1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <dbus/dbus.h>
28 #include <sys/types.h>
34 #include <sys/prctl.h>
35 #include <sys/mount.h>
39 #include "load-fragment.h"
42 #include "conf-parser.h"
43 #include "bus-errors.h"
51 #include "path-util.h"
52 #include "switch-root.h"
53 #include "capability.h"
55 #include "mount-setup.h"
56 #include "loopback-setup.h"
57 #include "kmod-setup.h"
58 #include "hostname-setup.h"
59 #include "machine-id-setup.h"
60 #include "locale-setup.h"
62 #include "selinux-setup.h"
63 #include "ima-setup.h"
69 ACTION_DUMP_CONFIGURATION_ITEMS,
71 } arg_action = ACTION_RUN;
73 static char *arg_default_unit = NULL;
74 static ManagerRunningAs arg_running_as = _MANAGER_RUNNING_AS_INVALID;
76 static bool arg_dump_core = true;
77 static bool arg_crash_shell = false;
78 static int arg_crash_chvt = -1;
79 static bool arg_confirm_spawn = false;
80 static bool arg_show_status = true;
81 static bool arg_switched_root = false;
82 #ifdef HAVE_SYSV_COMPAT
83 static bool arg_sysv_console = true;
85 static char **arg_default_controllers = NULL;
86 static char ***arg_join_controllers = NULL;
87 static ExecOutput arg_default_std_output = EXEC_OUTPUT_JOURNAL;
88 static ExecOutput arg_default_std_error = EXEC_OUTPUT_INHERIT;
89 static usec_t arg_runtime_watchdog = 0;
90 static usec_t arg_shutdown_watchdog = 10 * USEC_PER_MINUTE;
91 static struct rlimit *arg_default_rlimit[RLIMIT_NLIMITS] = {};
92 static uint64_t arg_capability_bounding_set_drop = 0;
94 static FILE* serialization = NULL;
96 static void nop_handler(int sig) {
99 _noreturn_ static void crash(int sig) {
102 log_error("Caught <%s>, not dumping core.", signal_to_string(sig));
107 /* We want to wait for the core process, hence let's enable SIGCHLD */
109 sa.sa_handler = nop_handler;
110 sa.sa_flags = SA_NOCLDSTOP|SA_RESTART;
111 assert_se(sigaction(SIGCHLD, &sa, NULL) == 0);
113 if ((pid = fork()) < 0)
114 log_error("Caught <%s>, cannot fork for core dump: %s", signal_to_string(sig), strerror(errno));
119 /* Enable default signal handler for core dump */
121 sa.sa_handler = SIG_DFL;
122 assert_se(sigaction(sig, &sa, NULL) == 0);
124 /* Don't limit the core dump size */
126 rl.rlim_cur = RLIM_INFINITY;
127 rl.rlim_max = RLIM_INFINITY;
128 setrlimit(RLIMIT_CORE, &rl);
130 /* Just to be sure... */
131 assert_se(chdir("/") == 0);
133 /* Raise the signal again */
136 assert_not_reached("We shouldn't be here...");
143 /* Order things nicely. */
144 if ((r = wait_for_terminate(pid, &status)) < 0)
145 log_error("Caught <%s>, waitpid() failed: %s", signal_to_string(sig), strerror(-r));
146 else if (status.si_code != CLD_DUMPED)
147 log_error("Caught <%s>, core dump failed.", signal_to_string(sig));
149 log_error("Caught <%s>, dumped core as pid %lu.", signal_to_string(sig), (unsigned long) pid);
154 chvt(arg_crash_chvt);
156 if (arg_crash_shell) {
160 log_info("Executing crash shell in 10s...");
163 /* Let the kernel reap children for us */
165 sa.sa_handler = SIG_IGN;
166 sa.sa_flags = SA_NOCLDSTOP|SA_NOCLDWAIT|SA_RESTART;
167 assert_se(sigaction(SIGCHLD, &sa, NULL) == 0);
169 if ((pid = fork()) < 0)
170 log_error("Failed to fork off crash shell: %s", strerror(errno));
174 if ((fd = acquire_terminal("/dev/console", false, true, true)) < 0)
175 log_error("Failed to acquire terminal: %s", strerror(-fd));
176 else if ((r = make_stdio(fd)) < 0)
177 log_error("Failed to duplicate terminal fd: %s", strerror(-r));
179 execl("/bin/sh", "/bin/sh", NULL);
181 log_error("execl() failed: %s", strerror(errno));
185 log_info("Successfully spawned crash shell as pid %lu.", (unsigned long) pid);
188 log_info("Freezing execution.");
192 static void install_crash_handler(void) {
197 sa.sa_handler = crash;
198 sa.sa_flags = SA_NODEFER;
200 sigaction_many(&sa, SIGNALS_CRASH_HANDLER, -1);
203 static int console_setup(bool do_reset) {
206 /* If we are init, we connect stdin/stdout/stderr to /dev/null
207 * and make sure we don't have a controlling tty. */
214 tty_fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
216 log_error("Failed to open /dev/console: %s", strerror(-tty_fd));
220 /* We don't want to force text mode.
