1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
31 #include <sys/resource.h>
32 #include <linux/sched.h>
33 #include <sys/types.h>
37 #include <sys/ioctl.h>
39 #include <linux/tiocl.h>
42 #include <sys/inotify.h>
45 #include <sys/prctl.h>
46 #include <sys/utsname.h>
48 #include <netinet/ip.h>
57 #include <linux/magic.h>
61 #include <sys/personality.h>
65 #ifdef HAVE_SYS_AUXV_H
76 #include "path-util.h"
77 #include "exit-status.h"
81 #include "device-nodes.h"
88 char **saved_argv = NULL;
90 static volatile unsigned cached_columns = 0;
91 static volatile unsigned cached_lines = 0;
93 size_t page_size(void) {
94 static thread_local size_t pgsz = 0;
97 if (_likely_(pgsz > 0))
100 r = sysconf(_SC_PAGESIZE);
107 bool streq_ptr(const char *a, const char *b) {
109 /* Like streq(), but tries to make sense of NULL pointers */
120 char* endswith(const char *s, const char *postfix) {
127 pl = strlen(postfix);
130 return (char*) s + sl;
135 if (memcmp(s + sl - pl, postfix, pl) != 0)
138 return (char*) s + sl - pl;
141 bool first_word(const char *s, const char *word) {
156 if (memcmp(s, word, wl) != 0)
160 strchr(WHITESPACE, s[wl]);
163 int close_nointr(int fd) {
169 /* Just ignore EINTR; a retry loop is the wrong
170 * thing to do on Linux.
172 * http://lkml.indiana.edu/hypermail/linux/kernel/0509.1/0877.html
173 * https://bugzilla.gnome.org/show_bug.cgi?id=682819
174 * http://utcc.utoronto.ca/~cks/space/blog/unix/CloseEINTR
175 * https://sites.google.com/site/michaelsafyan/software-engineering/checkforeintrwheninvokingclosethinkagain
177 if (_unlikely_(r < 0 && errno == EINTR))
185 void close_nointr_nofail(int fd) {
188 /* like close_nointr() but cannot fail, and guarantees errno
191 assert_se(close_nointr(fd) == 0);
194 void close_many(const int fds[], unsigned n_fd) {
197 assert(fds || n_fd <= 0);
199 for (i = 0; i < n_fd; i++)
200 close_nointr_nofail(fds[i]);
203 int unlink_noerrno(const char *path) {
214 int parse_boolean(const char *v) {
217 if (streq(v, "1") || v[0] == 'y' || v[0] == 'Y' || v[0] == 't' || v[0] == 'T' || strcaseeq(v, "on"))
219 else if (streq(v, "0") || v[0] == 'n' || v[0] == 'N' || v[0] == 'f' || v[0] == 'F' || strcaseeq(v, "off"))
225 int parse_pid(const char *s, pid_t* ret_pid) {
226 unsigned long ul = 0;
233 r = safe_atolu(s, &ul);
239 if ((unsigned long) pid != ul)
249 int parse_uid(const char *s, uid_t* ret_uid) {
250 unsigned long ul = 0;
257 r = safe_atolu(s, &ul);
263 if ((unsigned long) uid != ul)
270 int safe_atou(const char *s, unsigned *ret_u) {
278 l = strtoul(s, &x, 0);
280 if (!x || x == s || *x || errno)
281 return errno > 0 ? -errno : -EINVAL;
283 if ((unsigned long) (unsigned) l != l)
286 *ret_u = (unsigned) l;
290 int safe_atoi(const char *s, int *ret_i) {
298 l = strtol(s, &x, 0);
300 if (!x || x == s || *x || errno)
301 return errno > 0 ? -errno : -EINVAL;
303 if ((long) (int) l != l)
310 int safe_atollu(const char *s, long long unsigned *ret_llu) {
312 unsigned long long l;
318 l = strtoull(s, &x, 0);
320 if (!x || x == s || *x || errno)
321 return errno ? -errno : -EINVAL;
327 int safe_atolli(const char *s, long long int *ret_lli) {
335 l = strtoll(s, &x, 0);
337 if (!x || x == s || *x || errno)
338 return errno ? -errno : -EINVAL;
344 int safe_atod(const char *s, double *ret_d) {
351 RUN_WITH_LOCALE(LC_NUMERIC_MASK, "C") {
356 if (!x || x == s || *x || errno)
357 return errno ? -errno : -EINVAL;
363 static size_t strcspn_escaped(const char *s, const char *reject) {
364 bool escaped = false;
367 for (n=0; s[n]; n++) {
370 else if (s[n] == '\\')
372 else if (strchr(reject, s[n]))
378 /* Split a string into words. */
379 char *split(const char *c, size_t *l, const char *separator, bool quoted, char **state) {
382 current = *state ? *state : (char*) c;
384 if (!*current || *c == 0)
387 current += strspn(current, separator);
391 if (quoted && strchr("\'\"", *current)) {
392 char quotechar = *(current++);
393 *l = strcspn_escaped(current, (char[]){quotechar, '\0'});
394 *state = current+*l+1;
396 *l = strcspn_escaped(current, separator);
399 *l = strcspn(current, separator);
403 return (char*) current;
406 int get_parent_of_pid(pid_t pid, pid_t *_ppid) {
408 _cleanup_free_ char *line = NULL;
420 p = procfs_file_alloca(pid, "stat");
421 r = read_one_line_file(p, &line);
425 /* Let's skip the pid and comm fields. The latter is enclosed
426 * in () but does not escape any () in its value, so let's
427 * skip over it manually */
429 p = strrchr(line, ')');
441 if ((long unsigned) (pid_t) ppid != ppid)
444 *_ppid = (pid_t) ppid;
449 int get_starttime_of_pid(pid_t pid, unsigned long long *st) {
451 _cleanup_free_ char *line = NULL;
457 p = procfs_file_alloca(pid, "stat");
458 r = read_one_line_file(p, &line);
462 /* Let's skip the pid and comm fields. The latter is enclosed
463 * in () but does not escape any () in its value, so let's
464 * skip over it manually */
466 p = strrchr(line, ')');
488 "%*d " /* priority */
490 "%*d " /* num_threads */
491 "%*d " /* itrealvalue */
492 "%llu " /* starttime */,
499 int fchmod_umask(int fd, mode_t m) {
504 r = fchmod(fd, m & (~u)) < 0 ? -errno : 0;
510 char *truncate_nl(char *s) {
513 s[strcspn(s, NEWLINE)] = 0;
517 int get_process_state(pid_t pid) {
521 _cleanup_free_ char *line = NULL;
525 p = procfs_file_alloca(pid, "stat");
526 r = read_one_line_file(p, &line);
530 p = strrchr(line, ')');
536 if (sscanf(p, " %c", &state) != 1)
539 return (unsigned char) state;
542 int get_process_comm(pid_t pid, char **name) {
549 p = procfs_file_alloca(pid, "comm");
551 r = read_one_line_file(p, name);
558 int get_process_cmdline(pid_t pid, size_t max_length, bool comm_fallback, char **line) {
559 _cleanup_fclose_ FILE *f = NULL;
567 p = procfs_file_alloca(pid, "cmdline");
573 if (max_length == 0) {
574 size_t len = 0, allocated = 0;
576 while ((c = getc(f)) != EOF) {
578 if (!GREEDY_REALLOC(r, allocated, len+2)) {
583 r[len++] = isprint(c) ? c : ' ';
593 r = new(char, max_length);
599 while ((c = getc(f)) != EOF) {
621 size_t n = MIN(left-1, 3U);
628 /* Kernel threads have no argv[] */
629 if (r == NULL || r[0] == 0) {
630 _cleanup_free_ char *t = NULL;
638 h = get_process_comm(pid, &t);
642 r = strjoin("[", t, "]", NULL);
651 int is_kernel_thread(pid_t pid) {
663 p = procfs_file_alloca(pid, "cmdline");
668 count = fread(&c, 1, 1, f);
672 /* Kernel threads have an empty cmdline */
675 return eof ? 1 : -errno;
680 int get_process_capeff(pid_t pid, char **capeff) {
686 p = procfs_file_alloca(pid, "status");
688 return get_status_field(p, "\nCapEff:", capeff);
691 int get_process_exe(pid_t pid, char **name) {
699 p = procfs_file_alloca(pid, "exe");
701 r = readlink_malloc(p, name);
703 return r == -ENOENT ? -ESRCH : r;
705 d = endswith(*name, " (deleted)");
712 static int get_process_id(pid_t pid, const char *field, uid_t *uid) {
713 _cleanup_fclose_ FILE *f = NULL;
723 p = procfs_file_alloca(pid, "status");
728 FOREACH_LINE(line, f, return -errno) {
733 if (startswith(l, field)) {
735 l += strspn(l, WHITESPACE);
737 l[strcspn(l, WHITESPACE)] = 0;
739 return parse_uid(l, uid);
746 int get_process_uid(pid_t pid, uid_t *uid) {
747 return get_process_id(pid, "Uid:", uid);
750 int get_process_gid(pid_t pid, gid_t *gid) {
751 assert_cc(sizeof(uid_t) == sizeof(gid_t));
752 return get_process_id(pid, "Gid:", gid);
755 char *strnappend(const char *s, const char *suffix, size_t b) {
763 return strndup(suffix, b);
772 if (b > ((size_t) -1) - a)
775 r = new(char, a+b+1);
780 memcpy(r+a, suffix, b);
786 char *strappend(const char *s, const char *suffix) {
787 return strnappend(s, suffix, suffix ? strlen(suffix) : 0);
790 int readlink_malloc(const char *p, char **ret) {
805 n = readlink(p, c, l-1);
812 if ((size_t) n < l-1) {
823 int readlink_and_make_absolute(const char *p, char **r) {
824 _cleanup_free_ char *target = NULL;
831 j = readlink_malloc(p, &target);
835 k = file_in_same_dir(p, target);
843 int readlink_and_canonicalize(const char *p, char **r) {
850 j = readlink_and_make_absolute(p, &t);
854 s = canonicalize_file_name(t);
861 path_kill_slashes(*r);
866 int reset_all_signal_handlers(void) {
869 for (sig = 1; sig < _NSIG; sig++) {
870 struct sigaction sa = {
871 .sa_handler = SIG_DFL,
872 .sa_flags = SA_RESTART,
875 if (sig == SIGKILL || sig == SIGSTOP)
878 /* On Linux the first two RT signals are reserved by
879 * glibc, and sigaction() will return EINVAL for them. */
880 if ((sigaction(sig, &sa, NULL) < 0))
888 char *strstrip(char *s) {
891 /* Drops trailing whitespace. Modifies the string in
892 * place. Returns pointer to first non-space character */
894 s += strspn(s, WHITESPACE);
896 for (e = strchr(s, 0); e > s; e --)
897 if (!strchr(WHITESPACE, e[-1]))
905 char *delete_chars(char *s, const char *bad) {
908 /* Drops all whitespace, regardless where in the string */
910 for (f = s, t = s; *f; f++) {
922 bool in_charset(const char *s, const char* charset) {
929 if (!strchr(charset, *i))
935 char *file_in_same_dir(const char *path, const char *filename) {
942 /* This removes the last component of path and appends
943 * filename, unless the latter is absolute anyway or the
946 if (path_is_absolute(filename))
947 return strdup(filename);
949 if (!(e = strrchr(path, '/')))
950 return strdup(filename);
952 k = strlen(filename);
953 if (!(r = new(char, e-path+1+k+1)))
956 memcpy(r, path, e-path+1);
957 memcpy(r+(e-path)+1, filename, k+1);
962 int rmdir_parents(const char *path, const char *stop) {
971 /* Skip trailing slashes */
972 while (l > 0 && path[l-1] == '/')
978 /* Skip last component */
979 while (l > 0 && path[l-1] != '/')
982 /* Skip trailing slashes */
