]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/main.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
proc-cmdline: add runlevel to target mapping
[thirdparty/systemd.git] / src / core / main.c
CommitLineData
d6c9574f 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
60918275 2
a7334b09
LP		 3/***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
a7334b09
LP		 11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 16 Lesser General Public License for more details.
a7334b09 17
5430f7f2 18 You should have received a copy of the GNU Lesser General Public License
a7334b09
LP		 19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20***/
21
60918275 22#include <errno.h>
3dfc9763 23#include <fcntl.h>
f170852a 24#include <getopt.h>
97c4f35c 25#include <signal.h>
3dfc9763
LP		 26#include <stdio.h>
27#include <string.h>
664f88a7 28#include <sys/mount.h>
3dfc9763 29#include <sys/prctl.h>
b9e74c39 30#include <sys/reboot.h>
3dfc9763
LP		 31#include <sys/stat.h>
32#include <unistd.h>
b64a3d86
LP		 33#ifdef HAVE_SECCOMP
34#include <seccomp.h>
35#endif
3dfc9763
LP		 36#ifdef HAVE_VALGRIND_VALGRIND_H
37#include <valgrind/valgrind.h>
38#endif
54b434b1 39
718db961 40#include "sd-daemon.h"
718db961 41#include "sd-bus.h"
3dfc9763 42
b5efdb8a 43#include "alloc-util.h"
d9d93745 44#include "architecture.h"
3dfc9763
LP		 45#include "build.h"
46#include "bus-error.h"
47#include "bus-util.h"
430f0182 48#include "capability-util.h"
24efb112 49#include "clock-util.h"
3dfc9763 50#include "conf-parser.h"
618234a5 51#include "cpu-set-util.h"
3dfc9763
LP		 52#include "dbus-manager.h"
53#include "def.h"
54#include "env-util.h"
3ffd4af2 55#include "fd-util.h"
3dfc9763 56#include "fdset.h"
718db961 57#include "fileio.h"
24882e06 58#include "formats-util.h"
f4f15635 59#include "fs-util.h"
3dfc9763
LP		 60#include "hostname-setup.h"
61#include "ima-setup.h"
62#include "killall.h"
63#include "kmod-setup.h"
d7b8eec7 64#include "load-fragment.h"
3dfc9763 65#include "log.h"
b6e66135 66#include "loopback-setup.h"
b6e66135 67#include "machine-id-setup.h"
3dfc9763
LP		 68#include "manager.h"
69#include "missing.h"
70#include "mount-setup.h"
71#include "pager.h"
6bedfcbb 72#include "parse-util.h"
4e731273 73#include "proc-cmdline.h"
3dfc9763 74#include "process-util.h"
78f22b97 75#include "rlimit-util.h"
b6e66135 76#include "selinux-setup.h"
3dfc9763
LP		 77#include "selinux-util.h"
78#include "signal-util.h"
ffbd2c4d 79#include "smack-setup.h"
3dfc9763 80#include "special.h"
8fcde012 81#include "stat-util.h"
15a5e950 82#include "stdio-util.h"
3dfc9763
LP		 83#include "strv.h"
84#include "switch-root.h"
85#include "terminal-util.h"
b1d4f8e1 86#include "user-util.h"
3dfc9763
LP		 87#include "virt.h"
88#include "watchdog.h"
b6e66135 89
f170852a
LP		 90static enum {
91 ACTION_RUN,
e965d56d 92 ACTION_HELP,
9ba0bc4e 93 ACTION_VERSION,
e537352b 94 ACTION_TEST,
4288f619
LP		 95 ACTION_DUMP_CONFIGURATION_ITEMS,
96 ACTION_DONE
fa0f4d8a 97} arg_action = ACTION_RUN;
fa0f4d8a 98static char *arg_default_unit = NULL;
b2c23da8 99static ManagerRunningAs arg_running_as = _MANAGER_RUNNING_AS_INVALID;
fa0f4d8a 100static bool arg_dump_core = true;
fa0f4d8a 101static int arg_crash_chvt = -1;
b9e74c39
LP		 102static bool arg_crash_shell = false;
103static bool arg_crash_reboot = false;
fa0f4d8a 104static bool arg_confirm_spawn = false;
b6e2f329 105static ShowStatus arg_show_status = _SHOW_STATUS_UNSET;
bf4df7c3 106static bool arg_switched_root = false;
b87c2aa6 107static int arg_no_pager = -1;
0c85a4f3 108static char ***arg_join_controllers = NULL;
706343f4 109static ExecOutput arg_default_std_output = EXEC_OUTPUT_JOURNAL;
0a494f1f 110static ExecOutput arg_default_std_error = EXEC_OUTPUT_INHERIT;
1f19a534
OS		 111static usec_t arg_default_restart_usec = DEFAULT_RESTART_USEC;
112static usec_t arg_default_timeout_start_usec = DEFAULT_TIMEOUT_USEC;
113static usec_t arg_default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC;
3f41e1e5
LN		 114static usec_t arg_default_start_limit_interval = DEFAULT_START_LIMIT_INTERVAL;
115static unsigned arg_default_start_limit_burst = DEFAULT_START_LIMIT_BURST;
e96d6be7
LP		 116static usec_t arg_runtime_watchdog = 0;
117static usec_t arg_shutdown_watchdog = 10 * USEC_PER_MINUTE;
97d0e5f8 118static char **arg_default_environment = NULL;
517d56b1 119static struct rlimit *arg_default_rlimit[_RLIMIT_MAX] = {};
ec8927ca 120static uint64_t arg_capability_bounding_set_drop = 0;
3a43da28 121static nsec_t arg_timer_slack_nsec = NSEC_INFINITY;
bd8f585b 122static usec_t arg_default_timer_accuracy_usec = 1 * USEC_PER_MINUTE;
d3b1c508
LP		 123static Set* arg_syscall_archs = NULL;
124static FILE* arg_serialization = NULL;
085afe36
LP		 125static bool arg_default_cpu_accounting = false;
126static bool arg_default_blockio_accounting = false;
127static bool arg_default_memory_accounting = false;
03a7b521 128static bool arg_default_tasks_accounting = false;
4fc935ca 129
b87c2aa6
ZJS		 130static void pager_open_if_enabled(void) {
131
132 if (arg_no_pager <= 0)
133 return;
134
135 pager_open(false);
136}
137
b9e74c39
LP		 138noreturn static void freeze_or_reboot(void) {
139
140 if (arg_crash_reboot) {
141 log_notice("Rebooting in 10s...");
142 (void) sleep(10);
143
144 log_notice("Rebooting now...");
145 (void) reboot(RB_AUTOBOOT);
146 log_emergency_errno(errno, "Failed to reboot: %m");
147 }
148
149 log_emergency("Freezing execution.");
150 freeze();
151}
152
919ce0b7 153noreturn static void crash(int sig) {
7d06dad9
MS		 154 struct sigaction sa;
155 pid_t pid;
97c4f35c 156
abb26902
LP		 157 if (getpid() != 1)
158 /* Pass this on immediately, if this is not PID 1 */
92ca4cac 159 (void) raise(sig);
abb26902 160 else if (!arg_dump_core)
4104970e 161 log_emergency("Caught <%s>, not dumping core.", signal_to_string(sig));
97c4f35c 162 else {
7d06dad9 163 sa = (struct sigaction) {
189d5bac 164 .sa_handler = nop_signal_handler,
b92bea5d
ZJS		 165 .sa_flags = SA_NOCLDSTOP|SA_RESTART,
166 };
97c4f35c 167
6f5e3f35 168 /* We want to wait for the core process, hence let's enable SIGCHLD */
92ca4cac 169 (void) sigaction(SIGCHLD, &sa, NULL);
6f5e3f35 170
ee05e779 171 pid = raw_clone(SIGCHLD, NULL);
e62d8c39 172 if (pid < 0)
56f64d95 173 log_emergency_errno(errno, "Caught <%s>, cannot fork for core dump: %m", signal_to_string(sig));
97c4f35c 174 else if (pid == 0) {
92ca4cac
LP		 175 struct rlimit rl = {
176 .rlim_cur = RLIM_INFINITY,
177 .rlim_max = RLIM_INFINITY,
178 };
97c4f35c
LP		 179
180 /* Enable default signal handler for core dump */
92ca4cac
LP		 181 sa = (struct sigaction) {
182 .sa_handler = SIG_DFL,
183 };
184 (void) sigaction(sig, &sa, NULL);
97c4f35c
LP		 185
186 /* Don't limit the core dump size */
92ca4cac 187 (void) setrlimit(RLIMIT_CORE, &rl);
97c4f35c
LP		 188
189 /* Just to be sure... */
e62d9b81 190 (void) chdir("/");
97c4f35c
LP		 191
192 /* Raise the signal again */
ee05e779 193 pid = raw_getpid();
92ca4cac 194 (void) kill(pid, sig); /* raise() would kill the parent */
97c4f35c
LP		 195
196 assert_not_reached("We shouldn't be here...");
92ca4cac 197 _exit(EXIT_FAILURE);
4fc935ca 198 } else {
8e12a6ae
LP		 199 siginfo_t status;
200 int r;
4fc935ca
LP		 201
202 /* Order things nicely. */
e62d8c39
ZJS		 203 r = wait_for_terminate(pid, &status);
204 if (r < 0)
da927ba9 205 log_emergency_errno(r, "Caught <%s>, waitpid() failed: %m", signal_to_string(sig));
8e12a6ae 206 else if (status.si_code != CLD_DUMPED)
ee05e779
ZJS		 207 log_emergency("Caught <%s>, core dump failed (child "PID_FMT", code=%s, status=%i/%s).",
208 signal_to_string(sig),
209 pid, sigchld_code_to_string(status.si_code),
210 status.si_status,
211 strna(status.si_code == CLD_EXITED
212 ? exit_status_to_string(status.si_status, EXIT_STATUS_FULL)
213 : signal_to_string(status.si_status)));
4fc935ca 214 else
4104970e 215 log_emergency("Caught <%s>, dumped core as pid "PID_FMT".", signal_to_string(sig), pid);
97c4f35c
LP		 216 }
217 }
218
b9e74c39 219 if (arg_crash_chvt >= 0)
92ca4cac 220 (void) chvt(arg_crash_chvt);
601f6a1e 221
7d06dad9
MS		 222 sa = (struct sigaction) {
223 .sa_handler = SIG_IGN,
224 .sa_flags = SA_NOCLDSTOP|SA_NOCLDWAIT|SA_RESTART,
225 };
226
227 /* Let the kernel reap children for us */
228 (void) sigaction(SIGCHLD, &sa, NULL);
8c43883a 229
7d06dad9 230 if (arg_crash_shell) {
b9e74c39 231 log_notice("Executing crash shell in 10s...");
92ca4cac 232 (void) sleep(10);
4fc935ca 233
ee05e779 234 pid = raw_clone(SIGCHLD, NULL);
cd3bd60a 235 if (pid < 0)
56f64d95 236 log_emergency_errno(errno, "Failed to fork off crash shell: %m");
6f5e3f35 237 else if (pid == 0) {
b9e74c39 238 (void) setsid();
92ca4cac
LP		 239 (void) make_console_stdio();
240 (void) execle("/bin/sh", "/bin/sh", NULL, environ);
6f5e3f35 241
ee05e779 242 log_emergency_errno(errno, "execle() failed: %m");
92ca4cac 243 _exit(EXIT_FAILURE);
b9e74c39
LP		 244 } else {
245 log_info("Spawned crash shell as PID "PID_FMT".", pid);
4cf0b03b 246 (void) wait_for_terminate(pid, NULL);
b9e74c39 247 }
4fc935ca
LP		 248 }
249
b9e74c39 250 freeze_or_reboot();
97c4f35c
LP		 251}
252
253static void install_crash_handler(void) {
297d563d 254 static const struct sigaction sa = {
b92bea5d 255 .sa_handler = crash,
297d563d 256 .sa_flags = SA_NODEFER, /* So that we can raise the signal again from the signal handler */
b92bea5d 257 };
297d563d 258 int r;
97c4f35c 259
297d563d
LP		 260 /* We ignore the return value here, since, we don't mind if we
261 * cannot set up a crash handler */
262 r = sigaction_many(&sa, SIGNALS_CRASH_HANDLER, -1);
263 if (r < 0)
