]> git.proxmox.com Git - systemd.git/blob - src/core/main.c
Enable seccomp support on powerpc, ppc64el, and s390x
[systemd.git] / src / core / main.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <errno.h>
23 #include <fcntl.h>
24 #include <getopt.h>
25 #include <signal.h>
26 #include <stdio.h>
27 #include <string.h>
28 #include <sys/mount.h>
29 #include <sys/prctl.h>
30 #include <sys/reboot.h>
31 #include <sys/stat.h>
32 #include <unistd.h>
33 #ifdef HAVE_SECCOMP
34 #include <seccomp.h>
35 #endif
36 #ifdef HAVE_VALGRIND_VALGRIND_H
37 #include <valgrind/valgrind.h>
38 #endif
39
40 #include "sd-bus.h"
41 #include "sd-daemon.h"
42
43 #include "alloc-util.h"
44 #include "architecture.h"
45 #include "build.h"
46 #include "bus-error.h"
47 #include "bus-util.h"
48 #include "capability-util.h"
49 #include "clock-util.h"
50 #include "conf-parser.h"
51 #include "cpu-set-util.h"
52 #include "dbus-manager.h"
53 #include "def.h"
54 #include "env-util.h"
55 #include "fd-util.h"
56 #include "fdset.h"
57 #include "fileio.h"
58 #include "formats-util.h"
59 #include "fs-util.h"
60 #include "hostname-setup.h"
61 #include "ima-setup.h"
62 #include "killall.h"
63 #include "kmod-setup.h"
64 #include "load-fragment.h"
65 #include "log.h"
66 #include "loopback-setup.h"
67 #include "machine-id-setup.h"
68 #include "manager.h"
69 #include "missing.h"
70 #include "mount-setup.h"
71 #include "pager.h"
72 #include "parse-util.h"
73 #include "proc-cmdline.h"
74 #include "process-util.h"
75 #include "rlimit-util.h"
76 #include "selinux-setup.h"
77 #include "selinux-util.h"
78 #include "signal-util.h"
79 #include "smack-setup.h"
80 #include "special.h"
81 #include "stat-util.h"
82 #include "stdio-util.h"
83 #include "strv.h"
84 #include "switch-root.h"
85 #include "terminal-util.h"
86 #include "user-util.h"
87 #include "virt.h"
88 #include "watchdog.h"
89
90 static enum {
91 ACTION_RUN,
92 ACTION_HELP,
93 ACTION_VERSION,
94 ACTION_TEST,
95 ACTION_DUMP_CONFIGURATION_ITEMS,
96 ACTION_DONE
97 } arg_action = ACTION_RUN;
98 static char *arg_default_unit = NULL;
99 static ManagerRunningAs arg_running_as = _MANAGER_RUNNING_AS_INVALID;
100 static bool arg_dump_core = true;
101 static int arg_crash_chvt = -1;
102 static bool arg_crash_shell = false;
103 static bool arg_crash_reboot = false;
104 static bool arg_confirm_spawn = false;
105 static ShowStatus arg_show_status = _SHOW_STATUS_UNSET;
106 static bool arg_switched_root = false;
107 static int arg_no_pager = -1;
108 static char ***arg_join_controllers = NULL;
109 static ExecOutput arg_default_std_output = EXEC_OUTPUT_JOURNAL;
110 static ExecOutput arg_default_std_error = EXEC_OUTPUT_INHERIT;
111 static usec_t arg_default_restart_usec = DEFAULT_RESTART_USEC;
112 static usec_t arg_default_timeout_start_usec = DEFAULT_TIMEOUT_USEC;
113 static usec_t arg_default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC;
114 static usec_t arg_default_start_limit_interval = DEFAULT_START_LIMIT_INTERVAL;
115 static unsigned arg_default_start_limit_burst = DEFAULT_START_LIMIT_BURST;
116 static usec_t arg_runtime_watchdog = 0;
117 static usec_t arg_shutdown_watchdog = 10 * USEC_PER_MINUTE;
118 static char **arg_default_environment = NULL;
119 static struct rlimit *arg_default_rlimit[_RLIMIT_MAX] = {};
120 static uint64_t arg_capability_bounding_set_drop = 0;
121 static nsec_t arg_timer_slack_nsec = NSEC_INFINITY;
122 static usec_t arg_default_timer_accuracy_usec = 1 * USEC_PER_MINUTE;
123 static Set* arg_syscall_archs = NULL;
124 static FILE* arg_serialization = NULL;
125 static bool arg_default_cpu_accounting = false;
126 static bool arg_default_blockio_accounting = false;
127 static bool arg_default_memory_accounting = false;
128 static bool arg_default_tasks_accounting = true;
129 static uint64_t arg_default_tasks_max = UINT64_C(512);
130
131 static void pager_open_if_enabled(void) {
132
133 if (arg_no_pager <= 0)
134 return;
135
136 pager_open(false);
137 }
138
139 noreturn static void freeze_or_reboot(void) {
140
141 if (arg_crash_reboot) {
142 log_notice("Rebooting in 10s...");
143 (void) sleep(10);
144
145 log_notice("Rebooting now...");
146 (void) reboot(RB_AUTOBOOT);
147 log_emergency_errno(errno, "Failed to reboot: %m");
148 }
149
150 log_emergency("Freezing execution.");
151 freeze();
152 }
153
154 noreturn static void crash(int sig) {
155 struct sigaction sa;
156 pid_t pid;
157
158 if (getpid() != 1)
159 /* Pass this on immediately, if this is not PID 1 */
160 (void) raise(sig);
161 else if (!arg_dump_core)
162 log_emergency("Caught <%s>, not dumping core.", signal_to_string(sig));
163 else {
164 sa = (struct sigaction) {
165 .sa_handler = nop_signal_handler,
166 .sa_flags = SA_NOCLDSTOP|SA_RESTART,
167 };
168
169 /* We want to wait for the core process, hence let's enable SIGCHLD */
170 (void) sigaction(SIGCHLD, &sa, NULL);
171
172 pid = raw_clone(SIGCHLD, NULL);
173 if (pid < 0)
174 log_emergency_errno(errno, "Caught <%s>, cannot fork for core dump: %m", signal_to_string(sig));
175 else if (pid == 0) {
176 struct rlimit rl = {
177 .rlim_cur = RLIM_INFINITY,
178 .rlim_max = RLIM_INFINITY,
179 };
180
181 /* Enable default signal handler for core dump */
182 sa = (struct sigaction) {
183 .sa_handler = SIG_DFL,
184 };
185 (void) sigaction(sig, &sa, NULL);
186
187 /* Don't limit the core dump size */
188 (void) setrlimit(RLIMIT_CORE, &rl);
189
190 /* Just to be sure... */
191 (void) chdir("/");
192
193 /* Raise the signal again */
194 pid = raw_getpid();
195 (void) kill(pid, sig); /* raise() would kill the parent */
196
197 assert_not_reached("We shouldn't be here...");
198 _exit(EXIT_FAILURE);
199 } else {
200 siginfo_t status;
201 int r;
202
203 /* Order things nicely. */
204 r = wait_for_terminate(pid, &status);
205 if (r < 0)
206 log_emergency_errno(r, "Caught <%s>, waitpid() failed: %m", signal_to_string(sig));
207 else if (status.si_code != CLD_DUMPED)
208 log_emergency("Caught <%s>, core dump failed (child "PID_FMT", code=%s, status=%i/%s).",
209 signal_to_string(sig),
210 pid, sigchld_code_to_string(status.si_code),
211 status.si_status,
212 strna(status.si_code == CLD_EXITED
213 ? exit_status_to_string(status.si_status, EXIT_STATUS_FULL)
214 : signal_to_string(status.si_status)));
215 else
216 log_emergency("Caught <%s>, dumped core as pid "PID_FMT".", signal_to_string(sig), pid);
217 }
218 }
219
220 if (arg_crash_chvt >= 0)
221 (void) chvt(arg_crash_chvt);
222
223 sa = (struct sigaction) {
224 .sa_handler = SIG_IGN,
225 .sa_flags = SA_NOCLDSTOP|SA_NOCLDWAIT|SA_RESTART,
226 };
227
228 /* Let the kernel reap children for us */
229 (void) sigaction(SIGCHLD, &sa, NULL);
230
231 if (arg_crash_shell) {
232 log_notice("Executing crash shell in 10s...");
233 (void) sleep(10);
234
235 pid = raw_clone(SIGCHLD, NULL);
236 if (pid < 0)
237 log_emergency_errno(errno, "Failed to fork off crash shell: %m");
238 else if (pid == 0) {
239 (void) setsid();
240 (void) make_console_stdio();
241 (void) execle("/bin/sh", "/bin/sh", NULL, environ);
242
243 log_emergency_errno(errno, "execle() failed: %m");
244 _exit(EXIT_FAILURE);
245 } else {
246 log_info("Spawned crash shell as PID "PID_FMT".", pid);
247 (void) wait_for_terminate(pid, NULL);
248 }
249 }
250
251 freeze_or_reboot();
252 }
253
254 static void install_crash_handler(void) {
255 static const struct sigaction sa = {
256 .sa_handler = crash,
257 .sa_flags = SA_NODEFER, /* So that we can raise the signal again from the signal handler */
258 };
259 int r;
260
261 /* We ignore the return value here, since, we don't mind if we
262 * cannot set up a crash handler */
263 r = sigaction_many(&sa, SIGNALS_CRASH_HANDLER, -1);
264 if (r < 0)
265 log_debug_errno(r, "I had trouble setting up the crash handler, ignoring: %m");
266 }
267
268 static int console_setup(void) {
269 _cleanup_close_ int tty_fd = -1;
270 int r;
271
272 tty_fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
273 if (tty_fd < 0)
274 return log_error_errno(tty_fd, "Failed to open /dev/console: %m");
275
276 /* We don't want to force text mode. plymouth may be showing
277 * pictures already from initrd. */
278 r = reset_terminal_fd(tty_fd, false);
279 if (r < 0)
280 return log_error_errno(r, "Failed to reset /dev/console: %m");