983 while (l > 0 && path[l-1] == '/')
989 if (!(t = strndup(path, l)))
992 if (path_startswith(stop, t)) {
1001 if (errno != ENOENT)
1008 char hexchar(int x) {
1009 static const char table[16] = "0123456789abcdef";
1011 return table[x & 15];
1014 int unhexchar(char c) {
1016 if (c >= '0' && c <= '9')
1019 if (c >= 'a' && c <= 'f')
1020 return c - 'a' + 10;
1022 if (c >= 'A' && c <= 'F')
1023 return c - 'A' + 10;
1028 char *hexmem(const void *p, size_t l) {
1032 z = r = malloc(l * 2 + 1);
1036 for (x = p; x < (const uint8_t*) p + l; x++) {
1037 *(z++) = hexchar(*x >> 4);
1038 *(z++) = hexchar(*x & 15);
1045 void *unhexmem(const char *p, size_t l) {
1051 z = r = malloc((l + 1) / 2 + 1);
1055 for (x = p; x < p + l; x += 2) {
1058 a = unhexchar(x[0]);
1060 b = unhexchar(x[1]);
1064 *(z++) = (uint8_t) a << 4 | (uint8_t) b;
1071 char octchar(int x) {
1072 return '0' + (x & 7);
1075 int unoctchar(char c) {
1077 if (c >= '0' && c <= '7')
1083 char decchar(int x) {
1084 return '0' + (x % 10);
1087 int undecchar(char c) {
1089 if (c >= '0' && c <= '9')
1095 char *cescape(const char *s) {
1101 /* Does C style string escaping. */
1103 r = new(char, strlen(s)*4 + 1);
1107 for (f = s, t = r; *f; f++)
1153 /* For special chars we prefer octal over
1154 * hexadecimal encoding, simply because glib's
1155 * g_strescape() does the same */
1156 if ((*f < ' ') || (*f >= 127)) {
1158 *(t++) = octchar((unsigned char) *f >> 6);
1159 *(t++) = octchar((unsigned char) *f >> 3);
1160 *(t++) = octchar((unsigned char) *f);
1171 char *cunescape_length_with_prefix(const char *s, size_t length, const char *prefix) {
1178 /* Undoes C style string escaping, and optionally prefixes it. */
1180 pl = prefix ? strlen(prefix) : 0;
1182 r = new(char, pl+length+1);
1187 memcpy(r, prefix, pl);
1189 for (f = s, t = r + pl; f < s + length; f++) {
1232 /* This is an extension of the XDG syntax files */
1237 /* hexadecimal encoding */
1240 a = unhexchar(f[1]);
1241 b = unhexchar(f[2]);
1243 if (a < 0 || b < 0) {
1244 /* Invalid escape code, let's take it literal then */
1248 *(t++) = (char) ((a << 4) | b);
1263 /* octal encoding */
1266 a = unoctchar(f[0]);
1267 b = unoctchar(f[1]);
1268 c = unoctchar(f[2]);
1270 if (a < 0 || b < 0 || c < 0) {
1271 /* Invalid escape code, let's take it literal then */
1275 *(t++) = (char) ((a << 6) | (b << 3) | c);
1283 /* premature end of string.*/
1288 /* Invalid escape code, let's take it literal then */
1300 char *cunescape_length(const char *s, size_t length) {
1301 return cunescape_length_with_prefix(s, length, NULL);
1304 char *cunescape(const char *s) {
1307 return cunescape_length(s, strlen(s));
1310 char *xescape(const char *s, const char *bad) {
1314 /* Escapes all chars in bad, in addition to \ and all special
1315 * chars, in \xFF style escaping. May be reversed with
1318 r = new(char, strlen(s) * 4 + 1);
1322 for (f = s, t = r; *f; f++) {
1324 if ((*f < ' ') || (*f >= 127) ||
1325 (*f == '\\') || strchr(bad, *f)) {
1328 *(t++) = hexchar(*f >> 4);
1329 *(t++) = hexchar(*f);
1339 char *ascii_strlower(char *t) {
1344 for (p = t; *p; p++)
1345 if (*p >= 'A' && *p <= 'Z')
1346 *p = *p - 'A' + 'a';
1351 _pure_ static bool ignore_file_allow_backup(const char *filename) {
1355 filename[0] == '.' ||
1356 streq(filename, "lost+found") ||
1357 streq(filename, "aquota.user") ||
1358 streq(filename, "aquota.group") ||
1359 endswith(filename, ".rpmnew") ||
1360 endswith(filename, ".rpmsave") ||
1361 endswith(filename, ".rpmorig") ||
1362 endswith(filename, ".dpkg-old") ||
1363 endswith(filename, ".dpkg-new") ||
1364 endswith(filename, ".swp");
1367 bool ignore_file(const char *filename) {
1370 if (endswith(filename, "~"))
1373 return ignore_file_allow_backup(filename);
1376 int fd_nonblock(int fd, bool nonblock) {
1381 if ((flags = fcntl(fd, F_GETFL, 0)) < 0)
1385 flags |= O_NONBLOCK;
1387 flags &= ~O_NONBLOCK;
1389 if (fcntl(fd, F_SETFL, flags) < 0)
1395 int fd_cloexec(int fd, bool cloexec) {
1400 if ((flags = fcntl(fd, F_GETFD, 0)) < 0)
1404 flags |= FD_CLOEXEC;
1406 flags &= ~FD_CLOEXEC;
1408 if (fcntl(fd, F_SETFD, flags) < 0)
1414 _pure_ static bool fd_in_set(int fd, const int fdset[], unsigned n_fdset) {
1417 assert(n_fdset == 0 || fdset);
1419 for (i = 0; i < n_fdset; i++)
1426 int close_all_fds(const int except[], unsigned n_except) {
1431 assert(n_except == 0 || except);
1433 d = opendir("/proc/self/fd");
1438 /* When /proc isn't available (for example in chroots)
1439 * the fallback is brute forcing through the fd
1442 assert_se(getrlimit(RLIMIT_NOFILE, &rl) >= 0);
1443 for (fd = 3; fd < (int) rl.rlim_max; fd ++) {
1445 if (fd_in_set(fd, except, n_except))
1448 if (close_nointr(fd) < 0)
1449 if (errno != EBADF && r == 0)
1456 while ((de = readdir(d))) {
1459 if (ignore_file(de->d_name))
1462 if (safe_atoi(de->d_name, &fd) < 0)
1463 /* Let's better ignore this, just in case */
1472 if (fd_in_set(fd, except, n_except))
1475 if (close_nointr(fd) < 0) {
1476 /* Valgrind has its own FD and doesn't want to have it closed */
1477 if (errno != EBADF && r == 0)
1486 bool chars_intersect(const char *a, const char *b) {
1489 /* Returns true if any of the chars in a are in b. */
1490 for (p = a; *p; p++)
1497 bool fstype_is_network(const char *fstype) {
1498 static const char table[] =
1508 return nulstr_contains(table, fstype);
1512 _cleanup_close_ int fd;
1514 fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
1520 TIOCL_GETKMSGREDIRECT,
1524 if (ioctl(fd, TIOCLINUX, tiocl) < 0)
1527 vt = tiocl[0] <= 0 ? 1 : tiocl[0];
1530 if (ioctl(fd, VT_ACTIVATE, vt) < 0)
1536 int read_one_char(FILE *f, char *ret, usec_t t, bool *need_nl) {
1537 struct termios old_termios, new_termios;
1539 char line[LINE_MAX];
1544 if (tcgetattr(fileno(f), &old_termios) >= 0) {
1545 new_termios = old_termios;
1547 new_termios.c_lflag &= ~ICANON;
1548 new_termios.c_cc[VMIN] = 1;
1549 new_termios.c_cc[VTIME] = 0;
1551 if (tcsetattr(fileno(f), TCSADRAIN, &new_termios) >= 0) {
1554 if (t != (usec_t) -1) {
1555 if (fd_wait_for_event(fileno(f), POLLIN, t) <= 0) {
1556 tcsetattr(fileno(f), TCSADRAIN, &old_termios);
1561 k = fread(&c, 1, 1, f);
1563 tcsetattr(fileno(f), TCSADRAIN, &old_termios);
1569 *need_nl = c != '\n';
1576 if (t != (usec_t) -1)
1577 if (fd_wait_for_event(fileno(f), POLLIN, t) <= 0)
1580 if (!fgets(line, sizeof(line), f))
1585 if (strlen(line) != 1)
1595 int ask(char *ret, const char *replies, const char *text, ...) {
1605 bool need_nl = true;
1608 fputs(ANSI_HIGHLIGHT_ON, stdout);
1615 fputs(ANSI_HIGHLIGHT_OFF, stdout);
1619 r = read_one_char(stdin, &c, (usec_t) -1, &need_nl);
1622 if (r == -EBADMSG) {
1623 puts("Bad input, please try again.");
1634 if (strchr(replies, c)) {
1639 puts("Read unexpected character, please try again.");
1643 int reset_terminal_fd(int fd, bool switch_to_text) {
1644 struct termios termios;
1647 /* Set terminal to some sane defaults */
1651 /* We leave locked terminal attributes untouched, so that
1652 * Plymouth may set whatever it wants to set, and we don't
1653 * interfere with that. */
1655 /* Disable exclusive mode, just in case */
1656 ioctl(fd, TIOCNXCL);
1658 /* Switch to text mode */
1660 ioctl(fd, KDSETMODE, KD_TEXT);
1662 /* Enable console unicode mode */
1663 ioctl(fd, KDSKBMODE, K_UNICODE);
1665 if (tcgetattr(fd, &termios) < 0) {
1670 /* We only reset the stuff that matters to the software. How
1671 * hardware is set up we don't touch assuming that somebody
1672 * else will do that for us */
1674 termios.c_iflag &= ~(IGNBRK | BRKINT | ISTRIP | INLCR | IGNCR | IUCLC);
1675 termios.c_iflag |= ICRNL | IMAXBEL | IUTF8;
1676 termios.c_oflag |= ONLCR;
1677 termios.c_cflag |= CREAD;
1678 termios.c_lflag = ISIG | ICANON | IEXTEN | ECHO | ECHOE | ECHOK | ECHOCTL | ECHOPRT | ECHOKE;
1680 termios.c_cc[VINTR] = 03; /* ^C */
1681 termios.c_cc[VQUIT] = 034; /* ^\ */
1682 termios.c_cc[VERASE] = 0177;
1683 termios.c_cc[VKILL] = 025; /* ^X */
1684 termios.c_cc[VEOF] = 04; /* ^D */
1685 termios.c_cc[VSTART] = 021; /* ^Q */
1686 termios.c_cc[VSTOP] = 023; /* ^S */
1687 termios.c_cc[VSUSP] = 032; /* ^Z */
1688 termios.c_cc[VLNEXT] = 026; /* ^V */
1689 termios.c_cc[VWERASE] = 027; /* ^W */
1690 termios.c_cc[VREPRINT] = 022; /* ^R */
1691 termios.c_cc[VEOL] = 0;
1692 termios.c_cc[VEOL2] = 0;
1694 termios.c_cc[VTIME] = 0;
1695 termios.c_cc[VMIN] = 1;
1697 if (tcsetattr(fd, TCSANOW, &termios) < 0)
1701 /* Just in case, flush all crap out */
1702 tcflush(fd, TCIOFLUSH);
1707 int reset_terminal(const char *name) {
1710 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
1714 r = reset_terminal_fd(fd, true);
1715 close_nointr_nofail(fd);
1720 int open_terminal(const char *name, int mode) {
1725 * If a TTY is in the process of being closed opening it might
1726 * cause EIO. This is horribly awful, but unlikely to be
1727 * changed in the kernel. Hence we work around this problem by
1728 * retrying a couple of times.
1730 * https://bugs.launchpad.net/ubuntu/+source/linux/+bug/554172/comments/245
1733 assert(!(mode & O_CREAT));
1736 fd = open(name, mode, 0);
1743 /* Max 1s in total */
1747 usleep(50 * USEC_PER_MSEC);
1756 close_nointr_nofail(fd);
1761 close_nointr_nofail(fd);
1768 int flush_fd(int fd) {
1769 struct pollfd pollfd = {
1779 r = poll(&pollfd, 1, 0);
1789 l = read(fd, buf, sizeof(buf));
1795 if (errno == EAGAIN)
1804 int acquire_terminal(
1808 bool ignore_tiocstty_eperm,
1811 int fd = -1, notify = -1, r = 0, wd = -1;
1816 /* We use inotify to be notified when the tty is closed. We
1817 * create the watch before checking if we can actually acquire
1818 * it, so that we don't lose any event.
