src/core/killall.c

   1 /***
   2   This file is part of systemd.
   3
   4   Copyright 2010 ProFUSION embedded systems
   5
   6   systemd is free software; you can redistribute it and/or modify it
   7   under the terms of the GNU Lesser General Public License as published by
   8   the Free Software Foundation; either version 2.1 of the License, or
   9   (at your option) any later version.
  10
  11   systemd is distributed in the hope that it will be useful, but
  12   WITHOUT ANY WARRANTY; without even the implied warranty of
  13   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  14   Lesser General Public License for more details.
  15
  16   You should have received a copy of the GNU Lesser General Public License
  17   along with systemd; If not, see <http://www.gnu.org/licenses/>.
  18 ***/
  19
  20 #include <errno.h>
  21 #include <signal.h>
  22 #include <sys/wait.h>
  23 #include <unistd.h>
  24
  25 #include "alloc-util.h"
  26 #include "def.h"
  27 #include "fd-util.h"
  28 #include "format-util.h"
  29 #include "killall.h"
  30 #include "parse-util.h"
  31 #include "process-util.h"
  32 #include "set.h"
  33 #include "string-util.h"
  34 #include "terminal-util.h"
  35 #include "util.h"
  36
  37 static bool ignore_proc(pid_t pid, bool warn_rootfs) {
  38         _cleanup_fclose_ FILE *f = NULL;
  39         char c;
  40         const char *p;
  41         size_t count;
  42         uid_t uid;
  43         int r;
  44
  45         /* We are PID 1, let's not commit suicide */
  46         if (pid == 1)
  47                 return true;
  48
  49         r = get_process_uid(pid, &uid);
  50         if (r < 0)
  51                 return true; /* not really, but better safe than sorry */
  52
  53         /* Non-root processes otherwise are always subject to be killed */
  54         if (uid != 0)
  55                 return false;
  56
  57         p = procfs_file_alloca(pid, "cmdline");
  58         f = fopen(p, "re");
  59         if (!f)
  60                 return true; /* not really, but has the desired effect */
  61
  62         count = fread(&c, 1, 1, f);
  63
  64         /* Kernel threads have an empty cmdline */
  65         if (count <= 0)
  66                 return true;
  67
  68         /* Processes with argv[0][0] = '@' we ignore from the killing
  69          * spree.
  70          *
  71          * http://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons */
  72         if (c == '@' && warn_rootfs) {
  73                 _cleanup_free_ char *comm = NULL;
  74
  75                 r = pid_from_same_root_fs(pid);
  76                 if (r < 0)
  77                         return true;
  78
  79                 get_process_comm(pid, &comm);
  80
  81                 if (r)
  82                         log_notice("Process " PID_FMT " (%s) has been marked to be excluded from killing. It is "
  83                                    "running from the root file system, and thus likely to block re-mounting of the "
  84                                    "root file system to read-only. Please consider moving it into an initrd file "
  85                                    "system instead.", pid, strna(comm));
  86                 return true;
  87         } else if (c == '@')
  88                 return true;
  89
  90         return false;
  91 }
  92
  93 static void wait_for_children(Set *pids, sigset_t *mask) {
  94         usec_t until;
  95
  96         assert(mask);
  97
  98         if (set_isempty(pids))
  99                 return;
 100
 101         until = now(CLOCK_MONOTONIC) + DEFAULT_TIMEOUT_USEC;
 102         for (;;) {
 103                 struct timespec ts;
 104                 int k;
 105                 usec_t n;
 106                 void *p;
 107                 Iterator i;
 108
 109                 /* First, let the kernel inform us about killed
 110                  * children. Most processes will probably be our
 111                  * children, but some are not (might be our
 112                  * grandchildren instead...). */
 113                 for (;;) {
 114                         pid_t pid;
 115
 116                         pid = waitpid(-1, NULL, WNOHANG);
 117                         if (pid == 0)
 118                                 break;
 119                         if (pid < 0) {
 120                                 if (errno == ECHILD)
 121                                         break;
 122
 123                                 log_error_errno(errno, "waitpid() failed: %m");
 124                                 return;
 125                         }
 126
 127                         (void) set_remove(pids, PID_TO_PTR(pid));
