]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/main.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
util: split out signal-util.[ch] from util.[ch]
[thirdparty/systemd.git] / src / core / main.c
CommitLineData
d6c9574f 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
60918275 2
a7334b09
LP		 3/***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
a7334b09
LP		 11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 16 Lesser General Public License for more details.
a7334b09 17
5430f7f2 18 You should have received a copy of the GNU Lesser General Public License
a7334b09
LP		 19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20***/
21
60918275
LP		 22#include <stdio.h>
23#include <errno.h>
24#include <string.h>
16354eff 25#include <unistd.h>
4ade7963 26#include <sys/stat.h>
f170852a 27#include <getopt.h>
97c4f35c 28#include <signal.h>
80876c20 29#include <fcntl.h>
f3b6a3ed 30#include <sys/prctl.h>
664f88a7 31#include <sys/mount.h>
60918275 32
54b434b1
LP		 33#ifdef HAVE_VALGRIND_VALGRIND_H
34#include <valgrind/valgrind.h>
35#endif
b64a3d86
LP		 36#ifdef HAVE_SECCOMP
37#include <seccomp.h>
38#endif
54b434b1 39
718db961 40#include "sd-daemon.h"
718db961 41#include "sd-bus.h"
16354eff 42#include "log.h"
a16e1123 43#include "fdset.h"
514f4ef5 44#include "special.h"
487393e9 45#include "conf-parser.h"
ad780f19 46#include "missing.h"
b87c2aa6 47#include "pager.h"
302e27c8 48#include "build.h"
06d4c99a 49#include "strv.h"
f6a6225e 50#include "def.h"
b52aae1d 51#include "virt.h"
d9d93745 52#include "architecture.h"
e96d6be7 53#include "watchdog.h"
41669317 54#include "switch-root.h"
ec8927ca 55#include "capability.h"
bd3fa1d2 56#include "killall.h"
0c4025d1 57#include "env-util.h"
24efb112 58#include "clock-util.h"
718db961 59#include "fileio.h"
718db961
LP		 60#include "bus-error.h"
61#include "bus-util.h"
d7b8eec7 62#include "selinux-util.h"
24882e06
LP		 63#include "formats-util.h"
64#include "process-util.h"
65#include "terminal-util.h"
66#include "signal-util.h"
d7b8eec7
LP		 67#include "manager.h"
68#include "dbus-manager.h"
69#include "load-fragment.h"
60918275 70
b6e66135
LP		 71#include "mount-setup.h"
72#include "loopback-setup.h"
b6e66135
LP		 73#include "hostname-setup.h"
74#include "machine-id-setup.h"
b6e66135
LP		 75#include "selinux-setup.h"
76#include "ima-setup.h"
ffbd2c4d 77#include "smack-setup.h"
718db961 78#include "kmod-setup.h"
b6e66135 79
f170852a
LP		 80static enum {
81 ACTION_RUN,
e965d56d 82 ACTION_HELP,
9ba0bc4e 83 ACTION_VERSION,
e537352b 84 ACTION_TEST,
4288f619
LP		 85 ACTION_DUMP_CONFIGURATION_ITEMS,
86 ACTION_DONE
fa0f4d8a 87} arg_action = ACTION_RUN;
fa0f4d8a 88static char *arg_default_unit = NULL;
b2c23da8 89static ManagerRunningAs arg_running_as = _MANAGER_RUNNING_AS_INVALID;
fa0f4d8a
LP		 90static bool arg_dump_core = true;
91static bool arg_crash_shell = false;
92static int arg_crash_chvt = -1;
93static bool arg_confirm_spawn = false;
b6e2f329 94static ShowStatus arg_show_status = _SHOW_STATUS_UNSET;
bf4df7c3 95static bool arg_switched_root = false;
b87c2aa6 96static int arg_no_pager = -1;
0c85a4f3 97static char ***arg_join_controllers = NULL;
706343f4 98static ExecOutput arg_default_std_output = EXEC_OUTPUT_JOURNAL;
0a494f1f 99static ExecOutput arg_default_std_error = EXEC_OUTPUT_INHERIT;
1f19a534
OS		 100static usec_t arg_default_restart_usec = DEFAULT_RESTART_USEC;
101static usec_t arg_default_timeout_start_usec = DEFAULT_TIMEOUT_USEC;
102static usec_t arg_default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC;
3f41e1e5
LN		 103static usec_t arg_default_start_limit_interval = DEFAULT_START_LIMIT_INTERVAL;
104static unsigned arg_default_start_limit_burst = DEFAULT_START_LIMIT_BURST;
e96d6be7
LP		 105static usec_t arg_runtime_watchdog = 0;
106static usec_t arg_shutdown_watchdog = 10 * USEC_PER_MINUTE;
97d0e5f8 107static char **arg_default_environment = NULL;
517d56b1 108static struct rlimit *arg_default_rlimit[_RLIMIT_MAX] = {};
ec8927ca 109static uint64_t arg_capability_bounding_set_drop = 0;
3a43da28 110static nsec_t arg_timer_slack_nsec = NSEC_INFINITY;
bd8f585b 111static usec_t arg_default_timer_accuracy_usec = 1 * USEC_PER_MINUTE;
d3b1c508
LP		 112static Set* arg_syscall_archs = NULL;
113static FILE* arg_serialization = NULL;
085afe36
LP		 114static bool arg_default_cpu_accounting = false;
115static bool arg_default_blockio_accounting = false;
116static bool arg_default_memory_accounting = false;
4fc935ca 117
d3b1c508 118static void nop_handler(int sig) {}
6f5e3f35 119
b87c2aa6
ZJS		 120static void pager_open_if_enabled(void) {
121
122 if (arg_no_pager <= 0)
123 return;
124
125 pager_open(false);
126}
127
919ce0b7 128noreturn static void crash(int sig) {
97c4f35c 129
abb26902
LP		 130 if (getpid() != 1)
131 /* Pass this on immediately, if this is not PID 1 */
132 raise(sig);
133 else if (!arg_dump_core)
4104970e 134 log_emergency("Caught <%s>, not dumping core.", signal_to_string(sig));
97c4f35c 135 else {
b92bea5d
ZJS		 136 struct sigaction sa = {
137 .sa_handler = nop_handler,
138 .sa_flags = SA_NOCLDSTOP|SA_RESTART,
139 };
97c4f35c
LP		 140 pid_t pid;
141
6f5e3f35 142 /* We want to wait for the core process, hence let's enable SIGCHLD */
abb26902 143 sigaction(SIGCHLD, &sa, NULL);
6f5e3f35 144
ee05e779 145 pid = raw_clone(SIGCHLD, NULL);
e62d8c39 146 if (pid < 0)
56f64d95 147 log_emergency_errno(errno, "Caught <%s>, cannot fork for core dump: %m", signal_to_string(sig));
97c4f35c
LP		 148
149 else if (pid == 0) {
b92bea5d 150 struct rlimit rl = {};
97c4f35c
LP		 151
152 /* Enable default signal handler for core dump */
153 zero(sa);
154 sa.sa_handler = SIG_DFL;
abb26902 155 sigaction(sig, &sa, NULL);
97c4f35c
LP		 156
157 /* Don't limit the core dump size */
97c4f35c
LP		 158 rl.rlim_cur = RLIM_INFINITY;
159 rl.rlim_max = RLIM_INFINITY;
160 setrlimit(RLIMIT_CORE, &rl);
161
162 /* Just to be sure... */
e62d9b81 163 (void) chdir("/");
97c4f35c
LP		 164
165 /* Raise the signal again */
ee05e779
ZJS		 166 pid = raw_getpid();
167 kill(pid, sig); /* raise() would kill the parent */
97c4f35c
LP		 168
169 assert_not_reached("We shouldn't be here...");
170 _exit(1);
4fc935ca 171 } else {
8e12a6ae
LP		 172 siginfo_t status;
173 int r;
4fc935ca
LP		 174
175 /* Order things nicely. */
e62d8c39
ZJS		 176 r = wait_for_terminate(pid, &status);
177 if (r < 0)
da927ba9 178 log_emergency_errno(r, "Caught <%s>, waitpid() failed: %m", signal_to_string(sig));
8e12a6ae 179 else if (status.si_code != CLD_DUMPED)
ee05e779
ZJS		 180 log_emergency("Caught <%s>, core dump failed (child "PID_FMT", code=%s, status=%i/%s).",
181 signal_to_string(sig),
182 pid, sigchld_code_to_string(status.si_code),
183 status.si_status,
184 strna(status.si_code == CLD_EXITED
185 ? exit_status_to_string(status.si_status, EXIT_STATUS_FULL)
186 : signal_to_string(status.si_status)));
4fc935ca 187 else
4104970e 188 log_emergency("Caught <%s>, dumped core as pid "PID_FMT".", signal_to_string(sig), pid);
97c4f35c
LP		 189 }
190 }
191
fa0f4d8a
LP		 192 if (arg_crash_chvt)
193 chvt(arg_crash_chvt);
601f6a1e 194
fa0f4d8a 195 if (arg_crash_shell) {
b92bea5d
ZJS		 196 struct sigaction sa = {
197 .sa_handler = SIG_IGN,
198 .sa_flags = SA_NOCLDSTOP|SA_NOCLDWAIT|SA_RESTART,
199 };
6f5e3f35 200 pid_t pid;
8c43883a 201
4fc935ca
LP		 202 log_info("Executing crash shell in 10s...");
203 sleep(10);
204
6f5e3f35 205 /* Let the kernel reap children for us */
6f5e3f35 206 assert_se(sigaction(SIGCHLD, &sa, NULL) == 0);
8c43883a 207
ee05e779 208 pid = raw_clone(SIGCHLD, NULL);
cd3bd60a 209 if (pid < 0)
56f64d95 210 log_emergency_errno(errno, "Failed to fork off crash shell: %m");
6f5e3f35 211 else if (pid == 0) {
cd3bd60a 212 make_console_stdio();
ee05e779 213 execle("/bin/sh", "/bin/sh", NULL, environ);
6f5e3f35 214
ee05e779 215 log_emergency_errno(errno, "execle() failed: %m");
6f5e3f35 216 _exit(1);
ee05e779
ZJS		 217 } else
218 log_info("Successfully spawned crash shell as PID "PID_FMT".", pid);
4fc935ca
LP		 219 }
220
4104970e 221 log_emergency("Freezing execution.");
97c4f35c
LP		 222 freeze();
223}
224
225static void install_crash_handler(void) {
297d563d 226 static const struct sigaction sa = {
b92bea5d 227 .sa_handler = crash,
297d563d 228 .sa_flags = SA_NODEFER, /* So that we can raise the signal again from the signal handler */
b92bea5d 229 };
297d563d 230 int r;
97c4f35c 231
297d563d
LP		 232 /* We ignore the return value here, since, we don't mind if we
233 * cannot set up a crash handler */
234 r = sigaction_many(&sa, SIGNALS_CRASH_HANDLER, -1);
235 if (r < 0)
236 log_debug_errno(r, "I had trouble setting up the crash handler, ignoring: %m");
97c4f35c 237}
f170852a 238
56d96fc0
LP		 239static int console_setup(void) {
240 _cleanup_close_ int tty_fd = -1;
241 int r;
80876c20 242
512947d4 243 tty_fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
23bbb0de
MS		 244 if (tty_fd < 0)
245 return log_error_errno(tty_fd, "Failed to open /dev/console: %m");
80876c20 246
56d96fc0
LP		 247 /* We don't want to force text mode. plymouth may be showing
248 * pictures already from initrd. */
512947d4 249 r = reset_terminal_fd(tty_fd, false);
23bbb0de
MS		 250 if (r < 0)
