimit_nofile);
1619
5f5c2f38
LP		 1620 if (empty_etc) {
1621 r = unit_file_preset_all(UNIT_FILE_SYSTEM, false, NULL, UNIT_FILE_PRESET_FULL, false, NULL, 0);
1622 if (r < 0)
da927ba9 1623 log_warning_errno(r, "Failed to populate /etc with preset unit settings, ignoring: %m");
5f5c2f38
LP		 1624 else
1625 log_info("Populated /etc with preset unit settings.");
1626 }
1627 }
1628
0d8c31ff 1629 r = manager_new(arg_running_as, arg_action == ACTION_TEST, &m);
e96d6be7 1630 if (r < 0) {
da927ba9 1631 log_emergency_errno(r, "Failed to allocate manager object: %m");
cb6531be 1632 error_message = "Failed to allocate manager object";
60918275
LP		 1633 goto finish;
1634 }
1635
9e58ff9c 1636 m->confirm_spawn = arg_confirm_spawn;
bd8f585b 1637 m->default_timer_accuracy_usec = arg_default_timer_accuracy_usec;
0a494f1f
LP		 1638 m->default_std_output = arg_default_std_output;
1639 m->default_std_error = arg_default_std_error;
1f19a534
OS		 1640 m->default_restart_usec = arg_default_restart_usec;
1641 m->default_timeout_start_usec = arg_default_timeout_start_usec;
1642 m->default_timeout_stop_usec = arg_default_timeout_stop_usec;
3f41e1e5
LN		 1643 m->default_start_limit_interval = arg_default_start_limit_interval;
1644 m->default_start_limit_burst = arg_default_start_limit_burst;
085afe36
LP		 1645 m->default_cpu_accounting = arg_default_cpu_accounting;
1646 m->default_blockio_accounting = arg_default_blockio_accounting;
1647 m->default_memory_accounting = arg_default_memory_accounting;
e96d6be7
LP		 1648 m->runtime_watchdog = arg_runtime_watchdog;
1649 m->shutdown_watchdog = arg_shutdown_watchdog;
2928b0a8 1650
c3a170f3
HH		 1651 m->userspace_timestamp = userspace_timestamp;
1652 m->kernel_timestamp = kernel_timestamp;
c3a170f3 1653 m->initrd_timestamp = initrd_timestamp;
c2e0d600
TA		 1654 m->security_start_timestamp = security_start_timestamp;
1655 m->security_finish_timestamp = security_finish_timestamp;
9e58ff9c 1656
c93ff2e9 1657 manager_set_default_rlimits(m, arg_default_rlimit);
b6e2f329 1658 manager_environment_add(m, NULL, arg_default_environment);
27d340c7 1659 manager_set_show_status(m, arg_show_status);
e2680723 1660 manager_set_first_boot(m, empty_etc);
27d340c7 1661
bf4df7c3 1662 /* Remember whether we should queue the default job */
d3b1c508 1663 queue_default_job = !arg_serialization || arg_switched_root;
bf4df7c3 1664
9d76d730
LP		 1665 before_startup = now(CLOCK_MONOTONIC);
1666
d3b1c508 1667 r = manager_startup(m, arg_serialization, fds);
e96d6be7 1668 if (r < 0)
da927ba9 1669 log_error_errno(r, "Failed to fully start up daemon: %m");
a16e1123 1670
bf4df7c3
LP		 1671 /* This will close all file descriptors that were opened, but
1672 * not claimed by any unit. */
01e10de3 1673 fdset_free(fds);
6c081276 1674 fds = NULL;
f50e0a01 1675
d3b1c508
LP		 1676 if (arg_serialization) {
1677 fclose(arg_serialization);
1678 arg_serialization = NULL;
bf4df7c3
LP		 1679 }
1680
1681 if (queue_default_job) {
718db961 1682 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1c27d3f3 1683 Unit *target = NULL;
bacbccb7 1684 Job *default_unit_job;
398ef8ba 1685
fa0f4d8a 1686 log_debug("Activating default unit: %s", arg_default_unit);
a16e1123 1687
e96d6be7 1688 r = manager_load_unit(m, arg_default_unit, NULL, &error, &target);
718db961
LP		 1689 if (r < 0)
