1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
31 #include <sys/resource.h>
32 #include <linux/sched.h>
33 #include <sys/types.h>
37 #include <sys/ioctl.h>
39 #include <linux/tiocl.h>
42 #include <sys/inotify.h>
45 #include <sys/prctl.h>
46 #include <sys/utsname.h>
48 #include <netinet/ip.h>
57 #include <sys/mount.h>
58 #include <linux/magic.h>
62 #include <sys/personality.h>
66 #ifdef HAVE_SYS_AUXV_H
78 #include "path-util.h"
79 #include "exit-status.h"
83 #include "device-nodes.h"
90 char **saved_argv = NULL;
92 static volatile unsigned cached_columns = 0;
93 static volatile unsigned cached_lines = 0;
95 size_t page_size(void) {
96 static thread_local size_t pgsz = 0;
99 if (_likely_(pgsz > 0))
102 r = sysconf(_SC_PAGESIZE);
109 bool streq_ptr(const char *a, const char *b) {
111 /* Like streq(), but tries to make sense of NULL pointers */
122 char* endswith(const char *s, const char *postfix) {
129 pl = strlen(postfix);
132 return (char*) s + sl;
137 if (memcmp(s + sl - pl, postfix, pl) != 0)
140 return (char*) s + sl - pl;
143 char* first_word(const char *s, const char *word) {
150 /* Checks if the string starts with the specified word, either
151 * followed by NUL or by whitespace. Returns a pointer to the
152 * NUL or the first character after the whitespace. */
163 if (memcmp(s, word, wl) != 0)
170 if (!strchr(WHITESPACE, *p))
173 p += strspn(p, WHITESPACE);
177 int close_nointr(int fd) {
184 * Just ignore EINTR; a retry loop is the wrong thing to do on
187 * http://lkml.indiana.edu/hypermail/linux/kernel/0509.1/0877.html
188 * https://bugzilla.gnome.org/show_bug.cgi?id=682819
189 * http://utcc.utoronto.ca/~cks/space/blog/unix/CloseEINTR
190 * https://sites.google.com/site/michaelsafyan/software-engineering/checkforeintrwheninvokingclosethinkagain
198 int safe_close(int fd) {
201 * Like close_nointr() but cannot fail. Guarantees errno is
202 * unchanged. Is a NOP with negative fds passed, and returns
203 * -1, so that it can be used in this syntax:
205 * fd = safe_close(fd);
211 /* The kernel might return pretty much any error code
212 * via close(), but the fd will be closed anyway. The
213 * only condition we want to check for here is whether
214 * the fd was invalid at all... */
216 assert_se(close_nointr(fd) != -EBADF);
222 void close_many(const int fds[], unsigned n_fd) {
225 assert(fds || n_fd <= 0);
227 for (i = 0; i < n_fd; i++)
231 int unlink_noerrno(const char *path) {
242 int parse_boolean(const char *v) {
245 if (streq(v, "1") || strcaseeq(v, "yes") || strcaseeq(v, "y") || strcaseeq(v, "true") || strcaseeq(v, "t") || strcaseeq(v, "on"))
247 else if (streq(v, "0") || strcaseeq(v, "no") || strcaseeq(v, "n") || strcaseeq(v, "false") || strcaseeq(v, "f") || strcaseeq(v, "off"))
253 int parse_pid(const char *s, pid_t* ret_pid) {
254 unsigned long ul = 0;
261 r = safe_atolu(s, &ul);
267 if ((unsigned long) pid != ul)
277 int parse_uid(const char *s, uid_t* ret_uid) {
278 unsigned long ul = 0;
285 r = safe_atolu(s, &ul);
291 if ((unsigned long) uid != ul)
294 /* Some libc APIs use (uid_t) -1 as special placeholder */
295 if (uid == (uid_t) 0xFFFFFFFF)
298 /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */
299 if (uid == (uid_t) 0xFFFF)
306 int safe_atou(const char *s, unsigned *ret_u) {
314 l = strtoul(s, &x, 0);
316 if (!x || x == s || *x || errno)
317 return errno > 0 ? -errno : -EINVAL;
319 if ((unsigned long) (unsigned) l != l)
322 *ret_u = (unsigned) l;
326 int safe_atoi(const char *s, int *ret_i) {
334 l = strtol(s, &x, 0);
336 if (!x || x == s || *x || errno)
337 return errno > 0 ? -errno : -EINVAL;
339 if ((long) (int) l != l)
346 int safe_atou8(const char *s, uint8_t *ret) {
354 l = strtoul(s, &x, 0);
356 if (!x || x == s || *x || errno)
357 return errno > 0 ? -errno : -EINVAL;
359 if ((unsigned long) (uint8_t) l != l)
366 int safe_atollu(const char *s, long long unsigned *ret_llu) {
368 unsigned long long l;
374 l = strtoull(s, &x, 0);
376 if (!x || x == s || *x || errno)
377 return errno ? -errno : -EINVAL;
383 int safe_atolli(const char *s, long long int *ret_lli) {
391 l = strtoll(s, &x, 0);
393 if (!x || x == s || *x || errno)
394 return errno ? -errno : -EINVAL;
400 int safe_atod(const char *s, double *ret_d) {
407 RUN_WITH_LOCALE(LC_NUMERIC_MASK, "C") {
412 if (!x || x == s || *x || errno)
413 return errno ? -errno : -EINVAL;
419 static size_t strcspn_escaped(const char *s, const char *reject) {
420 bool escaped = false;
423 for (n=0; s[n]; n++) {
426 else if (s[n] == '\\')
428 else if (strchr(reject, s[n]))
431 /* if s ends in \, return index of previous char */
435 /* Split a string into words. */
436 const char* split(const char **state, size_t *l, const char *separator, bool quoted) {
442 assert(**state == '\0');
446 current += strspn(current, separator);
452 if (quoted && strchr("\'\"", *current)) {
453 char quotechars[2] = {*current, '\0'};
455 *l = strcspn_escaped(current + 1, quotechars);
456 if (current[*l + 1] == '\0' ||
457 (current[*l + 2] && !strchr(separator, current[*l + 2]))) {
458 /* right quote missing or garbage at the end*/
462 assert(current[*l + 1] == quotechars[0]);
463 *state = current++ + *l + 2;
465 *l = strcspn_escaped(current, separator);
466 *state = current + *l;
468 *l = strcspn(current, separator);
469 *state = current + *l;
475 int get_parent_of_pid(pid_t pid, pid_t *_ppid) {
477 _cleanup_free_ char *line = NULL;
489 p = procfs_file_alloca(pid, "stat");
490 r = read_one_line_file(p, &line);
494 /* Let's skip the pid and comm fields. The latter is enclosed
495 * in () but does not escape any () in its value, so let's
496 * skip over it manually */
498 p = strrchr(line, ')');
510 if ((long unsigned) (pid_t) ppid != ppid)
513 *_ppid = (pid_t) ppid;
518 int get_starttime_of_pid(pid_t pid, unsigned long long *st) {
520 _cleanup_free_ char *line = NULL;
526 p = procfs_file_alloca(pid, "stat");
527 r = read_one_line_file(p, &line);
531 /* Let's skip the pid and comm fields. The latter is enclosed
532 * in () but does not escape any () in its value, so let's
533 * skip over it manually */
535 p = strrchr(line, ')');
557 "%*d " /* priority */
559 "%*d " /* num_threads */
560 "%*d " /* itrealvalue */
561 "%llu " /* starttime */,
568 int fchmod_umask(int fd, mode_t m) {
573 r = fchmod(fd, m & (~u)) < 0 ? -errno : 0;
579 char *truncate_nl(char *s) {
582 s[strcspn(s, NEWLINE)] = 0;
586 int get_process_state(pid_t pid) {
590 _cleanup_free_ char *line = NULL;
594 p = procfs_file_alloca(pid, "stat");
595 r = read_one_line_file(p, &line);
599 p = strrchr(line, ')');
605 if (sscanf(p, " %c", &state) != 1)
608 return (unsigned char) state;
611 int get_process_comm(pid_t pid, char **name) {
618 p = procfs_file_alloca(pid, "comm");
620 r = read_one_line_file(p, name);
627 int get_process_cmdline(pid_t pid, size_t max_length, bool comm_fallback, char **line) {
628 _cleanup_fclose_ FILE *f = NULL;
636 p = procfs_file_alloca(pid, "cmdline");
642 if (max_length == 0) {
643 size_t len = 0, allocated = 0;
645 while ((c = getc(f)) != EOF) {
647 if (!GREEDY_REALLOC(r, allocated, len+2)) {
652 r[len++] = isprint(c) ? c : ' ';
662 r = new(char, max_length);
668 while ((c = getc(f)) != EOF) {
690 size_t n = MIN(left-1, 3U);
697 /* Kernel threads have no argv[] */
699 _cleanup_free_ char *t = NULL;
707 h = get_process_comm(pid, &t);
711 r = strjoin("[", t, "]", NULL);
720 int is_kernel_thread(pid_t pid) {
732 p = procfs_file_alloca(pid, "cmdline");
737 count = fread(&c, 1, 1, f);
741 /* Kernel threads have an empty cmdline */
744 return eof ? 1 : -errno;
749 int get_process_capeff(pid_t pid, char **capeff) {
755 p = procfs_file_alloca(pid, "status");
757 return get_status_field(p, "\nCapEff:", capeff);
760 int get_process_exe(pid_t pid, char **name) {
768 p = procfs_file_alloca(pid, "exe");
770 r = readlink_malloc(p, name);
772 return r == -ENOENT ? -ESRCH : r;
774 d = endswith(*name, " (deleted)");
781 static int get_process_id(pid_t pid, const char *field, uid_t *uid) {
782 _cleanup_fclose_ FILE *f = NULL;
792 p = procfs_file_alloca(pid, "status");
797 FOREACH_LINE(line, f, return -errno) {
802 if (startswith(l, field)) {
804 l += strspn(l, WHITESPACE);
806 l[strcspn(l, WHITESPACE)] = 0;
808 return parse_uid(l, uid);
815 int get_process_uid(pid_t pid, uid_t *uid) {
816 return get_process_id(pid, "Uid:", uid);
819 int get_process_gid(pid_t pid, gid_t *gid) {
820 assert_cc(sizeof(uid_t) == sizeof(gid_t));
821 return get_process_id(pid, "Gid:", gid);
824 char *strnappend(const char *s, const char *suffix, size_t b) {
832 return strndup(suffix, b);
841 if (b > ((size_t) -1) - a)
844 r = new(char, a+b+1);
849 memcpy(r+a, suffix, b);
855 char *strappend(const char *s, const char *suffix) {
856 return strnappend(s, suffix, suffix ? strlen(suffix) : 0);
859 int readlinkat_malloc(int fd, const char *p, char **ret) {
874 n = readlinkat(fd, p, c, l-1);
881 if ((size_t) n < l-1) {
892 int readlink_malloc(const char *p, char **ret) {
893 return readlinkat_malloc(AT_FDCWD, p, ret);
896 int readlink_value(const char *p, char **ret) {
897 _cleanup_free_ char *link = NULL;
901 r = readlink_malloc(p, &link);
905 value = basename(link);
909 value = strdup(value);
918 int readlink_and_make_absolute(const char *p, char **r) {
919 _cleanup_free_ char *target = NULL;
926 j = readlink_malloc(p, &target);
930 k = file_in_same_dir(p, target);
938 int readlink_and_canonicalize(const char *p, char **r) {
945 j = readlink_and_make_absolute(p, &t);
949 s = canonicalize_file_name(t);
956 path_kill_slashes(*r);
961 int reset_all_signal_handlers(void) {
964 for (sig = 1; sig < _NSIG; sig++) {
965 struct sigaction sa = {
966 .sa_handler = SIG_DFL,
967 .sa_flags = SA_RESTART,
970 /* These two cannot be caught... */
971 if (sig == SIGKILL || sig == SIGSTOP)
974 /* On Linux the first two RT signals are reserved by
975 * glibc, and sigaction() will return EINVAL for them. */
976 if ((sigaction(sig, &sa, NULL) < 0))
977 if (errno != EINVAL && r == 0)
984 int reset_signal_mask(void) {
987 if (sigemptyset(&ss) < 0)
990 if (sigprocmask(SIG_SETMASK, &ss, NULL) < 0)
996 char *strstrip(char *s) {
999 /* Drops trailing whitespace. Modifies the string in
1000 * place. Returns pointer to first non-space character */
1002 s += strspn(s, WHITESPACE);
1004 for (e = strchr(s, 0); e > s; e --)
1005 if (!strchr(WHITESPACE, e[-1]))
1013 char *delete_chars(char *s, const char *bad) {
1016 /* Drops all whitespace, regardless where in the string */
1018 for (f = s, t = s; *f; f++) {
1019 if (strchr(bad, *f))
1030 char *file_in_same_dir(const char *path, const char *filename) {
1037 /* This removes the last component of path and appends