251 return log_error_errno(r, "Failed to reset /dev/console: %m");
843d2643 252
56d96fc0 253 return 0;
80876c20
LP		 254}
255
f170852a
LP		 256static int set_default_unit(const char *u) {
257 char *c;
258
259 assert(u);
260
bf4df7c3
LP		 261 c = strdup(u);
262 if (!c)
f170852a
LP		 263 return -ENOMEM;
264
fa0f4d8a
LP		 265 free(arg_default_unit);
266 arg_default_unit = c;
bf4df7c3 267
f170852a
LP		 268 return 0;
269}
270
059cb385 271static int parse_proc_cmdline_item(const char *key, const char *value) {
f170852a
LP		 272
273 static const char * const rlmap[] = {
ed370f5d 274 "emergency", SPECIAL_EMERGENCY_TARGET,
099663ff 275 "-b", SPECIAL_EMERGENCY_TARGET,
5329ab10 276 "rescue", SPECIAL_RESCUE_TARGET,
ed370f5d
LP		 277 "single", SPECIAL_RESCUE_TARGET,
278 "-s", SPECIAL_RESCUE_TARGET,
279 "s", SPECIAL_RESCUE_TARGET,
280 "S", SPECIAL_RESCUE_TARGET,
281 "1", SPECIAL_RESCUE_TARGET,
d5d8429a
LP		 282 "2", SPECIAL_MULTI_USER_TARGET,
283 "3", SPECIAL_MULTI_USER_TARGET,
284 "4", SPECIAL_MULTI_USER_TARGET,
285 "5", SPECIAL_GRAPHICAL_TARGET,
f170852a 286 };
059cb385 287 int r;
f170852a 288
059cb385 289 assert(key);
5192bd19 290
059cb385 291 if (streq(key, "systemd.unit") && value) {
bf4df7c3
LP		 292
293 if (!in_initrd())
059cb385 294 return set_default_unit(value);
bf4df7c3 295
059cb385 296 } else if (streq(key, "rd.systemd.unit") && value) {
bf4df7c3 297
ca05941b
LP		 298 if (in_initrd())
299 return set_default_unit(value);
f170852a 300
059cb385 301 } else if (streq(key, "systemd.dump_core") && value) {
4fc935ca 302
059cb385 303 r = parse_boolean(value);
fb472900 304 if (r < 0)
059cb385 305 log_warning("Failed to parse dump core switch %s. Ignoring.", value);
4fc935ca 306 else
fa0f4d8a 307 arg_dump_core = r;
4fc935ca 308
059cb385 309 } else if (streq(key, "systemd.crash_shell") && value) {
4fc935ca 310
059cb385 311 r = parse_boolean(value);
fb472900 312 if (r < 0)
059cb385 313 log_warning("Failed to parse crash shell switch %s. Ignoring.", value);
4fc935ca 314 else
fa0f4d8a 315 arg_crash_shell = r;
5e7ee61c 316
059cb385 317 } else if (streq(key, "systemd.crash_chvt") && value) {
5e7ee61c 318
059cb385
LP		 319 if (safe_atoi(value, &r) < 0)
320 log_warning("Failed to parse crash chvt switch %s. Ignoring.", value);
5e7ee61c 321 else
059cb385 322 arg_crash_chvt = r;
5e7ee61c 323
059cb385 324 } else if (streq(key, "systemd.confirm_spawn") && value) {
601f6a1e 325
059cb385
LP		 326 r = parse_boolean(value);
327 if (r < 0)
328 log_warning("Failed to parse confirm spawn switch %s. Ignoring.", value);
601f6a1e 329 else
059cb385 330 arg_confirm_spawn = r;
601f6a1e 331
059cb385 332 } else if (streq(key, "systemd.show_status") && value) {
9e58ff9c 333
059cb385 334 r = parse_show_status(value, &arg_show_status);
d450b6f2 335 if (r < 0)
059cb385
LP		 336 log_warning("Failed to parse show status switch %s. Ignoring.", value);
337
338 } else if (streq(key, "systemd.default_standard_output") && value) {
0a494f1f 339
059cb385 340 r = exec_output_from_string(value);
fb472900 341 if (r < 0)
059cb385 342 log_warning("Failed to parse default standard output switch %s. Ignoring.", value);
0a494f1f
LP		 343 else
344 arg_default_std_output = r;
0a494f1f 345
059cb385
LP		 346 } else if (streq(key, "systemd.default_standard_error") && value) {
347
348 r = exec_output_from_string(value);
fb472900 349 if (r < 0)
059cb385 350 log_warning("Failed to parse default standard error switch %s. Ignoring.", value);
0a494f1f
LP		 351 else
352 arg_default_std_error = r;
9e7c5357 353
059cb385
LP		 354 } else if (streq(key, "systemd.setenv") && value) {
355
356 if (env_assignment_is_valid(value)) {
e21fea24
KS		 357 char **env;
358
059cb385 359 env = strv_env_set(arg_default_environment, value);
e21fea24
KS		 360 if (env)
361 arg_default_environment = env;
362 else
279d3c9c 363 log_warning_errno(ENOMEM, "Setting environment variable '%s' failed, ignoring: %m", value);
e21fea24 364 } else
059cb385 365 log_warning("Environment variable name '%s' is not valid. Ignoring.", value);
9e58ff9c 366
059cb385 367 } else if (streq(key, "quiet") && !value) {
d7b15e0a 368
b6e2f329 369 if (arg_show_status == _SHOW_STATUS_UNSET)
d450b6f2 370 arg_show_status = SHOW_STATUS_AUTO;
059cb385
LP		 371
372 } else if (streq(key, "debug") && !value) {
d7b15e0a 373
1de1c9c3
LP		 374 /* Note that log_parse_environment() handles 'debug'
375 * too, and sets the log level to LOG_DEBUG. */
d7b15e0a 376
b2103dcc
KS		 377 if (detect_container(NULL) > 0)
378 log_set_target(LOG_TARGET_CONSOLE);
059cb385
LP		 379
380 } else if (!in_initrd() && !value) {
f170852a
LP		 381 unsigned i;
382
383 /* SysV compatibility */
f170852a 384 for (i = 0; i < ELEMENTSOF(rlmap); i += 2)
059cb385 385 if (streq(key, rlmap[i]))
f170852a
LP		 386 return set_default_unit(rlmap[i+1]);
387 }
388
389 return 0;
390}
391
e8e581bf
ZJS		 392#define DEFINE_SETTER(name, func, descr) \
393 static int name(const char *unit, \
394 const char *filename, \
395 unsigned line, \
396 const char *section, \
71a61510 397 unsigned section_line, \
e8e581bf
ZJS		 398 const char *lvalue, \
399 int ltype, \
400 const char *rvalue, \
401 void *data, \
402 void *userdata) { \
403 \
404 int r; \
405 \
406 assert(filename); \
407 assert(lvalue); \
408 assert(rvalue); \
409 \
410 r = func(rvalue); \
411 if (r < 0) \
412 log_syntax(unit, LOG_ERR, filename, line, -r, \
413 "Invalid " descr "'%s': %s", \
414 rvalue, strerror(-r)); \
415 \
416 return 0; \
417 }
487393e9 418
e8e581bf
ZJS		 419DEFINE_SETTER(config_parse_level2, log_set_max_level_from_string, "log level")
420DEFINE_SETTER(config_parse_target, log_set_target_from_string, "target")
421DEFINE_SETTER(config_parse_color, log_show_color_from_string, "color" )
422DEFINE_SETTER(config_parse_location, log_show_location_from_string, "location")
487393e9 423
4d7213b2
LP		 424static int config_parse_cpu_affinity2(
425 const char *unit,
426 const char *filename,
427 unsigned line,
428 const char *section,
429 unsigned section_line,
430 const char *lvalue,
431 int ltype,
432 const char *rvalue,
433 void *data,
434 void *userdata) {
487393e9 435
a2a5291b 436 const char *word, *state;
487393e9 437 size_t l;
487393e9
LP		 438 cpu_set_t *c = NULL;
439 unsigned ncpus = 0;
440
441 assert(filename);
442 assert(lvalue);
443 assert(rvalue);
444
a2a5291b 445 FOREACH_WORD_QUOTED(word, l, rvalue, state) {
487393e9
LP		 446 char *t;
447 int r;
448 unsigned cpu;
449
a2a5291b 450 if (!(t = strndup(word, l)))
14212119 451 return log_oom();
487393e9
LP		 452
453 r = safe_atou(t, &cpu);
454 free(t);
455
456 if (!c)
457 if (!(c = cpu_set_malloc(&ncpus)))
14212119 458 return log_oom();
487393e9
LP		 459
460 if (r < 0 || cpu >= ncpus) {
e8e581bf
ZJS		 461 log_syntax(unit, LOG_ERR, filename, line, -r,
462 "Failed to parse CPU affinity '%s'", rvalue);
487393e9
LP		 463 CPU_FREE(c);
464 return -EBADMSG;
465 }
466
467 CPU_SET_S(cpu, CPU_ALLOC_SIZE(ncpus), c);
468 }
b2fadec6
ZJS		 469 if (!isempty(state))
470 log_syntax(unit, LOG_ERR, filename, line, EINVAL,
471 "Trailing garbage, ignoring.");
487393e9
LP		 472
473 if (c) {
474 if (sched_setaffinity(0, CPU_ALLOC_SIZE(ncpus), c) < 0)
f2341e0a 475 log_warning("Failed to set CPU affinity: %m");
487393e9
LP		 476
477 CPU_FREE(c);
478 }
479
480 return 0;
481}
482
4d7213b2
LP		 483static int config_parse_show_status(
484 const char* unit,
485 const char *filename,
486 unsigned line,
487 const char *section,
488 unsigned section_line,
489 const char *lvalue,
490 int ltype,
491 const char *rvalue,
492 void *data,
493 void *userdata) {
494
495 int k;
496 ShowStatus *b = data;
497
498 assert(filename);
499 assert(lvalue);
500 assert(rvalue);
501 assert(data);
502
503 k = parse_show_status(rvalue, b);
504 if (k < 0) {
505 log_syntax(unit, LOG_ERR, filename, line, -k,
506 "Failed to parse show status setting, ignoring: %s", rvalue);
507 return 0;
508 }
509
510 return 0;
511}
512
0c85a4f3
LP		 513static void strv_free_free(char ***l) {
514 char ***i;
515
516 if (!l)
517 return;
518
519 for (i = l; *i; i++)
520 strv_free(*i);
521
522 free(l);
523}
524
525static void free_join_controllers(void) {
0c85a4f3
LP		 526 strv_free_free(arg_join_controllers);
527 arg_join_controllers = NULL;
528}
529
e8e581bf
ZJS		 530static int config_parse_join_controllers(const char *unit,
531 const char *filename,
532 unsigned line,
533 const char *section,
71a61510 534 unsigned section_line,
e8e581bf
ZJS		 535 const char *lvalue,
536 int ltype,
537 const char *rvalue,
538 void *data,
539 void *userdata) {
0c85a4f3
LP		 540
541 unsigned n = 0;
a2a5291b 542 const char *word, *state;
0c85a4f3
LP		 543 size_t length;
544
545 assert(filename);
546 assert(lvalue);
547 assert(rvalue);
548
549 free_join_controllers();
550
a2a5291b 551 FOREACH_WORD_QUOTED(word, length, rvalue, state) {
0c85a4f3
LP		 552 char *s, **l;
553
a2a5291b 554 s = strndup(word, length);
0c85a4f3 555 if (!s)
14212119 556 return log_oom();
0c85a4f3
LP		 557
558 l = strv_split(s, ",");
559 free(s);
560
561 strv_uniq(l);
562
563 if (strv_length(l) <= 1) {
564 strv_free(l);
565 continue;
566 }
567
568 if (!arg_join_controllers) {
569 arg_join_controllers = new(char**, 2);
570 if (!arg_join_controllers) {
571 strv_free(l);
