1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 This file is part of systemd.
5 Copyright 2010 Lennart Poettering
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
27 #include <sys/mount.h>
28 #include <sys/prctl.h>
29 #include <sys/reboot.h>
35 #if HAVE_VALGRIND_VALGRIND_H
36 #include <valgrind/valgrind.h>
40 #include "sd-daemon.h"
42 #include "alloc-util.h"
43 #include "architecture.h"
45 #include "bus-error.h"
47 #include "capability-util.h"
48 #include "clock-util.h"
49 #include "conf-parser.h"
50 #include "cpu-set-util.h"
51 #include "dbus-manager.h"
53 #include "emergency-action.h"
58 #include "format-util.h"
60 #include "hostname-setup.h"
61 #include "ima-setup.h"
63 #include "kmod-setup.h"
64 #include "load-fragment.h"
66 #include "loopback-setup.h"
67 #include "machine-id-setup.h"
70 #include "mount-setup.h"
72 #include "parse-util.h"
73 #include "path-util.h"
74 #include "proc-cmdline.h"
75 #include "process-util.h"
76 #include "raw-clone.h"
77 #include "rlimit-util.h"
79 #include "seccomp-util.h"
81 #include "selinux-setup.h"
82 #include "selinux-util.h"
83 #include "signal-util.h"
84 #include "smack-setup.h"
86 #include "stat-util.h"
87 #include "stdio-util.h"
89 #include "switch-root.h"
90 #include "terminal-util.h"
91 #include "umask-util.h"
92 #include "user-util.h"
101 ACTION_DUMP_CONFIGURATION_ITEMS
102 } arg_action
= ACTION_RUN
;
103 static char *arg_default_unit
= NULL
;
104 static bool arg_system
= false;
105 static bool arg_dump_core
= true;
106 static int arg_crash_chvt
= -1;
107 static bool arg_crash_shell
= false;
108 static bool arg_crash_reboot
= false;
109 static char *arg_confirm_spawn
= NULL
;
110 static ShowStatus arg_show_status
= _SHOW_STATUS_UNSET
;
111 static bool arg_switched_root
= false;
112 static bool arg_no_pager
= false;
113 static char ***arg_join_controllers
= NULL
;
114 static ExecOutput arg_default_std_output
= EXEC_OUTPUT_JOURNAL
;
115 static ExecOutput arg_default_std_error
= EXEC_OUTPUT_INHERIT
;
116 static usec_t arg_default_restart_usec
= DEFAULT_RESTART_USEC
;
117 static usec_t arg_default_timeout_start_usec
= DEFAULT_TIMEOUT_USEC
;
118 static usec_t arg_default_timeout_stop_usec
= DEFAULT_TIMEOUT_USEC
;
119 static usec_t arg_default_start_limit_interval
= DEFAULT_START_LIMIT_INTERVAL
;
120 static unsigned arg_default_start_limit_burst
= DEFAULT_START_LIMIT_BURST
;
121 static usec_t arg_runtime_watchdog
= 0;
122 static usec_t arg_shutdown_watchdog
= 10 * USEC_PER_MINUTE
;
123 static char *arg_watchdog_device
= NULL
;
124 static char **arg_default_environment
= NULL
;
125 static struct rlimit
*arg_default_rlimit
[_RLIMIT_MAX
] = {};
126 static uint64_t arg_capability_bounding_set
= CAP_ALL
;
127 static nsec_t arg_timer_slack_nsec
= NSEC_INFINITY
;
128 static usec_t arg_default_timer_accuracy_usec
= 1 * USEC_PER_MINUTE
;
129 static Set
* arg_syscall_archs
= NULL
;
130 static FILE* arg_serialization
= NULL
;
131 static bool arg_default_cpu_accounting
= false;
132 static bool arg_default_io_accounting
= false;
133 static bool arg_default_ip_accounting
= false;
134 static bool arg_default_blockio_accounting
= false;
135 static bool arg_default_memory_accounting
= false;
136 static bool arg_default_tasks_accounting
= true;
137 static uint64_t arg_default_tasks_max
= UINT64_MAX
;
138 static sd_id128_t arg_machine_id
= {};
139 static EmergencyAction arg_cad_burst_action
= EMERGENCY_ACTION_REBOOT_FORCE
;
141 noreturn
static void freeze_or_reboot(void) {
143 if (arg_crash_reboot
) {
144 log_notice("Rebooting in 10s...");
147 log_notice("Rebooting now...");
148 (void) reboot(RB_AUTOBOOT
);
149 log_emergency_errno(errno
, "Failed to reboot: %m");
152 log_emergency("Freezing execution.");
156 noreturn
static void crash(int sig
) {
160 if (getpid_cached() != 1)
161 /* Pass this on immediately, if this is not PID 1 */
163 else if (!arg_dump_core
)
164 log_emergency("Caught <%s>, not dumping core.", signal_to_string(sig
));
166 sa
= (struct sigaction
) {
167 .sa_handler
= nop_signal_handler
,
168 .sa_flags
= SA_NOCLDSTOP
|SA_RESTART
,
171 /* We want to wait for the core process, hence let's enable SIGCHLD */
172 (void) sigaction(SIGCHLD
, &sa
, NULL
);
174 pid
= raw_clone(SIGCHLD
);
176 log_emergency_errno(errno
, "Caught <%s>, cannot fork for core dump: %m", signal_to_string(sig
));
178 /* Enable default signal handler for core dump */
180 sa
= (struct sigaction
) {
181 .sa_handler
= SIG_DFL
,
183 (void) sigaction(sig
, &sa
, NULL
);
185 /* Don't limit the coredump size */
186 (void) setrlimit(RLIMIT_CORE
, &RLIMIT_MAKE_CONST(RLIM_INFINITY
));
188 /* Just to be sure... */
191 /* Raise the signal again */
193 (void) kill(pid
, sig
); /* raise() would kill the parent */
195 assert_not_reached("We shouldn't be here...");
201 /* Order things nicely. */
202 r
= wait_for_terminate(pid
, &status
);
204 log_emergency_errno(r
, "Caught <%s>, waitpid() failed: %m", signal_to_string(sig
));
205 else if (status
.si_code
!= CLD_DUMPED
)
206 log_emergency("Caught <%s>, core dump failed (child "PID_FMT
", code=%s, status=%i/%s).",
207 signal_to_string(sig
),
208 pid
, sigchld_code_to_string(status
.si_code
),
210 strna(status
.si_code
== CLD_EXITED
211 ? exit_status_to_string(status
.si_status
, EXIT_STATUS_MINIMAL
)
212 : signal_to_string(status
.si_status
)));
214 log_emergency("Caught <%s>, dumped core as pid "PID_FMT
".", signal_to_string(sig
), pid
);
218 if (arg_crash_chvt
>= 0)
219 (void) chvt(arg_crash_chvt
);
221 sa
= (struct sigaction
) {
222 .sa_handler
= SIG_IGN
,
223 .sa_flags
= SA_NOCLDSTOP
|SA_NOCLDWAIT
|SA_RESTART
,
226 /* Let the kernel reap children for us */
227 (void) sigaction(SIGCHLD
, &sa
, NULL
);
229 if (arg_crash_shell
) {
230 log_notice("Executing crash shell in 10s...");
233 pid
= raw_clone(SIGCHLD
);
235 log_emergency_errno(errno
, "Failed to fork off crash shell: %m");
238 (void) make_console_stdio();
239 (void) execle("/bin/sh", "/bin/sh", NULL
, environ
);
241 log_emergency_errno(errno
, "execle() failed: %m");
244 log_info("Spawned crash shell as PID "PID_FMT
".", pid
);
245 (void) wait_for_terminate(pid
, NULL
);
252 static void install_crash_handler(void) {
253 static const struct sigaction sa
= {
255 .sa_flags
= SA_NODEFER
, /* So that we can raise the signal again from the signal handler */
259 /* We ignore the return value here, since, we don't mind if we
260 * cannot set up a crash handler */
261 r
= sigaction_many(&sa
, SIGNALS_CRASH_HANDLER
, -1);
263 log_debug_errno(r
, "I had trouble setting up the crash handler, ignoring: %m");
266 static int console_setup(void) {
267 _cleanup_close_
int tty_fd
= -1;
270 tty_fd
= open_terminal("/dev/console", O_WRONLY
|O_NOCTTY
|O_CLOEXEC
);
272 return log_error_errno(tty_fd
, "Failed to open /dev/console: %m");
274 /* We don't want to force text mode. plymouth may be showing
275 * pictures already from initrd. */
276 r
= reset_terminal_fd(tty_fd
, false);
278 return log_error_errno(r
, "Failed to reset /dev/console: %m");
283 static int parse_crash_chvt(const char *value
) {
286 if (safe_atoi(value
, &arg_crash_chvt
) >= 0)
289 b
= parse_boolean(value
);
294 arg_crash_chvt
= 0; /* switch to where kmsg goes */
296 arg_crash_chvt
= -1; /* turn off switching */
301 static int parse_confirm_spawn(const char *value
, char **console
) {
305 r
= value
? parse_boolean(value
) : 1;
311 if (r
> 0) /* on with default tty */
312 s
= strdup("/dev/console");
313 else if (is_path(value
)) /* on with fully qualified path */
315 else /* on with only a tty file name, not a fully qualified path */
316 s
= strjoin("/dev/", value
);
323 static int set_machine_id(const char *m
) {
327 if (sd_id128_from_string(m
, &t
) < 0)
330 if (sd_id128_is_null(t
))
337 static int parse_proc_cmdline_item(const char *key
, const char *value
, void *data
) {
343 if (STR_IN_SET(key
