picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge pull request #7631 from cgwalters/systemctl-offline

Browse source 
systemctl,verbs: Introduce SYSTEMCTL_OFFLINE environment variable
This commit is contained in:
Lennart Poettering 2017-12-15 10:29:21 +01:00 committed by GitHub
parent de68b6a796 c56d1e2c1b
commit b794712a1c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 140 additions and 82 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
ENVIRONMENT.md
View file

@ -13,10 +13,21 @@ documented in the proper man pages.
All tools:
* `$SYSTEMD_OFFLINE=[0|1]` — if set to `1`, then `systemctl` will
refrain from talking to PID 1; this has the same effect as the historical
detection of `chroot()`. Setting this variable to `0` instead has a similar
effect as `SYSTEMD_IGNORE_CHROOT=1`; i.e. tools will try to
communicate with PID 1 even if a `chroot()` environment is detected.
You almost certainly want to set this to `1` if you maintain a package build system
or similar and are trying to use a modern container system and not plain
`chroot()`.
* `$SYSTEMD_IGNORE_CHROOT=1` — if set, don't check whether being invoked in a
chroot() environment. This is particularly relevant for systemctl, as it will
not alter its behaviour for chroot() environments if set. (Normally it
refrains from talking to PID 1 in such a case.)
`chroot()` environment. This is particularly relevant for systemctl, as it
will not alter its behaviour for `chroot()` environments if set. Normally it
refrains from talking to PID 1 in such a case; turning most operations such
as `start` into no-ops. If that's what's explicitly desired, you might
consider setting `SYSTEMD_OFFLINE=1`.
* `$SD_EVENT_PROFILE_DELAYS=1` — if set, the sd-event event loop implementation
will print latency information at runtime.

51
src/basic/verbs.c
View file

@ -23,12 +23,54 @@
#include <stdbool.h>
#include <stddef.h>
#include "env-util.h"
#include "log.h"
#include "macro.h"
#include "string-util.h"
#include "verbs.h"
#include "virt.h"
/* Wraps running_in_chroot() which is used in various places,
* but also adds an environment variable check so external processes
* can reliably force this on.
*/
bool running_in_chroot_or_offline(void) {
int r;
/* Added to support use cases like rpm-ostree, where from %post
* scripts we only want to execute "preset", but not "start"/"restart"
* for example.
*
* See ENVIRONMENT.md for docs.
*/
r = getenv_bool("SYSTEMD_OFFLINE");
if (r < 0)
log_debug_errno(r, "Parsing SYSTEMD_OFFLINE: %m");
else if (r == 0)
return false;
else
return true;
/* We've had this condition check for a long time which basically
* checks for legacy chroot case like Fedora's
* "mock", which is used for package builds. We don't want
* to try to start systemd services there, since without --new-chroot
* we don't even have systemd running, and even if we did, adding
* a concept of background daemons to builds would be an enormous change,
* requiring considering things like how the journal output is handled, etc.
* And there's really not a use case today for a build talking to a service.
*
* Note this call itself also looks for a different variable SYSTEMD_IGNORE_CHROOT=1.
*/
r = running_in_chroot();
if (r < 0)
log_debug_errno(r, "running_in_chroot(): %m");
else if (r > 0)
return true;
return false;
}
int dispatch_verb(int argc, char *argv[], const Verb verbs[], void *userdata) {
const Verb *verb;
const char *name;
@ -84,12 +126,15 @@ int dispatch_verb(int argc, char *argv[], const Verb verbs[], void *userdata) {
return -EINVAL;
}
if ((verb->flags & VERB_NOCHROOT) && running_in_chroot() > 0) {
log_info("Running in chroot, ignoring request.");
if ((verb->flags & VERB_ONLINE_ONLY) && running_in_chroot_or_offline()) {
if (name)
log_info("Running in chroot, ignoring request: %s", name);
else
log_info("Running in chroot, ignoring request.");
return 0;
}
if (verb->flags & VERB_MUSTBEROOT) {
if (verb->flags & VERB_MUST_BE_ROOT) {
r = must_be_root();
if (r < 0)
return r;

