1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <dbus/dbus.h>
28 #include <sys/types.h>
34 #include <sys/prctl.h>
35 #include <sys/mount.h>
39 #include "load-fragment.h"
42 #include "conf-parser.h"
43 #include "dbus-common.h"
51 #include "path-util.h"
52 #include "switch-root.h"
53 #include "capability.h"
57 #include "sd-daemon.h"
58 #include "sd-messages.h"
60 #include "mount-setup.h"
61 #include "loopback-setup.h"
63 #include "kmod-setup.h"
65 #include "hostname-setup.h"
66 #include "machine-id-setup.h"
67 #include "selinux-setup.h"
68 #include "ima-setup.h"
70 #include "smack-setup.h"
77 ACTION_DUMP_CONFIGURATION_ITEMS,
79 } arg_action = ACTION_RUN;
81 static char *arg_default_unit = NULL;
82 static SystemdRunningAs arg_running_as = _SYSTEMD_RUNNING_AS_INVALID;
84 static bool arg_dump_core = true;
85 static bool arg_crash_shell = false;
86 static int arg_crash_chvt = -1;
87 static bool arg_confirm_spawn = false;
88 static bool arg_show_status = true;
89 static bool arg_switched_root = false;
90 static char ***arg_join_controllers = NULL;
91 static ExecOutput arg_default_std_output = EXEC_OUTPUT_JOURNAL;
92 static ExecOutput arg_default_std_error = EXEC_OUTPUT_INHERIT;
93 static usec_t arg_runtime_watchdog = 0;
94 static usec_t arg_shutdown_watchdog = 10 * USEC_PER_MINUTE;
95 static char **arg_default_environment = NULL;
96 static struct rlimit *arg_default_rlimit[RLIMIT_NLIMITS] = {};
97 static uint64_t arg_capability_bounding_set_drop = 0;
98 static nsec_t arg_timer_slack_nsec = (nsec_t) -1;
100 static FILE* serialization = NULL;
102 static void nop_handler(int sig) {
105 _noreturn_ static void crash(int sig) {
108 /* Pass this on immediately, if this is not PID 1 */
110 else if (!arg_dump_core)
111 log_error("Caught <%s>, not dumping core.", signal_to_string(sig));
113 struct sigaction sa = {
114 .sa_handler = nop_handler,
115 .sa_flags = SA_NOCLDSTOP|SA_RESTART,
119 /* We want to wait for the core process, hence let's enable SIGCHLD */
120 sigaction(SIGCHLD, &sa, NULL);
124 log_error("Caught <%s>, cannot fork for core dump: %s", signal_to_string(sig), strerror(errno));
127 struct rlimit rl = {};
129 /* Enable default signal handler for core dump */
131 sa.sa_handler = SIG_DFL;
132 sigaction(sig, &sa, NULL);
134 /* Don't limit the core dump size */
135 rl.rlim_cur = RLIM_INFINITY;
136 rl.rlim_max = RLIM_INFINITY;
137 setrlimit(RLIMIT_CORE, &rl);
139 /* Just to be sure... */
142 /* Raise the signal again */
145 assert_not_reached("We shouldn't be here...");
152 /* Order things nicely. */
153 r = wait_for_terminate(pid, &status);
155 log_error("Caught <%s>, waitpid() failed: %s", signal_to_string(sig), strerror(-r));
156 else if (status.si_code != CLD_DUMPED)
157 log_error("Caught <%s>, core dump failed.", signal_to_string(sig));
159 log_error("Caught <%s>, dumped core as pid %lu.", signal_to_string(sig), (unsigned long) pid);
164 chvt(arg_crash_chvt);
166 if (arg_crash_shell) {
167 struct sigaction sa = {
168 .sa_handler = SIG_IGN,
169 .sa_flags = SA_NOCLDSTOP|SA_NOCLDWAIT|SA_RESTART,
173 log_info("Executing crash shell in 10s...");
176 /* Let the kernel reap children for us */
177 assert_se(sigaction(SIGCHLD, &sa, NULL) == 0);
181 log_error("Failed to fork off crash shell: %m");
183 make_console_stdio();
184 execl("/bin/sh", "/bin/sh", NULL);
186 log_error("execl() failed: %m");
190 log_info("Successfully spawned crash shell as pid %lu.", (unsigned long) pid);
193 log_info("Freezing execution.");
197 static void install_crash_handler(void) {
198 struct sigaction sa = {
200 .sa_flags = SA_NODEFER,
203 sigaction_many(&sa, SIGNALS_CRASH_HANDLER, -1);
206 static int console_setup(bool do_reset) {
209 /* If we are init, we connect stdin/stdout/stderr to /dev/null
210 * and make sure we don't have a controlling tty. */
217 tty_fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
219 log_error("Failed to open /dev/console: %s", strerror(-tty_fd));
223 /* We don't want to force text mode.