1820 * Note: strictly speaking this actually watches for the
1821 * device being closed, it does *not* really watch whether a
1822 * tty loses its controlling process. However, unless some
1823 * rogue process uses TIOCNOTTY on /dev/tty *after* closing
1824 * its tty otherwise this will not become a problem. As long
1825 * as the administrator makes sure not configure any service
1826 * on the same tty as an untrusted user this should not be a
1827 * problem. (Which he probably should not do anyway.) */
1829 if (timeout != (usec_t) -1)
1830 ts = now(CLOCK_MONOTONIC);
1832 if (!fail && !force) {
1833 notify = inotify_init1(IN_CLOEXEC | (timeout != (usec_t) -1 ? IN_NONBLOCK : 0));
1839 wd = inotify_add_watch(notify, name, IN_CLOSE);
1847 struct sigaction sa_old, sa_new = {
1848 .sa_handler = SIG_IGN,
1849 .sa_flags = SA_RESTART,
1853 r = flush_fd(notify);
1858 /* We pass here O_NOCTTY only so that we can check the return
1859 * value TIOCSCTTY and have a reliable way to figure out if we
1860 * successfully became the controlling process of the tty */
1861 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
1865 /* Temporarily ignore SIGHUP, so that we don't get SIGHUP'ed
1866 * if we already own the tty. */
1867 assert_se(sigaction(SIGHUP, &sa_new, &sa_old) == 0);
1869 /* First, try to get the tty */
1870 if (ioctl(fd, TIOCSCTTY, force) < 0)
1873 assert_se(sigaction(SIGHUP, &sa_old, NULL) == 0);
1875 /* Sometimes it makes sense to ignore TIOCSCTTY
1876 * returning EPERM, i.e. when very likely we already
1877 * are have this controlling terminal. */
1878 if (r < 0 && r == -EPERM && ignore_tiocstty_eperm)
1881 if (r < 0 && (force || fail || r != -EPERM)) {
1890 assert(notify >= 0);
1893 uint8_t inotify_buffer[sizeof(struct inotify_event) + FILENAME_MAX];
1895 struct inotify_event *e;
1897 if (timeout != (usec_t) -1) {
1900 n = now(CLOCK_MONOTONIC);
1901 if (ts + timeout < n) {
1906 r = fd_wait_for_event(fd, POLLIN, ts + timeout - n);
1916 l = read(notify, inotify_buffer, sizeof(inotify_buffer));
1919 if (errno == EINTR || errno == EAGAIN)
1926 e = (struct inotify_event*) inotify_buffer;
1931 if (e->wd != wd || !(e->mask & IN_CLOSE)) {
1936 step = sizeof(struct inotify_event) + e->len;
1937 assert(step <= (size_t) l);
1939 e = (struct inotify_event*) ((uint8_t*) e + step);
1946 /* We close the tty fd here since if the old session
1947 * ended our handle will be dead. It's important that
1948 * we do this after sleeping, so that we don't enter
1949 * an endless loop. */
1950 close_nointr_nofail(fd);
1954 close_nointr_nofail(notify);
1956 r = reset_terminal_fd(fd, true);
1958 log_warning("Failed to reset terminal: %s", strerror(-r));
1964 close_nointr_nofail(fd);
1967 close_nointr_nofail(notify);
1972 int release_terminal(void) {
1974 struct sigaction sa_old, sa_new = {
1975 .sa_handler = SIG_IGN,
1976 .sa_flags = SA_RESTART,
1978 _cleanup_close_ int fd;
1980 fd = open("/dev/tty", O_RDWR|O_NOCTTY|O_NDELAY|O_CLOEXEC);
1984 /* Temporarily ignore SIGHUP, so that we don't get SIGHUP'ed
1985 * by our own TIOCNOTTY */
1986 assert_se(sigaction(SIGHUP, &sa_new, &sa_old) == 0);
1988 if (ioctl(fd, TIOCNOTTY) < 0)
1991 assert_se(sigaction(SIGHUP, &sa_old, NULL) == 0);
1996 int sigaction_many(const struct sigaction *sa, ...) {
2001 while ((sig = va_arg(ap, int)) > 0)
2002 if (sigaction(sig, sa, NULL) < 0)
2009 int ignore_signals(int sig, ...) {
2010 struct sigaction sa = {
2011 .sa_handler = SIG_IGN,
2012 .sa_flags = SA_RESTART,
2018 if (sigaction(sig, &sa, NULL) < 0)
2022 while ((sig = va_arg(ap, int)) > 0)
2023 if (sigaction(sig, &sa, NULL) < 0)
2030 int default_signals(int sig, ...) {
2031 struct sigaction sa = {
2032 .sa_handler = SIG_DFL,
2033 .sa_flags = SA_RESTART,
2038 if (sigaction(sig, &sa, NULL) < 0)
2042 while ((sig = va_arg(ap, int)) > 0)
2043 if (sigaction(sig, &sa, NULL) < 0)
2050 int close_pipe(int p[]) {
2056 a = close_nointr(p[0]);
2061 b = close_nointr(p[1]);
2065 return a < 0 ? a : b;
2068 ssize_t loop_read(int fd, void *buf, size_t nbytes, bool do_poll) {
2075 while (nbytes > 0) {
2078 k = read(fd, p, nbytes);
2079 if (k < 0 && errno == EINTR)
2082 if (k < 0 && errno == EAGAIN && do_poll) {
2084 /* We knowingly ignore any return value here,
2085 * and expect that any error/EOF is reported
2088 fd_wait_for_event(fd, POLLIN, (usec_t) -1);
2093 return n > 0 ? n : (k < 0 ? -errno : 0);
2103 ssize_t loop_write(int fd, const void *buf, size_t nbytes, bool do_poll) {
2104 const uint8_t *p = buf;
2110 while (nbytes > 0) {
2113 k = write(fd, p, nbytes);
2114 if (k < 0 && errno == EINTR)
2117 if (k < 0 && errno == EAGAIN && do_poll) {
2119 /* We knowingly ignore any return value here,
2120 * and expect that any error/EOF is reported
2123 fd_wait_for_event(fd, POLLOUT, (usec_t) -1);
2128 return n > 0 ? n : (k < 0 ? -errno : 0);
2138 int parse_size(const char *t, off_t base, off_t *size) {
2140 /* Soo, sometimes we want to parse IEC binary suffxies, and
2141 * sometimes SI decimal suffixes. This function can parse
2142 * both. Which one is the right way depends on the
2143 * context. Wikipedia suggests that SI is customary for
2144 * hardrware metrics and network speeds, while IEC is
2145 * customary for most data sizes used by software and volatile
2146 * (RAM) memory. Hence be careful which one you pick!
2148 * In either case we use just K, M, G as suffix, and not Ki,
2149 * Mi, Gi or so (as IEC would suggest). That's because that's
2150 * frickin' ugly. But this means you really need to make sure
2151 * to document which base you are parsing when you use this
2156 unsigned long long factor;
2159 static const struct table iec[] = {
2162 { "M", 1024ULL*1024ULL },
2163 { "G", 1024ULL*1024ULL*1024ULL },
2164 { "T", 1024ULL*1024ULL*1024ULL*1024ULL },
2165 { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
2166 { "E", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
2170 static const struct table si[] = {
2173 { "M", 1000ULL*1000ULL },
2174 { "G", 1000ULL*1000ULL*1000ULL },
2175 { "T", 1000ULL*1000ULL*1000ULL*1000ULL },
2176 { "P", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
2177 { "E", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
2181 const struct table *table;
2183 unsigned long long r = 0;
2187 assert(base == 1000 || base == 1024);
2192 n_entries = ELEMENTSOF(si);
2195 n_entries = ELEMENTSOF(iec);
2201 unsigned long long l2;
2207 l = strtoll(p, &e, 10);
2220 if (*e >= '0' && *e <= '9') {
2223 /* strotoull itself would accept space/+/- */
2224 l2 = strtoull(e, &e2, 10);
2226 if (errno == ERANGE)
2229 /* Ignore failure. E.g. 10.M is valid */
2236 e += strspn(e, WHITESPACE);
2238 for (i = 0; i < n_entries; i++)
2239 if (startswith(e, table[i].suffix)) {
2240 unsigned long long tmp;
2241 if ((unsigned long long) l + (frac > 0) > ULLONG_MAX / table[i].factor)
2243 tmp = l * table[i].factor + (unsigned long long) (frac * table[i].factor);
2244 if (tmp > ULLONG_MAX - r)
2248 if ((unsigned long long) (off_t) r != r)
2251 p = e + strlen(table[i].suffix);
2265 int make_stdio(int fd) {
2270 r = dup3(fd, STDIN_FILENO, 0);
2271 s = dup3(fd, STDOUT_FILENO, 0);
2272 t = dup3(fd, STDERR_FILENO, 0);
2275 close_nointr_nofail(fd);
2277 if (r < 0 || s < 0 || t < 0)
2280 /* We rely here that the new fd has O_CLOEXEC not set */
2285 int make_null_stdio(void) {
2288 null_fd = open("/dev/null", O_RDWR|O_NOCTTY);
2292 return make_stdio(null_fd);
2295 bool is_device_path(const char *path) {
2297 /* Returns true on paths that refer to a device, either in
2298 * sysfs or in /dev */
2301 path_startswith(path, "/dev/") ||
2302 path_startswith(path, "/sys/");
2305 int dir_is_empty(const char *path) {
2306 _cleanup_closedir_ DIR *d;
2317 if (!de && errno != 0)
2323 if (!ignore_file(de->d_name))
2328 char* dirname_malloc(const char *path) {
2329 char *d, *dir, *dir2;
2346 int dev_urandom(void *p, size_t n) {
2347 _cleanup_close_ int fd;
2350 fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC|O_NOCTTY);
2352 return errno == ENOENT ? -ENOSYS : -errno;
2354 k = loop_read(fd, p, n, true);
2357 if ((size_t) k != n)
2363 void random_bytes(void *p, size_t n) {
2364 static bool srand_called = false;
2368 r = dev_urandom(p, n);
2372 /* If some idiot made /dev/urandom unavailable to us, he'll
2373 * get a PRNG instead. */
2375 if (!srand_called) {
2378 #ifdef HAVE_SYS_AUXV_H
2379 /* The kernel provides us with a bit of entropy in
2380 * auxv, so let's try to make use of that to seed the
2381 * pseudo-random generator. It's better than
2386 auxv = (void*) getauxval(AT_RANDOM);
2388 x ^= *(unsigned*) auxv;
2391 x ^= (unsigned) now(CLOCK_REALTIME);
2392 x ^= (unsigned) gettid();
2395 srand_called = true;
2398 for (q = p; q < (uint8_t*) p + n; q ++)
2402 void rename_process(const char name[8]) {
2405 /* This is a like a poor man's setproctitle(). It changes the
2406 * comm field, argv[0], and also the glibc's internally used
2407 * name of the process. For the first one a limit of 16 chars
2408 * applies, to the second one usually one of 10 (i.e. length
2409 * of "/sbin/init"), to the third one one of 7 (i.e. length of
2410 * "systemd"). If you pass a longer string it will be
2413 prctl(PR_SET_NAME, name);
2415 if (program_invocation_name)
2416 strncpy(program_invocation_name, name, strlen(program_invocation_name));
2418 if (saved_argc > 0) {
2422 strncpy(saved_argv[0], name, strlen(saved_argv[0]));
2424 for (i = 1; i < saved_argc; i++) {
2428 memzero(saved_argv[i], strlen(saved_argv[i]));
2433 void sigset_add_many(sigset_t *ss, ...) {
2440 while ((sig = va_arg(ap, int)) > 0)
2441 assert_se(sigaddset(ss, sig) == 0);
2445 char* gethostname_malloc(void) {
2448 assert_se(uname(&u) >= 0);
2450 if (!isempty(u.nodename) && !streq(u.nodename, "(none)"))
2451 return strdup(u.nodename);
2453 return strdup(u.sysname);
2456 bool hostname_is_set(void) {
2459 assert_se(uname(&u) >= 0);
2461 return !isempty(u.nodename) && !streq(u.nodename, "(none)");
2464 static char *lookup_uid(uid_t uid) {
2467 _cleanup_free_ char *buf = NULL;
2468 struct passwd pwbuf, *pw = NULL;
2470 /* Shortcut things to avoid NSS lookups */
2472 return strdup("root");
2474 bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
2478 buf = malloc(bufsize);
2482 if (getpwuid_r(uid, &pwbuf, buf, bufsize, &pw) == 0 && pw)
2483 return strdup(pw->pw_name);
2485 if (asprintf(&name, "%lu", (unsigned long) uid) < 0)
2491 char* getlogname_malloc(void) {
2495 if (isatty(STDIN_FILENO) && fstat(STDIN_FILENO, &st) >= 0)
2500 return lookup_uid(uid);
2503 char *getusername_malloc(void) {
2510 return lookup_uid(getuid());
2513 int getttyname_malloc(int fd, char **r) {
2514 char path[PATH_MAX], *c;
2519 k = ttyname_r(fd, path, sizeof(path));
2525 c = strdup(startswith(path, "/dev/") ? path + 5 : path);
2533 int getttyname_harder(int fd, char **r) {
2537 k = getttyname_malloc(fd, &s);
2541 if (streq(s, "tty")) {
2543 return get_ctty(0, NULL, r);
2550 int get_ctty_devnr(pid_t pid, dev_t *d) {
2552 _cleanup_free_ char *line = NULL;
2554 unsigned long ttynr;
2558 p = procfs_file_alloca(pid, "stat");
2559 r = read_one_line_file(p, &line);
2563 p = strrchr(line, ')');
2573 "%*d " /* session */
2578 if (major(ttynr) == 0 && minor(ttynr) == 0)
2587 int get_ctty(pid_t pid, dev_t *_devnr, char **r) {
2588 char fn[sizeof("/dev/char/")-1 + 2*DECIMAL_STR_MAX(unsigned) + 1 + 1], *b = NULL;
2589 _cleanup_free_ char *s = NULL;
2596 k = get_ctty_devnr(pid, &devnr);
2600 snprintf(fn, sizeof(fn), "/dev/char/%u:%u", major(devnr), minor(devnr));
2602 k = readlink_malloc(fn, &s);
2608 /* This is an ugly hack */
2609 if (major(devnr) == 136) {
2610 asprintf(&b, "pts/%lu", (unsigned long) minor(devnr));
2614 /* Probably something like the ptys which have no
2615 * symlink in /dev/char. Let's return something
2616 * vaguely useful. */
2622 if (startswith(s, "/dev/"))
2624 else if (startswith(s, "../"))
2642 int rm_rf_children_dangerous(int fd, bool only_dirs, bool honour_sticky, struct stat *root_dev) {
2648 /* This returns the first error we run into, but nevertheless
2649 * tries to go on. This closes the passed fd. */
2653 close_nointr_nofail(fd);
2655 return errno == ENOENT ? 0 : -errno;
2660 bool is_dir, keep_around;
2666 if (!de && errno != 0) {
2675 if (streq(de->d_name, ".") || streq(de->d_name, ".."))