 128                 }
 129
 130                 /* Now explicitly check who might be remaining, who
 131                  * might not be our child. */
 132                 SET_FOREACH(p, pids, i) {
 133
 134                         /* We misuse getpgid as a check whether a
 135                          * process still exists. */
 136                         if (getpgid(PTR_TO_PID(p)) >= 0)
 137                                 continue;
 138
 139                         if (errno != ESRCH)
 140                                 continue;
 141
 142                         set_remove(pids, p);
 143                 }
 144
 145                 if (set_isempty(pids))
 146                         return;
 147
 148                 n = now(CLOCK_MONOTONIC);
 149                 if (n >= until)
 150                         return;
 151
 152                 timespec_store(&ts, until - n);
 153                 k = sigtimedwait(mask, NULL, &ts);
 154                 if (k != SIGCHLD) {
 155
 156                         if (k < 0 && errno != EAGAIN) {
 157                                 log_error_errno(errno, "sigtimedwait() failed: %m");
 158                                 return;
 159                         }
 160
 161                         if (k >= 0)
 162                                 log_warning("sigtimedwait() returned unexpected signal.");
 163                 }
 164         }
 165 }
 166
 167 static int killall(int sig, Set *pids, bool send_sighup) {
 168         _cleanup_closedir_ DIR *dir = NULL;
 169         struct dirent *d;
 170
 171         dir = opendir("/proc");
 172         if (!dir)
 173                 return -errno;
 174
 175         while ((d = readdir(dir))) {
 176                 pid_t pid;
 177                 int r;
 178
 179                 if (d->d_type != DT_DIR &&
 180                     d->d_type != DT_UNKNOWN)
 181                         continue;
 182
 183                 if (parse_pid(d->d_name, &pid) < 0)
 184                         continue;
 185
 186                 if (ignore_proc(pid, sig == SIGKILL && !in_initrd()))
 187                         continue;
 188
 189                 if (sig == SIGKILL) {
 190                         _cleanup_free_ char *s = NULL;
 191
 192                         get_process_comm(pid, &s);
 193                         log_notice("Sending SIGKILL to PID "PID_FMT" (%s).", pid, strna(s));
 194                 }
 195
 196                 if (kill(pid, sig) >= 0) {
 197                         if (pids) {
 198                                 r = set_put(pids, PID_TO_PTR(pid));
 199                                 if (r < 0)
 200                                         log_oom();
 201                         }
 202                 } else if (errno != ENOENT)
 203                         log_warning_errno(errno, "Could not kill %d: %m", pid);
 204
 205                 if (send_sighup) {
 206                         /* Optionally, also send a SIGHUP signal, but
 207                         only if the process has a controlling
 208                         tty. This is useful to allow handling of
 209                         shells which ignore SIGTERM but react to
 210                         SIGHUP. We do not send this to processes that
 211                         have no controlling TTY since we don't want to
 212                         trigger reloads of daemon processes. Also we
 213                         make sure to only send this after SIGTERM so
 214                         that SIGTERM is always first in the queue. */
 215
 216
 217                         if (get_ctty_devnr(pid, NULL) >= 0)
 218                                 kill(pid, SIGHUP);
 219                 }
 220         }
 221
 222         return set_size(pids);
 223 }
 224
 225 void broadcast_signal(int sig, bool wait_for_exit, bool send_sighup) {
 226         sigset_t mask, oldmask;
 227         _cleanup_set_free_ Set *pids = NULL;
 228
 229         if (wait_for_exit)
 230                 pids = set_new(NULL);
 231
 232         assert_se(sigemptyset(&mask) == 0);
 233         assert_se(sigaddset(&mask, SIGCHLD) == 0);
 234         assert_se(sigprocmask(SIG_BLOCK, &mask, &oldmask) == 0);
 235
 236         if (kill(-1, SIGSTOP) < 0 && errno != ESRCH)
 237                 log_warning_errno(errno, "kill(-1, SIGSTOP) failed: %m");
 238
 239         killall(sig, pids, send_sighup);
 240
 241         if (kill(-1, SIGCONT) < 0 && errno != ESRCH)
 242                 log_warning_errno(errno, "kill(-1, SIGCONT) failed: %m");
 243
 244         if (wait_for_exit)
 245                 wait_for_children(pids, &mask);
 246
 247         assert_se(sigprocmask(SIG_SETMASK, &oldmask, NULL) == 0);
 248 }