]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/main.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #1758 from poettering/varietygalore
[thirdparty/systemd.git] / src / core / main.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <errno.h>
23 #include <fcntl.h>
24 #include <getopt.h>
25 #include <signal.h>
26 #include <stdio.h>
27 #include <string.h>
28 #include <sys/mount.h>
29 #include <sys/prctl.h>
30 #include <sys/reboot.h>
31 #include <sys/stat.h>
32 #include <unistd.h>
33 #ifdef HAVE_SECCOMP
34 #include <seccomp.h>
35 #endif
36 #ifdef HAVE_VALGRIND_VALGRIND_H
37 #include <valgrind/valgrind.h>
38 #endif
39
40 #include "sd-daemon.h"
41 #include "sd-bus.h"
42
43 #include "alloc-util.h"
44 #include "architecture.h"
45 #include "build.h"
46 #include "bus-error.h"
47 #include "bus-util.h"
48 #include "capability-util.h"
49 #include "clock-util.h"
50 #include "conf-parser.h"
51 #include "cpu-set-util.h"
52 #include "dbus-manager.h"
53 #include "def.h"
54 #include "env-util.h"
55 #include "fd-util.h"
56 #include "fdset.h"
57 #include "fileio.h"
58 #include "formats-util.h"
59 #include "fs-util.h"
60 #include "hostname-setup.h"
61 #include "ima-setup.h"
62 #include "killall.h"
63 #include "kmod-setup.h"
64 #include "load-fragment.h"
65 #include "log.h"
66 #include "loopback-setup.h"
67 #include "machine-id-setup.h"
68 #include "manager.h"
69 #include "missing.h"
70 #include "mount-setup.h"
71 #include "pager.h"
72 #include "parse-util.h"
73 #include "proc-cmdline.h"
74 #include "process-util.h"
75 #include "rlimit-util.h"
76 #include "selinux-setup.h"
77 #include "selinux-util.h"
78 #include "signal-util.h"
79 #include "smack-setup.h"
80 #include "special.h"
81 #include "stat-util.h"
82 #include "stdio-util.h"
83 #include "strv.h"
84 #include "switch-root.h"
85 #include "terminal-util.h"
86 #include "user-util.h"
87 #include "virt.h"
88 #include "watchdog.h"
89
90 static enum {
91 ACTION_RUN,
92 ACTION_HELP,
93 ACTION_VERSION,
94 ACTION_TEST,
95 ACTION_DUMP_CONFIGURATION_ITEMS,
96 ACTION_DONE
97 } arg_action = ACTION_RUN;
98 static char *arg_default_unit = NULL;
99 static ManagerRunningAs arg_running_as = _MANAGER_RUNNING_AS_INVALID;
100 static bool arg_dump_core = true;
101 static int arg_crash_chvt = -1;
102 static bool arg_crash_shell = false;
103 static bool arg_crash_reboot = false;
104 static bool arg_confirm_spawn = false;
105 static ShowStatus arg_show_status = _SHOW_STATUS_UNSET;
106 static bool arg_switched_root = false;
107 static int arg_no_pager = -1;
108 static char ***arg_join_controllers = NULL;
109 static ExecOutput arg_default_std_output = EXEC_OUTPUT_JOURNAL;
110 static ExecOutput arg_default_std_error = EXEC_OUTPUT_INHERIT;
111 static usec_t arg_default_restart_usec = DEFAULT_RESTART_USEC;
112 static usec_t arg_default_timeout_start_usec = DEFAULT_TIMEOUT_USEC;
113 static usec_t arg_default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC;
114 static usec_t arg_default_start_limit_interval = DEFAULT_START_LIMIT_INTERVAL;
115 static unsigned arg_default_start_limit_burst = DEFAULT_START_LIMIT_BURST;
116 static usec_t arg_runtime_watchdog = 0;
117 static usec_t arg_shutdown_watchdog = 10 * USEC_PER_MINUTE;
118 static char **arg_default_environment = NULL;
119 static struct rlimit *arg_default_rlimit[_RLIMIT_MAX] = {};
120 static uint64_t arg_capability_bounding_set_drop = 0;
121 static nsec_t arg_timer_slack_nsec = NSEC_INFINITY;
122 static usec_t arg_default_timer_accuracy_usec = 1 * USEC_PER_MINUTE;
123 static Set* arg_syscall_archs = NULL;
124 static FILE* arg_serialization = NULL;
125 static bool arg_default_cpu_accounting = false;
126 static bool arg_default_blockio_accounting = false;
127 static bool arg_default_memory_accounting = false;
128 static bool arg_default_tasks_accounting = false;
129
130 static void pager_open_if_enabled(void) {
131
132 if (arg_no_pager <= 0)
133 return;
134
135 pager_open(false);
136 }
137
138 noreturn static void freeze_or_reboot(void) {
139
140 if (arg_crash_reboot) {
141 log_notice("Rebooting in 10s...");
142 (void) sleep(10);
143
144 log_notice("Rebooting now...");
145 (void) reboot(RB_AUTOBOOT);
146 log_emergency_errno(errno, "Failed to reboot: %m");
147 }
148
149 log_emergency("Freezing execution.");
150 freeze();
151 }
152
153 noreturn static void crash(int sig) {
154 struct sigaction sa;
155 pid_t pid;
156
157 if (getpid() != 1)
158 /* Pass this on immediately, if this is not PID 1 */
159 (void) raise(sig);
160 else if (!arg_dump_core)
161 log_emergency("Caught <%s>, not dumping core.", signal_to_string(sig));
162 else {
163 sa = (struct sigaction) {
164 .sa_handler = nop_signal_handler,
165 .sa_flags = SA_NOCLDSTOP|SA_RESTART,
166 };
167
168 /* We want to wait for the core process, hence let's enable SIGCHLD */
169 (void) sigaction(SIGCHLD, &sa, NULL);
170
171 pid = raw_clone(SIGCHLD, NULL);
172 if (pid < 0)
173 log_emergency_errno(errno, "Caught <%s>, cannot fork for core dump: %m", signal_to_string(sig));
174 else if (pid == 0) {
175 struct rlimit rl = {
176 .rlim_cur = RLIM_INFINITY,
177 .rlim_max = RLIM_INFINITY,
178 };
179
180 /* Enable default signal handler for core dump */
181 sa = (struct sigaction) {
182 .sa_handler = SIG_DFL,
183 };
184 (void) sigaction(sig, &sa, NULL);
185
186 /* Don't limit the core dump size */
187 (void) setrlimit(RLIMIT_CORE, &rl);
188
189 /* Just to be sure... */
190 (void) chdir("/");
191
192 /* Raise the signal again */
193 pid = raw_getpid();
194 (void) kill(pid, sig); /* raise() would kill the parent */
195
196 assert_not_reached("We shouldn't be here...");
197 _exit(EXIT_FAILURE);
198 } else {
199 siginfo_t status;
200 int r;
201
202 /* Order things nicely. */
203 r = wait_for_terminate(pid, &status);
204 if (r < 0)
205 log_emergency_errno(r, "Caught <%s>, waitpid() failed: %m", signal_to_string(sig));
206 else if (status.si_code != CLD_DUMPED)
207 log_emergency("Caught <%s>, core dump failed (child "PID_FMT", code=%s, status=%i/%s).",
208 signal_to_string(sig),
209 pid, sigchld_code_to_string(status.si_code),
210 status.si_status,
211 strna(status.si_code == CLD_EXITED
212 ? exit_status_to_string(status.si_status, EXIT_STATUS_FULL)
213 : signal_to_string(status.si_status)));
214 else
215 log_emergency("Caught <%s>, dumped core as pid "PID_FMT".", signal_to_string(sig), pid);
216 }
217 }
218
219 if (arg_crash_chvt >= 0)
220 (void) chvt(arg_crash_chvt);
221
222 sa = (struct sigaction) {
223 .sa_handler = SIG_IGN,
224 .sa_flags = SA_NOCLDSTOP|SA_NOCLDWAIT|SA_RESTART,
225 };
226
227 /* Let the kernel reap children for us */
228 (void) sigaction(SIGCHLD, &sa, NULL);
229
230 if (arg_crash_shell) {
231 log_notice("Executing crash shell in 10s...");
232 (void) sleep(10);
233
234 pid = raw_clone(SIGCHLD, NULL);
235 if (pid < 0)
236 log_emergency_errno(errno, "Failed to fork off crash shell: %m");
237 else if (pid == 0) {
238 (void) setsid();
239 (void) make_console_stdio();
240 (void) execle("/bin/sh", "/bin/sh", NULL, environ);
241
242 log_emergency_errno(errno, "execle() failed: %m");
243 _exit(EXIT_FAILURE);
244 } else {
245 log_info("Spawned crash shell as PID "PID_FMT".", pid);
246 (void) wait_for_terminate(pid, NULL);
247 }
248 }
249
250 freeze_or_reboot();
251 }
252
253 static void install_crash_handler(void) {
254 static const struct sigaction sa = {
255 .sa_handler = crash,
256 .sa_flags = SA_NODEFER, /* So that we can raise the signal again from the signal handler */
257 };
258 int r;
259
260 /* We ignore the return value here, since, we don't mind if we
261 * cannot set up a crash handler */
262 r = sigaction_many(&sa, SIGNALS_CRASH_HANDLER, -1);
263 if (r < 0)
264 log_debug_errno(r, "I had trouble setting up the crash handler, ignoring: %m");
265 }
266
267 static int console_setup(void) {
268 _cleanup_close_ int tty_fd = -1;
269 int r;
270
271 tty_fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
272 if (tty_fd < 0)
273 return log_error_errno(tty_fd, "Failed to open /dev/console: %m");
274
275 /* We don't want to force text mode. plymouth may be showing
276 * pictures already from initrd. */
277 r = reset_terminal_fd(tty_fd, false);
278 if (r < 0)
279 return log_error_errno(r, "Failed to reset /dev/console: %m");
280
281 return 0;
282 }
283
284 static int parse_crash_chvt(const char *value) {
285 int b;
286
287 if (safe_atoi(value, &arg_crash_chvt) >= 0)
288 return 0;
289
290 b = parse_boolean(value);
