summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/core/main.c61
-rw-r--r--src/core/manager.c6
-rw-r--r--src/core/selinux-setup.c2
3 files changed, 54 insertions, 15 deletions
diff --git a/src/core/main.c b/src/core/main.c
index eb08f3f0b7..486602ec0a 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -1233,6 +1233,7 @@ int main(int argc, char *argv[]) {
bool empty_etc = false;
char *switch_root_dir = NULL, *switch_root_init = NULL;
static struct rlimit saved_rlimit_nofile = { 0, 0 };
+ const char *error_message = NULL;
#ifdef HAVE_SYSV_COMPAT
if (getpid() != 1 && strstr(program_invocation_short_name, "init")) {
@@ -1291,17 +1292,23 @@ int main(int argc, char *argv[]) {
if (!skip_setup) {
mount_setup_early();
dual_timestamp_get(&security_start_timestamp);
- if (mac_selinux_setup(&loaded_policy) < 0)
+ if (mac_selinux_setup(&loaded_policy) < 0) {
+ error_message = "Failed to load SELinux policy";
goto finish;
- if (ima_setup() < 0)
+ } else if (ima_setup() < 0) {
+ error_message = "Failed to load IMA policy";
goto finish;
- if (mac_smack_setup(&loaded_policy) < 0)
+ } else if (mac_smack_setup(&loaded_policy) < 0) {
+ error_message = "Failed to load SMACK policy";
goto finish;
+ }
dual_timestamp_get(&security_finish_timestamp);
}
- if (mac_selinux_init(NULL) < 0)
+ if (mac_selinux_init(NULL) < 0) {
+ error_message = "Failed to initialize SELinux policy";
goto finish;
+ }
if (!skip_setup) {
if (clock_is_localtime() > 0) {
@@ -1377,12 +1384,15 @@ int main(int argc, char *argv[]) {
r = set_default_unit(SPECIAL_DEFAULT_TARGET);
if (r < 0) {
log_emergency("Failed to set default unit %s: %s", SPECIAL_DEFAULT_TARGET, strerror(-r));
+ error_message = "Failed to set default unit";
goto finish;
}
r = initialize_join_controllers();
- if (r < 0)
+ if (r < 0) {
+ error_message = "Failed to initalize cgroup controllers";
goto finish;
+ }
/* Mount /proc, /sys and friends, so that /proc/cmdline and
* /proc/$PID/fd is available. */
@@ -1393,8 +1403,10 @@ int main(int argc, char *argv[]) {
kmod_setup();
r = mount_setup(loaded_policy);
- if (r < 0)
+ if (r < 0) {
+ error_message = "Failed to mount API filesystems";
goto finish;
+ }
}
/* Reset all signal handlers. */
@@ -1402,8 +1414,10 @@ int main(int argc, char *argv[]) {
ignore_signals(SIGNALS_IGNORE, -1);
- if (parse_config_file() < 0)
+ if (parse_config_file() < 0) {
+ error_message = "Failed to parse config file";
goto finish;
+ }
if (arg_running_as == SYSTEMD_SYSTEM) {
r = parse_proc_cmdline(parse_proc_cmdline_item);
@@ -1415,8 +1429,10 @@ int main(int argc, char *argv[]) {
* line, including "debug". */
log_parse_environment();
- if (parse_argv(argc, argv) < 0)
+ if (parse_argv(argc, argv) < 0) {
+ error_message = "Failed to parse commandline arguments";
goto finish;
+ }
if (arg_action == ACTION_TEST &&
geteuid() == 0) {
@@ -1473,6 +1489,7 @@ int main(int argc, char *argv[]) {
r = fdset_new_fill(&fds);
if (r < 0) {
log_emergency("Failed to allocate fd set: %s", strerror(-r));
+ error_message = "Failed to allocate fd set";
goto finish;
} else
fdset_cloexec(fds, true);
@@ -1575,19 +1592,23 @@ int main(int argc, char *argv[]) {
r = capability_bounding_set_drop_usermode(arg_capability_bounding_set_drop);
if (r < 0) {
log_emergency("Failed to drop capability bounding set of usermode helpers: %s", strerror(-r));
+ error_message = "Failed to drop capability bounding set of usermode helpers";
goto finish;
}
r = capability_bounding_set_drop(arg_capability_bounding_set_drop, true);
if (r < 0) {
log_emergency("Failed to drop capability bounding set: %s", strerror(-r));
+ error_message = "Failed to drop capability bounding set";
goto finish;
}
}
if (arg_syscall_archs) {
r = enforce_syscall_archs(arg_syscall_archs);
- if (r < 0)
+ if (r < 0) {
+ error_message = "Failed to set syscall architectures";
goto finish;
+ }
}
