int rm_rf(const char *path, RemoveFlags flags) {
int fd, r;
struct statfs s;
assert(path);
/* We refuse to clean the root file system with this
* call. This is extra paranoia to never cause a really
* seriously broken system. */
if (path_equal_or_files_same(path, "/", AT_SYMLINK_NOFOLLOW)) {
log_error("Attempted to remove entire root file system (\"%s\"), and we can't allow that.", path);
return -EPERM;
}
if (FLAGS_SET(flags, REMOVE_SUBVOLUME | REMOVE_ROOT | REMOVE_PHYSICAL)) {
/* Try to remove as subvolume first */
r = btrfs_subvol_remove(path, BTRFS_REMOVE_RECURSIVE|BTRFS_REMOVE_QUOTA);
if (r >= 0)
return r;
if (!IN_SET(r, -ENOTTY, -EINVAL, -ENOTDIR))
return r;
/* Not btrfs or not a subvolume */
}
fd = open(path, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
if (fd < 0) {
if (!IN_SET(errno, ENOTDIR, ELOOP))
return -errno;
if (!(flags & REMOVE_PHYSICAL)) {
if (statfs(path, &s) < 0)
return -errno;
if (is_physical_fs(&s)) {
log_error("Attempted to remove files from a disk file system under \"%s\", refusing.", path);
return -EPERM;
}
}
if ((flags & REMOVE_ROOT) && !(flags & REMOVE_ONLY_DIRECTORIES))
if (unlink(path) < 0 && errno != ENOENT)
return -errno;
return 0;
}
r = rm_rf_children(fd, flags, NULL);
if (flags & REMOVE_ROOT) {
if (rmdir(path) < 0) {
if (r == 0 && errno != ENOENT)
r = -errno;
}
}
return r;
}
void
xfrd_setup_packet(buffer_type* packet,
uint16_t type, uint16_t klass, const dname_type* dname)
{
/* Set up the header */
buffer_clear(packet);
ID_SET(packet, qid_generate());
FLAGS_SET(packet, 0);
OPCODE_SET(packet, OPCODE_QUERY);
QDCOUNT_SET(packet, 1);
ANCOUNT_SET(packet, 0);
NSCOUNT_SET(packet, 0);
ARCOUNT_SET(packet, 0);
buffer_skip(packet, QHEADERSZ);
/* The question record. */
buffer_write(packet, dname_name(dname), dname->name_size);
buffer_write_u16(packet, type);
buffer_write_u16(packet, klass);
}
static int condition_test_control_group_controller(Condition *c) {
int r;
CGroupMask system_mask, wanted_mask = 0;
assert(c);
assert(c->parameter);
assert(c->type == CONDITION_CONTROL_GROUP_CONTROLLER);
r = cg_mask_supported(&system_mask);
if (r < 0)
return log_debug_errno(r, "Failed to determine supported controllers: %m");
r = cg_mask_from_string(c->parameter, &wanted_mask);
if (r < 0 || wanted_mask <= 0) {
/* This won't catch the case that we have an unknown controller
* mixed in with valid ones -- these are only assessed on the
* validity of the valid controllers found. */
log_debug("Failed to parse cgroup string: %s", c->parameter);
return 1;
}
return FLAGS_SET(system_mask, wanted_mask);
}
int emergency_action(
Manager *m,
EmergencyAction action,
EmergencyActionFlags options,
const char *reboot_arg,
int exit_status,
const char *reason) {
assert(m);
assert(action >= 0);
assert(action < _EMERGENCY_ACTION_MAX);
if (action == EMERGENCY_ACTION_NONE)
return -ECANCELED;
if (FLAGS_SET(options, EMERGENCY_ACTION_IS_WATCHDOG) && !m->service_watchdogs) {
log_warning("Watchdog disabled! Not acting on: %s", reason);
return -ECANCELED;
}
bool warn = FLAGS_SET(options, EMERGENCY_ACTION_WARN);
switch (action) {
case EMERGENCY_ACTION_REBOOT:
log_and_status(m, warn, "Rebooting", reason);
(void) update_reboot_parameter_and_warn(reboot_arg);
(void) manager_add_job_by_name_and_warn(m, JOB_START, SPECIAL_REBOOT_TARGET, JOB_REPLACE_IRREVERSIBLY, NULL);
break;
case EMERGENCY_ACTION_REBOOT_FORCE:
log_and_status(m, warn, "Forcibly rebooting", reason);
(void) update_reboot_parameter_and_warn(reboot_arg);
m->objective = MANAGER_REBOOT;
break;
case EMERGENCY_ACTION_REBOOT_IMMEDIATE:
log_and_status(m, warn, "Rebooting immediately", reason);
sync();
if (!isempty(reboot_arg)) {
log_info("Rebooting with argument '%s'.", reboot_arg);
(void) raw_reboot(LINUX_REBOOT_CMD_RESTART2, reboot_arg);
log_warning_errno(errno, "Failed to reboot with parameter, retrying without: %m");
}
log_info("Rebooting.");
(void) reboot(RB_AUTOBOOT);
break;
case EMERGENCY_ACTION_EXIT:
if (exit_status >= 0)
m->return_value = exit_status;
if (MANAGER_IS_USER(m) || detect_container() > 0) {
log_and_status(m, warn, "Exiting", reason);
(void) manager_add_job_by_name_and_warn(m, JOB_START, SPECIAL_EXIT_TARGET, JOB_REPLACE_IRREVERSIBLY, NULL);
break;
}
log_notice("Doing \"poweroff\" action instead of an \"exit\" emergency action.");
_fallthrough_;
case EMERGENCY_ACTION_POWEROFF:
log_and_status(m, warn, "Powering off", reason);
(void) manager_add_job_by_name_and_warn(m, JOB_START, SPECIAL_POWEROFF_TARGET, JOB_REPLACE_IRREVERSIBLY, NULL);
break;
case EMERGENCY_ACTION_EXIT_FORCE:
if (exit_status >= 0)
m->return_value = exit_status;
if (MANAGER_IS_USER(m) || detect_container() > 0) {
log_and_status(m, warn, "Exiting immediately", reason);
m->objective = MANAGER_EXIT;
break;
}
log_notice("Doing \"poweroff-force\" action instead of an \"exit-force\" emergency action.");
_fallthrough_;
case EMERGENCY_ACTION_POWEROFF_FORCE:
log_and_status(m, warn, "Forcibly powering off", reason);
m->objective = MANAGER_POWEROFF;
break;
case EMERGENCY_ACTION_POWEROFF_IMMEDIATE:
log_and_status(m, warn, "Powering off immediately", reason);
sync();
log_info("Powering off.");
(void) reboot(RB_POWER_OFF);
break;
default:
assert_not_reached("Unknown emergency action");
}
return -ECANCELED;
}
int status_vprintf(const char *status, ShowStatusFlags flags, const char *format, va_list ap) {
static const char status_indent[] = " "; /* "[" STATUS "] " */
_cleanup_free_ char *s = NULL;
_cleanup_close_ int fd = -1;
struct iovec iovec[7] = {};
int n = 0;
static bool prev_ephemeral;
assert(format);
/* This is independent of logging, as status messages are
* optional and go exclusively to the console. */
if (vasprintf(&s, format, ap) < 0)
return log_oom();
/* Before you ask: yes, on purpose we open/close the console for each status line we write individually. This
* is a good strategy to avoid PID 1 getting killed by the kernel's SAK concept (it doesn't fix this entirely,
* but minimizes the time window the kernel might end up killing PID 1 due to SAK). It also makes things easier
* for us so that we don't have to recover from hangups and suchlike triggered on the console. */
fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
if (fd < 0)
return fd;
if (FLAGS_SET(flags, SHOW_STATUS_ELLIPSIZE)) {