8
src/basic/verbs.h
View file

@ -23,9 +23,9 @@
#define VERB_ANY ((unsigned) -1)
typedef enum VerbFlags {
VERB_DEFAULT = 1 << 0,
VERB_NOCHROOT = 1 << 1,
VERB_MUSTBEROOT = 1 << 2,
VERB_DEFAULT = 1 << 0,
VERB_ONLINE_ONLY = 1 << 1,
VERB_MUST_BE_ROOT = 1 << 2,
} VerbFlags;
typedef struct {
@ -35,4 +35,6 @@ typedef struct {
int (* const dispatch)(int argc, char *argv[], void *userdata);
} Verb;
bool running_in_chroot_or_offline(void);
int dispatch_verb(int argc, char *argv[], const Verb verbs[], void *userdata);

12
src/boot/bootctl.c
View file

@ -1139,12 +1139,12 @@ static int verb_remove(int argc, char *argv[], void *userdata) {
static int bootctl_main(int argc, char *argv[]) {
static const Verb verbs[] = {
{ "help", VERB_ANY, VERB_ANY, 0, help },
{ "status", VERB_ANY, 1, VERB_DEFAULT, verb_status },
{ "list", VERB_ANY, 1, 0, verb_list },
{ "install", VERB_ANY, 1, VERB_MUSTBEROOT, verb_install },
{ "update", VERB_ANY, 1, VERB_MUSTBEROOT, verb_install },
{ "remove", VERB_ANY, 1, VERB_MUSTBEROOT, verb_remove },
{ "help", VERB_ANY, VERB_ANY, 0, help },
{ "status", VERB_ANY, 1, VERB_DEFAULT, verb_status },
{ "list", VERB_ANY, 1, 0, verb_list },
{ "install", VERB_ANY, 1, VERB_MUST_BE_ROOT, verb_install },
{ "update", VERB_ANY, 1, VERB_MUST_BE_ROOT, verb_install },
{ "remove", VERB_ANY, 1, VERB_MUST_BE_ROOT, verb_remove },
{}
};