291 if (b < 0)
292 return b;
293
294 if (b > 0)
295 arg_crash_chvt = 0; /* switch to where kmsg goes */
296 else
297 arg_crash_chvt = -1; /* turn off switching */
298
299 return 0;
300 }
301
302 static int parse_proc_cmdline_item(const char *key, const char *value) {
303
304 static const char * const rlmap[] = {
305 "emergency", SPECIAL_EMERGENCY_TARGET,
306 "-b", SPECIAL_EMERGENCY_TARGET,
307 "rescue", SPECIAL_RESCUE_TARGET,
308 "single", SPECIAL_RESCUE_TARGET,
309 "-s", SPECIAL_RESCUE_TARGET,
310 "s", SPECIAL_RESCUE_TARGET,
311 "S", SPECIAL_RESCUE_TARGET,
312 "1", SPECIAL_RESCUE_TARGET,
313 "2", SPECIAL_MULTI_USER_TARGET,
314 "3", SPECIAL_MULTI_USER_TARGET,
315 "4", SPECIAL_MULTI_USER_TARGET,
316 "5", SPECIAL_GRAPHICAL_TARGET,
317 };
318 int r;
319
320 assert(key);
321
322 if (streq(key, "systemd.unit") && value) {
323
324 if (!in_initrd())
325 return free_and_strdup(&arg_default_unit, value);
326
327 } else if (streq(key, "rd.systemd.unit") && value) {
328
329 if (in_initrd())
330 return free_and_strdup(&arg_default_unit, value);
331
332 } else if (streq(key, "systemd.dump_core") && value) {
333
334 r = parse_boolean(value);
335 if (r < 0)
336 log_warning("Failed to parse dump core switch %s. Ignoring.", value);
337 else
338 arg_dump_core = r;
339
340 } else if (streq(key, "systemd.crash_chvt") && value) {
341
342 if (parse_crash_chvt(value) < 0)
343 log_warning("Failed to parse crash chvt switch %s. Ignoring.", value);
344
345 } else if (streq(key, "systemd.crash_shell") && value) {
346
347 r = parse_boolean(value);
348 if (r < 0)
349 log_warning("Failed to parse crash shell switch %s. Ignoring.", value);
350 else
351 arg_crash_shell = r;
352
353 } else if (streq(key, "systemd.crash_reboot") && value) {
354
355 r = parse_boolean(value);
356 if (r < 0)
357 log_warning("Failed to parse crash reboot switch %s. Ignoring.", value);
358 else
359 arg_crash_reboot = r;
360
361 } else if (streq(key, "systemd.confirm_spawn") && value) {
362
363 r = parse_boolean(value);
364 if (r < 0)
365 log_warning("Failed to parse confirm spawn switch %s. Ignoring.", value);
366 else
367 arg_confirm_spawn = r;
368
369 } else if (streq(key, "systemd.show_status") && value) {
370
371 r = parse_show_status(value, &arg_show_status);
372 if (r < 0)
373 log_warning("Failed to parse show status switch %s. Ignoring.", value);
374
375 } else if (streq(key, "systemd.default_standard_output") && value) {
376
377 r = exec_output_from_string(value);
378 if (r < 0)
379 log_warning("Failed to parse default standard output switch %s. Ignoring.", value);
380 else
381 arg_default_std_output = r;
382
383 } else if (streq(key, "systemd.default_standard_error") && value) {
384
385 r = exec_output_from_string(value);
386 if (r < 0)
387 log_warning("Failed to parse default standard error switch %s. Ignoring.", value);
388 else
389 arg_default_std_error = r;
390
391 } else if (streq(key, "systemd.setenv") && value) {
392
393 if (env_assignment_is_valid(value)) {
394 char **env;
395
396 env = strv_env_set(arg_default_environment, value);
397 if (env)
398 arg_default_environment = env;
399 else
400 log_warning_errno(ENOMEM, "Setting environment variable '%s' failed, ignoring: %m", value);
401 } else
402 log_warning("Environment variable name '%s' is not valid. Ignoring.", value);
403
404 } else if (streq(key, "quiet") && !value) {
405
406 if (arg_show_status == _SHOW_STATUS_UNSET)
407 arg_show_status = SHOW_STATUS_AUTO;
408
409 } else if (streq(key, "debug") && !value) {
410
411 /* Note that log_parse_environment() handles 'debug'
412 * too, and sets the log level to LOG_DEBUG. */
413
414 if (detect_container() > 0)
415 log_set_target(LOG_TARGET_CONSOLE);
416
417 } else if (!in_initrd() && !value) {
418 unsigned i;
419
420 /* SysV compatibility */
421 for (i = 0; i < ELEMENTSOF(rlmap); i += 2)
422 if (streq(key, rlmap[i]))
423 return free_and_strdup(&arg_default_unit, rlmap[i+1]);
424 }
425
426 return 0;
427 }
428
429 #define DEFINE_SETTER(name, func, descr) \
430 static int name(const char *unit, \
431 const char *filename, \
432 unsigned line, \
433 const char *section, \
434 unsigned section_line, \
435 const char *lvalue, \
436 int ltype, \
437 const char *rvalue, \
438 void *data, \
439 void *userdata) { \
440 \
441 int r; \
442 \
443 assert(filename); \
444 assert(lvalue); \
445 assert(rvalue); \
446 \
447 r = func(rvalue); \
448 if (r < 0) \
449 log_syntax(unit, LOG_ERR, filename, line, r, \
450 "Invalid " descr "'%s': %m", \
451 rvalue); \
452 \
453 return 0; \
454 }
455
456 DEFINE_SETTER(config_parse_level2, log_set_max_level_from_string, "log level")
457 DEFINE_SETTER(config_parse_target, log_set_target_from_string, "target")
458 DEFINE_SETTER(config_parse_color, log_show_color_from_string, "color" )
459 DEFINE_SETTER(config_parse_location, log_show_location_from_string, "location")
460
461 static int config_parse_cpu_affinity2(
462 const char *unit,
463 const char *filename,
464 unsigned line,
465 const char *section,
466 unsigned section_line,
467 const char *lvalue,
468 int ltype,
469 const char *rvalue,
470 void *data,
471 void *userdata) {
472
473 _cleanup_cpu_free_ cpu_set_t *c = NULL;
474 int ncpus;
475
476 ncpus = parse_cpu_set_and_warn(rvalue, &c, unit, filename, line, lvalue);
477 if (ncpus < 0)
478 return ncpus;
479
480 if (sched_setaffinity(0, CPU_ALLOC_SIZE(ncpus), c) < 0)
481 log_warning("Failed to set CPU affinity: %m");
482
483 return 0;
484 }
485
486 static int config_parse_show_status(
487 const char* unit,
488 const char *filename,
489 unsigned line,
490 const char *section,
491 unsigned section_line,
492 const char *lvalue,
493 int ltype,
494 const char *rvalue,
495 void *data,
496 void *userdata) {
497
498 int k;
499 ShowStatus *b = data;
500
501 assert(filename);
502 assert(lvalue);
503 assert(rvalue);
504 assert(data);
505
506 k = parse_show_status(rvalue, b);
507 if (k < 0) {
508 log_syntax(unit, LOG_ERR, filename, line, k, "Failed to parse show status setting, ignoring: %s", rvalue);
509 return 0;
510 }
511
512 return 0;
513 }
514
515 static int config_parse_crash_chvt(
516 const char* unit,
517 const char *filename,
518 unsigned line,
519 const char *section,
520 unsigned section_line,
521 const char *lvalue,
522 int ltype,
523 const char *rvalue,
524 void *data,
525 void *userdata) {
526
527 int r;
528
529 assert(filename);
530 assert(lvalue);
531 assert(rvalue);
532
533 r = parse_crash_chvt(rvalue);
534 if (r < 0) {
535 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CrashChangeVT= setting, ignoring: %s", rvalue);
536 return 0;
537 }
538
539 return 0;
540 }
541
542 static int config_parse_join_controllers(const char *unit,
543 const char *filename,
544 unsigned line,
545 const char *section,
546 unsigned section_line,
547 const char *lvalue,
548 int ltype,
549 const char *rvalue,
550 void *data,
551 void *userdata) {
552
553 const char *whole_rvalue = rvalue;
554 unsigned n = 0;
555
556 assert(filename);
557 assert(lvalue);
558 assert(rvalue);
559
560 arg_join_controllers = strv_free_free(arg_join_controllers);
561
562 for (;;) {
563 _cleanup_free_ char *word = NULL;
564 char **l;
565 int r;
566
567 r = extract_first_word(&rvalue, &word, WHITESPACE, EXTRACT_QUOTES);
568 if (r < 0) {
569 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid value for %s: %s", lvalue, whole_rvalue);
570 return r;
571 }
572 if (r == 0)
573 break;
574
575 l = strv_split(word, ",");
576 if (!l)
577 return log_oom();
578 strv_uniq(l);
579
580 if (strv_length(l) <= 1) {
581 strv_free(l);
582 continue;
583 }
584
585 if (!arg_join_controllers) {
586 arg_join_controllers = new(char**, 2);
587 if (!arg_join_controllers) {
588 strv_free(l);
589 return log_oom();
590 }
591
592 arg_join_controllers[0] = l;
593 arg_join_controllers[1] = NULL;
594
595 n = 1;
596 } else {
597 char ***a;
598 char ***t;
599
600 t = new0(char**, n+2);
601 if (!t) {
602 strv_free(l);
603 return log_oom();
604 }
605
606 n = 0;
607
608 for (a = arg_join_controllers; *a; a++) {
609
610 if (strv_overlap(*a, l)) {
611 if (strv_extend_strv(&l, *a, false) < 0) {
612 strv_free(l);
613 strv_free_free(t);
614 return log_oom();
615 }
616
617 } else {
618 char **c;
619
620 c = strv_copy(*a);
621 if (!c) {
622 strv_free(l);
623 strv_free_free(t);
624 return log_oom();
625 }
626
627 t[n++] = c;
628 }
629 }
630
631 t[n++] = strv_uniq(l);
632
633 strv_free_free(arg_join_controllers);
634 arg_join_controllers = t;
