1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <dbus/dbus.h>
28 #include <sys/types.h>
34 #include <sys/prctl.h>
35 #include <sys/mount.h>
39 #include "load-fragment.h"
42 #include "conf-parser.h"
43 #include "bus-errors.h"
51 #include "path-util.h"
52 #include "switch-root.h"
53 #include "capability.h"
57 #include "sd-daemon.h"
59 #include "mount-setup.h"
60 #include "loopback-setup.h"
62 #include "kmod-setup.h"
64 #include "hostname-setup.h"
65 #include "machine-id-setup.h"
66 #include "locale-setup.h"
67 #include "selinux-setup.h"
68 #include "ima-setup.h"
76 ACTION_DUMP_CONFIGURATION_ITEMS,
78 } arg_action = ACTION_RUN;
80 static char *arg_default_unit = NULL;
81 static SystemdRunningAs arg_running_as = _SYSTEMD_RUNNING_AS_INVALID;
83 static bool arg_dump_core = true;
84 static bool arg_crash_shell = false;
85 static int arg_crash_chvt = -1;
86 static bool arg_confirm_spawn = false;
87 static bool arg_show_status = true;
88 static bool arg_switched_root = false;
89 static char **arg_default_controllers = NULL;
90 static char ***arg_join_controllers = NULL;
91 static ExecOutput arg_default_std_output = EXEC_OUTPUT_JOURNAL;
92 static ExecOutput arg_default_std_error = EXEC_OUTPUT_INHERIT;
93 static usec_t arg_runtime_watchdog = 0;
94 static usec_t arg_shutdown_watchdog = 10 * USEC_PER_MINUTE;
95 static struct rlimit *arg_default_rlimit[RLIMIT_NLIMITS] = {};
96 static uint64_t arg_capability_bounding_set_drop = 0;
97 static nsec_t arg_timer_slack_nsec = (nsec_t) -1;
99 static FILE* serialization = NULL;
101 static void nop_handler(int sig) {
104 _noreturn_ static void crash(int sig) {
107 log_error("Caught <%s>, not dumping core.", signal_to_string(sig));
112 /* We want to wait for the core process, hence let's enable SIGCHLD */
114 sa.sa_handler = nop_handler;
115 sa.sa_flags = SA_NOCLDSTOP|SA_RESTART;
116 assert_se(sigaction(SIGCHLD, &sa, NULL) == 0);
118 if ((pid = fork()) < 0)
119 log_error("Caught <%s>, cannot fork for core dump: %s", signal_to_string(sig), strerror(errno));
124 /* Enable default signal handler for core dump */
126 sa.sa_handler = SIG_DFL;
127 assert_se(sigaction(sig, &sa, NULL) == 0);
129 /* Don't limit the core dump size */
131 rl.rlim_cur = RLIM_INFINITY;
132 rl.rlim_max = RLIM_INFINITY;
133 setrlimit(RLIMIT_CORE, &rl);
135 /* Just to be sure... */
136 assert_se(chdir("/") == 0);
138 /* Raise the signal again */
141 assert_not_reached("We shouldn't be here...");
148 /* Order things nicely. */
149 if ((r = wait_for_terminate(pid, &status)) < 0)
150 log_error("Caught <%s>, waitpid() failed: %s", signal_to_string(sig), strerror(-r));
151 else if (status.si_code != CLD_DUMPED)
152 log_error("Caught <%s>, core dump failed.", signal_to_string(sig));
154 log_error("Caught <%s>, dumped core as pid %lu.", signal_to_string(sig), (unsigned long) pid);
159 chvt(arg_crash_chvt);
161 if (arg_crash_shell) {
165 log_info("Executing crash shell in 10s...");
168 /* Let the kernel reap children for us */
170 sa.sa_handler = SIG_IGN;
171 sa.sa_flags = SA_NOCLDSTOP|SA_NOCLDWAIT|SA_RESTART;
172 assert_se(sigaction(SIGCHLD, &sa, NULL) == 0);
176 log_error("Failed to fork off crash shell: %m");
178 make_console_stdio();
179 execl("/bin/sh", "/bin/sh", NULL);
181 log_error("execl() failed: %m");
185 log_info("Successfully spawned crash shell as pid %lu.", (unsigned long) pid);
188 log_info("Freezing execution.");
192 static void install_crash_handler(void) {
197 sa.sa_handler = crash;
198 sa.sa_flags = SA_NODEFER;
200 sigaction_many(&sa, SIGNALS_CRASH_HANDLER, -1);
203 static int console_setup(bool do_reset) {
206 /* If we are init, we connect stdin/stdout/stderr to /dev/null
207 * and make sure we don't have a controlling tty. */
214 tty_fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
216 log_error("Failed to open /dev/console: %s", strerror(-tty_fd));
220 /* We don't want to force text mode.