, "systemd.unit", "rd.systemd.unit")) {
345 if (proc_cmdline_value_missing(key
, value
))
348 if (!unit_name_is_valid(value
, UNIT_NAME_PLAIN
|UNIT_NAME_INSTANCE
))
349 log_warning("Unit name specified on %s= is not valid, ignoring: %s", key
, value
);
350 else if (in_initrd() == !!startswith(key
, "rd.")) {
351 if (free_and_strdup(&arg_default_unit
, value
) < 0)
355 } else if (proc_cmdline_key_streq(key
, "systemd.dump_core")) {
357 r
= value
? parse_boolean(value
) : true;
359 log_warning("Failed to parse dump core switch %s. Ignoring.", value
);
363 } else if (proc_cmdline_key_streq(key
, "systemd.crash_chvt")) {
366 arg_crash_chvt
= 0; /* turn on */
367 else if (parse_crash_chvt(value
) < 0)
368 log_warning("Failed to parse crash chvt switch %s. Ignoring.", value
);
370 } else if (proc_cmdline_key_streq(key
, "systemd.crash_shell")) {
372 r
= value
? parse_boolean(value
) : true;
374 log_warning("Failed to parse crash shell switch %s. Ignoring.", value
);
378 } else if (proc_cmdline_key_streq(key
, "systemd.crash_reboot")) {
380 r
= value
? parse_boolean(value
) : true;
382 log_warning("Failed to parse crash reboot switch %s. Ignoring.", value
);
384 arg_crash_reboot
= r
;
386 } else if (proc_cmdline_key_streq(key
, "systemd.confirm_spawn")) {
389 r
= parse_confirm_spawn(value
, &s
);
391 log_warning_errno(r
, "Failed to parse confirm_spawn switch %s. Ignoring.", value
);
393 free(arg_confirm_spawn
);
394 arg_confirm_spawn
= s
;
397 } else if (proc_cmdline_key_streq(key
, "systemd.show_status")) {
400 r
= parse_show_status(value
, &arg_show_status
);
402 log_warning("Failed to parse show status switch %s. Ignoring.", value
);
404 arg_show_status
= SHOW_STATUS_YES
;
406 } else if (proc_cmdline_key_streq(key
, "systemd.default_standard_output")) {
408 if (proc_cmdline_value_missing(key
, value
))
411 r
= exec_output_from_string(value
);
413 log_warning("Failed to parse default standard output switch %s. Ignoring.", value
);
415 arg_default_std_output
= r
;
417 } else if (proc_cmdline_key_streq(key
, "systemd.default_standard_error")) {
419 if (proc_cmdline_value_missing(key
, value
))
422 r
= exec_output_from_string(value
);
424 log_warning("Failed to parse default standard error switch %s. Ignoring.", value
);
426 arg_default_std_error
= r
;
428 } else if (streq(key
, "systemd.setenv")) {
430 if (proc_cmdline_value_missing(key
, value
))
433 if (env_assignment_is_valid(value
)) {
436 env
= strv_env_set(arg_default_environment
, value
);
440 arg_default_environment
= env
;
442 log_warning("Environment variable name '%s' is not valid. Ignoring.", value
);
444 } else if (proc_cmdline_key_streq(key
, "systemd.machine_id")) {
446 if (proc_cmdline_value_missing(key
, value
))
449 r
= set_machine_id(value
);
451 log_warning("MachineID '%s' is not valid. Ignoring.", value
);
453 } else if (proc_cmdline_key_streq(key
, "systemd.default_timeout_start_sec")) {
455 if (proc_cmdline_value_missing(key
, value
))
458 r
= parse_sec(value
, &arg_default_timeout_start_usec
);
460 log_warning_errno(r
, "Failed to parse default start timeout: %s, ignoring.", value
);
462 if (arg_default_timeout_start_usec
<= 0)
463 arg_default_timeout_start_usec
= USEC_INFINITY
;
465 } else if (proc_cmdline_key_streq(key
, "systemd.watchdog_device")) {
467 if (proc_cmdline_value_missing(key
, value
))
470 parse_path_argument_and_warn(value
, false, &arg_watchdog_device
);
472 } else if (streq(key
, "quiet") && !value
) {
474 if (arg_show_status
== _SHOW_STATUS_UNSET
)
475 arg_show_status
= SHOW_STATUS_AUTO
;
477 } else if (streq(key
, "debug") && !value
) {
479 /* Note that log_parse_environment() handles 'debug'
480 * too, and sets the log level to LOG_DEBUG. */
482 if (detect_container() > 0)
483 log_set_target(LOG_TARGET_CONSOLE
);
488 /* SysV compatibility */
489 target
= runlevel_to_target(key
);
491 return free_and_strdup(&arg_default_unit
, target
);
497 #define DEFINE_SETTER(name, func, descr) \
498 static int name(const char *unit, \
499 const char *filename, \
501 const char *section, \
502 unsigned section_line, \
503 const char *lvalue, \
505 const char *rvalue, \
517 log_syntax(unit, LOG_ERR, filename, line, r, \
518 "Invalid " descr "'%s': %m", \
524 DEFINE_SETTER(config_parse_level2
, log_set_max_level_from_string
, "log level")
525 DEFINE_SETTER(config_parse_target
, log_set_target_from_string
, "target")
526 DEFINE_SETTER(config_parse_color
, log_show_color_from_string
, "color" )
527 DEFINE_SETTER(config_parse_location
, log_show_location_from_string
, "location")
529 static int config_parse_cpu_affinity2(
531 const char *filename
,
534 unsigned section_line
,
541 _cleanup_cpu_free_ cpu_set_t
*c
= NULL
;
544 ncpus
= parse_cpu_set_and_warn(rvalue
, &c
, unit
, filename
, line
, lvalue
);
548 if (sched_setaffinity(0, CPU_ALLOC_SIZE(ncpus
), c
) < 0)
549 log_warning_errno(errno
, "Failed to set CPU affinity: %m");
554 static int config_parse_show_status(
556 const char *filename
,
559 unsigned section_line
,
567 ShowStatus
*b
= data
;
574 k
= parse_show_status(rvalue
, b
);
576 log_syntax(unit
, LOG_ERR
, filename
, line
, k
, "Failed to parse show status setting, ignoring: %s", rvalue
);
583 static int config_parse_output_restricted(
585 const char *filename
,
588 unsigned section_line
,
595 ExecOutput t
, *eo
= data
;
602 t
= exec_output_from_string(rvalue
);
604 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse output type, ignoring: %s", rvalue
);
608 if (IN_SET(t
, EXEC_OUTPUT_SOCKET
, EXEC_OUTPUT_NAMED_FD
, EXEC_OUTPUT_FILE
)) {
609 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Standard output types socket, fd:, file: are not supported as defaults, ignoring: %s", rvalue
);
617 static int config_parse_crash_chvt(
619 const char *filename
,
622 unsigned section_line
,
635 r
= parse_crash_chvt(rvalue
);
637 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse CrashChangeVT= setting, ignoring: %s", rvalue
);
644 static int config_parse_join_controllers(const char *unit
,
645 const char *filename
,
648 unsigned section_line
,
655 const char *whole_rvalue
= rvalue
;
662 arg_join_controllers
= strv_free_free(arg_join_controllers
);
665 _cleanup_free_
char *word
= NULL
;
669 r
= extract_first_word(&rvalue
, &word
, NULL
, EXTRACT_QUOTES
);
671 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid value for %s: %s", lvalue
, whole_rvalue
);
677 l
= strv_split(word
, ",");
682 if (strv_length(l
) <= 1) {
687 if (!arg_join_controllers
) {
688 arg_join_controllers
= new(char**, 2);
689 if (!arg_join_controllers
) {
694 arg_join_controllers
[0] = l
;
695 arg_join_controllers
[1] = NULL
;
702 t
= new0(char**, n
+2);
710 for (a
= arg_join_controllers
; *a
; a
++) {
712 if (strv_overlap(*a
, l
)) {
713 if (strv_extend_strv(&l
, *a
, false) < 0) {
733 t
[n
++] = strv_uniq(l
);
735 strv_free_free(arg_join_controllers
);
736 arg_join_controllers
= t
;
739 if (!isempty(rvalue
))
740 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Trailing garbage, ignoring.");
745 static int parse_config_file(void) {
747 const ConfigTableItem items
[] = {
748 { "Manager", "LogLevel", config_parse_level2
, 0, NULL
},
749 { "Manager", "LogTarget", config_parse_target
, 0, NULL
},
750 { "Manager", "LogColor", config_parse_color
, 0, NULL
},
751 { "Manager", "LogLocation", config_parse_location
, 0, NULL
},
752 { "Manager", "DumpCore", config_parse_bool
, 0, &arg_dump_core
},
753 { "Manager", "CrashChVT", /* legacy */ config_parse_crash_chvt
, 0, NULL
},
754 { "Manager", "CrashChangeVT", config_parse_crash_chvt
, 0, NULL
},
755 { "Manager", "CrashShell", config_parse_bool
, 0, &arg_crash_shell
},
756 { "Manager", "CrashReboot", config_parse_bool
, 0, &arg_crash_reboot
},
757 { "Manager", "ShowStatus", config_parse_show_status
, 0, &arg_show_status
},
758 { "Manager", "CPUAffinity", config_parse_cpu_affinity2
, 0, NULL
},
