]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/main.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Add SPDX license identifiers to source files under the LGPL
[thirdparty/systemd.git] / src / core / main.c
CommitLineData
53e1b683 1/* SPDX-License-Identifier: LGPL-2.1+ */
a7334b09
LP		 2/***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6
7 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
a7334b09
LP		 10 (at your option) any later version.
11
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 15 Lesser General Public License for more details.
a7334b09 16
5430f7f2 17 You should have received a copy of the GNU Lesser General Public License
a7334b09
LP		 18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
19***/
20
60918275 21#include <errno.h>
3dfc9763 22#include <fcntl.h>
f170852a 23#include <getopt.h>
97c4f35c 24#include <signal.h>
3dfc9763
LP		 25#include <stdio.h>
26#include <string.h>
664f88a7 27#include <sys/mount.h>
3dfc9763 28#include <sys/prctl.h>
b9e74c39 29#include <sys/reboot.h>
3dfc9763
LP		 30#include <sys/stat.h>
31#include <unistd.h>
349cc4a5 32#if HAVE_SECCOMP
b64a3d86
LP		 33#include <seccomp.h>
34#endif
349cc4a5 35#if HAVE_VALGRIND_VALGRIND_H
3dfc9763
LP		 36#include <valgrind/valgrind.h>
37#endif
54b434b1 38
718db961 39#include "sd-bus.h"
cf0fbc49 40#include "sd-daemon.h"
3dfc9763 41
b5efdb8a 42#include "alloc-util.h"
d9d93745 43#include "architecture.h"
3dfc9763
LP		 44#include "build.h"
45#include "bus-error.h"
46#include "bus-util.h"
430f0182 47#include "capability-util.h"
24efb112 48#include "clock-util.h"
3dfc9763 49#include "conf-parser.h"
618234a5 50#include "cpu-set-util.h"
3dfc9763
LP		 51#include "dbus-manager.h"
52#include "def.h"
eee8b7ab 53#include "emergency-action.h"
3dfc9763 54#include "env-util.h"
3ffd4af2 55#include "fd-util.h"
3dfc9763 56#include "fdset.h"
718db961 57#include "fileio.h"
f97b34a6 58#include "format-util.h"
f4f15635 59#include "fs-util.h"
3dfc9763
LP		 60#include "hostname-setup.h"
61#include "ima-setup.h"
62#include "killall.h"
63#include "kmod-setup.h"
d7b8eec7 64#include "load-fragment.h"
3dfc9763 65#include "log.h"
b6e66135 66#include "loopback-setup.h"
b6e66135 67#include "machine-id-setup.h"
3dfc9763
LP		 68#include "manager.h"
69#include "missing.h"
70#include "mount-setup.h"
71#include "pager.h"
6bedfcbb 72#include "parse-util.h"
7d5ceb64 73#include "path-util.h"
4e731273 74#include "proc-cmdline.h"
3dfc9763 75#include "process-util.h"
8869a0b4 76#include "raw-clone.h"
78f22b97 77#include "rlimit-util.h"
349cc4a5 78#if HAVE_SECCOMP
83f12b27
FS		 79#include "seccomp-util.h"
80#endif
b6e66135 81#include "selinux-setup.h"
3dfc9763
LP		 82#include "selinux-util.h"
83#include "signal-util.h"
ffbd2c4d 84#include "smack-setup.h"
3dfc9763 85#include "special.h"
8fcde012 86#include "stat-util.h"
15a5e950 87#include "stdio-util.h"
3dfc9763
LP		 88#include "strv.h"
89#include "switch-root.h"
90#include "terminal-util.h"
8612da97 91#include "umask-util.h"
b1d4f8e1 92#include "user-util.h"
3dfc9763
LP		 93#include "virt.h"
94#include "watchdog.h"
b6e66135 95
f170852a
LP		 96static enum {
97 ACTION_RUN,
e965d56d 98 ACTION_HELP,
9ba0bc4e 99 ACTION_VERSION,
e537352b 100 ACTION_TEST,
494294d6 101 ACTION_DUMP_CONFIGURATION_ITEMS
fa0f4d8a 102} arg_action = ACTION_RUN;
fa0f4d8a 103static char *arg_default_unit = NULL;
463d0d15 104static bool arg_system = false;
fa0f4d8a 105static bool arg_dump_core = true;
fa0f4d8a 106static int arg_crash_chvt = -1;
b9e74c39
LP		 107static bool arg_crash_shell = false;
108static bool arg_crash_reboot = false;
7d5ceb64 109static char *arg_confirm_spawn = NULL;
b6e2f329 110static ShowStatus arg_show_status = _SHOW_STATUS_UNSET;
bf4df7c3 111static bool arg_switched_root = false;
ea4b98e6 112static bool arg_no_pager = false;
0c85a4f3 113static char ***arg_join_controllers = NULL;
706343f4 114static ExecOutput arg_default_std_output = EXEC_OUTPUT_JOURNAL;
0a494f1f 115static ExecOutput arg_default_std_error = EXEC_OUTPUT_INHERIT;
1f19a534
OS		 116static usec_t arg_default_restart_usec = DEFAULT_RESTART_USEC;
117static usec_t arg_default_timeout_start_usec = DEFAULT_TIMEOUT_USEC;
118static usec_t arg_default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC;
3f41e1e5
LN		 119static usec_t arg_default_start_limit_interval = DEFAULT_START_LIMIT_INTERVAL;
120static unsigned arg_default_start_limit_burst = DEFAULT_START_LIMIT_BURST;
e96d6be7
LP		 121static usec_t arg_runtime_watchdog = 0;
122static usec_t arg_shutdown_watchdog = 10 * USEC_PER_MINUTE;
97d0e5f8 123static char **arg_default_environment = NULL;
517d56b1 124static struct rlimit *arg_default_rlimit[_RLIMIT_MAX] = {};
a103496c 125static uint64_t arg_capability_bounding_set = CAP_ALL;
3a43da28 126static nsec_t arg_timer_slack_nsec = NSEC_INFINITY;
bd8f585b 127static usec_t arg_default_timer_accuracy_usec = 1 * USEC_PER_MINUTE;
d3b1c508
LP		 128static Set* arg_syscall_archs = NULL;
129static FILE* arg_serialization = NULL;
085afe36 130static bool arg_default_cpu_accounting = false;
13c31542 131static bool arg_default_io_accounting = false;
377bfd2d 132static bool arg_default_ip_accounting = false;
085afe36
LP		 133static bool arg_default_blockio_accounting = false;
134static bool arg_default_memory_accounting = false;
9ded9cd1 135static bool arg_default_tasks_accounting = true;
79baeeb9 136static uint64_t arg_default_tasks_max = UINT64_MAX;
ee48dbd5 137static sd_id128_t arg_machine_id = {};
ae8c7939 138static EmergencyAction arg_cad_burst_action = EMERGENCY_ACTION_REBOOT_FORCE;
4fc935ca 139
b9e74c39
LP		 140noreturn static void freeze_or_reboot(void) {
141
142 if (arg_crash_reboot) {
143 log_notice("Rebooting in 10s...");
144 (void) sleep(10);
145
146 log_notice("Rebooting now...");
147 (void) reboot(RB_AUTOBOOT);
148 log_emergency_errno(errno, "Failed to reboot: %m");
149 }
150
151 log_emergency("Freezing execution.");
152 freeze();
153}
154
919ce0b7 155noreturn static void crash(int sig) {
7d06dad9
MS		 156 struct sigaction sa;
157 pid_t pid;
97c4f35c 158
df0ff127 159 if (getpid_cached() != 1)
abb26902 160 /* Pass this on immediately, if this is not PID 1 */
92ca4cac 161 (void) raise(sig);
abb26902 162 else if (!arg_dump_core)
4104970e 163 log_emergency("Caught <%s>, not dumping core.", signal_to_string(sig));
97c4f35c 164 else {
7d06dad9 165 sa = (struct sigaction) {
189d5bac 166 .sa_handler = nop_signal_handler,
b92bea5d
ZJS		 167 .sa_flags = SA_NOCLDSTOP|SA_RESTART,
168 };
97c4f35c 169
6f5e3f35 170 /* We want to wait for the core process, hence let's enable SIGCHLD */
92ca4cac 171 (void) sigaction(SIGCHLD, &sa, NULL);
6f5e3f35 172
8869a0b4 173 pid = raw_clone(SIGCHLD);
e62d8c39 174 if (pid < 0)
56f64d95 175 log_emergency_errno(errno, "Caught <%s>, cannot fork for core dump: %m", signal_to_string(sig));
97c4f35c 176 else if (pid == 0) {
97c4f35c 177 /* Enable default signal handler for core dump */
15a90032 178
92ca4cac
LP		 179 sa = (struct sigaction) {
180 .sa_handler = SIG_DFL,
181 };
182 (void) sigaction(sig, &sa, NULL);
97c4f35c 183
15a90032
LP		 184 /* Don't limit the coredump size */
185 (void) setrlimit(RLIMIT_CORE, &RLIMIT_MAKE_CONST(RLIM_INFINITY));
97c4f35c
LP		 186
187 /* Just to be sure... */
e62d9b81 188 (void) chdir("/");
97c4f35c
LP		 189
190 /* Raise the signal again */
ee05e779 191 pid = raw_getpid();
92ca4cac 192 (void) kill(pid, sig); /* raise() would kill the parent */
97c4f35c
LP		 193
194 assert_not_reached("We shouldn't be here...");
92ca4cac 195 _exit(EXIT_FAILURE);
4fc935ca 196 } else {
8e12a6ae
LP		 197 siginfo_t status;
198 int r;
4fc935ca
LP		 199
200 /* Order things nicely. */
e62d8c39
ZJS		 201 r = wait_for_terminate(pid, &status);
202 if (r < 0)
da927ba9 203 log_emergency_errno(r, "Caught <%s>, waitpid() failed: %m", signal_to_string(sig));
8e12a6ae 204 else if (status.si_code != CLD_DUMPED)
ee05e779
ZJS		 205 log_emergency("Caught <%s>, core dump failed (child "PID_FMT", code=%s, status=%i/%s).",
206 signal_to_string(sig),
207 pid, sigchld_code_to_string(status.si_code),
208 status.si_status,
209 strna(status.si_code == CLD_EXITED
38107f5a 210 ? exit_status_to_string(status.si_status, EXIT_STATUS_MINIMAL)
ee05e779 211 : signal_to_string(status.si_status)));
4fc935ca 212 else
4104970e 213 log_emergency("Caught <%s>, dumped core as pid "PID_FMT".", signal_to_string(sig), pid);
97c4f35c
LP		 214 }
215 }
216
b9e74c39 217 if (arg_crash_chvt >= 0)
92ca4cac 218 (void) chvt(arg_crash_chvt);
601f6a1e 219
7d06dad9
MS		 220 sa = (struct sigaction) {
221 .sa_handler = SIG_IGN,
222 .sa_flags = SA_NOCLDSTOP|SA_NOCLDWAIT|SA_RESTART,
223 };
224
225 /* Let the kernel reap children for us */
226 (void) sigaction(SIGCHLD, &sa, NULL);
8c43883a 227
7d06dad9 228 if (arg_crash_shell) {
b9e74c39 229 log_notice("Executing crash shell in 10s...");
92ca4cac 230 (void) sleep(10);
4fc935ca 231
8869a0b4 232 pid = raw_clone(SIGCHLD);
cd3bd60a 233 if (pid < 0)
56f64d95 234 log_emergency_errno(errno, "Failed to fork off crash shell: %m");
6f5e3f35 235 else if (pid == 0) {
b9e74c39 236 (void) setsid();
92ca4cac
LP		 237 (void) make_console_stdio();
238 (void) execle("/bin/sh", "/bin/sh", NULL, environ);
6f5e3f35 239
ee05e779 240 log_emergency_errno(errno, "execle() failed: %m");
92ca4cac 241 _exit(EXIT_FAILURE);
b9e74c39
LP		 242 } else {
243 log_info("Spawned crash shell as PID "PID_FMT".", pid);
4cf0b03b 244 (void) wait_for_terminate(pid, NULL);
b9e74c39 245 }
4fc935ca
LP		 246 }
247
b9e74c39 248 freeze_or_reboot();
97c4f35c
LP		 249}
250
251static void install_crash_handler(void) {
297d563d 252 static const struct sigaction sa = {
b92bea5d 253 .sa_handler = crash,
297d563d 254 .sa_flags = SA_NODEFER, /* So that we can raise the signal again from the signal handler */
b92bea5d 255 };
297d563d 256 int r;
97c4f35c 257
297d563d
LP		 258 /* We ignore the return value here, since, we don't mind if we
259 * cannot set up a crash handler */
260 r = sigaction_many(&sa, SIGNALS_CRASH_HANDLER, -1);
261 if (r < 0)
262 log_debug_errno(r, "I had trouble setting up the crash handler, ignoring: %m");
97c4f35c 263}
f170852a 264
56d96fc0
LP		 265static int console_setup(void) {
266 _cleanup_close_ int tty_fd = -1;
267 int r;
80876c20 268
512947d4 269 tty_fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
23bbb0de
MS		 270 if (tty_fd < 0)
271 return log_error_errno(tty_fd, "Failed to open /dev/console: %m");
80876c20 272
56d96fc0
LP		 273 /* We don't want to force text mode. plymouth may be showing
274 * pictures already from initrd. */
512947d4 275 r = reset_terminal_fd(tty_fd, false);
23bbb0de
MS		 276 if (r < 0)