221 * plymouth may be showing pictures already from initrd. */
222 r = reset_terminal_fd(tty_fd, false);
224 log_error("Failed to reset /dev/console: %s", strerror(-r));
226 close_nointr_nofail(tty_fd);
230 static int set_default_unit(const char *u) {
239 free(arg_default_unit);
240 arg_default_unit = c;
245 static int parse_proc_cmdline_word(const char *word) {
247 static const char * const rlmap[] = {
248 "emergency", SPECIAL_EMERGENCY_TARGET,
249 "-b", SPECIAL_EMERGENCY_TARGET,
250 "single", SPECIAL_RESCUE_TARGET,
251 "-s", SPECIAL_RESCUE_TARGET,
252 "s", SPECIAL_RESCUE_TARGET,
253 "S", SPECIAL_RESCUE_TARGET,
254 "1", SPECIAL_RESCUE_TARGET,
255 "2", SPECIAL_RUNLEVEL2_TARGET,
256 "3", SPECIAL_RUNLEVEL3_TARGET,
257 "4", SPECIAL_RUNLEVEL4_TARGET,
258 "5", SPECIAL_RUNLEVEL5_TARGET,
263 if (startswith(word, "systemd.unit=")) {
266 return set_default_unit(word + 13);
268 } else if (startswith(word, "rd.systemd.unit=")) {
271 return set_default_unit(word + 16);
273 } else if (startswith(word, "systemd.log_target=")) {
275 if (log_set_target_from_string(word + 19) < 0)
276 log_warning("Failed to parse log target %s. Ignoring.", word + 19);
278 } else if (startswith(word, "systemd.log_level=")) {
280 if (log_set_max_level_from_string(word + 18) < 0)
281 log_warning("Failed to parse log level %s. Ignoring.", word + 18);
283 } else if (startswith(word, "systemd.log_color=")) {
285 if (log_show_color_from_string(word + 18) < 0)
286 log_warning("Failed to parse log color setting %s. Ignoring.", word + 18);
288 } else if (startswith(word, "systemd.log_location=")) {
290 if (log_show_location_from_string(word + 21) < 0)
291 log_warning("Failed to parse log location setting %s. Ignoring.", word + 21);
293 } else if (startswith(word, "systemd.dump_core=")) {
296 if ((r = parse_boolean(word + 18)) < 0)
297 log_warning("Failed to parse dump core switch %s. Ignoring.", word + 18);
301 } else if (startswith(word, "systemd.crash_shell=")) {
304 if ((r = parse_boolean(word + 20)) < 0)
305 log_warning("Failed to parse crash shell switch %s. Ignoring.", word + 20);
309 } else if (startswith(word, "systemd.confirm_spawn=")) {
312 if ((r = parse_boolean(word + 22)) < 0)
313 log_warning("Failed to parse confirm spawn switch %s. Ignoring.", word + 22);
315 arg_confirm_spawn = r;
317 } else if (startswith(word, "systemd.crash_chvt=")) {
320 if (safe_atoi(word + 19, &k) < 0)
321 log_warning("Failed to parse crash chvt switch %s. Ignoring.", word + 19);
325 } else if (startswith(word, "systemd.show_status=")) {
328 if ((r = parse_boolean(word + 20)) < 0)
329 log_warning("Failed to parse show status switch %s. Ignoring.", word + 20);
332 } else if (startswith(word, "systemd.default_standard_output=")) {
335 if ((r = exec_output_from_string(word + 32)) < 0)
336 log_warning("Failed to parse default standard output switch %s. Ignoring.", word + 32);
338 arg_default_std_output = r;
339 } else if (startswith(word, "systemd.default_standard_error=")) {
342 if ((r = exec_output_from_string(word + 31)) < 0)
343 log_warning("Failed to parse default standard error switch %s. Ignoring.", word + 31);
345 arg_default_std_error = r;
346 } else if (startswith(word, "systemd.setenv=")) {
347 _cleanup_free_ char *cenv = NULL;
351 cenv = strdup(word + 15);
355 eq = strchr(cenv, '=');
357 if (!env_name_is_valid(cenv))
358 log_warning("Environment variable name '%s' is not valid. Ignoring.", cenv);
362 log_warning("Unsetting environment variable '%s' failed, ignoring: %m", cenv);
365 if (!env_assignment_is_valid(cenv))
366 log_warning("Environment variable assignment '%s' is not valid. Ignoring.", cenv);
369 r = setenv(cenv, eq + 1, 1);
371 log_warning("Setting environment variable '%s=%s' failed, ignoring: %m", cenv, eq + 1);
375 } else if (startswith(word, "systemd.") ||
376 (in_initrd() && startswith(word, "rd.systemd."))) {
378 log_warning("Unknown kernel switch %s. Ignoring.", word);
380 log_info("Supported kernel switches:\n"
381 "systemd.unit=UNIT Default unit to start\n"
382 "rd.systemd.unit=UNIT Default unit to start when run in initrd\n"
383 "systemd.dump_core=0|1 Dump core on crash\n"
384 "systemd.crash_shell=0|1 Run shell on crash\n"
385 "systemd.crash_chvt=N Change to VT #N on crash\n"
386 "systemd.confirm_spawn=0|1 Confirm every process spawn\n"
387 "systemd.show_status=0|1 Show status updates on the console during bootup\n"
388 "systemd.log_target=console|kmsg|journal|journal-or-kmsg|syslog|syslog-or-kmsg|null\n"
390 "systemd.log_level=LEVEL Log level\n"
391 "systemd.log_color=0|1 Highlight important log messages\n"
392 "systemd.log_location=0|1 Include code location in log messages\n"
393 "systemd.default_standard_output=null|tty|syslog|syslog+console|kmsg|kmsg+console|journal|journal+console\n"
394 " Set default log output for services\n"
395 "systemd.default_standard_error=null|tty|syslog|syslog+console|kmsg|kmsg+console|journal|journal+console\n"
396 " Set default log error output for services\n"
397 "systemd.setenv=ASSIGNMENT Set an environment variable for all spawned processes\n");
399 } else if (streq(word, "quiet"))
400 arg_show_status = false;
401 else if (!in_initrd()) {
404 /* SysV compatibility */
405 for (i = 0; i < ELEMENTSOF(rlmap); i += 2)
406 if (streq(word, rlmap[i]))
407 return set_default_unit(rlmap[i+1]);
413 static int config_parse_level2(
414 const char *filename,
427 log_set_max_level_from_string(rvalue);
431 static int config_parse_target(
