containers: systemd exits with non-zero code

When a systemd service running in a container exits with a non-zero code, it can be useful to terminate the container immediately and get the exit code back to the host, when systemd-nspawn returns. This was not possible to do. This patch adds the following to make it possible: - Add a read-only "ExitCode" property on PID 1's "Manager" bus object. By default, it is 0 so the behaviour stays the same as previously. - Add a method "SetExitCode" on the same object. The method fails when called on baremetal: it is only allowed in containers or in user session. - Add support in systemctl to call "systemctl exit 42". It reuses the existing code for user session. - Add exit.target and systemd-exit.service to the system instance. - Change main() to actually call systemd-shutdown to exit() with the correct value. - Add verb 'exit' in systemd-shutdown with parameter --exit-code - Update systemctl manpage. I used the following to test it: | $ sudo rkt --debug --insecure-skip-verify run \ | --mds-register=false --local docker://busybox \ | --exec=/bin/chroot -- /proc/1/root \ | systemctl --force exit 42 | ... | Container rkt-895a0cba-5c66-4fa5-831c-e3f8ddc5810d failed with error code 42. | $ echo $? | 42 Fixes https://github.com/systemd/systemd/issues/1290
author: Alban Crequy <alban.crequy@gmail.com> 2015-09-18 13:37:34 +0200
committer: Alban Crequy <alban.crequy@gmail.com> 2015-09-21 17:32:45 +0200
commit: 287419c119ef961db487a281162ab037eba70c61 (patch)
tree: e7f4c01e50b7b944b9d9d0ed8290ead8762da906 /src/core
parent: a1b7a5bbdd8da94e41b5e79be7a6e853ae910d2b (diff)
4 files changed, 71 insertions, 9 deletions
diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c
index 4e5d67fc19..561b6f8bfa 100644
--- a/src/core/dbus-manager.c
+++ b/src/core/dbus-manager.c
@@ -1201,8 +1201,10 @@ static int method_exit(sd_bus_message *message, void *userdata, sd_bus_error *er
         if (r < 0)
                 return r;
 
-        if (m->running_as == MANAGER_SYSTEM)
-                return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Exit is only supported for user service managers.");
+        /* Exit() (in contrast to SetExitCode()) is actually allowed even if
+         * we are running on the host. It will fall back on reboot() in
+         * systemd-shutdown if it cannot do the exit() because it isn't a
+         * container. */
 
         m->exit_code = MANAGER_EXIT;
 
@@ -1450,6 +1452,30 @@ static int method_unset_and_set_environment(sd_bus_message *message, void *userd
         return sd_bus_reply_method_return(message, NULL);
 }
 
+static int method_set_exit_code(sd_bus_message *message, void *userdata, sd_bus_error *error) {
+        uint8_t code;
+        Manager *m = userdata;
+        int r;
+
+        assert(message);
+        assert(m);
+
+        r = mac_selinux_access_check(message, "exit", error);
+        if (r < 0)
+                return r;
+
+        r = sd_bus_message_read_basic(message, 'y', &code);
+        if (r < 0)
+                return r;
+
+        if (m->running_as == MANAGER_SYSTEM && detect_container() <= 0)
+                return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "ExitCode can only be set for user service managers or in containers.");
+
+        m->return_value = code;
+
+        return sd_bus_reply_method_return(message, NULL);
+}
+
 static int method_list_unit_files(sd_bus_message *message, void *userdata, sd_bus_error *error) {
         _cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
         Manager *m = userdata;
@@ -1933,6 +1959,7 @@ const sd_bus_vtable bus_manager_vtable[] = {
         SD_BUS_WRITABLE_PROPERTY("ShutdownWatchdogUSec", "t", bus_property_get_usec, bus_property_set_usec, offsetof(Manager, shutdown_watchdog), 0),
         SD_BUS_PROPERTY("ControlGroup", "s", NULL, offsetof(Manager, cgroup_root), 0),
         SD_BUS_PROPERTY("SystemState", "s", property_get_system_state, 0, 0),
+        SD_BUS_PROPERTY("ExitCode", "y", bus_property_get_unsigned, offsetof(Manager, return_value), 0),
 