221 * plymouth may be showing pictures already from initrd. */
222 r = reset_terminal_fd(tty_fd, false);
224 log_error("Failed to reset /dev/console: %s", strerror(-r));
226 close_nointr_nofail(tty_fd);
230 static int set_default_unit(const char *u) {
239 free(arg_default_unit);
240 arg_default_unit = c;
245 static int parse_proc_cmdline_word(const char *word) {
247 static const char * const rlmap[] = {
248 "emergency", SPECIAL_EMERGENCY_TARGET,
249 "-b", SPECIAL_EMERGENCY_TARGET,
250 "single", SPECIAL_RESCUE_TARGET,
251 "-s", SPECIAL_RESCUE_TARGET,
252 "s", SPECIAL_RESCUE_TARGET,
253 "S", SPECIAL_RESCUE_TARGET,
254 "1", SPECIAL_RESCUE_TARGET,
255 "2", SPECIAL_RUNLEVEL2_TARGET,
256 "3", SPECIAL_RUNLEVEL3_TARGET,
257 "4", SPECIAL_RUNLEVEL4_TARGET,
258 "5", SPECIAL_RUNLEVEL5_TARGET,
263 if (startswith(word, "systemd.unit=")) {
266 return set_default_unit(word + 13);
268 } else if (startswith(word, "rd.systemd.unit=")) {
271 return set_default_unit(word + 16);
273 } else if (startswith(word, "systemd.log_target=")) {
275 if (log_set_target_from_string(word + 19) < 0)
276 log_warning("Failed to parse log target %s. Ignoring.", word + 19);
278 } else if (startswith(word, "systemd.log_level=")) {
280 if (log_set_max_level_from_string(word + 18) < 0)
281 log_warning("Failed to parse log level %s. Ignoring.", word + 18);
283 } else if (startswith(word, "systemd.log_color=")) {
285 if (log_show_color_from_string(word + 18) < 0)
286 log_warning("Failed to parse log color setting %s. Ignoring.", word + 18);
288 } else if (startswith(word, "systemd.log_location=")) {
290 if (log_show_location_from_string(word + 21) < 0)
291 log_warning("Failed to parse log location setting %s. Ignoring.", word + 21);
293 } else if (startswith(word, "systemd.dump_core=")) {
296 if ((r = parse_boolean(word + 18)) < 0)
297 log_warning("Failed to parse dump core switch %s. Ignoring.", word + 18);
301 } else if (startswith(word, "systemd.crash_shell=")) {
304 if ((r = parse_boolean(word + 20)) < 0)
305 log_warning("Failed to parse crash shell switch %s. Ignoring.", word + 20);
309 } else if (startswith(word, "systemd.confirm_spawn=")) {
312 if ((r = parse_boolean(word + 22)) < 0)
313 log_warning("Failed to parse confirm spawn switch %s. Ignoring.", word + 22);
315 arg_confirm_spawn = r;
317 } else if (startswith(word, "systemd.crash_chvt=")) {
320 if (safe_atoi(word + 19, &k) < 0)
321 log_warning("Failed to parse crash chvt switch %s. Ignoring.", word + 19);
325 } else if (startswith(word, "systemd.show_status=")) {
328 if ((r = parse_boolean(word + 20)) < 0)
329 log_warning("Failed to parse show status switch %s. Ignoring.", word + 20);
332 } else if (startswith(word, "systemd.default_standard_output=")) {
335 if ((r = exec_output_from_string(word + 32)) < 0)
336 log_warning("Failed to parse default standard output switch %s. Ignoring.", word + 32);
338 arg_default_std_output = r;
339 } else if (startswith(word, "systemd.default_standard_error=")) {
342 if ((r = exec_output_from_string(word + 31)) < 0)
343 log_warning("Failed to parse default standard error switch %s. Ignoring.", word + 31);
345 arg_default_std_error = r;
346 } else if (startswith(word, "systemd.setenv=")) {
350 cenv = strdup(word + 15);
354 eq = strchr(cenv, '=');
358 log_warning("unsetenv failed %s. Ignoring.", strerror(errno));
361 r = setenv(cenv, eq + 1, 1);
363 log_warning("setenv failed %s. Ignoring.", strerror(errno));
366 #ifdef HAVE_SYSV_COMPAT
367 } else if (startswith(word, "systemd.sysv_console=")) {
370 if ((r = parse_boolean(word + 21)) < 0)
371 log_warning("Failed to parse SysV console switch %s. Ignoring.", word + 20);
373 arg_sysv_console = r;
376 } else if (startswith(word, "systemd.")) {
378 log_warning("Unknown kernel switch %s. Ignoring.", word);
380 log_info("Supported kernel switches:\n"
381 "systemd.unit=UNIT Default unit to start\n"
382 "rd.systemd.unit=UNIT Default unit to start when run in initrd\n"
383 "systemd.dump_core=0|1 Dump core on crash\n"
384 "systemd.crash_shell=0|1 Run shell on crash\n"
385 "systemd.crash_chvt=N Change to VT #N on crash\n"
386 "systemd.confirm_spawn=0|1 Confirm every process spawn\n"
387 "systemd.show_status=0|1 Show status updates on the console during bootup\n"
388 #ifdef HAVE_SYSV_COMPAT
389 "systemd.sysv_console=0|1 Connect output of SysV scripts to console\n"
391 "systemd.log_target=console|kmsg|journal|journal-or-kmsg|syslog|syslog-or-kmsg|null\n"
393 "systemd.log_level=LEVEL Log level\n"
394 "systemd.log_color=0|1 Highlight important log messages\n"
395 "systemd.log_location=0|1 Include code location in log messages\n"
396 "systemd.default_standard_output=null|tty|syslog|syslog+console|kmsg|kmsg+console|journal|journal+console\n"
397 " Set default log output for services\n"
398 "systemd.default_standard_error=null|tty|syslog|syslog+console|kmsg|kmsg+console|journal|journal+console\n"