432 const char *filename,
445 log_set_target_from_string(rvalue);
449 static int config_parse_color(
450 const char *filename,
463 log_show_color_from_string(rvalue);
467 static int config_parse_location(
468 const char *filename,
481 log_show_location_from_string(rvalue);
485 static int config_parse_cpu_affinity2(
486 const char *filename,
505 FOREACH_WORD_QUOTED(w, l, rvalue, state) {
510 if (!(t = strndup(w, l)))
513 r = safe_atou(t, &cpu);
517 if (!(c = cpu_set_malloc(&ncpus)))
520 if (r < 0 || cpu >= ncpus) {
521 log_error("[%s:%u] Failed to parse CPU affinity: %s", filename, line, rvalue);
526 CPU_SET_S(cpu, CPU_ALLOC_SIZE(ncpus), c);
530 if (sched_setaffinity(0, CPU_ALLOC_SIZE(ncpus), c) < 0)
531 log_warning("Failed to set CPU affinity: %m");
539 static void strv_free_free(char ***l) {
551 static void free_join_controllers(void) {
552 if (!arg_join_controllers)
555 strv_free_free(arg_join_controllers);
556 arg_join_controllers = NULL;
559 static int config_parse_join_controllers(
560 const char *filename,
577 free_join_controllers();
579 FOREACH_WORD_QUOTED(w, length, rvalue, state) {
582 s = strndup(w, length);
586 l = strv_split(s, ",");
591 if (strv_length(l) <= 1) {
596 if (!arg_join_controllers) {
597 arg_join_controllers = new(char**, 2);
598 if (!arg_join_controllers) {
603 arg_join_controllers[0] = l;
604 arg_join_controllers[1] = NULL;
611 t = new0(char**, n+2);
619 for (a = arg_join_controllers; *a; a++) {
621 if (strv_overlap(*a, l)) {
624 c = strv_merge(*a, l);
647 t[n++] = strv_uniq(l);
649 strv_free_free(arg_join_controllers);
650 arg_join_controllers = t;
657 static int parse_config_file(void) {
659 const ConfigTableItem items[] = {
660 { "Manager", "LogLevel", config_parse_level2, 0, NULL },
661 { "Manager", "LogTarget", config_parse_target, 0, NULL },
662 { "Manager", "LogColor", config_parse_color, 0, NULL },
663 { "Manager", "LogLocation", config_parse_location, 0, NULL },
664 { "Manager", "DumpCore", config_parse_bool, 0, &arg_dump_core },
665 { "Manager", "CrashShell", config_parse_bool, 0, &arg_crash_shell },
666 { "Manager", "ShowStatus", config_parse_bool, 0, &arg_show_status },
667 { "Manager", "CrashChVT", config_parse_int, 0, &arg_crash_chvt },
668 { "Manager", "CPUAffinity", config_parse_cpu_affinity2, 0, NULL },
669 { "Manager", "DefaultControllers", config_parse_strv, 0, &arg_default_controllers },
670 { "Manager", "DefaultStandardOutput", config_parse_output, 0, &arg_default_std_output },
671 { "Manager", "DefaultStandardError", config_parse_output, 0, &arg_default_std_error },
672 { "Manager", "JoinControllers", config_parse_join_controllers, 0, &arg_join_controllers },
673 { "Manager", "RuntimeWatchdogSec", config_parse_usec, 0, &arg_runtime_watchdog },
674 { "Manager", "ShutdownWatchdogSec", config_parse_usec, 0, &arg_shutdown_watchdog },
675 { "Manager", "CapabilityBoundingSet", config_parse_bounding_set, 0, &arg_capability_bounding_set_drop },
676 { "Manager", "TimerSlackNSec", config_parse_nsec, 0, &arg_timer_slack_nsec },
677 { "Manager", "DefaultLimitCPU", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CPU]},
678 { "Manager", "DefaultLimitFSIZE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_FSIZE]},
679 { "Manager", "DefaultLimitDATA", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_DATA]},
680 { "Manager", "DefaultLimitSTACK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_STACK]},
681 { "Manager", "DefaultLimitCORE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CORE]},
682 { "Manager", "DefaultLimitRSS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RSS]},
683 { "Manager", "DefaultLimitNOFILE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NOFILE]},
684 { "Manager", "DefaultLimitAS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_AS]},
685 { "Manager", "DefaultLimitNPROC", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NPROC]},
686 { "Manager", "DefaultLimitMEMLOCK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MEMLOCK]},
687 { "Manager", "DefaultLimitLOCKS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_LOCKS]},
688 { "Manager", "DefaultLimitSIGPENDING",config_parse_limit, 0, &arg_default_rlimit[RLIMIT_SIGPENDING]},
689 { "Manager", "DefaultLimitMSGQUEUE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MSGQUEUE]},
690 { "Manager", "DefaultLimitNICE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NICE]},
691 { "Manager", "DefaultLimitRTPRIO", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTPRIO]},
692 { "Manager", "DefaultLimitRTTIME", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTTIME]},
693 { NULL, NULL, NULL, 0, NULL }
700 fn = arg_running_as == SYSTEMD_SYSTEM ? SYSTEM_CONFIG_FILE : USER_CONFIG_FILE;
706 log_warning("Failed to open configuration file '%s': %m", fn);
710 r = config_parse(fn, f, "Manager\0", config_item_table_lookup, (void*) items, false, NULL);
712 log_warning("Failed to parse configuration file: %s", strerror(-r));
719 static int parse_proc_cmdline(void) {
720 char *line, *w, *state;
724 /* Don't read /proc/cmdline if we are in a container, since
725 * that is only relevant for the host system */
726 if (detect_container(NULL) > 0)
729 if ((r = read_one_line_file("/proc/cmdline", &line)) < 0) {
730 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
734 FOREACH_WORD_QUOTED(w, l, line, state) {
737 if (!(word = strndup(w, l))) {
742 r = parse_proc_cmdline_word(word);