14212119 572 return log_oom();
0c85a4f3
LP		 573 }
574
575 arg_join_controllers[0] = l;
576 arg_join_controllers[1] = NULL;
577
578 n = 1;
579 } else {
580 char ***a;
581 char ***t;
582
583 t = new0(char**, n+2);
584 if (!t) {
585 strv_free(l);
14212119 586 return log_oom();
0c85a4f3
LP		 587 }
588
589 n = 0;
590
591 for (a = arg_join_controllers; *a; a++) {
592
593 if (strv_overlap(*a, l)) {
e3e45d4f 594 if (strv_extend_strv(&l, *a) < 0) {
0c85a4f3
LP		 595 strv_free(l);
596 strv_free_free(t);
14212119 597 return log_oom();
0c85a4f3
LP		 598 }
599
0c85a4f3
LP		 600 } else {
601 char **c;
602
603 c = strv_copy(*a);
604 if (!c) {
605 strv_free(l);
606 strv_free_free(t);
14212119 607 return log_oom();
0c85a4f3
LP		 608 }
609
610 t[n++] = c;
611 }
612 }
613
614 t[n++] = strv_uniq(l);
615
616 strv_free_free(arg_join_controllers);
617 arg_join_controllers = t;
618 }
619 }
b2fadec6
ZJS		 620 if (!isempty(state))
621 log_syntax(unit, LOG_ERR, filename, line, EINVAL,
622 "Trailing garbage, ignoring.");
0c85a4f3
LP		 623
624 return 0;
625}
626
487393e9
LP		 627static int parse_config_file(void) {
628
f975e971 629 const ConfigTableItem items[] = {
d3b1c508
LP		 630 { "Manager", "LogLevel", config_parse_level2, 0, NULL },
631 { "Manager", "LogTarget", config_parse_target, 0, NULL },
632 { "Manager", "LogColor", config_parse_color, 0, NULL },
633 { "Manager", "LogLocation", config_parse_location, 0, NULL },
634 { "Manager", "DumpCore", config_parse_bool, 0, &arg_dump_core },
635 { "Manager", "CrashShell", config_parse_bool, 0, &arg_crash_shell },
636 { "Manager", "ShowStatus", config_parse_show_status, 0, &arg_show_status },
637 { "Manager", "CrashChVT", config_parse_int, 0, &arg_crash_chvt },
638 { "Manager", "CPUAffinity", config_parse_cpu_affinity2, 0, NULL },
639 { "Manager", "JoinControllers", config_parse_join_controllers, 0, &arg_join_controllers },
640 { "Manager", "RuntimeWatchdogSec", config_parse_sec, 0, &arg_runtime_watchdog },
641 { "Manager", "ShutdownWatchdogSec", config_parse_sec, 0, &arg_shutdown_watchdog },
642 { "Manager", "CapabilityBoundingSet", config_parse_bounding_set, 0, &arg_capability_bounding_set_drop },
89fffa27 643#ifdef HAVE_SECCOMP
d3b1c508 644 { "Manager", "SystemCallArchitectures", config_parse_syscall_archs, 0, &arg_syscall_archs },
89fffa27 645#endif
d3b1c508 646 { "Manager", "TimerSlackNSec", config_parse_nsec, 0, &arg_timer_slack_nsec },
bd8f585b 647 { "Manager", "DefaultTimerAccuracySec", config_parse_sec, 0, &arg_default_timer_accuracy_usec },
d3b1c508
LP		 648 { "Manager", "DefaultStandardOutput", config_parse_output, 0, &arg_default_std_output },
649 { "Manager", "DefaultStandardError", config_parse_output, 0, &arg_default_std_error },
650 { "Manager", "DefaultTimeoutStartSec", config_parse_sec, 0, &arg_default_timeout_start_usec },
651 { "Manager", "DefaultTimeoutStopSec", config_parse_sec, 0, &arg_default_timeout_stop_usec },
652 { "Manager", "DefaultRestartSec", config_parse_sec, 0, &arg_default_restart_usec },
653 { "Manager", "DefaultStartLimitInterval", config_parse_sec, 0, &arg_default_start_limit_interval },
654 { "Manager", "DefaultStartLimitBurst", config_parse_unsigned, 0, &arg_default_start_limit_burst },
655 { "Manager", "DefaultEnvironment", config_parse_environ, 0, &arg_default_environment },
656 { "Manager", "DefaultLimitCPU", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CPU] },
657 { "Manager", "DefaultLimitFSIZE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_FSIZE] },
658 { "Manager", "DefaultLimitDATA", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_DATA] },
659 { "Manager", "DefaultLimitSTACK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_STACK] },
660 { "Manager", "DefaultLimitCORE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CORE] },
661 { "Manager", "DefaultLimitRSS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RSS] },
662 { "Manager", "DefaultLimitNOFILE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NOFILE] },
663 { "Manager", "DefaultLimitAS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_AS] },
664 { "Manager", "DefaultLimitNPROC", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NPROC] },
665 { "Manager", "DefaultLimitMEMLOCK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MEMLOCK] },
666 { "Manager", "DefaultLimitLOCKS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_LOCKS] },
667 { "Manager", "DefaultLimitSIGPENDING", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_SIGPENDING] },
668 { "Manager", "DefaultLimitMSGQUEUE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MSGQUEUE] },
669 { "Manager", "DefaultLimitNICE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NICE] },
670 { "Manager", "DefaultLimitRTPRIO", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTPRIO] },
671 { "Manager", "DefaultLimitRTTIME", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTTIME] },
085afe36
LP		 672 { "Manager", "DefaultCPUAccounting", config_parse_bool, 0, &arg_default_cpu_accounting },
673 { "Manager", "DefaultBlockIOAccounting", config_parse_bool, 0, &arg_default_blockio_accounting },
674 { "Manager", "DefaultMemoryAccounting", config_parse_bool, 0, &arg_default_memory_accounting },
d3b1c508 675 {}
487393e9
LP		 676 };
677
1b907b5c 678 const char *fn, *conf_dirs_nulstr;
487393e9 679
b2c23da8
LP		 680 fn = arg_running_as == MANAGER_SYSTEM ? PKGSYSCONFDIR "/system.conf" : PKGSYSCONFDIR "/user.conf";
681 conf_dirs_nulstr = arg_running_as == MANAGER_SYSTEM ? CONF_DIRS_NULSTR("systemd/system.conf") : CONF_DIRS_NULSTR("systemd/user.conf");
1b907b5c
JT		 682 config_parse_many(fn, conf_dirs_nulstr, "Manager\0",
683 config_item_table_lookup, items, false, NULL);
487393e9 684
487393e9
LP		 685 return 0;
686}
687
f170852a
LP		 688static int parse_argv(int argc, char *argv[]) {
689
690 enum {
691 ARG_LOG_LEVEL = 0x100,
692 ARG_LOG_TARGET,
bbe63281
LP		 693 ARG_LOG_COLOR,
694 ARG_LOG_LOCATION,
2f198e2f 695 ARG_UNIT,
edb9aaa8 696 ARG_SYSTEM,
af2d49f7 697 ARG_USER,
e537352b 698 ARG_TEST,
b87c2aa6 699 ARG_NO_PAGER,
9ba0bc4e 700 ARG_VERSION,
80876c20 701 ARG_DUMP_CONFIGURATION_ITEMS,
9e58ff9c
LP		 702 ARG_DUMP_CORE,
703 ARG_CRASH_SHELL,
a16e1123 704 ARG_CONFIRM_SPAWN,
9e58ff9c 705 ARG_SHOW_STATUS,
4288f619 706 ARG_DESERIALIZE,
2660882b 707 ARG_SWITCHED_ROOT,
0a494f1f
LP		 708 ARG_DEFAULT_STD_OUTPUT,
709 ARG_DEFAULT_STD_ERROR
f170852a
LP		 710 };
711
712 static const struct option options[] = {
a16e1123
LP		 713 { "log-level", required_argument, NULL, ARG_LOG_LEVEL },
714 { "log-target", required_argument, NULL, ARG_LOG_TARGET },
bbe63281
LP		 715 { "log-color", optional_argument, NULL, ARG_LOG_COLOR },
716 { "log-location", optional_argument, NULL, ARG_LOG_LOCATION },
2f198e2f 717 { "unit", required_argument, NULL, ARG_UNIT },
edb9aaa8 718 { "system", no_argument, NULL, ARG_SYSTEM },
af2d49f7 719 { "user", no_argument, NULL, ARG_USER },
a16e1123 720 { "test", no_argument, NULL, ARG_TEST },
b87c2aa6 721 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
a16e1123 722 { "help", no_argument, NULL, 'h' },
9ba0bc4e 723 { "version", no_argument, NULL, ARG_VERSION },
a16e1123 724 { "dump-configuration-items", no_argument, NULL, ARG_DUMP_CONFIGURATION_ITEMS },
a5d87bf0
LP		 725 { "dump-core", optional_argument, NULL, ARG_DUMP_CORE },
726 { "crash-shell", optional_argument, NULL, ARG_CRASH_SHELL },
727 { "confirm-spawn", optional_argument, NULL, ARG_CONFIRM_SPAWN },
6e98720f 728 { "show-status", optional_argument, NULL, ARG_SHOW_STATUS },
a16e1123 729 { "deserialize", required_argument, NULL, ARG_DESERIALIZE },
2660882b 730 { "switched-root", no_argument, NULL, ARG_SWITCHED_ROOT },
0a494f1f
LP		 731 { "default-standard-output", required_argument, NULL, ARG_DEFAULT_STD_OUTPUT, },
732 { "default-standard-error", required_argument, NULL, ARG_DEFAULT_STD_ERROR, },
fb472900 733 {}
f170852a
LP		 734 };
735
736 int c, r;
737
738 assert(argc >= 1);
739 assert(argv);
740
b770165a
LP		 741 if (getpid() == 1)
742 opterr = 0;
743
099663ff 744 while ((c = getopt_long(argc, argv, "hDbsz:", options, NULL)) >= 0)
f170852a
LP		 745
746 switch (c) {
747
748 case ARG_LOG_LEVEL:
fb472900
ZJS		 749 r = log_set_max_level_from_string(optarg);
750 if (r < 0) {
f170852a
LP		 751 log_error("Failed to parse log level %s.", optarg);
752 return r;
753 }
754
755 break;
756
757 case ARG_LOG_TARGET:
fb472900
ZJS		 758 r = log_set_target_from_string(optarg);
759 if (r < 0) {
f170852a
LP		 760 log_error("Failed to parse log target %s.", optarg);
761 return r;
762 }
763
764 break;
765
bbe63281
LP		 766 case ARG_LOG_COLOR:
767
d0b170c8 768 if (optarg) {
fb472900
ZJS		 769 r = log_show_color_from_string(optarg);
770 if (r < 0) {
d0b170c8
LP		 771 log_error("Failed to parse log color setting %s.", optarg);
772 return r;
773 }
774 } else
775 log_show_color(true);
bbe63281
LP		 776
777 break;
778
779 case ARG_LOG_LOCATION:
d0b170c8 780 if (optarg) {
fb472900
ZJS		 781 r = log_show_location_from_string(optarg);
782 if (r < 0) {
d0b170c8
LP		 783 log_error("Failed to parse log location setting %s.", optarg);
784 return r;
785 }
786 } else
787 log_show_location(true);
bbe63281
LP		 788
789 break;
790
0a494f1f 791 case ARG_DEFAULT_STD_OUTPUT:
fb472900
ZJS		 792 r = exec_output_from_string(optarg);
793 if (r < 0) {
0a494f1f
LP		 794 log_error("Failed to parse default standard output setting %s.", optarg);
795 return r;
796 } else
797 arg_default_std_output = r;
798 break;
799
800 case ARG_DEFAULT_STD_ERROR:
fb472900
ZJS		 801 r = exec_output_from_string(optarg);
802 if (r < 0) {
0a494f1f
LP		 803 log_error("Failed to parse default standard error output setting %s.", optarg);
804 return r;
805 } else
806 arg_default_std_error = r;
807 break;
808
2f198e2f 809 case ARG_UNIT:
f170852a 810
fb472900 811 r = set_default_unit(optarg);
23bbb0de
MS		 812 if (r < 0)
813 return log_error_errno(r, "Failed to set default unit %s: %m", optarg);
f170852a
LP		 814
815 break;
816
edb9aaa8 817 case ARG_SYSTEM:
b2c23da8 818 arg_running_as = MANAGER_SYSTEM;
edb9aaa8 819 break;
a5dab5ce 820
af2d49f7 821 case ARG_USER:
b2c23da8 822 arg_running_as = MANAGER_USER;
a5dab5ce 823 break;
a5dab5ce 824
e965d56d 825 case ARG_TEST:
fa0f4d8a 826 arg_action = ACTION_TEST;
b87c2aa6
ZJS		 827 if (arg_no_pager < 0)
828 arg_no_pager = true;
829 break;
830
831 case ARG_NO_PAGER:
832 arg_no_pager = true;
e965d56d
LP		 833 break;
834
9ba0bc4e
ZJS		 835 case ARG_VERSION:
836 arg_action = ACTION_VERSION;
837 break;
838
e537352b 839 case ARG_DUMP_CONFIGURATION_ITEMS:
fa0f4d8a 840 arg_action = ACTION_DUMP_CONFIGURATION_ITEMS;
e537352b
LP		 841 break;
842
9e58ff9c 843 case ARG_DUMP_CORE:
a5d87bf0
LP		 844 r = optarg ? parse_boolean(optarg) : 1;
845 if (r < 0) {
846 log_error("Failed to parse dump core boolean %s.", optarg);
847 return r;
848 }
849 arg_dump_core = r;
9e58ff9c
LP		 850 break;
851
852 case ARG_CRASH_SHELL:
a5d87bf0
LP		 853 r = optarg ? parse_boolean(optarg) : 1;
854 if (r < 0) {
855 log_error("Failed to parse crash shell boolean %s.", optarg);
856 return r;
857 }
858 arg_crash_shell = r;
9e58ff9c
LP		 859 break;
860
80876c20 861 case ARG_CONFIRM_SPAWN:
a5d87bf0
LP		 862 r = optarg ? parse_boolean(optarg) : 1;
863 if (r < 0) {
864 log_error("Failed to parse confirm spawn boolean %s.", optarg);
865 return r;
866 }
867 arg_confirm_spawn = r;
80876c20
LP		 868 break;
869
9e58ff9c 870 case ARG_SHOW_STATUS:
d450b6f2
ZJS		 871 if (optarg) {
872 r = parse_show_status(optarg, &arg_show_status);
873 if (r < 0) {
874 log_error("Failed to parse show status boolean %s.", optarg);
875 return r;
876 }
877 } else
878 arg_show_status = SHOW_STATUS_YES;
6e98720f 879 break;
a5d87bf0 880
a16e1123
LP		 881 case ARG_DESERIALIZE: {
882 int fd;
883 FILE *f;
884
01e10de3
LP		 885 r = safe_atoi(optarg, &fd);
886 if (r < 0 || fd < 0) {
a16e1123 887 log_error("Failed to parse deserialize option %s.", optarg);
01e10de3 888 return r < 0 ? r : -EINVAL;
a16e1123
LP		 889 }
890
01e10de3
LP		 891 fd_cloexec(fd, true);
892
893 f = fdopen(fd, "r");
4a62c710
MS		 894 if (!f)
895 return log_error_errno(errno, "Failed to open serialization fd: %m");
a16e1123 896
d3b1c508
LP		 897 if (arg_serialization)
898 fclose(arg_serialization);
a16e1123 899
d3b1c508 900 arg_serialization = f;
a16e1123
LP		 901
902 break;
903 }
904
2660882b 905 case ARG_SWITCHED_ROOT:
bf4df7c3 906 arg_switched_root = true;
d03bc1b8
HH		 907 break;
908
f170852a 909 case 'h':
fa0f4d8a 910 arg_action = ACTION_HELP;
b87c2aa6
ZJS		 911 if (arg_no_pager < 0)
912 arg_no_pager = true;
f170852a
LP		 913 break;
914
1d2e23ab
LP		 915 case 'D':
916 log_set_max_level(LOG_DEBUG);
917 break;
918
099663ff
LP		 919 case 'b':
920 case 's':
921 case 'z':
922 /* Just to eat away the sysvinit kernel
923 * cmdline args without getopt() error
924 * messages that we'll parse in
925 * parse_proc_cmdline_word() or ignore. */
f170852a 926
099663ff 927 case '?':
601185b4 928 if (getpid() != 1)
099663ff 929 return -EINVAL;
601185b4
ZJS		 930 else
931 return 0;
099663ff 932
601185b4
ZJS		 933 default:
934 assert_not_reached("Unhandled option code.");
f170852a
LP		 935 }
936
d821e6d6
LP		 937 if (optind < argc && getpid() != 1) {
938 /* Hmm, when we aren't run as init system
939 * let's complain about excess arguments */
940
941 log_error("Excess arguments.");
942 return -EINVAL;
943 }
944
f170852a
LP		 945 return 0;
946}
947
948static int help(void) {
949
2e33c433 950 printf("%s [OPTIONS...]\n\n"
af2d49f7 951 "Starts up and maintains the system or user services.\n\n"
e537352b 952 " -h --help Show this help\n"
e537352b 953 " --test Determine startup sequence, dump it and exit\n"
b87c2aa6 954 " --no-pager Do not pipe output into a pager\n"
80876c20 955 " --dump-configuration-items Dump understood unit configuration items\n"
9e58ff9c 956 " --unit=UNIT Set default unit\n"
edb9aaa8 957 " --system Run a system instance, even if PID != 1\n"
af2d49f7 958 " --user Run a user instance\n"
a5d87bf0
LP		 959 " --dump-core[=0|1] Dump core on crash\n"
960 " --crash-shell[=0|1] Run shell on crash\n"
961 " --confirm-spawn[=0|1] Ask for confirmation when spawning processes\n"
6e98720f 962 " --show-status[=0|1] Show status updates on the console during bootup\n"
c1dc6153 963 " --log-target=TARGET Set log target (console, journal, kmsg, journal-or-kmsg, null)\n"
9e58ff9c 964 " --log-level=LEVEL Set log level (debug, info, notice, warning, err, crit, alert, emerg)\n"
2218198b 965 " --log-color[=0|1] Highlight important log messages\n"
0a494f1f
LP		 966 " --log-location[=0|1] Include code location in log messages\n"
967 " --default-standard-output= Set default standard output for services\n"
968 " --default-standard-error= Set default standard error output for services\n",
5b6319dc 969 program_invocation_short_name);
f170852a
LP		 970
971 return 0;
972}
973
9ba0bc4e
ZJS		 974static int version(void) {
975 puts(PACKAGE_STRING);
9ba0bc4e
ZJS		 976 puts(SYSTEMD_FEATURES);
977
978 return 0;
979}
980
b3680f49 981static int prepare_reexecute(Manager *m, FILE **_f, FDSet **_fds, bool switching_root) {
a16e1123
LP		 982 FILE *f = NULL;
983 FDSet *fds = NULL;
984 int r;
985
986 assert(m);
987 assert(_f);
988 assert(_fds);
989
6b78f9b4
LP		 990 r = manager_open_serialization(m, &f);
991 if (r < 0) {
da927ba9 992 log_error_errno(r, "Failed to create serialization file: %m");
a16e1123
LP		 993 goto fail;
994 }
995
71445ae7
LP		 996 /* Make sure nothing is really destructed when we shut down */
997 m->n_reloading ++;
718db961 998 bus_manager_send_reloading(m, true);
71445ae7 999
6b78f9b4
LP		 1000 fds = fdset_new();
1001 if (!fds) {
a16e1123 1002 r = -ENOMEM;
da927ba9 1003 log_error_errno(r, "Failed to allocate fd set: %m");
a16e1123
LP		 1004 goto fail;
1005 }
1006
b3680f49 1007 r = manager_serialize(m, f, fds, switching_root);
6b78f9b4 1008 if (r < 0) {
da927ba9 1009 log_error_errno(r, "Failed to serialize state: %m");
a16e1123
LP		 1010 goto fail;
1011 }
1012
1013 if (fseeko(f, 0, SEEK_SET) < 0) {
56f64d95 1014 log_error_errno(errno, "Failed to rewind serialization fd: %m");
a16e1123
LP		 1015 goto fail;
1016 }
1017
6b78f9b4
LP		 1018 r = fd_cloexec(fileno(f), false);
1019 if (r < 0) {
da927ba9 1020 log_error_errno(r, "Failed to disable O_CLOEXEC for serialization: %m");
a16e1123
LP		 1021 goto fail;
1022 }
1023
6b78f9b4
LP		 1024 r = fdset_cloexec(fds, false);
1025 if (r < 0) {
da927ba9 1026 log_error_errno(r, "Failed to disable O_CLOEXEC for serialization fds: %m");
a16e1123
LP		 1027 goto fail;
1028 }
1029
1030 *_f = f;
1031 *_fds = fds;
1032
1033 return 0;
1034
1035fail:
1036 fdset_free(fds);
1037
1038 if (f)
1039 fclose(f);
1040
1041 return r;
1042}
1043
4096d6f5
LP		 1044static int bump_rlimit_nofile(struct rlimit *saved_rlimit) {
1045 struct rlimit nl;
1046 int r;
1047
1048 assert(saved_rlimit);
1049
1050 /* Save the original RLIMIT_NOFILE so that we can reset it
1051 * later when transitioning from the initrd to the main
1052 * systemd or suchlike. */
4a62c710
MS		 1053 if (getrlimit(RLIMIT_NOFILE, saved_rlimit) < 0)
1054 return log_error_errno(errno, "Reading RLIMIT_NOFILE failed: %m");
4096d6f5
LP		 1055
1056 /* Make sure forked processes get the default kernel setting */
1057 if (!arg_default_rlimit[RLIMIT_NOFILE]) {
1058 struct rlimit *rl;
1059
1060 rl = newdup(struct rlimit, saved_rlimit, 1);
1061 if (!rl)
1062 return log_oom();
1063
1064 arg_default_rlimit[RLIMIT_NOFILE] = rl;
1065 }
1066
1067 /* Bump up the resource limit for ourselves substantially */
1068 nl.rlim_cur = nl.rlim_max = 64*1024;
1069 r = setrlimit_closest(RLIMIT_NOFILE, &nl);
23bbb0de
MS		 1070 if (r < 0)
1071 return log_error_errno(r, "Setting RLIMIT_NOFILE failed: %m");
4096d6f5
LP		 1072
1073 return 0;
1074}
1075
6ee5bbf8 1076static void test_mtab(void) {
6ee5bbf8 1077
5b4c0131
LP		 1078 static const char ok[] =
1079 "/proc/self/mounts\0"
1080 "/proc/mounts\0"
1081 "../proc/self/mounts\0"
1082 "../proc/mounts\0";
80758717 1083
5b4c0131
LP		 1084 _cleanup_free_ char *p = NULL;
1085 int r;
6ee5bbf8 1086
5b4c0131
LP		 1087 /* Check that /etc/mtab is a symlink to the right place or
1088 * non-existing. But certainly not a file, or a symlink to
1089 * some weird place... */
6ee5bbf8 1090
5b4c0131
LP		 1091 r = readlink_malloc("/etc/mtab", &p);
1092 if (r == -ENOENT)
1093 return;
1094 if (r >= 0 && nulstr_contains(ok, p))
1095 return;
6ee5bbf8 1096
80758717