264 log_debug_errno(r, "I had trouble setting up the crash handler, ignoring: %m");
97c4f35c 265}
f170852a 266
56d96fc0
LP		 267static int console_setup(void) {
268 _cleanup_close_ int tty_fd = -1;
269 int r;
80876c20 270
512947d4 271 tty_fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
23bbb0de
MS		 272 if (tty_fd < 0)
273 return log_error_errno(tty_fd, "Failed to open /dev/console: %m");
80876c20 274
56d96fc0
LP		 275 /* We don't want to force text mode. plymouth may be showing
276 * pictures already from initrd. */
512947d4 277 r = reset_terminal_fd(tty_fd, false);
23bbb0de
MS		 278 if (r < 0)
279 return log_error_errno(r, "Failed to reset /dev/console: %m");
843d2643 280
56d96fc0 281 return 0;
80876c20
LP		 282}
283
b9e74c39
LP		 284static int parse_crash_chvt(const char *value) {
285 int b;
286
287 if (safe_atoi(value, &arg_crash_chvt) >= 0)
288 return 0;
289
290 b = parse_boolean(value);
291 if (b < 0)
292 return b;
293
294 if (b > 0)
295 arg_crash_chvt = 0; /* switch to where kmsg goes */
296 else
297 arg_crash_chvt = -1; /* turn off switching */
298
299 return 0;
300}
301
059cb385 302static int parse_proc_cmdline_item(const char *key, const char *value) {
f170852a
LP		 303
304 static const char * const rlmap[] = {
ed370f5d 305 "emergency", SPECIAL_EMERGENCY_TARGET,
099663ff 306 "-b", SPECIAL_EMERGENCY_TARGET,
5329ab10 307 "rescue", SPECIAL_RESCUE_TARGET,
ed370f5d
LP		 308 "single", SPECIAL_RESCUE_TARGET,
309 "-s", SPECIAL_RESCUE_TARGET,
310 "s", SPECIAL_RESCUE_TARGET,
311 "S", SPECIAL_RESCUE_TARGET,
312 "1", SPECIAL_RESCUE_TARGET,
d5d8429a
LP		 313 "2", SPECIAL_MULTI_USER_TARGET,
314 "3", SPECIAL_MULTI_USER_TARGET,
315 "4", SPECIAL_MULTI_USER_TARGET,
316 "5", SPECIAL_GRAPHICAL_TARGET,
f170852a 317 };
059cb385 318 int r;
f170852a 319
059cb385 320 assert(key);
5192bd19 321
059cb385 322 if (streq(key, "systemd.unit") && value) {
bf4df7c3
LP		 323
324 if (!in_initrd())
e6e242ad 325 return free_and_strdup(&arg_default_unit, value);
bf4df7c3 326
059cb385 327 } else if (streq(key, "rd.systemd.unit") && value) {
bf4df7c3 328
ca05941b 329 if (in_initrd())
e6e242ad 330 return free_and_strdup(&arg_default_unit, value);
f170852a 331
059cb385 332 } else if (streq(key, "systemd.dump_core") && value) {
4fc935ca 333
059cb385 334 r = parse_boolean(value);
fb472900 335 if (r < 0)
059cb385 336 log_warning("Failed to parse dump core switch %s. Ignoring.", value);
4fc935ca 337 else
fa0f4d8a 338 arg_dump_core = r;
4fc935ca 339
b9e74c39
LP		 340 } else if (streq(key, "systemd.crash_chvt") && value) {
341
342 if (parse_crash_chvt(value) < 0)
343 log_warning("Failed to parse crash chvt switch %s. Ignoring.", value);
344
059cb385 345 } else if (streq(key, "systemd.crash_shell") && value) {
4fc935ca 346
059cb385 347 r = parse_boolean(value);
fb472900 348 if (r < 0)
059cb385 349 log_warning("Failed to parse crash shell switch %s. Ignoring.", value);
4fc935ca 350 else
fa0f4d8a 351 arg_crash_shell = r;
5e7ee61c 352
b9e74c39 353 } else if (streq(key, "systemd.crash_reboot") && value) {
5e7ee61c 354
b9e74c39
LP		 355 r = parse_boolean(value);
356 if (r < 0)
357 log_warning("Failed to parse crash reboot switch %s. Ignoring.", value);
5e7ee61c 358 else
b9e74c39 359 arg_crash_reboot = r;
5e7ee61c 360
059cb385 361 } else if (streq(key, "systemd.confirm_spawn") && value) {
601f6a1e 362
059cb385
LP		 363 r = parse_boolean(value);
364 if (r < 0)
365 log_warning("Failed to parse confirm spawn switch %s. Ignoring.", value);
601f6a1e 366 else
059cb385 367 arg_confirm_spawn = r;
601f6a1e 368
059cb385 369 } else if (streq(key, "systemd.show_status") && value) {
9e58ff9c 370
059cb385 371 r = parse_show_status(value, &arg_show_status);
d450b6f2 372 if (r < 0)
059cb385
LP		 373 log_warning("Failed to parse show status switch %s. Ignoring.", value);
374
375 } else if (streq(key, "systemd.default_standard_output") && value) {
0a494f1f 376
059cb385 377 r = exec_output_from_string(value);
fb472900 378 if (r < 0)
059cb385 379 log_warning("Failed to parse default standard output switch %s. Ignoring.", value);
0a494f1f
LP		 380 else
381 arg_default_std_output = r;
0a494f1f 382
059cb385
LP		 383 } else if (streq(key, "systemd.default_standard_error") && value) {
384
385 r = exec_output_from_string(value);
fb472900 386 if (r < 0)
059cb385 387 log_warning("Failed to parse default standard error switch %s. Ignoring.", value);
0a494f1f
LP		 388 else
389 arg_default_std_error = r;
9e7c5357 390
059cb385
LP		 391 } else if (streq(key, "systemd.setenv") && value) {
392
393 if (env_assignment_is_valid(value)) {
e21fea24
KS		 394 char **env;
395
059cb385 396 env = strv_env_set(arg_default_environment, value);
e21fea24
KS		 397 if (env)
398 arg_default_environment = env;
399 else
279d3c9c 400 log_warning_errno(ENOMEM, "Setting environment variable '%s' failed, ignoring: %m", value);
e21fea24 401 } else
059cb385 402 log_warning("Environment variable name '%s' is not valid. Ignoring.", value);
9e58ff9c 403
059cb385 404 } else if (streq(key, "quiet") && !value) {
d7b15e0a 405
b6e2f329 406 if (arg_show_status == _SHOW_STATUS_UNSET)
d450b6f2 407 arg_show_status = SHOW_STATUS_AUTO;
059cb385
LP		 408
409 } else if (streq(key, "debug") && !value) {
d7b15e0a 410
1de1c9c3
LP		 411 /* Note that log_parse_environment() handles 'debug'
412 * too, and sets the log level to LOG_DEBUG. */
d7b15e0a 413
75f86906 414 if (detect_container() > 0)
b2103dcc 415 log_set_target(LOG_TARGET_CONSOLE);
059cb385
LP		 416
417 } else if (!in_initrd() && !value) {
f170852a
LP		 418 unsigned i;
419
420 /* SysV compatibility */
f170852a 421 for (i = 0; i < ELEMENTSOF(rlmap); i += 2)
059cb385 422 if (streq(key, rlmap[i]))
e6e242ad 423 return free_and_strdup(&arg_default_unit, rlmap[i+1]);
f170852a
LP		 424 }
425
426 return 0;
427}
428
e8e581bf
ZJS		 429#define DEFINE_SETTER(name, func, descr) \
430 static int name(const char *unit, \
431 const char *filename, \
432 unsigned line, \
433 const char *section, \
71a61510 434 unsigned section_line, \
e8e581bf
ZJS		 435 const char *lvalue, \
436 int ltype, \
437 const char *rvalue, \
438 void *data, \
439 void *userdata) { \
440 \
441 int r; \
442 \
443 assert(filename); \
444 assert(lvalue); \
445 assert(rvalue); \
446 \
447 r = func(rvalue); \
448 if (r < 0) \
d1cefe0a
LP		 449 log_syntax(unit, LOG_ERR, filename, line, r, \
450 "Invalid " descr "'%s': %m", \
451 rvalue); \
e8e581bf
ZJS		 452 \
453 return 0; \
454 }
487393e9 455
e8e581bf
ZJS		 456DEFINE_SETTER(config_parse_level2, log_set_max_level_from_string, "log level")
457DEFINE_SETTER(config_parse_target, log_set_target_from_string, "target")
458DEFINE_SETTER(config_parse_color, log_show_color_from_string, "color" )
459DEFINE_SETTER(config_parse_location, log_show_location_from_string, "location")
487393e9 460
4d7213b2
LP		 461static int config_parse_cpu_affinity2(
462 const char *unit,
463 const char *filename,
464 unsigned line,
465 const char *section,
466 unsigned section_line,
467 const char *lvalue,
468 int ltype,
469 const char *rvalue,
470 void *data,
471 void *userdata) {
487393e9 472
4b40bc38 473 _cleanup_cpu_free_ cpu_set_t *c = NULL;
f5c72b73 474 int ncpus;
487393e9 475
765d143b 476 ncpus = parse_cpu_set_and_warn(rvalue, &c, unit, filename, line, lvalue);
f5c72b73
FB		 477 if (ncpus < 0)
478 return ncpus;
487393e9 479
f5c72b73
FB		 480 if (sched_setaffinity(0, CPU_ALLOC_SIZE(ncpus), c) < 0)
481 log_warning("Failed to set CPU affinity: %m");
487393e9 482
487393e9
LP		 483 return 0;
484}
485
4d7213b2
LP		 486static int config_parse_show_status(
487 const char* unit,
488 const char *filename,
489 unsigned line,
490 const char *section,
491 unsigned section_line,
492 const char *lvalue,
493 int ltype,
494 const char *rvalue,
495 void *data,
496 void *userdata) {
497
498 int k;
499 ShowStatus *b = data;
500
501 assert(filename);
502 assert(lvalue);
503 assert(rvalue);
504 assert(data);
505
506 k = parse_show_status(rvalue, b);
507 if (k < 0) {
12ca818f 508 log_syntax(unit, LOG_ERR, filename, line, k, "Failed to parse show status setting, ignoring: %s", rvalue);
4d7213b2
LP		 509 return 0;
510 }
511
512 return 0;
513}
514
b9e74c39
LP		 515static int config_parse_crash_chvt(
516 const char* unit,
517 const char *filename,
518 unsigned line,
519 const char *section,
520 unsigned section_line,
521 const char *lvalue,
522 int ltype,
523 const char *rvalue,
524 void *data,
525 void *userdata) {
526
527 int r;
528
529 assert(filename);
530 assert(lvalue);
531 assert(rvalue);
b9e74c39
LP		 532
533 r = parse_crash_chvt(rvalue);
534 if (r < 0) {
535 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CrashChangeVT= setting, ignoring: %s", rvalue);
536 return 0;
537 }
538
539 return 0;
540}
541
e8e581bf
ZJS		 542static int config_parse_join_controllers(const char *unit,
543 const char *filename,
544 unsigned line,
545 const char *section,
71a61510 546 unsigned section_line,
e8e581bf
ZJS		 547 const char *lvalue,
548 int ltype,
549 const char *rvalue,
550 void *data,
551 void *userdata) {
0c85a4f3 552
3875c85b 553 const char *whole_rvalue = rvalue;
0c85a4f3 554 unsigned n = 0;
0c85a4f3
LP		 555
556 assert(filename);
557 assert(lvalue);
558 assert(rvalue);
559
fe382237 560 arg_join_controllers = strv_free_free(arg_join_controllers);
0c85a4f3 561
d4ebeb4f
FB		 562 for (;;) {
563 _cleanup_free_ char *word = NULL;
564 char **l;
565 int r;
0c85a4f3 566
d4ebeb4f 567 r = extract_first_word(&rvalue, &word, WHITESPACE, EXTRACT_QUOTES);
3875c85b
FB		 568 if (r < 0) {
569 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid value for %s: %s", lvalue, whole_rvalue);
d4ebeb4f 570 return r;
3875c85b 571 }