224 * plymouth may be showing pictures already from initrd. */
225 r = reset_terminal_fd(tty_fd, false);
227 log_error("Failed to reset /dev/console: %s", strerror(-r));
229 close_nointr_nofail(tty_fd);
233 static int set_default_unit(const char *u) {
242 free(arg_default_unit);
243 arg_default_unit = c;
248 static int parse_proc_cmdline_word(const char *word) {
250 static const char * const rlmap[] = {
251 "emergency", SPECIAL_EMERGENCY_TARGET,
252 "-b", SPECIAL_EMERGENCY_TARGET,
253 "single", SPECIAL_RESCUE_TARGET,
254 "-s", SPECIAL_RESCUE_TARGET,
255 "s", SPECIAL_RESCUE_TARGET,
256 "S", SPECIAL_RESCUE_TARGET,
257 "1", SPECIAL_RESCUE_TARGET,
258 "2", SPECIAL_RUNLEVEL2_TARGET,
259 "3", SPECIAL_RUNLEVEL3_TARGET,
260 "4", SPECIAL_RUNLEVEL4_TARGET,
261 "5", SPECIAL_RUNLEVEL5_TARGET,
266 if (startswith(word, "systemd.unit=")) {
269 return set_default_unit(word + 13);
271 } else if (startswith(word, "rd.systemd.unit=")) {
274 return set_default_unit(word + 16);
276 } else if (startswith(word, "systemd.log_target=")) {
278 if (log_set_target_from_string(word + 19) < 0)
279 log_warning("Failed to parse log target %s. Ignoring.", word + 19);
281 } else if (startswith(word, "systemd.log_level=")) {
283 if (log_set_max_level_from_string(word + 18) < 0)
284 log_warning("Failed to parse log level %s. Ignoring.", word + 18);
286 } else if (startswith(word, "systemd.log_color=")) {
288 if (log_show_color_from_string(word + 18) < 0)
289 log_warning("Failed to parse log color setting %s. Ignoring.", word + 18);
291 } else if (startswith(word, "systemd.log_location=")) {
293 if (log_show_location_from_string(word + 21) < 0)
294 log_warning("Failed to parse log location setting %s. Ignoring.", word + 21);
296 } else if (startswith(word, "systemd.dump_core=")) {
299 if ((r = parse_boolean(word + 18)) < 0)
300 log_warning("Failed to parse dump core switch %s. Ignoring.", word + 18);
304 } else if (startswith(word, "systemd.crash_shell=")) {
307 if ((r = parse_boolean(word + 20)) < 0)
308 log_warning("Failed to parse crash shell switch %s. Ignoring.", word + 20);
312 } else if (startswith(word, "systemd.confirm_spawn=")) {
315 if ((r = parse_boolean(word + 22)) < 0)
316 log_warning("Failed to parse confirm spawn switch %s. Ignoring.", word + 22);
318 arg_confirm_spawn = r;
320 } else if (startswith(word, "systemd.crash_chvt=")) {
323 if (safe_atoi(word + 19, &k) < 0)
324 log_warning("Failed to parse crash chvt switch %s. Ignoring.", word + 19);
328 } else if (startswith(word, "systemd.show_status=")) {
331 if ((r = parse_boolean(word + 20)) < 0)
332 log_warning("Failed to parse show status switch %s. Ignoring.", word + 20);
335 } else if (startswith(word, "systemd.default_standard_output=")) {
338 if ((r = exec_output_from_string(word + 32)) < 0)
339 log_warning("Failed to parse default standard output switch %s. Ignoring.", word + 32);
341 arg_default_std_output = r;
342 } else if (startswith(word, "systemd.default_standard_error=")) {
345 if ((r = exec_output_from_string(word + 31)) < 0)
346 log_warning("Failed to parse default standard error switch %s. Ignoring.", word + 31);
348 arg_default_std_error = r;
349 } else if (startswith(word, "systemd.setenv=")) {
350 _cleanup_free_ char *cenv = NULL;
352 cenv = strdup(word + 15);
356 if (env_assignment_is_valid(cenv)) {
359 env = strv_env_set(arg_default_environment, cenv);
361 arg_default_environment = env;
363 log_warning("Setting environment variable '%s' failed, ignoring: %m", cenv);
365 log_warning("Environment variable name '%s' is not valid. Ignoring.", cenv);
367 } else if (startswith(word, "systemd.") ||
368 (in_initrd() && startswith(word, "rd.systemd."))) {
372 /* Ignore systemd.journald.xyz and friends */
374 if (startswith(c, "rd."))
376 if (startswith(c, "systemd."))
378 if (c[strcspn(c, ".=")] != '.') {
380 log_warning("Unknown kernel switch %s. Ignoring.", word);
382 log_info("Supported kernel switches:\n"
383 "systemd.unit=UNIT Default unit to start\n"
384 "rd.systemd.unit=UNIT Default unit to start when run in initrd\n"
385 "systemd.dump_core=0|1 Dump core on crash\n"
386 "systemd.crash_shell=0|1 Run shell on crash\n"
387 "systemd.crash_chvt=N Change to VT #N on crash\n"
388 "systemd.confirm_spawn=0|1 Confirm every process spawn\n"
389 "systemd.show_status=0|1 Show status updates on the console during bootup\n"
390 "systemd.log_target=console|kmsg|journal|journal-or-kmsg|syslog|syslog-or-kmsg|null\n"
392 "systemd.log_level=LEVEL Log level\n"
393 "systemd.log_color=0|1 Highlight important log messages\n"
394 "systemd.log_location=0|1 Include code location in log messages\n"
395 "systemd.default_standard_output=null|tty|syslog|syslog+console|kmsg|kmsg+console|journal|journal+console\n"
396 " Set default log output for services\n"
397 "systemd.default_standard_error=null|tty|syslog|syslog+console|kmsg|kmsg+console|journal|journal+console\n"
398 " Set default log error output for services\n"
399 "systemd.setenv=ASSIGNMENT Set an environment variable for all spawned processes\n");
402 } else if (streq(word, "quiet"))
403 arg_show_status = false;
404 else if (streq(word, "debug"))
405 log_set_max_level(LOG_DEBUG);
406 else if (!in_initrd()) {
409 /* SysV compatibility */
410 for (i = 0; i < ELEMENTSOF(rlmap); i += 2)
411 if (streq(word, rlmap[i]))
412 return set_default_unit(rlmap[i+1]);
418 #define DEFINE_SETTER(name, func, descr) \