759 { "Manager", "JoinControllers", config_parse_join_controllers
, 0, &arg_join_controllers
},
760 { "Manager", "RuntimeWatchdogSec", config_parse_sec
, 0, &arg_runtime_watchdog
},
761 { "Manager", "ShutdownWatchdogSec", config_parse_sec
, 0, &arg_shutdown_watchdog
},
762 { "Manager", "WatchdogDevice", config_parse_path
, 0, &arg_watchdog_device
},
763 { "Manager", "CapabilityBoundingSet", config_parse_capability_set
, 0, &arg_capability_bounding_set
},
765 { "Manager", "SystemCallArchitectures", config_parse_syscall_archs
, 0, &arg_syscall_archs
},
767 { "Manager", "TimerSlackNSec", config_parse_nsec
, 0, &arg_timer_slack_nsec
},
768 { "Manager", "DefaultTimerAccuracySec", config_parse_sec
, 0, &arg_default_timer_accuracy_usec
},
769 { "Manager", "DefaultStandardOutput", config_parse_output_restricted
,0, &arg_default_std_output
},
770 { "Manager", "DefaultStandardError", config_parse_output_restricted
,0, &arg_default_std_error
},
771 { "Manager", "DefaultTimeoutStartSec", config_parse_sec
, 0, &arg_default_timeout_start_usec
},
772 { "Manager", "DefaultTimeoutStopSec", config_parse_sec
, 0, &arg_default_timeout_stop_usec
},
773 { "Manager", "DefaultRestartSec", config_parse_sec
, 0, &arg_default_restart_usec
},
774 { "Manager", "DefaultStartLimitInterval", config_parse_sec
, 0, &arg_default_start_limit_interval
}, /* obsolete alias */
775 { "Manager", "DefaultStartLimitIntervalSec",config_parse_sec
, 0, &arg_default_start_limit_interval
},
776 { "Manager", "DefaultStartLimitBurst", config_parse_unsigned
, 0, &arg_default_start_limit_burst
},
777 { "Manager", "DefaultEnvironment", config_parse_environ
, 0, &arg_default_environment
},
778 { "Manager", "DefaultLimitCPU", config_parse_limit
, RLIMIT_CPU
, arg_default_rlimit
},
779 { "Manager", "DefaultLimitFSIZE", config_parse_limit
, RLIMIT_FSIZE
, arg_default_rlimit
},
780 { "Manager", "DefaultLimitDATA", config_parse_limit
, RLIMIT_DATA
, arg_default_rlimit
},
781 { "Manager", "DefaultLimitSTACK", config_parse_limit
, RLIMIT_STACK
, arg_default_rlimit
},
782 { "Manager", "DefaultLimitCORE", config_parse_limit
, RLIMIT_CORE
, arg_default_rlimit
},
783 { "Manager", "DefaultLimitRSS", config_parse_limit
, RLIMIT_RSS
, arg_default_rlimit
},
784 { "Manager", "DefaultLimitNOFILE", config_parse_limit
, RLIMIT_NOFILE
, arg_default_rlimit
},
785 { "Manager", "DefaultLimitAS", config_parse_limit
, RLIMIT_AS
, arg_default_rlimit
},
786 { "Manager", "DefaultLimitNPROC", config_parse_limit
, RLIMIT_NPROC
, arg_default_rlimit
},
787 { "Manager", "DefaultLimitMEMLOCK", config_parse_limit
, RLIMIT_MEMLOCK
, arg_default_rlimit
},
788 { "Manager", "DefaultLimitLOCKS", config_parse_limit
, RLIMIT_LOCKS
, arg_default_rlimit
},
789 { "Manager", "DefaultLimitSIGPENDING", config_parse_limit
, RLIMIT_SIGPENDING
, arg_default_rlimit
},
790 { "Manager", "DefaultLimitMSGQUEUE", config_parse_limit
, RLIMIT_MSGQUEUE
, arg_default_rlimit
},
791 { "Manager", "DefaultLimitNICE", config_parse_limit
, RLIMIT_NICE
, arg_default_rlimit
},
792 { "Manager", "DefaultLimitRTPRIO", config_parse_limit
, RLIMIT_RTPRIO
, arg_default_rlimit
},
793 { "Manager", "DefaultLimitRTTIME", config_parse_limit
, RLIMIT_RTTIME
, arg_default_rlimit
},
794 { "Manager", "DefaultCPUAccounting", config_parse_bool
, 0, &arg_default_cpu_accounting
},
795 { "Manager", "DefaultIOAccounting", config_parse_bool
, 0, &arg_default_io_accounting
},
796 { "Manager", "DefaultIPAccounting", config_parse_bool
, 0, &arg_default_ip_accounting
},
797 { "Manager", "DefaultBlockIOAccounting", config_parse_bool
, 0, &arg_default_blockio_accounting
},
798 { "Manager", "DefaultMemoryAccounting", config_parse_bool
, 0, &arg_default_memory_accounting
},
799 { "Manager", "DefaultTasksAccounting", config_parse_bool
, 0, &arg_default_tasks_accounting
},
800 { "Manager", "DefaultTasksMax", config_parse_tasks_max
, 0, &arg_default_tasks_max
},
801 { "Manager", "CtrlAltDelBurstAction", config_parse_emergency_action
, 0, &arg_cad_burst_action
},
805 const char *fn
, *conf_dirs_nulstr
;
808 PKGSYSCONFDIR
"/system.conf" :
809 PKGSYSCONFDIR
"/user.conf";
811 conf_dirs_nulstr
= arg_system
?
812 CONF_PATHS_NULSTR("systemd/system.conf.d") :
813 CONF_PATHS_NULSTR("systemd/user.conf.d");
815 (void) config_parse_many_nulstr(fn
, conf_dirs_nulstr
, "Manager\0", config_item_table_lookup
, items
, CONFIG_PARSE_WARN
, NULL
);
817 /* Traditionally "0" was used to turn off the default unit timeouts. Fix this up so that we used USEC_INFINITY
818 * like everywhere else. */
819 if (arg_default_timeout_start_usec
<= 0)
820 arg_default_timeout_start_usec
= USEC_INFINITY
;
821 if (arg_default_timeout_stop_usec
<= 0)
822 arg_default_timeout_stop_usec
= USEC_INFINITY
;
827 static void set_manager_defaults(Manager
*m
) {
831 m
->default_timer_accuracy_usec
= arg_default_timer_accuracy_usec
;
832 m
->default_std_output
= arg_default_std_output
;
833 m
->default_std_error
= arg_default_std_error
;
834 m
->default_timeout_start_usec
= arg_default_timeout_start_usec
;
835 m
->default_timeout_stop_usec
= arg_default_timeout_stop_usec
;
836 m
->default_restart_usec
= arg_default_restart_usec
;
837 m
->default_start_limit_interval
= arg_default_start_limit_interval
;
838 m
->default_start_limit_burst
= arg_default_start_limit_burst
;
839 m
->default_cpu_accounting
= arg_default_cpu_accounting
;
840 m
->default_io_accounting
= arg_default_io_accounting
;
841 m
->default_ip_accounting
= arg_default_ip_accounting
;
842 m
->default_blockio_accounting
= arg_default_blockio_accounting
;
843 m
->default_memory_accounting
= arg_default_memory_accounting
;
844 m
->default_tasks_accounting
= arg_default_tasks_accounting
;
845 m
->default_tasks_max
= arg_default_tasks_max
;
847 manager_set_default_rlimits(m
, arg_default_rlimit
);
848 manager_environment_add(m
, NULL
, arg_default_environment
);
851 static void set_manager_settings(Manager
*m
) {
855 m
->confirm_spawn
= arg_confirm_spawn
;
856 m
->runtime_watchdog
= arg_runtime_watchdog
;
857 m
->shutdown_watchdog
= arg_shutdown_watchdog
;
858 m
->cad_burst_action
= arg_cad_burst_action
;
860 manager_set_show_status(m
, arg_show_status
);
863 static int parse_argv(int argc
, char *argv
[]) {
866 ARG_LOG_LEVEL
= 0x100,
876 ARG_DUMP_CONFIGURATION_ITEMS
,
885 ARG_DEFAULT_STD_OUTPUT
,
886 ARG_DEFAULT_STD_ERROR
,
890 static const struct option options
[] = {
891 { "log-level", required_argument
, NULL
, ARG_LOG_LEVEL
},
892 { "log-target", required_argument
, NULL
, ARG_LOG_TARGET
},
893 { "log-color", optional_argument
, NULL
, ARG_LOG_COLOR
},
894 { "log-location", optional_argument
, NULL
, ARG_LOG_LOCATION
},
895 { "unit", required_argument
, NULL
, ARG_UNIT
},
896 { "system", no_argument
, NULL
, ARG_SYSTEM
},
897 { "user", no_argument
, NULL
, ARG_USER
},
898 { "test", no_argument
, NULL
, ARG_TEST
},
899 { "no-pager", no_argument
, NULL
, ARG_NO_PAGER
},
900 { "help", no_argument
, NULL
, 'h' },
901 { "version", no_argument
, NULL
, ARG_VERSION
},
902 { "dump-configuration-items", no_argument
, NULL
, ARG_DUMP_CONFIGURATION_ITEMS
},
903 { "dump-core", optional_argument
, NULL
, ARG_DUMP_CORE
},
904 { "crash-chvt", required_argument
, NULL
, ARG_CRASH_CHVT
},
905 { "crash-shell", optional_argument
, NULL
, ARG_CRASH_SHELL
},
906 { "crash-reboot", optional_argument
, NULL
, ARG_CRASH_REBOOT
},
907 { "confirm-spawn", optional_argument
, NULL
, ARG_CONFIRM_SPAWN
},
908 { "show-status", optional_argument
, NULL
, ARG_SHOW_STATUS
},
909 { "deserialize", required_argument
, NULL
, ARG_DESERIALIZE
},
910 { "switched-root", no_argument
, NULL
, ARG_SWITCHED_ROOT
},
911 { "default-standard-output", required_argument
, NULL
, ARG_DEFAULT_STD_OUTPUT
, },
912 { "default-standard-error", required_argument
, NULL
, ARG_DEFAULT_STD_ERROR
, },
913 { "machine-id", required_argument
, NULL
, ARG_MACHINE_ID
},
