1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
31 #include <sys/resource.h>
32 #include <linux/sched.h>
33 #include <sys/types.h>
37 #include <sys/ioctl.h>
39 #include <linux/tiocl.h>
42 #include <sys/inotify.h>
45 #include <sys/prctl.h>
46 #include <sys/utsname.h>
48 #include <netinet/ip.h>
57 #include <sys/mount.h>
58 #include <linux/magic.h>
62 #include <sys/personality.h>
66 #ifdef HAVE_SYS_AUXV_H
78 #include "path-util.h"
79 #include "exit-status.h"
83 #include "device-nodes.h"
90 char **saved_argv = NULL;
92 static volatile unsigned cached_columns = 0;
93 static volatile unsigned cached_lines = 0;
95 size_t page_size(void) {
96 static thread_local size_t pgsz = 0;
99 if (_likely_(pgsz > 0))
102 r = sysconf(_SC_PAGESIZE);
109 bool streq_ptr(const char *a, const char *b) {
111 /* Like streq(), but tries to make sense of NULL pointers */
122 char* endswith(const char *s, const char *postfix) {
129 pl = strlen(postfix);
132 return (char*) s + sl;
137 if (memcmp(s + sl - pl, postfix, pl) != 0)
140 return (char*) s + sl - pl;
143 char* first_word(const char *s, const char *word) {
150 /* Checks if the string starts with the specified word, either
151 * followed by NUL or by whitespace. Returns a pointer to the
152 * NUL or the first character after the whitespace. */
163 if (memcmp(s, word, wl) != 0)
170 if (!strchr(WHITESPACE, *p))
173 p += strspn(p, WHITESPACE);
177 static size_t cescape_char(char c, char *buf) {
178 char * buf_old = buf;
224 /* For special chars we prefer octal over
225 * hexadecimal encoding, simply because glib's
226 * g_strescape() does the same */
227 if ((c < ' ') || (c >= 127)) {
229 *(buf++) = octchar((unsigned char) c >> 6);
230 *(buf++) = octchar((unsigned char) c >> 3);
231 *(buf++) = octchar((unsigned char) c);
237 return buf - buf_old;
240 int close_nointr(int fd) {
247 * Just ignore EINTR; a retry loop is the wrong thing to do on
250 * http://lkml.indiana.edu/hypermail/linux/kernel/0509.1/0877.html
251 * https://bugzilla.gnome.org/show_bug.cgi?id=682819
252 * http://utcc.utoronto.ca/~cks/space/blog/unix/CloseEINTR
253 * https://sites.google.com/site/michaelsafyan/software-engineering/checkforeintrwheninvokingclosethinkagain
261 int safe_close(int fd) {
264 * Like close_nointr() but cannot fail. Guarantees errno is
265 * unchanged. Is a NOP with negative fds passed, and returns
266 * -1, so that it can be used in this syntax:
268 * fd = safe_close(fd);
274 /* The kernel might return pretty much any error code
275 * via close(), but the fd will be closed anyway. The
276 * only condition we want to check for here is whether
277 * the fd was invalid at all... */
279 assert_se(close_nointr(fd) != -EBADF);
285 void close_many(const int fds[], unsigned n_fd) {
288 assert(fds || n_fd <= 0);
290 for (i = 0; i < n_fd; i++)
294 int unlink_noerrno(const char *path) {
305 int parse_boolean(const char *v) {
308 if (streq(v, "1") || strcaseeq(v, "yes") || strcaseeq(v, "y") || strcaseeq(v, "true") || strcaseeq(v, "t") || strcaseeq(v, "on"))
310 else if (streq(v, "0") || strcaseeq(v, "no") || strcaseeq(v, "n") || strcaseeq(v, "false") || strcaseeq(v, "f") || strcaseeq(v, "off"))
316 int parse_pid(const char *s, pid_t* ret_pid) {
317 unsigned long ul = 0;
324 r = safe_atolu(s, &ul);
330 if ((unsigned long) pid != ul)
340 int parse_uid(const char *s, uid_t* ret_uid) {
341 unsigned long ul = 0;
348 r = safe_atolu(s, &ul);
354 if ((unsigned long) uid != ul)
357 /* Some libc APIs use UID_INVALID as special placeholder */
358 if (uid == (uid_t) 0xFFFFFFFF)
361 /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */
362 if (uid == (uid_t) 0xFFFF)
369 int safe_atou(const char *s, unsigned *ret_u) {
377 l = strtoul(s, &x, 0);
379 if (!x || x == s || *x || errno)
380 return errno > 0 ? -errno : -EINVAL;
382 if ((unsigned long) (unsigned) l != l)
385 *ret_u = (unsigned) l;
389 int safe_atoi(const char *s, int *ret_i) {
397 l = strtol(s, &x, 0);
399 if (!x || x == s || *x || errno)
400 return errno > 0 ? -errno : -EINVAL;
402 if ((long) (int) l != l)
409 int safe_atou8(const char *s, uint8_t *ret) {
417 l = strtoul(s, &x, 0);
419 if (!x || x == s || *x || errno)
420 return errno > 0 ? -errno : -EINVAL;
422 if ((unsigned long) (uint8_t) l != l)
429 int safe_atou16(const char *s, uint16_t *ret) {
437 l = strtoul(s, &x, 0);
439 if (!x || x == s || *x || errno)
440 return errno > 0 ? -errno : -EINVAL;
442 if ((unsigned long) (uint16_t) l != l)
449 int safe_atoi16(const char *s, int16_t *ret) {
457 l = strtol(s, &x, 0);
459 if (!x || x == s || *x || errno)
460 return errno > 0 ? -errno : -EINVAL;
462 if ((long) (int16_t) l != l)
469 int safe_atollu(const char *s, long long unsigned *ret_llu) {
471 unsigned long long l;
477 l = strtoull(s, &x, 0);
479 if (!x || x == s || *x || errno)
480 return errno ? -errno : -EINVAL;
486 int safe_atolli(const char *s, long long int *ret_lli) {
494 l = strtoll(s, &x, 0);
496 if (!x || x == s || *x || errno)
497 return errno ? -errno : -EINVAL;
503 int safe_atod(const char *s, double *ret_d) {
510 RUN_WITH_LOCALE(LC_NUMERIC_MASK, "C") {
515 if (!x || x == s || *x || errno)
516 return errno ? -errno : -EINVAL;
522 static size_t strcspn_escaped(const char *s, const char *reject) {
523 bool escaped = false;
526 for (n=0; s[n]; n++) {
529 else if (s[n] == '\\')
531 else if (strchr(reject, s[n]))
534 /* if s ends in \, return index of previous char */
538 /* Split a string into words. */
539 const char* split(const char **state, size_t *l, const char *separator, bool quoted) {
545 assert(**state == '\0');
549 current += strspn(current, separator);
555 if (quoted && strchr("\'\"", *current)) {
556 char quotechars[2] = {*current, '\0'};
558 *l = strcspn_escaped(current + 1, quotechars);
559 if (current[*l + 1] == '\0' ||
560 (current[*l + 2] && !strchr(separator, current[*l + 2]))) {
561 /* right quote missing or garbage at the end*/
565 assert(current[*l + 1] == quotechars[0]);
566 *state = current++ + *l + 2;
568 *l = strcspn_escaped(current, separator);
569 *state = current + *l;
571 *l = strcspn(current, separator);
572 *state = current + *l;
578 int get_parent_of_pid(pid_t pid, pid_t *_ppid) {
580 _cleanup_free_ char *line = NULL;
592 p = procfs_file_alloca(pid, "stat");
593 r = read_one_line_file(p, &line);
597 /* Let's skip the pid and comm fields. The latter is enclosed
598 * in () but does not escape any () in its value, so let's
599 * skip over it manually */
601 p = strrchr(line, ')');
613 if ((long unsigned) (pid_t) ppid != ppid)
616 *_ppid = (pid_t) ppid;
621 int get_starttime_of_pid(pid_t pid, unsigned long long *st) {
623 _cleanup_free_ char *line = NULL;
629 p = procfs_file_alloca(pid, "stat");
630 r = read_one_line_file(p, &line);
634 /* Let's skip the pid and comm fields. The latter is enclosed
635 * in () but does not escape any () in its value, so let's
636 * skip over it manually */
638 p = strrchr(line, ')');
660 "%*d " /* priority */
662 "%*d " /* num_threads */
663 "%*d " /* itrealvalue */
664 "%llu " /* starttime */,
671 int fchmod_umask(int fd, mode_t m) {
676 r = fchmod(fd, m & (~u)) < 0 ? -errno : 0;
682 char *truncate_nl(char *s) {
685 s[strcspn(s, NEWLINE)] = 0;
689 int get_process_state(pid_t pid) {
693 _cleanup_free_ char *line = NULL;
697 p = procfs_file_alloca(pid, "stat");
698 r = read_one_line_file(p, &line);
702 p = strrchr(line, ')');
708 if (sscanf(p, " %c", &state) != 1)
711 return (unsigned char) state;
714 int get_process_comm(pid_t pid, char **name) {
721 p = procfs_file_alloca(pid, "comm");
723 r = read_one_line_file(p, name);
730 int get_process_cmdline(pid_t pid, size_t max_length, bool comm_fallback, char **line) {
731 _cleanup_fclose_ FILE *f = NULL;
739 p = procfs_file_alloca(pid, "cmdline");
745 if (max_length == 0) {
746 size_t len = 0, allocated = 0;
748 while ((c = getc(f)) != EOF) {
750 if (!GREEDY_REALLOC(r, allocated, len+2)) {
755 r[len++] = isprint(c) ? c : ' ';
765 r = new(char, max_length);
771 while ((c = getc(f)) != EOF) {
793 size_t n = MIN(left-1, 3U);
800 /* Kernel threads have no argv[] */
802 _cleanup_free_ char *t = NULL;
810 h = get_process_comm(pid, &t);
814 r = strjoin("[", t, "]", NULL);
823 int is_kernel_thread(pid_t pid) {
835 p = procfs_file_alloca(pid, "cmdline");
840 count = fread(&c, 1, 1, f);
844 /* Kernel threads have an empty cmdline */
847 return eof ? 1 : -errno;
852 int get_process_capeff(pid_t pid, char **capeff) {
858 p = procfs_file_alloca(pid, "status");
860 return get_status_field(p, "\nCapEff:", capeff);
863 static int get_process_link_contents(const char *proc_file, char **name) {
869 r = readlink_malloc(proc_file, name);
871 return r == -ENOENT ? -ESRCH : r;
876 int get_process_exe(pid_t pid, char **name) {
883 p = procfs_file_alloca(pid, "exe");
884 r = get_process_link_contents(p, name);
888 d = endswith(*name, " (deleted)");
895 static int get_process_id(pid_t pid, const char *field, uid_t *uid) {
896 _cleanup_fclose_ FILE *f = NULL;
906 p = procfs_file_alloca(pid, "status");
911 FOREACH_LINE(line, f, return -errno) {
916 if (startswith(l, field)) {
918 l += strspn(l, WHITESPACE);
920 l[strcspn(l, WHITESPACE)] = 0;
922 return parse_uid(l, uid);
929 int get_process_uid(pid_t pid, uid_t *uid) {
930 return get_process_id(pid, "Uid:", uid);
933 int get_process_gid(pid_t pid, gid_t *gid) {
934 assert_cc(sizeof(uid_t) == sizeof(gid_t));
935 return get_process_id(pid, "Gid:", gid);
938 int get_process_cwd(pid_t pid, char **cwd) {
943 p = procfs_file_alloca(pid, "cwd");
945 return get_process_link_contents(p, cwd);
948 int get_process_root(pid_t pid, char **root) {
953 p = procfs_file_alloca(pid, "root");
955 return get_process_link_contents(p, root);
958 int get_process_environ(pid_t pid, char **environ) {
959 _cleanup_fclose_ FILE *f = NULL;
960 _cleanup_free_ char *outcome = NULL;
963 size_t allocated = 0, sz = 0;
968 p = procfs_file_alloca(pid, "environ");
974 while ((c = fgetc(f)) != EOF) {
975 if (!GREEDY_REALLOC(outcome, allocated, sz + 5))
979 outcome[sz++] = '\n';
981 sz += cescape_char(c, outcome + sz);
991 char *strnappend(const char *s, const char *suffix, size_t b) {
999 return strndup(suffix, b);
1008 if (b > ((size_t) -1) - a)
1011 r = new(char, a+b+1);
1016 memcpy(r+a, suffix, b);
1022 char *strappend(const char *s, const char *suffix) {
1023 return strnappend(s, suffix, suffix ? strlen(suffix) : 0);
1026 int readlinkat_malloc(int fd, const char *p, char **ret) {
1041 n = readlinkat(fd, p, c, l-1);
1048 if ((size_t) n < l-1) {
1059 int readlink_malloc(const char *p, char **ret) {
1060 return readlinkat_malloc(AT_FDCWD, p, ret);
1063 int readlink_value(const char *p, char **ret) {
1064 _cleanup_free_ char *link = NULL;
1068 r = readlink_malloc(p, &link);
1072 value = basename(link);
1076 value = strdup(value);
1085 int readlink_and_make_absolute(const char *p, char **r) {
1086 _cleanup_free_ char *target = NULL;
1093 j = readlink_malloc(p, &target);
1097 k = file_in_same_dir(p, target);
1105 int readlink_and_canonicalize(const char *p, char **r) {
1112 j = readlink_and_make_absolute(p, &t);
1116 s = canonicalize_file_name(t);
1123 path_kill_slashes(*r);
1128 int reset_all_signal_handlers(void) {
1131 for (sig = 1; sig < _NSIG; sig++) {
1132 struct sigaction sa = {
1133 .sa_handler = SIG_DFL,
1134 .sa_flags = SA_RESTART,
1137 /* These two cannot be caught... */