399 " Set default log error output for services\n");
401 } else if (streq(word, "quiet")) {
402 arg_show_status = false;
403 #ifdef HAVE_SYSV_COMPAT
404 arg_sysv_console = false;
409 /* SysV compatibility */
410 for (i = 0; i < ELEMENTSOF(rlmap); i += 2)
411 if (streq(word, rlmap[i]))
412 return set_default_unit(rlmap[i+1]);
418 static int config_parse_level2(
419 const char *filename,
432 log_set_max_level_from_string(rvalue);
436 static int config_parse_target(
437 const char *filename,
450 log_set_target_from_string(rvalue);
454 static int config_parse_color(
455 const char *filename,
468 log_show_color_from_string(rvalue);
472 static int config_parse_location(
473 const char *filename,
486 log_show_location_from_string(rvalue);
490 static int config_parse_cpu_affinity2(
491 const char *filename,
510 FOREACH_WORD_QUOTED(w, l, rvalue, state) {
515 if (!(t = strndup(w, l)))
518 r = safe_atou(t, &cpu);
522 if (!(c = cpu_set_malloc(&ncpus)))
525 if (r < 0 || cpu >= ncpus) {
526 log_error("[%s:%u] Failed to parse CPU affinity: %s", filename, line, rvalue);
531 CPU_SET_S(cpu, CPU_ALLOC_SIZE(ncpus), c);
535 if (sched_setaffinity(0, CPU_ALLOC_SIZE(ncpus), c) < 0)
536 log_warning("Failed to set CPU affinity: %m");
544 static void strv_free_free(char ***l) {
556 static void free_join_controllers(void) {
557 if (!arg_join_controllers)
560 strv_free_free(arg_join_controllers);
561 arg_join_controllers = NULL;
564 static int config_parse_join_controllers(
565 const char *filename,
582 free_join_controllers();
584 FOREACH_WORD_QUOTED(w, length, rvalue, state) {
587 s = strndup(w, length);
591 l = strv_split(s, ",");
596 if (strv_length(l) <= 1) {
601 if (!arg_join_controllers) {
602 arg_join_controllers = new(char**, 2);
603 if (!arg_join_controllers) {
608 arg_join_controllers[0] = l;
609 arg_join_controllers[1] = NULL;
616 t = new0(char**, n+2);
624 for (a = arg_join_controllers; *a; a++) {
626 if (strv_overlap(*a, l)) {
629 c = strv_merge(*a, l);
652 t[n++] = strv_uniq(l);
654 strv_free_free(arg_join_controllers);
655 arg_join_controllers = t;
662 static int parse_config_file(void) {
664 const ConfigTableItem items[] = {
665 { "Manager", "LogLevel", config_parse_level2, 0, NULL },
666 { "Manager", "LogTarget", config_parse_target, 0, NULL },
667 { "Manager", "LogColor", config_parse_color, 0, NULL },
668 { "Manager", "LogLocation", config_parse_location, 0, NULL },
669 { "Manager", "DumpCore", config_parse_bool, 0, &arg_dump_core },
670 { "Manager", "CrashShell", config_parse_bool, 0, &arg_crash_shell },
671 { "Manager", "ShowStatus", config_parse_bool, 0, &arg_show_status },
672 #ifdef HAVE_SYSV_COMPAT
673 { "Manager", "SysVConsole", config_parse_bool, 0, &arg_sysv_console },
675 { "Manager", "CrashChVT", config_parse_int, 0, &arg_crash_chvt },
676 { "Manager", "CPUAffinity", config_parse_cpu_affinity2, 0, NULL },
677 { "Manager", "DefaultControllers", config_parse_strv, 0, &arg_default_controllers },
678 { "Manager", "DefaultStandardOutput", config_parse_output, 0, &arg_default_std_output },
679 { "Manager", "DefaultStandardError", config_parse_output, 0, &arg_default_std_error },
680 { "Manager", "JoinControllers", config_parse_join_controllers, 0, &arg_join_controllers },
681 { "Manager", "RuntimeWatchdogSec", config_parse_usec, 0, &arg_runtime_watchdog },
682 { "Manager", "ShutdownWatchdogSec", config_parse_usec, 0, &arg_shutdown_watchdog },
683 { "Manager", "CapabilityBoundingSet", config_parse_bounding_set, 0, &arg_capability_bounding_set_drop },
684 { "Manager", "DefaultLimitCPU", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CPU]},
685 { "Manager", "DefaultLimitFSIZE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_FSIZE]},
686 { "Manager", "DefaultLimitDATA", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_DATA]},
687 { "Manager", "DefaultLimitSTACK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_STACK]},
688 { "Manager", "DefaultLimitCORE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CORE]},
689 { "Manager", "DefaultLimitRSS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RSS]},
690 { "Manager", "DefaultLimitNOFILE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NOFILE]},
691 { "Manager", "DefaultLimitAS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_AS]},
692 { "Manager", "DefaultLimitNPROC", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NPROC]},
693 { "Manager", "DefaultLimitMEMLOCK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MEMLOCK]},
694 { "Manager", "DefaultLimitLOCKS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_LOCKS]},
695 { "Manager", "DefaultLimitSIGPENDING",config_parse_limit, 0, &arg_default_rlimit[RLIMIT_SIGPENDING]},
696 { "Manager", "DefaultLimitMSGQUEUE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MSGQUEUE]},