2678 if (de->d_type == DT_UNKNOWN ||
2680 (de->d_type == DT_DIR && root_dev)) {
2681 if (fstatat(fd, de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
2682 if (ret == 0 && errno != ENOENT)
2687 is_dir = S_ISDIR(st.st_mode);
2690 (st.st_uid == 0 || st.st_uid == getuid()) &&
2691 (st.st_mode & S_ISVTX);
2693 is_dir = de->d_type == DT_DIR;
2694 keep_around = false;
2700 /* if root_dev is set, remove subdirectories only, if device is same as dir */
2701 if (root_dev && st.st_dev != root_dev->st_dev)
2704 subdir_fd = openat(fd, de->d_name,
2705 O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
2706 if (subdir_fd < 0) {
2707 if (ret == 0 && errno != ENOENT)
2712 r = rm_rf_children_dangerous(subdir_fd, only_dirs, honour_sticky, root_dev);
2713 if (r < 0 && ret == 0)
2717 if (unlinkat(fd, de->d_name, AT_REMOVEDIR) < 0) {
2718 if (ret == 0 && errno != ENOENT)
2722 } else if (!only_dirs && !keep_around) {
2724 if (unlinkat(fd, de->d_name, 0) < 0) {
2725 if (ret == 0 && errno != ENOENT)
2736 _pure_ static int is_temporary_fs(struct statfs *s) {
2739 return F_TYPE_EQUAL(s->f_type, TMPFS_MAGIC) ||
2740 F_TYPE_EQUAL(s->f_type, RAMFS_MAGIC);
2743 int rm_rf_children(int fd, bool only_dirs, bool honour_sticky, struct stat *root_dev) {
2748 if (fstatfs(fd, &s) < 0) {
2749 close_nointr_nofail(fd);
2753 /* We refuse to clean disk file systems with this call. This
2754 * is extra paranoia just to be sure we never ever remove
2756 if (!is_temporary_fs(&s)) {
2757 log_error("Attempted to remove disk file system, and we can't allow that.");
2758 close_nointr_nofail(fd);
2762 return rm_rf_children_dangerous(fd, only_dirs, honour_sticky, root_dev);
2765 static int rm_rf_internal(const char *path, bool only_dirs, bool delete_root, bool honour_sticky, bool dangerous) {
2771 /* We refuse to clean the root file system with this
2772 * call. This is extra paranoia to never cause a really
2773 * seriously broken system. */
2774 if (path_equal(path, "/")) {
2775 log_error("Attempted to remove entire root file system, and we can't allow that.");
2779 fd = open(path, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
2782 if (errno != ENOTDIR)
2786 if (statfs(path, &s) < 0)
2789 if (!is_temporary_fs(&s)) {
2790 log_error("Attempted to remove disk file system, and we can't allow that.");
2795 if (delete_root && !only_dirs)
2796 if (unlink(path) < 0 && errno != ENOENT)
2803 if (fstatfs(fd, &s) < 0) {
2804 close_nointr_nofail(fd);
2808 if (!is_temporary_fs(&s)) {
2809 log_error("Attempted to remove disk file system, and we can't allow that.");
2810 close_nointr_nofail(fd);
2815 r = rm_rf_children_dangerous(fd, only_dirs, honour_sticky, NULL);
2818 if (honour_sticky && file_is_priv_sticky(path) > 0)
2821 if (rmdir(path) < 0 && errno != ENOENT) {
2830 int rm_rf(const char *path, bool only_dirs, bool delete_root, bool honour_sticky) {
2831 return rm_rf_internal(path, only_dirs, delete_root, honour_sticky, false);
2834 int rm_rf_dangerous(const char *path, bool only_dirs, bool delete_root, bool honour_sticky) {
2835 return rm_rf_internal(path, only_dirs, delete_root, honour_sticky, true);
2838 int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid) {
2841 /* Under the assumption that we are running privileged we
2842 * first change the access mode and only then hand out
2843 * ownership to avoid a window where access is too open. */
2845 if (mode != (mode_t) -1)
2846 if (chmod(path, mode) < 0)
2849 if (uid != (uid_t) -1 || gid != (gid_t) -1)
2850 if (chown(path, uid, gid) < 0)
2856 int fchmod_and_fchown(int fd, mode_t mode, uid_t uid, gid_t gid) {
2859 /* Under the assumption that we are running privileged we
2860 * first change the access mode and only then hand out
2861 * ownership to avoid a window where access is too open. */
2863 if (mode != (mode_t) -1)
2864 if (fchmod(fd, mode) < 0)
2867 if (uid != (uid_t) -1 || gid != (gid_t) -1)
2868 if (fchown(fd, uid, gid) < 0)
2874 cpu_set_t* cpu_set_malloc(unsigned *ncpus) {
2878 /* Allocates the cpuset in the right size */
2881 if (!(r = CPU_ALLOC(n)))
2884 if (sched_getaffinity(0, CPU_ALLOC_SIZE(n), r) >= 0) {
2885 CPU_ZERO_S(CPU_ALLOC_SIZE(n), r);
2895 if (errno != EINVAL)
2902 int status_vprintf(const char *status, bool ellipse, bool ephemeral, const char *format, va_list ap) {
2903 static const char status_indent[] = " "; /* "[" STATUS "] " */
2904 _cleanup_free_ char *s = NULL;
2905 _cleanup_close_ int fd = -1;
2906 struct iovec iovec[6] = {};
2908 static bool prev_ephemeral;
2912 /* This is independent of logging, as status messages are
2913 * optional and go exclusively to the console. */
2915 if (vasprintf(&s, format, ap) < 0)
2918 fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
2931 sl = status ? sizeof(status_indent)-1 : 0;
2937 e = ellipsize(s, emax, 75);
2945 IOVEC_SET_STRING(iovec[n++], "\r" ANSI_ERASE_TO_END_OF_LINE);
2946 prev_ephemeral = ephemeral;
2949 if (!isempty(status)) {
2950 IOVEC_SET_STRING(iovec[n++], "[");
2951 IOVEC_SET_STRING(iovec[n++], status);
2952 IOVEC_SET_STRING(iovec[n++], "] ");
2954 IOVEC_SET_STRING(iovec[n++], status_indent);
2957 IOVEC_SET_STRING(iovec[n++], s);
2959 IOVEC_SET_STRING(iovec[n++], "\n");
2961 if (writev(fd, iovec, n) < 0)
2967 int status_printf(const char *status, bool ellipse, bool ephemeral, const char *format, ...) {
2973 va_start(ap, format);
2974 r = status_vprintf(status, ellipse, ephemeral, format, ap);
2980 char *replace_env(const char *format, char **env) {
2987 const char *e, *word = format;
2992 for (e = format; *e; e ++) {
3003 if (!(k = strnappend(r, word, e-word-1)))
3012 } else if (*e == '$') {
3013 if (!(k = strnappend(r, word, e-word)))
3029 t = strempty(strv_env_get_n(env, word+2, e-word-2));
3031 k = strappend(r, t);
3045 if (!(k = strnappend(r, word, e-word)))
3056 char **replace_env_argv(char **argv, char **env) {
3058 unsigned k = 0, l = 0;
3060 l = strv_length(argv);
3062 if (!(r = new(char*, l+1)))
3065 STRV_FOREACH(i, argv) {
3067 /* If $FOO appears as single word, replace it by the split up variable */
3068 if ((*i)[0] == '$' && (*i)[1] != '{') {
3073 e = strv_env_get(env, *i+1);
3076 if (!(m = strv_split_quoted(e))) {
3087 if (!(w = realloc(r, sizeof(char*) * (l+1)))) {
3096 memcpy(r + k, m, q * sizeof(char*));
3104 /* If ${FOO} appears as part of a word, replace it by the variable as-is */
3105 if (!(r[k++] = replace_env(*i, env))) {
3115 int fd_columns(int fd) {
3116 struct winsize ws = {};
3118 if (ioctl(fd, TIOCGWINSZ, &ws) < 0)
3127 unsigned columns(void) {
3131 if (_likely_(cached_columns > 0))
3132 return cached_columns;
3135 e = getenv("COLUMNS");
3140 c = fd_columns(STDOUT_FILENO);
3149 int fd_lines(int fd) {
3150 struct winsize ws = {};
3152 if (ioctl(fd, TIOCGWINSZ, &ws) < 0)
3161 unsigned lines(void) {
3165 if (_likely_(cached_lines > 0))
3166 return cached_lines;
3169 e = getenv("LINES");
3174 l = fd_lines(STDOUT_FILENO);
3180 return cached_lines;
3183 /* intended to be used as a SIGWINCH sighandler */
3184 void columns_lines_cache_reset(int signum) {
3190 static int cached_on_tty = -1;
3192 if (_unlikely_(cached_on_tty < 0))
3193 cached_on_tty = isatty(STDOUT_FILENO) > 0;
3195 return cached_on_tty;
3198 int running_in_chroot(void) {
3199 struct stat a = {}, b = {};
3201 /* Only works as root */
3202 if (stat("/proc/1/root", &a) < 0)
3205 if (stat("/", &b) < 0)
3209 a.st_dev != b.st_dev ||
3210 a.st_ino != b.st_ino;
3213 static char *ascii_ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigned percent) {
3218 assert(percent <= 100);
3219 assert(new_length >= 3);
3221 if (old_length <= 3 || old_length <= new_length)
3222 return strndup(s, old_length);
3224 r = new0(char, new_length+1);
3228 x = (new_length * percent) / 100;
3230 if (x > new_length - 3)
3238 s + old_length - (new_length - x - 3),
3239 new_length - x - 3);
3244 char *ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigned percent) {
3248 unsigned k, len, len2;
3251 assert(percent <= 100);
3252 assert(new_length >= 3);
3254 /* if no multibyte characters use ascii_ellipsize_mem for speed */
3255 if (ascii_is_valid(s))
3256 return ascii_ellipsize_mem(s, old_length, new_length, percent);
3258 if (old_length <= 3 || old_length <= new_length)
3259 return strndup(s, old_length);
3261 x = (new_length * percent) / 100;
3263 if (x > new_length - 3)
3267 for (i = s; k < x && i < s + old_length; i = utf8_next_char(i)) {
3270 c = utf8_encoded_to_unichar(i);
3273 k += unichar_iswide(c) ? 2 : 1;
3276 if (k > x) /* last character was wide and went over quota */
3279 for (j = s + old_length; k < new_length && j > i; ) {
3282 j = utf8_prev_char(j);
3283 c = utf8_encoded_to_unichar(j);
3286 k += unichar_iswide(c) ? 2 : 1;
3290 /* we don't actually need to ellipsize */