277 return log_error_errno(r, "Failed to reset /dev/console: %m");
843d2643 278
56d96fc0 279 return 0;
80876c20
LP		 280}
281
b9e74c39
LP		 282static int parse_crash_chvt(const char *value) {
283 int b;
284
285 if (safe_atoi(value, &arg_crash_chvt) >= 0)
286 return 0;
287
288 b = parse_boolean(value);
289 if (b < 0)
290 return b;
291
292 if (b > 0)
293 arg_crash_chvt = 0; /* switch to where kmsg goes */
294 else
295 arg_crash_chvt = -1; /* turn off switching */
296
297 return 0;
298}
299
7d5ceb64
FB		 300static int parse_confirm_spawn(const char *value, char **console) {
301 char *s;
302 int r;
303
304 r = value ? parse_boolean(value) : 1;
305 if (r == 0) {
306 *console = NULL;
307 return 0;
308 }
309
310 if (r > 0) /* on with default tty */
311 s = strdup("/dev/console");
312 else if (is_path(value)) /* on with fully qualified path */
313 s = strdup(value);
314 else /* on with only a tty file name, not a fully qualified path */
315 s = strjoin("/dev/", value);
316 if (!s)
317 return -ENOMEM;
318 *console = s;
319 return 0;
320}
321
ee48dbd5 322static int set_machine_id(const char *m) {
e042eab7 323 sd_id128_t t;
8b26cdbd 324 assert(m);
ee48dbd5 325
e042eab7 326 if (sd_id128_from_string(m, &t) < 0)
ee48dbd5
NC		 327 return -EINVAL;
328
e042eab7 329 if (sd_id128_is_null(t))
ee48dbd5
NC		 330 return -EINVAL;
331
e042eab7 332 arg_machine_id = t;
ee48dbd5
NC		 333 return 0;
334}
335
96287a49 336static int parse_proc_cmdline_item(const char *key, const char *value, void *data) {
f170852a 337
059cb385 338 int r;
f170852a 339
059cb385 340 assert(key);
5192bd19 341
1d84ad94 342 if (STR_IN_SET(key, "systemd.unit", "rd.systemd.unit")) {
bf4df7c3 343
1d84ad94
LP		 344 if (proc_cmdline_value_missing(key, value))
345 return 0;
bf4df7c3 346
1d84ad94
LP		 347 if (!unit_name_is_valid(value, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
348 log_warning("Unit name specified on %s= is not valid, ignoring: %s", key, value);
349 else if (in_initrd() == !!startswith(key, "rd.")) {
350 if (free_and_strdup(&arg_default_unit, value) < 0)
351 return log_oom();
352 }
f170852a 353
1d84ad94 354 } else if (proc_cmdline_key_streq(key, "systemd.dump_core")) {
4fc935ca 355
1d84ad94 356 r = value ? parse_boolean(value) : true;
fb472900 357 if (r < 0)
059cb385 358 log_warning("Failed to parse dump core switch %s. Ignoring.", value);
4fc935ca 359 else
fa0f4d8a 360 arg_dump_core = r;
4fc935ca 361
1d84ad94 362 } else if (proc_cmdline_key_streq(key, "systemd.crash_chvt")) {
b9e74c39 363
1d84ad94
LP		 364 if (!value)
365 arg_crash_chvt = 0; /* turn on */
366 else if (parse_crash_chvt(value) < 0)
b9e74c39
LP		 367 log_warning("Failed to parse crash chvt switch %s. Ignoring.", value);
368
1d84ad94 369 } else if (proc_cmdline_key_streq(key, "systemd.crash_shell")) {
4fc935ca 370
1d84ad94 371 r = value ? parse_boolean(value) : true;
fb472900 372 if (r < 0)
059cb385 373 log_warning("Failed to parse crash shell switch %s. Ignoring.", value);
4fc935ca 374 else
fa0f4d8a 375 arg_crash_shell = r;
5e7ee61c 376
1d84ad94 377 } else if (proc_cmdline_key_streq(key, "systemd.crash_reboot")) {
5e7ee61c 378
1d84ad94 379 r = value ? parse_boolean(value) : true;
b9e74c39
LP		 380 if (r < 0)
381 log_warning("Failed to parse crash reboot switch %s. Ignoring.", value);
5e7ee61c 382 else
b9e74c39 383 arg_crash_reboot = r;
5e7ee61c 384
1d84ad94
LP		 385 } else if (proc_cmdline_key_streq(key, "systemd.confirm_spawn")) {
386 char *s;
7d5ceb64 387
1d84ad94 388 r = parse_confirm_spawn(value, &s);
059cb385 389 if (r < 0)
7d5ceb64 390 log_warning_errno(r, "Failed to parse confirm_spawn switch %s. Ignoring.", value);
1d84ad94
LP		 391 else {
392 free(arg_confirm_spawn);
393 arg_confirm_spawn = s;
394 }
601f6a1e 395
1d84ad94 396 } else if (proc_cmdline_key_streq(key, "systemd.show_status")) {
9e58ff9c 397
1d84ad94
LP		 398 if (value) {
399 r = parse_show_status(value, &arg_show_status);
400 if (r < 0)
401 log_warning("Failed to parse show status switch %s. Ignoring.", value);
402 } else
403 arg_show_status = SHOW_STATUS_YES;
059cb385 404
1d84ad94
LP		 405 } else if (proc_cmdline_key_streq(key, "systemd.default_standard_output")) {
406
407 if (proc_cmdline_value_missing(key, value))
408 return 0;
0a494f1f 409
059cb385 410 r = exec_output_from_string(value);
fb472900 411 if (r < 0)
059cb385 412 log_warning("Failed to parse default standard output switch %s. Ignoring.", value);
0a494f1f
LP		 413 else
414 arg_default_std_output = r;
0a494f1f 415
1d84ad94
LP		 416 } else if (proc_cmdline_key_streq(key, "systemd.default_standard_error")) {
417
418 if (proc_cmdline_value_missing(key, value))
419 return 0;
059cb385
LP		 420
421 r = exec_output_from_string(value);
fb472900 422 if (r < 0)
059cb385 423 log_warning("Failed to parse default standard error switch %s. Ignoring.", value);
0a494f1f
LP		 424 else
425 arg_default_std_error = r;
9e7c5357 426
1d84ad94
LP		 427 } else if (streq(key, "systemd.setenv")) {
428
429 if (proc_cmdline_value_missing(key, value))
430 return 0;
059cb385
LP		 431
432 if (env_assignment_is_valid(value)) {
e21fea24
KS		 433 char **env;
434
059cb385 435 env = strv_env_set(arg_default_environment, value);
1d84ad94
LP		 436 if (!env)
437 return log_oom();
438
439 arg_default_environment = env;
e21fea24 440 } else
059cb385 441 log_warning("Environment variable name '%s' is not valid. Ignoring.", value);
9e58ff9c 442
1d84ad94
LP		 443 } else if (proc_cmdline_key_streq(key, "systemd.machine_id")) {
444
445 if (proc_cmdline_value_missing(key, value))
446 return 0;
447
448 r = set_machine_id(value);
449 if (r < 0)
450 log_warning("MachineID '%s' is not valid. Ignoring.", value);
ee48dbd5 451
1d84ad94
LP		 452 } else if (proc_cmdline_key_streq(key, "systemd.default_timeout_start_sec")) {
453
454 if (proc_cmdline_value_missing(key, value))
455 return 0;
456
457 r = parse_sec(value, &arg_default_timeout_start_usec);
458 if (r < 0)
459 log_warning_errno(r, "Failed to parse default start timeout: %s, ignoring.", value);
460
461 if (arg_default_timeout_start_usec <= 0)
462 arg_default_timeout_start_usec = USEC_INFINITY;
ee48dbd5 463
059cb385 464 } else if (streq(key, "quiet") && !value) {
d7b15e0a 465
b6e2f329 466 if (arg_show_status == _SHOW_STATUS_UNSET)
d450b6f2 467 arg_show_status = SHOW_STATUS_AUTO;
059cb385
LP		 468
469 } else if (streq(key, "debug") && !value) {
d7b15e0a 470
1de1c9c3
LP		 471 /* Note that log_parse_environment() handles 'debug'
472 * too, and sets the log level to LOG_DEBUG. */
d7b15e0a 473
75f86906 474 if (detect_container() > 0)
b2103dcc 475 log_set_target(LOG_TARGET_CONSOLE);
059cb385 476
dcd61450 477 } else if (!value) {
e2c9a131 478 const char *target;
f170852a
LP		 479
480 /* SysV compatibility */
e2c9a131
EV		 481 target = runlevel_to_target(key);
482 if (target)
483 return free_and_strdup(&arg_default_unit, target);
f170852a
LP		 484 }
485
486 return 0;
487}
488
e8e581bf
ZJS		 489#define DEFINE_SETTER(name, func, descr) \
490 static int name(const char *unit, \
491 const char *filename, \
492 unsigned line, \
493 const char *section, \
71a61510 494 unsigned section_line, \
e8e581bf
ZJS		 495 const char *lvalue, \
496 int ltype, \
497 const char *rvalue, \
498 void *data, \
499 void *userdata) { \
500 \
501 int r; \
502 \
503 assert(filename); \
504 assert(lvalue); \
505 assert(rvalue); \
506 \
507 r = func(rvalue); \
508 if (r < 0) \
d1cefe0a
LP		 509 log_syntax(unit, LOG_ERR, filename, line, r, \
510 "Invalid " descr "'%s': %m", \
511 rvalue); \
e8e581bf
ZJS		 512 \
513 return 0; \
514 }
487393e9 515
e8e581bf
ZJS		 516DEFINE_SETTER(config_parse_level2, log_set_max_level_from_string, "log level")
517DEFINE_SETTER(config_parse_target, log_set_target_from_string, "target")
518DEFINE_SETTER(config_parse_color, log_show_color_from_string, "color" )
519DEFINE_SETTER(config_parse_location, log_show_location_from_string, "location")
487393e9 520
4d7213b2
LP		 521static int config_parse_cpu_affinity2(
522 const char *unit,
523 const char *filename,
524 unsigned line,
525 const char *section,
526 unsigned section_line,
527 const char *lvalue,
528 int ltype,
529 const char *rvalue,
530 void *data,
531 void *userdata) {
487393e9 532
4b40bc38 533 _cleanup_cpu_free_ cpu_set_t *c = NULL;
f5c72b73 534 int ncpus;
487393e9 535
765d143b 536 ncpus = parse_cpu_set_and_warn(rvalue, &c, unit, filename, line, lvalue);
f5c72b73
FB		 537 if (ncpus < 0)
538 return ncpus;
487393e9 539
f5c72b73 540 if (sched_setaffinity(0, CPU_ALLOC_SIZE(ncpus), c) < 0)
25f027c5 541 log_warning_errno(errno, "Failed to set CPU affinity: %m");
487393e9 542
487393e9
LP		 543 return 0;
544}
545
4d7213b2
LP		 546static int config_parse_show_status(
547 const char* unit,
548 const char *filename,
549 unsigned line,
550 const char *section,
551 unsigned section_line,
552 const char *lvalue,
553 int ltype,
554 const char *rvalue,
555 void *data,
556 void *userdata) {
557
558 int k;
559 ShowStatus *b = data;
560
561 assert(filename);
562 assert(lvalue);
563 assert(rvalue);
564 assert(data);
565
566 k = parse_show_status(rvalue, b);
567 if (k < 0) {
12ca818f 568 log_syntax(unit, LOG_ERR, filename, line, k, "Failed to parse show status setting, ignoring: %s", rvalue);
4d7213b2
LP		 569 return 0;
570 }
571
572 return 0;
573}
574
b9e74c39
LP		 575static int config_parse_crash_chvt(
576 const char* unit,
577 const char *filename,
578 unsigned line,
579 const char *section,
580 unsigned section_line,
581 const char *lvalue,
582 int ltype,
583 const char *rvalue,
584 void *data,
585 void *userdata) {
586
587 int r;
588
589 assert(filename);
590 assert(lvalue);
591 assert(rvalue);
b9e74c39
LP		 592
593 r = parse_crash_chvt(rvalue);
594 if (r < 0) {
595 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CrashChangeVT= setting, ignoring: %s", rvalue);
596 return 0;
597 }
598
599 return 0;
600}
601
e8e581bf
ZJS		 602static int config_parse_join_controllers(const char *unit,
603 const char *filename,
604 unsigned line,
605 const char *section,
71a61510 606 unsigned section_line,
e8e581bf
ZJS		 607 const char *lvalue,
608 int ltype,
609 const char *rvalue,
610 void *data,
611 void *userdata) {
0c85a4f3 612
3875c85b 613 const char *whole_rvalue = rvalue;
0c85a4f3 614 unsigned n = 0;
0c85a4f3
LP		 615
616 assert(filename);
617 assert(lvalue);
618 assert(rvalue);
619
fe382237 620 arg_join_controllers = strv_free_free(arg_join_controllers);
0c85a4f3 621
d4ebeb4f
FB		 622 for (;;) {
623 _cleanup_free_ char *word = NULL;
624 char **l;
625 int r;
0c85a4f3 626
9a82ab95 627 r = extract_first_word(&rvalue, &word, NULL, EXTRACT_QUOTES);
3875c85b
FB		 628 if (r < 0) {
