1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
31 #include <sys/resource.h>
32 #include <linux/sched.h>
33 #include <sys/types.h>
37 #include <sys/ioctl.h>
39 #include <linux/tiocl.h>
42 #include <sys/inotify.h>
45 #include <sys/prctl.h>
46 #include <sys/utsname.h>
48 #include <netinet/ip.h>
57 #include <sys/mount.h>
58 #include <linux/magic.h>
62 #include <sys/personality.h>
66 #ifdef HAVE_SYS_AUXV_H
78 #include "path-util.h"
79 #include "exit-status.h"
83 #include "device-nodes.h"
90 char **saved_argv = NULL;
92 static volatile unsigned cached_columns = 0;
93 static volatile unsigned cached_lines = 0;
95 size_t page_size(void) {
96 static thread_local size_t pgsz = 0;
99 if (_likely_(pgsz > 0))
102 r = sysconf(_SC_PAGESIZE);
109 bool streq_ptr(const char *a, const char *b) {
111 /* Like streq(), but tries to make sense of NULL pointers */
122 char* endswith(const char *s, const char *postfix) {
129 pl = strlen(postfix);
132 return (char*) s + sl;
137 if (memcmp(s + sl - pl, postfix, pl) != 0)
140 return (char*) s + sl - pl;
143 bool first_word(const char *s, const char *word) {
158 if (memcmp(s, word, wl) != 0)
162 strchr(WHITESPACE, s[wl]);
165 int close_nointr(int fd) {
172 else if (errno == EINTR)
174 * Just ignore EINTR; a retry loop is the wrong
175 * thing to do on Linux.
177 * http://lkml.indiana.edu/hypermail/linux/kernel/0509.1/0877.html
178 * https://bugzilla.gnome.org/show_bug.cgi?id=682819
179 * http://utcc.utoronto.ca/~cks/space/blog/unix/CloseEINTR
180 * https://sites.google.com/site/michaelsafyan/software-engineering/checkforeintrwheninvokingclosethinkagain
187 int safe_close(int fd) {
190 * Like close_nointr() but cannot fail. Guarantees errno is
191 * unchanged. Is a NOP with negative fds passed, and returns
192 * -1, so that it can be used in this syntax:
194 * fd = safe_close(fd);
200 /* The kernel might return pretty much any error code
201 * via close(), but the fd will be closed anyway. The
202 * only condition we want to check for here is whether
203 * the fd was invalid at all... */
205 assert_se(close_nointr(fd) != -EBADF);
211 void close_many(const int fds[], unsigned n_fd) {
214 assert(fds || n_fd <= 0);
216 for (i = 0; i < n_fd; i++)
220 int unlink_noerrno(const char *path) {
231 int parse_boolean(const char *v) {
234 if (streq(v, "1") || strcaseeq(v, "yes") || strcaseeq(v, "y") || strcaseeq(v, "true") || strcaseeq(v, "t") || strcaseeq(v, "on"))
236 else if (streq(v, "0") || strcaseeq(v, "no") || strcaseeq(v, "n") || strcaseeq(v, "false") || strcaseeq(v, "f") || strcaseeq(v, "off"))
242 int parse_pid(const char *s, pid_t* ret_pid) {
243 unsigned long ul = 0;
250 r = safe_atolu(s, &ul);
256 if ((unsigned long) pid != ul)
266 int parse_uid(const char *s, uid_t* ret_uid) {
267 unsigned long ul = 0;
274 r = safe_atolu(s, &ul);
280 if ((unsigned long) uid != ul)
283 /* Some libc APIs use (uid_t) -1 as special placeholder */
284 if (uid == (uid_t) 0xFFFFFFFF)
287 /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */
288 if (uid == (uid_t) 0xFFFF)
295 int safe_atou(const char *s, unsigned *ret_u) {
303 l = strtoul(s, &x, 0);
305 if (!x || x == s || *x || errno)
306 return errno > 0 ? -errno : -EINVAL;
308 if ((unsigned long) (unsigned) l != l)
311 *ret_u = (unsigned) l;
315 int safe_atoi(const char *s, int *ret_i) {
323 l = strtol(s, &x, 0);
325 if (!x || x == s || *x || errno)
326 return errno > 0 ? -errno : -EINVAL;
328 if ((long) (int) l != l)
335 int safe_atou8(const char *s, uint8_t *ret) {
343 l = strtoul(s, &x, 0);
345 if (!x || x == s || *x || errno)
346 return errno > 0 ? -errno : -EINVAL;
348 if ((unsigned long) (uint8_t) l != l)
355 int safe_atollu(const char *s, long long unsigned *ret_llu) {
357 unsigned long long l;
363 l = strtoull(s, &x, 0);
365 if (!x || x == s || *x || errno)
366 return errno ? -errno : -EINVAL;
372 int safe_atolli(const char *s, long long int *ret_lli) {
380 l = strtoll(s, &x, 0);
382 if (!x || x == s || *x || errno)
383 return errno ? -errno : -EINVAL;
389 int safe_atod(const char *s, double *ret_d) {
396 RUN_WITH_LOCALE(LC_NUMERIC_MASK, "C") {
401 if (!x || x == s || *x || errno)
402 return errno ? -errno : -EINVAL;
408 static size_t strcspn_escaped(const char *s, const char *reject) {
409 bool escaped = false;
412 for (n=0; s[n]; n++) {
415 else if (s[n] == '\\')
417 else if (strchr(reject, s[n]))
423 /* Split a string into words. */
424 char *split(const char *c, size_t *l, const char *separator, bool quoted, char **state) {
427 current = *state ? *state : (char*) c;
429 if (!*current || *c == 0)
432 current += strspn(current, separator);
436 if (quoted && strchr("\'\"", *current)) {
437 char quotechar = *(current++);
438 *l = strcspn_escaped(current, (char[]){quotechar, '\0'});
439 *state = current+*l+1;
441 *l = strcspn_escaped(current, separator);
444 *l = strcspn(current, separator);
448 return (char*) current;
451 int get_parent_of_pid(pid_t pid, pid_t *_ppid) {
453 _cleanup_free_ char *line = NULL;
465 p = procfs_file_alloca(pid, "stat");
466 r = read_one_line_file(p, &line);
470 /* Let's skip the pid and comm fields. The latter is enclosed
471 * in () but does not escape any () in its value, so let's
472 * skip over it manually */
474 p = strrchr(line, ')');
486 if ((long unsigned) (pid_t) ppid != ppid)
489 *_ppid = (pid_t) ppid;
494 int get_starttime_of_pid(pid_t pid, unsigned long long *st) {
496 _cleanup_free_ char *line = NULL;
502 p = procfs_file_alloca(pid, "stat");
503 r = read_one_line_file(p, &line);
507 /* Let's skip the pid and comm fields. The latter is enclosed
508 * in () but does not escape any () in its value, so let's
509 * skip over it manually */
511 p = strrchr(line, ')');
533 "%*d " /* priority */
535 "%*d " /* num_threads */
536 "%*d " /* itrealvalue */
537 "%llu " /* starttime */,
544 int fchmod_umask(int fd, mode_t m) {
549 r = fchmod(fd, m & (~u)) < 0 ? -errno : 0;
555 char *truncate_nl(char *s) {
558 s[strcspn(s, NEWLINE)] = 0;
562 int get_process_state(pid_t pid) {
566 _cleanup_free_ char *line = NULL;
570 p = procfs_file_alloca(pid, "stat");
571 r = read_one_line_file(p, &line);
575 p = strrchr(line, ')');
581 if (sscanf(p, " %c", &state) != 1)
584 return (unsigned char) state;
587 int get_process_comm(pid_t pid, char **name) {
594 p = procfs_file_alloca(pid, "comm");
596 r = read_one_line_file(p, name);
603 int get_process_cmdline(pid_t pid, size_t max_length, bool comm_fallback, char **line) {
604 _cleanup_fclose_ FILE *f = NULL;
612 p = procfs_file_alloca(pid, "cmdline");
618 if (max_length == 0) {
619 size_t len = 0, allocated = 0;
621 while ((c = getc(f)) != EOF) {
623 if (!GREEDY_REALLOC(r, allocated, len+2)) {
628 r[len++] = isprint(c) ? c : ' ';
638 r = new(char, max_length);
644 while ((c = getc(f)) != EOF) {
666 size_t n = MIN(left-1, 3U);
673 /* Kernel threads have no argv[] */
674 if (r == NULL || r[0] == 0) {
675 _cleanup_free_ char *t = NULL;
683 h = get_process_comm(pid, &t);
687 r = strjoin("[", t, "]", NULL);
696 int is_kernel_thread(pid_t pid) {
708 p = procfs_file_alloca(pid, "cmdline");
713 count = fread(&c, 1, 1, f);
717 /* Kernel threads have an empty cmdline */
720 return eof ? 1 : -errno;
725 int get_process_capeff(pid_t pid, char **capeff) {
731 p = procfs_file_alloca(pid, "status");
733 return get_status_field(p, "\nCapEff:", capeff);
736 int get_process_exe(pid_t pid, char **name) {
744 p = procfs_file_alloca(pid, "exe");
746 r = readlink_malloc(p, name);
748 return r == -ENOENT ? -ESRCH : r;
750 d = endswith(*name, " (deleted)");
757 static int get_process_id(pid_t pid, const char *field, uid_t *uid) {
758 _cleanup_fclose_ FILE *f = NULL;
768 p = procfs_file_alloca(pid, "status");
773 FOREACH_LINE(line, f, return -errno) {
778 if (startswith(l, field)) {
780 l += strspn(l, WHITESPACE);
782 l[strcspn(l, WHITESPACE)] = 0;
784 return parse_uid(l, uid);
791 int get_process_uid(pid_t pid, uid_t *uid) {
792 return get_process_id(pid, "Uid:", uid);
795 int get_process_gid(pid_t pid, gid_t *gid) {
796 assert_cc(sizeof(uid_t) == sizeof(gid_t));
797 return get_process_id(pid, "Gid:", gid);
800 char *strnappend(const char *s, const char *suffix, size_t b) {
808 return strndup(suffix, b);
817 if (b > ((size_t) -1) - a)
820 r = new(char, a+b+1);
825 memcpy(r+a, suffix, b);
831 char *strappend(const char *s, const char *suffix) {
832 return strnappend(s, suffix, suffix ? strlen(suffix) : 0);
835 int readlinkat_malloc(int fd, const char *p, char **ret) {
850 n = readlinkat(fd, p, c, l-1);
857 if ((size_t) n < l-1) {
868 int readlink_malloc(const char *p, char **ret) {
869 return readlinkat_malloc(AT_FDCWD, p, ret);
872 int readlink_and_make_absolute(const char *p, char **r) {
873 _cleanup_free_ char *target = NULL;
880 j = readlink_malloc(p, &target);
884 k = file_in_same_dir(p, target);
892 int readlink_and_canonicalize(const char *p, char **r) {
899 j = readlink_and_make_absolute(p, &t);
903 s = canonicalize_file_name(t);
910 path_kill_slashes(*r);
915 int reset_all_signal_handlers(void) {
918 for (sig = 1; sig < _NSIG; sig++) {
919 struct sigaction sa = {
920 .sa_handler = SIG_DFL,
921 .sa_flags = SA_RESTART,
924 if (sig == SIGKILL || sig == SIGSTOP)
927 /* On Linux the first two RT signals are reserved by
928 * glibc, and sigaction() will return EINVAL for them. */
929 if ((sigaction(sig, &sa, NULL) < 0))
937 char *strstrip(char *s) {
940 /* Drops trailing whitespace. Modifies the string in
941 * place. Returns pointer to first non-space character */
943 s += strspn(s, WHITESPACE);
945 for (e = strchr(s, 0); e > s; e --)
946 if (!strchr(WHITESPACE, e[-1]))
954 char *delete_chars(char *s, const char *bad) {
957 /* Drops all whitespace, regardless where in the string */
959 for (f = s, t = s; *f; f++) {
971 char *file_in_same_dir(const char *path, const char *filename) {
978 /* This removes the last component of path and appends
979 * filename, unless the latter is absolute anyway or the
982 if (path_is_absolute(filename))
983 return strdup(filename);
985 if (!(e = strrchr(path, '/')))
986 return strdup(filename);
988 k = strlen(filename);
989 if (!(r = new(char, e-path+1+k+1)))
992 memcpy(r, path, e-path+1);
993 memcpy(r+(e-path)+1, filename, k+1);
998 int rmdir_parents(const char *path, const char *stop) {