LP		 1097 log_warning("/etc/mtab is not a symlink or not pointing to /proc/self/mounts. "
1098 "This is not supported anymore. "
1099 "Please make sure to replace this file by a symlink to avoid incorrect or misleading mount(8) output.");
1100}
1101
1102static void test_usr(void) {
80758717 1103
ed1c99fc 1104 /* Check that /usr is not a separate fs */
80758717 1105
871c44a7
LP		 1106 if (dir_is_empty("/usr") <= 0)
1107 return;
1108
8b173b5e 1109 log_warning("/usr appears to be on its own filesystem and is not already mounted. This is not a supported setup. "
871c44a7
LP		 1110 "Some things will probably break (sometimes even silently) in mysterious ways. "
1111 "Consult http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken for more information.");
1112}
1113
a07fdfa3
LP		 1114static int initialize_join_controllers(void) {
1115 /* By default, mount "cpu" + "cpuacct" together, and "net_cls"
1116 * + "net_prio". We'd like to add "cpuset" to the mix, but
f131770b 1117 * "cpuset" doesn't really work for groups with no initialized
a07fdfa3
LP		 1118 * attributes. */
1119
1120 arg_join_controllers = new(char**, 3);
1121 if (!arg_join_controllers)
1122 return -ENOMEM;
1123
1124 arg_join_controllers[0] = strv_new("cpu", "cpuacct", NULL);
a07fdfa3 1125 arg_join_controllers[1] = strv_new("net_cls", "net_prio", NULL);
a6b26d90
ZJS		 1126 arg_join_controllers[2] = NULL;
1127
1128 if (!arg_join_controllers[0] || !arg_join_controllers[1]) {
1129 free_join_controllers();
a07fdfa3 1130 return -ENOMEM;
a6b26d90 1131 }
a07fdfa3 1132
a07fdfa3
LP		 1133 return 0;
1134}
1135
d3b1c508
LP		 1136static int enforce_syscall_archs(Set *archs) {
1137#ifdef HAVE_SECCOMP
1138 scmp_filter_ctx *seccomp;
1139 Iterator i;
1140 void *id;
1141 int r;
1142
1143 seccomp = seccomp_init(SCMP_ACT_ALLOW);
1144 if (!seccomp)
1145 return log_oom();
1146
1147 SET_FOREACH(id, arg_syscall_archs, i) {
1148 r = seccomp_arch_add(seccomp, PTR_TO_UINT32(id) - 1);
1149 if (r == -EEXIST)
1150 continue;
1151 if (r < 0) {
da927ba9 1152 log_error_errno(r, "Failed to add architecture to seccomp: %m");
d3b1c508
LP		 1153 goto finish;
1154 }
1155 }
1156
8a8bf3c0
LP		 1157 r = seccomp_attr_set(seccomp, SCMP_FLTATR_CTL_NNP, 0);
1158 if (r < 0) {
da927ba9 1159 log_error_errno(r, "Failed to unset NO_NEW_PRIVS: %m");
8a8bf3c0
LP		 1160 goto finish;
1161 }
1162
d3b1c508
LP		 1163 r = seccomp_load(seccomp);
1164 if (r < 0)
da927ba9 1165 log_error_errno(r, "Failed to add install architecture seccomp: %m");
d3b1c508
LP		 1166
1167finish:
1168 seccomp_release(seccomp);
1169 return r;
1170#else
1171 return 0;
1172#endif
1173}
1174
b6e2f329
LP		 1175static int status_welcome(void) {
1176 _cleanup_free_ char *pretty_name = NULL, *ansi_color = NULL;
1177 int r;
1178
1179 r = parse_env_file("/etc/os-release", NEWLINE,
1180 "PRETTY_NAME", &pretty_name,
1181 "ANSI_COLOR", &ansi_color,
1182 NULL);
5ae4d543
LP		 1183 if (r == -ENOENT) {
1184 r = parse_env_file("/usr/lib/os-release", NEWLINE,
1185 "PRETTY_NAME", &pretty_name,
1186 "ANSI_COLOR", &ansi_color,
1187 NULL);
1188 }
b6e2f329
LP		 1189
1190 if (r < 0 && r != -ENOENT)
da927ba9 1191 log_warning_errno(r, "Failed to read os-release file: %m");
b6e2f329
LP		 1192
1193 return status_printf(NULL, false, false,
1194 "\nWelcome to \x1B[%sm%s\x1B[0m!\n",
1195 isempty(ansi_color) ? "1" : ansi_color,
1196 isempty(pretty_name) ? "Linux" : pretty_name);
1197}
1198
fdd25311
LP		 1199static int write_container_id(void) {
1200 const char *c;
1201
1202 c = getenv("container");
1203 if (isempty(c))
1204 return 0;
1205
1206 return write_string_file("/run/systemd/container", c);
1207}
1208
60918275
LP		 1209int main(int argc, char *argv[]) {
1210 Manager *m = NULL;
22f4096c 1211 int r, retval = EXIT_FAILURE;
9d76d730
LP		 1212 usec_t before_startup, after_startup;
1213 char timespan[FORMAT_TIMESPAN_MAX];
a16e1123
LP		 1214 FDSet *fds = NULL;
1215 bool reexecute = false;
b9080b03 1216 const char *shutdown_verb = NULL;
86caf095
LP		 1217 dual_timestamp initrd_timestamp = DUAL_TIMESTAMP_NULL;
1218 dual_timestamp userspace_timestamp = DUAL_TIMESTAMP_NULL;
1219 dual_timestamp kernel_timestamp = DUAL_TIMESTAMP_NULL;
1220 dual_timestamp security_start_timestamp = DUAL_TIMESTAMP_NULL;
1221 dual_timestamp security_finish_timestamp = DUAL_TIMESTAMP_NULL;
5d6b1584 1222 static char systemd[] = "systemd";
2660882b 1223 bool skip_setup = false;
d3b1c508 1224 unsigned j;
0b3325e7 1225 bool loaded_policy = false;
e96d6be7 1226 bool arm_reboot_watchdog = false;
bf4df7c3 1227 bool queue_default_job = false;
5f5c2f38 1228 bool empty_etc = false;
41669317 1229 char *switch_root_dir = NULL, *switch_root_init = NULL;
86caf095 1230 struct rlimit saved_rlimit_nofile = RLIMIT_MAKE_CONST(0);
cb6531be 1231 const char *error_message = NULL;
27b14a22 1232
058dc6f3 1233#ifdef HAVE_SYSV_COMPAT
2cb1a60d 1234 if (getpid() != 1 && strstr(program_invocation_short_name, "init")) {
35b8ca3a 1235 /* This is compatibility support for SysV, where
2cb1a60d
LP		 1236 * calling init as a user is identical to telinit. */
1237
1238 errno = -ENOENT;
1239 execv(SYSTEMCTL_BINARY_PATH, argv);
56f64d95 1240 log_error_errno(errno, "Failed to exec " SYSTEMCTL_BINARY_PATH ": %m");
2cb1a60d
LP		 1241 return 1;
1242 }
058dc6f3 1243#endif
2cb1a60d 1244
c3a170f3
HH		 1245 dual_timestamp_from_monotonic(&kernel_timestamp, 0);
1246 dual_timestamp_get(&userspace_timestamp);
1247
0b3325e7
LP		 1248 /* Determine if this is a reexecution or normal bootup. We do
1249 * the full command line parsing much later, so let's just
1250 * have a quick peek here. */
db813c2a
LP		 1251 if (strv_find(argv+1, "--deserialize"))
1252 skip_setup = true;
0b3325e7 1253
2660882b
LP		 1254 /* If we have switched root, do all the special setup
1255 * things */
db813c2a
LP		 1256 if (strv_find(argv+1, "--switched-root"))
1257 skip_setup = false;
d03bc1b8 1258
f3b6a3ed
LP		 1259 /* If we get started via the /sbin/init symlink then we are
1260 called 'init'. After a subsequent reexecution we are then
1261 called 'systemd'. That is confusing, hence let's call us
1262 systemd right-away. */
f3b6a3ed
LP		 1263 program_invocation_short_name = systemd;
1264 prctl(PR_SET_NAME, systemd);
5d6b1584 1265
9a0e6896
LP		 1266 saved_argv = argv;
1267 saved_argc = argc;
f3b6a3ed 1268
2cc59dbf 1269 log_show_color(isatty(STDERR_FILENO) > 0);
c1dc6153 1270 log_set_upgrade_syslog_to_journal(true);
bbe63281 1271
90dc8c2e
MG		 1272 /* Disable the umask logic */
1273 if (getpid() == 1)
1274 umask(0);
1275
a866073d 1276 if (getpid() == 1 && detect_container(NULL) <= 0) {
4f8d551f 1277
a866073d 1278 /* Running outside of a container as PID 1 */
b2c23da8 1279 arg_running_as = MANAGER_SYSTEM;
a866073d
LP		 1280 make_null_stdio();
1281 log_set_target(LOG_TARGET_KMSG);
1282 log_open();
1283
21bf2ab0 1284 if (in_initrd())
c3a170f3 1285 initrd_timestamp = userspace_timestamp;
c3ba6250 1286
2660882b 1287 if (!skip_setup) {
8f838d8a 1288 mount_setup_early();
c2e0d600 1289 dual_timestamp_get(&security_start_timestamp);
cb6531be
ZJS		 1290 if (mac_selinux_setup(&loaded_policy) < 0) {
1291 error_message = "Failed to load SELinux policy";
0b3325e7 1292 goto finish;
cb6531be
ZJS		 1293 } else if (ima_setup() < 0) {
1294 error_message = "Failed to load IMA policy";
81611586 1295 goto finish;
cb6531be
ZJS		 1296 } else if (mac_smack_setup(&loaded_policy) < 0) {
1297 error_message = "Failed to load SMACK policy";
ffbd2c4d 1298 goto finish;
cb6531be 1299 }
c2e0d600 1300 dual_timestamp_get(&security_finish_timestamp);
81611586 1301 }
0b3325e7 1302
cb6531be
ZJS		 1303 if (mac_selinux_init(NULL) < 0) {
1304 error_message = "Failed to initialize SELinux policy";
0ff4cdd9 1305 goto finish;
cb6531be 1306 }
7948c4df 1307
72edcff5 1308 if (!skip_setup) {
24efb112 1309 if (clock_is_localtime() > 0) {
0b3325e7 1310 int min;
7948c4df 1311
c264aeab
KS		 1312 /*
1313 * The very first call of settimeofday() also does a time warp in the kernel.
1314 *
1315 * In the rtc-in-local time mode, we set the kernel's timezone, and rely on
1316 * external tools to take care of maintaining the RTC and do all adjustments.
1317 * This matches the behavior of Windows, which leaves the RTC alone if the
1318 * registry tells that the RTC runs in UTC.
1319 */
24efb112 1320 r = clock_set_timezone(&min);
0b3325e7 1321 if (r < 0)
da927ba9 1322 log_error_errno(r, "Failed to apply local time delta, ignoring: %m");
0b3325e7
LP		 1323 else
1324 log_info("RTC configured in localtime, applying delta of %i minutes to system time.", min);
19e65613
KS		 1325 } else if (!in_initrd()) {
1326 /*
c264aeab 1327 * Do a dummy very first call to seal the kernel's time warp magic.
19e65613
KS		 1328 *
1329 * Do not call this this from inside the initrd. The initrd might not
1330 * carry /etc/adjtime with LOCAL, but the real system could be set up
1331 * that way. In such case, we need to delay the time-warp or the sealing
1332 * until we reach the real system.
c264aeab
KS		 1333 *
1334 * Do no set the kernel's timezone. The concept of local time cannot
1335 * be supported reliably, the time will jump or be incorrect at every daylight
1336 * saving time change. All kernel local time concepts will be treated
1337 * as UTC that way.