419 static int name(const char *unit, \
420 const char *filename, \
422 const char *section, \
423 const char *lvalue, \
425 const char *rvalue, \
437 log_syntax(unit, LOG_ERR, filename, line, -r, \
438 "Invalid " descr "'%s': %s", \
439 rvalue, strerror(-r)); \
444 DEFINE_SETTER(config_parse_level2, log_set_max_level_from_string, "log level")
445 DEFINE_SETTER(config_parse_target, log_set_target_from_string, "target")
446 DEFINE_SETTER(config_parse_color, log_show_color_from_string, "color" )
447 DEFINE_SETTER(config_parse_location, log_show_location_from_string, "location")
450 static int config_parse_cpu_affinity2(const char *unit,
451 const char *filename,
470 FOREACH_WORD_QUOTED(w, l, rvalue, state) {
475 if (!(t = strndup(w, l)))
478 r = safe_atou(t, &cpu);
482 if (!(c = cpu_set_malloc(&ncpus)))
485 if (r < 0 || cpu >= ncpus) {
486 log_syntax(unit, LOG_ERR, filename, line, -r,
487 "Failed to parse CPU affinity '%s'", rvalue);
492 CPU_SET_S(cpu, CPU_ALLOC_SIZE(ncpus), c);
496 if (sched_setaffinity(0, CPU_ALLOC_SIZE(ncpus), c) < 0)
497 log_warning_unit(unit, "Failed to set CPU affinity: %m");
505 static void strv_free_free(char ***l) {
517 static void free_join_controllers(void) {
518 strv_free_free(arg_join_controllers);
519 arg_join_controllers = NULL;
522 static int config_parse_join_controllers(const char *unit,
523 const char *filename,
540 free_join_controllers();
542 FOREACH_WORD_QUOTED(w, length, rvalue, state) {
545 s = strndup(w, length);
549 l = strv_split(s, ",");
554 if (strv_length(l) <= 1) {
559 if (!arg_join_controllers) {
560 arg_join_controllers = new(char**, 2);
561 if (!arg_join_controllers) {
566 arg_join_controllers[0] = l;
567 arg_join_controllers[1] = NULL;
574 t = new0(char**, n+2);
582 for (a = arg_join_controllers; *a; a++) {
584 if (strv_overlap(*a, l)) {
587 c = strv_merge(*a, l);
610 t[n++] = strv_uniq(l);
612 strv_free_free(arg_join_controllers);
613 arg_join_controllers = t;
620 static int parse_config_file(void) {
622 const ConfigTableItem items[] = {
623 { "Manager", "LogLevel", config_parse_level2, 0, NULL },
624 { "Manager", "LogTarget", config_parse_target, 0, NULL },
625 { "Manager", "LogColor", config_parse_color, 0, NULL },
626 { "Manager", "LogLocation", config_parse_location, 0, NULL },
627 { "Manager", "DumpCore", config_parse_bool, 0, &arg_dump_core },
628 { "Manager", "CrashShell", config_parse_bool, 0, &arg_crash_shell },
629 { "Manager", "ShowStatus", config_parse_bool, 0, &arg_show_status },
630 { "Manager", "CrashChVT", config_parse_int, 0, &arg_crash_chvt },
631 { "Manager", "CPUAffinity", config_parse_cpu_affinity2, 0, NULL },
632 { "Manager", "DefaultStandardOutput", config_parse_output, 0, &arg_default_std_output },
633 { "Manager", "DefaultStandardError", config_parse_output, 0, &arg_default_std_error },
634 { "Manager", "JoinControllers", config_parse_join_controllers, 0, &arg_join_controllers },
635 { "Manager", "RuntimeWatchdogSec", config_parse_sec, 0, &arg_runtime_watchdog },
636 { "Manager", "ShutdownWatchdogSec", config_parse_sec, 0, &arg_shutdown_watchdog },
637 { "Manager", "CapabilityBoundingSet", config_parse_bounding_set, 0, &arg_capability_bounding_set_drop },
638 { "Manager", "TimerSlackNSec", config_parse_nsec, 0, &arg_timer_slack_nsec },
639 { "Manager", "DefaultEnvironment", config_parse_environ, 0, &arg_default_environment },
640 { "Manager", "DefaultLimitCPU", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CPU]},
641 { "Manager", "DefaultLimitFSIZE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_FSIZE]},
642 { "Manager", "DefaultLimitDATA", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_DATA]},
643 { "Manager", "DefaultLimitSTACK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_STACK]},
644 { "Manager", "DefaultLimitCORE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CORE]},
645 { "Manager", "DefaultLimitRSS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RSS]},
646 { "Manager", "DefaultLimitNOFILE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NOFILE]},
647 { "Manager", "DefaultLimitAS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_AS]},
648 { "Manager", "DefaultLimitNPROC", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NPROC]},
649 { "Manager", "DefaultLimitMEMLOCK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MEMLOCK]},
650 { "Manager", "DefaultLimitLOCKS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_LOCKS]},
651 { "Manager", "DefaultLimitSIGPENDING",config_parse_limit, 0, &arg_default_rlimit[RLIMIT_SIGPENDING]},
652 { "Manager", "DefaultLimitMSGQUEUE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MSGQUEUE]},
653 { "Manager", "DefaultLimitNICE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NICE]},
654 { "Manager", "DefaultLimitRTPRIO", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTPRIO]},
655 { "Manager", "DefaultLimitRTTIME", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTTIME]},
656 { NULL, NULL, NULL, 0, NULL }
659 _cleanup_fclose_ FILE *f;
663 fn = arg_running_as == SYSTEMD_SYSTEM ? PKGSYSCONFDIR "/system.conf" : PKGSYSCONFDIR "/user.conf";
669 log_warning("Failed to open configuration file '%s': %m", fn);
673 r = config_parse(NULL, fn, f, "Manager\0", config_item_table_lookup, (void*) items, false, false, NULL);
675 log_warning("Failed to parse configuration file: %s", strerror(-r));
680 static int parse_proc_cmdline(void) {
