]>
Commit | Line | Data |
---|---|---|
1 | /*** | |
2 | This file is part of systemd. | |
3 | ||
4 | Copyright 2010 ProFUSION embedded systems | |
5 | ||
6 | systemd is free software; you can redistribute it and/or modify it | |
7 | under the terms of the GNU Lesser General Public License as published by | |
8 | the Free Software Foundation; either version 2.1 of the License, or | |
9 | (at your option) any later version. | |
10 | ||
11 | systemd is distributed in the hope that it will be useful, but | |
12 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
14 | Lesser General Public License for more details. | |
15 | ||
16 | You should have received a copy of the GNU Lesser General Public License | |
17 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
18 | ***/ | |
19 | ||
20 | #include <errno.h> | |
21 | #include <signal.h> | |
22 | #include <sys/wait.h> | |
23 | #include <unistd.h> | |
24 | ||
25 | #include "alloc-util.h" | |
26 | #include "fd-util.h" | |
27 | #include "formats-util.h" | |
28 | #include "killall.h" | |
29 | #include "parse-util.h" | |
30 | #include "process-util.h" | |
31 | #include "set.h" | |
32 | #include "string-util.h" | |
33 | #include "terminal-util.h" | |
34 | #include "util.h" | |
35 | ||
36 | #define TIMEOUT_USEC (10 * USEC_PER_SEC) | |
37 | ||
38 | static bool ignore_proc(pid_t pid, bool warn_rootfs) { | |
39 | _cleanup_fclose_ FILE *f = NULL; | |
40 | char c; | |
41 | const char *p; | |
42 | size_t count; | |
43 | uid_t uid; | |
44 | int r; | |
45 | ||
46 | /* We are PID 1, let's not commit suicide */ | |
47 | if (pid == 1) | |
48 | return true; | |
49 | ||
50 | r = get_process_uid(pid, &uid); | |
51 | if (r < 0) | |
52 | return true; /* not really, but better safe than sorry */ | |
53 | ||
54 | /* Non-root processes otherwise are always subject to be killed */ | |
55 | if (uid != 0) | |
56 | return false; | |
57 | ||
58 | p = procfs_file_alloca(pid, "cmdline"); | |
59 | f = fopen(p, "re"); | |
60 | if (!f) | |
61 | return true; /* not really, but has the desired effect */ | |
62 | ||
63 | count = fread(&c, 1, 1, f); | |
64 | ||
65 | /* Kernel threads have an empty cmdline */ | |
66 | if (count <= 0) | |
67 | return true; | |
68 | ||
69 | /* Processes with argv[0][0] = '@' we ignore from the killing | |
70 | * spree. | |
71 | * | |
72 | * http://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons */ | |
73 | if (c == '@' && warn_rootfs) { | |
74 | _cleanup_free_ char *comm = NULL; | |
75 | ||
76 | r = pid_from_same_root_fs(pid); | |
77 | if (r < 0) | |
78 | return true; | |
79 | ||
80 | get_process_comm(pid, &comm); | |
81 | ||
82 | if (r) | |
83 | log_notice("Process " PID_FMT " (%s) has been been marked to be excluded from killing. It is " | |
84 | "running from the root file system, and thus likely to block re-mounting of the " | |
85 | "root file system to read-only. Please consider moving it into an initrd file " | |
86 | "system instead.", pid, strna(comm)); | |
87 | return true; | |
88 | } else if (c == '@') | |
89 | return true; | |
90 | ||
91 | return false; | |
92 | } | |
93 | ||
94 | static void wait_for_children(Set *pids, sigset_t *mask) { | |
95 | usec_t until; | |
96 | ||
97 | assert(mask); | |
98 | ||
99 | if (set_isempty(pids)) | |
100 | return; | |
101 | ||
102 | until = now(CLOCK_MONOTONIC) + TIMEOUT_USEC; | |
103 | for (;;) { | |
104 | struct timespec ts; | |
105 | int k; | |
106 | usec_t n; | |
107 | void *p; | |
108 | Iterator i; | |
109 | ||
110 | /* First, let the kernel inform us about killed | |
111 | * children. Most processes will probably be our | |
112 | * children, but some are not (might be our | |
113 | * grandchildren instead...). */ | |
114 | for (;;) { | |
115 | pid_t pid; | |
116 | ||
117 | pid = waitpid(-1, NULL, WNOHANG); | |
118 | if (pid == 0) | |
119 | break; | |
120 | if (pid < 0) { | |
