summaryrefslogtreecommitdiff
path: root/src/shutdown
Commit message (Collapse)AuthorAgeFilesLines
* switch-root: don't require /mnt/ when switching root into host OSLennart Poettering2023-05-031-1/+1
| | | | | | | | | | | | | | | | So far, we invoked pivot_root() specifying /mnt/ as second argument, which then unmounted right-after. We'd create /mnt/ if needed. This sucks, because it means /mnt/ must strictly be pre-created on immutable images. Remove this limitation, by using pivot_root() with "." as source and target, which will result in two stacked mounts afterwards: the new one underneath, the old one ontop. We can then simply unmount the top one, and have what we want without needing any extra /mnt/ dir. Since we don't need /mnt/ anymore we can get rid of the extra unmount_old_root parameter and simply specify it as NULL if we don't want the old mount to stick around.
* shutdown: paranoia – close all fds we might get passed inLennart Poettering2023-04-271-0/+6
| | | | | We don't expect any fds (beyond 0…2) to be passed from the service manager into systemd-shutdown, but let's better be safe then sorry.
* tree-wide: convert more cases do DEVNUM_FORMAT_STR()/DEVNUM_FORMAT_VAL()Lennart Poettering2023-04-211-2/+3
| | | | | | Let's use our nice macros a bit more. (Not comprehensive)
* core: Propagate exit status via notify socket when running in VMDaan De Meyer2023-04-121-0/+6
| | | | | | | | | When running in a container, we can propagate the exit status of pid1 as usual via the process exit status. This is not possible when running in a VM. Instead, let's send EXIT_STATUS=%i via the notify socket if one is configured. The user running the VM can then pick up the exit status from the notify socket after the VM has shut down.
* proc-cmdline: filter PID1 arguments when we are running in a containerYu Watanabe2023-03-291-14/+5
| | | | | | | | Otherwise, PID1 arguments e.g. "--deserialize 16" may be parsed unexpectedly by generators. Fixes the issue reported at https://github.com/systemd/systemd/issues/24452#issuecomment-1475004433.
* tree-wide: reset optind to 0 when GNU extensions in optstring are usedYu Watanabe2023-03-291-0/+4
| | | | | | | | | | Otherwise, if getopt() and friends are used before parse_argv(), then the GNU extensions may be ignored. This should not change any behavior at least now, as we usually use getopt_long() only once per invocation. But in the next commit, getopt_long() will be used for other arrays, hence this change will become necessary.
* chase-symlinks: Rename chase_symlinks() to chase()Daan De Meyer2023-03-241-2/+2
| | | | | | | | | Chasing symlinks is a core function that's used in a lot of places so it deservers a less verbose names so let's rename it to chase() and chaseat(). We also slightly change the pattern used for the chaseat() helpers so we get chase_and_openat() and similar.
* Merge pull request #26203 from medhefgo/mesonYu Watanabe2023-02-221-4/+7
|\ | | | | meson: Use dicts for test/fuzzer definitions
| * meson: Use dicts for test definitionsJan Janssen2023-02-211-4/+7
| | | | | | | | | | | | | | Although this slightly more verbose it makes it much easier to reason about. The code that produces the tests heavily benefits from this. Test lists are also now sorted by test name.
* | process-util: rename FORK_NULL_STDIO -> FORK_REARRANGE_STDIOYu Watanabe2023-02-211-2/+8
|/ | | | And make safe_fork_full() takes fds to be assigned to stdio.
* meson: Do not include headers in source listsJan Janssen2023-01-241-3/+1
| | | | | | Meson+ninja+compiler do this for us and are better at it. https://mesonbuild.com/FAQ.html#do-i-need-to-add-my-headers-to-the-sources-list-like-in-autotools
* shutdown: Make all mounts privateValentin David2023-01-111-0/+5
| | | | | | When systemd-shutdown is run, shared propagation is not needed anymore. Making mounts private allow to move mount points. This is needed to untangle cyclic mounts.