281
282 return 0;
283 }
284
285 static int parse_crash_chvt(const char *value) {
286 int b;
287
288 if (safe_atoi(value, &arg_crash_chvt) >= 0)
289 return 0;
290
291 b = parse_boolean(value);
292 if (b < 0)
293 return b;
294
295 if (b > 0)
296 arg_crash_chvt = 0; /* switch to where kmsg goes */
297 else
298 arg_crash_chvt = -1; /* turn off switching */
299
300 return 0;
301 }
302
303 static int parse_proc_cmdline_item(const char *key, const char *value) {
304
305 int r;
306
307 assert(key);
308
309 if (streq(key, "systemd.unit") && value) {
310
311 if (!in_initrd())
312 return free_and_strdup(&arg_default_unit, value);
313
314 } else if (streq(key, "rd.systemd.unit") && value) {
315
316 if (in_initrd())
317 return free_and_strdup(&arg_default_unit, value);
318
319 } else if (streq(key, "systemd.dump_core") && value) {
320
321 r = parse_boolean(value);
322 if (r < 0)
323 log_warning("Failed to parse dump core switch %s. Ignoring.", value);
324 else
325 arg_dump_core = r;
326
327 } else if (streq(key, "systemd.crash_chvt") && value) {
328
329 if (parse_crash_chvt(value) < 0)
330 log_warning("Failed to parse crash chvt switch %s. Ignoring.", value);
331
332 } else if (streq(key, "systemd.crash_shell") && value) {
333
334 r = parse_boolean(value);
335 if (r < 0)
336 log_warning("Failed to parse crash shell switch %s. Ignoring.", value);
337 else
338 arg_crash_shell = r;
339
340 } else if (streq(key, "systemd.crash_reboot") && value) {
341
342 r = parse_boolean(value);
343 if (r < 0)
344 log_warning("Failed to parse crash reboot switch %s. Ignoring.", value);
345 else
346 arg_crash_reboot = r;
347
348 } else if (streq(key, "systemd.confirm_spawn") && value) {
349
350 r = parse_boolean(value);
351 if (r < 0)
352 log_warning("Failed to parse confirm spawn switch %s. Ignoring.", value);
353 else
354 arg_confirm_spawn = r;
355
356 } else if (streq(key, "systemd.show_status") && value) {
357
358 r = parse_show_status(value, &arg_show_status);
359 if (r < 0)
360 log_warning("Failed to parse show status switch %s. Ignoring.", value);
361
362 } else if (streq(key, "systemd.default_standard_output") && value) {
363
364 r = exec_output_from_string(value);
365 if (r < 0)
366 log_warning("Failed to parse default standard output switch %s. Ignoring.", value);
367 else
368 arg_default_std_output = r;
369
370 } else if (streq(key, "systemd.default_standard_error") && value) {
371
372 r = exec_output_from_string(value);
373 if (r < 0)
374 log_warning("Failed to parse default standard error switch %s. Ignoring.", value);
375 else
376 arg_default_std_error = r;
377
378 } else if (streq(key, "systemd.setenv") && value) {
379
380 if (env_assignment_is_valid(value)) {
381 char **env;
382
383 env = strv_env_set(arg_default_environment, value);
384 if (env)
385 arg_default_environment = env;
386 else
387 log_warning_errno(ENOMEM, "Setting environment variable '%s' failed, ignoring: %m", value);
388 } else
389 log_warning("Environment variable name '%s' is not valid. Ignoring.", value);
390
391 } else if (streq(key, "quiet") && !value) {
392
393 if (arg_show_status == _SHOW_STATUS_UNSET)
394 arg_show_status = SHOW_STATUS_AUTO;
395
396 } else if (streq(key, "debug") && !value) {
397
398 /* Note that log_parse_environment() handles 'debug'
399 * too, and sets the log level to LOG_DEBUG. */
400
401 if (detect_container() > 0)
402 log_set_target(LOG_TARGET_CONSOLE);
403
404 } else if (!in_initrd() && !value) {
405 const char *target;
406
407 /* SysV compatibility */
408 target = runlevel_to_target(key);
409 if (target)
410 return free_and_strdup(&arg_default_unit, target);
411 }
412
413 return 0;
414 }
415
416 #define DEFINE_SETTER(name, func, descr) \
417 static int name(const char *unit, \
418 const char *filename, \
419 unsigned line, \
420 const char *section, \
421 unsigned section_line, \
422 const char *lvalue, \
423 int ltype, \
424 const char *rvalue, \
425 void *data, \
426 void *userdata) { \
427 \
428 int r; \
429 \
430 assert(filename); \
431 assert(lvalue); \
432 assert(rvalue); \
433 \
434 r = func(rvalue); \
435 if (r < 0) \
436 log_syntax(unit, LOG_ERR, filename, line, r, \
437 "Invalid " descr "'%s': %m", \
438 rvalue); \
439 \
440 return 0; \
441 }
442
443 DEFINE_SETTER(config_parse_level2, log_set_max_level_from_string, "log level")
444 DEFINE_SETTER(config_parse_target, log_set_target_from_string, "target")
445 DEFINE_SETTER(config_parse_color, log_show_color_from_string, "color" )
446 DEFINE_SETTER(config_parse_location, log_show_location_from_string, "location")
447
448 static int config_parse_cpu_affinity2(
449 const char *unit,
450 const char *filename,
451 unsigned line,
452 const char *section,
453 unsigned section_line,
454 const char *lvalue,
455 int ltype,
456 const char *rvalue,
457 void *data,
458 void *userdata) {
459
460 _cleanup_cpu_free_ cpu_set_t *c = NULL;
461 int ncpus;
462
463 ncpus = parse_cpu_set_and_warn(rvalue, &c, unit, filename, line, lvalue);
464 if (ncpus < 0)
465 return ncpus;
466
467 if (sched_setaffinity(0, CPU_ALLOC_SIZE(ncpus), c) < 0)
468 log_warning("Failed to set CPU affinity: %m");
469
470 return 0;
471 }
472
473 static int config_parse_show_status(
474 const char* unit,
475 const char *filename,
476 unsigned line,
477 const char *section,
478 unsigned section_line,
479 const char *lvalue,
480 int ltype,
481 const char *rvalue,
482 void *data,
483 void *userdata) {
484
485 int k;
486 ShowStatus *b = data;
487
488 assert(filename);
489 assert(lvalue);
490 assert(rvalue);
491 assert(data);
492
493 k = parse_show_status(rvalue, b);
494 if (k < 0) {
495 log_syntax(unit, LOG_ERR, filename, line, k, "Failed to parse show status setting, ignoring: %s", rvalue);
496 return 0;
497 }
498
499 return 0;
500 }
501
502 static int config_parse_crash_chvt(
503 const char* unit,
504 const char *filename,
505 unsigned line,
506 const char *section,
507 unsigned section_line,
508 const char *lvalue,
509 int ltype,
510 const char *rvalue,
511 void *data,
512 void *userdata) {
513
514 int r;
515
516 assert(filename);
517 assert(lvalue);
518 assert(rvalue);
519
520 r = parse_crash_chvt(rvalue);
521 if (r < 0) {
522 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CrashChangeVT= setting, ignoring: %s", rvalue);
523 return 0;
524 }
525
526 return 0;
527 }
528
529 static int config_parse_join_controllers(const char *unit,
530 const char *filename,
531 unsigned line,
532 const char *section,
533 unsigned section_line,
534 const char *lvalue,
535 int ltype,
536 const char *rvalue,
537 void *data,
538 void *userdata) {
539
540 const char *whole_rvalue = rvalue;
541 unsigned n = 0;
542
543 assert(filename);
544 assert(lvalue);
545 assert(rvalue);
546
547 arg_join_controllers = strv_free_free(arg_join_controllers);
548
549 for (;;) {
550 _cleanup_free_ char *word = NULL;
551 char **l;
552 int r;
553
554 r = extract_first_word(&rvalue, &word, WHITESPACE, EXTRACT_QUOTES);
555 if (r < 0) {
556 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid value for %s: %s", lvalue, whole_rvalue);
557 return r;
558 }
559 if (r == 0)
560 break;
561
562 l = strv_split(word, ",");
563 if (!l)
564 return log_oom();
565 strv_uniq(l);
566
567 if (strv_length(l) <= 1) {
568 strv_free(l);
569 continue;
570 }
571
572 if (!arg_join_controllers) {
573 arg_join_controllers = new(char**, 2);
574 if (!arg_join_controllers) {
575 strv_free(l);
576 return log_oom();
577 }
578
579 arg_join_controllers[0] = l;
580 arg_join_controllers[1] = NULL;
581
582 n = 1;
583 } else {
584 char ***a;
585 char ***t;
586
587 t = new0(char**, n+2);
588 if (!t) {
589 strv_free(l);
590 return log_oom();
591 }
592
593 n = 0;
594
595 for (a = arg_join_controllers; *a; a++) {
596
597 if (strv_overlap(*a, l)) {
598 if (strv_extend_strv(&l, *a, false) < 0) {
599 strv_free(l);
600 strv_free_free(t);
601 return log_oom();
602 }
603
604 } else {
605 char **c;
606
607 c = strv_copy(*a);
608 if (!c) {
609 strv_free(l);
610 strv_free_free(t);
611 return log_oom();
612 }
613
614 t[n++] = c;
615 }
616 }
617
618 t[n++] = strv_uniq(l);
619
620 strv_free_free(arg_join_controllers);
621 arg_join_controllers = t;
622 }
623 }
624 if (!isempty(rvalue))
