[thirdparty/systemd.git] / src / debug-generator / debug-generator.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */

#include <unistd.h>

#include "alloc-util.h"
#include "bitfield.h"
#include "creds-util.h"
#include "dropin.h"
#include "errno-util.h"
#include "extract-word.h"
#include "fileio.h"
#include "log.h"
#include "generator.h"
#include "initrd-util.h"
#include "parse-util.h"
#include "path-util.h"
#include "proc-cmdline.h"
#include "recurse-dir.h"
#include "special.h"
#include "string-util.h"
#include "strv.h"
#include "unit-file.h"
#include "unit-name.h"

static const char *arg_dest = NULL;
static char *arg_default_unit = NULL;
static char **arg_mask = NULL;
static char **arg_wants = NULL;
static bool arg_debug_shell = false;
static char *arg_debug_tty = NULL;
static char *arg_default_debug_tty = NULL;
static uint32_t arg_breakpoints = 0;

STATIC_DESTRUCTOR_REGISTER(arg_default_unit, freep);
STATIC_DESTRUCTOR_REGISTER(arg_mask, strv_freep);
STATIC_DESTRUCTOR_REGISTER(arg_wants, strv_freep);
STATIC_DESTRUCTOR_REGISTER(arg_debug_tty, freep);
STATIC_DESTRUCTOR_REGISTER(arg_default_debug_tty, freep);

typedef enum BreakpointType {
        BREAKPOINT_PRE_UDEV,
        BREAKPOINT_PRE_BASIC,
        BREAKPOINT_PRE_SYSROOT_MOUNT,
        BREAKPOINT_PRE_SWITCH_ROOT,
        _BREAKPOINT_TYPE_MAX,
        _BREAKPOINT_TYPE_INVALID = -EINVAL,
} BreakpointType;

typedef enum BreakpointValidity {
        BREAKPOINT_DEFAULT   = 1 << 0,
        BREAKPOINT_IN_INITRD = 1 << 1,
        BREAKPOINT_ON_HOST   = 1 << 2,
} BreakpointValidity;

typedef struct BreakpointInfo {
        BreakpointType type;
        const char *name;
        const char *unit;
        BreakpointValidity validity;
} BreakpointInfo;

static const struct BreakpointInfo breakpoint_info_table[_BREAKPOINT_TYPE_MAX] = {
        { BREAKPOINT_PRE_UDEV,          "pre-udev",        "breakpoint-pre-udev.service",        BREAKPOINT_IN_INITRD | BREAKPOINT_ON_HOST },
        { BREAKPOINT_PRE_BASIC,         "pre-basic",       "breakpoint-pre-basic.service",       BREAKPOINT_IN_INITRD | BREAKPOINT_ON_HOST },
        { BREAKPOINT_PRE_SYSROOT_MOUNT, "pre-mount",       "breakpoint-pre-mount.service",       BREAKPOINT_IN_INITRD                      },
        { BREAKPOINT_PRE_SWITCH_ROOT,   "pre-switch-root", "breakpoint-pre-switch-root.service", BREAKPOINT_IN_INITRD | BREAKPOINT_DEFAULT },
};

static bool breakpoint_applies(const BreakpointInfo *info, int log_level) {
        assert(info);

        if (in_initrd() && !FLAGS_SET(info->validity, BREAKPOINT_IN_INITRD))
                log_full(log_level, "Breakpoint '%s' not valid in the initrd, ignoring.", info->name);
        else if (!in_initrd() && !FLAGS_SET(info->validity, BREAKPOINT_ON_HOST))
                log_full(log_level, "Breakpoint '%s' not valid on the host, ignoring.", info->name);
        else
                return true;

        return false;
}

static BreakpointType parse_breakpoint_from_string_one(const char *s) {
        assert(s);

        FOREACH_ELEMENT(i, breakpoint_info_table)
                if (streq(i->name, s))
                        return i->type;

        return _BREAKPOINT_TYPE_INVALID;
}

static int parse_breakpoint_from_string(const char *s, uint32_t *ret_breakpoints) {
        uint32_t breakpoints = 0;
        int r;

        assert(ret_breakpoints);

        /* Empty value? set default breakpoint */
        if (isempty(s)) {
                bool found_default = false;