         SD_BUS_METHOD("GetUnit", "s", "o", method_get_unit, SD_BUS_VTABLE_UNPRIVILEGED),
         SD_BUS_METHOD("GetUnitByPID", "u", "o", method_get_unit_by_pid, SD_BUS_VTABLE_UNPRIVILEGED),
@@ -1986,6 +2013,7 @@ const sd_bus_vtable bus_manager_vtable[] = {
         SD_BUS_METHOD("GetDefaultTarget", NULL, "s", method_get_default_target, SD_BUS_VTABLE_UNPRIVILEGED),
         SD_BUS_METHOD("PresetAllUnitFiles", "sbb", "a(sss)", method_preset_all_unit_files, SD_BUS_VTABLE_UNPRIVILEGED),
         SD_BUS_METHOD("AddDependencyUnitFiles", "asssbb", "a(sss)", method_add_dependency_unit_files, SD_BUS_VTABLE_UNPRIVILEGED),
+        SD_BUS_METHOD("SetExitCode", "y", NULL, method_set_exit_code, SD_BUS_VTABLE_UNPRIVILEGED),
 
         SD_BUS_SIGNAL("UnitNew", "so", 0),
         SD_BUS_SIGNAL("UnitRemoved", "so", 0),
diff --git a/src/core/main.c b/src/core/main.c
index 200fe740da..9b59648279 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -1254,6 +1254,7 @@ int main(int argc, char *argv[]) {
         char *switch_root_dir = NULL, *switch_root_init = NULL;
         struct rlimit saved_rlimit_nofile = RLIMIT_MAKE_CONST(0);
         const char *error_message = NULL;
+        uint8_t shutdown_exit_code = 0;
 
 #ifdef HAVE_SYSV_COMPAT
         if (getpid() != 1 && strstr(program_invocation_short_name, "init")) {
@@ -1764,11 +1765,6 @@ int main(int argc, char *argv[]) {
 
                 switch (m->exit_code) {
 
-                case MANAGER_EXIT:
-                        retval = EXIT_SUCCESS;
-                        log_debug("Exit.");
-                        goto finish;
-
                 case MANAGER_RELOAD:
                         log_info("Reloading.");
 
@@ -1810,11 +1806,13 @@ int main(int argc, char *argv[]) {
                         log_notice("Switching root.");
                         goto finish;
 
+                case MANAGER_EXIT:
                 case MANAGER_REBOOT:
                 case MANAGER_POWEROFF:
                 case MANAGER_HALT:
                 case MANAGER_KEXEC: {
                         static const char * const table[_MANAGER_EXIT_CODE_MAX] = {
+                                [MANAGER_EXIT] = "exit",
                                 [MANAGER_REBOOT] = "reboot",
                                 [MANAGER_POWEROFF] = "poweroff",
                                 [MANAGER_HALT] = "halt",
@@ -1836,8 +1834,10 @@ int main(int argc, char *argv[]) {
 finish:
         pager_close();
 
-        if (m)
+        if (m) {
                 arg_shutdown_watchdog = m->shutdown_watchdog;
+                shutdown_exit_code = m->return_value;
+        }
         m = manager_free(m);
 
         for (j = 0; j < ELEMENTSOF(arg_default_rlimit); j++)
@@ -1978,7 +1978,8 @@ finish:
 
         if (shutdown_verb) {
                 char log_level[DECIMAL_STR_MAX(int) + 1];
-                const char* command_line[9] = {
+                char exit_code[DECIMAL_STR_MAX(uint8_t) + 1];
+                const char* command_line[11] = {
                         SYSTEMD_SHUTDOWN_BINARY_PATH,
                         shutdown_verb,
                         "--log-level", log_level,
@@ -2015,6 +2016,12 @@ finish:
                 if (log_get_show_location())
                         command_line[pos++] = "--log-location";
 