* shutdown: Move busy mounts to not block parent mountsValentin David2023-01-112-2/+67
| | | | | | | | | | | | | There is a case that confuses systemd-shutdown: a filesystem has been moved to a mount point which is part of another filesystem from an image from that former filesystem. systemd-shutdown cannot unmount any of those two filesystems. It needs first to move the filesystem containing the image of the other out of the tree of that image. Here we move leaf mount points when they are busy so that they do not block parent mounts. We can only move leafs at each iteration since moving mount points also move sub mount points which would invalidate we read from `/proc/self/mountinfo`.
* shutdown: Drop bit fields in boolean declarationsValentin David2023-01-111-2/+2
| | | | Due to alignment, they did not save any space.
* shutdown: don't close pipe fds.Lennart Poettering2023-01-101-2/+2
| | | | | | Man, I royally screwed this one up! 😳 Fixes: #25998
* shutdown: propagate the original errnoYu Watanabe2023-01-101-1/+1
| | | | Follow-up for b293bb23162534e0260ed07357c2478655541166.
* shutdown: propagate mount() failures from child to parentLennart Poettering2023-01-091-12/+40
| | | | | | Let's propagate the actual error code up, as we usual do. Inspired by: #25168
* tree-wide: use -EBADF for fd initializationZbigniew Jędrzejewski-Szmek2022-12-191-3/+3
| | | | | | | | | | | | | | | | -1 was used everywhere, but -EBADF or -EBADFD started being used in various places. Let's make things consistent in the new style. Note that there are two candidates: EBADF 9 Bad file descriptor EBADFD 77 File descriptor in bad state Since we're initializating the fd, we're just assigning a value that means "no fd yet", so it's just a bad file descriptor, and the first errno fits better. If instead we had a valid file descriptor that became invalid because of some operation or state change, the other errno would fit better. In some places, initialization is dropped if unnecessary.
* Rename def.h to constants.hZbigniew Jędrzejewski-Szmek2022-11-082-2/+2
| | | | | | The name "def.h" originates from before the rule of "no needless abbreviations" was established. Let's rename the file to clarify that it contains a collection of various semi-related constants.
* basic: rename util.h to logarithm.hZbigniew Jędrzejewski-Szmek2022-11-082-2/+0
| | | | | util.h is now about logarithms only, so we can rename it. Many files included util.h for no apparent reason… Those includes are dropped.
* basic,shared: move disable_coredumps() to coredump-util.[ch]Zbigniew Jędrzejewski-Szmek2022-11-081-0/+1
|
* basic: create new basic/initrd-util.[ch] for initrd-related functionsZbigniew Jędrzejewski-Szmek2022-11-081-1/+1
| | | | | | | | | I changed imports of util.h to initrd-util.h, or added an import of initrd-util.h, to keep compilation working. It turns out that many files didn't import util.h directly. When viewing the patch, don't be confused by git rename detection logic: a new .c file is added and two functions moved into it.
* shutdown: rework log_umount_blockers() a bitLennart Poettering2022-08-311-23/+37
| | | | | | | | | | | Let's go directly from opening /proc/ to opening /proc/$PID/fd/ instead of indirectly via opening /proc/$PID/ first. Saves a syscall. Also, add error logging about all unexpected errors. Finally, drop redundant denylist for /proc/, /sys/, /dev/ prefix checking, should be redundant, given the ealier check against the 'mnt' prefix.
* umount: unmount profcs/sysfs/.. lazilyLennart Poettering2022-08-312-15/+13
| | | | Alternative for: df48b430a4a85f923eaecb3fadf9c514692d2082
* umount: minor modernizationsLennart Poettering2022-08-311-4/+3
|
* umount: use structured initializationLennart Poettering2022-08-311-4/+8
|
* shutdown: rebreak all comments to coding styleLennart Poettering2022-08-311-39/+27
| | | | No actual change of words.
* shutdown: Fix last try detectionJan Janssen2022-08-251-1/+1
| | | | This was missed in 5125b67742567de79c12e31f434a11d787b4f6b1.
* shutdown: trivial modernizationsLennart Poettering2022-08-161-22/+21
|
* shutdown: Lazy unmount /oldroot/{dev,proc,sys}Jan Janssen2022-06-091-0/+11
| | | | | These should not prevent us from cleaning up the remainders of /oldroot if something in the kernel is blocking these from being unmounted.