121 | if (errno == ECHILD) | |
122 | break; | |
123 | ||
124 | log_error_errno(errno, "waitpid() failed: %m"); | |
125 | return; | |
126 | } | |
127 | ||
128 | (void) set_remove(pids, PID_TO_PTR(pid)); | |
129 | } | |
130 | ||
131 | /* Now explicitly check who might be remaining, who | |
132 | * might not be our child. */ | |
133 | SET_FOREACH(p, pids, i) { | |
134 | ||
135 | /* We misuse getpgid as a check whether a | |
136 | * process still exists. */ | |
137 | if (getpgid(PTR_TO_PID(p)) >= 0) | |
138 | continue; | |
139 | ||
140 | if (errno != ESRCH) | |
141 | continue; | |
142 | ||
143 | set_remove(pids, p); | |
144 | } | |
145 | ||
146 | if (set_isempty(pids)) | |
147 | return; | |
148 | ||
149 | n = now(CLOCK_MONOTONIC); | |
150 | if (n >= until) | |
151 | return; | |
152 | ||
153 | timespec_store(&ts, until - n); | |
154 | k = sigtimedwait(mask, NULL, &ts); | |
155 | if (k != SIGCHLD) { | |
156 | ||
157 | if (k < 0 && errno != EAGAIN) { | |
158 | log_error_errno(errno, "sigtimedwait() failed: %m"); | |
159 | return; | |
160 | } | |
161 | ||
162 | if (k >= 0) | |
163 | log_warning("sigtimedwait() returned unexpected signal."); | |
164 | } | |
165 | } | |
166 | } | |
167 | ||
168 | static int killall(int sig, Set *pids, bool send_sighup) { | |
169 | _cleanup_closedir_ DIR *dir = NULL; | |
170 | struct dirent *d; | |
171 | ||
172 | dir = opendir("/proc"); | |
173 | if (!dir) | |
174 | return -errno; | |
175 | ||
176 | while ((d = readdir(dir))) { | |
177 | pid_t pid; | |
178 | int r; | |
179 | ||
180 | if (d->d_type != DT_DIR && | |
181 | d->d_type != DT_UNKNOWN) | |
182 | continue; | |
183 | ||
184 | if (parse_pid(d->d_name, &pid) < 0) | |
185 | continue; | |
186 | ||
187 | if (ignore_proc(pid, sig == SIGKILL && !in_initrd())) | |
188 | continue; | |
189 | ||
190 | if (sig == SIGKILL) { | |
191 | _cleanup_free_ char *s = NULL; | |
192 | ||
193 | get_process_comm(pid, &s); | |
194 | log_notice("Sending SIGKILL to PID "PID_FMT" (%s).", pid, strna(s)); | |
195 | } | |
196 | ||
197 | if (kill(pid, sig) >= 0) { | |
198 | if (pids) { | |
199 | r = set_put(pids, PID_TO_PTR(pid)); | |
200 | if (r < 0) | |
201 | log_oom(); | |
202 | } | |
203 | } else if (errno != ENOENT) | |
204 | log_warning_errno(errno, "Could not kill %d: %m", pid); | |
205 | ||
206 | if (send_sighup) { | |
207 | /* Optionally, also send a SIGHUP signal, but | |
208 | only if the process has a controlling | |
209 | tty. This is useful to allow handling of | |
210 | shells which ignore SIGTERM but react to | |
211 | SIGHUP. We do not send this to processes that | |
212 | have no controlling TTY since we don't want to | |
213 | trigger reloads of daemon processes. Also we | |
214 | make sure to only send this after SIGTERM so | |
215 | that SIGTERM is always first in the queue. */ | |
216 | ||
217 | ||
218 | if (get_ctty_devnr(pid, NULL) >= 0) | |
219 | kill(pid, SIGHUP); | |
220 | } | |
221 | } | |
222 | ||
223 | return set_size(pids); | |
224 | } | |
225 | ||
226 | void broadcast_signal(int sig, bool wait_for_exit, bool send_sighup) { | |
227 | sigset_t mask, oldmask; | |
228 | _cleanup_set_free_ Set *pids = NULL; | |
229 | ||
230 | if (wait_for_exit) | |
231 | pids = set_new(NULL); | |
232 | ||
233 | assert_se(sigemptyset(&mask) == 0); | |
234 | assert_se(sigaddset(&mask, SIGCHLD) == 0); | |
235 | assert_se(sigprocmask(SIG_BLOCK, &mask, &oldmask) == 0); | |
236 | ||
237 | if (kill(-1, SIGSTOP) < 0 && errno != ESRCH) | |
238 | log_warning_errno(errno, "kill(-1, SIGSTOP) failed: %m"); | |
239 | ||
240 | killall(sig, pids, send_sighup); | |
241 | ||
242 | if (kill(-1, SIGCONT) < 0 && errno != ESRCH) | |
243 | log_warning_errno(errno, "kill(-1, SIGCONT) failed: %m"); | |
244 | ||
245 | if (wait_for_exit) | |
246 | wait_for_children(pids, &mask); | |
247 | ||
248 | assert_se(sigprocmask(SIG_SETMASK, &oldmask, NULL) == 0); | |
249 | } |