1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <dbus/dbus.h>
28 #include <sys/types.h>
34 #include <sys/prctl.h>
35 #include <sys/mount.h>
39 #include "load-fragment.h"
42 #include "conf-parser.h"
43 #include "bus-errors.h"
51 #include "path-util.h"
52 #include "switch-root.h"
53 #include "capability.h"
55 #include "mount-setup.h"
56 #include "loopback-setup.h"
57 #include "kmod-setup.h"
58 #include "hostname-setup.h"
59 #include "machine-id-setup.h"
60 #include "locale-setup.h"
62 #include "selinux-setup.h"
63 #include "ima-setup.h"
69 ACTION_DUMP_CONFIGURATION_ITEMS,
71 } arg_action = ACTION_RUN;
73 static char *arg_default_unit = NULL;
74 static ManagerRunningAs arg_running_as = _MANAGER_RUNNING_AS_INVALID;
76 static bool arg_dump_core = true;
77 static bool arg_crash_shell = false;
78 static int arg_crash_chvt = -1;
79 static bool arg_confirm_spawn = false;
80 static bool arg_show_status = true;
81 static bool arg_switched_root = false;
82 #ifdef HAVE_SYSV_COMPAT
83 static bool arg_sysv_console = true;
85 static char **arg_default_controllers = NULL;
86 static char ***arg_join_controllers = NULL;
87 static ExecOutput arg_default_std_output = EXEC_OUTPUT_JOURNAL;
88 static ExecOutput arg_default_std_error = EXEC_OUTPUT_INHERIT;
89 static usec_t arg_runtime_watchdog = 0;
90 static usec_t arg_shutdown_watchdog = 10 * USEC_PER_MINUTE;
91 static struct rlimit *arg_default_rlimit[RLIMIT_NLIMITS] = {};
92 static uint64_t arg_capability_bounding_set_drop = 0;
93 static nsec_t arg_timer_slack_nsec = (nsec_t) -1;
95 static FILE* serialization = NULL;
97 static void nop_handler(int sig) {
100 _noreturn_ static void crash(int sig) {
103 log_error("Caught <%s>, not dumping core.", signal_to_string(sig));
108 /* We want to wait for the core process, hence let's enable SIGCHLD */
110 sa.sa_handler = nop_handler;
111 sa.sa_flags = SA_NOCLDSTOP|SA_RESTART;
112 assert_se(sigaction(SIGCHLD, &sa, NULL) == 0);
114 if ((pid = fork()) < 0)
115 log_error("Caught <%s>, cannot fork for core dump: %s", signal_to_string(sig), strerror(errno));
120 /* Enable default signal handler for core dump */
122 sa.sa_handler = SIG_DFL;
123 assert_se(sigaction(sig, &sa, NULL) == 0);
125 /* Don't limit the core dump size */
127 rl.rlim_cur = RLIM_INFINITY;
128 rl.rlim_max = RLIM_INFINITY;
129 setrlimit(RLIMIT_CORE, &rl);
131 /* Just to be sure... */
132 assert_se(chdir("/") == 0);
134 /* Raise the signal again */
137 assert_not_reached("We shouldn't be here...");
144 /* Order things nicely. */
145 if ((r = wait_for_terminate(pid, &status)) < 0)
146 log_error("Caught <%s>, waitpid() failed: %s", signal_to_string(sig), strerror(-r));
147 else if (status.si_code != CLD_DUMPED)
148 log_error("Caught <%s>, core dump failed.", signal_to_string(sig));
150 log_error("Caught <%s>, dumped core as pid %lu.", signal_to_string(sig), (unsigned long) pid);
155 chvt(arg_crash_chvt);
157 if (arg_crash_shell) {
161 log_info("Executing crash shell in 10s...");
164 /* Let the kernel reap children for us */
166 sa.sa_handler = SIG_IGN;
167 sa.sa_flags = SA_NOCLDSTOP|SA_NOCLDWAIT|SA_RESTART;
168 assert_se(sigaction(SIGCHLD, &sa, NULL) == 0);
170 if ((pid = fork()) < 0)
171 log_error("Failed to fork off crash shell: %s", strerror(errno));
175 if ((fd = acquire_terminal("/dev/console", false, true, true)) < 0)
176 log_error("Failed to acquire terminal: %s", strerror(-fd));
177 else if ((r = make_stdio(fd)) < 0)
178 log_error("Failed to duplicate terminal fd: %s", strerror(-r));
180 execl("/bin/sh", "/bin/sh", NULL);
182 log_error("execl() failed: %s", strerror(errno));
186 log_info("Successfully spawned crash shell as pid %lu.", (unsigned long) pid);
189 log_info("Freezing execution.");
193 static void install_crash_handler(void) {
198 sa.sa_handler = crash;
199 sa.sa_flags = SA_NODEFER;
201 sigaction_many(&sa, SIGNALS_CRASH_HANDLER, -1);
204 static int console_setup(bool do_reset) {
207 /* If we are init, we connect stdin/stdout/stderr to /dev/null
208 * and make sure we don't have a controlling tty. */
215 tty_fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
217 log_error("Failed to open /dev/console: %s", strerror(-tty_fd));
221 /* We don't want to force text mode.
