X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fcore%2Fmain.c;h=4e24f851e264f91a943b13a8b6d04ee2656325d1;hb=e49d3c016751c03e544697656e8e596af8a664d7;hp=ed64dd167b924de9b639299f36e1a40d57898ffa;hpb=b1e90ec515408aec2702522f6f68c4920b56375b;p=elogind.git diff --git a/src/core/main.c b/src/core/main.c index ed64dd167..4e24f851e 100644 --- a/src/core/main.c +++ b/src/core/main.c @@ -51,6 +51,7 @@ #include "strv.h" #include "def.h" #include "virt.h" +#include "architecture.h" #include "watchdog.h" #include "path-util.h" #include "switch-root.h" @@ -88,7 +89,7 @@ static bool arg_dump_core = true; static bool arg_crash_shell = false; static int arg_crash_chvt = -1; static bool arg_confirm_spawn = false; -static ShowStatus arg_show_status = SHOW_STATUS_UNSET; +static ShowStatus arg_show_status = _SHOW_STATUS_UNSET; static bool arg_switched_root = false; static char ***arg_join_controllers = NULL; static ExecOutput arg_default_std_output = EXEC_OUTPUT_JOURNAL; @@ -408,7 +409,7 @@ static int parse_proc_cmdline_word(const char *word) { } } else if (streq(word, "quiet")) { - if (arg_show_status == SHOW_STATUS_UNSET) + if (arg_show_status == _SHOW_STATUS_UNSET) arg_show_status = SHOW_STATUS_AUTO; } else if (streq(word, "debug")) { /* Log to kmsg, the journal socket will fill up before the @@ -1191,6 +1192,12 @@ static int enforce_syscall_archs(Set *archs) { } } + r = seccomp_attr_set(seccomp, SCMP_FLTATR_CTL_NNP, 0); + if (r < 0) { + log_error("Failed to unset NO_NEW_PRIVS: %s", strerror(-r)); + goto finish; + } + r = seccomp_load(seccomp); if (r < 0) log_error("Failed to add install architecture seccomp: %s", strerror(-r)); @@ -1203,6 +1210,24 @@ finish: #endif } +static int status_welcome(void) { + _cleanup_free_ char *pretty_name = NULL, *ansi_color = NULL; + int r; + + r = parse_env_file("/etc/os-release", NEWLINE, + "PRETTY_NAME", &pretty_name, + "ANSI_COLOR", &ansi_color, + NULL); + + if (r < 0 && r != -ENOENT) + log_warning("Failed to read /etc/os-release: %s", strerror(-r)); + + return status_printf(NULL, false, false, + "\nWelcome to \x1B[%sm%s\x1B[0m!\n", + isempty(ansi_color) ? "1" : ansi_color, + isempty(pretty_name) ? "Linux" : pretty_name); +} + int main(int argc, char *argv[]) { Manager *m = NULL; int r, retval = EXIT_FAILURE; @@ -1285,7 +1310,7 @@ int main(int argc, char *argv[]) { goto finish; if (ima_setup() < 0) goto finish; - if (smack_setup() < 0) + if (smack_setup(&loaded_policy) < 0) goto finish; dual_timestamp_get(&security_finish_timestamp); } @@ -1464,6 +1489,9 @@ int main(int argc, char *argv[]) { /* Open the logging devices, if possible and necessary */ log_open(); + if (arg_show_status == _SHOW_STATUS_UNSET) + arg_show_status = SHOW_STATUS_YES; + /* Make sure we leave a core dump without panicing the * kernel. */ if (getpid() == 1) { @@ -1483,6 +1511,8 @@ int main(int argc, char *argv[]) { if (virtualization) log_info("Detected virtualization '%s'.", virtualization); + log_info("Detected architecture '%s'.", architecture_to_string(uname_architecture())); + if (in_initrd()) log_info("Running in initial RAM disk."); @@ -1570,12 +1600,7 @@ int main(int argc, char *argv[]) { m->security_finish_timestamp = security_finish_timestamp; manager_set_default_rlimits(m, arg_default_rlimit); - - if (arg_default_environment) - manager_environment_add(m, NULL, arg_default_environment); - - if (arg_show_status == SHOW_STATUS_UNSET) - arg_show_status = SHOW_STATUS_YES; + manager_environment_add(m, NULL, arg_default_environment); manager_set_show_status(m, arg_show_status); /* Remember whether we should queue the default job */ @@ -1889,9 +1914,9 @@ finish: "--log-target", }; unsigned pos = 5; - assert(command_line[pos] == NULL); - _cleanup_strv_free_ char **env_block = NULL; + + assert(command_line[pos] == NULL); env_block = strv_copy(environ); snprintf(log_level, sizeof(log_level), "%d", log_get_max_level());