681 _cleanup_free_ char *line = NULL;
686 /* Don't read /proc/cmdline if we are in a container, since
687 * that is only relevant for the host system */
688 if (detect_container(NULL) > 0)
691 r = read_one_line_file("/proc/cmdline", &line);
693 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
697 FOREACH_WORD_QUOTED(w, l, line, state) {
698 _cleanup_free_ char *word;
700 word = strndup(w, l);
704 r = parse_proc_cmdline_word(word);
706 log_error("Failed on cmdline argument %s: %s", word, strerror(-r));
714 static int parse_argv(int argc, char *argv[]) {
717 ARG_LOG_LEVEL = 0x100,
726 ARG_DUMP_CONFIGURATION_ITEMS,
734 ARG_DEFAULT_STD_OUTPUT,
735 ARG_DEFAULT_STD_ERROR
738 static const struct option options[] = {
739 { "log-level", required_argument, NULL, ARG_LOG_LEVEL },
740 { "log-target", required_argument, NULL, ARG_LOG_TARGET },
741 { "log-color", optional_argument, NULL, ARG_LOG_COLOR },
742 { "log-location", optional_argument, NULL, ARG_LOG_LOCATION },
743 { "unit", required_argument, NULL, ARG_UNIT },
744 { "system", no_argument, NULL, ARG_SYSTEM },
745 { "user", no_argument, NULL, ARG_USER },
746 { "test", no_argument, NULL, ARG_TEST },
747 { "help", no_argument, NULL, 'h' },
748 { "version", no_argument, NULL, ARG_VERSION },
749 { "dump-configuration-items", no_argument, NULL, ARG_DUMP_CONFIGURATION_ITEMS },
750 { "dump-core", optional_argument, NULL, ARG_DUMP_CORE },
751 { "crash-shell", optional_argument, NULL, ARG_CRASH_SHELL },
752 { "confirm-spawn", optional_argument, NULL, ARG_CONFIRM_SPAWN },
753 { "show-status", optional_argument, NULL, ARG_SHOW_STATUS },
754 { "deserialize", required_argument, NULL, ARG_DESERIALIZE },
755 { "switched-root", no_argument, NULL, ARG_SWITCHED_ROOT },
756 { "introspect", optional_argument, NULL, ARG_INTROSPECT },
757 { "default-standard-output", required_argument, NULL, ARG_DEFAULT_STD_OUTPUT, },
758 { "default-standard-error", required_argument, NULL, ARG_DEFAULT_STD_ERROR, },
770 while ((c = getopt_long(argc, argv, "hDbsz:", options, NULL)) >= 0)
775 if ((r = log_set_max_level_from_string(optarg)) < 0) {
776 log_error("Failed to parse log level %s.", optarg);
784 if ((r = log_set_target_from_string(optarg)) < 0) {
785 log_error("Failed to parse log target %s.", optarg);
794 if ((r = log_show_color_from_string(optarg)) < 0) {
795 log_error("Failed to parse log color setting %s.", optarg);
799 log_show_color(true);
803 case ARG_LOG_LOCATION:
806 if ((r = log_show_location_from_string(optarg)) < 0) {
807 log_error("Failed to parse log location setting %s.", optarg);
811 log_show_location(true);
815 case ARG_DEFAULT_STD_OUTPUT:
817 if ((r = exec_output_from_string(optarg)) < 0) {
818 log_error("Failed to parse default standard output setting %s.", optarg);
821 arg_default_std_output = r;
824 case ARG_DEFAULT_STD_ERROR:
826 if ((r = exec_output_from_string(optarg)) < 0) {
827 log_error("Failed to parse default standard error output setting %s.", optarg);
830 arg_default_std_error = r;
835 if ((r = set_default_unit(optarg)) < 0) {
836 log_error("Failed to set default unit %s: %s", optarg, strerror(-r));
843 arg_running_as = SYSTEMD_SYSTEM;
847 arg_running_as = SYSTEMD_USER;
851 arg_action = ACTION_TEST;
855 arg_action = ACTION_VERSION;
858 case ARG_DUMP_CONFIGURATION_ITEMS:
859 arg_action = ACTION_DUMP_CONFIGURATION_ITEMS;
863 r = optarg ? parse_boolean(optarg) : 1;
865 log_error("Failed to parse dump core boolean %s.", optarg);
871 case ARG_CRASH_SHELL:
872 r = optarg ? parse_boolean(optarg) : 1;
874 log_error("Failed to parse crash shell boolean %s.", optarg);
880 case ARG_CONFIRM_SPAWN:
881 r = optarg ? parse_boolean(optarg) : 1;
883 log_error("Failed to parse confirm spawn boolean %s.", optarg);
886 arg_confirm_spawn = r;
889 case ARG_SHOW_STATUS:
890 r = optarg ? parse_boolean(optarg) : 1;
892 log_error("Failed to parse show status boolean %s.", optarg);
898 case ARG_DESERIALIZE: {
902 r = safe_atoi(optarg, &fd);
903 if (r < 0 || fd < 0) {
904 log_error("Failed to parse deserialize option %s.", optarg);
905 return r < 0 ? r : -EINVAL;
908 fd_cloexec(fd, true);
912 log_error("Failed to open serialization fd: %m");
917 fclose(serialization);
924 case ARG_SWITCHED_ROOT:
925 arg_switched_root = true;
928 case ARG_INTROSPECT: {
929 const char * const * i = NULL;
931 for (i = bus_interface_table; *i; i += 2)
932 if (!optarg || streq(i[0], optarg)) {
933 fputs(DBUS_INTROSPECT_1_0_XML_DOCTYPE_DECL_NODE
936 fputs("</node>\n", stdout);
943 log_error("Unknown interface %s.", optarg);
945 arg_action = ACTION_DONE;
950 arg_action = ACTION_HELP;
954 log_set_max_level(LOG_DEBUG);
960 /* Just to eat away the sysvinit kernel
961 * cmdline args without getopt() error
962 * messages that we'll parse in
963 * parse_proc_cmdline_word() or ignore. */
968 log_error("Unknown option code %c", c);
975 if (optind < argc && getpid() != 1) {
976 /* Hmm, when we aren't run as init system
977 * let's complain about excess arguments */
979 log_error("Excess arguments.");
983 if (detect_container(NULL) > 0) {
986 /* All /proc/cmdline arguments the kernel didn't
987 * understand it passed to us. We're not really
988 * interested in that usually since /proc/cmdline is
989 * more interesting and complete. With one exception:
990 * if we are run in a container /proc/cmdline is not
991 * relevant for the container, hence we rely on argv[]
994 for (a = argv; a < argv + argc; a++)