1138 if (sig == SIGKILL || sig == SIGSTOP)
1141 /* On Linux the first two RT signals are reserved by
1142 * glibc, and sigaction() will return EINVAL for them. */
1143 if ((sigaction(sig, &sa, NULL) < 0))
1144 if (errno != EINVAL && r == 0)
1151 int reset_signal_mask(void) {
1154 if (sigemptyset(&ss) < 0)
1157 if (sigprocmask(SIG_SETMASK, &ss, NULL) < 0)
1163 char *strstrip(char *s) {
1166 /* Drops trailing whitespace. Modifies the string in
1167 * place. Returns pointer to first non-space character */
1169 s += strspn(s, WHITESPACE);
1171 for (e = strchr(s, 0); e > s; e --)
1172 if (!strchr(WHITESPACE, e[-1]))
1180 char *delete_chars(char *s, const char *bad) {
1183 /* Drops all whitespace, regardless where in the string */
1185 for (f = s, t = s; *f; f++) {
1186 if (strchr(bad, *f))
1197 char *file_in_same_dir(const char *path, const char *filename) {
1204 /* This removes the last component of path and appends
1205 * filename, unless the latter is absolute anyway or the
1208 if (path_is_absolute(filename))
1209 return strdup(filename);
1211 if (!(e = strrchr(path, '/')))
1212 return strdup(filename);
1214 k = strlen(filename);
1215 if (!(r = new(char, e-path+1+k+1)))
1218 memcpy(r, path, e-path+1);
1219 memcpy(r+(e-path)+1, filename, k+1);
1224 int rmdir_parents(const char *path, const char *stop) {
1233 /* Skip trailing slashes */
1234 while (l > 0 && path[l-1] == '/')
1240 /* Skip last component */
1241 while (l > 0 && path[l-1] != '/')
1244 /* Skip trailing slashes */
1245 while (l > 0 && path[l-1] == '/')
1251 if (!(t = strndup(path, l)))
1254 if (path_startswith(stop, t)) {
1263 if (errno != ENOENT)
1270 char hexchar(int x) {
1271 static const char table[16] = "0123456789abcdef";
1273 return table[x & 15];
1276 int unhexchar(char c) {
1278 if (c >= '0' && c <= '9')
1281 if (c >= 'a' && c <= 'f')
1282 return c - 'a' + 10;
1284 if (c >= 'A' && c <= 'F')
1285 return c - 'A' + 10;
1290 char *hexmem(const void *p, size_t l) {
1294 z = r = malloc(l * 2 + 1);
1298 for (x = p; x < (const uint8_t*) p + l; x++) {
1299 *(z++) = hexchar(*x >> 4);
1300 *(z++) = hexchar(*x & 15);
1307 void *unhexmem(const char *p, size_t l) {
1313 z = r = malloc((l + 1) / 2 + 1);
1317 for (x = p; x < p + l; x += 2) {
1320 a = unhexchar(x[0]);
1322 b = unhexchar(x[1]);
1326 *(z++) = (uint8_t) a << 4 | (uint8_t) b;
1333 char octchar(int x) {
1334 return '0' + (x & 7);
1337 int unoctchar(char c) {
1339 if (c >= '0' && c <= '7')
1345 char decchar(int x) {
1346 return '0' + (x % 10);
1349 int undecchar(char c) {
1351 if (c >= '0' && c <= '9')
1357 char *cescape(const char *s) {
1363 /* Does C style string escaping. */
1365 r = new(char, strlen(s)*4 + 1);
1369 for (f = s, t = r; *f; f++)
1370 t += cescape_char(*f, t);
1377 char *cunescape_length_with_prefix(const char *s, size_t length, const char *prefix) {
1384 /* Undoes C style string escaping, and optionally prefixes it. */
1386 pl = prefix ? strlen(prefix) : 0;
1388 r = new(char, pl+length+1);
1393 memcpy(r, prefix, pl);
1395 for (f = s, t = r + pl; f < s + length; f++) {
1438 /* This is an extension of the XDG syntax files */
1443 /* hexadecimal encoding */
1446 a = unhexchar(f[1]);
1447 b = unhexchar(f[2]);
1449 if (a < 0 || b < 0 || (a == 0 && b == 0)) {
1450 /* Invalid escape code, let's take it literal then */
1454 *(t++) = (char) ((a << 4) | b);
1469 /* octal encoding */
1472 a = unoctchar(f[0]);
1473 b = unoctchar(f[1]);
1474 c = unoctchar(f[2]);
1476 if (a < 0 || b < 0 || c < 0 || (a == 0 && b == 0 && c == 0)) {
1477 /* Invalid escape code, let's take it literal then */
1481 *(t++) = (char) ((a << 6) | (b << 3) | c);
1489 /* premature end of string.*/
1494 /* Invalid escape code, let's take it literal then */
1506 char *cunescape_length(const char *s, size_t length) {
1507 return cunescape_length_with_prefix(s, length, NULL);
1510 char *cunescape(const char *s) {
1513 return cunescape_length(s, strlen(s));
1516 char *xescape(const char *s, const char *bad) {
1520 /* Escapes all chars in bad, in addition to \ and all special
1521 * chars, in \xFF style escaping. May be reversed with
1524 r = new(char, strlen(s) * 4 + 1);
1528 for (f = s, t = r; *f; f++) {
1530 if ((*f < ' ') || (*f >= 127) ||
1531 (*f == '\\') || strchr(bad, *f)) {
1534 *(t++) = hexchar(*f >> 4);
1535 *(t++) = hexchar(*f);
1545 char *ascii_strlower(char *t) {
1550 for (p = t; *p; p++)
1551 if (*p >= 'A' && *p <= 'Z')
1552 *p = *p - 'A' + 'a';
1557 _pure_ static bool ignore_file_allow_backup(const char *filename) {
1561 filename[0] == '.' ||
1562 streq(filename, "lost+found") ||
1563 streq(filename, "aquota.user") ||
1564 streq(filename, "aquota.group") ||
1565 endswith(filename, ".rpmnew") ||
1566 endswith(filename, ".rpmsave") ||
1567 endswith(filename, ".rpmorig") ||
1568 endswith(filename, ".dpkg-old") ||
1569 endswith(filename, ".dpkg-new") ||
1570 endswith(filename, ".dpkg-tmp") ||
1571 endswith(filename, ".swp");
1574 bool ignore_file(const char *filename) {
1577 if (endswith(filename, "~"))
1580 return ignore_file_allow_backup(filename);
1583 int fd_nonblock(int fd, bool nonblock) {
1588 flags = fcntl(fd, F_GETFL, 0);
1593 nflags = flags | O_NONBLOCK;
1595 nflags = flags & ~O_NONBLOCK;
1597 if (nflags == flags)
1600 if (fcntl(fd, F_SETFL, nflags) < 0)
1606 int fd_cloexec(int fd, bool cloexec) {
1611 flags = fcntl(fd, F_GETFD, 0);
1616 nflags = flags | FD_CLOEXEC;
1618 nflags = flags & ~FD_CLOEXEC;
1620 if (nflags == flags)
1623 if (fcntl(fd, F_SETFD, nflags) < 0)
1629 _pure_ static bool fd_in_set(int fd, const int fdset[], unsigned n_fdset) {
1632 assert(n_fdset == 0 || fdset);
1634 for (i = 0; i < n_fdset; i++)
1641 int close_all_fds(const int except[], unsigned n_except) {
1642 _cleanup_closedir_ DIR *d = NULL;
1646 assert(n_except == 0 || except);
1648 d = opendir("/proc/self/fd");
1653 /* When /proc isn't available (for example in chroots)
1654 * the fallback is brute forcing through the fd
1657 assert_se(getrlimit(RLIMIT_NOFILE, &rl) >= 0);
1658 for (fd = 3; fd < (int) rl.rlim_max; fd ++) {
1660 if (fd_in_set(fd, except, n_except))
1663 if (close_nointr(fd) < 0)
1664 if (errno != EBADF && r == 0)
1671 while ((de = readdir(d))) {
1674 if (ignore_file(de->d_name))
1677 if (safe_atoi(de->d_name, &fd) < 0)
1678 /* Let's better ignore this, just in case */
1687 if (fd_in_set(fd, except, n_except))
1690 if (close_nointr(fd) < 0) {
1691 /* Valgrind has its own FD and doesn't want to have it closed */
1692 if (errno != EBADF && r == 0)
1700 bool chars_intersect(const char *a, const char *b) {
1703 /* Returns true if any of the chars in a are in b. */
1704 for (p = a; *p; p++)
1711 bool fstype_is_network(const char *fstype) {
1712 static const char table[] =
1726 x = startswith(fstype, "fuse.");
1730 return nulstr_contains(table, fstype);
1734 _cleanup_close_ int fd;
1736 fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
1742 TIOCL_GETKMSGREDIRECT,
1746 if (ioctl(fd, TIOCLINUX, tiocl) < 0)
1749 vt = tiocl[0] <= 0 ? 1 : tiocl[0];
1752 if (ioctl(fd, VT_ACTIVATE, vt) < 0)
1758 int read_one_char(FILE *f, char *ret, usec_t t, bool *need_nl) {
1759 struct termios old_termios, new_termios;
1760 char c, line[LINE_MAX];
1765 if (tcgetattr(fileno(f), &old_termios) >= 0) {
1766 new_termios = old_termios;
1768 new_termios.c_lflag &= ~ICANON;
1769 new_termios.c_cc[VMIN] = 1;
1770 new_termios.c_cc[VTIME] = 0;
1772 if (tcsetattr(fileno(f), TCSADRAIN, &new_termios) >= 0) {
1775 if (t != USEC_INFINITY) {
1776 if (fd_wait_for_event(fileno(f), POLLIN, t) <= 0) {
1777 tcsetattr(fileno(f), TCSADRAIN, &old_termios);
1782 k = fread(&c, 1, 1, f);
1784 tcsetattr(fileno(f), TCSADRAIN, &old_termios);
1790 *need_nl = c != '\n';
1797 if (t != USEC_INFINITY) {
1798 if (fd_wait_for_event(fileno(f), POLLIN, t) <= 0)
1803 if (!fgets(line, sizeof(line), f))
1804 return errno ? -errno : -EIO;
1808 if (strlen(line) != 1)
1818 int ask_char(char *ret, const char *replies, const char *text, ...) {
1828 bool need_nl = true;
1831 fputs(ANSI_HIGHLIGHT_ON, stdout);
1838 fputs(ANSI_HIGHLIGHT_OFF, stdout);
1842 r = read_one_char(stdin, &c, USEC_INFINITY, &need_nl);
1845 if (r == -EBADMSG) {
1846 puts("Bad input, please try again.");
1857 if (strchr(replies, c)) {
1862 puts("Read unexpected character, please try again.");
1866 int ask_string(char **ret, const char *text, ...) {
1871 char line[LINE_MAX];
1875 fputs(ANSI_HIGHLIGHT_ON, stdout);
1882 fputs(ANSI_HIGHLIGHT_OFF, stdout);
1887 if (!fgets(line, sizeof(line), stdin))
1888 return errno ? -errno : -EIO;
1890 if (!endswith(line, "\n"))
1909 int reset_terminal_fd(int fd, bool switch_to_text) {
1910 struct termios termios;
1913 /* Set terminal to some sane defaults */
1917 /* We leave locked terminal attributes untouched, so that
1918 * Plymouth may set whatever it wants to set, and we don't
1919 * interfere with that. */
1921 /* Disable exclusive mode, just in case */
1922 ioctl(fd, TIOCNXCL);
1924 /* Switch to text mode */
1926 ioctl(fd, KDSETMODE, KD_TEXT);
1928 /* Enable console unicode mode */
1929 ioctl(fd, KDSKBMODE, K_UNICODE);
1931 if (tcgetattr(fd, &termios) < 0) {
1936 /* We only reset the stuff that matters to the software. How
1937 * hardware is set up we don't touch assuming that somebody
1938 * else will do that for us */
1940 termios.c_iflag &= ~(IGNBRK | BRKINT | ISTRIP | INLCR | IGNCR | IUCLC);
1941 termios.c_iflag |= ICRNL | IMAXBEL | IUTF8;
1942 termios.c_oflag |= ONLCR;
1943 termios.c_cflag |= CREAD;
1944 termios.c_lflag = ISIG | ICANON | IEXTEN | ECHO | ECHOE | ECHOK | ECHOCTL | ECHOPRT | ECHOKE;
1946 termios.c_cc[VINTR] = 03; /* ^C */
1947 termios.c_cc[VQUIT] = 034; /* ^\ */
1948 termios.c_cc[VERASE] = 0177;
1949 termios.c_cc[VKILL] = 025; /* ^X */
1950 termios.c_cc[VEOF] = 04; /* ^D */
1951 termios.c_cc[VSTART] = 021; /* ^Q */
1952 termios.c_cc[VSTOP] = 023; /* ^S */
1953 termios.c_cc[VSUSP] = 032; /* ^Z */
1954 termios.c_cc[VLNEXT] = 026; /* ^V */
1955 termios.c_cc[VWERASE] = 027; /* ^W */
1956 termios.c_cc[VREPRINT] = 022; /* ^R */
1957 termios.c_cc[VEOL] = 0;
1958 termios.c_cc[VEOL2] = 0;
1960 termios.c_cc[VTIME] = 0;
1961 termios.c_cc[VMIN] = 1;
1963 if (tcsetattr(fd, TCSANOW, &termios) < 0)
1967 /* Just in case, flush all crap out */
1968 tcflush(fd, TCIOFLUSH);
1973 int reset_terminal(const char *name) {
1974 _cleanup_close_ int fd = -1;
1976 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
1980 return reset_terminal_fd(fd, true);
1983 int open_terminal(const char *name, int mode) {
1988 * If a TTY is in the process of being closed opening it might
1989 * cause EIO. This is horribly awful, but unlikely to be
1990 * changed in the kernel. Hence we work around this problem by
1991 * retrying a couple of times.
1993 * https://bugs.launchpad.net/ubuntu/+source/linux/+bug/554172/comments/245
1996 assert(!(mode & O_CREAT));
1999 fd = open(name, mode, 0);
2006 /* Max 1s in total */
2010 usleep(50 * USEC_PER_MSEC);
2028 int flush_fd(int fd) {
2029 struct pollfd pollfd = {
2039 r = poll(&pollfd, 1, 0);
2049 l = read(fd, buf, sizeof(buf));
2055 if (errno == EAGAIN)
2064 int acquire_terminal(
2068 bool ignore_tiocstty_eperm,
2071 int fd = -1, notify = -1, r = 0, wd = -1;
2076 /* We use inotify to be notified when the tty is closed. We
2077 * create the watch before checking if we can actually acquire
2078 * it, so that we don't lose any event.