1690 log_error("Failed to load default target: %s", bus_error_message(&error, r));
1691 else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND)
c33b3297 1692 log_error_errno(target->load_error, "Failed to load default target: %m");
ac155bb8 1693 else if (target->load_state == UNIT_MASKED)
6daf4f90 1694 log_error("Default target masked.");
27b14a22 1695
ac155bb8 1696 if (!target || target->load_state != UNIT_LOADED) {
a16e1123 1697 log_info("Trying to load rescue target...");
1c27d3f3 1698
e96d6be7
LP		 1699 r = manager_load_unit(m, SPECIAL_RESCUE_TARGET, NULL, &error, &target);
1700 if (r < 0) {
4104970e 1701 log_emergency("Failed to load rescue target: %s", bus_error_message(&error, r));
cb6531be 1702 error_message = "Failed to load rescue target";
a16e1123 1703 goto finish;
11ddb6f4 1704 } else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND) {
c33b3297 1705 log_emergency_errno(target->load_error, "Failed to load rescue target: %m");
cb6531be 1706 error_message = "Failed to load rescue target";
1c27d3f3 1707 goto finish;
ac155bb8 1708 } else if (target->load_state == UNIT_MASKED) {
4104970e 1709 log_emergency("Rescue target masked.");
cb6531be 1710 error_message = "Rescue target masked";
00dc5d76 1711 goto finish;
a16e1123
LP		 1712 }
1713 }
37d88da7 1714
ac155bb8 1715 assert(target->load_state == UNIT_LOADED);
00dc5d76 1716
fa0f4d8a 1717 if (arg_action == ACTION_TEST) {
40d50879 1718 printf("-> By units:\n");
a16e1123
LP		 1719 manager_dump_units(m, stdout, "\t");
1720 }
1721
95f1b47d 1722 r = manager_add_job(m, JOB_START, target, JOB_ISOLATE, false, &error, &default_unit_job);
ab17a050 1723 if (r == -EPERM) {
718db961 1724 log_debug("Default target could not be isolated, starting instead: %s", bus_error_message(&error, r));
ab17a050
LP		 1725
1726 r = manager_add_job(m, JOB_START, target, JOB_REPLACE, false, &error, &default_unit_job);
1727 if (r < 0) {
4104970e 1728 log_emergency("Failed to start default target: %s", bus_error_message(&error, r));
cb6531be 1729 error_message = "Failed to start default target";
ab17a050
LP		 1730 goto finish;
1731 }
1732 } else if (r < 0) {
4104970e 1733 log_emergency("Failed to isolate default target: %s", bus_error_message(&error, r));
cb6531be 1734 error_message = "Failed to isolate default target";
37d88da7
LP		 1735 goto finish;
1736 }
ab17a050 1737
bacbccb7 1738 m->default_unit_job_id = default_unit_job->id;
60918275 1739
07672f49
LP		 1740 after_startup = now(CLOCK_MONOTONIC);
1741 log_full(arg_action == ACTION_TEST ? LOG_INFO : LOG_DEBUG,
1742 "Loaded units and determined initial transaction in %s.",
fdb14b7e 1743 format_timespan(timespan, sizeof(timespan), after_startup - before_startup, 100 * USEC_PER_MSEC));
07672f49 1744
fa0f4d8a 1745 if (arg_action == ACTION_TEST) {
40d50879 1746 printf("-> By jobs:\n");
a16e1123 1747 manager_dump_jobs(m, stdout, "\t");
22f4096c 1748 retval = EXIT_SUCCESS;
a16e1123
LP		 1749 goto finish;
1750 }
e965d56d 1751 }
d46de8a1 1752
a16e1123 1753 for (;;) {
e96d6be7
LP		 1754 r = manager_loop(m);
1755 if (r < 0) {
da927ba9 1756 log_emergency_errno(r, "Failed to run main loop: %m");
cb6531be 1757 error_message = "Failed to run main loop";
a16e1123
LP		 1758 goto finish;
1759 }
11dd41ce 1760
a16e1123 1761 switch (m->exit_code) {
e965d56d 1762
a16e1123 1763 case MANAGER_EXIT:
22f4096c 1764 retval = EXIT_SUCCESS;
a16e1123
LP		 1765 log_debug("Exit.");
1766 goto finish;
e965d56d 1767
a16e1123 1768 case MANAGER_RELOAD:
e015090f 1769 log_info("Reloading.");
e96d6be7
LP		 1770 r = manager_reload(m);
1771 if (r < 0)
da927ba9 1772 log_error_errno(r, "Failed to reload: %m");
a16e1123 1773 break;
cea8e32e 1774
a16e1123 1775 case MANAGER_REEXECUTE:
664f88a7 1776
cb6531be
ZJS		 1777 if (prepare_reexecute(m, &arg_serialization, &fds, false) < 0) {
1778 error_message = "Failed to prepare for reexection";
a16e1123 1779 goto finish;
cb6531be 1780 }
60918275 1781
a16e1123 1782 reexecute = true;
e015090f 1783 log_notice("Reexecuting.");
a16e1123
LP		 1784 goto finish;
1785
664f88a7
LP		 1786 case MANAGER_SWITCH_ROOT:
1787 /* Steal the switch root parameters */
41669317 1788 switch_root_dir = m->switch_root;
664f88a7
LP		 1789 switch_root_init = m->switch_root_init;
1790 m->switch_root = m->switch_root_init = NULL;
1791
1792 if (!switch_root_init)
cb6531be
ZJS		 1793 if (prepare_reexecute(m, &arg_serialization, &fds, true) < 0) {
1794 error_message = "Failed to prepare for reexection";
664f88a7 1795 goto finish;
cb6531be 1796 }
664f88a7
LP		 1797
1798 reexecute = true;
1799 log_notice("Switching root.");
1800 goto finish;
1801
b9080b03
FF		 1802 case MANAGER_REBOOT:
1803 case MANAGER_POWEROFF:
1804 case MANAGER_HALT:
1805 case MANAGER_KEXEC: {
1806 static const char * const table[_MANAGER_EXIT_CODE_MAX] = {
1807 [MANAGER_REBOOT] = "reboot",
1808 [MANAGER_POWEROFF] = "poweroff",
1809 [MANAGER_HALT] = "halt",
1810 [MANAGER_KEXEC] = "kexec"
1811 };
1812
1813 assert_se(shutdown_verb = table[m->exit_code]);
e96d6be7 1814 arm_reboot_watchdog = m->exit_code == MANAGER_REBOOT;
b9080b03
FF		 1815
1816 log_notice("Shutting down.");
1817 goto finish;
1818 }
1819
a16e1123
LP		 1820 default:
1821 assert_not_reached("Unknown exit code.");
1822 }
1823 }
f170852a 1824
60918275 1825finish:
b87c2aa6
ZJS		 1826 pager_close();
1827
81f5fc2d
MM		 1828 if (m)
1829 arg_shutdown_watchdog = m->shutdown_watchdog;
06d8d842 1830 m = manager_free(m);
60918275 1831
d3b1c508 1832 for (j = 0; j < ELEMENTSOF(arg_default_rlimit); j++) {
4096d6f5 1833 free(arg_default_rlimit[j]);
d3b1c508
LP		 1834 arg_default_rlimit[j] = NULL;
1835 }
c93ff2e9 1836
fa0f4d8a 1837 free(arg_default_unit);
d3b1c508
LP		 1838 arg_default_unit = NULL;
1839
0c85a4f3 1840 free_join_controllers();
b9cd2ec1 1841
d3b1c508
LP		 1842 strv_free(arg_default_environment);
1843 arg_default_environment = NULL;
1844
1845 set_free(arg_syscall_archs);
1846 arg_syscall_archs = NULL;
1847
cc56fafe 1848 mac_selinux_finish();
b2bb3dbe 1849
a16e1123 1850 if (reexecute) {
664f88a7 1851 const char **args;
e564a982 1852 unsigned i, args_size;
a16e1123 1853
664f88a7
LP		 1854 /* Close and disarm the watchdog, so that the new
1855 * instance can reinitialize it, but doesn't get
1856 * rebooted while we do that */
1857 watchdog_close(true);
a16e1123 1858
4096d6f5
LP		 1859 /* Reset the RLIMIT_NOFILE to the kernel default, so
1860 * that the new systemd can pass the kernel default to
1861 * its child processes */
1862 if (saved_rlimit_nofile.rlim_cur > 0)
1863 setrlimit(RLIMIT_NOFILE, &saved_rlimit_nofile);
1864
41669317 1865 if (switch_root_dir) {
cee530bb
LP		 1866 /* Kill all remaining processes from the