629 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid value for %s: %s", lvalue, whole_rvalue);
d4ebeb4f 630 return r;
3875c85b 631 }
d4ebeb4f
FB		 632 if (r == 0)
633 break;
0c85a4f3 634
d4ebeb4f 635 l = strv_split(word, ",");
1592ec21 636 if (!l)
aa8aeac0 637 return log_oom();
0c85a4f3
LP		 638 strv_uniq(l);
639
640 if (strv_length(l) <= 1) {
641 strv_free(l);
642 continue;
643 }
644
645 if (!arg_join_controllers) {
646 arg_join_controllers = new(char**, 2);
647 if (!arg_join_controllers) {
648 strv_free(l);
14212119 649 return log_oom();
0c85a4f3
LP		 650 }
651
652 arg_join_controllers[0] = l;
653 arg_join_controllers[1] = NULL;
654
655 n = 1;
656 } else {
657 char ***a;
658 char ***t;
659
660 t = new0(char**, n+2);
661 if (!t) {
662 strv_free(l);
14212119 663 return log_oom();
0c85a4f3
LP		 664 }
665
666 n = 0;
667
668 for (a = arg_join_controllers; *a; a++) {
669
670 if (strv_overlap(*a, l)) {
e287086b 671 if (strv_extend_strv(&l, *a, false) < 0) {
0c85a4f3
LP		 672 strv_free(l);
673 strv_free_free(t);
14212119 674 return log_oom();
0c85a4f3
LP		 675 }
676
0c85a4f3
LP		 677 } else {
678 char **c;
679
680 c = strv_copy(*a);
681 if (!c) {
682 strv_free(l);
683 strv_free_free(t);
14212119 684 return log_oom();
0c85a4f3
LP		 685 }
686
687 t[n++] = c;
688 }
689 }
690
691 t[n++] = strv_uniq(l);
692
693 strv_free_free(arg_join_controllers);
694 arg_join_controllers = t;
695 }
696 }
d4ebeb4f 697 if (!isempty(rvalue))
12ca818f 698 log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
0c85a4f3
LP		 699
700 return 0;
701}
702
487393e9
LP		 703static int parse_config_file(void) {
704
f975e971 705 const ConfigTableItem items[] = {
d3b1c508
LP		 706 { "Manager", "LogLevel", config_parse_level2, 0, NULL },
707 { "Manager", "LogTarget", config_parse_target, 0, NULL },
708 { "Manager", "LogColor", config_parse_color, 0, NULL },
709 { "Manager", "LogLocation", config_parse_location, 0, NULL },
710 { "Manager", "DumpCore", config_parse_bool, 0, &arg_dump_core },
b9e74c39
LP		 711 { "Manager", "CrashChVT", /* legacy */ config_parse_crash_chvt, 0, NULL },
712 { "Manager", "CrashChangeVT", config_parse_crash_chvt, 0, NULL },
d3b1c508 713 { "Manager", "CrashShell", config_parse_bool, 0, &arg_crash_shell },
b9e74c39 714 { "Manager", "CrashReboot", config_parse_bool, 0, &arg_crash_reboot },
d3b1c508 715 { "Manager", "ShowStatus", config_parse_show_status, 0, &arg_show_status },
d3b1c508
LP		 716 { "Manager", "CPUAffinity", config_parse_cpu_affinity2, 0, NULL },
717 { "Manager", "JoinControllers", config_parse_join_controllers, 0, &arg_join_controllers },
718 { "Manager", "RuntimeWatchdogSec", config_parse_sec, 0, &arg_runtime_watchdog },
719 { "Manager", "ShutdownWatchdogSec", config_parse_sec, 0, &arg_shutdown_watchdog },
a103496c 720 { "Manager", "CapabilityBoundingSet", config_parse_capability_set, 0, &arg_capability_bounding_set },
349cc4a5 721#if HAVE_SECCOMP
d3b1c508 722 { "Manager", "SystemCallArchitectures", config_parse_syscall_archs, 0, &arg_syscall_archs },
89fffa27 723#endif
d3b1c508 724 { "Manager", "TimerSlackNSec", config_parse_nsec, 0, &arg_timer_slack_nsec },
bd8f585b 725 { "Manager", "DefaultTimerAccuracySec", config_parse_sec, 0, &arg_default_timer_accuracy_usec },
d3b1c508
LP		 726 { "Manager", "DefaultStandardOutput", config_parse_output, 0, &arg_default_std_output },
727 { "Manager", "DefaultStandardError", config_parse_output, 0, &arg_default_std_error },
728 { "Manager", "DefaultTimeoutStartSec", config_parse_sec, 0, &arg_default_timeout_start_usec },
729 { "Manager", "DefaultTimeoutStopSec", config_parse_sec, 0, &arg_default_timeout_stop_usec },
730 { "Manager", "DefaultRestartSec", config_parse_sec, 0, &arg_default_restart_usec },
f0367da7
LP		 731 { "Manager", "DefaultStartLimitInterval", config_parse_sec, 0, &arg_default_start_limit_interval }, /* obsolete alias */
732 { "Manager", "DefaultStartLimitIntervalSec",config_parse_sec, 0, &arg_default_start_limit_interval },
d3b1c508
LP		 733 { "Manager", "DefaultStartLimitBurst", config_parse_unsigned, 0, &arg_default_start_limit_burst },
734 { "Manager", "DefaultEnvironment", config_parse_environ, 0, &arg_default_environment },
d0a7c5f6
LP		 735 { "Manager", "DefaultLimitCPU", config_parse_limit, RLIMIT_CPU, arg_default_rlimit },
736 { "Manager", "DefaultLimitFSIZE", config_parse_limit, RLIMIT_FSIZE, arg_default_rlimit },
737 { "Manager", "DefaultLimitDATA", config_parse_limit, RLIMIT_DATA, arg_default_rlimit },
738 { "Manager", "DefaultLimitSTACK", config_parse_limit, RLIMIT_STACK, arg_default_rlimit },
739 { "Manager", "DefaultLimitCORE", config_parse_limit, RLIMIT_CORE, arg_default_rlimit },
740 { "Manager", "DefaultLimitRSS", config_parse_limit, RLIMIT_RSS, arg_default_rlimit },
741 { "Manager", "DefaultLimitNOFILE", config_parse_limit, RLIMIT_NOFILE, arg_default_rlimit },
742 { "Manager", "DefaultLimitAS", config_parse_limit, RLIMIT_AS, arg_default_rlimit },
743 { "Manager", "DefaultLimitNPROC", config_parse_limit, RLIMIT_NPROC, arg_default_rlimit },
744 { "Manager", "DefaultLimitMEMLOCK", config_parse_limit, RLIMIT_MEMLOCK, arg_default_rlimit },
745 { "Manager", "DefaultLimitLOCKS", config_parse_limit, RLIMIT_LOCKS, arg_default_rlimit },
746 { "Manager", "DefaultLimitSIGPENDING", config_parse_limit, RLIMIT_SIGPENDING, arg_default_rlimit },
747 { "Manager", "DefaultLimitMSGQUEUE", config_parse_limit, RLIMIT_MSGQUEUE, arg_default_rlimit },
748 { "Manager", "DefaultLimitNICE", config_parse_limit, RLIMIT_NICE, arg_default_rlimit },
749 { "Manager", "DefaultLimitRTPRIO", config_parse_limit, RLIMIT_RTPRIO, arg_default_rlimit },
750 { "Manager", "DefaultLimitRTTIME", config_parse_limit, RLIMIT_RTTIME, arg_default_rlimit },
085afe36 751 { "Manager", "DefaultCPUAccounting", config_parse_bool, 0, &arg_default_cpu_accounting },
13c31542 752 { "Manager", "DefaultIOAccounting", config_parse_bool, 0, &arg_default_io_accounting },
377bfd2d 753 { "Manager", "DefaultIPAccounting", config_parse_bool, 0, &arg_default_ip_accounting },
085afe36
LP		 754 { "Manager", "DefaultBlockIOAccounting", config_parse_bool, 0, &arg_default_blockio_accounting },
755 { "Manager", "DefaultMemoryAccounting", config_parse_bool, 0, &arg_default_memory_accounting },
03a7b521 756 { "Manager", "DefaultTasksAccounting", config_parse_bool, 0, &arg_default_tasks_accounting },
0af20ea2 757 { "Manager", "DefaultTasksMax", config_parse_tasks_max, 0, &arg_default_tasks_max },
ae8c7939 758 { "Manager", "CtrlAltDelBurstAction", config_parse_emergency_action, 0, &arg_cad_burst_action },
d3b1c508 759 {}
487393e9
LP		 760 };
761
1b907b5c 762 const char *fn, *conf_dirs_nulstr;
487393e9 763
463d0d15 764 fn = arg_system ?
75eb6154
LP		 765 PKGSYSCONFDIR "/system.conf" :
766 PKGSYSCONFDIR "/user.conf";
767
463d0d15 768 conf_dirs_nulstr = arg_system ?
75eb6154
LP		 769 CONF_PATHS_NULSTR("systemd/system.conf.d") :
770 CONF_PATHS_NULSTR("systemd/user.conf.d");
771
bcde742e 772 (void) config_parse_many_nulstr(fn, conf_dirs_nulstr, "Manager\0", config_item_table_lookup, items, CONFIG_PARSE_WARN, NULL);
36c16a7c
LP		 773
774 /* Traditionally "0" was used to turn off the default unit timeouts. Fix this up so that we used USEC_INFINITY
775 * like everywhere else. */
776 if (arg_default_timeout_start_usec <= 0)
777 arg_default_timeout_start_usec = USEC_INFINITY;
778 if (arg_default_timeout_stop_usec <= 0)
779 arg_default_timeout_stop_usec = USEC_INFINITY;
487393e9 780
487393e9
LP		 781 return 0;
782}
783
85cb4151 784static void set_manager_defaults(Manager *m) {
06af2a04
TB		 785
786 assert(m);
787
788 m->default_timer_accuracy_usec = arg_default_timer_accuracy_usec;
789 m->default_std_output = arg_default_std_output;
790 m->default_std_error = arg_default_std_error;
791 m->default_timeout_start_usec = arg_default_timeout_start_usec;
792 m->default_timeout_stop_usec = arg_default_timeout_stop_usec;
793 m->default_restart_usec = arg_default_restart_usec;
794 m->default_start_limit_interval = arg_default_start_limit_interval;
795 m->default_start_limit_burst = arg_default_start_limit_burst;
796 m->default_cpu_accounting = arg_default_cpu_accounting;
13c31542 797 m->default_io_accounting = arg_default_io_accounting;
377bfd2d 798 m->default_ip_accounting = arg_default_ip_accounting;
06af2a04
TB		 799 m->default_blockio_accounting = arg_default_blockio_accounting;
800 m->default_memory_accounting = arg_default_memory_accounting;
03a7b521 801 m->default_tasks_accounting = arg_default_tasks_accounting;
0af20ea2 802 m->default_tasks_max = arg_default_tasks_max;
06af2a04
TB		 803
804 manager_set_default_rlimits(m, arg_default_rlimit);
805 manager_environment_add(m, NULL, arg_default_environment);
806}
807
7b46fc6a
LP		 808static void set_manager_settings(Manager *m) {
809
810 assert(m);
811
812 m->confirm_spawn = arg_confirm_spawn;
813 m->runtime_watchdog = arg_runtime_watchdog;
814 m->shutdown_watchdog = arg_shutdown_watchdog;
815 m->cad_burst_action = arg_cad_burst_action;
816
817 manager_set_show_status(m, arg_show_status);
818}
819
f170852a
LP		 820static int parse_argv(int argc, char *argv[]) {
821
822 enum {
823 ARG_LOG_LEVEL = 0x100,
824 ARG_LOG_TARGET,
bbe63281
LP		 825 ARG_LOG_COLOR,
826 ARG_LOG_LOCATION,
2f198e2f 827 ARG_UNIT,
edb9aaa8 828 ARG_SYSTEM,
af2d49f7 829 ARG_USER,
e537352b 830 ARG_TEST,
b87c2aa6 831 ARG_NO_PAGER,
9ba0bc4e 832 ARG_VERSION,
80876c20 833 ARG_DUMP_CONFIGURATION_ITEMS,
9e58ff9c 834 ARG_DUMP_CORE,
b9e74c39 835 ARG_CRASH_CHVT,
9e58ff9c 836 ARG_CRASH_SHELL,
b9e74c39 837 ARG_CRASH_REBOOT,
a16e1123 838 ARG_CONFIRM_SPAWN,
9e58ff9c 839 ARG_SHOW_STATUS,
4288f619 840 ARG_DESERIALIZE,
2660882b 841 ARG_SWITCHED_ROOT,
0a494f1f 842 ARG_DEFAULT_STD_OUTPUT,
ee48dbd5
NC		 843 ARG_DEFAULT_STD_ERROR,
844 ARG_MACHINE_ID
f170852a
LP		 845 };
846
847 static const struct option options[] = {
a16e1123
LP		 848 { "log-level", required_argument, NULL, ARG_LOG_LEVEL },
849 { "log-target", required_argument, NULL, ARG_LOG_TARGET },
bbe63281
LP		 850 { "log-color", optional_argument, NULL, ARG_LOG_COLOR },
851 { "log-location", optional_argument, NULL, ARG_LOG_LOCATION },
2f198e2f 852 { "unit", required_argument, NULL, ARG_UNIT },
edb9aaa8 853 { "system", no_argument, NULL, ARG_SYSTEM },
af2d49f7 854 { "user", no_argument, NULL, ARG_USER },
a16e1123 855 { "test", no_argument, NULL, ARG_TEST },
b87c2aa6 856 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
a16e1123 857 { "help", no_argument, NULL, 'h' },
9ba0bc4e 858 { "version", no_argument, NULL, ARG_VERSION },
a16e1123 859 { "dump-configuration-items", no_argument, NULL, ARG_DUMP_CONFIGURATION_ITEMS },
a5d87bf0 860 { "dump-core", optional_argument, NULL, ARG_DUMP_CORE },