1007 /* Skip trailing slashes */
1008 while (l > 0 && path[l-1] == '/')
1014 /* Skip last component */
1015 while (l > 0 && path[l-1] != '/')
1018 /* Skip trailing slashes */
1019 while (l > 0 && path[l-1] == '/')
1025 if (!(t = strndup(path, l)))
1028 if (path_startswith(stop, t)) {
1037 if (errno != ENOENT)
1044 char hexchar(int x) {
1045 static const char table[16] = "0123456789abcdef";
1047 return table[x & 15];
1050 int unhexchar(char c) {
1052 if (c >= '0' && c <= '9')
1055 if (c >= 'a' && c <= 'f')
1056 return c - 'a' + 10;
1058 if (c >= 'A' && c <= 'F')
1059 return c - 'A' + 10;
1064 char *hexmem(const void *p, size_t l) {
1068 z = r = malloc(l * 2 + 1);
1072 for (x = p; x < (const uint8_t*) p + l; x++) {
1073 *(z++) = hexchar(*x >> 4);
1074 *(z++) = hexchar(*x & 15);
1081 void *unhexmem(const char *p, size_t l) {
1087 z = r = malloc((l + 1) / 2 + 1);
1091 for (x = p; x < p + l; x += 2) {
1094 a = unhexchar(x[0]);
1096 b = unhexchar(x[1]);
1100 *(z++) = (uint8_t) a << 4 | (uint8_t) b;
1107 char octchar(int x) {
1108 return '0' + (x & 7);
1111 int unoctchar(char c) {
1113 if (c >= '0' && c <= '7')
1119 char decchar(int x) {
1120 return '0' + (x % 10);
1123 int undecchar(char c) {
1125 if (c >= '0' && c <= '9')
1131 char *cescape(const char *s) {
1137 /* Does C style string escaping. */
1139 r = new(char, strlen(s)*4 + 1);
1143 for (f = s, t = r; *f; f++)
1189 /* For special chars we prefer octal over
1190 * hexadecimal encoding, simply because glib's
1191 * g_strescape() does the same */
1192 if ((*f < ' ') || (*f >= 127)) {
1194 *(t++) = octchar((unsigned char) *f >> 6);
1195 *(t++) = octchar((unsigned char) *f >> 3);
1196 *(t++) = octchar((unsigned char) *f);
1207 char *cunescape_length_with_prefix(const char *s, size_t length, const char *prefix) {
1214 /* Undoes C style string escaping, and optionally prefixes it. */
1216 pl = prefix ? strlen(prefix) : 0;
1218 r = new(char, pl+length+1);
1223 memcpy(r, prefix, pl);
1225 for (f = s, t = r + pl; f < s + length; f++) {
1268 /* This is an extension of the XDG syntax files */
1273 /* hexadecimal encoding */
1276 a = unhexchar(f[1]);
1277 b = unhexchar(f[2]);
1279 if (a < 0 || b < 0 || (a == 0 && b == 0)) {
1280 /* Invalid escape code, let's take it literal then */
1284 *(t++) = (char) ((a << 4) | b);
1299 /* octal encoding */
1302 a = unoctchar(f[0]);
1303 b = unoctchar(f[1]);
1304 c = unoctchar(f[2]);
1306 if (a < 0 || b < 0 || c < 0 || (a == 0 && b == 0 && c == 0)) {
1307 /* Invalid escape code, let's take it literal then */
1311 *(t++) = (char) ((a << 6) | (b << 3) | c);
1319 /* premature end of string.*/
1324 /* Invalid escape code, let's take it literal then */
1336 char *cunescape_length(const char *s, size_t length) {
1337 return cunescape_length_with_prefix(s, length, NULL);
1340 char *cunescape(const char *s) {
1343 return cunescape_length(s, strlen(s));
1346 char *xescape(const char *s, const char *bad) {
1350 /* Escapes all chars in bad, in addition to \ and all special
1351 * chars, in \xFF style escaping. May be reversed with
1354 r = new(char, strlen(s) * 4 + 1);
1358 for (f = s, t = r; *f; f++) {
1360 if ((*f < ' ') || (*f >= 127) ||
1361 (*f == '\\') || strchr(bad, *f)) {
1364 *(t++) = hexchar(*f >> 4);
1365 *(t++) = hexchar(*f);
1375 char *ascii_strlower(char *t) {
1380 for (p = t; *p; p++)
1381 if (*p >= 'A' && *p <= 'Z')
1382 *p = *p - 'A' + 'a';
1387 _pure_ static bool ignore_file_allow_backup(const char *filename) {
1391 filename[0] == '.' ||
1392 streq(filename, "lost+found") ||
1393 streq(filename, "aquota.user") ||
1394 streq(filename, "aquota.group") ||
1395 endswith(filename, ".rpmnew") ||
1396 endswith(filename, ".rpmsave") ||
1397 endswith(filename, ".rpmorig") ||
1398 endswith(filename, ".dpkg-old") ||
1399 endswith(filename, ".dpkg-new") ||
1400 endswith(filename, ".swp");
1403 bool ignore_file(const char *filename) {
1406 if (endswith(filename, "~"))
1409 return ignore_file_allow_backup(filename);
1412 int fd_nonblock(int fd, bool nonblock) {
1417 flags = fcntl(fd, F_GETFL, 0);
1422 nflags = flags | O_NONBLOCK;
1424 nflags = flags & ~O_NONBLOCK;
1426 if (nflags == flags)
1429 if (fcntl(fd, F_SETFL, nflags) < 0)
1435 int fd_cloexec(int fd, bool cloexec) {
1440 flags = fcntl(fd, F_GETFD, 0);
1445 nflags = flags | FD_CLOEXEC;
1447 nflags = flags & ~FD_CLOEXEC;
1449 if (nflags == flags)
1452 if (fcntl(fd, F_SETFD, nflags) < 0)
1458 _pure_ static bool fd_in_set(int fd, const int fdset[], unsigned n_fdset) {
1461 assert(n_fdset == 0 || fdset);
1463 for (i = 0; i < n_fdset; i++)
1470 int close_all_fds(const int except[], unsigned n_except) {
1471 _cleanup_closedir_ DIR *d = NULL;
1475 assert(n_except == 0 || except);
1477 d = opendir("/proc/self/fd");
1482 /* When /proc isn't available (for example in chroots)
1483 * the fallback is brute forcing through the fd
1486 assert_se(getrlimit(RLIMIT_NOFILE, &rl) >= 0);
1487 for (fd = 3; fd < (int) rl.rlim_max; fd ++) {
1489 if (fd_in_set(fd, except, n_except))
1492 if (close_nointr(fd) < 0)
1493 if (errno != EBADF && r == 0)
1500 while ((de = readdir(d))) {
1503 if (ignore_file(de->d_name))
1506 if (safe_atoi(de->d_name, &fd) < 0)
1507 /* Let's better ignore this, just in case */
1516 if (fd_in_set(fd, except, n_except))
1519 if (close_nointr(fd) < 0) {
1520 /* Valgrind has its own FD and doesn't want to have it closed */
1521 if (errno != EBADF && r == 0)
1529 bool chars_intersect(const char *a, const char *b) {
1532 /* Returns true if any of the chars in a are in b. */
1533 for (p = a; *p; p++)
1540 bool fstype_is_network(const char *fstype) {
1541 static const char table[] =
1555 x = startswith(fstype, "fuse.");
1559 return nulstr_contains(table, fstype);
1563 _cleanup_close_ int fd;
1565 fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
1571 TIOCL_GETKMSGREDIRECT,
1575 if (ioctl(fd, TIOCLINUX, tiocl) < 0)
1578 vt = tiocl[0] <= 0 ? 1 : tiocl[0];
1581 if (ioctl(fd, VT_ACTIVATE, vt) < 0)
1587 int read_one_char(FILE *f, char *ret, usec_t t, bool *need_nl) {
1588 struct termios old_termios, new_termios;
1589 char c, line[LINE_MAX];
1594 if (tcgetattr(fileno(f), &old_termios) >= 0) {
1595 new_termios = old_termios;
1597 new_termios.c_lflag &= ~ICANON;
1598 new_termios.c_cc[VMIN] = 1;
1599 new_termios.c_cc[VTIME] = 0;
1601 if (tcsetattr(fileno(f), TCSADRAIN, &new_termios) >= 0) {
1604 if (t != USEC_INFINITY) {
1605 if (fd_wait_for_event(fileno(f), POLLIN, t) <= 0) {
1606 tcsetattr(fileno(f), TCSADRAIN, &old_termios);
1611 k = fread(&c, 1, 1, f);
1613 tcsetattr(fileno(f), TCSADRAIN, &old_termios);
1619 *need_nl = c != '\n';
1626 if (t != USEC_INFINITY) {
1627 if (fd_wait_for_event(fileno(f), POLLIN, t) <= 0)
1632 if (!fgets(line, sizeof(line), f))
1633 return errno ? -errno : -EIO;
1637 if (strlen(line) != 1)
1647 int ask_char(char *ret, const char *replies, const char *text, ...) {
1657 bool need_nl = true;
1660 fputs(ANSI_HIGHLIGHT_ON, stdout);
1667 fputs(ANSI_HIGHLIGHT_OFF, stdout);
1671 r = read_one_char(stdin, &c, USEC_INFINITY, &need_nl);
1674 if (r == -EBADMSG) {
1675 puts("Bad input, please try again.");
1686 if (strchr(replies, c)) {
1691 puts("Read unexpected character, please try again.");
1695 int ask_string(char **ret, const char *text, ...) {
1700 char line[LINE_MAX];
1704 fputs(ANSI_HIGHLIGHT_ON, stdout);
1711 fputs(ANSI_HIGHLIGHT_OFF, stdout);
1716 if (!fgets(line, sizeof(line), stdin))
1717 return errno ? -errno : -EIO;
1719 if (!endswith(line, "\n"))
1738 int reset_terminal_fd(int fd, bool switch_to_text) {
1739 struct termios termios;
1742 /* Set terminal to some sane defaults */
1746 /* We leave locked terminal attributes untouched, so that
1747 * Plymouth may set whatever it wants to set, and we don't
1748 * interfere with that. */
1750 /* Disable exclusive mode, just in case */
1751 ioctl(fd, TIOCNXCL);
1753 /* Switch to text mode */
1755 ioctl(fd, KDSETMODE, KD_TEXT);
1757 /* Enable console unicode mode */
1758 ioctl(fd, KDSKBMODE, K_UNICODE);
1760 if (tcgetattr(fd, &termios) < 0) {
1765 /* We only reset the stuff that matters to the software. How
1766 * hardware is set up we don't touch assuming that somebody
1767 * else will do that for us */
1769 termios.c_iflag &= ~(IGNBRK | BRKINT | ISTRIP | INLCR | IGNCR | IUCLC);
1770 termios.c_iflag |= ICRNL | IMAXBEL | IUTF8;
1771 termios.c_oflag |= ONLCR;
1772 termios.c_cflag |= CREAD;
1773 termios.c_lflag = ISIG | ICANON | IEXTEN | ECHO | ECHOE | ECHOK | ECHOCTL | ECHOPRT | ECHOKE;
1775 termios.c_cc[VINTR] = 03; /* ^C */
1776 termios.c_cc[VQUIT] = 034; /* ^\ */
1777 termios.c_cc[VERASE] = 0177;
1778 termios.c_cc[VKILL] = 025; /* ^X */
1779 termios.c_cc[VEOF] = 04; /* ^D */
1780 termios.c_cc[VSTART] = 021; /* ^Q */
1781 termios.c_cc[VSTOP] = 023; /* ^S */
1782 termios.c_cc[VSUSP] = 032; /* ^Z */
1783 termios.c_cc[VLNEXT] = 026; /* ^V */
1784 termios.c_cc[VWERASE] = 027; /* ^W */
1785 termios.c_cc[VREPRINT] = 022; /* ^R */
1786 termios.c_cc[VEOL] = 0;
1787 termios.c_cc[VEOL2] = 0;
1789 termios.c_cc[VTIME] = 0;
1790 termios.c_cc[VMIN] = 1;
1792 if (tcsetattr(fd, TCSANOW, &termios) < 0)
1796 /* Just in case, flush all crap out */
1797 tcflush(fd, TCIOFLUSH);
1802 int reset_terminal(const char *name) {
1803 _cleanup_close_ int fd = -1;
1805 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
1809 return reset_terminal_fd(fd, true);
1812 int open_terminal(const char *name, int mode) {
1817 * If a TTY is in the process of being closed opening it might
1818 * cause EIO. This is horribly awful, but unlikely to be
1819 * changed in the kernel. Hence we work around this problem by
1820 * retrying a couple of times.
1822 * https://bugs.launchpad.net/ubuntu/+source/linux/+bug/554172/comments/245
1825 assert(!(mode & O_CREAT));
1828 fd = open(name, mode, 0);
1835 /* Max 1s in total */
1839 usleep(50 * USEC_PER_MSEC);
1860 int flush_fd(int fd) {
1861 struct pollfd pollfd = {
1871 r = poll(&pollfd, 1, 0);
1881 l = read(fd, buf, sizeof(buf));
1887 if (errno == EAGAIN)
1896 int acquire_terminal(
1900 bool ignore_tiocstty_eperm,
1903 int fd = -1, notify = -1, r = 0, wd = -1;
1908 /* We use inotify to be notified when the tty is closed. We
1909 * create the watch before checking if we can actually acquire
1910 * it, so that we don't lose any event.