744 log_error("Failed on cmdline argument %s: %s", word, strerror(-r));
759 static int parse_argv(int argc, char *argv[]) {
762 ARG_LOG_LEVEL = 0x100,
771 ARG_DUMP_CONFIGURATION_ITEMS,
779 ARG_DEFAULT_STD_OUTPUT,
780 ARG_DEFAULT_STD_ERROR
783 static const struct option options[] = {
784 { "log-level", required_argument, NULL, ARG_LOG_LEVEL },
785 { "log-target", required_argument, NULL, ARG_LOG_TARGET },
786 { "log-color", optional_argument, NULL, ARG_LOG_COLOR },
787 { "log-location", optional_argument, NULL, ARG_LOG_LOCATION },
788 { "unit", required_argument, NULL, ARG_UNIT },
789 { "system", no_argument, NULL, ARG_SYSTEM },
790 { "user", no_argument, NULL, ARG_USER },
791 { "test", no_argument, NULL, ARG_TEST },
792 { "help", no_argument, NULL, 'h' },
793 { "version", no_argument, NULL, ARG_VERSION },
794 { "dump-configuration-items", no_argument, NULL, ARG_DUMP_CONFIGURATION_ITEMS },
795 { "dump-core", optional_argument, NULL, ARG_DUMP_CORE },
796 { "crash-shell", optional_argument, NULL, ARG_CRASH_SHELL },
797 { "confirm-spawn", optional_argument, NULL, ARG_CONFIRM_SPAWN },
798 { "show-status", optional_argument, NULL, ARG_SHOW_STATUS },
799 { "deserialize", required_argument, NULL, ARG_DESERIALIZE },
800 { "switched-root", no_argument, NULL, ARG_SWITCHED_ROOT },
801 { "introspect", optional_argument, NULL, ARG_INTROSPECT },
802 { "default-standard-output", required_argument, NULL, ARG_DEFAULT_STD_OUTPUT, },
803 { "default-standard-error", required_argument, NULL, ARG_DEFAULT_STD_ERROR, },
815 while ((c = getopt_long(argc, argv, "hDbsz:", options, NULL)) >= 0)
820 if ((r = log_set_max_level_from_string(optarg)) < 0) {
821 log_error("Failed to parse log level %s.", optarg);
829 if ((r = log_set_target_from_string(optarg)) < 0) {
830 log_error("Failed to parse log target %s.", optarg);
839 if ((r = log_show_color_from_string(optarg)) < 0) {
840 log_error("Failed to parse log color setting %s.", optarg);
844 log_show_color(true);
848 case ARG_LOG_LOCATION:
851 if ((r = log_show_location_from_string(optarg)) < 0) {
852 log_error("Failed to parse log location setting %s.", optarg);
856 log_show_location(true);
860 case ARG_DEFAULT_STD_OUTPUT:
862 if ((r = exec_output_from_string(optarg)) < 0) {
863 log_error("Failed to parse default standard output setting %s.", optarg);
866 arg_default_std_output = r;
869 case ARG_DEFAULT_STD_ERROR:
871 if ((r = exec_output_from_string(optarg)) < 0) {
872 log_error("Failed to parse default standard error output setting %s.", optarg);
875 arg_default_std_error = r;
880 if ((r = set_default_unit(optarg)) < 0) {
881 log_error("Failed to set default unit %s: %s", optarg, strerror(-r));
888 arg_running_as = SYSTEMD_SYSTEM;
892 arg_running_as = SYSTEMD_USER;
896 arg_action = ACTION_TEST;
900 arg_action = ACTION_VERSION;
903 case ARG_DUMP_CONFIGURATION_ITEMS:
904 arg_action = ACTION_DUMP_CONFIGURATION_ITEMS;
908 r = optarg ? parse_boolean(optarg) : 1;
910 log_error("Failed to parse dump core boolean %s.", optarg);
916 case ARG_CRASH_SHELL:
917 r = optarg ? parse_boolean(optarg) : 1;
919 log_error("Failed to parse crash shell boolean %s.", optarg);
925 case ARG_CONFIRM_SPAWN:
926 r = optarg ? parse_boolean(optarg) : 1;
928 log_error("Failed to parse confirm spawn boolean %s.", optarg);
931 arg_confirm_spawn = r;
934 case ARG_SHOW_STATUS:
935 r = optarg ? parse_boolean(optarg) : 1;
937 log_error("Failed to parse show status boolean %s.", optarg);
943 case ARG_DESERIALIZE: {
947 r = safe_atoi(optarg, &fd);
948 if (r < 0 || fd < 0) {
949 log_error("Failed to parse deserialize option %s.", optarg);
950 return r < 0 ? r : -EINVAL;
953 fd_cloexec(fd, true);
957 log_error("Failed to open serialization fd: %m");
962 fclose(serialization);
969 case ARG_SWITCHED_ROOT:
970 arg_switched_root = true;
973 case ARG_INTROSPECT: {
974 const char * const * i = NULL;
976 for (i = bus_interface_table; *i; i += 2)
977 if (!optarg || streq(i[0], optarg)) {
978 fputs(DBUS_INTROSPECT_1_0_XML_DOCTYPE_DECL_NODE
981 fputs("</node>\n", stdout);
988 log_error("Unknown interface %s.", optarg);
990 arg_action = ACTION_DONE;
995 arg_action = ACTION_HELP;
999 log_set_max_level(LOG_DEBUG);
1005 /* Just to eat away the sysvinit kernel
1006 * cmdline args without getopt() error
1007 * messages that we'll parse in
1008 * parse_proc_cmdline_word() or ignore. */
1012 if (getpid() != 1) {
1013 log_error("Unknown option code %c", c);
1020 if (optind < argc && getpid() != 1) {
1021 /* Hmm, when we aren't run as init system
1022 * let's complain about excess arguments */
1024 log_error("Excess arguments.");
1028 if (detect_container(NULL) > 0) {
1031 /* All /proc/cmdline arguments the kernel didn't
1032 * understand it passed to us. We're not really
1033 * interested in that usually since /proc/cmdline is
1034 * more interesting and complete. With one exception:
1035 * if we are run in a container /proc/cmdline is not
1036 * relevant for the container, hence we rely on argv[]
1039 for (a = argv; a < argv + argc; a++)
1040 if ((r = parse_proc_cmdline_word(*a)) < 0) {
1041 log_error("Failed on cmdline argument %s: %s", *a, strerror(-r));
1049 static int help(void) {
1051 printf("%s [OPTIONS...]\n\n"
1052 "Starts up and maintains the system or user services.\n\n"
1053 " -h --help Show this help\n"
1054 " --test Determine startup sequence, dump it and exit\n"
1055 " --dump-configuration-items Dump understood unit configuration items\n"