635 }
636 }
637 if (!isempty(rvalue))
638 log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
639
640 return 0;
641 }
642
643 static int parse_config_file(void) {
644
645 const ConfigTableItem items[] = {
646 { "Manager", "LogLevel", config_parse_level2, 0, NULL },
647 { "Manager", "LogTarget", config_parse_target, 0, NULL },
648 { "Manager", "LogColor", config_parse_color, 0, NULL },
649 { "Manager", "LogLocation", config_parse_location, 0, NULL },
650 { "Manager", "DumpCore", config_parse_bool, 0, &arg_dump_core },
651 { "Manager", "CrashChVT", /* legacy */ config_parse_crash_chvt, 0, NULL },
652 { "Manager", "CrashChangeVT", config_parse_crash_chvt, 0, NULL },
653 { "Manager", "CrashShell", config_parse_bool, 0, &arg_crash_shell },
654 { "Manager", "CrashReboot", config_parse_bool, 0, &arg_crash_reboot },
655 { "Manager", "ShowStatus", config_parse_show_status, 0, &arg_show_status },
656 { "Manager", "CPUAffinity", config_parse_cpu_affinity2, 0, NULL },
657 { "Manager", "JoinControllers", config_parse_join_controllers, 0, &arg_join_controllers },
658 { "Manager", "RuntimeWatchdogSec", config_parse_sec, 0, &arg_runtime_watchdog },
659 { "Manager", "ShutdownWatchdogSec", config_parse_sec, 0, &arg_shutdown_watchdog },
660 { "Manager", "CapabilityBoundingSet", config_parse_bounding_set, 0, &arg_capability_bounding_set_drop },
661 #ifdef HAVE_SECCOMP
662 { "Manager", "SystemCallArchitectures", config_parse_syscall_archs, 0, &arg_syscall_archs },
663 #endif
664 { "Manager", "TimerSlackNSec", config_parse_nsec, 0, &arg_timer_slack_nsec },
665 { "Manager", "DefaultTimerAccuracySec", config_parse_sec, 0, &arg_default_timer_accuracy_usec },
666 { "Manager", "DefaultStandardOutput", config_parse_output, 0, &arg_default_std_output },
667 { "Manager", "DefaultStandardError", config_parse_output, 0, &arg_default_std_error },
668 { "Manager", "DefaultTimeoutStartSec", config_parse_sec, 0, &arg_default_timeout_start_usec },
669 { "Manager", "DefaultTimeoutStopSec", config_parse_sec, 0, &arg_default_timeout_stop_usec },
670 { "Manager", "DefaultRestartSec", config_parse_sec, 0, &arg_default_restart_usec },
671 { "Manager", "DefaultStartLimitInterval", config_parse_sec, 0, &arg_default_start_limit_interval },
672 { "Manager", "DefaultStartLimitBurst", config_parse_unsigned, 0, &arg_default_start_limit_burst },
673 { "Manager", "DefaultEnvironment", config_parse_environ, 0, &arg_default_environment },
674 { "Manager", "DefaultLimitCPU", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CPU] },
675 { "Manager", "DefaultLimitFSIZE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_FSIZE] },
676 { "Manager", "DefaultLimitDATA", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_DATA] },
677 { "Manager", "DefaultLimitSTACK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_STACK] },
678 { "Manager", "DefaultLimitCORE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CORE] },
679 { "Manager", "DefaultLimitRSS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RSS] },
680 { "Manager", "DefaultLimitNOFILE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NOFILE] },
681 { "Manager", "DefaultLimitAS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_AS] },
682 { "Manager", "DefaultLimitNPROC", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NPROC] },
683 { "Manager", "DefaultLimitMEMLOCK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MEMLOCK] },
684 { "Manager", "DefaultLimitLOCKS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_LOCKS] },
685 { "Manager", "DefaultLimitSIGPENDING", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_SIGPENDING] },
686 { "Manager", "DefaultLimitMSGQUEUE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MSGQUEUE] },
687 { "Manager", "DefaultLimitNICE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NICE] },
688 { "Manager", "DefaultLimitRTPRIO", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTPRIO] },
689 { "Manager", "DefaultLimitRTTIME", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTTIME] },
690 { "Manager", "DefaultCPUAccounting", config_parse_bool, 0, &arg_default_cpu_accounting },
691 { "Manager", "DefaultBlockIOAccounting", config_parse_bool, 0, &arg_default_blockio_accounting },
692 { "Manager", "DefaultMemoryAccounting", config_parse_bool, 0, &arg_default_memory_accounting },
693 { "Manager", "DefaultTasksAccounting", config_parse_bool, 0, &arg_default_tasks_accounting },
694 {}
695 };
696
697 const char *fn, *conf_dirs_nulstr;
698
699 fn = arg_running_as == MANAGER_SYSTEM ? PKGSYSCONFDIR "/system.conf" : PKGSYSCONFDIR "/user.conf";
700 conf_dirs_nulstr = arg_running_as == MANAGER_SYSTEM ? CONF_DIRS_NULSTR("systemd/system.conf") : CONF_DIRS_NULSTR("systemd/user.conf");
701 config_parse_many(fn, conf_dirs_nulstr, "Manager\0",
702 config_item_table_lookup, items, false, NULL);
703
704 return 0;
705 }
706
707 static void manager_set_defaults(Manager *m) {
708
709 assert(m);
710
711 m->default_timer_accuracy_usec = arg_default_timer_accuracy_usec;
712 m->default_std_output = arg_default_std_output;
713 m->default_std_error = arg_default_std_error;
714 m->default_timeout_start_usec = arg_default_timeout_start_usec;
715 m->default_timeout_stop_usec = arg_default_timeout_stop_usec;
716 m->default_restart_usec = arg_default_restart_usec;
717 m->default_start_limit_interval = arg_default_start_limit_interval;
718 m->default_start_limit_burst = arg_default_start_limit_burst;
719 m->default_cpu_accounting = arg_default_cpu_accounting;
720 m->default_blockio_accounting = arg_default_blockio_accounting;
721 m->default_memory_accounting = arg_default_memory_accounting;
722 m->default_tasks_accounting = arg_default_tasks_accounting;
723
724 manager_set_default_rlimits(m, arg_default_rlimit);
725 manager_environment_add(m, NULL, arg_default_environment);
726 }
727
728 static int parse_argv(int argc, char *argv[]) {
729
730 enum {
731 ARG_LOG_LEVEL = 0x100,
732 ARG_LOG_TARGET,
733 ARG_LOG_COLOR,
734 ARG_LOG_LOCATION,
735 ARG_UNIT,
736 ARG_SYSTEM,
737 ARG_USER,
738 ARG_TEST,
739 ARG_NO_PAGER,
740 ARG_VERSION,
741 ARG_DUMP_CONFIGURATION_ITEMS,
742 ARG_DUMP_CORE,
743 ARG_CRASH_CHVT,
744 ARG_CRASH_SHELL,
745 ARG_CRASH_REBOOT,
746 ARG_CONFIRM_SPAWN,
747 ARG_SHOW_STATUS,
748 ARG_DESERIALIZE,
749 ARG_SWITCHED_ROOT,
750 ARG_DEFAULT_STD_OUTPUT,
751 ARG_DEFAULT_STD_ERROR
752 };
753
754 static const struct option options[] = {
755 { "log-level", required_argument, NULL, ARG_LOG_LEVEL },
756 { "log-target", required_argument, NULL, ARG_LOG_TARGET },
757 { "log-color", optional_argument, NULL, ARG_LOG_COLOR },
758 { "log-location", optional_argument, NULL, ARG_LOG_LOCATION },
759 { "unit", required_argument, NULL, ARG_UNIT },
760 { "system", no_argument, NULL, ARG_SYSTEM },
761 { "user", no_argument, NULL, ARG_USER },
762 { "test", no_argument, NULL, ARG_TEST },
763 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
764 { "help", no_argument, NULL, 'h' },
765 { "version", no_argument, NULL, ARG_VERSION },
766 { "dump-configuration-items", no_argument, NULL, ARG_DUMP_CONFIGURATION_ITEMS },
767 { "dump-core", optional_argument, NULL, ARG_DUMP_CORE },
768 { "crash-chvt", required_argument, NULL, ARG_CRASH_CHVT },
769 { "crash-shell", optional_argument, NULL, ARG_CRASH_SHELL },
770 { "crash-reboot", optional_argument, NULL, ARG_CRASH_REBOOT },
771 { "confirm-spawn", optional_argument, NULL, ARG_CONFIRM_SPAWN },
772 { "show-status", optional_argument, NULL, ARG_SHOW_STATUS },
773 { "deserialize", required_argument, NULL, ARG_DESERIALIZE },
774 { "switched-root", no_argument, NULL, ARG_SWITCHED_ROOT },
775 { "default-standard-output", required_argument, NULL, ARG_DEFAULT_STD_OUTPUT, },
776 { "default-standard-error", required_argument, NULL, ARG_DEFAULT_STD_ERROR, },
777 {}
778 };
779
780 int c, r;
781
782 assert(argc >= 1);
783 assert(argv);
784
785 if (getpid() == 1)
786 opterr = 0;
787
788 while ((c = getopt_long(argc, argv, "hDbsz:", options, NULL)) >= 0)
789
790 switch (c) {
791
792 case ARG_LOG_LEVEL:
793 r = log_set_max_level_from_string(optarg);
794 if (r < 0) {
795 log_error("Failed to parse log level %s.", optarg);
796 return r;
797 }
798
799 break;
800
801 case ARG_LOG_TARGET:
802 r = log_set_target_from_string(optarg);
803 if (r < 0) {
804 log_error("Failed to parse log target %s.", optarg);
805 return r;
806 }
807
808 break;
809
810 case ARG_LOG_COLOR:
811
812 if (optarg) {