1912 * Note: strictly speaking this actually watches for the
1913 * device being closed, it does *not* really watch whether a
1914 * tty loses its controlling process. However, unless some
1915 * rogue process uses TIOCNOTTY on /dev/tty *after* closing
1916 * its tty otherwise this will not become a problem. As long
1917 * as the administrator makes sure not configure any service
1918 * on the same tty as an untrusted user this should not be a
1919 * problem. (Which he probably should not do anyway.) */
1921 if (timeout != USEC_INFINITY)
1922 ts = now(CLOCK_MONOTONIC);
1924 if (!fail && !force) {
1925 notify = inotify_init1(IN_CLOEXEC | (timeout != USEC_INFINITY ? IN_NONBLOCK : 0));
1931 wd = inotify_add_watch(notify, name, IN_CLOSE);
1939 struct sigaction sa_old, sa_new = {
1940 .sa_handler = SIG_IGN,
1941 .sa_flags = SA_RESTART,
1945 r = flush_fd(notify);
1950 /* We pass here O_NOCTTY only so that we can check the return
1951 * value TIOCSCTTY and have a reliable way to figure out if we
1952 * successfully became the controlling process of the tty */
1953 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
1957 /* Temporarily ignore SIGHUP, so that we don't get SIGHUP'ed
1958 * if we already own the tty. */
1959 assert_se(sigaction(SIGHUP, &sa_new, &sa_old) == 0);
1961 /* First, try to get the tty */
1962 if (ioctl(fd, TIOCSCTTY, force) < 0)
1965 assert_se(sigaction(SIGHUP, &sa_old, NULL) == 0);
1967 /* Sometimes it makes sense to ignore TIOCSCTTY
1968 * returning EPERM, i.e. when very likely we already
1969 * are have this controlling terminal. */
1970 if (r < 0 && r == -EPERM && ignore_tiocstty_eperm)
1973 if (r < 0 && (force || fail || r != -EPERM)) {
1982 assert(notify >= 0);
1985 uint8_t inotify_buffer[sizeof(struct inotify_event) + FILENAME_MAX];
1987 struct inotify_event *e;
1989 if (timeout != USEC_INFINITY) {
1992 n = now(CLOCK_MONOTONIC);
1993 if (ts + timeout < n) {
1998 r = fd_wait_for_event(fd, POLLIN, ts + timeout - n);
2008 l = read(notify, inotify_buffer, sizeof(inotify_buffer));
2011 if (errno == EINTR || errno == EAGAIN)
2018 e = (struct inotify_event*) inotify_buffer;
2023 if (e->wd != wd || !(e->mask & IN_CLOSE)) {
2028 step = sizeof(struct inotify_event) + e->len;
2029 assert(step <= (size_t) l);
2031 e = (struct inotify_event*) ((uint8_t*) e + step);
2038 /* We close the tty fd here since if the old session
2039 * ended our handle will be dead. It's important that
2040 * we do this after sleeping, so that we don't enter
2041 * an endless loop. */
2047 r = reset_terminal_fd(fd, true);
2049 log_warning("Failed to reset terminal: %s", strerror(-r));
2060 int release_terminal(void) {
2062 struct sigaction sa_old, sa_new = {
2063 .sa_handler = SIG_IGN,
2064 .sa_flags = SA_RESTART,
2066 _cleanup_close_ int fd;
2068 fd = open("/dev/tty", O_RDWR|O_NOCTTY|O_NDELAY|O_CLOEXEC);
2072 /* Temporarily ignore SIGHUP, so that we don't get SIGHUP'ed
2073 * by our own TIOCNOTTY */
2074 assert_se(sigaction(SIGHUP, &sa_new, &sa_old) == 0);
2076 if (ioctl(fd, TIOCNOTTY) < 0)
2079 assert_se(sigaction(SIGHUP, &sa_old, NULL) == 0);
2084 int sigaction_many(const struct sigaction *sa, ...) {
2089 while ((sig = va_arg(ap, int)) > 0)
2090 if (sigaction(sig, sa, NULL) < 0)
2097 int ignore_signals(int sig, ...) {
2098 struct sigaction sa = {
2099 .sa_handler = SIG_IGN,
2100 .sa_flags = SA_RESTART,
2105 if (sigaction(sig, &sa, NULL) < 0)
2109 while ((sig = va_arg(ap, int)) > 0)
2110 if (sigaction(sig, &sa, NULL) < 0)
2117 int default_signals(int sig, ...) {
2118 struct sigaction sa = {
2119 .sa_handler = SIG_DFL,
2120 .sa_flags = SA_RESTART,
2125 if (sigaction(sig, &sa, NULL) < 0)
2129 while ((sig = va_arg(ap, int)) > 0)
2130 if (sigaction(sig, &sa, NULL) < 0)
2137 void safe_close_pair(int p[]) {
2141 /* Special case pairs which use the same fd in both
2143 p[0] = p[1] = safe_close(p[0]);
2147 p[0] = safe_close(p[0]);
2148 p[1] = safe_close(p[1]);
2151 ssize_t loop_read(int fd, void *buf, size_t nbytes, bool do_poll) {
2158 while (nbytes > 0) {
2161 k = read(fd, p, nbytes);
2162 if (k < 0 && errno == EINTR)
2165 if (k < 0 && errno == EAGAIN && do_poll) {
2167 /* We knowingly ignore any return value here,
2168 * and expect that any error/EOF is reported
2171 fd_wait_for_event(fd, POLLIN, USEC_INFINITY);
2176 return n > 0 ? n : (k < 0 ? -errno : 0);
2186 ssize_t loop_write(int fd, const void *buf, size_t nbytes, bool do_poll) {
2187 const uint8_t *p = buf;
2193 while (nbytes > 0) {
2196 k = write(fd, p, nbytes);
2197 if (k < 0 && errno == EINTR)
2200 if (k < 0 && errno == EAGAIN && do_poll) {
2202 /* We knowingly ignore any return value here,
2203 * and expect that any error/EOF is reported
2206 fd_wait_for_event(fd, POLLOUT, USEC_INFINITY);
2211 return n > 0 ? n : (k < 0 ? -errno : 0);
2221 int parse_size(const char *t, off_t base, off_t *size) {
2223 /* Soo, sometimes we want to parse IEC binary suffxies, and
2224 * sometimes SI decimal suffixes. This function can parse
2225 * both. Which one is the right way depends on the
2226 * context. Wikipedia suggests that SI is customary for
2227 * hardrware metrics and network speeds, while IEC is
2228 * customary for most data sizes used by software and volatile
2229 * (RAM) memory. Hence be careful which one you pick!
2231 * In either case we use just K, M, G as suffix, and not Ki,
2232 * Mi, Gi or so (as IEC would suggest). That's because that's
2233 * frickin' ugly. But this means you really need to make sure
2234 * to document which base you are parsing when you use this
2239 unsigned long long factor;
2242 static const struct table iec[] = {
2243 { "E", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
2244 { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
2245 { "T", 1024ULL*1024ULL*1024ULL*1024ULL },
2246 { "G", 1024ULL*1024ULL*1024ULL },
2247 { "M", 1024ULL*1024ULL },
2253 static const struct table si[] = {
2254 { "E", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
2255 { "P", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
2256 { "T", 1000ULL*1000ULL*1000ULL*1000ULL },
2257 { "G", 1000ULL*1000ULL*1000ULL },
2258 { "M", 1000ULL*1000ULL },
2264 const struct table *table;
2266 unsigned long long r = 0;
2267 unsigned n_entries, start_pos = 0;
2270 assert(base == 1000 || base == 1024);
2275 n_entries = ELEMENTSOF(si);
2278 n_entries = ELEMENTSOF(iec);
2284 unsigned long long l2;
2290 l = strtoll(p, &e, 10);
2303 if (*e >= '0' && *e <= '9') {
2306 /* strotoull itself would accept space/+/- */
2307 l2 = strtoull(e, &e2, 10);
2309 if (errno == ERANGE)
2312 /* Ignore failure. E.g. 10.M is valid */
2319 e += strspn(e, WHITESPACE);
2321 for (i = start_pos; i < n_entries; i++)
2322 if (startswith(e, table[i].suffix)) {
2323 unsigned long long tmp;
2324 if ((unsigned long long) l + (frac > 0) > ULLONG_MAX / table[i].factor)
2326 tmp = l * table[i].factor + (unsigned long long) (frac * table[i].factor);
2327 if (tmp > ULLONG_MAX - r)
2331 if ((unsigned long long) (off_t) r != r)
2334 p = e + strlen(table[i].suffix);
2350 int make_stdio(int fd) {
2355 r = dup3(fd, STDIN_FILENO, 0);
2356 s = dup3(fd, STDOUT_FILENO, 0);
2357 t = dup3(fd, STDERR_FILENO, 0);
2362 if (r < 0 || s < 0 || t < 0)
2365 /* We rely here that the new fd has O_CLOEXEC not set */
2370 int make_null_stdio(void) {
2373 null_fd = open("/dev/null", O_RDWR|O_NOCTTY);
2377 return make_stdio(null_fd);
2380 bool is_device_path(const char *path) {
2382 /* Returns true on paths that refer to a device, either in
2383 * sysfs or in /dev */
2386 path_startswith(path, "/dev/") ||
2387 path_startswith(path, "/sys/");
2390 int dir_is_empty(const char *path) {
2391 _cleanup_closedir_ DIR *d;
2402 if (!de && errno != 0)
2408 if (!ignore_file(de->d_name))
2413 char* dirname_malloc(const char *path) {
2414 char *d, *dir, *dir2;
2431 int dev_urandom(void *p, size_t n) {
2432 _cleanup_close_ int fd;
2435 fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC|O_NOCTTY);
2437 return errno == ENOENT ? -ENOSYS : -errno;
2439 k = loop_read(fd, p, n, true);
2442 if ((size_t) k != n)
2448 void random_bytes(void *p, size_t n) {
2449 static bool srand_called = false;
2453 r = dev_urandom(p, n);
2457 /* If some idiot made /dev/urandom unavailable to us, he'll
2458 * get a PRNG instead. */
2460 if (!srand_called) {
2463 #ifdef HAVE_SYS_AUXV_H
2464 /* The kernel provides us with a bit of entropy in
2465 * auxv, so let's try to make use of that to seed the
2466 * pseudo-random generator. It's better than
2471 auxv = (void*) getauxval(AT_RANDOM);
2473 x ^= *(unsigned*) auxv;
2476 x ^= (unsigned) now(CLOCK_REALTIME);
2477 x ^= (unsigned) gettid();
2480 srand_called = true;
2483 for (q = p; q < (uint8_t*) p + n; q ++)
2487 void rename_process(const char name[8]) {
2490 /* This is a like a poor man's setproctitle(). It changes the
2491 * comm field, argv[0], and also the glibc's internally used
2492 * name of the process. For the first one a limit of 16 chars
2493 * applies, to the second one usually one of 10 (i.e. length
2494 * of "/sbin/init"), to the third one one of 7 (i.e. length of
2495 * "systemd"). If you pass a longer string it will be
2498 prctl(PR_SET_NAME, name);
2500 if (program_invocation_name)
2501 strncpy(program_invocation_name, name, strlen(program_invocation_name));
2503 if (saved_argc > 0) {
2507 strncpy(saved_argv[0], name, strlen(saved_argv[0]));
2509 for (i = 1; i < saved_argc; i++) {
2513 memzero(saved_argv[i], strlen(saved_argv[i]));
2518 void sigset_add_many(sigset_t *ss, ...) {
2525 while ((sig = va_arg(ap, int)) > 0)
2526 assert_se(sigaddset(ss, sig) == 0);
2530 int sigprocmask_many(int how, ...) {
2535 assert_se(sigemptyset(&ss) == 0);
2538 while ((sig = va_arg(ap, int)) > 0)
2539 assert_se(sigaddset(&ss, sig) == 0);
2542 if (sigprocmask(how, &ss, NULL) < 0)
2548 char* gethostname_malloc(void) {
2551 assert_se(uname(&u) >= 0);
2553 if (!isempty(u.nodename) && !streq(u.nodename, "(none)"))
2554 return strdup(u.nodename);
2556 return strdup(u.sysname);
2559 bool hostname_is_set(void) {
2562 assert_se(uname(&u) >= 0);
2564 return !isempty(u.nodename) && !streq(u.nodename, "(none)");
2567 static char *lookup_uid(uid_t uid) {
2570 _cleanup_free_ char *buf = NULL;
2571 struct passwd pwbuf, *pw = NULL;
2573 /* Shortcut things to avoid NSS lookups */
2575 return strdup("root");
2577 bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
2581 buf = malloc(bufsize);
2585 if (getpwuid_r(uid, &pwbuf, buf, bufsize, &pw) == 0 && pw)
2586 return strdup(pw->pw_name);
2588 if (asprintf(&name, UID_FMT, uid) < 0)
2594 char* getlogname_malloc(void) {
2598 if (isatty(STDIN_FILENO) && fstat(STDIN_FILENO, &st) >= 0)
2603 return lookup_uid(uid);
2606 char *getusername_malloc(void) {
2613 return lookup_uid(getuid());
2616 int getttyname_malloc(int fd, char **r) {
2617 char path[PATH_MAX], *c;
2622 k = ttyname_r(fd, path, sizeof(path));
2628 c = strdup(startswith(path, "/dev/") ? path + 5 : path);
2636 int getttyname_harder(int fd, char **r) {
2640 k = getttyname_malloc(fd, &s);
2644 if (streq(s, "tty")) {
2646 return get_ctty(0, NULL, r);
2653 int get_ctty_devnr(pid_t pid, dev_t *d) {
2655 _cleanup_free_ char *line = NULL;
2657 unsigned long ttynr;
2661 p = procfs_file_alloca(pid, "stat");
2662 r = read_one_line_file(p, &line);
2666 p = strrchr(line, ')');
2676 "%*d " /* session */
2681 if (major(ttynr) == 0 && minor(ttynr) == 0)
2690 int get_ctty(pid_t pid, dev_t *_devnr, char **r) {
2691 char fn[sizeof("/dev/char/")-1 + 2*DECIMAL_STR_MAX(unsigned) + 1 + 1], *b = NULL;
2692 _cleanup_free_ char *s = NULL;
2699 k = get_ctty_devnr(pid, &devnr);
2703 snprintf(fn, sizeof(fn), "/dev/char/%u:%u", major(devnr), minor(devnr));
2705 k = readlink_malloc(fn, &s);
2711 /* This is an ugly hack */
2712 if (major(devnr) == 136) {
2713 asprintf(&b, "pts/%u", minor(devnr));
2717 /* Probably something like the ptys which have no
2718 * symlink in /dev/char. Let's return something
2719 * vaguely useful. */
2725 if (startswith(s, "/dev/"))
2727 else if (startswith(s, "../"))
2745 int rm_rf_children_dangerous(int fd, bool only_dirs, bool honour_sticky, struct stat *root_dev) {
2746 _cleanup_closedir_ DIR *d = NULL;
2751 /* This returns the first error we run into, but nevertheless
2752 * tries to go on. This closes the passed fd. */
2758 return errno == ENOENT ? 0 : -errno;
2763 bool is_dir, keep_around;
2770 if (errno != 0 && ret == 0)
2775 if (streq(de->d_name, ".") || streq(de->d_name, ".."))