1056 " --introspect[=INTERFACE] Extract D-Bus interface data\n"
1057 " --unit=UNIT Set default unit\n"
1058 " --system Run a system instance, even if PID != 1\n"
1059 " --user Run a user instance\n"
1060 " --dump-core[=0|1] Dump core on crash\n"
1061 " --crash-shell[=0|1] Run shell on crash\n"
1062 " --confirm-spawn[=0|1] Ask for confirmation when spawning processes\n"
1063 " --show-status[=0|1] Show status updates on the console during bootup\n"
1064 " --log-target=TARGET Set log target (console, journal, syslog, kmsg, journal-or-kmsg, syslog-or-kmsg, null)\n"
1065 " --log-level=LEVEL Set log level (debug, info, notice, warning, err, crit, alert, emerg)\n"
1066 " --log-color[=0|1] Highlight important log messages\n"
1067 " --log-location[=0|1] Include code location in log messages\n"
1068 " --default-standard-output= Set default standard output for services\n"
1069 " --default-standard-error= Set default standard error output for services\n",
1070 program_invocation_short_name);
1075 static int version(void) {
1076 puts(PACKAGE_STRING);
1077 puts(SYSTEMD_FEATURES);
1082 static int prepare_reexecute(Manager *m, FILE **_f, FDSet **_fds, bool serialize_jobs) {
1091 /* Make sure nothing is really destructed when we shut down */
1094 r = manager_open_serialization(m, &f);
1096 log_error("Failed to create serialization file: %s", strerror(-r));
1103 log_error("Failed to allocate fd set: %s", strerror(-r));
1107 r = manager_serialize(m, f, fds, serialize_jobs);
1109 log_error("Failed to serialize state: %s", strerror(-r));
1113 if (fseeko(f, 0, SEEK_SET) < 0) {
1114 log_error("Failed to rewind serialization fd: %m");
1118 r = fd_cloexec(fileno(f), false);
1120 log_error("Failed to disable O_CLOEXEC for serialization: %s", strerror(-r));
1124 r = fdset_cloexec(fds, false);
1126 log_error("Failed to disable O_CLOEXEC for serialization fds: %s", strerror(-r));
1144 static int bump_rlimit_nofile(struct rlimit *saved_rlimit) {
1148 assert(saved_rlimit);
1150 /* Save the original RLIMIT_NOFILE so that we can reset it
1151 * later when transitioning from the initrd to the main
1152 * systemd or suchlike. */
1153 if (getrlimit(RLIMIT_NOFILE, saved_rlimit) < 0) {
1154 log_error("Reading RLIMIT_NOFILE failed: %m");
1158 /* Make sure forked processes get the default kernel setting */
1159 if (!arg_default_rlimit[RLIMIT_NOFILE]) {
1162 rl = newdup(struct rlimit, saved_rlimit, 1);
1166 arg_default_rlimit[RLIMIT_NOFILE] = rl;
1169 /* Bump up the resource limit for ourselves substantially */
1170 nl.rlim_cur = nl.rlim_max = 64*1024;
1171 r = setrlimit_closest(RLIMIT_NOFILE, &nl);
1173 log_error("Setting RLIMIT_NOFILE failed: %s", strerror(-r));
1180 static struct dual_timestamp* parse_initrd_timestamp(struct dual_timestamp *t) {
1182 unsigned long long a, b;
1186 e = getenv("RD_TIMESTAMP");
1190 if (sscanf(e, "%llu %llu", &a, &b) != 2)
1193 t->realtime = (usec_t) a;
1194 t->monotonic = (usec_t) b;
1199 static void test_mtab(void) {
1202 /* Check that /etc/mtab is a symlink */
1204 if (readlink_malloc("/etc/mtab", &p) >= 0) {
1207 b = streq(p, "/proc/self/mounts") || streq(p, "/proc/mounts");
1214 log_warning("/etc/mtab is not a symlink or not pointing to /proc/self/mounts. "
1215 "This is not supported anymore. "
1216 "Please make sure to replace this file by a symlink to avoid incorrect or misleading mount(8) output.");
1219 static void test_usr(void) {
1221 /* Check that /usr is not a separate fs */
1223 if (dir_is_empty("/usr") <= 0)
1226 log_warning("/usr appears to be on its own filesytem and is not already mounted. This is not a supported setup. "
1227 "Some things will probably break (sometimes even silently) in mysterious ways. "
1228 "Consult http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken for more information.");
1231 static void test_cgroups(void) {
1233 if (access("/proc/cgroups", F_OK) >= 0)
1236 log_warning("CONFIG_CGROUPS was not set when your kernel was compiled. "
1237 "Systems without control groups are not supported. "
1238 "We will now sleep for 10s, and then continue boot-up. "
1239 "Expect breakage and please do not file bugs. "
1240 "Instead fix your kernel and enable CONFIG_CGROUPS. "
1241 "Consult http://0pointer.de/blog/projects/cgroups-vs-cgroups.html for more information.");
1246 static int initialize_join_controllers(void) {
1247 /* By default, mount "cpu" + "cpuacct" together, and "net_cls"
1248 * + "net_prio". We'd like to add "cpuset" to the mix, but
1249 * "cpuset" does't really work for groups with no initialized
1252 arg_join_controllers = new(char**, 3);
1253 if (!arg_join_controllers)
1256 arg_join_controllers[0] = strv_new("cpu", "cpuacct", NULL);
1257 if (!arg_join_controllers[0])
1260 arg_join_controllers[1] = strv_new("net_cls", "net_prio", NULL);
1261 if (!arg_join_controllers[1])
1264 arg_join_controllers[2] = NULL;
1268 int main(int argc, char *argv[]) {
1270 int r, retval = EXIT_FAILURE;
1271 usec_t before_startup, after_startup;
1272 char timespan[FORMAT_TIMESPAN_MAX];
1274 bool reexecute = false;
1275 const char *shutdown_verb = NULL;
1276 dual_timestamp initrd_timestamp = { 0ULL, 0ULL };
1277 static char systemd[] = "systemd";
1278 bool skip_setup = false;
1280 bool loaded_policy = false;
1281 bool arm_reboot_watchdog = false;
1282 bool queue_default_job = false;
1283 char *switch_root_dir = NULL, *switch_root_init = NULL;
1284 static struct rlimit saved_rlimit_nofile = { 0, 0 };