19e65613 1338 */
c264aeab 1339 clock_reset_timewarp();
72edcff5
KS		 1340 }
1341 }
a866073d
LP		 1342
1343 /* Set the default for later on, but don't actually
1344 * open the logs like this for now. Note that if we
1345 * are transitioning from the initrd there might still
1346 * be journal fd open, and we shouldn't attempt
1347 * opening that before we parsed /proc/cmdline which
1348 * might redirect output elsewhere. */
1349 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
1350
1351 } else if (getpid() == 1) {
a866073d 1352 /* Running inside a container, as PID 1 */
b2c23da8 1353 arg_running_as = MANAGER_SYSTEM;
a866073d 1354 log_set_target(LOG_TARGET_CONSOLE);
99f09825 1355 log_close_console(); /* force reopen of /dev/console */
a866073d
LP		 1356 log_open();
1357
1358 /* For the later on, see above... */
1359 log_set_target(LOG_TARGET_JOURNAL);
1360
c3a170f3
HH		 1361 /* clear the kernel timestamp,
1362 * because we are in a container */
1363 kernel_timestamp.monotonic = 0ULL;
1364 kernel_timestamp.realtime = 0ULL;
a866073d 1365
c3a170f3 1366 } else {
a866073d 1367 /* Running as user instance */
b2c23da8 1368 arg_running_as = MANAGER_USER;
eeecf6e6 1369 log_set_target(LOG_TARGET_AUTO);
871e5809 1370 log_open();
c3a170f3
HH		 1371
1372 /* clear the kernel timestamp,
1373 * because we are not PID 1 */
1374 kernel_timestamp.monotonic = 0ULL;
1375 kernel_timestamp.realtime = 0ULL;
bbe63281 1376 }
a5dab5ce 1377
0c85a4f3 1378 /* Initialize default unit */
6afa301b
LP		 1379 r = set_default_unit(SPECIAL_DEFAULT_TARGET);
1380 if (r < 0) {
da927ba9 1381 log_emergency_errno(r, "Failed to set default unit %s: %m", SPECIAL_DEFAULT_TARGET);
cb6531be 1382 error_message = "Failed to set default unit";
f170852a 1383 goto finish;
14212119 1384 }
60918275 1385
a07fdfa3 1386 r = initialize_join_controllers();
cb6531be 1387 if (r < 0) {
ff9b60f3 1388 error_message = "Failed to initialize cgroup controllers";
0c85a4f3 1389 goto finish;
cb6531be 1390 }
0c85a4f3 1391
f170852a
LP		 1392 /* Mount /proc, /sys and friends, so that /proc/cmdline and
1393 * /proc/$PID/fd is available. */
c1dae1b3 1394 if (getpid() == 1) {
f84f9974
LP		 1395
1396 /* Load the kernel modules early, so that we kdbus.ko is loaded before kdbusfs shall be mounted */
2e75e2a8
DM		 1397 if (!skip_setup)
1398 kmod_setup();
2e75e2a8 1399
0c85a4f3 1400 r = mount_setup(loaded_policy);
cb6531be
ZJS		 1401 if (r < 0) {
1402 error_message = "Failed to mount API filesystems";
8efe3c01 1403 goto finish;
cb6531be 1404 }
0c85a4f3 1405 }
4ade7963
LP		 1406
1407 /* Reset all signal handlers. */
1408 assert_se(reset_all_signal_handlers() == 0);
1409
9a34ec5f 1410 ignore_signals(SIGNALS_IGNORE, -1);
078e4539 1411
cb6531be
ZJS		 1412 if (parse_config_file() < 0) {
1413 error_message = "Failed to parse config file";
487393e9 1414 goto finish;
cb6531be 1415 }
487393e9 1416
b2c23da8 1417 if (arg_running_as == MANAGER_SYSTEM) {
b5884878
LP		 1418 r = parse_proc_cmdline(parse_proc_cmdline_item);
1419 if (r < 0)
da927ba9 1420 log_warning_errno(r, "Failed to parse kernel command line, ignoring: %m");
b5884878 1421 }
f170852a 1422
1de1c9c3
LP		 1423 /* Note that this also parses bits from the kernel command
1424 * line, including "debug". */
f170852a
LP		 1425 log_parse_environment();
1426
cb6531be
ZJS		 1427 if (parse_argv(argc, argv) < 0) {
1428 error_message = "Failed to parse commandline arguments";
f170852a 1429 goto finish;
cb6531be 1430 }
f170852a 1431
6bae23a0
TB		 1432 if (arg_action == ACTION_TEST &&
1433 geteuid() == 0) {
b5c6cf87
LP		 1434 log_error("Don't run test mode as root.");
1435 goto finish;
1436 }
1437
b2c23da8 1438 if (arg_running_as == MANAGER_USER &&
6bae23a0
TB		 1439 arg_action == ACTION_RUN &&
1440 sd_booted() <= 0) {
1441 log_error("Trying to run as user instance, but the system has not been booted with systemd.");
1442 goto finish;
1443 }
1444
b2c23da8 1445 if (arg_running_as == MANAGER_SYSTEM &&
fe783b03
LP		 1446 arg_action == ACTION_RUN &&
1447 running_in_chroot() > 0) {
1448 log_error("Cannot be run in a chroot() environment.");
1449 goto finish;
1450 }
1451
0d8c31ff
ZJS		 1452 if (arg_action == ACTION_TEST)
1453 skip_setup = true;
1454
b87c2aa6
ZJS		 1455 pager_open_if_enabled();
1456
fa0f4d8a 1457 if (arg_action == ACTION_HELP) {
f170852a
LP		 1458 retval = help();
1459 goto finish;
9ba0bc4e
ZJS		 1460 } else if (arg_action == ACTION_VERSION) {
1461 retval = version();
1462 goto finish;
fa0f4d8a 1463 } else if (arg_action == ACTION_DUMP_CONFIGURATION_ITEMS) {
e537352b 1464 unit_dump_config_items(stdout);
22f4096c 1465 retval = EXIT_SUCCESS;
e537352b 1466 goto finish;
fa0f4d8a 1467 } else if (arg_action == ACTION_DONE) {
22f4096c 1468 retval = EXIT_SUCCESS;
4288f619 1469 goto finish;
f170852a
LP		 1470 }
1471
b2c23da8 1472 if (arg_running_as == MANAGER_USER &&
8be28fb1
KS		 1473 !getenv("XDG_RUNTIME_DIR")) {
1474 log_error("Trying to run as user instance, but $XDG_RUNTIME_DIR is not set.");
1475 goto finish;
1476 }
1477
fa0f4d8a 1478 assert_se(arg_action == ACTION_RUN || arg_action == ACTION_TEST);
f170852a 1479
871e5809
LP		 1480 /* Close logging fds, in order not to confuse fdset below */
1481 log_close();
1482
a16e1123 1483 /* Remember open file descriptors for later deserialization */
01e10de3
LP		 1484 r = fdset_new_fill(&fds);
1485 if (r < 0) {
da927ba9 1486 log_emergency_errno(r, "Failed to allocate fd set: %m");
cb6531be 1487 error_message = "Failed to allocate fd set";
01e10de3
LP		 1488 goto finish;
1489 } else
1490 fdset_cloexec(fds, true);
a16e1123 1491
d3b1c508
LP		 1492 if (arg_serialization)
1493 assert_se(fdset_remove(fds, fileno(arg_serialization)) >= 0);
a16e1123 1494
b2c23da8 1495 if (arg_running_as == MANAGER_SYSTEM)
80876c20
LP		 1496 /* Become a session leader if we aren't one yet. */
1497 setsid();
4ade7963 1498
befb5b6a 1499 /* Move out of the way, so that we won't block unmounts */
d250afe7 1500 assert_se(chdir("/") == 0);
befb5b6a 1501
2146621b
LP		 1502 /* Reset the console, but only if this is really init and we
1503 * are freshly booted */
b2c23da8 1504 if (arg_running_as == MANAGER_SYSTEM && arg_action == ACTION_RUN) {
56d96fc0
LP		 1505
1506 /* If we are init, we connect stdin/stdout/stderr to
1507 * /dev/null and make sure we don't have a controlling
1508 * tty. */
1509 release_terminal();
1510
1511 if (getpid() == 1 && !skip_setup)
1512 console_setup();
1513 }
4ade7963 1514
18149b9f 1515 /* Open the logging devices, if possible and necessary */
843d2643 1516 log_open();
4ade7963 1517
b6e2f329
LP		 1518 if (arg_show_status == _SHOW_STATUS_UNSET)
1519 arg_show_status = SHOW_STATUS_YES;
1520
5373d602
LP		 1521 /* Make sure we leave a core dump without panicing the
1522 * kernel. */
ab422445 1523 if (getpid() == 1) {
4fc935ca 1524 install_crash_handler();
97c4f35c 1525
0c85a4f3
LP		 1526 r = mount_cgroup_controllers(arg_join_controllers);
1527 if (r < 0)
1528 goto finish;
1529 }
1530
b2c23da8 1531 if (arg_running_as == MANAGER_SYSTEM) {
c20f5ac7
LP		 1532 const char *virtualization = NULL;
1533
0d8c31ff
ZJS		 1534 log_info(PACKAGE_STRING " running in %ssystem mode. (" SYSTEMD_FEATURES ")",
1535 arg_action == ACTION_TEST ? "test " : "" );
c20f5ac7
LP		 1536
1537 detect_virtualization(&virtualization);
1538 if (virtualization)
d3f86679 1539 log_info("Detected virtualization %s.", virtualization);
c20f5ac7 1540
fdd25311
LP		 1541 write_container_id();
1542
d3f86679 1543 log_info("Detected architecture %s.", architecture_to_string(uname_architecture()));
d9d93745 1544
26a1efdf
LP		 1545 if (in_initrd())
1546 log_info("Running in initial RAM disk.");
1547
3408ba01
LP		 1548 /* Let's check whether /etc is already populated. We
1549 * don't actually really check for that, but use
1550 * /etc/machine-id as flag file. This allows container
1551 * managers and installers to provision a couple of
1552 * files already. If the container manager wants to
1553 * provision the machine ID itself it should pass
ee33e53a 1554 * $container_uuid to PID 1. */
3408ba01 1555
baa1bdf7 1556 empty_etc = access("/etc/machine-id", F_OK) < 0;
5f5c2f38
LP		 1557 if (empty_etc)
1558 log_info("Running with unpopulated /etc.");
d8160f21 1559 } else {
1f97091d
LP		 1560 _cleanup_free_ char *t;
1561
1562 t = uid_to_name(getuid());
0d8c31ff
ZJS		 1563 log_debug(PACKAGE_STRING " running in %suser mode for user "UID_FMT"/%s. (" SYSTEMD_FEATURES ")",
1564 arg_action == ACTION_TEST ? " test" : "", getuid(), t);
d8160f21 1565 }
a5dab5ce 1566
b2c23da8 1567 if (arg_running_as == MANAGER_SYSTEM && !skip_setup) {
031886ed 1568 if (arg_show_status > 0)
888c6216
LP		 1569 status_welcome();
1570
888c6216 1571 hostname_setup();
489388fb 1572 machine_id_setup(NULL);
888c6216 1573 loopback_setup();
490aed58 1574
6ee5bbf8 1575 test_mtab();
80758717 1576 test_usr();
af5bc85d 1577 }
302e8c4c 1578
b2c23da8 1579 if (arg_running_as == MANAGER_SYSTEM && arg_runtime_watchdog > 0)
e96d6be7
LP		 1580 watchdog_set_timeout(&arg_runtime_watchdog);
1581
3a43da28 1582 if (arg_timer_slack_nsec != NSEC_INFINITY)
aa0f64ac 1583 if (prctl(PR_SET_TIMERSLACK, arg_timer_slack_nsec) < 0)