1038 * filename, unless the latter is absolute anyway or the
1041 if (path_is_absolute(filename))
1042 return strdup(filename);
1044 if (!(e = strrchr(path, '/')))
1045 return strdup(filename);
1047 k = strlen(filename);
1048 if (!(r = new(char, e-path+1+k+1)))
1051 memcpy(r, path, e-path+1);
1052 memcpy(r+(e-path)+1, filename, k+1);
1057 int rmdir_parents(const char *path, const char *stop) {
1066 /* Skip trailing slashes */
1067 while (l > 0 && path[l-1] == '/')
1073 /* Skip last component */
1074 while (l > 0 && path[l-1] != '/')
1077 /* Skip trailing slashes */
1078 while (l > 0 && path[l-1] == '/')
1084 if (!(t = strndup(path, l)))
1087 if (path_startswith(stop, t)) {
1096 if (errno != ENOENT)
1103 char hexchar(int x) {
1104 static const char table[16] = "0123456789abcdef";
1106 return table[x & 15];
1109 int unhexchar(char c) {
1111 if (c >= '0' && c <= '9')
1114 if (c >= 'a' && c <= 'f')
1115 return c - 'a' + 10;
1117 if (c >= 'A' && c <= 'F')
1118 return c - 'A' + 10;
1123 char *hexmem(const void *p, size_t l) {
1127 z = r = malloc(l * 2 + 1);
1131 for (x = p; x < (const uint8_t*) p + l; x++) {
1132 *(z++) = hexchar(*x >> 4);
1133 *(z++) = hexchar(*x & 15);
1140 void *unhexmem(const char *p, size_t l) {
1146 z = r = malloc((l + 1) / 2 + 1);
1150 for (x = p; x < p + l; x += 2) {
1153 a = unhexchar(x[0]);
1155 b = unhexchar(x[1]);
1159 *(z++) = (uint8_t) a << 4 | (uint8_t) b;
1166 char octchar(int x) {
1167 return '0' + (x & 7);
1170 int unoctchar(char c) {
1172 if (c >= '0' && c <= '7')
1178 char decchar(int x) {
1179 return '0' + (x % 10);
1182 int undecchar(char c) {
1184 if (c >= '0' && c <= '9')
1190 char *cescape(const char *s) {
1196 /* Does C style string escaping. */
1198 r = new(char, strlen(s)*4 + 1);
1202 for (f = s, t = r; *f; f++)
1248 /* For special chars we prefer octal over
1249 * hexadecimal encoding, simply because glib's
1250 * g_strescape() does the same */
1251 if ((*f < ' ') || (*f >= 127)) {
1253 *(t++) = octchar((unsigned char) *f >> 6);
1254 *(t++) = octchar((unsigned char) *f >> 3);
1255 *(t++) = octchar((unsigned char) *f);
1266 char *cunescape_length_with_prefix(const char *s, size_t length, const char *prefix) {
1273 /* Undoes C style string escaping, and optionally prefixes it. */
1275 pl = prefix ? strlen(prefix) : 0;
1277 r = new(char, pl+length+1);
1282 memcpy(r, prefix, pl);
1284 for (f = s, t = r + pl; f < s + length; f++) {
1327 /* This is an extension of the XDG syntax files */
1332 /* hexadecimal encoding */
1335 a = unhexchar(f[1]);
1336 b = unhexchar(f[2]);
1338 if (a < 0 || b < 0 || (a == 0 && b == 0)) {
1339 /* Invalid escape code, let's take it literal then */
1343 *(t++) = (char) ((a << 4) | b);
1358 /* octal encoding */
1361 a = unoctchar(f[0]);
1362 b = unoctchar(f[1]);
1363 c = unoctchar(f[2]);
1365 if (a < 0 || b < 0 || c < 0 || (a == 0 && b == 0 && c == 0)) {
1366 /* Invalid escape code, let's take it literal then */
1370 *(t++) = (char) ((a << 6) | (b << 3) | c);
1378 /* premature end of string.*/
1383 /* Invalid escape code, let's take it literal then */
1395 char *cunescape_length(const char *s, size_t length) {
1396 return cunescape_length_with_prefix(s, length, NULL);
1399 char *cunescape(const char *s) {
1402 return cunescape_length(s, strlen(s));
1405 char *xescape(const char *s, const char *bad) {
1409 /* Escapes all chars in bad, in addition to \ and all special
1410 * chars, in \xFF style escaping. May be reversed with
1413 r = new(char, strlen(s) * 4 + 1);
1417 for (f = s, t = r; *f; f++) {
1419 if ((*f < ' ') || (*f >= 127) ||
1420 (*f == '\\') || strchr(bad, *f)) {
1423 *(t++) = hexchar(*f >> 4);
1424 *(t++) = hexchar(*f);
1434 char *ascii_strlower(char *t) {
1439 for (p = t; *p; p++)
1440 if (*p >= 'A' && *p <= 'Z')
1441 *p = *p - 'A' + 'a';
1446 _pure_ static bool ignore_file_allow_backup(const char *filename) {
1450 filename[0] == '.' ||
1451 streq(filename, "lost+found") ||
1452 streq(filename, "aquota.user") ||
1453 streq(filename, "aquota.group") ||
1454 endswith(filename, ".rpmnew") ||
1455 endswith(filename, ".rpmsave") ||
1456 endswith(filename, ".rpmorig") ||
1457 endswith(filename, ".dpkg-old") ||
1458 endswith(filename, ".dpkg-new") ||
1459 endswith(filename, ".dpkg-tmp") ||
1460 endswith(filename, ".swp");
1463 bool ignore_file(const char *filename) {
1466 if (endswith(filename, "~"))
1469 return ignore_file_allow_backup(filename);
1472 int fd_nonblock(int fd, bool nonblock) {
1477 flags = fcntl(fd, F_GETFL, 0);
1482 nflags = flags | O_NONBLOCK;
1484 nflags = flags & ~O_NONBLOCK;
1486 if (nflags == flags)
1489 if (fcntl(fd, F_SETFL, nflags) < 0)
1495 int fd_cloexec(int fd, bool cloexec) {
1500 flags = fcntl(fd, F_GETFD, 0);
1505 nflags = flags | FD_CLOEXEC;
1507 nflags = flags & ~FD_CLOEXEC;
1509 if (nflags == flags)
1512 if (fcntl(fd, F_SETFD, nflags) < 0)
1518 _pure_ static bool fd_in_set(int fd, const int fdset[], unsigned n_fdset) {
1521 assert(n_fdset == 0 || fdset);
1523 for (i = 0; i < n_fdset; i++)
1530 int close_all_fds(const int except[], unsigned n_except) {
1531 _cleanup_closedir_ DIR *d = NULL;
1535 assert(n_except == 0 || except);
1537 d = opendir("/proc/self/fd");
1542 /* When /proc isn't available (for example in chroots)
1543 * the fallback is brute forcing through the fd
1546 assert_se(getrlimit(RLIMIT_NOFILE, &rl) >= 0);
1547 for (fd = 3; fd < (int) rl.rlim_max; fd ++) {
1549 if (fd_in_set(fd, except, n_except))
1552 if (close_nointr(fd) < 0)
1553 if (errno != EBADF && r == 0)
1560 while ((de = readdir(d))) {
1563 if (ignore_file(de->d_name))
1566 if (safe_atoi(de->d_name, &fd) < 0)
1567 /* Let's better ignore this, just in case */
1576 if (fd_in_set(fd, except, n_except))
1579 if (close_nointr(fd) < 0) {
1580 /* Valgrind has its own FD and doesn't want to have it closed */
1581 if (errno != EBADF && r == 0)
1589 bool chars_intersect(const char *a, const char *b) {
1592 /* Returns true if any of the chars in a are in b. */
1593 for (p = a; *p; p++)
1600 bool fstype_is_network(const char *fstype) {
1601 static const char table[] =
1615 x = startswith(fstype, "fuse.");
1619 return nulstr_contains(table, fstype);
1623 _cleanup_close_ int fd;
1625 fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
1631 TIOCL_GETKMSGREDIRECT,
1635 if (ioctl(fd, TIOCLINUX, tiocl) < 0)
1638 vt = tiocl[0] <= 0 ? 1 : tiocl[0];
1641 if (ioctl(fd, VT_ACTIVATE, vt) < 0)
1647 int read_one_char(FILE *f, char *ret, usec_t t, bool *need_nl) {
1648 struct termios old_termios, new_termios;
1649 char c, line[LINE_MAX];
1654 if (tcgetattr(fileno(f), &old_termios) >= 0) {
1655 new_termios = old_termios;
1657 new_termios.c_lflag &= ~ICANON;
1658 new_termios.c_cc[VMIN] = 1;
1659 new_termios.c_cc[VTIME] = 0;
1661 if (tcsetattr(fileno(f), TCSADRAIN, &new_termios) >= 0) {
1664 if (t != USEC_INFINITY) {
1665 if (fd_wait_for_event(fileno(f), POLLIN, t) <= 0) {
1666 tcsetattr(fileno(f), TCSADRAIN, &old_termios);
1671 k = fread(&c, 1, 1, f);
1673 tcsetattr(fileno(f), TCSADRAIN, &old_termios);
1679 *need_nl = c != '\n';
1686 if (t != USEC_INFINITY) {
1687 if (fd_wait_for_event(fileno(f), POLLIN, t) <= 0)
1692 if (!fgets(line, sizeof(line), f))
1693 return errno ? -errno : -EIO;
1697 if (strlen(line) != 1)
1707 int ask_char(char *ret, const char *replies, const char *text, ...) {
1717 bool need_nl = true;
1720 fputs(ANSI_HIGHLIGHT_ON, stdout);
1727 fputs(ANSI_HIGHLIGHT_OFF, stdout);
1731 r = read_one_char(stdin, &c, USEC_INFINITY, &need_nl);
1734 if (r == -EBADMSG) {
1735 puts("Bad input, please try again.");
1746 if (strchr(replies, c)) {
1751 puts("Read unexpected character, please try again.");
1755 int ask_string(char **ret, const char *text, ...) {
1760 char line[LINE_MAX];
1764 fputs(ANSI_HIGHLIGHT_ON, stdout);
1771 fputs(ANSI_HIGHLIGHT_OFF, stdout);
1776 if (!fgets(line, sizeof(line), stdin))
1777 return errno ? -errno : -EIO;
1779 if (!endswith(line, "\n"))
1798 int reset_terminal_fd(int fd, bool switch_to_text) {
1799 struct termios termios;
1802 /* Set terminal to some sane defaults */
1806 /* We leave locked terminal attributes untouched, so that
1807 * Plymouth may set whatever it wants to set, and we don't
1808 * interfere with that. */
1810 /* Disable exclusive mode, just in case */
1811 ioctl(fd, TIOCNXCL);
1813 /* Switch to text mode */
1815 ioctl(fd, KDSETMODE, KD_TEXT);
1817 /* Enable console unicode mode */
1818 ioctl(fd, KDSKBMODE, K_UNICODE);
1820 if (tcgetattr(fd, &termios) < 0) {
1825 /* We only reset the stuff that matters to the software. How
1826 * hardware is set up we don't touch assuming that somebody
1827 * else will do that for us */
1829 termios.c_iflag &= ~(IGNBRK | BRKINT | ISTRIP | INLCR | IGNCR | IUCLC);
1830 termios.c_iflag |= ICRNL | IMAXBEL | IUTF8;
1831 termios.c_oflag |= ONLCR;
1832 termios.c_cflag |= CREAD;
1833 termios.c_lflag = ISIG | ICANON | IEXTEN | ECHO | ECHOE | ECHOK | ECHOCTL | ECHOPRT | ECHOKE;
1835 termios.c_cc[VINTR] = 03; /* ^C */
1836 termios.c_cc[VQUIT] = 034; /* ^\ */
1837 termios.c_cc[VERASE] = 0177;
1838 termios.c_cc[VKILL] = 025; /* ^X */
1839 termios.c_cc[VEOF] = 04; /* ^D */
1840 termios.c_cc[VSTART] = 021; /* ^Q */
1841 termios.c_cc[VSTOP] = 023; /* ^S */
1842 termios.c_cc[VSUSP] = 032; /* ^Z */
1843 termios.c_cc[VLNEXT] = 026; /* ^V */
1844 termios.c_cc[VWERASE] = 027; /* ^W */
1845 termios.c_cc[VREPRINT] = 022; /* ^R */
1846 termios.c_cc[VEOL] = 0;
1847 termios.c_cc[VEOL2] = 0;
1849 termios.c_cc[VTIME] = 0;
1850 termios.c_cc[VMIN] = 1;
1852 if (tcsetattr(fd, TCSANOW, &termios) < 0)
1856 /* Just in case, flush all crap out */
1857 tcflush(fd, TCIOFLUSH);
1862 int reset_terminal(const char *name) {
1863 _cleanup_close_ int fd = -1;
1865 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
1869 return reset_terminal_fd(fd, true);
1872 int open_terminal(const char *name, int mode) {
1877 * If a TTY is in the process of being closed opening it might
1878 * cause EIO. This is horribly awful, but unlikely to be
1879 * changed in the kernel. Hence we work around this problem by
1880 * retrying a couple of times.
1882 * https://bugs.launchpad.net/ubuntu/+source/linux/+bug/554172/comments/245
1885 assert(!(mode & O_CREAT));
1888 fd = open(name, mode, 0);
1895 /* Max 1s in total */
1899 usleep(50 * USEC_PER_MSEC);
1917 int flush_fd(int fd) {
1918 struct pollfd pollfd = {
1928 r = poll(&pollfd, 1, 0);
1938 l = read(fd, buf, sizeof(buf));
1944 if (errno == EAGAIN)
1953 int acquire_terminal(
1957 bool ignore_tiocstty_eperm,
1960 int fd = -1, notify = -1, r = 0, wd = -1;
1965 /* We use inotify to be notified when the tty is closed. We
1966 * create the watch before checking if we can actually acquire
1967 * it, so that we don't lose any event.
