main: add kernel option to enable confirm_spawn

[elogind.git] / main.c

diff --git a/main.c b/main.c
index b8ad590189546a83dcd3be8ab9feee22ad5a1fc8..802e2ae9f33d1d518460c315b1391c35356b79a5 100644 (file)
--- a/main.c
+++ b/main.c
@@ -121,6 +121,8 @@ _noreturn static void crash(int sig) {
                 assert_se(sigaddset(&mask, sig) == 0);
                 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
 
+                ignore_signal(sig);
+
                 execl("/bin/sh", "/bin/sh", NULL);
                 log_error("execl() failed: %s", strerror(errno));
         }
@@ -248,6 +250,15 @@ static int parse_proc_cmdline_word(const char *word) {
                 else
                         crash_shell = r;
 
+
+        } else if (startswith(word, "systemd.confirm_spawn=")) {
+                int r;
+
+                if ((r = parse_boolean(word + 22)) < 0)
+                        log_warning("Failed to parse confirm spawn switch %s, Ignoring.", word + 22);
+                else
+                        confirm_spawn = r;
+
         } else if (startswith(word, "systemd.crash_chvt=")) {
                 int k;
 
@@ -267,6 +278,7 @@ static int parse_proc_cmdline_word(const char *word) {
                 log_info("systemd.dump_core=0|1                    Dump core on crash");
                 log_info("systemd.crash_shell=0|1                  On crash run shell");
                 log_info("systemd.crash_chvt=N                     Change to VT #N on crash");
+                log_info("systemd.confirm_spawn=0|1                Confirm every process spawn");
 
         } else {
                 unsigned i;