625 log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
626
627 return 0;
628 }
629
630 static int parse_config_file(void) {
631
632 const ConfigTableItem items[] = {
633 { "Manager", "LogLevel", config_parse_level2, 0, NULL },
634 { "Manager", "LogTarget", config_parse_target, 0, NULL },
635 { "Manager", "LogColor", config_parse_color, 0, NULL },
636 { "Manager", "LogLocation", config_parse_location, 0, NULL },
637 { "Manager", "DumpCore", config_parse_bool, 0, &arg_dump_core },
638 { "Manager", "CrashChVT", /* legacy */ config_parse_crash_chvt, 0, NULL },
639 { "Manager", "CrashChangeVT", config_parse_crash_chvt, 0, NULL },
640 { "Manager", "CrashShell", config_parse_bool, 0, &arg_crash_shell },
641 { "Manager", "CrashReboot", config_parse_bool, 0, &arg_crash_reboot },
642 { "Manager", "ShowStatus", config_parse_show_status, 0, &arg_show_status },
643 { "Manager", "CPUAffinity", config_parse_cpu_affinity2, 0, NULL },
644 { "Manager", "JoinControllers", config_parse_join_controllers, 0, &arg_join_controllers },
645 { "Manager", "RuntimeWatchdogSec", config_parse_sec, 0, &arg_runtime_watchdog },
646 { "Manager", "ShutdownWatchdogSec", config_parse_sec, 0, &arg_shutdown_watchdog },
647 { "Manager", "CapabilityBoundingSet", config_parse_bounding_set, 0, &arg_capability_bounding_set_drop },
648 #ifdef HAVE_SECCOMP
649 { "Manager", "SystemCallArchitectures", config_parse_syscall_archs, 0, &arg_syscall_archs },
650 #endif
651 { "Manager", "TimerSlackNSec", config_parse_nsec, 0, &arg_timer_slack_nsec },
652 { "Manager", "DefaultTimerAccuracySec", config_parse_sec, 0, &arg_default_timer_accuracy_usec },
653 { "Manager", "DefaultStandardOutput", config_parse_output, 0, &arg_default_std_output },
654 { "Manager", "DefaultStandardError", config_parse_output, 0, &arg_default_std_error },
655 { "Manager", "DefaultTimeoutStartSec", config_parse_sec, 0, &arg_default_timeout_start_usec },
656 { "Manager", "DefaultTimeoutStopSec", config_parse_sec, 0, &arg_default_timeout_stop_usec },
657 { "Manager", "DefaultRestartSec", config_parse_sec, 0, &arg_default_restart_usec },
658 { "Manager", "DefaultStartLimitInterval", config_parse_sec, 0, &arg_default_start_limit_interval },
659 { "Manager", "DefaultStartLimitBurst", config_parse_unsigned, 0, &arg_default_start_limit_burst },
660 { "Manager", "DefaultEnvironment", config_parse_environ, 0, &arg_default_environment },
661 { "Manager", "DefaultLimitCPU", config_parse_sec_limit, 0, &arg_default_rlimit[RLIMIT_CPU] },
662 { "Manager", "DefaultLimitFSIZE", config_parse_bytes_limit, 0, &arg_default_rlimit[RLIMIT_FSIZE] },
663 { "Manager", "DefaultLimitDATA", config_parse_bytes_limit, 0, &arg_default_rlimit[RLIMIT_DATA] },
664 { "Manager", "DefaultLimitSTACK", config_parse_bytes_limit, 0, &arg_default_rlimit[RLIMIT_STACK] },
665 { "Manager", "DefaultLimitCORE", config_parse_bytes_limit, 0, &arg_default_rlimit[RLIMIT_CORE] },
666 { "Manager", "DefaultLimitRSS", config_parse_bytes_limit, 0, &arg_default_rlimit[RLIMIT_RSS] },
667 { "Manager", "DefaultLimitNOFILE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NOFILE] },
668 { "Manager", "DefaultLimitAS", config_parse_bytes_limit, 0, &arg_default_rlimit[RLIMIT_AS] },
669 { "Manager", "DefaultLimitNPROC", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NPROC] },
670 { "Manager", "DefaultLimitMEMLOCK", config_parse_bytes_limit, 0, &arg_default_rlimit[RLIMIT_MEMLOCK] },
671 { "Manager", "DefaultLimitLOCKS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_LOCKS] },
672 { "Manager", "DefaultLimitSIGPENDING", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_SIGPENDING] },
673 { "Manager", "DefaultLimitMSGQUEUE", config_parse_bytes_limit, 0, &arg_default_rlimit[RLIMIT_MSGQUEUE] },
674 { "Manager", "DefaultLimitNICE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NICE] },
675 { "Manager", "DefaultLimitRTPRIO", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTPRIO] },
676 { "Manager", "DefaultLimitRTTIME", config_parse_usec_limit, 0, &arg_default_rlimit[RLIMIT_RTTIME] },
677 { "Manager", "DefaultCPUAccounting", config_parse_bool, 0, &arg_default_cpu_accounting },
678 { "Manager", "DefaultBlockIOAccounting", config_parse_bool, 0, &arg_default_blockio_accounting },
679 { "Manager", "DefaultMemoryAccounting", config_parse_bool, 0, &arg_default_memory_accounting },
680 { "Manager", "DefaultTasksAccounting", config_parse_bool, 0, &arg_default_tasks_accounting },
681 { "Manager", "DefaultTasksMax", config_parse_tasks_max, 0, &arg_default_tasks_max },
682 {}
683 };
684
685 const char *fn, *conf_dirs_nulstr;
686
687 fn = arg_running_as == MANAGER_SYSTEM ?
688 PKGSYSCONFDIR "/system.conf" :
689 PKGSYSCONFDIR "/user.conf";
690
691 conf_dirs_nulstr = arg_running_as == MANAGER_SYSTEM ?
692 CONF_PATHS_NULSTR("systemd/system.conf.d") :
693 CONF_PATHS_NULSTR("systemd/user.conf.d");
694
695 config_parse_many(fn, conf_dirs_nulstr, "Manager\0",
696 config_item_table_lookup, items, false, NULL);
697
698 return 0;
699 }
700
701 static void manager_set_defaults(Manager *m) {
702
703 assert(m);
704
705 m->default_timer_accuracy_usec = arg_default_timer_accuracy_usec;
706 m->default_std_output = arg_default_std_output;
707 m->default_std_error = arg_default_std_error;
708 m->default_timeout_start_usec = arg_default_timeout_start_usec;
709 m->default_timeout_stop_usec = arg_default_timeout_stop_usec;
710 m->default_restart_usec = arg_default_restart_usec;
711 m->default_start_limit_interval = arg_default_start_limit_interval;
712 m->default_start_limit_burst = arg_default_start_limit_burst;
713 m->default_cpu_accounting = arg_default_cpu_accounting;
714 m->default_blockio_accounting = arg_default_blockio_accounting;
715 m->default_memory_accounting = arg_default_memory_accounting;
716 m->default_tasks_accounting = arg_default_tasks_accounting;
717 m->default_tasks_max = arg_default_tasks_max;
718
719 manager_set_default_rlimits(m, arg_default_rlimit);
720 manager_environment_add(m, NULL, arg_default_environment);
721 }
722
723 static int parse_argv(int argc, char *argv[]) {
724
725 enum {
726 ARG_LOG_LEVEL = 0x100,
727 ARG_LOG_TARGET,
728 ARG_LOG_COLOR,
729 ARG_LOG_LOCATION,
730 ARG_UNIT,
731 ARG_SYSTEM,
732 ARG_USER,
733 ARG_TEST,
734 ARG_NO_PAGER,
735 ARG_VERSION,
736 ARG_DUMP_CONFIGURATION_ITEMS,
737 ARG_DUMP_CORE,
738 ARG_CRASH_CHVT,
739 ARG_CRASH_SHELL,
740 ARG_CRASH_REBOOT,
741 ARG_CONFIRM_SPAWN,
742 ARG_SHOW_STATUS,
743 ARG_DESERIALIZE,
744 ARG_SWITCHED_ROOT,
745 ARG_DEFAULT_STD_OUTPUT,
746 ARG_DEFAULT_STD_ERROR
747 };
748
749 static const struct option options[] = {
750 { "log-level", required_argument, NULL, ARG_LOG_LEVEL },
751 { "log-target", required_argument, NULL, ARG_LOG_TARGET },
752 { "log-color", optional_argument, NULL, ARG_LOG_COLOR },
753 { "log-location", optional_argument, NULL, ARG_LOG_LOCATION },
754 { "unit", required_argument, NULL, ARG_UNIT },
755 { "system", no_argument, NULL, ARG_SYSTEM },
756 { "user", no_argument, NULL, ARG_USER },
757 { "test", no_argument, NULL, ARG_TEST },
758 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
759 { "help", no_argument, NULL, 'h' },
760 { "version", no_argument, NULL, ARG_VERSION },
761 { "dump-configuration-items", no_argument, NULL, ARG_DUMP_CONFIGURATION_ITEMS },
762 { "dump-core", optional_argument, NULL, ARG_DUMP_CORE },
763 { "crash-chvt", required_argument, NULL, ARG_CRASH_CHVT },
764 { "crash-shell", optional_argument, NULL, ARG_CRASH_SHELL },
765 { "crash-reboot", optional_argument, NULL, ARG_CRASH_REBOOT },
766 { "confirm-spawn", optional_argument, NULL, ARG_CONFIRM_SPAWN },
767 { "show-status", optional_argument, NULL, ARG_SHOW_STATUS },
768 { "deserialize", required_argument, NULL, ARG_DESERIALIZE },
769 { "switched-root", no_argument, NULL, ARG_SWITCHED_ROOT },
770 { "default-standard-output", required_argument, NULL, ARG_DEFAULT_STD_OUTPUT, },
771 { "default-standard-error", required_argument, NULL, ARG_DEFAULT_STD_ERROR, },
772 {}
773 };
774
775 int c, r;
776
777 assert(argc >= 1);
778 assert(argv);
779
780 if (getpid() == 1)
781 opterr = 0;
782
783 while ((c = getopt_long(argc, argv, "hDbsz:", options, NULL)) >= 0)
784
785 switch (c) {
786
787 case ARG_LOG_LEVEL:
788 r = log_set_max_level_from_string(optarg);