+                if (streq(shutdown_verb, "exit")) {
+                        command_line[pos++] = "--exit-code";
+                        command_line[pos++] = exit_code;
+                        xsprintf(exit_code, "%d", shutdown_exit_code);
+                }
+
                 assert(pos < ELEMENTSOF(command_line));
 
                 if (arm_reboot_watchdog && arg_shutdown_watchdog > 0) {
diff --git a/src/core/manager.h b/src/core/manager.h
index b955982100..1384eb33a4 100644
--- a/src/core/manager.h
+++ b/src/core/manager.h
@@ -242,6 +242,11 @@ struct Manager {
 
         bool test_run:1;
 
+        /* If non-zero, exit with the following value when the systemd
+         * process terminate. Useful for containers: systemd-nspawn could get
+         * the return value. */
+        uint8_t return_value;
+
         ShowStatus show_status;
         bool confirm_spawn;
         bool no_console_output;
diff --git a/src/core/shutdown.c b/src/core/shutdown.c
index 8cc6efc5b8..5296efce1d 100644
--- a/src/core/shutdown.c
+++ b/src/core/shutdown.c
@@ -48,6 +48,7 @@
 #define FINALIZE_ATTEMPTS 50
 
 static char* arg_verb;
+static uint8_t arg_exit_code;
 
 static int parse_argv(int argc, char *argv[]) {
         enum {
@@ -55,6 +56,7 @@ static int parse_argv(int argc, char *argv[]) {
                 ARG_LOG_TARGET,
                 ARG_LOG_COLOR,
                 ARG_LOG_LOCATION,
+                ARG_EXIT_CODE,
         };
 
         static const struct option options[] = {
@@ -62,6 +64,7 @@ static int parse_argv(int argc, char *argv[]) {
                 { "log-target",    required_argument, NULL, ARG_LOG_TARGET   },
                 { "log-color",     optional_argument, NULL, ARG_LOG_COLOR    },
                 { "log-location",  optional_argument, NULL, ARG_LOG_LOCATION },
+                { "exit-code",     required_argument, NULL, ARG_EXIT_CODE    },
                 {}
         };
 
@@ -110,6 +113,13 @@ static int parse_argv(int argc, char *argv[]) {
 
                         break;
 
+                case ARG_EXIT_CODE:
+                        r = safe_atou8(optarg, &arg_exit_code);
+                        if (r < 0)
+                                log_error("Failed to parse exit code %s, ignoring", optarg);
+
+                        break;
+
                 case '\001':
                         if (!arg_verb)
                                 arg_verb = optarg;
@@ -183,6 +193,8 @@ int main(int argc, char *argv[]) {
                 cmd = RB_HALT_SYSTEM;
         else if (streq(arg_verb, "kexec"))
                 cmd = LINUX_REBOOT_CMD_KEXEC;
+        else if (streq(arg_verb, "exit"))
+                cmd = 0; /* ignored, just checking that arg_verb is valid */
         else {
                 r = -EINVAL;
                 log_error("Unknown action '%s'.", arg_verb);
@@ -339,6 +351,16 @@ int main(int argc, char *argv[]) {
         if (!in_container)
                 sync();
 
+        if (streq(arg_verb, "exit")) {
+                if (in_container)
+                        exit(arg_exit_code);
+                else {
+                        /* We cannot exit() on the host, fallback on another
+                         * method. */
+                        cmd = RB_POWER_OFF;
+                }
+        }
+
         switch (cmd) {
 
         case LINUX_REBOOT_CMD_KEXEC:
author	Alban Crequy <alban.crequy@gmail.com>	2015-09-18 13:37:34 +0200
committer	Alban Crequy <alban.crequy@gmail.com>	2015-09-21 17:32:45 +0200
commit	287419c119ef961db487a281162ab037eba70c61 (patch)
tree	e7f4c01e50b7b944b9d9d0ed8290ead8762da906 /src/core
parent	a1b7a5bbdd8da94e41b5e79be7a6e853ae910d2b (diff)