int clock_apply_epoch(void) {
struct timespec ts;
if (now(CLOCK_REALTIME) >= TIME_EPOCH_USEC)
return 0;
if (clock_settime(CLOCK_REALTIME, timespec_store(&ts, TIME_EPOCH_USEC)) < 0)
return -errno;
return 1;
}
int pipe_eof(int fd) {
struct pollfd pollfd = {
.fd = fd,
.events = POLLIN|POLLHUP,
};
int r;
r = poll(&pollfd, 1, 0);
if (r < 0)
return -errno;
if (r == 0)
return 0;
return pollfd.revents & POLLHUP;
}
int fd_wait_for_event(int fd, int event, usec_t t) {
struct pollfd pollfd = {
.fd = fd,
.events = event,
};
struct timespec ts;
int r;
r = ppoll(&pollfd, 1, t == USEC_INFINITY ? NULL : timespec_store(&ts, t), NULL);
if (r < 0)
return -errno;
if (r == 0)
return 0;
return pollfd.revents;
}
static size_t nul_length(const uint8_t *p, size_t sz) {
size_t n = 0;
while (sz > 0) {
if (*p != 0)
break;
n++;
p++;
sz--;
}
return n;
}
static int load_clock_timestamp(uid_t uid, gid_t gid) {
_cleanup_close_ int fd = -1;
usec_t min = TIME_EPOCH * USEC_PER_SEC;
usec_t ct;
int r;
/* Let's try to make sure that the clock is always
* monotonically increasing, by saving the clock whenever we
* have a new NTP time, or when we shut down, and restoring it
* when we start again. This is particularly helpful on
* systems lacking a battery backed RTC. We also will adjust
* the time to at least the build time of systemd. */
fd = open("/var/lib/systemd/clock", O_RDWR|O_CLOEXEC, 0644);
if (fd >= 0) {
struct stat st;
usec_t stamp;
/* check if the recorded time is later than the compiled-in one */
r = fstat(fd, &st);
if (r >= 0) {
stamp = timespec_load(&st.st_mtim);
if (stamp > min)
min = stamp;
}
/* Try to fix the access mode, so that we can still
touch the file after dropping priviliges */
fchmod(fd, 0644);
fchown(fd, uid, gid);
} else
/* create stamp file with the compiled-in date */
touch_file("/var/lib/systemd/clock", true, min, uid, gid, 0644);
ct = now(CLOCK_REALTIME);
if (ct < min) {
struct timespec ts;
char date[FORMAT_TIMESTAMP_MAX];
log_info("System clock time unset or jumped backwards, restoring from recorded timestamp: %s",
format_timestamp(date, sizeof(date), min));
if (clock_settime(CLOCK_REALTIME, timespec_store(&ts, min)) < 0)
log_error_errno(errno, "Failed to restore system clock: %m");
}
return 0;
}
static int timeout_arm(EpollData *e) {
struct itimerspec its;
assert(e);
assert(e->is_timeout);
zero(its);
if (dbus_timeout_get_enabled(e->object)) {
timespec_store(&its.it_value, dbus_timeout_get_interval(e->object) * USEC_PER_MSEC);
its.it_interval = its.it_value;
}
if (timerfd_settime(e->fd, 0, &its, NULL) < 0)
return -errno;
return 0;
}
int fd_wait_for_event(int fd, int event, usec_t t) {
struct pollfd pollfd = {
.fd = fd,
.events = event,
};
struct timespec ts;
int r;
r = ppoll(&pollfd, 1, t == USEC_INFINITY ? NULL : timespec_store(&ts, t), NULL);
if (r < 0)
return -errno;
if (r == 0)
return 0;
return pollfd.revents;
}
static void wait_for_children(int n_processes, sigset_t *mask) {
usec_t until;
assert(mask);
until = now(CLOCK_MONOTONIC) + TIMEOUT_USEC;
for (;;) {
struct timespec ts;
int k;
usec_t n;
for (;;) {
pid_t pid = waitpid(-1, NULL, WNOHANG);
if (pid == 0)
break;
if (pid < 0 && errno == ECHILD)
return;
if (n_processes > 0)
if (--n_processes == 0)
return;
}