922 if (getpid_cached() == 1)
925 while ((c
= getopt_long(argc
, argv
, "hDbsz:", options
, NULL
)) >= 0)
930 r
= log_set_max_level_from_string(optarg
);
932 log_error("Failed to parse log level %s.", optarg
);
939 r
= log_set_target_from_string(optarg
);
941 log_error("Failed to parse log target %s.", optarg
);
950 r
= log_show_color_from_string(optarg
);
952 log_error("Failed to parse log color setting %s.", optarg
);
956 log_show_color(true);
960 case ARG_LOG_LOCATION
:
962 r
= log_show_location_from_string(optarg
);
964 log_error("Failed to parse log location setting %s.", optarg
);
968 log_show_location(true);
972 case ARG_DEFAULT_STD_OUTPUT
:
973 r
= exec_output_from_string(optarg
);
975 log_error("Failed to parse default standard output setting %s.", optarg
);
978 arg_default_std_output
= r
;
981 case ARG_DEFAULT_STD_ERROR
:
982 r
= exec_output_from_string(optarg
);
984 log_error("Failed to parse default standard error output setting %s.", optarg
);
987 arg_default_std_error
= r
;
991 r
= free_and_strdup(&arg_default_unit
, optarg
);
993 return log_error_errno(r
, "Failed to set default unit %s: %m", optarg
);
1006 arg_action
= ACTION_TEST
;
1010 arg_no_pager
= true;
1014 arg_action
= ACTION_VERSION
;
1017 case ARG_DUMP_CONFIGURATION_ITEMS
:
1018 arg_action
= ACTION_DUMP_CONFIGURATION_ITEMS
;
1023 arg_dump_core
= true;
1025 r
= parse_boolean(optarg
);
1027 return log_error_errno(r
, "Failed to parse dump core boolean: %s", optarg
);
1032 case ARG_CRASH_CHVT
:
1033 r
= parse_crash_chvt(optarg
);
1035 return log_error_errno(r
, "Failed to parse crash virtual terminal index: %s", optarg
);
1038 case ARG_CRASH_SHELL
:
1040 arg_crash_shell
= true;
1042 r
= parse_boolean(optarg
);
1044 return log_error_errno(r
, "Failed to parse crash shell boolean: %s", optarg
);
1045 arg_crash_shell
= r
;
1049 case ARG_CRASH_REBOOT
:
1051 arg_crash_reboot
= true;
1053 r
= parse_boolean(optarg
);
1055 return log_error_errno(r
, "Failed to parse crash shell boolean: %s", optarg
);
1056 arg_crash_reboot
= r
;
1060 case ARG_CONFIRM_SPAWN
:
1061 arg_confirm_spawn
= mfree(arg_confirm_spawn
);
1063 r
= parse_confirm_spawn(optarg
, &arg_confirm_spawn
);
1065 return log_error_errno(r
, "Failed to parse confirm spawn option: %m");
1068 case ARG_SHOW_STATUS
:
1070 r
= parse_show_status(optarg
, &arg_show_status
);
1072 log_error("Failed to parse show status boolean %s.", optarg
);
1076 arg_show_status
= SHOW_STATUS_YES
;
1079 case ARG_DESERIALIZE
: {
1083 r
= safe_atoi(optarg
, &fd
);
1084 if (r
< 0 || fd
< 0) {
1085 log_error("Failed to parse deserialize option %s.", optarg
);
1089 (void) fd_cloexec(fd
, true);
1091 f
= fdopen(fd
, "r");
1093 return log_error_errno(errno
, "Failed to open serialization fd: %m");
1095 safe_fclose(arg_serialization
);
1096 arg_serialization
= f
;
1101 case ARG_SWITCHED_ROOT
:
1102 arg_switched_root
= true;
1105 case ARG_MACHINE_ID
:
1106 r
= set_machine_id(optarg
);
1108 return log_error_errno(r
, "MachineID '%s' is not valid.", optarg
);
1112 arg_action
= ACTION_HELP
;
1116 log_set_max_level(LOG_DEBUG
);
1122 /* Just to eat away the sysvinit kernel
1123 * cmdline args without getopt() error
1124 * messages that we'll parse in
1125 * parse_proc_cmdline_word() or ignore. */
1128 if (getpid_cached() != 1)
1134 assert_not_reached("Unhandled option code.");
1137 if (optind
< argc
&& getpid_cached() != 1) {
1138 /* Hmm, when we aren't run as init system
1139 * let's complain about excess arguments */
1141 log_error("Excess arguments.");
1148 static int help(void) {
1150 printf("%s [OPTIONS...]\n\n"
1151 "Starts up and maintains the system or user services.\n\n"
1152 " -h --help Show this help\n"
1153 " --version Show version\n"
1154 " --test Determine startup sequence, dump it and exit\n"
1155 " --no-pager Do not pipe output into a pager\n"
1156 " --dump-configuration-items Dump understood unit configuration items\n"
1157 " --unit=UNIT Set default unit\n"
1158 " --system Run a system instance, even if PID != 1\n"
1159 " --user Run a user instance\n"
1160 " --dump-core[=BOOL] Dump core on crash\n"
1161 " --crash-vt=NR Change to specified VT on crash\n"
1162 " --crash-reboot[=BOOL] Reboot on crash\n"
1163 " --crash-shell[=BOOL] Run shell on crash\n"
1164 " --confirm-spawn[=BOOL] Ask for confirmation when spawning processes\n"
1165 " --show-status[=BOOL] Show status updates on the console during bootup\n"
1166 " --log-target=TARGET Set log target (console, journal, kmsg, journal-or-kmsg, null)\n"
1167 " --log-level=LEVEL Set log level (debug, info, notice, warning, err, crit, alert, emerg)\n"
1168 " --log-color[=BOOL] Highlight important log messages\n"
1169 " --log-location[=BOOL] Include code location in log messages\n"
1170 " --default-standard-output= Set default standard output for services\n"
1171 " --default-standard-error= Set default standard error output for services\n",
1172 program_invocation_short_name
);
1177 static int prepare_reexecute(Manager
*m
, FILE **_f
, FDSet
**_fds
, bool switching_root
) {
1178 _cleanup_fdset_free_ FDSet
*fds
= NULL
;
1179 _cleanup_fclose_
FILE *f
= NULL
;
1186 r
= manager_open_serialization(m
, &f
);
1188 return log_error_errno(r
, "Failed to create serialization file: %m");
1190 /* Make sure nothing is really destructed when we shut down */
1192 bus_manager_send_reloading(m
, true);
1198 r
= manager_serialize(m
, f
, fds
, switching_root
);
1200 return log_error_errno(r
, "Failed to serialize state: %m");
1202 if (fseeko(f
, 0, SEEK_SET
) == (off_t
) -1)
1203 return log_error_errno(errno
, "Failed to rewind serialization fd: %m");
1205 r
= fd_cloexec(fileno(f
), false);
1207 return log_error_errno(r
, "Failed to disable O_CLOEXEC for serialization: %m");
1209 r
= fdset_cloexec(fds
, false);
1211 return log_error_errno(r
, "Failed to disable O_CLOEXEC for serialization fds: %m");
1222 static int bump_rlimit_nofile(struct rlimit
*saved_rlimit
) {
1226 _cleanup_free_
char *nr_open
= NULL
;
1228 assert(saved_rlimit
);
1230 /* Save the original RLIMIT_NOFILE so that we can reset it
1231 * later when transitioning from the initrd to the main
1232 * systemd or suchlike. */
1233 if (getrlimit(RLIMIT_NOFILE
, saved_rlimit
) < 0)
1234 return log_warning_errno(errno
, "Reading RLIMIT_NOFILE failed, ignoring: %m");
1236 /* Make sure forked processes get the default kernel setting */
1237 if (!arg_default_rlimit
[RLIMIT_NOFILE
]) {
1240 rl
= newdup(struct rlimit
, saved_rlimit
, 1);
1244 arg_default_rlimit
[RLIMIT_NOFILE
] = rl
;
1247 /* Get current RLIMIT_NOFILE maximum compiled into the kernel. */
1248 r
= read_one_line_file("/proc/sys/fs/nr_open", &nr_open
);
1250 r
= safe_atoi(nr_open
, &min_max
);
1251 /* If we fail, fallback to the hard-coded kernel limit of 1024 * 1024. */
1253 min_max
= 1024 * 1024;
1255 /* Bump up the resource limit for ourselves substantially */
1256 nl
.rlim_cur
= nl
.rlim_max
= min_max
;
1257 r
= setrlimit_closest(RLIMIT_NOFILE
, &nl
);
1259 return log_warning_errno(r
, "Setting RLIMIT_NOFILE failed, ignoring: %m");
1264 static int bump_rlimit_memlock(struct rlimit
*saved_rlimit
) {
1267 assert(saved_rlimit
);
1268 assert(getuid() == 0);
1270 /* BPF_MAP_TYPE_LPM_TRIE bpf maps are charged against RLIMIT_MEMLOCK, even though we have CAP_IPC_LOCK which
1271 * should normally disable such checks. We need them to implement IPAccessAllow= and IPAccessDeny=, hence let's
1272 * bump the value high enough for the root user. */
1274 if (getrlimit(RLIMIT_MEMLOCK
, saved_rlimit
) < 0)
1275 return log_warning_errno(errno
, "Reading RLIMIT_MEMLOCK failed, ignoring: %m");
1277 r
= setrlimit_closest(RLIMIT_MEMLOCK
, &RLIMIT_MAKE_CONST(1024ULL*1024ULL*16ULL));
1279 return log_warning_errno(r
, "Setting RLIMIT_MEMLOCK failed, ignoring: %m");
1284 static void test_usr(void) {
1286 /* Check that /usr is not a separate fs */