2080 * Note: strictly speaking this actually watches for the
2081 * device being closed, it does *not* really watch whether a
2082 * tty loses its controlling process. However, unless some
2083 * rogue process uses TIOCNOTTY on /dev/tty *after* closing
2084 * its tty otherwise this will not become a problem. As long
2085 * as the administrator makes sure not configure any service
2086 * on the same tty as an untrusted user this should not be a
2087 * problem. (Which he probably should not do anyway.) */
2089 if (timeout != USEC_INFINITY)
2090 ts = now(CLOCK_MONOTONIC);
2092 if (!fail && !force) {
2093 notify = inotify_init1(IN_CLOEXEC | (timeout != USEC_INFINITY ? IN_NONBLOCK : 0));
2099 wd = inotify_add_watch(notify, name, IN_CLOSE);
2107 struct sigaction sa_old, sa_new = {
2108 .sa_handler = SIG_IGN,
2109 .sa_flags = SA_RESTART,
2113 r = flush_fd(notify);
2118 /* We pass here O_NOCTTY only so that we can check the return
2119 * value TIOCSCTTY and have a reliable way to figure out if we
2120 * successfully became the controlling process of the tty */
2121 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
2125 /* Temporarily ignore SIGHUP, so that we don't get SIGHUP'ed
2126 * if we already own the tty. */
2127 assert_se(sigaction(SIGHUP, &sa_new, &sa_old) == 0);
2129 /* First, try to get the tty */
2130 if (ioctl(fd, TIOCSCTTY, force) < 0)
2133 assert_se(sigaction(SIGHUP, &sa_old, NULL) == 0);
2135 /* Sometimes it makes sense to ignore TIOCSCTTY
2136 * returning EPERM, i.e. when very likely we already
2137 * are have this controlling terminal. */
2138 if (r < 0 && r == -EPERM && ignore_tiocstty_eperm)
2141 if (r < 0 && (force || fail || r != -EPERM)) {
2150 assert(notify >= 0);
2153 uint8_t inotify_buffer[sizeof(struct inotify_event) + FILENAME_MAX];
2155 struct inotify_event *e;
2157 if (timeout != USEC_INFINITY) {
2160 n = now(CLOCK_MONOTONIC);
2161 if (ts + timeout < n) {
2166 r = fd_wait_for_event(fd, POLLIN, ts + timeout - n);
2176 l = read(notify, inotify_buffer, sizeof(inotify_buffer));
2179 if (errno == EINTR || errno == EAGAIN)
2186 e = (struct inotify_event*) inotify_buffer;
2191 if (e->wd != wd || !(e->mask & IN_CLOSE)) {
2196 step = sizeof(struct inotify_event) + e->len;
2197 assert(step <= (size_t) l);
2199 e = (struct inotify_event*) ((uint8_t*) e + step);
2206 /* We close the tty fd here since if the old session
2207 * ended our handle will be dead. It's important that
2208 * we do this after sleeping, so that we don't enter
2209 * an endless loop. */
2210 fd = safe_close(fd);
2215 r = reset_terminal_fd(fd, true);
2217 log_warning_errno(r, "Failed to reset terminal: %m");
2228 int release_terminal(void) {
2229 static const struct sigaction sa_new = {
2230 .sa_handler = SIG_IGN,
2231 .sa_flags = SA_RESTART,
2234 _cleanup_close_ int fd = -1;
2235 struct sigaction sa_old;
2238 fd = open("/dev/tty", O_RDWR|O_NOCTTY|O_NDELAY|O_CLOEXEC);
2242 /* Temporarily ignore SIGHUP, so that we don't get SIGHUP'ed
2243 * by our own TIOCNOTTY */
2244 assert_se(sigaction(SIGHUP, &sa_new, &sa_old) == 0);
2246 if (ioctl(fd, TIOCNOTTY) < 0)
2249 assert_se(sigaction(SIGHUP, &sa_old, NULL) == 0);
2254 int sigaction_many(const struct sigaction *sa, ...) {
2259 while ((sig = va_arg(ap, int)) > 0)
2260 if (sigaction(sig, sa, NULL) < 0)
2267 int ignore_signals(int sig, ...) {
2268 struct sigaction sa = {
2269 .sa_handler = SIG_IGN,
2270 .sa_flags = SA_RESTART,
2275 if (sigaction(sig, &sa, NULL) < 0)
2279 while ((sig = va_arg(ap, int)) > 0)
2280 if (sigaction(sig, &sa, NULL) < 0)
2287 int default_signals(int sig, ...) {
2288 struct sigaction sa = {
2289 .sa_handler = SIG_DFL,
2290 .sa_flags = SA_RESTART,
2295 if (sigaction(sig, &sa, NULL) < 0)
2299 while ((sig = va_arg(ap, int)) > 0)
2300 if (sigaction(sig, &sa, NULL) < 0)
2307 void safe_close_pair(int p[]) {
2311 /* Special case pairs which use the same fd in both
2313 p[0] = p[1] = safe_close(p[0]);
2317 p[0] = safe_close(p[0]);
2318 p[1] = safe_close(p[1]);
2321 ssize_t loop_read(int fd, void *buf, size_t nbytes, bool do_poll) {
2328 while (nbytes > 0) {
2331 k = read(fd, p, nbytes);
2332 if (k < 0 && errno == EINTR)
2335 if (k < 0 && errno == EAGAIN && do_poll) {
2337 /* We knowingly ignore any return value here,
2338 * and expect that any error/EOF is reported
2341 fd_wait_for_event(fd, POLLIN, USEC_INFINITY);
2346 return n > 0 ? n : (k < 0 ? -errno : 0);
2356 ssize_t loop_write(int fd, const void *buf, size_t nbytes, bool do_poll) {
2357 const uint8_t *p = buf;
2363 while (nbytes > 0) {
2366 k = write(fd, p, nbytes);
2367 if (k < 0 && errno == EINTR)
2370 if (k < 0 && errno == EAGAIN && do_poll) {
2372 /* We knowingly ignore any return value here,
2373 * and expect that any error/EOF is reported
2376 fd_wait_for_event(fd, POLLOUT, USEC_INFINITY);
2381 return n > 0 ? n : (k < 0 ? -errno : 0);
2391 int parse_size(const char *t, off_t base, off_t *size) {
2393 /* Soo, sometimes we want to parse IEC binary suffxies, and
2394 * sometimes SI decimal suffixes. This function can parse
2395 * both. Which one is the right way depends on the
2396 * context. Wikipedia suggests that SI is customary for
2397 * hardrware metrics and network speeds, while IEC is
2398 * customary for most data sizes used by software and volatile
2399 * (RAM) memory. Hence be careful which one you pick!
2401 * In either case we use just K, M, G as suffix, and not Ki,
2402 * Mi, Gi or so (as IEC would suggest). That's because that's
2403 * frickin' ugly. But this means you really need to make sure
2404 * to document which base you are parsing when you use this
2409 unsigned long long factor;
2412 static const struct table iec[] = {
2413 { "E", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
2414 { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
2415 { "T", 1024ULL*1024ULL*1024ULL*1024ULL },
2416 { "G", 1024ULL*1024ULL*1024ULL },
2417 { "M", 1024ULL*1024ULL },
2423 static const struct table si[] = {
2424 { "E", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
2425 { "P", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
2426 { "T", 1000ULL*1000ULL*1000ULL*1000ULL },
2427 { "G", 1000ULL*1000ULL*1000ULL },
2428 { "M", 1000ULL*1000ULL },
2434 const struct table *table;
2436 unsigned long long r = 0;
2437 unsigned n_entries, start_pos = 0;
2440 assert(base == 1000 || base == 1024);
2445 n_entries = ELEMENTSOF(si);
2448 n_entries = ELEMENTSOF(iec);
2454 unsigned long long l2;
2460 l = strtoll(p, &e, 10);
2473 if (*e >= '0' && *e <= '9') {
2476 /* strotoull itself would accept space/+/- */
2477 l2 = strtoull(e, &e2, 10);
2479 if (errno == ERANGE)
2482 /* Ignore failure. E.g. 10.M is valid */
2489 e += strspn(e, WHITESPACE);
2491 for (i = start_pos; i < n_entries; i++)
2492 if (startswith(e, table[i].suffix)) {
2493 unsigned long long tmp;
2494 if ((unsigned long long) l + (frac > 0) > ULLONG_MAX / table[i].factor)
2496 tmp = l * table[i].factor + (unsigned long long) (frac * table[i].factor);
2497 if (tmp > ULLONG_MAX - r)
2501 if ((unsigned long long) (off_t) r != r)
2504 p = e + strlen(table[i].suffix);
2520 int make_stdio(int fd) {
2525 r = dup3(fd, STDIN_FILENO, 0);
2526 s = dup3(fd, STDOUT_FILENO, 0);
2527 t = dup3(fd, STDERR_FILENO, 0);
2532 if (r < 0 || s < 0 || t < 0)
2535 /* We rely here that the new fd has O_CLOEXEC not set */
2540 int make_null_stdio(void) {
2543 null_fd = open("/dev/null", O_RDWR|O_NOCTTY);
2547 return make_stdio(null_fd);
2550 bool is_device_path(const char *path) {
2552 /* Returns true on paths that refer to a device, either in
2553 * sysfs or in /dev */
2556 path_startswith(path, "/dev/") ||
2557 path_startswith(path, "/sys/");
2560 int dir_is_empty(const char *path) {
2561 _cleanup_closedir_ DIR *d;
2572 if (!de && errno != 0)
2578 if (!ignore_file(de->d_name))
2583 char* dirname_malloc(const char *path) {
2584 char *d, *dir, *dir2;
2601 int dev_urandom(void *p, size_t n) {
2602 static int have_syscall = -1;
2606 /* Gathers some randomness from the kernel. This call will
2607 * never block, and will always return some data from the
2608 * kernel, regardless if the random pool is fully initialized
2609 * or not. It thus makes no guarantee for the quality of the
2610 * returned entropy, but is good enough for or usual usecases
2611 * of seeding the hash functions for hashtable */
2613 /* Use the getrandom() syscall unless we know we don't have
2614 * it, or when the requested size is too large for it. */
2615 if (have_syscall != 0 || (size_t) (int) n != n) {
2616 r = getrandom(p, n, GRND_NONBLOCK);
2618 have_syscall = true;
2623 if (errno == ENOSYS)
2624 /* we lack the syscall, continue with
2625 * reading from /dev/urandom */
2626 have_syscall = false;
2627 else if (errno == EAGAIN)
2628 /* not enough entropy for now. Let's
2629 * remember to use the syscall the
2630 * next time, again, but also read
2631 * from /dev/urandom for now, which
2632 * doesn't care about the current
2633 * amount of entropy. */
2634 have_syscall = true;
2638 /* too short read? */
2642 fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC|O_NOCTTY);
2644 return errno == ENOENT ? -ENOSYS : -errno;
2646 k = loop_read(fd, p, n, true);
2651 if ((size_t) k != n)
2657 void initialize_srand(void) {
2658 static bool srand_called = false;
2660 #ifdef HAVE_SYS_AUXV_H
2669 #ifdef HAVE_SYS_AUXV_H
2670 /* The kernel provides us with a bit of entropy in auxv, so
2671 * let's try to make use of that to seed the pseudo-random
2672 * generator. It's better than nothing... */
2674 auxv = (void*) getauxval(AT_RANDOM);
2676 x ^= *(unsigned*) auxv;
2679 x ^= (unsigned) now(CLOCK_REALTIME);
2680 x ^= (unsigned) gettid();
2683 srand_called = true;
2686 void random_bytes(void *p, size_t n) {
2690 r = dev_urandom(p, n);
2694 /* If some idiot made /dev/urandom unavailable to us, he'll
2695 * get a PRNG instead. */
2699 for (q = p; q < (uint8_t*) p + n; q ++)
2703 void rename_process(const char name[8]) {
2706 /* This is a like a poor man's setproctitle(). It changes the
2707 * comm field, argv[0], and also the glibc's internally used
2708 * name of the process. For the first one a limit of 16 chars
2709 * applies, to the second one usually one of 10 (i.e. length
2710 * of "/sbin/init"), to the third one one of 7 (i.e. length of
2711 * "systemd"). If you pass a longer string it will be
2714 prctl(PR_SET_NAME, name);
2716 if (program_invocation_name)
2717 strncpy(program_invocation_name, name, strlen(program_invocation_name));
2719 if (saved_argc > 0) {
2723 strncpy(saved_argv[0], name, strlen(saved_argv[0]));
2725 for (i = 1; i < saved_argc; i++) {
2729 memzero(saved_argv[i], strlen(saved_argv[i]));
2734 void sigset_add_many(sigset_t *ss, ...) {
2741 while ((sig = va_arg(ap, int)) > 0)
2742 assert_se(sigaddset(ss, sig) == 0);
2746 int sigprocmask_many(int how, ...) {
2751 assert_se(sigemptyset(&ss) == 0);
2754 while ((sig = va_arg(ap, int)) > 0)
2755 assert_se(sigaddset(&ss, sig) == 0);
2758 if (sigprocmask(how, &ss, NULL) < 0)
2764 char* gethostname_malloc(void) {
2767 assert_se(uname(&u) >= 0);
2769 if (!isempty(u.nodename) && !streq(u.nodename, "(none)"))
2770 return strdup(u.nodename);
2772 return strdup(u.sysname);
2775 bool hostname_is_set(void) {
2778 assert_se(uname(&u) >= 0);
2780 return !isempty(u.nodename) && !streq(u.nodename, "(none)");
2783 char *lookup_uid(uid_t uid) {
2786 _cleanup_free_ char *buf = NULL;
2787 struct passwd pwbuf, *pw = NULL;
2789 /* Shortcut things to avoid NSS lookups */
2791 return strdup("root");
2793 bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
2797 buf = malloc(bufsize);
2801 if (getpwuid_r(uid, &pwbuf, buf, bufsize, &pw) == 0 && pw)
2802 return strdup(pw->pw_name);
2804 if (asprintf(&name, UID_FMT, uid) < 0)
2810 char* getlogname_malloc(void) {
2814 if (isatty(STDIN_FILENO) && fstat(STDIN_FILENO, &st) >= 0)
2819 return lookup_uid(uid);
2822 char *getusername_malloc(void) {
2829 return lookup_uid(getuid());
2832 int getttyname_malloc(int fd, char **r) {
2833 char path[PATH_MAX], *c;
2838 k = ttyname_r(fd, path, sizeof(path));
2844 c = strdup(startswith(path, "/dev/") ? path + 5 : path);
2852 int getttyname_harder(int fd, char **r) {
2856 k = getttyname_malloc(fd, &s);
2860 if (streq(s, "tty")) {
2862 return get_ctty(0, NULL, r);
2869 int get_ctty_devnr(pid_t pid, dev_t *d) {
2871 _cleanup_free_ char *line = NULL;
2873 unsigned long ttynr;
2877 p = procfs_file_alloca(pid, "stat");
2878 r = read_one_line_file(p, &line);
2882 p = strrchr(line, ')');
2892 "%*d " /* session */
2897 if (major(ttynr) == 0 && minor(ttynr) == 0)
2906 int get_ctty(pid_t pid, dev_t *_devnr, char **r) {
2907 char fn[sizeof("/dev/char/")-1 + 2*DECIMAL_STR_MAX(unsigned) + 1 + 1], *b = NULL;
2908 _cleanup_free_ char *s = NULL;
2915 k = get_ctty_devnr(pid, &devnr);
2919 sprintf(fn, "/dev/char/%u:%u", major(devnr), minor(devnr));
2921 k = readlink_malloc(fn, &s);
2927 /* This is an ugly hack */
2928 if (major(devnr) == 136) {
2929 asprintf(&b, "pts/%u", minor(devnr));
2933 /* Probably something like the ptys which have no
2934 * symlink in /dev/char. Let's return something
2935 * vaguely useful. */
2941 if (startswith(s, "/dev/"))
2943 else if (startswith(s, "../"))
2961 int rm_rf_children_dangerous(int fd, bool only_dirs, bool honour_sticky, struct stat *root_dev) {
2962 _cleanup_closedir_ DIR *d = NULL;
2967 /* This returns the first error we run into, but nevertheless
2968 * tries to go on. This closes the passed fd. */
2974 return errno == ENOENT ? 0 : -errno;
2979 bool is_dir, keep_around;
2986 if (errno != 0 && ret == 0)
2991 if (streq(de->d_name, ".") || streq(de->d_name, ".."))
