int rm_rf(const char *path, RemoveFlags flags) { int fd, r; struct statfs s; assert(path); /* We refuse to clean the root file system with this * call. This is extra paranoia to never cause a really * seriously broken system. */ if (path_equal_or_files_same(path, "/", AT_SYMLINK_NOFOLLOW)) { log_error("Attempted to remove entire root file system (\"%s\"), and we can't allow that.", path); return -EPERM; } if (FLAGS_SET(flags, REMOVE_SUBVOLUME | REMOVE_ROOT | REMOVE_PHYSICAL)) { /* Try to remove as subvolume first */ r = btrfs_subvol_remove(path, BTRFS_REMOVE_RECURSIVE|BTRFS_REMOVE_QUOTA); if (r >= 0) return r; if (!IN_SET(r, -ENOTTY, -EINVAL, -ENOTDIR)) return r; /* Not btrfs or not a subvolume */ } fd = open(path, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME); if (fd < 0) { if (!IN_SET(errno, ENOTDIR, ELOOP)) return -errno; if (!(flags & REMOVE_PHYSICAL)) { if (statfs(path, &s) < 0) return -errno; if (is_physical_fs(&s)) { log_error("Attempted to remove files from a disk file system under \"%s\", refusing.", path); return -EPERM; } } if ((flags & REMOVE_ROOT) && !(flags & REMOVE_ONLY_DIRECTORIES)) if (unlink(path) < 0 && errno != ENOENT) return -errno; return 0; } r = rm_rf_children(fd, flags, NULL); if (flags & REMOVE_ROOT) { if (rmdir(path) < 0) { if (r == 0 && errno != ENOENT) r = -errno; } } return r; }
void xfrd_setup_packet(buffer_type* packet, uint16_t type, uint16_t klass, const dname_type* dname) { /* Set up the header */ buffer_clear(packet); ID_SET(packet, qid_generate()); FLAGS_SET(packet, 0); OPCODE_SET(packet, OPCODE_QUERY); QDCOUNT_SET(packet, 1); ANCOUNT_SET(packet, 0); NSCOUNT_SET(packet, 0); ARCOUNT_SET(packet, 0); buffer_skip(packet, QHEADERSZ); /* The question record. */ buffer_write(packet, dname_name(dname), dname->name_size); buffer_write_u16(packet, type); buffer_write_u16(packet, klass); }
static int condition_test_control_group_controller(Condition *c) { int r; CGroupMask system_mask, wanted_mask = 0; assert(c); assert(c->parameter); assert(c->type == CONDITION_CONTROL_GROUP_CONTROLLER); r = cg_mask_supported(&system_mask); if (r < 0) return log_debug_errno(r, "Failed to determine supported controllers: %m"); r = cg_mask_from_string(c->parameter, &wanted_mask); if (r < 0 || wanted_mask <= 0) { /* This won't catch the case that we have an unknown controller * mixed in with valid ones -- these are only assessed on the * validity of the valid controllers found. */ log_debug("Failed to parse cgroup string: %s", c->parameter); return 1; } return FLAGS_SET(system_mask, wanted_mask); }
int emergency_action( Manager *m, EmergencyAction action, EmergencyActionFlags options, const char *reboot_arg, int exit_status, const char *reason) { assert(m); assert(action >= 0); assert(action < _EMERGENCY_ACTION_MAX); if (action == EMERGENCY_ACTION_NONE) return -ECANCELED; if (FLAGS_SET(options, EMERGENCY_ACTION_IS_WATCHDOG) && !m->service_watchdogs) { log_warning("Watchdog disabled! Not acting on: %s", reason); return -ECANCELED; } bool warn = FLAGS_SET(options, EMERGENCY_ACTION_WARN); switch (action) { case EMERGENCY_ACTION_REBOOT: log_and_status(m, warn, "Rebooting", reason); (void) update_reboot_parameter_and_warn(reboot_arg); (void) manager_add_job_by_name_and_warn(m, JOB_START, SPECIAL_REBOOT_TARGET, JOB_REPLACE_IRREVERSIBLY, NULL); break; case EMERGENCY_ACTION_REBOOT_FORCE: log_and_status(m, warn, "Forcibly rebooting", reason); (void) update_reboot_parameter_and_warn(reboot_arg); m->objective = MANAGER_REBOOT; break; case EMERGENCY_ACTION_REBOOT_IMMEDIATE: log_and_status(m, warn, "Rebooting immediately", reason); sync(); if (!isempty(reboot_arg)) { log_info("Rebooting with argument '%s'.", reboot_arg); (void) raw_reboot(LINUX_REBOOT_CMD_RESTART2, reboot_arg); log_warning_errno(errno, "Failed to reboot with parameter, retrying without: %m"); } log_info("Rebooting."); (void) reboot(RB_AUTOBOOT); break; case EMERGENCY_ACTION_EXIT: if (exit_status >= 0) m->return_value = exit_status; if (MANAGER_IS_USER(m) || detect_container() > 0) { log_and_status(m, warn, "Exiting", reason); (void) manager_add_job_by_name_and_warn(m, JOB_START, SPECIAL_EXIT_TARGET, JOB_REPLACE_IRREVERSIBLY, NULL); break; } log_notice("Doing \"poweroff\" action instead of an \"exit\" emergency action."); _fallthrough_; case EMERGENCY_ACTION_POWEROFF: log_and_status(m, warn, "Powering off", reason); (void) manager_add_job_by_name_and_warn(m, JOB_START, SPECIAL_POWEROFF_TARGET, JOB_REPLACE_IRREVERSIBLY, NULL); break; case EMERGENCY_ACTION_EXIT_FORCE: if (exit_status >= 0) m->return_value = exit_status; if (MANAGER_IS_USER(m) || detect_container() > 0) { log_and_status(m, warn, "Exiting immediately", reason); m->objective = MANAGER_EXIT; break; } log_notice("Doing \"poweroff-force\" action instead of an \"exit-force\" emergency action."); _fallthrough_; case EMERGENCY_ACTION_POWEROFF_FORCE: log_and_status(m, warn, "Forcibly powering off", reason); m->objective = MANAGER_POWEROFF; break; case EMERGENCY_ACTION_POWEROFF_IMMEDIATE: log_and_status(m, warn, "Powering off immediately", reason); sync(); log_info("Powering off."); (void) reboot(RB_POWER_OFF); break; default: assert_not_reached("Unknown emergency action"); } return -ECANCELED; }