2778 if (de->d_type == DT_UNKNOWN ||
2780 (de->d_type == DT_DIR && root_dev)) {
2781 if (fstatat(fd, de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
2782 if (ret == 0 && errno != ENOENT)
2787 is_dir = S_ISDIR(st.st_mode);
2790 (st.st_uid == 0 || st.st_uid == getuid()) &&
2791 (st.st_mode & S_ISVTX);
2793 is_dir = de->d_type == DT_DIR;
2794 keep_around = false;
2800 /* if root_dev is set, remove subdirectories only, if device is same as dir */
2801 if (root_dev && st.st_dev != root_dev->st_dev)
2804 subdir_fd = openat(fd, de->d_name,
2805 O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
2806 if (subdir_fd < 0) {
2807 if (ret == 0 && errno != ENOENT)
2812 r = rm_rf_children_dangerous(subdir_fd, only_dirs, honour_sticky, root_dev);
2813 if (r < 0 && ret == 0)
2817 if (unlinkat(fd, de->d_name, AT_REMOVEDIR) < 0) {
2818 if (ret == 0 && errno != ENOENT)
2822 } else if (!only_dirs && !keep_around) {
2824 if (unlinkat(fd, de->d_name, 0) < 0) {
2825 if (ret == 0 && errno != ENOENT)
2832 _pure_ static int is_temporary_fs(struct statfs *s) {
2835 return F_TYPE_EQUAL(s->f_type, TMPFS_MAGIC) ||
2836 F_TYPE_EQUAL(s->f_type, RAMFS_MAGIC);
2839 int rm_rf_children(int fd, bool only_dirs, bool honour_sticky, struct stat *root_dev) {
2844 if (fstatfs(fd, &s) < 0) {
2849 /* We refuse to clean disk file systems with this call. This
2850 * is extra paranoia just to be sure we never ever remove
2852 if (!is_temporary_fs(&s)) {
2853 log_error("Attempted to remove disk file system, and we can't allow that.");
2858 return rm_rf_children_dangerous(fd, only_dirs, honour_sticky, root_dev);
2861 static int rm_rf_internal(const char *path, bool only_dirs, bool delete_root, bool honour_sticky, bool dangerous) {
2867 /* We refuse to clean the root file system with this
2868 * call. This is extra paranoia to never cause a really
2869 * seriously broken system. */
2870 if (path_equal(path, "/")) {
2871 log_error("Attempted to remove entire root file system, and we can't allow that.");
2875 fd = open(path, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
2878 if (errno != ENOTDIR)
2882 if (statfs(path, &s) < 0)
2885 if (!is_temporary_fs(&s)) {
2886 log_error("Attempted to remove disk file system, and we can't allow that.");
2891 if (delete_root && !only_dirs)
2892 if (unlink(path) < 0 && errno != ENOENT)
2899 if (fstatfs(fd, &s) < 0) {
2904 if (!is_temporary_fs(&s)) {
2905 log_error("Attempted to remove disk file system, and we can't allow that.");
2911 r = rm_rf_children_dangerous(fd, only_dirs, honour_sticky, NULL);
2914 if (honour_sticky && file_is_priv_sticky(path) > 0)
2917 if (rmdir(path) < 0 && errno != ENOENT) {
2926 int rm_rf(const char *path, bool only_dirs, bool delete_root, bool honour_sticky) {
2927 return rm_rf_internal(path, only_dirs, delete_root, honour_sticky, false);
2930 int rm_rf_dangerous(const char *path, bool only_dirs, bool delete_root, bool honour_sticky) {
2931 return rm_rf_internal(path, only_dirs, delete_root, honour_sticky, true);
2934 int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid) {
2937 /* Under the assumption that we are running privileged we
2938 * first change the access mode and only then hand out
2939 * ownership to avoid a window where access is too open. */
2941 if (mode != (mode_t) -1)
2942 if (chmod(path, mode) < 0)
2945 if (uid != (uid_t) -1 || gid != (gid_t) -1)
2946 if (chown(path, uid, gid) < 0)
2952 int fchmod_and_fchown(int fd, mode_t mode, uid_t uid, gid_t gid) {
2955 /* Under the assumption that we are running privileged we
2956 * first change the access mode and only then hand out
2957 * ownership to avoid a window where access is too open. */
2959 if (mode != (mode_t) -1)
2960 if (fchmod(fd, mode) < 0)
2963 if (uid != (uid_t) -1 || gid != (gid_t) -1)
2964 if (fchown(fd, uid, gid) < 0)
2970 cpu_set_t* cpu_set_malloc(unsigned *ncpus) {
2974 /* Allocates the cpuset in the right size */
2977 if (!(r = CPU_ALLOC(n)))
2980 if (sched_getaffinity(0, CPU_ALLOC_SIZE(n), r) >= 0) {
2981 CPU_ZERO_S(CPU_ALLOC_SIZE(n), r);
2991 if (errno != EINVAL)
2998 int status_vprintf(const char *status, bool ellipse, bool ephemeral, const char *format, va_list ap) {
2999 static const char status_indent[] = " "; /* "[" STATUS "] " */
3000 _cleanup_free_ char *s = NULL;
3001 _cleanup_close_ int fd = -1;
3002 struct iovec iovec[6] = {};
3004 static bool prev_ephemeral;
3008 /* This is independent of logging, as status messages are
3009 * optional and go exclusively to the console. */
3011 if (vasprintf(&s, format, ap) < 0)
3014 fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
3027 sl = status ? sizeof(status_indent)-1 : 0;
3033 e = ellipsize(s, emax, 75);
3041 IOVEC_SET_STRING(iovec[n++], "\r" ANSI_ERASE_TO_END_OF_LINE);
3042 prev_ephemeral = ephemeral;
3045 if (!isempty(status)) {
3046 IOVEC_SET_STRING(iovec[n++], "[");
3047 IOVEC_SET_STRING(iovec[n++], status);
3048 IOVEC_SET_STRING(iovec[n++], "] ");
3050 IOVEC_SET_STRING(iovec[n++], status_indent);
3053 IOVEC_SET_STRING(iovec[n++], s);
3055 IOVEC_SET_STRING(iovec[n++], "\n");
3057 if (writev(fd, iovec, n) < 0)
3063 int status_printf(const char *status, bool ellipse, bool ephemeral, const char *format, ...) {
3069 va_start(ap, format);
3070 r = status_vprintf(status, ellipse, ephemeral, format, ap);
3076 char *replace_env(const char *format, char **env) {
3083 const char *e, *word = format;
3088 for (e = format; *e; e ++) {
3099 if (!(k = strnappend(r, word, e-word-1)))
3108 } else if (*e == '$') {
3109 if (!(k = strnappend(r, word, e-word)))
3125 t = strempty(strv_env_get_n(env, word+2, e-word-2));
3127 k = strappend(r, t);
3141 if (!(k = strnappend(r, word, e-word)))
3152 char **replace_env_argv(char **argv, char **env) {
3154 unsigned k = 0, l = 0;
3156 l = strv_length(argv);
3158 if (!(r = new(char*, l+1)))
3161 STRV_FOREACH(i, argv) {
3163 /* If $FOO appears as single word, replace it by the split up variable */
3164 if ((*i)[0] == '$' && (*i)[1] != '{') {
3169 e = strv_env_get(env, *i+1);
3172 if (!(m = strv_split_quoted(e))) {
3183 if (!(w = realloc(r, sizeof(char*) * (l+1)))) {
3192 memcpy(r + k, m, q * sizeof(char*));
3200 /* If ${FOO} appears as part of a word, replace it by the variable as-is */
3201 if (!(r[k++] = replace_env(*i, env))) {
3211 int fd_columns(int fd) {
3212 struct winsize ws = {};
3214 if (ioctl(fd, TIOCGWINSZ, &ws) < 0)
3223 unsigned columns(void) {
3227 if (_likely_(cached_columns > 0))
3228 return cached_columns;
3231 e = getenv("COLUMNS");
3236 c = fd_columns(STDOUT_FILENO);
3245 int fd_lines(int fd) {
3246 struct winsize ws = {};
3248 if (ioctl(fd, TIOCGWINSZ, &ws) < 0)
3257 unsigned lines(void) {
3261 if (_likely_(cached_lines > 0))
3262 return cached_lines;
3265 e = getenv("LINES");
3270 l = fd_lines(STDOUT_FILENO);
3276 return cached_lines;
3279 /* intended to be used as a SIGWINCH sighandler */
3280 void columns_lines_cache_reset(int signum) {
3286 static int cached_on_tty = -1;
3288 if (_unlikely_(cached_on_tty < 0))
3289 cached_on_tty = isatty(STDOUT_FILENO) > 0;
3291 return cached_on_tty;
3294 int files_same(const char *filea, const char *fileb) {
3297 if (stat(filea, &a) < 0)
3300 if (stat(fileb, &b) < 0)
3303 return a.st_dev == b.st_dev &&
3304 a.st_ino == b.st_ino;
3307 int running_in_chroot(void) {
3310 ret = files_same("/proc/1/root", "/");
3317 static char *ascii_ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigned percent) {
3322 assert(percent <= 100);
3323 assert(new_length >= 3);
3325 if (old_length <= 3 || old_length <= new_length)
3326 return strndup(s, old_length);
3328 r = new0(char, new_length+1);
3332 x = (new_length * percent) / 100;
3334 if (x > new_length - 3)
3342 s + old_length - (new_length - x - 3),
3343 new_length - x - 3);
3348 char *ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigned percent) {
3352 unsigned k, len, len2;
3355 assert(percent <= 100);
3356 assert(new_length >= 3);
3358 /* if no multibyte characters use ascii_ellipsize_mem for speed */
3359 if (ascii_is_valid(s))
3360 return ascii_ellipsize_mem(s, old_length, new_length, percent);
3362 if (old_length <= 3 || old_length <= new_length)
3363 return strndup(s, old_length);
3365 x = (new_length * percent) / 100;
3367 if (x > new_length - 3)
3371 for (i = s; k < x && i < s + old_length; i = utf8_next_char(i)) {
3374 c = utf8_encoded_to_unichar(i);
3377 k += unichar_iswide(c) ? 2 : 1;
3380 if (k > x) /* last character was wide and went over quota */
3383 for (j = s + old_length; k < new_length && j > i; ) {
3386 j = utf8_prev_char(j);
3387 c = utf8_encoded_to_unichar(j);
3390 k += unichar_iswide(c) ? 2 : 1;
3394 /* we don't actually need to ellipsize */
3396 return memdup(s, old_length + 1);
3398 /* make space for ellipsis */
3399 j = utf8_next_char(j);
3402 len2 = s + old_length - j;
3403 e = new(char, len + 3 + len2 + 1);
3408 printf("old_length=%zu new_length=%zu x=%zu len=%u len2=%u k=%u\n",
3409 old_length, new_length, x, len, len2, k);
3413 e[len] = 0xe2; /* tri-dot ellipsis: … */
3417 memcpy(e + len + 3, j, len2 + 1);
3422 char *ellipsize(const char *s, size_t length, unsigned percent) {
3423 return ellipsize_mem(s, strlen(s), length, percent);
3426 int touch_file(const char *path, bool parents, usec_t stamp, uid_t uid, gid_t gid, mode_t mode) {
3427 _cleanup_close_ int fd;
3433 mkdir_parents(path, 0755);
3435 fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY, mode > 0 ? mode : 0644);
3440 r = fchmod(fd, mode);
3445 if (uid != (uid_t) -1 || gid != (gid_t) -1) {
3446 r = fchown(fd, uid, gid);
3451 if (stamp != USEC_INFINITY) {
3452 struct timespec ts[2];
3454 timespec_store(&ts[0], stamp);
3456 r = futimens(fd, ts);
3458 r = futimens(fd, NULL);
3465 int touch(const char *path) {
3466 return touch_file(path, false, USEC_INFINITY, (uid_t) -1, (gid_t) -1, 0);
3469 char *unquote(const char *s, const char* quotes) {
3473 /* This is rather stupid, simply removes the heading and
3474 * trailing quotes if there is one. Doesn't care about
3475 * escaping or anything. We should make this smarter one
3482 if (strchr(quotes, s[0]) && s[l-1] == s[0])
3483 return strndup(s+1, l-2);
3488 char *normalize_env_assignment(const char *s) {
3489 _cleanup_free_ char *name = NULL, *value = NULL, *p = NULL;
3492 eq = strchr(s, '=');
3504 memmove(r, t, strlen(t) + 1);
3508 name = strndup(s, eq - s);
3516 value = unquote(strstrip(p), QUOTES);
3520 if (asprintf(&r, "%s=%s", strstrip(name), value) < 0)
3526 int wait_for_terminate(pid_t pid, siginfo_t *status) {
3537 if (waitid(P_PID, pid, status, WEXITED) < 0) {
3551 * < 0 : wait_for_terminate() failed to get the state of the
3552 * process, the process was terminated by a signal, or
3553 * failed for an unknown reason.
3554 * >=0 : The process terminated normally, and its exit code is
3557 * That is, success is indicated by a return value of zero, and an
3558 * error is indicated by a non-zero value.