* shutdown: Log processes that block umountJan Janssen2022-06-091-3/+63
|
* shutdown: Rename umount_log_level and make it a boolJan Janssen2022-06-093-50/+44
| | | | | This was already effectively a bool because only ever two states were valid. To make the meaning of it more clear, also rename it to last_try.
* shutdown: get only active md arrays.Mariusz Tkaczyk2022-04-061-1/+17
| | | | | | | | | | | | | | | | | | | | | Current md_list_get() implementation filters all block devices, started from "md*". This is ambiguous because list could contain: - partitions created upon md device (mdXpY) - external metadata container- specific type of md array. For partitions there is no issue, because they aren't handle STOP_ARRAY ioctl sent later. It generates misleading errors only. Second case is more problematic because containers are not locked in kernel. They are stopped even if container member array is active. For that reason reboot or shutdown flow could be blocked because metadata manager cannot be restarted after switch root on shutdown. Add filters to remove partitions and containers from md_list. Partitions can be excluded by DEVTYPE. Containers are determined by MD_LEVEL property, we are excluding all with "container" value. Signed-off-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com>
* list: make LIST_FOREACH() and LIST_FOREACH_BACKWARDS() saferYu Watanabe2022-03-191-4/+4
|
* list: declare iterator of LIST_FOREACH() in the loopYu Watanabe2022-03-192-7/+0
|
* test: Use TEST macros in more placesJan Janssen2022-03-161-12/+14
|
* meson: move files' closing brace to separate lineZbigniew Jędrzejewski-Szmek2022-03-031-1/+2
|
* meson: do not use split() in file listsZbigniew Jędrzejewski-Szmek2022-03-021-5/+4
| | | | | | | | | | | The approach to use '''…'''.split() instead of a list of strings was initially used when converting from automake because it allowed identical blocks of lines to be used for both, making the conversion easier. But over the years we have been using normal lists more and more, especially when there were just a few filenames listed. This converts the rest. No functional change.
* shutdown: don't stop the watchdogMichael Olbrich2022-02-041-2/+3
| | | | | | | | | | | This basically reverts #22079. Stopping the watchdog is wrong. The reboot watchdog is supposed to cover the whole time from the point when systemd start systemd-reboot until the hardware resets. Otherwise the system may hang in the final shutdown phase. Add a comment, why keeping the watchdog running is correct here.
* Merge pull request #22092 from keszybz/docs-linksZbigniew Jędrzejewski-Szmek2022-01-121-1/+1
|\ | | | | Add more doc pages, adjust links, add explanatory headers to examples and relax license to CC-0
| * shutdown: adjust log messageZbigniew Jędrzejewski-Szmek2022-01-121-1/+1
| | | | | | | | | | Instead of saying "with options 'n/a'", let's just say "with options ''". We really don't have any options.