995 if ((r = parse_proc_cmdline_word(*a)) < 0) {
996 log_error("Failed on cmdline argument %s: %s", *a, strerror(-r));
1004 static int help(void) {
1006 printf("%s [OPTIONS...]\n\n"
1007 "Starts up and maintains the system or user services.\n\n"
1008 " -h --help Show this help\n"
1009 " --test Determine startup sequence, dump it and exit\n"
1010 " --dump-configuration-items Dump understood unit configuration items\n"
1011 " --introspect[=INTERFACE] Extract D-Bus interface data\n"
1012 " --unit=UNIT Set default unit\n"
1013 " --system Run a system instance, even if PID != 1\n"
1014 " --user Run a user instance\n"
1015 " --dump-core[=0|1] Dump core on crash\n"
1016 " --crash-shell[=0|1] Run shell on crash\n"
1017 " --confirm-spawn[=0|1] Ask for confirmation when spawning processes\n"
1018 " --show-status[=0|1] Show status updates on the console during bootup\n"
1019 " --log-target=TARGET Set log target (console, journal, syslog, kmsg, journal-or-kmsg, syslog-or-kmsg, null)\n"
1020 " --log-level=LEVEL Set log level (debug, info, notice, warning, err, crit, alert, emerg)\n"
1021 " --log-color[=0|1] Highlight important log messages\n"
1022 " --log-location[=0|1] Include code location in log messages\n"
1023 " --default-standard-output= Set default standard output for services\n"
1024 " --default-standard-error= Set default standard error output for services\n",
1025 program_invocation_short_name);
1030 static int version(void) {
1031 puts(PACKAGE_STRING);
1032 puts(SYSTEMD_FEATURES);
1037 static int prepare_reexecute(Manager *m, FILE **_f, FDSet **_fds, bool switching_root) {
1046 r = manager_open_serialization(m, &f);
1048 log_error("Failed to create serialization file: %s", strerror(-r));
1052 /* Make sure nothing is really destructed when we shut down */
1054 bus_broadcast_reloading(m, true);
1059 log_error("Failed to allocate fd set: %s", strerror(-r));
1063 r = manager_serialize(m, f, fds, switching_root);
1065 log_error("Failed to serialize state: %s", strerror(-r));
1069 if (fseeko(f, 0, SEEK_SET) < 0) {
1070 log_error("Failed to rewind serialization fd: %m");
1074 r = fd_cloexec(fileno(f), false);
1076 log_error("Failed to disable O_CLOEXEC for serialization: %s", strerror(-r));
1080 r = fdset_cloexec(fds, false);
1082 log_error("Failed to disable O_CLOEXEC for serialization fds: %s", strerror(-r));
1100 static int bump_rlimit_nofile(struct rlimit *saved_rlimit) {
1104 assert(saved_rlimit);
1106 /* Save the original RLIMIT_NOFILE so that we can reset it
1107 * later when transitioning from the initrd to the main
1108 * systemd or suchlike. */
1109 if (getrlimit(RLIMIT_NOFILE, saved_rlimit) < 0) {
1110 log_error("Reading RLIMIT_NOFILE failed: %m");
1114 /* Make sure forked processes get the default kernel setting */
1115 if (!arg_default_rlimit[RLIMIT_NOFILE]) {
1118 rl = newdup(struct rlimit, saved_rlimit, 1);
1122 arg_default_rlimit[RLIMIT_NOFILE] = rl;
1125 /* Bump up the resource limit for ourselves substantially */
1126 nl.rlim_cur = nl.rlim_max = 64*1024;
1127 r = setrlimit_closest(RLIMIT_NOFILE, &nl);
1129 log_error("Setting RLIMIT_NOFILE failed: %s", strerror(-r));
1136 static void test_mtab(void) {
1139 /* Check that /etc/mtab is a symlink */
1141 if (readlink_malloc("/etc/mtab", &p) >= 0) {
1144 b = streq(p, "/proc/self/mounts") || streq(p, "/proc/mounts");
1151 log_warning("/etc/mtab is not a symlink or not pointing to /proc/self/mounts. "
1152 "This is not supported anymore. "
1153 "Please make sure to replace this file by a symlink to avoid incorrect or misleading mount(8) output.");
1156 static void test_usr(void) {
1158 /* Check that /usr is not a separate fs */
1160 if (dir_is_empty("/usr") <= 0)
1163 log_warning("/usr appears to be on its own filesytem and is not already mounted. This is not a supported setup. "
1164 "Some things will probably break (sometimes even silently) in mysterious ways. "
1165 "Consult http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken for more information.");
1168 static void test_cgroups(void) {
1170 if (access("/proc/cgroups", F_OK) >= 0)
1173 log_warning("CONFIG_CGROUPS was not set when your kernel was compiled. "
1174 "Systems without control groups are not supported. "
1175 "We will now sleep for 10s, and then continue boot-up. "
1176 "Expect breakage and please do not file bugs. "
1177 "Instead fix your kernel and enable CONFIG_CGROUPS. "
1178 "Consult http://0pointer.de/blog/projects/cgroups-vs-cgroups.html for more information.");
1183 static int initialize_join_controllers(void) {
1184 /* By default, mount "cpu" + "cpuacct" together, and "net_cls"
1185 * + "net_prio". We'd like to add "cpuset" to the mix, but
1186 * "cpuset" does't really work for groups with no initialized
1189 arg_join_controllers = new(char**, 3);
1190 if (!arg_join_controllers)
1193 arg_join_controllers[0] = strv_new("cpu", "cpuacct", NULL);
1194 arg_join_controllers[1] = strv_new("net_cls", "net_prio", NULL);
1195 arg_join_controllers[2] = NULL;
1197 if (!arg_join_controllers[0] || !arg_join_controllers[1]) {
1198 free_join_controllers();
1205 int main(int argc, char *argv[]) {
1207 int r, retval = EXIT_FAILURE;
1208 usec_t before_startup, after_startup;
1209 char timespan[FORMAT_TIMESPAN_MAX];
1211 bool reexecute = false;
1212 const char *shutdown_verb = NULL;
1213 dual_timestamp initrd_timestamp = { 0ULL, 0ULL };
1214 dual_timestamp userspace_timestamp = { 0ULL, 0ULL };
