1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
31 #include <sys/resource.h>
32 #include <linux/sched.h>
33 #include <sys/types.h>
37 #include <sys/ioctl.h>
39 #include <linux/tiocl.h>
42 #include <sys/inotify.h>
45 #include <sys/prctl.h>
46 #include <sys/utsname.h>
48 #include <netinet/ip.h>
57 #include <sys/mount.h>
58 #include <linux/magic.h>
62 #include <sys/personality.h>
66 #ifdef HAVE_SYS_AUXV_H
78 #include "path-util.h"
79 #include "exit-status.h"
83 #include "device-nodes.h"
90 char **saved_argv = NULL;
92 static volatile unsigned cached_columns = 0;
93 static volatile unsigned cached_lines = 0;
95 size_t page_size(void) {
96 static thread_local size_t pgsz = 0;
99 if (_likely_(pgsz > 0))
102 r = sysconf(_SC_PAGESIZE);
109 bool streq_ptr(const char *a, const char *b) {
111 /* Like streq(), but tries to make sense of NULL pointers */
122 char* endswith(const char *s, const char *postfix) {
129 pl = strlen(postfix);
132 return (char*) s + sl;
137 if (memcmp(s + sl - pl, postfix, pl) != 0)
140 return (char*) s + sl - pl;
143 bool first_word(const char *s, const char *word) {
158 if (memcmp(s, word, wl) != 0)
162 strchr(WHITESPACE, s[wl]);
165 int close_nointr(int fd) {
172 else if (errno == EINTR)
174 * Just ignore EINTR; a retry loop is the wrong
175 * thing to do on Linux.
177 * http://lkml.indiana.edu/hypermail/linux/kernel/0509.1/0877.html
178 * https://bugzilla.gnome.org/show_bug.cgi?id=682819
179 * http://utcc.utoronto.ca/~cks/space/blog/unix/CloseEINTR
180 * https://sites.google.com/site/michaelsafyan/software-engineering/checkforeintrwheninvokingclosethinkagain
187 int safe_close(int fd) {
190 * Like close_nointr() but cannot fail. Guarantees errno is
191 * unchanged. Is a NOP with negative fds passed, and returns
192 * -1, so that it can be used in this syntax:
194 * fd = safe_close(fd);
200 /* The kernel might return pretty much any error code
201 * via close(), but the fd will be closed anyway. The
202 * only condition we want to check for here is whether
203 * the fd was invalid at all... */
205 assert_se(close_nointr(fd) != -EBADF);
211 void close_many(const int fds[], unsigned n_fd) {
214 assert(fds || n_fd <= 0);
216 for (i = 0; i < n_fd; i++)
220 int unlink_noerrno(const char *path) {
231 int parse_boolean(const char *v) {
234 if (streq(v, "1") || v[0] == 'y' || v[0] == 'Y' || v[0] == 't' || v[0] == 'T' || strcaseeq(v, "on"))
236 else if (streq(v, "0") || v[0] == 'n' || v[0] == 'N' || v[0] == 'f' || v[0] == 'F' || strcaseeq(v, "off"))
242 int parse_pid(const char *s, pid_t* ret_pid) {
243 unsigned long ul = 0;
250 r = safe_atolu(s, &ul);
256 if ((unsigned long) pid != ul)
266 int parse_uid(const char *s, uid_t* ret_uid) {
267 unsigned long ul = 0;
274 r = safe_atolu(s, &ul);
280 if ((unsigned long) uid != ul)
283 /* Some libc APIs use (uid_t) -1 as special placeholder */
284 if (uid == (uid_t) 0xFFFFFFFF)
287 /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */
288 if (uid == (uid_t) 0xFFFF)
295 int safe_atou(const char *s, unsigned *ret_u) {
303 l = strtoul(s, &x, 0);
305 if (!x || x == s || *x || errno)
306 return errno > 0 ? -errno : -EINVAL;
308 if ((unsigned long) (unsigned) l != l)
311 *ret_u = (unsigned) l;
315 int safe_atoi(const char *s, int *ret_i) {
323 l = strtol(s, &x, 0);
325 if (!x || x == s || *x || errno)
326 return errno > 0 ? -errno : -EINVAL;
328 if ((long) (int) l != l)
335 int safe_atollu(const char *s, long long unsigned *ret_llu) {
337 unsigned long long l;
343 l = strtoull(s, &x, 0);
345 if (!x || x == s || *x || errno)
346 return errno ? -errno : -EINVAL;
352 int safe_atolli(const char *s, long long int *ret_lli) {
360 l = strtoll(s, &x, 0);
362 if (!x || x == s || *x || errno)
363 return errno ? -errno : -EINVAL;
369 int safe_atod(const char *s, double *ret_d) {
376 RUN_WITH_LOCALE(LC_NUMERIC_MASK, "C") {
381 if (!x || x == s || *x || errno)
382 return errno ? -errno : -EINVAL;
388 static size_t strcspn_escaped(const char *s, const char *reject) {
389 bool escaped = false;
392 for (n=0; s[n]; n++) {
395 else if (s[n] == '\\')
397 else if (strchr(reject, s[n]))
403 /* Split a string into words. */
404 char *split(const char *c, size_t *l, const char *separator, bool quoted, char **state) {
407 current = *state ? *state : (char*) c;
409 if (!*current || *c == 0)
412 current += strspn(current, separator);
416 if (quoted && strchr("\'\"", *current)) {
417 char quotechar = *(current++);
418 *l = strcspn_escaped(current, (char[]){quotechar, '\0'});
419 *state = current+*l+1;
421 *l = strcspn_escaped(current, separator);
424 *l = strcspn(current, separator);
428 return (char*) current;
431 int get_parent_of_pid(pid_t pid, pid_t *_ppid) {
433 _cleanup_free_ char *line = NULL;
445 p = procfs_file_alloca(pid, "stat");
446 r = read_one_line_file(p, &line);
450 /* Let's skip the pid and comm fields. The latter is enclosed
451 * in () but does not escape any () in its value, so let's
452 * skip over it manually */
454 p = strrchr(line, ')');
466 if ((long unsigned) (pid_t) ppid != ppid)
469 *_ppid = (pid_t) ppid;
474 int get_starttime_of_pid(pid_t pid, unsigned long long *st) {
476 _cleanup_free_ char *line = NULL;
482 p = procfs_file_alloca(pid, "stat");
483 r = read_one_line_file(p, &line);
487 /* Let's skip the pid and comm fields. The latter is enclosed
488 * in () but does not escape any () in its value, so let's
489 * skip over it manually */
491 p = strrchr(line, ')');
513 "%*d " /* priority */
515 "%*d " /* num_threads */
516 "%*d " /* itrealvalue */
517 "%llu " /* starttime */,
524 int fchmod_umask(int fd, mode_t m) {
529 r = fchmod(fd, m & (~u)) < 0 ? -errno : 0;
535 char *truncate_nl(char *s) {
538 s[strcspn(s, NEWLINE)] = 0;
542 int get_process_state(pid_t pid) {
546 _cleanup_free_ char *line = NULL;
550 p = procfs_file_alloca(pid, "stat");
551 r = read_one_line_file(p, &line);
555 p = strrchr(line, ')');
561 if (sscanf(p, " %c", &state) != 1)
564 return (unsigned char) state;
567 int get_process_comm(pid_t pid, char **name) {
574 p = procfs_file_alloca(pid, "comm");
576 r = read_one_line_file(p, name);
583 int get_process_cmdline(pid_t pid, size_t max_length, bool comm_fallback, char **line) {
584 _cleanup_fclose_ FILE *f = NULL;
592 p = procfs_file_alloca(pid, "cmdline");
598 if (max_length == 0) {
599 size_t len = 0, allocated = 0;
601 while ((c = getc(f)) != EOF) {
603 if (!GREEDY_REALLOC(r, allocated, len+2)) {
608 r[len++] = isprint(c) ? c : ' ';
618 r = new(char, max_length);
624 while ((c = getc(f)) != EOF) {
646 size_t n = MIN(left-1, 3U);
653 /* Kernel threads have no argv[] */
654 if (r == NULL || r[0] == 0) {
655 _cleanup_free_ char *t = NULL;
663 h = get_process_comm(pid, &t);
667 r = strjoin("[", t, "]", NULL);
676 int is_kernel_thread(pid_t pid) {
688 p = procfs_file_alloca(pid, "cmdline");
693 count = fread(&c, 1, 1, f);
697 /* Kernel threads have an empty cmdline */
700 return eof ? 1 : -errno;
705 int get_process_capeff(pid_t pid, char **capeff) {
711 p = procfs_file_alloca(pid, "status");
713 return get_status_field(p, "\nCapEff:", capeff);
716 int get_process_exe(pid_t pid, char **name) {
724 p = procfs_file_alloca(pid, "exe");
726 r = readlink_malloc(p, name);
728 return r == -ENOENT ? -ESRCH : r;
730 d = endswith(*name, " (deleted)");
737 static int get_process_id(pid_t pid, const char *field, uid_t *uid) {
738 _cleanup_fclose_ FILE *f = NULL;
748 p = procfs_file_alloca(pid, "status");
753 FOREACH_LINE(line, f, return -errno) {
758 if (startswith(l, field)) {
760 l += strspn(l, WHITESPACE);
762 l[strcspn(l, WHITESPACE)] = 0;
764 return parse_uid(l, uid);
771 int get_process_uid(pid_t pid, uid_t *uid) {
772 return get_process_id(pid, "Uid:", uid);
775 int get_process_gid(pid_t pid, gid_t *gid) {
776 assert_cc(sizeof(uid_t) == sizeof(gid_t));
777 return get_process_id(pid, "Gid:", gid);
780 char *strnappend(const char *s, const char *suffix, size_t b) {
788 return strndup(suffix, b);
797 if (b > ((size_t) -1) - a)
800 r = new(char, a+b+1);
805 memcpy(r+a, suffix, b);
811 char *strappend(const char *s, const char *suffix) {
812 return strnappend(s, suffix, suffix ? strlen(suffix) : 0);
815 int readlinkat_malloc(int fd, const char *p, char **ret) {
830 n = readlinkat(fd, p, c, l-1);
837 if ((size_t) n < l-1) {
848 int readlink_malloc(const char *p, char **ret) {
849 return readlinkat_malloc(AT_FDCWD, p, ret);
852 int readlink_and_make_absolute(const char *p, char **r) {
853 _cleanup_free_ char *target = NULL;
860 j = readlink_malloc(p, &target);
864 k = file_in_same_dir(p, target);
872 int readlink_and_canonicalize(const char *p, char **r) {
879 j = readlink_and_make_absolute(p, &t);
883 s = canonicalize_file_name(t);
890 path_kill_slashes(*r);
895 int reset_all_signal_handlers(void) {
898 for (sig = 1; sig < _NSIG; sig++) {
899 struct sigaction sa = {
900 .sa_handler = SIG_DFL,
901 .sa_flags = SA_RESTART,
904 if (sig == SIGKILL || sig == SIGSTOP)
907 /* On Linux the first two RT signals are reserved by
908 * glibc, and sigaction() will return EINVAL for them. */
909 if ((sigaction(sig, &sa, NULL) < 0))
917 char *strstrip(char *s) {
920 /* Drops trailing whitespace. Modifies the string in
921 * place. Returns pointer to first non-space character */
923 s += strspn(s, WHITESPACE);
925 for (e = strchr(s, 0); e > s; e --)
926 if (!strchr(WHITESPACE, e[-1]))
934 char *delete_chars(char *s, const char *bad) {
937 /* Drops all whitespace, regardless where in the string */
939 for (f = s, t = s; *f; f++) {
951 char *file_in_same_dir(const char *path, const char *filename) {
958 /* This removes the last component of path and appends
959 * filename, unless the latter is absolute anyway or the
962 if (path_is_absolute(filename))
963 return strdup(filename);
965 if (!(e = strrchr(path, '/')))
966 return strdup(filename);
968 k = strlen(filename);
969 if (!(r = new(char, e-path+1+k+1)))
972 memcpy(r, path, e-path+1);
973 memcpy(r+(e-path)+1, filename, k+1);
978 int rmdir_parents(const char *path, const char *stop) {