* | shutdown: release the watchdog finallyLidong Zhong2022-01-121-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | During reboot or kexec, watchdog will be setup before systemd is replaced by systemd-shutdown binary. But while systemd-shutdown is executed, the watchdog will not really be released. Log shown as following: [ 39.371202] watchdog: watchdog0: watchdog did not stop! [ 39.383659] systemd-shutdown[1]: Syncing filesystems and block devices. [ 39.423727] systemd-shutdown[1]: Sending SIGTERM to remaining processes... [ 39.440857] systemd-journald[526]: Received SIGTERM from PID 1 (systemd-shutdow). [ 39.461047] systemd-shutdown[1]: Sending SIGKILL to remaining processes... [ 39.466736] systemd-shutdown[1]: Using hardware watchdog 'iTCO_wdt', version 0, device /dev/watchdog [ 39.467835] systemd-shutdown[1]: Unmounting file systems. [ 39.469721] [2171]: Remounting '/' read-only in with options 'attr2,inode64,logbufs=8,logbsize=32k,noquota'. [ 39.550266] systemd-shutdown[1]: All filesystems unmounted. [ 39.550274] systemd-shutdown[1]: Deactivating swaps. [ 39.550443] systemd-shutdown[1]: All swaps deactivated. [ 39.550449] systemd-shutdown[1]: Detaching loop devices. [ 39.550697] systemd-shutdown[1]: All loop devices detached. [ 39.550703] systemd-shutdown[1]: Detaching DM devices. [ 39.551269] systemd-shutdown[1]: Not all DM devices detached, 1 left. [ 39.551277] systemd-shutdown[1]: Cannot finalize remaining DM devices, continuing. [ 39.580044] systemd-shutdown[1]: Successfully changed into root pivot. [ 39.580050] systemd-shutdown[1]: Returning to initrd... [ 39.587921] watchdog: watchdog0: watchdog did not stop! [ 39.774130] dracut Warning: Break before pre-shutdown after applying fix [ 59.520379] watchdog: watchdog0: watchdog did not stop! [ 59.542286] systemd-shutdown[1]: Syncing filesystems and block devices. [ 59.583313] systemd-shutdown[1]: Sending SIGTERM to remaining processes... [ 59.600133] systemd-journald[517]: Received SIGTERM from PID 1 (systemd-shutdow). [ 59.624435] systemd-shutdown[1]: Sending SIGKILL to remaining processes... [ 59.629288] systemd-shutdown[1]: Using hardware watchdog 'iTCO_wdt', version 0, device /dev/watchdog [ 59.630468] systemd-shutdown[1]: Unmounting file systems. [ 59.632219] [2172]: Remounting '/' read-only in with options 'attr2,inode64,logbufs=8,logbsize=32k,noquota'. [ 59.727588] systemd-shutdown[1]: All filesystems unmounted. [ 59.727596] systemd-shutdown[1]: Deactivating swaps. [ 59.727719] systemd-shutdown[1]: All swaps deactivated. [ 59.727725] systemd-shutdown[1]: Detaching loop devices. [ 59.727974] systemd-shutdown[1]: All loop devices detached. [ 59.727979] systemd-shutdown[1]: Detaching DM devices. [ 59.728547] systemd-shutdown[1]: Not all DM devices detached, 1 left. [ 59.728556] systemd-shutdown[1]: Cannot finalize remaining DM devices, continuing. [ 59.758160] systemd-shutdown[1]: Successfully changed into root pivot. [ 59.758167] systemd-shutdown[1]: Returning to initrd... [ 59.950305] dracut Warning: Break before pre-shutdown
* | meson: Use files() for testsJan Janssen2022-01-111-3/+3
|/ | | | | | Not having to provide the full path in the source tree is much nicer and the produced lists can also be used anywhere in the source tree.
* umount: fix log messageLennart Poettering2021-11-161-1/+1
| | | | | | The sentence wasn't correct English language, let's fix that. More importantly: if the mount options are empty we'd display "(null)" here. Fix that. (And they can be empty IRL, see CI results)
* tree-wide: use new RET_NERRNO() helper at various placesLennart Poettering2021-11-161-9/+3
|
* homed,shutdown: call valgrind magic after LOOP_GET_STATUS64Lennart Poettering2021-10-161-0/+12
| | | | | | valgrind doesn't understand LOOP_GET_STATUS64. We already work around this in various placed, via VALGRIND_MAKE_MEM_DEFINE(), but we forgot three places. Let's fix that.
* basic: split out sync() family of calls from fs-util.[ch] into new c/h fileLennart Poettering2021-10-051-1/+1
| | | | No changes in code, just some splitting out.
* shutdown: introduce init_watchdog()Franck Bui2021-09-151-20/+25
| | | | No functional change.
* watchdog: rename watchdog_set_timeout() into watchdog_setup()Franck Bui2021-09-151-1/+1
| | | | | "watchdog_set_timeout()" was misleading as the function is not just a setter - it must be called for activating the watchdog device.
* core: watchdog_set_timeout() doesn't need to return the timeout value used ↵Franck Bui2021-09-151-1/+1
| | | | | | | by the HW The manager currently doesn't need it and if it does in the future an helper should probably be introduced instead.
View Lorry Controller Status