1286 #ifdef HAVE_SYSV_COMPAT
1287 if (getpid() != 1 && strstr(program_invocation_short_name, "init")) {
1288 /* This is compatibility support for SysV, where
1289 * calling init as a user is identical to telinit. */
1292 execv(SYSTEMCTL_BINARY_PATH, argv);
1293 log_error("Failed to exec " SYSTEMCTL_BINARY_PATH ": %m");
1298 /* Determine if this is a reexecution or normal bootup. We do
1299 * the full command line parsing much later, so let's just
1300 * have a quick peek here. */
1301 for (j = 1; j < argc; j++)
1302 if (streq(argv[j], "--deserialize")) {
1307 /* If we have switched root, do all the special setup
1309 for (j = 1; j < argc; j++)
1310 if (streq(argv[j], "--switched-root")) {
1315 /* If we get started via the /sbin/init symlink then we are
1316 called 'init'. After a subsequent reexecution we are then
1317 called 'systemd'. That is confusing, hence let's call us
1318 systemd right-away. */
1319 program_invocation_short_name = systemd;
1320 prctl(PR_SET_NAME, systemd);
1325 log_show_color(isatty(STDERR_FILENO) > 0);
1327 if (getpid() == 1 && detect_container(NULL) <= 0) {
1329 /* Running outside of a container as PID 1 */
1330 arg_running_as = SYSTEMD_SYSTEM;
1332 log_set_target(LOG_TARGET_KMSG);
1336 char *rd_timestamp = NULL;
1338 dual_timestamp_get(&initrd_timestamp);
1339 asprintf(&rd_timestamp, "%llu %llu",
1340 (unsigned long long) initrd_timestamp.realtime,
1341 (unsigned long long) initrd_timestamp.monotonic);
1343 setenv("RD_TIMESTAMP", rd_timestamp, 1);
1349 if (selinux_setup(&loaded_policy) < 0)
1351 if (ima_setup() < 0)
1355 if (label_init(NULL) < 0)
1359 if (hwclock_is_localtime() > 0) {
1362 /* The first-time call to settimeofday() does a time warp in the kernel */
1363 r = hwclock_set_timezone(&min);
1365 log_error("Failed to apply local time delta, ignoring: %s", strerror(-r));
1367 log_info("RTC configured in localtime, applying delta of %i minutes to system time.", min);
1368 } else if (!in_initrd()) {
1370 * Do dummy first-time call to seal the kernel's time warp magic
1372 * Do not call this this from inside the initrd. The initrd might not
1373 * carry /etc/adjtime with LOCAL, but the real system could be set up
1374 * that way. In such case, we need to delay the time-warp or the sealing
1375 * until we reach the real system.
1377 hwclock_reset_timezone();
1379 /* Tell the kernel our time zone */
1380 r = hwclock_set_timezone(NULL);
1382 log_error("Failed to set the kernel's time zone, ignoring: %s", strerror(-r));
1386 /* Set the default for later on, but don't actually
1387 * open the logs like this for now. Note that if we
1388 * are transitioning from the initrd there might still
1389 * be journal fd open, and we shouldn't attempt
1390 * opening that before we parsed /proc/cmdline which
1391 * might redirect output elsewhere. */
1392 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
1394 } else if (getpid() == 1) {
1396 /* Running inside a container, as PID 1 */
1397 arg_running_as = SYSTEMD_SYSTEM;
1398 log_set_target(LOG_TARGET_CONSOLE);
1401 /* For the later on, see above... */
1402 log_set_target(LOG_TARGET_JOURNAL);
1406 /* Running as user instance */
1407 arg_running_as = SYSTEMD_USER;
1408 log_set_target(LOG_TARGET_AUTO);
1412 /* Initialize default unit */
1413 r = set_default_unit(SPECIAL_DEFAULT_TARGET);
1415 log_error("Failed to set default unit %s: %s", SPECIAL_DEFAULT_TARGET, strerror(-r));
1419 r = initialize_join_controllers();
1423 /* Mount /proc, /sys and friends, so that /proc/cmdline and
1424 * /proc/$PID/fd is available. */
1425 if (geteuid() == 0 && !getenv("SYSTEMD_SKIP_API_MOUNTS")) {
1426 r = mount_setup(loaded_policy);
1431 /* Reset all signal handlers. */
1432 assert_se(reset_all_signal_handlers() == 0);
1434 /* If we are init, we can block sigkill. Yay. */
1435 ignore_signals(SIGNALS_IGNORE, -1);
1437 if (parse_config_file() < 0)
1440 if (arg_running_as == SYSTEMD_SYSTEM)
1441 if (parse_proc_cmdline() < 0)
1444 log_parse_environment();
1446 if (parse_argv(argc, argv) < 0)
1449 if (arg_action == ACTION_TEST &&
1451 log_error("Don't run test mode as root.");
1455 if (arg_running_as == SYSTEMD_USER &&
1456 arg_action == ACTION_RUN &&
1458 log_error("Trying to run as user instance, but the system has not been booted with systemd.");
1462 if (arg_running_as == SYSTEMD_SYSTEM &&
1463 arg_action == ACTION_RUN &&
1464 running_in_chroot() > 0) {
1465 log_error("Cannot be run in a chroot() environment.");
1469 if (arg_action == ACTION_HELP) {
1472 } else if (arg_action == ACTION_VERSION) {
1475 } else if (arg_action == ACTION_DUMP_CONFIGURATION_ITEMS) {
1476 unit_dump_config_items(stdout);
1477 retval = EXIT_SUCCESS;
1479 } else if (arg_action == ACTION_DONE) {
1480 retval = EXIT_SUCCESS;
1484 assert_se(arg_action == ACTION_RUN || arg_action == ACTION_TEST);
1486 /* Close logging fds, in order not to confuse fdset below */
1489 /* Remember open file descriptors for later deserialization */
1490 r = fdset_new_fill(&fds);
1492 log_error("Failed to allocate fd set: %s", strerror(-r));
1495 fdset_cloexec(fds, true);
1498 assert_se(fdset_remove(fds, fileno(serialization)) >= 0);
1500 /* Set up PATH unless it is already set */
1502 #ifdef HAVE_SPLIT_USR
1503 "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
1505 "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin",
1507 arg_running_as == SYSTEMD_SYSTEM);
1509 if (arg_running_as == SYSTEMD_SYSTEM) {