n = now(CLOCK_MONOTONIC);
if (n >= until)
return;
timespec_store(&ts, until - n);
if ((k = sigtimedwait(mask, NULL, &ts)) != SIGCHLD) {
if (k < 0 && errno != EAGAIN) {
log_error("sigtimedwait() failed: %m");
return;
}
if (k >= 0)
log_warning("sigtimedwait() returned unexpected signal.");
}
}
}
int touch_file(const char *path, bool parents, usec_t stamp, uid_t uid, gid_t gid, mode_t mode) {
_cleanup_close_ int fd;
int r;
assert(path);
if (parents)
mkdir_parents(path, 0755);
fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY,
(mode == 0 || mode == MODE_INVALID) ? 0644 : mode);
if (fd < 0)
return -errno;
if (mode != MODE_INVALID) {
r = fchmod(fd, mode);
if (r < 0)
return -errno;
}
if (uid != UID_INVALID || gid != GID_INVALID) {
r = fchown(fd, uid, gid);
if (r < 0)
return -errno;
}
if (stamp != USEC_INFINITY) {
struct timespec ts[2];
timespec_store(&ts[0], stamp);
ts[1] = ts[0];
r = futimens(fd, ts);
} else
r = futimens(fd, NULL);
if (r < 0)
return -errno;
return 0;
}
int main(int argc, char *argv[]) {
_cleanup_(sd_bus_unrefp) sd_bus *a = NULL, *b = NULL;
sd_id128_t server_id;
bool is_unix;
int r, in_fd, out_fd;
log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
log_parse_environment();
log_open();
r = parse_argv(argc, argv);
if (r <= 0)
goto finish;
r = sd_listen_fds(0);
if (r == 0) {
in_fd = STDIN_FILENO;
out_fd = STDOUT_FILENO;
} else if (r == 1) {
in_fd = SD_LISTEN_FDS_START;
out_fd = SD_LISTEN_FDS_START;
} else {
log_error("Illegal number of file descriptors passed\n");
goto finish;
}
is_unix =
sd_is_socket(in_fd, AF_UNIX, 0, 0) > 0 &&
sd_is_socket(out_fd, AF_UNIX, 0, 0) > 0;
r = sd_bus_new(&a);
if (r < 0) {
log_error_errno(r, "Failed to allocate bus: %m");
goto finish;
}
r = sd_bus_set_address(a, arg_bus_path);
if (r < 0) {
log_error_errno(r, "Failed to set address to connect to: %m");
goto finish;
}
r = sd_bus_negotiate_fds(a, is_unix);
if (r < 0) {
log_error_errno(r, "Failed to set FD negotiation: %m");
goto finish;
}
r = sd_bus_start(a);
if (r < 0) {
log_error_errno(r, "Failed to start bus client: %m");
goto finish;
}
r = sd_bus_get_bus_id(a, &server_id);
if (r < 0) {
log_error_errno(r, "Failed to get server ID: %m");
goto finish;
}
r = sd_bus_new(&b);
if (r < 0) {
log_error_errno(r, "Failed to allocate bus: %m");
goto finish;
}
r = sd_bus_set_fd(b, in_fd, out_fd);
if (r < 0) {
log_error_errno(r, "Failed to set fds: %m");
goto finish;
}
r = sd_bus_set_server(b, 1, server_id);
if (r < 0) {
log_error_errno(r, "Failed to set server mode: %m");
goto finish;
}
r = sd_bus_negotiate_fds(b, is_unix);
if (r < 0) {
log_error_errno(r, "Failed to set FD negotiation: %m");
goto finish;
}
r = sd_bus_set_anonymous(b, true);
if (r < 0) {
log_error_errno(r, "Failed to set anonymous authentication: %m");
goto finish;
}
r = sd_bus_start(b);
if (r < 0) {
log_error_errno(r, "Failed to start bus client: %m");
goto finish;
}
for (;;) {
_cleanup_(sd_bus_message_unrefp)sd_bus_message *m = NULL;
int events_a, events_b, fd;
uint64_t timeout_a, timeout_b, t;
struct timespec _ts, *ts;
r = sd_bus_process(a, &m);
if (r < 0) {
log_error_errno(r, "Failed to process bus a: %m");
goto finish;
}
if (m) {
r = sd_bus_send(b, m, NULL);
if (r < 0) {
log_error_errno(r, "Failed to send message: %m");