1215 dual_timestamp kernel_timestamp = { 0ULL, 0ULL };
1216 static char systemd[] = "systemd";
1217 bool skip_setup = false;
1219 bool loaded_policy = false;
1220 bool arm_reboot_watchdog = false;
1221 bool queue_default_job = false;
1222 char *switch_root_dir = NULL, *switch_root_init = NULL;
1223 static struct rlimit saved_rlimit_nofile = { 0, 0 };
1225 #ifdef HAVE_SYSV_COMPAT
1226 if (getpid() != 1 && strstr(program_invocation_short_name, "init")) {
1227 /* This is compatibility support for SysV, where
1228 * calling init as a user is identical to telinit. */
1231 execv(SYSTEMCTL_BINARY_PATH, argv);
1232 log_error("Failed to exec " SYSTEMCTL_BINARY_PATH ": %m");
1237 dual_timestamp_from_monotonic(&kernel_timestamp, 0);
1238 dual_timestamp_get(&userspace_timestamp);
1240 /* Determine if this is a reexecution or normal bootup. We do
1241 * the full command line parsing much later, so let's just
1242 * have a quick peek here. */
1243 if (strv_find(argv+1, "--deserialize"))
1246 /* If we have switched root, do all the special setup
1248 if (strv_find(argv+1, "--switched-root"))
1251 /* If we get started via the /sbin/init symlink then we are
1252 called 'init'. After a subsequent reexecution we are then
1253 called 'systemd'. That is confusing, hence let's call us
1254 systemd right-away. */
1255 program_invocation_short_name = systemd;
1256 prctl(PR_SET_NAME, systemd);
1261 log_show_color(isatty(STDERR_FILENO) > 0);
1263 if (getpid() == 1 && detect_container(NULL) <= 0) {
1265 /* Running outside of a container as PID 1 */
1266 arg_running_as = SYSTEMD_SYSTEM;
1268 log_set_target(LOG_TARGET_KMSG);
1272 initrd_timestamp = userspace_timestamp;
1275 mount_setup_early();
1276 if (selinux_setup(&loaded_policy) < 0)
1278 if (ima_setup() < 0)
1280 if (smack_setup() < 0)
1284 if (label_init(NULL) < 0)
1288 if (hwclock_is_localtime() > 0) {
1291 /* The first-time call to settimeofday() does a time warp in the kernel */
1292 r = hwclock_set_timezone(&min);
1294 log_error("Failed to apply local time delta, ignoring: %s", strerror(-r));
1296 log_info("RTC configured in localtime, applying delta of %i minutes to system time.", min);
1297 } else if (!in_initrd()) {
1299 * Do dummy first-time call to seal the kernel's time warp magic
1301 * Do not call this this from inside the initrd. The initrd might not
1302 * carry /etc/adjtime with LOCAL, but the real system could be set up
1303 * that way. In such case, we need to delay the time-warp or the sealing
1304 * until we reach the real system.
1306 hwclock_reset_timezone();
1308 /* Tell the kernel our timezone */
1309 r = hwclock_set_timezone(NULL);
1311 log_error("Failed to set the kernel's timezone, ignoring: %s", strerror(-r));
1315 /* Set the default for later on, but don't actually
1316 * open the logs like this for now. Note that if we
1317 * are transitioning from the initrd there might still
1318 * be journal fd open, and we shouldn't attempt
1319 * opening that before we parsed /proc/cmdline which
1320 * might redirect output elsewhere. */
1321 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
1323 } else if (getpid() == 1) {
1324 /* Running inside a container, as PID 1 */
1325 arg_running_as = SYSTEMD_SYSTEM;
1326 log_set_target(LOG_TARGET_CONSOLE);
1329 /* For the later on, see above... */
1330 log_set_target(LOG_TARGET_JOURNAL);
1332 /* clear the kernel timestamp,
1333 * because we are in a container */
1334 kernel_timestamp.monotonic = 0ULL;
1335 kernel_timestamp.realtime = 0ULL;
1338 /* Running as user instance */
1339 arg_running_as = SYSTEMD_USER;
1340 log_set_target(LOG_TARGET_AUTO);
1343 /* clear the kernel timestamp,
1344 * because we are not PID 1 */
1345 kernel_timestamp.monotonic = 0ULL;
1346 kernel_timestamp.realtime = 0ULL;
1349 /* Initialize default unit */
1350 r = set_default_unit(SPECIAL_DEFAULT_TARGET);
1352 log_error("Failed to set default unit %s: %s", SPECIAL_DEFAULT_TARGET, strerror(-r));
1356 r = initialize_join_controllers();
1360 /* Mount /proc, /sys and friends, so that /proc/cmdline and
1361 * /proc/$PID/fd is available. */
1362 if (getpid() == 1) {
1363 r = mount_setup(loaded_policy);
1368 /* Reset all signal handlers. */
1369 assert_se(reset_all_signal_handlers() == 0);
1371 ignore_signals(SIGNALS_IGNORE, -1);
1373 if (parse_config_file() < 0)
1376 if (arg_running_as == SYSTEMD_SYSTEM)
1377 if (parse_proc_cmdline() < 0)
1380 log_parse_environment();
1382 if (parse_argv(argc, argv) < 0)
1385 if (arg_action == ACTION_TEST &&
1387 log_error("Don't run test mode as root.");
1391 if (arg_running_as == SYSTEMD_USER &&
1392 arg_action == ACTION_RUN &&
1394 log_error("Trying to run as user instance, but the system has not been booted with systemd.");
1398 if (arg_running_as == SYSTEMD_SYSTEM &&
1399 arg_action == ACTION_RUN &&
1400 running_in_chroot() > 0) {
1401 log_error("Cannot be run in a chroot() environment.");
1405 if (arg_action == ACTION_HELP) {
1408 } else if (arg_action == ACTION_VERSION) {
1411 } else if (arg_action == ACTION_DUMP_CONFIGURATION_ITEMS) {
1412 unit_dump_config_items(stdout);
1413 retval = EXIT_SUCCESS;
1415 } else if (arg_action == ACTION_DONE) {
1416 retval = EXIT_SUCCESS;
1420 assert_se(arg_action == ACTION_RUN || arg_action == ACTION_TEST);
1422 /* Close logging fds, in order not to confuse fdset below */
1425 /* Remember open file descriptors for later deserialization */