222 * plymouth may be showing pictures already from initrd. */
223 r = reset_terminal_fd(tty_fd, false);
225 log_error("Failed to reset /dev/console: %s", strerror(-r));
227 close_nointr_nofail(tty_fd);
231 static int set_default_unit(const char *u) {
240 free(arg_default_unit);
241 arg_default_unit = c;
246 static int parse_proc_cmdline_word(const char *word) {
248 static const char * const rlmap[] = {
249 "emergency", SPECIAL_EMERGENCY_TARGET,
250 "-b", SPECIAL_EMERGENCY_TARGET,
251 "single", SPECIAL_RESCUE_TARGET,
252 "-s", SPECIAL_RESCUE_TARGET,
253 "s", SPECIAL_RESCUE_TARGET,
254 "S", SPECIAL_RESCUE_TARGET,
255 "1", SPECIAL_RESCUE_TARGET,
256 "2", SPECIAL_RUNLEVEL2_TARGET,
257 "3", SPECIAL_RUNLEVEL3_TARGET,
258 "4", SPECIAL_RUNLEVEL4_TARGET,
259 "5", SPECIAL_RUNLEVEL5_TARGET,
264 if (startswith(word, "systemd.unit=")) {
267 return set_default_unit(word + 13);
269 } else if (startswith(word, "rd.systemd.unit=")) {
272 return set_default_unit(word + 16);
274 } else if (startswith(word, "systemd.log_target=")) {
276 if (log_set_target_from_string(word + 19) < 0)
277 log_warning("Failed to parse log target %s. Ignoring.", word + 19);
279 } else if (startswith(word, "systemd.log_level=")) {
281 if (log_set_max_level_from_string(word + 18) < 0)
282 log_warning("Failed to parse log level %s. Ignoring.", word + 18);
284 } else if (startswith(word, "systemd.log_color=")) {
286 if (log_show_color_from_string(word + 18) < 0)
287 log_warning("Failed to parse log color setting %s. Ignoring.", word + 18);
289 } else if (startswith(word, "systemd.log_location=")) {
291 if (log_show_location_from_string(word + 21) < 0)
292 log_warning("Failed to parse log location setting %s. Ignoring.", word + 21);
294 } else if (startswith(word, "systemd.dump_core=")) {
297 if ((r = parse_boolean(word + 18)) < 0)
298 log_warning("Failed to parse dump core switch %s. Ignoring.", word + 18);
302 } else if (startswith(word, "systemd.crash_shell=")) {
305 if ((r = parse_boolean(word + 20)) < 0)
306 log_warning("Failed to parse crash shell switch %s. Ignoring.", word + 20);
310 } else if (startswith(word, "systemd.confirm_spawn=")) {
313 if ((r = parse_boolean(word + 22)) < 0)
314 log_warning("Failed to parse confirm spawn switch %s. Ignoring.", word + 22);
316 arg_confirm_spawn = r;
318 } else if (startswith(word, "systemd.crash_chvt=")) {
321 if (safe_atoi(word + 19, &k) < 0)
322 log_warning("Failed to parse crash chvt switch %s. Ignoring.", word + 19);
326 } else if (startswith(word, "systemd.show_status=")) {
329 if ((r = parse_boolean(word + 20)) < 0)
330 log_warning("Failed to parse show status switch %s. Ignoring.", word + 20);
333 } else if (startswith(word, "systemd.default_standard_output=")) {
336 if ((r = exec_output_from_string(word + 32)) < 0)
337 log_warning("Failed to parse default standard output switch %s. Ignoring.", word + 32);
339 arg_default_std_output = r;
340 } else if (startswith(word, "systemd.default_standard_error=")) {
343 if ((r = exec_output_from_string(word + 31)) < 0)
344 log_warning("Failed to parse default standard error switch %s. Ignoring.", word + 31);
346 arg_default_std_error = r;
347 } else if (startswith(word, "systemd.setenv=")) {
351 cenv = strdup(word + 15);
355 eq = strchr(cenv, '=');
359 log_warning("unsetenv failed %s. Ignoring.", strerror(errno));
362 r = setenv(cenv, eq + 1, 1);
364 log_warning("setenv failed %s. Ignoring.", strerror(errno));
367 #ifdef HAVE_SYSV_COMPAT
368 } else if (startswith(word, "systemd.sysv_console=")) {
371 if ((r = parse_boolean(word + 21)) < 0)
372 log_warning("Failed to parse SysV console switch %s. Ignoring.", word + 20);
374 arg_sysv_console = r;
377 } else if (startswith(word, "systemd.")) {
379 log_warning("Unknown kernel switch %s. Ignoring.", word);
381 log_info("Supported kernel switches:\n"
382 "systemd.unit=UNIT Default unit to start\n"
383 "rd.systemd.unit=UNIT Default unit to start when run in initrd\n"
384 "systemd.dump_core=0|1 Dump core on crash\n"
385 "systemd.crash_shell=0|1 Run shell on crash\n"
386 "systemd.crash_chvt=N Change to VT #N on crash\n"
387 "systemd.confirm_spawn=0|1 Confirm every process spawn\n"
388 "systemd.show_status=0|1 Show status updates on the console during bootup\n"
389 #ifdef HAVE_SYSV_COMPAT
390 "systemd.sysv_console=0|1 Connect output of SysV scripts to console\n"
392 "systemd.log_target=console|kmsg|journal|journal-or-kmsg|syslog|syslog-or-kmsg|null\n"
394 "systemd.log_level=LEVEL Log level\n"
395 "systemd.log_color=0|1 Highlight important log messages\n"
396 "systemd.log_location=0|1 Include code location in log messages\n"
397 "systemd.default_standard_output=null|tty|syslog|syslog+console|kmsg|kmsg+console|journal|journal+console\n"
398 " Set default log output for services\n"
399 "systemd.default_standard_error=null|tty|syslog|syslog+console|kmsg|kmsg+console|journal|journal+console\n"
400 " Set default log error output for services\n"