goto finish;
}
}
if (r > 0)
continue;
r = sd_bus_process(b, &m);
if (r < 0) {
/* treat 'connection reset by peer' as clean exit condition */
if (r == -ECONNRESET)
r = 0;
goto finish;
}
if (m) {
r = sd_bus_send(a, m, NULL);
if (r < 0) {
log_error_errno(r, "Failed to send message: %m");
goto finish;
}
}
if (r > 0)
continue;
fd = sd_bus_get_fd(a);
if (fd < 0) {
log_error_errno(r, "Failed to get fd: %m");
goto finish;
}
events_a = sd_bus_get_events(a);
if (events_a < 0) {
log_error_errno(r, "Failed to get events mask: %m");
goto finish;
}
r = sd_bus_get_timeout(a, &timeout_a);
if (r < 0) {
log_error_errno(r, "Failed to get timeout: %m");
goto finish;
}
events_b = sd_bus_get_events(b);
if (events_b < 0) {
log_error_errno(r, "Failed to get events mask: %m");
goto finish;
}
r = sd_bus_get_timeout(b, &timeout_b);
if (r < 0) {
log_error_errno(r, "Failed to get timeout: %m");
goto finish;
}
t = timeout_a;
if (t == (uint64_t) -1 || (timeout_b != (uint64_t) -1 && timeout_b < timeout_a))
t = timeout_b;
if (t == (uint64_t) -1)
ts = NULL;
else {
usec_t nw;
nw = now(CLOCK_MONOTONIC);
if (t > nw)
t -= nw;
else
t = 0;
ts = timespec_store(&_ts, t);
}
{
struct pollfd p[3] = {
{.fd = fd, .events = events_a, },
{.fd = STDIN_FILENO, .events = events_b & POLLIN, },
{.fd = STDOUT_FILENO, .events = events_b & POLLOUT, }};
static void wait_for_children(Set *pids, sigset_t *mask) {
usec_t until;
assert(mask);
if (set_isempty(pids))
return;
until = now(CLOCK_MONOTONIC) + TIMEOUT_USEC;
for (;;) {
struct timespec ts;
int k;
usec_t n;
void *p;
Iterator i;
/* First, let the kernel inform us about killed
* children. Most processes will probably be our
* children, but some are not (might be our
* grandchildren instead...). */
for (;;) {
pid_t pid;
pid = waitpid(-1, NULL, WNOHANG);
if (pid == 0)
break;
if (pid < 0) {
if (errno == ECHILD)
break;
log_error("waitpid() failed: %m");
return;
}
set_remove(pids, ULONG_TO_PTR(pid));
}
/* Now explicitly check who might be remaining, who
* might not be our child. */
SET_FOREACH(p, pids, i) {
/* We misuse getpgid as a check whether a
* process still exists. */
if (getpgid((pid_t) PTR_TO_ULONG(p)) >= 0)
continue;
if (errno != ESRCH)
continue;
set_remove(pids, p);
}
if (set_isempty(pids))
return;
n = now(CLOCK_MONOTONIC);
if (n >= until)
return;
timespec_store(&ts, until - n);
k = sigtimedwait(mask, NULL, &ts);
if (k != SIGCHLD) {
if (k < 0 && errno != EAGAIN) {
log_error("sigtimedwait() failed: %m");
return;
}
if (k >= 0)
log_warning("sigtimedwait() returned unexpected signal.");
}
}
}
static int condition_test_needs_update(Condition *c) {
const char *p;
struct stat usr, other;
assert(c);
assert(c->parameter);
assert(c->type == CONDITION_NEEDS_UPDATE);
/* If the file system is read-only we shouldn't suggest an update */
if (path_is_read_only_fs(c->parameter) > 0)
return false;
/* Any other failure means we should allow the condition to be true,
* so that we rather invoke too many update tools than too
* few. */
if (!path_is_absolute(c->parameter))
return true;
p = strjoina(c->parameter, "/.updated");
if (lstat(p, &other) < 0)
return true;
if (lstat("/usr/", &usr) < 0)
return true;
/*
* First, compare seconds as they are always accurate...