d4ebeb4f
FB		 572 if (r == 0)
573 break;
0c85a4f3 574
d4ebeb4f 575 l = strv_split(word, ",");
1592ec21 576 if (!l)
aa8aeac0 577 return log_oom();
0c85a4f3
LP		 578 strv_uniq(l);
579
580 if (strv_length(l) <= 1) {
581 strv_free(l);
582 continue;
583 }
584
585 if (!arg_join_controllers) {
586 arg_join_controllers = new(char**, 2);
587 if (!arg_join_controllers) {
588 strv_free(l);
14212119 589 return log_oom();
0c85a4f3
LP		 590 }
591
592 arg_join_controllers[0] = l;
593 arg_join_controllers[1] = NULL;
594
595 n = 1;
596 } else {
597 char ***a;
598 char ***t;
599
600 t = new0(char**, n+2);
601 if (!t) {
602 strv_free(l);
14212119 603 return log_oom();
0c85a4f3
LP		 604 }
605
606 n = 0;
607
608 for (a = arg_join_controllers; *a; a++) {
609
610 if (strv_overlap(*a, l)) {
e287086b 611 if (strv_extend_strv(&l, *a, false) < 0) {
0c85a4f3
LP		 612 strv_free(l);
613 strv_free_free(t);
14212119 614 return log_oom();
0c85a4f3
LP		 615 }
616
0c85a4f3
LP		 617 } else {
618 char **c;
619
620 c = strv_copy(*a);
621 if (!c) {
622 strv_free(l);
623 strv_free_free(t);
14212119 624 return log_oom();
0c85a4f3
LP		 625 }
626
627 t[n++] = c;
628 }
629 }
630
631 t[n++] = strv_uniq(l);
632
633 strv_free_free(arg_join_controllers);
634 arg_join_controllers = t;
635 }
636 }
d4ebeb4f 637 if (!isempty(rvalue))
12ca818f 638 log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
0c85a4f3
LP		 639
640 return 0;
641}
642
487393e9
LP		 643static int parse_config_file(void) {
644
f975e971 645 const ConfigTableItem items[] = {
d3b1c508
LP		 646 { "Manager", "LogLevel", config_parse_level2, 0, NULL },
647 { "Manager", "LogTarget", config_parse_target, 0, NULL },
648 { "Manager", "LogColor", config_parse_color, 0, NULL },
649 { "Manager", "LogLocation", config_parse_location, 0, NULL },
650 { "Manager", "DumpCore", config_parse_bool, 0, &arg_dump_core },
b9e74c39
LP		 651 { "Manager", "CrashChVT", /* legacy */ config_parse_crash_chvt, 0, NULL },
652 { "Manager", "CrashChangeVT", config_parse_crash_chvt, 0, NULL },
d3b1c508 653 { "Manager", "CrashShell", config_parse_bool, 0, &arg_crash_shell },
b9e74c39 654 { "Manager", "CrashReboot", config_parse_bool, 0, &arg_crash_reboot },
d3b1c508 655 { "Manager", "ShowStatus", config_parse_show_status, 0, &arg_show_status },
d3b1c508
LP		 656 { "Manager", "CPUAffinity", config_parse_cpu_affinity2, 0, NULL },
657 { "Manager", "JoinControllers", config_parse_join_controllers, 0, &arg_join_controllers },
658 { "Manager", "RuntimeWatchdogSec", config_parse_sec, 0, &arg_runtime_watchdog },
659 { "Manager", "ShutdownWatchdogSec", config_parse_sec, 0, &arg_shutdown_watchdog },
660 { "Manager", "CapabilityBoundingSet", config_parse_bounding_set, 0, &arg_capability_bounding_set_drop },
89fffa27 661#ifdef HAVE_SECCOMP
d3b1c508 662 { "Manager", "SystemCallArchitectures", config_parse_syscall_archs, 0, &arg_syscall_archs },
89fffa27 663#endif
d3b1c508 664 { "Manager", "TimerSlackNSec", config_parse_nsec, 0, &arg_timer_slack_nsec },
bd8f585b 665 { "Manager", "DefaultTimerAccuracySec", config_parse_sec, 0, &arg_default_timer_accuracy_usec },
d3b1c508
LP		 666 { "Manager", "DefaultStandardOutput", config_parse_output, 0, &arg_default_std_output },
667 { "Manager", "DefaultStandardError", config_parse_output, 0, &arg_default_std_error },
668 { "Manager", "DefaultTimeoutStartSec", config_parse_sec, 0, &arg_default_timeout_start_usec },
669 { "Manager", "DefaultTimeoutStopSec", config_parse_sec, 0, &arg_default_timeout_stop_usec },
670 { "Manager", "DefaultRestartSec", config_parse_sec, 0, &arg_default_restart_usec },
671 { "Manager", "DefaultStartLimitInterval", config_parse_sec, 0, &arg_default_start_limit_interval },
672 { "Manager", "DefaultStartLimitBurst", config_parse_unsigned, 0, &arg_default_start_limit_burst },
673 { "Manager", "DefaultEnvironment", config_parse_environ, 0, &arg_default_environment },
674 { "Manager", "DefaultLimitCPU", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CPU] },
675 { "Manager", "DefaultLimitFSIZE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_FSIZE] },
676 { "Manager", "DefaultLimitDATA", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_DATA] },
677 { "Manager", "DefaultLimitSTACK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_STACK] },
678 { "Manager", "DefaultLimitCORE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CORE] },
679 { "Manager", "DefaultLimitRSS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RSS] },
680 { "Manager", "DefaultLimitNOFILE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NOFILE] },
681 { "Manager", "DefaultLimitAS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_AS] },
682 { "Manager", "DefaultLimitNPROC", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NPROC] },
683 { "Manager", "DefaultLimitMEMLOCK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MEMLOCK] },
684 { "Manager", "DefaultLimitLOCKS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_LOCKS] },
685 { "Manager", "DefaultLimitSIGPENDING", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_SIGPENDING] },
686 { "Manager", "DefaultLimitMSGQUEUE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MSGQUEUE] },
687 { "Manager", "DefaultLimitNICE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NICE] },
688 { "Manager", "DefaultLimitRTPRIO", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTPRIO] },
689 { "Manager", "DefaultLimitRTTIME", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTTIME] },
085afe36
LP		 690 { "Manager", "DefaultCPUAccounting", config_parse_bool, 0, &arg_default_cpu_accounting },
691 { "Manager", "DefaultBlockIOAccounting", config_parse_bool, 0, &arg_default_blockio_accounting },
692 { "Manager", "DefaultMemoryAccounting", config_parse_bool, 0, &arg_default_memory_accounting },
03a7b521 693 { "Manager", "DefaultTasksAccounting", config_parse_bool, 0, &arg_default_tasks_accounting },
d3b1c508 694 {}
487393e9
LP		 695 };
696
1b907b5c 697 const char *fn, *conf_dirs_nulstr;
487393e9 698
b2c23da8
LP		 699 fn = arg_running_as == MANAGER_SYSTEM ? PKGSYSCONFDIR "/system.conf" : PKGSYSCONFDIR "/user.conf";
700 conf_dirs_nulstr = arg_running_as == MANAGER_SYSTEM ? CONF_DIRS_NULSTR("systemd/system.conf") : CONF_DIRS_NULSTR("systemd/user.conf");
1b907b5c
JT		 701 config_parse_many(fn, conf_dirs_nulstr, "Manager\0",
702 config_item_table_lookup, items, false, NULL);
487393e9 703
487393e9
LP		 704 return 0;
705}
706
06af2a04
TB		 707static void manager_set_defaults(Manager *m) {
708
709 assert(m);
710
711 m->default_timer_accuracy_usec = arg_default_timer_accuracy_usec;
712 m->default_std_output = arg_default_std_output;
713 m->default_std_error = arg_default_std_error;
714 m->default_timeout_start_usec = arg_default_timeout_start_usec;
715 m->default_timeout_stop_usec = arg_default_timeout_stop_usec;
716 m->default_restart_usec = arg_default_restart_usec;
717 m->default_start_limit_interval = arg_default_start_limit_interval;
718 m->default_start_limit_burst = arg_default_start_limit_burst;
719 m->default_cpu_accounting = arg_default_cpu_accounting;
720 m->default_blockio_accounting = arg_default_blockio_accounting;
721 m->default_memory_accounting = arg_default_memory_accounting;
03a7b521 722 m->default_tasks_accounting = arg_default_tasks_accounting;
06af2a04
TB		 723
724 manager_set_default_rlimits(m, arg_default_rlimit);
725 manager_environment_add(m, NULL, arg_default_environment);
726}
727
f170852a
LP		 728static int parse_argv(int argc, char *argv[]) {
729
730 enum {
731 ARG_LOG_LEVEL = 0x100,
732 ARG_LOG_TARGET,
bbe63281
LP		 733 ARG_LOG_COLOR,
734 ARG_LOG_LOCATION,
2f198e2f 735 ARG_UNIT,
edb9aaa8 736 ARG_SYSTEM,
af2d49f7 737 ARG_USER,
e537352b 738 ARG_TEST,
b87c2aa6 739 ARG_NO_PAGER,
9ba0bc4e 740 ARG_VERSION,
80876c20 741 ARG_DUMP_CONFIGURATION_ITEMS,
9e58ff9c 742 ARG_DUMP_CORE,
b9e74c39 743 ARG_CRASH_CHVT,
9e58ff9c 744 ARG_CRASH_SHELL,
b9e74c39 745 ARG_CRASH_REBOOT,
a16e1123 746 ARG_CONFIRM_SPAWN,
9e58ff9c 747 ARG_SHOW_STATUS,
4288f619 748 ARG_DESERIALIZE,
2660882b 749 ARG_SWITCHED_ROOT,
0a494f1f
LP		 750 ARG_DEFAULT_STD_OUTPUT,
751 ARG_DEFAULT_STD_ERROR
f170852a
LP		 752 };
753
754 static const struct option options[] = {
a16e1123
LP		 755 { "log-level", required_argument, NULL, ARG_LOG_LEVEL },
756 { "log-target", required_argument, NULL, ARG_LOG_TARGET },
bbe63281
LP		 757 { "log-color", optional_argument, NULL, ARG_LOG_COLOR },
758 { "log-location", optional_argument, NULL, ARG_LOG_LOCATION },
2f198e2f 759 { "unit", required_argument, NULL, ARG_UNIT },
edb9aaa8 760 { "system", no_argument, NULL, ARG_SYSTEM },
af2d49f7 761 { "user", no_argument, NULL, ARG_USER },
a16e1123 762 { "test", no_argument, NULL, ARG_TEST },
b87c2aa6 763 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
a16e1123 764 { "help", no_argument, NULL, 'h' },
9ba0bc4e 765 { "version", no_argument, NULL, ARG_VERSION },
a16e1123 766 { "dump-configuration-items", no_argument, NULL, ARG_DUMP_CONFIGURATION_ITEMS },
a5d87bf0 767 { "dump-core", optional_argument, NULL, ARG_DUMP_CORE },
b9e74c39 768 { "crash-chvt", required_argument, NULL, ARG_CRASH_CHVT },
a5d87bf0 769 { "crash-shell", optional_argument, NULL, ARG_CRASH_SHELL },
b9e74c39 770 { "crash-reboot", optional_argument, NULL, ARG_CRASH_REBOOT },
a5d87bf0 771 { "confirm-spawn", optional_argument, NULL, ARG_CONFIRM_SPAWN },
6e98720f 772 { "show-status", optional_argument, NULL, ARG_SHOW_STATUS },
a16e1123 773 { "deserialize", required_argument, NULL, ARG_DESERIALIZE },
2660882b 774 { "switched-root", no_argument, NULL, ARG_SWITCHED_ROOT },
0a494f1f