1288 if (dir_is_empty("/usr") <= 0)
1291 log_warning("/usr appears to be on its own filesystem and is not already mounted. This is not a supported setup. "
1292 "Some things will probably break (sometimes even silently) in mysterious ways. "
1293 "Consult http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken for more information.");
1296 static int initialize_join_controllers(void) {
1297 /* By default, mount "cpu" + "cpuacct" together, and "net_cls"
1298 * + "net_prio". We'd like to add "cpuset" to the mix, but
1299 * "cpuset" doesn't really work for groups with no initialized
1302 arg_join_controllers
= new(char**, 3);
1303 if (!arg_join_controllers
)
1306 arg_join_controllers
[0] = strv_new("cpu", "cpuacct", NULL
);
1307 if (!arg_join_controllers
[0])
1310 arg_join_controllers
[1] = strv_new("net_cls", "net_prio", NULL
);
1311 if (!arg_join_controllers
[1])
1314 arg_join_controllers
[2] = NULL
;
1318 arg_join_controllers
= strv_free_free(arg_join_controllers
);
1322 static int enforce_syscall_archs(Set
*archs
) {
1326 if (!is_seccomp_available())
1329 r
= seccomp_restrict_archs(arg_syscall_archs
);
1331 return log_error_errno(r
, "Failed to enforce system call architecture restrication: %m");
1336 static int status_welcome(void) {
1337 _cleanup_free_
char *pretty_name
= NULL
, *ansi_color
= NULL
;
1340 r
= parse_env_file("/etc/os-release", NEWLINE
,
1341 "PRETTY_NAME", &pretty_name
,
1342 "ANSI_COLOR", &ansi_color
,
1345 r
= parse_env_file("/usr/lib/os-release", NEWLINE
,
1346 "PRETTY_NAME", &pretty_name
,
1347 "ANSI_COLOR", &ansi_color
,
1350 if (r
< 0 && r
!= -ENOENT
)
1351 log_warning_errno(r
, "Failed to read os-release file: %m");
1353 if (log_get_show_color())
1354 return status_printf(NULL
, false, false,
1355 "\nWelcome to \x1B[%sm%s\x1B[0m!\n",
1356 isempty(ansi_color
) ? "1" : ansi_color
,
1357 isempty(pretty_name
) ? "Linux" : pretty_name
);
1359 return status_printf(NULL
, false, false,
1360 "\nWelcome to %s!\n",
1361 isempty(pretty_name
) ? "Linux" : pretty_name
);
1364 static int write_container_id(void) {
1368 c
= getenv("container");
1372 RUN_WITH_UMASK(0022)
1373 r
= write_string_file("/run/systemd/container", c
, WRITE_STRING_FILE_CREATE
);
1375 return log_warning_errno(r
, "Failed to write /run/systemd/container, ignoring: %m");
1380 static int bump_unix_max_dgram_qlen(void) {
1381 _cleanup_free_
char *qlen
= NULL
;
1385 /* Let's bump the net.unix.max_dgram_qlen sysctl. The kernel
1386 * default of 16 is simply too low. We set the value really
1387 * really early during boot, so that it is actually applied to
1388 * all our sockets, including the $NOTIFY_SOCKET one. */
1390 r
= read_one_line_file("/proc/sys/net/unix/max_dgram_qlen", &qlen
);
1392 return log_warning_errno(r
, "Failed to read AF_UNIX datagram queue length, ignoring: %m");
1394 r
= safe_atolu(qlen
, &v
);
1396 return log_warning_errno(r
, "Failed to parse AF_UNIX datagram queue length, ignoring: %m");
1398 if (v
>= DEFAULT_UNIX_MAX_DGRAM_QLEN
)
1402 if (asprintf(&qlen
, "%lu\n", DEFAULT_UNIX_MAX_DGRAM_QLEN
) < 0)
1405 r
= write_string_file("/proc/sys/net/unix/max_dgram_qlen", qlen
, 0);
1407 return log_full_errno(IN_SET(r
, -EROFS
, -EPERM
, -EACCES
) ? LOG_DEBUG
: LOG_WARNING
, r
,
1408 "Failed to bump AF_UNIX datagram queue length, ignoring: %m");
1413 static int fixup_environment(void) {
1414 _cleanup_free_
char *term
= NULL
;
1417 /* We expect the environment to be set correctly
1418 * if run inside a container. */
1419 if (detect_container() > 0)
1422 /* When started as PID1, the kernel uses /dev/console
1423 * for our stdios and uses TERM=linux whatever the
1424 * backend device used by the console. We try to make
1425 * a better guess here since some consoles might not
1426 * have support for color mode for example.
1428 * However if TERM was configured through the kernel
1429 * command line then leave it alone. */
1431 r
= proc_cmdline_get_key("TERM", 0, &term
);
1435 term
= strdup(default_term_for_tty("/dev/console"));
1440 if (setenv("TERM", term
, 1) < 0)
1446 static void redirect_telinit(int argc
, char *argv
[]) {
1448 /* This is compatibility support for SysV, where calling init as a user is identical to telinit. */
1450 #if HAVE_SYSV_COMPAT
1451 if (getpid_cached() == 1)
1454 if (!strstr(program_invocation_short_name
, "init"))
1457 execv(SYSTEMCTL_BINARY_PATH
, argv
);
1458 log_error_errno(errno
, "Failed to exec " SYSTEMCTL_BINARY_PATH
": %m");
1463 static int become_shutdown(
1464 const char *shutdown_verb
,
1467 char log_level
[DECIMAL_STR_MAX(int) + 1],
1468 exit_code
[DECIMAL_STR_MAX(uint8_t) + 1];
1470 const char* command_line
[11] = {
1471 SYSTEMD_SHUTDOWN_BINARY_PATH
,
1473 "--log-level", log_level
,
1477 _cleanup_strv_free_
char **env_block
= NULL
;
1481 assert(shutdown_verb
);
1482 assert(!command_line
[pos
]);
1483 env_block
= strv_copy(environ
);
1485 xsprintf(log_level
, "%d", log_get_max_level());
1487 switch (log_get_target()) {
1489 case LOG_TARGET_KMSG
:
1490 case LOG_TARGET_JOURNAL_OR_KMSG
:
1491 case LOG_TARGET_SYSLOG_OR_KMSG
:
1492 command_line
[pos
++] = "kmsg";
1495 case LOG_TARGET_NULL
:
1496 command_line
[pos
++] = "null";
1499 case LOG_TARGET_CONSOLE
:
1501 command_line
[pos
++] = "console";
1505 if (log_get_show_color())
1506 command_line
[pos
++] = "--log-color";
1508 if (log_get_show_location())
1509 command_line
[pos
++] = "--log-location";
1511 if (streq(shutdown_verb
, "exit")) {
1512 command_line
[pos
++] = "--exit-code";
1513 command_line
[pos
++] = exit_code
;
1514 xsprintf(exit_code
, "%d", retval
);
1517 assert(pos
< ELEMENTSOF(command_line
));
1519 if (streq(shutdown_verb
, "reboot") &&
1520 arg_shutdown_watchdog
> 0 &&
1521 arg_shutdown_watchdog
!= USEC_INFINITY
) {
1525 /* If we reboot let's set the shutdown
1526 * watchdog and tell the shutdown binary to
1527 * repeatedly ping it */
1528 r
= watchdog_set_timeout(&arg_shutdown_watchdog
);
1529 watchdog_close(r
< 0);
1531 /* Tell the binary how often to ping, ignore failure */
1532 if (asprintf(&e
, "WATCHDOG_USEC="USEC_FMT
, arg_shutdown_watchdog
) > 0)
1533 (void) strv_consume(&env_block
, e
);
1535 if (arg_watchdog_device
&&
1536 asprintf(&e
, "WATCHDOG_DEVICE=%s", arg_watchdog_device
) > 0)
1537 (void) strv_consume(&env_block
, e
);
1539 watchdog_close(true);
1541 /* Avoid the creation of new processes forked by the
1542 * kernel; at this point, we will not listen to the
1544 if (detect_container() <= 0)
1545 (void) cg_uninstall_release_agent(SYSTEMD_CGROUP_CONTROLLER
);
1547 execve(SYSTEMD_SHUTDOWN_BINARY_PATH
, (char **) command_line
, env_block
);
1551 static void initialize_clock(void) {
1554 if (clock_is_localtime(NULL
) > 0) {
1558 * The very first call of settimeofday() also does a time warp in the kernel.
1560 * In the rtc-in-local time mode, we set the kernel's timezone, and rely on external tools to take care
1561 * of maintaining the RTC and do all adjustments. This matches the behavior of Windows, which leaves
1562 * the RTC alone if the registry tells that the RTC runs in UTC.
1564 r
= clock_set_timezone(&min
);
1566 log_error_errno(r
, "Failed to apply local time delta, ignoring: %m");
1568 log_info("RTC configured in localtime, applying delta of %i minutes to system time.", min
);
1570 } else if (!in_initrd()) {
1572 * Do a dummy very first call to seal the kernel's time warp magic.
1574 * Do not call this from inside the initrd. The initrd might not carry /etc/adjtime with LOCAL, but the
1575 * real system could be set up that way. In such case, we need to delay the time-warp or the sealing
1576 * until we reach the real system.
1578 * Do no set the kernel's timezone. The concept of local time cannot be supported reliably, the time
1579 * will jump or be incorrect at every daylight saving time change. All kernel local time concepts will
1580 * be treated as UTC that way.