*/
if (usr.st_mtim.tv_sec != other.st_mtim.tv_sec)
return usr.st_mtim.tv_sec > other.st_mtim.tv_sec;
/*
* ...then compare nanoseconds.
*
* A false positive is only possible when /usr's nanoseconds > 0
* (otherwise /usr cannot be strictly newer than the target file)
* AND the target file's nanoseconds == 0
* (otherwise the filesystem supports nsec timestamps, see stat(2)).
*/
if (usr.st_mtim.tv_nsec > 0 && other.st_mtim.tv_nsec == 0) {
_cleanup_free_ char *timestamp_str = NULL;
uint64_t timestamp;
int r;
r = parse_env_file(p, NULL, "TIMESTAMP_NSEC", ×tamp_str, NULL);
if (r < 0) {
log_error_errno(r, "Failed to parse timestamp file '%s', using mtime: %m", p);
return true;
} else if (r == 0) {
log_debug("No data in timestamp file '%s', using mtime", p);
return true;
}
r = safe_atou64(timestamp_str, ×tamp);
if (r < 0) {
log_error_errno(r, "Failed to parse timestamp value '%s' in file '%s', using mtime: %m", timestamp_str, p);
return true;
}
timespec_store(&other.st_mtim, timestamp);
}
return usr.st_mtim.tv_nsec > other.st_mtim.tv_nsec;
}
int main(int argc, char *argv[]) {
enum {
FD_SOCKET,
FD_WALL_TIMER,
FD_NOLOGIN_TIMER,
FD_SHUTDOWN_TIMER,
_FD_MAX
};
int r = EXIT_FAILURE, n_fds;
int one = 1;
struct shutdownd_command c;
struct pollfd pollfd[_FD_MAX];
bool exec_shutdown = false, unlink_nologin = false, failed = false;
unsigned i;
if (getppid() != 1) {
log_error("This program should be invoked by init only.");
return EXIT_FAILURE;
}
if (argc > 1) {
log_error("This program does not take arguments.");
return EXIT_FAILURE;
}
log_set_target(LOG_TARGET_SYSLOG_OR_KMSG);
log_parse_environment();
log_open();
if ((n_fds = sd_listen_fds(true)) < 0) {
log_error("Failed to read listening file descriptors from environment: %s", strerror(-r));
return EXIT_FAILURE;
}
if (n_fds != 1) {
log_error("Need exactly one file descriptor.");
return EXIT_FAILURE;
}
if (setsockopt(SD_LISTEN_FDS_START, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0) {
log_error("SO_PASSCRED failed: %m");
return EXIT_FAILURE;
}
zero(c);
zero(pollfd);
pollfd[FD_SOCKET].fd = SD_LISTEN_FDS_START;
pollfd[FD_SOCKET].events = POLLIN;
for (i = 0; i < _FD_MAX; i++) {
if (i == FD_SOCKET)
continue;
pollfd[i].events = POLLIN;
if ((pollfd[i].fd = timerfd_create(CLOCK_REALTIME, TFD_NONBLOCK|TFD_CLOEXEC)) < 0) {
log_error("timerfd_create(): %m");
failed = true;
}
}
if (failed)
goto finish;
log_debug("systemd-shutdownd running as pid %lu", (unsigned long) getpid());
sd_notify(false,
"READY=1\n"
"STATUS=Processing requests...");
do {
int k;
usec_t n;
if (poll(pollfd, _FD_MAX, -1) < 0) {
if (errno == EAGAIN || errno == EINTR)
continue;
log_error("poll(): %m");
goto finish;
}
n = now(CLOCK_REALTIME);
if (pollfd[FD_SOCKET].revents) {
if ((k = read_packet(pollfd[FD_SOCKET].fd, &c)) < 0)
goto finish;
else if (k > 0 && c.elapse > 0) {
struct itimerspec its;
char date[FORMAT_TIMESTAMP_MAX];
if (c.warn_wall) {
/* Send wall messages every so often */
zero(its);
timespec_store(&its.it_value, when_wall(n, c.elapse));
if (timerfd_settime(pollfd[FD_WALL_TIMER].fd, TFD_TIMER_ABSTIME, &its, NULL) < 0) {
log_error("timerfd_settime(): %m");
goto finish;
}