LP		 775 { "default-standard-output", required_argument, NULL, ARG_DEFAULT_STD_OUTPUT, },
776 { "default-standard-error", required_argument, NULL, ARG_DEFAULT_STD_ERROR, },
fb472900 777 {}
f170852a
LP		 778 };
779
780 int c, r;
781
782 assert(argc >= 1);
783 assert(argv);
784
b770165a
LP		 785 if (getpid() == 1)
786 opterr = 0;
787
099663ff 788 while ((c = getopt_long(argc, argv, "hDbsz:", options, NULL)) >= 0)
f170852a
LP		 789
790 switch (c) {
791
792 case ARG_LOG_LEVEL:
fb472900
ZJS		 793 r = log_set_max_level_from_string(optarg);
794 if (r < 0) {
f170852a
LP		 795 log_error("Failed to parse log level %s.", optarg);
796 return r;
797 }
798
799 break;
800
801 case ARG_LOG_TARGET:
fb472900
ZJS		 802 r = log_set_target_from_string(optarg);
803 if (r < 0) {
f170852a
LP		 804 log_error("Failed to parse log target %s.", optarg);
805 return r;
806 }
807
808 break;
809
bbe63281
LP		 810 case ARG_LOG_COLOR:
811
d0b170c8 812 if (optarg) {
fb472900
ZJS		 813 r = log_show_color_from_string(optarg);
814 if (r < 0) {
d0b170c8
LP		 815 log_error("Failed to parse log color setting %s.", optarg);
816 return r;
817 }
818 } else
819 log_show_color(true);
bbe63281
LP		 820
821 break;
822
823 case ARG_LOG_LOCATION:
d0b170c8 824 if (optarg) {
fb472900
ZJS		 825 r = log_show_location_from_string(optarg);
826 if (r < 0) {
d0b170c8
LP		 827 log_error("Failed to parse log location setting %s.", optarg);
828 return r;
829 }
830 } else
831 log_show_location(true);
bbe63281
LP		 832
833 break;
834
0a494f1f 835 case ARG_DEFAULT_STD_OUTPUT:
fb472900
ZJS		 836 r = exec_output_from_string(optarg);
837 if (r < 0) {
0a494f1f
LP		 838 log_error("Failed to parse default standard output setting %s.", optarg);
839 return r;
840 } else
841 arg_default_std_output = r;
842 break;
843
844 case ARG_DEFAULT_STD_ERROR:
fb472900
ZJS		 845 r = exec_output_from_string(optarg);
846 if (r < 0) {
0a494f1f
LP		 847 log_error("Failed to parse default standard error output setting %s.", optarg);
848 return r;
849 } else
850 arg_default_std_error = r;
851 break;
852
2f198e2f 853 case ARG_UNIT:
f170852a 854
e6e242ad 855 r = free_and_strdup(&arg_default_unit, optarg);
23bbb0de
MS		 856 if (r < 0)
857 return log_error_errno(r, "Failed to set default unit %s: %m", optarg);
f170852a
LP		 858
859 break;
860
edb9aaa8 861 case ARG_SYSTEM:
b2c23da8 862 arg_running_as = MANAGER_SYSTEM;
edb9aaa8 863 break;
a5dab5ce 864
af2d49f7 865 case ARG_USER:
b2c23da8 866 arg_running_as = MANAGER_USER;
a5dab5ce 867 break;
a5dab5ce 868
e965d56d 869 case ARG_TEST:
fa0f4d8a 870 arg_action = ACTION_TEST;
b87c2aa6
ZJS		 871 if (arg_no_pager < 0)
872 arg_no_pager = true;
873 break;
874
875 case ARG_NO_PAGER:
876 arg_no_pager = true;
e965d56d
LP		 877 break;
878
9ba0bc4e
ZJS		 879 case ARG_VERSION:
880 arg_action = ACTION_VERSION;
881 break;
882
e537352b 883 case ARG_DUMP_CONFIGURATION_ITEMS:
fa0f4d8a 884 arg_action = ACTION_DUMP_CONFIGURATION_ITEMS;
e537352b
LP		 885 break;
886
9e58ff9c 887 case ARG_DUMP_CORE:
b9e74c39
LP		 888 if (!optarg)
889 arg_dump_core = true;
890 else {
891 r = parse_boolean(optarg);
892 if (r < 0)
893 return log_error_errno(r, "Failed to parse dump core boolean: %s", optarg);
894 arg_dump_core = r;
a5d87bf0 895 }
b9e74c39
LP		 896 break;
897
898 case ARG_CRASH_CHVT:
899 r = parse_crash_chvt(optarg);
900 if (r < 0)
901 return log_error_errno(r, "Failed to parse crash virtual terminal index: %s", optarg);
9e58ff9c
LP		 902 break;
903
904 case ARG_CRASH_SHELL:
b9e74c39
LP		 905 if (!optarg)
906 arg_crash_shell = true;
907 else {
908 r = parse_boolean(optarg);
909 if (r < 0)
910 return log_error_errno(r, "Failed to parse crash shell boolean: %s", optarg);
911 arg_crash_shell = r;
912 }
913 break;
914
915 case ARG_CRASH_REBOOT:
916 if (!optarg)
917 arg_crash_reboot = true;
918 else {
919 r = parse_boolean(optarg);
920 if (r < 0)
921 return log_error_errno(r, "Failed to parse crash shell boolean: %s", optarg);
922 arg_crash_reboot = r;
a5d87bf0 923 }
9e58ff9c
LP		 924 break;
925
80876c20 926 case ARG_CONFIRM_SPAWN:
a5d87bf0
LP		 927 r = optarg ? parse_boolean(optarg) : 1;
928 if (r < 0) {
929 log_error("Failed to parse confirm spawn boolean %s.", optarg);
930 return r;
931 }
932 arg_confirm_spawn = r;
80876c20
LP		 933 break;
934
9e58ff9c 935 case ARG_SHOW_STATUS:
d450b6f2
ZJS		 936 if (optarg) {
937 r = parse_show_status(optarg, &arg_show_status);
938 if (r < 0) {
939 log_error("Failed to parse show status boolean %s.", optarg);
940 return r;
941 }
942 } else
943 arg_show_status = SHOW_STATUS_YES;
6e98720f 944 break;
a5d87bf0 945
a16e1123
LP		 946 case ARG_DESERIALIZE: {
947 int fd;
948 FILE *f;
949
01e10de3
LP		 950 r = safe_atoi(optarg, &fd);
951 if (r < 0 || fd < 0) {
a16e1123 952 log_error("Failed to parse deserialize option %s.", optarg);
b9e74c39 953 return -EINVAL;
a16e1123
LP		 954 }
955
b9e74c39 956 (void) fd_cloexec(fd, true);
01e10de3
LP		 957
958 f = fdopen(fd, "r");
4a62c710
MS		 959 if (!f)
960 return log_error_errno(errno, "Failed to open serialization fd: %m");
a16e1123 961
74ca738f 962 safe_fclose(arg_serialization);
d3b1c508 963 arg_serialization = f;
a16e1123
LP		 964
965 break;
966 }
967
2660882b 968 case ARG_SWITCHED_ROOT:
bf4df7c3 969 arg_switched_root = true;
d03bc1b8
HH		 970 break;
971
f170852a 972 case 'h':
fa0f4d8a 973 arg_action = ACTION_HELP;
b87c2aa6
ZJS		 974 if (arg_no_pager < 0)
975 arg_no_pager = true;
f170852a
LP		 976 break;
977
1d2e23ab
LP		 978 case 'D':
979 log_set_max_level(LOG_DEBUG);
980 break;
981
099663ff
LP		 982 case 'b':
983 case 's':
984 case 'z':
985 /* Just to eat away the sysvinit kernel
986 * cmdline args without getopt() error
987 * messages that we'll parse in
988 * parse_proc_cmdline_word() or ignore. */
f170852a 989
099663ff 990 case '?':
601185b4 991 if (getpid() != 1)
099663ff 992 return -EINVAL;
601185b4
ZJS		 993 else
994 return 0;
099663ff 995
601185b4
ZJS		 996 default:
997 assert_not_reached("Unhandled option code.");
f170852a
LP		 998 }
999
d821e6d6
LP		 1000 if (optind < argc && getpid() != 1) {
1001 /* Hmm, when we aren't run as init system
1002 * let's complain about excess arguments */
1003
1004 log_error("Excess arguments.");
1005 return -EINVAL;
1006 }
1007
f170852a
LP		 1008 return 0;
1009}
1010
1011static int help(void) {
1012
2e33c433 1013 printf("%s [OPTIONS...]\n\n"
af2d49f7 1014 "Starts up and maintains the system or user services.\n\n"
e537352b 1015 " -h --help Show this help\n"
e537352b 1016 " --test Determine startup sequence, dump it and exit\n"
b87c2aa6 1017 " --no-pager Do not pipe output into a pager\n"
80876c20 1018 " --dump-configuration-items Dump understood unit configuration items\n"
9e58ff9c 1019 " --unit=UNIT Set default unit\n"
edb9aaa8 1020 " --system Run a system instance, even if PID != 1\n"
af2d49f7 1021 " --user Run a user instance\n"
b9e74c39
LP		 1022 " --dump-core[=BOOL] Dump core on crash\n"
1023 " --crash-vt=NR Change to specified VT on crash\n"
1024 " --crash-reboot[=BOOL] Reboot on crash\n"
1025 " --crash-shell[=BOOL] Run shell on crash\n"
1026 " --confirm-spawn[=BOOL] Ask for confirmation when spawning processes\n"
1027 " --show-status[=BOOL] Show status updates on the console during bootup\n"
c1dc6153 1028 " --log-target=TARGET Set log target (console, journal, kmsg, journal-or-kmsg, null)\n"
9e58ff9c 1029 " --log-level=LEVEL Set log level (debug, info, notice, warning, err, crit, alert, emerg)\n"
b9e74c39
LP		 1030 " --log-color[=BOOL] Highlight important log messages\n"
1031 " --log-location[=BOOL] Include code location in log messages\n"
0a494f1f
LP		 1032 " --default-standard-output= Set default standard output for services\n"
1033 " --default-standard-error= Set default standard error output for services\n",
5b6319dc 1034 program_invocation_short_name);
f170852a
LP		 1035
1036 return 0;
1037}
1038
b3680f49 1039static int prepare_reexecute(Manager *m, FILE **_f, FDSet **_fds, bool switching_root) {
48b90859
LP		 1040 _cleanup_fdset_free_ FDSet *fds = NULL;
1041 _cleanup_fclose_ FILE *f = NULL;
a16e1123
LP		 1042 int r;
1043
1044 assert(m);
1045 assert(_f);
1046 assert(_fds);
1047
6b78f9b4 1048 r = manager_open_serialization(m, &f);
48b90859
LP		 1049 if (r < 0)
1050 return log_error_errno(r, "Failed to create serialization file: %m");
a16e1123 1051
71445ae7
LP		 1052 /* Make sure nothing is really destructed when we shut down */
1053 m->n_reloading ++;
718db961 1054 bus_manager_send_reloading(m, true);
71445ae7 1055
6b78f9b4 1056 fds = fdset_new();
48b90859
LP		 1057 if (!fds)
1058 return log_oom();
a16e1123 1059
b3680f49 1060 r = manager_serialize(m, f, fds, switching_root);
48b90859
LP		 1061 if (r < 0)
1062 return log_error_errno(r, "Failed to serialize state: %m");
a16e1123 1063
48b90859
LP		 1064 if (fseeko(f, 0, SEEK_SET) == (off_t) -1)
1065 return log_error_errno(errno, "Failed to rewind serialization fd: %m");
a16e1123 1066
6b78f9b4 1067 r = fd_cloexec(fileno(f), false);
48b90859
LP		 1068 if (r < 0)
1069 return log_error_errno(r, "Failed to disable O_CLOEXEC for serialization: %m");
a16e1123 1070
6b78f9b4 1071 r = fdset_cloexec(fds, false);
48b90859
LP		 1072 if (r < 0)
1073 return log_error_errno(r, "Failed to disable O_CLOEXEC for serialization fds: %m");
a16e1123
LP		 1074
1075 *_f = f;
1076 *_fds = fds;
1077
48b90859
LP		 1078 f = NULL;
1079 fds = NULL;
a16e1123 1080
48b90859 1081 return 0;
a16e1123
LP		 1082}
1083
4096d6f5
LP		 1084static int bump_rlimit_nofile(struct rlimit *saved_rlimit) {
1085 struct rlimit nl;
1086 int r;
1087
1088 assert(saved_rlimit);
1089
1090 /* Save the original RLIMIT_NOFILE so that we can reset it