3292 return memdup(s, old_length + 1);
3294 /* make space for ellipsis */
3295 j = utf8_next_char(j);
3298 len2 = s + old_length - j;
3299 e = new(char, len + 3 + len2 + 1);
3304 printf("old_length=%zu new_length=%zu x=%zu len=%u len2=%u k=%u\n",
3305 old_length, new_length, x, len, len2, k);
3309 e[len] = 0xe2; /* tri-dot ellipsis: … */
3313 memcpy(e + len + 3, j, len2 + 1);
3318 char *ellipsize(const char *s, size_t length, unsigned percent) {
3319 return ellipsize_mem(s, strlen(s), length, percent);
3322 int touch(const char *path) {
3327 /* This just opens the file for writing, ensuring it
3328 * exists. It doesn't call utimensat() the way /usr/bin/touch
3331 fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY, 0644);
3335 close_nointr_nofail(fd);
3339 char *unquote(const char *s, const char* quotes) {
3343 /* This is rather stupid, simply removes the heading and
3344 * trailing quotes if there is one. Doesn't care about
3345 * escaping or anything. We should make this smarter one
3352 if (strchr(quotes, s[0]) && s[l-1] == s[0])
3353 return strndup(s+1, l-2);
3358 char *normalize_env_assignment(const char *s) {
3359 _cleanup_free_ char *name = NULL, *value = NULL, *p = NULL;
3362 eq = strchr(s, '=');
3374 memmove(r, t, strlen(t) + 1);
3378 name = strndup(s, eq - s);
3386 value = unquote(strstrip(p), QUOTES);
3390 if (asprintf(&r, "%s=%s", strstrip(name), value) < 0)
3396 int wait_for_terminate(pid_t pid, siginfo_t *status) {
3407 if (waitid(P_PID, pid, status, WEXITED) < 0) {
3419 int wait_for_terminate_and_warn(const char *name, pid_t pid) {
3426 r = wait_for_terminate(pid, &status);
3428 log_warning("Failed to wait for %s: %s", name, strerror(-r));
3432 if (status.si_code == CLD_EXITED) {
3433 if (status.si_status != 0) {
3434 log_warning("%s failed with error code %i.", name, status.si_status);
3435 return status.si_status;
3438 log_debug("%s succeeded.", name);
3441 } else if (status.si_code == CLD_KILLED ||
3442 status.si_code == CLD_DUMPED) {
3444 log_warning("%s terminated by signal %s.", name, signal_to_string(status.si_status));
3448 log_warning("%s failed due to unknown reason.", name);
3452 noreturn void freeze(void) {
3454 /* Make sure nobody waits for us on a socket anymore */
3455 close_all_fds(NULL, 0);
3463 bool null_or_empty(struct stat *st) {
3466 if (S_ISREG(st->st_mode) && st->st_size <= 0)
3469 if (S_ISCHR(st->st_mode) || S_ISBLK(st->st_mode))
3475 int null_or_empty_path(const char *fn) {
3480 if (stat(fn, &st) < 0)
3483 return null_or_empty(&st);
3486 DIR *xopendirat(int fd, const char *name, int flags) {
3490 assert(!(flags & O_CREAT));
3492 nfd = openat(fd, name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|flags, 0);
3498 close_nointr_nofail(nfd);
3505 int signal_from_string_try_harder(const char *s) {
3509 signo = signal_from_string(s);
3511 if (startswith(s, "SIG"))
3512 return signal_from_string(s+3);
3517 static char *tag_to_udev_node(const char *tagvalue, const char *by) {
3518 _cleanup_free_ char *t = NULL, *u = NULL;
3522 u = unquote(tagvalue, "\"\'");
3526 enc_len = strlen(u) * 4 + 1;
3527 t = new(char, enc_len);
3531 if (encode_devnode_name(u, t, enc_len) < 0)
3534 if (asprintf(&dn, "/dev/disk/by-%s/%s", by, t) < 0)
3540 char *fstab_node_to_udev_node(const char *p) {
3543 if (startswith(p, "LABEL="))
3544 return tag_to_udev_node(p+6, "label");
3546 if (startswith(p, "UUID="))
3547 return tag_to_udev_node(p+5, "uuid");
3549 if (startswith(p, "PARTUUID="))
3550 return tag_to_udev_node(p+9, "partuuid");
3552 if (startswith(p, "PARTLABEL="))
3553 return tag_to_udev_node(p+10, "partlabel");
3558 bool tty_is_vc(const char *tty) {
3561 if (startswith(tty, "/dev/"))
3564 return vtnr_from_tty(tty) >= 0;
3567 bool tty_is_console(const char *tty) {
3570 if (startswith(tty, "/dev/"))
3573 return streq(tty, "console");
3576 int vtnr_from_tty(const char *tty) {
3581 if (startswith(tty, "/dev/"))
3584 if (!startswith(tty, "tty") )
3587 if (tty[3] < '0' || tty[3] > '9')
3590 r = safe_atoi(tty+3, &i);
3594 if (i < 0 || i > 63)
3600 char *resolve_dev_console(char **active) {
3603 /* Resolve where /dev/console is pointing to, if /sys is actually ours
3604 * (i.e. not read-only-mounted which is a sign for container setups) */
3606 if (path_is_read_only_fs("/sys") > 0)
3609 if (read_one_line_file("/sys/class/tty/console/active", active) < 0)
3612 /* If multiple log outputs are configured the last one is what
3613 * /dev/console points to */
3614 tty = strrchr(*active, ' ');
3620 if (streq(tty, "tty0")) {
3623 /* Get the active VC (e.g. tty1) */
3624 if (read_one_line_file("/sys/class/tty/tty0/active", &tmp) >= 0) {
3626 tty = *active = tmp;
3633 bool tty_is_vc_resolve(const char *tty) {
3634 _cleanup_free_ char *active = NULL;
3638 if (startswith(tty, "/dev/"))
3641 if (streq(tty, "console")) {
3642 tty = resolve_dev_console(&active);
3647 return tty_is_vc(tty);
3650 const char *default_term_for_tty(const char *tty) {
3653 return tty_is_vc_resolve(tty) ? "TERM=linux" : "TERM=vt102";
3656 bool dirent_is_file(const struct dirent *de) {
3659 if (ignore_file(de->d_name))
3662 if (de->d_type != DT_REG &&
3663 de->d_type != DT_LNK &&
3664 de->d_type != DT_UNKNOWN)
3670 bool dirent_is_file_with_suffix(const struct dirent *de, const char *suffix) {
3673 if (de->d_type != DT_REG &&
3674 de->d_type != DT_LNK &&
3675 de->d_type != DT_UNKNOWN)
3678 if (ignore_file_allow_backup(de->d_name))
3681 return endswith(de->d_name, suffix);
3684 void execute_directory(const char *directory, DIR *d, char *argv[]) {
3687 Hashmap *pids = NULL;
3691 /* Executes all binaries in a directory in parallel and
3692 * waits for them to finish. */
3695 if (!(_d = opendir(directory))) {
3697 if (errno == ENOENT)
3700 log_error("Failed to enumerate directory %s: %m", directory);
3707 if (!(pids = hashmap_new(trivial_hash_func, trivial_compare_func))) {
3708 log_error("Failed to allocate set.");
3712 while ((de = readdir(d))) {
3717 if (!dirent_is_file(de))
3720 if (asprintf(&path, "%s/%s", directory, de->d_name) < 0) {
3725 if ((pid = fork()) < 0) {
3726 log_error("Failed to fork: %m");
3744 log_error("Failed to execute %s: %m", path);
3745 _exit(EXIT_FAILURE);
3748 log_debug("Spawned %s as %lu", path, (unsigned long) pid);
3750 if ((k = hashmap_put(pids, UINT_TO_PTR(pid), path)) < 0) {
3751 log_error("Failed to add PID to set: %s", strerror(-k));
3756 while (!hashmap_isempty(pids)) {
3757 pid_t pid = PTR_TO_UINT(hashmap_first_key(pids));
3761 if (waitid(P_PID, pid, &si, WEXITED) < 0) {
3766 log_error("waitid() failed: %m");
3770 if ((path = hashmap_remove(pids, UINT_TO_PTR(si.si_pid)))) {
3771 if (!is_clean_exit(si.si_code, si.si_status, NULL)) {
3772 if (si.si_code == CLD_EXITED)
3773 log_error("%s exited with exit status %i.", path, si.si_status);
3775 log_error("%s terminated by signal %s.", path, signal_to_string(si.si_status));
3777 log_debug("%s exited successfully.", path);
3788 hashmap_free_free(pids);
3791 int kill_and_sigcont(pid_t pid, int sig) {
3794 r = kill(pid, sig) < 0 ? -errno : 0;
3802 bool nulstr_contains(const char*nulstr, const char *needle) {
3808 NULSTR_FOREACH(i, nulstr)
3809 if (streq(i, needle))
3815 bool plymouth_running(void) {
3816 return access("/run/plymouth/pid", F_OK) >= 0;
3819 char* strshorten(char *s, size_t l) {
3828 static bool hostname_valid_char(char c) {
3830 (c >= 'a' && c <= 'z') ||
3831 (c >= 'A' && c <= 'Z') ||
3832 (c >= '0' && c <= '9') ||
3838 bool hostname_is_valid(const char *s) {
3845 for (p = s, dot = true; *p; p++) {
3852 if (!hostname_valid_char(*p))
3862 if (p-s > HOST_NAME_MAX)
3868 char* hostname_cleanup(char *s, bool lowercase) {
3872 for (p = s, d = s, dot = true; *p; p++) {
3879 } else if (hostname_valid_char(*p)) {
3880 *(d++) = lowercase ? tolower(*p) : *p;
3891 strshorten(s, HOST_NAME_MAX);
3896 int pipe_eof(int fd) {
3897 struct pollfd pollfd = {
3899 .events = POLLIN|POLLHUP,
3904 r = poll(&pollfd, 1, 0);
3911 return pollfd.revents & POLLHUP;
3914 int fd_wait_for_event(int fd, int event, usec_t t) {
3916 struct pollfd pollfd = {
3924 r = ppoll(&pollfd, 1, t == (usec_t) -1 ? NULL : timespec_store(&ts, t), NULL);
3931 return pollfd.revents;
3934 int fopen_temporary(const char *path, FILE **_f, char **_temp_path) {
3945 t = new(char, strlen(path) + 1 + 6 + 1);
3949 fn = basename(path);
3953 stpcpy(stpcpy(t+k+1, fn), "XXXXXX");
3955 fd = mkostemp_safe(t, O_WRONLY|O_CLOEXEC);
3961 f = fdopen(fd, "we");
3974 int terminal_vhangup_fd(int fd) {
3977 if (ioctl(fd, TIOCVHANGUP) < 0)
3983 int terminal_vhangup(const char *name) {
3986 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
3990 r = terminal_vhangup_fd(fd);
3991 close_nointr_nofail(fd);
3996 int vt_disallocate(const char *name) {