                FOREACH_ELEMENT(i, breakpoint_info_table)
                        if (FLAGS_SET(i->validity, BREAKPOINT_DEFAULT) && breakpoint_applies(i, INT_MAX)) {
                                breakpoints |= 1 << i->type;
                                found_default = true;
                                break;
                        }

                if (!found_default)
                        log_warning("No default breakpoint defined %s, ignoring.",
                                    in_initrd() ? "in the initrd" : "on the host");
        } else
                for (;;) {
                        _cleanup_free_ char *t = NULL;
                        BreakpointType tt;

                        r = extract_first_word(&s, &t, ",", EXTRACT_DONT_COALESCE_SEPARATORS);
                        if (r < 0)
                                return r;
                        if (r == 0)
                                break;

                        tt = parse_breakpoint_from_string_one(t);
                        if (tt < 0) {
                                log_warning("Invalid breakpoint value '%s', ignoring.", t);
                                continue;
                        }

                        if (breakpoint_applies(&breakpoint_info_table[tt], LOG_WARNING))
                                breakpoints |= 1 << tt;
                }

        *ret_breakpoints = breakpoints;

        return 0;
}

static int parse_proc_cmdline_item(const char *key, const char *value, void *data) {
        int r;

        assert(key);

        if (streq(key, "systemd.mask")) {
                char *n;

                if (proc_cmdline_value_missing(key, value))
                        return 0;

                r = unit_name_mangle(value, UNIT_NAME_MANGLE_WARN, &n);
                if (r < 0)
                        return log_error_errno(r, "Failed to glob unit name: %m");

                if (strv_consume(&arg_mask, n) < 0)
                        return log_oom();

        } else if (streq(key, "systemd.wants")) {
                char *n;

                if (proc_cmdline_value_missing(key, value))
                        return 0;

                r = unit_name_mangle(value, UNIT_NAME_MANGLE_WARN, &n);
                if (r < 0)
                        return log_error_errno(r, "Failed to glob unit name: %m");

                if (strv_consume(&arg_wants, n) < 0)
                        return log_oom();

        } else if (proc_cmdline_key_streq(key, "systemd.debug_shell")) {

                r = value ? parse_boolean(value) : 1;
                arg_debug_shell = r != 0;
                if (r >= 0)
                        return 0;

                return free_and_strdup_warn(&arg_debug_tty, skip_dev_prefix(value));

        } else if (proc_cmdline_key_streq(key, "systemd.default_debug_tty")) {

                if (proc_cmdline_value_missing(key, value))
                        return 0;

                return free_and_strdup_warn(&arg_default_debug_tty, skip_dev_prefix(value));

        } else if (streq(key, "systemd.unit")) {

                if (proc_cmdline_value_missing(key, value))
                        return 0;

                return free_and_strdup_warn(&arg_default_unit, value);

        } else if (streq(key, "systemd.break")) {
                uint32_t breakpoints = 0;

                r = parse_breakpoint_from_string(value, &breakpoints);
                if (r < 0)
                        return log_warning_errno(r, "Failed to parse breakpoint value '%s': %m", value);

                arg_breakpoints |= breakpoints;

        } else if (!value) {
                const char *target;

                target = runlevel_to_target(key);
                if (target)
                        return free_and_strdup_warn(&arg_default_unit, target);
        }

        return 0;
}

static int generate_mask_symlinks(void) {
        int r = 0;

        STRV_FOREACH(u, arg_mask) {
                _cleanup_free_ char *p = NULL;

                p = path_join(arg_dest, *u);
                if (!p)
                        return log_oom();

                if (symlink("/dev/null", p) < 0)
                        RET_GATHER(r, log_error_errno(errno, "Failed to create mask symlink '%s': %m", p));
        }

        return r;
}

static int generate_wants_symlinks(void) {
        int r = 0;

        STRV_FOREACH(u, arg_wants) {
                _cleanup_free_ char *f = NULL;
                const char *target;

                /* This should match what do_queue_default_job() in core/main.c does. */
                if (arg_default_unit)
                        target = arg_default_unit;
                else if (in_initrd())
                        target = SPECIAL_INITRD_TARGET;
                else
                        target = SPECIAL_DEFAULT_TARGET;

                f = path_join(SYSTEM_DATA_UNIT_DIR, *u);
                if (!f)
                        return log_oom();

