summaryrefslogtreecommitdiffstats
path: root/src/sulogin-shell (follow)
Commit message (Collapse)AuthorAgeFilesLines
* process-util: add new FORK_DEATHSIG_SIGKILL flag, rename FORK_DEATHSIG → ↵Lennart Poettering2023-11-021-1/+1
| | | | | | | | | | | | | | | | | | FORK_DEATHSIG_SIGTERM Sometimes it makes sense to hard kill a client if we die. Let's hence add a third FORK_DEATHSIG flag for this purpose: FORK_DEATHSIG_SIGKILL. To make things less confusing this also renames FORK_DEATHSIG to FORK_DEATHSIG_SIGTERM to make clear it sends SIGTERM. We already had FORK_DEATHSIG_SIGINT, hence this makes things nicely symmetric. A bunch of users are switched over for FORK_DEATHSIG_SIGKILL where we know it's safe to abort things abruptly. This should make some kernel cases more robust, since we cannot get confused by signal masks or such. While we are at it, also fix a bunch of bugs where we didn't take FORK_DEATHSIG_SIGINT into account in safe_fork()
* proc-cmdline: make proc_cmdline_get_bool() take flagsYu Watanabe2023-08-091-1/+1
| | | | | | All other command line parsers takes flags. Let's make proc_cmdline_get_bool() also take flags. Though, currently, no flag is set by the caller.
* meson: move declarations of kernel-install and sulogin-shellYu Watanabe2023-08-011-0/+8
|
* tree-wide: drop trailing newline from various log callsLennart Poettering2023-07-101-2/+2
| | | | | We generate this implicitly, hence we generally don't include it explicitly.
* bus-unit-util: add common code for reloading PID 1Lennart Poettering2023-07-101-26/+6
| | | | | | We have this very similar code in various places, and it#s not entirely obvious (since we want a prolonged timeout for the reload), hence unify this at one place.
* sulogin: Read SYSTEMD_SULOGIN_FORCE from kernel cmdlineDaan De Meyer2023-05-131-0/+14
| | | | | | | | This allows setting it on the kernel cmdline and having it work automatically without having to write any dropins or such. Also enable the option in mkosi so that we can debug the initrd properly with a locked root account.
* sulogin-shell: Start initrd.target on exit in the initrdDaan De Meyer2023-04-211-11/+13
| | | | | sulogin is documented to continue booting up on exit. To do that in the initrd, we need to start initrd.target and not default.target.
* Merge pull request #26271 from d-hatayama/fix_sulogin_shellYu Watanabe2023-02-161-11/+53
|\ | | | | sulogin: fix control lost of the current terminal when default.target…
| * sulogin: fix control lost of the current terminal when default.target is ↵HATAYAMA Daisuke2023-02-161-10/+49
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | rescue.target When default.target is rescue.target, exiting from the single-user shell results in lost of the control of the current terminal. This is because the operation performed to continue to boot is systemctl default but default.target is now rescue.target and it is already active. Hence, no new process that controls the current terminal is created. Users need to make hardware reset to recover the situation. This sounds like a bit corner case issue and some might feel configuring default.target as rescue.target is odd because there are several other ways to transition to rescue.mode without configuring default.target to rescue.target such as systemctl rescue or systemd.unit=rescue.target something like that. However, users unfamiliar with systemd operations tend to come up with systemctl set-default rescue.target. To fix this issue, let's transition to default.target only when default.target is inactive. Otherwise, invoke the single-user shell again to keep control of the current terminal for users. This new logic depends on whether D-Bus working well. Exiting without any check of result of systemctl default could lead to again the control lost of the current terminal. Hence, add checking results of each D-Bus operations including systemctl default and invoke the single-user shell if they fail.
| * sulogin: use DEFINE_MAIN_FUNCTION()HATAYAMA Daisuke2023-02-151-2/+5
| | | | | | | | | | | | Let's use DEFINE_MAIN_FUNCTION() as the other commands for consistency. This commit should be no functional change.
* | Rename def.h to constants.hZbigniew Jędrzejewski-Szmek2022-11-081-1/+1
|/ | | | | | The name "def.h" originates from before the rule of "no needless abbreviations" was established. Let's rename the file to clarify that it contains a collection of various semi-related constants.
* Merge pull request #24054 from keszybz/initrd-no-reloadFrantisek Sumsal2022-08-181-5/+2
|\ | | | | Don't do daemon-reload in the initrd
| * Use a common define for the reload timeoutZbigniew Jędrzejewski-Szmek2022-07-221-5/+2
| |
* | tree-wide: use bus locator (#24252)gtwang012022-08-091-12/+10
|/ | | This modifies some sd_bus calls to equivalent bus calls.