1091 * later when transitioning from the initrd to the main
1092 * systemd or suchlike. */
4a62c710
MS		 1093 if (getrlimit(RLIMIT_NOFILE, saved_rlimit) < 0)
1094 return log_error_errno(errno, "Reading RLIMIT_NOFILE failed: %m");
4096d6f5
LP		 1095
1096 /* Make sure forked processes get the default kernel setting */
1097 if (!arg_default_rlimit[RLIMIT_NOFILE]) {
1098 struct rlimit *rl;
1099
1100 rl = newdup(struct rlimit, saved_rlimit, 1);
1101 if (!rl)
1102 return log_oom();
1103
1104 arg_default_rlimit[RLIMIT_NOFILE] = rl;
1105 }
1106
1107 /* Bump up the resource limit for ourselves substantially */
1108 nl.rlim_cur = nl.rlim_max = 64*1024;
1109 r = setrlimit_closest(RLIMIT_NOFILE, &nl);
23bbb0de
MS		 1110 if (r < 0)
1111 return log_error_errno(r, "Setting RLIMIT_NOFILE failed: %m");
4096d6f5
LP		 1112
1113 return 0;
1114}
1115
6ee5bbf8 1116static void test_mtab(void) {
6ee5bbf8 1117
5b4c0131
LP		 1118 static const char ok[] =
1119 "/proc/self/mounts\0"
1120 "/proc/mounts\0"
1121 "../proc/self/mounts\0"
1122 "../proc/mounts\0";
80758717 1123
5b4c0131
LP		 1124 _cleanup_free_ char *p = NULL;
1125 int r;
6ee5bbf8 1126
5b4c0131
LP		 1127 /* Check that /etc/mtab is a symlink to the right place or
1128 * non-existing. But certainly not a file, or a symlink to
1129 * some weird place... */
6ee5bbf8 1130
5b4c0131
LP		 1131 r = readlink_malloc("/etc/mtab", &p);
1132 if (r == -ENOENT)
1133 return;
1134 if (r >= 0 && nulstr_contains(ok, p))
1135 return;
6ee5bbf8 1136
bcce7187
DM		 1137 log_error("/etc/mtab is not a symlink or not pointing to /proc/self/mounts. "
1138 "This is not supported anymore. "
f7cd3d5f 1139 "Please replace /etc/mtab with a symlink to /proc/self/mounts.");
b9e74c39 1140 freeze_or_reboot();
80758717
LP		 1141}
1142
1143static void test_usr(void) {
80758717 1144
ed1c99fc 1145 /* Check that /usr is not a separate fs */
80758717 1146
871c44a7
LP		 1147 if (dir_is_empty("/usr") <= 0)
1148 return;
1149
8b173b5e 1150 log_warning("/usr appears to be on its own filesystem and is not already mounted. This is not a supported setup. "
871c44a7
LP		 1151 "Some things will probably break (sometimes even silently) in mysterious ways. "
1152 "Consult http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken for more information.");
1153}
1154
a07fdfa3
LP		 1155static int initialize_join_controllers(void) {
1156 /* By default, mount "cpu" + "cpuacct" together, and "net_cls"
1157 * + "net_prio". We'd like to add "cpuset" to the mix, but
f131770b 1158 * "cpuset" doesn't really work for groups with no initialized
a07fdfa3
LP		 1159 * attributes. */
1160
1161 arg_join_controllers = new(char**, 3);
1162 if (!arg_join_controllers)
1163 return -ENOMEM;
1164
1165 arg_join_controllers[0] = strv_new("cpu", "cpuacct", NULL);
fe382237
LP		 1166 if (!arg_join_controllers[0])
1167 goto oom;
a6b26d90 1168
fe382237
LP		 1169 arg_join_controllers[1] = strv_new("net_cls", "net_prio", NULL);
1170 if (!arg_join_controllers[1])
1171 goto oom;
a07fdfa3 1172
fe382237 1173 arg_join_controllers[2] = NULL;
a07fdfa3 1174 return 0;
fe382237
LP		 1175
1176oom:
1177 arg_join_controllers = strv_free_free(arg_join_controllers);
1178 return -ENOMEM;
a07fdfa3
LP		 1179}
1180
d3b1c508
LP		 1181static int enforce_syscall_archs(Set *archs) {
1182#ifdef HAVE_SECCOMP
1183 scmp_filter_ctx *seccomp;
1184 Iterator i;
1185 void *id;
1186 int r;
1187
1188 seccomp = seccomp_init(SCMP_ACT_ALLOW);
1189 if (!seccomp)
1190 return log_oom();
1191
1192 SET_FOREACH(id, arg_syscall_archs, i) {
1193 r = seccomp_arch_add(seccomp, PTR_TO_UINT32(id) - 1);
1194 if (r == -EEXIST)
1195 continue;
1196 if (r < 0) {
da927ba9 1197 log_error_errno(r, "Failed to add architecture to seccomp: %m");
d3b1c508
LP		 1198 goto finish;
1199 }
1200 }
1201
8a8bf3c0
LP		 1202 r = seccomp_attr_set(seccomp, SCMP_FLTATR_CTL_NNP, 0);
1203 if (r < 0) {
da927ba9 1204 log_error_errno(r, "Failed to unset NO_NEW_PRIVS: %m");
8a8bf3c0
LP		 1205 goto finish;
1206 }
1207
d3b1c508
LP		 1208 r = seccomp_load(seccomp);
1209 if (r < 0)
da927ba9 1210 log_error_errno(r, "Failed to add install architecture seccomp: %m");
d3b1c508
LP		 1211
1212finish:
1213 seccomp_release(seccomp);
1214 return r;
1215#else
1216 return 0;
1217#endif
1218}
1219
b6e2f329
LP		 1220static int status_welcome(void) {
1221 _cleanup_free_ char *pretty_name = NULL, *ansi_color = NULL;
1222 int r;
1223
1224 r = parse_env_file("/etc/os-release", NEWLINE,
1225 "PRETTY_NAME", &pretty_name,
1226 "ANSI_COLOR", &ansi_color,
1227 NULL);
ece174c5 1228 if (r == -ENOENT)
5ae4d543
LP		 1229 r = parse_env_file("/usr/lib/os-release", NEWLINE,
1230 "PRETTY_NAME", &pretty_name,
1231 "ANSI_COLOR", &ansi_color,
1232 NULL);
b6e2f329
LP		 1233
1234 if (r < 0 && r != -ENOENT)
da927ba9 1235 log_warning_errno(r, "Failed to read os-release file: %m");
b6e2f329
LP		 1236
1237 return status_printf(NULL, false, false,
1238 "\nWelcome to \x1B[%sm%s\x1B[0m!\n",
1239 isempty(ansi_color) ? "1" : ansi_color,
1240 isempty(pretty_name) ? "Linux" : pretty_name);
1241}
1242
fdd25311
LP		 1243static int write_container_id(void) {
1244 const char *c;
1245
1246 c = getenv("container");
1247 if (isempty(c))
1248 return 0;
1249
4c1fc3e4 1250 return write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE);
fdd25311
LP		 1251}
1252
60918275
LP		 1253int main(int argc, char *argv[]) {
1254 Manager *m = NULL;
22f4096c 1255 int r, retval = EXIT_FAILURE;
9d76d730
LP		 1256 usec_t before_startup, after_startup;
1257 char timespan[FORMAT_TIMESPAN_MAX];
a16e1123
LP		 1258 FDSet *fds = NULL;
1259 bool reexecute = false;
b9080b03 1260 const char *shutdown_verb = NULL;
86caf095
LP		 1261 dual_timestamp initrd_timestamp = DUAL_TIMESTAMP_NULL;
1262 dual_timestamp userspace_timestamp = DUAL_TIMESTAMP_NULL;
1263 dual_timestamp kernel_timestamp = DUAL_TIMESTAMP_NULL;
1264 dual_timestamp security_start_timestamp = DUAL_TIMESTAMP_NULL;
1265 dual_timestamp security_finish_timestamp = DUAL_TIMESTAMP_NULL;
5d6b1584 1266 static char systemd[] = "systemd";
2660882b 1267 bool skip_setup = false;
d3b1c508 1268 unsigned j;
0b3325e7 1269 bool loaded_policy = false;
e96d6be7 1270 bool arm_reboot_watchdog = false;
bf4df7c3 1271 bool queue_default_job = false;
5f5c2f38 1272 bool empty_etc = false;
41669317 1273 char *switch_root_dir = NULL, *switch_root_init = NULL;
86caf095 1274 struct rlimit saved_rlimit_nofile = RLIMIT_MAKE_CONST(0);
cb6531be 1275 const char *error_message = NULL;
27b14a22 1276
058dc6f3 1277#ifdef HAVE_SYSV_COMPAT
2cb1a60d 1278 if (getpid() != 1 && strstr(program_invocation_short_name, "init")) {
35b8ca3a 1279 /* This is compatibility support for SysV, where
2cb1a60d
LP		 1280 * calling init as a user is identical to telinit. */
1281
1282 errno = -ENOENT;
1283 execv(SYSTEMCTL_BINARY_PATH, argv);
56f64d95 1284 log_error_errno(errno, "Failed to exec " SYSTEMCTL_BINARY_PATH ": %m");
2cb1a60d
LP		 1285 return 1;
1286 }
058dc6f3 1287#endif
2cb1a60d 1288
c3a170f3
HH		 1289 dual_timestamp_from_monotonic(&kernel_timestamp, 0);
1290 dual_timestamp_get(&userspace_timestamp);
1291
0b3325e7
LP		 1292 /* Determine if this is a reexecution or normal bootup. We do
1293 * the full command line parsing much later, so let's just
1294 * have a quick peek here. */
db813c2a
LP		 1295 if (strv_find(argv+1, "--deserialize"))
1296 skip_setup = true;
0b3325e7 1297
2660882b
LP		 1298 /* If we have switched root, do all the special setup
1299 * things */
db813c2a
LP		 1300 if (strv_find(argv+1, "--switched-root"))
1301 skip_setup = false;
d03bc1b8 1302
f3b6a3ed
LP		 1303 /* If we get started via the /sbin/init symlink then we are
1304 called 'init'. After a subsequent reexecution we are then
1305 called 'systemd'. That is confusing, hence let's call us
1306 systemd right-away. */
f3b6a3ed
LP		 1307 program_invocation_short_name = systemd;
1308 prctl(PR_SET_NAME, systemd);
5d6b1584 1309
9a0e6896
LP		 1310 saved_argv = argv;
1311 saved_argc = argc;
f3b6a3ed 1312
2cc59dbf 1313 log_show_color(isatty(STDERR_FILENO) > 0);
c1dc6153 1314 log_set_upgrade_syslog_to_journal(true);
bbe63281 1315
90dc8c2e
MG		 1316 /* Disable the umask logic */
1317 if (getpid() == 1)
1318 umask(0);
1319
75f86906 1320 if (getpid() == 1 && detect_container() <= 0) {
4f8d551f 1321
a866073d 1322 /* Running outside of a container as PID 1 */
b2c23da8 1323 arg_running_as = MANAGER_SYSTEM;
a866073d
LP		 1324 make_null_stdio();
1325 log_set_target(LOG_TARGET_KMSG);
1326 log_open();
1327
21bf2ab0 1328 if (in_initrd())
c3a170f3 1329 initrd_timestamp = userspace_timestamp;
c3ba6250 1330
2660882b 1331 if (!skip_setup) {
8f838d8a 1332 mount_setup_early();
c2e0d600 1333 dual_timestamp_get(&security_start_timestamp);
cb6531be
ZJS		 1334 if (mac_selinux_setup(&loaded_policy) < 0) {
1335 error_message = "Failed to load SELinux policy";
0b3325e7 1336 goto finish;
cb6531be
ZJS		 1337 } else if (ima_setup() < 0) {
1338 error_message = "Failed to load IMA policy";
81611586 1339 goto finish;
cb6531be
ZJS		 1340 } else if (mac_smack_setup(&loaded_policy) < 0) {
1341 error_message = "Failed to load SMACK policy";
ffbd2c4d 1342 goto finish;
cb6531be 1343 }
c2e0d600 1344 dual_timestamp_get(&security_finish_timestamp);
81611586 1345 }
0b3325e7 1346
cb6531be
ZJS		 1347 if (mac_selinux_init(NULL) < 0) {
1348 error_message = "Failed to initialize SELinux policy";
0ff4cdd9 1349 goto finish;
cb6531be 1350 }
7948c4df 1351
72edcff5 1352 if (!skip_setup) {
24efb112 1353 if (clock_is_localtime() > 0) {
0b3325e7 1354 int min;
7948c4df 1355
c264aeab
KS		 1356 /*
1357 * The very first call of settimeofday() also does a time warp in the kernel.