                RET_GATHER(r, generator_add_symlink(arg_dest, target, "wants", f));
        }

        return r;
}

static int install_debug_shell_dropin(void) {
        const char *tty = arg_debug_tty ?: arg_default_debug_tty;
        int r;

        if (!tty || path_equal(tty, skip_dev_prefix(DEBUGTTY)))
                return 0;

        r = write_drop_in_format(arg_dest, "debug-shell.service", 50, "tty",
                                 "# Automatically generated by systemd-debug-generator\n\n"
                                 "[Unit]\n"
                                 "Description=Early root shell on /dev/%s FOR DEBUGGING ONLY\n"
                                 "ConditionPathExists=\n"
                                 "\n[Service]\n"
                                 "TTYPath=/dev/%s\n",
                                 tty, tty);
        if (r < 0)
                return log_warning_errno(r, "Failed to write drop-in for debug-shell.service: %m");

        return 1;
}

static int process_unit_credentials(const char *credentials_dir) {
        _cleanup_free_ DirectoryEntries *des = NULL;
        int r;

        assert(credentials_dir);

        r = readdir_all_at(AT_FDCWD, credentials_dir, RECURSE_DIR_SORT|RECURSE_DIR_IGNORE_DOT|RECURSE_DIR_ENSURE_TYPE, &des);
        if (r < 0)
                return log_error_errno(r, "Failed to enumerate credentials from credentials directory '%s': %m", credentials_dir);

        FOREACH_ARRAY(i, des->entries, des->n_entries) {
                struct dirent *de = *i;
                const char *unit, *dropin;

                if (de->d_type != DT_REG)
                        continue;

                unit = startswith(de->d_name, "systemd.extra-unit.");
                dropin = startswith(de->d_name, "systemd.unit-dropin.");

                if (!unit && !dropin)
                        continue;

                _cleanup_free_ char *d = NULL;

                r = read_credential_with_decryption(de->d_name, (void**) &d, NULL);
                if (r < 0) {
                        log_warning_errno(r, "Failed to read credential '%s', ignoring: %m", de->d_name);
                        continue;
                }

                if (unit) {
                        _cleanup_free_ char *p = NULL;

                        if (!unit_name_is_valid(unit, UNIT_NAME_ANY)) {
                                log_warning("Invalid unit name '%s' in credential '%s', ignoring.",
                                            unit, de->d_name);
                                continue;
                        }

                        p = path_join(arg_dest, unit);
                        if (!p)
                                return log_oom();

                        r = write_string_file(p, d, WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC|WRITE_STRING_FILE_MKDIR_0755|WRITE_STRING_FILE_LABEL);
                        if (r < 0) {
                                log_warning_errno(r, "Failed to write unit file '%s' from credential '%s', ignoring: %m",
                                                  unit, de->d_name);
                                continue;
                        }

                        log_debug("Wrote unit file '%s' from credential '%s'", unit, de->d_name);

                } else if (dropin) {
                        _cleanup_free_ char *dropin_unit = NULL;
                        const char *tilde, *dropin_name;

                        tilde = strchrnul(dropin, '~');
                        dropin_unit = strndup(dropin, tilde - dropin);
                        if (!dropin_unit)
                                return log_oom();

                        if (!unit_name_is_valid(dropin_unit, UNIT_NAME_ANY)) {
                                log_warning("Invalid unit name '%s' in credential '%s', ignoring.",
                                            dropin_unit, de->d_name);
                                continue;
                        }

                        dropin_name = isempty(tilde) ? "50-credential" : tilde + 1;
                        if (isempty(dropin_name)) {
                                log_warning("Empty drop-in name for unit '%s' in credential '%s', ignoring.",
                                            dropin_unit, de->d_name);
                                continue;
                        }

                        r = write_drop_in(arg_dest, dropin_unit, /* level = */ UINT_MAX, dropin_name, d);
                        if (r < 0) {
                                log_warning_errno(r, "Failed to write drop-in '%s' for unit '%s' from credential '%s', ignoring: %m",
                                                  dropin_name, dropin_unit, de->d_name);
                                continue;
                        }