987 /* Skip trailing slashes */
988 while (l > 0 && path[l-1] == '/')
994 /* Skip last component */
995 while (l > 0 && path[l-1] != '/')
998 /* Skip trailing slashes */
999 while (l > 0 && path[l-1] == '/')
1005 if (!(t = strndup(path, l)))
1008 if (path_startswith(stop, t)) {
1017 if (errno != ENOENT)
1024 char hexchar(int x) {
1025 static const char table[16] = "0123456789abcdef";
1027 return table[x & 15];
1030 int unhexchar(char c) {
1032 if (c >= '0' && c <= '9')
1035 if (c >= 'a' && c <= 'f')
1036 return c - 'a' + 10;
1038 if (c >= 'A' && c <= 'F')
1039 return c - 'A' + 10;
1044 char *hexmem(const void *p, size_t l) {
1048 z = r = malloc(l * 2 + 1);
1052 for (x = p; x < (const uint8_t*) p + l; x++) {
1053 *(z++) = hexchar(*x >> 4);
1054 *(z++) = hexchar(*x & 15);
1061 void *unhexmem(const char *p, size_t l) {
1067 z = r = malloc((l + 1) / 2 + 1);
1071 for (x = p; x < p + l; x += 2) {
1074 a = unhexchar(x[0]);
1076 b = unhexchar(x[1]);
1080 *(z++) = (uint8_t) a << 4 | (uint8_t) b;
1087 char octchar(int x) {
1088 return '0' + (x & 7);
1091 int unoctchar(char c) {
1093 if (c >= '0' && c <= '7')
1099 char decchar(int x) {
1100 return '0' + (x % 10);
1103 int undecchar(char c) {
1105 if (c >= '0' && c <= '9')
1111 char *cescape(const char *s) {
1117 /* Does C style string escaping. */
1119 r = new(char, strlen(s)*4 + 1);
1123 for (f = s, t = r; *f; f++)
1169 /* For special chars we prefer octal over
1170 * hexadecimal encoding, simply because glib's
1171 * g_strescape() does the same */
1172 if ((*f < ' ') || (*f >= 127)) {
1174 *(t++) = octchar((unsigned char) *f >> 6);
1175 *(t++) = octchar((unsigned char) *f >> 3);
1176 *(t++) = octchar((unsigned char) *f);
1187 char *cunescape_length_with_prefix(const char *s, size_t length, const char *prefix) {
1194 /* Undoes C style string escaping, and optionally prefixes it. */
1196 pl = prefix ? strlen(prefix) : 0;
1198 r = new(char, pl+length+1);
1203 memcpy(r, prefix, pl);
1205 for (f = s, t = r + pl; f < s + length; f++) {
1248 /* This is an extension of the XDG syntax files */
1253 /* hexadecimal encoding */
1256 a = unhexchar(f[1]);
1257 b = unhexchar(f[2]);
1259 if (a < 0 || b < 0 || (a == 0 && b == 0)) {
1260 /* Invalid escape code, let's take it literal then */
1264 *(t++) = (char) ((a << 4) | b);
1279 /* octal encoding */
1282 a = unoctchar(f[0]);
1283 b = unoctchar(f[1]);
1284 c = unoctchar(f[2]);
1286 if (a < 0 || b < 0 || c < 0 || (a == 0 && b == 0 && c == 0)) {
1287 /* Invalid escape code, let's take it literal then */
1291 *(t++) = (char) ((a << 6) | (b << 3) | c);
1299 /* premature end of string.*/
1304 /* Invalid escape code, let's take it literal then */
1316 char *cunescape_length(const char *s, size_t length) {
1317 return cunescape_length_with_prefix(s, length, NULL);
1320 char *cunescape(const char *s) {
1323 return cunescape_length(s, strlen(s));
1326 char *xescape(const char *s, const char *bad) {
1330 /* Escapes all chars in bad, in addition to \ and all special
1331 * chars, in \xFF style escaping. May be reversed with
1334 r = new(char, strlen(s) * 4 + 1);
1338 for (f = s, t = r; *f; f++) {
1340 if ((*f < ' ') || (*f >= 127) ||
1341 (*f == '\\') || strchr(bad, *f)) {
1344 *(t++) = hexchar(*f >> 4);
1345 *(t++) = hexchar(*f);
1355 char *ascii_strlower(char *t) {
1360 for (p = t; *p; p++)
1361 if (*p >= 'A' && *p <= 'Z')
1362 *p = *p - 'A' + 'a';
1367 _pure_ static bool ignore_file_allow_backup(const char *filename) {
1371 filename[0] == '.' ||
1372 streq(filename, "lost+found") ||
1373 streq(filename, "aquota.user") ||
1374 streq(filename, "aquota.group") ||
1375 endswith(filename, ".rpmnew") ||
1376 endswith(filename, ".rpmsave") ||
1377 endswith(filename, ".rpmorig") ||
1378 endswith(filename, ".dpkg-old") ||
1379 endswith(filename, ".dpkg-new") ||
1380 endswith(filename, ".swp");
1383 bool ignore_file(const char *filename) {
1386 if (endswith(filename, "~"))
1389 return ignore_file_allow_backup(filename);
1392 int fd_nonblock(int fd, bool nonblock) {
1397 flags = fcntl(fd, F_GETFL, 0);
1402 nflags = flags | O_NONBLOCK;
1404 nflags = flags & ~O_NONBLOCK;
1406 if (nflags == flags)
1409 if (fcntl(fd, F_SETFL, nflags) < 0)
1415 int fd_cloexec(int fd, bool cloexec) {
1420 flags = fcntl(fd, F_GETFD, 0);
1425 nflags = flags | FD_CLOEXEC;
1427 nflags = flags & ~FD_CLOEXEC;
1429 if (nflags == flags)
1432 if (fcntl(fd, F_SETFD, nflags) < 0)
1438 _pure_ static bool fd_in_set(int fd, const int fdset[], unsigned n_fdset) {
1441 assert(n_fdset == 0 || fdset);
1443 for (i = 0; i < n_fdset; i++)
1450 int close_all_fds(const int except[], unsigned n_except) {
1451 _cleanup_closedir_ DIR *d = NULL;
1455 assert(n_except == 0 || except);
1457 d = opendir("/proc/self/fd");
1462 /* When /proc isn't available (for example in chroots)
1463 * the fallback is brute forcing through the fd
1466 assert_se(getrlimit(RLIMIT_NOFILE, &rl) >= 0);
1467 for (fd = 3; fd < (int) rl.rlim_max; fd ++) {
1469 if (fd_in_set(fd, except, n_except))
1472 if (close_nointr(fd) < 0)
1473 if (errno != EBADF && r == 0)
1480 while ((de = readdir(d))) {
1483 if (ignore_file(de->d_name))
1486 if (safe_atoi(de->d_name, &fd) < 0)
1487 /* Let's better ignore this, just in case */
1496 if (fd_in_set(fd, except, n_except))
1499 if (close_nointr(fd) < 0) {
1500 /* Valgrind has its own FD and doesn't want to have it closed */
1501 if (errno != EBADF && r == 0)
1509 bool chars_intersect(const char *a, const char *b) {
1512 /* Returns true if any of the chars in a are in b. */
1513 for (p = a; *p; p++)
1520 bool fstype_is_network(const char *fstype) {
1521 static const char table[] =
1535 x = startswith(fstype, "fuse.");
1539 return nulstr_contains(table, fstype);
1543 _cleanup_close_ int fd;
1545 fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
1551 TIOCL_GETKMSGREDIRECT,
1555 if (ioctl(fd, TIOCLINUX, tiocl) < 0)
1558 vt = tiocl[0] <= 0 ? 1 : tiocl[0];
1561 if (ioctl(fd, VT_ACTIVATE, vt) < 0)
1567 int read_one_char(FILE *f, char *ret, usec_t t, bool *need_nl) {
1568 struct termios old_termios, new_termios;
1569 char c, line[LINE_MAX];
1574 if (tcgetattr(fileno(f), &old_termios) >= 0) {
1575 new_termios = old_termios;
1577 new_termios.c_lflag &= ~ICANON;
1578 new_termios.c_cc[VMIN] = 1;
1579 new_termios.c_cc[VTIME] = 0;
1581 if (tcsetattr(fileno(f), TCSADRAIN, &new_termios) >= 0) {
1584 if (t != (usec_t) -1) {
1585 if (fd_wait_for_event(fileno(f), POLLIN, t) <= 0) {
1586 tcsetattr(fileno(f), TCSADRAIN, &old_termios);
1591 k = fread(&c, 1, 1, f);
1593 tcsetattr(fileno(f), TCSADRAIN, &old_termios);
1599 *need_nl = c != '\n';
1606 if (t != (usec_t) -1) {
1607 if (fd_wait_for_event(fileno(f), POLLIN, t) <= 0)
1612 if (!fgets(line, sizeof(line), f))
1613 return errno ? -errno : -EIO;
1617 if (strlen(line) != 1)
1627 int ask(char *ret, const char *replies, const char *text, ...) {
1637 bool need_nl = true;
1640 fputs(ANSI_HIGHLIGHT_ON, stdout);
1647 fputs(ANSI_HIGHLIGHT_OFF, stdout);
1651 r = read_one_char(stdin, &c, (usec_t) -1, &need_nl);
1654 if (r == -EBADMSG) {
1655 puts("Bad input, please try again.");
1666 if (strchr(replies, c)) {
1671 puts("Read unexpected character, please try again.");
1675 int reset_terminal_fd(int fd, bool switch_to_text) {
1676 struct termios termios;
1679 /* Set terminal to some sane defaults */
1683 /* We leave locked terminal attributes untouched, so that
1684 * Plymouth may set whatever it wants to set, and we don't
1685 * interfere with that. */
1687 /* Disable exclusive mode, just in case */
1688 ioctl(fd, TIOCNXCL);
1690 /* Switch to text mode */
1692 ioctl(fd, KDSETMODE, KD_TEXT);
1694 /* Enable console unicode mode */
1695 ioctl(fd, KDSKBMODE, K_UNICODE);
1697 if (tcgetattr(fd, &termios) < 0) {
1702 /* We only reset the stuff that matters to the software. How
1703 * hardware is set up we don't touch assuming that somebody
1704 * else will do that for us */
1706 termios.c_iflag &= ~(IGNBRK | BRKINT | ISTRIP | INLCR | IGNCR | IUCLC);
1707 termios.c_iflag |= ICRNL | IMAXBEL | IUTF8;
1708 termios.c_oflag |= ONLCR;
1709 termios.c_cflag |= CREAD;
1710 termios.c_lflag = ISIG | ICANON | IEXTEN | ECHO | ECHOE | ECHOK | ECHOCTL | ECHOPRT | ECHOKE;
1712 termios.c_cc[VINTR] = 03; /* ^C */
1713 termios.c_cc[VQUIT] = 034; /* ^\ */
1714 termios.c_cc[VERASE] = 0177;
1715 termios.c_cc[VKILL] = 025; /* ^X */
1716 termios.c_cc[VEOF] = 04; /* ^D */
1717 termios.c_cc[VSTART] = 021; /* ^Q */
1718 termios.c_cc[VSTOP] = 023; /* ^S */
1719 termios.c_cc[VSUSP] = 032; /* ^Z */
1720 termios.c_cc[VLNEXT] = 026; /* ^V */
1721 termios.c_cc[VWERASE] = 027; /* ^W */
1722 termios.c_cc[VREPRINT] = 022; /* ^R */
1723 termios.c_cc[VEOL] = 0;
1724 termios.c_cc[VEOL2] = 0;
1726 termios.c_cc[VTIME] = 0;
1727 termios.c_cc[VMIN] = 1;
1729 if (tcsetattr(fd, TCSANOW, &termios) < 0)
1733 /* Just in case, flush all crap out */
1734 tcflush(fd, TCIOFLUSH);
1739 int reset_terminal(const char *name) {
1740 _cleanup_close_ int fd = -1;
1742 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
1746 return reset_terminal_fd(fd, true);
1749 int open_terminal(const char *name, int mode) {
1754 * If a TTY is in the process of being closed opening it might
1755 * cause EIO. This is horribly awful, but unlikely to be
1756 * changed in the kernel. Hence we work around this problem by
1757 * retrying a couple of times.
1759 * https://bugs.launchpad.net/ubuntu/+source/linux/+bug/554172/comments/245
1762 assert(!(mode & O_CREAT));
1765 fd = open(name, mode, 0);
1772 /* Max 1s in total */
1776 usleep(50 * USEC_PER_MSEC);
1797 int flush_fd(int fd) {
1798 struct pollfd pollfd = {
1808 r = poll(&pollfd, 1, 0);
1818 l = read(fd, buf, sizeof(buf));
1824 if (errno == EAGAIN)
1833 int acquire_terminal(
1837 bool ignore_tiocstty_eperm,
1840 int fd = -1, notify = -1, r = 0, wd = -1;
1845 /* We use inotify to be notified when the tty is closed. We
1846 * create the watch before checking if we can actually acquire
1847 * it, so that we don't lose any event.