/* Warn immediately if less than 15 minutes are left */
if (n < c.elapse &&
n + 15*USEC_PER_MINUTE >= c.elapse)
warn_wall(n, &c);
}
/* Disallow logins 5 minutes prior to shutdown */
zero(its);
timespec_store(&its.it_value, when_nologin(c.elapse));
if (timerfd_settime(pollfd[FD_NOLOGIN_TIMER].fd, TFD_TIMER_ABSTIME, &its, NULL) < 0) {
log_error("timerfd_settime(): %m");
goto finish;
}
/* Shutdown after the specified time is reached */
zero(its);
timespec_store(&its.it_value, c.elapse);
if (timerfd_settime(pollfd[FD_SHUTDOWN_TIMER].fd, TFD_TIMER_ABSTIME, &its, NULL) < 0) {
log_error("timerfd_settime(): %m");
goto finish;
}
sd_notifyf(false,
"STATUS=Shutting down at %s...",
format_timestamp(date, sizeof(date), c.elapse));
}
}
if (pollfd[FD_WALL_TIMER].revents) {
struct itimerspec its;
warn_wall(n, &c);
flush_fd(pollfd[FD_WALL_TIMER].fd);
/* Restart timer */
zero(its);
timespec_store(&its.it_value, when_wall(n, c.elapse));
if (timerfd_settime(pollfd[FD_WALL_TIMER].fd, TFD_TIMER_ABSTIME, &its, NULL) < 0) {
log_error("timerfd_settime(): %m");
goto finish;
}
}
if (pollfd[FD_NOLOGIN_TIMER].revents) {
int e;
log_info("Creating /run/nologin, blocking further logins...");
if ((e = write_one_line_file("/run/nologin", "System is going down.")) < 0)
log_error("Failed to create /run/nologin: %s", strerror(-e));
else
unlink_nologin = true;
flush_fd(pollfd[FD_NOLOGIN_TIMER].fd);
}
if (pollfd[FD_SHUTDOWN_TIMER].revents) {
exec_shutdown = true;
goto finish;
}
} while (c.elapse > 0);
r = EXIT_SUCCESS;
log_debug("systemd-shutdownd stopped as pid %lu", (unsigned long) getpid());
finish:
for (i = 0; i < _FD_MAX; i++)
if (pollfd[i].fd >= 0)
close_nointr_nofail(pollfd[i].fd);
if (unlink_nologin)
unlink("/run/nologin");
if (exec_shutdown) {
char sw[3];
sw[0] = '-';
sw[1] = c.mode;
sw[2] = 0;
execl(SYSTEMCTL_BINARY_PATH,
"shutdown",
sw,
"now",
(c.warn_wall && c.wall_message[0]) ? c.wall_message :
(c.warn_wall ? NULL : "--no-wall"),
NULL);
log_error("Failed to execute /sbin/shutdown: %m");
}
sd_notify(false,
"STATUS=Exiting...");
return r;
}
int main(int argc, char *argv[]) {
_cleanup_bus_unref_ sd_bus *a = NULL, *b = NULL;
sd_id128_t server_id;
bool is_unix;
int r;
if (argc > 1) {
log_error("This program takes no argument.");
return EXIT_FAILURE;
}
log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
log_parse_environment();
log_open();
is_unix =
sd_is_socket(STDIN_FILENO, AF_UNIX, 0, 0) > 0 &&
sd_is_socket(STDOUT_FILENO, AF_UNIX, 0, 0) > 0;
r = sd_bus_new(&a);
if (r < 0) {
log_error("Failed to allocate bus: %s", strerror(-r));
goto finish;
}
r = sd_bus_set_address(a, "unix:path=/run/dbus/system_bus_socket");
if (r < 0) {
log_error("Failed to set address to connect to: %s", strerror(-r));
goto finish;
}
r = sd_bus_set_negotiate_fds(a, is_unix);
if (r < 0) {
log_error("Failed to set FD negotiation: %s", strerror(-r));
goto finish;
}
r = sd_bus_start(a);
if (r < 0) {
log_error("Failed to start bus client: %s", strerror(-r));
goto finish;
}
r = sd_bus_get_server_id(a, &server_id);
if (r < 0) {
log_error("Failed to get server ID: %s", strerror(-r));
goto finish;
}
r = sd_bus_new(&b);
if (r < 0) {
log_error("Failed to allocate bus: %s", strerror(-r));