813 r = log_show_color_from_string(optarg);
814 if (r < 0) {
815 log_error("Failed to parse log color setting %s.", optarg);
816 return r;
817 }
818 } else
819 log_show_color(true);
820
821 break;
822
823 case ARG_LOG_LOCATION:
824 if (optarg) {
825 r = log_show_location_from_string(optarg);
826 if (r < 0) {
827 log_error("Failed to parse log location setting %s.", optarg);
828 return r;
829 }
830 } else
831 log_show_location(true);
832
833 break;
834
835 case ARG_DEFAULT_STD_OUTPUT:
836 r = exec_output_from_string(optarg);
837 if (r < 0) {
838 log_error("Failed to parse default standard output setting %s.", optarg);
839 return r;
840 } else
841 arg_default_std_output = r;
842 break;
843
844 case ARG_DEFAULT_STD_ERROR:
845 r = exec_output_from_string(optarg);
846 if (r < 0) {
847 log_error("Failed to parse default standard error output setting %s.", optarg);
848 return r;
849 } else
850 arg_default_std_error = r;
851 break;
852
853 case ARG_UNIT:
854
855 r = free_and_strdup(&arg_default_unit, optarg);
856 if (r < 0)
857 return log_error_errno(r, "Failed to set default unit %s: %m", optarg);
858
859 break;
860
861 case ARG_SYSTEM:
862 arg_running_as = MANAGER_SYSTEM;
863 break;
864
865 case ARG_USER:
866 arg_running_as = MANAGER_USER;
867 break;
868
869 case ARG_TEST:
870 arg_action = ACTION_TEST;
871 if (arg_no_pager < 0)
872 arg_no_pager = true;
873 break;
874
875 case ARG_NO_PAGER:
876 arg_no_pager = true;
877 break;
878
879 case ARG_VERSION:
880 arg_action = ACTION_VERSION;
881 break;
882
883 case ARG_DUMP_CONFIGURATION_ITEMS:
884 arg_action = ACTION_DUMP_CONFIGURATION_ITEMS;
885 break;
886
887 case ARG_DUMP_CORE:
888 if (!optarg)
889 arg_dump_core = true;
890 else {
891 r = parse_boolean(optarg);
892 if (r < 0)
893 return log_error_errno(r, "Failed to parse dump core boolean: %s", optarg);
894 arg_dump_core = r;
895 }
896 break;
897
898 case ARG_CRASH_CHVT:
899 r = parse_crash_chvt(optarg);
900 if (r < 0)
901 return log_error_errno(r, "Failed to parse crash virtual terminal index: %s", optarg);
902 break;
903
904 case ARG_CRASH_SHELL:
905 if (!optarg)
906 arg_crash_shell = true;
907 else {
908 r = parse_boolean(optarg);
909 if (r < 0)
910 return log_error_errno(r, "Failed to parse crash shell boolean: %s", optarg);
911 arg_crash_shell = r;
912 }
913 break;
914
915 case ARG_CRASH_REBOOT:
916 if (!optarg)
917 arg_crash_reboot = true;
918 else {
919 r = parse_boolean(optarg);
920 if (r < 0)
921 return log_error_errno(r, "Failed to parse crash shell boolean: %s", optarg);
922 arg_crash_reboot = r;
923 }
924 break;
925
926 case ARG_CONFIRM_SPAWN:
927 r = optarg ? parse_boolean(optarg) : 1;
928 if (r < 0) {
929 log_error("Failed to parse confirm spawn boolean %s.", optarg);
930 return r;
931 }
932 arg_confirm_spawn = r;
933 break;
934
935 case ARG_SHOW_STATUS:
936 if (optarg) {
937 r = parse_show_status(optarg, &arg_show_status);
938 if (r < 0) {
939 log_error("Failed to parse show status boolean %s.", optarg);
940 return r;
941 }
942 } else
943 arg_show_status = SHOW_STATUS_YES;
944 break;
945
946 case ARG_DESERIALIZE: {
947 int fd;
948 FILE *f;
949
950 r = safe_atoi(optarg, &fd);
951 if (r < 0 || fd < 0) {
952 log_error("Failed to parse deserialize option %s.", optarg);
953 return -EINVAL;
954 }
955
956 (void) fd_cloexec(fd, true);
957
958 f = fdopen(fd, "r");
959 if (!f)
960 return log_error_errno(errno, "Failed to open serialization fd: %m");
961
962 safe_fclose(arg_serialization);
963 arg_serialization = f;
964
965 break;
966 }
967
968 case ARG_SWITCHED_ROOT:
969 arg_switched_root = true;
970 break;
971
972 case 'h':
973 arg_action = ACTION_HELP;
974 if (arg_no_pager < 0)
975 arg_no_pager = true;
976 break;
977
978 case 'D':
979 log_set_max_level(LOG_DEBUG);
980 break;
981
982 case 'b':
983 case 's':
984 case 'z':
985 /* Just to eat away the sysvinit kernel
986 * cmdline args without getopt() error
987 * messages that we'll parse in
988 * parse_proc_cmdline_word() or ignore. */
989
990 case '?':
991 if (getpid() != 1)
992 return -EINVAL;
993 else
994 return 0;
995
996 default:
997 assert_not_reached("Unhandled option code.");
998 }
999
1000 if (optind < argc && getpid() != 1) {
1001 /* Hmm, when we aren't run as init system
1002 * let's complain about excess arguments */
1003
1004 log_error("Excess arguments.");
1005 return -EINVAL;
1006 }
1007
1008 return 0;
1009 }
1010
1011 static int help(void) {
1012
1013 printf("%s [OPTIONS...]\n\n"
1014 "Starts up and maintains the system or user services.\n\n"
1015 " -h --help Show this help\n"
1016 " --test Determine startup sequence, dump it and exit\n"
1017 " --no-pager Do not pipe output into a pager\n"
1018 " --dump-configuration-items Dump understood unit configuration items\n"
1019 " --unit=UNIT Set default unit\n"
1020 " --system Run a system instance, even if PID != 1\n"
1021 " --user Run a user instance\n"
1022 " --dump-core[=BOOL] Dump core on crash\n"
1023 " --crash-vt=NR Change to specified VT on crash\n"
1024 " --crash-reboot[=BOOL] Reboot on crash\n"
1025 " --crash-shell[=BOOL] Run shell on crash\n"
1026 " --confirm-spawn[=BOOL] Ask for confirmation when spawning processes\n"
1027 " --show-status[=BOOL] Show status updates on the console during bootup\n"
1028 " --log-target=TARGET Set log target (console, journal, kmsg, journal-or-kmsg, null)\n"
1029 " --log-level=LEVEL Set log level (debug, info, notice, warning, err, crit, alert, emerg)\n"
1030 " --log-color[=BOOL] Highlight important log messages\n"
1031 " --log-location[=BOOL] Include code location in log messages\n"
1032 " --default-standard-output= Set default standard output for services\n"
1033 " --default-standard-error= Set default standard error output for services\n",
1034 program_invocation_short_name);
1035
1036 return 0;
1037 }
1038
1039 static int prepare_reexecute(Manager *m, FILE **_f, FDSet **_fds, bool switching_root) {
1040 _cleanup_fdset_free_ FDSet *fds = NULL;
1041 _cleanup_fclose_ FILE *f = NULL;
1042 int r;
1043
1044 assert(m);
1045 assert(_f);
1046 assert(_fds);
1047
1048 r = manager_open_serialization(m, &f);
1049 if (r < 0)
1050 return log_error_errno(r, "Failed to create serialization file: %m");
1051
1052 /* Make sure nothing is really destructed when we shut down */
1053 m->n_reloading ++;
1054 bus_manager_send_reloading(m, true);
1055
1056 fds = fdset_new();
1057 if (!fds)
1058 return log_oom();
1059
1060 r = manager_serialize(m, f, fds, switching_root);
1061 if (r < 0)
1062 return log_error_errno(r, "Failed to serialize state: %m");
1063
1064 if (fseeko(f, 0, SEEK_SET) == (off_t) -1)
1065 return log_error_errno(errno, "Failed to rewind serialization fd: %m");
1066
1067 r = fd_cloexec(fileno(f), false);
1068 if (r < 0)
1069 return log_error_errno(r, "Failed to disable O_CLOEXEC for serialization: %m");
1070
1071 r = fdset_cloexec(fds, false);
1072 if (r < 0)
1073 return log_error_errno(r, "Failed to disable O_CLOEXEC for serialization fds: %m");
1074
1075 *_f = f;
1076 *_fds = fds;
1077
1078 f = NULL;
1079 fds = NULL;
1080
1081 return 0;
1082 }
1083
1084 static int bump_rlimit_nofile(struct rlimit *saved_rlimit) {
1085 struct rlimit nl;
1086 int r;
1087
1088 assert(saved_rlimit);
1089
1090 /* Save the original RLIMIT_NOFILE so that we can reset it
1091 * later when transitioning from the initrd to the main
1092 * systemd or suchlike. */
1093 if (getrlimit(RLIMIT_NOFILE, saved_rlimit) < 0)
1094 return log_error_errno(errno, "Reading RLIMIT_NOFILE failed: %m");
1095
1096 /* Make sure forked processes get the default kernel setting */
1097 if (!arg_default_rlimit[RLIMIT_NOFILE]) {
1098 struct rlimit *rl;
1099
1100 rl = newdup(struct rlimit, saved_rlimit, 1);
1101 if (!rl)
1102 return log_oom();
1103
1104 arg_default_rlimit[RLIMIT_NOFILE] = rl;
1105 }
1106
1107 /* Bump up the resource limit for ourselves substantially */
1108 nl.rlim_cur = nl.rlim_max = 64*1024;
1109 r = setrlimit_closest(RLIMIT_NOFILE, &nl);
1110 if (r < 0)
1111 return log_error_errno(r, "Setting RLIMIT_NOFILE failed: %m");
1112
1113 return 0;
1114 }
1115
1116 static void test_mtab(void) {
1117
1118 static const char ok[] =
1119 "/proc/self/mounts\0"
1120 "/proc/mounts\0"
1121 "../proc/self/mounts\0"
1122 "../proc/mounts\0";
1123
1124 _cleanup_free_ char *p = NULL;
1125 int r;
1126
1127 /* Check that /etc/mtab is a symlink to the right place or
1128 * non-existing. But certainly not a file, or a symlink to
1129 * some weird place... */