1849 * Note: strictly speaking this actually watches for the
1850 * device being closed, it does *not* really watch whether a
1851 * tty loses its controlling process. However, unless some
1852 * rogue process uses TIOCNOTTY on /dev/tty *after* closing
1853 * its tty otherwise this will not become a problem. As long
1854 * as the administrator makes sure not configure any service
1855 * on the same tty as an untrusted user this should not be a
1856 * problem. (Which he probably should not do anyway.) */
1858 if (timeout != (usec_t) -1)
1859 ts = now(CLOCK_MONOTONIC);
1861 if (!fail && !force) {
1862 notify = inotify_init1(IN_CLOEXEC | (timeout != (usec_t) -1 ? IN_NONBLOCK : 0));
1868 wd = inotify_add_watch(notify, name, IN_CLOSE);
1876 struct sigaction sa_old, sa_new = {
1877 .sa_handler = SIG_IGN,
1878 .sa_flags = SA_RESTART,
1882 r = flush_fd(notify);
1887 /* We pass here O_NOCTTY only so that we can check the return
1888 * value TIOCSCTTY and have a reliable way to figure out if we
1889 * successfully became the controlling process of the tty */
1890 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
1894 /* Temporarily ignore SIGHUP, so that we don't get SIGHUP'ed
1895 * if we already own the tty. */
1896 assert_se(sigaction(SIGHUP, &sa_new, &sa_old) == 0);
1898 /* First, try to get the tty */
1899 if (ioctl(fd, TIOCSCTTY, force) < 0)
1902 assert_se(sigaction(SIGHUP, &sa_old, NULL) == 0);
1904 /* Sometimes it makes sense to ignore TIOCSCTTY
1905 * returning EPERM, i.e. when very likely we already
1906 * are have this controlling terminal. */
1907 if (r < 0 && r == -EPERM && ignore_tiocstty_eperm)
1910 if (r < 0 && (force || fail || r != -EPERM)) {
1919 assert(notify >= 0);
1922 uint8_t inotify_buffer[sizeof(struct inotify_event) + FILENAME_MAX];
1924 struct inotify_event *e;
1926 if (timeout != (usec_t) -1) {
1929 n = now(CLOCK_MONOTONIC);
1930 if (ts + timeout < n) {
1935 r = fd_wait_for_event(fd, POLLIN, ts + timeout - n);
1945 l = read(notify, inotify_buffer, sizeof(inotify_buffer));
1948 if (errno == EINTR || errno == EAGAIN)
1955 e = (struct inotify_event*) inotify_buffer;
1960 if (e->wd != wd || !(e->mask & IN_CLOSE)) {
1965 step = sizeof(struct inotify_event) + e->len;
1966 assert(step <= (size_t) l);
1968 e = (struct inotify_event*) ((uint8_t*) e + step);
1975 /* We close the tty fd here since if the old session
1976 * ended our handle will be dead. It's important that
1977 * we do this after sleeping, so that we don't enter
1978 * an endless loop. */
1984 r = reset_terminal_fd(fd, true);
1986 log_warning("Failed to reset terminal: %s", strerror(-r));
1997 int release_terminal(void) {
1999 struct sigaction sa_old, sa_new = {
2000 .sa_handler = SIG_IGN,
2001 .sa_flags = SA_RESTART,
2003 _cleanup_close_ int fd;
2005 fd = open("/dev/tty", O_RDWR|O_NOCTTY|O_NDELAY|O_CLOEXEC);
2009 /* Temporarily ignore SIGHUP, so that we don't get SIGHUP'ed
2010 * by our own TIOCNOTTY */
2011 assert_se(sigaction(SIGHUP, &sa_new, &sa_old) == 0);
2013 if (ioctl(fd, TIOCNOTTY) < 0)
2016 assert_se(sigaction(SIGHUP, &sa_old, NULL) == 0);
2021 int sigaction_many(const struct sigaction *sa, ...) {
2026 while ((sig = va_arg(ap, int)) > 0)
2027 if (sigaction(sig, sa, NULL) < 0)
2034 int ignore_signals(int sig, ...) {
2035 struct sigaction sa = {
2036 .sa_handler = SIG_IGN,
2037 .sa_flags = SA_RESTART,
2042 if (sigaction(sig, &sa, NULL) < 0)
2046 while ((sig = va_arg(ap, int)) > 0)
2047 if (sigaction(sig, &sa, NULL) < 0)
2054 int default_signals(int sig, ...) {
2055 struct sigaction sa = {
2056 .sa_handler = SIG_DFL,
2057 .sa_flags = SA_RESTART,
2062 if (sigaction(sig, &sa, NULL) < 0)
2066 while ((sig = va_arg(ap, int)) > 0)
2067 if (sigaction(sig, &sa, NULL) < 0)
2074 void safe_close_pair(int p[]) {
2078 /* Special case pairs which use the same fd in both
2080 p[0] = p[1] = safe_close(p[0]);
2084 p[0] = safe_close(p[0]);
2085 p[1] = safe_close(p[1]);
2088 ssize_t loop_read(int fd, void *buf, size_t nbytes, bool do_poll) {
2095 while (nbytes > 0) {
2098 k = read(fd, p, nbytes);
2099 if (k < 0 && errno == EINTR)
2102 if (k < 0 && errno == EAGAIN && do_poll) {
2104 /* We knowingly ignore any return value here,
2105 * and expect that any error/EOF is reported
2108 fd_wait_for_event(fd, POLLIN, (usec_t) -1);
2113 return n > 0 ? n : (k < 0 ? -errno : 0);
2123 ssize_t loop_write(int fd, const void *buf, size_t nbytes, bool do_poll) {
2124 const uint8_t *p = buf;
2130 while (nbytes > 0) {
2133 k = write(fd, p, nbytes);
2134 if (k < 0 && errno == EINTR)
2137 if (k < 0 && errno == EAGAIN && do_poll) {
2139 /* We knowingly ignore any return value here,
2140 * and expect that any error/EOF is reported
2143 fd_wait_for_event(fd, POLLOUT, (usec_t) -1);
2148 return n > 0 ? n : (k < 0 ? -errno : 0);
2158 int parse_size(const char *t, off_t base, off_t *size) {
2160 /* Soo, sometimes we want to parse IEC binary suffxies, and
2161 * sometimes SI decimal suffixes. This function can parse
2162 * both. Which one is the right way depends on the
2163 * context. Wikipedia suggests that SI is customary for
2164 * hardrware metrics and network speeds, while IEC is
2165 * customary for most data sizes used by software and volatile
2166 * (RAM) memory. Hence be careful which one you pick!
2168 * In either case we use just K, M, G as suffix, and not Ki,
2169 * Mi, Gi or so (as IEC would suggest). That's because that's
2170 * frickin' ugly. But this means you really need to make sure
2171 * to document which base you are parsing when you use this
2176 unsigned long long factor;
2179 static const struct table iec[] = {
2180 { "E", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
2181 { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
2182 { "T", 1024ULL*1024ULL*1024ULL*1024ULL },
2183 { "G", 1024ULL*1024ULL*1024ULL },
2184 { "M", 1024ULL*1024ULL },
2190 static const struct table si[] = {
2191 { "E", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
2192 { "P", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
2193 { "T", 1000ULL*1000ULL*1000ULL*1000ULL },
2194 { "G", 1000ULL*1000ULL*1000ULL },
2195 { "M", 1000ULL*1000ULL },
2201 const struct table *table;
2203 unsigned long long r = 0;
2204 unsigned n_entries, start_pos = 0;
2207 assert(base == 1000 || base == 1024);
2212 n_entries = ELEMENTSOF(si);
2215 n_entries = ELEMENTSOF(iec);
2221 unsigned long long l2;
2227 l = strtoll(p, &e, 10);
2240 if (*e >= '0' && *e <= '9') {
2243 /* strotoull itself would accept space/+/- */
2244 l2 = strtoull(e, &e2, 10);
2246 if (errno == ERANGE)
2249 /* Ignore failure. E.g. 10.M is valid */
2256 e += strspn(e, WHITESPACE);
2258 for (i = start_pos; i < n_entries; i++)
2259 if (startswith(e, table[i].suffix)) {
2260 unsigned long long tmp;
2261 if ((unsigned long long) l + (frac > 0) > ULLONG_MAX / table[i].factor)
2263 tmp = l * table[i].factor + (unsigned long long) (frac * table[i].factor);
2264 if (tmp > ULLONG_MAX - r)
2268 if ((unsigned long long) (off_t) r != r)
2271 p = e + strlen(table[i].suffix);
2287 int make_stdio(int fd) {
2292 r = dup3(fd, STDIN_FILENO, 0);
2293 s = dup3(fd, STDOUT_FILENO, 0);
2294 t = dup3(fd, STDERR_FILENO, 0);
2299 if (r < 0 || s < 0 || t < 0)
2302 /* We rely here that the new fd has O_CLOEXEC not set */
2307 int make_null_stdio(void) {
2310 null_fd = open("/dev/null", O_RDWR|O_NOCTTY);
2314 return make_stdio(null_fd);
2317 bool is_device_path(const char *path) {
2319 /* Returns true on paths that refer to a device, either in
2320 * sysfs or in /dev */
2323 path_startswith(path, "/dev/") ||
2324 path_startswith(path, "/sys/");
2327 int dir_is_empty(const char *path) {
2328 _cleanup_closedir_ DIR *d;
2339 if (!de && errno != 0)
2345 if (!ignore_file(de->d_name))
2350 char* dirname_malloc(const char *path) {
2351 char *d, *dir, *dir2;
2368 int dev_urandom(void *p, size_t n) {
2369 _cleanup_close_ int fd;
2372 fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC|O_NOCTTY);
2374 return errno == ENOENT ? -ENOSYS : -errno;
2376 k = loop_read(fd, p, n, true);
2379 if ((size_t) k != n)
2385 void random_bytes(void *p, size_t n) {
2386 static bool srand_called = false;
2390 r = dev_urandom(p, n);
2394 /* If some idiot made /dev/urandom unavailable to us, he'll
2395 * get a PRNG instead. */
2397 if (!srand_called) {
2400 #ifdef HAVE_SYS_AUXV_H
2401 /* The kernel provides us with a bit of entropy in
2402 * auxv, so let's try to make use of that to seed the
2403 * pseudo-random generator. It's better than
2408 auxv = (void*) getauxval(AT_RANDOM);
2410 x ^= *(unsigned*) auxv;
2413 x ^= (unsigned) now(CLOCK_REALTIME);
2414 x ^= (unsigned) gettid();
2417 srand_called = true;
2420 for (q = p; q < (uint8_t*) p + n; q ++)
2424 void rename_process(const char name[8]) {
2427 /* This is a like a poor man's setproctitle(). It changes the
2428 * comm field, argv[0], and also the glibc's internally used
2429 * name of the process. For the first one a limit of 16 chars
2430 * applies, to the second one usually one of 10 (i.e. length
2431 * of "/sbin/init"), to the third one one of 7 (i.e. length of
2432 * "systemd"). If you pass a longer string it will be
2435 prctl(PR_SET_NAME, name);
2437 if (program_invocation_name)
2438 strncpy(program_invocation_name, name, strlen(program_invocation_name));
2440 if (saved_argc > 0) {
2444 strncpy(saved_argv[0], name, strlen(saved_argv[0]));
2446 for (i = 1; i < saved_argc; i++) {
2450 memzero(saved_argv[i], strlen(saved_argv[i]));
2455 void sigset_add_many(sigset_t *ss, ...) {
2462 while ((sig = va_arg(ap, int)) > 0)
2463 assert_se(sigaddset(ss, sig) == 0);
2467 int sigprocmask_many(int how, ...) {
2472 assert_se(sigemptyset(&ss) == 0);
2475 while ((sig = va_arg(ap, int)) > 0)
2476 assert_se(sigaddset(&ss, sig) == 0);
2479 if (sigprocmask(how, &ss, NULL) < 0)
2485 char* gethostname_malloc(void) {
2488 assert_se(uname(&u) >= 0);
2490 if (!isempty(u.nodename) && !streq(u.nodename, "(none)"))
2491 return strdup(u.nodename);
2493 return strdup(u.sysname);
2496 bool hostname_is_set(void) {
2499 assert_se(uname(&u) >= 0);
2501 return !isempty(u.nodename) && !streq(u.nodename, "(none)");
2504 static char *lookup_uid(uid_t uid) {
2507 _cleanup_free_ char *buf = NULL;
2508 struct passwd pwbuf, *pw = NULL;
2510 /* Shortcut things to avoid NSS lookups */
2512 return strdup("root");
2514 bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
2518 buf = malloc(bufsize);
2522 if (getpwuid_r(uid, &pwbuf, buf, bufsize, &pw) == 0 && pw)
2523 return strdup(pw->pw_name);
2525 if (asprintf(&name, UID_FMT, uid) < 0)
2531 char* getlogname_malloc(void) {
2535 if (isatty(STDIN_FILENO) && fstat(STDIN_FILENO, &st) >= 0)
2540 return lookup_uid(uid);
2543 char *getusername_malloc(void) {
2550 return lookup_uid(getuid());
2553 int getttyname_malloc(int fd, char **r) {
2554 char path[PATH_MAX], *c;
2559 k = ttyname_r(fd, path, sizeof(path));
2565 c = strdup(startswith(path, "/dev/") ? path + 5 : path);
2573 int getttyname_harder(int fd, char **r) {
2577 k = getttyname_malloc(fd, &s);
2581 if (streq(s, "tty")) {
2583 return get_ctty(0, NULL, r);
2590 int get_ctty_devnr(pid_t pid, dev_t *d) {
2592 _cleanup_free_ char *line = NULL;
2594 unsigned long ttynr;
2598 p = procfs_file_alloca(pid, "stat");
2599 r = read_one_line_file(p, &line);
2603 p = strrchr(line, ')');
2613 "%*d " /* session */
2618 if (major(ttynr) == 0 && minor(ttynr) == 0)
2627 int get_ctty(pid_t pid, dev_t *_devnr, char **r) {
2628 char fn[sizeof("/dev/char/")-1 + 2*DECIMAL_STR_MAX(unsigned) + 1 + 1], *b = NULL;
2629 _cleanup_free_ char *s = NULL;
2636 k = get_ctty_devnr(pid, &devnr);
2640 snprintf(fn, sizeof(fn), "/dev/char/%u:%u", major(devnr), minor(devnr));
2642 k = readlink_malloc(fn, &s);
2648 /* This is an ugly hack */
2649 if (major(devnr) == 136) {
2650 asprintf(&b, "pts/%u", minor(devnr));
2654 /* Probably something like the ptys which have no
2655 * symlink in /dev/char. Let's return something
2656 * vaguely useful. */
2662 if (startswith(s, "/dev/"))
2664 else if (startswith(s, "../"))
2682 int rm_rf_children_dangerous(int fd, bool only_dirs, bool honour_sticky, struct stat *root_dev) {
2683 _cleanup_closedir_ DIR *d = NULL;
2688 /* This returns the first error we run into, but nevertheless
2689 * tries to go on. This closes the passed fd. */
2695 return errno == ENOENT ? 0 : -errno;
2700 bool is_dir, keep_around;
2707 if (errno != 0 && ret == 0)
2712 if (streq(de->d_name, ".") || streq(de->d_name, ".."))