1969 * Note: strictly speaking this actually watches for the
1970 * device being closed, it does *not* really watch whether a
1971 * tty loses its controlling process. However, unless some
1972 * rogue process uses TIOCNOTTY on /dev/tty *after* closing
1973 * its tty otherwise this will not become a problem. As long
1974 * as the administrator makes sure not configure any service
1975 * on the same tty as an untrusted user this should not be a
1976 * problem. (Which he probably should not do anyway.) */
1978 if (timeout != USEC_INFINITY)
1979 ts = now(CLOCK_MONOTONIC);
1981 if (!fail && !force) {
1982 notify = inotify_init1(IN_CLOEXEC | (timeout != USEC_INFINITY ? IN_NONBLOCK : 0));
1988 wd = inotify_add_watch(notify, name, IN_CLOSE);
1996 struct sigaction sa_old, sa_new = {
1997 .sa_handler = SIG_IGN,
1998 .sa_flags = SA_RESTART,
2002 r = flush_fd(notify);
2007 /* We pass here O_NOCTTY only so that we can check the return
2008 * value TIOCSCTTY and have a reliable way to figure out if we
2009 * successfully became the controlling process of the tty */
2010 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
2014 /* Temporarily ignore SIGHUP, so that we don't get SIGHUP'ed
2015 * if we already own the tty. */
2016 assert_se(sigaction(SIGHUP, &sa_new, &sa_old) == 0);
2018 /* First, try to get the tty */
2019 if (ioctl(fd, TIOCSCTTY, force) < 0)
2022 assert_se(sigaction(SIGHUP, &sa_old, NULL) == 0);
2024 /* Sometimes it makes sense to ignore TIOCSCTTY
2025 * returning EPERM, i.e. when very likely we already
2026 * are have this controlling terminal. */
2027 if (r < 0 && r == -EPERM && ignore_tiocstty_eperm)
2030 if (r < 0 && (force || fail || r != -EPERM)) {
2039 assert(notify >= 0);
2042 uint8_t inotify_buffer[sizeof(struct inotify_event) + FILENAME_MAX];
2044 struct inotify_event *e;
2046 if (timeout != USEC_INFINITY) {
2049 n = now(CLOCK_MONOTONIC);
2050 if (ts + timeout < n) {
2055 r = fd_wait_for_event(fd, POLLIN, ts + timeout - n);
2065 l = read(notify, inotify_buffer, sizeof(inotify_buffer));
2068 if (errno == EINTR || errno == EAGAIN)
2075 e = (struct inotify_event*) inotify_buffer;
2080 if (e->wd != wd || !(e->mask & IN_CLOSE)) {
2085 step = sizeof(struct inotify_event) + e->len;
2086 assert(step <= (size_t) l);
2088 e = (struct inotify_event*) ((uint8_t*) e + step);
2095 /* We close the tty fd here since if the old session
2096 * ended our handle will be dead. It's important that
2097 * we do this after sleeping, so that we don't enter
2098 * an endless loop. */
2099 fd = safe_close(fd);
2104 r = reset_terminal_fd(fd, true);
2106 log_warning("Failed to reset terminal: %s", strerror(-r));
2117 int release_terminal(void) {
2118 static const struct sigaction sa_new = {
2119 .sa_handler = SIG_IGN,
2120 .sa_flags = SA_RESTART,
2123 _cleanup_close_ int fd = -1;
2124 struct sigaction sa_old;
2127 fd = open("/dev/tty", O_RDWR|O_NOCTTY|O_NDELAY|O_CLOEXEC);
2131 /* Temporarily ignore SIGHUP, so that we don't get SIGHUP'ed
2132 * by our own TIOCNOTTY */
2133 assert_se(sigaction(SIGHUP, &sa_new, &sa_old) == 0);
2135 if (ioctl(fd, TIOCNOTTY) < 0)
2138 assert_se(sigaction(SIGHUP, &sa_old, NULL) == 0);
2143 int sigaction_many(const struct sigaction *sa, ...) {
2148 while ((sig = va_arg(ap, int)) > 0)
2149 if (sigaction(sig, sa, NULL) < 0)
2156 int ignore_signals(int sig, ...) {
2157 struct sigaction sa = {
2158 .sa_handler = SIG_IGN,
2159 .sa_flags = SA_RESTART,
2164 if (sigaction(sig, &sa, NULL) < 0)
2168 while ((sig = va_arg(ap, int)) > 0)
2169 if (sigaction(sig, &sa, NULL) < 0)
2176 int default_signals(int sig, ...) {
2177 struct sigaction sa = {
2178 .sa_handler = SIG_DFL,
2179 .sa_flags = SA_RESTART,
2184 if (sigaction(sig, &sa, NULL) < 0)
2188 while ((sig = va_arg(ap, int)) > 0)
2189 if (sigaction(sig, &sa, NULL) < 0)
2196 void safe_close_pair(int p[]) {
2200 /* Special case pairs which use the same fd in both
2202 p[0] = p[1] = safe_close(p[0]);
2206 p[0] = safe_close(p[0]);
2207 p[1] = safe_close(p[1]);
2210 ssize_t loop_read(int fd, void *buf, size_t nbytes, bool do_poll) {
2217 while (nbytes > 0) {
2220 k = read(fd, p, nbytes);
2221 if (k < 0 && errno == EINTR)
2224 if (k < 0 && errno == EAGAIN && do_poll) {
2226 /* We knowingly ignore any return value here,
2227 * and expect that any error/EOF is reported
2230 fd_wait_for_event(fd, POLLIN, USEC_INFINITY);
2235 return n > 0 ? n : (k < 0 ? -errno : 0);
2245 ssize_t loop_write(int fd, const void *buf, size_t nbytes, bool do_poll) {
2246 const uint8_t *p = buf;
2252 while (nbytes > 0) {
2255 k = write(fd, p, nbytes);
2256 if (k < 0 && errno == EINTR)
2259 if (k < 0 && errno == EAGAIN && do_poll) {
2261 /* We knowingly ignore any return value here,
2262 * and expect that any error/EOF is reported
2265 fd_wait_for_event(fd, POLLOUT, USEC_INFINITY);
2270 return n > 0 ? n : (k < 0 ? -errno : 0);
2280 int parse_size(const char *t, off_t base, off_t *size) {
2282 /* Soo, sometimes we want to parse IEC binary suffxies, and
2283 * sometimes SI decimal suffixes. This function can parse
2284 * both. Which one is the right way depends on the
2285 * context. Wikipedia suggests that SI is customary for
2286 * hardrware metrics and network speeds, while IEC is
2287 * customary for most data sizes used by software and volatile
2288 * (RAM) memory. Hence be careful which one you pick!
2290 * In either case we use just K, M, G as suffix, and not Ki,
2291 * Mi, Gi or so (as IEC would suggest). That's because that's
2292 * frickin' ugly. But this means you really need to make sure
2293 * to document which base you are parsing when you use this
2298 unsigned long long factor;
2301 static const struct table iec[] = {
2302 { "E", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
2303 { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
2304 { "T", 1024ULL*1024ULL*1024ULL*1024ULL },
2305 { "G", 1024ULL*1024ULL*1024ULL },
2306 { "M", 1024ULL*1024ULL },
2312 static const struct table si[] = {
2313 { "E", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
2314 { "P", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
2315 { "T", 1000ULL*1000ULL*1000ULL*1000ULL },
2316 { "G", 1000ULL*1000ULL*1000ULL },
2317 { "M", 1000ULL*1000ULL },
2323 const struct table *table;
2325 unsigned long long r = 0;
2326 unsigned n_entries, start_pos = 0;
2329 assert(base == 1000 || base == 1024);
2334 n_entries = ELEMENTSOF(si);
2337 n_entries = ELEMENTSOF(iec);
2343 unsigned long long l2;
2349 l = strtoll(p, &e, 10);
2362 if (*e >= '0' && *e <= '9') {
2365 /* strotoull itself would accept space/+/- */
2366 l2 = strtoull(e, &e2, 10);
2368 if (errno == ERANGE)
2371 /* Ignore failure. E.g. 10.M is valid */
2378 e += strspn(e, WHITESPACE);
2380 for (i = start_pos; i < n_entries; i++)
2381 if (startswith(e, table[i].suffix)) {
2382 unsigned long long tmp;
2383 if ((unsigned long long) l + (frac > 0) > ULLONG_MAX / table[i].factor)
2385 tmp = l * table[i].factor + (unsigned long long) (frac * table[i].factor);
2386 if (tmp > ULLONG_MAX - r)
2390 if ((unsigned long long) (off_t) r != r)
2393 p = e + strlen(table[i].suffix);
2409 int make_stdio(int fd) {
2414 r = dup3(fd, STDIN_FILENO, 0);
2415 s = dup3(fd, STDOUT_FILENO, 0);
2416 t = dup3(fd, STDERR_FILENO, 0);
2421 if (r < 0 || s < 0 || t < 0)
2424 /* We rely here that the new fd has O_CLOEXEC not set */
2429 int make_null_stdio(void) {
2432 null_fd = open("/dev/null", O_RDWR|O_NOCTTY);
2436 return make_stdio(null_fd);
2439 bool is_device_path(const char *path) {
2441 /* Returns true on paths that refer to a device, either in
2442 * sysfs or in /dev */
2445 path_startswith(path, "/dev/") ||
2446 path_startswith(path, "/sys/");
2449 int dir_is_empty(const char *path) {
2450 _cleanup_closedir_ DIR *d;
2461 if (!de && errno != 0)
2467 if (!ignore_file(de->d_name))
2472 char* dirname_malloc(const char *path) {
2473 char *d, *dir, *dir2;
2490 int dev_urandom(void *p, size_t n) {
2491 static int have_syscall = -1;
2495 /* Gathers some randomness from the kernel. This call will
2496 * never block, and will always return some data from the
2497 * kernel, regardless if the random pool is fully initialized
2498 * or not. It thus makes no guarantee for the quality of the
2499 * returned entropy, but is good enough for or usual usecases
2500 * of seeding the hash functions for hashtable */
2502 /* Use the getrandom() syscall unless we know we don't have
2503 * it, or when the requested size is too large for it. */
2504 if (have_syscall != 0 || (size_t) (int) n != n) {
2505 r = getrandom(p, n, GRND_NONBLOCK);
2507 have_syscall = true;
2512 if (errno == ENOSYS)
2513 /* we lack the syscall, continue with
2514 * reading from /dev/urandom */
2515 have_syscall = false;
2516 else if (errno == EAGAIN)
2517 /* not enough entropy for now. Let's
2518 * remember to use the syscall the
2519 * next time, again, but also read
2520 * from /dev/urandom for now, which
2521 * doesn't care about the current
2522 * amount of entropy. */
2523 have_syscall = true;
2527 /* too short read? */
2531 fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC|O_NOCTTY);
2533 return errno == ENOENT ? -ENOSYS : -errno;
2535 k = loop_read(fd, p, n, true);
2540 if ((size_t) k != n)
2546 void initialize_srand(void) {
2547 static bool srand_called = false;
2549 #ifdef HAVE_SYS_AUXV_H
2558 #ifdef HAVE_SYS_AUXV_H
2559 /* The kernel provides us with a bit of entropy in auxv, so
2560 * let's try to make use of that to seed the pseudo-random
2561 * generator. It's better than nothing... */
2563 auxv = (void*) getauxval(AT_RANDOM);
2565 x ^= *(unsigned*) auxv;
2568 x ^= (unsigned) now(CLOCK_REALTIME);
2569 x ^= (unsigned) gettid();
2572 srand_called = true;
2575 void random_bytes(void *p, size_t n) {
2579 r = dev_urandom(p, n);
2583 /* If some idiot made /dev/urandom unavailable to us, he'll
2584 * get a PRNG instead. */
2588 for (q = p; q < (uint8_t*) p + n; q ++)
2592 void rename_process(const char name[8]) {
2595 /* This is a like a poor man's setproctitle(). It changes the
2596 * comm field, argv[0], and also the glibc's internally used
2597 * name of the process. For the first one a limit of 16 chars
2598 * applies, to the second one usually one of 10 (i.e. length
2599 * of "/sbin/init"), to the third one one of 7 (i.e. length of
2600 * "systemd"). If you pass a longer string it will be
2603 prctl(PR_SET_NAME, name);
2605 if (program_invocation_name)
2606 strncpy(program_invocation_name, name, strlen(program_invocation_name));
2608 if (saved_argc > 0) {
2612 strncpy(saved_argv[0], name, strlen(saved_argv[0]));
2614 for (i = 1; i < saved_argc; i++) {
2618 memzero(saved_argv[i], strlen(saved_argv[i]));
2623 void sigset_add_many(sigset_t *ss, ...) {
2630 while ((sig = va_arg(ap, int)) > 0)
2631 assert_se(sigaddset(ss, sig) == 0);
2635 int sigprocmask_many(int how, ...) {
2640 assert_se(sigemptyset(&ss) == 0);
2643 while ((sig = va_arg(ap, int)) > 0)
2644 assert_se(sigaddset(&ss, sig) == 0);
2647 if (sigprocmask(how, &ss, NULL) < 0)
2653 char* gethostname_malloc(void) {
2656 assert_se(uname(&u) >= 0);
2658 if (!isempty(u.nodename) && !streq(u.nodename, "(none)"))
2659 return strdup(u.nodename);
2661 return strdup(u.sysname);
2664 bool hostname_is_set(void) {
2667 assert_se(uname(&u) >= 0);
2669 return !isempty(u.nodename) && !streq(u.nodename, "(none)");
2672 char *lookup_uid(uid_t uid) {
2675 _cleanup_free_ char *buf = NULL;
2676 struct passwd pwbuf, *pw = NULL;
2678 /* Shortcut things to avoid NSS lookups */
2680 return strdup("root");
2682 bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
2686 buf = malloc(bufsize);
2690 if (getpwuid_r(uid, &pwbuf, buf, bufsize, &pw) == 0 && pw)
2691 return strdup(pw->pw_name);
2693 if (asprintf(&name, UID_FMT, uid) < 0)
2699 char* getlogname_malloc(void) {
2703 if (isatty(STDIN_FILENO) && fstat(STDIN_FILENO, &st) >= 0)
2708 return lookup_uid(uid);
2711 char *getusername_malloc(void) {
2718 return lookup_uid(getuid());
2721 int getttyname_malloc(int fd, char **r) {
2722 char path[PATH_MAX], *c;
2727 k = ttyname_r(fd, path, sizeof(path));
2733 c = strdup(startswith(path, "/dev/") ? path + 5 : path);
2741 int getttyname_harder(int fd, char **r) {
2745 k = getttyname_malloc(fd, &s);
2749 if (streq(s, "tty")) {
2751 return get_ctty(0, NULL, r);
2758 int get_ctty_devnr(pid_t pid, dev_t *d) {
2760 _cleanup_free_ char *line = NULL;
2762 unsigned long ttynr;
2766 p = procfs_file_alloca(pid, "stat");
2767 r = read_one_line_file(p, &line);
2771 p = strrchr(line, ')');
2781 "%*d " /* session */
2786 if (major(ttynr) == 0 && minor(ttynr) == 0)
2795 int get_ctty(pid_t pid, dev_t *_devnr, char **r) {
2796 char fn[sizeof("/dev/char/")-1 + 2*DECIMAL_STR_MAX(unsigned) + 1 + 1], *b = NULL;
2797 _cleanup_free_ char *s = NULL;
2804 k = get_ctty_devnr(pid, &devnr);
2808 sprintf(fn, "/dev/char/%u:%u", major(devnr), minor(devnr));
2810 k = readlink_malloc(fn, &s);
2816 /* This is an ugly hack */
2817 if (major(devnr) == 136) {
2818 asprintf(&b, "pts/%u", minor(devnr));
2822 /* Probably something like the ptys which have no
2823 * symlink in /dev/char. Let's return something
2824 * vaguely useful. */
2830 if (startswith(s, "/dev/"))
2832 else if (startswith(s, "../"))
2850 int rm_rf_children_dangerous(int fd, bool only_dirs, bool honour_sticky, struct stat *root_dev) {
2851 _cleanup_closedir_ DIR *d = NULL;
2856 /* This returns the first error we run into, but nevertheless
2857 * tries to go on. This closes the passed fd. */
2863 return errno == ENOENT ? 0 : -errno;
2868 bool is_dir, keep_around;
2875 if (errno != 0 && ret == 0)
2880 if (streq(de->d_name, ".") || streq(de->d_name, ".."))