789 if (r < 0) {
790 log_error("Failed to parse log level %s.", optarg);
791 return r;
792 }
793
794 break;
795
796 case ARG_LOG_TARGET:
797 r = log_set_target_from_string(optarg);
798 if (r < 0) {
799 log_error("Failed to parse log target %s.", optarg);
800 return r;
801 }
802
803 break;
804
805 case ARG_LOG_COLOR:
806
807 if (optarg) {
808 r = log_show_color_from_string(optarg);
809 if (r < 0) {
810 log_error("Failed to parse log color setting %s.", optarg);
811 return r;
812 }
813 } else
814 log_show_color(true);
815
816 break;
817
818 case ARG_LOG_LOCATION:
819 if (optarg) {
820 r = log_show_location_from_string(optarg);
821 if (r < 0) {
822 log_error("Failed to parse log location setting %s.", optarg);
823 return r;
824 }
825 } else
826 log_show_location(true);
827
828 break;
829
830 case ARG_DEFAULT_STD_OUTPUT:
831 r = exec_output_from_string(optarg);
832 if (r < 0) {
833 log_error("Failed to parse default standard output setting %s.", optarg);
834 return r;
835 } else
836 arg_default_std_output = r;
837 break;
838
839 case ARG_DEFAULT_STD_ERROR:
840 r = exec_output_from_string(optarg);
841 if (r < 0) {
842 log_error("Failed to parse default standard error output setting %s.", optarg);
843 return r;
844 } else
845 arg_default_std_error = r;
846 break;
847
848 case ARG_UNIT:
849
850 r = free_and_strdup(&arg_default_unit, optarg);
851 if (r < 0)
852 return log_error_errno(r, "Failed to set default unit %s: %m", optarg);
853
854 break;
855
856 case ARG_SYSTEM:
857 arg_running_as = MANAGER_SYSTEM;
858 break;
859
860 case ARG_USER:
861 arg_running_as = MANAGER_USER;
862 break;
863
864 case ARG_TEST:
865 arg_action = ACTION_TEST;
866 if (arg_no_pager < 0)
867 arg_no_pager = true;
868 break;
869
870 case ARG_NO_PAGER:
871 arg_no_pager = true;
872 break;
873
874 case ARG_VERSION:
875 arg_action = ACTION_VERSION;
876 break;
877
878 case ARG_DUMP_CONFIGURATION_ITEMS:
879 arg_action = ACTION_DUMP_CONFIGURATION_ITEMS;
880 break;
881
882 case ARG_DUMP_CORE:
883 if (!optarg)
884 arg_dump_core = true;
885 else {
886 r = parse_boolean(optarg);
887 if (r < 0)
888 return log_error_errno(r, "Failed to parse dump core boolean: %s", optarg);
889 arg_dump_core = r;
890 }
891 break;
892
893 case ARG_CRASH_CHVT:
894 r = parse_crash_chvt(optarg);
895 if (r < 0)
896 return log_error_errno(r, "Failed to parse crash virtual terminal index: %s", optarg);
897 break;
898
899 case ARG_CRASH_SHELL:
900 if (!optarg)
901 arg_crash_shell = true;
902 else {
903 r = parse_boolean(optarg);
904 if (r < 0)
905 return log_error_errno(r, "Failed to parse crash shell boolean: %s", optarg);
906 arg_crash_shell = r;
907 }
908 break;
909
910 case ARG_CRASH_REBOOT:
911 if (!optarg)
912 arg_crash_reboot = true;
913 else {
914 r = parse_boolean(optarg);
915 if (r < 0)
916 return log_error_errno(r, "Failed to parse crash shell boolean: %s", optarg);
917 arg_crash_reboot = r;
918 }
919 break;
920
921 case ARG_CONFIRM_SPAWN:
922 r = optarg ? parse_boolean(optarg) : 1;
923 if (r < 0) {
924 log_error("Failed to parse confirm spawn boolean %s.", optarg);
925 return r;
926 }
927 arg_confirm_spawn = r;
928 break;
929
930 case ARG_SHOW_STATUS:
931 if (optarg) {
932 r = parse_show_status(optarg, &arg_show_status);
933 if (r < 0) {
934 log_error("Failed to parse show status boolean %s.", optarg);
935 return r;
936 }
937 } else
938 arg_show_status = SHOW_STATUS_YES;
939 break;
940
941 case ARG_DESERIALIZE: {
942 int fd;
943 FILE *f;
944
945 r = safe_atoi(optarg, &fd);
946 if (r < 0 || fd < 0) {
947 log_error("Failed to parse deserialize option %s.", optarg);
948 return -EINVAL;
949 }
950
951 (void) fd_cloexec(fd, true);
952
953 f = fdopen(fd, "r");
954 if (!f)
955 return log_error_errno(errno, "Failed to open serialization fd: %m");
956
957 safe_fclose(arg_serialization);
958 arg_serialization = f;
959
960 break;
961 }
962
963 case ARG_SWITCHED_ROOT:
964 arg_switched_root = true;
965 break;
966
967 case 'h':
968 arg_action = ACTION_HELP;
969 if (arg_no_pager < 0)
970 arg_no_pager = true;
971 break;
972
973 case 'D':
974 log_set_max_level(LOG_DEBUG);
975 break;
976
977 case 'b':
978 case 's':
979 case 'z':
980 /* Just to eat away the sysvinit kernel
981 * cmdline args without getopt() error
982 * messages that we'll parse in
983 * parse_proc_cmdline_word() or ignore. */
984
985 case '?':
986 if (getpid() != 1)
987 return -EINVAL;
988 else
989 return 0;
990
991 default:
992 assert_not_reached("Unhandled option code.");
993 }
994
995 if (optind < argc && getpid() != 1) {
996 /* Hmm, when we aren't run as init system
997 * let's complain about excess arguments */
998
999 log_error("Excess arguments.");
1000 return -EINVAL;
1001 }
1002
1003 return 0;
1004 }
1005
1006 static int help(void) {
1007
1008 printf("%s [OPTIONS...]\n\n"
1009 "Starts up and maintains the system or user services.\n\n"
1010 " -h --help Show this help\n"
1011 " --test Determine startup sequence, dump it and exit\n"
1012 " --no-pager Do not pipe output into a pager\n"
1013 " --dump-configuration-items Dump understood unit configuration items\n"
1014 " --unit=UNIT Set default unit\n"
1015 " --system Run a system instance, even if PID != 1\n"
1016 " --user Run a user instance\n"
1017 " --dump-core[=BOOL] Dump core on crash\n"
1018 " --crash-vt=NR Change to specified VT on crash\n"
1019 " --crash-reboot[=BOOL] Reboot on crash\n"
1020 " --crash-shell[=BOOL] Run shell on crash\n"
1021 " --confirm-spawn[=BOOL] Ask for confirmation when spawning processes\n"
1022 " --show-status[=BOOL] Show status updates on the console during bootup\n"
1023 " --log-target=TARGET Set log target (console, journal, kmsg, journal-or-kmsg, null)\n"
1024 " --log-level=LEVEL Set log level (debug, info, notice, warning, err, crit, alert, emerg)\n"
1025 " --log-color[=BOOL] Highlight important log messages\n"
1026 " --log-location[=BOOL] Include code location in log messages\n"
1027 " --default-standard-output= Set default standard output for services\n"
1028 " --default-standard-error= Set default standard error output for services\n",
1029 program_invocation_short_name);
1030
1031 return 0;
1032 }
1033
1034 static int prepare_reexecute(Manager *m, FILE **_f, FDSet **_fds, bool switching_root) {
1035 _cleanup_fdset_free_ FDSet *fds = NULL;
1036 _cleanup_fclose_ FILE *f = NULL;
1037 int r;
1038
1039 assert(m);
1040 assert(_f);
1041 assert(_fds);
1042
1043 r = manager_open_serialization(m, &f);
1044 if (r < 0)
1045 return log_error_errno(r, "Failed to create serialization file: %m");
1046
1047 /* Make sure nothing is really destructed when we shut down */
1048 m->n_reloading ++;
1049 bus_manager_send_reloading(m, true);
1050
1051 fds = fdset_new();
1052 if (!fds)
1053 return log_oom();
1054
1055 r = manager_serialize(m, f, fds, switching_root);
1056 if (r < 0)
1057 return log_error_errno(r, "Failed to serialize state: %m");
1058
1059 if (fseeko(f, 0, SEEK_SET) == (off_t) -1)
1060 return log_error_errno(errno, "Failed to rewind serialization fd: %m");
1061
1062 r = fd_cloexec(fileno(f), false);
1063 if (r < 0)
1064 return log_error_errno(r, "Failed to disable O_CLOEXEC for serialization: %m");
1065
1066 r = fdset_cloexec(fds, false);
1067 if (r < 0)
1068 return log_error_errno(r, "Failed to disable O_CLOEXEC for serialization fds: %m");
1069
1070 *_f = f;
1071 *_fds = fds;
1072
1073 f = NULL;
1074 fds = NULL;
1075
1076 return 0;
1077 }
1078
1079 static int bump_rlimit_nofile(struct rlimit *saved_rlimit) {
1080 struct rlimit nl;
1081 int r;
1082
1083 assert(saved_rlimit);
1084
1085 /* Save the original RLIMIT_NOFILE so that we can reset it
1086 * later when transitioning from the initrd to the main
1087 * systemd or suchlike. */
1088 if (getrlimit(RLIMIT_NOFILE, saved_rlimit) < 0)
1089 return log_error_errno(errno, "Reading RLIMIT_NOFILE failed: %m");
1090
1091 /* Make sure forked processes get the default kernel setting */
1092 if (!arg_default_rlimit[RLIMIT_NOFILE]) {
1093 struct rlimit *rl;
1094
1095 rl = newdup(struct rlimit, saved_rlimit, 1);
1096 if (!rl)
1097 return log_oom();
1098
1099 arg_default_rlimit[RLIMIT_NOFILE] = rl;
1100 }
1101
1102 /* Bump up the resource limit for ourselves substantially */
1103 nl.rlim_cur = nl.rlim_max = 64*1024;