697 { "Manager", "DefaultLimitNICE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NICE]},
698 { "Manager", "DefaultLimitRTPRIO", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTPRIO]},
699 { "Manager", "DefaultLimitRTTIME", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTTIME]},
700 { NULL, NULL, NULL, 0, NULL }
707 fn = arg_running_as == MANAGER_SYSTEM ? SYSTEM_CONFIG_FILE : USER_CONFIG_FILE;
713 log_warning("Failed to open configuration file '%s': %m", fn);
717 r = config_parse(fn, f, "Manager\0", config_item_table_lookup, (void*) items, false, NULL);
719 log_warning("Failed to parse configuration file: %s", strerror(-r));
726 static int parse_proc_cmdline(void) {
727 char *line, *w, *state;
731 /* Don't read /proc/cmdline if we are in a container, since
732 * that is only relevant for the host system */
733 if (detect_container(NULL) > 0)
736 if ((r = read_one_line_file("/proc/cmdline", &line)) < 0) {
737 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
741 FOREACH_WORD_QUOTED(w, l, line, state) {
744 if (!(word = strndup(w, l))) {
749 r = parse_proc_cmdline_word(word);
763 static int parse_argv(int argc, char *argv[]) {
766 ARG_LOG_LEVEL = 0x100,
774 ARG_DUMP_CONFIGURATION_ITEMS,
783 ARG_DEFAULT_STD_OUTPUT,
784 ARG_DEFAULT_STD_ERROR
787 static const struct option options[] = {
788 { "log-level", required_argument, NULL, ARG_LOG_LEVEL },
789 { "log-target", required_argument, NULL, ARG_LOG_TARGET },
790 { "log-color", optional_argument, NULL, ARG_LOG_COLOR },
791 { "log-location", optional_argument, NULL, ARG_LOG_LOCATION },
792 { "unit", required_argument, NULL, ARG_UNIT },
793 { "system", no_argument, NULL, ARG_SYSTEM },
794 { "user", no_argument, NULL, ARG_USER },
795 { "test", no_argument, NULL, ARG_TEST },
796 { "help", no_argument, NULL, 'h' },
797 { "dump-configuration-items", no_argument, NULL, ARG_DUMP_CONFIGURATION_ITEMS },
798 { "dump-core", optional_argument, NULL, ARG_DUMP_CORE },
799 { "crash-shell", optional_argument, NULL, ARG_CRASH_SHELL },
800 { "confirm-spawn", optional_argument, NULL, ARG_CONFIRM_SPAWN },
801 { "show-status", optional_argument, NULL, ARG_SHOW_STATUS },
802 #ifdef HAVE_SYSV_COMPAT
803 { "sysv-console", optional_argument, NULL, ARG_SYSV_CONSOLE },
805 { "deserialize", required_argument, NULL, ARG_DESERIALIZE },
806 { "switched-root", no_argument, NULL, ARG_SWITCHED_ROOT },
807 { "introspect", optional_argument, NULL, ARG_INTROSPECT },
808 { "default-standard-output", required_argument, NULL, ARG_DEFAULT_STD_OUTPUT, },
809 { "default-standard-error", required_argument, NULL, ARG_DEFAULT_STD_ERROR, },
821 while ((c = getopt_long(argc, argv, "hDbsz:", options, NULL)) >= 0)
826 if ((r = log_set_max_level_from_string(optarg)) < 0) {
827 log_error("Failed to parse log level %s.", optarg);
835 if ((r = log_set_target_from_string(optarg)) < 0) {
836 log_error("Failed to parse log target %s.", optarg);
845 if ((r = log_show_color_from_string(optarg)) < 0) {
846 log_error("Failed to parse log color setting %s.", optarg);
850 log_show_color(true);
854 case ARG_LOG_LOCATION:
857 if ((r = log_show_location_from_string(optarg)) < 0) {
858 log_error("Failed to parse log location setting %s.", optarg);
862 log_show_location(true);
866 case ARG_DEFAULT_STD_OUTPUT:
868 if ((r = exec_output_from_string(optarg)) < 0) {
869 log_error("Failed to parse default standard output setting %s.", optarg);
872 arg_default_std_output = r;
875 case ARG_DEFAULT_STD_ERROR:
877 if ((r = exec_output_from_string(optarg)) < 0) {
878 log_error("Failed to parse default standard error output setting %s.", optarg);
881 arg_default_std_error = r;
886 if ((r = set_default_unit(optarg)) < 0) {
887 log_error("Failed to set default unit %s: %s", optarg, strerror(-r));
894 arg_running_as = MANAGER_SYSTEM;
898 arg_running_as = MANAGER_USER;
902 arg_action = ACTION_TEST;
905 case ARG_DUMP_CONFIGURATION_ITEMS:
906 arg_action = ACTION_DUMP_CONFIGURATION_ITEMS;
910 r = optarg ? parse_boolean(optarg) : 1;
912 log_error("Failed to parse dump core boolean %s.", optarg);
918 case ARG_CRASH_SHELL:
919 r = optarg ? parse_boolean(optarg) : 1;
921 log_error("Failed to parse crash shell boolean %s.", optarg);
927 case ARG_CONFIRM_SPAWN:
928 r = optarg ? parse_boolean(optarg) : 1;
930 log_error("Failed to parse confirm spawn boolean %s.", optarg);
933 arg_confirm_spawn = r;
936 case ARG_SHOW_STATUS:
937 r = optarg ? parse_boolean(optarg) : 1;
939 log_error("Failed to parse show status boolean %s.", optarg);
945 #ifdef HAVE_SYSV_COMPAT
946 case ARG_SYSV_CONSOLE:
947 r = optarg ? parse_boolean(optarg) : 1;
949 log_error("Failed to parse SysV console boolean %s.", optarg);
952 arg_sysv_console = r;
956 case ARG_DESERIALIZE: {
960 if ((r = safe_atoi(optarg, &fd)) < 0 || fd < 0) {
961 log_error("Failed to parse deserialize option %s.", optarg);