b9e74c39 861 { "crash-chvt", required_argument, NULL, ARG_CRASH_CHVT },
a5d87bf0 862 { "crash-shell", optional_argument, NULL, ARG_CRASH_SHELL },
b9e74c39 863 { "crash-reboot", optional_argument, NULL, ARG_CRASH_REBOOT },
a5d87bf0 864 { "confirm-spawn", optional_argument, NULL, ARG_CONFIRM_SPAWN },
6e98720f 865 { "show-status", optional_argument, NULL, ARG_SHOW_STATUS },
a16e1123 866 { "deserialize", required_argument, NULL, ARG_DESERIALIZE },
2660882b 867 { "switched-root", no_argument, NULL, ARG_SWITCHED_ROOT },
0a494f1f
LP		 868 { "default-standard-output", required_argument, NULL, ARG_DEFAULT_STD_OUTPUT, },
869 { "default-standard-error", required_argument, NULL, ARG_DEFAULT_STD_ERROR, },
ee48dbd5 870 { "machine-id", required_argument, NULL, ARG_MACHINE_ID },
fb472900 871 {}
f170852a
LP		 872 };
873
874 int c, r;
875
876 assert(argc >= 1);
877 assert(argv);
878
df0ff127 879 if (getpid_cached() == 1)
b770165a
LP		 880 opterr = 0;
881
099663ff 882 while ((c = getopt_long(argc, argv, "hDbsz:", options, NULL)) >= 0)
f170852a
LP		 883
884 switch (c) {
885
886 case ARG_LOG_LEVEL:
fb472900
ZJS		 887 r = log_set_max_level_from_string(optarg);
888 if (r < 0) {
f170852a
LP		 889 log_error("Failed to parse log level %s.", optarg);
890 return r;
891 }
892
893 break;
894
895 case ARG_LOG_TARGET:
fb472900
ZJS		 896 r = log_set_target_from_string(optarg);
897 if (r < 0) {
f170852a
LP		 898 log_error("Failed to parse log target %s.", optarg);
899 return r;
900 }
901
902 break;
903
bbe63281
LP		 904 case ARG_LOG_COLOR:
905
d0b170c8 906 if (optarg) {
fb472900
ZJS		 907 r = log_show_color_from_string(optarg);
908 if (r < 0) {
d0b170c8
LP		 909 log_error("Failed to parse log color setting %s.", optarg);
910 return r;
911 }
912 } else
913 log_show_color(true);
bbe63281
LP		 914
915 break;
916
917 case ARG_LOG_LOCATION:
d0b170c8 918 if (optarg) {
fb472900
ZJS		 919 r = log_show_location_from_string(optarg);
920 if (r < 0) {
d0b170c8
LP		 921 log_error("Failed to parse log location setting %s.", optarg);
922 return r;
923 }
924 } else
925 log_show_location(true);
bbe63281
LP		 926
927 break;
928
0a494f1f 929 case ARG_DEFAULT_STD_OUTPUT:
fb472900
ZJS		 930 r = exec_output_from_string(optarg);
931 if (r < 0) {
0a494f1f
LP		 932 log_error("Failed to parse default standard output setting %s.", optarg);
933 return r;
934 } else
935 arg_default_std_output = r;
936 break;
937
938 case ARG_DEFAULT_STD_ERROR:
fb472900
ZJS		 939 r = exec_output_from_string(optarg);
940 if (r < 0) {
0a494f1f
LP		 941 log_error("Failed to parse default standard error output setting %s.", optarg);
942 return r;
943 } else
944 arg_default_std_error = r;
945 break;
946
2f198e2f 947 case ARG_UNIT:
e6e242ad 948 r = free_and_strdup(&arg_default_unit, optarg);
23bbb0de
MS		 949 if (r < 0)
950 return log_error_errno(r, "Failed to set default unit %s: %m", optarg);
f170852a
LP		 951
952 break;
953
edb9aaa8 954 case ARG_SYSTEM:
463d0d15 955 arg_system = true;
edb9aaa8 956 break;
a5dab5ce 957
af2d49f7 958 case ARG_USER:
463d0d15 959 arg_system = false;
a5dab5ce 960 break;
a5dab5ce 961
e965d56d 962 case ARG_TEST:
fa0f4d8a 963 arg_action = ACTION_TEST;
b87c2aa6
ZJS		 964 break;
965
966 case ARG_NO_PAGER:
967 arg_no_pager = true;
e965d56d
LP		 968 break;
969
9ba0bc4e
ZJS		 970 case ARG_VERSION:
971 arg_action = ACTION_VERSION;
972 break;
973
e537352b 974 case ARG_DUMP_CONFIGURATION_ITEMS:
fa0f4d8a 975 arg_action = ACTION_DUMP_CONFIGURATION_ITEMS;
e537352b
LP		 976 break;
977
9e58ff9c 978 case ARG_DUMP_CORE:
b9e74c39
LP		 979 if (!optarg)
980 arg_dump_core = true;
981 else {
982 r = parse_boolean(optarg);
983 if (r < 0)
984 return log_error_errno(r, "Failed to parse dump core boolean: %s", optarg);
985 arg_dump_core = r;
a5d87bf0 986 }
b9e74c39
LP		 987 break;
988
989 case ARG_CRASH_CHVT:
990 r = parse_crash_chvt(optarg);
991 if (r < 0)
992 return log_error_errno(r, "Failed to parse crash virtual terminal index: %s", optarg);
9e58ff9c
LP		 993 break;
994
995 case ARG_CRASH_SHELL:
b9e74c39
LP		 996 if (!optarg)
997 arg_crash_shell = true;
998 else {
999 r = parse_boolean(optarg);
1000 if (r < 0)
1001 return log_error_errno(r, "Failed to parse crash shell boolean: %s", optarg);
1002 arg_crash_shell = r;
1003 }
1004 break;
1005
1006 case ARG_CRASH_REBOOT:
1007 if (!optarg)
1008 arg_crash_reboot = true;
1009 else {
1010 r = parse_boolean(optarg);
1011 if (r < 0)
1012 return log_error_errno(r, "Failed to parse crash shell boolean: %s", optarg);
1013 arg_crash_reboot = r;
a5d87bf0 1014 }
9e58ff9c
LP		 1015 break;
1016
80876c20 1017 case ARG_CONFIRM_SPAWN:
7d5ceb64
FB		 1018 arg_confirm_spawn = mfree(arg_confirm_spawn);
1019
1020 r = parse_confirm_spawn(optarg, &arg_confirm_spawn);
1021 if (r < 0)
1022 return log_error_errno(r, "Failed to parse confirm spawn option: %m");
80876c20
LP		 1023 break;
1024
9e58ff9c 1025 case ARG_SHOW_STATUS:
d450b6f2
ZJS		 1026 if (optarg) {
1027 r = parse_show_status(optarg, &arg_show_status);
1028 if (r < 0) {
1029 log_error("Failed to parse show status boolean %s.", optarg);
1030 return r;
1031 }
1032 } else
1033 arg_show_status = SHOW_STATUS_YES;
6e98720f 1034 break;
a5d87bf0 1035
a16e1123
LP		 1036 case ARG_DESERIALIZE: {
1037 int fd;
1038 FILE *f;
1039
01e10de3
LP		 1040 r = safe_atoi(optarg, &fd);
1041 if (r < 0 || fd < 0) {
a16e1123 1042 log_error("Failed to parse deserialize option %s.", optarg);
b9e74c39 1043 return -EINVAL;
a16e1123
LP		 1044 }
1045
b9e74c39 1046 (void) fd_cloexec(fd, true);
01e10de3
LP		 1047
1048 f = fdopen(fd, "r");
4a62c710
MS		 1049 if (!f)
1050 return log_error_errno(errno, "Failed to open serialization fd: %m");
a16e1123 1051
74ca738f 1052 safe_fclose(arg_serialization);
d3b1c508 1053 arg_serialization = f;
a16e1123
LP		 1054
1055 break;
1056 }
1057
2660882b 1058 case ARG_SWITCHED_ROOT:
bf4df7c3 1059 arg_switched_root = true;
d03bc1b8
HH		 1060 break;
1061
ee48dbd5
NC		 1062 case ARG_MACHINE_ID:
1063 r = set_machine_id(optarg);
54500613
LP		 1064 if (r < 0)
1065 return log_error_errno(r, "MachineID '%s' is not valid.", optarg);
ee48dbd5
NC		 1066 break;
1067
f170852a 1068 case 'h':
fa0f4d8a 1069 arg_action = ACTION_HELP;
f170852a
LP		 1070 break;
1071
1d2e23ab
LP		 1072 case 'D':
1073 log_set_max_level(LOG_DEBUG);
1074 break;
1075
099663ff
LP		 1076 case 'b':
1077 case 's':
1078 case 'z':
1079 /* Just to eat away the sysvinit kernel
1080 * cmdline args without getopt() error
1081 * messages that we'll parse in
1082 * parse_proc_cmdline_word() or ignore. */
f170852a 1083
099663ff 1084 case '?':
df0ff127 1085 if (getpid_cached() != 1)
099663ff 1086 return -EINVAL;
601185b4
ZJS		 1087 else
1088 return 0;
099663ff 1089
601185b4
ZJS		 1090 default:
1091 assert_not_reached("Unhandled option code.");
f170852a
LP		 1092 }
1093
df0ff127 1094 if (optind < argc && getpid_cached() != 1) {
d821e6d6
LP		 1095 /* Hmm, when we aren't run as init system
1096 * let's complain about excess arguments */
1097
1098 log_error("Excess arguments.");
1099 return -EINVAL;
1100 }
1101
f170852a
LP		 1102 return 0;
1103}
1104
1105static int help(void) {
1106
2e33c433 1107 printf("%s [OPTIONS...]\n\n"
af2d49f7 1108 "Starts up and maintains the system or user services.\n\n"
e537352b 1109 " -h --help Show this help\n"
cb4069d9 1110 " --version Show version\n"
e537352b 1111 " --test Determine startup sequence, dump it and exit\n"
b87c2aa6 1112 " --no-pager Do not pipe output into a pager\n"
80876c20 1113 " --dump-configuration-items Dump understood unit configuration items\n"
9e58ff9c 1114 " --unit=UNIT Set default unit\n"
edb9aaa8 1115 " --system Run a system instance, even if PID != 1\n"
af2d49f7 1116 " --user Run a user instance\n"
b9e74c39
LP		 1117 " --dump-core[=BOOL] Dump core on crash\n"
1118 " --crash-vt=NR Change to specified VT on crash\n"
1119 " --crash-reboot[=BOOL] Reboot on crash\n"
1120 " --crash-shell[=BOOL] Run shell on crash\n"
1121 " --confirm-spawn[=BOOL] Ask for confirmation when spawning processes\n"
1122 " --show-status[=BOOL] Show status updates on the console during bootup\n"
c1dc6153 1123 " --log-target=TARGET Set log target (console, journal, kmsg, journal-or-kmsg, null)\n"
9e58ff9c 1124 " --log-level=LEVEL Set log level (debug, info, notice, warning, err, crit, alert, emerg)\n"
b9e74c39
LP		 1125 " --log-color[=BOOL] Highlight important log messages\n"
1126 " --log-location[=BOOL] Include code location in log messages\n"
0a494f1f
LP		 1127 " --default-standard-output= Set default standard output for services\n"
1128 " --default-standard-error= Set default standard error output for services\n",
5b6319dc 1129 program_invocation_short_name);
f170852a
LP		 1130
1131 return 0;
1132}
1133
b3680f49 1134static int prepare_reexecute(Manager *m, FILE **_f, FDSet **_fds, bool switching_root) {
48b90859
LP		 1135 _cleanup_fdset_free_ FDSet *fds = NULL;
1136 _cleanup_fclose_ FILE *f = NULL;
a16e1123
LP		 1137 int r;
1138
1139 assert(m);
1140 assert(_f);
1141 assert(_fds);
1142
6b78f9b4 1143 r = manager_open_serialization(m, &f);
48b90859
LP		 1144 if (r < 0)
1145 return log_error_errno(r, "Failed to create serialization file: %m");
a16e1123 1146
71445ae7 1147 /* Make sure nothing is really destructed when we shut down */
313cefa1 1148 m->n_reloading++;
718db961 1149 bus_manager_send_reloading(m, true);
71445ae7 1150
6b78f9b4 1151 fds = fdset_new();
48b90859
LP		 1152 if (!fds)
1153 return log_oom();
a16e1123 1154
b3680f49 1155 r = manager_serialize(m, f, fds, switching_root);
48b90859
LP		 1156 if (r < 0)
1157 return log_error_errno(r, "Failed to serialize state: %m");
a16e1123 1158
48b90859
LP		 1159 if (fseeko(f, 0, SEEK_SET) == (off_t) -1)
1160 return log_error_errno(errno, "Failed to rewind serialization fd: %m");
a16e1123 1161
6b78f9b4 1162 r = fd_cloexec(fileno(f), false);
48b90859
LP		 1163 if (r < 0)
1164 return log_error_errno(r, "Failed to disable O_CLOEXEC for serialization: %m");
a16e1123 1165
6b78f9b4 1166 r = fdset_cloexec(fds, false);
48b90859
LP		 1167 if (r < 0)
1168 return log_error_errno(r, "Failed to disable O_CLOEXEC for serialization fds: %m");
a16e1123
LP		 1169
1170 *_f = f;
1171 *_fds = fds;
1172
48b90859
LP		 1173 f = NULL;
1174 fds = NULL;
a16e1123 1175
48b90859 1176 return 0;
a16e1123
LP		 1177}
1178
4096d6f5
LP		 1179static int bump_rlimit_nofile(struct rlimit *saved_rlimit) {
1180 struct rlimit nl;
1181 int r;
6385cb31
CB		 1182 int min_max;
1183 _cleanup_free_ char *nr_open = NULL;
4096d6f5
LP		 1184
1185 assert(saved_rlimit);
1186
1187 /* Save the original RLIMIT_NOFILE so that we can reset it
1188 * later when transitioning from the initrd to the main