2715 if (de->d_type == DT_UNKNOWN ||
2717 (de->d_type == DT_DIR && root_dev)) {
2718 if (fstatat(fd, de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
2719 if (ret == 0 && errno != ENOENT)
2724 is_dir = S_ISDIR(st.st_mode);
2727 (st.st_uid == 0 || st.st_uid == getuid()) &&
2728 (st.st_mode & S_ISVTX);
2730 is_dir = de->d_type == DT_DIR;
2731 keep_around = false;
2737 /* if root_dev is set, remove subdirectories only, if device is same as dir */
2738 if (root_dev && st.st_dev != root_dev->st_dev)
2741 subdir_fd = openat(fd, de->d_name,
2742 O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
2743 if (subdir_fd < 0) {
2744 if (ret == 0 && errno != ENOENT)
2749 r = rm_rf_children_dangerous(subdir_fd, only_dirs, honour_sticky, root_dev);
2750 if (r < 0 && ret == 0)
2754 if (unlinkat(fd, de->d_name, AT_REMOVEDIR) < 0) {
2755 if (ret == 0 && errno != ENOENT)
2759 } else if (!only_dirs && !keep_around) {
2761 if (unlinkat(fd, de->d_name, 0) < 0) {
2762 if (ret == 0 && errno != ENOENT)
2769 _pure_ static int is_temporary_fs(struct statfs *s) {
2772 return F_TYPE_EQUAL(s->f_type, TMPFS_MAGIC) ||
2773 F_TYPE_EQUAL(s->f_type, RAMFS_MAGIC);
2776 int rm_rf_children(int fd, bool only_dirs, bool honour_sticky, struct stat *root_dev) {
2781 if (fstatfs(fd, &s) < 0) {
2786 /* We refuse to clean disk file systems with this call. This
2787 * is extra paranoia just to be sure we never ever remove
2789 if (!is_temporary_fs(&s)) {
2790 log_error("Attempted to remove disk file system, and we can't allow that.");
2795 return rm_rf_children_dangerous(fd, only_dirs, honour_sticky, root_dev);
2798 static int rm_rf_internal(const char *path, bool only_dirs, bool delete_root, bool honour_sticky, bool dangerous) {
2804 /* We refuse to clean the root file system with this
2805 * call. This is extra paranoia to never cause a really
2806 * seriously broken system. */
2807 if (path_equal(path, "/")) {
2808 log_error("Attempted to remove entire root file system, and we can't allow that.");
2812 fd = open(path, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
2815 if (errno != ENOTDIR)
2819 if (statfs(path, &s) < 0)
2822 if (!is_temporary_fs(&s)) {
2823 log_error("Attempted to remove disk file system, and we can't allow that.");
2828 if (delete_root && !only_dirs)
2829 if (unlink(path) < 0 && errno != ENOENT)
2836 if (fstatfs(fd, &s) < 0) {
2841 if (!is_temporary_fs(&s)) {
2842 log_error("Attempted to remove disk file system, and we can't allow that.");
2848 r = rm_rf_children_dangerous(fd, only_dirs, honour_sticky, NULL);
2851 if (honour_sticky && file_is_priv_sticky(path) > 0)
2854 if (rmdir(path) < 0 && errno != ENOENT) {
2863 int rm_rf(const char *path, bool only_dirs, bool delete_root, bool honour_sticky) {
2864 return rm_rf_internal(path, only_dirs, delete_root, honour_sticky, false);
2867 int rm_rf_dangerous(const char *path, bool only_dirs, bool delete_root, bool honour_sticky) {
2868 return rm_rf_internal(path, only_dirs, delete_root, honour_sticky, true);
2871 int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid) {
2874 /* Under the assumption that we are running privileged we
2875 * first change the access mode and only then hand out
2876 * ownership to avoid a window where access is too open. */
2878 if (mode != (mode_t) -1)
2879 if (chmod(path, mode) < 0)
2882 if (uid != (uid_t) -1 || gid != (gid_t) -1)
2883 if (chown(path, uid, gid) < 0)
2889 int fchmod_and_fchown(int fd, mode_t mode, uid_t uid, gid_t gid) {
2892 /* Under the assumption that we are running privileged we
2893 * first change the access mode and only then hand out
2894 * ownership to avoid a window where access is too open. */
2896 if (mode != (mode_t) -1)
2897 if (fchmod(fd, mode) < 0)
2900 if (uid != (uid_t) -1 || gid != (gid_t) -1)
2901 if (fchown(fd, uid, gid) < 0)
2907 cpu_set_t* cpu_set_malloc(unsigned *ncpus) {
2911 /* Allocates the cpuset in the right size */
2914 if (!(r = CPU_ALLOC(n)))
2917 if (sched_getaffinity(0, CPU_ALLOC_SIZE(n), r) >= 0) {
2918 CPU_ZERO_S(CPU_ALLOC_SIZE(n), r);
2928 if (errno != EINVAL)
2935 int status_vprintf(const char *status, bool ellipse, bool ephemeral, const char *format, va_list ap) {
2936 static const char status_indent[] = " "; /* "[" STATUS "] " */
2937 _cleanup_free_ char *s = NULL;
2938 _cleanup_close_ int fd = -1;
2939 struct iovec iovec[6] = {};
2941 static bool prev_ephemeral;
2945 /* This is independent of logging, as status messages are
2946 * optional and go exclusively to the console. */
2948 if (vasprintf(&s, format, ap) < 0)
2951 fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
2964 sl = status ? sizeof(status_indent)-1 : 0;
2970 e = ellipsize(s, emax, 75);
2978 IOVEC_SET_STRING(iovec[n++], "\r" ANSI_ERASE_TO_END_OF_LINE);
2979 prev_ephemeral = ephemeral;
2982 if (!isempty(status)) {
2983 IOVEC_SET_STRING(iovec[n++], "[");
2984 IOVEC_SET_STRING(iovec[n++], status);
2985 IOVEC_SET_STRING(iovec[n++], "] ");
2987 IOVEC_SET_STRING(iovec[n++], status_indent);
2990 IOVEC_SET_STRING(iovec[n++], s);
2992 IOVEC_SET_STRING(iovec[n++], "\n");
2994 if (writev(fd, iovec, n) < 0)
3000 int status_printf(const char *status, bool ellipse, bool ephemeral, const char *format, ...) {
3006 va_start(ap, format);
3007 r = status_vprintf(status, ellipse, ephemeral, format, ap);
3013 char *replace_env(const char *format, char **env) {
3020 const char *e, *word = format;
3025 for (e = format; *e; e ++) {
3036 if (!(k = strnappend(r, word, e-word-1)))
3045 } else if (*e == '$') {
3046 if (!(k = strnappend(r, word, e-word)))
3062 t = strempty(strv_env_get_n(env, word+2, e-word-2));
3064 k = strappend(r, t);
3078 if (!(k = strnappend(r, word, e-word)))
3089 char **replace_env_argv(char **argv, char **env) {
3091 unsigned k = 0, l = 0;
3093 l = strv_length(argv);
3095 if (!(r = new(char*, l+1)))
3098 STRV_FOREACH(i, argv) {
3100 /* If $FOO appears as single word, replace it by the split up variable */
3101 if ((*i)[0] == '$' && (*i)[1] != '{') {
3106 e = strv_env_get(env, *i+1);
3109 if (!(m = strv_split_quoted(e))) {
3120 if (!(w = realloc(r, sizeof(char*) * (l+1)))) {
3129 memcpy(r + k, m, q * sizeof(char*));
3137 /* If ${FOO} appears as part of a word, replace it by the variable as-is */
3138 if (!(r[k++] = replace_env(*i, env))) {
3148 int fd_columns(int fd) {
3149 struct winsize ws = {};
3151 if (ioctl(fd, TIOCGWINSZ, &ws) < 0)
3160 unsigned columns(void) {
3164 if (_likely_(cached_columns > 0))
3165 return cached_columns;
3168 e = getenv("COLUMNS");
3173 c = fd_columns(STDOUT_FILENO);
3182 int fd_lines(int fd) {
3183 struct winsize ws = {};
3185 if (ioctl(fd, TIOCGWINSZ, &ws) < 0)
3194 unsigned lines(void) {
3198 if (_likely_(cached_lines > 0))
3199 return cached_lines;
3202 e = getenv("LINES");
3207 l = fd_lines(STDOUT_FILENO);
3213 return cached_lines;
3216 /* intended to be used as a SIGWINCH sighandler */
3217 void columns_lines_cache_reset(int signum) {
3223 static int cached_on_tty = -1;
3225 if (_unlikely_(cached_on_tty < 0))
3226 cached_on_tty = isatty(STDOUT_FILENO) > 0;
3228 return cached_on_tty;
3231 int files_same(const char *filea, const char *fileb) {
3234 if (stat(filea, &a) < 0)
3237 if (stat(fileb, &b) < 0)
3240 return a.st_dev == b.st_dev &&
3241 a.st_ino == b.st_ino;
3244 int running_in_chroot(void) {
3247 ret = files_same("/proc/1/root", "/");
3254 static char *ascii_ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigned percent) {
3259 assert(percent <= 100);
3260 assert(new_length >= 3);
3262 if (old_length <= 3 || old_length <= new_length)
3263 return strndup(s, old_length);
3265 r = new0(char, new_length+1);
3269 x = (new_length * percent) / 100;
3271 if (x > new_length - 3)
3279 s + old_length - (new_length - x - 3),
3280 new_length - x - 3);
3285 char *ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigned percent) {
3289 unsigned k, len, len2;
3292 assert(percent <= 100);
3293 assert(new_length >= 3);
3295 /* if no multibyte characters use ascii_ellipsize_mem for speed */
3296 if (ascii_is_valid(s))
3297 return ascii_ellipsize_mem(s, old_length, new_length, percent);
3299 if (old_length <= 3 || old_length <= new_length)
3300 return strndup(s, old_length);
3302 x = (new_length * percent) / 100;
3304 if (x > new_length - 3)
3308 for (i = s; k < x && i < s + old_length; i = utf8_next_char(i)) {
3311 c = utf8_encoded_to_unichar(i);
3314 k += unichar_iswide(c) ? 2 : 1;
3317 if (k > x) /* last character was wide and went over quota */
3320 for (j = s + old_length; k < new_length && j > i; ) {
3323 j = utf8_prev_char(j);
3324 c = utf8_encoded_to_unichar(j);
3327 k += unichar_iswide(c) ? 2 : 1;
3331 /* we don't actually need to ellipsize */
3333 return memdup(s, old_length + 1);
3335 /* make space for ellipsis */
3336 j = utf8_next_char(j);
3339 len2 = s + old_length - j;
3340 e = new(char, len + 3 + len2 + 1);
3345 printf("old_length=%zu new_length=%zu x=%zu len=%u len2=%u k=%u\n",
3346 old_length, new_length, x, len, len2, k);
3350 e[len] = 0xe2; /* tri-dot ellipsis: … */
3354 memcpy(e + len + 3, j, len2 + 1);
3359 char *ellipsize(const char *s, size_t length, unsigned percent) {
3360 return ellipsize_mem(s, strlen(s), length, percent);
3363 int touch_file(const char *path, bool parents, usec_t stamp, uid_t uid, gid_t gid, mode_t mode) {
3364 _cleanup_close_ int fd;
3370 mkdir_parents(path, 0755);
3372 fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY, mode > 0 ? mode : 0644);
3377 r = fchmod(fd, mode);
3382 if (uid != (uid_t) -1 || gid != (gid_t) -1) {
3383 r = fchown(fd, uid, gid);
3388 if (stamp != (usec_t) -1) {
3389 struct timespec ts[2];
3391 timespec_store(&ts[0], stamp);
3393 r = futimens(fd, ts);
3395 r = futimens(fd, NULL);
3402 int touch(const char *path) {
3403 return touch_file(path, false, (usec_t) -1, (uid_t) -1, (gid_t) -1, 0);
3406 char *unquote(const char *s, const char* quotes) {
3410 /* This is rather stupid, simply removes the heading and
3411 * trailing quotes if there is one. Doesn't care about
3412 * escaping or anything. We should make this smarter one
3419 if (strchr(quotes, s[0]) && s[l-1] == s[0])
3420 return strndup(s+1, l-2);
3425 char *normalize_env_assignment(const char *s) {
3426 _cleanup_free_ char *name = NULL, *value = NULL, *p = NULL;
3429 eq = strchr(s, '=');
3441 memmove(r, t, strlen(t) + 1);
3445 name = strndup(s, eq - s);
3453 value = unquote(strstrip(p), QUOTES);
3457 if (asprintf(&r, "%s=%s", strstrip(name), value) < 0)
3463 int wait_for_terminate(pid_t pid, siginfo_t *status) {
3474 if (waitid(P_PID, pid, status, WEXITED) < 0) {
3488 * < 0 : wait_for_terminate() failed to get the state of the
3489 * process, the process was terminated by a signal, or
3490 * failed for an unknown reason.
3491 * >=0 : The process terminated normally, and its exit code is
3494 * That is, success is indicated by a return value of zero, and an
3495 * error is indicated by a non-zero value.