int status_vprintf(const char *status, ShowStatusFlags flags, const char *format, va_list ap) { static const char status_indent[] = " "; /* "[" STATUS "] " */ _cleanup_free_ char *s = NULL; _cleanup_close_ int fd = -1; struct iovec iovec[7] = {}; int n = 0; static bool prev_ephemeral; assert(format); /* This is independent of logging, as status messages are * optional and go exclusively to the console. */ if (vasprintf(&s, format, ap) < 0) return log_oom(); /* Before you ask: yes, on purpose we open/close the console for each status line we write individually. This * is a good strategy to avoid PID 1 getting killed by the kernel's SAK concept (it doesn't fix this entirely, * but minimizes the time window the kernel might end up killing PID 1 due to SAK). It also makes things easier * for us so that we don't have to recover from hangups and suchlike triggered on the console. */ fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC); if (fd < 0) return fd; if (FLAGS_SET(flags, SHOW_STATUS_ELLIPSIZE)) { char *e; size_t emax, sl; int c; c = fd_columns(fd); if (c <= 0) c = 80; sl = status ? sizeof(status_indent)-1 : 0; emax = c - sl - 1; if (emax < 3) emax = 3; e = ellipsize(s, emax, 50); if (e) free_and_replace(s, e); } if (prev_ephemeral) iovec[n++] = IOVEC_MAKE_STRING(ANSI_REVERSE_LINEFEED "\r" ANSI_ERASE_TO_END_OF_LINE); if (status) { if (!isempty(status)) { iovec[n++] = IOVEC_MAKE_STRING("["); iovec[n++] = IOVEC_MAKE_STRING(status); iovec[n++] = IOVEC_MAKE_STRING("] "); } else iovec[n++] = IOVEC_MAKE_STRING(status_indent); } iovec[n++] = IOVEC_MAKE_STRING(s); iovec[n++] = IOVEC_MAKE_STRING("\n"); if (prev_ephemeral && !FLAGS_SET(flags, SHOW_STATUS_EPHEMERAL)) iovec[n++] = IOVEC_MAKE_STRING(ANSI_ERASE_TO_END_OF_LINE); prev_ephemeral = FLAGS_SET(flags, SHOW_STATUS_EPHEMERAL) ; if (writev(fd, iovec, n) < 0) return -errno; return 0; }
static int do_execute( char **directories, usec_t timeout, gather_stdout_callback_t const callbacks[_STDOUT_CONSUME_MAX], void* const callback_args[_STDOUT_CONSUME_MAX], int output_fd, char *argv[], char *envp[], ExecDirFlags flags) { _cleanup_hashmap_free_free_ Hashmap *pids = NULL; _cleanup_strv_free_ char **paths = NULL; char **path, **e; int r; bool parallel_execution; /* We fork this all off from a child process so that we can somewhat cleanly make * use of SIGALRM to set a time limit. * * We attempt to perform parallel execution if configured by the user, however * if `callbacks` is nonnull, execution must be serial. */ parallel_execution = FLAGS_SET(flags, EXEC_DIR_PARALLEL) && !callbacks; r = conf_files_list_strv(&paths, NULL, NULL, CONF_FILES_EXECUTABLE|CONF_FILES_REGULAR|CONF_FILES_FILTER_MASKED, (const char* const*) directories); if (r < 0) return log_error_errno(r, "Failed to enumerate executables: %m"); if (parallel_execution) { pids = hashmap_new(NULL); if (!pids) return log_oom(); } /* Abort execution of this process after the timout. We simply rely on SIGALRM as * default action terminating the process, and turn on alarm(). */ if (timeout != USEC_INFINITY) alarm(DIV_ROUND_UP(timeout, USEC_PER_SEC)); STRV_FOREACH(e, envp) if (putenv(*e) != 0) return log_error_errno(errno, "Failed to set environment variable: %m"); STRV_FOREACH(path, paths) { _cleanup_free_ char *t = NULL; _cleanup_close_ int fd = -1; pid_t pid; t = strdup(*path); if (!t) return log_oom(); if (callbacks) { fd = open_serialization_fd(basename(*path)); if (fd < 0) return log_error_errno(fd, "Failed to open serialization file: %m"); } r = do_spawn(t, argv, fd, &pid); if (r <= 0) continue; if (parallel_execution) { r = hashmap_put(pids, PID_TO_PTR(pid), t); if (r < 0) return log_oom(); t = NULL; } else { r = wait_for_terminate_and_check(t, pid, WAIT_LOG); if (FLAGS_SET(flags, EXEC_DIR_IGNORE_ERRORS)) { if (r < 0) continue; } else if (r > 0) return r; if (callbacks) { if (lseek(fd, 0, SEEK_SET) < 0) return log_error_errno(errno, "Failed to seek on serialization fd: %m"); r = callbacks[STDOUT_GENERATE](fd, callback_args[STDOUT_GENERATE]); fd = -1; if (r < 0) return log_error_errno(r, "Failed to process output from %s: %m", *path); } } }