2994 if (de->d_type == DT_UNKNOWN ||
2996 (de->d_type == DT_DIR && root_dev)) {
2997 if (fstatat(fd, de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
2998 if (ret == 0 && errno != ENOENT)
3003 is_dir = S_ISDIR(st.st_mode);
3006 (st.st_uid == 0 || st.st_uid == getuid()) &&
3007 (st.st_mode & S_ISVTX);
3009 is_dir = de->d_type == DT_DIR;
3010 keep_around = false;
3016 /* if root_dev is set, remove subdirectories only, if device is same as dir */
3017 if (root_dev && st.st_dev != root_dev->st_dev)
3020 subdir_fd = openat(fd, de->d_name,
3021 O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
3022 if (subdir_fd < 0) {
3023 if (ret == 0 && errno != ENOENT)
3028 r = rm_rf_children_dangerous(subdir_fd, only_dirs, honour_sticky, root_dev);
3029 if (r < 0 && ret == 0)
3033 if (unlinkat(fd, de->d_name, AT_REMOVEDIR) < 0) {
3034 if (ret == 0 && errno != ENOENT)
3038 } else if (!only_dirs && !keep_around) {
3040 if (unlinkat(fd, de->d_name, 0) < 0) {
3041 if (ret == 0 && errno != ENOENT)
3048 _pure_ static int is_temporary_fs(struct statfs *s) {
3051 return F_TYPE_EQUAL(s->f_type, TMPFS_MAGIC) ||
3052 F_TYPE_EQUAL(s->f_type, RAMFS_MAGIC);
3055 int is_fd_on_temporary_fs(int fd) {
3058 if (fstatfs(fd, &s) < 0)
3061 return is_temporary_fs(&s);
3064 int rm_rf_children(int fd, bool only_dirs, bool honour_sticky, struct stat *root_dev) {
3069 if (fstatfs(fd, &s) < 0) {
3074 /* We refuse to clean disk file systems with this call. This
3075 * is extra paranoia just to be sure we never ever remove
3077 if (!is_temporary_fs(&s)) {
3078 log_error("Attempted to remove disk file system, and we can't allow that.");
3083 return rm_rf_children_dangerous(fd, only_dirs, honour_sticky, root_dev);
3086 static int file_is_priv_sticky(const char *p) {
3091 if (lstat(p, &st) < 0)
3095 (st.st_uid == 0 || st.st_uid == getuid()) &&
3096 (st.st_mode & S_ISVTX);
3099 static int rm_rf_internal(const char *path, bool only_dirs, bool delete_root, bool honour_sticky, bool dangerous) {
3105 /* We refuse to clean the root file system with this
3106 * call. This is extra paranoia to never cause a really
3107 * seriously broken system. */
3108 if (path_equal(path, "/")) {
3109 log_error("Attempted to remove entire root file system, and we can't allow that.");
3113 fd = open(path, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
3116 if (errno != ENOTDIR)
3120 if (statfs(path, &s) < 0)
3123 if (!is_temporary_fs(&s)) {
3124 log_error("Attempted to remove disk file system, and we can't allow that.");
3129 if (delete_root && !only_dirs)
3130 if (unlink(path) < 0 && errno != ENOENT)
3137 if (fstatfs(fd, &s) < 0) {
3142 if (!is_temporary_fs(&s)) {
3143 log_error("Attempted to remove disk file system, and we can't allow that.");
3149 r = rm_rf_children_dangerous(fd, only_dirs, honour_sticky, NULL);
3152 if (honour_sticky && file_is_priv_sticky(path) > 0)
3155 if (rmdir(path) < 0 && errno != ENOENT) {
3164 int rm_rf(const char *path, bool only_dirs, bool delete_root, bool honour_sticky) {
3165 return rm_rf_internal(path, only_dirs, delete_root, honour_sticky, false);
3168 int rm_rf_dangerous(const char *path, bool only_dirs, bool delete_root, bool honour_sticky) {
3169 return rm_rf_internal(path, only_dirs, delete_root, honour_sticky, true);
3172 int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid) {
3175 /* Under the assumption that we are running privileged we
3176 * first change the access mode and only then hand out
3177 * ownership to avoid a window where access is too open. */
3179 if (mode != MODE_INVALID)
3180 if (chmod(path, mode) < 0)
3183 if (uid != UID_INVALID || gid != GID_INVALID)
3184 if (chown(path, uid, gid) < 0)
3190 int fchmod_and_fchown(int fd, mode_t mode, uid_t uid, gid_t gid) {
3193 /* Under the assumption that we are running privileged we
3194 * first change the access mode and only then hand out
3195 * ownership to avoid a window where access is too open. */
3197 if (mode != MODE_INVALID)
3198 if (fchmod(fd, mode) < 0)
3201 if (uid != UID_INVALID || gid != GID_INVALID)
3202 if (fchown(fd, uid, gid) < 0)
3208 cpu_set_t* cpu_set_malloc(unsigned *ncpus) {
3212 /* Allocates the cpuset in the right size */
3215 if (!(r = CPU_ALLOC(n)))
3218 if (sched_getaffinity(0, CPU_ALLOC_SIZE(n), r) >= 0) {
3219 CPU_ZERO_S(CPU_ALLOC_SIZE(n), r);
3229 if (errno != EINVAL)
3236 int status_vprintf(const char *status, bool ellipse, bool ephemeral, const char *format, va_list ap) {
3237 static const char status_indent[] = " "; /* "[" STATUS "] " */
3238 _cleanup_free_ char *s = NULL;
3239 _cleanup_close_ int fd = -1;
3240 struct iovec iovec[6] = {};
3242 static bool prev_ephemeral;
3246 /* This is independent of logging, as status messages are
3247 * optional and go exclusively to the console. */
3249 if (vasprintf(&s, format, ap) < 0)
3252 fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
3265 sl = status ? sizeof(status_indent)-1 : 0;
3271 e = ellipsize(s, emax, 50);
3279 IOVEC_SET_STRING(iovec[n++], "\r" ANSI_ERASE_TO_END_OF_LINE);
3280 prev_ephemeral = ephemeral;
3283 if (!isempty(status)) {
3284 IOVEC_SET_STRING(iovec[n++], "[");
3285 IOVEC_SET_STRING(iovec[n++], status);
3286 IOVEC_SET_STRING(iovec[n++], "] ");
3288 IOVEC_SET_STRING(iovec[n++], status_indent);
3291 IOVEC_SET_STRING(iovec[n++], s);
3293 IOVEC_SET_STRING(iovec[n++], "\n");
3295 if (writev(fd, iovec, n) < 0)
3301 int status_printf(const char *status, bool ellipse, bool ephemeral, const char *format, ...) {
3307 va_start(ap, format);
3308 r = status_vprintf(status, ellipse, ephemeral, format, ap);
3314 char *replace_env(const char *format, char **env) {
3321 const char *e, *word = format;
3326 for (e = format; *e; e ++) {
3337 k = strnappend(r, word, e-word-1);
3347 } else if (*e == '$') {
3348 k = strnappend(r, word, e-word);
3365 t = strempty(strv_env_get_n(env, word+2, e-word-2));
3367 k = strappend(r, t);
3381 k = strnappend(r, word, e-word);
3393 char **replace_env_argv(char **argv, char **env) {
3395 unsigned k = 0, l = 0;
3397 l = strv_length(argv);
3399 ret = new(char*, l+1);
3403 STRV_FOREACH(i, argv) {
3405 /* If $FOO appears as single word, replace it by the split up variable */
3406 if ((*i)[0] == '$' && (*i)[1] != '{') {
3411 e = strv_env_get(env, *i+1);
3415 r = strv_split_quoted(&m, e, true);
3427 w = realloc(ret, sizeof(char*) * (l+1));
3437 memcpy(ret + k, m, q * sizeof(char*));
3445 /* If ${FOO} appears as part of a word, replace it by the variable as-is */
3446 ret[k] = replace_env(*i, env);
3458 int fd_columns(int fd) {
3459 struct winsize ws = {};
3461 if (ioctl(fd, TIOCGWINSZ, &ws) < 0)
3470 unsigned columns(void) {
3474 if (_likely_(cached_columns > 0))
3475 return cached_columns;
3478 e = getenv("COLUMNS");
3480 (void) safe_atoi(e, &c);
3483 c = fd_columns(STDOUT_FILENO);
3492 int fd_lines(int fd) {
3493 struct winsize ws = {};
3495 if (ioctl(fd, TIOCGWINSZ, &ws) < 0)
3504 unsigned lines(void) {
3508 if (_likely_(cached_lines > 0))
3509 return cached_lines;
3512 e = getenv("LINES");
3514 (void) safe_atou(e, &l);
3517 l = fd_lines(STDOUT_FILENO);
3523 return cached_lines;
3526 /* intended to be used as a SIGWINCH sighandler */
3527 void columns_lines_cache_reset(int signum) {
3533 static int cached_on_tty = -1;
3535 if (_unlikely_(cached_on_tty < 0))
3536 cached_on_tty = isatty(STDOUT_FILENO) > 0;
3538 return cached_on_tty;
3541 int files_same(const char *filea, const char *fileb) {
3544 if (stat(filea, &a) < 0)
3547 if (stat(fileb, &b) < 0)
3550 return a.st_dev == b.st_dev &&
3551 a.st_ino == b.st_ino;
3554 int running_in_chroot(void) {
3557 ret = files_same("/proc/1/root", "/");
3564 static char *ascii_ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigned percent) {
3569 assert(percent <= 100);
3570 assert(new_length >= 3);
3572 if (old_length <= 3 || old_length <= new_length)
3573 return strndup(s, old_length);
3575 r = new0(char, new_length+1);
3579 x = (new_length * percent) / 100;
3581 if (x > new_length - 3)
3589 s + old_length - (new_length - x - 3),
3590 new_length - x - 3);
3595 char *ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigned percent) {
3599 unsigned k, len, len2;
3602 assert(percent <= 100);
3603 assert(new_length >= 3);
3605 /* if no multibyte characters use ascii_ellipsize_mem for speed */
3606 if (ascii_is_valid(s))
3607 return ascii_ellipsize_mem(s, old_length, new_length, percent);
3609 if (old_length <= 3 || old_length <= new_length)
3610 return strndup(s, old_length);
3612 x = (new_length * percent) / 100;
3614 if (x > new_length - 3)
3618 for (i = s; k < x && i < s + old_length; i = utf8_next_char(i)) {
3621 c = utf8_encoded_to_unichar(i);
3624 k += unichar_iswide(c) ? 2 : 1;
3627 if (k > x) /* last character was wide and went over quota */
3630 for (j = s + old_length; k < new_length && j > i; ) {
3633 j = utf8_prev_char(j);
3634 c = utf8_encoded_to_unichar(j);
3637 k += unichar_iswide(c) ? 2 : 1;
3641 /* we don't actually need to ellipsize */
3643 return memdup(s, old_length + 1);
3645 /* make space for ellipsis */
3646 j = utf8_next_char(j);
3649 len2 = s + old_length - j;
3650 e = new(char, len + 3 + len2 + 1);
3655 printf("old_length=%zu new_length=%zu x=%zu len=%u len2=%u k=%u\n",
3656 old_length, new_length, x, len, len2, k);
3660 e[len] = 0xe2; /* tri-dot ellipsis: … */
3664 memcpy(e + len + 3, j, len2 + 1);
3669 char *ellipsize(const char *s, size_t length, unsigned percent) {
3670 return ellipsize_mem(s, strlen(s), length, percent);
3673 int touch_file(const char *path, bool parents, usec_t stamp, uid_t uid, gid_t gid, mode_t mode) {
3674 _cleanup_close_ int fd;
3680 mkdir_parents(path, 0755);
3682 fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY, mode > 0 ? mode : 0644);
3687 r = fchmod(fd, mode);
3692 if (uid != UID_INVALID || gid != GID_INVALID) {
3693 r = fchown(fd, uid, gid);
3698 if (stamp != USEC_INFINITY) {
3699 struct timespec ts[2];
3701 timespec_store(&ts[0], stamp);
3703 r = futimens(fd, ts);
3705 r = futimens(fd, NULL);
3712 int touch(const char *path) {
3713 return touch_file(path, false, USEC_INFINITY, UID_INVALID, GID_INVALID, 0);
3716 char *unquote(const char *s, const char* quotes) {
3720 /* This is rather stupid, simply removes the heading and
3721 * trailing quotes if there is one. Doesn't care about
3722 * escaping or anything. We should make this smarter one
3729 if (strchr(quotes, s[0]) && s[l-1] == s[0])
3730 return strndup(s+1, l-2);
3735 char *normalize_env_assignment(const char *s) {
3736 _cleanup_free_ char *value = NULL;
3740 eq = strchr(s, '=');
3750 memmove(r, t, strlen(t) + 1);
3755 name = strndupa(s, eq - s);
3756 p = strdupa(eq + 1);
3758 value = unquote(strstrip(p), QUOTES);
3762 return strjoin(strstrip(name), "=", value, NULL);
3765 int wait_for_terminate(pid_t pid, siginfo_t *status) {
3776 if (waitid(P_PID, pid, status, WEXITED) < 0) {
3790 * < 0 : wait_for_terminate() failed to get the state of the
3791 * process, the process was terminated by a signal, or
3792 * failed for an unknown reason.
3793 * >=0 : The process terminated normally, and its exit code is
3796 * That is, success is indicated by a return value of zero, and an
3797 * error is indicated by a non-zero value.
3799 * A warning is emitted if the process terminates abnormally,
3800 * and also if it returns non-zero unless check_exit_code is true.