2883 if (de->d_type == DT_UNKNOWN ||
2885 (de->d_type == DT_DIR && root_dev)) {
2886 if (fstatat(fd, de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
2887 if (ret == 0 && errno != ENOENT)
2892 is_dir = S_ISDIR(st.st_mode);
2895 (st.st_uid == 0 || st.st_uid == getuid()) &&
2896 (st.st_mode & S_ISVTX);
2898 is_dir = de->d_type == DT_DIR;
2899 keep_around = false;
2905 /* if root_dev is set, remove subdirectories only, if device is same as dir */
2906 if (root_dev && st.st_dev != root_dev->st_dev)
2909 subdir_fd = openat(fd, de->d_name,
2910 O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
2911 if (subdir_fd < 0) {
2912 if (ret == 0 && errno != ENOENT)
2917 r = rm_rf_children_dangerous(subdir_fd, only_dirs, honour_sticky, root_dev);
2918 if (r < 0 && ret == 0)
2922 if (unlinkat(fd, de->d_name, AT_REMOVEDIR) < 0) {
2923 if (ret == 0 && errno != ENOENT)
2927 } else if (!only_dirs && !keep_around) {
2929 if (unlinkat(fd, de->d_name, 0) < 0) {
2930 if (ret == 0 && errno != ENOENT)
2937 _pure_ static int is_temporary_fs(struct statfs *s) {
2940 return F_TYPE_EQUAL(s->f_type, TMPFS_MAGIC) ||
2941 F_TYPE_EQUAL(s->f_type, RAMFS_MAGIC);
2944 int rm_rf_children(int fd, bool only_dirs, bool honour_sticky, struct stat *root_dev) {
2949 if (fstatfs(fd, &s) < 0) {
2954 /* We refuse to clean disk file systems with this call. This
2955 * is extra paranoia just to be sure we never ever remove
2957 if (!is_temporary_fs(&s)) {
2958 log_error("Attempted to remove disk file system, and we can't allow that.");
2963 return rm_rf_children_dangerous(fd, only_dirs, honour_sticky, root_dev);
2966 static int file_is_priv_sticky(const char *p) {
2971 if (lstat(p, &st) < 0)
2975 (st.st_uid == 0 || st.st_uid == getuid()) &&
2976 (st.st_mode & S_ISVTX);
2979 static int rm_rf_internal(const char *path, bool only_dirs, bool delete_root, bool honour_sticky, bool dangerous) {
2985 /* We refuse to clean the root file system with this
2986 * call. This is extra paranoia to never cause a really
2987 * seriously broken system. */
2988 if (path_equal(path, "/")) {
2989 log_error("Attempted to remove entire root file system, and we can't allow that.");
2993 fd = open(path, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
2996 if (errno != ENOTDIR)
3000 if (statfs(path, &s) < 0)
3003 if (!is_temporary_fs(&s)) {
3004 log_error("Attempted to remove disk file system, and we can't allow that.");
3009 if (delete_root && !only_dirs)
3010 if (unlink(path) < 0 && errno != ENOENT)
3017 if (fstatfs(fd, &s) < 0) {
3022 if (!is_temporary_fs(&s)) {
3023 log_error("Attempted to remove disk file system, and we can't allow that.");
3029 r = rm_rf_children_dangerous(fd, only_dirs, honour_sticky, NULL);
3032 if (honour_sticky && file_is_priv_sticky(path) > 0)
3035 if (rmdir(path) < 0 && errno != ENOENT) {
3044 int rm_rf(const char *path, bool only_dirs, bool delete_root, bool honour_sticky) {
3045 return rm_rf_internal(path, only_dirs, delete_root, honour_sticky, false);
3048 int rm_rf_dangerous(const char *path, bool only_dirs, bool delete_root, bool honour_sticky) {
3049 return rm_rf_internal(path, only_dirs, delete_root, honour_sticky, true);
3052 int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid) {
3055 /* Under the assumption that we are running privileged we
3056 * first change the access mode and only then hand out
3057 * ownership to avoid a window where access is too open. */
3059 if (mode != (mode_t) -1)
3060 if (chmod(path, mode) < 0)
3063 if (uid != (uid_t) -1 || gid != (gid_t) -1)
3064 if (chown(path, uid, gid) < 0)
3070 int fchmod_and_fchown(int fd, mode_t mode, uid_t uid, gid_t gid) {
3073 /* Under the assumption that we are running privileged we
3074 * first change the access mode and only then hand out
3075 * ownership to avoid a window where access is too open. */
3077 if (mode != (mode_t) -1)
3078 if (fchmod(fd, mode) < 0)
3081 if (uid != (uid_t) -1 || gid != (gid_t) -1)
3082 if (fchown(fd, uid, gid) < 0)
3088 cpu_set_t* cpu_set_malloc(unsigned *ncpus) {
3092 /* Allocates the cpuset in the right size */
3095 if (!(r = CPU_ALLOC(n)))
3098 if (sched_getaffinity(0, CPU_ALLOC_SIZE(n), r) >= 0) {
3099 CPU_ZERO_S(CPU_ALLOC_SIZE(n), r);
3109 if (errno != EINVAL)
3116 int status_vprintf(const char *status, bool ellipse, bool ephemeral, const char *format, va_list ap) {
3117 static const char status_indent[] = " "; /* "[" STATUS "] " */
3118 _cleanup_free_ char *s = NULL;
3119 _cleanup_close_ int fd = -1;
3120 struct iovec iovec[6] = {};
3122 static bool prev_ephemeral;
3126 /* This is independent of logging, as status messages are
3127 * optional and go exclusively to the console. */
3129 if (vasprintf(&s, format, ap) < 0)
3132 fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
3145 sl = status ? sizeof(status_indent)-1 : 0;
3151 e = ellipsize(s, emax, 50);
3159 IOVEC_SET_STRING(iovec[n++], "\r" ANSI_ERASE_TO_END_OF_LINE);
3160 prev_ephemeral = ephemeral;
3163 if (!isempty(status)) {
3164 IOVEC_SET_STRING(iovec[n++], "[");
3165 IOVEC_SET_STRING(iovec[n++], status);
3166 IOVEC_SET_STRING(iovec[n++], "] ");
3168 IOVEC_SET_STRING(iovec[n++], status_indent);
3171 IOVEC_SET_STRING(iovec[n++], s);
3173 IOVEC_SET_STRING(iovec[n++], "\n");
3175 if (writev(fd, iovec, n) < 0)
3181 int status_printf(const char *status, bool ellipse, bool ephemeral, const char *format, ...) {
3187 va_start(ap, format);
3188 r = status_vprintf(status, ellipse, ephemeral, format, ap);
3194 char *replace_env(const char *format, char **env) {
3201 const char *e, *word = format;
3206 for (e = format; *e; e ++) {
3217 k = strnappend(r, word, e-word-1);
3227 } else if (*e == '$') {
3228 k = strnappend(r, word, e-word);
3245 t = strempty(strv_env_get_n(env, word+2, e-word-2));
3247 k = strappend(r, t);
3261 k = strnappend(r, word, e-word);
3273 char **replace_env_argv(char **argv, char **env) {
3275 unsigned k = 0, l = 0;
3277 l = strv_length(argv);
3279 ret = new(char*, l+1);
3283 STRV_FOREACH(i, argv) {
3285 /* If $FOO appears as single word, replace it by the split up variable */
3286 if ((*i)[0] == '$' && (*i)[1] != '{') {
3291 e = strv_env_get(env, *i+1);
3295 r = strv_split_quoted(&m, e);
3307 w = realloc(ret, sizeof(char*) * (l+1));
3317 memcpy(ret + k, m, q * sizeof(char*));
3325 /* If ${FOO} appears as part of a word, replace it by the variable as-is */
3326 ret[k] = replace_env(*i, env);
3338 int fd_columns(int fd) {
3339 struct winsize ws = {};
3341 if (ioctl(fd, TIOCGWINSZ, &ws) < 0)
3350 unsigned columns(void) {
3354 if (_likely_(cached_columns > 0))
3355 return cached_columns;
3358 e = getenv("COLUMNS");
3360 (void) safe_atoi(e, &c);
3363 c = fd_columns(STDOUT_FILENO);
3372 int fd_lines(int fd) {
3373 struct winsize ws = {};
3375 if (ioctl(fd, TIOCGWINSZ, &ws) < 0)
3384 unsigned lines(void) {
3388 if (_likely_(cached_lines > 0))
3389 return cached_lines;
3392 e = getenv("LINES");
3394 (void) safe_atou(e, &l);
3397 l = fd_lines(STDOUT_FILENO);
3403 return cached_lines;
3406 /* intended to be used as a SIGWINCH sighandler */
3407 void columns_lines_cache_reset(int signum) {
3413 static int cached_on_tty = -1;
3415 if (_unlikely_(cached_on_tty < 0))
3416 cached_on_tty = isatty(STDOUT_FILENO) > 0;
3418 return cached_on_tty;
3421 int files_same(const char *filea, const char *fileb) {
3424 if (stat(filea, &a) < 0)
3427 if (stat(fileb, &b) < 0)
3430 return a.st_dev == b.st_dev &&
3431 a.st_ino == b.st_ino;
3434 int running_in_chroot(void) {
3437 ret = files_same("/proc/1/root", "/");
3444 static char *ascii_ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigned percent) {
3449 assert(percent <= 100);
3450 assert(new_length >= 3);
3452 if (old_length <= 3 || old_length <= new_length)
3453 return strndup(s, old_length);
3455 r = new0(char, new_length+1);
3459 x = (new_length * percent) / 100;
3461 if (x > new_length - 3)
3469 s + old_length - (new_length - x - 3),
3470 new_length - x - 3);
3475 char *ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigned percent) {
3479 unsigned k, len, len2;
3482 assert(percent <= 100);
3483 assert(new_length >= 3);
3485 /* if no multibyte characters use ascii_ellipsize_mem for speed */
3486 if (ascii_is_valid(s))
3487 return ascii_ellipsize_mem(s, old_length, new_length, percent);
3489 if (old_length <= 3 || old_length <= new_length)
3490 return strndup(s, old_length);
3492 x = (new_length * percent) / 100;
3494 if (x > new_length - 3)
3498 for (i = s; k < x && i < s + old_length; i = utf8_next_char(i)) {
3501 c = utf8_encoded_to_unichar(i);
3504 k += unichar_iswide(c) ? 2 : 1;
3507 if (k > x) /* last character was wide and went over quota */
3510 for (j = s + old_length; k < new_length && j > i; ) {
3513 j = utf8_prev_char(j);
3514 c = utf8_encoded_to_unichar(j);
3517 k += unichar_iswide(c) ? 2 : 1;
3521 /* we don't actually need to ellipsize */
3523 return memdup(s, old_length + 1);
3525 /* make space for ellipsis */
3526 j = utf8_next_char(j);
3529 len2 = s + old_length - j;
3530 e = new(char, len + 3 + len2 + 1);
3535 printf("old_length=%zu new_length=%zu x=%zu len=%u len2=%u k=%u\n",
3536 old_length, new_length, x, len, len2, k);
3540 e[len] = 0xe2; /* tri-dot ellipsis: … */
3544 memcpy(e + len + 3, j, len2 + 1);
3549 char *ellipsize(const char *s, size_t length, unsigned percent) {
3550 return ellipsize_mem(s, strlen(s), length, percent);
3553 int touch_file(const char *path, bool parents, usec_t stamp, uid_t uid, gid_t gid, mode_t mode) {
3554 _cleanup_close_ int fd;
3560 mkdir_parents(path, 0755);
3562 fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY, mode > 0 ? mode : 0644);
3567 r = fchmod(fd, mode);
3572 if (uid != (uid_t) -1 || gid != (gid_t) -1) {
3573 r = fchown(fd, uid, gid);
3578 if (stamp != USEC_INFINITY) {
3579 struct timespec ts[2];
3581 timespec_store(&ts[0], stamp);
3583 r = futimens(fd, ts);
3585 r = futimens(fd, NULL);
3592 int touch(const char *path) {
3593 return touch_file(path, false, USEC_INFINITY, (uid_t) -1, (gid_t) -1, 0);
3596 char *unquote(const char *s, const char* quotes) {
3600 /* This is rather stupid, simply removes the heading and
3601 * trailing quotes if there is one. Doesn't care about
3602 * escaping or anything. We should make this smarter one
3609 if (strchr(quotes, s[0]) && s[l-1] == s[0])
3610 return strndup(s+1, l-2);
3615 char *normalize_env_assignment(const char *s) {
3616 _cleanup_free_ char *value = NULL;
3620 eq = strchr(s, '=');
3630 memmove(r, t, strlen(t) + 1);
3635 name = strndupa(s, eq - s);
3636 p = strdupa(eq + 1);
3638 value = unquote(strstrip(p), QUOTES);
3642 return strjoin(strstrip(name), "=", value, NULL);
3645 int wait_for_terminate(pid_t pid, siginfo_t *status) {
3656 if (waitid(P_PID, pid, status, WEXITED) < 0) {
3670 * < 0 : wait_for_terminate() failed to get the state of the
3671 * process, the process was terminated by a signal, or
3672 * failed for an unknown reason.
3673 * >=0 : The process terminated normally, and its exit code is
3676 * That is, success is indicated by a return value of zero, and an
3677 * error is indicated by a non-zero value.