401 "systemd.setenv=ASSIGNMENT Set an environment variable for all spawned processes\n");
403 } else if (streq(word, "quiet")) {
404 arg_show_status = false;
405 #ifdef HAVE_SYSV_COMPAT
406 arg_sysv_console = false;
408 } else if (!in_initrd()) {
411 /* SysV compatibility */
412 for (i = 0; i < ELEMENTSOF(rlmap); i += 2)
413 if (streq(word, rlmap[i]))
414 return set_default_unit(rlmap[i+1]);
420 static int config_parse_level2(
421 const char *filename,
434 log_set_max_level_from_string(rvalue);
438 static int config_parse_target(
439 const char *filename,
452 log_set_target_from_string(rvalue);
456 static int config_parse_color(
457 const char *filename,
470 log_show_color_from_string(rvalue);
474 static int config_parse_location(
475 const char *filename,
488 log_show_location_from_string(rvalue);
492 static int config_parse_cpu_affinity2(
493 const char *filename,
512 FOREACH_WORD_QUOTED(w, l, rvalue, state) {
517 if (!(t = strndup(w, l)))
520 r = safe_atou(t, &cpu);
524 if (!(c = cpu_set_malloc(&ncpus)))
527 if (r < 0 || cpu >= ncpus) {
528 log_error("[%s:%u] Failed to parse CPU affinity: %s", filename, line, rvalue);
533 CPU_SET_S(cpu, CPU_ALLOC_SIZE(ncpus), c);
537 if (sched_setaffinity(0, CPU_ALLOC_SIZE(ncpus), c) < 0)
538 log_warning("Failed to set CPU affinity: %m");
546 static void strv_free_free(char ***l) {
558 static void free_join_controllers(void) {
559 if (!arg_join_controllers)
562 strv_free_free(arg_join_controllers);
563 arg_join_controllers = NULL;
566 static int config_parse_join_controllers(
567 const char *filename,
584 free_join_controllers();
586 FOREACH_WORD_QUOTED(w, length, rvalue, state) {
589 s = strndup(w, length);
593 l = strv_split(s, ",");
598 if (strv_length(l) <= 1) {
603 if (!arg_join_controllers) {
604 arg_join_controllers = new(char**, 2);
605 if (!arg_join_controllers) {
610 arg_join_controllers[0] = l;
611 arg_join_controllers[1] = NULL;
618 t = new0(char**, n+2);
626 for (a = arg_join_controllers; *a; a++) {
628 if (strv_overlap(*a, l)) {
631 c = strv_merge(*a, l);
654 t[n++] = strv_uniq(l);
656 strv_free_free(arg_join_controllers);
657 arg_join_controllers = t;
664 static int parse_config_file(void) {
666 const ConfigTableItem items[] = {
667 { "Manager", "LogLevel", config_parse_level2, 0, NULL },
668 { "Manager", "LogTarget", config_parse_target, 0, NULL },
669 { "Manager", "LogColor", config_parse_color, 0, NULL },
670 { "Manager", "LogLocation", config_parse_location, 0, NULL },
671 { "Manager", "DumpCore", config_parse_bool, 0, &arg_dump_core },
672 { "Manager", "CrashShell", config_parse_bool, 0, &arg_crash_shell },
673 { "Manager", "ShowStatus", config_parse_bool, 0, &arg_show_status },
674 #ifdef HAVE_SYSV_COMPAT
675 { "Manager", "SysVConsole", config_parse_bool, 0, &arg_sysv_console },
677 { "Manager", "CrashChVT", config_parse_int, 0, &arg_crash_chvt },
678 { "Manager", "CPUAffinity", config_parse_cpu_affinity2, 0, NULL },
679 { "Manager", "DefaultControllers", config_parse_strv, 0, &arg_default_controllers },
680 { "Manager", "DefaultStandardOutput", config_parse_output, 0, &arg_default_std_output },
681 { "Manager", "DefaultStandardError", config_parse_output, 0, &arg_default_std_error },
682 { "Manager", "JoinControllers", config_parse_join_controllers, 0, &arg_join_controllers },
683 { "Manager", "RuntimeWatchdogSec", config_parse_usec, 0, &arg_runtime_watchdog },
684 { "Manager", "ShutdownWatchdogSec", config_parse_usec, 0, &arg_shutdown_watchdog },
685 { "Manager", "CapabilityBoundingSet", config_parse_bounding_set, 0, &arg_capability_bounding_set_drop },
686 { "Manager", "TimerSlackNSec", config_parse_nsec, 0, &arg_timer_slack_nsec },
687 { "Manager", "DefaultLimitCPU", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CPU]},
688 { "Manager", "DefaultLimitFSIZE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_FSIZE]},
689 { "Manager", "DefaultLimitDATA", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_DATA]},
690 { "Manager", "DefaultLimitSTACK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_STACK]},
691 { "Manager", "DefaultLimitCORE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CORE]},
692 { "Manager", "DefaultLimitRSS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RSS]},
693 { "Manager", "DefaultLimitNOFILE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NOFILE]},
694 { "Manager", "DefaultLimitAS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_AS]},
695 { "Manager", "DefaultLimitNPROC", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NPROC]},
696 { "Manager", "DefaultLimitMEMLOCK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MEMLOCK]},
697 { "Manager", "DefaultLimitLOCKS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_LOCKS]},
698 { "Manager", "DefaultLimitSIGPENDING",config_parse_limit, 0, &arg_default_rlimit[RLIMIT_SIGPENDING]},
699 { "Manager", "DefaultLimitMSGQUEUE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MSGQUEUE]},