1104 r = setrlimit_closest(RLIMIT_NOFILE, &nl);
1105 if (r < 0)
1106 return log_error_errno(r, "Setting RLIMIT_NOFILE failed: %m");
1107
1108 return 0;
1109 }
1110
1111 static void test_usr(void) {
1112
1113 /* Check that /usr is not a separate fs */
1114
1115 if (dir_is_empty("/usr") <= 0)
1116 return;
1117
1118 log_warning("/usr appears to be on its own filesystem and is not already mounted. This is not a supported setup. "
1119 "Some things will probably break (sometimes even silently) in mysterious ways. "
1120 "Consult http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken for more information.");
1121 }
1122
1123 static int initialize_join_controllers(void) {
1124 /* By default, mount "cpu" + "cpuacct" together, and "net_cls"
1125 * + "net_prio". We'd like to add "cpuset" to the mix, but
1126 * "cpuset" doesn't really work for groups with no initialized
1127 * attributes. */
1128
1129 arg_join_controllers = new(char**, 3);
1130 if (!arg_join_controllers)
1131 return -ENOMEM;
1132
1133 arg_join_controllers[0] = strv_new("cpu", "cpuacct", NULL);
1134 if (!arg_join_controllers[0])
1135 goto oom;
1136
1137 arg_join_controllers[1] = strv_new("net_cls", "net_prio", NULL);
1138 if (!arg_join_controllers[1])
1139 goto oom;
1140
1141 arg_join_controllers[2] = NULL;
1142 return 0;
1143
1144 oom:
1145 arg_join_controllers = strv_free_free(arg_join_controllers);
1146 return -ENOMEM;
1147 }
1148
1149 static int enforce_syscall_archs(Set *archs) {
1150 #ifdef HAVE_SECCOMP
1151 scmp_filter_ctx *seccomp;
1152 Iterator i;
1153 void *id;
1154 int r;
1155
1156 seccomp = seccomp_init(SCMP_ACT_ALLOW);
1157 if (!seccomp)
1158 return log_oom();
1159
1160 SET_FOREACH(id, arg_syscall_archs, i) {
1161 r = seccomp_arch_add(seccomp, PTR_TO_UINT32(id) - 1);
1162 if (r == -EEXIST)
1163 continue;
1164 if (r < 0) {
1165 log_error_errno(r, "Failed to add architecture to seccomp: %m");
1166 goto finish;
1167 }
1168 }
1169
1170 r = seccomp_attr_set(seccomp, SCMP_FLTATR_CTL_NNP, 0);
1171 if (r < 0) {
1172 log_error_errno(r, "Failed to unset NO_NEW_PRIVS: %m");
1173 goto finish;
1174 }
1175
1176 r = seccomp_load(seccomp);
1177 if (r < 0)
1178 log_error_errno(r, "Failed to add install architecture seccomp: %m");
1179
1180 finish:
1181 seccomp_release(seccomp);
1182 return r;
1183 #else
1184 return 0;
1185 #endif
1186 }
1187
1188 static int status_welcome(void) {
1189 _cleanup_free_ char *pretty_name = NULL, *ansi_color = NULL;
1190 int r;
1191
1192 r = parse_env_file("/etc/os-release", NEWLINE,
1193 "PRETTY_NAME", &pretty_name,
1194 "ANSI_COLOR", &ansi_color,
1195 NULL);
1196 if (r == -ENOENT)
1197 r = parse_env_file("/usr/lib/os-release", NEWLINE,
1198 "PRETTY_NAME", &pretty_name,
1199 "ANSI_COLOR", &ansi_color,
1200 NULL);
1201
1202 if (r < 0 && r != -ENOENT)
1203 log_warning_errno(r, "Failed to read os-release file: %m");
1204
1205 return status_printf(NULL, false, false,
1206 "\nWelcome to \x1B[%sm%s\x1B[0m!\n",
1207 isempty(ansi_color) ? "1" : ansi_color,
1208 isempty(pretty_name) ? "Linux" : pretty_name);
1209 }
1210
1211 static int write_container_id(void) {
1212 const char *c;
1213 int r;
1214
1215 c = getenv("container");
1216 if (isempty(c))
1217 return 0;
1218
1219 r = write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE);
1220 if (r < 0)
1221 return log_warning_errno(r, "Failed to write /run/systemd/container, ignoring: %m");
1222
1223 return 1;
1224 }
1225
1226 static int bump_unix_max_dgram_qlen(void) {
1227 _cleanup_free_ char *qlen = NULL;
1228 unsigned long v;
1229 int r;
1230
1231 /* Let's bump the net.unix.max_dgram_qlen sysctl. The kernel
1232 * default of 16 is simply too low. We set the value really
1233 * really early during boot, so that it is actually applied to
1234 * all our sockets, including the $NOTIFY_SOCKET one. */
1235
1236 r = read_one_line_file("/proc/sys/net/unix/max_dgram_qlen", &qlen);
1237 if (r < 0)
1238 return log_warning_errno(r, "Failed to read AF_UNIX datagram queue length, ignoring: %m");
1239
1240 r = safe_atolu(qlen, &v);
1241 if (r < 0)
1242 return log_warning_errno(r, "Failed to parse AF_UNIX datagram queue length, ignoring: %m");
1243
1244 if (v >= DEFAULT_UNIX_MAX_DGRAM_QLEN)
1245 return 0;
1246
1247 qlen = mfree(qlen);
1248 if (asprintf(&qlen, "%lu\n", DEFAULT_UNIX_MAX_DGRAM_QLEN) < 0)
1249 return log_oom();
1250
1251 r = write_string_file("/proc/sys/net/unix/max_dgram_qlen", qlen, 0);
1252 if (r < 0)
1253 return log_full_errno(IN_SET(r, -EROFS, -EPERM, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
1254 "Failed to bump AF_UNIX datagram queue length, ignoring: %m");
1255
1256 return 1;
1257 }
1258
1259 int main(int argc, char *argv[]) {
1260 Manager *m = NULL;
1261 int r, retval = EXIT_FAILURE;
1262 usec_t before_startup, after_startup;
1263 char timespan[FORMAT_TIMESPAN_MAX];
1264 FDSet *fds = NULL;
1265 bool reexecute = false;
1266 const char *shutdown_verb = NULL;
1267 dual_timestamp initrd_timestamp = DUAL_TIMESTAMP_NULL;
1268 dual_timestamp userspace_timestamp = DUAL_TIMESTAMP_NULL;
1269 dual_timestamp kernel_timestamp = DUAL_TIMESTAMP_NULL;
1270 dual_timestamp security_start_timestamp = DUAL_TIMESTAMP_NULL;
1271 dual_timestamp security_finish_timestamp = DUAL_TIMESTAMP_NULL;
1272 static char systemd[] = "systemd";
1273 bool skip_setup = false;
1274 unsigned j;
1275 bool loaded_policy = false;
1276 bool arm_reboot_watchdog = false;
1277 bool queue_default_job = false;
1278 bool empty_etc = false;
1279 char *switch_root_dir = NULL, *switch_root_init = NULL;
1280 struct rlimit saved_rlimit_nofile = RLIMIT_MAKE_CONST(0);
1281 const char *error_message = NULL;
1282
1283 #ifdef HAVE_SYSV_COMPAT
1284 if (getpid() != 1 && strstr(program_invocation_short_name, "init")) {
1285 /* This is compatibility support for SysV, where
1286 * calling init as a user is identical to telinit. */
1287
1288 errno = -ENOENT;
1289 execv(SYSTEMCTL_BINARY_PATH, argv);
1290 log_error_errno(errno, "Failed to exec " SYSTEMCTL_BINARY_PATH ": %m");
1291 return 1;
1292 }
1293 #endif
1294
1295 dual_timestamp_from_monotonic(&kernel_timestamp, 0);
1296 dual_timestamp_get(&userspace_timestamp);
1297
1298 /* Determine if this is a reexecution or normal bootup. We do
1299 * the full command line parsing much later, so let's just
1300 * have a quick peek here. */
1301 if (strv_find(argv+1, "--deserialize"))
1302 skip_setup = true;
1303
1304 /* If we have switched root, do all the special setup
1305 * things */
1306 if (strv_find(argv+1, "--switched-root"))
1307 skip_setup = false;
1308
1309 /* If we get started via the /sbin/init symlink then we are
1310 called 'init'. After a subsequent reexecution we are then
1311 called 'systemd'. That is confusing, hence let's call us
1312 systemd right-away. */
1313 program_invocation_short_name = systemd;
1314 prctl(PR_SET_NAME, systemd);
1315
1316 saved_argv = argv;
1317 saved_argc = argc;
1318
1319 log_show_color(isatty(STDERR_FILENO) > 0);
1320 log_set_upgrade_syslog_to_journal(true);
1321
1322 /* Disable the umask logic */
1323 if (getpid() == 1)
1324 umask(0);
1325
1326 if (getpid() == 1 && detect_container() <= 0) {
1327
1328 /* Running outside of a container as PID 1 */
1329 arg_running_as = MANAGER_SYSTEM;
1330 make_null_stdio();
1331 log_set_target(LOG_TARGET_KMSG);
1332 log_open();
1333
1334 if (in_initrd())
1335 initrd_timestamp = userspace_timestamp;
1336
1337 if (!skip_setup) {
1338 mount_setup_early();
1339 dual_timestamp_get(&security_start_timestamp);
1340 if (mac_selinux_setup(&loaded_policy) < 0) {
1341 error_message = "Failed to load SELinux policy";
1342 goto finish;
1343 } else if (ima_setup() < 0) {
1344 error_message = "Failed to load IMA policy";
1345 goto finish;
1346 } else if (mac_smack_setup(&loaded_policy) < 0) {
1347 error_message = "Failed to load SMACK policy";
1348 goto finish;
1349 }
1350 dual_timestamp_get(&security_finish_timestamp);
1351 }
1352
1353 if (mac_selinux_init(NULL) < 0) {
1354 error_message = "Failed to initialize SELinux policy";
1355 goto finish;
1356 }
1357
1358 if (!skip_setup) {
1359 if (clock_is_localtime() > 0) {
1360 int min;
1361
1362 /*
1363 * The very first call of settimeofday() also does a time warp in the kernel.