goto finish;
}
r = sd_bus_set_fd(b, STDIN_FILENO, STDOUT_FILENO);
if (r < 0) {
log_error("Failed to set fds: %s", strerror(-r));
goto finish;
}
r = sd_bus_set_server(b, 1, server_id);
if (r < 0) {
log_error("Failed to set server mode: %s", strerror(-r));
goto finish;
}
r = sd_bus_set_negotiate_fds(b, is_unix);
if (r < 0) {
log_error("Failed to set FD negotiation: %s", strerror(-r));
goto finish;
}
r = sd_bus_set_anonymous(b, true);
if (r < 0) {
log_error("Failed to set anonymous authentication: %s", strerror(-r));
goto finish;
}
r = sd_bus_start(b);
if (r < 0) {
log_error("Failed to start bus client: %s", strerror(-r));
goto finish;
}
for (;;) {
_cleanup_bus_message_unref_ sd_bus_message *m = NULL;
int events_a, events_b, fd;
uint64_t timeout_a, timeout_b, t;
struct timespec _ts, *ts;
r = sd_bus_process(a, &m);
if (r < 0) {
log_error("Failed to process bus: %s", strerror(-r));
goto finish;
}
if (m) {
r = sd_bus_send(b, m, NULL);
if (r < 0) {
log_error("Failed to send message: %s", strerror(-r));
goto finish;
}
}
if (r > 0)
continue;
r = sd_bus_process(b, &m);
if (r < 0) {
log_error("Failed to process bus: %s", strerror(-r));
goto finish;
}
if (m) {
r = sd_bus_send(a, m, NULL);
if (r < 0) {
log_error("Failed to send message: %s", strerror(-r));
goto finish;
}
}
if (r > 0)
continue;
fd = sd_bus_get_fd(a);
if (fd < 0) {
log_error("Failed to get fd: %s", strerror(-r));
goto finish;
}
events_a = sd_bus_get_events(a);
if (events_a < 0) {
log_error("Failed to get events mask: %s", strerror(-r));
goto finish;
}
r = sd_bus_get_timeout(a, &timeout_a);
if (r < 0) {
log_error("Failed to get timeout: %s", strerror(-r));
goto finish;
}
events_b = sd_bus_get_events(b);
if (events_b < 0) {
log_error("Failed to get events mask: %s", strerror(-r));
goto finish;
}
r = sd_bus_get_timeout(b, &timeout_b);
if (r < 0) {
log_error("Failed to get timeout: %s", strerror(-r));
goto finish;
}
t = timeout_a;
if (t == (uint64_t) -1 || (timeout_b != (uint64_t) -1 && timeout_b < timeout_a))
t = timeout_b;
if (t == (uint64_t) -1)
ts = NULL;
else {
usec_t nw;
nw = now(CLOCK_MONOTONIC);
if (t > nw)
t -= nw;
else
t = 0;
ts = timespec_store(&_ts, t);
}
{
struct pollfd p[3] = {
{.fd = fd, .events = events_a, },
{.fd = STDIN_FILENO, .events = events_b & POLLIN, },
{.fd = STDOUT_FILENO, .events = events_b & POLLOUT, }};
int stub_pid1(sd_id128_t uuid) {
enum {
STATE_RUNNING,
STATE_REBOOT,
STATE_POWEROFF,
} state = STATE_RUNNING;
sigset_t fullmask, oldmask, waitmask;
usec_t quit_usec = USEC_INFINITY;
pid_t pid;
int r;
/* The new environment we set up, on the stack. */
char new_environment[] =
"container=systemd-nspawn\0"
"container_uuid=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
/* Implements a stub PID 1, that reaps all processes and processes a couple of standard signals. This is useful
* for allowing arbitrary processes run in a container, and still have all zombies reaped. */
assert_se(sigfillset(&fullmask) >= 0);
assert_se(sigprocmask(SIG_BLOCK, &fullmask, &oldmask) >= 0);
pid = fork();
if (pid < 0)
return log_error_errno(errno, "Failed to fork child pid: %m");
if (pid == 0) {
/* Return in the child */