56f64d95 1584 log_error_errno(errno, "Failed to adjust timer slack: %m");
aa0f64ac 1585
ec8927ca 1586 if (arg_capability_bounding_set_drop) {
31c885e9 1587 r = capability_bounding_set_drop_usermode(arg_capability_bounding_set_drop);
ec8927ca 1588 if (r < 0) {
da927ba9 1589 log_emergency_errno(r, "Failed to drop capability bounding set of usermode helpers: %m");
cb6531be 1590 error_message = "Failed to drop capability bounding set of usermode helpers";
ec8927ca
LP		 1591 goto finish;
1592 }
31c885e9 1593 r = capability_bounding_set_drop(arg_capability_bounding_set_drop, true);
939b8f14 1594 if (r < 0) {
da927ba9 1595 log_emergency_errno(r, "Failed to drop capability bounding set: %m");
cb6531be 1596 error_message = "Failed to drop capability bounding set";
939b8f14
LP		 1597 goto finish;
1598 }
ec8927ca
LP		 1599 }
1600
d3b1c508
LP		 1601 if (arg_syscall_archs) {
1602 r = enforce_syscall_archs(arg_syscall_archs);
cb6531be
ZJS		 1603 if (r < 0) {
1604 error_message = "Failed to set syscall architectures";
d3b1c508 1605 goto finish;
cb6531be 1606 }
d3b1c508
LP		 1607 }
1608
b2c23da8 1609 if (arg_running_as == MANAGER_USER) {
d4447f4d 1610 /* Become reaper of our children */
8b8ffe68 1611 if (prctl(PR_SET_CHILD_SUBREAPER, 1) < 0) {
56f64d95 1612 log_warning_errno(errno, "Failed to make us a subreaper: %m");
8b8ffe68 1613 if (errno == EINVAL)
ddfa5101 1614 log_info("Perhaps the kernel version is too old (< 3.4?)");
8b8ffe68 1615 }
d4447f4d
AK		 1616 }
1617
b2c23da8 1618 if (arg_running_as == MANAGER_SYSTEM) {
4096d6f5
LP		 1619 bump_rlimit_nofile(&saved_rlimit_nofile);
1620
5f5c2f38 1621 if (empty_etc) {
304b3079 1622 r = unit_file_preset_all(UNIT_FILE_SYSTEM, false, NULL, UNIT_FILE_PRESET_ENABLE_ONLY, false, NULL, 0);
5f5c2f38 1623 if (r < 0)
da927ba9 1624 log_warning_errno(r, "Failed to populate /etc with preset unit settings, ignoring: %m");
5f5c2f38
LP		 1625 else
1626 log_info("Populated /etc with preset unit settings.");
1627 }
1628 }
1629
0d8c31ff 1630 r = manager_new(arg_running_as, arg_action == ACTION_TEST, &m);
e96d6be7 1631 if (r < 0) {
da927ba9 1632 log_emergency_errno(r, "Failed to allocate manager object: %m");
cb6531be 1633 error_message = "Failed to allocate manager object";
60918275
LP		 1634 goto finish;
1635 }
1636
9e58ff9c 1637 m->confirm_spawn = arg_confirm_spawn;
bd8f585b 1638 m->default_timer_accuracy_usec = arg_default_timer_accuracy_usec;
0a494f1f
LP		 1639 m->default_std_output = arg_default_std_output;
1640 m->default_std_error = arg_default_std_error;
1f19a534
OS		 1641 m->default_restart_usec = arg_default_restart_usec;
1642 m->default_timeout_start_usec = arg_default_timeout_start_usec;
1643 m->default_timeout_stop_usec = arg_default_timeout_stop_usec;
3f41e1e5
LN		 1644 m->default_start_limit_interval = arg_default_start_limit_interval;
1645 m->default_start_limit_burst = arg_default_start_limit_burst;
085afe36
LP		 1646 m->default_cpu_accounting = arg_default_cpu_accounting;
1647 m->default_blockio_accounting = arg_default_blockio_accounting;
1648 m->default_memory_accounting = arg_default_memory_accounting;
e96d6be7
LP		 1649 m->runtime_watchdog = arg_runtime_watchdog;
1650 m->shutdown_watchdog = arg_shutdown_watchdog;
2928b0a8 1651
c3a170f3
HH		 1652 m->userspace_timestamp = userspace_timestamp;
1653 m->kernel_timestamp = kernel_timestamp;
c3a170f3 1654 m->initrd_timestamp = initrd_timestamp;
c2e0d600
TA		 1655 m->security_start_timestamp = security_start_timestamp;
1656 m->security_finish_timestamp = security_finish_timestamp;
9e58ff9c 1657
c93ff2e9 1658 manager_set_default_rlimits(m, arg_default_rlimit);
b6e2f329 1659 manager_environment_add(m, NULL, arg_default_environment);
27d340c7 1660 manager_set_show_status(m, arg_show_status);
e2680723 1661 manager_set_first_boot(m, empty_etc);
27d340c7 1662
bf4df7c3 1663 /* Remember whether we should queue the default job */
d3b1c508 1664 queue_default_job = !arg_serialization || arg_switched_root;
bf4df7c3 1665
9d76d730
LP		 1666 before_startup = now(CLOCK_MONOTONIC);
1667
d3b1c508 1668 r = manager_startup(m, arg_serialization, fds);
e96d6be7 1669 if (r < 0)
da927ba9 1670 log_error_errno(r, "Failed to fully start up daemon: %m");
a16e1123 1671
bf4df7c3
LP		 1672 /* This will close all file descriptors that were opened, but
1673 * not claimed by any unit. */
01e10de3 1674 fdset_free(fds);
6c081276 1675 fds = NULL;
f50e0a01 1676
d3b1c508
LP		 1677 if (arg_serialization) {
1678 fclose(arg_serialization);
1679 arg_serialization = NULL;
bf4df7c3
LP		 1680 }
1681
1682 if (queue_default_job) {
718db961 1683 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1c27d3f3 1684 Unit *target = NULL;
bacbccb7 1685 Job *default_unit_job;
398ef8ba 1686
fa0f4d8a 1687 log_debug("Activating default unit: %s", arg_default_unit);
a16e1123 1688
e96d6be7 1689 r = manager_load_unit(m, arg_default_unit, NULL, &error, &target);
718db961
LP		 1690 if (r < 0)
1691 log_error("Failed to load default target: %s", bus_error_message(&error, r));
1692 else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND)
c33b3297 1693 log_error_errno(target->load_error, "Failed to load default target: %m");
ac155bb8 1694 else if (target->load_state == UNIT_MASKED)
6daf4f90 1695 log_error("Default target masked.");
27b14a22 1696
ac155bb8 1697 if (!target || target->load_state != UNIT_LOADED) {
a16e1123 1698 log_info("Trying to load rescue target...");
1c27d3f3 1699
e96d6be7
LP		 1700 r = manager_load_unit(m, SPECIAL_RESCUE_TARGET, NULL, &error, &target);
1701 if (r < 0) {
4104970e 1702 log_emergency("Failed to load rescue target: %s", bus_error_message(&error, r));
cb6531be 1703 error_message = "Failed to load rescue target";
a16e1123 1704 goto finish;
11ddb6f4 1705 } else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND) {
c33b3297 1706 log_emergency_errno(target->load_error, "Failed to load rescue target: %m");
cb6531be 1707 error_message = "Failed to load rescue target";
1c27d3f3 1708 goto finish;
ac155bb8 1709 } else if (target->load_state == UNIT_MASKED) {
4104970e 1710 log_emergency("Rescue target masked.");
cb6531be 1711 error_message = "Rescue target masked";
00dc5d76 1712 goto finish;
a16e1123
LP		 1713 }
1714 }
37d88da7 1715
ac155bb8 1716 assert(target->load_state == UNIT_LOADED);
00dc5d76 1717
fa0f4d8a 1718 if (arg_action == ACTION_TEST) {
40d50879 1719 printf("-> By units:\n");
a16e1123
LP		 1720 manager_dump_units(m, stdout, "\t");
1721 }
1722
95f1b47d 1723 r = manager_add_job(m, JOB_START, target, JOB_ISOLATE, false, &error, &default_unit_job);
ab17a050 1724 if (r == -EPERM) {
718db961 1725 log_debug("Default target could not be isolated, starting instead: %s", bus_error_message(&error, r));
ab17a050
LP		 1726
1727 r = manager_add_job(m, JOB_START, target, JOB_REPLACE, false, &error, &default_unit_job);
1728 if (r < 0) {
4104970e 1729 log_emergency("Failed to start default target: %s", bus_error_message(&error, r));
cb6531be 1730 error_message = "Failed to start default target";
ab17a050
LP		 1731 goto finish;
1732 }
1733 } else if (r < 0) {
4104970e 1734 log_emergency("Failed to isolate default target: %s", bus_error_message(&error, r));
cb6531be 1735 error_message = "Failed to isolate default target";
37d88da7
LP		 1736 goto finish;
1737 }
ab17a050 1738
bacbccb7 1739 m->default_unit_job_id = default_unit_job->id;
60918275 1740
07672f49
LP		 1741 after_startup = now(CLOCK_MONOTONIC);
1742 log_full(arg_action == ACTION_TEST ? LOG_INFO : LOG_DEBUG,
1743 "Loaded units and determined initial transaction in %s.",
fdb14b7e 1744 format_timespan(timespan, sizeof(timespan), after_startup - before_startup, 100 * USEC_PER_MSEC));
07672f49 1745
fa0f4d8a 1746 if (arg_action == ACTION_TEST) {
40d50879 1747 printf("-> By jobs:\n");
a16e1123 1748 manager_dump_jobs(m, stdout, "\t");
22f4096c 1749 retval = EXIT_SUCCESS;
a16e1123
LP		 1750 goto finish;
1751 }
e965d56d 1752 }
d46de8a1 1753
a16e1123 1754 for (;;) {
e96d6be7
LP		 1755 r = manager_loop(m);
1756 if (r < 0) {
da927ba9 1757 log_emergency_errno(r, "Failed to run main loop: %m");
cb6531be 1758 error_message = "Failed to run main loop";
a16e1123
LP		 1759 goto finish;
1760 }
11dd41ce 1761
a16e1123 1762 switch (m->exit_code) {
e965d56d 1763
a16e1123 1764 case MANAGER_EXIT:
22f4096c 1765 retval = EXIT_SUCCESS;
a16e1123
LP		 1766 log_debug("Exit.");
1767 goto finish;
e965d56d 1768
a16e1123 1769 case MANAGER_RELOAD:
e015090f 1770 log_info("Reloading.");
e96d6be7
LP		 1771 r = manager_reload(m);
1772 if (r < 0)
da927ba9 1773 log_error_errno(r, "Failed to reload: %m");
a16e1123 1774 break;
cea8e32e 1775
a16e1123 1776 case MANAGER_REEXECUTE:
664f88a7 1777
cb6531be
ZJS		 1778 if (prepare_reexecute(m, &arg_serialization, &fds, false) < 0) {
1779 error_message = "Failed to prepare for reexection";
a16e1123 1780 goto finish;
cb6531be 1781 }
60918275 1782
a16e1123 1783 reexecute = true;
e015090f 1784 log_notice("Reexecuting.");
a16e1123
LP		 1785 goto finish;
1786
664f88a7
LP		 1787 case MANAGER_SWITCH_ROOT:
1788 /* Steal the switch root parameters */
41669317 1789 switch_root_dir = m->switch_root;
664f88a7