1364 *
1365 * In the rtc-in-local time mode, we set the kernel's timezone, and rely on
1366 * external tools to take care of maintaining the RTC and do all adjustments.
1367 * This matches the behavior of Windows, which leaves the RTC alone if the
1368 * registry tells that the RTC runs in UTC.
1369 */
1370 r = clock_set_timezone(&min);
1371 if (r < 0)
1372 log_error_errno(r, "Failed to apply local time delta, ignoring: %m");
1373 else
1374 log_info("RTC configured in localtime, applying delta of %i minutes to system time.", min);
1375 } else if (!in_initrd()) {
1376 /*
1377 * Do a dummy very first call to seal the kernel's time warp magic.
1378 *
1379 * Do not call this this from inside the initrd. The initrd might not
1380 * carry /etc/adjtime with LOCAL, but the real system could be set up
1381 * that way. In such case, we need to delay the time-warp or the sealing
1382 * until we reach the real system.
1383 *
1384 * Do no set the kernel's timezone. The concept of local time cannot
1385 * be supported reliably, the time will jump or be incorrect at every daylight
1386 * saving time change. All kernel local time concepts will be treated
1387 * as UTC that way.
1388 */
1389 clock_reset_timewarp();
1390 }
1391 }
1392
1393 /* Set the default for later on, but don't actually
1394 * open the logs like this for now. Note that if we
1395 * are transitioning from the initrd there might still
1396 * be journal fd open, and we shouldn't attempt
1397 * opening that before we parsed /proc/cmdline which
1398 * might redirect output elsewhere. */
1399 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
1400
1401 } else if (getpid() == 1) {
1402 /* Running inside a container, as PID 1 */
1403 arg_running_as = MANAGER_SYSTEM;
1404 log_set_target(LOG_TARGET_CONSOLE);
1405 log_close_console(); /* force reopen of /dev/console */
1406 log_open();
1407
1408 /* For the later on, see above... */
1409 log_set_target(LOG_TARGET_JOURNAL);
1410
1411 /* clear the kernel timestamp,
1412 * because we are in a container */
1413 kernel_timestamp.monotonic = 0ULL;
1414 kernel_timestamp.realtime = 0ULL;
1415
1416 } else {
1417 /* Running as user instance */
1418 arg_running_as = MANAGER_USER;
1419 log_set_target(LOG_TARGET_AUTO);
1420 log_open();
1421
1422 /* clear the kernel timestamp,
1423 * because we are not PID 1 */
1424 kernel_timestamp = DUAL_TIMESTAMP_NULL;
1425 }
1426
1427 /* Initialize default unit */
1428 r = free_and_strdup(&arg_default_unit, SPECIAL_DEFAULT_TARGET);
1429 if (r < 0) {
1430 log_emergency_errno(r, "Failed to set default unit %s: %m", SPECIAL_DEFAULT_TARGET);
1431 error_message = "Failed to set default unit";
1432 goto finish;
1433 }
1434
1435 r = initialize_join_controllers();
1436 if (r < 0) {
1437 error_message = "Failed to initialize cgroup controllers";
1438 goto finish;
1439 }
1440
1441 /* Mount /proc, /sys and friends, so that /proc/cmdline and
1442 * /proc/$PID/fd is available. */
1443 if (getpid() == 1) {
1444
1445 /* Load the kernel modules early, so that we kdbus.ko is loaded before kdbusfs shall be mounted */
1446 if (!skip_setup)
1447 kmod_setup();
1448
1449 r = mount_setup(loaded_policy);
1450 if (r < 0) {
1451 error_message = "Failed to mount API filesystems";
1452 goto finish;
1453 }
1454 }
1455
1456 /* Reset all signal handlers. */
1457 (void) reset_all_signal_handlers();
1458 (void) ignore_signals(SIGNALS_IGNORE, -1);
1459
1460 if (parse_config_file() < 0) {
1461 error_message = "Failed to parse config file";
1462 goto finish;
1463 }
1464
1465 if (arg_running_as == MANAGER_SYSTEM) {
1466 r = parse_proc_cmdline(parse_proc_cmdline_item);
1467 if (r < 0)
1468 log_warning_errno(r, "Failed to parse kernel command line, ignoring: %m");
1469 }
1470
1471 /* Note that this also parses bits from the kernel command
1472 * line, including "debug". */
1473 log_parse_environment();
1474
1475 if (parse_argv(argc, argv) < 0) {
1476 error_message = "Failed to parse commandline arguments";
1477 goto finish;
1478 }
1479
1480 if (arg_action == ACTION_TEST &&
1481 geteuid() == 0) {
1482 log_error("Don't run test mode as root.");
1483 goto finish;
1484 }
1485
1486 if (arg_running_as == MANAGER_USER &&
1487 arg_action == ACTION_RUN &&
1488 sd_booted() <= 0) {
1489 log_error("Trying to run as user instance, but the system has not been booted with systemd.");
1490 goto finish;
1491 }
1492
1493 if (arg_running_as == MANAGER_SYSTEM &&
1494 arg_action == ACTION_RUN &&
1495 running_in_chroot() > 0) {
1496 log_error("Cannot be run in a chroot() environment.");
1497 goto finish;
1498 }
1499
1500 if (arg_action == ACTION_TEST)
1501 skip_setup = true;
1502
1503 pager_open_if_enabled();
1504
1505 if (arg_action == ACTION_HELP) {
1506 retval = help();
1507 goto finish;
1508 } else if (arg_action == ACTION_VERSION) {
1509 retval = version();
1510 goto finish;
1511 } else if (arg_action == ACTION_DUMP_CONFIGURATION_ITEMS) {
1512 unit_dump_config_items(stdout);
1513 retval = EXIT_SUCCESS;
1514 goto finish;
1515 } else if (arg_action == ACTION_DONE) {
1516 retval = EXIT_SUCCESS;
1517 goto finish;
1518 }
1519
1520 if (arg_running_as == MANAGER_USER &&
1521 !getenv("XDG_RUNTIME_DIR")) {
1522 log_error("Trying to run as user instance, but $XDG_RUNTIME_DIR is not set.");
1523 goto finish;
1524 }
1525
1526 assert_se(arg_action == ACTION_RUN || arg_action == ACTION_TEST);
1527
1528 /* Close logging fds, in order not to confuse fdset below */
1529 log_close();
1530
1531 /* Remember open file descriptors for later deserialization */
1532 r = fdset_new_fill(&fds);
1533 if (r < 0) {
1534 log_emergency_errno(r, "Failed to allocate fd set: %m");
1535 error_message = "Failed to allocate fd set";
1536 goto finish;
1537 } else
1538 fdset_cloexec(fds, true);
1539
1540 if (arg_serialization)
1541 assert_se(fdset_remove(fds, fileno(arg_serialization)) >= 0);
1542
1543 if (arg_running_as == MANAGER_SYSTEM)
1544 /* Become a session leader if we aren't one yet. */
1545 setsid();
1546
1547 /* Move out of the way, so that we won't block unmounts */
1548 assert_se(chdir("/") == 0);
1549
1550 /* Reset the console, but only if this is really init and we
1551 * are freshly booted */
1552 if (arg_running_as == MANAGER_SYSTEM && arg_action == ACTION_RUN) {
1553
1554 /* If we are init, we connect stdin/stdout/stderr to
1555 * /dev/null and make sure we don't have a controlling
1556 * tty. */
1557 release_terminal();
1558
1559 if (getpid() == 1 && !skip_setup)
1560 console_setup();
1561 }
1562
1563 /* Open the logging devices, if possible and necessary */
1564 log_open();
1565
1566 if (arg_show_status == _SHOW_STATUS_UNSET)
1567 arg_show_status = SHOW_STATUS_YES;
1568
1569 /* Make sure we leave a core dump without panicing the
1570 * kernel. */
1571 if (getpid() == 1) {
1572 install_crash_handler();
1573
1574 r = mount_cgroup_controllers(arg_join_controllers);
1575 if (r < 0)
1576 goto finish;
1577 }
1578
1579 if (arg_running_as == MANAGER_SYSTEM) {
1580 int v;
1581
1582 log_info(PACKAGE_STRING " running in %ssystem mode. (" SYSTEMD_FEATURES ")",
1583 arg_action == ACTION_TEST ? "test " : "" );
1584
1585 v = detect_virtualization();
1586 if (v > 0)
1587 log_info("Detected virtualization %s.", virtualization_to_string(v));
1588
1589 write_container_id();
1590
1591 log_info("Detected architecture %s.", architecture_to_string(uname_architecture()));
1592
1593 if (in_initrd())
1594 log_info("Running in initial RAM disk.");
1595
1596 /* Let's check whether /etc is already populated. We
1597 * don't actually really check for that, but use
1598 * /etc/machine-id as flag file. This allows container
1599 * managers and installers to provision a couple of
1600 * files already. If the container manager wants to
1601 * provision the machine ID itself it should pass