1582 (void) clock_reset_timewarp();
1585 r
= clock_apply_epoch();
1587 log_error_errno(r
, "Current system time is before build time, but cannot correct: %m");
1589 log_info("System time before build time, advancing clock.");
1592 static void initialize_coredump(bool skip_setup
) {
1594 if (getpid_cached() != 1)
1597 /* Don't limit the core dump size, so that coredump handlers such as systemd-coredump (which honour the limit)
1598 * will process core dumps for system services by default. */
1599 if (setrlimit(RLIMIT_CORE
, &RLIMIT_MAKE_CONST(RLIM_INFINITY
)) < 0)
1600 log_warning_errno(errno
, "Failed to set RLIMIT_CORE: %m");
1602 /* But at the same time, turn off the core_pattern logic by default, so that no coredumps are stored
1603 * until the systemd-coredump tool is enabled via sysctl. */
1605 (void) write_string_file("/proc/sys/kernel/core_pattern", "|/bin/false", 0);
1608 static void do_reexecute(
1611 const struct rlimit
*saved_rlimit_nofile
,
1612 const struct rlimit
*saved_rlimit_memlock
,
1614 const char *switch_root_dir
,
1615 const char *switch_root_init
,
1616 const char **ret_error_message
) {
1618 unsigned i
, j
, args_size
;
1622 assert(saved_rlimit_nofile
);
1623 assert(saved_rlimit_memlock
);
1624 assert(ret_error_message
);
1626 /* Close and disarm the watchdog, so that the new instance can reinitialize it, but doesn't get rebooted while
1628 watchdog_close(true);
1630 /* Reset the RLIMIT_NOFILE to the kernel default, so that the new systemd can pass the kernel default to its
1631 * child processes */
1633 if (saved_rlimit_nofile
->rlim_cur
> 0)
1634 (void) setrlimit(RLIMIT_NOFILE
, saved_rlimit_nofile
);
1635 if (saved_rlimit_memlock
->rlim_cur
!= (rlim_t
) -1)
1636 (void) setrlimit(RLIMIT_MEMLOCK
, saved_rlimit_memlock
);
1638 if (switch_root_dir
) {
1639 /* Kill all remaining processes from the initrd, but don't wait for them, so that we can handle the
1640 * SIGCHLD for them after deserializing. */
1641 broadcast_signal(SIGTERM
, false, true);
1643 /* And switch root with MS_MOVE, because we remove the old directory afterwards and detach it. */
1644 r
= switch_root(switch_root_dir
, "/mnt", true, MS_MOVE
);
1646 log_error_errno(r
, "Failed to switch root, trying to continue: %m");
1649 args_size
= MAX(6, argc
+1);
1650 args
= newa(const char*, args_size
);
1652 if (!switch_root_init
) {
1653 char sfd
[DECIMAL_STR_MAX(int) + 1];
1655 /* First try to spawn ourselves with the right path, and with full serialization. We do this only if
1656 * the user didn't specify an explicit init to spawn. */
1658 assert(arg_serialization
);
1661 xsprintf(sfd
, "%i", fileno(arg_serialization
));
1664 args
[i
++] = SYSTEMD_BINARY_PATH
;
1665 if (switch_root_dir
)
1666 args
[i
++] = "--switched-root";
1667 args
[i
++] = arg_system
? "--system" : "--user";
1668 args
[i
++] = "--deserialize";
1672 assert(i
<= args_size
);
1675 * We want valgrind to print its memory usage summary before reexecution. Valgrind won't do this is on
1676 * its own on exec(), but it will do it on exit(). Hence, to ensure we get a summary here, fork() off
1677 * a child, let it exit() cleanly, so that it prints the summary, and wait() for it in the parent,
1678 * before proceeding into the exec().
1680 valgrind_summary_hack();
1682 (void) execv(args
[0], (char* const*) args
);
1683 log_debug_errno(errno
, "Failed to execute our own binary, trying fallback: %m");
1686 /* Try the fallback, if there is any, without any serialization. We pass the original argv[] and envp[]. (Well,
1687 * modulo the ordering changes due to getopt() in argv[], and some cleanups in envp[], but let's hope that
1688 * doesn't matter.) */
1690 arg_serialization
= safe_fclose(arg_serialization
);
1691 fds
= fdset_free(fds
);
1693 /* Reopen the console */
1694 (void) make_console_stdio();
1696 for (j
= 1, i
= 1; j
< (unsigned) argc
; j
++)
1697 args
[i
++] = argv
[j
];
1699 assert(i
<= args_size
);
1701 /* Reenable any blocked signals, especially important if we switch from initial ramdisk to init=... */
1702 (void) reset_all_signal_handlers();
1703 (void) reset_signal_mask();
1705 if (switch_root_init
) {
1706 args
[0] = switch_root_init
;
1707 (void) execv(args
[0], (char* const*) args
);
1708 log_warning_errno(errno
, "Failed to execute configured init, trying fallback: %m");
1711 args
[0] = "/sbin/init";
1712 (void) execv(args
[0], (char* const*) args
);
1715 manager_status_printf(NULL
, STATUS_TYPE_EMERGENCY
,
1716 ANSI_HIGHLIGHT_RED
" !! " ANSI_NORMAL
,
1717 "Failed to execute /sbin/init");
1720 log_warning("No /sbin/init, trying fallback");
1722 args
[0] = "/bin/sh";
1724 (void) execv(args
[0], (char* const*) args
);
1725 log_error_errno(errno
, "Failed to execute /bin/sh, giving up: %m");
1727 log_warning_errno(r
, "Failed to execute /sbin/init, giving up: %m");
1729 *ret_error_message
= "Failed to execute fallback shell";
1732 static int invoke_main_loop(
1734 bool *ret_reexecute
,
1735 int *ret_retval
, /* Return parameters relevant for shutting down */
1736 const char **ret_shutdown_verb
, /* … */
1737 FDSet
**ret_fds
, /* Return parameters for reexecuting */
1738 char **ret_switch_root_dir
, /* … */
1739 char **ret_switch_root_init
, /* … */
1740 const char **ret_error_message
) {
1745 assert(ret_reexecute
);
1747 assert(ret_shutdown_verb
);
1749 assert(ret_switch_root_dir
);
1750 assert(ret_switch_root_init
);
1751 assert(ret_error_message
);
1754 r
= manager_loop(m
);
1756 *ret_error_message
= "Failed to run main loop";
1757 return log_emergency_errno(r
, "Failed to run main loop: %m");
1760 switch (m
->exit_code
) {
1762 case MANAGER_RELOAD
:
1763 log_info("Reloading.");
1765 r
= parse_config_file();
1767 log_warning_errno(r
, "Failed to parse config file, ignoring: %m");
1769 set_manager_defaults(m
);
1771 r
= manager_reload(m
);
1773 log_warning_errno(r
, "Failed to reload, ignoring: %m");
1777 case MANAGER_REEXECUTE
:
1779 r
= prepare_reexecute(m
, &arg_serialization
, ret_fds
, false);
1781 *ret_error_message
= "Failed to prepare for reexecution";
1785 log_notice("Reexecuting.");
1787 *ret_reexecute
= true;
1788 *ret_retval
= EXIT_SUCCESS
;
1789 *ret_shutdown_verb
= NULL
;
1790 *ret_switch_root_dir
= *ret_switch_root_init
= NULL
;
1794 case MANAGER_SWITCH_ROOT
:
1795 if (!m
->switch_root_init
) {
1796 r
= prepare_reexecute(m
, &arg_serialization
, ret_fds
, true);
1798 *ret_error_message
= "Failed to prepare for reexecution";
1804 log_notice("Switching root.");
1806 *ret_reexecute
= true;
1807 *ret_retval
= EXIT_SUCCESS
;
1808 *ret_shutdown_verb
= NULL
;
1810 /* Steal the switch root parameters */
1811 *ret_switch_root_dir
= m
->switch_root
;
1812 *ret_switch_root_init
= m
->switch_root_init
;
1813 m
->switch_root
= m
->switch_root_init
= NULL
;
1819 if (MANAGER_IS_USER(m
)) {
1822 *ret_reexecute
= false;
1823 *ret_retval
= m
->return_value
;
1824 *ret_shutdown_verb
= NULL
;
1826 *ret_switch_root_dir
= *ret_switch_root_init
= NULL
;
1832 case MANAGER_REBOOT
:
1833 case MANAGER_POWEROFF
:
1835 case MANAGER_KEXEC
: {
1836 static const char * const table
[_MANAGER_EXIT_CODE_MAX
] = {
1837 [MANAGER_EXIT
] = "exit",
1838 [MANAGER_REBOOT
] = "reboot",
1839 [MANAGER_POWEROFF
] = "poweroff",
1840 [MANAGER_HALT
] = "halt",
1841 [MANAGER_KEXEC
] = "kexec"
1844 log_notice("Shutting down.");
1846 *ret_reexecute
= false;
1847 *ret_retval
= m
->return_value
;
1848 assert_se(*ret_shutdown_verb
= table
[m
->exit_code
]);
1850 *ret_switch_root_dir
= *ret_switch_root_init
= NULL
;
1856 assert_not_reached("Unknown exit code.");
1861 static void log_execution_mode(bool *ret_first_boot
) {
1862 assert(ret_first_boot
);
1867 log_info(PACKAGE_STRING
" running in %ssystem mode. (" SYSTEMD_FEATURES
")",
1868 arg_action
== ACTION_TEST
? "test " : "" );
1870 v
= detect_virtualization();
1872 log_info("Detected virtualization %s.", virtualization_to_string(v
));
1874 log_info("Detected architecture %s.", architecture_to_string(uname_architecture()));
1877 *ret_first_boot
= false;
1878 log_info("Running in initial RAM disk.");
1880 /* Let's check whether we are in first boot, i.e. whether /etc is still unpopulated. We use
1881 * /etc/machine-id as flag file, for this: if it exists we assume /etc is populated, if it
1882 * doesn't it's unpopulated. This allows container managers and installers to provision a
1883 * couple of files already. If the container manager wants to provision the machine ID itself