1130
1131 r = readlink_malloc("/etc/mtab", &p);
1132 if (r == -ENOENT)
1133 return;
1134 if (r >= 0 && nulstr_contains(ok, p))
1135 return;
1136
1137 log_error("/etc/mtab is not a symlink or not pointing to /proc/self/mounts. "
1138 "This is not supported anymore. "
1139 "Please replace /etc/mtab with a symlink to /proc/self/mounts.");
1140 freeze_or_reboot();
1141 }
1142
1143 static void test_usr(void) {
1144
1145 /* Check that /usr is not a separate fs */
1146
1147 if (dir_is_empty("/usr") <= 0)
1148 return;
1149
1150 log_warning("/usr appears to be on its own filesystem and is not already mounted. This is not a supported setup. "
1151 "Some things will probably break (sometimes even silently) in mysterious ways. "
1152 "Consult http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken for more information.");
1153 }
1154
1155 static int initialize_join_controllers(void) {
1156 /* By default, mount "cpu" + "cpuacct" together, and "net_cls"
1157 * + "net_prio". We'd like to add "cpuset" to the mix, but
1158 * "cpuset" doesn't really work for groups with no initialized
1159 * attributes. */
1160
1161 arg_join_controllers = new(char**, 3);
1162 if (!arg_join_controllers)
1163 return -ENOMEM;
1164
1165 arg_join_controllers[0] = strv_new("cpu", "cpuacct", NULL);
1166 if (!arg_join_controllers[0])
1167 goto oom;
1168
1169 arg_join_controllers[1] = strv_new("net_cls", "net_prio", NULL);
1170 if (!arg_join_controllers[1])
1171 goto oom;
1172
1173 arg_join_controllers[2] = NULL;
1174 return 0;
1175
1176 oom:
1177 arg_join_controllers = strv_free_free(arg_join_controllers);
1178 return -ENOMEM;
1179 }
1180
1181 static int enforce_syscall_archs(Set *archs) {
1182 #ifdef HAVE_SECCOMP
1183 scmp_filter_ctx *seccomp;
1184 Iterator i;
1185 void *id;
1186 int r;
1187
1188 seccomp = seccomp_init(SCMP_ACT_ALLOW);
1189 if (!seccomp)
1190 return log_oom();
1191
1192 SET_FOREACH(id, arg_syscall_archs, i) {
1193 r = seccomp_arch_add(seccomp, PTR_TO_UINT32(id) - 1);
1194 if (r == -EEXIST)
1195 continue;
1196 if (r < 0) {
1197 log_error_errno(r, "Failed to add architecture to seccomp: %m");
1198 goto finish;
1199 }
1200 }
1201
1202 r = seccomp_attr_set(seccomp, SCMP_FLTATR_CTL_NNP, 0);
1203 if (r < 0) {
1204 log_error_errno(r, "Failed to unset NO_NEW_PRIVS: %m");
1205 goto finish;
1206 }
1207
1208 r = seccomp_load(seccomp);
1209 if (r < 0)
1210 log_error_errno(r, "Failed to add install architecture seccomp: %m");
1211
1212 finish:
1213 seccomp_release(seccomp);
1214 return r;
1215 #else
1216 return 0;
1217 #endif
1218 }
1219
1220 static int status_welcome(void) {
1221 _cleanup_free_ char *pretty_name = NULL, *ansi_color = NULL;
1222 int r;
1223
1224 r = parse_env_file("/etc/os-release", NEWLINE,
1225 "PRETTY_NAME", &pretty_name,
1226 "ANSI_COLOR", &ansi_color,
1227 NULL);
1228 if (r == -ENOENT)
1229 r = parse_env_file("/usr/lib/os-release", NEWLINE,
1230 "PRETTY_NAME", &pretty_name,
1231 "ANSI_COLOR", &ansi_color,
1232 NULL);
1233
1234 if (r < 0 && r != -ENOENT)
1235 log_warning_errno(r, "Failed to read os-release file: %m");
1236
1237 return status_printf(NULL, false, false,
1238 "\nWelcome to \x1B[%sm%s\x1B[0m!\n",
1239 isempty(ansi_color) ? "1" : ansi_color,
1240 isempty(pretty_name) ? "Linux" : pretty_name);
1241 }
1242
1243 static int write_container_id(void) {
1244 const char *c;
1245 int r;
1246
1247 c = getenv("container");
1248 if (isempty(c))
1249 return 0;
1250
1251 r = write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE);
1252 if (r < 0)
1253 return log_warning_errno(r, "Failed to write /run/systed/container, ignoring: %m");
1254
1255 return 1;
1256 }
1257
1258 static int bump_unix_max_dgram_qlen(void) {
1259 _cleanup_free_ char *qlen = NULL;
1260 unsigned long v;
1261 int r;
1262
1263 /* Let's bump the net.unix.max_dgram_qlen sysctl. The kernel
1264 * default of 16 is simply too low. We set the value really
1265 * really early during boot, so that it is actually applied to
1266 * all our sockets, including the $NOTIFY_SOCKET one. */
1267
1268 r = read_one_line_file("/proc/sys/net/unix/max_dgram_qlen", &qlen);
1269 if (r < 0)
1270 return log_warning_errno(r, "Failed to read AF_UNIX datagram queue length, ignoring: %m");
1271
1272 r = safe_atolu(qlen, &v);
1273 if (r < 0)
1274 return log_warning_errno(r, "Failed to parse AF_UNIX datagram queue length, ignoring: %m");
1275
1276 if (v >= DEFAULT_UNIX_MAX_DGRAM_QLEN)
1277 return 0;
1278
1279 qlen = mfree(qlen);
1280 if (asprintf(&qlen, "%lu\n", DEFAULT_UNIX_MAX_DGRAM_QLEN) < 0)
1281 return log_oom();
1282
1283 r = write_string_file("/proc/sys/net/unix/max_dgram_qlen", qlen, 0);
1284 if (r < 0)
1285 return log_full_errno(IN_SET(r, -EROFS, -EPERM, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
1286 "Failed to bump AF_UNIX datagram queue length, ignoring: %m");
1287
1288 return 1;
1289 }
1290
1291 int main(int argc, char *argv[]) {
1292 Manager *m = NULL;
1293 int r, retval = EXIT_FAILURE;
1294 usec_t before_startup, after_startup;
1295 char timespan[FORMAT_TIMESPAN_MAX];
1296 FDSet *fds = NULL;
1297 bool reexecute = false;
1298 const char *shutdown_verb = NULL;
1299 dual_timestamp initrd_timestamp = DUAL_TIMESTAMP_NULL;
1300 dual_timestamp userspace_timestamp = DUAL_TIMESTAMP_NULL;
1301 dual_timestamp kernel_timestamp = DUAL_TIMESTAMP_NULL;
1302 dual_timestamp security_start_timestamp = DUAL_TIMESTAMP_NULL;
1303 dual_timestamp security_finish_timestamp = DUAL_TIMESTAMP_NULL;
1304 static char systemd[] = "systemd";
1305 bool skip_setup = false;
1306 unsigned j;
1307 bool loaded_policy = false;
1308 bool arm_reboot_watchdog = false;
1309 bool queue_default_job = false;
1310 bool empty_etc = false;
1311 char *switch_root_dir = NULL, *switch_root_init = NULL;
1312 struct rlimit saved_rlimit_nofile = RLIMIT_MAKE_CONST(0);
1313 const char *error_message = NULL;
1314
1315 #ifdef HAVE_SYSV_COMPAT
1316 if (getpid() != 1 && strstr(program_invocation_short_name, "init")) {
1317 /* This is compatibility support for SysV, where
1318 * calling init as a user is identical to telinit. */
1319
1320 errno = -ENOENT;
1321 execv(SYSTEMCTL_BINARY_PATH, argv);
1322 log_error_errno(errno, "Failed to exec " SYSTEMCTL_BINARY_PATH ": %m");
1323 return 1;
1324 }
1325 #endif
1326
1327 dual_timestamp_from_monotonic(&kernel_timestamp, 0);
1328 dual_timestamp_get(&userspace_timestamp);
1329
1330 /* Determine if this is a reexecution or normal bootup. We do
1331 * the full command line parsing much later, so let's just
1332 * have a quick peek here. */
1333 if (strv_find(argv+1, "--deserialize"))
1334 skip_setup = true;
1335
1336 /* If we have switched root, do all the special setup
1337 * things */
1338 if (strv_find(argv+1, "--switched-root"))
1339 skip_setup = false;
1340
1341 /* If we get started via the /sbin/init symlink then we are
1342 called 'init'. After a subsequent reexecution we are then
1343 called 'systemd'. That is confusing, hence let's call us
1344 systemd right-away. */
1345 program_invocation_short_name = systemd;
1346 prctl(PR_SET_NAME, systemd);
1347
1348 saved_argv = argv;
1349 saved_argc = argc;
1350
1351 log_show_color(isatty(STDERR_FILENO) > 0);
1352 log_set_upgrade_syslog_to_journal(true);
1353
1354 /* Disable the umask logic */
1355 if (getpid() == 1)
1356 umask(0);
1357
1358 if (getpid() == 1 && detect_container() <= 0) {
1359
1360 /* Running outside of a container as PID 1 */
1361 arg_running_as = MANAGER_SYSTEM;
1362 make_null_stdio();
1363 log_set_target(LOG_TARGET_KMSG);
1364 log_open();
1365
1366 if (in_initrd())
1367 initrd_timestamp = userspace_timestamp;
1368
1369 if (!skip_setup) {
1370 mount_setup_early();
1371 dual_timestamp_get(&security_start_timestamp);
1372 if (mac_selinux_setup(&loaded_policy) < 0) {
1373 error_message = "Failed to load SELinux policy";
1374 goto finish;
1375 } else if (ima_setup() < 0) {
1376 error_message = "Failed to load IMA policy";
1377 goto finish;
1378 } else if (mac_smack_setup(&loaded_policy) < 0) {
1379 error_message = "Failed to load SMACK policy";
1380 goto finish;
1381 }
1382 dual_timestamp_get(&security_finish_timestamp);
1383 }
1384
1385 if (mac_selinux_init(NULL) < 0) {
1386 error_message = "Failed to initialize SELinux policy";
1387 goto finish;
1388 }
1389
1390 if (!skip_setup) {
1391 if (clock_is_localtime() > 0) {
1392 int min;
1393
1394 /*
1395 * The very first call of settimeofday() also does a time warp in the kernel.