3497 int wait_for_terminate_and_warn(const char *name, pid_t pid) {
3504 r = wait_for_terminate(pid, &status);
3506 log_warning("Failed to wait for %s: %s", name, strerror(-r));
3510 if (status.si_code == CLD_EXITED) {
3511 if (status.si_status != 0) {
3512 log_warning("%s failed with error code %i.", name, status.si_status);
3513 return status.si_status;
3516 log_debug("%s succeeded.", name);
3519 } else if (status.si_code == CLD_KILLED ||
3520 status.si_code == CLD_DUMPED) {
3522 log_warning("%s terminated by signal %s.", name, signal_to_string(status.si_status));
3526 log_warning("%s failed due to unknown reason.", name);
3530 noreturn void freeze(void) {
3532 /* Make sure nobody waits for us on a socket anymore */
3533 close_all_fds(NULL, 0);
3541 bool null_or_empty(struct stat *st) {
3544 if (S_ISREG(st->st_mode) && st->st_size <= 0)
3547 if (S_ISCHR(st->st_mode) || S_ISBLK(st->st_mode))
3553 int null_or_empty_path(const char *fn) {
3558 if (stat(fn, &st) < 0)
3561 return null_or_empty(&st);
3564 DIR *xopendirat(int fd, const char *name, int flags) {
3568 assert(!(flags & O_CREAT));
3570 nfd = openat(fd, name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|flags, 0);
3583 int signal_from_string_try_harder(const char *s) {
3587 signo = signal_from_string(s);
3589 if (startswith(s, "SIG"))
3590 return signal_from_string(s+3);
3595 static char *tag_to_udev_node(const char *tagvalue, const char *by) {
3596 _cleanup_free_ char *t = NULL, *u = NULL;
3599 u = unquote(tagvalue, "\"\'");
3603 enc_len = strlen(u) * 4 + 1;
3604 t = new(char, enc_len);
3608 if (encode_devnode_name(u, t, enc_len) < 0)
3611 return strjoin("/dev/disk/by-", by, "/", t, NULL);
3614 char *fstab_node_to_udev_node(const char *p) {
3617 if (startswith(p, "LABEL="))
3618 return tag_to_udev_node(p+6, "label");
3620 if (startswith(p, "UUID="))
3621 return tag_to_udev_node(p+5, "uuid");
3623 if (startswith(p, "PARTUUID="))
3624 return tag_to_udev_node(p+9, "partuuid");
3626 if (startswith(p, "PARTLABEL="))
3627 return tag_to_udev_node(p+10, "partlabel");
3632 bool tty_is_vc(const char *tty) {
3635 return vtnr_from_tty(tty) >= 0;
3638 bool tty_is_console(const char *tty) {
3641 if (startswith(tty, "/dev/"))
3644 return streq(tty, "console");
3647 int vtnr_from_tty(const char *tty) {
3652 if (startswith(tty, "/dev/"))
3655 if (!startswith(tty, "tty") )
3658 if (tty[3] < '0' || tty[3] > '9')
3661 r = safe_atoi(tty+3, &i);
3665 if (i < 0 || i > 63)
3671 char *resolve_dev_console(char **active) {
3674 /* Resolve where /dev/console is pointing to, if /sys is actually ours
3675 * (i.e. not read-only-mounted which is a sign for container setups) */
3677 if (path_is_read_only_fs("/sys") > 0)
3680 if (read_one_line_file("/sys/class/tty/console/active", active) < 0)
3683 /* If multiple log outputs are configured the last one is what
3684 * /dev/console points to */
3685 tty = strrchr(*active, ' ');
3691 if (streq(tty, "tty0")) {
3694 /* Get the active VC (e.g. tty1) */
3695 if (read_one_line_file("/sys/class/tty/tty0/active", &tmp) >= 0) {
3697 tty = *active = tmp;
3704 bool tty_is_vc_resolve(const char *tty) {
3705 _cleanup_free_ char *active = NULL;
3709 if (startswith(tty, "/dev/"))
3712 if (streq(tty, "console")) {
3713 tty = resolve_dev_console(&active);
3718 return tty_is_vc(tty);
3721 const char *default_term_for_tty(const char *tty) {
3724 return tty_is_vc_resolve(tty) ? "TERM=linux" : "TERM=vt102";
3727 bool dirent_is_file(const struct dirent *de) {
3730 if (ignore_file(de->d_name))
3733 if (de->d_type != DT_REG &&
3734 de->d_type != DT_LNK &&
3735 de->d_type != DT_UNKNOWN)
3741 bool dirent_is_file_with_suffix(const struct dirent *de, const char *suffix) {
3744 if (de->d_type != DT_REG &&
3745 de->d_type != DT_LNK &&
3746 de->d_type != DT_UNKNOWN)
3749 if (ignore_file_allow_backup(de->d_name))
3752 return endswith(de->d_name, suffix);
3755 void execute_directory(const char *directory, DIR *d, usec_t timeout, char *argv[]) {
3761 /* Executes all binaries in a directory in parallel and waits
3762 * for them to finish. Optionally a timeout is applied. */
3764 executor_pid = fork();
3765 if (executor_pid < 0) {
3766 log_error("Failed to fork: %m");
3769 } else if (executor_pid == 0) {
3770 _cleanup_hashmap_free_free_ Hashmap *pids = NULL;
3771 _cleanup_closedir_ DIR *_d = NULL;
3775 /* We fork this all off from a child process so that
3776 * we can somewhat cleanly make use of SIGALRM to set
3779 reset_all_signal_handlers();
3781 assert_se(sigemptyset(&ss) == 0);
3782 assert_se(sigprocmask(SIG_SETMASK, &ss, NULL) == 0);
3784 assert_se(prctl(PR_SET_PDEATHSIG, SIGTERM) == 0);
3787 d = _d = opendir(directory);
3789 if (errno == ENOENT)
3790 _exit(EXIT_SUCCESS);
3792 log_error("Failed to enumerate directory %s: %m", directory);
3793 _exit(EXIT_FAILURE);
3797 pids = hashmap_new(NULL, NULL);
3800 _exit(EXIT_FAILURE);
3803 FOREACH_DIRENT(de, d, break) {
3804 _cleanup_free_ char *path = NULL;
3807 if (!dirent_is_file(de))
3810 if (asprintf(&path, "%s/%s", directory, de->d_name) < 0) {
3812 _exit(EXIT_FAILURE);
3817 log_error("Failed to fork: %m");
3819 } else if (pid == 0) {
3822 assert_se(prctl(PR_SET_PDEATHSIG, SIGTERM) == 0);
3832 log_error("Failed to execute %s: %m", path);
3833 _exit(EXIT_FAILURE);
3837 log_debug("Spawned %s as " PID_FMT ".", path, pid);
3839 r = hashmap_put(pids, UINT_TO_PTR(pid), path);
3842 _exit(EXIT_FAILURE);
3848 /* Abort execution of this process after the
3849 * timout. We simply rely on SIGALRM as default action
3850 * terminating the process, and turn on alarm(). */
3852 if (timeout != (usec_t) -1)
3853 alarm((timeout + USEC_PER_SEC - 1) / USEC_PER_SEC);
3855 while (!hashmap_isempty(pids)) {
3856 _cleanup_free_ char *path = NULL;
3859 pid = PTR_TO_UINT(hashmap_first_key(pids));
3862 path = hashmap_remove(pids, UINT_TO_PTR(pid));
3865 wait_for_terminate_and_warn(path, pid);
3868 _exit(EXIT_SUCCESS);
3871 wait_for_terminate_and_warn(directory, executor_pid);
3874 int kill_and_sigcont(pid_t pid, int sig) {
3877 r = kill(pid, sig) < 0 ? -errno : 0;
3885 bool nulstr_contains(const char*nulstr, const char *needle) {
3891 NULSTR_FOREACH(i, nulstr)
3892 if (streq(i, needle))
3898 bool plymouth_running(void) {
3899 return access("/run/plymouth/pid", F_OK) >= 0;
3902 char* strshorten(char *s, size_t l) {
3911 static bool hostname_valid_char(char c) {
3913 (c >= 'a' && c <= 'z') ||
3914 (c >= 'A' && c <= 'Z') ||
3915 (c >= '0' && c <= '9') ||
3921 bool hostname_is_valid(const char *s) {
3928 for (p = s, dot = true; *p; p++) {
3935 if (!hostname_valid_char(*p))
3945 if (p-s > HOST_NAME_MAX)
3951 char* hostname_cleanup(char *s, bool lowercase) {
3955 for (p = s, d = s, dot = true; *p; p++) {
3962 } else if (hostname_valid_char(*p)) {
3963 *(d++) = lowercase ? tolower(*p) : *p;
3974 strshorten(s, HOST_NAME_MAX);
3979 bool machine_name_is_valid(const char *s) {
3981 if (!hostname_is_valid(s))
3984 /* Machine names should be useful hostnames, but also be
3985 * useful in unit names, hence we enforce a stricter length
3994 int pipe_eof(int fd) {
3995 struct pollfd pollfd = {
3997 .events = POLLIN|POLLHUP,
4002 r = poll(&pollfd, 1, 0);
4009 return pollfd.revents & POLLHUP;
4012 int fd_wait_for_event(int fd, int event, usec_t t) {
4014 struct pollfd pollfd = {
4022 r = ppoll(&pollfd, 1, t == (usec_t) -1 ? NULL : timespec_store(&ts, t), NULL);
4029 return pollfd.revents;
4032 int fopen_temporary(const char *path, FILE **_f, char **_temp_path) {
4041 t = tempfn_xxxxxx(path);
4045 fd = mkostemp_safe(t, O_WRONLY|O_CLOEXEC);
4051 f = fdopen(fd, "we");
4064 int terminal_vhangup_fd(int fd) {
4067 if (ioctl(fd, TIOCVHANGUP) < 0)
4073 int terminal_vhangup(const char *name) {
4074 _cleanup_close_ int fd;
4076 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
4080 return terminal_vhangup_fd(fd);
4083 int vt_disallocate(const char *name) {
4087 /* Deallocate the VT if possible. If not possible
4088 * (i.e. because it is the active one), at least clear it
4089 * entirely (including the scrollback buffer) */
4091 if (!startswith(name, "/dev/"))
4094 if (!tty_is_vc(name)) {
4095 /* So this is not a VT. I guess we cannot deallocate
4096 * it then. But let's at least clear the screen */
4098 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
4103 "\033[r" /* clear scrolling region */
4104 "\033[H" /* move home */
4105 "\033[2J", /* clear screen */
4112 if (!startswith(name, "/dev/tty"))
4115 r = safe_atou(name+8, &u);
4122 /* Try to deallocate */
4123 fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
4127 r = ioctl(fd, VT_DISALLOCATE, u);
4136 /* Couldn't deallocate, so let's clear it fully with
4138 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
4143 "\033[r" /* clear scrolling region */
4144 "\033[H" /* move home */
4145 "\033[3J", /* clear screen including scrollback, requires Linux 2.6.40 */
4152 int symlink_atomic(const char *from, const char *to) {
4153 _cleanup_free_ char *t = NULL;
4158 t = tempfn_random(to);
4162 if (symlink(from, t) < 0)
4165 if (rename(t, to) < 0) {
4173 int mknod_atomic(const char *path, mode_t mode, dev_t dev) {
4174 _cleanup_free_ char *t = NULL;
4178 t = tempfn_random(path);
4182 if (mknod(t, mode, dev) < 0)
4185 if (rename(t, path) < 0) {
4193 int mkfifo_atomic(const char *path, mode_t mode) {
4194 _cleanup_free_ char *t = NULL;
4198 t = tempfn_random(path);
4202 if (mkfifo(t, mode) < 0)
4205 if (rename(t, path) < 0) {
4213 bool display_is_local(const char *display) {
4217 display[0] == ':' &&
4218 display[1] >= '0' &&
4222 int socket_from_display(const char *display, char **path) {
4229 if (!display_is_local(display))
4232 k = strspn(display+1, "0123456789");
4234 f = new(char, strlen("/tmp/.X11-unix/X") + k + 1);
4238 c = stpcpy(f, "/tmp/.X11-unix/X");
4239 memcpy(c, display+1, k);
4248 const char **username,
4249 uid_t *uid, gid_t *gid,
4251 const char **shell) {
4259 /* We enforce some special rules for uid=0: in order to avoid
4260 * NSS lookups for root we hardcode its data. */
4262 if (streq(*username, "root") || streq(*username, "0")) {
4280 if (parse_uid(*username, &u) >= 0) {
4284 /* If there are multiple users with the same id, make
4285 * sure to leave $USER to the configured value instead
4286 * of the first occurrence in the database. However if
4287 * the uid was configured by a numeric uid, then let's
4288 * pick the real username from /etc/passwd. */
4290 *username = p->pw_name;
4293 p = getpwnam(*username);
4297 return errno > 0 ? -errno : -ESRCH;
4309 *shell = p->pw_shell;
4314 char* uid_to_name(uid_t uid) {
4319 return strdup("root");
4323 return strdup(p->pw_name);
4325 if (asprintf(&r, UID_FMT, uid) < 0)
4331 char* gid_to_name(gid_t gid) {
4336 return strdup("root");
4340 return strdup(p->gr_name);
4342 if (asprintf(&r, GID_FMT, gid) < 0)
4348 int get_group_creds(const char **groupname, gid_t *gid) {
4354 /* We enforce some special rules for gid=0: in order to avoid
4355 * NSS lookups for root we hardcode its data. */
4357 if (streq(*groupname, "root") || streq(*groupname, "0")) {
4358 *groupname = "root";
4366 if (parse_gid(*groupname, &id) >= 0) {
4371 *groupname = g->gr_name;
4374 g = getgrnam(*groupname);
4378 return errno > 0 ? -errno : -ESRCH;
4386 int in_gid(gid_t gid) {
4388 int ngroups_max, r, i;
4390 if (getgid() == gid)
4393 if (getegid() == gid)
4396 ngroups_max = sysconf(_SC_NGROUPS_MAX);
4397 assert(ngroups_max > 0);
4399 gids = alloca(sizeof(gid_t) * ngroups_max);
4401 r = getgroups(ngroups_max, gids);
4405 for (i = 0; i < r; i++)