                        log_debug("Wrote drop-in '%s' for unit '%s' from credential '%s'", dropin_name, dropin_unit, de->d_name);
                } else
                        assert_not_reached();
        }

        return 0;
}

static int run(const char *dest, const char *dest_early, const char *dest_late) {
        const char *credentials_dir;
        int r;

        assert_se(arg_dest = dest_early);

        r = proc_cmdline_parse(parse_proc_cmdline_item, NULL, PROC_CMDLINE_RD_STRICT | PROC_CMDLINE_STRIP_RD_PREFIX);
        if (r < 0)
                log_warning_errno(r, "Failed to parse kernel command line, ignoring: %m");

        if (arg_debug_shell) {
                if (strv_extend(&arg_wants, "debug-shell.service") < 0)
                        return log_oom();

                RET_GATHER(r, install_debug_shell_dropin());
        }

        BIT_FOREACH(i, arg_breakpoints)
                if (strv_extend(&arg_wants, breakpoint_info_table[i].unit) < 0)
                        return log_oom();

        if (get_credentials_dir(&credentials_dir) >= 0)
                RET_GATHER(r, process_unit_credentials(credentials_dir));

        if (get_encrypted_credentials_dir(&credentials_dir) >= 0)
                RET_GATHER(r, process_unit_credentials(credentials_dir));

        RET_GATHER(r, generate_mask_symlinks());
        RET_GATHER(r, generate_wants_symlinks());