3560 int wait_for_terminate_and_warn(const char *name, pid_t pid) {
3567 r = wait_for_terminate(pid, &status);
3569 log_warning("Failed to wait for %s: %s", name, strerror(-r));
3573 if (status.si_code == CLD_EXITED) {
3574 if (status.si_status != 0) {
3575 log_warning("%s failed with error code %i.", name, status.si_status);
3576 return status.si_status;
3579 log_debug("%s succeeded.", name);
3582 } else if (status.si_code == CLD_KILLED ||
3583 status.si_code == CLD_DUMPED) {
3585 log_warning("%s terminated by signal %s.", name, signal_to_string(status.si_status));
3589 log_warning("%s failed due to unknown reason.", name);
3593 noreturn void freeze(void) {
3595 /* Make sure nobody waits for us on a socket anymore */
3596 close_all_fds(NULL, 0);
3604 bool null_or_empty(struct stat *st) {
3607 if (S_ISREG(st->st_mode) && st->st_size <= 0)
3610 if (S_ISCHR(st->st_mode) || S_ISBLK(st->st_mode))
3616 int null_or_empty_path(const char *fn) {
3621 if (stat(fn, &st) < 0)
3624 return null_or_empty(&st);
3627 int null_or_empty_fd(int fd) {
3632 if (fstat(fd, &st) < 0)
3635 return null_or_empty(&st);
3638 DIR *xopendirat(int fd, const char *name, int flags) {
3642 assert(!(flags & O_CREAT));
3644 nfd = openat(fd, name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|flags, 0);
3657 int signal_from_string_try_harder(const char *s) {
3661 signo = signal_from_string(s);
3663 if (startswith(s, "SIG"))
3664 return signal_from_string(s+3);
3669 static char *tag_to_udev_node(const char *tagvalue, const char *by) {
3670 _cleanup_free_ char *t = NULL, *u = NULL;
3673 u = unquote(tagvalue, "\"\'");
3677 enc_len = strlen(u) * 4 + 1;
3678 t = new(char, enc_len);
3682 if (encode_devnode_name(u, t, enc_len) < 0)
3685 return strjoin("/dev/disk/by-", by, "/", t, NULL);
3688 char *fstab_node_to_udev_node(const char *p) {
3691 if (startswith(p, "LABEL="))
3692 return tag_to_udev_node(p+6, "label");
3694 if (startswith(p, "UUID="))
3695 return tag_to_udev_node(p+5, "uuid");
3697 if (startswith(p, "PARTUUID="))
3698 return tag_to_udev_node(p+9, "partuuid");
3700 if (startswith(p, "PARTLABEL="))
3701 return tag_to_udev_node(p+10, "partlabel");
3706 bool tty_is_vc(const char *tty) {
3709 return vtnr_from_tty(tty) >= 0;
3712 bool tty_is_console(const char *tty) {
3715 if (startswith(tty, "/dev/"))
3718 return streq(tty, "console");
3721 int vtnr_from_tty(const char *tty) {
3726 if (startswith(tty, "/dev/"))
3729 if (!startswith(tty, "tty") )
3732 if (tty[3] < '0' || tty[3] > '9')
3735 r = safe_atoi(tty+3, &i);
3739 if (i < 0 || i > 63)
3745 char *resolve_dev_console(char **active) {
3748 /* Resolve where /dev/console is pointing to, if /sys is actually ours
3749 * (i.e. not read-only-mounted which is a sign for container setups) */
3751 if (path_is_read_only_fs("/sys") > 0)
3754 if (read_one_line_file("/sys/class/tty/console/active", active) < 0)
3757 /* If multiple log outputs are configured the last one is what
3758 * /dev/console points to */
3759 tty = strrchr(*active, ' ');
3765 if (streq(tty, "tty0")) {
3768 /* Get the active VC (e.g. tty1) */
3769 if (read_one_line_file("/sys/class/tty/tty0/active", &tmp) >= 0) {
3771 tty = *active = tmp;
3778 bool tty_is_vc_resolve(const char *tty) {
3779 _cleanup_free_ char *active = NULL;
3783 if (startswith(tty, "/dev/"))
3786 if (streq(tty, "console")) {
3787 tty = resolve_dev_console(&active);
3792 return tty_is_vc(tty);
3795 const char *default_term_for_tty(const char *tty) {
3798 return tty_is_vc_resolve(tty) ? "TERM=linux" : "TERM=vt102";
3801 bool dirent_is_file(const struct dirent *de) {
3804 if (ignore_file(de->d_name))
3807 if (de->d_type != DT_REG &&
3808 de->d_type != DT_LNK &&
3809 de->d_type != DT_UNKNOWN)
3815 bool dirent_is_file_with_suffix(const struct dirent *de, const char *suffix) {
3818 if (de->d_type != DT_REG &&
3819 de->d_type != DT_LNK &&
3820 de->d_type != DT_UNKNOWN)
3823 if (ignore_file_allow_backup(de->d_name))
3826 return endswith(de->d_name, suffix);
3829 void execute_directory(const char *directory, DIR *d, usec_t timeout, char *argv[]) {
3835 /* Executes all binaries in a directory in parallel and waits
3836 * for them to finish. Optionally a timeout is applied. */
3838 executor_pid = fork();
3839 if (executor_pid < 0) {
3840 log_error("Failed to fork: %m");
3843 } else if (executor_pid == 0) {
3844 _cleanup_hashmap_free_free_ Hashmap *pids = NULL;
3845 _cleanup_closedir_ DIR *_d = NULL;
3849 /* We fork this all off from a child process so that
3850 * we can somewhat cleanly make use of SIGALRM to set
3853 reset_all_signal_handlers();
3855 assert_se(sigemptyset(&ss) == 0);
3856 assert_se(sigprocmask(SIG_SETMASK, &ss, NULL) == 0);
3858 assert_se(prctl(PR_SET_PDEATHSIG, SIGTERM) == 0);
3861 d = _d = opendir(directory);
3863 if (errno == ENOENT)
3864 _exit(EXIT_SUCCESS);
3866 log_error("Failed to enumerate directory %s: %m", directory);
3867 _exit(EXIT_FAILURE);
3871 pids = hashmap_new(NULL, NULL);
3874 _exit(EXIT_FAILURE);
3877 FOREACH_DIRENT(de, d, break) {
3878 _cleanup_free_ char *path = NULL;
3881 if (!dirent_is_file(de))
3884 path = strjoin(directory, "/", de->d_name, NULL);
3887 _exit(EXIT_FAILURE);
3892 log_error("Failed to fork: %m");
3894 } else if (pid == 0) {
3897 assert_se(prctl(PR_SET_PDEATHSIG, SIGTERM) == 0);
3907 log_error("Failed to execute %s: %m", path);
3908 _exit(EXIT_FAILURE);
3912 log_debug("Spawned %s as " PID_FMT ".", path, pid);
3914 r = hashmap_put(pids, UINT_TO_PTR(pid), path);
3917 _exit(EXIT_FAILURE);
3923 /* Abort execution of this process after the
3924 * timout. We simply rely on SIGALRM as default action
3925 * terminating the process, and turn on alarm(). */
3927 if (timeout != USEC_INFINITY)
3928 alarm((timeout + USEC_PER_SEC - 1) / USEC_PER_SEC);
3930 while (!hashmap_isempty(pids)) {
3931 _cleanup_free_ char *path = NULL;
3934 pid = PTR_TO_UINT(hashmap_first_key(pids));
3937 path = hashmap_remove(pids, UINT_TO_PTR(pid));
3940 wait_for_terminate_and_warn(path, pid);
3943 _exit(EXIT_SUCCESS);
3946 wait_for_terminate_and_warn(directory, executor_pid);
3949 int kill_and_sigcont(pid_t pid, int sig) {
3952 r = kill(pid, sig) < 0 ? -errno : 0;
3960 bool nulstr_contains(const char*nulstr, const char *needle) {
3966 NULSTR_FOREACH(i, nulstr)
3967 if (streq(i, needle))
3973 bool plymouth_running(void) {
3974 return access("/run/plymouth/pid", F_OK) >= 0;
3977 char* strshorten(char *s, size_t l) {
3986 static bool hostname_valid_char(char c) {
3988 (c >= 'a' && c <= 'z') ||
3989 (c >= 'A' && c <= 'Z') ||
3990 (c >= '0' && c <= '9') ||
3996 bool hostname_is_valid(const char *s) {
4003 for (p = s, dot = true; *p; p++) {
4010 if (!hostname_valid_char(*p))
4020 if (p-s > HOST_NAME_MAX)
4026 char* hostname_cleanup(char *s, bool lowercase) {
4030 for (p = s, d = s, dot = true; *p; p++) {
4037 } else if (hostname_valid_char(*p)) {
4038 *(d++) = lowercase ? tolower(*p) : *p;
4049 strshorten(s, HOST_NAME_MAX);
4054 bool machine_name_is_valid(const char *s) {
4056 if (!hostname_is_valid(s))
4059 /* Machine names should be useful hostnames, but also be
4060 * useful in unit names, hence we enforce a stricter length
4069 int pipe_eof(int fd) {
4070 struct pollfd pollfd = {
4072 .events = POLLIN|POLLHUP,
4077 r = poll(&pollfd, 1, 0);
4084 return pollfd.revents & POLLHUP;
4087 int fd_wait_for_event(int fd, int event, usec_t t) {
4089 struct pollfd pollfd = {
4097 r = ppoll(&pollfd, 1, t == USEC_INFINITY ? NULL : timespec_store(&ts, t), NULL);
4104 return pollfd.revents;
4107 int fopen_temporary(const char *path, FILE **_f, char **_temp_path) {
4116 t = tempfn_xxxxxx(path);
4120 fd = mkostemp_safe(t, O_WRONLY|O_CLOEXEC);
4126 f = fdopen(fd, "we");
4139 int terminal_vhangup_fd(int fd) {
4142 if (ioctl(fd, TIOCVHANGUP) < 0)
4148 int terminal_vhangup(const char *name) {
4149 _cleanup_close_ int fd;
4151 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
4155 return terminal_vhangup_fd(fd);
4158 int vt_disallocate(const char *name) {
4162 /* Deallocate the VT if possible. If not possible
4163 * (i.e. because it is the active one), at least clear it
4164 * entirely (including the scrollback buffer) */
4166 if (!startswith(name, "/dev/"))
4169 if (!tty_is_vc(name)) {
4170 /* So this is not a VT. I guess we cannot deallocate
4171 * it then. But let's at least clear the screen */
4173 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
4178 "\033[r" /* clear scrolling region */
4179 "\033[H" /* move home */
4180 "\033[2J", /* clear screen */
4187 if (!startswith(name, "/dev/tty"))
4190 r = safe_atou(name+8, &u);
4197 /* Try to deallocate */
4198 fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
4202 r = ioctl(fd, VT_DISALLOCATE, u);
4211 /* Couldn't deallocate, so let's clear it fully with
4213 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
4218 "\033[r" /* clear scrolling region */
4219 "\033[H" /* move home */
4220 "\033[3J", /* clear screen including scrollback, requires Linux 2.6.40 */
4227 int symlink_atomic(const char *from, const char *to) {
4228 _cleanup_free_ char *t = NULL;
4233 t = tempfn_random(to);
4237 if (symlink(from, t) < 0)
4240 if (rename(t, to) < 0) {
4248 int mknod_atomic(const char *path, mode_t mode, dev_t dev) {
4249 _cleanup_free_ char *t = NULL;
4253 t = tempfn_random(path);
4257 if (mknod(t, mode, dev) < 0)
4260 if (rename(t, path) < 0) {
4268 int mkfifo_atomic(const char *path, mode_t mode) {
4269 _cleanup_free_ char *t = NULL;
4273 t = tempfn_random(path);
4277 if (mkfifo(t, mode) < 0)
4280 if (rename(t, path) < 0) {
4288 bool display_is_local(const char *display) {
4292 display[0] == ':' &&
4293 display[1] >= '0' &&
4297 int socket_from_display(const char *display, char **path) {
4304 if (!display_is_local(display))
4307 k = strspn(display+1, "0123456789");
4309 f = new(char, strlen("/tmp/.X11-unix/X") + k + 1);
4313 c = stpcpy(f, "/tmp/.X11-unix/X");
4314 memcpy(c, display+1, k);
4323 const char **username,
4324 uid_t *uid, gid_t *gid,
4326 const char **shell) {
4334 /* We enforce some special rules for uid=0: in order to avoid
4335 * NSS lookups for root we hardcode its data. */
4337 if (streq(*username, "root") || streq(*username, "0")) {
4355 if (parse_uid(*username, &u) >= 0) {
4359 /* If there are multiple users with the same id, make
4360 * sure to leave $USER to the configured value instead
4361 * of the first occurrence in the database. However if
4362 * the uid was configured by a numeric uid, then let's
4363 * pick the real username from /etc/passwd. */
4365 *username = p->pw_name;
4368 p = getpwnam(*username);
4372 return errno > 0 ? -errno : -ESRCH;
4384 *shell = p->pw_shell;
4389 char* uid_to_name(uid_t uid) {
4394 return strdup("root");
4398 return strdup(p->pw_name);
4400 if (asprintf(&r, UID_FMT, uid) < 0)
4406 char* gid_to_name(gid_t gid) {
4411 return strdup("root");
4415 return strdup(p->gr_name);
4417 if (asprintf(&r, GID_FMT, gid) < 0)
4423 int get_group_creds(const char **groupname, gid_t *gid) {
4429 /* We enforce some special rules for gid=0: in order to avoid
4430 * NSS lookups for root we hardcode its data. */
4432 if (streq(*groupname, "root") || streq(*groupname, "0")) {
4433 *groupname = "root";
4441 if (parse_gid(*groupname, &id) >= 0) {
4446 *groupname = g->gr_name;
4449 g = getgrnam(*groupname);
4453 return errno > 0 ? -errno : -ESRCH;
4461 int in_gid(gid_t gid) {
4463 int ngroups_max, r, i;
4465 if (getgid() == gid)
4468 if (getegid() == gid)
4471 ngroups_max = sysconf(_SC_NGROUPS_MAX);
4472 assert(ngroups_max > 0);
4474 gids = alloca(sizeof(gid_t) * ngroups_max);