700 { "Manager", "DefaultLimitNICE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NICE]},
701 { "Manager", "DefaultLimitRTPRIO", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTPRIO]},
702 { "Manager", "DefaultLimitRTTIME", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTTIME]},
703 { NULL, NULL, NULL, 0, NULL }
710 fn = arg_running_as == MANAGER_SYSTEM ? SYSTEM_CONFIG_FILE : USER_CONFIG_FILE;
716 log_warning("Failed to open configuration file '%s': %m", fn);
720 r = config_parse(fn, f, "Manager\0", config_item_table_lookup, (void*) items, false, NULL);
722 log_warning("Failed to parse configuration file: %s", strerror(-r));
729 static int parse_proc_cmdline(void) {
730 char *line, *w, *state;
734 /* Don't read /proc/cmdline if we are in a container, since
735 * that is only relevant for the host system */
736 if (detect_container(NULL) > 0)
739 if ((r = read_one_line_file("/proc/cmdline", &line)) < 0) {
740 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
744 FOREACH_WORD_QUOTED(w, l, line, state) {
747 if (!(word = strndup(w, l))) {
752 r = parse_proc_cmdline_word(word);
766 static int parse_argv(int argc, char *argv[]) {
769 ARG_LOG_LEVEL = 0x100,
777 ARG_DUMP_CONFIGURATION_ITEMS,
786 ARG_DEFAULT_STD_OUTPUT,
787 ARG_DEFAULT_STD_ERROR
790 static const struct option options[] = {
791 { "log-level", required_argument, NULL, ARG_LOG_LEVEL },
792 { "log-target", required_argument, NULL, ARG_LOG_TARGET },
793 { "log-color", optional_argument, NULL, ARG_LOG_COLOR },
794 { "log-location", optional_argument, NULL, ARG_LOG_LOCATION },
795 { "unit", required_argument, NULL, ARG_UNIT },
796 { "system", no_argument, NULL, ARG_SYSTEM },
797 { "user", no_argument, NULL, ARG_USER },
798 { "test", no_argument, NULL, ARG_TEST },
799 { "help", no_argument, NULL, 'h' },
800 { "dump-configuration-items", no_argument, NULL, ARG_DUMP_CONFIGURATION_ITEMS },
801 { "dump-core", optional_argument, NULL, ARG_DUMP_CORE },
802 { "crash-shell", optional_argument, NULL, ARG_CRASH_SHELL },
803 { "confirm-spawn", optional_argument, NULL, ARG_CONFIRM_SPAWN },
804 { "show-status", optional_argument, NULL, ARG_SHOW_STATUS },
805 #ifdef HAVE_SYSV_COMPAT
806 { "sysv-console", optional_argument, NULL, ARG_SYSV_CONSOLE },
808 { "deserialize", required_argument, NULL, ARG_DESERIALIZE },
809 { "switched-root", no_argument, NULL, ARG_SWITCHED_ROOT },
810 { "introspect", optional_argument, NULL, ARG_INTROSPECT },
811 { "default-standard-output", required_argument, NULL, ARG_DEFAULT_STD_OUTPUT, },
812 { "default-standard-error", required_argument, NULL, ARG_DEFAULT_STD_ERROR, },
824 while ((c = getopt_long(argc, argv, "hDbsz:", options, NULL)) >= 0)
829 if ((r = log_set_max_level_from_string(optarg)) < 0) {
830 log_error("Failed to parse log level %s.", optarg);
838 if ((r = log_set_target_from_string(optarg)) < 0) {
839 log_error("Failed to parse log target %s.", optarg);
848 if ((r = log_show_color_from_string(optarg)) < 0) {
849 log_error("Failed to parse log color setting %s.", optarg);
853 log_show_color(true);
857 case ARG_LOG_LOCATION:
860 if ((r = log_show_location_from_string(optarg)) < 0) {
861 log_error("Failed to parse log location setting %s.", optarg);
865 log_show_location(true);
869 case ARG_DEFAULT_STD_OUTPUT:
871 if ((r = exec_output_from_string(optarg)) < 0) {
872 log_error("Failed to parse default standard output setting %s.", optarg);
875 arg_default_std_output = r;
878 case ARG_DEFAULT_STD_ERROR:
880 if ((r = exec_output_from_string(optarg)) < 0) {
881 log_error("Failed to parse default standard error output setting %s.", optarg);
884 arg_default_std_error = r;
889 if ((r = set_default_unit(optarg)) < 0) {
890 log_error("Failed to set default unit %s: %s", optarg, strerror(-r));
897 arg_running_as = MANAGER_SYSTEM;
901 arg_running_as = MANAGER_USER;
905 arg_action = ACTION_TEST;
908 case ARG_DUMP_CONFIGURATION_ITEMS:
909 arg_action = ACTION_DUMP_CONFIGURATION_ITEMS;
913 r = optarg ? parse_boolean(optarg) : 1;
915 log_error("Failed to parse dump core boolean %s.", optarg);
921 case ARG_CRASH_SHELL:
922 r = optarg ? parse_boolean(optarg) : 1;
924 log_error("Failed to parse crash shell boolean %s.", optarg);
930 case ARG_CONFIRM_SPAWN:
931 r = optarg ? parse_boolean(optarg) : 1;
933 log_error("Failed to parse confirm spawn boolean %s.", optarg);
936 arg_confirm_spawn = r;
939 case ARG_SHOW_STATUS:
940 r = optarg ? parse_boolean(optarg) : 1;
942 log_error("Failed to parse show status boolean %s.", optarg);
948 #ifdef HAVE_SYSV_COMPAT
949 case ARG_SYSV_CONSOLE:
950 r = optarg ? parse_boolean(optarg) : 1;
952 log_error("Failed to parse SysV console boolean %s.", optarg);
955 arg_sysv_console = r;
959 case ARG_DESERIALIZE: {
963 if ((r = safe_atoi(optarg, &fd)) < 0 || fd < 0) {
964 log_error("Failed to parse deserialize option %s.", optarg);
968 if (!(f = fdopen(fd, "r"))) {