1867 * initrd, but don't wait for them, so that we
1868 * can handle the SIGCHLD for them after
1869 * deserializing. */
0bee65f0 1870 broadcast_signal(SIGTERM, false, true);
bd3fa1d2 1871
5a4bf02f
HH		 1872 /* And switch root with MS_MOVE, because we remove the old directory afterwards and detach it. */
1873 r = switch_root(switch_root_dir, "/mnt", true, MS_MOVE);
41669317 1874 if (r < 0)
da927ba9 1875 log_error_errno(r, "Failed to switch root, trying to continue: %m");
41669317 1876 }
a16e1123 1877
d03bc1b8 1878 args_size = MAX(6, argc+1);
e564a982 1879 args = newa(const char*, args_size);
a16e1123 1880
664f88a7 1881 if (!switch_root_init) {
5ffa8c81 1882 char sfd[DECIMAL_STR_MAX(int) + 1];
a16e1123 1883
664f88a7
LP		 1884 /* First try to spawn ourselves with the right
1885 * path, and with full serialization. We do
1886 * this only if the user didn't specify an
1887 * explicit init to spawn. */
edb9aaa8 1888
d3b1c508 1889 assert(arg_serialization);
664f88a7 1890 assert(fds);
edb9aaa8 1891
5ffa8c81 1892 xsprintf(sfd, "%i", fileno(arg_serialization));
edb9aaa8 1893
664f88a7
LP		 1894 i = 0;
1895 args[i++] = SYSTEMD_BINARY_PATH;
41669317 1896 if (switch_root_dir)
2660882b 1897 args[i++] = "--switched-root";
67445f4e 1898 args[i++] = arg_running_as == SYSTEMD_SYSTEM ? "--system" : "--user";
664f88a7
LP		 1899 args[i++] = "--deserialize";
1900 args[i++] = sfd;
1901 args[i++] = NULL;
edb9aaa8 1902
ce8aba56
KS		 1903 /* do not pass along the environment we inherit from the kernel or initrd */
1904 if (switch_root_dir)
1905 clearenv();
1906
e564a982 1907 assert(i <= args_size);
664f88a7
LP		 1908 execv(args[0], (char* const*) args);
1909 }
6e98720f 1910
664f88a7
LP		 1911 /* Try the fallback, if there is any, without any
1912 * serialization. We pass the original argv[] and
1913 * envp[]. (Well, modulo the ordering changes due to
1914 * getopt() in argv[], and some cleanups in envp[],
1915 * but let's hope that doesn't matter.) */
a16e1123 1916
d3b1c508
LP		 1917 if (arg_serialization) {
1918 fclose(arg_serialization);
1919 arg_serialization = NULL;
b8f83232 1920 }
a16e1123 1921
b8f83232 1922 if (fds) {
664f88a7 1923 fdset_free(fds);
b8f83232
LP		 1924 fds = NULL;
1925 }
a16e1123 1926
a504223d
HH		 1927 /* Reopen the console */
1928 make_console_stdio();
1929
d3b1c508 1930 for (j = 1, i = 1; j < (unsigned) argc; j++)
664f88a7 1931 args[i++] = argv[j];
a16e1123 1932 args[i++] = NULL;
e564a982 1933 assert(i <= args_size);
b8f83232 1934
1b6d7fa7 1935 /* Reenable any blocked signals, especially important
5a85ca1c 1936 * if we switch from initial ramdisk to init=... */
9bfcda95 1937 reset_all_signal_handlers();
1b6d7fa7 1938 reset_signal_mask();
5a85ca1c 1939
b8f83232
LP		 1940 if (switch_root_init) {
1941 args[0] = switch_root_init;
1942 execv(args[0], (char* const*) args);
56f64d95 1943 log_warning_errno(errno, "Failed to execute configured init, trying fallback: %m");
b8f83232
LP		 1944 }
1945
1946 args[0] = "/sbin/init";
a16e1123
LP		 1947 execv(args[0], (char* const*) args);
1948
745e2fb7
KS		 1949 if (errno == ENOENT) {
1950 log_warning("No /sbin/init, trying fallback");
b8f83232 1951
745e2fb7
KS		 1952 args[0] = "/bin/sh";
1953 args[1] = NULL;
1954 execv(args[0], (char* const*) args);
56f64d95 1955 log_error_errno(errno, "Failed to execute /bin/sh, giving up: %m");