4412 int in_group(const char *name) {
4416 r = get_group_creds(&name, &gid);
4423 int glob_exists(const char *path) {
4424 _cleanup_globfree_ glob_t g = {};
4430 k = glob(path, GLOB_NOSORT|GLOB_BRACE, NULL, &g);
4432 if (k == GLOB_NOMATCH)
4434 else if (k == GLOB_NOSPACE)
4437 return !strv_isempty(g.gl_pathv);
4439 return errno ? -errno : -EIO;
4442 int glob_extend(char ***strv, const char *path) {
4443 _cleanup_globfree_ glob_t g = {};
4448 k = glob(path, GLOB_NOSORT|GLOB_BRACE, NULL, &g);
4450 if (k == GLOB_NOMATCH)
4452 else if (k == GLOB_NOSPACE)
4454 else if (k != 0 || strv_isempty(g.gl_pathv))
4455 return errno ? -errno : -EIO;
4457 STRV_FOREACH(p, g.gl_pathv) {
4458 k = strv_extend(strv, *p);
4466 int dirent_ensure_type(DIR *d, struct dirent *de) {
4472 if (de->d_type != DT_UNKNOWN)
4475 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
4479 S_ISREG(st.st_mode) ? DT_REG :
4480 S_ISDIR(st.st_mode) ? DT_DIR :
4481 S_ISLNK(st.st_mode) ? DT_LNK :
4482 S_ISFIFO(st.st_mode) ? DT_FIFO :
4483 S_ISSOCK(st.st_mode) ? DT_SOCK :
4484 S_ISCHR(st.st_mode) ? DT_CHR :
4485 S_ISBLK(st.st_mode) ? DT_BLK :
4491 int get_files_in_directory(const char *path, char ***list) {
4492 _cleanup_closedir_ DIR *d = NULL;
4493 size_t bufsize = 0, n = 0;
4494 _cleanup_strv_free_ char **l = NULL;
4498 /* Returns all files in a directory in *list, and the number
4499 * of files as return value. If list is NULL returns only the
4511 if (!de && errno != 0)
4516 dirent_ensure_type(d, de);
4518 if (!dirent_is_file(de))
4522 /* one extra slot is needed for the terminating NULL */
4523 if (!GREEDY_REALLOC(l, bufsize, n + 2))
4526 l[n] = strdup(de->d_name);
4537 l = NULL; /* avoid freeing */
4543 char *strjoin(const char *x, ...) {
4557 t = va_arg(ap, const char *);
4562 if (n > ((size_t) -1) - l) {
4586 t = va_arg(ap, const char *);
4600 bool is_main_thread(void) {
4601 static thread_local int cached = 0;
4603 if (_unlikely_(cached == 0))
4604 cached = getpid() == gettid() ? 1 : -1;
4609 int block_get_whole_disk(dev_t d, dev_t *ret) {
4616 /* If it has a queue this is good enough for us */
4617 if (asprintf(&p, "/sys/dev/block/%u:%u/queue", major(d), minor(d)) < 0)
4620 r = access(p, F_OK);
4628 /* If it is a partition find the originating device */
4629 if (asprintf(&p, "/sys/dev/block/%u:%u/partition", major(d), minor(d)) < 0)
4632 r = access(p, F_OK);
4638 /* Get parent dev_t */
4639 if (asprintf(&p, "/sys/dev/block/%u:%u/../dev", major(d), minor(d)) < 0)
4642 r = read_one_line_file(p, &s);
4648 r = sscanf(s, "%u:%u", &m, &n);
4654 /* Only return this if it is really good enough for us. */
4655 if (asprintf(&p, "/sys/dev/block/%u:%u/queue", m, n) < 0)
4658 r = access(p, F_OK);
4662 *ret = makedev(m, n);
4669 int file_is_priv_sticky(const char *p) {
4674 if (lstat(p, &st) < 0)
4678 (st.st_uid == 0 || st.st_uid == getuid()) &&
4679 (st.st_mode & S_ISVTX);
4682 static const char *const ioprio_class_table[] = {
4683 [IOPRIO_CLASS_NONE] = "none",
4684 [IOPRIO_CLASS_RT] = "realtime",
4685 [IOPRIO_CLASS_BE] = "best-effort",
4686 [IOPRIO_CLASS_IDLE] = "idle"
4689 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ioprio_class, int, INT_MAX);
4691 static const char *const sigchld_code_table[] = {
4692 [CLD_EXITED] = "exited",
4693 [CLD_KILLED] = "killed",
4694 [CLD_DUMPED] = "dumped",
4695 [CLD_TRAPPED] = "trapped",
4696 [CLD_STOPPED] = "stopped",
4697 [CLD_CONTINUED] = "continued",
4700 DEFINE_STRING_TABLE_LOOKUP(sigchld_code, int);
4702 static const char *const log_facility_unshifted_table[LOG_NFACILITIES] = {
4703 [LOG_FAC(LOG_KERN)] = "kern",
4704 [LOG_FAC(LOG_USER)] = "user",
4705 [LOG_FAC(LOG_MAIL)] = "mail",
4706 [LOG_FAC(LOG_DAEMON)] = "daemon",
4707 [LOG_FAC(LOG_AUTH)] = "auth",
4708 [LOG_FAC(LOG_SYSLOG)] = "syslog",
4709 [LOG_FAC(LOG_LPR)] = "lpr",
4710 [LOG_FAC(LOG_NEWS)] = "news",
4711 [LOG_FAC(LOG_UUCP)] = "uucp",
4712 [LOG_FAC(LOG_CRON)] = "cron",
4713 [LOG_FAC(LOG_AUTHPRIV)] = "authpriv",
4714 [LOG_FAC(LOG_FTP)] = "ftp",
4715 [LOG_FAC(LOG_LOCAL0)] = "local0",
4716 [LOG_FAC(LOG_LOCAL1)] = "local1",
4717 [LOG_FAC(LOG_LOCAL2)] = "local2",
4718 [LOG_FAC(LOG_LOCAL3)] = "local3",
4719 [LOG_FAC(LOG_LOCAL4)] = "local4",
4720 [LOG_FAC(LOG_LOCAL5)] = "local5",
4721 [LOG_FAC(LOG_LOCAL6)] = "local6",
4722 [LOG_FAC(LOG_LOCAL7)] = "local7"
4725 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(log_facility_unshifted, int, LOG_FAC(~0));
4727 static const char *const log_level_table[] = {
4728 [LOG_EMERG] = "emerg",
4729 [LOG_ALERT] = "alert",
4730 [LOG_CRIT] = "crit",
4732 [LOG_WARNING] = "warning",
4733 [LOG_NOTICE] = "notice",
4734 [LOG_INFO] = "info",
4735 [LOG_DEBUG] = "debug"
4738 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(log_level, int, LOG_DEBUG);
4740 static const char* const sched_policy_table[] = {
4741 [SCHED_OTHER] = "other",
4742 [SCHED_BATCH] = "batch",
4743 [SCHED_IDLE] = "idle",
4744 [SCHED_FIFO] = "fifo",
4748 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(sched_policy, int, INT_MAX);
4750 static const char* const rlimit_table[_RLIMIT_MAX] = {
4751 [RLIMIT_CPU] = "LimitCPU",
4752 [RLIMIT_FSIZE] = "LimitFSIZE",
4753 [RLIMIT_DATA] = "LimitDATA",
4754 [RLIMIT_STACK] = "LimitSTACK",
4755 [RLIMIT_CORE] = "LimitCORE",
4756 [RLIMIT_RSS] = "LimitRSS",
4757 [RLIMIT_NOFILE] = "LimitNOFILE",
4758 [RLIMIT_AS] = "LimitAS",
4759 [RLIMIT_NPROC] = "LimitNPROC",
4760 [RLIMIT_MEMLOCK] = "LimitMEMLOCK",
4761 [RLIMIT_LOCKS] = "LimitLOCKS",
4762 [RLIMIT_SIGPENDING] = "LimitSIGPENDING",
4763 [RLIMIT_MSGQUEUE] = "LimitMSGQUEUE",
4764 [RLIMIT_NICE] = "LimitNICE",
4765 [RLIMIT_RTPRIO] = "LimitRTPRIO",
4766 [RLIMIT_RTTIME] = "LimitRTTIME"
4769 DEFINE_STRING_TABLE_LOOKUP(rlimit, int);
4771 static const char* const ip_tos_table[] = {
4772 [IPTOS_LOWDELAY] = "low-delay",
4773 [IPTOS_THROUGHPUT] = "throughput",
4774 [IPTOS_RELIABILITY] = "reliability",
4775 [IPTOS_LOWCOST] = "low-cost",
4778 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ip_tos, int, 0xff);
4780 static const char *const __signal_table[] = {
4797 [SIGSTKFLT] = "STKFLT", /* Linux on SPARC doesn't know SIGSTKFLT */
4808 [SIGVTALRM] = "VTALRM",
4810 [SIGWINCH] = "WINCH",
4816 DEFINE_PRIVATE_STRING_TABLE_LOOKUP(__signal, int);
4818 const char *signal_to_string(int signo) {
4819 static thread_local char buf[sizeof("RTMIN+")-1 + DECIMAL_STR_MAX(int) + 1];
4822 name = __signal_to_string(signo);
4826 if (signo >= SIGRTMIN && signo <= SIGRTMAX)
4827 snprintf(buf, sizeof(buf), "RTMIN+%d", signo - SIGRTMIN);
4829 snprintf(buf, sizeof(buf), "%d", signo);
4834 int signal_from_string(const char *s) {
4839 signo = __signal_from_string(s);
4843 if (startswith(s, "RTMIN+")) {
4847 if (safe_atou(s, &u) >= 0) {
4848 signo = (int) u + offset;
4849 if (signo > 0 && signo < _NSIG)
4855 bool kexec_loaded(void) {
4856 bool loaded = false;
4859 if (read_one_line_file("/sys/kernel/kexec_loaded", &s) >= 0) {
4867 int strdup_or_null(const char *a, char **b) {
4885 int prot_from_flags(int flags) {
4887 switch (flags & O_ACCMODE) {
4896 return PROT_READ|PROT_WRITE;
4903 char *format_bytes(char *buf, size_t l, off_t t) {
4906 static const struct {
4910 { "E", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
4911 { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
4912 { "T", 1024ULL*1024ULL*1024ULL*1024ULL },
4913 { "G", 1024ULL*1024ULL*1024ULL },
4914 { "M", 1024ULL*1024ULL },
4918 for (i = 0; i < ELEMENTSOF(table); i++) {
4920 if (t >= table[i].factor) {
4923 (unsigned long long) (t / table[i].factor),
4924 (unsigned long long) (((t*10ULL) / table[i].factor) % 10ULL),
4931 snprintf(buf, l, "%lluB", (unsigned long long) t);
4939 void* memdup(const void *p, size_t l) {
4952 int fd_inc_sndbuf(int fd, size_t n) {
4954 socklen_t l = sizeof(value);
4956 r = getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, &l);
4957 if (r >= 0 && l == sizeof(value) && (size_t) value >= n*2)
4960 /* If we have the privileges we will ignore the kernel limit. */
4963 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
4964 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
4970 int fd_inc_rcvbuf(int fd, size_t n) {
4972 socklen_t l = sizeof(value);
4974 r = getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, &l);
4975 if (r >= 0 && l == sizeof(value) && (size_t) value >= n*2)
4978 /* If we have the privileges we will ignore the kernel limit. */
4981 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
4982 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
4987 int fork_agent(pid_t *pid, const int except[], unsigned n_except, const char *path, ...) {
4988 pid_t parent_pid, agent_pid;
4990 bool stdout_is_tty, stderr_is_tty;
4998 parent_pid = getpid();
5000 /* Spawns a temporary TTY agent, making sure it goes away when
5007 if (agent_pid != 0) {
5014 * Make sure the agent goes away when the parent dies */
5015 if (prctl(PR_SET_PDEATHSIG, SIGTERM) < 0)
5016 _exit(EXIT_FAILURE);
5018 /* Check whether our parent died before we were able
5019 * to set the death signal */
5020 if (getppid() != parent_pid)
5021 _exit(EXIT_SUCCESS);
5023 /* Don't leak fds to the agent */
5024 close_all_fds(except, n_except);
5026 stdout_is_tty = isatty(STDOUT_FILENO);
5027 stderr_is_tty = isatty(STDERR_FILENO);
5029 if (!stdout_is_tty || !stderr_is_tty) {
5030 /* Detach from stdout/stderr. and reopen
5031 * /dev/tty for them. This is important to
5032 * ensure that when systemctl is started via
5033 * popen() or a similar call that expects to
5034 * read EOF we actually do generate EOF and
5035 * not delay this indefinitely by because we
5036 * keep an unused copy of stdin around. */
5037 fd = open("/dev/tty", O_WRONLY);
5039 log_error("Failed to open /dev/tty: %m");
5040 _exit(EXIT_FAILURE);
5044 dup2(fd, STDOUT_FILENO);
5047 dup2(fd, STDERR_FILENO);
5053 /* Count arguments */
5055 for (n = 0; va_arg(ap, char*); n++)
5060 l = alloca(sizeof(char *) * (n + 1));
5062 /* Fill in arguments */
5064 for (i = 0; i <= n; i++)
5065 l[i] = va_arg(ap, char*);
5069 _exit(EXIT_FAILURE);
5072 int setrlimit_closest(int resource, const struct rlimit *rlim) {
5073 struct rlimit highest, fixed;
5077 if (setrlimit(resource, rlim) >= 0)
5083 /* So we failed to set the desired setrlimit, then let's try
5084 * to get as close as we can */
5085 assert_se(getrlimit(resource, &highest) == 0);
5087 fixed.rlim_cur = MIN(rlim->rlim_cur, highest.rlim_max);
5088 fixed.rlim_max = MIN(rlim->rlim_max, highest.rlim_max);
5090 if (setrlimit(resource, &fixed) < 0)
5096 int getenv_for_pid(pid_t pid, const char *field, char **_value) {
5097 _cleanup_fclose_ FILE *f = NULL;
5108 path = procfs_file_alloca(pid, "environ");
5110 f = fopen(path, "re");
5118 char line[LINE_MAX];
5121 for (i = 0; i < sizeof(line)-1; i++) {
5125 if (_unlikely_(c == EOF)) {
5135 if (memcmp(line, field, l) == 0 && line[l] == '=') {
5136 value = strdup(line + l + 1);
5150 bool is_valid_documentation_url(const char *url) {
5153 if (startswith(url, "http://") && url[7])
5156 if (startswith(url, "https://") && url[8])
5159 if (startswith(url, "file:") && url[5])
5162 if (startswith(url, "info:") && url[5])
5165 if (startswith(url, "man:") && url[4])
5171 bool in_initrd(void) {
5172 static int saved = -1;
5178 /* We make two checks here:
5180 * 1. the flag file /etc/initrd-release must exist
5181 * 2. the root file system must be a memory file system
5183 * The second check is extra paranoia, since misdetecting an
5184 * initrd can have bad bad consequences due the initrd
5185 * emptying when transititioning to the main systemd.