        return r;
}

DEFINE_MAIN_GENERATOR_FUNCTION(run);
Commit	Line	Data
db9ecf05	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
326bb68c	2
ca78ad1d ZJS	3	#include <unistd.h>
ca78ad1d ZJS	4
b5efdb8a	5	#include "alloc-util.h"
e9f781a5	6	#include "bitfield.h"
8595f578	7	#include "creds-util.h"
93912e87	8	#include "dropin.h"
8595f578	9	#include "errno-util.h"
e9f781a5	10	#include "extract-word.h"
8eeb8709	11	#include "fileio.h"
8857aa74	12	#include "log.h"
afe44c8f	13	#include "generator.h"
baa6a42d	14	#include "initrd-util.h"
6bedfcbb	15	#include "parse-util.h"
657ee2d8	16	#include "path-util.h"
4e731273	17	#include "proc-cmdline.h"
8595f578	18	#include "recurse-dir.h"
7dcc5671	19	#include "special.h"
4e731273 LP	20	#include "string-util.h"
4e731273 LP	21	#include "strv.h"
da33cba0	22	#include "unit-file.h"
4e731273	23	#include "unit-name.h"
326bb68c	24
7a44c7e3	25	static const char *arg_dest = NULL;
7dcc5671	26	static char *arg_default_unit = NULL;
326bb68c	27	static char **arg_mask = NULL;
3c5a87a8	28	static char **arg_wants = NULL;
7bf52f5d DDM	29	static bool arg_debug_shell = false;
	30	static char *arg_debug_tty = NULL;
	31	static char *arg_default_debug_tty = NULL;
e9f781a5	32	static uint32_t arg_breakpoints = 0;
326bb68c	33
4197fde5 LP	34	STATIC_DESTRUCTOR_REGISTER(arg_default_unit, freep);
	35	STATIC_DESTRUCTOR_REGISTER(arg_mask, strv_freep);
	36	STATIC_DESTRUCTOR_REGISTER(arg_wants, strv_freep);
7bf52f5d DDM	37	STATIC_DESTRUCTOR_REGISTER(arg_debug_tty, freep);
7bf52f5d DDM	38	STATIC_DESTRUCTOR_REGISTER(arg_default_debug_tty, freep);
4197fde5	39
e9f781a5 AAF	40	typedef enum BreakpointType {
	41	BREAKPOINT_PRE_UDEV,
	42	BREAKPOINT_PRE_BASIC,
	43	BREAKPOINT_PRE_SYSROOT_MOUNT,
	44	BREAKPOINT_PRE_SWITCH_ROOT,
	45	_BREAKPOINT_TYPE_MAX,
	46	_BREAKPOINT_TYPE_INVALID = -EINVAL,
	47	} BreakpointType;
	48
	49	typedef enum BreakpointValidity {
	50	BREAKPOINT_DEFAULT = 1 << 0,
	51	BREAKPOINT_IN_INITRD = 1 << 1,
	52	BREAKPOINT_ON_HOST = 1 << 2,
	53	} BreakpointValidity;
	54
	55	typedef struct BreakpointInfo {
	56	BreakpointType type;
	57	const char *name;
	58	const char *unit;
	59	BreakpointValidity validity;
	60	} BreakpointInfo;
	61
	62	static const struct BreakpointInfo breakpoint_info_table[_BREAKPOINT_TYPE_MAX] = {
	63	{ BREAKPOINT_PRE_UDEV, "pre-udev", "breakpoint-pre-udev.service", BREAKPOINT_IN_INITRD \| BREAKPOINT_ON_HOST },
	64	{ BREAKPOINT_PRE_BASIC, "pre-basic", "breakpoint-pre-basic.service", BREAKPOINT_IN_INITRD \| BREAKPOINT_ON_HOST },
	65	{ BREAKPOINT_PRE_SYSROOT_MOUNT, "pre-mount", "breakpoint-pre-mount.service", BREAKPOINT_IN_INITRD },
	66	{ BREAKPOINT_PRE_SWITCH_ROOT, "pre-switch-root", "breakpoint-pre-switch-root.service", BREAKPOINT_IN_INITRD \| BREAKPOINT_DEFAULT },
	67	};
	68
aeb97a49 AAF	69	static bool breakpoint_applies(const BreakpointInfo *info, int log_level) {
	70	assert(info);
	71
	72	if (in_initrd() && !FLAGS_SET(info->validity, BREAKPOINT_IN_INITRD))
	73	log_full(log_level, "Breakpoint '%s' not valid in the initrd, ignoring.", info->name);
	74	else if (!in_initrd() && !FLAGS_SET(info->validity, BREAKPOINT_ON_HOST))
	75	log_full(log_level, "Breakpoint '%s' not valid on the host, ignoring.", info->name);
	76	else
	77	return true;
	78
	79	return false;
	80	}
	81
e9f781a5 AAF	82	static BreakpointType parse_breakpoint_from_string_one(const char *s) {
	83	assert(s);
	84
aeb97a49	85	FOREACH_ELEMENT(i, breakpoint_info_table)
e9f781a5 AAF	86	if (streq(i->name, s))