1358 *
1359 * In the rtc-in-local time mode, we set the kernel's timezone, and rely on
1360 * external tools to take care of maintaining the RTC and do all adjustments.
1361 * This matches the behavior of Windows, which leaves the RTC alone if the
1362 * registry tells that the RTC runs in UTC.
1363 */
24efb112 1364 r = clock_set_timezone(&min);
0b3325e7 1365 if (r < 0)
da927ba9 1366 log_error_errno(r, "Failed to apply local time delta, ignoring: %m");
0b3325e7
LP		 1367 else
1368 log_info("RTC configured in localtime, applying delta of %i minutes to system time.", min);
19e65613
KS		 1369 } else if (!in_initrd()) {
1370 /*
c264aeab 1371 * Do a dummy very first call to seal the kernel's time warp magic.
19e65613
KS		 1372 *
1373 * Do not call this this from inside the initrd. The initrd might not
1374 * carry /etc/adjtime with LOCAL, but the real system could be set up
1375 * that way. In such case, we need to delay the time-warp or the sealing
1376 * until we reach the real system.
c264aeab
KS		 1377 *
1378 * Do no set the kernel's timezone. The concept of local time cannot
1379 * be supported reliably, the time will jump or be incorrect at every daylight
1380 * saving time change. All kernel local time concepts will be treated
1381 * as UTC that way.
19e65613 1382 */
c264aeab 1383 clock_reset_timewarp();
72edcff5
KS		 1384 }
1385 }
a866073d
LP		 1386
1387 /* Set the default for later on, but don't actually
1388 * open the logs like this for now. Note that if we
1389 * are transitioning from the initrd there might still
1390 * be journal fd open, and we shouldn't attempt
1391 * opening that before we parsed /proc/cmdline which
1392 * might redirect output elsewhere. */
1393 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
1394
1395 } else if (getpid() == 1) {
a866073d 1396 /* Running inside a container, as PID 1 */
b2c23da8 1397 arg_running_as = MANAGER_SYSTEM;
a866073d 1398 log_set_target(LOG_TARGET_CONSOLE);
99f09825 1399 log_close_console(); /* force reopen of /dev/console */
a866073d
LP		 1400 log_open();
1401
1402 /* For the later on, see above... */
1403 log_set_target(LOG_TARGET_JOURNAL);
1404
c3a170f3
HH		 1405 /* clear the kernel timestamp,
1406 * because we are in a container */
1407 kernel_timestamp.monotonic = 0ULL;
1408 kernel_timestamp.realtime = 0ULL;
a866073d 1409
c3a170f3 1410 } else {
a866073d 1411 /* Running as user instance */
b2c23da8 1412 arg_running_as = MANAGER_USER;
eeecf6e6 1413 log_set_target(LOG_TARGET_AUTO);
871e5809 1414 log_open();
c3a170f3
HH		 1415
1416 /* clear the kernel timestamp,
1417 * because we are not PID 1 */
6513d561 1418 kernel_timestamp = DUAL_TIMESTAMP_NULL;
bbe63281 1419 }
a5dab5ce 1420
0c85a4f3 1421 /* Initialize default unit */
e6e242ad 1422 r = free_and_strdup(&arg_default_unit, SPECIAL_DEFAULT_TARGET);
6afa301b 1423 if (r < 0) {
da927ba9 1424 log_emergency_errno(r, "Failed to set default unit %s: %m", SPECIAL_DEFAULT_TARGET);
cb6531be 1425 error_message = "Failed to set default unit";
f170852a 1426 goto finish;
14212119 1427 }
60918275 1428
a07fdfa3 1429 r = initialize_join_controllers();
cb6531be 1430 if (r < 0) {
ff9b60f3 1431 error_message = "Failed to initialize cgroup controllers";
0c85a4f3 1432 goto finish;
cb6531be 1433 }
0c85a4f3 1434
f170852a
LP		 1435 /* Mount /proc, /sys and friends, so that /proc/cmdline and
1436 * /proc/$PID/fd is available. */
c1dae1b3 1437 if (getpid() == 1) {
f84f9974
LP		 1438
1439 /* Load the kernel modules early, so that we kdbus.ko is loaded before kdbusfs shall be mounted */
2e75e2a8
DM		 1440 if (!skip_setup)
1441 kmod_setup();
2e75e2a8 1442
0c85a4f3 1443 r = mount_setup(loaded_policy);
cb6531be
ZJS		 1444 if (r < 0) {
1445 error_message = "Failed to mount API filesystems";
8efe3c01 1446 goto finish;
cb6531be 1447 }
0c85a4f3 1448 }
4ade7963
LP		 1449
1450 /* Reset all signal handlers. */
ce30c8dc
LP		 1451 (void) reset_all_signal_handlers();
1452 (void) ignore_signals(SIGNALS_IGNORE, -1);
078e4539 1453
cb6531be
ZJS		 1454 if (parse_config_file() < 0) {
1455 error_message = "Failed to parse config file";
487393e9 1456 goto finish;
cb6531be 1457 }
487393e9 1458
b2c23da8 1459 if (arg_running_as == MANAGER_SYSTEM) {
b5884878
LP		 1460 r = parse_proc_cmdline(parse_proc_cmdline_item);
1461 if (r < 0)
da927ba9 1462 log_warning_errno(r, "Failed to parse kernel command line, ignoring: %m");
b5884878 1463 }
f170852a 1464
1de1c9c3
LP		 1465 /* Note that this also parses bits from the kernel command
1466 * line, including "debug". */
f170852a
LP		 1467 log_parse_environment();
1468
cb6531be
ZJS		 1469 if (parse_argv(argc, argv) < 0) {
1470 error_message = "Failed to parse commandline arguments";
f170852a 1471 goto finish;
cb6531be 1472 }
f170852a 1473
6bae23a0
TB		 1474 if (arg_action == ACTION_TEST &&
1475 geteuid() == 0) {
b5c6cf87
LP		 1476 log_error("Don't run test mode as root.");
1477 goto finish;
1478 }
1479
b2c23da8 1480 if (arg_running_as == MANAGER_USER &&
6bae23a0
TB		 1481 arg_action == ACTION_RUN &&
1482 sd_booted() <= 0) {
1483 log_error("Trying to run as user instance, but the system has not been booted with systemd.");
1484 goto finish;
1485 }
1486
b2c23da8 1487 if (arg_running_as == MANAGER_SYSTEM &&
fe783b03
LP		 1488 arg_action == ACTION_RUN &&
1489 running_in_chroot() > 0) {
1490 log_error("Cannot be run in a chroot() environment.");
1491 goto finish;
1492 }
1493
0d8c31ff
ZJS		 1494 if (arg_action == ACTION_TEST)
1495 skip_setup = true;
1496
b87c2aa6
ZJS		 1497 pager_open_if_enabled();
1498
fa0f4d8a 1499 if (arg_action == ACTION_HELP) {
f170852a
LP		 1500 retval = help();
1501 goto finish;
9ba0bc4e
ZJS		 1502 } else if (arg_action == ACTION_VERSION) {
1503 retval = version();
1504 goto finish;
fa0f4d8a 1505 } else if (arg_action == ACTION_DUMP_CONFIGURATION_ITEMS) {
e537352b 1506 unit_dump_config_items(stdout);
22f4096c 1507 retval = EXIT_SUCCESS;
e537352b 1508 goto finish;
fa0f4d8a 1509 } else if (arg_action == ACTION_DONE) {
22f4096c 1510 retval = EXIT_SUCCESS;
4288f619 1511 goto finish;
f170852a
LP		 1512 }
1513
b2c23da8 1514 if (arg_running_as == MANAGER_USER &&
8be28fb1
KS		 1515 !getenv("XDG_RUNTIME_DIR")) {
1516 log_error("Trying to run as user instance, but $XDG_RUNTIME_DIR is not set.");
1517 goto finish;
1518 }
1519
fa0f4d8a 1520 assert_se(arg_action == ACTION_RUN || arg_action == ACTION_TEST);
f170852a 1521
871e5809
LP		 1522 /* Close logging fds, in order not to confuse fdset below */
1523 log_close();
1524
a16e1123 1525 /* Remember open file descriptors for later deserialization */
01e10de3
LP		 1526 r = fdset_new_fill(&fds);
1527 if (r < 0) {
da927ba9 1528 log_emergency_errno(r, "Failed to allocate fd set: %m");
cb6531be 1529 error_message = "Failed to allocate fd set";
01e10de3
LP		 1530 goto finish;
1531 } else
1532 fdset_cloexec(fds, true);
a16e1123 1533
d3b1c508
LP		 1534 if (arg_serialization)
1535 assert_se(fdset_remove(fds, fileno(arg_serialization)) >= 0);
a16e1123 1536
b2c23da8 1537 if (arg_running_as == MANAGER_SYSTEM)
80876c20
LP		 1538 /* Become a session leader if we aren't one yet. */
1539 setsid();
4ade7963 1540
befb5b6a 1541 /* Move out of the way, so that we won't block unmounts */
d250afe7 1542 assert_se(chdir("/") == 0);
befb5b6a 1543
2146621b
LP		 1544 /* Reset the console, but only if this is really init and we
1545 * are freshly booted */
b2c23da8 1546 if (arg_running_as == MANAGER_SYSTEM && arg_action == ACTION_RUN) {
56d96fc0
LP		 1547
1548 /* If we are init, we connect stdin/stdout/stderr to
1549 * /dev/null and make sure we don't have a controlling
1550 * tty. */
1551 release_terminal();
1552
1553 if (getpid() == 1 && !skip_setup)
1554 console_setup();
1555 }
4ade7963 1556
18149b9f 1557 /* Open the logging devices, if possible and necessary */
843d2643 1558 log_open();
4ade7963 1559
b6e2f329
LP		 1560 if (arg_show_status == _SHOW_STATUS_UNSET)
1561 arg_show_status = SHOW_STATUS_YES;
1562
5373d602
LP		 1563 /* Make sure we leave a core dump without panicing the
1564 * kernel. */
ab422445 1565 if (getpid() == 1) {
4fc935ca 1566 install_crash_handler();
97c4f35c 1567
0c85a4f3
LP		 1568 r = mount_cgroup_controllers(arg_join_controllers);
1569 if (r < 0)
1570 goto finish;
1571 }
1572
b2c23da8 1573 if (arg_running_as == MANAGER_SYSTEM) {
75f86906 1574 int v;
c20f5ac7 1575
0d8c31ff
ZJS		 1576 log_info(PACKAGE_STRING " running in %ssystem mode. (" SYSTEMD_FEATURES ")",
1577 arg_action == ACTION_TEST ? "test " : "" );
c20f5ac7 1578
75f86906
LP		 1579 v = detect_virtualization();
1580 if (v > 0)
1581 log_info("Detected virtualization %s.", virtualization_to_string(v));
c20f5ac7 1582
fdd25311
LP		 1583 write_container_id();
1584
d3f86679 1585 log_info("Detected architecture %s.", architecture_to_string(uname_architecture()));
d9d93745 1586
26a1efdf
LP		 1587 if (in_initrd())
1588 log_info("Running in initial RAM disk.");
1589
3408ba01
LP		 1590 /* Let's check whether /etc is already populated. We
1591 * don't actually really check for that, but use
1592 * /etc/machine-id as flag file. This allows container
1593 * managers and installers to provision a couple of
1594 * files already. If the container manager wants to
1595 * provision the machine ID itself it should pass
ee33e53a 1596 * $container_uuid to PID 1. */
3408ba01 1597
baa1bdf7 1598 empty_etc = access("/etc/machine-id", F_OK) < 0;
5f5c2f38
LP		 1599 if (empty_etc)