1602 * $container_uuid to PID 1. */
1603
1604 empty_etc = access("/etc/machine-id", F_OK) < 0;
1605 if (empty_etc)
1606 log_info("Running with unpopulated /etc.");
1607 } else {
1608 _cleanup_free_ char *t;
1609
1610 t = uid_to_name(getuid());
1611 log_debug(PACKAGE_STRING " running in %suser mode for user "UID_FMT"/%s. (" SYSTEMD_FEATURES ")",
1612 arg_action == ACTION_TEST ? " test" : "", getuid(), t);
1613 }
1614
1615 if (arg_running_as == MANAGER_SYSTEM && !skip_setup) {
1616 if (arg_show_status > 0)
1617 status_welcome();
1618
1619 hostname_setup();
1620 machine_id_setup(NULL);
1621 loopback_setup();
1622 bump_unix_max_dgram_qlen();
1623
1624 test_usr();
1625 }
1626
1627 if (arg_running_as == MANAGER_SYSTEM && arg_runtime_watchdog > 0)
1628 watchdog_set_timeout(&arg_runtime_watchdog);
1629
1630 if (arg_timer_slack_nsec != NSEC_INFINITY)
1631 if (prctl(PR_SET_TIMERSLACK, arg_timer_slack_nsec) < 0)
1632 log_error_errno(errno, "Failed to adjust timer slack: %m");
1633
1634 if (arg_capability_bounding_set_drop) {
1635 r = capability_bounding_set_drop_usermode(arg_capability_bounding_set_drop);
1636 if (r < 0) {
1637 log_emergency_errno(r, "Failed to drop capability bounding set of usermode helpers: %m");
1638 error_message = "Failed to drop capability bounding set of usermode helpers";
1639 goto finish;
1640 }
1641 r = capability_bounding_set_drop(arg_capability_bounding_set_drop, true);
1642 if (r < 0) {
1643 log_emergency_errno(r, "Failed to drop capability bounding set: %m");
1644 error_message = "Failed to drop capability bounding set";
1645 goto finish;
1646 }
1647 }
1648
1649 if (arg_syscall_archs) {
1650 r = enforce_syscall_archs(arg_syscall_archs);
1651 if (r < 0) {
1652 error_message = "Failed to set syscall architectures";
1653 goto finish;
1654 }
1655 }
1656
1657 if (arg_running_as == MANAGER_USER)
1658 /* Become reaper of our children */
1659 if (prctl(PR_SET_CHILD_SUBREAPER, 1) < 0)
1660 log_warning_errno(errno, "Failed to make us a subreaper: %m");
1661
1662 if (arg_running_as == MANAGER_SYSTEM) {
1663 bump_rlimit_nofile(&saved_rlimit_nofile);
1664
1665 if (empty_etc) {
1666 r = unit_file_preset_all(UNIT_FILE_SYSTEM, false, NULL, UNIT_FILE_PRESET_ENABLE_ONLY, false, NULL, 0);
1667 if (r < 0)
1668 log_warning_errno(r, "Failed to populate /etc with preset unit settings, ignoring: %m");
1669 else
1670 log_info("Populated /etc with preset unit settings.");
1671 }
1672 }
1673
1674 r = manager_new(arg_running_as, arg_action == ACTION_TEST, &m);
1675 if (r < 0) {
1676 log_emergency_errno(r, "Failed to allocate manager object: %m");
1677 error_message = "Failed to allocate manager object";
1678 goto finish;
1679 }
1680
1681 m->confirm_spawn = arg_confirm_spawn;
1682 m->runtime_watchdog = arg_runtime_watchdog;
1683 m->shutdown_watchdog = arg_shutdown_watchdog;
1684 m->userspace_timestamp = userspace_timestamp;
1685 m->kernel_timestamp = kernel_timestamp;
1686 m->initrd_timestamp = initrd_timestamp;
1687 m->security_start_timestamp = security_start_timestamp;
1688 m->security_finish_timestamp = security_finish_timestamp;
1689
1690 manager_set_defaults(m);
1691 manager_set_show_status(m, arg_show_status);
1692 manager_set_first_boot(m, empty_etc);
1693
1694 /* Remember whether we should queue the default job */
1695 queue_default_job = !arg_serialization || arg_switched_root;
1696
1697 before_startup = now(CLOCK_MONOTONIC);
1698
1699 r = manager_startup(m, arg_serialization, fds);
1700 if (r < 0)
1701 log_error_errno(r, "Failed to fully start up daemon: %m");
1702
1703 /* This will close all file descriptors that were opened, but
1704 * not claimed by any unit. */
1705 fds = fdset_free(fds);
1706
1707 arg_serialization = safe_fclose(arg_serialization);
1708
1709 if (queue_default_job) {
1710 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1711 Unit *target = NULL;
1712 Job *default_unit_job;
1713
1714 log_debug("Activating default unit: %s", arg_default_unit);
1715
1716 r = manager_load_unit(m, arg_default_unit, NULL, &error, &target);
1717 if (r < 0)
1718 log_error("Failed to load default target: %s", bus_error_message(&error, r));
1719 else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND)
1720 log_error_errno(target->load_error, "Failed to load default target: %m");
1721 else if (target->load_state == UNIT_MASKED)
1722 log_error("Default target masked.");
1723
1724 if (!target || target->load_state != UNIT_LOADED) {
1725 log_info("Trying to load rescue target...");
1726
1727 r = manager_load_unit(m, SPECIAL_RESCUE_TARGET, NULL, &error, &target);
1728 if (r < 0) {
1729 log_emergency("Failed to load rescue target: %s", bus_error_message(&error, r));
1730 error_message = "Failed to load rescue target";
1731 goto finish;
1732 } else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND) {
1733 log_emergency_errno(target->load_error, "Failed to load rescue target: %m");
1734 error_message = "Failed to load rescue target";
1735 goto finish;
1736 } else if (target->load_state == UNIT_MASKED) {
1737 log_emergency("Rescue target masked.");
1738 error_message = "Rescue target masked";
1739 goto finish;
1740 }
1741 }
1742
1743 assert(target->load_state == UNIT_LOADED);
1744
1745 if (arg_action == ACTION_TEST) {
1746 printf("-> By units:\n");
1747 manager_dump_units(m, stdout, "\t");
1748 }
1749
1750 r = manager_add_job(m, JOB_START, target, JOB_ISOLATE, &error, &default_unit_job);
1751 if (r == -EPERM) {
1752 log_debug("Default target could not be isolated, starting instead: %s", bus_error_message(&error, r));
1753
1754 sd_bus_error_free(&error);
1755
1756 r = manager_add_job(m, JOB_START, target, JOB_REPLACE, &error, &default_unit_job);
1757 if (r < 0) {
1758 log_emergency("Failed to start default target: %s", bus_error_message(&error, r));
1759 error_message = "Failed to start default target";
1760 goto finish;
1761 }
1762 } else if (r < 0) {
1763 log_emergency("Failed to isolate default target: %s", bus_error_message(&error, r));
1764 error_message = "Failed to isolate default target";
1765 goto finish;
1766 }
1767
1768 m->default_unit_job_id = default_unit_job->id;
1769
1770 after_startup = now(CLOCK_MONOTONIC);
1771 log_full(arg_action == ACTION_TEST ? LOG_INFO : LOG_DEBUG,
1772 "Loaded units and determined initial transaction in %s.",
1773 format_timespan(timespan, sizeof(timespan), after_startup - before_startup, 100 * USEC_PER_MSEC));
1774
1775 if (arg_action == ACTION_TEST) {
1776 printf("-> By jobs:\n");
1777 manager_dump_jobs(m, stdout, "\t");
1778 retval = EXIT_SUCCESS;
1779 goto finish;
1780 }
1781 }
1782
1783 for (;;) {
1784 r = manager_loop(m);
1785 if (r < 0) {
1786 log_emergency_errno(r, "Failed to run main loop: %m");
1787 error_message = "Failed to run main loop";
1788 goto finish;
1789 }
1790
1791 switch (m->exit_code) {
1792
1793 case MANAGER_RELOAD:
1794 log_info("Reloading.");
1795
1796 r = parse_config_file();
1797 if (r < 0)
1798 log_error("Failed to parse config file.");
1799
1800 manager_set_defaults(m);
1801
1802 r = manager_reload(m);
1803 if (r < 0)
1804 log_error_errno(r, "Failed to reload: %m");
1805 break;
1806
1807 case MANAGER_REEXECUTE:
1808
1809 if (prepare_reexecute(m, &arg_serialization, &fds, false) < 0) {
1810 error_message = "Failed to prepare for reexecution";
1811 goto finish;
1812 }
1813
1814 reexecute = true;
1815 log_notice("Reexecuting.");
1816 goto finish;
1817
1818 case MANAGER_SWITCH_ROOT:
1819 /* Steal the switch root parameters */
1820 switch_root_dir = m->switch_root;
1821 switch_root_init = m->switch_root_init;
1822 m->switch_root = m->switch_root_init = NULL;
1823
1824 if (!switch_root_init)
1825 if (prepare_reexecute(m, &arg_serialization, &fds, true) < 0) {
1826 error_message = "Failed to prepare for reexecution";