5188 saved = access("/etc/initrd-release", F_OK) >= 0 &&
5189 statfs("/", &s) >= 0 &&
5190 is_temporary_fs(&s);
5195 void warn_melody(void) {
5196 _cleanup_close_ int fd = -1;
5198 fd = open("/dev/console", O_WRONLY|O_CLOEXEC|O_NOCTTY);
5202 /* Yeah, this is synchronous. Kinda sucks. But well... */
5204 ioctl(fd, KIOCSOUND, (int)(1193180/440));
5205 usleep(125*USEC_PER_MSEC);
5207 ioctl(fd, KIOCSOUND, (int)(1193180/220));
5208 usleep(125*USEC_PER_MSEC);
5210 ioctl(fd, KIOCSOUND, (int)(1193180/220));
5211 usleep(125*USEC_PER_MSEC);
5213 ioctl(fd, KIOCSOUND, 0);
5216 int make_console_stdio(void) {
5219 /* Make /dev/console the controlling terminal and stdin/stdout/stderr */
5221 fd = acquire_terminal("/dev/console", false, true, true, (usec_t) -1);
5223 log_error("Failed to acquire terminal: %s", strerror(-fd));
5229 log_error("Failed to duplicate terminal fd: %s", strerror(-r));
5236 int get_home_dir(char **_h) {
5244 /* Take the user specified one */
5245 e = secure_getenv("HOME");
5246 if (e && path_is_absolute(e)) {
5255 /* Hardcode home directory for root to avoid NSS */
5258 h = strdup("/root");
5266 /* Check the database... */
5270 return errno > 0 ? -errno : -ESRCH;
5272 if (!path_is_absolute(p->pw_dir))
5275 h = strdup(p->pw_dir);
5283 int get_shell(char **_s) {
5291 /* Take the user specified one */
5292 e = getenv("SHELL");
5302 /* Hardcode home directory for root to avoid NSS */
5305 s = strdup("/bin/sh");
5313 /* Check the database... */
5317 return errno > 0 ? -errno : -ESRCH;
5319 if (!path_is_absolute(p->pw_shell))
5322 s = strdup(p->pw_shell);
5330 bool filename_is_safe(const char *p) {
5344 if (strlen(p) > FILENAME_MAX)
5350 bool string_is_safe(const char *p) {
5355 for (t = p; *t; t++) {
5356 if (*t > 0 && *t < ' ')
5362 if (strchr("\\\"\'", *t))
5370 * Check if a string contains control characters.
5371 * Spaces and tabs are not considered control characters.
5373 bool string_has_cc(const char *p) {
5378 for (t = p; *t; t++) {
5379 if (*t > 0 && *t < ' ' && *t != '\t')
5389 bool path_is_safe(const char *p) {
5394 if (streq(p, "..") || startswith(p, "../") || endswith(p, "/..") || strstr(p, "/../"))
5397 if (strlen(p) > PATH_MAX)
5400 /* The following two checks are not really dangerous, but hey, they still are confusing */
5401 if (streq(p, ".") || startswith(p, "./") || endswith(p, "/.") || strstr(p, "/./"))
5404 if (strstr(p, "//"))
5410 /* hey glibc, APIs with callbacks without a user pointer are so useless */
5411 void *xbsearch_r(const void *key, const void *base, size_t nmemb, size_t size,
5412 int (*compar) (const void *, const void *, void *), void *arg) {
5421 p = (void *)(((const char *) base) + (idx * size));
5422 comparison = compar(key, p, arg);
5425 else if (comparison > 0)
5433 bool is_locale_utf8(void) {
5435 static int cached_answer = -1;
5437 if (cached_answer >= 0)
5440 if (!setlocale(LC_ALL, "")) {
5441 cached_answer = true;
5445 set = nl_langinfo(CODESET);
5447 cached_answer = true;
5451 if (streq(set, "UTF-8")) {
5452 cached_answer = true;
5456 /* For LC_CTYPE=="C" return true, because CTYPE is effectly
5457 * unset and everything can do to UTF-8 nowadays. */
5458 set = setlocale(LC_CTYPE, NULL);
5460 cached_answer = true;
5464 /* Check result, but ignore the result if C was set
5468 !getenv("LC_ALL") &&
5469 !getenv("LC_CTYPE") &&
5473 return (bool) cached_answer;
5476 const char *draw_special_char(DrawSpecialChar ch) {
5477 static const char *draw_table[2][_DRAW_SPECIAL_CHAR_MAX] = {
5480 [DRAW_TREE_VERTICAL] = "\342\224\202 ", /* │ */
5481 [DRAW_TREE_BRANCH] = "\342\224\234\342\224\200", /* ├─ */
5482 [DRAW_TREE_RIGHT] = "\342\224\224\342\224\200", /* └─ */
5483 [DRAW_TREE_SPACE] = " ", /* */
5484 [DRAW_TRIANGULAR_BULLET] = "\342\200\243", /* ‣ */
5485 [DRAW_BLACK_CIRCLE] = "\342\227\217", /* ● */
5486 [DRAW_ARROW] = "\342\206\222", /* → */
5487 [DRAW_DASH] = "\342\200\223", /* – */
5490 /* ASCII fallback */ {
5491 [DRAW_TREE_VERTICAL] = "| ",
5492 [DRAW_TREE_BRANCH] = "|-",
5493 [DRAW_TREE_RIGHT] = "`-",
5494 [DRAW_TREE_SPACE] = " ",
5495 [DRAW_TRIANGULAR_BULLET] = ">",
5496 [DRAW_BLACK_CIRCLE] = "*",
5497 [DRAW_ARROW] = "->",
5502 return draw_table[!is_locale_utf8()][ch];
5505 char *strreplace(const char *text, const char *old_string, const char *new_string) {
5508 size_t l, old_len, new_len;
5514 old_len = strlen(old_string);
5515 new_len = strlen(new_string);
5528 if (!startswith(f, old_string)) {
5534 nl = l - old_len + new_len;
5535 a = realloc(r, nl + 1);
5543 t = stpcpy(t, new_string);
5555 char *strip_tab_ansi(char **ibuf, size_t *_isz) {
5556 const char *i, *begin = NULL;
5561 } state = STATE_OTHER;
5563 size_t osz = 0, isz;
5569 /* Strips ANSI color and replaces TABs by 8 spaces */
5571 isz = _isz ? *_isz : strlen(*ibuf);
5573 f = open_memstream(&obuf, &osz);
5577 for (i = *ibuf; i < *ibuf + isz + 1; i++) {
5582 if (i >= *ibuf + isz) /* EOT */
5584 else if (*i == '\x1B')
5585 state = STATE_ESCAPE;
5586 else if (*i == '\t')
5593 if (i >= *ibuf + isz) { /* EOT */
5596 } else if (*i == '[') {
5597 state = STATE_BRACKET;
5602 state = STATE_OTHER;
5609 if (i >= *ibuf + isz || /* EOT */
5610 (!(*i >= '0' && *i <= '9') && *i != ';' && *i != 'm')) {
5613 state = STATE_OTHER;
5615 } else if (*i == 'm')
5616 state = STATE_OTHER;
5638 int on_ac_power(void) {
5639 bool found_offline = false, found_online = false;
5640 _cleanup_closedir_ DIR *d = NULL;
5642 d = opendir("/sys/class/power_supply");
5648 _cleanup_close_ int fd = -1, device = -1;
5654 if (!de && errno != 0)
5660 if (ignore_file(de->d_name))
5663 device = openat(dirfd(d), de->d_name, O_DIRECTORY|O_RDONLY|O_CLOEXEC|O_NOCTTY);
5665 if (errno == ENOENT || errno == ENOTDIR)
5671 fd = openat(device, "type", O_RDONLY|O_CLOEXEC|O_NOCTTY);
5673 if (errno == ENOENT)
5679 n = read(fd, contents, sizeof(contents));
5683 if (n != 6 || memcmp(contents, "Mains\n", 6))
5687 fd = openat(device, "online", O_RDONLY|O_CLOEXEC|O_NOCTTY);
5689 if (errno == ENOENT)
5695 n = read(fd, contents, sizeof(contents));
5699 if (n != 2 || contents[1] != '\n')
5702 if (contents[0] == '1') {
5703 found_online = true;
5705 } else if (contents[0] == '0')
5706 found_offline = true;
5711 return found_online || !found_offline;
5714 static int search_and_fopen_internal(const char *path, const char *mode, const char *root, char **search, FILE **_f) {
5721 if (!path_strv_resolve_uniq(search, root))
5724 STRV_FOREACH(i, search) {
5725 _cleanup_free_ char *p = NULL;
5729 p = strjoin(root, *i, "/", path, NULL);
5731 p = strjoin(*i, "/", path, NULL);
5741 if (errno != ENOENT)
5748 int search_and_fopen(const char *path, const char *mode, const char *root, const char **search, FILE **_f) {
5749 _cleanup_strv_free_ char **copy = NULL;
5755 if (path_is_absolute(path)) {
5758 f = fopen(path, mode);
5767 copy = strv_copy((char**) search);
5771 return search_and_fopen_internal(path, mode, root, copy, _f);
5774 int search_and_fopen_nulstr(const char *path, const char *mode, const char *root, const char *search, FILE **_f) {
5775 _cleanup_strv_free_ char **s = NULL;
5777 if (path_is_absolute(path)) {
5780 f = fopen(path, mode);
5789 s = strv_split_nulstr(search);
5793 return search_and_fopen_internal(path, mode, root, s, _f);
5796 char *strextend(char **x, ...) {
5803 l = f = *x ? strlen(*x) : 0;
5810 t = va_arg(ap, const char *);
5815 if (n > ((size_t) -1) - l) {
5824 r = realloc(*x, l+1);
5834 t = va_arg(ap, const char *);
5848 char *strrep(const char *s, unsigned n) {
5856 p = r = malloc(l * n + 1);
5860 for (i = 0; i < n; i++)
5867 void* greedy_realloc(void **p, size_t *allocated, size_t need, size_t size) {
5874 if (*allocated >= need)
5877 newalloc = MAX(need * 2, 64u / size);
5878 a = newalloc * size;
5880 /* check for overflows */
5881 if (a < size * need)
5889 *allocated = newalloc;
5893 void* greedy_realloc0(void **p, size_t *allocated, size_t need, size_t size) {
5902 q = greedy_realloc(p, allocated, need, size);
5906 if (*allocated > prev)
5907 memzero(q + prev * size, (*allocated - prev) * size);
5912 bool id128_is_valid(const char *s) {
5918 /* Simple formatted 128bit hex string */
5920 for (i = 0; i < l; i++) {
5923 if (!(c >= '0' && c <= '9') &&
5924 !(c >= 'a' && c <= 'z') &&
5925 !(c >= 'A' && c <= 'Z'))
5929 } else if (l == 36) {
5931 /* Formatted UUID */
5933 for (i = 0; i < l; i++) {
5936 if ((i == 8 || i == 13 || i == 18 || i == 23)) {
5940 if (!(c >= '0' && c <= '9') &&
5941 !(c >= 'a' && c <= 'z') &&
5942 !(c >= 'A' && c <= 'Z'))
5953 int split_pair(const char *s, const char *sep, char **l, char **r) {
5968 a = strndup(s, x - s);
5972 b = strdup(x + strlen(sep));
5984 int shall_restore_state(void) {
5985 _cleanup_free_ char *line = NULL;
5990 r = proc_cmdline(&line);
5993 if (r == 0) /* Container ... */
5998 FOREACH_WORD_QUOTED(w, l, line, state) {
6006 e = startswith(n, "systemd.restore_state=");
6010 k = parse_boolean(e);
6018 int proc_cmdline(char **ret) {
6021 if (detect_container(NULL) > 0) {
6022 char *buf = NULL, *p;
6025 r = read_full_file("/proc/1/cmdline", &buf, &sz);
6029 for (p = buf; p + 1 < buf + sz; p++)
6038 r = read_one_line_file("/proc/cmdline", ret);
6045 int parse_proc_cmdline(int (*parse_item)(const char *key, const char *value)) {
6046 _cleanup_free_ char *line = NULL;
6053 r = proc_cmdline(&line);
6055 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
6059 FOREACH_WORD_QUOTED(w, l, line, state) {
6060 char word[l+1], *value;
6065 /* Filter out arguments that are intended only for the
6067 if (!in_initrd() && startswith(word, "rd."))