4000 /* Deallocate the VT if possible. If not possible
4001 * (i.e. because it is the active one), at least clear it
4002 * entirely (including the scrollback buffer) */
4004 if (!startswith(name, "/dev/"))
4007 if (!tty_is_vc(name)) {
4008 /* So this is not a VT. I guess we cannot deallocate
4009 * it then. But let's at least clear the screen */
4011 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
4016 "\033[r" /* clear scrolling region */
4017 "\033[H" /* move home */
4018 "\033[2J", /* clear screen */
4020 close_nointr_nofail(fd);
4025 if (!startswith(name, "/dev/tty"))
4028 r = safe_atou(name+8, &u);
4035 /* Try to deallocate */
4036 fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
4040 r = ioctl(fd, VT_DISALLOCATE, u);
4041 close_nointr_nofail(fd);
4049 /* Couldn't deallocate, so let's clear it fully with
4051 fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
4056 "\033[r" /* clear scrolling region */
4057 "\033[H" /* move home */
4058 "\033[3J", /* clear screen including scrollback, requires Linux 2.6.40 */
4060 close_nointr_nofail(fd);
4065 int copy_file(const char *from, const char *to, int flags) {
4066 _cleanup_close_ int fdf = -1;
4072 fdf = open(from, O_RDONLY|O_CLOEXEC|O_NOCTTY);
4076 fdt = open(to, flags|O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY, 0644);
4084 n = read(fdf, buf, sizeof(buf));
4098 k = loop_write(fdt, buf, n, false);
4100 r = k < 0 ? k : (errno ? -errno : -EIO);
4109 r = close_nointr(fdt);
4119 int symlink_atomic(const char *from, const char *to) {
4121 _cleanup_free_ char *t;
4131 t = new(char, strlen(to) + 1 + 16 + 1);
4139 x = stpcpy(t+k+1, fn);
4142 for (i = 0; i < 16; i++) {
4143 *(x++) = hexchar(u & 0xF);
4149 if (symlink(from, t) < 0)
4152 if (rename(t, to) < 0) {
4161 bool display_is_local(const char *display) {
4165 display[0] == ':' &&
4166 display[1] >= '0' &&
4170 int socket_from_display(const char *display, char **path) {
4177 if (!display_is_local(display))
4180 k = strspn(display+1, "0123456789");
4182 f = new(char, sizeof("/tmp/.X11-unix/X") + k);
4186 c = stpcpy(f, "/tmp/.X11-unix/X");
4187 memcpy(c, display+1, k);
4196 const char **username,
4197 uid_t *uid, gid_t *gid,
4199 const char **shell) {
4207 /* We enforce some special rules for uid=0: in order to avoid
4208 * NSS lookups for root we hardcode its data. */
4210 if (streq(*username, "root") || streq(*username, "0")) {
4228 if (parse_uid(*username, &u) >= 0) {
4232 /* If there are multiple users with the same id, make
4233 * sure to leave $USER to the configured value instead
4234 * of the first occurrence in the database. However if
4235 * the uid was configured by a numeric uid, then let's
4236 * pick the real username from /etc/passwd. */
4238 *username = p->pw_name;
4241 p = getpwnam(*username);
4245 return errno > 0 ? -errno : -ESRCH;
4257 *shell = p->pw_shell;
4262 char* uid_to_name(uid_t uid) {
4267 return strdup("root");
4271 return strdup(p->pw_name);
4273 if (asprintf(&r, "%lu", (unsigned long) uid) < 0)
4279 char* gid_to_name(gid_t gid) {
4284 return strdup("root");
4288 return strdup(p->gr_name);
4290 if (asprintf(&r, "%lu", (unsigned long) gid) < 0)
4296 int get_group_creds(const char **groupname, gid_t *gid) {
4302 /* We enforce some special rules for gid=0: in order to avoid
4303 * NSS lookups for root we hardcode its data. */
4305 if (streq(*groupname, "root") || streq(*groupname, "0")) {
4306 *groupname = "root";
4314 if (parse_gid(*groupname, &id) >= 0) {
4319 *groupname = g->gr_name;
4322 g = getgrnam(*groupname);
4326 return errno > 0 ? -errno : -ESRCH;
4334 int in_gid(gid_t gid) {
4336 int ngroups_max, r, i;
4338 if (getgid() == gid)
4341 if (getegid() == gid)
4344 ngroups_max = sysconf(_SC_NGROUPS_MAX);
4345 assert(ngroups_max > 0);
4347 gids = alloca(sizeof(gid_t) * ngroups_max);
4349 r = getgroups(ngroups_max, gids);
4353 for (i = 0; i < r; i++)
4360 int in_group(const char *name) {
4364 r = get_group_creds(&name, &gid);
4371 int glob_exists(const char *path) {
4372 _cleanup_globfree_ glob_t g = {};
4378 k = glob(path, GLOB_NOSORT|GLOB_BRACE, NULL, &g);
4380 if (k == GLOB_NOMATCH)
4382 else if (k == GLOB_NOSPACE)
4385 return !strv_isempty(g.gl_pathv);
4387 return errno ? -errno : -EIO;
4390 int glob_extend(char ***strv, const char *path) {
4391 _cleanup_globfree_ glob_t g = {};
4396 k = glob(path, GLOB_NOSORT|GLOB_BRACE, NULL, &g);
4398 if (k == GLOB_NOMATCH)
4400 else if (k == GLOB_NOSPACE)
4402 else if (k != 0 || strv_isempty(g.gl_pathv))
4403 return errno ? -errno : -EIO;
4405 STRV_FOREACH(p, g.gl_pathv) {
4406 k = strv_extend(strv, *p);
4414 int dirent_ensure_type(DIR *d, struct dirent *de) {
4420 if (de->d_type != DT_UNKNOWN)
4423 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
4427 S_ISREG(st.st_mode) ? DT_REG :
4428 S_ISDIR(st.st_mode) ? DT_DIR :
4429 S_ISLNK(st.st_mode) ? DT_LNK :
4430 S_ISFIFO(st.st_mode) ? DT_FIFO :
4431 S_ISSOCK(st.st_mode) ? DT_SOCK :
4432 S_ISCHR(st.st_mode) ? DT_CHR :
4433 S_ISBLK(st.st_mode) ? DT_BLK :
4439 int in_search_path(const char *path, char **search) {
4441 _cleanup_free_ char *parent = NULL;
4444 r = path_get_parent(path, &parent);
4448 STRV_FOREACH(i, search)
4449 if (path_equal(parent, *i))
4455 int get_files_in_directory(const char *path, char ***list) {
4456 _cleanup_closedir_ DIR *d = NULL;
4457 size_t bufsize = 0, n = 0;
4458 _cleanup_strv_free_ char **l = NULL;
4462 /* Returns all files in a directory in *list, and the number
4463 * of files as return value. If list is NULL returns only the
4475 if (!de && errno != 0)
4480 dirent_ensure_type(d, de);
4482 if (!dirent_is_file(de))
4486 /* one extra slot is needed for the terminating NULL */
4487 if (!GREEDY_REALLOC(l, bufsize, n + 2))
4490 l[n] = strdup(de->d_name);
4501 l = NULL; /* avoid freeing */
4507 char *strjoin(const char *x, ...) {
4521 t = va_arg(ap, const char *);
4526 if (n > ((size_t) -1) - l) {
4550 t = va_arg(ap, const char *);
4564 bool is_main_thread(void) {
4565 static thread_local int cached = 0;
4567 if (_unlikely_(cached == 0))
4568 cached = getpid() == gettid() ? 1 : -1;
4573 int block_get_whole_disk(dev_t d, dev_t *ret) {
4580 /* If it has a queue this is good enough for us */
4581 if (asprintf(&p, "/sys/dev/block/%u:%u/queue", major(d), minor(d)) < 0)
4584 r = access(p, F_OK);
4592 /* If it is a partition find the originating device */
4593 if (asprintf(&p, "/sys/dev/block/%u:%u/partition", major(d), minor(d)) < 0)
4596 r = access(p, F_OK);
4602 /* Get parent dev_t */
4603 if (asprintf(&p, "/sys/dev/block/%u:%u/../dev", major(d), minor(d)) < 0)
4606 r = read_one_line_file(p, &s);
4612 r = sscanf(s, "%u:%u", &m, &n);
4618 /* Only return this if it is really good enough for us. */
4619 if (asprintf(&p, "/sys/dev/block/%u:%u/queue", m, n) < 0)
4622 r = access(p, F_OK);
4626 *ret = makedev(m, n);
4633 int file_is_priv_sticky(const char *p) {
4638 if (lstat(p, &st) < 0)
4642 (st.st_uid == 0 || st.st_uid == getuid()) &&
4643 (st.st_mode & S_ISVTX);
4646 static const char *const ioprio_class_table[] = {
4647 [IOPRIO_CLASS_NONE] = "none",
4648 [IOPRIO_CLASS_RT] = "realtime",
4649 [IOPRIO_CLASS_BE] = "best-effort",
4650 [IOPRIO_CLASS_IDLE] = "idle"
4653 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ioprio_class, int, INT_MAX);
4655 static const char *const sigchld_code_table[] = {
4656 [CLD_EXITED] = "exited",
4657 [CLD_KILLED] = "killed",
4658 [CLD_DUMPED] = "dumped",
4659 [CLD_TRAPPED] = "trapped",
4660 [CLD_STOPPED] = "stopped",
4661 [CLD_CONTINUED] = "continued",
4664 DEFINE_STRING_TABLE_LOOKUP(sigchld_code, int);
4666 static const char *const log_facility_unshifted_table[LOG_NFACILITIES] = {
4667 [LOG_FAC(LOG_KERN)] = "kern",
4668 [LOG_FAC(LOG_USER)] = "user",
4669 [LOG_FAC(LOG_MAIL)] = "mail",
4670 [LOG_FAC(LOG_DAEMON)] = "daemon",
4671 [LOG_FAC(LOG_AUTH)] = "auth",
4672 [LOG_FAC(LOG_SYSLOG)] = "syslog",
4673 [LOG_FAC(LOG_LPR)] = "lpr",
4674 [LOG_FAC(LOG_NEWS)] = "news",
4675 [LOG_FAC(LOG_UUCP)] = "uucp",
4676 [LOG_FAC(LOG_CRON)] = "cron",
4677 [LOG_FAC(LOG_AUTHPRIV)] = "authpriv",
4678 [LOG_FAC(LOG_FTP)] = "ftp",
4679 [LOG_FAC(LOG_LOCAL0)] = "local0",
4680 [LOG_FAC(LOG_LOCAL1)] = "local1",
4681 [LOG_FAC(LOG_LOCAL2)] = "local2",
4682 [LOG_FAC(LOG_LOCAL3)] = "local3",
4683 [LOG_FAC(LOG_LOCAL4)] = "local4",
4684 [LOG_FAC(LOG_LOCAL5)] = "local5",
4685 [LOG_FAC(LOG_LOCAL6)] = "local6",
4686 [LOG_FAC(LOG_LOCAL7)] = "local7"
4689 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(log_facility_unshifted, int, LOG_FAC(~0));
4691 static const char *const log_level_table[] = {
4692 [LOG_EMERG] = "emerg",
4693 [LOG_ALERT] = "alert",
4694 [LOG_CRIT] = "crit",
4696 [LOG_WARNING] = "warning",
4697 [LOG_NOTICE] = "notice",
4698 [LOG_INFO] = "info",