1426 r = fdset_new_fill(&fds);
1428 log_error("Failed to allocate fd set: %s", strerror(-r));
1431 fdset_cloexec(fds, true);
1434 assert_se(fdset_remove(fds, fileno(serialization)) >= 0);
1436 if (arg_running_as == SYSTEMD_SYSTEM) {
1437 /* Become a session leader if we aren't one yet. */
1440 /* Disable the umask logic */
1444 /* Move out of the way, so that we won't block unmounts */
1445 assert_se(chdir("/") == 0);
1447 /* Make sure D-Bus doesn't fiddle with the SIGPIPE handlers */
1448 dbus_connection_set_change_sigpipe(FALSE);
1450 /* Reset the console, but only if this is really init and we
1451 * are freshly booted */
1452 if (arg_running_as == SYSTEMD_SYSTEM && arg_action == ACTION_RUN)
1453 console_setup(getpid() == 1 && !skip_setup);
1455 /* Open the logging devices, if possible and necessary */
1458 /* Make sure we leave a core dump without panicing the
1460 if (getpid() == 1) {
1461 install_crash_handler();
1463 r = mount_cgroup_controllers(arg_join_controllers);
1468 if (arg_running_as == SYSTEMD_SYSTEM) {
1469 const char *virtualization = NULL;
1471 log_info(PACKAGE_STRING " running in system mode. (" SYSTEMD_FEATURES ")");
1473 detect_virtualization(&virtualization);
1475 log_info("Detected virtualization '%s'.", virtualization);
1478 log_info("Running in initial RAM disk.");
1481 log_debug(PACKAGE_STRING " running in user mode. (" SYSTEMD_FEATURES ")");
1483 if (arg_running_as == SYSTEMD_SYSTEM && !skip_setup) {
1484 if (arg_show_status || plymouth_running())
1499 if (arg_running_as == SYSTEMD_SYSTEM && arg_runtime_watchdog > 0)
1500 watchdog_set_timeout(&arg_runtime_watchdog);
1502 if (arg_timer_slack_nsec != (nsec_t) -1)
1503 if (prctl(PR_SET_TIMERSLACK, arg_timer_slack_nsec) < 0)
1504 log_error("Failed to adjust timer slack: %m");
1506 if (arg_capability_bounding_set_drop) {
1507 r = capability_bounding_set_drop(arg_capability_bounding_set_drop, true);
1509 log_error("Failed to drop capability bounding set: %s", strerror(-r));
1512 r = capability_bounding_set_drop_usermode(arg_capability_bounding_set_drop);
1514 log_error("Failed to drop capability bounding set of usermode helpers: %s", strerror(-r));
1519 if (arg_running_as == SYSTEMD_USER) {
1520 /* Become reaper of our children */
1521 if (prctl(PR_SET_CHILD_SUBREAPER, 1) < 0) {
1522 log_warning("Failed to make us a subreaper: %m");
1523 if (errno == EINVAL)
1524 log_info("Perhaps the kernel version is too old (< 3.4?)");
1528 if (arg_running_as == SYSTEMD_SYSTEM)
1529 bump_rlimit_nofile(&saved_rlimit_nofile);
1531 r = manager_new(arg_running_as, !!serialization, &m);
1533 log_error("Failed to allocate manager object: %s", strerror(-r));
1537 m->confirm_spawn = arg_confirm_spawn;
1538 m->default_std_output = arg_default_std_output;
1539 m->default_std_error = arg_default_std_error;
1540 m->runtime_watchdog = arg_runtime_watchdog;
1541 m->shutdown_watchdog = arg_shutdown_watchdog;
1542 m->userspace_timestamp = userspace_timestamp;
1543 m->kernel_timestamp = kernel_timestamp;
1544 m->initrd_timestamp = initrd_timestamp;
1546 manager_set_default_rlimits(m, arg_default_rlimit);
1548 if (arg_default_environment)
1549 manager_environment_add(m, arg_default_environment);
1551 manager_set_show_status(m, arg_show_status);
1553 /* Remember whether we should queue the default job */
1554 queue_default_job = !serialization || arg_switched_root;
1556 before_startup = now(CLOCK_MONOTONIC);
1558 r = manager_startup(m, serialization, fds);
1560 log_error("Failed to fully start up daemon: %s", strerror(-r));
1562 /* This will close all file descriptors that were opened, but
1563 * not claimed by any unit. */
1566 if (serialization) {
1567 fclose(serialization);
1568 serialization = NULL;
1571 if (queue_default_job) {
1573 Unit *target = NULL;
1574 Job *default_unit_job;
1576 dbus_error_init(&error);
1578 log_debug("Activating default unit: %s", arg_default_unit);
1580 r = manager_load_unit(m, arg_default_unit, NULL, &error, &target);
1582 log_error("Failed to load default target: %s", bus_error(&error, r));
1583 dbus_error_free(&error);
1584 } else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND)
1585 log_error("Failed to load default target: %s", strerror(-target->load_error));
1586 else if (target->load_state == UNIT_MASKED)
1587 log_error("Default target masked.");
1589 if (!target || target->load_state != UNIT_LOADED) {
1590 log_info("Trying to load rescue target...");
1592 r = manager_load_unit(m, SPECIAL_RESCUE_TARGET, NULL, &error, &target);
1594 log_error("Failed to load rescue target: %s", bus_error(&error, r));
1595 dbus_error_free(&error);
1597 } else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND) {
1598 log_error("Failed to load rescue target: %s", strerror(-target->load_error));
1600 } else if (target->load_state == UNIT_MASKED) {
1601 log_error("Rescue target masked.");
1606 assert(target->load_state == UNIT_LOADED);
1608 if (arg_action == ACTION_TEST) {
1609 printf("-> By units:\n");
1610 manager_dump_units(m, stdout, "\t");
1613 r = manager_add_job(m, JOB_START, target, JOB_ISOLATE, false, &error, &default_unit_job);
1615 log_debug("Default target could not be isolated, starting instead: %s", bus_error(&error, r));
1616 dbus_error_free(&error);
1618 r = manager_add_job(m, JOB_START, target, JOB_REPLACE, false, &error, &default_unit_job);
1620 log_error("Failed to start default target: %s", bus_error(&error, r));