1396 *
1397 * In the rtc-in-local time mode, we set the kernel's timezone, and rely on
1398 * external tools to take care of maintaining the RTC and do all adjustments.
1399 * This matches the behavior of Windows, which leaves the RTC alone if the
1400 * registry tells that the RTC runs in UTC.
1401 */
1402 r = clock_set_timezone(&min);
1403 if (r < 0)
1404 log_error_errno(r, "Failed to apply local time delta, ignoring: %m");
1405 else
1406 log_info("RTC configured in localtime, applying delta of %i minutes to system time.", min);
1407 } else if (!in_initrd()) {
1408 /*
1409 * Do a dummy very first call to seal the kernel's time warp magic.
1410 *
1411 * Do not call this this from inside the initrd. The initrd might not
1412 * carry /etc/adjtime with LOCAL, but the real system could be set up
1413 * that way. In such case, we need to delay the time-warp or the sealing
1414 * until we reach the real system.
1415 *
1416 * Do no set the kernel's timezone. The concept of local time cannot
1417 * be supported reliably, the time will jump or be incorrect at every daylight
1418 * saving time change. All kernel local time concepts will be treated
1419 * as UTC that way.
1420 */
1421 clock_reset_timewarp();
1422 }
1423 }
1424
1425 /* Set the default for later on, but don't actually
1426 * open the logs like this for now. Note that if we
1427 * are transitioning from the initrd there might still
1428 * be journal fd open, and we shouldn't attempt
1429 * opening that before we parsed /proc/cmdline which
1430 * might redirect output elsewhere. */
1431 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
1432
1433 } else if (getpid() == 1) {
1434 /* Running inside a container, as PID 1 */
1435 arg_running_as = MANAGER_SYSTEM;
1436 log_set_target(LOG_TARGET_CONSOLE);
1437 log_close_console(); /* force reopen of /dev/console */
1438 log_open();
1439
1440 /* For the later on, see above... */
1441 log_set_target(LOG_TARGET_JOURNAL);
1442
1443 /* clear the kernel timestamp,
1444 * because we are in a container */
1445 kernel_timestamp.monotonic = 0ULL;
1446 kernel_timestamp.realtime = 0ULL;
1447
1448 } else {
1449 /* Running as user instance */
1450 arg_running_as = MANAGER_USER;
1451 log_set_target(LOG_TARGET_AUTO);
1452 log_open();
1453
1454 /* clear the kernel timestamp,
1455 * because we are not PID 1 */
1456 kernel_timestamp = DUAL_TIMESTAMP_NULL;
1457 }
1458
1459 /* Initialize default unit */
1460 r = free_and_strdup(&arg_default_unit, SPECIAL_DEFAULT_TARGET);
1461 if (r < 0) {
1462 log_emergency_errno(r, "Failed to set default unit %s: %m", SPECIAL_DEFAULT_TARGET);
1463 error_message = "Failed to set default unit";
1464 goto finish;
1465 }
1466
1467 r = initialize_join_controllers();
1468 if (r < 0) {
1469 error_message = "Failed to initialize cgroup controllers";
1470 goto finish;
1471 }
1472
1473 /* Mount /proc, /sys and friends, so that /proc/cmdline and
1474 * /proc/$PID/fd is available. */
1475 if (getpid() == 1) {
1476
1477 /* Load the kernel modules early, so that we kdbus.ko is loaded before kdbusfs shall be mounted */
1478 if (!skip_setup)
1479 kmod_setup();
1480
1481 r = mount_setup(loaded_policy);
1482 if (r < 0) {
1483 error_message = "Failed to mount API filesystems";
1484 goto finish;
1485 }
1486 }
1487
1488 /* Reset all signal handlers. */
1489 (void) reset_all_signal_handlers();
1490 (void) ignore_signals(SIGNALS_IGNORE, -1);
1491
1492 if (parse_config_file() < 0) {
1493 error_message = "Failed to parse config file";
1494 goto finish;
1495 }
1496
1497 if (arg_running_as == MANAGER_SYSTEM) {
1498 r = parse_proc_cmdline(parse_proc_cmdline_item);
1499 if (r < 0)
1500 log_warning_errno(r, "Failed to parse kernel command line, ignoring: %m");
1501 }
1502
1503 /* Note that this also parses bits from the kernel command
1504 * line, including "debug". */
1505 log_parse_environment();
1506
1507 if (parse_argv(argc, argv) < 0) {
1508 error_message = "Failed to parse commandline arguments";
1509 goto finish;
1510 }
1511
1512 if (arg_action == ACTION_TEST &&
1513 geteuid() == 0) {
1514 log_error("Don't run test mode as root.");
1515 goto finish;
1516 }
1517
1518 if (arg_running_as == MANAGER_USER &&
1519 arg_action == ACTION_RUN &&
1520 sd_booted() <= 0) {
1521 log_error("Trying to run as user instance, but the system has not been booted with systemd.");
1522 goto finish;
1523 }
1524
1525 if (arg_running_as == MANAGER_SYSTEM &&
1526 arg_action == ACTION_RUN &&
1527 running_in_chroot() > 0) {
1528 log_error("Cannot be run in a chroot() environment.");
1529 goto finish;
1530 }
1531
1532 if (arg_action == ACTION_TEST)
1533 skip_setup = true;
1534
1535 pager_open_if_enabled();
1536
1537 if (arg_action == ACTION_HELP) {
1538 retval = help();
1539 goto finish;
1540 } else if (arg_action == ACTION_VERSION) {
1541 retval = version();
1542 goto finish;
1543 } else if (arg_action == ACTION_DUMP_CONFIGURATION_ITEMS) {
1544 unit_dump_config_items(stdout);
1545 retval = EXIT_SUCCESS;
1546 goto finish;
1547 } else if (arg_action == ACTION_DONE) {
1548 retval = EXIT_SUCCESS;
1549 goto finish;
1550 }
1551
1552 if (arg_running_as == MANAGER_USER &&
1553 !getenv("XDG_RUNTIME_DIR")) {
1554 log_error("Trying to run as user instance, but $XDG_RUNTIME_DIR is not set.");
1555 goto finish;
1556 }
1557
1558 assert_se(arg_action == ACTION_RUN || arg_action == ACTION_TEST);
1559
1560 /* Close logging fds, in order not to confuse fdset below */
1561 log_close();
1562
1563 /* Remember open file descriptors for later deserialization */
1564 r = fdset_new_fill(&fds);
1565 if (r < 0) {
1566 log_emergency_errno(r, "Failed to allocate fd set: %m");
1567 error_message = "Failed to allocate fd set";
1568 goto finish;
1569 } else
1570 fdset_cloexec(fds, true);
1571
1572 if (arg_serialization)
1573 assert_se(fdset_remove(fds, fileno(arg_serialization)) >= 0);
1574
1575 if (arg_running_as == MANAGER_SYSTEM)
1576 /* Become a session leader if we aren't one yet. */
1577 setsid();
1578
1579 /* Move out of the way, so that we won't block unmounts */
1580 assert_se(chdir("/") == 0);
1581
1582 /* Reset the console, but only if this is really init and we
1583 * are freshly booted */
1584 if (arg_running_as == MANAGER_SYSTEM && arg_action == ACTION_RUN) {
1585
1586 /* If we are init, we connect stdin/stdout/stderr to
1587 * /dev/null and make sure we don't have a controlling
1588 * tty. */
1589 release_terminal();
1590
1591 if (getpid() == 1 && !skip_setup)
1592 console_setup();
1593 }
1594
1595 /* Open the logging devices, if possible and necessary */
1596 log_open();
1597
1598 if (arg_show_status == _SHOW_STATUS_UNSET)
1599 arg_show_status = SHOW_STATUS_YES;
1600
1601 /* Make sure we leave a core dump without panicing the
1602 * kernel. */
1603 if (getpid() == 1) {
1604 install_crash_handler();
1605
1606 r = mount_cgroup_controllers(arg_join_controllers);
1607 if (r < 0)
1608 goto finish;
1609 }
1610
1611 if (arg_running_as == MANAGER_SYSTEM) {
1612 int v;
1613
1614 log_info(PACKAGE_STRING " running in %ssystem mode. (" SYSTEMD_FEATURES ")",
1615 arg_action == ACTION_TEST ? "test " : "" );
1616
1617 v = detect_virtualization();
1618 if (v > 0)
1619 log_info("Detected virtualization %s.", virtualization_to_string(v));
1620
1621 write_container_id();
1622
1623 log_info("Detected architecture %s.", architecture_to_string(uname_architecture()));
1624
1625 if (in_initrd())
1626 log_info("Running in initial RAM disk.");
1627
1628 /* Let's check whether /etc is already populated. We
1629 * don't actually really check for that, but use
1630 * /etc/machine-id as flag file. This allows container
1631 * managers and installers to provision a couple of
1632 * files already. If the container manager wants to
1633 * provision the machine ID itself it should pass