1884 * it should pass $container_uuid to PID 1. */
1886 *ret_first_boot
= access("/etc/machine-id", F_OK
) < 0;
1887 if (*ret_first_boot
)
1888 log_info("Running with unpopulated /etc.");
1891 _cleanup_free_
char *t
;
1893 t
= uid_to_name(getuid());
1894 log_debug(PACKAGE_STRING
" running in %suser mode for user " UID_FMT
"/%s. (" SYSTEMD_FEATURES
")",
1895 arg_action
== ACTION_TEST
? " test" : "", getuid(), strna(t
));
1897 *ret_first_boot
= false;
1901 static int initialize_runtime(
1903 struct rlimit
*saved_rlimit_nofile
,
1904 struct rlimit
*saved_rlimit_memlock
,
1905 const char **ret_error_message
) {
1909 assert(ret_error_message
);
1911 /* Sets up various runtime parameters. Many of these initializations are conditionalized:
1913 * - Some only apply to --system instances
1914 * - Some only apply to --user instances
1915 * - Some only apply when we first start up, but not when we reexecute
1918 if (arg_system
&& !skip_setup
) {
1919 if (arg_show_status
> 0)
1923 machine_id_setup(NULL
, arg_machine_id
, NULL
);
1925 bump_unix_max_dgram_qlen();
1927 write_container_id();
1930 if (arg_system
&& arg_watchdog_device
) {
1931 r
= watchdog_set_device(arg_watchdog_device
);
1933 log_warning_errno(r
, "Failed to set watchdog device to %s, ignoring: %m",
1934 arg_watchdog_device
);
1937 if (arg_system
&& arg_runtime_watchdog
> 0 && arg_runtime_watchdog
!= USEC_INFINITY
)
1938 watchdog_set_timeout(&arg_runtime_watchdog
);
1940 if (arg_timer_slack_nsec
!= NSEC_INFINITY
)
1941 if (prctl(PR_SET_TIMERSLACK
, arg_timer_slack_nsec
) < 0)
1942 log_error_errno(errno
, "Failed to adjust timer slack: %m");
1944 if (arg_system
&& !cap_test_all(arg_capability_bounding_set
)) {
1945 r
= capability_bounding_set_drop_usermode(arg_capability_bounding_set
);
1947 *ret_error_message
= "Failed to drop capability bounding set of usermode helpers";
1948 return log_emergency_errno(r
, "Failed to drop capability bounding set of usermode helpers: %m");
1951 r
= capability_bounding_set_drop(arg_capability_bounding_set
, true);
1953 *ret_error_message
= "Failed to drop capability bounding set";
1954 return log_emergency_errno(r
, "Failed to drop capability bounding set: %m");
1958 if (arg_syscall_archs
) {
1959 r
= enforce_syscall_archs(arg_syscall_archs
);
1961 *ret_error_message
= "Failed to set syscall architectures";
1967 /* Become reaper of our children */
1968 if (prctl(PR_SET_CHILD_SUBREAPER
, 1) < 0)
1969 log_warning_errno(errno
, "Failed to make us a subreaper: %m");
1972 /* Bump up RLIMIT_NOFILE for systemd itself */
1973 (void) bump_rlimit_nofile(saved_rlimit_nofile
);
1974 (void) bump_rlimit_memlock(saved_rlimit_memlock
);
1980 static int do_queue_default_job(
1982 const char **ret_error_message
) {
1984 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
1985 Job
*default_unit_job
;
1986 Unit
*target
= NULL
;
1989 log_debug("Activating default unit: %s", arg_default_unit
);
1991 r
= manager_load_unit(m
, arg_default_unit
, NULL
, &error
, &target
);
1993 log_error("Failed to load default target: %s", bus_error_message(&error
, r
));
1994 else if (IN_SET(target
->load_state
, UNIT_ERROR
, UNIT_NOT_FOUND
))
1995 log_error_errno(target
->load_error
, "Failed to load default target: %m");
1996 else if (target
->load_state
== UNIT_MASKED
)
1997 log_error("Default target masked.");
1999 if (!target
|| target
->load_state
!= UNIT_LOADED
) {
2000 log_info("Trying to load rescue target...");
2002 r
= manager_load_unit(m
, SPECIAL_RESCUE_TARGET
, NULL
, &error
, &target
);
2004 *ret_error_message
= "Failed to load rescue target";
2005 return log_emergency_errno(r
, "Failed to load rescue target: %s", bus_error_message(&error
, r
));
2006 } else if (IN_SET(target
->load_state
, UNIT_ERROR
, UNIT_NOT_FOUND
)) {
2007 *ret_error_message
= "Failed to load rescue target";
2008 return log_emergency_errno(target
->load_error
, "Failed to load rescue target: %m");
2009 } else if (target
->load_state
== UNIT_MASKED
) {
2010 *ret_error_message
= "Rescue target masked";
2011 log_emergency("Rescue target masked.");
2016 assert(target
->load_state
== UNIT_LOADED
);
2018 r
= manager_add_job(m
, JOB_START
, target
, JOB_ISOLATE
, &error
, &default_unit_job
);
2020 log_debug_errno(r
, "Default target could not be isolated, starting instead: %s", bus_error_message(&error
, r
));
2022 sd_bus_error_free(&error
);
2024 r
= manager_add_job(m
, JOB_START
, target
, JOB_REPLACE
, &error
, &default_unit_job
);
2026 *ret_error_message
= "Failed to start default target";
2027 return log_emergency_errno(r
, "Failed to start default target: %s", bus_error_message(&error
, r
));
2031 *ret_error_message
= "Failed to isolate default target";
2032 return log_emergency_errno(r
, "Failed to isolate default target: %s", bus_error_message(&error
, r
));
2035 m
->default_unit_job_id
= default_unit_job
->id
;
2040 static void free_arguments(void) {
2043 /* Frees all arg_* variables, with the exception of arg_serialization */
2045 for (j
= 0; j
< ELEMENTSOF(arg_default_rlimit
); j
++)
2046 arg_default_rlimit
[j
] = mfree(arg_default_rlimit
[j
]);
2048 arg_default_unit
= mfree(arg_default_unit
);
2049 arg_confirm_spawn
= mfree(arg_confirm_spawn
);
2050 arg_join_controllers
= strv_free_free(arg_join_controllers
);
2051 arg_default_environment
= strv_free(arg_default_environment
);
2052 arg_syscall_archs
= set_free(arg_syscall_archs
);
2055 int main(int argc
, char *argv
[]) {
2057 int r
, retval
= EXIT_FAILURE
;
2058 usec_t before_startup
, after_startup
;
2059 char timespan
[FORMAT_TIMESPAN_MAX
];
2061 bool reexecute
= false;
2062 const char *shutdown_verb
= NULL
;
2063 dual_timestamp initrd_timestamp
= DUAL_TIMESTAMP_NULL
;
2064 dual_timestamp userspace_timestamp
= DUAL_TIMESTAMP_NULL
;
2065 dual_timestamp kernel_timestamp
= DUAL_TIMESTAMP_NULL
;
2066 dual_timestamp security_start_timestamp
= DUAL_TIMESTAMP_NULL
;
2067 dual_timestamp security_finish_timestamp
= DUAL_TIMESTAMP_NULL
;
2068 static char systemd
[] = "systemd";
2069 bool skip_setup
= false;
2070 bool loaded_policy
= false;
2071 bool queue_default_job
= false;
2072 bool first_boot
= false;
2073 char *switch_root_dir
= NULL
, *switch_root_init
= NULL
;
2074 struct rlimit saved_rlimit_nofile
= RLIMIT_MAKE_CONST(0), saved_rlimit_memlock
= RLIMIT_MAKE_CONST((rlim_t
) -1);
2075 const char *error_message
= NULL
;
2077 redirect_telinit(argc
, argv
);
2079 dual_timestamp_from_monotonic(&kernel_timestamp
, 0);
2080 dual_timestamp_get(&userspace_timestamp
);
2082 /* Determine if this is a reexecution or normal bootup. We do
2083 * the full command line parsing much later, so let's just
2084 * have a quick peek here. */
2085 if (strv_find(argv
+1, "--deserialize"))
2088 /* If we have switched root, do all the special setup
2090 if (strv_find(argv
+1, "--switched-root"))
2093 /* If we get started via the /sbin/init symlink then we are
2094 called 'init'. After a subsequent reexecution we are then
2095 called 'systemd'. That is confusing, hence let's call us
2096 systemd right-away. */
2097 program_invocation_short_name
= systemd
;
2098 (void) prctl(PR_SET_NAME
, systemd
);
2103 log_set_upgrade_syslog_to_journal(true);
2105 if (getpid_cached() == 1) {
2106 /* Disable the umask logic */
2109 /* Always reopen /dev/console when running as PID 1 or one of its pre-execve() children. This is
2110 * important so that we never end up logging to any foreign stderr, for example if we have to log in a
2111 * child process right before execve()'ing the actual binary, at a point in time where socket
2112 * activation stderr/stdout area already set up. */
2113 log_set_always_reopen_console(true);
2116 if (getpid_cached() == 1 && detect_container() <= 0) {
2118 /* Running outside of a container as PID 1 */
2120 log_set_target(LOG_TARGET_KMSG
);
2124 initrd_timestamp
= userspace_timestamp
;
2127 r
= mount_setup_early();
2129 error_message
= "Failed to mount early API filesystems";
2133 dual_timestamp_get(&security_start_timestamp
);
2134 if (mac_selinux_setup(&loaded_policy
) < 0) {
2135 error_message
= "Failed to load SELinux policy";
2137 } else if (mac_smack_setup(&loaded_policy
) < 0) {
2138 error_message
= "Failed to load SMACK policy";
2140 } else if (ima_setup() < 0) {
2141 error_message
= "Failed to load IMA policy";
2144 dual_timestamp_get(&security_finish_timestamp
);
2147 if (mac_selinux_init() < 0) {
2148 error_message
= "Failed to initialize SELinux policy";