965 if (!(f = fdopen(fd, "r"))) {
966 log_error("Failed to open serialization fd: %m");
971 fclose(serialization);
978 case ARG_SWITCHED_ROOT:
979 arg_switched_root = true;
982 case ARG_INTROSPECT: {
983 const char * const * i = NULL;
985 for (i = bus_interface_table; *i; i += 2)
986 if (!optarg || streq(i[0], optarg)) {
987 fputs(DBUS_INTROSPECT_1_0_XML_DOCTYPE_DECL_NODE
990 fputs("</node>\n", stdout);
997 log_error("Unknown interface %s.", optarg);
999 arg_action = ACTION_DONE;
1004 arg_action = ACTION_HELP;
1008 log_set_max_level(LOG_DEBUG);
1014 /* Just to eat away the sysvinit kernel
1015 * cmdline args without getopt() error
1016 * messages that we'll parse in
1017 * parse_proc_cmdline_word() or ignore. */
1021 if (getpid() != 1) {
1022 log_error("Unknown option code %c", c);
1029 if (optind < argc && getpid() != 1) {
1030 /* Hmm, when we aren't run as init system
1031 * let's complain about excess arguments */
1033 log_error("Excess arguments.");
1037 if (detect_container(NULL) > 0) {
1040 /* All /proc/cmdline arguments the kernel didn't
1041 * understand it passed to us. We're not really
1042 * interested in that usually since /proc/cmdline is
1043 * more interesting and complete. With one exception:
1044 * if we are run in a container /proc/cmdline is not
1045 * relevant for the container, hence we rely on argv[]
1048 for (a = argv; a < argv + argc; a++)
1049 if ((r = parse_proc_cmdline_word(*a)) < 0)
1056 static int help(void) {
1058 printf("%s [OPTIONS...]\n\n"
1059 "Starts up and maintains the system or user services.\n\n"
1060 " -h --help Show this help\n"
1061 " --test Determine startup sequence, dump it and exit\n"
1062 " --dump-configuration-items Dump understood unit configuration items\n"
1063 " --introspect[=INTERFACE] Extract D-Bus interface data\n"
1064 " --unit=UNIT Set default unit\n"
1065 " --system Run a system instance, even if PID != 1\n"
1066 " --user Run a user instance\n"
1067 " --dump-core[=0|1] Dump core on crash\n"
1068 " --crash-shell[=0|1] Run shell on crash\n"
1069 " --confirm-spawn[=0|1] Ask for confirmation when spawning processes\n"
1070 " --show-status[=0|1] Show status updates on the console during bootup\n"
1071 #ifdef HAVE_SYSV_COMPAT
1072 " --sysv-console[=0|1] Connect output of SysV scripts to console\n"
1074 " --log-target=TARGET Set log target (console, journal, syslog, kmsg, journal-or-kmsg, syslog-or-kmsg, null)\n"
1075 " --log-level=LEVEL Set log level (debug, info, notice, warning, err, crit, alert, emerg)\n"
1076 " --log-color[=0|1] Highlight important log messages\n"
1077 " --log-location[=0|1] Include code location in log messages\n"
1078 " --default-standard-output= Set default standard output for services\n"
1079 " --default-standard-error= Set default standard error output for services\n",
1080 program_invocation_short_name);
1085 static int prepare_reexecute(Manager *m, FILE **_f, FDSet **_fds) {
1094 /* Make sure nothing is really destructed when we shut down */
1097 if ((r = manager_open_serialization(m, &f)) < 0) {
1098 log_error("Failed to create serialization file: %s", strerror(-r));
1102 if (!(fds = fdset_new())) {
1104 log_error("Failed to allocate fd set: %s", strerror(-r));
1108 if ((r = manager_serialize(m, f, fds)) < 0) {
1109 log_error("Failed to serialize state: %s", strerror(-r));
1113 if (fseeko(f, 0, SEEK_SET) < 0) {
1114 log_error("Failed to rewind serialization fd: %m");
1118 if ((r = fd_cloexec(fileno(f), false)) < 0) {
1119 log_error("Failed to disable O_CLOEXEC for serialization: %s", strerror(-r));
1123 if ((r = fdset_cloexec(fds, false)) < 0) {
1124 log_error("Failed to disable O_CLOEXEC for serialization fds: %s", strerror(-r));
1142 static struct dual_timestamp* parse_initrd_timestamp(struct dual_timestamp *t) {
1144 unsigned long long a, b;
1148 e = getenv("RD_TIMESTAMP");
1152 if (sscanf(e, "%llu %llu", &a, &b) != 2)
1155 t->realtime = (usec_t) a;
1156 t->monotonic = (usec_t) b;
1161 static void test_mtab(void) {
1164 /* Check that /etc/mtab is a symlink */
1166 if (readlink_malloc("/etc/mtab", &p) >= 0) {
1169 b = streq(p, "/proc/self/mounts") || streq(p, "/proc/mounts");
1176 log_warning("/etc/mtab is not a symlink or not pointing to /proc/self/mounts. "
1177 "This is not supported anymore. "
1178 "Please make sure to replace this file by a symlink to avoid incorrect or misleading mount(8) output.");
1181 static void test_usr(void) {
1183 /* Check that /usr is not a separate fs */
1185 if (dir_is_empty("/usr") <= 0)
1188 log_warning("/usr appears to be on its own filesytem and is not already mounted. This is not a supported setup. "
1189 "Some things will probably break (sometimes even silently) in mysterious ways. "
1190 "Consult http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken for more information.");
1193 static void test_cgroups(void) {