1634 * $container_uuid to PID 1. */
1635
1636 empty_etc = access("/etc/machine-id", F_OK) < 0;
1637 if (empty_etc)
1638 log_info("Running with unpopulated /etc.");
1639 } else {
1640 _cleanup_free_ char *t;
1641
1642 t = uid_to_name(getuid());
1643 log_debug(PACKAGE_STRING " running in %suser mode for user "UID_FMT"/%s. (" SYSTEMD_FEATURES ")",
1644 arg_action == ACTION_TEST ? " test" : "", getuid(), t);
1645 }
1646
1647 if (arg_running_as == MANAGER_SYSTEM && !skip_setup) {
1648 if (arg_show_status > 0)
1649 status_welcome();
1650
1651 hostname_setup();
1652 machine_id_setup(NULL);
1653 loopback_setup();
1654 bump_unix_max_dgram_qlen();
1655
1656 test_mtab();
1657 test_usr();
1658 }
1659
1660 if (arg_running_as == MANAGER_SYSTEM && arg_runtime_watchdog > 0)
1661 watchdog_set_timeout(&arg_runtime_watchdog);
1662
1663 if (arg_timer_slack_nsec != NSEC_INFINITY)
1664 if (prctl(PR_SET_TIMERSLACK, arg_timer_slack_nsec) < 0)
1665 log_error_errno(errno, "Failed to adjust timer slack: %m");
1666
1667 if (arg_capability_bounding_set_drop) {
1668 r = capability_bounding_set_drop_usermode(arg_capability_bounding_set_drop);
1669 if (r < 0) {
1670 log_emergency_errno(r, "Failed to drop capability bounding set of usermode helpers: %m");
1671 error_message = "Failed to drop capability bounding set of usermode helpers";
1672 goto finish;
1673 }
1674 r = capability_bounding_set_drop(arg_capability_bounding_set_drop, true);
1675 if (r < 0) {
1676 log_emergency_errno(r, "Failed to drop capability bounding set: %m");
1677 error_message = "Failed to drop capability bounding set";
1678 goto finish;
1679 }
1680 }
1681
1682 if (arg_syscall_archs) {
1683 r = enforce_syscall_archs(arg_syscall_archs);
1684 if (r < 0) {
1685 error_message = "Failed to set syscall architectures";
1686 goto finish;
1687 }
1688 }
1689
1690 if (arg_running_as == MANAGER_USER)
1691 /* Become reaper of our children */
1692 if (prctl(PR_SET_CHILD_SUBREAPER, 1) < 0)
1693 log_warning_errno(errno, "Failed to make us a subreaper: %m");
1694
1695 if (arg_running_as == MANAGER_SYSTEM) {
1696 bump_rlimit_nofile(&saved_rlimit_nofile);
1697
1698 if (empty_etc) {
1699 r = unit_file_preset_all(UNIT_FILE_SYSTEM, false, NULL, UNIT_FILE_PRESET_ENABLE_ONLY, false, NULL, 0);
1700 if (r < 0)
1701 log_warning_errno(r, "Failed to populate /etc with preset unit settings, ignoring: %m");
1702 else
1703 log_info("Populated /etc with preset unit settings.");
1704 }
1705 }
1706
1707 r = manager_new(arg_running_as, arg_action == ACTION_TEST, &m);
1708 if (r < 0) {
1709 log_emergency_errno(r, "Failed to allocate manager object: %m");
1710 error_message = "Failed to allocate manager object";
1711 goto finish;
1712 }
1713
1714 m->confirm_spawn = arg_confirm_spawn;
1715 m->runtime_watchdog = arg_runtime_watchdog;
1716 m->shutdown_watchdog = arg_shutdown_watchdog;
1717 m->userspace_timestamp = userspace_timestamp;
1718 m->kernel_timestamp = kernel_timestamp;
1719 m->initrd_timestamp = initrd_timestamp;
1720 m->security_start_timestamp = security_start_timestamp;
1721 m->security_finish_timestamp = security_finish_timestamp;
1722
1723 manager_set_defaults(m);
1724 manager_set_show_status(m, arg_show_status);
1725 manager_set_first_boot(m, empty_etc);
1726
1727 /* Remember whether we should queue the default job */
1728 queue_default_job = !arg_serialization || arg_switched_root;
1729
1730 before_startup = now(CLOCK_MONOTONIC);
1731
1732 r = manager_startup(m, arg_serialization, fds);
1733 if (r < 0)
1734 log_error_errno(r, "Failed to fully start up daemon: %m");
1735
1736 /* This will close all file descriptors that were opened, but
1737 * not claimed by any unit. */
1738 fds = fdset_free(fds);
1739
1740 arg_serialization = safe_fclose(arg_serialization);
1741
1742 if (queue_default_job) {
1743 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1744 Unit *target = NULL;
1745 Job *default_unit_job;
1746
1747 log_debug("Activating default unit: %s", arg_default_unit);
1748
1749 r = manager_load_unit(m, arg_default_unit, NULL, &error, &target);
1750 if (r < 0)
1751 log_error("Failed to load default target: %s", bus_error_message(&error, r));
1752 else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND)
1753 log_error_errno(target->load_error, "Failed to load default target: %m");
1754 else if (target->load_state == UNIT_MASKED)
1755 log_error("Default target masked.");
1756
1757 if (!target || target->load_state != UNIT_LOADED) {
1758 log_info("Trying to load rescue target...");
1759
1760 r = manager_load_unit(m, SPECIAL_RESCUE_TARGET, NULL, &error, &target);
1761 if (r < 0) {
1762 log_emergency("Failed to load rescue target: %s", bus_error_message(&error, r));
1763 error_message = "Failed to load rescue target";
1764 goto finish;
1765 } else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND) {
1766 log_emergency_errno(target->load_error, "Failed to load rescue target: %m");
1767 error_message = "Failed to load rescue target";
1768 goto finish;
1769 } else if (target->load_state == UNIT_MASKED) {
1770 log_emergency("Rescue target masked.");
1771 error_message = "Rescue target masked";
1772 goto finish;
1773 }
1774 }
1775
1776 assert(target->load_state == UNIT_LOADED);
1777
1778 if (arg_action == ACTION_TEST) {
1779 printf("-> By units:\n");
1780 manager_dump_units(m, stdout, "\t");
1781 }
1782
1783 r = manager_add_job(m, JOB_START, target, JOB_ISOLATE, false, &error, &default_unit_job);
1784 if (r == -EPERM) {
1785 log_debug("Default target could not be isolated, starting instead: %s", bus_error_message(&error, r));
1786
1787 r = manager_add_job(m, JOB_START, target, JOB_REPLACE, false, &error, &default_unit_job);
1788 if (r < 0) {
1789 log_emergency("Failed to start default target: %s", bus_error_message(&error, r));
1790 error_message = "Failed to start default target";
1791 goto finish;
1792 }
1793 } else if (r < 0) {
1794 log_emergency("Failed to isolate default target: %s", bus_error_message(&error, r));
1795 error_message = "Failed to isolate default target";
1796 goto finish;
1797 }
1798
1799 m->default_unit_job_id = default_unit_job->id;
1800
1801 after_startup = now(CLOCK_MONOTONIC);
1802 log_full(arg_action == ACTION_TEST ? LOG_INFO : LOG_DEBUG,
1803 "Loaded units and determined initial transaction in %s.",
1804 format_timespan(timespan, sizeof(timespan), after_startup - before_startup, 100 * USEC_PER_MSEC));
1805
1806 if (arg_action == ACTION_TEST) {
1807 printf("-> By jobs:\n");
1808 manager_dump_jobs(m, stdout, "\t");
1809 retval = EXIT_SUCCESS;
1810 goto finish;
1811 }
1812 }
1813
1814 for (;;) {
1815 r = manager_loop(m);
1816 if (r < 0) {
1817 log_emergency_errno(r, "Failed to run main loop: %m");
1818 error_message = "Failed to run main loop";
1819 goto finish;
1820 }
1821
1822 switch (m->exit_code) {
1823
1824 case MANAGER_RELOAD:
1825 log_info("Reloading.");
1826
1827 r = parse_config_file();
1828 if (r < 0)
1829 log_error("Failed to parse config file.");
1830
1831 manager_set_defaults(m);
1832
1833 r = manager_reload(m);
1834 if (r < 0)
1835 log_error_errno(r, "Failed to reload: %m");
1836 break;
1837
1838 case MANAGER_REEXECUTE:
1839
1840 if (prepare_reexecute(m, &arg_serialization, &fds, false) < 0) {
1841 error_message = "Failed to prepare for reexecution";
1842 goto finish;
1843 }
1844
1845 reexecute = true;
1846 log_notice("Reexecuting.");
1847 goto finish;
1848
1849 case MANAGER_SWITCH_ROOT:
1850 /* Steal the switch root parameters */
1851 switch_root_dir = m->switch_root;
1852 switch_root_init = m->switch_root_init;
1853 m->switch_root = m->switch_root_init = NULL;
1854
1855 if (!switch_root_init)
1856 if (prepare_reexecute(m, &arg_serialization, &fds, true) < 0) {
1857 error_message = "Failed to prepare for reexecution";
1858 goto finish;
1859 }
1860