2155 /* Set the default for later on, but don't actually
2156 * open the logs like this for now. Note that if we
2157 * are transitioning from the initrd there might still
2158 * be journal fd open, and we shouldn't attempt
2159 * opening that before we parsed /proc/cmdline which
2160 * might redirect output elsewhere. */
2161 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG
);
2163 } else if (getpid_cached() == 1) {
2164 /* Running inside a container, as PID 1 */
2166 log_set_target(LOG_TARGET_CONSOLE
);
2167 log_close_console(); /* force reopen of /dev/console */
2170 /* For later on, see above... */
2171 log_set_target(LOG_TARGET_JOURNAL
);
2173 /* clear the kernel timestamp,
2174 * because we are in a container */
2175 kernel_timestamp
= DUAL_TIMESTAMP_NULL
;
2177 /* Running as user instance */
2179 log_set_target(LOG_TARGET_AUTO
);
2182 /* clear the kernel timestamp,
2183 * because we are not PID 1 */
2184 kernel_timestamp
= DUAL_TIMESTAMP_NULL
;
2187 initialize_coredump(skip_setup
);
2190 if (fixup_environment() < 0) {
2191 error_message
= "Failed to fix up PID1 environment";
2195 /* Try to figure out if we can use colors with the console. No
2196 * need to do that for user instances since they never log
2197 * into the console. */
2198 log_show_color(colors_enabled());
2199 r
= make_null_stdio();
2201 log_warning_errno(r
, "Failed to redirect standard streams to /dev/null: %m");
2204 r
= initialize_join_controllers();
2206 error_message
= "Failed to initialize cgroup controllers";
2210 /* Mount /proc, /sys and friends, so that /proc/cmdline and
2211 * /proc/$PID/fd is available. */
2212 if (getpid_cached() == 1) {
2214 /* Load the kernel modules early. */
2218 r
= mount_setup(loaded_policy
);
2220 error_message
= "Failed to mount API filesystems";
2225 /* Reset all signal handlers. */
2226 (void) reset_all_signal_handlers();
2227 (void) ignore_signals(SIGNALS_IGNORE
, -1);
2229 arg_default_tasks_max
= system_tasks_max_scale(DEFAULT_TASKS_MAX_PERCENTAGE
, 100U);
2231 if (parse_config_file() < 0) {
2232 error_message
= "Failed to parse config file";
2237 r
= proc_cmdline_parse(parse_proc_cmdline_item
, NULL
, 0);
2239 log_warning_errno(r
, "Failed to parse kernel command line, ignoring: %m");
2242 /* Note that this also parses bits from the kernel command
2243 * line, including "debug". */
2244 log_parse_environment();
2246 if (parse_argv(argc
, argv
) < 0) {
2247 error_message
= "Failed to parse commandline arguments";
2251 /* Initialize default unit */
2252 if (!arg_default_unit
) {
2253 arg_default_unit
= strdup(SPECIAL_DEFAULT_TARGET
);
2254 if (!arg_default_unit
) {
2256 error_message
= "Failed to set default unit";
2261 if (arg_action
== ACTION_TEST
&&
2263 log_error("Don't run test mode as root.");
2268 arg_action
== ACTION_RUN
&&
2270 log_error("Trying to run as user instance, but the system has not been booted with systemd.");
2275 arg_action
== ACTION_RUN
&&
2276 running_in_chroot() > 0) {
2277 log_error("Cannot be run in a chroot() environment.");
2281 if (IN_SET(arg_action
, ACTION_TEST
, ACTION_HELP
)) {
2282 pager_open(arg_no_pager
, false);
2286 if (arg_action
== ACTION_HELP
) {
2289 } else if (arg_action
== ACTION_VERSION
) {
2292 } else if (arg_action
== ACTION_DUMP_CONFIGURATION_ITEMS
) {
2293 pager_open(arg_no_pager
, false);
2294 unit_dump_config_items(stdout
);
2295 retval
= EXIT_SUCCESS
;
2300 !getenv("XDG_RUNTIME_DIR")) {
2301 log_error("Trying to run as user instance, but $XDG_RUNTIME_DIR is not set.");
2305 assert_se(IN_SET(arg_action
, ACTION_RUN
, ACTION_TEST
));
2307 /* Close logging fds, in order not to confuse fdset below */
2310 /* Remember open file descriptors for later deserialization */
2311 if (arg_action
== ACTION_RUN
) {
2312 r
= fdset_new_fill(&fds
);
2314 log_emergency_errno(r
, "Failed to allocate fd set: %m");
2315 error_message
= "Failed to allocate fd set";
2318 fdset_cloexec(fds
, true);
2320 if (arg_serialization
)
2321 assert_se(fdset_remove(fds
, fileno(arg_serialization
)) >= 0);
2324 /* Become a session leader if we aren't one yet. */
2328 /* Move out of the way, so that we won't block unmounts */
2329 assert_se(chdir("/") == 0);
2331 /* Reset the console, but only if this is really init and we
2332 * are freshly booted */
2333 if (arg_system
&& arg_action
== ACTION_RUN
) {
2335 /* If we are init, we connect stdin/stdout/stderr to
2336 * /dev/null and make sure we don't have a controlling
2340 if (getpid_cached() == 1 && !skip_setup
)
2344 /* Open the logging devices, if possible and necessary */
2347 if (arg_show_status
== _SHOW_STATUS_UNSET
)
2348 arg_show_status
= SHOW_STATUS_YES
;
2350 /* Make sure we leave a core dump without panicing the
2352 if (getpid_cached() == 1) {
2353 install_crash_handler();
2355 r
= mount_cgroup_controllers(arg_join_controllers
);
2360 log_execution_mode(&first_boot
);
2362 if (arg_action
== ACTION_RUN
) {
2363 r
= initialize_runtime(skip_setup
,
2364 &saved_rlimit_nofile
,
2365 &saved_rlimit_memlock
,
2371 r
= manager_new(arg_system
? UNIT_FILE_SYSTEM
: UNIT_FILE_USER
,
2372 arg_action
== ACTION_TEST
? MANAGER_TEST_FULL
: 0,
2375 log_emergency_errno(r
, "Failed to allocate manager object: %m");
2376 error_message
= "Failed to allocate manager object";
2380 m
->timestamps
[MANAGER_TIMESTAMP_KERNEL
] = kernel_timestamp
;
2381 m
->timestamps
[MANAGER_TIMESTAMP_INITRD
] = initrd_timestamp
;
2382 m
->timestamps
[MANAGER_TIMESTAMP_USERSPACE
] = userspace_timestamp
;
2383 m
->timestamps
[MANAGER_TIMESTAMP_SECURITY_START
] = security_start_timestamp
;
2384 m
->timestamps
[MANAGER_TIMESTAMP_SECURITY_FINISH
] = security_finish_timestamp
;
2386 set_manager_defaults(m
);
2387 set_manager_settings(m
);
2388 manager_set_first_boot(m
, first_boot
);
2390 /* Remember whether we should queue the default job */
2391 queue_default_job
= !arg_serialization
|| arg_switched_root
;
2393 before_startup
= now(CLOCK_MONOTONIC
);
2395 r
= manager_startup(m
, arg_serialization
, fds
);
2397 log_error_errno(r
, "Failed to fully start up daemon: %m");
2398 error_message
= "Failed to start up manager";
2402 /* This will close all file descriptors that were opened, but not claimed by any unit. */
2403 fds
= fdset_free(fds
);
2404 arg_serialization
= safe_fclose(arg_serialization
);
2406 if (queue_default_job
) {
2407 r
= do_queue_default_job(m
, &error_message
);
2412 after_startup
= now(CLOCK_MONOTONIC
);
2414 log_full(arg_action
== ACTION_TEST
? LOG_INFO
: LOG_DEBUG
,
2415 "Loaded units and determined initial transaction in %s.",
2416 format_timespan(timespan
, sizeof(timespan
), after_startup
- before_startup
, 100 * USEC_PER_MSEC
));
2419 _cleanup_free_
char *taint
;
2421 taint
= manager_taint_string(m
);
2422 if (!isempty(taint
))
2423 log_notice("System is tainted: %s", taint
);
2426 if (arg_action
== ACTION_TEST
) {
2427 printf("-> By units:\n");
2428 manager_dump_units(m
, stdout
, "\t");
2430 printf("-> By jobs:\n");
2431 manager_dump_jobs(m
, stdout
, "\t");
2432 retval
= EXIT_SUCCESS
;
2436 r
= invoke_main_loop(m
,
2449 arg_shutdown_watchdog
= m
->shutdown_watchdog
;
2451 m
= manager_free(m
);
2454 mac_selinux_finish();
2457 do_reexecute(argc
, argv
,
2458 &saved_rlimit_nofile
,
2459 &saved_rlimit_memlock
,
2463 &error_message
); /* This only returns if reexecution failed */
2465 arg_serialization
= safe_fclose(arg_serialization
);
2466 fds
= fdset_free(fds
);
2468 #if HAVE_VALGRIND_VALGRIND_H
2469 /* If we are PID 1 and running under valgrind, then let's exit
2470 * here explicitly. valgrind will only generate nice output on
2471 * exit(), not on exec(), hence let's do the former not the
2473 if (getpid_cached() == 1 && RUNNING_ON_VALGRIND
) {
2474 /* Cleanup watchdog_device strings for valgrind. We need them
2475 * in become_shutdown() so normally we cannot free them yet. */
2476 watchdog_free_device();
2477 arg_watchdog_device
= mfree(arg_watchdog_device
);
2482 if (shutdown_verb
) {
2483 r
= become_shutdown(shutdown_verb
, retval
);
2485 log_error_errno(r
, "Failed to execute shutdown binary, %s: %m", getpid_cached() == 1 ? "freezing" : "quitting");
2486 error_message
= "Failed to execute shutdown binary";
2489 watchdog_free_device();
2490 arg_watchdog_device
= mfree(arg_watchdog_device
);
2492 if (getpid_cached() == 1) {
2494 manager_status_printf(NULL
, STATUS_TYPE_EMERGENCY
,
2495 ANSI_HIGHLIGHT_RED
"!!!!!!" ANSI_NORMAL
,
2496 "%s, freezing.", error_message
);