6070 value = strchr(word, '=');
6074 r = parse_item(word, value);
6082 int container_get_leader(const char *machine, pid_t *pid) {
6083 _cleanup_free_ char *s = NULL, *class = NULL;
6091 p = strappenda("/run/systemd/machines/", machine);
6092 r = parse_env_file(p, NEWLINE, "LEADER", &s, "CLASS", &class, NULL);
6100 if (!streq_ptr(class, "container"))
6103 r = parse_pid(s, &leader);
6113 int namespace_open(pid_t pid, int *pidns_fd, int *mntns_fd, int *netns_fd, int *root_fd) {
6114 _cleanup_close_ int pidnsfd = -1, mntnsfd = -1, netnsfd = -1;
6122 mntns = procfs_file_alloca(pid, "ns/mnt");
6123 mntnsfd = open(mntns, O_RDONLY|O_NOCTTY|O_CLOEXEC);
6131 pidns = procfs_file_alloca(pid, "ns/pid");
6132 pidnsfd = open(pidns, O_RDONLY|O_NOCTTY|O_CLOEXEC);
6140 netns = procfs_file_alloca(pid, "ns/net");
6141 netnsfd = open(netns, O_RDONLY|O_NOCTTY|O_CLOEXEC);
6149 root = procfs_file_alloca(pid, "root");
6150 rfd = open(root, O_RDONLY|O_NOCTTY|O_CLOEXEC|O_DIRECTORY);
6156 *pidns_fd = pidnsfd;
6159 *mntns_fd = mntnsfd;
6162 *netns_fd = netnsfd;
6167 pidnsfd = mntnsfd = netnsfd = -1;
6172 int namespace_enter(int pidns_fd, int mntns_fd, int netns_fd, int root_fd) {
6175 if (setns(pidns_fd, CLONE_NEWPID) < 0)
6179 if (setns(mntns_fd, CLONE_NEWNS) < 0)
6183 if (setns(netns_fd, CLONE_NEWNET) < 0)
6187 if (fchdir(root_fd) < 0)
6190 if (chroot(".") < 0)
6194 if (setresgid(0, 0, 0) < 0)
6197 if (setgroups(0, NULL) < 0)
6200 if (setresuid(0, 0, 0) < 0)
6206 bool pid_is_unwaited(pid_t pid) {
6207 /* Checks whether a PID is still valid at all, including a zombie */
6212 if (kill(pid, 0) >= 0)
6215 return errno != ESRCH;
6218 bool pid_is_alive(pid_t pid) {
6221 /* Checks whether a PID is still valid and not a zombie */
6226 r = get_process_state(pid);
6227 if (r == -ENOENT || r == 'Z')
6233 int getpeercred(int fd, struct ucred *ucred) {
6234 socklen_t n = sizeof(struct ucred);
6241 r = getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &u, &n);
6245 if (n != sizeof(struct ucred))
6248 /* Check if the data is actually useful and not suppressed due
6249 * to namespacing issues */
6257 int getpeersec(int fd, char **ret) {
6269 r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n);
6273 if (errno != ERANGE)
6280 r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n);
6296 /* This is much like like mkostemp() but is subject to umask(). */
6297 int mkostemp_safe(char *pattern, int flags) {
6298 _cleanup_umask_ mode_t u;
6305 fd = mkostemp(pattern, flags);
6312 int open_tmpfile(const char *path, int flags) {
6319 /* Try O_TMPFILE first, if it is supported */
6320 fd = open(path, flags|O_TMPFILE, S_IRUSR|S_IWUSR);
6325 /* Fall back to unguessable name + unlinking */
6326 p = strappenda(path, "/systemd-tmp-XXXXXX");
6328 fd = mkostemp_safe(p, flags);
6336 int fd_warn_permissions(const char *path, int fd) {
6339 if (fstat(fd, &st) < 0)
6342 if (st.st_mode & 0111)
6343 log_warning("Configuration file %s is marked executable. Please remove executable permission bits. Proceeding anyway.", path);
6345 if (st.st_mode & 0002)
6346 log_warning("Configuration file %s is marked world-writable. Please remove world writability permission bits. Proceeding anyway.", path);
6348 if (getpid() == 1 && (st.st_mode & 0044) != 0044)
6349 log_warning("Configuration file %s is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.", path);
6354 unsigned long personality_from_string(const char *p) {
6356 /* Parse a personality specifier. We introduce our own
6357 * identifiers that indicate specific ABIs, rather than just
6358 * hints regarding the register size, since we want to keep
6359 * things open for multiple locally supported ABIs for the
6360 * same register size. We try to reuse the ABI identifiers
6361 * used by libseccomp. */
6363 #if defined(__x86_64__)
6365 if (streq(p, "x86"))
6368 if (streq(p, "x86-64"))
6371 #elif defined(__i386__)
6373 if (streq(p, "x86"))
6377 /* personality(7) documents that 0xffffffffUL is used for
6378 * querying the current personality, hence let's use that here
6379 * as error indicator. */
6380 return 0xffffffffUL;
6383 const char* personality_to_string(unsigned long p) {
6385 #if defined(__x86_64__)
6387 if (p == PER_LINUX32)
6393 #elif defined(__i386__)
6402 uint64_t physical_memory(void) {
6405 /* We return this as uint64_t in case we are running as 32bit
6406 * process on a 64bit kernel with huge amounts of memory */
6408 mem = sysconf(_SC_PHYS_PAGES);
6411 return (uint64_t) mem * (uint64_t) page_size();
6414 char* mount_test_option(const char *haystack, const char *needle) {
6416 struct mntent me = {
6417 .mnt_opts = (char*) haystack
6422 /* Like glibc's hasmntopt(), but works on a string, not a
6428 return hasmntopt(&me, needle);
6431 void hexdump(FILE *f, const void *p, size_t s) {
6432 const uint8_t *b = p;
6435 assert(s == 0 || b);
6440 fprintf(f, "%04x ", n);
6442 for (i = 0; i < 16; i++) {
6447 fprintf(f, "%02x ", b[i]);
6455 for (i = 0; i < 16; i++) {
6460 fputc(isprint(b[i]) ? (char) b[i] : '.', f);
6474 int update_reboot_param_file(const char *param) {
6479 r = write_string_file(REBOOT_PARAM_FILE, param);
6481 log_error("Failed to write reboot param to "
6482 REBOOT_PARAM_FILE": %s", strerror(-r));
6484 unlink(REBOOT_PARAM_FILE);
6489 int umount_recursive(const char *prefix, int flags) {
6493 /* Try to umount everything recursively below a
6494 * directory. Also, take care of stacked mounts, and keep
6495 * unmounting them until they are gone. */
6498 _cleanup_fclose_ FILE *proc_self_mountinfo = NULL;
6503 proc_self_mountinfo = fopen("/proc/self/mountinfo", "re");
6504 if (!proc_self_mountinfo)
6508 _cleanup_free_ char *path = NULL, *p = NULL;
6511 k = fscanf(proc_self_mountinfo,
6512 "%*s " /* (1) mount id */
6513 "%*s " /* (2) parent id */
6514 "%*s " /* (3) major:minor */
6515 "%*s " /* (4) root */
6516 "%ms " /* (5) mount point */
6517 "%*s" /* (6) mount options */
6518 "%*[^-]" /* (7) optional fields */
6519 "- " /* (8) separator */
6520 "%*s " /* (9) file system type */
6521 "%*s" /* (10) mount source */
6522 "%*s" /* (11) mount options 2 */
6523 "%*[^\n]", /* some rubbish at the end */
6532 p = cunescape(path);
6536 if (!path_startswith(p, prefix))
6539 if (umount2(p, flags) < 0) {
6555 int bind_remount_recursive(const char *prefix, bool ro) {
6556 _cleanup_set_free_free_ Set *done = NULL;
6557 _cleanup_free_ char *cleaned = NULL;
6560 /* Recursively remount a directory (and all its submounts)
6561 * read-only or read-write. If the directory is already
6562 * mounted, we reuse the mount and simply mark it
6563 * MS_BIND|MS_RDONLY (or remove the MS_RDONLY for read-write
6564 * operation). If it isn't we first make it one. Afterwards we
6565 * apply MS_BIND|MS_RDONLY (or remove MS_RDONLY) to all
6566 * submounts we can access, too. When mounts are stacked on
6567 * the same mount point we only care for each individual
6568 * "top-level" mount on each point, as we cannot
6569 * influence/access the underlying mounts anyway. We do not
6570 * have any effect on future submounts that might get
6571 * propagated, they migt be writable. This includes future
6572 * submounts that have been triggered via autofs. */
6574 cleaned = strdup(prefix);
6578 path_kill_slashes(cleaned);
6580 done = set_new(string_hash_func, string_compare_func);
6585 _cleanup_fclose_ FILE *proc_self_mountinfo = NULL;
6586 _cleanup_set_free_free_ Set *todo = NULL;
6587 bool top_autofs = false;
6590 todo = set_new(string_hash_func, string_compare_func);
6594 proc_self_mountinfo = fopen("/proc/self/mountinfo", "re");
6595 if (!proc_self_mountinfo)
6599 _cleanup_free_ char *path = NULL, *p = NULL, *type = NULL;
6602 k = fscanf(proc_self_mountinfo,
6603 "%*s " /* (1) mount id */
6604 "%*s " /* (2) parent id */
6605 "%*s " /* (3) major:minor */
6606 "%*s " /* (4) root */
6607 "%ms " /* (5) mount point */
6608 "%*s" /* (6) mount options (superblock) */
6609 "%*[^-]" /* (7) optional fields */
6610 "- " /* (8) separator */
6611 "%ms " /* (9) file system type */
6612 "%*s" /* (10) mount source */
6613 "%*s" /* (11) mount options (bind mount) */
6614 "%*[^\n]", /* some rubbish at the end */
6624 p = cunescape(path);
6628 /* Let's ignore autofs mounts. If they aren't
6629 * triggered yet, we want to avoid triggering
6630 * them, as we don't make any guarantees for
6631 * future submounts anyway. If they are
6632 * already triggered, then we will find
6633 * another entry for this. */
6634 if (streq(type, "autofs")) {
6635 top_autofs = top_autofs || path_equal(cleaned, p);
6639 if (path_startswith(p, cleaned) &&
6640 !set_contains(done, p)) {
6642 r = set_consume(todo, p);
6652 /* If we have no submounts to process anymore and if
6653 * the root is either already done, or an autofs, we
6655 if (set_isempty(todo) &&
6656 (top_autofs || set_contains(done, cleaned)))
6659 if (!set_contains(done, cleaned) &&
6660 !set_contains(todo, cleaned)) {
6661 /* The prefix directory itself is not yet a
6662 * mount, make it one. */
6663 if (mount(cleaned, cleaned, NULL, MS_BIND|MS_REC, NULL) < 0)
6666 if (mount(NULL, prefix, NULL, MS_BIND|MS_REMOUNT|(ro ? MS_RDONLY : 0), NULL) < 0)
6669 x = strdup(cleaned);
6673 r = set_consume(done, x);
6678 while ((x = set_steal_first(todo))) {
6680 r = set_consume(done, x);
6686 if (mount(NULL, x, NULL, MS_BIND|MS_REMOUNT|(ro ? MS_RDONLY : 0), NULL) < 0) {
6688 /* Deal with mount points that are
6689 * obstructed by a later mount */
6691 if (errno != ENOENT)
6699 int fflush_and_check(FILE *f) {
6706 return errno ? -errno : -EIO;
6711 char *tempfn_xxxxxx(const char *p) {
6718 t = new(char, strlen(p) + 1 + 6 + 1);
6725 strcpy(stpcpy(stpcpy(mempcpy(t, p, k), "."), fn), "XXXXXX");
6730 char *tempfn_random(const char *p) {
6739 t = new(char, strlen(p) + 1 + 16 + 1);
6746 x = stpcpy(stpcpy(mempcpy(t, p, k), "."), fn);
6749 for (i = 0; i < 16; i++) {
6750 *(x++) = hexchar(u & 0xF);
6759 /* make sure the hostname is not "localhost" */
6760 bool is_localhost(const char *hostname) {
6763 /* This tries to identify local hostnames described in RFC6761
6764 * plus the redhatism of .localdomain */
6766 return streq(hostname, "localhost") ||
6767 streq(hostname, "localhost.") ||
6768 endswith(hostname, ".localhost") ||
6769 endswith(hostname, ".localhost.") ||
6770 endswith(hostname, ".localdomain") ||
6771 endswith(hostname, ".localdomain.");