1621 dbus_error_free(&error);
1625 log_error("Failed to isolate default target: %s", bus_error(&error, r));
1626 dbus_error_free(&error);
1630 m->default_unit_job_id = default_unit_job->id;
1632 after_startup = now(CLOCK_MONOTONIC);
1633 log_full(arg_action == ACTION_TEST ? LOG_INFO : LOG_DEBUG,
1634 "Loaded units and determined initial transaction in %s.",
1635 format_timespan(timespan, sizeof(timespan), after_startup - before_startup, 0));
1637 if (arg_action == ACTION_TEST) {
1638 printf("-> By jobs:\n");
1639 manager_dump_jobs(m, stdout, "\t");
1640 retval = EXIT_SUCCESS;
1646 r = manager_loop(m);
1648 log_error("Failed to run mainloop: %s", strerror(-r));
1652 switch (m->exit_code) {
1655 retval = EXIT_SUCCESS;
1659 case MANAGER_RELOAD:
1660 log_info("Reloading.");
1661 r = manager_reload(m);
1663 log_error("Failed to reload: %s", strerror(-r));
1666 case MANAGER_REEXECUTE:
1668 if (prepare_reexecute(m, &serialization, &fds, false) < 0)
1672 log_notice("Reexecuting.");
1675 case MANAGER_SWITCH_ROOT:
1676 /* Steal the switch root parameters */
1677 switch_root_dir = m->switch_root;
1678 switch_root_init = m->switch_root_init;
1679 m->switch_root = m->switch_root_init = NULL;
1681 if (!switch_root_init)
1682 if (prepare_reexecute(m, &serialization, &fds, true) < 0)
1686 log_notice("Switching root.");
1689 case MANAGER_REBOOT:
1690 case MANAGER_POWEROFF:
1692 case MANAGER_KEXEC: {
1693 static const char * const table[_MANAGER_EXIT_CODE_MAX] = {
1694 [MANAGER_REBOOT] = "reboot",
1695 [MANAGER_POWEROFF] = "poweroff",
1696 [MANAGER_HALT] = "halt",
1697 [MANAGER_KEXEC] = "kexec"
1700 assert_se(shutdown_verb = table[m->exit_code]);
1701 arm_reboot_watchdog = m->exit_code == MANAGER_REBOOT;
1703 log_notice("Shutting down.");
1708 assert_not_reached("Unknown exit code.");
1716 for (j = 0; j < RLIMIT_NLIMITS; j++)
1717 free(arg_default_rlimit[j]);
1719 free(arg_default_unit);
1720 free_join_controllers();
1727 unsigned i, args_size;
1729 /* Close and disarm the watchdog, so that the new
1730 * instance can reinitialize it, but doesn't get
1731 * rebooted while we do that */
1732 watchdog_close(true);
1734 /* Reset the RLIMIT_NOFILE to the kernel default, so
1735 * that the new systemd can pass the kernel default to
1736 * its child processes */
1737 if (saved_rlimit_nofile.rlim_cur > 0)
1738 setrlimit(RLIMIT_NOFILE, &saved_rlimit_nofile);
1740 if (switch_root_dir) {
1741 /* Kill all remaining processes from the
1742 * initrd, but don't wait for them, so that we
1743 * can handle the SIGCHLD for them after
1745 broadcast_signal(SIGTERM, false);
1747 /* And switch root */
1748 r = switch_root(switch_root_dir);
1750 log_error("Failed to switch root, ignoring: %s", strerror(-r));
1753 args_size = MAX(6, argc+1);
1754 args = newa(const char*, args_size);
1756 if (!switch_root_init) {
1759 /* First try to spawn ourselves with the right
1760 * path, and with full serialization. We do
1761 * this only if the user didn't specify an
1762 * explicit init to spawn. */
1764 assert(serialization);
1767 snprintf(sfd, sizeof(sfd), "%i", fileno(serialization));
1771 args[i++] = SYSTEMD_BINARY_PATH;
1772 if (switch_root_dir)
1773 args[i++] = "--switched-root";
1774 args[i++] = arg_running_as == SYSTEMD_SYSTEM ? "--system" : "--user";
1775 args[i++] = "--deserialize";
1779 assert(i <= args_size);
1780 execv(args[0], (char* const*) args);
1783 /* Try the fallback, if there is any, without any
1784 * serialization. We pass the original argv[] and
1785 * envp[]. (Well, modulo the ordering changes due to
1786 * getopt() in argv[], and some cleanups in envp[],
1787 * but let's hope that doesn't matter.) */
1789 if (serialization) {
1790 fclose(serialization);
1791 serialization = NULL;
1799 /* Reopen the console */
1800 make_console_stdio();
1802 for (j = 1, i = 1; j < argc; j++)
1803 args[i++] = argv[j];
1805 assert(i <= args_size);
1807 if (switch_root_init) {
1808 args[0] = switch_root_init;
1809 execv(args[0], (char* const*) args);
1810 log_warning("Failed to execute configured init, trying fallback: %m");
1813 args[0] = "/sbin/init";
1814 execv(args[0], (char* const*) args);
1816 if (errno == ENOENT) {
1817 log_warning("No /sbin/init, trying fallback");
1819 args[0] = "/bin/sh";
1821 execv(args[0], (char* const*) args);
1822 log_error("Failed to execute /bin/sh, giving up: %m");
1824 log_warning("Failed to execute /sbin/init, giving up: %m");
1828 fclose(serialization);
1833 if (shutdown_verb) {
1834 const char * command_line[] = {
1835 SYSTEMD_SHUTDOWN_BINARY_PATH,
1841 if (arm_reboot_watchdog && arg_shutdown_watchdog > 0) {
1844 /* If we reboot let's set the shutdown
1845 * watchdog and tell the shutdown binary to
1846 * repeatedly ping it */
1847 watchdog_set_timeout(&arg_shutdown_watchdog);
1848 watchdog_close(false);
1850 /* Tell the binary how often to ping */
1851 snprintf(e, sizeof(e), "WATCHDOG_USEC=%llu", (unsigned long long) arg_shutdown_watchdog);
1854 env_block = strv_append(environ, e);
1856 env_block = strv_copy(environ);
1857 watchdog_close(true);
1860 /* Avoid the creation of new processes forked by the
1861 * kernel; at this point, we will not listen to the
1863 if (detect_container(NULL) <= 0)
1864 cg_uninstall_release_agent(SYSTEMD_CGROUP_CONTROLLER);
1866 execve(SYSTEMD_SHUTDOWN_BINARY_PATH, (char **) command_line, env_block);
1868 log_error("Failed to execute shutdown binary, freezing: %m");