969 log_error("Failed to open serialization fd: %m");
974 fclose(serialization);
981 case ARG_SWITCHED_ROOT:
982 arg_switched_root = true;
985 case ARG_INTROSPECT: {
986 const char * const * i = NULL;
988 for (i = bus_interface_table; *i; i += 2)
989 if (!optarg || streq(i[0], optarg)) {
990 fputs(DBUS_INTROSPECT_1_0_XML_DOCTYPE_DECL_NODE
993 fputs("</node>\n", stdout);
1000 log_error("Unknown interface %s.", optarg);
1002 arg_action = ACTION_DONE;
1007 arg_action = ACTION_HELP;
1011 log_set_max_level(LOG_DEBUG);
1017 /* Just to eat away the sysvinit kernel
1018 * cmdline args without getopt() error
1019 * messages that we'll parse in
1020 * parse_proc_cmdline_word() or ignore. */
1024 if (getpid() != 1) {
1025 log_error("Unknown option code %c", c);
1032 if (optind < argc && getpid() != 1) {
1033 /* Hmm, when we aren't run as init system
1034 * let's complain about excess arguments */
1036 log_error("Excess arguments.");
1040 if (detect_container(NULL) > 0) {
1043 /* All /proc/cmdline arguments the kernel didn't
1044 * understand it passed to us. We're not really
1045 * interested in that usually since /proc/cmdline is
1046 * more interesting and complete. With one exception:
1047 * if we are run in a container /proc/cmdline is not
1048 * relevant for the container, hence we rely on argv[]
1051 for (a = argv; a < argv + argc; a++)
1052 if ((r = parse_proc_cmdline_word(*a)) < 0)
1059 static int help(void) {
1061 printf("%s [OPTIONS...]\n\n"
1062 "Starts up and maintains the system or user services.\n\n"
1063 " -h --help Show this help\n"
1064 " --test Determine startup sequence, dump it and exit\n"
1065 " --dump-configuration-items Dump understood unit configuration items\n"
1066 " --introspect[=INTERFACE] Extract D-Bus interface data\n"
1067 " --unit=UNIT Set default unit\n"
1068 " --system Run a system instance, even if PID != 1\n"
1069 " --user Run a user instance\n"
1070 " --dump-core[=0|1] Dump core on crash\n"
1071 " --crash-shell[=0|1] Run shell on crash\n"
1072 " --confirm-spawn[=0|1] Ask for confirmation when spawning processes\n"
1073 " --show-status[=0|1] Show status updates on the console during bootup\n"
1074 #ifdef HAVE_SYSV_COMPAT
1075 " --sysv-console[=0|1] Connect output of SysV scripts to console\n"
1077 " --log-target=TARGET Set log target (console, journal, syslog, kmsg, journal-or-kmsg, syslog-or-kmsg, null)\n"
1078 " --log-level=LEVEL Set log level (debug, info, notice, warning, err, crit, alert, emerg)\n"
1079 " --log-color[=0|1] Highlight important log messages\n"
1080 " --log-location[=0|1] Include code location in log messages\n"
1081 " --default-standard-output= Set default standard output for services\n"
1082 " --default-standard-error= Set default standard error output for services\n",
1083 program_invocation_short_name);
1088 static int prepare_reexecute(Manager *m, FILE **_f, FDSet **_fds) {
1097 /* Make sure nothing is really destructed when we shut down */
1100 if ((r = manager_open_serialization(m, &f)) < 0) {
1101 log_error("Failed to create serialization file: %s", strerror(-r));
1105 if (!(fds = fdset_new())) {
1107 log_error("Failed to allocate fd set: %s", strerror(-r));
1111 if ((r = manager_serialize(m, f, fds)) < 0) {
1112 log_error("Failed to serialize state: %s", strerror(-r));
1116 if (fseeko(f, 0, SEEK_SET) < 0) {
1117 log_error("Failed to rewind serialization fd: %m");
1121 if ((r = fd_cloexec(fileno(f), false)) < 0) {
1122 log_error("Failed to disable O_CLOEXEC for serialization: %s", strerror(-r));
1126 if ((r = fdset_cloexec(fds, false)) < 0) {
1127 log_error("Failed to disable O_CLOEXEC for serialization fds: %s", strerror(-r));
1145 static struct dual_timestamp* parse_initrd_timestamp(struct dual_timestamp *t) {
1147 unsigned long long a, b;
1151 e = getenv("RD_TIMESTAMP");
1155 if (sscanf(e, "%llu %llu", &a, &b) != 2)
1158 t->realtime = (usec_t) a;
1159 t->monotonic = (usec_t) b;
1164 static void test_mtab(void) {
1167 /* Check that /etc/mtab is a symlink */
1169 if (readlink_malloc("/etc/mtab", &p) >= 0) {
1172 b = streq(p, "/proc/self/mounts") || streq(p, "/proc/mounts");
1179 log_warning("/etc/mtab is not a symlink or not pointing to /proc/self/mounts. "
1180 "This is not supported anymore. "
1181 "Please make sure to replace this file by a symlink to avoid incorrect or misleading mount(8) output.");
1184 static void test_usr(void) {
1186 /* Check that /usr is not a separate fs */
1188 if (dir_is_empty("/usr") <= 0)
1191 log_warning("/usr appears to be on its own filesytem and is not already mounted. This is not a supported setup. "
1192 "Some things will probably break (sometimes even silently) in mysterious ways. "
1193 "Consult http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken for more information.");
1196 static void test_cgroups(void) {
1198 if (access("/proc/cgroups", F_OK) >= 0)
1201 log_warning("CONFIG_CGROUPS was not set when your kernel was compiled. "