1600 log_info("Running with unpopulated /etc.");
d8160f21 1601 } else {
1f97091d
LP		 1602 _cleanup_free_ char *t;
1603
1604 t = uid_to_name(getuid());
0d8c31ff
ZJS		 1605 log_debug(PACKAGE_STRING " running in %suser mode for user "UID_FMT"/%s. (" SYSTEMD_FEATURES ")",
1606 arg_action == ACTION_TEST ? " test" : "", getuid(), t);
d8160f21 1607 }
a5dab5ce 1608
b2c23da8 1609 if (arg_running_as == MANAGER_SYSTEM && !skip_setup) {
031886ed 1610 if (arg_show_status > 0)
888c6216
LP		 1611 status_welcome();
1612
888c6216 1613 hostname_setup();
489388fb 1614 machine_id_setup(NULL);
888c6216 1615 loopback_setup();
490aed58 1616
6ee5bbf8 1617 test_mtab();
80758717 1618 test_usr();
af5bc85d 1619 }
302e8c4c 1620
b2c23da8 1621 if (arg_running_as == MANAGER_SYSTEM && arg_runtime_watchdog > 0)
e96d6be7
LP		 1622 watchdog_set_timeout(&arg_runtime_watchdog);
1623
3a43da28 1624 if (arg_timer_slack_nsec != NSEC_INFINITY)
aa0f64ac 1625 if (prctl(PR_SET_TIMERSLACK, arg_timer_slack_nsec) < 0)
56f64d95 1626 log_error_errno(errno, "Failed to adjust timer slack: %m");
aa0f64ac 1627
ec8927ca 1628 if (arg_capability_bounding_set_drop) {
31c885e9 1629 r = capability_bounding_set_drop_usermode(arg_capability_bounding_set_drop);
ec8927ca 1630 if (r < 0) {
da927ba9 1631 log_emergency_errno(r, "Failed to drop capability bounding set of usermode helpers: %m");
cb6531be 1632 error_message = "Failed to drop capability bounding set of usermode helpers";
ec8927ca
LP		 1633 goto finish;
1634 }
31c885e9 1635 r = capability_bounding_set_drop(arg_capability_bounding_set_drop, true);
939b8f14 1636 if (r < 0) {
da927ba9 1637 log_emergency_errno(r, "Failed to drop capability bounding set: %m");
cb6531be 1638 error_message = "Failed to drop capability bounding set";
939b8f14
LP		 1639 goto finish;
1640 }
ec8927ca
LP		 1641 }
1642
d3b1c508
LP		 1643 if (arg_syscall_archs) {
1644 r = enforce_syscall_archs(arg_syscall_archs);
cb6531be
ZJS		 1645 if (r < 0) {
1646 error_message = "Failed to set syscall architectures";
d3b1c508 1647 goto finish;
cb6531be 1648 }
d3b1c508
LP		 1649 }
1650
61b9b203 1651 if (arg_running_as == MANAGER_USER)
d4447f4d 1652 /* Become reaper of our children */
61b9b203 1653 if (prctl(PR_SET_CHILD_SUBREAPER, 1) < 0)
56f64d95 1654 log_warning_errno(errno, "Failed to make us a subreaper: %m");
d4447f4d 1655
b2c23da8 1656 if (arg_running_as == MANAGER_SYSTEM) {
4096d6f5
LP		 1657 bump_rlimit_nofile(&saved_rlimit_nofile);
1658
5f5c2f38 1659 if (empty_etc) {
304b3079 1660 r = unit_file_preset_all(UNIT_FILE_SYSTEM, false, NULL, UNIT_FILE_PRESET_ENABLE_ONLY, false, NULL, 0);
5f5c2f38 1661 if (r < 0)
da927ba9 1662 log_warning_errno(r, "Failed to populate /etc with preset unit settings, ignoring: %m");
5f5c2f38
LP		 1663 else
1664 log_info("Populated /etc with preset unit settings.");
1665 }
1666 }
1667
0d8c31ff 1668 r = manager_new(arg_running_as, arg_action == ACTION_TEST, &m);
e96d6be7 1669 if (r < 0) {
da927ba9 1670 log_emergency_errno(r, "Failed to allocate manager object: %m");
cb6531be 1671 error_message = "Failed to allocate manager object";
60918275
LP		 1672 goto finish;
1673 }
1674
9e58ff9c 1675 m->confirm_spawn = arg_confirm_spawn;
e96d6be7
LP		 1676 m->runtime_watchdog = arg_runtime_watchdog;
1677 m->shutdown_watchdog = arg_shutdown_watchdog;
c3a170f3
HH		 1678 m->userspace_timestamp = userspace_timestamp;
1679 m->kernel_timestamp = kernel_timestamp;
c3a170f3 1680 m->initrd_timestamp = initrd_timestamp;
c2e0d600
TA		 1681 m->security_start_timestamp = security_start_timestamp;
1682 m->security_finish_timestamp = security_finish_timestamp;
9e58ff9c 1683
06af2a04 1684 manager_set_defaults(m);
27d340c7 1685 manager_set_show_status(m, arg_show_status);
e2680723 1686 manager_set_first_boot(m, empty_etc);
27d340c7 1687
bf4df7c3 1688 /* Remember whether we should queue the default job */
d3b1c508 1689 queue_default_job = !arg_serialization || arg_switched_root;
bf4df7c3 1690
9d76d730
LP		 1691 before_startup = now(CLOCK_MONOTONIC);
1692
d3b1c508 1693 r = manager_startup(m, arg_serialization, fds);
e96d6be7 1694 if (r < 0)
da927ba9 1695 log_error_errno(r, "Failed to fully start up daemon: %m");
a16e1123 1696
bf4df7c3
LP		 1697 /* This will close all file descriptors that were opened, but
1698 * not claimed by any unit. */
2feceb5e 1699 fds = fdset_free(fds);
f50e0a01 1700
74ca738f 1701 arg_serialization = safe_fclose(arg_serialization);
bf4df7c3
LP		 1702
1703 if (queue_default_job) {
718db961 1704 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1c27d3f3 1705 Unit *target = NULL;
bacbccb7 1706 Job *default_unit_job;
398ef8ba 1707
fa0f4d8a 1708 log_debug("Activating default unit: %s", arg_default_unit);
a16e1123 1709
e96d6be7 1710 r = manager_load_unit(m, arg_default_unit, NULL, &error, &target);
718db961
LP		 1711 if (r < 0)
1712 log_error("Failed to load default target: %s", bus_error_message(&error, r));
1713 else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND)
c33b3297 1714 log_error_errno(target->load_error, "Failed to load default target: %m");
ac155bb8 1715 else if (target->load_state == UNIT_MASKED)
6daf4f90 1716 log_error("Default target masked.");
27b14a22 1717
ac155bb8 1718 if (!target || target->load_state != UNIT_LOADED) {
a16e1123 1719 log_info("Trying to load rescue target...");
1c27d3f3 1720
e96d6be7
LP		 1721 r = manager_load_unit(m, SPECIAL_RESCUE_TARGET, NULL, &error, &target);
1722 if (r < 0) {
4104970e 1723 log_emergency("Failed to load rescue target: %s", bus_error_message(&error, r));
cb6531be 1724 error_message = "Failed to load rescue target";
a16e1123 1725 goto finish;
11ddb6f4 1726 } else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND) {
c33b3297 1727 log_emergency_errno(target->load_error, "Failed to load rescue target: %m");
cb6531be 1728 error_message = "Failed to load rescue target";
1c27d3f3 1729 goto finish;
ac155bb8 1730 } else if (target->load_state == UNIT_MASKED) {
4104970e 1731 log_emergency("Rescue target masked.");
cb6531be 1732 error_message = "Rescue target masked";
00dc5d76 1733 goto finish;
a16e1123
LP		 1734 }
1735 }
37d88da7 1736
ac155bb8 1737 assert(target->load_state == UNIT_LOADED);
00dc5d76 1738
fa0f4d8a 1739 if (arg_action == ACTION_TEST) {
40d50879 1740 printf("-> By units:\n");
a16e1123
LP		 1741 manager_dump_units(m, stdout, "\t");
1742 }
1743
95f1b47d 1744 r = manager_add_job(m, JOB_START, target, JOB_ISOLATE, false, &error, &default_unit_job);
ab17a050 1745 if (r == -EPERM) {
718db961 1746 log_debug("Default target could not be isolated, starting instead: %s", bus_error_message(&error, r));
ab17a050
LP		 1747
1748 r = manager_add_job(m, JOB_START, target, JOB_REPLACE, false, &error, &default_unit_job);
1749 if (r < 0) {
4104970e 1750 log_emergency("Failed to start default target: %s", bus_error_message(&error, r));
cb6531be 1751 error_message = "Failed to start default target";
ab17a050
LP		 1752 goto finish;
1753 }
1754 } else if (r < 0) {
4104970e 1755 log_emergency("Failed to isolate default target: %s", bus_error_message(&error, r));
cb6531be 1756 error_message = "Failed to isolate default target";
37d88da7
LP		 1757 goto finish;
1758 }
ab17a050 1759
bacbccb7 1760 m->default_unit_job_id = default_unit_job->id;
60918275 1761
07672f49
LP		 1762 after_startup = now(CLOCK_MONOTONIC);
1763 log_full(arg_action == ACTION_TEST ? LOG_INFO : LOG_DEBUG,
1764 "Loaded units and determined initial transaction in %s.",
fdb14b7e 1765 format_timespan(timespan, sizeof(timespan), after_startup - before_startup, 100 * USEC_PER_MSEC));
07672f49 1766
fa0f4d8a 1767 if (arg_action == ACTION_TEST) {
40d50879 1768 printf("-> By jobs:\n");
a16e1123 1769 manager_dump_jobs(m, stdout, "\t");
22f4096c 1770 retval = EXIT_SUCCESS;
a16e1123
LP		 1771 goto finish;
1772 }
e965d56d 1773 }
d46de8a1 1774
a16e1123 1775 for (;;) {
e96d6be7
LP		 1776 r = manager_loop(m);
1777 if (r < 0) {
da927ba9 1778 log_emergency_errno(r, "Failed to run main loop: %m");
cb6531be 1779 error_message = "Failed to run main loop";
a16e1123
LP		 1780 goto finish;
1781 }
11dd41ce 1782
a16e1123 1783 switch (m->exit_code) {
e965d56d 1784
a16e1123 1785 case MANAGER_RELOAD:
e015090f 1786 log_info("Reloading.");
06af2a04
TB		 1787
1788 r = parse_config_file();
1789 if (r < 0)
1790 log_error("Failed to parse config file.");
1791
1792 manager_set_defaults(m);
1793
e96d6be7
LP		 1794 r = manager_reload(m);
1795 if (r < 0)
da927ba9 1796 log_error_errno(r, "Failed to reload: %m");
a16e1123 1797 break;
cea8e32e 1798
a16e1123 1799 case MANAGER_REEXECUTE:
664f88a7 1800
cb6531be 1801 if (prepare_reexecute(m, &arg_serialization, &fds, false) < 0) {
6b9af963 1802 error_message = "Failed to prepare for reexecution";
a16e1123 1803 goto finish;
cb6531be 1804 }
60918275 1805
a16e1123 1806 reexecute = true;
e015090f 1807 log_notice("Reexecuting.");
a16e1123
LP		 1808 goto finish;
1809
664f88a7
LP		 1810 case MANAGER_SWITCH_ROOT:
1811 /* Steal the switch root parameters */
41669317 1812 switch_root_dir = m->switch_root;
664f88a7
LP		 1813 switch_root_init = m->switch_root_init;
1814 m->switch_root = m->switch_root_init = NULL;
1815
1816 if (!switch_root_init)
cb6531be 1817 if (prepare_reexecute(m, &arg_serialization, &fds, true) < 0) {
6b9af963 1818 error_message = "Failed to prepare for reexecution";
664f88a7 1819 goto finish;
cb6531be 1820 }
664f88a7
LP		 1821
1822 reexecute = true;