3679 int wait_for_terminate_and_warn(const char *name, pid_t pid) {
3686 r = wait_for_terminate(pid, &status);
3688 log_warning("Failed to wait for %s: %s", name, strerror(-r));
3692 if (status.si_code == CLD_EXITED) {
3693 if (status.si_status != 0) {
3694 log_warning("%s failed with error code %i.", name, status.si_status);
3695 return status.si_status;
3698 log_debug("%s succeeded.", name);
3701 } else if (status.si_code == CLD_KILLED ||
3702 status.si_code == CLD_DUMPED) {
3704 log_warning("%s terminated by signal %s.", name, signal_to_string(status.si_status));
3708 log_warning("%s failed due to unknown reason.", name);
3712 noreturn void freeze(void) {
3714 /* Make sure nobody waits for us on a socket anymore */
3715 close_all_fds(NULL, 0);
3723 bool null_or_empty(struct stat *st) {
3726 if (S_ISREG(st->st_mode) && st->st_size <= 0)
3729 if (S_ISCHR(st->st_mode) || S_ISBLK(st->st_mode))
3735 int null_or_empty_path(const char *fn) {
3740 if (stat(fn, &st) < 0)
3743 return null_or_empty(&st);
3746 int null_or_empty_fd(int fd) {
3751 if (fstat(fd, &st) < 0)
3754 return null_or_empty(&st);
3757 DIR *xopendirat(int fd, const char *name, int flags) {
3761 assert(!(flags & O_CREAT));
3763 nfd = openat(fd, name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|flags, 0);
3776 int signal_from_string_try_harder(const char *s) {
3780 signo = signal_from_string(s);
3782 if (startswith(s, "SIG"))
3783 return signal_from_string(s+3);
3788 static char *tag_to_udev_node(const char *tagvalue, const char *by) {
3789 _cleanup_free_ char *t = NULL, *u = NULL;
3792 u = unquote(tagvalue, "\"\'");
3796 enc_len = strlen(u) * 4 + 1;
3797 t = new(char, enc_len);
3801 if (encode_devnode_name(u, t, enc_len) < 0)
3804 return strjoin("/dev/disk/by-", by, "/", t, NULL);
3807 char *fstab_node_to_udev_node(const char *p) {
3810 if (startswith(p, "LABEL="))
3811 return tag_to_udev_node(p+6, "label");
3813 if (startswith(p, "UUID="))
3814 return tag_to_udev_node(p+5, "uuid");
3816 if (startswith(p, "PARTUUID="))
3817 return tag_to_udev_node(p+9, "partuuid");
3819 if (startswith(p, "PARTLABEL="))
3820 return tag_to_udev_node(p+10, "partlabel");
3825 bool tty_is_vc(const char *tty) {
3828 return vtnr_from_tty(tty) >= 0;
3831 bool tty_is_console(const char *tty) {
3834 if (startswith(tty, "/dev/"))
3837 return streq(tty, "console");
3840 int vtnr_from_tty(const char *tty) {
3845 if (startswith(tty, "/dev/"))
3848 if (!startswith(tty, "tty") )
3851 if (tty[3] < '0' || tty[3] > '9')
3854 r = safe_atoi(tty+3, &i);
3858 if (i < 0 || i > 63)
3864 char *resolve_dev_console(char **active) {
3867 /* Resolve where /dev/console is pointing to, if /sys is actually ours
3868 * (i.e. not read-only-mounted which is a sign for container setups) */
3870 if (path_is_read_only_fs("/sys") > 0)
3873 if (read_one_line_file("/sys/class/tty/console/active", active) < 0)
3876 /* If multiple log outputs are configured the last one is what
3877 * /dev/console points to */
3878 tty = strrchr(*active, ' ');
3884 if (streq(tty, "tty0")) {
3887 /* Get the active VC (e.g. tty1) */
3888 if (read_one_line_file("/sys/class/tty/tty0/active", &tmp) >= 0) {
3890 tty = *active = tmp;
3897 bool tty_is_vc_resolve(const char *tty) {
3898 _cleanup_free_ char *active = NULL;
3902 if (startswith(tty, "/dev/"))
3905 if (streq(tty, "console")) {
3906 tty = resolve_dev_console(&active);
3911 return tty_is_vc(tty);
3914 const char *default_term_for_tty(const char *tty) {
3917 return tty_is_vc_resolve(tty) ? "TERM=linux" : "TERM=vt102";
3920 bool dirent_is_file(const struct dirent *de) {
3923 if (ignore_file(de->d_name))
3926 if (de->d_type != DT_REG &&
3927 de->d_type != DT_LNK &&
3928 de->d_type != DT_UNKNOWN)
3934 bool dirent_is_file_with_suffix(const struct dirent *de, const char *suffix) {
3937 if (de->d_type != DT_REG &&
3938 de->d_type != DT_LNK &&
3939 de->d_type != DT_UNKNOWN)
3942 if (ignore_file_allow_backup(de->d_name))
3945 return endswith(de->d_name, suffix);
3948 void execute_directory(const char *directory, DIR *d, usec_t timeout, char *argv[]) {
3954 /* Executes all binaries in a directory in parallel and waits
3955 * for them to finish. Optionally a timeout is applied. */
3957 executor_pid = fork();
3958 if (executor_pid < 0) {
3959 log_error("Failed to fork: %m");
3962 } else if (executor_pid == 0) {
3963 _cleanup_hashmap_free_free_ Hashmap *pids = NULL;
3964 _cleanup_closedir_ DIR *_d = NULL;
3967 /* We fork this all off from a child process so that
3968 * we can somewhat cleanly make use of SIGALRM to set
3971 reset_all_signal_handlers();
3972 reset_signal_mask();
3974 assert_se(prctl(PR_SET_PDEATHSIG, SIGTERM) == 0);
3977 d = _d = opendir(directory);
3979 if (errno == ENOENT)
3980 _exit(EXIT_SUCCESS);
3982 log_error("Failed to enumerate directory %s: %m", directory);
3983 _exit(EXIT_FAILURE);
3987 pids = hashmap_new(NULL);
3990 _exit(EXIT_FAILURE);
3993 FOREACH_DIRENT(de, d, break) {
3994 _cleanup_free_ char *path = NULL;
3997 if (!dirent_is_file(de))
4000 path = strjoin(directory, "/", de->d_name, NULL);
4003 _exit(EXIT_FAILURE);
4008 log_error("Failed to fork: %m");
4010 } else if (pid == 0) {
4013 assert_se(prctl(PR_SET_PDEATHSIG, SIGTERM) == 0);
4023 log_error("Failed to execute %s: %m", path);
4024 _exit(EXIT_FAILURE);
4027 log_debug("Spawned %s as " PID_FMT ".", path, pid);
4029 r = hashmap_put(pids, UINT_TO_PTR(pid), path);
4032 _exit(EXIT_FAILURE);
4038 /* Abort execution of this process after the
4039 * timout. We simply rely on SIGALRM as default action
4040 * terminating the process, and turn on alarm(). */
4042 if (timeout != USEC_INFINITY)
4043 alarm((timeout + USEC_PER_SEC - 1) / USEC_PER_SEC);
4045 while (!hashmap_isempty(pids)) {
4046 _cleanup_free_ char *path = NULL;
4049 pid = PTR_TO_UINT(hashmap_first_key(pids));
4052 path = hashmap_remove(pids, UINT_TO_PTR(pid));
4055 wait_for_terminate_and_warn(path, pid);
4058 _exit(EXIT_SUCCESS);
4061 wait_for_terminate_and_warn(directory, executor_pid);
4064 int kill_and_sigcont(pid_t pid, int sig) {
4067 r = kill(pid, sig) < 0 ? -errno : 0;
4075 bool nulstr_contains(const char*nulstr, const char *needle) {
4081 NULSTR_FOREACH(i, nulstr)
4082 if (streq(i, needle))
4088 bool plymouth_running(void) {
4089 return access("/run/plymouth/pid", F_OK) >= 0;
4092 char* strshorten(char *s, size_t l) {
4101 static bool hostname_valid_char(char c) {
4103 (c >= 'a' && c <= 'z') ||
4104 (c >= 'A' && c <= 'Z') ||
4105 (c >= '0' && c <= '9') ||
4111 bool hostname_is_valid(const char *s) {
4118 for (p = s, dot = true; *p; p++) {
4125 if (!hostname_valid_char(*p))
4135 if (p-s > HOST_NAME_MAX)
4141 char* hostname_cleanup(char *s, bool lowercase) {
4145 for (p = s, d = s, dot = true; *p; p++) {
4152 } else if (hostname_valid_char(*p)) {
4153 *(d++) = lowercase ? tolower(*p) : *p;
4164 strshorten(s, HOST_NAME_MAX);
4169 bool machine_name_is_valid(const char *s) {
4171 if (!hostname_is_valid(s))
4174 /* Machine names should be useful hostnames, but also be
4175 * useful in unit names, hence we enforce a stricter length
4184 int pipe_eof(int fd) {
4185 struct pollfd pollfd = {
4187 .events = POLLIN|POLLHUP,
4192 r = poll(&pollfd, 1, 0);
4199 return pollfd.revents & POLLHUP;
4202 int fd_wait_for_event(int fd, int event, usec_t t) {
4204 struct pollfd pollfd = {
4212 r = ppoll(&pollfd, 1, t == USEC_INFINITY ? NULL : timespec_store(&ts, t), NULL);
4219 return pollfd.revents;
4222 int fopen_temporary(const char *path, FILE **_f, char **_temp_path) {
4231 t = tempfn_xxxxxx(path);
4235 fd = mkostemp_safe(t, O_WRONLY|O_CLOEXEC);
4241 f = fdopen(fd, "we");
4254 int terminal_vhangup_fd(int fd) {
4257 if (ioctl(fd, TIOCVHANGUP) < 0)
4263 int terminal_vhangup(const char *name) {
4264 _cleanup_close_ int fd;
4266 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
4270 return terminal_vhangup_fd(fd);
4273 int vt_disallocate(const char *name) {
4277 /* Deallocate the VT if possible. If not possible
4278 * (i.e. because it is the active one), at least clear it
4279 * entirely (including the scrollback buffer) */
4281 if (!startswith(name, "/dev/"))
4284 if (!tty_is_vc(name)) {
4285 /* So this is not a VT. I guess we cannot deallocate
4286 * it then. But let's at least clear the screen */
4288 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
4293 "\033[r" /* clear scrolling region */
4294 "\033[H" /* move home */
4295 "\033[2J", /* clear screen */
4302 if (!startswith(name, "/dev/tty"))
4305 r = safe_atou(name+8, &u);
4312 /* Try to deallocate */
4313 fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
4317 r = ioctl(fd, VT_DISALLOCATE, u);
4326 /* Couldn't deallocate, so let's clear it fully with
4328 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
4333 "\033[r" /* clear scrolling region */
4334 "\033[H" /* move home */
4335 "\033[3J", /* clear screen including scrollback, requires Linux 2.6.40 */
4342 int symlink_atomic(const char *from, const char *to) {
4343 _cleanup_free_ char *t = NULL;
4348 t = tempfn_random(to);
4352 if (symlink(from, t) < 0)
4355 if (rename(t, to) < 0) {
4363 int mknod_atomic(const char *path, mode_t mode, dev_t dev) {
4364 _cleanup_free_ char *t = NULL;
4368 t = tempfn_random(path);
4372 if (mknod(t, mode, dev) < 0)
4375 if (rename(t, path) < 0) {
4383 int mkfifo_atomic(const char *path, mode_t mode) {
4384 _cleanup_free_ char *t = NULL;
4388 t = tempfn_random(path);
4392 if (mkfifo(t, mode) < 0)
4395 if (rename(t, path) < 0) {
4403 bool display_is_local(const char *display) {
4407 display[0] == ':' &&
4408 display[1] >= '0' &&
4412 int socket_from_display(const char *display, char **path) {
4419 if (!display_is_local(display))
4422 k = strspn(display+1, "0123456789");
4424 f = new(char, strlen("/tmp/.X11-unix/X") + k + 1);
4428 c = stpcpy(f, "/tmp/.X11-unix/X");
4429 memcpy(c, display+1, k);
4438 const char **username,
4439 uid_t *uid, gid_t *gid,
4441 const char **shell) {
4449 /* We enforce some special rules for uid=0: in order to avoid
4450 * NSS lookups for root we hardcode its data. */
4452 if (streq(*username, "root") || streq(*username, "0")) {
4470 if (parse_uid(*username, &u) >= 0) {
4474 /* If there are multiple users with the same id, make
4475 * sure to leave $USER to the configured value instead
4476 * of the first occurrence in the database. However if
4477 * the uid was configured by a numeric uid, then let's
4478 * pick the real username from /etc/passwd. */
4480 *username = p->pw_name;
4483 p = getpwnam(*username);
4487 return errno > 0 ? -errno : -ESRCH;
4499 *shell = p->pw_shell;
4504 char* uid_to_name(uid_t uid) {
4509 return strdup("root");
4513 return strdup(p->pw_name);
4515 if (asprintf(&r, UID_FMT, uid) < 0)
4521 char* gid_to_name(gid_t gid) {
4526 return strdup("root");
4530 return strdup(p->gr_name);
4532 if (asprintf(&r, GID_FMT, gid) < 0)
4538 int get_group_creds(const char **groupname, gid_t *gid) {
4544 /* We enforce some special rules for gid=0: in order to avoid
4545 * NSS lookups for root we hardcode its data. */
4547 if (streq(*groupname, "root") || streq(*groupname, "0")) {
4548 *groupname = "root";
4556 if (parse_gid(*groupname, &id) >= 0) {
4561 *groupname = g->gr_name;
4564 g = getgrnam(*groupname);
4568 return errno > 0 ? -errno : -ESRCH;
4576 int in_gid(gid_t gid) {
4578 int ngroups_max, r, i;
4580 if (getgid() == gid)
4583 if (getegid() == gid)
4586 ngroups_max = sysconf(_SC_NGROUPS_MAX);
4587 assert(ngroups_max > 0);
4589 gids = alloca(sizeof(gid_t) * ngroups_max);
4591 r = getgroups(ngroups_max, gids);
4595 for (i = 0; i < r; i++)
4602 int in_group(const char *name) {
4606 r = get_group_creds(&name, &gid);
4613 int glob_exists(const char *path) {
4614 _cleanup_globfree_ glob_t g = {};
4620 k = glob(path, GLOB_NOSORT|GLOB_BRACE, NULL, &g);
4622 if (k == GLOB_NOMATCH)