	87	return i->type;
	88
	89	return _BREAKPOINT_TYPE_INVALID;
	90	}
	91
	92	static int parse_breakpoint_from_string(const char s, uint32_t ret_breakpoints) {
	93	uint32_t breakpoints = 0;
	94	int r;
	95
	96	assert(ret_breakpoints);
	97
	98	/* Empty value? set default breakpoint */
	99	if (isempty(s)) {
aeb97a49 AAF	100	bool found_default = false;
	101
	102	FOREACH_ELEMENT(i, breakpoint_info_table)
	103	if (FLAGS_SET(i->validity, BREAKPOINT_DEFAULT) && breakpoint_applies(i, INT_MAX)) {
	104	breakpoints \|= 1 << i->type;
	105	found_default = true;
	106	break;
	107	}
	108
	109	if (!found_default)
	110	log_warning("No default breakpoint defined %s, ignoring.",
	111	in_initrd() ? "in the initrd" : "on the host");
e9f781a5 AAF	112	} else
	113	for (;;) {
	114	_cleanup_free_ char *t = NULL;
	115	BreakpointType tt;
	116
	117	r = extract_first_word(&s, &t, ",", EXTRACT_DONT_COALESCE_SEPARATORS);
	118	if (r < 0)
	119	return r;
	120	if (r == 0)
	121	break;
	122
	123	tt = parse_breakpoint_from_string_one(t);
	124	if (tt < 0) {
	125	log_warning("Invalid breakpoint value '%s', ignoring.", t);
	126	continue;
	127	}
	128
aeb97a49	129	if (breakpoint_applies(&breakpoint_info_table[tt], LOG_WARNING))
e9f781a5 AAF	130	breakpoints \|= 1 << tt;
	131	}
	132
	133	*ret_breakpoints = breakpoints;
	134
	135	return 0;
	136	}
	137
96287a49	138	static int parse_proc_cmdline_item(const char key, const char value, void *data) {
326bb68c LP	139	int r;
326bb68c LP	140
3c5a87a8 LP	141	assert(key);
3c5a87a8 LP	142
326bb68c	143	if (streq(key, "systemd.mask")) {
1d84ad94	144	char *n;
326bb68c	145
1d84ad94 LP	146	if (proc_cmdline_value_missing(key, value))
1d84ad94 LP	147	return 0;
326bb68c	148
37cbc1d5	149	r = unit_name_mangle(value, UNIT_NAME_MANGLE_WARN, &n);
1d84ad94 LP	150	if (r < 0)
1d84ad94 LP	151	return log_error_errno(r, "Failed to glob unit name: %m");
326bb68c	152
b5636a8f	153	if (strv_consume(&arg_mask, n) < 0)
1d84ad94	154	return log_oom();
3c5a87a8 LP	155
3c5a87a8 LP	156	} else if (streq(key, "systemd.wants")) {
1d84ad94	157	char *n;
3c5a87a8	158
1d84ad94 LP	159	if (proc_cmdline_value_missing(key, value))
1d84ad94 LP	160	return 0;
3c5a87a8	161
37cbc1d5	162	r = unit_name_mangle(value, UNIT_NAME_MANGLE_WARN, &n);
1d84ad94 LP	163	if (r < 0)
1d84ad94 LP	164	return log_error_errno(r, "Failed to glob unit name: %m");
3c5a87a8	165
b5636a8f	166	if (strv_consume(&arg_wants, n) < 0)
1d84ad94	167	return log_oom();
3c5a87a8	168
1d84ad94	169	} else if (proc_cmdline_key_streq(key, "systemd.debug_shell")) {
b5636a8f	170
93912e87	171	r = value ? parse_boolean(value) : 1;
7bf52f5d DDM	172	arg_debug_shell = r != 0;
	173	if (r >= 0)
	174	return 0;
	175
	176	return free_and_strdup_warn(&arg_debug_tty, skip_dev_prefix(value));
	177
	178	} else if (proc_cmdline_key_streq(key, "systemd.default_debug_tty")) {
b5636a8f	179
7bf52f5d DDM	180	if (proc_cmdline_value_missing(key, value))
7bf52f5d DDM	181	return 0;
93912e87	182
7bf52f5d	183	return free_and_strdup_warn(&arg_default_debug_tty, skip_dev_prefix(value));
1d84ad94	184
7dcc5671 EV	185	} else if (streq(key, "systemd.unit")) {
7dcc5671 EV	186
1d84ad94 LP	187	if (proc_cmdline_value_missing(key, value))
	188	return 0;
	189
b3f9c17a	190	return free_and_strdup_warn(&arg_default_unit, value);
1d84ad94	191
e9f781a5 AAF	192	} else if (streq(key, "systemd.break")) {
	193	uint32_t breakpoints = 0;
	194
	195	r = parse_breakpoint_from_string(value, &breakpoints);
	196	if (r < 0)