1510 /* Parse the data passed to us. We leave this
1511 * variables set, but the manager later on will not
1512 * pass them on to our children. */
1514 parse_initrd_timestamp(&initrd_timestamp);
1516 /* Unset some environment variables passed in from the
1517 * kernel that don't really make sense for us. */
1521 /* When we are invoked by a shell, these might be set,
1522 * but make little sense to pass on */
1527 /* When we are invoked by a chroot-like tool such as
1528 * nspawn, these might be set, but make little sense
1531 unsetenv("LOGNAME");
1533 /* We suppress the socket activation env vars, as
1534 * we'll try to match *any* open fd to units if
1536 unsetenv("LISTEN_FDS");
1537 unsetenv("LISTEN_PID");
1539 /* All other variables are left as is, so that clients
1540 * can still read them via /proc/1/environ */
1543 /* Move out of the way, so that we won't block unmounts */
1544 assert_se(chdir("/") == 0);
1546 if (arg_running_as == SYSTEMD_SYSTEM) {
1547 /* Become a session leader if we aren't one yet. */
1550 /* Disable the umask logic */
1554 /* Make sure D-Bus doesn't fiddle with the SIGPIPE handlers */
1555 dbus_connection_set_change_sigpipe(FALSE);
1557 /* Reset the console, but only if this is really init and we
1558 * are freshly booted */
1559 if (arg_running_as == SYSTEMD_SYSTEM && arg_action == ACTION_RUN)
1560 console_setup(getpid() == 1 && !skip_setup);
1562 /* Open the logging devices, if possible and necessary */
1565 /* Make sure we leave a core dump without panicing the
1568 install_crash_handler();
1570 if (geteuid() == 0 && !getenv("SYSTEMD_SKIP_API_MOUNTS")) {
1571 r = mount_cgroup_controllers(arg_join_controllers);
1576 if (arg_running_as == SYSTEMD_SYSTEM) {
1577 const char *virtualization = NULL;
1579 log_info(PACKAGE_STRING " running in system mode. (" SYSTEMD_FEATURES ")");
1581 detect_virtualization(&virtualization);
1583 log_info("Detected virtualization '%s'.", virtualization);
1586 log_info("Running in initial RAM disk.");
1589 log_debug(PACKAGE_STRING " running in user mode. (" SYSTEMD_FEATURES ")");
1591 if (arg_running_as == SYSTEMD_SYSTEM && !skip_setup) {
1594 if (arg_show_status || plymouth_running())
1609 if (arg_running_as == SYSTEMD_SYSTEM && arg_runtime_watchdog > 0)
1610 watchdog_set_timeout(&arg_runtime_watchdog);
1612 if (arg_timer_slack_nsec != (nsec_t) -1)
1613 if (prctl(PR_SET_TIMERSLACK, arg_timer_slack_nsec) < 0)
1614 log_error("Failed to adjust timer slack: %m");
1616 if (arg_capability_bounding_set_drop) {
1617 r = capability_bounding_set_drop(arg_capability_bounding_set_drop, true);
1619 log_error("Failed to drop capability bounding set: %s", strerror(-r));
1622 r = capability_bounding_set_drop_usermode(arg_capability_bounding_set_drop);
1624 log_error("Failed to drop capability bounding set of usermode helpers: %s", strerror(-r));
1629 if (arg_running_as == SYSTEMD_USER) {
1630 /* Become reaper of our children */
1631 if (prctl(PR_SET_CHILD_SUBREAPER, 1) < 0) {
1632 log_warning("Failed to make us a subreaper: %m");
1633 if (errno == EINVAL)
1634 log_info("Perhaps the kernel version is too old (< 3.4?)");
1638 if (arg_running_as == SYSTEMD_SYSTEM)
1639 bump_rlimit_nofile(&saved_rlimit_nofile);
1641 r = manager_new(arg_running_as, &m);
1643 log_error("Failed to allocate manager object: %s", strerror(-r));
1647 m->confirm_spawn = arg_confirm_spawn;
1648 m->default_std_output = arg_default_std_output;
1649 m->default_std_error = arg_default_std_error;
1650 m->runtime_watchdog = arg_runtime_watchdog;
1651 m->shutdown_watchdog = arg_shutdown_watchdog;
1653 manager_set_default_rlimits(m, arg_default_rlimit);
1655 if (dual_timestamp_is_set(&initrd_timestamp))
1656 m->initrd_timestamp = initrd_timestamp;
1658 if (arg_default_controllers)
1659 manager_set_default_controllers(m, arg_default_controllers);
1661 manager_set_show_status(m, arg_show_status);
1663 /* Remember whether we should queue the default job */
1664 queue_default_job = !serialization || arg_switched_root;
1666 before_startup = now(CLOCK_MONOTONIC);
1668 r = manager_startup(m, serialization, fds);
1670 log_error("Failed to fully start up daemon: %s", strerror(-r));
1672 /* This will close all file descriptors that were opened, but
1673 * not claimed by any unit. */
1676 if (serialization) {
1677 fclose(serialization);
1678 serialization = NULL;
1681 if (queue_default_job) {
1683 Unit *target = NULL;
1684 Job *default_unit_job;
1686 dbus_error_init(&error);
1688 log_debug("Activating default unit: %s", arg_default_unit);
1690 r = manager_load_unit(m, arg_default_unit, NULL, &error, &target);
1692 log_error("Failed to load default target: %s", bus_error(&error, r));
1693 dbus_error_free(&error);
1694 } else if (target->load_state == UNIT_ERROR)
1695 log_error("Failed to load default target: %s", strerror(-target->load_error));
1696 else if (target->load_state == UNIT_MASKED)
1697 log_error("Default target masked.");
1699 if (!target || target->load_state != UNIT_LOADED) {
1700 log_info("Trying to load rescue target...");
1702 r = manager_load_unit(m, SPECIAL_RESCUE_TARGET, NULL, &error, &target);
1704 log_error("Failed to load rescue target: %s", bus_error(&error, r));
1705 dbus_error_free(&error);
1707 } else if (target->load_state == UNIT_ERROR) {
1708 log_error("Failed to load rescue target: %s", strerror(-target->load_error));
1710 } else if (target->load_state == UNIT_MASKED) {
1711 log_error("Rescue target masked.");