1202 "Systems without control groups are not supported. "
1203 "We will now sleep for 10s, and then continue boot-up. "
1204 "Expect breakage and please do not file bugs. "
1205 "Instead fix your kernel and enable CONFIG_CGROUPS. "
1206 "Consult http://0pointer.de/blog/projects/cgroups-vs-cgroups.html for more information.");
1211 int main(int argc, char *argv[]) {
1213 int r, retval = EXIT_FAILURE;
1214 usec_t before_startup, after_startup;
1215 char timespan[FORMAT_TIMESPAN_MAX];
1217 bool reexecute = false;
1218 const char *shutdown_verb = NULL;
1219 dual_timestamp initrd_timestamp = { 0ULL, 0ULL };
1220 static char systemd[] = "systemd";
1221 bool skip_setup = false;
1223 bool loaded_policy = false;
1224 bool arm_reboot_watchdog = false;
1225 bool queue_default_job = false;
1226 char *switch_root_dir = NULL, *switch_root_init = NULL;
1228 #ifdef HAVE_SYSV_COMPAT
1229 if (getpid() != 1 && strstr(program_invocation_short_name, "init")) {
1230 /* This is compatibility support for SysV, where
1231 * calling init as a user is identical to telinit. */
1234 execv(SYSTEMCTL_BINARY_PATH, argv);
1235 log_error("Failed to exec " SYSTEMCTL_BINARY_PATH ": %m");
1240 /* Determine if this is a reexecution or normal bootup. We do
1241 * the full command line parsing much later, so let's just
1242 * have a quick peek here. */
1243 for (j = 1; j < argc; j++)
1244 if (streq(argv[j], "--deserialize")) {
1249 /* If we have switched root, do all the special setup
1251 for (j = 1; j < argc; j++)
1252 if (streq(argv[j], "--switched-root")) {
1257 /* If we get started via the /sbin/init symlink then we are
1258 called 'init'. After a subsequent reexecution we are then
1259 called 'systemd'. That is confusing, hence let's call us
1260 systemd right-away. */
1261 program_invocation_short_name = systemd;
1262 prctl(PR_SET_NAME, systemd);
1267 log_show_color(isatty(STDERR_FILENO) > 0);
1268 log_show_location(false);
1269 log_set_max_level(LOG_INFO);
1271 if (getpid() == 1) {
1273 char *rd_timestamp = NULL;
1275 dual_timestamp_get(&initrd_timestamp);
1276 asprintf(&rd_timestamp, "%llu %llu",
1277 (unsigned long long) initrd_timestamp.realtime,
1278 (unsigned long long) initrd_timestamp.monotonic);
1280 setenv("RD_TIMESTAMP", rd_timestamp, 1);
1285 arg_running_as = MANAGER_SYSTEM;
1286 log_set_target(detect_container(NULL) > 0 ? LOG_TARGET_JOURNAL : LOG_TARGET_JOURNAL_OR_KMSG);
1289 if (selinux_setup(&loaded_policy) < 0)
1291 if (ima_setup() < 0)
1297 if (label_init(NULL) < 0)
1301 if (hwclock_is_localtime() > 0) {
1304 r = hwclock_apply_localtime_delta(&min);
1306 log_error("Failed to apply local time delta, ignoring: %s", strerror(-r));
1308 log_info("RTC configured in localtime, applying delta of %i minutes to system time.", min);
1312 arg_running_as = MANAGER_USER;
1313 log_set_target(LOG_TARGET_AUTO);
1317 /* Initialize default unit */
1318 if (set_default_unit(SPECIAL_DEFAULT_TARGET) < 0)
1321 /* By default, mount "cpu" and "cpuacct" together */
1322 arg_join_controllers = new(char**, 2);
1323 if (!arg_join_controllers)
1326 arg_join_controllers[0] = strv_new("cpu", "cpuacct", NULL);
1327 arg_join_controllers[1] = NULL;
1329 if (!arg_join_controllers[0])
1332 /* Mount /proc, /sys and friends, so that /proc/cmdline and
1333 * /proc/$PID/fd is available. */
1334 if (geteuid() == 0 && !getenv("SYSTEMD_SKIP_API_MOUNTS")) {
1335 r = mount_setup(loaded_policy);
1340 /* Reset all signal handlers. */
1341 assert_se(reset_all_signal_handlers() == 0);
1343 /* If we are init, we can block sigkill. Yay. */
1344 ignore_signals(SIGNALS_IGNORE, -1);
1346 if (parse_config_file() < 0)
1349 if (arg_running_as == MANAGER_SYSTEM)
1350 if (parse_proc_cmdline() < 0)
1353 log_parse_environment();
1355 if (parse_argv(argc, argv) < 0)
1358 if (arg_action == ACTION_TEST && geteuid() == 0) {
1359 log_error("Don't run test mode as root.");
1363 if (arg_running_as == MANAGER_SYSTEM &&
1364 arg_action == ACTION_RUN &&
1365 running_in_chroot() > 0) {
1366 log_error("Cannot be run in a chroot() environment.");
1370 if (arg_action == ACTION_HELP) {
1373 } else if (arg_action == ACTION_DUMP_CONFIGURATION_ITEMS) {
1374 unit_dump_config_items(stdout);
1375 retval = EXIT_SUCCESS;
1377 } else if (arg_action == ACTION_DONE) {
1378 retval = EXIT_SUCCESS;
1382 assert_se(arg_action == ACTION_RUN || arg_action == ACTION_TEST);
1384 /* Close logging fds, in order not to confuse fdset below */
1387 /* Remember open file descriptors for later deserialization */
1388 if (serialization) {
1389 r = fdset_new_fill(&fds);
1391 log_error("Failed to allocate fd set: %s", strerror(-r));
1395 assert_se(fdset_remove(fds, fileno(serialization)) >= 0);
1397 close_all_fds(NULL, 0);
1399 /* Set up PATH unless it is already set */
1401 #ifdef HAVE_SPLIT_USR
1402 "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
1404 "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin",