4624 else if (k == GLOB_NOSPACE)
4627 return !strv_isempty(g.gl_pathv);
4629 return errno ? -errno : -EIO;
4632 int glob_extend(char ***strv, const char *path) {
4633 _cleanup_globfree_ glob_t g = {};
4638 k = glob(path, GLOB_NOSORT|GLOB_BRACE, NULL, &g);
4640 if (k == GLOB_NOMATCH)
4642 else if (k == GLOB_NOSPACE)
4644 else if (k != 0 || strv_isempty(g.gl_pathv))
4645 return errno ? -errno : -EIO;
4647 STRV_FOREACH(p, g.gl_pathv) {
4648 k = strv_extend(strv, *p);
4656 int dirent_ensure_type(DIR *d, struct dirent *de) {
4662 if (de->d_type != DT_UNKNOWN)
4665 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
4669 S_ISREG(st.st_mode) ? DT_REG :
4670 S_ISDIR(st.st_mode) ? DT_DIR :
4671 S_ISLNK(st.st_mode) ? DT_LNK :
4672 S_ISFIFO(st.st_mode) ? DT_FIFO :
4673 S_ISSOCK(st.st_mode) ? DT_SOCK :
4674 S_ISCHR(st.st_mode) ? DT_CHR :
4675 S_ISBLK(st.st_mode) ? DT_BLK :
4681 int get_files_in_directory(const char *path, char ***list) {
4682 _cleanup_closedir_ DIR *d = NULL;
4683 size_t bufsize = 0, n = 0;
4684 _cleanup_strv_free_ char **l = NULL;
4688 /* Returns all files in a directory in *list, and the number
4689 * of files as return value. If list is NULL returns only the
4701 if (!de && errno != 0)
4706 dirent_ensure_type(d, de);
4708 if (!dirent_is_file(de))
4712 /* one extra slot is needed for the terminating NULL */
4713 if (!GREEDY_REALLOC(l, bufsize, n + 2))
4716 l[n] = strdup(de->d_name);
4727 l = NULL; /* avoid freeing */
4733 char *strjoin(const char *x, ...) {
4747 t = va_arg(ap, const char *);
4752 if (n > ((size_t) -1) - l) {
4776 t = va_arg(ap, const char *);
4790 bool is_main_thread(void) {
4791 static thread_local int cached = 0;
4793 if (_unlikely_(cached == 0))
4794 cached = getpid() == gettid() ? 1 : -1;
4799 int block_get_whole_disk(dev_t d, dev_t *ret) {
4806 /* If it has a queue this is good enough for us */
4807 if (asprintf(&p, "/sys/dev/block/%u:%u/queue", major(d), minor(d)) < 0)
4810 r = access(p, F_OK);
4818 /* If it is a partition find the originating device */
4819 if (asprintf(&p, "/sys/dev/block/%u:%u/partition", major(d), minor(d)) < 0)
4822 r = access(p, F_OK);
4828 /* Get parent dev_t */
4829 if (asprintf(&p, "/sys/dev/block/%u:%u/../dev", major(d), minor(d)) < 0)
4832 r = read_one_line_file(p, &s);
4838 r = sscanf(s, "%u:%u", &m, &n);
4844 /* Only return this if it is really good enough for us. */
4845 if (asprintf(&p, "/sys/dev/block/%u:%u/queue", m, n) < 0)
4848 r = access(p, F_OK);
4852 *ret = makedev(m, n);
4859 static const char *const ioprio_class_table[] = {
4860 [IOPRIO_CLASS_NONE] = "none",
4861 [IOPRIO_CLASS_RT] = "realtime",
4862 [IOPRIO_CLASS_BE] = "best-effort",
4863 [IOPRIO_CLASS_IDLE] = "idle"
4866 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ioprio_class, int, INT_MAX);
4868 static const char *const sigchld_code_table[] = {
4869 [CLD_EXITED] = "exited",
4870 [CLD_KILLED] = "killed",
4871 [CLD_DUMPED] = "dumped",
4872 [CLD_TRAPPED] = "trapped",
4873 [CLD_STOPPED] = "stopped",
4874 [CLD_CONTINUED] = "continued",
4877 DEFINE_STRING_TABLE_LOOKUP(sigchld_code, int);
4879 static const char *const log_facility_unshifted_table[LOG_NFACILITIES] = {
4880 [LOG_FAC(LOG_KERN)] = "kern",
4881 [LOG_FAC(LOG_USER)] = "user",
4882 [LOG_FAC(LOG_MAIL)] = "mail",
4883 [LOG_FAC(LOG_DAEMON)] = "daemon",
4884 [LOG_FAC(LOG_AUTH)] = "auth",
4885 [LOG_FAC(LOG_SYSLOG)] = "syslog",
4886 [LOG_FAC(LOG_LPR)] = "lpr",
4887 [LOG_FAC(LOG_NEWS)] = "news",
4888 [LOG_FAC(LOG_UUCP)] = "uucp",
4889 [LOG_FAC(LOG_CRON)] = "cron",
4890 [LOG_FAC(LOG_AUTHPRIV)] = "authpriv",
4891 [LOG_FAC(LOG_FTP)] = "ftp",
4892 [LOG_FAC(LOG_LOCAL0)] = "local0",
4893 [LOG_FAC(LOG_LOCAL1)] = "local1",
4894 [LOG_FAC(LOG_LOCAL2)] = "local2",
4895 [LOG_FAC(LOG_LOCAL3)] = "local3",
4896 [LOG_FAC(LOG_LOCAL4)] = "local4",
4897 [LOG_FAC(LOG_LOCAL5)] = "local5",
4898 [LOG_FAC(LOG_LOCAL6)] = "local6",
4899 [LOG_FAC(LOG_LOCAL7)] = "local7"
4902 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(log_facility_unshifted, int, LOG_FAC(~0));
4904 static const char *const log_level_table[] = {
4905 [LOG_EMERG] = "emerg",
4906 [LOG_ALERT] = "alert",
4907 [LOG_CRIT] = "crit",
4909 [LOG_WARNING] = "warning",
4910 [LOG_NOTICE] = "notice",
4911 [LOG_INFO] = "info",
4912 [LOG_DEBUG] = "debug"
4915 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(log_level, int, LOG_DEBUG);
4917 static const char* const sched_policy_table[] = {
4918 [SCHED_OTHER] = "other",
4919 [SCHED_BATCH] = "batch",
4920 [SCHED_IDLE] = "idle",
4921 [SCHED_FIFO] = "fifo",
4925 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(sched_policy, int, INT_MAX);
4927 static const char* const rlimit_table[_RLIMIT_MAX] = {
4928 [RLIMIT_CPU] = "LimitCPU",
4929 [RLIMIT_FSIZE] = "LimitFSIZE",
4930 [RLIMIT_DATA] = "LimitDATA",
4931 [RLIMIT_STACK] = "LimitSTACK",
4932 [RLIMIT_CORE] = "LimitCORE",
4933 [RLIMIT_RSS] = "LimitRSS",
4934 [RLIMIT_NOFILE] = "LimitNOFILE",
4935 [RLIMIT_AS] = "LimitAS",
4936 [RLIMIT_NPROC] = "LimitNPROC",
4937 [RLIMIT_MEMLOCK] = "LimitMEMLOCK",
4938 [RLIMIT_LOCKS] = "LimitLOCKS",
4939 [RLIMIT_SIGPENDING] = "LimitSIGPENDING",
4940 [RLIMIT_MSGQUEUE] = "LimitMSGQUEUE",
4941 [RLIMIT_NICE] = "LimitNICE",
4942 [RLIMIT_RTPRIO] = "LimitRTPRIO",
4943 [RLIMIT_RTTIME] = "LimitRTTIME"
4946 DEFINE_STRING_TABLE_LOOKUP(rlimit, int);
4948 static const char* const ip_tos_table[] = {
4949 [IPTOS_LOWDELAY] = "low-delay",
4950 [IPTOS_THROUGHPUT] = "throughput",
4951 [IPTOS_RELIABILITY] = "reliability",
4952 [IPTOS_LOWCOST] = "low-cost",
4955 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ip_tos, int, 0xff);
4957 static const char *const __signal_table[] = {
4974 [SIGSTKFLT] = "STKFLT", /* Linux on SPARC doesn't know SIGSTKFLT */
4985 [SIGVTALRM] = "VTALRM",
4987 [SIGWINCH] = "WINCH",
4993 DEFINE_PRIVATE_STRING_TABLE_LOOKUP(__signal, int);
4995 const char *signal_to_string(int signo) {
4996 static thread_local char buf[sizeof("RTMIN+")-1 + DECIMAL_STR_MAX(int) + 1];
4999 name = __signal_to_string(signo);
5003 if (signo >= SIGRTMIN && signo <= SIGRTMAX)
5004 snprintf(buf, sizeof(buf), "RTMIN+%d", signo - SIGRTMIN);
5006 snprintf(buf, sizeof(buf), "%d", signo);
5011 int signal_from_string(const char *s) {
5016 signo = __signal_from_string(s);
5020 if (startswith(s, "RTMIN+")) {
5024 if (safe_atou(s, &u) >= 0) {
5025 signo = (int) u + offset;
5026 if (signo > 0 && signo < _NSIG)
5032 bool kexec_loaded(void) {
5033 bool loaded = false;
5036 if (read_one_line_file("/sys/kernel/kexec_loaded", &s) >= 0) {
5044 int prot_from_flags(int flags) {
5046 switch (flags & O_ACCMODE) {
5055 return PROT_READ|PROT_WRITE;
5062 char *format_bytes(char *buf, size_t l, off_t t) {
5065 static const struct {
5069 { "E", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
5070 { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
5071 { "T", 1024ULL*1024ULL*1024ULL*1024ULL },
5072 { "G", 1024ULL*1024ULL*1024ULL },
5073 { "M", 1024ULL*1024ULL },
5077 for (i = 0; i < ELEMENTSOF(table); i++) {
5079 if (t >= table[i].factor) {
5082 (unsigned long long) (t / table[i].factor),
5083 (unsigned long long) (((t*10ULL) / table[i].factor) % 10ULL),
5090 snprintf(buf, l, "%lluB", (unsigned long long) t);
5098 void* memdup(const void *p, size_t l) {
5111 int fd_inc_sndbuf(int fd, size_t n) {
5113 socklen_t l = sizeof(value);
5115 r = getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, &l);
5116 if (r >= 0 && l == sizeof(value) && (size_t) value >= n*2)
5119 /* If we have the privileges we will ignore the kernel limit. */
5122 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
5123 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
5129 int fd_inc_rcvbuf(int fd, size_t n) {
5131 socklen_t l = sizeof(value);
5133 r = getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, &l);
5134 if (r >= 0 && l == sizeof(value) && (size_t) value >= n*2)
5137 /* If we have the privileges we will ignore the kernel limit. */
5140 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
5141 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
5146 int fork_agent(pid_t *pid, const int except[], unsigned n_except, const char *path, ...) {
5147 bool stdout_is_tty, stderr_is_tty;
5148 pid_t parent_pid, agent_pid;
5149 sigset_t ss, saved_ss;
5157 /* Spawns a temporary TTY agent, making sure it goes away when
5160 parent_pid = getpid();
5162 /* First we temporarily block all signals, so that the new
5163 * child has them blocked initially. This way, we can be sure
5164 * that SIGTERMs are not lost we might send to the agent. */
5165 assert_se(sigfillset(&ss) >= 0);
5166 assert_se(sigprocmask(SIG_SETMASK, &ss, &saved_ss) >= 0);
5169 if (agent_pid < 0) {
5170 assert_se(sigprocmask(SIG_SETMASK, &saved_ss, NULL) >= 0);
5174 if (agent_pid != 0) {
5175 assert_se(sigprocmask(SIG_SETMASK, &saved_ss, NULL) >= 0);
5182 * Make sure the agent goes away when the parent dies */
5183 if (prctl(PR_SET_PDEATHSIG, SIGTERM) < 0)
5184 _exit(EXIT_FAILURE);
5186 /* Make sure we actually can kill the agent, if we need to, in
5187 * case somebody invoked us from a shell script that trapped
5188 * SIGTERM or so... */
5189 reset_all_signal_handlers();
5190 reset_signal_mask();
5192 /* Check whether our parent died before we were able
5193 * to set the death signal and unblock the signals */
5194 if (getppid() != parent_pid)
5195 _exit(EXIT_SUCCESS);
5197 /* Don't leak fds to the agent */
5198 close_all_fds(except, n_except);
5200 stdout_is_tty = isatty(STDOUT_FILENO);
5201 stderr_is_tty = isatty(STDERR_FILENO);
5203 if (!stdout_is_tty || !stderr_is_tty) {
5206 /* Detach from stdout/stderr. and reopen
5207 * /dev/tty for them. This is important to
5208 * ensure that when systemctl is started via
5209 * popen() or a similar call that expects to
5210 * read EOF we actually do generate EOF and
5211 * not delay this indefinitely by because we
5212 * keep an unused copy of stdin around. */
5213 fd = open("/dev/tty", O_WRONLY);
5215 log_error("Failed to open /dev/tty: %m");
5216 _exit(EXIT_FAILURE);
5220 dup2(fd, STDOUT_FILENO);
5223 dup2(fd, STDERR_FILENO);
5229 /* Count arguments */
5231 for (n = 0; va_arg(ap, char*); n++)
5236 l = alloca(sizeof(char *) * (n + 1));
5238 /* Fill in arguments */
5240 for (i = 0; i <= n; i++)
5241 l[i] = va_arg(ap, char*);
5245 _exit(EXIT_FAILURE);
5248 int setrlimit_closest(int resource, const struct rlimit *rlim) {
5249 struct rlimit highest, fixed;
5253 if (setrlimit(resource, rlim) >= 0)
5259 /* So we failed to set the desired setrlimit, then let's try
5260 * to get as close as we can */
5261 assert_se(getrlimit(resource, &highest) == 0);
5263 fixed.rlim_cur = MIN(rlim->rlim_cur, highest.rlim_max);
5264 fixed.rlim_max = MIN(rlim->rlim_max, highest.rlim_max);
5266 if (setrlimit(resource, &fixed) < 0)
5272 int getenv_for_pid(pid_t pid, const char *field, char **_value) {
5273 _cleanup_fclose_ FILE *f = NULL;
5284 path = procfs_file_alloca(pid, "environ");
5286 f = fopen(path, "re");
5294 char line[LINE_MAX];
5297 for (i = 0; i < sizeof(line)-1; i++) {
5301 if (_unlikely_(c == EOF)) {
5311 if (memcmp(line, field, l) == 0 && line[l] == '=') {
5312 value = strdup(line + l + 1);
5326 bool is_valid_documentation_url(const char *url) {
5329 if (startswith(url, "http://") && url[7])
5332 if (startswith(url, "https://") && url[8])
5335 if (startswith(url, "file:") && url[5])
5338 if (startswith(url, "info:") && url[5])
5341 if (startswith(url, "man:") && url[4])
5347 bool in_initrd(void) {
5348 static int saved = -1;
5354 /* We make two checks here:
5356 * 1. the flag file /etc/initrd-release must exist
5357 * 2. the root file system must be a memory file system
5359 * The second check is extra paranoia, since misdetecting an
5360 * initrd can have bad bad consequences due the initrd
5361 * emptying when transititioning to the main systemd.