1189 * systemd or suchlike. */
4a62c710 1190 if (getrlimit(RLIMIT_NOFILE, saved_rlimit) < 0)
3ce40911 1191 return log_warning_errno(errno, "Reading RLIMIT_NOFILE failed, ignoring: %m");
4096d6f5
LP		 1192
1193 /* Make sure forked processes get the default kernel setting */
1194 if (!arg_default_rlimit[RLIMIT_NOFILE]) {
1195 struct rlimit *rl;
1196
1197 rl = newdup(struct rlimit, saved_rlimit, 1);
1198 if (!rl)
1199 return log_oom();
1200
1201 arg_default_rlimit[RLIMIT_NOFILE] = rl;
1202 }
1203
6385cb31
CB		 1204 /* Get current RLIMIT_NOFILE maximum compiled into the kernel. */
1205 r = read_one_line_file("/proc/sys/fs/nr_open", &nr_open);
1206 if (r == 0)
1207 r = safe_atoi(nr_open, &min_max);
1208 /* If we fail, fallback to the hard-coded kernel limit of 1024 * 1024. */
1209 if (r < 0)
1210 min_max = 1024 * 1024;
1211
4096d6f5 1212 /* Bump up the resource limit for ourselves substantially */
6385cb31 1213 nl.rlim_cur = nl.rlim_max = min_max;
4096d6f5 1214 r = setrlimit_closest(RLIMIT_NOFILE, &nl);
23bbb0de 1215 if (r < 0)
3ce40911 1216 return log_warning_errno(r, "Setting RLIMIT_NOFILE failed, ignoring: %m");
4096d6f5
LP		 1217
1218 return 0;
1219}
1220
fb3ae275
LP		 1221static int bump_rlimit_memlock(struct rlimit *saved_rlimit) {
1222 int r;
1223
1224 assert(saved_rlimit);
1225 assert(getuid() == 0);
1226
1227 /* BPF_MAP_TYPE_LPM_TRIE bpf maps are charged against RLIMIT_MEMLOCK, even though we have CAP_IPC_LOCK which
1228 * should normally disable such checks. We need them to implement IPAccessAllow= and IPAccessDeny=, hence let's
1229 * bump the value high enough for the root user. */
1230
1231 if (getrlimit(RLIMIT_MEMLOCK, saved_rlimit) < 0)
1232 return log_warning_errno(errno, "Reading RLIMIT_MEMLOCK failed, ignoring: %m");
1233
1234 r = setrlimit_closest(RLIMIT_MEMLOCK, &RLIMIT_MAKE_CONST(1024ULL*1024ULL*16ULL));
1235 if (r < 0)
1236 return log_warning_errno(r, "Setting RLIMIT_MEMLOCK failed, ignoring: %m");
1237
1238 return 0;
1239}
1240
80758717 1241static void test_usr(void) {
80758717 1242
ed1c99fc 1243 /* Check that /usr is not a separate fs */
80758717 1244
871c44a7
LP		 1245 if (dir_is_empty("/usr") <= 0)
1246 return;
1247
8b173b5e 1248 log_warning("/usr appears to be on its own filesystem and is not already mounted. This is not a supported setup. "
871c44a7
LP		 1249 "Some things will probably break (sometimes even silently) in mysterious ways. "
1250 "Consult http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken for more information.");
1251}
1252
a07fdfa3
LP		 1253static int initialize_join_controllers(void) {
1254 /* By default, mount "cpu" + "cpuacct" together, and "net_cls"
1255 * + "net_prio". We'd like to add "cpuset" to the mix, but
f131770b 1256 * "cpuset" doesn't really work for groups with no initialized
a07fdfa3
LP		 1257 * attributes. */
1258
1259 arg_join_controllers = new(char**, 3);
1260 if (!arg_join_controllers)
1261 return -ENOMEM;
1262
1263 arg_join_controllers[0] = strv_new("cpu", "cpuacct", NULL);
fe382237
LP		 1264 if (!arg_join_controllers[0])
1265 goto oom;
a6b26d90 1266
fe382237
LP		 1267 arg_join_controllers[1] = strv_new("net_cls", "net_prio", NULL);
1268 if (!arg_join_controllers[1])
1269 goto oom;
a07fdfa3 1270
fe382237 1271 arg_join_controllers[2] = NULL;
a07fdfa3 1272 return 0;
fe382237
LP		 1273
1274oom:
1275 arg_join_controllers = strv_free_free(arg_join_controllers);
1276 return -ENOMEM;
a07fdfa3
LP		 1277}
1278
d3b1c508 1279static int enforce_syscall_archs(Set *archs) {
349cc4a5 1280#if HAVE_SECCOMP
d3b1c508
LP		 1281 int r;
1282
83f12b27
FS		 1283 if (!is_seccomp_available())
1284 return 0;
1285
469830d1 1286 r = seccomp_restrict_archs(arg_syscall_archs);
d3b1c508 1287 if (r < 0)
469830d1 1288 return log_error_errno(r, "Failed to enforce system call architecture restrication: %m");
d3b1c508 1289#endif
469830d1 1290 return 0;
d3b1c508
LP		 1291}
1292
b6e2f329
LP		 1293static int status_welcome(void) {
1294 _cleanup_free_ char *pretty_name = NULL, *ansi_color = NULL;
1295 int r;
1296
1297 r = parse_env_file("/etc/os-release", NEWLINE,
1298 "PRETTY_NAME", &pretty_name,
1299 "ANSI_COLOR", &ansi_color,
1300 NULL);
ece174c5 1301 if (r == -ENOENT)
5ae4d543
LP		 1302 r = parse_env_file("/usr/lib/os-release", NEWLINE,
1303 "PRETTY_NAME", &pretty_name,
1304 "ANSI_COLOR", &ansi_color,
1305 NULL);
b6e2f329
LP		 1306
1307 if (r < 0 && r != -ENOENT)
da927ba9 1308 log_warning_errno(r, "Failed to read os-release file: %m");
b6e2f329 1309
dc9b5816
ZJS		 1310 if (log_get_show_color())
1311 return status_printf(NULL, false, false,
1312 "\nWelcome to \x1B[%sm%s\x1B[0m!\n",
1313 isempty(ansi_color) ? "1" : ansi_color,
1314 isempty(pretty_name) ? "Linux" : pretty_name);
1315 else
1316 return status_printf(NULL, false, false,
1317 "\nWelcome to %s!\n",
1318 isempty(pretty_name) ? "Linux" : pretty_name);
b6e2f329
LP		 1319}
1320
fdd25311
LP		 1321static int write_container_id(void) {
1322 const char *c;
19854865 1323 int r;
fdd25311
LP		 1324
1325 c = getenv("container");
1326 if (isempty(c))
1327 return 0;
1328
8612da97
LP		 1329 RUN_WITH_UMASK(0022)
1330 r = write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE);
19854865 1331 if (r < 0)
f1f849b0 1332 return log_warning_errno(r, "Failed to write /run/systemd/container, ignoring: %m");
19854865
LP		 1333
1334 return 1;
1335}
1336
1337static int bump_unix_max_dgram_qlen(void) {
1338 _cleanup_free_ char *qlen = NULL;
1339 unsigned long v;
1340 int r;
1341
1342 /* Let's bump the net.unix.max_dgram_qlen sysctl. The kernel
1343 * default of 16 is simply too low. We set the value really
1344 * really early during boot, so that it is actually applied to
1345 * all our sockets, including the $NOTIFY_SOCKET one. */
1346
1347 r = read_one_line_file("/proc/sys/net/unix/max_dgram_qlen", &qlen);
1348 if (r < 0)
1349 return log_warning_errno(r, "Failed to read AF_UNIX datagram queue length, ignoring: %m");
1350
1351 r = safe_atolu(qlen, &v);
1352 if (r < 0)
1353 return log_warning_errno(r, "Failed to parse AF_UNIX datagram queue length, ignoring: %m");
1354
1355 if (v >= DEFAULT_UNIX_MAX_DGRAM_QLEN)
1356 return 0;
1357
1358 qlen = mfree(qlen);
1359 if (asprintf(&qlen, "%lu\n", DEFAULT_UNIX_MAX_DGRAM_QLEN) < 0)
1360 return log_oom();
1361
1362 r = write_string_file("/proc/sys/net/unix/max_dgram_qlen", qlen, 0);
1363 if (r < 0)
1364 return log_full_errno(IN_SET(r, -EROFS, -EPERM, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
1365 "Failed to bump AF_UNIX datagram queue length, ignoring: %m");
1366
1367 return 1;
fdd25311
LP		 1368}
1369
32391275
FB		 1370static int fixup_environment(void) {
1371 _cleanup_free_ char *term = NULL;
1372 int r;
1373
84af7821
LP		 1374 /* We expect the environment to be set correctly
1375 * if run inside a container. */
1376 if (detect_container() > 0)
1377 return 0;
1378
32391275
FB		 1379 /* When started as PID1, the kernel uses /dev/console
1380 * for our stdios and uses TERM=linux whatever the
1381 * backend device used by the console. We try to make
1382 * a better guess here since some consoles might not
1383 * have support for color mode for example.
1384 *
1385 * However if TERM was configured through the kernel
1386 * command line then leave it alone. */
1387
1d84ad94 1388 r = proc_cmdline_get_key("TERM", 0, &term);
32391275
FB		 1389 if (r < 0)
1390 return r;
32391275 1391 if (r == 0) {
6af760f3 1392 term = strdup(default_term_for_tty("/dev/console"));
32391275 1393 if (!term)
84af7821 1394 return -ENOMEM;
32391275
FB		 1395 }
1396
1397 if (setenv("TERM", term, 1) < 0)
1398 return -errno;
1399
1400 return 0;
1401}
1402
6808a0bc
LP		 1403static void redirect_telinit(int argc, char *argv[]) {
1404
1405 /* This is compatibility support for SysV, where calling init as a user is identical to telinit. */
1406
1407#if HAVE_SYSV_COMPAT
1408 if (getpid_cached() == 1)
1409 return;
1410
1411 if (!strstr(program_invocation_short_name, "init"))
1412 return;
1413
1414 execv(SYSTEMCTL_BINARY_PATH, argv);
1415 log_error_errno(errno, "Failed to exec " SYSTEMCTL_BINARY_PATH ": %m");
1416 exit(1);
1417#endif
1418}
1419
4a36297c
LP		 1420static int become_shutdown(
1421 const char *shutdown_verb,
1422 int retval,
1423 bool arm_reboot_watchdog) {
1424
1425 char log_level[DECIMAL_STR_MAX(int) + 1],
1426 exit_code[DECIMAL_STR_MAX(uint8_t) + 1];
1427
1428 const char* command_line[11] = {
1429 SYSTEMD_SHUTDOWN_BINARY_PATH,
1430 shutdown_verb,
1431 "--log-level", log_level,
1432 "--log-target",
1433 };
1434
1435 _cleanup_strv_free_ char **env_block = NULL;
1436 size_t pos = 5;
1437 int r;
1438
1439 assert(command_line[pos] == NULL);
1440 env_block = strv_copy(environ);
1441
1442 xsprintf(log_level, "%d", log_get_max_level());
1443
1444 switch (log_get_target()) {
1445
1446 case LOG_TARGET_KMSG:
1447 case LOG_TARGET_JOURNAL_OR_KMSG:
1448 case LOG_TARGET_SYSLOG_OR_KMSG:
1449 command_line[pos++] = "kmsg";
1450 break;
1451
1452 case LOG_TARGET_NULL:
1453 command_line[pos++] = "null";
1454 break;
1455
1456 case LOG_TARGET_CONSOLE:
1457 default:
1458 command_line[pos++] = "console";
1459 break;
1460 };
1461
1462 if (log_get_show_color())
1463 command_line[pos++] = "--log-color";
1464
1465 if (log_get_show_location())
1466 command_line[pos++] = "--log-location";
1467
1468 if (streq(shutdown_verb, "exit")) {
1469 command_line[pos++] = "--exit-code";
1470 command_line[pos++] = exit_code;
1471 xsprintf(exit_code, "%d", retval);
1472 }
1473
1474 assert(pos < ELEMENTSOF(command_line));
1475
1476 if (arm_reboot_watchdog && arg_shutdown_watchdog > 0 && arg_shutdown_watchdog != USEC_INFINITY) {
1477 char *e;
1478
1479 /* If we reboot let's set the shutdown
1480 * watchdog and tell the shutdown binary to
1481 * repeatedly ping it */
1482 r = watchdog_set_timeout(&arg_shutdown_watchdog);
1483 watchdog_close(r < 0);
1484
1485 /* Tell the binary how often to ping, ignore failure */
1486 if (asprintf(&e, "WATCHDOG_USEC="USEC_FMT, arg_shutdown_watchdog) > 0)
1487 (void) strv_push(&env_block, e);
1488 } else
1489 watchdog_close(true);
1490
1491 /* Avoid the creation of new processes forked by the
1492 * kernel; at this point, we will not listen to the
1493 * signals anyway */
1494 if (detect_container() <= 0)
1495 (void) cg_uninstall_release_agent(SYSTEMD_CGROUP_CONTROLLER);
1496
1497 execve(SYSTEMD_SHUTDOWN_BINARY_PATH, (char **) command_line, env_block);
1498 return -errno;
1499}
1500
e839bafd
LP		 1501static void initialize_clock(void) {
1502 int r;
1503
1504 if (clock_is_localtime(NULL) > 0) {
1505 int min;
1506
1507 /*
1508 * The very first call of settimeofday() also does a time warp in the kernel.