3802 int wait_for_terminate_and_warn(const char *name, pid_t pid, bool check_exit_code) {
3809 r = wait_for_terminate(pid, &status);
3811 return log_warning_errno(r, "Failed to wait for %s: %m", name);
3813 if (status.si_code == CLD_EXITED) {
3814 if (status.si_status != 0)
3815 log_full(check_exit_code ? LOG_WARNING : LOG_DEBUG,
3816 "%s failed with error code %i.", name, status.si_status);
3818 log_debug("%s succeeded.", name);
3820 return status.si_status;
3821 } else if (status.si_code == CLD_KILLED ||
3822 status.si_code == CLD_DUMPED) {
3824 log_warning("%s terminated by signal %s.", name, signal_to_string(status.si_status));
3828 log_warning("%s failed due to unknown reason.", name);
3832 noreturn void freeze(void) {
3834 /* Make sure nobody waits for us on a socket anymore */
3835 close_all_fds(NULL, 0);
3843 bool null_or_empty(struct stat *st) {
3846 if (S_ISREG(st->st_mode) && st->st_size <= 0)
3849 if (S_ISCHR(st->st_mode) || S_ISBLK(st->st_mode))
3855 int null_or_empty_path(const char *fn) {
3860 if (stat(fn, &st) < 0)
3863 return null_or_empty(&st);
3866 int null_or_empty_fd(int fd) {
3871 if (fstat(fd, &st) < 0)
3874 return null_or_empty(&st);
3877 DIR *xopendirat(int fd, const char *name, int flags) {
3881 assert(!(flags & O_CREAT));
3883 nfd = openat(fd, name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|flags, 0);
3896 int signal_from_string_try_harder(const char *s) {
3900 signo = signal_from_string(s);
3902 if (startswith(s, "SIG"))
3903 return signal_from_string(s+3);
3908 static char *tag_to_udev_node(const char *tagvalue, const char *by) {
3909 _cleanup_free_ char *t = NULL, *u = NULL;
3912 u = unquote(tagvalue, "\"\'");
3916 enc_len = strlen(u) * 4 + 1;
3917 t = new(char, enc_len);
3921 if (encode_devnode_name(u, t, enc_len) < 0)
3924 return strjoin("/dev/disk/by-", by, "/", t, NULL);
3927 char *fstab_node_to_udev_node(const char *p) {
3930 if (startswith(p, "LABEL="))
3931 return tag_to_udev_node(p+6, "label");
3933 if (startswith(p, "UUID="))
3934 return tag_to_udev_node(p+5, "uuid");
3936 if (startswith(p, "PARTUUID="))
3937 return tag_to_udev_node(p+9, "partuuid");
3939 if (startswith(p, "PARTLABEL="))
3940 return tag_to_udev_node(p+10, "partlabel");
3945 bool tty_is_vc(const char *tty) {
3948 return vtnr_from_tty(tty) >= 0;
3951 bool tty_is_console(const char *tty) {
3954 if (startswith(tty, "/dev/"))
3957 return streq(tty, "console");
3960 int vtnr_from_tty(const char *tty) {
3965 if (startswith(tty, "/dev/"))
3968 if (!startswith(tty, "tty") )
3971 if (tty[3] < '0' || tty[3] > '9')
3974 r = safe_atoi(tty+3, &i);
3978 if (i < 0 || i > 63)
3984 char *resolve_dev_console(char **active) {
3987 /* Resolve where /dev/console is pointing to, if /sys is actually ours
3988 * (i.e. not read-only-mounted which is a sign for container setups) */
3990 if (path_is_read_only_fs("/sys") > 0)
3993 if (read_one_line_file("/sys/class/tty/console/active", active) < 0)
3996 /* If multiple log outputs are configured the last one is what
3997 * /dev/console points to */
3998 tty = strrchr(*active, ' ');
4004 if (streq(tty, "tty0")) {
4007 /* Get the active VC (e.g. tty1) */
4008 if (read_one_line_file("/sys/class/tty/tty0/active", &tmp) >= 0) {
4010 tty = *active = tmp;
4017 bool tty_is_vc_resolve(const char *tty) {
4018 _cleanup_free_ char *active = NULL;
4022 if (startswith(tty, "/dev/"))
4025 if (streq(tty, "console")) {
4026 tty = resolve_dev_console(&active);
4031 return tty_is_vc(tty);
4034 const char *default_term_for_tty(const char *tty) {
4037 return tty_is_vc_resolve(tty) ? "TERM=linux" : "TERM=vt102";
4040 bool dirent_is_file(const struct dirent *de) {
4043 if (ignore_file(de->d_name))
4046 if (de->d_type != DT_REG &&
4047 de->d_type != DT_LNK &&
4048 de->d_type != DT_UNKNOWN)
4054 bool dirent_is_file_with_suffix(const struct dirent *de, const char *suffix) {
4057 if (de->d_type != DT_REG &&
4058 de->d_type != DT_LNK &&
4059 de->d_type != DT_UNKNOWN)
4062 if (ignore_file_allow_backup(de->d_name))
4065 return endswith(de->d_name, suffix);
4068 void execute_directory(const char *directory, DIR *d, usec_t timeout, char *argv[]) {
4074 /* Executes all binaries in a directory in parallel and waits
4075 * for them to finish. Optionally a timeout is applied. */
4077 executor_pid = fork();
4078 if (executor_pid < 0) {
4079 log_error_errno(errno, "Failed to fork: %m");
4082 } else if (executor_pid == 0) {
4083 _cleanup_hashmap_free_free_ Hashmap *pids = NULL;
4084 _cleanup_closedir_ DIR *_d = NULL;
4087 /* We fork this all off from a child process so that
4088 * we can somewhat cleanly make use of SIGALRM to set
4091 reset_all_signal_handlers();
4092 reset_signal_mask();
4094 assert_se(prctl(PR_SET_PDEATHSIG, SIGTERM) == 0);
4097 d = _d = opendir(directory);
4099 if (errno == ENOENT)
4100 _exit(EXIT_SUCCESS);
4102 log_error_errno(errno, "Failed to enumerate directory %s: %m", directory);
4103 _exit(EXIT_FAILURE);
4107 pids = hashmap_new(NULL);
4110 _exit(EXIT_FAILURE);
4113 FOREACH_DIRENT(de, d, break) {
4114 _cleanup_free_ char *path = NULL;
4117 if (!dirent_is_file(de))
4120 path = strjoin(directory, "/", de->d_name, NULL);
4123 _exit(EXIT_FAILURE);
4128 log_error_errno(errno, "Failed to fork: %m");
4130 } else if (pid == 0) {
4133 assert_se(prctl(PR_SET_PDEATHSIG, SIGTERM) == 0);
4143 log_error_errno(errno, "Failed to execute %s: %m", path);
4144 _exit(EXIT_FAILURE);
4147 log_debug("Spawned %s as " PID_FMT ".", path, pid);
4149 r = hashmap_put(pids, UINT_TO_PTR(pid), path);
4152 _exit(EXIT_FAILURE);
4158 /* Abort execution of this process after the
4159 * timout. We simply rely on SIGALRM as default action
4160 * terminating the process, and turn on alarm(). */
4162 if (timeout != USEC_INFINITY)
4163 alarm((timeout + USEC_PER_SEC - 1) / USEC_PER_SEC);
4165 while (!hashmap_isempty(pids)) {
4166 _cleanup_free_ char *path = NULL;
4169 pid = PTR_TO_UINT(hashmap_first_key(pids));
4172 path = hashmap_remove(pids, UINT_TO_PTR(pid));
4175 wait_for_terminate_and_warn(path, pid, true);
4178 _exit(EXIT_SUCCESS);
4181 wait_for_terminate_and_warn(directory, executor_pid, true);
4184 int kill_and_sigcont(pid_t pid, int sig) {
4187 r = kill(pid, sig) < 0 ? -errno : 0;
4195 bool nulstr_contains(const char*nulstr, const char *needle) {
4201 NULSTR_FOREACH(i, nulstr)
4202 if (streq(i, needle))
4208 bool plymouth_running(void) {
4209 return access("/run/plymouth/pid", F_OK) >= 0;
4212 char* strshorten(char *s, size_t l) {
4221 static bool hostname_valid_char(char c) {
4223 (c >= 'a' && c <= 'z') ||
4224 (c >= 'A' && c <= 'Z') ||
4225 (c >= '0' && c <= '9') ||
4231 bool hostname_is_valid(const char *s) {
4238 for (p = s, dot = true; *p; p++) {
4245 if (!hostname_valid_char(*p))
4255 if (p-s > HOST_NAME_MAX)
4261 char* hostname_cleanup(char *s, bool lowercase) {
4265 for (p = s, d = s, dot = true; *p; p++) {
4272 } else if (hostname_valid_char(*p)) {
4273 *(d++) = lowercase ? tolower(*p) : *p;
4284 strshorten(s, HOST_NAME_MAX);
4289 bool machine_name_is_valid(const char *s) {
4291 if (!hostname_is_valid(s))
4294 /* Machine names should be useful hostnames, but also be
4295 * useful in unit names, hence we enforce a stricter length
4304 int pipe_eof(int fd) {
4305 struct pollfd pollfd = {
4307 .events = POLLIN|POLLHUP,
4312 r = poll(&pollfd, 1, 0);
4319 return pollfd.revents & POLLHUP;
4322 int fd_wait_for_event(int fd, int event, usec_t t) {
4324 struct pollfd pollfd = {
4332 r = ppoll(&pollfd, 1, t == USEC_INFINITY ? NULL : timespec_store(&ts, t), NULL);
4339 return pollfd.revents;
4342 int fopen_temporary(const char *path, FILE **_f, char **_temp_path) {
4351 t = tempfn_xxxxxx(path);
4355 fd = mkostemp_safe(t, O_WRONLY|O_CLOEXEC);
4361 f = fdopen(fd, "we");
4374 int terminal_vhangup_fd(int fd) {
4377 if (ioctl(fd, TIOCVHANGUP) < 0)
4383 int terminal_vhangup(const char *name) {
4384 _cleanup_close_ int fd;
4386 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
4390 return terminal_vhangup_fd(fd);
4393 int vt_disallocate(const char *name) {
4397 /* Deallocate the VT if possible. If not possible
4398 * (i.e. because it is the active one), at least clear it
4399 * entirely (including the scrollback buffer) */
4401 if (!startswith(name, "/dev/"))
4404 if (!tty_is_vc(name)) {
4405 /* So this is not a VT. I guess we cannot deallocate
4406 * it then. But let's at least clear the screen */
4408 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
4413 "\033[r" /* clear scrolling region */
4414 "\033[H" /* move home */
4415 "\033[2J", /* clear screen */
4422 if (!startswith(name, "/dev/tty"))
4425 r = safe_atou(name+8, &u);
4432 /* Try to deallocate */
4433 fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
4437 r = ioctl(fd, VT_DISALLOCATE, u);
4446 /* Couldn't deallocate, so let's clear it fully with
4448 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
4453 "\033[r" /* clear scrolling region */
4454 "\033[H" /* move home */
4455 "\033[3J", /* clear screen including scrollback, requires Linux 2.6.40 */
4462 int symlink_atomic(const char *from, const char *to) {
4463 _cleanup_free_ char *t = NULL;
4468 t = tempfn_random(to);
4472 if (symlink(from, t) < 0)
4475 if (rename(t, to) < 0) {
4483 int mknod_atomic(const char *path, mode_t mode, dev_t dev) {
4484 _cleanup_free_ char *t = NULL;
4488 t = tempfn_random(path);
4492 if (mknod(t, mode, dev) < 0)
4495 if (rename(t, path) < 0) {
4503 int mkfifo_atomic(const char *path, mode_t mode) {
4504 _cleanup_free_ char *t = NULL;
4508 t = tempfn_random(path);
4512 if (mkfifo(t, mode) < 0)
4515 if (rename(t, path) < 0) {
4523 bool display_is_local(const char *display) {
4527 display[0] == ':' &&
4528 display[1] >= '0' &&
4532 int socket_from_display(const char *display, char **path) {
4539 if (!display_is_local(display))
4542 k = strspn(display+1, "0123456789");
4544 f = new(char, strlen("/tmp/.X11-unix/X") + k + 1);
4548 c = stpcpy(f, "/tmp/.X11-unix/X");
4549 memcpy(c, display+1, k);
4558 const char **username,
4559 uid_t *uid, gid_t *gid,
4561 const char **shell) {
4569 /* We enforce some special rules for uid=0: in order to avoid
4570 * NSS lookups for root we hardcode its data. */
4572 if (streq(*username, "root") || streq(*username, "0")) {
4590 if (parse_uid(*username, &u) >= 0) {
4594 /* If there are multiple users with the same id, make
4595 * sure to leave $USER to the configured value instead
4596 * of the first occurrence in the database. However if
4597 * the uid was configured by a numeric uid, then let's
4598 * pick the real username from /etc/passwd. */
4600 *username = p->pw_name;
4603 p = getpwnam(*username);
4607 return errno > 0 ? -errno : -ESRCH;
4619 *shell = p->pw_shell;
4624 char* uid_to_name(uid_t uid) {
4629 return strdup("root");
4633 return strdup(p->pw_name);
4635 if (asprintf(&r, UID_FMT, uid) < 0)
4641 char* gid_to_name(gid_t gid) {
4646 return strdup("root");
4650 return strdup(p->gr_name);
4652 if (asprintf(&r, GID_FMT, gid) < 0)
4658 int get_group_creds(const char **groupname, gid_t *gid) {
4664 /* We enforce some special rules for gid=0: in order to avoid
4665 * NSS lookups for root we hardcode its data. */
4667 if (streq(*groupname, "root") || streq(*groupname, "0")) {
4668 *groupname = "root";
4676 if (parse_gid(*groupname, &id) >= 0) {
4681 *groupname = g->gr_name;
4684 g = getgrnam(*groupname);
4688 return errno > 0 ? -errno : -ESRCH;
4696 int in_gid(gid_t gid) {
4698 int ngroups_max, r, i;
4700 if (getgid() == gid)
4703 if (getegid() == gid)
4706 ngroups_max = sysconf(_SC_NGROUPS_MAX);
4707 assert(ngroups_max > 0);
4709 gids = alloca(sizeof(gid_t) * ngroups_max);
4711 r = getgroups(ngroups_max, gids);
4715 for (i = 0; i < r; i++)
4722 int in_group(const char *name) {
4726 r = get_group_creds(&name, &gid);
4733 int glob_exists(const char *path) {
4734 _cleanup_globfree_ glob_t g = {};
4740 k = glob(path, GLOB_NOSORT|GLOB_BRACE, NULL, &g);