4699 [LOG_DEBUG] = "debug"
4702 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(log_level, int, LOG_DEBUG);
4704 static const char* const sched_policy_table[] = {
4705 [SCHED_OTHER] = "other",
4706 [SCHED_BATCH] = "batch",
4707 [SCHED_IDLE] = "idle",
4708 [SCHED_FIFO] = "fifo",
4712 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(sched_policy, int, INT_MAX);
4714 static const char* const rlimit_table[] = {
4715 [RLIMIT_CPU] = "LimitCPU",
4716 [RLIMIT_FSIZE] = "LimitFSIZE",
4717 [RLIMIT_DATA] = "LimitDATA",
4718 [RLIMIT_STACK] = "LimitSTACK",
4719 [RLIMIT_CORE] = "LimitCORE",
4720 [RLIMIT_RSS] = "LimitRSS",
4721 [RLIMIT_NOFILE] = "LimitNOFILE",
4722 [RLIMIT_AS] = "LimitAS",
4723 [RLIMIT_NPROC] = "LimitNPROC",
4724 [RLIMIT_MEMLOCK] = "LimitMEMLOCK",
4725 [RLIMIT_LOCKS] = "LimitLOCKS",
4726 [RLIMIT_SIGPENDING] = "LimitSIGPENDING",
4727 [RLIMIT_MSGQUEUE] = "LimitMSGQUEUE",
4728 [RLIMIT_NICE] = "LimitNICE",
4729 [RLIMIT_RTPRIO] = "LimitRTPRIO",
4730 [RLIMIT_RTTIME] = "LimitRTTIME"
4733 DEFINE_STRING_TABLE_LOOKUP(rlimit, int);
4735 static const char* const ip_tos_table[] = {
4736 [IPTOS_LOWDELAY] = "low-delay",
4737 [IPTOS_THROUGHPUT] = "throughput",
4738 [IPTOS_RELIABILITY] = "reliability",
4739 [IPTOS_LOWCOST] = "low-cost",
4742 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ip_tos, int, 0xff);
4744 static const char *const __signal_table[] = {
4761 [SIGSTKFLT] = "STKFLT", /* Linux on SPARC doesn't know SIGSTKFLT */
4772 [SIGVTALRM] = "VTALRM",
4774 [SIGWINCH] = "WINCH",
4780 DEFINE_PRIVATE_STRING_TABLE_LOOKUP(__signal, int);
4782 const char *signal_to_string(int signo) {
4783 static thread_local char buf[sizeof("RTMIN+")-1 + DECIMAL_STR_MAX(int) + 1];
4786 name = __signal_to_string(signo);
4790 if (signo >= SIGRTMIN && signo <= SIGRTMAX)
4791 snprintf(buf, sizeof(buf), "RTMIN+%d", signo - SIGRTMIN);
4793 snprintf(buf, sizeof(buf), "%d", signo);
4798 int signal_from_string(const char *s) {
4803 signo = __signal_from_string(s);
4807 if (startswith(s, "RTMIN+")) {
4811 if (safe_atou(s, &u) >= 0) {
4812 signo = (int) u + offset;
4813 if (signo > 0 && signo < _NSIG)
4819 bool kexec_loaded(void) {
4820 bool loaded = false;
4823 if (read_one_line_file("/sys/kernel/kexec_loaded", &s) >= 0) {
4831 int strdup_or_null(const char *a, char **b) {
4849 int prot_from_flags(int flags) {
4851 switch (flags & O_ACCMODE) {
4860 return PROT_READ|PROT_WRITE;
4867 char *format_bytes(char *buf, size_t l, off_t t) {
4870 static const struct {
4874 { "E", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
4875 { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
4876 { "T", 1024ULL*1024ULL*1024ULL*1024ULL },
4877 { "G", 1024ULL*1024ULL*1024ULL },
4878 { "M", 1024ULL*1024ULL },
4882 for (i = 0; i < ELEMENTSOF(table); i++) {
4884 if (t >= table[i].factor) {
4887 (unsigned long long) (t / table[i].factor),
4888 (unsigned long long) (((t*10ULL) / table[i].factor) % 10ULL),
4895 snprintf(buf, l, "%lluB", (unsigned long long) t);
4903 void* memdup(const void *p, size_t l) {
4916 int fd_inc_sndbuf(int fd, size_t n) {
4918 socklen_t l = sizeof(value);
4920 r = getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, &l);
4921 if (r >= 0 && l == sizeof(value) && (size_t) value >= n*2)
4924 /* If we have the privileges we will ignore the kernel limit. */
4927 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
4928 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
4934 int fd_inc_rcvbuf(int fd, size_t n) {
4936 socklen_t l = sizeof(value);
4938 r = getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, &l);
4939 if (r >= 0 && l == sizeof(value) && (size_t) value >= n*2)
4942 /* If we have the privileges we will ignore the kernel limit. */
4945 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
4946 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
4951 int fork_agent(pid_t *pid, const int except[], unsigned n_except, const char *path, ...) {
4952 pid_t parent_pid, agent_pid;
4954 bool stdout_is_tty, stderr_is_tty;
4962 parent_pid = getpid();
4964 /* Spawns a temporary TTY agent, making sure it goes away when
4971 if (agent_pid != 0) {
4978 * Make sure the agent goes away when the parent dies */
4979 if (prctl(PR_SET_PDEATHSIG, SIGTERM) < 0)
4980 _exit(EXIT_FAILURE);
4982 /* Check whether our parent died before we were able
4983 * to set the death signal */
4984 if (getppid() != parent_pid)
4985 _exit(EXIT_SUCCESS);
4987 /* Don't leak fds to the agent */
4988 close_all_fds(except, n_except);
4990 stdout_is_tty = isatty(STDOUT_FILENO);
4991 stderr_is_tty = isatty(STDERR_FILENO);
4993 if (!stdout_is_tty || !stderr_is_tty) {
4994 /* Detach from stdout/stderr. and reopen
4995 * /dev/tty for them. This is important to
4996 * ensure that when systemctl is started via
4997 * popen() or a similar call that expects to
4998 * read EOF we actually do generate EOF and
4999 * not delay this indefinitely by because we
5000 * keep an unused copy of stdin around. */
5001 fd = open("/dev/tty", O_WRONLY);
5003 log_error("Failed to open /dev/tty: %m");
5004 _exit(EXIT_FAILURE);
5008 dup2(fd, STDOUT_FILENO);
5011 dup2(fd, STDERR_FILENO);
5017 /* Count arguments */
5019 for (n = 0; va_arg(ap, char*); n++)
5024 l = alloca(sizeof(char *) * (n + 1));
5026 /* Fill in arguments */
5028 for (i = 0; i <= n; i++)
5029 l[i] = va_arg(ap, char*);
5033 _exit(EXIT_FAILURE);
5036 int setrlimit_closest(int resource, const struct rlimit *rlim) {
5037 struct rlimit highest, fixed;
5041 if (setrlimit(resource, rlim) >= 0)
5047 /* So we failed to set the desired setrlimit, then let's try
5048 * to get as close as we can */
5049 assert_se(getrlimit(resource, &highest) == 0);
5051 fixed.rlim_cur = MIN(rlim->rlim_cur, highest.rlim_max);
5052 fixed.rlim_max = MIN(rlim->rlim_max, highest.rlim_max);
5054 if (setrlimit(resource, &fixed) < 0)
5060 int getenv_for_pid(pid_t pid, const char *field, char **_value) {
5061 _cleanup_fclose_ FILE *f = NULL;
5072 path = procfs_file_alloca(pid, "environ");
5074 f = fopen(path, "re");
5082 char line[LINE_MAX];
5085 for (i = 0; i < sizeof(line)-1; i++) {
5089 if (_unlikely_(c == EOF)) {
5099 if (memcmp(line, field, l) == 0 && line[l] == '=') {
5100 value = strdup(line + l + 1);
5114 bool is_valid_documentation_url(const char *url) {
5117 if (startswith(url, "http://") && url[7])
5120 if (startswith(url, "https://") && url[8])
5123 if (startswith(url, "file:") && url[5])
5126 if (startswith(url, "info:") && url[5])
5129 if (startswith(url, "man:") && url[4])
5135 bool in_initrd(void) {
5136 static int saved = -1;
5142 /* We make two checks here:
5144 * 1. the flag file /etc/initrd-release must exist
5145 * 2. the root file system must be a memory file system
5147 * The second check is extra paranoia, since misdetecting an
5148 * initrd can have bad bad consequences due the initrd
5149 * emptying when transititioning to the main systemd.
5152 saved = access("/etc/initrd-release", F_OK) >= 0 &&
5153 statfs("/", &s) >= 0 &&
5154 is_temporary_fs(&s);
5159 void warn_melody(void) {
5160 _cleanup_close_ int fd = -1;
5162 fd = open("/dev/console", O_WRONLY|O_CLOEXEC|O_NOCTTY);
5166 /* Yeah, this is synchronous. Kinda sucks. But well... */
5168 ioctl(fd, KIOCSOUND, (int)(1193180/440));
5169 usleep(125*USEC_PER_MSEC);
5171 ioctl(fd, KIOCSOUND, (int)(1193180/220));
5172 usleep(125*USEC_PER_MSEC);
5174 ioctl(fd, KIOCSOUND, (int)(1193180/220));
5175 usleep(125*USEC_PER_MSEC);
5177 ioctl(fd, KIOCSOUND, 0);
5180 int make_console_stdio(void) {
5183 /* Make /dev/console the controlling terminal and stdin/stdout/stderr */
5185 fd = acquire_terminal("/dev/console", false, true, true, (usec_t) -1);
5187 log_error("Failed to acquire terminal: %s", strerror(-fd));
5193 log_error("Failed to duplicate terminal fd: %s", strerror(-r));
5200 int get_home_dir(char **_h) {
5208 /* Take the user specified one */
5219 /* Hardcode home directory for root to avoid NSS */
5222 h = strdup("/root");
5230 /* Check the database... */
5234 return errno > 0 ? -errno : -ESRCH;
5236 if (!path_is_absolute(p->pw_dir))
5239 h = strdup(p->pw_dir);
5247 int get_shell(char **_s) {
5255 /* Take the user specified one */
5256 e = getenv("SHELL");
5266 /* Hardcode home directory for root to avoid NSS */
5269 s = strdup("/bin/sh");
5277 /* Check the database... */
5281 return errno > 0 ? -errno : -ESRCH;
5283 if (!path_is_absolute(p->pw_shell))
5286 s = strdup(p->pw_shell);
5294 bool filename_is_safe(const char *p) {
5308 if (strlen(p) > FILENAME_MAX)
5314 bool string_is_safe(const char *p) {
5319 for (t = p; *t; t++) {
5320 if (*t > 0 && *t < ' ')
5323 if (strchr("\\\"\'", *t))
5331 * Check if a string contains control characters.
5332 * Spaces and tabs are not considered control characters.