1823 log_notice("Switching root.");
1824 goto finish;
1825
287419c1 1826 case MANAGER_EXIT:
97792515
LP		 1827 retval = m->return_value;
1828
8ebfe0cb 1829 if (m->running_as == MANAGER_USER) {
8ebfe0cb
DH		 1830 log_debug("Exit.");
1831 goto finish;
1832 }
1833
1834 /* fallthrough */
b9080b03
FF		 1835 case MANAGER_REBOOT:
1836 case MANAGER_POWEROFF:
1837 case MANAGER_HALT:
1838 case MANAGER_KEXEC: {
1839 static const char * const table[_MANAGER_EXIT_CODE_MAX] = {
287419c1 1840 [MANAGER_EXIT] = "exit",
b9080b03
FF		 1841 [MANAGER_REBOOT] = "reboot",
1842 [MANAGER_POWEROFF] = "poweroff",
1843 [MANAGER_HALT] = "halt",
1844 [MANAGER_KEXEC] = "kexec"
1845 };
1846
1847 assert_se(shutdown_verb = table[m->exit_code]);
e96d6be7 1848 arm_reboot_watchdog = m->exit_code == MANAGER_REBOOT;
b9080b03
FF		 1849
1850 log_notice("Shutting down.");
1851 goto finish;
1852 }
1853
a16e1123
LP		 1854 default:
1855 assert_not_reached("Unknown exit code.");
1856 }
1857 }
f170852a 1858
60918275 1859finish:
b87c2aa6
ZJS		 1860 pager_close();
1861
97792515 1862 if (m)
81f5fc2d 1863 arg_shutdown_watchdog = m->shutdown_watchdog;
fe382237 1864
06d8d842 1865 m = manager_free(m);
60918275 1866
1f6b4113 1867 for (j = 0; j < ELEMENTSOF(arg_default_rlimit); j++)
a1e58e8e 1868 arg_default_rlimit[j] = mfree(arg_default_rlimit[j]);
c93ff2e9 1869
97b11eed 1870 arg_default_unit = mfree(arg_default_unit);
fe382237 1871 arg_join_controllers = strv_free_free(arg_join_controllers);
97b11eed 1872 arg_default_environment = strv_free(arg_default_environment);
525d3cc7 1873 arg_syscall_archs = set_free(arg_syscall_archs);
d3b1c508 1874
cc56fafe 1875 mac_selinux_finish();
b2bb3dbe 1876
a16e1123 1877 if (reexecute) {
664f88a7 1878 const char **args;
e564a982 1879 unsigned i, args_size;
a16e1123 1880
664f88a7
LP		 1881 /* Close and disarm the watchdog, so that the new
1882 * instance can reinitialize it, but doesn't get
1883 * rebooted while we do that */
1884 watchdog_close(true);
a16e1123 1885
4096d6f5
LP		 1886 /* Reset the RLIMIT_NOFILE to the kernel default, so
1887 * that the new systemd can pass the kernel default to
1888 * its child processes */
1889 if (saved_rlimit_nofile.rlim_cur > 0)
92ca4cac 1890 (void) setrlimit(RLIMIT_NOFILE, &saved_rlimit_nofile);
4096d6f5 1891
41669317 1892 if (switch_root_dir) {
cee530bb
LP		 1893 /* Kill all remaining processes from the
1894 * initrd, but don't wait for them, so that we
1895 * can handle the SIGCHLD for them after
1896 * deserializing. */
0bee65f0 1897 broadcast_signal(SIGTERM, false, true);
bd3fa1d2 1898
5a4bf02f
HH		 1899 /* And switch root with MS_MOVE, because we remove the old directory afterwards and detach it. */
1900 r = switch_root(switch_root_dir, "/mnt", true, MS_MOVE);
41669317 1901 if (r < 0)
da927ba9 1902 log_error_errno(r, "Failed to switch root, trying to continue: %m");
41669317 1903 }
a16e1123 1904
d03bc1b8 1905 args_size = MAX(6, argc+1);
e564a982 1906 args = newa(const char*, args_size);
a16e1123 1907
664f88a7 1908 if (!switch_root_init) {
5ffa8c81 1909 char sfd[DECIMAL_STR_MAX(int) + 1];
a16e1123 1910
664f88a7
LP		 1911 /* First try to spawn ourselves with the right
1912 * path, and with full serialization. We do
1913 * this only if the user didn't specify an
1914 * explicit init to spawn. */
edb9aaa8 1915
d3b1c508 1916 assert(arg_serialization);
664f88a7 1917 assert(fds);
edb9aaa8 1918
5ffa8c81 1919 xsprintf(sfd, "%i", fileno(arg_serialization));
edb9aaa8 1920
664f88a7
LP		 1921 i = 0;
1922 args[i++] = SYSTEMD_BINARY_PATH;
41669317 1923 if (switch_root_dir)
2660882b 1924 args[i++] = "--switched-root";
b2c23da8 1925 args[i++] = arg_running_as == MANAGER_SYSTEM ? "--system" : "--user";
664f88a7
LP		 1926 args[i++] = "--deserialize";
1927 args[i++] = sfd;
1928 args[i++] = NULL;
edb9aaa8 1929
ce8aba56
KS		 1930 /* do not pass along the environment we inherit from the kernel or initrd */
1931 if (switch_root_dir)
92ca4cac 1932 (void) clearenv();
ce8aba56 1933
e564a982 1934 assert(i <= args_size);
92ca4cac 1935 (void) execv(args[0], (char* const*) args);
664f88a7 1936 }
6e98720f 1937
664f88a7
LP		 1938 /* Try the fallback, if there is any, without any
1939 * serialization. We pass the original argv[] and
1940 * envp[]. (Well, modulo the ordering changes due to
1941 * getopt() in argv[], and some cleanups in envp[],
1942 * but let's hope that doesn't matter.) */
a16e1123 1943
74ca738f 1944 arg_serialization = safe_fclose(arg_serialization);
2feceb5e 1945 fds = fdset_free(fds);
a16e1123 1946
a504223d 1947 /* Reopen the console */
92ca4cac 1948 (void) make_console_stdio();
a504223d 1949
d3b1c508 1950 for (j = 1, i = 1; j < (unsigned) argc; j++)
664f88a7 1951 args[i++] = argv[j];
a16e1123 1952 args[i++] = NULL;
e564a982 1953 assert(i <= args_size);
b8f83232 1954
1b6d7fa7 1955 /* Reenable any blocked signals, especially important
5a85ca1c 1956 * if we switch from initial ramdisk to init=... */
ce30c8dc
LP		 1957 (void) reset_all_signal_handlers();
1958 (void) reset_signal_mask();
5a85ca1c 1959
b8f83232
LP		 1960 if (switch_root_init) {
1961 args[0] = switch_root_init;
92ca4cac 1962 (void) execv(args[0], (char* const*) args);
56f64d95 1963 log_warning_errno(errno, "Failed to execute configured init, trying fallback: %m");
b8f83232
LP		 1964 }
1965
1966 args[0] = "/sbin/init";
92ca4cac 1967 (void) execv(args[0], (char* const*) args);
a16e1123 1968
745e2fb7
KS		 1969 if (errno == ENOENT) {
1970 log_warning("No /sbin/init, trying fallback");
b8f83232 1971
745e2fb7
KS		 1972 args[0] = "/bin/sh";
1973 args[1] = NULL;
92ca4cac 1974 (void) execv(args[0], (char* const*) args);
56f64d95 1975 log_error_errno(errno, "Failed to execute /bin/sh, giving up: %m");
745e2fb7 1976 } else
56f64d95 1977 log_warning_errno(errno, "Failed to execute /sbin/init, giving up: %m");
a16e1123
LP		 1978 }
1979
74ca738f 1980 arg_serialization = safe_fclose(arg_serialization);
2feceb5e 1981 fds = fdset_free(fds);
a16e1123 1982
54b434b1
LP		 1983#ifdef HAVE_VALGRIND_VALGRIND_H
1984 /* If we are PID 1 and running under valgrind, then let's exit
1985 * here explicitly. valgrind will only generate nice output on
1986 * exit(), not on exec(), hence let's do the former not the
1987 * latter here. */
1988 if (getpid() == 1 && RUNNING_ON_VALGRIND)
1989 return 0;
1990#endif
1991
b9080b03 1992 if (shutdown_verb) {
b1e90ec5 1993 char log_level[DECIMAL_STR_MAX(int) + 1];
287419c1
AC		 1994 char exit_code[DECIMAL_STR_MAX(uint8_t) + 1];
1995 const char* command_line[11] = {
b9080b03
FF		 1996 SYSTEMD_SHUTDOWN_BINARY_PATH,
1997 shutdown_verb,
b1e90ec5
ZJS		 1998 "--log-level", log_level,
1999 "--log-target",
b9080b03 2000 };
b1e90ec5 2001 unsigned pos = 5;
e3e45d4f 2002 _cleanup_strv_free_ char **env_block = NULL;
15bd5aee
LP		 2003
2004 assert(command_line[pos] == NULL);
e3e45d4f 2005 env_block = strv_copy(environ);
b9080b03 2006
5ffa8c81 2007 xsprintf(log_level, "%d", log_get_max_level());
b1e90ec5
ZJS		 2008
2009 switch (log_get_target()) {
92ca4cac 2010
b1e90ec5
ZJS		 2011 case LOG_TARGET_KMSG:
2012 case LOG_TARGET_JOURNAL_OR_KMSG:
2013 case LOG_TARGET_SYSLOG_OR_KMSG:
2014 command_line[pos++] = "kmsg";
2015 break;
2016
10f00ff1
ILG		 2017 case LOG_TARGET_NULL:
2018 command_line[pos++] = "null";
2019 break;
2020
b1e90ec5
ZJS		 2021 case LOG_TARGET_CONSOLE:
2022 default:
2023 command_line[pos++] = "console";
2024 break;
2025 };
2026
2027 if (log_get_show_color())
2028 command_line[pos++] = "--log-color";
2029
2030 if (log_get_show_location())
2031 command_line[pos++] = "--log-location";
2032
287419c1
AC		 2033 if (streq(shutdown_verb, "exit")) {
2034 command_line[pos++] = "--exit-code";
2035 command_line[pos++] = exit_code;
97792515 2036 xsprintf(exit_code, "%d", retval);
287419c1
AC		 2037 }
2038
26abdc73 2039 assert(pos < ELEMENTSOF(command_line));
b1e90ec5 2040
e96d6be7 2041 if (arm_reboot_watchdog && arg_shutdown_watchdog > 0) {
e3e45d4f 2042 char *e;
d18f337c 2043
e96d6be7
LP		 2044 /* If we reboot let's set the shutdown
2045 * watchdog and tell the shutdown binary to
2046 * repeatedly ping it */
c2cc6b9a
LP		 2047 r = watchdog_set_timeout(&arg_shutdown_watchdog);
2048 watchdog_close(r < 0);
e96d6be7 2049
e3e45d4f
SP		 2050 /* Tell the binary how often to ping, ignore failure */
2051 if (asprintf(&e, "WATCHDOG_USEC="USEC_FMT, arg_shutdown_watchdog) > 0)
92ca4cac 2052 (void) strv_push(&env_block, e);
e3e45d4f 2053 } else
e96d6be7
LP		 2054 watchdog_close(true);
2055
66713f77
LP		 2056 /* Avoid the creation of new processes forked by the
2057 * kernel; at this point, we will not listen to the
2058 * signals anyway */
75f86906 2059 if (detect_container() <= 0)
e155a0aa 2060 (void) cg_uninstall_release_agent(SYSTEMD_CGROUP_CONTROLLER);
ad929bcc 2061
d18f337c 2062 execve(SYSTEMD_SHUTDOWN_BINARY_PATH, (char **) command_line, env_block);
56f64d95 2063 log_error_errno(errno, "Failed to execute shutdown binary, %s: %m",
b1e90ec5 2064 getpid() == 1 ? "freezing" : "quitting");
b9080b03
FF		 2065 }
2066
cb6531be
ZJS		 2067 if (getpid() == 1) {
2068 if (error_message)
2069 manager_status_printf(NULL, STATUS_TYPE_EMERGENCY,
1fc464f6 2070 ANSI_HIGHLIGHT_RED "!!!!!!" ANSI_NORMAL,
cb6531be 2071 "%s, freezing.", error_message);
b9e74c39 2072 freeze_or_reboot();
cb6531be 2073 }
c3b3c274 2074
60918275
LP		 2075 return retval;
2076}
Unnamed repository; edit this file 'description' to name the repository.