	197	return log_warning_errno(r, "Failed to parse breakpoint value '%s': %m", value);
	198
	199	arg_breakpoints \|= breakpoints;
	200
7dcc5671 EV	201	} else if (!value) {
	202	const char *target;
	203
	204	target = runlevel_to_target(key);
b3f9c17a YW	205	if (target)
b3f9c17a YW	206	return free_and_strdup_warn(&arg_default_unit, target);
326bb68c LP	207	}
	208
	209	return 0;
	210	}
	211
	212	static int generate_mask_symlinks(void) {
326bb68c LP	213	int r = 0;
326bb68c LP	214
326bb68c	215	STRV_FOREACH(u, arg_mask) {
3c5a87a8	216	_cleanup_free_ char *p = NULL;
326bb68c	217
2997df97	218	p = path_join(arg_dest, *u);
326bb68c LP	219	if (!p)
	220	return log_oom();
	221
1f6b4113	222	if (symlink("/dev/null", p) < 0)
221bad60	223	RET_GATHER(r, log_error_errno(errno, "Failed to create mask symlink '%s': %m", p));
326bb68c LP	224	}
	225
	226	return r;
	227	}
	228
3c5a87a8	229	static int generate_wants_symlinks(void) {
3c5a87a8	230	int r = 0;
326bb68c	231
3c5a87a8	232	STRV_FOREACH(u, arg_wants) {
bd6c95c0	233	_cleanup_free_ char *f = NULL;
23e5e79a ZJS	234	const char *target;
	235
	236	/* This should match what do_queue_default_job() in core/main.c does. */
	237	if (arg_default_unit)
	238	target = arg_default_unit;
	239	else if (in_initrd())
	240	target = SPECIAL_INITRD_TARGET;
	241	else
	242	target = SPECIAL_DEFAULT_TARGET;
3c5a87a8	243
835cf75a	244	f = path_join(SYSTEM_DATA_UNIT_DIR, *u);
3c5a87a8 LP	245	if (!f)
3c5a87a8 LP	246	return log_oom();
326bb68c	247
221bad60	248	RET_GATHER(r, generator_add_symlink(arg_dest, target, "wants", f));
326bb68c LP	249	}
326bb68c LP	250
3c5a87a8	251	return r;
326bb68c LP	252	}
326bb68c LP	253
a3816ea4	254	static int install_debug_shell_dropin(void) {
7bf52f5d	255	const char *tty = arg_debug_tty ?: arg_default_debug_tty;
93912e87 JS	256	int r;
93912e87 JS	257
7bf52f5d	258	if (!tty \|\| path_equal(tty, skip_dev_prefix(DEBUGTTY)))
a3816ea4	259	return 0;
93912e87	260
36e8ba9b	261	r = write_drop_in_format(arg_dest, "debug-shell.service", 50, "tty",
a3816ea4 MY	262	"# Automatically generated by systemd-debug-generator\n\n"
	263	"[Unit]\n"
	264	"Description=Early root shell on /dev/%s FOR DEBUGGING ONLY\n"
	265	"ConditionPathExists=\n"
	266	"\n[Service]\n"
	267	"TTYPath=/dev/%s\n",
	268	tty, tty);
93912e87	269	if (r < 0)
a3816ea4 MY	270	return log_warning_errno(r, "Failed to write drop-in for debug-shell.service: %m");
	271
	272	return 1;
93912e87 JS	273	}
93912e87 JS	274
8595f578	275	static int process_unit_credentials(const char *credentials_dir) {
f9e2b42b	276	_cleanup_free_ DirectoryEntries *des = NULL;
8595f578 DDM	277	int r;
	278
	279	assert(credentials_dir);
	280
8595f578 DDM	281	r = readdir_all_at(AT_FDCWD, credentials_dir, RECURSE_DIR_SORT\|RECURSE_DIR_IGNORE_DOT\|RECURSE_DIR_ENSURE_TYPE, &des);
	282	if (r < 0)
	283	return log_error_errno(r, "Failed to enumerate credentials from credentials directory '%s': %m", credentials_dir);
	284
	285	FOREACH_ARRAY(i, des->entries, des->n_entries) {
8595f578 DDM	286	struct dirent de = i;
	287	const char unit, dropin;
	288
	289	if (de->d_type != DT_REG)
	290	continue;
	291
	292	unit = startswith(de->d_name, "systemd.extra-unit.");
	293	dropin = startswith(de->d_name, "systemd.unit-dropin.");
	294
	295	if (!unit && !dropin)
	296	continue;
	297
f9e2b42b MY	298	_cleanup_free_ char *d = NULL;
	299
	300	r = read_credential_with_decryption(de->d_name, (void**) &d, NULL);
	301	if (r < 0) {