5364 saved = access("/etc/initrd-release", F_OK) >= 0 &&
5365 statfs("/", &s) >= 0 &&
5366 is_temporary_fs(&s);
5371 void warn_melody(void) {
5372 _cleanup_close_ int fd = -1;
5374 fd = open("/dev/console", O_WRONLY|O_CLOEXEC|O_NOCTTY);
5378 /* Yeah, this is synchronous. Kinda sucks. But well... */
5380 ioctl(fd, KIOCSOUND, (int)(1193180/440));
5381 usleep(125*USEC_PER_MSEC);
5383 ioctl(fd, KIOCSOUND, (int)(1193180/220));
5384 usleep(125*USEC_PER_MSEC);
5386 ioctl(fd, KIOCSOUND, (int)(1193180/220));
5387 usleep(125*USEC_PER_MSEC);
5389 ioctl(fd, KIOCSOUND, 0);
5392 int make_console_stdio(void) {
5395 /* Make /dev/console the controlling terminal and stdin/stdout/stderr */
5397 fd = acquire_terminal("/dev/console", false, true, true, USEC_INFINITY);
5399 log_error("Failed to acquire terminal: %s", strerror(-fd));
5405 log_error("Failed to duplicate terminal fd: %s", strerror(-r));
5412 int get_home_dir(char **_h) {
5420 /* Take the user specified one */
5421 e = secure_getenv("HOME");
5422 if (e && path_is_absolute(e)) {
5431 /* Hardcode home directory for root to avoid NSS */
5434 h = strdup("/root");
5442 /* Check the database... */
5446 return errno > 0 ? -errno : -ESRCH;
5448 if (!path_is_absolute(p->pw_dir))
5451 h = strdup(p->pw_dir);
5459 int get_shell(char **_s) {
5467 /* Take the user specified one */
5468 e = getenv("SHELL");
5478 /* Hardcode home directory for root to avoid NSS */
5481 s = strdup("/bin/sh");
5489 /* Check the database... */
5493 return errno > 0 ? -errno : -ESRCH;
5495 if (!path_is_absolute(p->pw_shell))
5498 s = strdup(p->pw_shell);
5506 bool filename_is_safe(const char *p) {
5520 if (strlen(p) > FILENAME_MAX)
5526 bool string_is_safe(const char *p) {
5532 for (t = p; *t; t++) {
5533 if (*t > 0 && *t < ' ')
5536 if (strchr("\\\"\'\0x7f", *t))
5544 * Check if a string contains control characters. If 'ok' is non-NULL
5545 * it may be a string containing additional CCs to be considered OK.
5547 bool string_has_cc(const char *p, const char *ok) {
5552 for (t = p; *t; t++) {
5553 if (ok && strchr(ok, *t))
5556 if (*t > 0 && *t < ' ')
5566 bool path_is_safe(const char *p) {
5571 if (streq(p, "..") || startswith(p, "../") || endswith(p, "/..") || strstr(p, "/../"))
5574 if (strlen(p) > PATH_MAX)
5577 /* The following two checks are not really dangerous, but hey, they still are confusing */
5578 if (streq(p, ".") || startswith(p, "./") || endswith(p, "/.") || strstr(p, "/./"))
5581 if (strstr(p, "//"))
5587 /* hey glibc, APIs with callbacks without a user pointer are so useless */
5588 void *xbsearch_r(const void *key, const void *base, size_t nmemb, size_t size,
5589 int (*compar) (const void *, const void *, void *), void *arg) {
5598 p = (void *)(((const char *) base) + (idx * size));
5599 comparison = compar(key, p, arg);
5602 else if (comparison > 0)
5610 bool is_locale_utf8(void) {
5612 static int cached_answer = -1;
5614 if (cached_answer >= 0)
5617 if (!setlocale(LC_ALL, "")) {
5618 cached_answer = true;
5622 set = nl_langinfo(CODESET);
5624 cached_answer = true;
5628 if (streq(set, "UTF-8")) {
5629 cached_answer = true;
5633 /* For LC_CTYPE=="C" return true, because CTYPE is effectly
5634 * unset and everything can do to UTF-8 nowadays. */
5635 set = setlocale(LC_CTYPE, NULL);
5637 cached_answer = true;
5641 /* Check result, but ignore the result if C was set
5645 !getenv("LC_ALL") &&
5646 !getenv("LC_CTYPE") &&
5650 return (bool) cached_answer;
5653 const char *draw_special_char(DrawSpecialChar ch) {
5654 static const char *draw_table[2][_DRAW_SPECIAL_CHAR_MAX] = {
5657 [DRAW_TREE_VERTICAL] = "\342\224\202 ", /* │ */
5658 [DRAW_TREE_BRANCH] = "\342\224\234\342\224\200", /* ├─ */
5659 [DRAW_TREE_RIGHT] = "\342\224\224\342\224\200", /* └─ */
5660 [DRAW_TREE_SPACE] = " ", /* */
5661 [DRAW_TRIANGULAR_BULLET] = "\342\200\243", /* ‣ */
5662 [DRAW_BLACK_CIRCLE] = "\342\227\217", /* ● */
5663 [DRAW_ARROW] = "\342\206\222", /* → */
5664 [DRAW_DASH] = "\342\200\223", /* – */
5667 /* ASCII fallback */ {
5668 [DRAW_TREE_VERTICAL] = "| ",
5669 [DRAW_TREE_BRANCH] = "|-",
5670 [DRAW_TREE_RIGHT] = "`-",
5671 [DRAW_TREE_SPACE] = " ",
5672 [DRAW_TRIANGULAR_BULLET] = ">",
5673 [DRAW_BLACK_CIRCLE] = "*",
5674 [DRAW_ARROW] = "->",
5679 return draw_table[!is_locale_utf8()][ch];
5682 char *strreplace(const char *text, const char *old_string, const char *new_string) {
5685 size_t l, old_len, new_len;
5691 old_len = strlen(old_string);
5692 new_len = strlen(new_string);
5705 if (!startswith(f, old_string)) {
5711 nl = l - old_len + new_len;
5712 a = realloc(r, nl + 1);
5720 t = stpcpy(t, new_string);
5732 char *strip_tab_ansi(char **ibuf, size_t *_isz) {
5733 const char *i, *begin = NULL;
5738 } state = STATE_OTHER;
5740 size_t osz = 0, isz;
5746 /* Strips ANSI color and replaces TABs by 8 spaces */
5748 isz = _isz ? *_isz : strlen(*ibuf);
5750 f = open_memstream(&obuf, &osz);
5754 for (i = *ibuf; i < *ibuf + isz + 1; i++) {
5759 if (i >= *ibuf + isz) /* EOT */
5761 else if (*i == '\x1B')
5762 state = STATE_ESCAPE;
5763 else if (*i == '\t')
5770 if (i >= *ibuf + isz) { /* EOT */
5773 } else if (*i == '[') {
5774 state = STATE_BRACKET;
5779 state = STATE_OTHER;
5786 if (i >= *ibuf + isz || /* EOT */
5787 (!(*i >= '0' && *i <= '9') && *i != ';' && *i != 'm')) {
5790 state = STATE_OTHER;
5792 } else if (*i == 'm')
5793 state = STATE_OTHER;
5815 int on_ac_power(void) {
5816 bool found_offline = false, found_online = false;
5817 _cleanup_closedir_ DIR *d = NULL;
5819 d = opendir("/sys/class/power_supply");
5825 _cleanup_close_ int fd = -1, device = -1;
5831 if (!de && errno != 0)
5837 if (ignore_file(de->d_name))
5840 device = openat(dirfd(d), de->d_name, O_DIRECTORY|O_RDONLY|O_CLOEXEC|O_NOCTTY);
5842 if (errno == ENOENT || errno == ENOTDIR)
5848 fd = openat(device, "type", O_RDONLY|O_CLOEXEC|O_NOCTTY);
5850 if (errno == ENOENT)
5856 n = read(fd, contents, sizeof(contents));
5860 if (n != 6 || memcmp(contents, "Mains\n", 6))
5864 fd = openat(device, "online", O_RDONLY|O_CLOEXEC|O_NOCTTY);
5866 if (errno == ENOENT)
5872 n = read(fd, contents, sizeof(contents));
5876 if (n != 2 || contents[1] != '\n')
5879 if (contents[0] == '1') {
5880 found_online = true;
5882 } else if (contents[0] == '0')
5883 found_offline = true;
5888 return found_online || !found_offline;
5891 static int search_and_fopen_internal(const char *path, const char *mode, const char *root, char **search, FILE **_f) {
5898 if (!path_strv_resolve_uniq(search, root))
5901 STRV_FOREACH(i, search) {
5902 _cleanup_free_ char *p = NULL;
5906 p = strjoin(root, *i, "/", path, NULL);
5908 p = strjoin(*i, "/", path, NULL);
5918 if (errno != ENOENT)
5925 int search_and_fopen(const char *path, const char *mode, const char *root, const char **search, FILE **_f) {
5926 _cleanup_strv_free_ char **copy = NULL;
5932 if (path_is_absolute(path)) {
5935 f = fopen(path, mode);
5944 copy = strv_copy((char**) search);
5948 return search_and_fopen_internal(path, mode, root, copy, _f);
5951 int search_and_fopen_nulstr(const char *path, const char *mode, const char *root, const char *search, FILE **_f) {
5952 _cleanup_strv_free_ char **s = NULL;
5954 if (path_is_absolute(path)) {
5957 f = fopen(path, mode);
5966 s = strv_split_nulstr(search);
5970 return search_and_fopen_internal(path, mode, root, s, _f);
5973 char *strextend(char **x, ...) {
5980 l = f = *x ? strlen(*x) : 0;
5987 t = va_arg(ap, const char *);
5992 if (n > ((size_t) -1) - l) {
6001 r = realloc(*x, l+1);
6011 t = va_arg(ap, const char *);
6025 char *strrep(const char *s, unsigned n) {
6033 p = r = malloc(l * n + 1);
6037 for (i = 0; i < n; i++)
6044 void* greedy_realloc(void **p, size_t *allocated, size_t need, size_t size) {
6051 if (*allocated >= need)
6054 newalloc = MAX(need * 2, 64u / size);
6055 a = newalloc * size;
6057 /* check for overflows */
6058 if (a < size * need)
6066 *allocated = newalloc;
6070 void* greedy_realloc0(void **p, size_t *allocated, size_t need, size_t size) {
6079 q = greedy_realloc(p, allocated, need, size);
6083 if (*allocated > prev)
6084 memzero(q + prev * size, (*allocated - prev) * size);
6089 bool id128_is_valid(const char *s) {
6095 /* Simple formatted 128bit hex string */
6097 for (i = 0; i < l; i++) {
6100 if (!(c >= '0' && c <= '9') &&
6101 !(c >= 'a' && c <= 'z') &&
6102 !(c >= 'A' && c <= 'Z'))
6106 } else if (l == 36) {
6108 /* Formatted UUID */
6110 for (i = 0; i < l; i++) {
6113 if ((i == 8 || i == 13 || i == 18 || i == 23)) {
6117 if (!(c >= '0' && c <= '9') &&
6118 !(c >= 'a' && c <= 'z') &&
6119 !(c >= 'A' && c <= 'Z'))
6130 int split_pair(const char *s, const char *sep, char **l, char **r) {
6145 a = strndup(s, x - s);
6149 b = strdup(x + strlen(sep));
6161 int shall_restore_state(void) {
6162 _cleanup_free_ char *line = NULL;
6166 r = proc_cmdline(&line);
6174 _cleanup_free_ char *word = NULL;
6178 k = unquote_first_word(&p, &word, true);
6184 e = startswith(word, "systemd.restore_state=");
6188 k = parse_boolean(e);
6196 int proc_cmdline(char **ret) {
6199 if (detect_container(NULL) > 0)
6200 return get_process_cmdline(1, 0, false, ret);
6202 return read_one_line_file("/proc/cmdline", ret);
6205 int parse_proc_cmdline(int (*parse_item)(const char *key, const char *value)) {
6206 _cleanup_free_ char *line = NULL;
6212 r = proc_cmdline(&line);
6218 _cleanup_free_ char *word = NULL;
6221 r = unquote_first_word(&p, &word, true);
6227 /* Filter out arguments that are intended only for the
6229 if (!in_initrd() && startswith(word, "rd."))