1509 *
1510 * In the rtc-in-local time mode, we set the kernel's timezone, and rely on external tools to take care
1511 * of maintaining the RTC and do all adjustments. This matches the behavior of Windows, which leaves
1512 * the RTC alone if the registry tells that the RTC runs in UTC.
1513 */
1514 r = clock_set_timezone(&min);
1515 if (r < 0)
1516 log_error_errno(r, "Failed to apply local time delta, ignoring: %m");
1517 else
1518 log_info("RTC configured in localtime, applying delta of %i minutes to system time.", min);
1519
1520 } else if (!in_initrd()) {
1521 /*
1522 * Do a dummy very first call to seal the kernel's time warp magic.
1523 *
1524 * Do not call this from inside the initrd. The initrd might not carry /etc/adjtime with LOCAL, but the
1525 * real system could be set up that way. In such case, we need to delay the time-warp or the sealing
1526 * until we reach the real system.
1527 *
1528 * Do no set the kernel's timezone. The concept of local time cannot be supported reliably, the time
1529 * will jump or be incorrect at every daylight saving time change. All kernel local time concepts will
1530 * be treated as UTC that way.
1531 */
1532 (void) clock_reset_timewarp();
1533 }
1534
1535 r = clock_apply_epoch();
1536 if (r < 0)
1537 log_error_errno(r, "Current system time is before build time, but cannot correct: %m");
1538 else if (r > 0)
1539 log_info("System time before build time, advancing clock.");
1540}
1541
1e41242e
LP		 1542static void initialize_coredump(bool skip_setup) {
1543
1544 if (getpid_cached() != 1)
1545 return;
1546
1547 /* Don't limit the core dump size, so that coredump handlers such as systemd-coredump (which honour the limit)
1548 * will process core dumps for system services by default. */
1549 if (setrlimit(RLIMIT_CORE, &RLIMIT_MAKE_CONST(RLIM_INFINITY)) < 0)
1550 log_warning_errno(errno, "Failed to set RLIMIT_CORE: %m");
1551
1552 /* But at the same time, turn off the core_pattern logic by default, so that no coredumps are stored
1553 * until the systemd-coredump tool is enabled via sysctl. */
1554 if (!skip_setup)
1555 (void) write_string_file("/proc/sys/kernel/core_pattern", "|/bin/false", 0);
1556}
1557
60918275
LP		 1558int main(int argc, char *argv[]) {
1559 Manager *m = NULL;
22f4096c 1560 int r, retval = EXIT_FAILURE;
9d76d730
LP		 1561 usec_t before_startup, after_startup;
1562 char timespan[FORMAT_TIMESPAN_MAX];
a16e1123
LP		 1563 FDSet *fds = NULL;
1564 bool reexecute = false;
b9080b03 1565 const char *shutdown_verb = NULL;
86caf095
LP		 1566 dual_timestamp initrd_timestamp = DUAL_TIMESTAMP_NULL;
1567 dual_timestamp userspace_timestamp = DUAL_TIMESTAMP_NULL;
1568 dual_timestamp kernel_timestamp = DUAL_TIMESTAMP_NULL;
1569 dual_timestamp security_start_timestamp = DUAL_TIMESTAMP_NULL;
1570 dual_timestamp security_finish_timestamp = DUAL_TIMESTAMP_NULL;
5d6b1584 1571 static char systemd[] = "systemd";
2660882b 1572 bool skip_setup = false;
d3b1c508 1573 unsigned j;
0b3325e7 1574 bool loaded_policy = false;
e96d6be7 1575 bool arm_reboot_watchdog = false;
bf4df7c3 1576 bool queue_default_job = false;
fd130612 1577 bool first_boot = false;
41669317 1578 char *switch_root_dir = NULL, *switch_root_init = NULL;
fb3ae275 1579 struct rlimit saved_rlimit_nofile = RLIMIT_MAKE_CONST(0), saved_rlimit_memlock = RLIMIT_MAKE_CONST((rlim_t) -1);
cb6531be 1580 const char *error_message = NULL;
27b14a22 1581
6808a0bc 1582 redirect_telinit(argc, argv);
2cb1a60d 1583
c3a170f3
HH		 1584 dual_timestamp_from_monotonic(&kernel_timestamp, 0);
1585 dual_timestamp_get(&userspace_timestamp);
1586
0b3325e7
LP		 1587 /* Determine if this is a reexecution or normal bootup. We do
1588 * the full command line parsing much later, so let's just
1589 * have a quick peek here. */
db813c2a
LP		 1590 if (strv_find(argv+1, "--deserialize"))
1591 skip_setup = true;
0b3325e7 1592
2660882b
LP		 1593 /* If we have switched root, do all the special setup
1594 * things */
db813c2a
LP		 1595 if (strv_find(argv+1, "--switched-root"))
1596 skip_setup = false;
d03bc1b8 1597
f3b6a3ed
LP		 1598 /* If we get started via the /sbin/init symlink then we are
1599 called 'init'. After a subsequent reexecution we are then
1600 called 'systemd'. That is confusing, hence let's call us
1601 systemd right-away. */
f3b6a3ed 1602 program_invocation_short_name = systemd;
eee8b7ab 1603 (void) prctl(PR_SET_NAME, systemd);
5d6b1584 1604
9a0e6896
LP		 1605 saved_argv = argv;
1606 saved_argc = argc;
f3b6a3ed 1607
c1dc6153 1608 log_set_upgrade_syslog_to_journal(true);
bbe63281 1609
df0ff127 1610 if (getpid_cached() == 1) {
48a601fe 1611 /* Disable the umask logic */
90dc8c2e
MG		 1612 umask(0);
1613
48a601fe
LP		 1614 /* Always reopen /dev/console when running as PID 1 or one of its pre-execve() children. This is
1615 * important so that we never end up logging to any foreign stderr, for example if we have to log in a
1616 * child process right before execve()'ing the actual binary, at a point in time where socket
1617 * activation stderr/stdout area already set up. */
1618 log_set_always_reopen_console(true);
1619 }
1620
df0ff127 1621 if (getpid_cached() == 1 && detect_container() <= 0) {
4f8d551f 1622
a866073d 1623 /* Running outside of a container as PID 1 */
463d0d15 1624 arg_system = true;
a866073d
LP		 1625 log_set_target(LOG_TARGET_KMSG);
1626 log_open();
1627
21bf2ab0 1628 if (in_initrd())
c3a170f3 1629 initrd_timestamp = userspace_timestamp;
c3ba6250 1630
2660882b 1631 if (!skip_setup) {
d723cd65
AK		 1632 r = mount_setup_early();
1633 if (r < 0) {
eee8b7ab 1634 error_message = "Failed to mount early API filesystems";
d723cd65
AK		 1635 goto finish;
1636 }
eee8b7ab 1637
c2e0d600 1638 dual_timestamp_get(&security_start_timestamp);
cb6531be
ZJS		 1639 if (mac_selinux_setup(&loaded_policy) < 0) {
1640 error_message = "Failed to load SELinux policy";
0b3325e7 1641 goto finish;
cb6531be
ZJS		 1642 } else if (mac_smack_setup(&loaded_policy) < 0) {
1643 error_message = "Failed to load SMACK policy";
ffbd2c4d 1644 goto finish;
96694e99
IP		 1645 } else if (ima_setup() < 0) {
1646 error_message = "Failed to load IMA policy";
1647 goto finish;
cb6531be 1648 }
c2e0d600 1649 dual_timestamp_get(&security_finish_timestamp);
81611586 1650 }
0b3325e7 1651
c3dacc8b 1652 if (mac_selinux_init() < 0) {
cb6531be 1653 error_message = "Failed to initialize SELinux policy";
0ff4cdd9 1654 goto finish;
cb6531be 1655 }
7948c4df 1656
e839bafd
LP		 1657 if (!skip_setup)
1658 initialize_clock();
a866073d
LP		 1659
1660 /* Set the default for later on, but don't actually
1661 * open the logs like this for now. Note that if we
1662 * are transitioning from the initrd there might still
1663 * be journal fd open, and we shouldn't attempt
1664 * opening that before we parsed /proc/cmdline which
1665 * might redirect output elsewhere. */
1666 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
1667
df0ff127 1668 } else if (getpid_cached() == 1) {
a866073d 1669 /* Running inside a container, as PID 1 */
463d0d15 1670 arg_system = true;
a866073d 1671 log_set_target(LOG_TARGET_CONSOLE);
99f09825 1672 log_close_console(); /* force reopen of /dev/console */
a866073d
LP		 1673 log_open();
1674
eee8b7ab 1675 /* For later on, see above... */
a866073d
LP		 1676 log_set_target(LOG_TARGET_JOURNAL);
1677
c3a170f3
HH		 1678 /* clear the kernel timestamp,
1679 * because we are in a container */
0f5f63c3 1680 kernel_timestamp = DUAL_TIMESTAMP_NULL;
c3a170f3 1681 } else {
a866073d 1682 /* Running as user instance */
463d0d15 1683 arg_system = false;
eeecf6e6 1684 log_set_target(LOG_TARGET_AUTO);
871e5809 1685 log_open();
c3a170f3
HH		 1686
1687 /* clear the kernel timestamp,
1688 * because we are not PID 1 */
6513d561 1689 kernel_timestamp = DUAL_TIMESTAMP_NULL;
bbe63281 1690 }
a5dab5ce 1691
1e41242e 1692 initialize_coredump(skip_setup);
15a90032 1693
6edefe0b 1694 if (arg_system) {
84af7821
LP		 1695 if (fixup_environment() < 0) {
1696 error_message = "Failed to fix up PID1 environment";
1697 goto finish;
1698 }
32391275 1699
3a18b604
FB		 1700 /* Try to figure out if we can use colors with the console. No
1701 * need to do that for user instances since they never log
1702 * into the console. */
1703 log_show_color(colors_enabled());
c76cf844
AK		 1704 r = make_null_stdio();
1705 if (r < 0)
1706 log_warning_errno(r, "Failed to redirect standard streams to /dev/null: %m");
3a18b604
FB		 1707 }
1708
a07fdfa3 1709 r = initialize_join_controllers();
cb6531be 1710 if (r < 0) {
ff9b60f3 1711 error_message = "Failed to initialize cgroup controllers";
0c85a4f3 1712 goto finish;
cb6531be 1713 }
0c85a4f3 1714
f170852a
LP		 1715 /* Mount /proc, /sys and friends, so that /proc/cmdline and
1716 * /proc/$PID/fd is available. */
df0ff127 1717 if (getpid_cached() == 1) {
f84f9974 1718
a132bef0 1719 /* Load the kernel modules early. */
2e75e2a8
DM		 1720 if (!skip_setup)
1721 kmod_setup();
2e75e2a8 1722
0c85a4f3 1723 r = mount_setup(loaded_policy);
cb6531be
ZJS		 1724 if (r < 0) {
1725 error_message = "Failed to mount API filesystems";
8efe3c01 1726 goto finish;
cb6531be 1727 }
0c85a4f3 1728 }
4ade7963
LP		 1729
1730 /* Reset all signal handlers. */
ce30c8dc
LP		 1731 (void) reset_all_signal_handlers();
1732 (void) ignore_signals(SIGNALS_IGNORE, -1);
078e4539 1733
f5058264 1734 arg_default_tasks_max = system_tasks_max_scale(DEFAULT_TASKS_MAX_PERCENTAGE, 100U);
79baeeb9 1735
cb6531be
ZJS		 1736 if (parse_config_file() < 0) {
1737 error_message = "Failed to parse config file";
487393e9 1738 goto finish;
cb6531be 1739 }
487393e9 1740
463d0d15 1741 if (arg_system) {
1d84ad94 1742 r = proc_cmdline_parse(parse_proc_cmdline_item, NULL, 0);
b5884878 1743 if (r < 0)
da927ba9 1744 log_warning_errno(r, "Failed to parse kernel command line, ignoring: %m");
b5884878 1745 }
f170852a 1746
1de1c9c3
LP		 1747 /* Note that this also parses bits from the kernel command
1748 * line, including "debug". */
f170852a
LP		 1749 log_parse_environment();
1750
cb6531be
ZJS		 1751 if (parse_argv(argc, argv) < 0) {
1752 error_message = "Failed to parse commandline arguments";
f170852a 1753 goto finish;
cb6531be 1754 }
f170852a 1755
10c961b9
AK		 1756 /* Initialize default unit */
1757 if (!arg_default_unit) {
f6dd106c
AK		 1758 arg_default_unit = strdup(SPECIAL_DEFAULT_TARGET);
1759 if (!arg_default_unit) {
1760 r = log_oom();
10c961b9
AK		 1761 error_message = "Failed to set default unit";
1762 goto finish;
1763 }
1764 }
1765
6bae23a0
TB		 1766 if (arg_action == ACTION_TEST &&
1767 geteuid() == 0) {
b5c6cf87
LP		 1768 log_error("Don't run test mode as root.");