	302	log_warning_errno(r, "Failed to read credential '%s', ignoring: %m", de->d_name);
8595f578	303	continue;
f9e2b42b	304	}
8595f578 DDM	305
	306	if (unit) {
	307	_cleanup_free_ char *p = NULL;
	308
82c22145 DDM	309	if (!unit_name_is_valid(unit, UNIT_NAME_ANY)) {
	310	log_warning("Invalid unit name '%s' in credential '%s', ignoring.",
	311	unit, de->d_name);
	312	continue;
	313	}
	314
8595f578 DDM	315	p = path_join(arg_dest, unit);
	316	if (!p)
	317	return log_oom();
	318
8eeb8709	319	r = write_string_file(p, d, WRITE_STRING_FILE_CREATE\|WRITE_STRING_FILE_ATOMIC\|WRITE_STRING_FILE_MKDIR_0755\|WRITE_STRING_FILE_LABEL);
8595f578 DDM	320	if (r < 0) {
	321	log_warning_errno(r, "Failed to write unit file '%s' from credential '%s', ignoring: %m",
	322	unit, de->d_name);
	323	continue;
	324	}
	325
	326	log_debug("Wrote unit file '%s' from credential '%s'", unit, de->d_name);
	327
f9e2b42b	328	} else if (dropin) {
82c22145 DDM	329	_cleanup_free_ char *dropin_unit = NULL;
	330	const char tilde, dropin_name;
	331
	332	tilde = strchrnul(dropin, '~');
	333	dropin_unit = strndup(dropin, tilde - dropin);
	334	if (!dropin_unit)
	335	return log_oom();
	336
	337	if (!unit_name_is_valid(dropin_unit, UNIT_NAME_ANY)) {
	338	log_warning("Invalid unit name '%s' in credential '%s', ignoring.",
	339	dropin_unit, de->d_name);
	340	continue;
	341	}
	342
	343	dropin_name = isempty(tilde) ? "50-credential" : tilde + 1;
	344	if (isempty(dropin_name)) {
	345	log_warning("Empty drop-in name for unit '%s' in credential '%s', ignoring.",
	346	dropin_unit, de->d_name);
	347	continue;
	348	}
	349
	350	r = write_drop_in(arg_dest, dropin_unit, /* level = */ UINT_MAX, dropin_name, d);
8595f578	351	if (r < 0) {
82c22145 DDM	352	log_warning_errno(r, "Failed to write drop-in '%s' for unit '%s' from credential '%s', ignoring: %m",
82c22145 DDM	353	dropin_name, dropin_unit, de->d_name);
8595f578 DDM	354	continue;
	355	}
	356
82c22145	357	log_debug("Wrote drop-in '%s' for unit '%s' from credential '%s'", dropin_name, dropin_unit, de->d_name);
f9e2b42b MY	358	} else
f9e2b42b MY	359	assert_not_reached();
8595f578 DDM	360	}
	361
	362	return 0;
	363	}
	364
7a44c7e3	365	static int run(const char dest, const char dest_early, const char *dest_late) {
8595f578	366	const char *credentials_dir;
a3816ea4	367	int r;
326bb68c	368
7a44c7e3	369	assert_se(arg_dest = dest_early);
326bb68c	370
a7dd6d04	371	r = proc_cmdline_parse(parse_proc_cmdline_item, NULL, PROC_CMDLINE_RD_STRICT \| PROC_CMDLINE_STRIP_RD_PREFIX);
b5884878	372	if (r < 0)
da927ba9	373	log_warning_errno(r, "Failed to parse kernel command line, ignoring: %m");
326bb68c	374
3c5a87a8	375	if (arg_debug_shell) {
b5636a8f	376	if (strv_extend(&arg_wants, "debug-shell.service") < 0)
4197fde5	377	return log_oom();
93912e87	378
a3816ea4	379	RET_GATHER(r, install_debug_shell_dropin());
3c5a87a8 LP	380	}
3c5a87a8 LP	381
e9f781a5 AAF	382	BIT_FOREACH(i, arg_breakpoints)
	383	if (strv_extend(&arg_wants, breakpoint_info_table[i].unit) < 0)
	384	return log_oom();
	385
8595f578 DDM	386	if (get_credentials_dir(&credentials_dir) >= 0)
	387	RET_GATHER(r, process_unit_credentials(credentials_dir));
	388
	389	if (get_encrypted_credentials_dir(&credentials_dir) >= 0)
	390	RET_GATHER(r, process_unit_credentials(credentials_dir));
326bb68c	391
8595f578 DDM	392	RET_GATHER(r, generate_mask_symlinks());
	393	RET_GATHER(r, generate_wants_symlinks());
	394
	395	return r;
326bb68c	396	}
f60947d9	397
7a44c7e3	398	DEFINE_MAIN_GENERATOR_FUNCTION(run);