LP		 1790 switch_root_init = m->switch_root_init;
1791 m->switch_root = m->switch_root_init = NULL;
1792
1793 if (!switch_root_init)
cb6531be
ZJS		 1794 if (prepare_reexecute(m, &arg_serialization, &fds, true) < 0) {
1795 error_message = "Failed to prepare for reexection";
664f88a7 1796 goto finish;
cb6531be 1797 }
664f88a7
LP		 1798
1799 reexecute = true;
1800 log_notice("Switching root.");
1801 goto finish;
1802
b9080b03
FF		 1803 case MANAGER_REBOOT:
1804 case MANAGER_POWEROFF:
1805 case MANAGER_HALT:
1806 case MANAGER_KEXEC: {
1807 static const char * const table[_MANAGER_EXIT_CODE_MAX] = {
1808 [MANAGER_REBOOT] = "reboot",
1809 [MANAGER_POWEROFF] = "poweroff",
1810 [MANAGER_HALT] = "halt",
1811 [MANAGER_KEXEC] = "kexec"
1812 };
1813
1814 assert_se(shutdown_verb = table[m->exit_code]);
e96d6be7 1815 arm_reboot_watchdog = m->exit_code == MANAGER_REBOOT;
b9080b03
FF		 1816
1817 log_notice("Shutting down.");
1818 goto finish;
1819 }
1820
a16e1123
LP		 1821 default:
1822 assert_not_reached("Unknown exit code.");
1823 }
1824 }
f170852a 1825
60918275 1826finish:
b87c2aa6
ZJS		 1827 pager_close();
1828
81f5fc2d
MM		 1829 if (m)
1830 arg_shutdown_watchdog = m->shutdown_watchdog;
06d8d842 1831 m = manager_free(m);
60918275 1832
d3b1c508 1833 for (j = 0; j < ELEMENTSOF(arg_default_rlimit); j++) {
4096d6f5 1834 free(arg_default_rlimit[j]);
d3b1c508
LP		 1835 arg_default_rlimit[j] = NULL;
1836 }
c93ff2e9 1837
fa0f4d8a 1838 free(arg_default_unit);
d3b1c508
LP		 1839 arg_default_unit = NULL;
1840
0c85a4f3 1841 free_join_controllers();
b9cd2ec1 1842
d3b1c508
LP		 1843 strv_free(arg_default_environment);
1844 arg_default_environment = NULL;
1845
1846 set_free(arg_syscall_archs);
1847 arg_syscall_archs = NULL;
1848
cc56fafe 1849 mac_selinux_finish();
b2bb3dbe 1850
a16e1123 1851 if (reexecute) {
664f88a7 1852 const char **args;
e564a982 1853 unsigned i, args_size;
a16e1123 1854
664f88a7
LP		 1855 /* Close and disarm the watchdog, so that the new
1856 * instance can reinitialize it, but doesn't get
1857 * rebooted while we do that */
1858 watchdog_close(true);
a16e1123 1859
4096d6f5
LP		 1860 /* Reset the RLIMIT_NOFILE to the kernel default, so
1861 * that the new systemd can pass the kernel default to
1862 * its child processes */
1863 if (saved_rlimit_nofile.rlim_cur > 0)
1864 setrlimit(RLIMIT_NOFILE, &saved_rlimit_nofile);
1865
41669317 1866 if (switch_root_dir) {
cee530bb
LP		 1867 /* Kill all remaining processes from the
1868 * initrd, but don't wait for them, so that we
1869 * can handle the SIGCHLD for them after
1870 * deserializing. */
0bee65f0 1871 broadcast_signal(SIGTERM, false, true);
bd3fa1d2 1872
5a4bf02f
HH		 1873 /* And switch root with MS_MOVE, because we remove the old directory afterwards and detach it. */
1874 r = switch_root(switch_root_dir, "/mnt", true, MS_MOVE);
41669317 1875 if (r < 0)
da927ba9 1876 log_error_errno(r, "Failed to switch root, trying to continue: %m");
41669317 1877 }
a16e1123 1878
d03bc1b8 1879 args_size = MAX(6, argc+1);
e564a982 1880 args = newa(const char*, args_size);
a16e1123 1881
664f88a7 1882 if (!switch_root_init) {
5ffa8c81 1883 char sfd[DECIMAL_STR_MAX(int) + 1];
a16e1123 1884
664f88a7
LP		 1885 /* First try to spawn ourselves with the right
1886 * path, and with full serialization. We do
1887 * this only if the user didn't specify an
1888 * explicit init to spawn. */
edb9aaa8 1889
d3b1c508 1890 assert(arg_serialization);
664f88a7 1891 assert(fds);
edb9aaa8 1892
5ffa8c81 1893 xsprintf(sfd, "%i", fileno(arg_serialization));
edb9aaa8 1894
664f88a7
LP		 1895 i = 0;
1896 args[i++] = SYSTEMD_BINARY_PATH;
41669317 1897 if (switch_root_dir)
2660882b 1898 args[i++] = "--switched-root";
b2c23da8 1899 args[i++] = arg_running_as == MANAGER_SYSTEM ? "--system" : "--user";
664f88a7
LP		 1900 args[i++] = "--deserialize";
1901 args[i++] = sfd;
1902 args[i++] = NULL;
edb9aaa8 1903
ce8aba56
KS		 1904 /* do not pass along the environment we inherit from the kernel or initrd */
1905 if (switch_root_dir)
1906 clearenv();
1907
e564a982 1908 assert(i <= args_size);
664f88a7
LP		 1909 execv(args[0], (char* const*) args);
1910 }
6e98720f 1911
664f88a7
LP		 1912 /* Try the fallback, if there is any, without any
1913 * serialization. We pass the original argv[] and
1914 * envp[]. (Well, modulo the ordering changes due to
1915 * getopt() in argv[], and some cleanups in envp[],
1916 * but let's hope that doesn't matter.) */
a16e1123 1917
d3b1c508
LP		 1918 if (arg_serialization) {
1919 fclose(arg_serialization);
1920 arg_serialization = NULL;
b8f83232 1921 }
a16e1123 1922
b8f83232 1923 if (fds) {
664f88a7 1924 fdset_free(fds);
b8f83232
LP		 1925 fds = NULL;
1926 }
a16e1123 1927
a504223d
HH		 1928 /* Reopen the console */
1929 make_console_stdio();
1930
d3b1c508 1931 for (j = 1, i = 1; j < (unsigned) argc; j++)
664f88a7 1932 args[i++] = argv[j];
a16e1123 1933 args[i++] = NULL;
e564a982 1934 assert(i <= args_size);
b8f83232 1935
1b6d7fa7 1936 /* Reenable any blocked signals, especially important
5a85ca1c 1937 * if we switch from initial ramdisk to init=... */
9bfcda95 1938 reset_all_signal_handlers();
1b6d7fa7 1939 reset_signal_mask();
5a85ca1c 1940
b8f83232
LP		 1941 if (switch_root_init) {
1942 args[0] = switch_root_init;
1943 execv(args[0], (char* const*) args);
56f64d95 1944 log_warning_errno(errno, "Failed to execute configured init, trying fallback: %m");
b8f83232
LP		 1945 }
1946
1947 args[0] = "/sbin/init";
a16e1123
LP		 1948 execv(args[0], (char* const*) args);
1949
745e2fb7
KS		 1950 if (errno == ENOENT) {
1951 log_warning("No /sbin/init, trying fallback");
b8f83232 1952
745e2fb7
KS		 1953 args[0] = "/bin/sh";
1954 args[1] = NULL;
1955 execv(args[0], (char* const*) args);
56f64d95 1956 log_error_errno(errno, "Failed to execute /bin/sh, giving up: %m");
745e2fb7 1957 } else
56f64d95 1958 log_warning_errno(errno, "Failed to execute /sbin/init, giving up: %m");
a16e1123
LP		 1959 }
1960
d3b1c508
LP		 1961 if (arg_serialization) {
1962 fclose(arg_serialization);
1963 arg_serialization = NULL;
1964 }
a16e1123 1965
d3b1c508 1966 if (fds) {
a16e1123 1967 fdset_free(fds);
d3b1c508
LP		 1968 fds = NULL;
1969 }
a16e1123 1970
54b434b1
LP		 1971#ifdef HAVE_VALGRIND_VALGRIND_H
1972 /* If we are PID 1 and running under valgrind, then let's exit
1973 * here explicitly. valgrind will only generate nice output on
1974 * exit(), not on exec(), hence let's do the former not the
1975 * latter here. */
1976 if (getpid() == 1 && RUNNING_ON_VALGRIND)
1977 return 0;
1978#endif
1979
b9080b03 1980 if (shutdown_verb) {
b1e90ec5
ZJS		 1981 char log_level[DECIMAL_STR_MAX(int) + 1];
1982 const char* command_line[9] = {
b9080b03
FF		 1983 SYSTEMD_SHUTDOWN_BINARY_PATH,
1984 shutdown_verb,
b1e90ec5
ZJS		 1985 "--log-level", log_level,
1986 "--log-target",
b9080b03 1987 };
b1e90ec5 1988 unsigned pos = 5;
e3e45d4f 1989 _cleanup_strv_free_ char **env_block = NULL;
15bd5aee
LP		 1990
1991 assert(command_line[pos] == NULL);
e3e45d4f 1992 env_block = strv_copy(environ);
b9080b03 1993
5ffa8c81 1994 xsprintf(log_level, "%d", log_get_max_level());
b1e90ec5
ZJS		 1995
1996 switch (log_get_target()) {
1997 case LOG_TARGET_KMSG:
1998 case LOG_TARGET_JOURNAL_OR_KMSG:
1999 case LOG_TARGET_SYSLOG_OR_KMSG:
2000 command_line[pos++] = "kmsg";
2001 break;
2002
2003 case LOG_TARGET_CONSOLE:
2004 default:
2005 command_line[pos++] = "console";
2006 break;
2007 };
2008
2009 if (log_get_show_color())
2010 command_line[pos++] = "--log-color";
2011
2012 if (log_get_show_location())
2013 command_line[pos++] = "--log-location";
2014
26abdc73 2015 assert(pos < ELEMENTSOF(command_line));
b1e90ec5 2016
e96d6be7 2017 if (arm_reboot_watchdog && arg_shutdown_watchdog > 0) {
e3e45d4f 2018 char *e;
d18f337c 2019
e96d6be7
LP		 2020 /* If we reboot let's set the shutdown
2021 * watchdog and tell the shutdown binary to
2022 * repeatedly ping it */
c2cc6b9a
LP		 2023 r = watchdog_set_timeout(&arg_shutdown_watchdog);
2024 watchdog_close(r < 0);
e96d6be7 2025
e3e45d4f
SP		 2026 /* Tell the binary how often to ping, ignore failure */
2027 if (asprintf(&e, "WATCHDOG_USEC="USEC_FMT, arg_shutdown_watchdog) > 0)
2028 strv_push(&env_block, e);
2029 } else
e96d6be7
LP		 2030 watchdog_close(true);
2031
66713f77
LP		 2032 /* Avoid the creation of new processes forked by the
2033 * kernel; at this point, we will not listen to the
2034 * signals anyway */
2035 if (detect_container(NULL) <= 0)
2036 cg_uninstall_release_agent(SYSTEMD_CGROUP_CONTROLLER);
ad929bcc 2037
d18f337c 2038 execve(SYSTEMD_SHUTDOWN_BINARY_PATH, (char **) command_line, env_block);
56f64d95 2039 log_error_errno(errno, "Failed to execute shutdown binary, %s: %m",
b1e90ec5 2040 getpid() == 1 ? "freezing" : "quitting");
b9080b03
FF		 2041 }
2042
cb6531be
ZJS		 2043 if (getpid() == 1) {
2044 if (error_message)
2045 manager_status_printf(NULL, STATUS_TYPE_EMERGENCY,
2046 ANSI_HIGHLIGHT_RED_ON "!!!!!!" ANSI_HIGHLIGHT_OFF,
2047 "%s, freezing.", error_message);
c3b3c274 2048 freeze();
cb6531be 2049 }
c3b3c274 2050
60918275
LP		 2051 return retval;
2052}
Unnamed repository; edit this file 'description' to name the repository.