1195 if (access("/proc/cgroups", F_OK) >= 0)
1198 log_warning("CONFIG_CGROUPS was not set when your kernel was compiled. "
1199 "Systems without control groups are not supported. "
1200 "We will now sleep for 10s, and then continue boot-up. "
1201 "Expect breakage and please do not file bugs. "
1202 "Instead fix your kernel and enable CONFIG_CGROUPS. "
1203 "Consult http://0pointer.de/blog/projects/cgroups-vs-cgroups.html for more information.");
1208 int main(int argc, char *argv[]) {
1210 int r, retval = EXIT_FAILURE;
1211 usec_t before_startup, after_startup;
1212 char timespan[FORMAT_TIMESPAN_MAX];
1214 bool reexecute = false;
1215 const char *shutdown_verb = NULL;
1216 dual_timestamp initrd_timestamp = { 0ULL, 0ULL };
1217 static char systemd[] = "systemd";
1218 bool skip_setup = false;
1220 bool loaded_policy = false;
1221 bool arm_reboot_watchdog = false;
1222 bool queue_default_job = false;
1223 char *switch_root_dir = NULL, *switch_root_init = NULL;
1225 #ifdef HAVE_SYSV_COMPAT
1226 if (getpid() != 1 && strstr(program_invocation_short_name, "init")) {
1227 /* This is compatibility support for SysV, where
1228 * calling init as a user is identical to telinit. */
1231 execv(SYSTEMCTL_BINARY_PATH, argv);
1232 log_error("Failed to exec " SYSTEMCTL_BINARY_PATH ": %m");
1237 /* Determine if this is a reexecution or normal bootup. We do
1238 * the full command line parsing much later, so let's just
1239 * have a quick peek here. */
1240 for (j = 1; j < argc; j++)
1241 if (streq(argv[j], "--deserialize")) {
1246 /* If we have switched root, do all the special setup
1248 for (j = 1; j < argc; j++)
1249 if (streq(argv[j], "--switched-root")) {
1254 /* If we get started via the /sbin/init symlink then we are
1255 called 'init'. After a subsequent reexecution we are then
1256 called 'systemd'. That is confusing, hence let's call us
1257 systemd right-away. */
1258 program_invocation_short_name = systemd;
1259 prctl(PR_SET_NAME, systemd);
1264 log_show_color(isatty(STDERR_FILENO) > 0);
1265 log_show_location(false);
1266 log_set_max_level(LOG_INFO);
1268 if (getpid() == 1) {
1270 char *rd_timestamp = NULL;
1272 dual_timestamp_get(&initrd_timestamp);
1273 asprintf(&rd_timestamp, "%llu %llu",
1274 (unsigned long long) initrd_timestamp.realtime,
1275 (unsigned long long) initrd_timestamp.monotonic);
1277 setenv("RD_TIMESTAMP", rd_timestamp, 1);
1282 arg_running_as = MANAGER_SYSTEM;
1283 log_set_target(detect_container(NULL) > 0 ? LOG_TARGET_JOURNAL : LOG_TARGET_JOURNAL_OR_KMSG);
1286 if (selinux_setup(&loaded_policy) < 0)
1288 if (ima_setup() < 0)
1294 if (label_init(NULL) < 0)
1298 if (hwclock_is_localtime() > 0) {
1301 r = hwclock_apply_localtime_delta(&min);
1303 log_error("Failed to apply local time delta, ignoring: %s", strerror(-r));
1305 log_info("RTC configured in localtime, applying delta of %i minutes to system time.", min);
1309 arg_running_as = MANAGER_USER;
1310 log_set_target(LOG_TARGET_AUTO);
1314 /* Initialize default unit */
1315 if (set_default_unit(SPECIAL_DEFAULT_TARGET) < 0)
1318 /* By default, mount "cpu" and "cpuacct" together */
1319 arg_join_controllers = new(char**, 2);
1320 if (!arg_join_controllers)
1323 arg_join_controllers[0] = strv_new("cpu", "cpuacct", NULL);
1324 arg_join_controllers[1] = NULL;
1326 if (!arg_join_controllers[0])
1329 /* Mount /proc, /sys and friends, so that /proc/cmdline and
1330 * /proc/$PID/fd is available. */
1331 if (geteuid() == 0 && !getenv("SYSTEMD_SKIP_API_MOUNTS")) {
1332 r = mount_setup(loaded_policy);
1337 /* Reset all signal handlers. */
1338 assert_se(reset_all_signal_handlers() == 0);
1340 /* If we are init, we can block sigkill. Yay. */
1341 ignore_signals(SIGNALS_IGNORE, -1);
1343 if (parse_config_file() < 0)
1346 if (arg_running_as == MANAGER_SYSTEM)
1347 if (parse_proc_cmdline() < 0)
1350 log_parse_environment();
1352 if (parse_argv(argc, argv) < 0)
1355 if (arg_action == ACTION_TEST && geteuid() == 0) {
1356 log_error("Don't run test mode as root.");
1360 if (arg_running_as == MANAGER_SYSTEM &&
1361 arg_action == ACTION_RUN &&
1362 running_in_chroot() > 0) {
1363 log_error("Cannot be run in a chroot() environment.");
1367 if (arg_action == ACTION_HELP) {
1370 } else if (arg_action == ACTION_DUMP_CONFIGURATION_ITEMS) {
1371 unit_dump_config_items(stdout);
1372 retval = EXIT_SUCCESS;
1374 } else if (arg_action == ACTION_DONE) {
1375 retval = EXIT_SUCCESS;
1379 assert_se(arg_action == ACTION_RUN || arg_action == ACTION_TEST);
1381 /* Close logging fds, in order not to confuse fdset below */
1384 /* Remember open file descriptors for later deserialization */
1385 if (serialization) {
1386 r = fdset_new_fill(&fds);
1388 log_error("Failed to allocate fd set: %s", strerror(-r));
1392 assert_se(fdset_remove(fds, fileno(serialization)) >= 0);
1394 close_all_fds(NULL, 0);