4476 r = getgroups(ngroups_max, gids);
4480 for (i = 0; i < r; i++)
4487 int in_group(const char *name) {
4491 r = get_group_creds(&name, &gid);
4498 int glob_exists(const char *path) {
4499 _cleanup_globfree_ glob_t g = {};
4505 k = glob(path, GLOB_NOSORT|GLOB_BRACE, NULL, &g);
4507 if (k == GLOB_NOMATCH)
4509 else if (k == GLOB_NOSPACE)
4512 return !strv_isempty(g.gl_pathv);
4514 return errno ? -errno : -EIO;
4517 int glob_extend(char ***strv, const char *path) {
4518 _cleanup_globfree_ glob_t g = {};
4523 k = glob(path, GLOB_NOSORT|GLOB_BRACE, NULL, &g);
4525 if (k == GLOB_NOMATCH)
4527 else if (k == GLOB_NOSPACE)
4529 else if (k != 0 || strv_isempty(g.gl_pathv))
4530 return errno ? -errno : -EIO;
4532 STRV_FOREACH(p, g.gl_pathv) {
4533 k = strv_extend(strv, *p);
4541 int dirent_ensure_type(DIR *d, struct dirent *de) {
4547 if (de->d_type != DT_UNKNOWN)
4550 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
4554 S_ISREG(st.st_mode) ? DT_REG :
4555 S_ISDIR(st.st_mode) ? DT_DIR :
4556 S_ISLNK(st.st_mode) ? DT_LNK :
4557 S_ISFIFO(st.st_mode) ? DT_FIFO :
4558 S_ISSOCK(st.st_mode) ? DT_SOCK :
4559 S_ISCHR(st.st_mode) ? DT_CHR :
4560 S_ISBLK(st.st_mode) ? DT_BLK :
4566 int get_files_in_directory(const char *path, char ***list) {
4567 _cleanup_closedir_ DIR *d = NULL;
4568 size_t bufsize = 0, n = 0;
4569 _cleanup_strv_free_ char **l = NULL;
4573 /* Returns all files in a directory in *list, and the number
4574 * of files as return value. If list is NULL returns only the
4586 if (!de && errno != 0)
4591 dirent_ensure_type(d, de);
4593 if (!dirent_is_file(de))
4597 /* one extra slot is needed for the terminating NULL */
4598 if (!GREEDY_REALLOC(l, bufsize, n + 2))
4601 l[n] = strdup(de->d_name);
4612 l = NULL; /* avoid freeing */
4618 char *strjoin(const char *x, ...) {
4632 t = va_arg(ap, const char *);
4637 if (n > ((size_t) -1) - l) {
4661 t = va_arg(ap, const char *);
4675 bool is_main_thread(void) {
4676 static thread_local int cached = 0;
4678 if (_unlikely_(cached == 0))
4679 cached = getpid() == gettid() ? 1 : -1;
4684 int block_get_whole_disk(dev_t d, dev_t *ret) {
4691 /* If it has a queue this is good enough for us */
4692 if (asprintf(&p, "/sys/dev/block/%u:%u/queue", major(d), minor(d)) < 0)
4695 r = access(p, F_OK);
4703 /* If it is a partition find the originating device */
4704 if (asprintf(&p, "/sys/dev/block/%u:%u/partition", major(d), minor(d)) < 0)
4707 r = access(p, F_OK);
4713 /* Get parent dev_t */
4714 if (asprintf(&p, "/sys/dev/block/%u:%u/../dev", major(d), minor(d)) < 0)
4717 r = read_one_line_file(p, &s);
4723 r = sscanf(s, "%u:%u", &m, &n);
4729 /* Only return this if it is really good enough for us. */
4730 if (asprintf(&p, "/sys/dev/block/%u:%u/queue", m, n) < 0)
4733 r = access(p, F_OK);
4737 *ret = makedev(m, n);
4744 int file_is_priv_sticky(const char *p) {
4749 if (lstat(p, &st) < 0)
4753 (st.st_uid == 0 || st.st_uid == getuid()) &&
4754 (st.st_mode & S_ISVTX);
4757 static const char *const ioprio_class_table[] = {
4758 [IOPRIO_CLASS_NONE] = "none",
4759 [IOPRIO_CLASS_RT] = "realtime",
4760 [IOPRIO_CLASS_BE] = "best-effort",
4761 [IOPRIO_CLASS_IDLE] = "idle"
4764 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ioprio_class, int, INT_MAX);
4766 static const char *const sigchld_code_table[] = {
4767 [CLD_EXITED] = "exited",
4768 [CLD_KILLED] = "killed",
4769 [CLD_DUMPED] = "dumped",
4770 [CLD_TRAPPED] = "trapped",
4771 [CLD_STOPPED] = "stopped",
4772 [CLD_CONTINUED] = "continued",
4775 DEFINE_STRING_TABLE_LOOKUP(sigchld_code, int);
4777 static const char *const log_facility_unshifted_table[LOG_NFACILITIES] = {
4778 [LOG_FAC(LOG_KERN)] = "kern",
4779 [LOG_FAC(LOG_USER)] = "user",
4780 [LOG_FAC(LOG_MAIL)] = "mail",
4781 [LOG_FAC(LOG_DAEMON)] = "daemon",
4782 [LOG_FAC(LOG_AUTH)] = "auth",
4783 [LOG_FAC(LOG_SYSLOG)] = "syslog",
4784 [LOG_FAC(LOG_LPR)] = "lpr",
4785 [LOG_FAC(LOG_NEWS)] = "news",
4786 [LOG_FAC(LOG_UUCP)] = "uucp",
4787 [LOG_FAC(LOG_CRON)] = "cron",
4788 [LOG_FAC(LOG_AUTHPRIV)] = "authpriv",
4789 [LOG_FAC(LOG_FTP)] = "ftp",
4790 [LOG_FAC(LOG_LOCAL0)] = "local0",
4791 [LOG_FAC(LOG_LOCAL1)] = "local1",
4792 [LOG_FAC(LOG_LOCAL2)] = "local2",
4793 [LOG_FAC(LOG_LOCAL3)] = "local3",
4794 [LOG_FAC(LOG_LOCAL4)] = "local4",
4795 [LOG_FAC(LOG_LOCAL5)] = "local5",
4796 [LOG_FAC(LOG_LOCAL6)] = "local6",
4797 [LOG_FAC(LOG_LOCAL7)] = "local7"
4800 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(log_facility_unshifted, int, LOG_FAC(~0));
4802 static const char *const log_level_table[] = {
4803 [LOG_EMERG] = "emerg",
4804 [LOG_ALERT] = "alert",
4805 [LOG_CRIT] = "crit",
4807 [LOG_WARNING] = "warning",
4808 [LOG_NOTICE] = "notice",
4809 [LOG_INFO] = "info",
4810 [LOG_DEBUG] = "debug"
4813 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(log_level, int, LOG_DEBUG);
4815 static const char* const sched_policy_table[] = {
4816 [SCHED_OTHER] = "other",
4817 [SCHED_BATCH] = "batch",
4818 [SCHED_IDLE] = "idle",
4819 [SCHED_FIFO] = "fifo",
4823 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(sched_policy, int, INT_MAX);
4825 static const char* const rlimit_table[_RLIMIT_MAX] = {
4826 [RLIMIT_CPU] = "LimitCPU",
4827 [RLIMIT_FSIZE] = "LimitFSIZE",
4828 [RLIMIT_DATA] = "LimitDATA",
4829 [RLIMIT_STACK] = "LimitSTACK",
4830 [RLIMIT_CORE] = "LimitCORE",
4831 [RLIMIT_RSS] = "LimitRSS",
4832 [RLIMIT_NOFILE] = "LimitNOFILE",
4833 [RLIMIT_AS] = "LimitAS",
4834 [RLIMIT_NPROC] = "LimitNPROC",
4835 [RLIMIT_MEMLOCK] = "LimitMEMLOCK",
4836 [RLIMIT_LOCKS] = "LimitLOCKS",
4837 [RLIMIT_SIGPENDING] = "LimitSIGPENDING",
4838 [RLIMIT_MSGQUEUE] = "LimitMSGQUEUE",
4839 [RLIMIT_NICE] = "LimitNICE",
4840 [RLIMIT_RTPRIO] = "LimitRTPRIO",
4841 [RLIMIT_RTTIME] = "LimitRTTIME"
4844 DEFINE_STRING_TABLE_LOOKUP(rlimit, int);
4846 static const char* const ip_tos_table[] = {
4847 [IPTOS_LOWDELAY] = "low-delay",
4848 [IPTOS_THROUGHPUT] = "throughput",
4849 [IPTOS_RELIABILITY] = "reliability",
4850 [IPTOS_LOWCOST] = "low-cost",
4853 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ip_tos, int, 0xff);
4855 static const char *const __signal_table[] = {
4872 [SIGSTKFLT] = "STKFLT", /* Linux on SPARC doesn't know SIGSTKFLT */
4883 [SIGVTALRM] = "VTALRM",
4885 [SIGWINCH] = "WINCH",
4891 DEFINE_PRIVATE_STRING_TABLE_LOOKUP(__signal, int);
4893 const char *signal_to_string(int signo) {
4894 static thread_local char buf[sizeof("RTMIN+")-1 + DECIMAL_STR_MAX(int) + 1];
4897 name = __signal_to_string(signo);
4901 if (signo >= SIGRTMIN && signo <= SIGRTMAX)
4902 snprintf(buf, sizeof(buf), "RTMIN+%d", signo - SIGRTMIN);
4904 snprintf(buf, sizeof(buf), "%d", signo);
4909 int signal_from_string(const char *s) {
4914 signo = __signal_from_string(s);
4918 if (startswith(s, "RTMIN+")) {
4922 if (safe_atou(s, &u) >= 0) {
4923 signo = (int) u + offset;
4924 if (signo > 0 && signo < _NSIG)
4930 bool kexec_loaded(void) {
4931 bool loaded = false;
4934 if (read_one_line_file("/sys/kernel/kexec_loaded", &s) >= 0) {
4942 int strdup_or_null(const char *a, char **b) {
4960 int prot_from_flags(int flags) {
4962 switch (flags & O_ACCMODE) {
4971 return PROT_READ|PROT_WRITE;
4978 char *format_bytes(char *buf, size_t l, off_t t) {
4981 static const struct {
4985 { "E", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
4986 { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
4987 { "T", 1024ULL*1024ULL*1024ULL*1024ULL },
4988 { "G", 1024ULL*1024ULL*1024ULL },
4989 { "M", 1024ULL*1024ULL },
4993 for (i = 0; i < ELEMENTSOF(table); i++) {
4995 if (t >= table[i].factor) {
4998 (unsigned long long) (t / table[i].factor),
4999 (unsigned long long) (((t*10ULL) / table[i].factor) % 10ULL),
5006 snprintf(buf, l, "%lluB", (unsigned long long) t);
5014 void* memdup(const void *p, size_t l) {
5027 int fd_inc_sndbuf(int fd, size_t n) {
5029 socklen_t l = sizeof(value);
5031 r = getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, &l);
5032 if (r >= 0 && l == sizeof(value) && (size_t) value >= n*2)
5035 /* If we have the privileges we will ignore the kernel limit. */
5038 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
5039 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
5045 int fd_inc_rcvbuf(int fd, size_t n) {
5047 socklen_t l = sizeof(value);
5049 r = getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, &l);
5050 if (r >= 0 && l == sizeof(value) && (size_t) value >= n*2)
5053 /* If we have the privileges we will ignore the kernel limit. */
5056 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
5057 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
5062 int fork_agent(pid_t *pid, const int except[], unsigned n_except, const char *path, ...) {
5063 pid_t parent_pid, agent_pid;
5065 bool stdout_is_tty, stderr_is_tty;
5073 parent_pid = getpid();
5075 /* Spawns a temporary TTY agent, making sure it goes away when
5082 if (agent_pid != 0) {
5089 * Make sure the agent goes away when the parent dies */
5090 if (prctl(PR_SET_PDEATHSIG, SIGTERM) < 0)
5091 _exit(EXIT_FAILURE);
5093 /* Check whether our parent died before we were able
5094 * to set the death signal */
5095 if (getppid() != parent_pid)
5096 _exit(EXIT_SUCCESS);
5098 /* Don't leak fds to the agent */
5099 close_all_fds(except, n_except);
5101 stdout_is_tty = isatty(STDOUT_FILENO);
5102 stderr_is_tty = isatty(STDERR_FILENO);
5104 if (!stdout_is_tty || !stderr_is_tty) {
5105 /* Detach from stdout/stderr. and reopen
5106 * /dev/tty for them. This is important to
5107 * ensure that when systemctl is started via
5108 * popen() or a similar call that expects to
5109 * read EOF we actually do generate EOF and
5110 * not delay this indefinitely by because we
5111 * keep an unused copy of stdin around. */
5112 fd = open("/dev/tty", O_WRONLY);
5114 log_error("Failed to open /dev/tty: %m");
5115 _exit(EXIT_FAILURE);
5119 dup2(fd, STDOUT_FILENO);
5122 dup2(fd, STDERR_FILENO);
5128 /* Count arguments */
5130 for (n = 0; va_arg(ap, char*); n++)
5135 l = alloca(sizeof(char *) * (n + 1));
5137 /* Fill in arguments */
5139 for (i = 0; i <= n; i++)
5140 l[i] = va_arg(ap, char*);
5144 _exit(EXIT_FAILURE);
5147 int setrlimit_closest(int resource, const struct rlimit *rlim) {
5148 struct rlimit highest, fixed;
5152 if (setrlimit(resource, rlim) >= 0)
5158 /* So we failed to set the desired setrlimit, then let's try
5159 * to get as close as we can */
5160 assert_se(getrlimit(resource, &highest) == 0);
5162 fixed.rlim_cur = MIN(rlim->rlim_cur, highest.rlim_max);
5163 fixed.rlim_max = MIN(rlim->rlim_max, highest.rlim_max);
5165 if (setrlimit(resource, &fixed) < 0)
5171 int getenv_for_pid(pid_t pid, const char *field, char **_value) {
5172 _cleanup_fclose_ FILE *f = NULL;
5183 path = procfs_file_alloca(pid, "environ");
5185 f = fopen(path, "re");
5193 char line[LINE_MAX];
5196 for (i = 0; i < sizeof(line)-1; i++) {
5200 if (_unlikely_(c == EOF)) {
5210 if (memcmp(line, field, l) == 0 && line[l] == '=') {
5211 value = strdup(line + l + 1);
5225 bool is_valid_documentation_url(const char *url) {
5228 if (startswith(url, "http://") && url[7])
5231 if (startswith(url, "https://") && url[8])
5234 if (startswith(url, "file:") && url[5])
5237 if (startswith(url, "info:") && url[5])
5240 if (startswith(url, "man:") && url[4])
5246 bool in_initrd(void) {
5247 static int saved = -1;
5253 /* We make two checks here:
5255 * 1. the flag file /etc/initrd-release must exist
5256 * 2. the root file system must be a memory file system
5258 * The second check is extra paranoia, since misdetecting an
5259 * initrd can have bad bad consequences due the initrd
5260 * emptying when transititioning to the main systemd.