1406 arg_running_as == MANAGER_SYSTEM);
1408 if (arg_running_as == MANAGER_SYSTEM) {
1409 /* Parse the data passed to us. We leave this
1410 * variables set, but the manager later on will not
1411 * pass them on to our children. */
1413 parse_initrd_timestamp(&initrd_timestamp);
1415 /* Unset some environment variables passed in from the
1416 * kernel that don't really make sense for us. */
1420 /* When we are invoked by a shell, these might be set,
1421 * but make little sense to pass on */
1426 /* When we are invoked by a chroot-like tool such as
1427 * nspawn, these might be set, but make little sense
1430 unsetenv("LOGNAME");
1432 /* All other variables are left as is, so that clients
1433 * can still read them via /proc/1/environ */
1436 /* Move out of the way, so that we won't block unmounts */
1437 assert_se(chdir("/") == 0);
1439 if (arg_running_as == MANAGER_SYSTEM) {
1440 /* Become a session leader if we aren't one yet. */
1443 /* Disable the umask logic */
1447 /* Make sure D-Bus doesn't fiddle with the SIGPIPE handlers */
1448 dbus_connection_set_change_sigpipe(FALSE);
1450 /* Reset the console, but only if this is really init and we
1451 * are freshly booted */
1452 if (arg_running_as == MANAGER_SYSTEM && arg_action == ACTION_RUN) {
1453 console_setup(getpid() == 1 && !skip_setup);
1457 /* Open the logging devices, if possible and necessary */
1460 /* Make sure we leave a core dump without panicing the
1463 install_crash_handler();
1465 if (geteuid() == 0 && !getenv("SYSTEMD_SKIP_API_MOUNTS")) {
1466 r = mount_cgroup_controllers(arg_join_controllers);
1471 log_full(arg_running_as == MANAGER_SYSTEM ? LOG_INFO : LOG_DEBUG,
1472 PACKAGE_STRING " running in %s mode. (" SYSTEMD_FEATURES "; " DISTRIBUTION ")", manager_running_as_to_string(arg_running_as));
1474 if (arg_running_as == MANAGER_SYSTEM && !skip_setup) {
1477 if (arg_show_status || plymouth_running())
1490 if (arg_running_as == MANAGER_SYSTEM && arg_runtime_watchdog > 0)
1491 watchdog_set_timeout(&arg_runtime_watchdog);
1493 if (arg_timer_slack_nsec != (nsec_t) -1)
1494 if (prctl(PR_SET_TIMERSLACK, arg_timer_slack_nsec) < 0)
1495 log_error("Failed to adjust timer slack: %m");
1497 if (arg_capability_bounding_set_drop) {
1498 r = capability_bounding_set_drop(arg_capability_bounding_set_drop, true);
1500 log_error("Failed to drop capability bounding set: %s", strerror(-r));
1503 r = capability_bounding_set_drop_usermode(arg_capability_bounding_set_drop);
1505 log_error("Failed to drop capability bounding set of usermode helpers: %s", strerror(-r));
1510 r = manager_new(arg_running_as, &m);
1512 log_error("Failed to allocate manager object: %s", strerror(-r));
1516 m->confirm_spawn = arg_confirm_spawn;
1517 #ifdef HAVE_SYSV_COMPAT
1518 m->sysv_console = arg_sysv_console;
1520 m->default_std_output = arg_default_std_output;
1521 m->default_std_error = arg_default_std_error;
1522 m->runtime_watchdog = arg_runtime_watchdog;
1523 m->shutdown_watchdog = arg_shutdown_watchdog;
1525 manager_set_default_rlimits(m, arg_default_rlimit);
1527 if (dual_timestamp_is_set(&initrd_timestamp))
1528 m->initrd_timestamp = initrd_timestamp;
1530 if (arg_default_controllers)
1531 manager_set_default_controllers(m, arg_default_controllers);
1533 manager_set_show_status(m, arg_show_status);
1535 /* Remember whether we should queue the default job */
1536 queue_default_job = !serialization || arg_switched_root;
1538 before_startup = now(CLOCK_MONOTONIC);
1540 r = manager_startup(m, serialization, fds);
1542 log_error("Failed to fully start up daemon: %s", strerror(-r));
1544 /* This will close all file descriptors that were opened, but
1545 * not claimed by any unit. */
1551 if (serialization) {
1552 fclose(serialization);
1553 serialization = NULL;
1556 if (queue_default_job) {
1558 Unit *target = NULL;
1559 Job *default_unit_job;
1561 dbus_error_init(&error);
1563 log_debug("Activating default unit: %s", arg_default_unit);
1565 r = manager_load_unit(m, arg_default_unit, NULL, &error, &target);
1567 log_error("Failed to load default target: %s", bus_error(&error, r));
1568 dbus_error_free(&error);
1569 } else if (target->load_state == UNIT_ERROR)
1570 log_error("Failed to load default target: %s", strerror(-target->load_error));
1571 else if (target->load_state == UNIT_MASKED)
1572 log_error("Default target masked.");
1574 if (!target || target->load_state != UNIT_LOADED) {
1575 log_info("Trying to load rescue target...");
1577 r = manager_load_unit(m, SPECIAL_RESCUE_TARGET, NULL, &error, &target);
1579 log_error("Failed to load rescue target: %s", bus_error(&error, r));
1580 dbus_error_free(&error);
1582 } else if (target->load_state == UNIT_ERROR) {
1583 log_error("Failed to load rescue target: %s", strerror(-target->load_error));
1585 } else if (target->load_state == UNIT_MASKED) {
1586 log_error("Rescue target masked.");
1591 assert(target->load_state == UNIT_LOADED);