1396 /* Set up PATH unless it is already set */
1398 #ifdef HAVE_SPLIT_USR
1399 "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
1401 "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin",
1403 arg_running_as == MANAGER_SYSTEM);
1405 if (arg_running_as == MANAGER_SYSTEM) {
1406 /* Parse the data passed to us. We leave this
1407 * variables set, but the manager later on will not
1408 * pass them on to our children. */
1410 parse_initrd_timestamp(&initrd_timestamp);
1412 /* Unset some environment variables passed in from the
1413 * kernel that don't really make sense for us. */
1417 /* When we are invoked by a shell, these might be set,
1418 * but make little sense to pass on */
1423 /* When we are invoked by a chroot-like tool such as
1424 * nspawn, these might be set, but make little sense
1427 unsetenv("LOGNAME");
1429 /* All other variables are left as is, so that clients
1430 * can still read them via /proc/1/environ */
1433 /* Move out of the way, so that we won't block unmounts */
1434 assert_se(chdir("/") == 0);
1436 if (arg_running_as == MANAGER_SYSTEM) {
1437 /* Become a session leader if we aren't one yet. */
1440 /* Disable the umask logic */
1444 /* Make sure D-Bus doesn't fiddle with the SIGPIPE handlers */
1445 dbus_connection_set_change_sigpipe(FALSE);
1447 /* Reset the console, but only if this is really init and we
1448 * are freshly booted */
1449 if (arg_running_as == MANAGER_SYSTEM && arg_action == ACTION_RUN) {
1450 console_setup(getpid() == 1 && !skip_setup);
1454 /* Open the logging devices, if possible and necessary */
1457 /* Make sure we leave a core dump without panicing the
1460 install_crash_handler();
1462 if (geteuid() == 0 && !getenv("SYSTEMD_SKIP_API_MOUNTS")) {
1463 r = mount_cgroup_controllers(arg_join_controllers);
1468 log_full(arg_running_as == MANAGER_SYSTEM ? LOG_INFO : LOG_DEBUG,
1469 PACKAGE_STRING " running in %s mode. (" SYSTEMD_FEATURES "; " DISTRIBUTION ")", manager_running_as_to_string(arg_running_as));
1471 if (arg_running_as == MANAGER_SYSTEM && !skip_setup) {
1474 if (arg_show_status || plymouth_running())
1487 if (arg_running_as == MANAGER_SYSTEM && arg_runtime_watchdog > 0)
1488 watchdog_set_timeout(&arg_runtime_watchdog);
1490 if (arg_capability_bounding_set_drop) {
1491 r = capability_bounding_set_drop(arg_capability_bounding_set_drop, true);
1493 log_error("Failed to drop capability bounding set: %s", strerror(-r));
1498 r = manager_new(arg_running_as, &m);
1500 log_error("Failed to allocate manager object: %s", strerror(-r));
1504 m->confirm_spawn = arg_confirm_spawn;
1505 #ifdef HAVE_SYSV_COMPAT
1506 m->sysv_console = arg_sysv_console;
1508 m->default_std_output = arg_default_std_output;
1509 m->default_std_error = arg_default_std_error;
1510 m->runtime_watchdog = arg_runtime_watchdog;
1511 m->shutdown_watchdog = arg_shutdown_watchdog;
1513 manager_set_default_rlimits(m, arg_default_rlimit);
1515 if (dual_timestamp_is_set(&initrd_timestamp))
1516 m->initrd_timestamp = initrd_timestamp;
1518 if (arg_default_controllers)
1519 manager_set_default_controllers(m, arg_default_controllers);
1521 manager_set_show_status(m, arg_show_status);
1523 /* Remember whether we should queue the default job */
1524 queue_default_job = !serialization || arg_switched_root;
1526 before_startup = now(CLOCK_MONOTONIC);
1528 r = manager_startup(m, serialization, fds);
1530 log_error("Failed to fully start up daemon: %s", strerror(-r));
1532 /* This will close all file descriptors that were opened, but
1533 * not claimed by any unit. */
1539 if (serialization) {
1540 fclose(serialization);
1541 serialization = NULL;
1544 if (queue_default_job) {
1546 Unit *target = NULL;
1547 Job *default_unit_job;
1549 dbus_error_init(&error);
1551 log_debug("Activating default unit: %s", arg_default_unit);
1553 r = manager_load_unit(m, arg_default_unit, NULL, &error, &target);
1555 log_error("Failed to load default target: %s", bus_error(&error, r));
1556 dbus_error_free(&error);
1557 } else if (target->load_state == UNIT_ERROR)
1558 log_error("Failed to load default target: %s", strerror(-target->load_error));
1559 else if (target->load_state == UNIT_MASKED)
1560 log_error("Default target masked.");
1562 if (!target || target->load_state != UNIT_LOADED) {
1563 log_info("Trying to load rescue target...");
1565 r = manager_load_unit(m, SPECIAL_RESCUE_TARGET, NULL, &error, &target);
1567 log_error("Failed to load rescue target: %s", bus_error(&error, r));
1568 dbus_error_free(&error);
1570 } else if (target->load_state == UNIT_ERROR) {
1571 log_error("Failed to load rescue target: %s", strerror(-target->load_error));
1573 } else if (target->load_state == UNIT_MASKED) {
1574 log_error("Rescue target masked.");
1579 assert(target->load_state == UNIT_LOADED);
1581 if (arg_action == ACTION_TEST) {