1716 assert(target->load_state == UNIT_LOADED);
1718 if (arg_action == ACTION_TEST) {
1719 printf("-> By units:\n");
1720 manager_dump_units(m, stdout, "\t");
1723 r = manager_add_job(m, JOB_START, target, JOB_REPLACE, false, &error, &default_unit_job);
1725 log_error("Failed to start default target: %s", bus_error(&error, r));
1726 dbus_error_free(&error);
1729 m->default_unit_job_id = default_unit_job->id;
1731 after_startup = now(CLOCK_MONOTONIC);
1732 log_full(arg_action == ACTION_TEST ? LOG_INFO : LOG_DEBUG,
1733 "Loaded units and determined initial transaction in %s.",
1734 format_timespan(timespan, sizeof(timespan), after_startup - before_startup));
1736 if (arg_action == ACTION_TEST) {
1737 printf("-> By jobs:\n");
1738 manager_dump_jobs(m, stdout, "\t");
1739 retval = EXIT_SUCCESS;
1745 r = manager_loop(m);
1747 log_error("Failed to run mainloop: %s", strerror(-r));
1751 switch (m->exit_code) {
1754 retval = EXIT_SUCCESS;
1758 case MANAGER_RELOAD:
1759 log_info("Reloading.");
1760 r = manager_reload(m);
1762 log_error("Failed to reload: %s", strerror(-r));
1765 case MANAGER_REEXECUTE:
1767 if (prepare_reexecute(m, &serialization, &fds, true) < 0)
1771 log_notice("Reexecuting.");
1774 case MANAGER_SWITCH_ROOT:
1775 /* Steal the switch root parameters */
1776 switch_root_dir = m->switch_root;
1777 switch_root_init = m->switch_root_init;
1778 m->switch_root = m->switch_root_init = NULL;
1780 if (!switch_root_init)
1781 if (prepare_reexecute(m, &serialization, &fds, false) < 0)
1785 log_notice("Switching root.");
1788 case MANAGER_REBOOT:
1789 case MANAGER_POWEROFF:
1791 case MANAGER_KEXEC: {
1792 static const char * const table[_MANAGER_EXIT_CODE_MAX] = {
1793 [MANAGER_REBOOT] = "reboot",
1794 [MANAGER_POWEROFF] = "poweroff",
1795 [MANAGER_HALT] = "halt",
1796 [MANAGER_KEXEC] = "kexec"
1799 assert_se(shutdown_verb = table[m->exit_code]);
1800 arm_reboot_watchdog = m->exit_code == MANAGER_REBOOT;
1802 log_notice("Shutting down.");
1807 assert_not_reached("Unknown exit code.");
1815 for (j = 0; j < RLIMIT_NLIMITS; j++)
1816 free(arg_default_rlimit[j]);
1818 free(arg_default_unit);
1819 strv_free(arg_default_controllers);
1820 free_join_controllers();
1827 unsigned i, args_size;
1829 /* Close and disarm the watchdog, so that the new
1830 * instance can reinitialize it, but doesn't get
1831 * rebooted while we do that */
1832 watchdog_close(true);
1834 /* Reset the RLIMIT_NOFILE to the kernel default, so
1835 * that the new systemd can pass the kernel default to
1836 * its child processes */
1837 if (saved_rlimit_nofile.rlim_cur > 0)
1838 setrlimit(RLIMIT_NOFILE, &saved_rlimit_nofile);
1840 if (switch_root_dir) {
1841 /* Kill all remaining processes from the
1842 * initrd, but don't wait for them, so that we
1843 * can handle the SIGCHLD for them after
1845 broadcast_signal(SIGTERM, false);
1847 /* And switch root */
1848 r = switch_root(switch_root_dir);
1850 log_error("Failed to switch root, ignoring: %s", strerror(-r));
1853 args_size = MAX(6, argc+1);
1854 args = newa(const char*, args_size);
1856 if (!switch_root_init) {
1859 /* First try to spawn ourselves with the right
1860 * path, and with full serialization. We do
1861 * this only if the user didn't specify an
1862 * explicit init to spawn. */
1864 assert(serialization);
1867 snprintf(sfd, sizeof(sfd), "%i", fileno(serialization));
1871 args[i++] = SYSTEMD_BINARY_PATH;
1872 if (switch_root_dir)
1873 args[i++] = "--switched-root";
1874 args[i++] = arg_running_as == SYSTEMD_SYSTEM ? "--system" : "--user";
1875 args[i++] = "--deserialize";
1879 assert(i <= args_size);
1880 execv(args[0], (char* const*) args);
1883 /* Try the fallback, if there is any, without any
1884 * serialization. We pass the original argv[] and
1885 * envp[]. (Well, modulo the ordering changes due to
1886 * getopt() in argv[], and some cleanups in envp[],
1887 * but let's hope that doesn't matter.) */
1889 if (serialization) {
1890 fclose(serialization);
1891 serialization = NULL;
1899 /* Reopen the console */
1900 make_console_stdio();
1902 for (j = 1, i = 1; j < argc; j++)
1903 args[i++] = argv[j];
1905 assert(i <= args_size);
1907 if (switch_root_init) {
1908 args[0] = switch_root_init;
1909 execv(args[0], (char* const*) args);
1910 log_warning("Failed to execute configured init, trying fallback: %m");
1913 args[0] = "/sbin/init";
1914 execv(args[0], (char* const*) args);
1916 if (errno == ENOENT) {
1917 log_warning("No /sbin/init, trying fallback");
1919 args[0] = "/bin/sh";
1921 execv(args[0], (char* const*) args);
1922 log_error("Failed to execute /bin/sh, giving up: %m");
1924 log_warning("Failed to execute /sbin/init, giving up: %m");
1928 fclose(serialization);
1933 if (shutdown_verb) {
1934 const char * command_line[] = {
1935 SYSTEMD_SHUTDOWN_BINARY_PATH,
1941 if (arm_reboot_watchdog && arg_shutdown_watchdog > 0) {
1944 /* If we reboot let's set the shutdown
1945 * watchdog and tell the shutdown binary to
1946 * repeatedly ping it */
1947 watchdog_set_timeout(&arg_shutdown_watchdog);
1948 watchdog_close(false);
1950 /* Tell the binary how often to ping */
1951 snprintf(e, sizeof(e), "WATCHDOG_USEC=%llu", (unsigned long long) arg_shutdown_watchdog);
1954 env_block = strv_append(environ, e);
1956 env_block = strv_copy(environ);
1957 watchdog_close(true);
1960 execve(SYSTEMD_SHUTDOWN_BINARY_PATH, (char **) command_line, env_block);
1962 log_error("Failed to execute shutdown binary, freezing: %m");