if (arg_running_as == SYSTEMD_USER) {
@@ -1614,6 +1635,7 @@ int main(int argc, char *argv[]) {
r = manager_new(arg_running_as, arg_action == ACTION_TEST, &m);
if (r < 0) {
log_emergency("Failed to allocate manager object: %s", strerror(-r));
+ error_message = "Failed to allocate manager object";
goto finish;
}
@@ -1683,12 +1705,15 @@ int main(int argc, char *argv[]) {
r = manager_load_unit(m, SPECIAL_RESCUE_TARGET, NULL, &error, &target);
if (r < 0) {
log_emergency("Failed to load rescue target: %s", bus_error_message(&error, r));
+ error_message = "Failed to load rescue target";
goto finish;
} else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND) {
log_emergency("Failed to load rescue target: %s", strerror(-target->load_error));
+ error_message = "Failed to load rescue target";
goto finish;
} else if (target->load_state == UNIT_MASKED) {
log_emergency("Rescue target masked.");
+ error_message = "Rescue target masked";
goto finish;
}
}
@@ -1707,10 +1732,12 @@ int main(int argc, char *argv[]) {
r = manager_add_job(m, JOB_START, target, JOB_REPLACE, false, &error, &default_unit_job);
if (r < 0) {
log_emergency("Failed to start default target: %s", bus_error_message(&error, r));
+ error_message = "Failed to start default target";
goto finish;
}
} else if (r < 0) {
log_emergency("Failed to isolate default target: %s", bus_error_message(&error, r));
+ error_message = "Failed to isolate default target";
goto finish;
}
@@ -1733,6 +1760,7 @@ int main(int argc, char *argv[]) {
r = manager_loop(m);
if (r < 0) {
log_emergency("Failed to run main loop: %s", strerror(-r));
+ error_message = "Failed to run main loop";
goto finish;
}
@@ -1752,8 +1780,10 @@ int main(int argc, char *argv[]) {
case MANAGER_REEXECUTE:
- if (prepare_reexecute(m, &arg_serialization, &fds, false) < 0)
+ if (prepare_reexecute(m, &arg_serialization, &fds, false) < 0) {
+ error_message = "Failed to prepare for reexection";
goto finish;
+ }
reexecute = true;
log_notice("Reexecuting.");
@@ -1766,8 +1796,10 @@ int main(int argc, char *argv[]) {
m->switch_root = m->switch_root_init = NULL;
if (!switch_root_init)
- if (prepare_reexecute(m, &arg_serialization, &fds, true) < 0)
+ if (prepare_reexecute(m, &arg_serialization, &fds, true) < 0) {
+ error_message = "Failed to prepare for reexection";
goto finish;
+ }
reexecute = true;
log_notice("Switching root.");
@@ -2012,8 +2044,13 @@ finish:
getpid() == 1 ? "freezing" : "quitting");
}
- if (getpid() == 1)
+ if (getpid() == 1) {
+ if (error_message)
+ manager_status_printf(NULL, STATUS_TYPE_EMERGENCY,
+ ANSI_HIGHLIGHT_RED_ON "!!!!!!" ANSI_HIGHLIGHT_OFF,
+ "%s, freezing.", error_message);
freeze();
+ }
return retval;
}
diff --git a/src/core/manager.c b/src/core/manager.c
index 4c3264b373..d5d6486cc7 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -2956,12 +2956,14 @@ void manager_set_first_boot(Manager *m, bool b) {
void manager_status_printf(Manager *m, StatusType type, const char *status, const char *format, ...) {
va_list ap;
- if (!manager_get_show_status(m, type))
+ /* If m is NULL, assume we're after shutdown and let the messages through. */
+
+ if (m && !manager_get_show_status(m, type))
return;
/* XXX We should totally drop the check for ephemeral here
* and thus effectively make 'Type=idle' pointless. */
- if (type == STATUS_TYPE_EPHEMERAL && m->n_on_console > 0)
+ if (type == STATUS_TYPE_EPHEMERAL && m && m->n_on_console > 0)
return;
va_start(ap, format);
diff --git a/src/core/selinux-setup.c b/src/core/selinux-setup.c
index 7653cccac3..fba915d7da 100644
--- a/src/core/selinux-setup.c
+++ b/src/core/selinux-setup.c
@@ -113,7 +113,7 @@ int mac_selinux_setup(bool *loaded_policy) {
if (enforce > 0) {
if (!initialized) {
- log_emergency("Failed to load SELinux policy. Freezing.");
+ log_emergency("Failed to load SELinux policy.");
return -EIO;
}