1593 if (arg_action == ACTION_TEST) {
1594 printf("-> By units:\n");
1595 manager_dump_units(m, stdout, "\t");
1598 r = manager_add_job(m, JOB_START, target, JOB_REPLACE, false, &error, &default_unit_job);
1600 log_error("Failed to start default target: %s", bus_error(&error, r));
1601 dbus_error_free(&error);
1604 m->default_unit_job_id = default_unit_job->id;
1606 after_startup = now(CLOCK_MONOTONIC);
1607 log_full(arg_action == ACTION_TEST ? LOG_INFO : LOG_DEBUG,
1608 "Loaded units and determined initial transaction in %s.",
1609 format_timespan(timespan, sizeof(timespan), after_startup - before_startup));
1611 if (arg_action == ACTION_TEST) {
1612 printf("-> By jobs:\n");
1613 manager_dump_jobs(m, stdout, "\t");
1614 retval = EXIT_SUCCESS;
1620 r = manager_loop(m);
1622 log_error("Failed to run mainloop: %s", strerror(-r));
1626 switch (m->exit_code) {
1629 retval = EXIT_SUCCESS;
1633 case MANAGER_RELOAD:
1634 log_info("Reloading.");
1635 r = manager_reload(m);
1637 log_error("Failed to reload: %s", strerror(-r));
1640 case MANAGER_REEXECUTE:
1642 if (prepare_reexecute(m, &serialization, &fds) < 0)
1646 log_notice("Reexecuting.");
1649 case MANAGER_SWITCH_ROOT:
1650 /* Steal the switch root parameters */
1651 switch_root_dir = m->switch_root;
1652 switch_root_init = m->switch_root_init;
1653 m->switch_root = m->switch_root_init = NULL;
1655 if (!switch_root_init)
1656 if (prepare_reexecute(m, &serialization, &fds) < 0)
1660 log_notice("Switching root.");
1663 case MANAGER_REBOOT:
1664 case MANAGER_POWEROFF:
1666 case MANAGER_KEXEC: {
1667 static const char * const table[_MANAGER_EXIT_CODE_MAX] = {
1668 [MANAGER_REBOOT] = "reboot",
1669 [MANAGER_POWEROFF] = "poweroff",
1670 [MANAGER_HALT] = "halt",
1671 [MANAGER_KEXEC] = "kexec"
1674 assert_se(shutdown_verb = table[m->exit_code]);
1675 arm_reboot_watchdog = m->exit_code == MANAGER_REBOOT;
1677 log_notice("Shutting down.");
1682 assert_not_reached("Unknown exit code.");
1690 for (j = 0; j < RLIMIT_NLIMITS; j++)
1691 free (arg_default_rlimit[j]);
1693 free(arg_default_unit);
1694 strv_free(arg_default_controllers);
1695 free_join_controllers();
1702 unsigned i, args_size;
1704 /* Close and disarm the watchdog, so that the new
1705 * instance can reinitialize it, but doesn't get
1706 * rebooted while we do that */
1707 watchdog_close(true);
1709 if (switch_root_dir) {
1710 r = switch_root(switch_root_dir);
1712 log_error("Failed to switch root, ignoring: %s", strerror(-r));
1715 args_size = MAX(6, argc+1);
1716 args = newa(const char*, args_size);
1718 if (!switch_root_init) {
1721 /* First try to spawn ourselves with the right
1722 * path, and with full serialization. We do
1723 * this only if the user didn't specify an
1724 * explicit init to spawn. */
1726 assert(serialization);
1729 snprintf(sfd, sizeof(sfd), "%i", fileno(serialization));
1733 args[i++] = SYSTEMD_BINARY_PATH;
1734 if (switch_root_dir)
1735 args[i++] = "--switched-root";
1736 args[i++] = arg_running_as == MANAGER_SYSTEM ? "--system" : "--user";
1737 args[i++] = "--deserialize";
1741 assert(i <= args_size);
1742 execv(args[0], (char* const*) args);
1745 /* Try the fallback, if there is any, without any
1746 * serialization. We pass the original argv[] and
1747 * envp[]. (Well, modulo the ordering changes due to
1748 * getopt() in argv[], and some cleanups in envp[],
1749 * but let's hope that doesn't matter.) */
1751 if (serialization) {
1752 fclose(serialization);
1753 serialization = NULL;
1761 for (j = 1, i = 1; j < argc; j++)
1762 args[i++] = argv[j];
1764 assert(i <= args_size);
1766 if (switch_root_init) {
1767 args[0] = switch_root_init;
1768 execv(args[0], (char* const*) args);
1769 log_warning("Failed to execute configured init, trying fallback: %m");
1772 args[0] = "/sbin/init";
1773 execv(args[0], (char* const*) args);
1775 if (errno == ENOENT) {
1776 log_warning("No /sbin/init, trying fallback");
1778 args[0] = "/bin/sh";
1780 execv(args[0], (char* const*) args);
1781 log_error("Failed to execute /bin/sh, giving up: %m");
1783 log_warning("Failed to execute /sbin/init, giving up: %m");
1787 fclose(serialization);
1792 if (shutdown_verb) {
1793 const char * command_line[] = {
1794 SYSTEMD_SHUTDOWN_BINARY_PATH,
1800 if (arm_reboot_watchdog && arg_shutdown_watchdog > 0) {
1803 /* If we reboot let's set the shutdown
1804 * watchdog and tell the shutdown binary to
1805 * repeatedly ping it */
1806 watchdog_set_timeout(&arg_shutdown_watchdog);
1807 watchdog_close(false);
1809 /* Tell the binary how often to ping */
1810 snprintf(e, sizeof(e), "WATCHDOG_USEC=%llu", (unsigned long long) arg_shutdown_watchdog);
1813 env_block = strv_append(environ, e);
1815 env_block = strv_copy(environ);
1816 watchdog_close(true);
1819 execve(SYSTEMD_SHUTDOWN_BINARY_PATH, (char **) command_line, env_block);
1821 log_error("Failed to execute shutdown binary, freezing: %m");
~ianmdlvl / elogind.git / blob