1769 goto finish;
1770 }
1771
463d0d15 1772 if (!arg_system &&
6bae23a0
TB		 1773 arg_action == ACTION_RUN &&
1774 sd_booted() <= 0) {
1775 log_error("Trying to run as user instance, but the system has not been booted with systemd.");
1776 goto finish;
1777 }
1778
463d0d15 1779 if (arg_system &&
fe783b03
LP		 1780 arg_action == ACTION_RUN &&
1781 running_in_chroot() > 0) {
1782 log_error("Cannot be run in a chroot() environment.");
1783 goto finish;
1784 }
1785
4c701096 1786 if (IN_SET(arg_action, ACTION_TEST, ACTION_HELP)) {
ea4b98e6 1787 pager_open(arg_no_pager, false);
74e7579c
AK		 1788 skip_setup = true;
1789 }
b87c2aa6 1790
fa0f4d8a 1791 if (arg_action == ACTION_HELP) {
f170852a
LP		 1792 retval = help();
1793 goto finish;
9ba0bc4e
ZJS		 1794 } else if (arg_action == ACTION_VERSION) {
1795 retval = version();
1796 goto finish;
fa0f4d8a 1797 } else if (arg_action == ACTION_DUMP_CONFIGURATION_ITEMS) {
13811bf9 1798 pager_open(arg_no_pager, false);
e537352b 1799 unit_dump_config_items(stdout);
22f4096c 1800 retval = EXIT_SUCCESS;
e537352b 1801 goto finish;
f170852a
LP		 1802 }
1803
463d0d15 1804 if (!arg_system &&
8be28fb1
KS		 1805 !getenv("XDG_RUNTIME_DIR")) {
1806 log_error("Trying to run as user instance, but $XDG_RUNTIME_DIR is not set.");
1807 goto finish;
1808 }
1809
4c701096 1810 assert_se(IN_SET(arg_action, ACTION_RUN, ACTION_TEST));
f170852a 1811
871e5809
LP		 1812 /* Close logging fds, in order not to confuse fdset below */
1813 log_close();
1814
a16e1123 1815 /* Remember open file descriptors for later deserialization */
dea374e8
LP		 1816 if (arg_action == ACTION_RUN) {
1817 r = fdset_new_fill(&fds);
1818 if (r < 0) {
1819 log_emergency_errno(r, "Failed to allocate fd set: %m");
1820 error_message = "Failed to allocate fd set";
1821 goto finish;
1822 } else
1823 fdset_cloexec(fds, true);
a16e1123 1824
dea374e8
LP		 1825 if (arg_serialization)
1826 assert_se(fdset_remove(fds, fileno(arg_serialization)) >= 0);
a16e1123 1827
dea374e8
LP		 1828 if (arg_system)
1829 /* Become a session leader if we aren't one yet. */
1830 setsid();
1831 }
4ade7963 1832
befb5b6a 1833 /* Move out of the way, so that we won't block unmounts */
d250afe7 1834 assert_se(chdir("/") == 0);
befb5b6a 1835
2146621b
LP		 1836 /* Reset the console, but only if this is really init and we
1837 * are freshly booted */
463d0d15 1838 if (arg_system && arg_action == ACTION_RUN) {
56d96fc0
LP		 1839
1840 /* If we are init, we connect stdin/stdout/stderr to
1841 * /dev/null and make sure we don't have a controlling
1842 * tty. */
1843 release_terminal();
1844
df0ff127 1845 if (getpid_cached() == 1 && !skip_setup)
56d96fc0
LP		 1846 console_setup();
1847 }
4ade7963 1848
18149b9f 1849 /* Open the logging devices, if possible and necessary */
843d2643 1850 log_open();
4ade7963 1851
b6e2f329
LP		 1852 if (arg_show_status == _SHOW_STATUS_UNSET)
1853 arg_show_status = SHOW_STATUS_YES;
1854
5373d602
LP		 1855 /* Make sure we leave a core dump without panicing the
1856 * kernel. */
df0ff127 1857 if (getpid_cached() == 1) {
4fc935ca 1858 install_crash_handler();
97c4f35c 1859
0c85a4f3
LP		 1860 r = mount_cgroup_controllers(arg_join_controllers);
1861 if (r < 0)
1862 goto finish;
1863 }
1864
463d0d15 1865 if (arg_system) {
75f86906 1866 int v;
c20f5ac7 1867
0d8c31ff
ZJS		 1868 log_info(PACKAGE_STRING " running in %ssystem mode. (" SYSTEMD_FEATURES ")",
1869 arg_action == ACTION_TEST ? "test " : "" );
c20f5ac7 1870
75f86906
LP		 1871 v = detect_virtualization();
1872 if (v > 0)
1873 log_info("Detected virtualization %s.", virtualization_to_string(v));
c20f5ac7 1874
fdd25311
LP		 1875 write_container_id();
1876
d3f86679 1877 log_info("Detected architecture %s.", architecture_to_string(uname_architecture()));
d9d93745 1878
26a1efdf
LP		 1879 if (in_initrd())
1880 log_info("Running in initial RAM disk.");
fd130612
LP		 1881 else {
1882 /* Let's check whether we are in first boot, i.e. whether /etc is still unpopulated. We use
1883 * /etc/machine-id as flag file, for this: if it exists we assume /etc is populated, if it
1884 * doesn't it's unpopulated. This allows container managers and installers to provision a
1885 * couple of files already. If the container manager wants to provision the machine ID itself
1886 * it should pass $container_uuid to PID 1. */
1887
1888 first_boot = access("/etc/machine-id", F_OK) < 0;
1889 if (first_boot)
1890 log_info("Running with unpopulated /etc.");
1891 }
d8160f21 1892 } else {
1f97091d
LP		 1893 _cleanup_free_ char *t;
1894
1895 t = uid_to_name(getuid());
a68aef7a
LP		 1896 log_debug(PACKAGE_STRING " running in %suser mode for user " UID_FMT "/%s. (" SYSTEMD_FEATURES ")",
1897 arg_action == ACTION_TEST ? " test" : "", getuid(), strna(t));
d8160f21 1898 }
a5dab5ce 1899
dea374e8
LP		 1900 if (arg_action == ACTION_RUN) {
1901 if (arg_system && !skip_setup) {
1902 if (arg_show_status > 0)
1903 status_welcome();
888c6216 1904
dea374e8
LP		 1905 hostname_setup();
1906 machine_id_setup(NULL, arg_machine_id, NULL);
1907 loopback_setup();
1908 bump_unix_max_dgram_qlen();
490aed58 1909
dea374e8
LP		 1910 test_usr();
1911 }
302e8c4c 1912
dea374e8
LP		 1913 if (arg_system && arg_runtime_watchdog > 0 && arg_runtime_watchdog != USEC_INFINITY)
1914 watchdog_set_timeout(&arg_runtime_watchdog);
e96d6be7 1915
dea374e8
LP		 1916 if (arg_timer_slack_nsec != NSEC_INFINITY)
1917 if (prctl(PR_SET_TIMERSLACK, arg_timer_slack_nsec) < 0)
1918 log_error_errno(errno, "Failed to adjust timer slack: %m");
aa0f64ac 1919
dea374e8
LP		 1920 if (arg_system && !cap_test_all(arg_capability_bounding_set)) {
1921 r = capability_bounding_set_drop_usermode(arg_capability_bounding_set);
1922 if (r < 0) {
1923 log_emergency_errno(r, "Failed to drop capability bounding set of usermode helpers: %m");
1924 error_message = "Failed to drop capability bounding set of usermode helpers";
1925 goto finish;
1926 }
1927 r = capability_bounding_set_drop(arg_capability_bounding_set, true);
1928 if (r < 0) {
1929 log_emergency_errno(r, "Failed to drop capability bounding set: %m");
1930 error_message = "Failed to drop capability bounding set";
1931 goto finish;
1932 }
939b8f14 1933 }
ec8927ca 1934
dea374e8
LP		 1935 if (arg_syscall_archs) {
1936 r = enforce_syscall_archs(arg_syscall_archs);
1937 if (r < 0) {
1938 error_message = "Failed to set syscall architectures";
1939 goto finish;
1940 }
cb6531be 1941 }
d3b1c508 1942
dea374e8
LP		 1943 if (!arg_system)
1944 /* Become reaper of our children */
1945 if (prctl(PR_SET_CHILD_SUBREAPER, 1) < 0)
1946 log_warning_errno(errno, "Failed to make us a subreaper: %m");
d4447f4d 1947
fb3ae275 1948 if (arg_system) {
dea374e8
LP		 1949 /* Bump up RLIMIT_NOFILE for systemd itself */
1950 (void) bump_rlimit_nofile(&saved_rlimit_nofile);
fb3ae275
LP		 1951 (void) bump_rlimit_memlock(&saved_rlimit_memlock);
1952 }
dea374e8 1953 }
4096d6f5 1954
e0a3da1f
ZJS		 1955 r = manager_new(arg_system ? UNIT_FILE_SYSTEM : UNIT_FILE_USER,
1956 arg_action == ACTION_TEST ? MANAGER_TEST_FULL : 0,
1957 &m);
e96d6be7 1958 if (r < 0) {
da927ba9 1959 log_emergency_errno(r, "Failed to allocate manager object: %m");
cb6531be 1960 error_message = "Failed to allocate manager object";
60918275
LP		 1961 goto finish;
1962 }
1963
c3a170f3
HH		 1964 m->userspace_timestamp = userspace_timestamp;
1965 m->kernel_timestamp = kernel_timestamp;
c3a170f3 1966 m->initrd_timestamp = initrd_timestamp;
c2e0d600
TA		 1967 m->security_start_timestamp = security_start_timestamp;
1968 m->security_finish_timestamp = security_finish_timestamp;
9e58ff9c 1969
85cb4151 1970 set_manager_defaults(m);
7b46fc6a 1971 set_manager_settings(m);
fd130612 1972 manager_set_first_boot(m, first_boot);
27d340c7 1973
bf4df7c3 1974 /* Remember whether we should queue the default job */
d3b1c508 1975 queue_default_job = !arg_serialization || arg_switched_root;
bf4df7c3 1976
9d76d730
LP		 1977 before_startup = now(CLOCK_MONOTONIC);
1978
d3b1c508 1979 r = manager_startup(m, arg_serialization, fds);
58f88d92 1980 if (r < 0) {
da927ba9 1981 log_error_errno(r, "Failed to fully start up daemon: %m");
58f88d92
ZJS		 1982 goto finish;
1983 }
a16e1123 1984
bf4df7c3
LP		 1985 /* This will close all file descriptors that were opened, but
1986 * not claimed by any unit. */
2feceb5e 1987 fds = fdset_free(fds);
f50e0a01 1988
74ca738f 1989 arg_serialization = safe_fclose(arg_serialization);
bf4df7c3
LP		 1990
1991 if (queue_default_job) {
4afd3348 1992 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1c27d3f3 1993 Unit *target = NULL;
bacbccb7 1994 Job *default_unit_job;
398ef8ba 1995
fa0f4d8a 1996 log_debug("Activating default unit: %s", arg_default_unit);
a16e1123 1997
e96d6be7 1998 r = manager_load_unit(m, arg_default_unit, NULL, &error, &target);
718db961
LP		 1999 if (r < 0)
2000 log_error("Failed to load default target: %s", bus_error_message(&error, r));
4c701096 2001 else if (IN_SET(target->load_state, UNIT_ERROR, UNIT_NOT_FOUND))
c33b3297 2002 log_error_errno(target->load_error, "Failed to load default target: %m");
ac155bb8 2003 else if (target->load_state == UNIT_MASKED)
6daf4f90 2004 log_error("Default target masked.");
27b14a22 2005
ac155bb8 2006 if (!target || target->load_state != UNIT_LOADED) {
a16e1123 2007 log_info("Trying to load rescue target...");
1c27d3f3 2008
e96d6be7
LP		 2009 r = manager_load_unit(m, SPECIAL_RESCUE_TARGET, NULL, &error, &target);
2010 if (r < 0) {
4104970e 2011 log_emergency("Failed to load rescue target: %s", bus_error_message(&error, r));
cb6531be 2012 error_message = "Failed to load rescue target";
a16e1123 2013 goto finish;
4c701096 2014 } else if (IN_SET(target->load_state, UNIT_ERROR, UNIT_NOT_FOUND)) {
c33b3297 2015 log_emergency_errno(target->load_error, "Failed to load rescue target: %m");
cb6531be 2016 error_message = "Failed to load rescue target";
1c27d3f3 2017 goto finish;
ac155bb8 2018 } else if (target->load_state == UNIT_MASKED) {
4104970e 2019 log_emergency("Rescue target masked.");
cb6531be 2020 error_message = "Rescue target masked";
00dc5d76 2021 goto finish;
a16e1123
LP		 2022 }
2023 }
37d88da7 2024
ac155bb8 2025 assert(target->load_state == UNIT_LOADED);
00dc5d76 2026
fa0f4d8a 2027 if (arg_action == ACTION_TEST) {
40d50879 2028 printf("-> By units:\n");
a16e1123
LP		 2029 manager_dump_units(m, stdout, "\t");
2030 }
2031
4bd29fe5 2032 r = manager_add_job(m, JOB_START, target, JOB_ISOLATE, &error, &default_unit_job);
ab17a050 2033 if (r == -EPERM) {
718db961 2034 log_debug("Default target could not be isolated, starting instead: %s", bus_error_message(&error, r));