1861 reexecute = true;
1862 log_notice("Switching root.");
1863 goto finish;
1864
1865 case MANAGER_EXIT:
1866 retval = m->return_value;
1867
1868 if (m->running_as == MANAGER_USER) {
1869 log_debug("Exit.");
1870 goto finish;
1871 }
1872
1873 /* fallthrough */
1874 case MANAGER_REBOOT:
1875 case MANAGER_POWEROFF:
1876 case MANAGER_HALT:
1877 case MANAGER_KEXEC: {
1878 static const char * const table[_MANAGER_EXIT_CODE_MAX] = {
1879 [MANAGER_EXIT] = "exit",
1880 [MANAGER_REBOOT] = "reboot",
1881 [MANAGER_POWEROFF] = "poweroff",
1882 [MANAGER_HALT] = "halt",
1883 [MANAGER_KEXEC] = "kexec"
1884 };
1885
1886 assert_se(shutdown_verb = table[m->exit_code]);
1887 arm_reboot_watchdog = m->exit_code == MANAGER_REBOOT;
1888
1889 log_notice("Shutting down.");
1890 goto finish;
1891 }
1892
1893 default:
1894 assert_not_reached("Unknown exit code.");
1895 }
1896 }
1897
1898 finish:
1899 pager_close();
1900
1901 if (m)
1902 arg_shutdown_watchdog = m->shutdown_watchdog;
1903
1904 m = manager_free(m);
1905
1906 for (j = 0; j < ELEMENTSOF(arg_default_rlimit); j++)
1907 arg_default_rlimit[j] = mfree(arg_default_rlimit[j]);
1908
1909 arg_default_unit = mfree(arg_default_unit);
1910 arg_join_controllers = strv_free_free(arg_join_controllers);
1911 arg_default_environment = strv_free(arg_default_environment);
1912 arg_syscall_archs = set_free(arg_syscall_archs);
1913
1914 mac_selinux_finish();
1915
1916 if (reexecute) {
1917 const char **args;
1918 unsigned i, args_size;
1919
1920 /* Close and disarm the watchdog, so that the new
1921 * instance can reinitialize it, but doesn't get
1922 * rebooted while we do that */
1923 watchdog_close(true);
1924
1925 /* Reset the RLIMIT_NOFILE to the kernel default, so
1926 * that the new systemd can pass the kernel default to
1927 * its child processes */
1928 if (saved_rlimit_nofile.rlim_cur > 0)
1929 (void) setrlimit(RLIMIT_NOFILE, &saved_rlimit_nofile);
1930
1931 if (switch_root_dir) {
1932 /* Kill all remaining processes from the
1933 * initrd, but don't wait for them, so that we
1934 * can handle the SIGCHLD for them after
1935 * deserializing. */
1936 broadcast_signal(SIGTERM, false, true);
1937
1938 /* And switch root with MS_MOVE, because we remove the old directory afterwards and detach it. */
1939 r = switch_root(switch_root_dir, "/mnt", true, MS_MOVE);
1940 if (r < 0)
1941 log_error_errno(r, "Failed to switch root, trying to continue: %m");
1942 }
1943
1944 args_size = MAX(6, argc+1);
1945 args = newa(const char*, args_size);
1946
1947 if (!switch_root_init) {
1948 char sfd[DECIMAL_STR_MAX(int) + 1];
1949
1950 /* First try to spawn ourselves with the right
1951 * path, and with full serialization. We do
1952 * this only if the user didn't specify an
1953 * explicit init to spawn. */
1954
1955 assert(arg_serialization);
1956 assert(fds);
1957
1958 xsprintf(sfd, "%i", fileno(arg_serialization));
1959
1960 i = 0;
1961 args[i++] = SYSTEMD_BINARY_PATH;
1962 if (switch_root_dir)
1963 args[i++] = "--switched-root";
1964 args[i++] = arg_running_as == MANAGER_SYSTEM ? "--system" : "--user";
1965 args[i++] = "--deserialize";
1966 args[i++] = sfd;
1967 args[i++] = NULL;
1968
1969 /* do not pass along the environment we inherit from the kernel or initrd */
1970 if (switch_root_dir)
1971 (void) clearenv();
1972
1973 assert(i <= args_size);
1974 (void) execv(args[0], (char* const*) args);
1975 }
1976
1977 /* Try the fallback, if there is any, without any
1978 * serialization. We pass the original argv[] and
1979 * envp[]. (Well, modulo the ordering changes due to
1980 * getopt() in argv[], and some cleanups in envp[],
1981 * but let's hope that doesn't matter.) */
1982
1983 arg_serialization = safe_fclose(arg_serialization);
1984 fds = fdset_free(fds);
1985
1986 /* Reopen the console */
1987 (void) make_console_stdio();
1988
1989 for (j = 1, i = 1; j < (unsigned) argc; j++)
1990 args[i++] = argv[j];
1991 args[i++] = NULL;
1992 assert(i <= args_size);
1993
1994 /* Reenable any blocked signals, especially important
1995 * if we switch from initial ramdisk to init=... */
1996 (void) reset_all_signal_handlers();
1997 (void) reset_signal_mask();
1998
1999 if (switch_root_init) {
2000 args[0] = switch_root_init;
2001 (void) execv(args[0], (char* const*) args);
2002 log_warning_errno(errno, "Failed to execute configured init, trying fallback: %m");
2003 }
2004
2005 args[0] = "/sbin/init";
2006 (void) execv(args[0], (char* const*) args);
2007
2008 if (errno == ENOENT) {
2009 log_warning("No /sbin/init, trying fallback");
2010
2011 args[0] = "/bin/sh";
2012 args[1] = NULL;
2013 (void) execv(args[0], (char* const*) args);
2014 log_error_errno(errno, "Failed to execute /bin/sh, giving up: %m");
2015 } else
2016 log_warning_errno(errno, "Failed to execute /sbin/init, giving up: %m");
2017 }
2018
2019 arg_serialization = safe_fclose(arg_serialization);
2020 fds = fdset_free(fds);
2021
2022 #ifdef HAVE_VALGRIND_VALGRIND_H
2023 /* If we are PID 1 and running under valgrind, then let's exit
2024 * here explicitly. valgrind will only generate nice output on
2025 * exit(), not on exec(), hence let's do the former not the
2026 * latter here. */
2027 if (getpid() == 1 && RUNNING_ON_VALGRIND)
2028 return 0;
2029 #endif
2030
2031 if (shutdown_verb) {
2032 char log_level[DECIMAL_STR_MAX(int) + 1];
2033 char exit_code[DECIMAL_STR_MAX(uint8_t) + 1];
2034 const char* command_line[11] = {
2035 SYSTEMD_SHUTDOWN_BINARY_PATH,
2036 shutdown_verb,
2037 "--log-level", log_level,
2038 "--log-target",
2039 };
2040 unsigned pos = 5;
2041 _cleanup_strv_free_ char **env_block = NULL;
2042
2043 assert(command_line[pos] == NULL);
2044 env_block = strv_copy(environ);
2045
2046 xsprintf(log_level, "%d", log_get_max_level());
2047
2048 switch (log_get_target()) {
2049
2050 case LOG_TARGET_KMSG:
2051 case LOG_TARGET_JOURNAL_OR_KMSG:
2052 case LOG_TARGET_SYSLOG_OR_KMSG:
2053 command_line[pos++] = "kmsg";
2054 break;
2055
2056 case LOG_TARGET_NULL:
2057 command_line[pos++] = "null";
2058 break;
2059
2060 case LOG_TARGET_CONSOLE:
2061 default:
2062 command_line[pos++] = "console";
2063 break;
2064 };
2065
2066 if (log_get_show_color())
2067 command_line[pos++] = "--log-color";
2068
2069 if (log_get_show_location())
2070 command_line[pos++] = "--log-location";
2071
2072 if (streq(shutdown_verb, "exit")) {
2073 command_line[pos++] = "--exit-code";
2074 command_line[pos++] = exit_code;
2075 xsprintf(exit_code, "%d", retval);
2076 }
2077
2078 assert(pos < ELEMENTSOF(command_line));
2079
2080 if (arm_reboot_watchdog && arg_shutdown_watchdog > 0) {
2081 char *e;
2082
2083 /* If we reboot let's set the shutdown
2084 * watchdog and tell the shutdown binary to
2085 * repeatedly ping it */
2086 r = watchdog_set_timeout(&arg_shutdown_watchdog);
2087 watchdog_close(r < 0);
2088
2089 /* Tell the binary how often to ping, ignore failure */
2090 if (asprintf(&e, "WATCHDOG_USEC="USEC_FMT, arg_shutdown_watchdog) > 0)
2091 (void) strv_push(&env_block, e);
2092 } else
2093 watchdog_close(true);
2094
2095 /* Avoid the creation of new processes forked by the
2096 * kernel; at this point, we will not listen to the
2097 * signals anyway */
2098 if (detect_container() <= 0)
2099 (void) cg_uninstall_release_agent(SYSTEMD_CGROUP_CONTROLLER);
2100
2101 execve(SYSTEMD_SHUTDOWN_BINARY_PATH, (char **) command_line, env_block);
2102 log_error_errno(errno, "Failed to execute shutdown binary, %s: %m",
2103 getpid() == 1 ? "freezing" : "quitting");
2104 }
2105
2106 if (getpid() == 1) {
2107 if (error_message)
2108 manager_status_printf(NULL, STATUS_TYPE_EMERGENCY,
2109 ANSI_HIGHLIGHT_RED "!!!!!!" ANSI_NORMAL,
2110 "%s, freezing.", error_message);
2111 freeze_or_reboot();
2112 }
2113
2114 return retval;
2115 }
Unnamed repository; edit this file 'description' to name the repository.