4742 if (k == GLOB_NOMATCH)
4744 else if (k == GLOB_NOSPACE)
4747 return !strv_isempty(g.gl_pathv);
4749 return errno ? -errno : -EIO;
4752 int glob_extend(char ***strv, const char *path) {
4753 _cleanup_globfree_ glob_t g = {};
4758 k = glob(path, GLOB_NOSORT|GLOB_BRACE, NULL, &g);
4760 if (k == GLOB_NOMATCH)
4762 else if (k == GLOB_NOSPACE)
4764 else if (k != 0 || strv_isempty(g.gl_pathv))
4765 return errno ? -errno : -EIO;
4767 STRV_FOREACH(p, g.gl_pathv) {
4768 k = strv_extend(strv, *p);
4776 int dirent_ensure_type(DIR *d, struct dirent *de) {
4782 if (de->d_type != DT_UNKNOWN)
4785 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
4789 S_ISREG(st.st_mode) ? DT_REG :
4790 S_ISDIR(st.st_mode) ? DT_DIR :
4791 S_ISLNK(st.st_mode) ? DT_LNK :
4792 S_ISFIFO(st.st_mode) ? DT_FIFO :
4793 S_ISSOCK(st.st_mode) ? DT_SOCK :
4794 S_ISCHR(st.st_mode) ? DT_CHR :
4795 S_ISBLK(st.st_mode) ? DT_BLK :
4801 int get_files_in_directory(const char *path, char ***list) {
4802 _cleanup_closedir_ DIR *d = NULL;
4803 size_t bufsize = 0, n = 0;
4804 _cleanup_strv_free_ char **l = NULL;
4808 /* Returns all files in a directory in *list, and the number
4809 * of files as return value. If list is NULL returns only the
4821 if (!de && errno != 0)
4826 dirent_ensure_type(d, de);
4828 if (!dirent_is_file(de))
4832 /* one extra slot is needed for the terminating NULL */
4833 if (!GREEDY_REALLOC(l, bufsize, n + 2))
4836 l[n] = strdup(de->d_name);
4847 l = NULL; /* avoid freeing */
4853 char *strjoin(const char *x, ...) {
4867 t = va_arg(ap, const char *);
4872 if (n > ((size_t) -1) - l) {
4896 t = va_arg(ap, const char *);
4910 bool is_main_thread(void) {
4911 static thread_local int cached = 0;
4913 if (_unlikely_(cached == 0))
4914 cached = getpid() == gettid() ? 1 : -1;
4919 int block_get_whole_disk(dev_t d, dev_t *ret) {
4926 /* If it has a queue this is good enough for us */
4927 if (asprintf(&p, "/sys/dev/block/%u:%u/queue", major(d), minor(d)) < 0)
4930 r = access(p, F_OK);
4938 /* If it is a partition find the originating device */
4939 if (asprintf(&p, "/sys/dev/block/%u:%u/partition", major(d), minor(d)) < 0)
4942 r = access(p, F_OK);
4948 /* Get parent dev_t */
4949 if (asprintf(&p, "/sys/dev/block/%u:%u/../dev", major(d), minor(d)) < 0)
4952 r = read_one_line_file(p, &s);
4958 r = sscanf(s, "%u:%u", &m, &n);
4964 /* Only return this if it is really good enough for us. */
4965 if (asprintf(&p, "/sys/dev/block/%u:%u/queue", m, n) < 0)
4968 r = access(p, F_OK);
4972 *ret = makedev(m, n);
4979 static const char *const ioprio_class_table[] = {
4980 [IOPRIO_CLASS_NONE] = "none",
4981 [IOPRIO_CLASS_RT] = "realtime",
4982 [IOPRIO_CLASS_BE] = "best-effort",
4983 [IOPRIO_CLASS_IDLE] = "idle"
4986 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ioprio_class, int, INT_MAX);
4988 static const char *const sigchld_code_table[] = {
4989 [CLD_EXITED] = "exited",
4990 [CLD_KILLED] = "killed",
4991 [CLD_DUMPED] = "dumped",
4992 [CLD_TRAPPED] = "trapped",
4993 [CLD_STOPPED] = "stopped",
4994 [CLD_CONTINUED] = "continued",
4997 DEFINE_STRING_TABLE_LOOKUP(sigchld_code, int);
4999 static const char *const log_facility_unshifted_table[LOG_NFACILITIES] = {
5000 [LOG_FAC(LOG_KERN)] = "kern",
5001 [LOG_FAC(LOG_USER)] = "user",
5002 [LOG_FAC(LOG_MAIL)] = "mail",
5003 [LOG_FAC(LOG_DAEMON)] = "daemon",
5004 [LOG_FAC(LOG_AUTH)] = "auth",
5005 [LOG_FAC(LOG_SYSLOG)] = "syslog",
5006 [LOG_FAC(LOG_LPR)] = "lpr",
5007 [LOG_FAC(LOG_NEWS)] = "news",
5008 [LOG_FAC(LOG_UUCP)] = "uucp",
5009 [LOG_FAC(LOG_CRON)] = "cron",
5010 [LOG_FAC(LOG_AUTHPRIV)] = "authpriv",
5011 [LOG_FAC(LOG_FTP)] = "ftp",
5012 [LOG_FAC(LOG_LOCAL0)] = "local0",
5013 [LOG_FAC(LOG_LOCAL1)] = "local1",
5014 [LOG_FAC(LOG_LOCAL2)] = "local2",
5015 [LOG_FAC(LOG_LOCAL3)] = "local3",
5016 [LOG_FAC(LOG_LOCAL4)] = "local4",
5017 [LOG_FAC(LOG_LOCAL5)] = "local5",
5018 [LOG_FAC(LOG_LOCAL6)] = "local6",
5019 [LOG_FAC(LOG_LOCAL7)] = "local7"
5022 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(log_facility_unshifted, int, LOG_FAC(~0));
5024 static const char *const log_level_table[] = {
5025 [LOG_EMERG] = "emerg",
5026 [LOG_ALERT] = "alert",
5027 [LOG_CRIT] = "crit",
5029 [LOG_WARNING] = "warning",
5030 [LOG_NOTICE] = "notice",
5031 [LOG_INFO] = "info",
5032 [LOG_DEBUG] = "debug"
5035 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(log_level, int, LOG_DEBUG);
5037 static const char* const sched_policy_table[] = {
5038 [SCHED_OTHER] = "other",
5039 [SCHED_BATCH] = "batch",
5040 [SCHED_IDLE] = "idle",
5041 [SCHED_FIFO] = "fifo",
5045 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(sched_policy, int, INT_MAX);
5047 static const char* const rlimit_table[_RLIMIT_MAX] = {
5048 [RLIMIT_CPU] = "LimitCPU",
5049 [RLIMIT_FSIZE] = "LimitFSIZE",
5050 [RLIMIT_DATA] = "LimitDATA",
5051 [RLIMIT_STACK] = "LimitSTACK",
5052 [RLIMIT_CORE] = "LimitCORE",
5053 [RLIMIT_RSS] = "LimitRSS",
5054 [RLIMIT_NOFILE] = "LimitNOFILE",
5055 [RLIMIT_AS] = "LimitAS",
5056 [RLIMIT_NPROC] = "LimitNPROC",
5057 [RLIMIT_MEMLOCK] = "LimitMEMLOCK",
5058 [RLIMIT_LOCKS] = "LimitLOCKS",
5059 [RLIMIT_SIGPENDING] = "LimitSIGPENDING",
5060 [RLIMIT_MSGQUEUE] = "LimitMSGQUEUE",
5061 [RLIMIT_NICE] = "LimitNICE",
5062 [RLIMIT_RTPRIO] = "LimitRTPRIO",
5063 [RLIMIT_RTTIME] = "LimitRTTIME"
5066 DEFINE_STRING_TABLE_LOOKUP(rlimit, int);
5068 static const char* const ip_tos_table[] = {
5069 [IPTOS_LOWDELAY] = "low-delay",
5070 [IPTOS_THROUGHPUT] = "throughput",
5071 [IPTOS_RELIABILITY] = "reliability",
5072 [IPTOS_LOWCOST] = "low-cost",
5075 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ip_tos, int, 0xff);
5077 static const char *const __signal_table[] = {
5094 [SIGSTKFLT] = "STKFLT", /* Linux on SPARC doesn't know SIGSTKFLT */
5105 [SIGVTALRM] = "VTALRM",
5107 [SIGWINCH] = "WINCH",
5113 DEFINE_PRIVATE_STRING_TABLE_LOOKUP(__signal, int);
5115 const char *signal_to_string(int signo) {
5116 static thread_local char buf[sizeof("RTMIN+")-1 + DECIMAL_STR_MAX(int) + 1];
5119 name = __signal_to_string(signo);
5123 if (signo >= SIGRTMIN && signo <= SIGRTMAX)
5124 snprintf(buf, sizeof(buf), "RTMIN+%d", signo - SIGRTMIN);
5126 snprintf(buf, sizeof(buf), "%d", signo);
5131 int signal_from_string(const char *s) {
5136 signo = __signal_from_string(s);
5140 if (startswith(s, "RTMIN+")) {
5144 if (safe_atou(s, &u) >= 0) {
5145 signo = (int) u + offset;
5146 if (signo > 0 && signo < _NSIG)
5152 bool kexec_loaded(void) {
5153 bool loaded = false;
5156 if (read_one_line_file("/sys/kernel/kexec_loaded", &s) >= 0) {
5164 int prot_from_flags(int flags) {
5166 switch (flags & O_ACCMODE) {
5175 return PROT_READ|PROT_WRITE;
5182 char *format_bytes(char *buf, size_t l, off_t t) {
5185 static const struct {
5189 { "E", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
5190 { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
5191 { "T", 1024ULL*1024ULL*1024ULL*1024ULL },
5192 { "G", 1024ULL*1024ULL*1024ULL },
5193 { "M", 1024ULL*1024ULL },
5197 for (i = 0; i < ELEMENTSOF(table); i++) {
5199 if (t >= table[i].factor) {
5202 (unsigned long long) (t / table[i].factor),
5203 (unsigned long long) (((t*10ULL) / table[i].factor) % 10ULL),
5210 snprintf(buf, l, "%lluB", (unsigned long long) t);
5218 void* memdup(const void *p, size_t l) {
5231 int fd_inc_sndbuf(int fd, size_t n) {
5233 socklen_t l = sizeof(value);
5235 r = getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, &l);
5236 if (r >= 0 && l == sizeof(value) && (size_t) value >= n*2)
5239 /* If we have the privileges we will ignore the kernel limit. */
5242 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
5243 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
5249 int fd_inc_rcvbuf(int fd, size_t n) {
5251 socklen_t l = sizeof(value);
5253 r = getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, &l);
5254 if (r >= 0 && l == sizeof(value) && (size_t) value >= n*2)
5257 /* If we have the privileges we will ignore the kernel limit. */
5260 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
5261 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
5266 int fork_agent(pid_t *pid, const int except[], unsigned n_except, const char *path, ...) {
5267 bool stdout_is_tty, stderr_is_tty;
5268 pid_t parent_pid, agent_pid;
5269 sigset_t ss, saved_ss;
5277 /* Spawns a temporary TTY agent, making sure it goes away when
5280 parent_pid = getpid();
5282 /* First we temporarily block all signals, so that the new
5283 * child has them blocked initially. This way, we can be sure
5284 * that SIGTERMs are not lost we might send to the agent. */
5285 assert_se(sigfillset(&ss) >= 0);
5286 assert_se(sigprocmask(SIG_SETMASK, &ss, &saved_ss) >= 0);
5289 if (agent_pid < 0) {
5290 assert_se(sigprocmask(SIG_SETMASK, &saved_ss, NULL) >= 0);
5294 if (agent_pid != 0) {
5295 assert_se(sigprocmask(SIG_SETMASK, &saved_ss, NULL) >= 0);
5302 * Make sure the agent goes away when the parent dies */
5303 if (prctl(PR_SET_PDEATHSIG, SIGTERM) < 0)
5304 _exit(EXIT_FAILURE);
5306 /* Make sure we actually can kill the agent, if we need to, in
5307 * case somebody invoked us from a shell script that trapped
5308 * SIGTERM or so... */
5309 reset_all_signal_handlers();
5310 reset_signal_mask();
5312 /* Check whether our parent died before we were able
5313 * to set the death signal and unblock the signals */
5314 if (getppid() != parent_pid)
5315 _exit(EXIT_SUCCESS);
5317 /* Don't leak fds to the agent */
5318 close_all_fds(except, n_except);
5320 stdout_is_tty = isatty(STDOUT_FILENO);
5321 stderr_is_tty = isatty(STDERR_FILENO);
5323 if (!stdout_is_tty || !stderr_is_tty) {
5326 /* Detach from stdout/stderr. and reopen
5327 * /dev/tty for them. This is important to
5328 * ensure that when systemctl is started via
5329 * popen() or a similar call that expects to
5330 * read EOF we actually do generate EOF and
5331 * not delay this indefinitely by because we
5332 * keep an unused copy of stdin around. */
5333 fd = open("/dev/tty", O_WRONLY);
5335 log_error_errno(errno, "Failed to open /dev/tty: %m");
5336 _exit(EXIT_FAILURE);
5340 dup2(fd, STDOUT_FILENO);
5343 dup2(fd, STDERR_FILENO);
5349 /* Count arguments */
5351 for (n = 0; va_arg(ap, char*); n++)
5356 l = alloca(sizeof(char *) * (n + 1));
5358 /* Fill in arguments */
5360 for (i = 0; i <= n; i++)
5361 l[i] = va_arg(ap, char*);
5365 _exit(EXIT_FAILURE);
5368 int setrlimit_closest(int resource, const struct rlimit *rlim) {
5369 struct rlimit highest, fixed;
5373 if (setrlimit(resource, rlim) >= 0)
5379 /* So we failed to set the desired setrlimit, then let's try
5380 * to get as close as we can */
5381 assert_se(getrlimit(resource, &highest) == 0);
5383 fixed.rlim_cur = MIN(rlim->rlim_cur, highest.rlim_max);
5384 fixed.rlim_max = MIN(rlim->rlim_max, highest.rlim_max);
5386 if (setrlimit(resource, &fixed) < 0)
5392 int getenv_for_pid(pid_t pid, const char *field, char **_value) {
5393 _cleanup_fclose_ FILE *f = NULL;
5404 path = procfs_file_alloca(pid, "environ");
5406 f = fopen(path, "re");
5414 char line[LINE_MAX];
5417 for (i = 0; i < sizeof(line)-1; i++) {
5421 if (_unlikely_(c == EOF)) {
5431 if (memcmp(line, field, l) == 0 && line[l] == '=') {
5432 value = strdup(line + l + 1);
5446 bool is_valid_documentation_url(const char *url) {
5449 if (startswith(url, "http://") && url[7])
5452 if (startswith(url, "https://") && url[8])
5455 if (startswith(url, "file:") && url[5])
5458 if (startswith(url, "info:") && url[5])
5461 if (startswith(url, "man:") && url[4])
5467 bool in_initrd(void) {
5468 static int saved = -1;
5474 /* We make two checks here:
5476 * 1. the flag file /etc/initrd-release must exist
5477 * 2. the root file system must be a memory file system
5479 * The second check is extra paranoia, since misdetecting an
5480 * initrd can have bad bad consequences due the initrd
5481 * emptying when transititioning to the main systemd.