1582 printf("-> By units:\n");
1583 manager_dump_units(m, stdout, "\t");
1586 r = manager_add_job(m, JOB_START, target, JOB_REPLACE, false, &error, &default_unit_job);
1588 log_error("Failed to start default target: %s", bus_error(&error, r));
1589 dbus_error_free(&error);
1592 m->default_unit_job_id = default_unit_job->id;
1594 after_startup = now(CLOCK_MONOTONIC);
1595 log_full(arg_action == ACTION_TEST ? LOG_INFO : LOG_DEBUG,
1596 "Loaded units and determined initial transaction in %s.",
1597 format_timespan(timespan, sizeof(timespan), after_startup - before_startup));
1599 if (arg_action == ACTION_TEST) {
1600 printf("-> By jobs:\n");
1601 manager_dump_jobs(m, stdout, "\t");
1602 retval = EXIT_SUCCESS;
1608 r = manager_loop(m);
1610 log_error("Failed to run mainloop: %s", strerror(-r));
1614 switch (m->exit_code) {
1617 retval = EXIT_SUCCESS;
1621 case MANAGER_RELOAD:
1622 log_info("Reloading.");
1623 r = manager_reload(m);
1625 log_error("Failed to reload: %s", strerror(-r));
1628 case MANAGER_REEXECUTE:
1630 if (prepare_reexecute(m, &serialization, &fds) < 0)
1634 log_notice("Reexecuting.");
1637 case MANAGER_SWITCH_ROOT:
1638 /* Steal the switch root parameters */
1639 switch_root_dir = m->switch_root;
1640 switch_root_init = m->switch_root_init;
1641 m->switch_root = m->switch_root_init = NULL;
1643 if (!switch_root_init)
1644 if (prepare_reexecute(m, &serialization, &fds) < 0)
1648 log_notice("Switching root.");
1651 case MANAGER_REBOOT:
1652 case MANAGER_POWEROFF:
1654 case MANAGER_KEXEC: {
1655 static const char * const table[_MANAGER_EXIT_CODE_MAX] = {
1656 [MANAGER_REBOOT] = "reboot",
1657 [MANAGER_POWEROFF] = "poweroff",
1658 [MANAGER_HALT] = "halt",
1659 [MANAGER_KEXEC] = "kexec"
1662 assert_se(shutdown_verb = table[m->exit_code]);
1663 arm_reboot_watchdog = m->exit_code == MANAGER_REBOOT;
1665 log_notice("Shutting down.");
1670 assert_not_reached("Unknown exit code.");
1678 for (j = 0; j < RLIMIT_NLIMITS; j++)
1679 free (arg_default_rlimit[j]);
1681 free(arg_default_unit);
1682 strv_free(arg_default_controllers);
1683 free_join_controllers();
1690 unsigned i, args_size;
1692 /* Close and disarm the watchdog, so that the new
1693 * instance can reinitialize it, but doesn't get
1694 * rebooted while we do that */
1695 watchdog_close(true);
1697 if (switch_root_dir) {
1698 r = switch_root(switch_root_dir);
1700 log_error("Failed to switch root, ignoring: %s", strerror(-r));
1703 args_size = MAX(6, argc+1);
1704 args = newa(const char*, args_size);
1706 if (!switch_root_init) {
1709 /* First try to spawn ourselves with the right
1710 * path, and with full serialization. We do
1711 * this only if the user didn't specify an
1712 * explicit init to spawn. */
1714 assert(serialization);
1717 snprintf(sfd, sizeof(sfd), "%i", fileno(serialization));
1721 args[i++] = SYSTEMD_BINARY_PATH;
1722 if (switch_root_dir)
1723 args[i++] = "--switched-root";
1724 args[i++] = arg_running_as == MANAGER_SYSTEM ? "--system" : "--user";
1725 args[i++] = "--deserialize";
1729 assert(i <= args_size);
1730 execv(args[0], (char* const*) args);
1733 /* Try the fallback, if there is any, without any
1734 * serialization. We pass the original argv[] and
1735 * envp[]. (Well, modulo the ordering changes due to
1736 * getopt() in argv[], and some cleanups in envp[],
1737 * but let's hope that doesn't matter.) */
1739 if (serialization) {
1740 fclose(serialization);
1741 serialization = NULL;
1749 for (j = 1, i = 1; j < argc; j++)
1750 args[i++] = argv[j];
1752 assert(i <= args_size);
1754 if (switch_root_init) {
1755 args[0] = switch_root_init;
1756 execv(args[0], (char* const*) args);
1757 log_warning("Failed to execute configured init, trying fallback: %m");
1760 args[0] = "/sbin/init";
1761 execv(args[0], (char* const*) args);
1763 if (errno == ENOENT) {
1764 log_warning("No /sbin/init, trying fallback");
1766 args[0] = "/bin/sh";
1768 execv(args[0], (char* const*) args);
1769 log_error("Failed to execute /bin/sh, giving up: %m");
1771 log_warning("Failed to execute /sbin/init, giving up: %m");
1775 fclose(serialization);
1780 if (shutdown_verb) {
1781 const char * command_line[] = {
1782 SYSTEMD_SHUTDOWN_BINARY_PATH,
1788 if (arm_reboot_watchdog && arg_shutdown_watchdog > 0) {
1791 /* If we reboot let's set the shutdown
1792 * watchdog and tell the shutdown binary to
1793 * repeatedly ping it */
1794 watchdog_set_timeout(&arg_shutdown_watchdog);
1795 watchdog_close(false);
1797 /* Tell the binary how often to ping */
1798 snprintf(e, sizeof(e), "WATCHDOG_USEC=%llu", (unsigned long long) arg_shutdown_watchdog);
1801 env_block = strv_append(environ, e);
1803 env_block = strv_copy(environ);
1804 watchdog_close(true);
1807 execve(SYSTEMD_SHUTDOWN_BINARY_PATH, (char **) command_line, env_block);
1809 log_error("Failed to execute shutdown binary, freezing: %m");