* fsck,sulogin: fix cargo-culted commentZbigniew Jędrzejewski-Szmek2022-07-151-3/+3
|
* tree-wide: enable colorized logging for daemons when run in consoleYu Watanabe2021-01-311-1/+1
| | | | It may be useful when debugging daemons.
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-091-1/+1
|
* tree-wide: normalize includes of public headersZbigniew Jędrzejewski-Szmek2019-11-281-1/+2
| | | | They are supposed to go into a sectinon of their own.
* core: use SPECIAL_DEFAULT_TARGET moreZbigniew Jędrzejewski-Szmek2019-11-281-1/+2
|
* tree-wide: use FORK_RLIMIT_NOFILE_SAFE wherever possibleLennart Poettering2018-12-011-1/+1
| | | | | | | Similar to the previous commit: in many cases no further fd processing needs to be done in forked of children before execve() or any of its flavours are called. In those case we can use FORK_RLIMIT_NOFILE_SAFE instead.
* log: introduce new helper call log_setup_service()Lennart Poettering2018-11-201-3/+1
| | | | | Let's reduce the common boilerplate and have a single setup function used by all service code to setup logging.
* sulogin-shell: Use force if SYSTEMD_SULOGIN_FORCE setAndreas Henriksson2018-10-171-1/+10
| | | | | | | | | | | | | | | | | | | | | | | | | When the root account is locked sulogin will either inform you of this and not allow you in or if --force is used it will hand you passwordless root (if using a recent enough version of util-linux). Not being allowed a shell is ofcourse inconvenient, but at the same time handing out passwordless root unconditionally is probably not a good idea everywhere. This patch thus allows to control which behaviour you want by setting the SYSTEMD_SULOGIN_FORCE environment variable to true or false to control the behaviour, eg. via adding this to 'systemctl edit rescue.service' (or emergency.service): [Service] Environment=SYSTEMD_SULOGIN_FORCE=1 Distributions who used locked root accounts and want the passwordless behaviour could thus simply drop in the override file in /etc/systemd/system/rescue.service.d/override.conf Fixes: #7115 Addresses: https://bugs.debian.org/802211
* tree-wide: shorten error logging a bitYu Watanabe2018-08-071-2/+2
| | | | Continuation of 4027f96aa08c73f109aa46b89842ca0e25c9c0e9.
* tree-wide: beautify remaining copyright statementsLennart Poettering2018-06-141-1/+1
| | | | | | Let's unify an beautify our remaining copyright statements, with a unicode ©. This means our copyright statements are now always formatted the same way. Yay.
* tree-wide: drop 'This file is part of systemd' blurbLennart Poettering2018-06-141-2/+0
| | | | | | | | | | | | | | | | This part of the copyright blurb stems from the GPL use recommendations: https://www.gnu.org/licenses/gpl-howto.en.html The concept appears to originate in times where version control was per file, instead of per tree, and was a way to glue the files together. Ultimately, we nowadays don't live in that world anymore, and this information is entirely useless anyway, as people are very welcome to copy these files into any projects they like, and they shouldn't have to change bits that are part of our copyright header for that. hence, let's just get rid of this old cruft, and shorten our codebase a bit.
* tree-wide: drop license boilerplateZbigniew Jędrzejewski-Szmek2018-04-061-13/+0
| | | | | | | | | | Files which are installed as-is (any .service and other unit files, .conf files, .policy files, etc), are left as is. My assumption is that SPDX identifiers are not yet that well known, so it's better to retain the extended header to avoid any doubt. I also kept any copyright lines. We can probably remove them, but it'd nice to obtain explicit acks from all involved authors before doing that.
* process-util: rework wait_for_terminate_and_warn() to take a flags parameterLennart Poettering2018-01-041-1/+1
| | | | | | | | | | | | | This renames wait_for_terminate_and_warn() to wait_for_terminate_and_check(), and adds a flags parameter, that controls how much to log: there's one flag that means we log about abnormal stuff, and another one that controls whether we log about non-zero exit codes. Finally, there's a shortcut flag value for logging in both cases, as that's what we usually use. All callers are accordingly updated. At three occasions duplicate logging is removed, i.e. where the old function was called but logged in the caller, too.