1827 goto finish;
1828 }
1829
1830 reexecute = true;
1831 log_notice("Switching root.");
1832 goto finish;
1833
1834 case MANAGER_EXIT:
1835 retval = m->return_value;
1836
1837 if (m->running_as == MANAGER_USER) {
1838 log_debug("Exit.");
1839 goto finish;
1840 }
1841
1842 /* fallthrough */
1843 case MANAGER_REBOOT:
1844 case MANAGER_POWEROFF:
1845 case MANAGER_HALT:
1846 case MANAGER_KEXEC: {
1847 static const char * const table[_MANAGER_EXIT_CODE_MAX] = {
1848 [MANAGER_EXIT] = "exit",
1849 [MANAGER_REBOOT] = "reboot",
1850 [MANAGER_POWEROFF] = "poweroff",
1851 [MANAGER_HALT] = "halt",
1852 [MANAGER_KEXEC] = "kexec"
1853 };
1854
1855 assert_se(shutdown_verb = table[m->exit_code]);
1856 arm_reboot_watchdog = m->exit_code == MANAGER_REBOOT;
1857
1858 log_notice("Shutting down.");
1859 goto finish;
1860 }
1861
1862 default:
1863 assert_not_reached("Unknown exit code.");
1864 }
1865 }
1866
1867 finish:
1868 pager_close();
1869
1870 if (m)
1871 arg_shutdown_watchdog = m->shutdown_watchdog;
1872
1873 m = manager_free(m);
1874
1875 for (j = 0; j < ELEMENTSOF(arg_default_rlimit); j++)
1876 arg_default_rlimit[j] = mfree(arg_default_rlimit[j]);
1877
1878 arg_default_unit = mfree(arg_default_unit);
1879 arg_join_controllers = strv_free_free(arg_join_controllers);
1880 arg_default_environment = strv_free(arg_default_environment);
1881 arg_syscall_archs = set_free(arg_syscall_archs);
1882
1883 mac_selinux_finish();
1884
1885 if (reexecute) {
1886 const char **args;
1887 unsigned i, args_size;
1888
1889 /* Close and disarm the watchdog, so that the new
1890 * instance can reinitialize it, but doesn't get
1891 * rebooted while we do that */
1892 watchdog_close(true);
1893
1894 /* Reset the RLIMIT_NOFILE to the kernel default, so
1895 * that the new systemd can pass the kernel default to
1896 * its child processes */
1897 if (saved_rlimit_nofile.rlim_cur > 0)
1898 (void) setrlimit(RLIMIT_NOFILE, &saved_rlimit_nofile);
1899
1900 if (switch_root_dir) {
1901 /* Kill all remaining processes from the
1902 * initrd, but don't wait for them, so that we
1903 * can handle the SIGCHLD for them after
1904 * deserializing. */
1905 broadcast_signal(SIGTERM, false, true);
1906
1907 /* And switch root with MS_MOVE, because we remove the old directory afterwards and detach it. */
1908 r = switch_root(switch_root_dir, "/mnt", true, MS_MOVE);
1909 if (r < 0)
1910 log_error_errno(r, "Failed to switch root, trying to continue: %m");
1911 }
1912
1913 args_size = MAX(6, argc+1);
1914 args = newa(const char*, args_size);
1915
1916 if (!switch_root_init) {
1917 char sfd[DECIMAL_STR_MAX(int) + 1];
1918
1919 /* First try to spawn ourselves with the right
1920 * path, and with full serialization. We do
1921 * this only if the user didn't specify an
1922 * explicit init to spawn. */
1923
1924 assert(arg_serialization);
1925 assert(fds);
1926
1927 xsprintf(sfd, "%i", fileno(arg_serialization));
1928
1929 i = 0;
1930 args[i++] = SYSTEMD_BINARY_PATH;
1931 if (switch_root_dir)
1932 args[i++] = "--switched-root";
1933 args[i++] = arg_running_as == MANAGER_SYSTEM ? "--system" : "--user";
1934 args[i++] = "--deserialize";
1935 args[i++] = sfd;
1936 args[i++] = NULL;
1937
1938 /* do not pass along the environment we inherit from the kernel or initrd */
1939 if (switch_root_dir)
1940 (void) clearenv();
1941
1942 assert(i <= args_size);
1943 (void) execv(args[0], (char* const*) args);
1944 }
1945
1946 /* Try the fallback, if there is any, without any
1947 * serialization. We pass the original argv[] and
1948 * envp[]. (Well, modulo the ordering changes due to
1949 * getopt() in argv[], and some cleanups in envp[],
1950 * but let's hope that doesn't matter.) */
1951
1952 arg_serialization = safe_fclose(arg_serialization);
1953 fds = fdset_free(fds);
1954
1955 /* Reopen the console */
1956 (void) make_console_stdio();
1957
1958 for (j = 1, i = 1; j < (unsigned) argc; j++)
1959 args[i++] = argv[j];
1960 args[i++] = NULL;
1961 assert(i <= args_size);
1962
1963 /* Reenable any blocked signals, especially important
1964 * if we switch from initial ramdisk to init=... */
1965 (void) reset_all_signal_handlers();
1966 (void) reset_signal_mask();
1967
1968 if (switch_root_init) {
1969 args[0] = switch_root_init;
1970 (void) execv(args[0], (char* const*) args);
1971 log_warning_errno(errno, "Failed to execute configured init, trying fallback: %m");
1972 }
1973
1974 args[0] = "/sbin/init";
1975 (void) execv(args[0], (char* const*) args);
1976
1977 if (errno == ENOENT) {
1978 log_warning("No /sbin/init, trying fallback");
1979
1980 args[0] = "/bin/sh";
1981 args[1] = NULL;
1982 (void) execv(args[0], (char* const*) args);
1983 log_error_errno(errno, "Failed to execute /bin/sh, giving up: %m");
1984 } else
1985 log_warning_errno(errno, "Failed to execute /sbin/init, giving up: %m");
1986 }
1987
1988 arg_serialization = safe_fclose(arg_serialization);
1989 fds = fdset_free(fds);
1990
1991 #ifdef HAVE_VALGRIND_VALGRIND_H
1992 /* If we are PID 1 and running under valgrind, then let's exit
1993 * here explicitly. valgrind will only generate nice output on
1994 * exit(), not on exec(), hence let's do the former not the
1995 * latter here. */
1996 if (getpid() == 1 && RUNNING_ON_VALGRIND)
1997 return 0;
1998 #endif
1999
2000 if (shutdown_verb) {
2001 char log_level[DECIMAL_STR_MAX(int) + 1];
2002 char exit_code[DECIMAL_STR_MAX(uint8_t) + 1];
2003 const char* command_line[11] = {
2004 SYSTEMD_SHUTDOWN_BINARY_PATH,
2005 shutdown_verb,
2006 "--log-level", log_level,
2007 "--log-target",
2008 };
2009 unsigned pos = 5;
2010 _cleanup_strv_free_ char **env_block = NULL;
2011
2012 assert(command_line[pos] == NULL);
2013 env_block = strv_copy(environ);
2014
2015 xsprintf(log_level, "%d", log_get_max_level());
2016
2017 switch (log_get_target()) {
2018
2019 case LOG_TARGET_KMSG:
2020 case LOG_TARGET_JOURNAL_OR_KMSG:
2021 case LOG_TARGET_SYSLOG_OR_KMSG:
2022 command_line[pos++] = "kmsg";
2023 break;
2024
2025 case LOG_TARGET_NULL:
2026 command_line[pos++] = "null";
2027 break;
2028
2029 case LOG_TARGET_CONSOLE:
2030 default:
2031 command_line[pos++] = "console";
2032 break;
2033 };
2034
2035 if (log_get_show_color())
2036 command_line[pos++] = "--log-color";
2037
2038 if (log_get_show_location())
2039 command_line[pos++] = "--log-location";
2040
2041 if (streq(shutdown_verb, "exit")) {
2042 command_line[pos++] = "--exit-code";
2043 command_line[pos++] = exit_code;
2044 xsprintf(exit_code, "%d", retval);
2045 }
2046
2047 assert(pos < ELEMENTSOF(command_line));
2048
2049 if (arm_reboot_watchdog && arg_shutdown_watchdog > 0) {
2050 char *e;
2051
2052 /* If we reboot let's set the shutdown
2053 * watchdog and tell the shutdown binary to
2054 * repeatedly ping it */
2055 r = watchdog_set_timeout(&arg_shutdown_watchdog);
2056 watchdog_close(r < 0);
2057
2058 /* Tell the binary how often to ping, ignore failure */
2059 if (asprintf(&e, "WATCHDOG_USEC="USEC_FMT, arg_shutdown_watchdog) > 0)
2060 (void) strv_push(&env_block, e);
2061 } else
2062 watchdog_close(true);
2063
2064 /* Avoid the creation of new processes forked by the
2065 * kernel; at this point, we will not listen to the
2066 * signals anyway */
2067 if (detect_container() <= 0)
2068 (void) cg_uninstall_release_agent(SYSTEMD_CGROUP_CONTROLLER);
2069
2070 execve(SYSTEMD_SHUTDOWN_BINARY_PATH, (char **) command_line, env_block);
2071 log_error_errno(errno, "Failed to execute shutdown binary, %s: %m",
2072 getpid() == 1 ? "freezing" : "quitting");
2073 }
2074
2075 if (getpid() == 1) {
2076 if (error_message)
2077 manager_status_printf(NULL, STATUS_TYPE_EMERGENCY,
2078 ANSI_HIGHLIGHT_RED "!!!!!!" ANSI_NORMAL,
2079 "%s, freezing.", error_message);
2080 freeze_or_reboot();
2081 }
2082
2083 return retval;
2084 }