5484 saved = access("/etc/initrd-release", F_OK) >= 0 &&
5485 statfs("/", &s) >= 0 &&
5486 is_temporary_fs(&s);
5491 void warn_melody(void) {
5492 _cleanup_close_ int fd = -1;
5494 fd = open("/dev/console", O_WRONLY|O_CLOEXEC|O_NOCTTY);
5498 /* Yeah, this is synchronous. Kinda sucks. But well... */
5500 ioctl(fd, KIOCSOUND, (int)(1193180/440));
5501 usleep(125*USEC_PER_MSEC);
5503 ioctl(fd, KIOCSOUND, (int)(1193180/220));
5504 usleep(125*USEC_PER_MSEC);
5506 ioctl(fd, KIOCSOUND, (int)(1193180/220));
5507 usleep(125*USEC_PER_MSEC);
5509 ioctl(fd, KIOCSOUND, 0);
5512 int make_console_stdio(void) {
5515 /* Make /dev/console the controlling terminal and stdin/stdout/stderr */
5517 fd = acquire_terminal("/dev/console", false, true, true, USEC_INFINITY);
5519 return log_error_errno(fd, "Failed to acquire terminal: %m");
5523 return log_error_errno(r, "Failed to duplicate terminal fd: %m");
5528 int get_home_dir(char **_h) {
5536 /* Take the user specified one */
5537 e = secure_getenv("HOME");
5538 if (e && path_is_absolute(e)) {
5547 /* Hardcode home directory for root to avoid NSS */
5550 h = strdup("/root");
5558 /* Check the database... */
5562 return errno > 0 ? -errno : -ESRCH;
5564 if (!path_is_absolute(p->pw_dir))
5567 h = strdup(p->pw_dir);
5575 int get_shell(char **_s) {
5583 /* Take the user specified one */
5584 e = getenv("SHELL");
5594 /* Hardcode home directory for root to avoid NSS */
5597 s = strdup("/bin/sh");
5605 /* Check the database... */
5609 return errno > 0 ? -errno : -ESRCH;
5611 if (!path_is_absolute(p->pw_shell))
5614 s = strdup(p->pw_shell);
5622 bool filename_is_safe(const char *p) {
5636 if (strlen(p) > FILENAME_MAX)
5642 bool string_is_safe(const char *p) {
5648 for (t = p; *t; t++) {
5649 if (*t > 0 && *t < ' ')
5652 if (strchr("\\\"\'\0x7f", *t))
5660 * Check if a string contains control characters. If 'ok' is non-NULL
5661 * it may be a string containing additional CCs to be considered OK.
5663 bool string_has_cc(const char *p, const char *ok) {
5668 for (t = p; *t; t++) {
5669 if (ok && strchr(ok, *t))
5672 if (*t > 0 && *t < ' ')
5682 bool path_is_safe(const char *p) {
5687 if (streq(p, "..") || startswith(p, "../") || endswith(p, "/..") || strstr(p, "/../"))
5690 if (strlen(p) > PATH_MAX)
5693 /* The following two checks are not really dangerous, but hey, they still are confusing */
5694 if (streq(p, ".") || startswith(p, "./") || endswith(p, "/.") || strstr(p, "/./"))
5697 if (strstr(p, "//"))
5703 /* hey glibc, APIs with callbacks without a user pointer are so useless */
5704 void *xbsearch_r(const void *key, const void *base, size_t nmemb, size_t size,
5705 int (*compar) (const void *, const void *, void *), void *arg) {
5714 p = (void *)(((const char *) base) + (idx * size));
5715 comparison = compar(key, p, arg);
5718 else if (comparison > 0)
5726 bool is_locale_utf8(void) {
5728 static int cached_answer = -1;
5730 if (cached_answer >= 0)
5733 if (!setlocale(LC_ALL, "")) {
5734 cached_answer = true;
5738 set = nl_langinfo(CODESET);
5740 cached_answer = true;
5744 if (streq(set, "UTF-8")) {
5745 cached_answer = true;
5749 /* For LC_CTYPE=="C" return true, because CTYPE is effectly
5750 * unset and everything can do to UTF-8 nowadays. */
5751 set = setlocale(LC_CTYPE, NULL);
5753 cached_answer = true;
5757 /* Check result, but ignore the result if C was set
5761 !getenv("LC_ALL") &&
5762 !getenv("LC_CTYPE") &&
5766 return (bool) cached_answer;
5769 const char *draw_special_char(DrawSpecialChar ch) {
5770 static const char *draw_table[2][_DRAW_SPECIAL_CHAR_MAX] = {
5773 [DRAW_TREE_VERTICAL] = "\342\224\202 ", /* │ */
5774 [DRAW_TREE_BRANCH] = "\342\224\234\342\224\200", /* ├─ */
5775 [DRAW_TREE_RIGHT] = "\342\224\224\342\224\200", /* └─ */
5776 [DRAW_TREE_SPACE] = " ", /* */
5777 [DRAW_TRIANGULAR_BULLET] = "\342\200\243", /* ‣ */
5778 [DRAW_BLACK_CIRCLE] = "\342\227\217", /* ● */
5779 [DRAW_ARROW] = "\342\206\222", /* → */
5780 [DRAW_DASH] = "\342\200\223", /* – */
5783 /* ASCII fallback */ {
5784 [DRAW_TREE_VERTICAL] = "| ",
5785 [DRAW_TREE_BRANCH] = "|-",
5786 [DRAW_TREE_RIGHT] = "`-",
5787 [DRAW_TREE_SPACE] = " ",
5788 [DRAW_TRIANGULAR_BULLET] = ">",
5789 [DRAW_BLACK_CIRCLE] = "*",
5790 [DRAW_ARROW] = "->",
5795 return draw_table[!is_locale_utf8()][ch];
5798 char *strreplace(const char *text, const char *old_string, const char *new_string) {
5801 size_t l, old_len, new_len;
5807 old_len = strlen(old_string);
5808 new_len = strlen(new_string);
5821 if (!startswith(f, old_string)) {
5827 nl = l - old_len + new_len;
5828 a = realloc(r, nl + 1);
5836 t = stpcpy(t, new_string);
5848 char *strip_tab_ansi(char **ibuf, size_t *_isz) {
5849 const char *i, *begin = NULL;
5854 } state = STATE_OTHER;
5856 size_t osz = 0, isz;
5862 /* Strips ANSI color and replaces TABs by 8 spaces */
5864 isz = _isz ? *_isz : strlen(*ibuf);
5866 f = open_memstream(&obuf, &osz);
5870 for (i = *ibuf; i < *ibuf + isz + 1; i++) {
5875 if (i >= *ibuf + isz) /* EOT */
5877 else if (*i == '\x1B')
5878 state = STATE_ESCAPE;
5879 else if (*i == '\t')
5886 if (i >= *ibuf + isz) { /* EOT */
5889 } else if (*i == '[') {
5890 state = STATE_BRACKET;
5895 state = STATE_OTHER;
5902 if (i >= *ibuf + isz || /* EOT */
5903 (!(*i >= '0' && *i <= '9') && *i != ';' && *i != 'm')) {
5906 state = STATE_OTHER;
5908 } else if (*i == 'm')
5909 state = STATE_OTHER;
5931 int on_ac_power(void) {
5932 bool found_offline = false, found_online = false;
5933 _cleanup_closedir_ DIR *d = NULL;
5935 d = opendir("/sys/class/power_supply");
5941 _cleanup_close_ int fd = -1, device = -1;
5947 if (!de && errno != 0)
5953 if (ignore_file(de->d_name))
5956 device = openat(dirfd(d), de->d_name, O_DIRECTORY|O_RDONLY|O_CLOEXEC|O_NOCTTY);
5958 if (errno == ENOENT || errno == ENOTDIR)
5964 fd = openat(device, "type", O_RDONLY|O_CLOEXEC|O_NOCTTY);
5966 if (errno == ENOENT)
5972 n = read(fd, contents, sizeof(contents));
5976 if (n != 6 || memcmp(contents, "Mains\n", 6))
5980 fd = openat(device, "online", O_RDONLY|O_CLOEXEC|O_NOCTTY);
5982 if (errno == ENOENT)
5988 n = read(fd, contents, sizeof(contents));
5992 if (n != 2 || contents[1] != '\n')
5995 if (contents[0] == '1') {
5996 found_online = true;
5998 } else if (contents[0] == '0')
5999 found_offline = true;
6004 return found_online || !found_offline;
6007 static int search_and_fopen_internal(const char *path, const char *mode, const char *root, char **search, FILE **_f) {
6014 if (!path_strv_resolve_uniq(search, root))
6017 STRV_FOREACH(i, search) {
6018 _cleanup_free_ char *p = NULL;
6022 p = strjoin(root, *i, "/", path, NULL);
6024 p = strjoin(*i, "/", path, NULL);
6034 if (errno != ENOENT)
6041 int search_and_fopen(const char *path, const char *mode, const char *root, const char **search, FILE **_f) {
6042 _cleanup_strv_free_ char **copy = NULL;
6048 if (path_is_absolute(path)) {
6051 f = fopen(path, mode);
6060 copy = strv_copy((char**) search);
6064 return search_and_fopen_internal(path, mode, root, copy, _f);
6067 int search_and_fopen_nulstr(const char *path, const char *mode, const char *root, const char *search, FILE **_f) {
6068 _cleanup_strv_free_ char **s = NULL;
6070 if (path_is_absolute(path)) {
6073 f = fopen(path, mode);
6082 s = strv_split_nulstr(search);
6086 return search_and_fopen_internal(path, mode, root, s, _f);
6089 char *strextend(char **x, ...) {
6096 l = f = *x ? strlen(*x) : 0;
6103 t = va_arg(ap, const char *);
6108 if (n > ((size_t) -1) - l) {
6117 r = realloc(*x, l+1);
6127 t = va_arg(ap, const char *);
6141 char *strrep(const char *s, unsigned n) {
6149 p = r = malloc(l * n + 1);
6153 for (i = 0; i < n; i++)
6160 void* greedy_realloc(void **p, size_t *allocated, size_t need, size_t size) {
6167 if (*allocated >= need)
6170 newalloc = MAX(need * 2, 64u / size);
6171 a = newalloc * size;
6173 /* check for overflows */
6174 if (a < size * need)
6182 *allocated = newalloc;
6186 void* greedy_realloc0(void **p, size_t *allocated, size_t need, size_t size) {
6195 q = greedy_realloc(p, allocated, need, size);
6199 if (*allocated > prev)
6200 memzero(q + prev * size, (*allocated - prev) * size);
6205 bool id128_is_valid(const char *s) {
6211 /* Simple formatted 128bit hex string */
6213 for (i = 0; i < l; i++) {
6216 if (!(c >= '0' && c <= '9') &&
6217 !(c >= 'a' && c <= 'z') &&
6218 !(c >= 'A' && c <= 'Z'))
6222 } else if (l == 36) {
6224 /* Formatted UUID */
6226 for (i = 0; i < l; i++) {
6229 if ((i == 8 || i == 13 || i == 18 || i == 23)) {
6233 if (!(c >= '0' && c <= '9') &&
6234 !(c >= 'a' && c <= 'z') &&
6235 !(c >= 'A' && c <= 'Z'))
6246 int split_pair(const char *s, const char *sep, char **l, char **r) {
6261 a = strndup(s, x - s);
6265 b = strdup(x + strlen(sep));
6277 int shall_restore_state(void) {
6278 _cleanup_free_ char *value = NULL;
6281 r = get_proc_cmdline_key("systemd.restore_state=", &value);
6287 return parse_boolean(value) != 0;
6290 int proc_cmdline(char **ret) {
6293 if (detect_container(NULL) > 0)
6294 return get_process_cmdline(1, 0, false, ret);
6296 return read_one_line_file("/proc/cmdline", ret);
6299 int parse_proc_cmdline(int (*parse_item)(const char *key, const char *value)) {
6300 _cleanup_free_ char *line = NULL;
6306 r = proc_cmdline(&line);
6312 _cleanup_free_ char *word = NULL;
6315 r = unquote_first_word(&p, &word, true);
6321 /* Filter out arguments that are intended only for the
6323 if (!in_initrd() && startswith(word, "rd."))
6326 value = strchr(word, '=');
6330 r = parse_item(word, value);
6338 int get_proc_cmdline_key(const char *key, char **value) {
6339 _cleanup_free_ char *line = NULL, *ret = NULL;
6346 r = proc_cmdline(&line);
6352 _cleanup_free_ char *word = NULL;
6355 r = unquote_first_word(&p, &word, true);
6361 /* Filter out arguments that are intended only for the
6363 if (!in_initrd() && startswith(word, "rd."))