char *e;
size_t emax, sl;
int c;
c = fd_columns(fd);
if (c <= 0)
c = 80;
sl = status ? sizeof(status_indent)-1 : 0;
emax = c - sl - 1;
if (emax < 3)
emax = 3;
e = ellipsize(s, emax, 50);
if (e)
free_and_replace(s, e);
}
if (prev_ephemeral)
iovec[n++] = IOVEC_MAKE_STRING(ANSI_REVERSE_LINEFEED "\r" ANSI_ERASE_TO_END_OF_LINE);
if (status) {
if (!isempty(status)) {
iovec[n++] = IOVEC_MAKE_STRING("[");
iovec[n++] = IOVEC_MAKE_STRING(status);
iovec[n++] = IOVEC_MAKE_STRING("] ");
} else
iovec[n++] = IOVEC_MAKE_STRING(status_indent);
}
iovec[n++] = IOVEC_MAKE_STRING(s);
iovec[n++] = IOVEC_MAKE_STRING("\n");
if (prev_ephemeral && !FLAGS_SET(flags, SHOW_STATUS_EPHEMERAL))
iovec[n++] = IOVEC_MAKE_STRING(ANSI_ERASE_TO_END_OF_LINE);
prev_ephemeral = FLAGS_SET(flags, SHOW_STATUS_EPHEMERAL) ;
if (writev(fd, iovec, n) < 0)
return -errno;
return 0;
}
static int do_execute(
char **directories,
usec_t timeout,
gather_stdout_callback_t const callbacks[_STDOUT_CONSUME_MAX],
void* const callback_args[_STDOUT_CONSUME_MAX],
int output_fd,
char *argv[],
char *envp[],
ExecDirFlags flags) {
_cleanup_hashmap_free_free_ Hashmap *pids = NULL;
_cleanup_strv_free_ char **paths = NULL;
char **path, **e;
int r;
bool parallel_execution;
/* We fork this all off from a child process so that we can somewhat cleanly make
* use of SIGALRM to set a time limit.
*
* We attempt to perform parallel execution if configured by the user, however
* if `callbacks` is nonnull, execution must be serial.
*/
parallel_execution = FLAGS_SET(flags, EXEC_DIR_PARALLEL) && !callbacks;
r = conf_files_list_strv(&paths, NULL, NULL, CONF_FILES_EXECUTABLE|CONF_FILES_REGULAR|CONF_FILES_FILTER_MASKED, (const char* const*) directories);
if (r < 0)
return log_error_errno(r, "Failed to enumerate executables: %m");
if (parallel_execution) {
pids = hashmap_new(NULL);
if (!pids)
return log_oom();
}
/* Abort execution of this process after the timout. We simply rely on SIGALRM as
* default action terminating the process, and turn on alarm(). */
if (timeout != USEC_INFINITY)
alarm(DIV_ROUND_UP(timeout, USEC_PER_SEC));
STRV_FOREACH(e, envp)
if (putenv(*e) != 0)
return log_error_errno(errno, "Failed to set environment variable: %m");
STRV_FOREACH(path, paths) {
_cleanup_free_ char *t = NULL;
_cleanup_close_ int fd = -1;
pid_t pid;
t = strdup(*path);
if (!t)
return log_oom();
if (callbacks) {
fd = open_serialization_fd(basename(*path));
if (fd < 0)
return log_error_errno(fd, "Failed to open serialization file: %m");
}
r = do_spawn(t, argv, fd, &pid);
if (r <= 0)
continue;
if (parallel_execution) {
r = hashmap_put(pids, PID_TO_PTR(pid), t);
if (r < 0)
return log_oom();
t = NULL;
} else {
r = wait_for_terminate_and_check(t, pid, WAIT_LOG);
if (FLAGS_SET(flags, EXEC_DIR_IGNORE_ERRORS)) {
if (r < 0)
continue;
} else if (r > 0)
return r;
if (callbacks) {
if (lseek(fd, 0, SEEK_SET) < 0)
return log_error_errno(errno, "Failed to seek on serialization fd: %m");
r = callbacks[STDOUT_GENERATE](fd, callback_args[STDOUT_GENERATE]);
fd = -1;
if (r < 0)
return log_error_errno(r, "Failed to process output from %s: %m", *path);
}
}
}