assert_se(sigprocmask(SIG_SETMASK, &oldmask, NULL) >= 0);
setsid();
return 0;
}
reset_all_signal_handlers();
log_close();
close_all_fds(NULL, 0);
log_open();
/* Flush out /proc/self/environ, so that we don't leak the environment from the host into the container. Also,
* set $container= and $container_uuid= so that clients in the container that query it from /proc/1/environ
* find them set set. */
sd_id128_to_string(uuid, new_environment + sizeof(new_environment) - SD_ID128_STRING_MAX);
reset_environ(new_environment, sizeof(new_environment));
rename_process("STUBINIT");
assert_se(sigemptyset(&waitmask) >= 0);
assert_se(sigset_add_many(&waitmask,
SIGCHLD, /* posix: process died */
SIGINT, /* sysv: ctrl-alt-del */
SIGRTMIN+3, /* systemd: halt */
SIGRTMIN+4, /* systemd: poweroff */
SIGRTMIN+5, /* systemd: reboot */
SIGRTMIN+6, /* systemd: kexec */
SIGRTMIN+13, /* systemd: halt */
SIGRTMIN+14, /* systemd: poweroff */
SIGRTMIN+15, /* systemd: reboot */
SIGRTMIN+16, /* systemd: kexec */
-1) >= 0);
/* Note that we ignore SIGTERM (sysv's reexec), SIGHUP (reload), and all other signals here, since we don't
* support reexec/reloading in this stub process. */
for (;;) {
siginfo_t si;
usec_t current_usec;
si.si_pid = 0;
r = waitid(P_ALL, 0, &si, WEXITED|WNOHANG);
if (r < 0) {
r = log_error_errno(errno, "Failed to reap children: %m");
goto finish;
}
current_usec = now(CLOCK_MONOTONIC);
if (si.si_pid == pid || current_usec >= quit_usec) {
/* The child we started ourselves died or we reached a timeout. */
if (state == STATE_REBOOT) { /* dispatch a queued reboot */
(void) reboot(RB_AUTOBOOT);
r = log_error_errno(errno, "Failed to reboot: %m");
goto finish;
} else if (state == STATE_POWEROFF)
(void) reboot(RB_POWER_OFF); /* if this fails, fall back to normal exit. */
if (si.si_pid == pid && si.si_code == CLD_EXITED)
r = si.si_status; /* pass on exit code */
else
r = 255; /* signal, coredump, timeout, … */
goto finish;
}
if (si.si_pid != 0)
/* We reaped something. Retry until there's nothing more to reap. */
continue;
if (quit_usec == USEC_INFINITY)
r = sigwaitinfo(&waitmask, &si);
else {
struct timespec ts;
r = sigtimedwait(&waitmask, &si, timespec_store(&ts, quit_usec - current_usec));
}
if (r < 0) {
if (errno == EINTR) /* strace -p attach can result in EINTR, let's handle this nicely. */
continue;
if (errno == EAGAIN) /* timeout reached */
continue;
r = log_error_errno(errno, "Failed to wait for signal: %m");
goto finish;
}
if (si.si_signo == SIGCHLD)
continue; /* Let's reap this */
if (state != STATE_RUNNING)
continue;
/* Would love to use a switch() statement here, but SIGRTMIN is actually a function call, not a
* constant… */
if (si.si_signo == SIGRTMIN+3 ||
si.si_signo == SIGRTMIN+4 ||
si.si_signo == SIGRTMIN+13 ||
si.si_signo == SIGRTMIN+14)
state = STATE_POWEROFF;
else if (si.si_signo == SIGINT ||
si.si_signo == SIGRTMIN+5 ||
si.si_signo == SIGRTMIN+6 ||
si.si_signo == SIGRTMIN+15 ||
si.si_signo == SIGRTMIN+16)
state = STATE_REBOOT;
else
assert_not_reached("Got unexpected signal");
/* (void) kill_and_sigcont(pid, SIGTERM); */
quit_usec = now(CLOCK_MONOTONIC) + DEFAULT_TIMEOUT_USEC;
}
finish:
_exit(r < 0 ? EXIT_FAILURE : r);
}