6367 e = startswith(word, key);
6371 r = free_and_strdup(&ret, e);
6377 if (streq(word, key))
6391 int container_get_leader(const char *machine, pid_t *pid) {
6392 _cleanup_free_ char *s = NULL, *class = NULL;
6400 p = strappenda("/run/systemd/machines/", machine);
6401 r = parse_env_file(p, NEWLINE, "LEADER", &s, "CLASS", &class, NULL);
6409 if (!streq_ptr(class, "container"))
6412 r = parse_pid(s, &leader);
6422 int namespace_open(pid_t pid, int *pidns_fd, int *mntns_fd, int *netns_fd, int *root_fd) {
6423 _cleanup_close_ int pidnsfd = -1, mntnsfd = -1, netnsfd = -1;
6431 mntns = procfs_file_alloca(pid, "ns/mnt");
6432 mntnsfd = open(mntns, O_RDONLY|O_NOCTTY|O_CLOEXEC);
6440 pidns = procfs_file_alloca(pid, "ns/pid");
6441 pidnsfd = open(pidns, O_RDONLY|O_NOCTTY|O_CLOEXEC);
6449 netns = procfs_file_alloca(pid, "ns/net");
6450 netnsfd = open(netns, O_RDONLY|O_NOCTTY|O_CLOEXEC);
6458 root = procfs_file_alloca(pid, "root");
6459 rfd = open(root, O_RDONLY|O_NOCTTY|O_CLOEXEC|O_DIRECTORY);
6465 *pidns_fd = pidnsfd;
6468 *mntns_fd = mntnsfd;
6471 *netns_fd = netnsfd;
6476 pidnsfd = mntnsfd = netnsfd = -1;
6481 int namespace_enter(int pidns_fd, int mntns_fd, int netns_fd, int root_fd) {
6484 if (setns(pidns_fd, CLONE_NEWPID) < 0)
6488 if (setns(mntns_fd, CLONE_NEWNS) < 0)
6492 if (setns(netns_fd, CLONE_NEWNET) < 0)
6496 if (fchdir(root_fd) < 0)
6499 if (chroot(".") < 0)
6503 if (setresgid(0, 0, 0) < 0)
6506 if (setgroups(0, NULL) < 0)
6509 if (setresuid(0, 0, 0) < 0)
6515 bool pid_is_unwaited(pid_t pid) {
6516 /* Checks whether a PID is still valid at all, including a zombie */
6521 if (kill(pid, 0) >= 0)
6524 return errno != ESRCH;
6527 bool pid_is_alive(pid_t pid) {
6530 /* Checks whether a PID is still valid and not a zombie */
6535 r = get_process_state(pid);
6536 if (r == -ENOENT || r == 'Z')
6542 int getpeercred(int fd, struct ucred *ucred) {
6543 socklen_t n = sizeof(struct ucred);
6550 r = getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &u, &n);
6554 if (n != sizeof(struct ucred))
6557 /* Check if the data is actually useful and not suppressed due
6558 * to namespacing issues */
6561 if (u.uid == UID_INVALID)
6563 if (u.gid == GID_INVALID)
6570 int getpeersec(int fd, char **ret) {
6582 r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n);
6586 if (errno != ERANGE)
6593 r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n);
6609 /* This is much like like mkostemp() but is subject to umask(). */
6610 int mkostemp_safe(char *pattern, int flags) {
6611 _cleanup_umask_ mode_t u;
6618 fd = mkostemp(pattern, flags);
6625 int open_tmpfile(const char *path, int flags) {
6632 /* Try O_TMPFILE first, if it is supported */
6633 fd = open(path, flags|O_TMPFILE, S_IRUSR|S_IWUSR);
6638 /* Fall back to unguessable name + unlinking */
6639 p = strappenda(path, "/systemd-tmp-XXXXXX");
6641 fd = mkostemp_safe(p, flags);
6649 int fd_warn_permissions(const char *path, int fd) {
6652 if (fstat(fd, &st) < 0)
6655 if (st.st_mode & 0111)
6656 log_warning("Configuration file %s is marked executable. Please remove executable permission bits. Proceeding anyway.", path);
6658 if (st.st_mode & 0002)
6659 log_warning("Configuration file %s is marked world-writable. Please remove world writability permission bits. Proceeding anyway.", path);
6661 if (getpid() == 1 && (st.st_mode & 0044) != 0044)
6662 log_warning("Configuration file %s is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.", path);
6667 unsigned long personality_from_string(const char *p) {
6669 /* Parse a personality specifier. We introduce our own
6670 * identifiers that indicate specific ABIs, rather than just
6671 * hints regarding the register size, since we want to keep
6672 * things open for multiple locally supported ABIs for the
6673 * same register size. We try to reuse the ABI identifiers
6674 * used by libseccomp. */
6676 #if defined(__x86_64__)
6678 if (streq(p, "x86"))
6681 if (streq(p, "x86-64"))
6684 #elif defined(__i386__)
6686 if (streq(p, "x86"))
6690 /* personality(7) documents that 0xffffffffUL is used for
6691 * querying the current personality, hence let's use that here
6692 * as error indicator. */
6693 return 0xffffffffUL;
6696 const char* personality_to_string(unsigned long p) {
6698 #if defined(__x86_64__)
6700 if (p == PER_LINUX32)
6706 #elif defined(__i386__)
6715 uint64_t physical_memory(void) {
6718 /* We return this as uint64_t in case we are running as 32bit
6719 * process on a 64bit kernel with huge amounts of memory */
6721 mem = sysconf(_SC_PHYS_PAGES);
6724 return (uint64_t) mem * (uint64_t) page_size();
6727 char* mount_test_option(const char *haystack, const char *needle) {
6729 struct mntent me = {
6730 .mnt_opts = (char*) haystack
6735 /* Like glibc's hasmntopt(), but works on a string, not a
6741 return hasmntopt(&me, needle);
6744 void hexdump(FILE *f, const void *p, size_t s) {
6745 const uint8_t *b = p;
6748 assert(s == 0 || b);
6753 fprintf(f, "%04x ", n);
6755 for (i = 0; i < 16; i++) {
6760 fprintf(f, "%02x ", b[i]);
6768 for (i = 0; i < 16; i++) {
6773 fputc(isprint(b[i]) ? (char) b[i] : '.', f);
6787 int update_reboot_param_file(const char *param) {
6792 r = write_string_file(REBOOT_PARAM_FILE, param);
6794 log_error("Failed to write reboot param to "
6795 REBOOT_PARAM_FILE": %s", strerror(-r));
6797 unlink(REBOOT_PARAM_FILE);
6802 int umount_recursive(const char *prefix, int flags) {
6806 /* Try to umount everything recursively below a
6807 * directory. Also, take care of stacked mounts, and keep
6808 * unmounting them until they are gone. */
6811 _cleanup_fclose_ FILE *proc_self_mountinfo = NULL;
6816 proc_self_mountinfo = fopen("/proc/self/mountinfo", "re");
6817 if (!proc_self_mountinfo)
6821 _cleanup_free_ char *path = NULL, *p = NULL;
6824 k = fscanf(proc_self_mountinfo,
6825 "%*s " /* (1) mount id */
6826 "%*s " /* (2) parent id */
6827 "%*s " /* (3) major:minor */
6828 "%*s " /* (4) root */
6829 "%ms " /* (5) mount point */
6830 "%*s" /* (6) mount options */
6831 "%*[^-]" /* (7) optional fields */
6832 "- " /* (8) separator */
6833 "%*s " /* (9) file system type */
6834 "%*s" /* (10) mount source */
6835 "%*s" /* (11) mount options 2 */
6836 "%*[^\n]", /* some rubbish at the end */
6845 p = cunescape(path);
6849 if (!path_startswith(p, prefix))
6852 if (umount2(p, flags) < 0) {
6868 int bind_remount_recursive(const char *prefix, bool ro) {
6869 _cleanup_set_free_free_ Set *done = NULL;
6870 _cleanup_free_ char *cleaned = NULL;
6873 /* Recursively remount a directory (and all its submounts)
6874 * read-only or read-write. If the directory is already
6875 * mounted, we reuse the mount and simply mark it
6876 * MS_BIND|MS_RDONLY (or remove the MS_RDONLY for read-write
6877 * operation). If it isn't we first make it one. Afterwards we
6878 * apply MS_BIND|MS_RDONLY (or remove MS_RDONLY) to all
6879 * submounts we can access, too. When mounts are stacked on
6880 * the same mount point we only care for each individual
6881 * "top-level" mount on each point, as we cannot
6882 * influence/access the underlying mounts anyway. We do not
6883 * have any effect on future submounts that might get
6884 * propagated, they migt be writable. This includes future
6885 * submounts that have been triggered via autofs. */
6887 cleaned = strdup(prefix);
6891 path_kill_slashes(cleaned);
6893 done = set_new(&string_hash_ops);
6898 _cleanup_fclose_ FILE *proc_self_mountinfo = NULL;
6899 _cleanup_set_free_free_ Set *todo = NULL;
6900 bool top_autofs = false;
6903 todo = set_new(&string_hash_ops);
6907 proc_self_mountinfo = fopen("/proc/self/mountinfo", "re");
6908 if (!proc_self_mountinfo)
6912 _cleanup_free_ char *path = NULL, *p = NULL, *type = NULL;
6915 k = fscanf(proc_self_mountinfo,
6916 "%*s " /* (1) mount id */
6917 "%*s " /* (2) parent id */
6918 "%*s " /* (3) major:minor */
6919 "%*s " /* (4) root */
6920 "%ms " /* (5) mount point */
6921 "%*s" /* (6) mount options (superblock) */
6922 "%*[^-]" /* (7) optional fields */
6923 "- " /* (8) separator */
6924 "%ms " /* (9) file system type */
6925 "%*s" /* (10) mount source */
6926 "%*s" /* (11) mount options (bind mount) */
6927 "%*[^\n]", /* some rubbish at the end */
6937 p = cunescape(path);
6941 /* Let's ignore autofs mounts. If they aren't
6942 * triggered yet, we want to avoid triggering
6943 * them, as we don't make any guarantees for
6944 * future submounts anyway. If they are
6945 * already triggered, then we will find
6946 * another entry for this. */
6947 if (streq(type, "autofs")) {
6948 top_autofs = top_autofs || path_equal(cleaned, p);
6952 if (path_startswith(p, cleaned) &&
6953 !set_contains(done, p)) {
6955 r = set_consume(todo, p);
6965 /* If we have no submounts to process anymore and if
6966 * the root is either already done, or an autofs, we
6968 if (set_isempty(todo) &&
6969 (top_autofs || set_contains(done, cleaned)))
6972 if (!set_contains(done, cleaned) &&
6973 !set_contains(todo, cleaned)) {
6974 /* The prefix directory itself is not yet a
6975 * mount, make it one. */
6976 if (mount(cleaned, cleaned, NULL, MS_BIND|MS_REC, NULL) < 0)
6979 if (mount(NULL, prefix, NULL, MS_BIND|MS_REMOUNT|(ro ? MS_RDONLY : 0), NULL) < 0)
6982 x = strdup(cleaned);
6986 r = set_consume(done, x);
6991 while ((x = set_steal_first(todo))) {
6993 r = set_consume(done, x);
6999 if (mount(NULL, x, NULL, MS_BIND|MS_REMOUNT|(ro ? MS_RDONLY : 0), NULL) < 0) {
7001 /* Deal with mount points that are
7002 * obstructed by a later mount */
7004 if (errno != ENOENT)
7012 int fflush_and_check(FILE *f) {
7019 return errno ? -errno : -EIO;
7024 char *tempfn_xxxxxx(const char *p) {
7031 t = new(char, strlen(p) + 1 + 6 + 1);
7038 strcpy(stpcpy(stpcpy(mempcpy(t, p, k), "."), fn), "XXXXXX");
7043 char *tempfn_random(const char *p) {
7052 t = new(char, strlen(p) + 1 + 16 + 1);
7059 x = stpcpy(stpcpy(mempcpy(t, p, k), "."), fn);
7062 for (i = 0; i < 16; i++) {
7063 *(x++) = hexchar(u & 0xF);
7072 /* make sure the hostname is not "localhost" */
7073 bool is_localhost(const char *hostname) {
7076 /* This tries to identify local host and domain names
7077 * described in RFC6761 plus the redhatism of .localdomain */
7079 return streq(hostname, "localhost") ||
7080 streq(hostname, "localhost.") ||
7081 streq(hostname, "localdomain.") ||
7082 streq(hostname, "localdomain") ||
7083 endswith(hostname, ".localhost") ||
7084 endswith(hostname, ".localhost.") ||
7085 endswith(hostname, ".localdomain") ||
7086 endswith(hostname, ".localdomain.");
7089 int take_password_lock(const char *root) {
7091 struct flock flock = {
7093 .l_whence = SEEK_SET,
7101 /* This is roughly the same as lckpwdf(), but not as awful. We
7102 * don't want to use alarm() and signals, hence we implement
7103 * our own trivial version of this.
7105 * Note that shadow-utils also takes per-database locks in
7106 * addition to lckpwdf(). However, we don't given that they
7107 * are redundant as they they invoke lckpwdf() first and keep
7108 * it during everything they do. The per-database locks are
7109 * awfully racy, and thus we just won't do them. */
7112 path = strappenda(root, "/etc/.pwd.lock");
7114 path = "/etc/.pwd.lock";
7116 fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW, 0600);
7120 r = fcntl(fd, F_SETLKW, &flock);
7129 int is_symlink(const char *path) {
7132 if (lstat(path, &info) < 0)
7135 return !!S_ISLNK(info.st_mode);
7138 int is_dir(const char* path, bool follow) {
7143 r = stat(path, &st);
7145 r = lstat(path, &st);
7149 return !!S_ISDIR(st.st_mode);
7152 int unquote_first_word(const char **p, char **ret, bool relax) {
7153 _cleanup_free_ char *s = NULL;
7154 size_t allocated = 0, sz = 0;
7161 SINGLE_QUOTE_ESCAPE,
7163 DOUBLE_QUOTE_ESCAPE,
7171 /* Parses the first word of a string, and returns it in
7172 * *ret. Removes all quotes in the process. When parsing fails
7173 * (because of an uneven number of quotes or similar), leaves
7174 * the pointer *p at the first invalid character. */
7184 else if (strchr(WHITESPACE, c))
7194 state = SINGLE_QUOTE;
7196 state = VALUE_ESCAPE;
7198 state = DOUBLE_QUOTE;
7199 else if (strchr(WHITESPACE, c))
7202 if (!GREEDY_REALLOC(s, allocated, sz+2))
7217 if (!GREEDY_REALLOC(s, allocated, sz+2))
7230 } else if (c == '\'')
7233 state = SINGLE_QUOTE_ESCAPE;
7235 if (!GREEDY_REALLOC(s, allocated, sz+2))
7243 case SINGLE_QUOTE_ESCAPE:
7250 if (!GREEDY_REALLOC(s, allocated, sz+2))
7254 state = SINGLE_QUOTE;
7263 state = DOUBLE_QUOTE_ESCAPE;
7265 if (!GREEDY_REALLOC(s, allocated, sz+2))
7273 case DOUBLE_QUOTE_ESCAPE:
7280 if (!GREEDY_REALLOC(s, allocated, sz+2))
7284 state = DOUBLE_QUOTE;
7290 if (!strchr(WHITESPACE, c))
7312 int unquote_many_words(const char **p, ...) {
7317 /* Parses a number of words from a string, stripping any
7318 * quotes if necessary. */
7322 /* Count how many words are expected */
7325 if (!va_arg(ap, char **))
7334 /* Read all words into a temporary array */
7335 l = newa0(char*, n);
7336 for (c = 0; c < n; c++) {
7338 r = unquote_first_word(p, &l[c], false);
7342 for (j = 0; j < c; j++)
7352 /* If we managed to parse all words, return them in the passed
7355 for (i = 0; i < n; i++) {
7358 v = va_arg(ap, char **);
7368 int free_and_strdup(char **p, const char *s) {
7373 /* Replaces a string pointer with an strdup()ed new string,
7374 * possibly freeing the old one. */
7389 int sethostname_idempotent(const char *s) {
7391 char buf[HOST_NAME_MAX + 1] = {};
7395 r = gethostname(buf, sizeof(buf));
7402 r = sethostname(s, strlen(s));
~ianmdlvl / elogind.git / blob