745e2fb7 1956 } else
56f64d95 1957 log_warning_errno(errno, "Failed to execute /sbin/init, giving up: %m");
a16e1123
LP		 1958 }
1959
d3b1c508
LP		 1960 if (arg_serialization) {
1961 fclose(arg_serialization);
1962 arg_serialization = NULL;
1963 }
a16e1123 1964
d3b1c508 1965 if (fds) {
a16e1123 1966 fdset_free(fds);
d3b1c508
LP		 1967 fds = NULL;
1968 }
a16e1123 1969
54b434b1
LP		 1970#ifdef HAVE_VALGRIND_VALGRIND_H
1971 /* If we are PID 1 and running under valgrind, then let's exit
1972 * here explicitly. valgrind will only generate nice output on
1973 * exit(), not on exec(), hence let's do the former not the
1974 * latter here. */
1975 if (getpid() == 1 && RUNNING_ON_VALGRIND)
1976 return 0;
1977#endif
1978
b9080b03 1979 if (shutdown_verb) {
b1e90ec5
ZJS		 1980 char log_level[DECIMAL_STR_MAX(int) + 1];
1981 const char* command_line[9] = {
b9080b03
FF		 1982 SYSTEMD_SHUTDOWN_BINARY_PATH,
1983 shutdown_verb,
b1e90ec5
ZJS		 1984 "--log-level", log_level,
1985 "--log-target",
b9080b03 1986 };
b1e90ec5 1987 unsigned pos = 5;
e3e45d4f 1988 _cleanup_strv_free_ char **env_block = NULL;
15bd5aee
LP		 1989
1990 assert(command_line[pos] == NULL);
e3e45d4f 1991 env_block = strv_copy(environ);
b9080b03 1992
5ffa8c81 1993 xsprintf(log_level, "%d", log_get_max_level());
b1e90ec5
ZJS		 1994
1995 switch (log_get_target()) {
1996 case LOG_TARGET_KMSG:
1997 case LOG_TARGET_JOURNAL_OR_KMSG:
1998 case LOG_TARGET_SYSLOG_OR_KMSG:
1999 command_line[pos++] = "kmsg";
2000 break;
2001
2002 case LOG_TARGET_CONSOLE:
2003 default:
2004 command_line[pos++] = "console";
2005 break;
2006 };
2007
2008 if (log_get_show_color())
2009 command_line[pos++] = "--log-color";
2010
2011 if (log_get_show_location())
2012 command_line[pos++] = "--log-location";
2013
26abdc73 2014 assert(pos < ELEMENTSOF(command_line));
b1e90ec5 2015
e96d6be7 2016 if (arm_reboot_watchdog && arg_shutdown_watchdog > 0) {
e3e45d4f 2017 char *e;
d18f337c 2018
e96d6be7
LP		 2019 /* If we reboot let's set the shutdown
2020 * watchdog and tell the shutdown binary to
2021 * repeatedly ping it */
c2cc6b9a
LP		 2022 r = watchdog_set_timeout(&arg_shutdown_watchdog);
2023 watchdog_close(r < 0);
e96d6be7 2024
e3e45d4f
SP		 2025 /* Tell the binary how often to ping, ignore failure */
2026 if (asprintf(&e, "WATCHDOG_USEC="USEC_FMT, arg_shutdown_watchdog) > 0)
2027 strv_push(&env_block, e);
2028 } else
e96d6be7
LP		 2029 watchdog_close(true);
2030
66713f77
LP		 2031 /* Avoid the creation of new processes forked by the
2032 * kernel; at this point, we will not listen to the
2033 * signals anyway */
2034 if (detect_container(NULL) <= 0)
2035 cg_uninstall_release_agent(SYSTEMD_CGROUP_CONTROLLER);
ad929bcc 2036
d18f337c 2037 execve(SYSTEMD_SHUTDOWN_BINARY_PATH, (char **) command_line, env_block);
56f64d95 2038 log_error_errno(errno, "Failed to execute shutdown binary, %s: %m",
b1e90ec5 2039 getpid() == 1 ? "freezing" : "quitting");
b9080b03
FF		 2040 }
2041
cb6531be
ZJS		 2042 if (getpid() == 1) {
2043 if (error_message)
2044 manager_status_printf(NULL, STATUS_TYPE_EMERGENCY,
2045 ANSI_HIGHLIGHT_RED_ON "!!!!!!" ANSI_HIGHLIGHT_OFF,
2046 "%s, freezing.", error_message);
c3b3c274 2047 freeze();
cb6531be 2048 }
c3b3c274 2049
60918275
LP		 2050 return retval;
2051}
Unnamed repository; edit this file 'description' to name the repository.