5263 saved = access("/etc/initrd-release", F_OK) >= 0 &&
5264 statfs("/", &s) >= 0 &&
5265 is_temporary_fs(&s);
5270 void warn_melody(void) {
5271 _cleanup_close_ int fd = -1;
5273 fd = open("/dev/console", O_WRONLY|O_CLOEXEC|O_NOCTTY);
5277 /* Yeah, this is synchronous. Kinda sucks. But well... */
5279 ioctl(fd, KIOCSOUND, (int)(1193180/440));
5280 usleep(125*USEC_PER_MSEC);
5282 ioctl(fd, KIOCSOUND, (int)(1193180/220));
5283 usleep(125*USEC_PER_MSEC);
5285 ioctl(fd, KIOCSOUND, (int)(1193180/220));
5286 usleep(125*USEC_PER_MSEC);
5288 ioctl(fd, KIOCSOUND, 0);
5291 int make_console_stdio(void) {
5294 /* Make /dev/console the controlling terminal and stdin/stdout/stderr */
5296 fd = acquire_terminal("/dev/console", false, true, true, USEC_INFINITY);
5298 log_error("Failed to acquire terminal: %s", strerror(-fd));
5304 log_error("Failed to duplicate terminal fd: %s", strerror(-r));
5311 int get_home_dir(char **_h) {
5319 /* Take the user specified one */
5320 e = secure_getenv("HOME");
5321 if (e && path_is_absolute(e)) {
5330 /* Hardcode home directory for root to avoid NSS */
5333 h = strdup("/root");
5341 /* Check the database... */
5345 return errno > 0 ? -errno : -ESRCH;
5347 if (!path_is_absolute(p->pw_dir))
5350 h = strdup(p->pw_dir);
5358 int get_shell(char **_s) {
5366 /* Take the user specified one */
5367 e = getenv("SHELL");
5377 /* Hardcode home directory for root to avoid NSS */
5380 s = strdup("/bin/sh");
5388 /* Check the database... */
5392 return errno > 0 ? -errno : -ESRCH;
5394 if (!path_is_absolute(p->pw_shell))
5397 s = strdup(p->pw_shell);
5405 bool filename_is_safe(const char *p) {
5419 if (strlen(p) > FILENAME_MAX)
5425 bool string_is_safe(const char *p) {
5431 for (t = p; *t; t++) {
5432 if (*t > 0 && *t < ' ')
5435 if (strchr("\\\"\'\0x7f", *t))
5443 * Check if a string contains control characters. If 'ok' is non-NULL
5444 * it may be a string containing additional CCs to be considered OK.
5446 bool string_has_cc(const char *p, const char *ok) {
5451 for (t = p; *t; t++) {
5452 if (ok && strchr(ok, *t))
5455 if (*t > 0 && *t < ' ')
5465 bool path_is_safe(const char *p) {
5470 if (streq(p, "..") || startswith(p, "../") || endswith(p, "/..") || strstr(p, "/../"))
5473 if (strlen(p) > PATH_MAX)
5476 /* The following two checks are not really dangerous, but hey, they still are confusing */
5477 if (streq(p, ".") || startswith(p, "./") || endswith(p, "/.") || strstr(p, "/./"))
5480 if (strstr(p, "//"))
5486 /* hey glibc, APIs with callbacks without a user pointer are so useless */
5487 void *xbsearch_r(const void *key, const void *base, size_t nmemb, size_t size,
5488 int (*compar) (const void *, const void *, void *), void *arg) {
5497 p = (void *)(((const char *) base) + (idx * size));
5498 comparison = compar(key, p, arg);
5501 else if (comparison > 0)
5509 bool is_locale_utf8(void) {
5511 static int cached_answer = -1;
5513 if (cached_answer >= 0)
5516 if (!setlocale(LC_ALL, "")) {
5517 cached_answer = true;
5521 set = nl_langinfo(CODESET);
5523 cached_answer = true;
5527 if (streq(set, "UTF-8")) {
5528 cached_answer = true;
5532 /* For LC_CTYPE=="C" return true, because CTYPE is effectly
5533 * unset and everything can do to UTF-8 nowadays. */
5534 set = setlocale(LC_CTYPE, NULL);
5536 cached_answer = true;
5540 /* Check result, but ignore the result if C was set
5544 !getenv("LC_ALL") &&
5545 !getenv("LC_CTYPE") &&
5549 return (bool) cached_answer;
5552 const char *draw_special_char(DrawSpecialChar ch) {
5553 static const char *draw_table[2][_DRAW_SPECIAL_CHAR_MAX] = {
5556 [DRAW_TREE_VERTICAL] = "\342\224\202 ", /* │ */
5557 [DRAW_TREE_BRANCH] = "\342\224\234\342\224\200", /* ├─ */
5558 [DRAW_TREE_RIGHT] = "\342\224\224\342\224\200", /* └─ */
5559 [DRAW_TREE_SPACE] = " ", /* */
5560 [DRAW_TRIANGULAR_BULLET] = "\342\200\243", /* ‣ */
5561 [DRAW_BLACK_CIRCLE] = "\342\227\217", /* ● */
5562 [DRAW_ARROW] = "\342\206\222", /* → */
5563 [DRAW_DASH] = "\342\200\223", /* – */
5566 /* ASCII fallback */ {
5567 [DRAW_TREE_VERTICAL] = "| ",
5568 [DRAW_TREE_BRANCH] = "|-",
5569 [DRAW_TREE_RIGHT] = "`-",
5570 [DRAW_TREE_SPACE] = " ",
5571 [DRAW_TRIANGULAR_BULLET] = ">",
5572 [DRAW_BLACK_CIRCLE] = "*",
5573 [DRAW_ARROW] = "->",
5578 return draw_table[!is_locale_utf8()][ch];
5581 char *strreplace(const char *text, const char *old_string, const char *new_string) {
5584 size_t l, old_len, new_len;
5590 old_len = strlen(old_string);
5591 new_len = strlen(new_string);
5604 if (!startswith(f, old_string)) {
5610 nl = l - old_len + new_len;
5611 a = realloc(r, nl + 1);
5619 t = stpcpy(t, new_string);
5631 char *strip_tab_ansi(char **ibuf, size_t *_isz) {
5632 const char *i, *begin = NULL;
5637 } state = STATE_OTHER;
5639 size_t osz = 0, isz;
5645 /* Strips ANSI color and replaces TABs by 8 spaces */
5647 isz = _isz ? *_isz : strlen(*ibuf);
5649 f = open_memstream(&obuf, &osz);
5653 for (i = *ibuf; i < *ibuf + isz + 1; i++) {
5658 if (i >= *ibuf + isz) /* EOT */
5660 else if (*i == '\x1B')
5661 state = STATE_ESCAPE;
5662 else if (*i == '\t')
5669 if (i >= *ibuf + isz) { /* EOT */
5672 } else if (*i == '[') {
5673 state = STATE_BRACKET;
5678 state = STATE_OTHER;
5685 if (i >= *ibuf + isz || /* EOT */
5686 (!(*i >= '0' && *i <= '9') && *i != ';' && *i != 'm')) {
5689 state = STATE_OTHER;
5691 } else if (*i == 'm')
5692 state = STATE_OTHER;
5714 int on_ac_power(void) {
5715 bool found_offline = false, found_online = false;
5716 _cleanup_closedir_ DIR *d = NULL;
5718 d = opendir("/sys/class/power_supply");
5724 _cleanup_close_ int fd = -1, device = -1;
5730 if (!de && errno != 0)
5736 if (ignore_file(de->d_name))
5739 device = openat(dirfd(d), de->d_name, O_DIRECTORY|O_RDONLY|O_CLOEXEC|O_NOCTTY);
5741 if (errno == ENOENT || errno == ENOTDIR)
5747 fd = openat(device, "type", O_RDONLY|O_CLOEXEC|O_NOCTTY);
5749 if (errno == ENOENT)
5755 n = read(fd, contents, sizeof(contents));
5759 if (n != 6 || memcmp(contents, "Mains\n", 6))
5763 fd = openat(device, "online", O_RDONLY|O_CLOEXEC|O_NOCTTY);
5765 if (errno == ENOENT)
5771 n = read(fd, contents, sizeof(contents));
5775 if (n != 2 || contents[1] != '\n')
5778 if (contents[0] == '1') {
5779 found_online = true;
5781 } else if (contents[0] == '0')
5782 found_offline = true;
5787 return found_online || !found_offline;
5790 static int search_and_fopen_internal(const char *path, const char *mode, const char *root, char **search, FILE **_f) {
5797 if (!path_strv_resolve_uniq(search, root))
5800 STRV_FOREACH(i, search) {
5801 _cleanup_free_ char *p = NULL;
5805 p = strjoin(root, *i, "/", path, NULL);
5807 p = strjoin(*i, "/", path, NULL);
5817 if (errno != ENOENT)
5824 int search_and_fopen(const char *path, const char *mode, const char *root, const char **search, FILE **_f) {
5825 _cleanup_strv_free_ char **copy = NULL;
5831 if (path_is_absolute(path)) {
5834 f = fopen(path, mode);
5843 copy = strv_copy((char**) search);
5847 return search_and_fopen_internal(path, mode, root, copy, _f);
5850 int search_and_fopen_nulstr(const char *path, const char *mode, const char *root, const char *search, FILE **_f) {
5851 _cleanup_strv_free_ char **s = NULL;
5853 if (path_is_absolute(path)) {
5856 f = fopen(path, mode);
5865 s = strv_split_nulstr(search);
5869 return search_and_fopen_internal(path, mode, root, s, _f);
5872 char *strextend(char **x, ...) {
5879 l = f = *x ? strlen(*x) : 0;
5886 t = va_arg(ap, const char *);
5891 if (n > ((size_t) -1) - l) {
5900 r = realloc(*x, l+1);
5910 t = va_arg(ap, const char *);
5924 char *strrep(const char *s, unsigned n) {
5932 p = r = malloc(l * n + 1);
5936 for (i = 0; i < n; i++)
5943 void* greedy_realloc(void **p, size_t *allocated, size_t need, size_t size) {
5950 if (*allocated >= need)
5953 newalloc = MAX(need * 2, 64u / size);
5954 a = newalloc * size;
5956 /* check for overflows */
5957 if (a < size * need)
5965 *allocated = newalloc;
5969 void* greedy_realloc0(void **p, size_t *allocated, size_t need, size_t size) {
5978 q = greedy_realloc(p, allocated, need, size);
5982 if (*allocated > prev)
5983 memzero(q + prev * size, (*allocated - prev) * size);
5988 bool id128_is_valid(const char *s) {
5994 /* Simple formatted 128bit hex string */
5996 for (i = 0; i < l; i++) {
5999 if (!(c >= '0' && c <= '9') &&
6000 !(c >= 'a' && c <= 'z') &&
6001 !(c >= 'A' && c <= 'Z'))
6005 } else if (l == 36) {
6007 /* Formatted UUID */
6009 for (i = 0; i < l; i++) {
6012 if ((i == 8 || i == 13 || i == 18 || i == 23)) {
6016 if (!(c >= '0' && c <= '9') &&
6017 !(c >= 'a' && c <= 'z') &&
6018 !(c >= 'A' && c <= 'Z'))
6029 int split_pair(const char *s, const char *sep, char **l, char **r) {
6044 a = strndup(s, x - s);
6048 b = strdup(x + strlen(sep));
6060 int shall_restore_state(void) {
6061 _cleanup_free_ char *line = NULL;
6066 r = proc_cmdline(&line);
6069 if (r == 0) /* Container ... */
6074 FOREACH_WORD_QUOTED(w, l, line, state) {
6082 e = startswith(n, "systemd.restore_state=");
6086 k = parse_boolean(e);
6094 int proc_cmdline(char **ret) {
6097 if (detect_container(NULL) > 0) {
6098 char *buf = NULL, *p;
6101 r = read_full_file("/proc/1/cmdline", &buf, &sz);
6105 for (p = buf; p + 1 < buf + sz; p++)
6114 r = read_one_line_file("/proc/cmdline", ret);
6121 int parse_proc_cmdline(int (*parse_item)(const char *key, const char *value)) {
6122 _cleanup_free_ char *line = NULL;
6129 r = proc_cmdline(&line);
6131 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
6135 FOREACH_WORD_QUOTED(w, l, line, state) {
6136 char word[l+1], *value;
6141 /* Filter out arguments that are intended only for the
6143 if (!in_initrd() && startswith(word, "rd."))