5334 bool string_has_cc(const char *p) {
5339 for (t = p; *t; t++)
5340 if (*t > 0 && *t < ' ' && *t != '\t')
5346 bool path_is_safe(const char *p) {
5351 if (streq(p, "..") || startswith(p, "../") || endswith(p, "/..") || strstr(p, "/../"))
5354 if (strlen(p) > PATH_MAX)
5357 /* The following two checks are not really dangerous, but hey, they still are confusing */
5358 if (streq(p, ".") || startswith(p, "./") || endswith(p, "/.") || strstr(p, "/./"))
5361 if (strstr(p, "//"))
5367 /* hey glibc, APIs with callbacks without a user pointer are so useless */
5368 void *xbsearch_r(const void *key, const void *base, size_t nmemb, size_t size,
5369 int (*compar) (const void *, const void *, void *), void *arg) {
5378 p = (void *)(((const char *) base) + (idx * size));
5379 comparison = compar(key, p, arg);
5382 else if (comparison > 0)
5390 bool is_locale_utf8(void) {
5392 static int cached_answer = -1;
5394 if (cached_answer >= 0)
5397 if (!setlocale(LC_ALL, "")) {
5398 cached_answer = true;
5402 set = nl_langinfo(CODESET);
5404 cached_answer = true;
5408 if (streq(set, "UTF-8")) {
5409 cached_answer = true;
5413 /* For LC_CTYPE=="C" return true, because CTYPE is effectly
5414 * unset and everything can do to UTF-8 nowadays. */
5415 set = setlocale(LC_CTYPE, NULL);
5417 cached_answer = true;
5421 /* Check result, but ignore the result if C was set
5425 !getenv("LC_ALL") &&
5426 !getenv("LC_CTYPE") &&
5430 return (bool) cached_answer;
5433 const char *draw_special_char(DrawSpecialChar ch) {
5434 static const char *draw_table[2][_DRAW_SPECIAL_CHAR_MAX] = {
5436 [DRAW_TREE_VERT] = "\342\224\202 ", /* │ */
5437 [DRAW_TREE_BRANCH] = "\342\224\234\342\224\200", /* ├─ */
5438 [DRAW_TREE_RIGHT] = "\342\224\224\342\224\200", /* └─ */
5439 [DRAW_TREE_SPACE] = " ", /* */
5440 [DRAW_TRIANGULAR_BULLET] = "\342\200\243 ", /* ‣ */
5441 [DRAW_BLACK_CIRCLE] = "\342\227\217 ", /* ● */
5443 /* ASCII fallback */ {
5444 [DRAW_TREE_VERT] = "| ",
5445 [DRAW_TREE_BRANCH] = "|-",
5446 [DRAW_TREE_RIGHT] = "`-",
5447 [DRAW_TREE_SPACE] = " ",
5448 [DRAW_TRIANGULAR_BULLET] = "> ",
5449 [DRAW_BLACK_CIRCLE] = "* ",
5453 return draw_table[!is_locale_utf8()][ch];
5456 char *strreplace(const char *text, const char *old_string, const char *new_string) {
5459 size_t l, old_len, new_len;
5465 old_len = strlen(old_string);
5466 new_len = strlen(new_string);
5479 if (!startswith(f, old_string)) {
5485 nl = l - old_len + new_len;
5486 a = realloc(r, nl + 1);
5494 t = stpcpy(t, new_string);
5506 char *strip_tab_ansi(char **ibuf, size_t *_isz) {
5507 const char *i, *begin = NULL;
5512 } state = STATE_OTHER;
5514 size_t osz = 0, isz;
5520 /* Strips ANSI color and replaces TABs by 8 spaces */
5522 isz = _isz ? *_isz : strlen(*ibuf);
5524 f = open_memstream(&obuf, &osz);
5528 for (i = *ibuf; i < *ibuf + isz + 1; i++) {
5533 if (i >= *ibuf + isz) /* EOT */
5535 else if (*i == '\x1B')
5536 state = STATE_ESCAPE;
5537 else if (*i == '\t')
5544 if (i >= *ibuf + isz) { /* EOT */
5547 } else if (*i == '[') {
5548 state = STATE_BRACKET;
5553 state = STATE_OTHER;
5560 if (i >= *ibuf + isz || /* EOT */
5561 (!(*i >= '0' && *i <= '9') && *i != ';' && *i != 'm')) {
5564 state = STATE_OTHER;
5566 } else if (*i == 'm')
5567 state = STATE_OTHER;
5589 int on_ac_power(void) {
5590 bool found_offline = false, found_online = false;
5591 _cleanup_closedir_ DIR *d = NULL;
5593 d = opendir("/sys/class/power_supply");
5599 _cleanup_close_ int fd = -1, device = -1;
5605 if (!de && errno != 0)
5611 if (ignore_file(de->d_name))
5614 device = openat(dirfd(d), de->d_name, O_DIRECTORY|O_RDONLY|O_CLOEXEC|O_NOCTTY);
5616 if (errno == ENOENT || errno == ENOTDIR)
5622 fd = openat(device, "type", O_RDONLY|O_CLOEXEC|O_NOCTTY);
5624 if (errno == ENOENT)
5630 n = read(fd, contents, sizeof(contents));
5634 if (n != 6 || memcmp(contents, "Mains\n", 6))
5637 close_nointr_nofail(fd);
5638 fd = openat(device, "online", O_RDONLY|O_CLOEXEC|O_NOCTTY);
5640 if (errno == ENOENT)
5646 n = read(fd, contents, sizeof(contents));
5650 if (n != 2 || contents[1] != '\n')
5653 if (contents[0] == '1') {
5654 found_online = true;
5656 } else if (contents[0] == '0')
5657 found_offline = true;
5662 return found_online || !found_offline;
5665 static int search_and_fopen_internal(const char *path, const char *mode, char **search, FILE **_f) {
5672 if (!path_strv_canonicalize_absolute_uniq(search, NULL))
5675 STRV_FOREACH(i, search) {
5676 _cleanup_free_ char *p = NULL;
5679 p = strjoin(*i, "/", path, NULL);
5689 if (errno != ENOENT)
5696 int search_and_fopen(const char *path, const char *mode, const char **search, FILE **_f) {
5697 _cleanup_strv_free_ char **copy = NULL;
5703 if (path_is_absolute(path)) {
5706 f = fopen(path, mode);
5715 copy = strv_copy((char**) search);
5719 return search_and_fopen_internal(path, mode, copy, _f);
5722 int search_and_fopen_nulstr(const char *path, const char *mode, const char *search, FILE **_f) {
5723 _cleanup_strv_free_ char **s = NULL;
5725 if (path_is_absolute(path)) {
5728 f = fopen(path, mode);
5737 s = strv_split_nulstr(search);
5741 return search_and_fopen_internal(path, mode, s, _f);
5744 char *strextend(char **x, ...) {
5751 l = f = *x ? strlen(*x) : 0;
5758 t = va_arg(ap, const char *);
5763 if (n > ((size_t) -1) - l) {
5772 r = realloc(*x, l+1);
5782 t = va_arg(ap, const char *);
5796 char *strrep(const char *s, unsigned n) {
5804 p = r = malloc(l * n + 1);
5808 for (i = 0; i < n; i++)
5815 void* greedy_realloc(void **p, size_t *allocated, size_t need) {
5822 if (*allocated >= need)
5825 a = MAX(64u, need * 2);
5827 /* check for overflows */
5840 void* greedy_realloc0(void **p, size_t *allocated, size_t need) {
5849 q = greedy_realloc(p, allocated, need);
5853 if (*allocated > prev)
5854 memzero(&q[prev], *allocated - prev);
5859 bool id128_is_valid(const char *s) {
5865 /* Simple formatted 128bit hex string */
5867 for (i = 0; i < l; i++) {
5870 if (!(c >= '0' && c <= '9') &&
5871 !(c >= 'a' && c <= 'z') &&
5872 !(c >= 'A' && c <= 'Z'))
5876 } else if (l == 36) {
5878 /* Formatted UUID */
5880 for (i = 0; i < l; i++) {
5883 if ((i == 8 || i == 13 || i == 18 || i == 23)) {
5887 if (!(c >= '0' && c <= '9') &&
5888 !(c >= 'a' && c <= 'z') &&
5889 !(c >= 'A' && c <= 'Z'))
5900 int split_pair(const char *s, const char *sep, char **l, char **r) {
5915 a = strndup(s, x - s);
5919 b = strdup(x + strlen(sep));
5931 int shall_restore_state(void) {
5932 _cleanup_free_ char *line;
5937 r = proc_cmdline(&line);
5940 if (r == 0) /* Container ... */
5943 FOREACH_WORD_QUOTED(w, l, line, state)
5944 if (l == 23 && strneq(w, "systemd.restore_state=0", 23))
5950 int proc_cmdline(char **ret) {
5953 if (detect_container(NULL) > 0) {
5954 char *buf = NULL, *p;
5957 r = read_full_file("/proc/1/cmdline", &buf, &sz);
5961 for (p = buf; p + 1 < buf + sz; p++)
5970 r = read_one_line_file("/proc/cmdline", ret);
5977 int parse_proc_cmdline(int (*parse_word)(const char *word)) {
5978 _cleanup_free_ char *line = NULL;
5983 r = proc_cmdline(&line);
5985 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
5989 FOREACH_WORD_QUOTED(w, l, line, state) {
5990 _cleanup_free_ char *word;
5992 word = strndup(w, l);
5996 r = parse_word(word);
5998 log_error("Failed on cmdline argument %s: %s", word, strerror(-r));
6006 int container_get_leader(const char *machine, pid_t *pid) {
6007 _cleanup_free_ char *s = NULL, *class = NULL;
6015 p = strappenda("/run/systemd/machines/", machine);
6016 r = parse_env_file(p, NEWLINE, "LEADER", &s, "CLASS", &class, NULL);
6024 if (!streq_ptr(class, "container"))
6027 r = parse_pid(s, &leader);
6037 int namespace_open(pid_t pid, int *pidns_fd, int *mntns_fd, int *root_fd) {
6038 _cleanup_close_ int pidnsfd = -1, mntnsfd = -1;
6039 const char *pidns, *mntns, *root;
6047 mntns = procfs_file_alloca(pid, "ns/mnt");
6048 mntnsfd = open(mntns, O_RDONLY|O_NOCTTY|O_CLOEXEC);
6052 pidns = procfs_file_alloca(pid, "ns/pid");
6053 pidnsfd = open(pidns, O_RDONLY|O_NOCTTY|O_CLOEXEC);
6057 root = procfs_file_alloca(pid, "root");
6058 rfd = open(root, O_RDONLY|O_NOCTTY|O_CLOEXEC|O_DIRECTORY);
6062 *pidns_fd = pidnsfd;
6063 *mntns_fd = mntnsfd;
6071 int namespace_enter(int pidns_fd, int mntns_fd, int root_fd) {
6072 assert(pidns_fd >= 0);
6073 assert(mntns_fd >= 0);
6074 assert(root_fd >= 0);
6076 if (setns(pidns_fd, CLONE_NEWPID) < 0)
6079 if (setns(mntns_fd, CLONE_NEWNS) < 0)
6082 if (fchdir(root_fd) < 0)
6085 if (chroot(".") < 0)
6088 if (setresgid(0, 0, 0) < 0)
6091 if (setresuid(0, 0, 0) < 0)
6097 bool pid_is_unwaited(pid_t pid) {
6098 /* Checks whether a PID is still valid at all, including a zombie */
6103 if (kill(pid, 0) >= 0)
6106 return errno != ESRCH;
6109 bool pid_is_alive(pid_t pid) {
6112 /* Checks whether a PID is still valid and not a zombie */
6117 r = get_process_state(pid);
6118 if (r == -ENOENT || r == 'Z')
6124 int getpeercred(int fd, struct ucred *ucred) {
6125 socklen_t n = sizeof(struct ucred);
6132 r = getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &u, &n);
6136 if (n != sizeof(struct ucred))
6139 /* Check if the data is actually useful and not suppressed due
6140 * to namespacing issues */
6148 int getpeersec(int fd, char **ret) {
6160 r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n);
6164 if (errno != ERANGE)
6171 r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n);
6187 /* This is much like like mkostemp() but is subject to umask(). */
6188 int mkostemp_safe(char *pattern, int flags) {
6189 _cleanup_umask_ mode_t u;
6196 fd = mkostemp(pattern, flags);
6203 int open_tmpfile(const char *path, int flags) {
6210 /* Try O_TMPFILE first, if it is supported */
6211 fd = open(path, flags|O_TMPFILE, S_IRUSR|S_IWUSR);
6216 /* Fall back to unguessable name + unlinking */
6217 p = strappenda(path, "/systemd-tmp-XXXXXX");
6219 fd = mkostemp_safe(p, flags);
6227 int fd_warn_permissions(const char *path, int fd) {
6230 if (fstat(fd, &st) < 0)
6233 if (st.st_mode & 0111)
6234 log_warning("Configuration file %s is marked executable. Please remove executable permission bits. Proceeding anyway.", path);
6236 if (st.st_mode & 0002)
6237 log_warning("Configuration file %s is marked world-writable. Please remove world writability permission bits. Proceeding anyway.", path);
6239 if (getpid() == 1 && (st.st_mode & 0044) != 0044)
6240 log_warning("Configuration file %s is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.", path);
6245 unsigned long personality_from_string(const char *p) {
6247 /* Parse a personality specifier. We introduce our own
6248 * identifiers that indicate specific ABIs, rather than just
6249 * hints regarding the register size, since we want to keep
6250 * things open for multiple locally supported ABIs for the
6251 * same register size. We try to reuse the ABI identifiers
6252 * used by libseccomp. */
6254 #if defined(__x86_64__)
6256 if (streq(p, "x86"))
6259 if (streq(p, "x86-64"))
6262 #elif defined(__i386__)
6264 if (streq(p, "x86"))
6268 /* personality(7) documents that 0xffffffffUL is used for
6269 * querying the current personality, hence let's use that here
6270 * as error indicator. */
6271 return 0xffffffffUL;
6274 const char* personality_to_string(unsigned long p) {
6276 #if defined(__x86_64__)
6278 if (p == PER_LINUX32)
6284 #elif defined(__i386__)