6232 value = strchr(word, '=');
6236 r = parse_item(word, value);
6244 int container_get_leader(const char *machine, pid_t *pid) {
6245 _cleanup_free_ char *s = NULL, *class = NULL;
6253 p = strappenda("/run/systemd/machines/", machine);
6254 r = parse_env_file(p, NEWLINE, "LEADER", &s, "CLASS", &class, NULL);
6262 if (!streq_ptr(class, "container"))
6265 r = parse_pid(s, &leader);
6275 int namespace_open(pid_t pid, int *pidns_fd, int *mntns_fd, int *netns_fd, int *root_fd) {
6276 _cleanup_close_ int pidnsfd = -1, mntnsfd = -1, netnsfd = -1;
6284 mntns = procfs_file_alloca(pid, "ns/mnt");
6285 mntnsfd = open(mntns, O_RDONLY|O_NOCTTY|O_CLOEXEC);
6293 pidns = procfs_file_alloca(pid, "ns/pid");
6294 pidnsfd = open(pidns, O_RDONLY|O_NOCTTY|O_CLOEXEC);
6302 netns = procfs_file_alloca(pid, "ns/net");
6303 netnsfd = open(netns, O_RDONLY|O_NOCTTY|O_CLOEXEC);
6311 root = procfs_file_alloca(pid, "root");
6312 rfd = open(root, O_RDONLY|O_NOCTTY|O_CLOEXEC|O_DIRECTORY);
6318 *pidns_fd = pidnsfd;
6321 *mntns_fd = mntnsfd;
6324 *netns_fd = netnsfd;
6329 pidnsfd = mntnsfd = netnsfd = -1;
6334 int namespace_enter(int pidns_fd, int mntns_fd, int netns_fd, int root_fd) {
6337 if (setns(pidns_fd, CLONE_NEWPID) < 0)
6341 if (setns(mntns_fd, CLONE_NEWNS) < 0)
6345 if (setns(netns_fd, CLONE_NEWNET) < 0)
6349 if (fchdir(root_fd) < 0)
6352 if (chroot(".") < 0)
6356 if (setresgid(0, 0, 0) < 0)
6359 if (setgroups(0, NULL) < 0)
6362 if (setresuid(0, 0, 0) < 0)
6368 bool pid_is_unwaited(pid_t pid) {
6369 /* Checks whether a PID is still valid at all, including a zombie */
6374 if (kill(pid, 0) >= 0)
6377 return errno != ESRCH;
6380 bool pid_is_alive(pid_t pid) {
6383 /* Checks whether a PID is still valid and not a zombie */
6388 r = get_process_state(pid);
6389 if (r == -ENOENT || r == 'Z')
6395 int getpeercred(int fd, struct ucred *ucred) {
6396 socklen_t n = sizeof(struct ucred);
6403 r = getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &u, &n);
6407 if (n != sizeof(struct ucred))
6410 /* Check if the data is actually useful and not suppressed due
6411 * to namespacing issues */
6419 int getpeersec(int fd, char **ret) {
6431 r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n);
6435 if (errno != ERANGE)
6442 r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n);
6458 /* This is much like like mkostemp() but is subject to umask(). */
6459 int mkostemp_safe(char *pattern, int flags) {
6460 _cleanup_umask_ mode_t u;
6467 fd = mkostemp(pattern, flags);
6474 int open_tmpfile(const char *path, int flags) {
6481 /* Try O_TMPFILE first, if it is supported */
6482 fd = open(path, flags|O_TMPFILE, S_IRUSR|S_IWUSR);
6487 /* Fall back to unguessable name + unlinking */
6488 p = strappenda(path, "/systemd-tmp-XXXXXX");
6490 fd = mkostemp_safe(p, flags);
6498 int fd_warn_permissions(const char *path, int fd) {
6501 if (fstat(fd, &st) < 0)
6504 if (st.st_mode & 0111)
6505 log_warning("Configuration file %s is marked executable. Please remove executable permission bits. Proceeding anyway.", path);
6507 if (st.st_mode & 0002)
6508 log_warning("Configuration file %s is marked world-writable. Please remove world writability permission bits. Proceeding anyway.", path);
6510 if (getpid() == 1 && (st.st_mode & 0044) != 0044)
6511 log_warning("Configuration file %s is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.", path);
6516 unsigned long personality_from_string(const char *p) {
6518 /* Parse a personality specifier. We introduce our own
6519 * identifiers that indicate specific ABIs, rather than just
6520 * hints regarding the register size, since we want to keep
6521 * things open for multiple locally supported ABIs for the
6522 * same register size. We try to reuse the ABI identifiers
6523 * used by libseccomp. */
6525 #if defined(__x86_64__)
6527 if (streq(p, "x86"))
6530 if (streq(p, "x86-64"))
6533 #elif defined(__i386__)
6535 if (streq(p, "x86"))
6539 /* personality(7) documents that 0xffffffffUL is used for
6540 * querying the current personality, hence let's use that here
6541 * as error indicator. */
6542 return 0xffffffffUL;
6545 const char* personality_to_string(unsigned long p) {
6547 #if defined(__x86_64__)
6549 if (p == PER_LINUX32)
6555 #elif defined(__i386__)
6564 uint64_t physical_memory(void) {
6567 /* We return this as uint64_t in case we are running as 32bit
6568 * process on a 64bit kernel with huge amounts of memory */
6570 mem = sysconf(_SC_PHYS_PAGES);
6573 return (uint64_t) mem * (uint64_t) page_size();
6576 char* mount_test_option(const char *haystack, const char *needle) {
6578 struct mntent me = {
6579 .mnt_opts = (char*) haystack
6584 /* Like glibc's hasmntopt(), but works on a string, not a
6590 return hasmntopt(&me, needle);
6593 void hexdump(FILE *f, const void *p, size_t s) {
6594 const uint8_t *b = p;
6597 assert(s == 0 || b);
6602 fprintf(f, "%04x ", n);
6604 for (i = 0; i < 16; i++) {
6609 fprintf(f, "%02x ", b[i]);
6617 for (i = 0; i < 16; i++) {
6622 fputc(isprint(b[i]) ? (char) b[i] : '.', f);
6636 int update_reboot_param_file(const char *param) {
6641 r = write_string_file(REBOOT_PARAM_FILE, param);
6643 log_error("Failed to write reboot param to "
6644 REBOOT_PARAM_FILE": %s", strerror(-r));
6646 unlink(REBOOT_PARAM_FILE);
6651 int umount_recursive(const char *prefix, int flags) {
6655 /* Try to umount everything recursively below a
6656 * directory. Also, take care of stacked mounts, and keep
6657 * unmounting them until they are gone. */
6660 _cleanup_fclose_ FILE *proc_self_mountinfo = NULL;
6665 proc_self_mountinfo = fopen("/proc/self/mountinfo", "re");
6666 if (!proc_self_mountinfo)
6670 _cleanup_free_ char *path = NULL, *p = NULL;
6673 k = fscanf(proc_self_mountinfo,
6674 "%*s " /* (1) mount id */
6675 "%*s " /* (2) parent id */
6676 "%*s " /* (3) major:minor */
6677 "%*s " /* (4) root */
6678 "%ms " /* (5) mount point */
6679 "%*s" /* (6) mount options */
6680 "%*[^-]" /* (7) optional fields */
6681 "- " /* (8) separator */
6682 "%*s " /* (9) file system type */
6683 "%*s" /* (10) mount source */
6684 "%*s" /* (11) mount options 2 */
6685 "%*[^\n]", /* some rubbish at the end */
6694 p = cunescape(path);
6698 if (!path_startswith(p, prefix))
6701 if (umount2(p, flags) < 0) {
6717 int bind_remount_recursive(const char *prefix, bool ro) {
6718 _cleanup_set_free_free_ Set *done = NULL;
6719 _cleanup_free_ char *cleaned = NULL;
6722 /* Recursively remount a directory (and all its submounts)
6723 * read-only or read-write. If the directory is already
6724 * mounted, we reuse the mount and simply mark it
6725 * MS_BIND|MS_RDONLY (or remove the MS_RDONLY for read-write
6726 * operation). If it isn't we first make it one. Afterwards we
6727 * apply MS_BIND|MS_RDONLY (or remove MS_RDONLY) to all
6728 * submounts we can access, too. When mounts are stacked on
6729 * the same mount point we only care for each individual
6730 * "top-level" mount on each point, as we cannot
6731 * influence/access the underlying mounts anyway. We do not
6732 * have any effect on future submounts that might get
6733 * propagated, they migt be writable. This includes future
6734 * submounts that have been triggered via autofs. */
6736 cleaned = strdup(prefix);
6740 path_kill_slashes(cleaned);
6742 done = set_new(&string_hash_ops);
6747 _cleanup_fclose_ FILE *proc_self_mountinfo = NULL;
6748 _cleanup_set_free_free_ Set *todo = NULL;
6749 bool top_autofs = false;
6752 todo = set_new(&string_hash_ops);
6756 proc_self_mountinfo = fopen("/proc/self/mountinfo", "re");
6757 if (!proc_self_mountinfo)
6761 _cleanup_free_ char *path = NULL, *p = NULL, *type = NULL;
6764 k = fscanf(proc_self_mountinfo,
6765 "%*s " /* (1) mount id */
6766 "%*s " /* (2) parent id */
6767 "%*s " /* (3) major:minor */
6768 "%*s " /* (4) root */
6769 "%ms " /* (5) mount point */
6770 "%*s" /* (6) mount options (superblock) */
6771 "%*[^-]" /* (7) optional fields */
6772 "- " /* (8) separator */
6773 "%ms " /* (9) file system type */
6774 "%*s" /* (10) mount source */
6775 "%*s" /* (11) mount options (bind mount) */
6776 "%*[^\n]", /* some rubbish at the end */
6786 p = cunescape(path);
6790 /* Let's ignore autofs mounts. If they aren't
6791 * triggered yet, we want to avoid triggering
6792 * them, as we don't make any guarantees for
6793 * future submounts anyway. If they are
6794 * already triggered, then we will find
6795 * another entry for this. */
6796 if (streq(type, "autofs")) {
6797 top_autofs = top_autofs || path_equal(cleaned, p);
6801 if (path_startswith(p, cleaned) &&
6802 !set_contains(done, p)) {
6804 r = set_consume(todo, p);
6814 /* If we have no submounts to process anymore and if
6815 * the root is either already done, or an autofs, we
6817 if (set_isempty(todo) &&
6818 (top_autofs || set_contains(done, cleaned)))
6821 if (!set_contains(done, cleaned) &&
6822 !set_contains(todo, cleaned)) {
6823 /* The prefix directory itself is not yet a
6824 * mount, make it one. */
6825 if (mount(cleaned, cleaned, NULL, MS_BIND|MS_REC, NULL) < 0)
6828 if (mount(NULL, prefix, NULL, MS_BIND|MS_REMOUNT|(ro ? MS_RDONLY : 0), NULL) < 0)
6831 x = strdup(cleaned);
6835 r = set_consume(done, x);
6840 while ((x = set_steal_first(todo))) {
6842 r = set_consume(done, x);
6848 if (mount(NULL, x, NULL, MS_BIND|MS_REMOUNT|(ro ? MS_RDONLY : 0), NULL) < 0) {
6850 /* Deal with mount points that are
6851 * obstructed by a later mount */
6853 if (errno != ENOENT)
6861 int fflush_and_check(FILE *f) {
6868 return errno ? -errno : -EIO;
6873 char *tempfn_xxxxxx(const char *p) {
6880 t = new(char, strlen(p) + 1 + 6 + 1);
6887 strcpy(stpcpy(stpcpy(mempcpy(t, p, k), "."), fn), "XXXXXX");
6892 char *tempfn_random(const char *p) {
6901 t = new(char, strlen(p) + 1 + 16 + 1);
6908 x = stpcpy(stpcpy(mempcpy(t, p, k), "."), fn);
6911 for (i = 0; i < 16; i++) {
6912 *(x++) = hexchar(u & 0xF);
6921 /* make sure the hostname is not "localhost" */
6922 bool is_localhost(const char *hostname) {
6925 /* This tries to identify local host and domain names
6926 * described in RFC6761 plus the redhatism of .localdomain */
6928 return streq(hostname, "localhost") ||
6929 streq(hostname, "localhost.") ||
6930 streq(hostname, "localdomain.") ||
6931 streq(hostname, "localdomain") ||
6932 endswith(hostname, ".localhost") ||
6933 endswith(hostname, ".localhost.") ||
6934 endswith(hostname, ".localdomain") ||
6935 endswith(hostname, ".localdomain.");
6938 int take_password_lock(const char *root) {
6940 struct flock flock = {
6942 .l_whence = SEEK_SET,
6950 /* This is roughly the same as lckpwdf(), but not as awful. We
6951 * don't want to use alarm() and signals, hence we implement
6952 * our own trivial version of this.
6954 * Note that shadow-utils also takes per-database locks in
6955 * addition to lckpwdf(). However, we don't given that they
6956 * are redundant as they they invoke lckpwdf() first and keep
6957 * it during everything they do. The per-database locks are
6958 * awfully racy, and thus we just won't do them. */
6961 path = strappenda(root, "/etc/.pwd.lock");
6963 path = "/etc/.pwd.lock";
6965 fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW, 0600);
6969 r = fcntl(fd, F_SETLKW, &flock);
6978 int is_symlink(const char *path) {
6981 if (lstat(path, &info) < 0)
6984 return !!S_ISLNK(info.st_mode);
6987 int is_dir(const char* path, bool follow) {
6992 r = stat(path, &st);
6994 r = lstat(path, &st);
6998 return !!S_ISDIR(st.st_mode);
7001 int unquote_first_word(const char **p, char **ret, bool relax) {
7002 _cleanup_free_ char *s = NULL;
7003 size_t allocated = 0, sz = 0;
7010 SINGLE_QUOTE_ESCAPE,
7012 DOUBLE_QUOTE_ESCAPE,
7020 /* Parses the first word of a string, and returns it in
7021 * *ret. Removes all quotes in the process. When parsing fails
7022 * (because of an uneven number of quotes or similar), leaves
7023 * the pointer *p at the first invalid character. */
7033 else if (strchr(WHITESPACE, c))
7043 state = SINGLE_QUOTE;
7045 state = VALUE_ESCAPE;
7047 state = DOUBLE_QUOTE;
7048 else if (strchr(WHITESPACE, c))
7051 if (!GREEDY_REALLOC(s, allocated, sz+2))
7066 if (!GREEDY_REALLOC(s, allocated, sz+2))
7079 } else if (c == '\'')
7082 state = SINGLE_QUOTE_ESCAPE;
7084 if (!GREEDY_REALLOC(s, allocated, sz+2))
7092 case SINGLE_QUOTE_ESCAPE:
7099 if (!GREEDY_REALLOC(s, allocated, sz+2))
7103 state = SINGLE_QUOTE;
7112 state = DOUBLE_QUOTE_ESCAPE;
7114 if (!GREEDY_REALLOC(s, allocated, sz+2))
7122 case DOUBLE_QUOTE_ESCAPE:
7129 if (!GREEDY_REALLOC(s, allocated, sz+2))
7133 state = DOUBLE_QUOTE;
7139 if (!strchr(WHITESPACE, c))
7161 int unquote_many_words(const char **p, ...) {
7166 /* Parses a number of words from a string, stripping any
7167 * quotes if necessary. */
7171 /* Count how many words are expected */
7174 if (!va_arg(ap, char **))
7183 /* Read all words into a temporary array */
7184 l = newa0(char*, n);
7185 for (c = 0; c < n; c++) {
7187 r = unquote_first_word(p, &l[c], false);
7191 for (j = 0; j < c; j++)
7201 /* If we managed to parse all words, return them in the passed
7204 for (i = 0; i < n; i++) {
7207 v = va_arg(ap, char **);
7217 int free_and_strdup(char **p, const char *s) {
7222 /* Replaces a string pointer with an strdup()ed new string,
7223 * possibly freeing the old one. */
7238 int sethostname_idempotent(const char *s) {
7240 char buf[HOST_NAME_MAX + 1] = {};
7244 r = gethostname(buf, sizeof(buf));
7251 r = sethostname(s, strlen(s));
~ianmdlvl / elogind.git / blob