6146 value = strchr(word, '=');
6150 r = parse_item(word, value);
6158 int container_get_leader(const char *machine, pid_t *pid) {
6159 _cleanup_free_ char *s = NULL, *class = NULL;
6167 p = strappenda("/run/systemd/machines/", machine);
6168 r = parse_env_file(p, NEWLINE, "LEADER", &s, "CLASS", &class, NULL);
6176 if (!streq_ptr(class, "container"))
6179 r = parse_pid(s, &leader);
6189 int namespace_open(pid_t pid, int *pidns_fd, int *mntns_fd, int *netns_fd, int *root_fd) {
6190 _cleanup_close_ int pidnsfd = -1, mntnsfd = -1, netnsfd = -1;
6198 mntns = procfs_file_alloca(pid, "ns/mnt");
6199 mntnsfd = open(mntns, O_RDONLY|O_NOCTTY|O_CLOEXEC);
6207 pidns = procfs_file_alloca(pid, "ns/pid");
6208 pidnsfd = open(pidns, O_RDONLY|O_NOCTTY|O_CLOEXEC);
6216 netns = procfs_file_alloca(pid, "ns/net");
6217 netnsfd = open(netns, O_RDONLY|O_NOCTTY|O_CLOEXEC);
6225 root = procfs_file_alloca(pid, "root");
6226 rfd = open(root, O_RDONLY|O_NOCTTY|O_CLOEXEC|O_DIRECTORY);
6232 *pidns_fd = pidnsfd;
6235 *mntns_fd = mntnsfd;
6238 *netns_fd = netnsfd;
6243 pidnsfd = mntnsfd = netnsfd = -1;
6248 int namespace_enter(int pidns_fd, int mntns_fd, int netns_fd, int root_fd) {
6251 if (setns(pidns_fd, CLONE_NEWPID) < 0)
6255 if (setns(mntns_fd, CLONE_NEWNS) < 0)
6259 if (setns(netns_fd, CLONE_NEWNET) < 0)
6263 if (fchdir(root_fd) < 0)
6266 if (chroot(".") < 0)
6270 if (setresgid(0, 0, 0) < 0)
6273 if (setgroups(0, NULL) < 0)
6276 if (setresuid(0, 0, 0) < 0)
6282 bool pid_is_unwaited(pid_t pid) {
6283 /* Checks whether a PID is still valid at all, including a zombie */
6288 if (kill(pid, 0) >= 0)
6291 return errno != ESRCH;
6294 bool pid_is_alive(pid_t pid) {
6297 /* Checks whether a PID is still valid and not a zombie */
6302 r = get_process_state(pid);
6303 if (r == -ENOENT || r == 'Z')
6309 int getpeercred(int fd, struct ucred *ucred) {
6310 socklen_t n = sizeof(struct ucred);
6317 r = getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &u, &n);
6321 if (n != sizeof(struct ucred))
6324 /* Check if the data is actually useful and not suppressed due
6325 * to namespacing issues */
6333 int getpeersec(int fd, char **ret) {
6345 r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n);
6349 if (errno != ERANGE)
6356 r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n);
6372 /* This is much like like mkostemp() but is subject to umask(). */
6373 int mkostemp_safe(char *pattern, int flags) {
6374 _cleanup_umask_ mode_t u;
6381 fd = mkostemp(pattern, flags);
6388 int open_tmpfile(const char *path, int flags) {
6395 /* Try O_TMPFILE first, if it is supported */
6396 fd = open(path, flags|O_TMPFILE, S_IRUSR|S_IWUSR);
6401 /* Fall back to unguessable name + unlinking */
6402 p = strappenda(path, "/systemd-tmp-XXXXXX");
6404 fd = mkostemp_safe(p, flags);
6412 int fd_warn_permissions(const char *path, int fd) {
6415 if (fstat(fd, &st) < 0)
6418 if (st.st_mode & 0111)
6419 log_warning("Configuration file %s is marked executable. Please remove executable permission bits. Proceeding anyway.", path);
6421 if (st.st_mode & 0002)
6422 log_warning("Configuration file %s is marked world-writable. Please remove world writability permission bits. Proceeding anyway.", path);
6424 if (getpid() == 1 && (st.st_mode & 0044) != 0044)
6425 log_warning("Configuration file %s is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.", path);
6430 unsigned long personality_from_string(const char *p) {
6432 /* Parse a personality specifier. We introduce our own
6433 * identifiers that indicate specific ABIs, rather than just
6434 * hints regarding the register size, since we want to keep
6435 * things open for multiple locally supported ABIs for the
6436 * same register size. We try to reuse the ABI identifiers
6437 * used by libseccomp. */
6439 #if defined(__x86_64__)
6441 if (streq(p, "x86"))
6444 if (streq(p, "x86-64"))
6447 #elif defined(__i386__)
6449 if (streq(p, "x86"))
6453 /* personality(7) documents that 0xffffffffUL is used for
6454 * querying the current personality, hence let's use that here
6455 * as error indicator. */
6456 return 0xffffffffUL;
6459 const char* personality_to_string(unsigned long p) {
6461 #if defined(__x86_64__)
6463 if (p == PER_LINUX32)
6469 #elif defined(__i386__)
6478 uint64_t physical_memory(void) {
6481 /* We return this as uint64_t in case we are running as 32bit
6482 * process on a 64bit kernel with huge amounts of memory */
6484 mem = sysconf(_SC_PHYS_PAGES);
6487 return (uint64_t) mem * (uint64_t) page_size();
6490 char* mount_test_option(const char *haystack, const char *needle) {
6492 struct mntent me = {
6493 .mnt_opts = (char*) haystack
6498 /* Like glibc's hasmntopt(), but works on a string, not a
6504 return hasmntopt(&me, needle);
6507 void hexdump(FILE *f, const void *p, size_t s) {
6508 const uint8_t *b = p;
6511 assert(s == 0 || b);
6516 fprintf(f, "%04x ", n);
6518 for (i = 0; i < 16; i++) {
6523 fprintf(f, "%02x ", b[i]);
6531 for (i = 0; i < 16; i++) {
6536 fputc(isprint(b[i]) ? (char) b[i] : '.', f);
6550 int update_reboot_param_file(const char *param) {
6555 r = write_string_file(REBOOT_PARAM_FILE, param);
6557 log_error("Failed to write reboot param to "
6558 REBOOT_PARAM_FILE": %s", strerror(-r));
6560 unlink(REBOOT_PARAM_FILE);
6565 int umount_recursive(const char *prefix, int flags) {
6569 /* Try to umount everything recursively below a
6570 * directory. Also, take care of stacked mounts, and keep
6571 * unmounting them until they are gone. */
6574 _cleanup_fclose_ FILE *proc_self_mountinfo = NULL;
6579 proc_self_mountinfo = fopen("/proc/self/mountinfo", "re");
6580 if (!proc_self_mountinfo)
6584 _cleanup_free_ char *path = NULL, *p = NULL;
6587 k = fscanf(proc_self_mountinfo,
6588 "%*s " /* (1) mount id */
6589 "%*s " /* (2) parent id */
6590 "%*s " /* (3) major:minor */
6591 "%*s " /* (4) root */
6592 "%ms " /* (5) mount point */
6593 "%*s" /* (6) mount options */
6594 "%*[^-]" /* (7) optional fields */
6595 "- " /* (8) separator */
6596 "%*s " /* (9) file system type */
6597 "%*s" /* (10) mount source */
6598 "%*s" /* (11) mount options 2 */
6599 "%*[^\n]", /* some rubbish at the end */
6608 p = cunescape(path);
6612 if (!path_startswith(p, prefix))
6615 if (umount2(p, flags) < 0) {
6631 int bind_remount_recursive(const char *prefix, bool ro) {
6632 _cleanup_set_free_free_ Set *done = NULL;
6633 _cleanup_free_ char *cleaned = NULL;
6636 /* Recursively remount a directory (and all its submounts)
6637 * read-only or read-write. If the directory is already
6638 * mounted, we reuse the mount and simply mark it
6639 * MS_BIND|MS_RDONLY (or remove the MS_RDONLY for read-write
6640 * operation). If it isn't we first make it one. Afterwards we
6641 * apply MS_BIND|MS_RDONLY (or remove MS_RDONLY) to all
6642 * submounts we can access, too. When mounts are stacked on
6643 * the same mount point we only care for each individual
6644 * "top-level" mount on each point, as we cannot
6645 * influence/access the underlying mounts anyway. We do not
6646 * have any effect on future submounts that might get
6647 * propagated, they migt be writable. This includes future
6648 * submounts that have been triggered via autofs. */
6650 cleaned = strdup(prefix);
6654 path_kill_slashes(cleaned);
6656 done = set_new(string_hash_func, string_compare_func);
6661 _cleanup_fclose_ FILE *proc_self_mountinfo = NULL;
6662 _cleanup_set_free_free_ Set *todo = NULL;
6663 bool top_autofs = false;
6666 todo = set_new(string_hash_func, string_compare_func);
6670 proc_self_mountinfo = fopen("/proc/self/mountinfo", "re");
6671 if (!proc_self_mountinfo)
6675 _cleanup_free_ char *path = NULL, *p = NULL, *type = NULL;
6678 k = fscanf(proc_self_mountinfo,
6679 "%*s " /* (1) mount id */
6680 "%*s " /* (2) parent id */
6681 "%*s " /* (3) major:minor */
6682 "%*s " /* (4) root */
6683 "%ms " /* (5) mount point */
6684 "%*s" /* (6) mount options (superblock) */
6685 "%*[^-]" /* (7) optional fields */
6686 "- " /* (8) separator */
6687 "%ms " /* (9) file system type */
6688 "%*s" /* (10) mount source */
6689 "%*s" /* (11) mount options (bind mount) */
6690 "%*[^\n]", /* some rubbish at the end */
6700 p = cunescape(path);
6704 /* Let's ignore autofs mounts. If they aren't
6705 * triggered yet, we want to avoid triggering
6706 * them, as we don't make any guarantees for
6707 * future submounts anyway. If they are
6708 * already triggered, then we will find
6709 * another entry for this. */
6710 if (streq(type, "autofs")) {
6711 top_autofs = top_autofs || path_equal(cleaned, p);
6715 if (path_startswith(p, cleaned) &&
6716 !set_contains(done, p)) {
6718 r = set_consume(todo, p);
6728 /* If we have no submounts to process anymore and if
6729 * the root is either already done, or an autofs, we
6731 if (set_isempty(todo) &&
6732 (top_autofs || set_contains(done, cleaned)))
6735 if (!set_contains(done, cleaned) &&
6736 !set_contains(todo, cleaned)) {
6737 /* The prefix directory itself is not yet a
6738 * mount, make it one. */
6739 if (mount(cleaned, cleaned, NULL, MS_BIND|MS_REC, NULL) < 0)
6742 if (mount(NULL, prefix, NULL, MS_BIND|MS_REMOUNT|(ro ? MS_RDONLY : 0), NULL) < 0)
6745 x = strdup(cleaned);
6749 r = set_consume(done, x);
6754 while ((x = set_steal_first(todo))) {
6756 r = set_consume(done, x);
6762 if (mount(NULL, x, NULL, MS_BIND|MS_REMOUNT|(ro ? MS_RDONLY : 0), NULL) < 0) {
6764 /* Deal with mount points that are
6765 * obstructed by a later mount */
6767 if (errno != ENOENT)
6775 int fflush_and_check(FILE *f) {
6782 return errno ? -errno : -EIO;
6787 char *tempfn_xxxxxx(const char *p) {
6794 t = new(char, strlen(p) + 1 + 6 + 1);
6801 strcpy(stpcpy(stpcpy(mempcpy(t, p, k), "."), fn), "XXXXXX");
6806 char *tempfn_random(const char *p) {
6815 t = new(char, strlen(p) + 1 + 16 + 1);
6822 x = stpcpy(stpcpy(mempcpy(t, p, k), "."), fn);
6825 for (i = 0; i < 16; i++) {
6826 *(x++) = hexchar(u & 0xF);
6835 /* make sure the hostname is not "localhost" */
6836 bool is_localhost(const char *hostname) {
6839 /* This tries to identify local hostnames described in RFC6761
6840 * plus the redhatism of .localdomain */
6842 return streq(hostname, "localhost") ||
6843 streq(hostname, "localhost.") ||
6844 endswith(hostname, ".localhost") ||
6845 endswith(hostname, ".localhost.") ||
6846 endswith(hostname, ".localdomain") ||
6847 endswith(hostname, ".localdomain.");
6850 int take_password_lock(const char *root) {
6852 struct flock flock = {
6854 .l_whence = SEEK_SET,
6862 /* This is roughly the same as lckpwdf(), but not as awful. We
6863 * don't want to use alarm() and signals, hence we implement
6864 * our own trivial version of this.
6866 * Note that shadow-utils also takes per-database locks in
6867 * addition to lckpwdf(). However, we don't given that they
6868 * are redundant as they they invoke lckpwdf() first and keep
6869 * it during everything they do. The per-database locks are
6870 * awfully racy, and thus we just won't do them. */
6873 path = strappenda(root, "/etc/.pwd.lock");
6875 path = "/etc/.pwd.lock";
6877 fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW, 0600);
6881 r = fcntl(fd, F_SETLKW, &flock);