* process-util: add another fork_safe() flag for enabling LOG_ERR/LOG_WARN loggingLennart Poettering2018-01-041-2/+2
|
* tree-wide: introduce new safe_fork() helper and port everything overLennart Poettering2017-12-251-10/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | This adds a new safe_fork() wrapper around fork() and makes use of it everywhere. The new wrapper does a couple of things we previously did manually and separately in a safer, more correct and automatic way: 1. Optionally resets signal handlers/mask in the child 2. Sets a name on all processes we fork off right after forking off (and the patch assigns useful names for all processes we fork off now, following a systematic naming scheme: always enclosed in () – in order to indicate that these are not proper, exec()ed processes, but only forked off children, and if the process is long-running with only our own code, without execve()'ing something else, it gets am "sd-" prefix.) 3. Optionally closes all file descriptors in the child 4. Optionally sets a PR_SET_DEATHSIG to SIGTERM in the child, in a safe way so that the parent dying before this happens being handled safely. 5. Optionally reopens the logs 6. Optionally connects stdin/stdout/stderr to /dev/null 7. Debug logs about the forked off processes.
* sulogin-shell: replace "^D" by "exit"Zbigniew Jędrzejewski-Szmek2017-12-071-2/+2
| | | | | ^D is a bit cryptic, and advanced users will know that they can use ^D instead of typing exit anyway.
* sulogin-shell: do daemon-reload before starting default targetZbigniew Jędrzejewski-Szmek2017-12-071-8/+39
| | | | | | | | | | | | | If the user modifies configuration, e.g. /etc/fstab, they might forget to tell systemd about the changes. Let's do a reload for them. Note that doing a reload should be safe, because emergency and rescue modes are "single threaded" and nothing should be doing changes at the point where we are exiting from the sushell. Also, daemon-reload can be implicitly called at various moments, so we can ignore the case where the user did some incompatible changes on disk and is counting on systemd never reloading and picking them up. C.f. #7565.
* sulogin-shell: simplify returns from a functionZbigniew Jędrzejewski-Szmek2017-12-071-7/+5
| | | | | | This is actually slightly safer because it allows gcc to make sure that all code paths either call return or are noreturn. But the real motivation is just to follow the usual style and make it a bit shorter.
* meson: place systemd-sulogin-shell in build/Zbigniew Jędrzejewski-Szmek2017-12-071-25/+0
| | | | We do that will all executables so that it's easy to call them.
* Add license headers and SPDX identifiers to meson.build filesZbigniew Jędrzejewski-Szmek2017-11-191-0/+17
| | | | | | | So far I avoided adding license headers to meson files, but they are pretty big and important and should carry license headers like everything else. I added my own copyright, even though other people modified those files too. But this is mostly symbolic, so I hope that's OK.
* Add SPDX license identifiers to source files under the LGPLZbigniew Jędrzejewski-Szmek2017-11-191-0/+1
| | | | | This follows what the kernel is doing, c.f. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5fd54ace4721fc5ce2bb5aef6318fcf17f421460.
* sulogin-shell: switch from shell implementation to a C implementation (#6698)Felipe Sateler2017-09-083-19/+113
|
* sulogin-shell: remove ineffective job mode option from `systemctl isolate` ↵Alan Jenkins2017-08-301-1/+1
| | | | | | | | | | | | | (#6627) `systemctl default` uses job mode `isolate` (see `action_table`). The job mode option is ignored. Note that exiting the emergency shell service by using e.g. `systemctl isolate multi-user` or `systemctl start multi-user.target` already kills `emergency.service`. There's only a potential conflict between your command and the command in systemd-sulogin-shell if you run something like `systemctl start --no-block multi-user.target; exit`. Which is nothing like what we told them to do :).
* build-sys: drop gitignore patterns for in-tree buildsZbigniew Jędrzejewski-Szmek2017-07-181-1/+0
| | | | ... and other autotools-generated files.
* sulogin-shell: avoid heredocsZbigniew Jędrzejewski-Szmek2017-05-301-5/+3
| | | | | | | | They require a writable /tmp dir (in the bash implementation). Let's use echo, and not 'echo -e' since that doesn't seem to be completely portable. Fixes #6052.
* meson: reindent all files with 8 spacesZbigniew Jędrzejewski-Szmek2017-04-241-5/+3
| | | | | | | The indentation for emacs'es meson-mode is added .dir-locals. All files are reindented automatically, using the lasest meson-mode from git. Indentation should now be fairly consistent.
* meson: install systemd-sulogin-shell tooZbigniew Jędrzejewski-Szmek2017-04-241-0/+9
|
* units: simplify rescue.service and emergency.service (#5623)Michael Biebl2017-03-232-0/+15
The emergency.service and rescue.service units have become rather convoluted. We spawn multiple shells and the help text spans multiple lines which makes the units hard to read. Move the logic into a single shell script and call that via ExecStart.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-03 10:52:15 +0100