ab17a050 2035
5022ce71
LP		 2036 sd_bus_error_free(&error);
2037
4bd29fe5 2038 r = manager_add_job(m, JOB_START, target, JOB_REPLACE, &error, &default_unit_job);
ab17a050 2039 if (r < 0) {
4104970e 2040 log_emergency("Failed to start default target: %s", bus_error_message(&error, r));
cb6531be 2041 error_message = "Failed to start default target";
ab17a050
LP		 2042 goto finish;
2043 }
2044 } else if (r < 0) {
4104970e 2045 log_emergency("Failed to isolate default target: %s", bus_error_message(&error, r));
cb6531be 2046 error_message = "Failed to isolate default target";
37d88da7
LP		 2047 goto finish;
2048 }
ab17a050 2049
bacbccb7 2050 m->default_unit_job_id = default_unit_job->id;
60918275 2051
07672f49
LP		 2052 after_startup = now(CLOCK_MONOTONIC);
2053 log_full(arg_action == ACTION_TEST ? LOG_INFO : LOG_DEBUG,
2054 "Loaded units and determined initial transaction in %s.",
fdb14b7e 2055 format_timespan(timespan, sizeof(timespan), after_startup - before_startup, 100 * USEC_PER_MSEC));
07672f49 2056
fa0f4d8a 2057 if (arg_action == ACTION_TEST) {
40d50879 2058 printf("-> By jobs:\n");
a16e1123 2059 manager_dump_jobs(m, stdout, "\t");
22f4096c 2060 retval = EXIT_SUCCESS;
a16e1123
LP		 2061 goto finish;
2062 }
e965d56d 2063 }
d46de8a1 2064
a16e1123 2065 for (;;) {
e96d6be7
LP		 2066 r = manager_loop(m);
2067 if (r < 0) {
da927ba9 2068 log_emergency_errno(r, "Failed to run main loop: %m");
cb6531be 2069 error_message = "Failed to run main loop";
a16e1123
LP		 2070 goto finish;
2071 }
11dd41ce 2072
a16e1123 2073 switch (m->exit_code) {
e965d56d 2074
a16e1123 2075 case MANAGER_RELOAD:
e015090f 2076 log_info("Reloading.");
06af2a04
TB		 2077
2078 r = parse_config_file();
2079 if (r < 0)
2080 log_error("Failed to parse config file.");
2081
85cb4151 2082 set_manager_defaults(m);
06af2a04 2083
e96d6be7
LP		 2084 r = manager_reload(m);
2085 if (r < 0)
da927ba9 2086 log_error_errno(r, "Failed to reload: %m");
a16e1123 2087 break;
cea8e32e 2088
a16e1123 2089 case MANAGER_REEXECUTE:
664f88a7 2090
cb6531be 2091 if (prepare_reexecute(m, &arg_serialization, &fds, false) < 0) {
6b9af963 2092 error_message = "Failed to prepare for reexecution";
a16e1123 2093 goto finish;
cb6531be 2094 }
60918275 2095
a16e1123 2096 reexecute = true;
e015090f 2097 log_notice("Reexecuting.");
a16e1123
LP		 2098 goto finish;
2099
664f88a7
LP		 2100 case MANAGER_SWITCH_ROOT:
2101 /* Steal the switch root parameters */
41669317 2102 switch_root_dir = m->switch_root;
664f88a7
LP		 2103 switch_root_init = m->switch_root_init;
2104 m->switch_root = m->switch_root_init = NULL;
2105
2106 if (!switch_root_init)
cb6531be 2107 if (prepare_reexecute(m, &arg_serialization, &fds, true) < 0) {
6b9af963 2108 error_message = "Failed to prepare for reexecution";
664f88a7 2109 goto finish;
cb6531be 2110 }
664f88a7
LP		 2111
2112 reexecute = true;
2113 log_notice("Switching root.");
2114 goto finish;
2115
287419c1 2116 case MANAGER_EXIT:
97792515
LP		 2117 retval = m->return_value;
2118
463d0d15 2119 if (MANAGER_IS_USER(m)) {
8ebfe0cb
DH		 2120 log_debug("Exit.");
2121 goto finish;
2122 }
2123
2124 /* fallthrough */
b9080b03
FF		 2125 case MANAGER_REBOOT:
2126 case MANAGER_POWEROFF:
2127 case MANAGER_HALT:
2128 case MANAGER_KEXEC: {
2129 static const char * const table[_MANAGER_EXIT_CODE_MAX] = {
287419c1 2130 [MANAGER_EXIT] = "exit",
b9080b03
FF		 2131 [MANAGER_REBOOT] = "reboot",
2132 [MANAGER_POWEROFF] = "poweroff",
2133 [MANAGER_HALT] = "halt",
2134 [MANAGER_KEXEC] = "kexec"
2135 };
2136
2137 assert_se(shutdown_verb = table[m->exit_code]);
e96d6be7 2138 arm_reboot_watchdog = m->exit_code == MANAGER_REBOOT;
b9080b03
FF		 2139
2140 log_notice("Shutting down.");
2141 goto finish;
2142 }
2143
a16e1123
LP		 2144 default:
2145 assert_not_reached("Unknown exit code.");
2146 }
2147 }
f170852a 2148
60918275 2149finish:
b87c2aa6
ZJS		 2150 pager_close();
2151
97792515 2152 if (m)
81f5fc2d 2153 arg_shutdown_watchdog = m->shutdown_watchdog;
fe382237 2154
06d8d842 2155 m = manager_free(m);
60918275 2156
1f6b4113 2157 for (j = 0; j < ELEMENTSOF(arg_default_rlimit); j++)
a1e58e8e 2158 arg_default_rlimit[j] = mfree(arg_default_rlimit[j]);
c93ff2e9 2159
97b11eed 2160 arg_default_unit = mfree(arg_default_unit);
7d5ceb64 2161 arg_confirm_spawn = mfree(arg_confirm_spawn);
fe382237 2162 arg_join_controllers = strv_free_free(arg_join_controllers);
97b11eed 2163 arg_default_environment = strv_free(arg_default_environment);
525d3cc7 2164 arg_syscall_archs = set_free(arg_syscall_archs);
d3b1c508 2165
cc56fafe 2166 mac_selinux_finish();
b2bb3dbe 2167
a16e1123 2168 if (reexecute) {
664f88a7 2169 const char **args;
e564a982 2170 unsigned i, args_size;
a16e1123 2171
664f88a7
LP		 2172 /* Close and disarm the watchdog, so that the new
2173 * instance can reinitialize it, but doesn't get
2174 * rebooted while we do that */
2175 watchdog_close(true);
a16e1123 2176
4096d6f5
LP		 2177 /* Reset the RLIMIT_NOFILE to the kernel default, so
2178 * that the new systemd can pass the kernel default to
2179 * its child processes */
2180 if (saved_rlimit_nofile.rlim_cur > 0)
92ca4cac 2181 (void) setrlimit(RLIMIT_NOFILE, &saved_rlimit_nofile);
fb3ae275
LP		 2182 if (saved_rlimit_memlock.rlim_cur != (rlim_t) -1)
2183 (void) setrlimit(RLIMIT_MEMLOCK, &saved_rlimit_memlock);
4096d6f5 2184
41669317 2185 if (switch_root_dir) {
cee530bb
LP		 2186 /* Kill all remaining processes from the
2187 * initrd, but don't wait for them, so that we
2188 * can handle the SIGCHLD for them after
2189 * deserializing. */
0bee65f0 2190 broadcast_signal(SIGTERM, false, true);
bd3fa1d2 2191
5a4bf02f
HH		 2192 /* And switch root with MS_MOVE, because we remove the old directory afterwards and detach it. */
2193 r = switch_root(switch_root_dir, "/mnt", true, MS_MOVE);
41669317 2194 if (r < 0)
da927ba9 2195 log_error_errno(r, "Failed to switch root, trying to continue: %m");
41669317 2196 }
a16e1123 2197
d03bc1b8 2198 args_size = MAX(6, argc+1);
e564a982 2199 args = newa(const char*, args_size);
a16e1123 2200
664f88a7 2201 if (!switch_root_init) {
5ffa8c81 2202 char sfd[DECIMAL_STR_MAX(int) + 1];
a16e1123 2203
664f88a7
LP		 2204 /* First try to spawn ourselves with the right
2205 * path, and with full serialization. We do
2206 * this only if the user didn't specify an
2207 * explicit init to spawn. */
edb9aaa8 2208
d3b1c508 2209 assert(arg_serialization);
664f88a7 2210 assert(fds);
edb9aaa8 2211
5ffa8c81 2212 xsprintf(sfd, "%i", fileno(arg_serialization));
edb9aaa8 2213
664f88a7
LP		 2214 i = 0;
2215 args[i++] = SYSTEMD_BINARY_PATH;
41669317 2216 if (switch_root_dir)
2660882b 2217 args[i++] = "--switched-root";
463d0d15 2218 args[i++] = arg_system ? "--system" : "--user";
664f88a7
LP		 2219 args[i++] = "--deserialize";
2220 args[i++] = sfd;
2221 args[i++] = NULL;
edb9aaa8 2222
e564a982 2223 assert(i <= args_size);
dcadc967
EV		 2224
2225 /*
2226 * We want valgrind to print its memory usage summary before reexecution.
2227 * Valgrind won't do this is on its own on exec(), but it will do it on exit().
2228 * Hence, to ensure we get a summary here, fork() off a child, let it exit() cleanly,
2229 * so that it prints the summary, and wait() for it in the parent, before proceeding into the exec().
2230 */
2231 valgrind_summary_hack();
2232
92ca4cac 2233 (void) execv(args[0], (char* const*) args);
664f88a7 2234 }
6e98720f 2235
664f88a7
LP		 2236 /* Try the fallback, if there is any, without any
2237 * serialization. We pass the original argv[] and
2238 * envp[]. (Well, modulo the ordering changes due to
2239 * getopt() in argv[], and some cleanups in envp[],
2240 * but let's hope that doesn't matter.) */
a16e1123 2241
74ca738f 2242 arg_serialization = safe_fclose(arg_serialization);
2feceb5e 2243 fds = fdset_free(fds);
a16e1123 2244
bd64d82c
ZJS		 2245 /* Reopen the console */
2246 (void) make_console_stdio();
2247
d3b1c508 2248 for (j = 1, i = 1; j < (unsigned) argc; j++)
664f88a7 2249 args[i++] = argv[j];
a16e1123 2250 args[i++] = NULL;
e564a982 2251 assert(i <= args_size);
b8f83232 2252
1b6d7fa7 2253 /* Reenable any blocked signals, especially important
5a85ca1c 2254 * if we switch from initial ramdisk to init=... */
ce30c8dc
LP		 2255 (void) reset_all_signal_handlers();
2256 (void) reset_signal_mask();
5a85ca1c 2257
b8f83232
LP		 2258 if (switch_root_init) {
2259 args[0] = switch_root_init;
92ca4cac 2260 (void) execv(args[0], (char* const*) args);
56f64d95 2261 log_warning_errno(errno, "Failed to execute configured init, trying fallback: %m");
b8f83232
LP		 2262 }
2263
2264 args[0] = "/sbin/init";
92ca4cac 2265 (void) execv(args[0], (char* const*) args);
a16e1123 2266
9b9881d7
AJ		 2267 manager_status_printf(NULL, STATUS_TYPE_EMERGENCY,
2268 ANSI_HIGHLIGHT_RED " !! " ANSI_NORMAL,
2269 "Failed to execute /sbin/init");
2270
745e2fb7
KS		 2271 if (errno == ENOENT) {
2272 log_warning("No /sbin/init, trying fallback");
b8f83232 2273
745e2fb7
KS		 2274 args[0] = "/bin/sh";
2275 args[1] = NULL;
92ca4cac 2276 (void) execv(args[0], (char* const*) args);
56f64d95 2277 log_error_errno(errno, "Failed to execute /bin/sh, giving up: %m");
745e2fb7 2278 } else
56f64d95 2279 log_warning_errno(errno, "Failed to execute /sbin/init, giving up: %m");
9b9881d7
AJ		 2280
2281 error_message = "Failed to execute fallback shell";
a16e1123
LP		 2282 }
2283
74ca738f 2284 arg_serialization = safe_fclose(arg_serialization);
2feceb5e 2285 fds = fdset_free(fds);
a16e1123 2286
349cc4a5 2287#if HAVE_VALGRIND_VALGRIND_H
54b434b1
LP		 2288 /* If we are PID 1 and running under valgrind, then let's exit
2289 * here explicitly. valgrind will only generate nice output on
2290 * exit(), not on exec(), hence let's do the former not the
2291 * latter here. */
df0ff127 2292 if (getpid_cached() == 1 && RUNNING_ON_VALGRIND)
54b434b1
LP		 2293 return 0;
2294#endif
2295
b9080b03 2296 if (shutdown_verb) {
4a36297c 2297 r = become_shutdown(shutdown_verb, retval, arm_reboot_watchdog);
ad929bcc 2298
4a36297c 2299 log_error_errno(r, "Failed to execute shutdown binary, %s: %m", getpid_cached() == 1 ? "freezing" : "quitting");
9b9881d7 2300 error_message = "Failed to execute shutdown binary";
b9080b03
FF		 2301 }
2302
df0ff127 2303 if (getpid_cached() == 1) {
cb6531be
ZJS		 2304 if (error_message)
2305 manager_status_printf(NULL, STATUS_TYPE_EMERGENCY,
1fc464f6 2306 ANSI_HIGHLIGHT_RED "!!!!!!" ANSI_NORMAL,
cb6531be 2307 "%s, freezing.", error_message);
b9e74c39 2308 freeze_or_reboot();
cb6531be 2309 }
c3b3c274 2310
60918275
LP		 2311 return retval;
2312}
Unnamed repository; edit this file 'description' to name the repository.