134
src/systemctl/systemctl.c
View file

@ -332,7 +332,7 @@ static bool install_client_side(void) {
/* Decides when to execute enable/disable/... operations
* client-side rather than server-side. */
if (running_in_chroot() > 0)
if (running_in_chroot_or_offline())
return true;
if (sd_booted() <= 0)
@ -8401,72 +8401,72 @@ static int talk_initctl(void) {
static int systemctl_main(int argc, char *argv[]) {
static const Verb verbs[] = {
{ "list-units", VERB_ANY, VERB_ANY, VERB_DEFAULT|VERB_NOCHROOT, list_units },
{ "list-unit-files", VERB_ANY, VERB_ANY, 0, list_unit_files },
{ "list-sockets", VERB_ANY, VERB_ANY, VERB_NOCHROOT, list_sockets },
{ "list-timers", VERB_ANY, VERB_ANY, VERB_NOCHROOT, list_timers },
{ "list-jobs", VERB_ANY, VERB_ANY, VERB_NOCHROOT, list_jobs },
{ "list-machines", VERB_ANY, VERB_ANY, VERB_NOCHROOT|VERB_MUSTBEROOT, list_machines },
{ "clear-jobs", VERB_ANY, 1, VERB_NOCHROOT, trivial_method },
{ "cancel", VERB_ANY, VERB_ANY, VERB_NOCHROOT, cancel_job },
{ "start", 2, VERB_ANY, VERB_NOCHROOT, start_unit },
{ "stop", 2, VERB_ANY, VERB_NOCHROOT, start_unit },
{ "condstop", 2, VERB_ANY, VERB_NOCHROOT, start_unit }, /* For compatibility with ALTLinux */
{ "reload", 2, VERB_ANY, VERB_NOCHROOT, start_unit },
{ "restart", 2, VERB_ANY, VERB_NOCHROOT, start_unit },
{ "try-restart", 2, VERB_ANY, VERB_NOCHROOT, start_unit },
{ "reload-or-restart", 2, VERB_ANY, VERB_NOCHROOT, start_unit },
{ "reload-or-try-restart", 2, VERB_ANY, VERB_NOCHROOT, start_unit }, /* For compatbility with old systemctl <= 228 */
{ "try-reload-or-restart", 2, VERB_ANY, VERB_NOCHROOT, start_unit },
{ "force-reload", 2, VERB_ANY, VERB_NOCHROOT, start_unit }, /* For compatibility with SysV */
{ "condreload", 2, VERB_ANY, VERB_NOCHROOT, start_unit }, /* For compatibility with ALTLinux */
{ "condrestart", 2, VERB_ANY, VERB_NOCHROOT, start_unit }, /* For compatibility with RH */
{ "isolate", 2, 2, VERB_NOCHROOT, start_unit },
{ "kill", 2, VERB_ANY, VERB_NOCHROOT, kill_unit },
{ "is-active", 2, VERB_ANY, VERB_NOCHROOT, check_unit_active },
{ "check", 2, VERB_ANY, VERB_NOCHROOT, check_unit_active },
{ "is-failed", 2, VERB_ANY, VERB_NOCHROOT, check_unit_failed },
{ "show", VERB_ANY, VERB_ANY, VERB_NOCHROOT, show },
{ "cat", 2, VERB_ANY, VERB_NOCHROOT, cat },
{ "status", VERB_ANY, VERB_ANY, VERB_NOCHROOT, show },
{ "help", VERB_ANY, VERB_ANY, VERB_NOCHROOT, show },
{ "daemon-reload", VERB_ANY, 1, VERB_NOCHROOT, daemon_reload },
{ "daemon-reexec", VERB_ANY, 1, VERB_NOCHROOT, daemon_reload },
{ "show-environment", VERB_ANY, 1, VERB_NOCHROOT, show_environment },
{ "set-environment", 2, VERB_ANY, VERB_NOCHROOT, set_environment },
{ "unset-environment", 2, VERB_ANY, VERB_NOCHROOT, set_environment },
{ "import-environment", VERB_ANY, VERB_ANY, VERB_NOCHROOT, import_environment },
{ "halt", VERB_ANY, 1, VERB_NOCHROOT, start_system_special },
{ "poweroff", VERB_ANY, 1, VERB_NOCHROOT, start_system_special },
{ "reboot", VERB_ANY, 2, VERB_NOCHROOT, start_system_special },
{ "kexec", VERB_ANY, 1, VERB_NOCHROOT, start_system_special },
{ "suspend", VERB_ANY, 1, VERB_NOCHROOT, start_system_special },
{ "hibernate", VERB_ANY, 1, VERB_NOCHROOT, start_system_special },
{ "hybrid-sleep", VERB_ANY, 1, VERB_NOCHROOT, start_system_special },
{ "default", VERB_ANY, 1, VERB_NOCHROOT, start_special },
{ "rescue", VERB_ANY, 1, VERB_NOCHROOT, start_system_special },
{ "emergency", VERB_ANY, 1, VERB_NOCHROOT, start_system_special },
{ "exit", VERB_ANY, 2, VERB_NOCHROOT, start_special },
{ "reset-failed", VERB_ANY, VERB_ANY, VERB_NOCHROOT, reset_failed },
{ "enable", 2, VERB_ANY, 0, enable_unit },
{ "disable", 2, VERB_ANY, 0, enable_unit },
{ "is-enabled", 2, VERB_ANY, 0, unit_is_enabled },
{ "reenable", 2, VERB_ANY, 0, enable_unit },
{ "preset", 2, VERB_ANY, 0, enable_unit },
{ "preset-all", VERB_ANY, 1, 0, preset_all },
{ "mask", 2, VERB_ANY, 0, enable_unit },
{ "unmask", 2, VERB_ANY, 0, enable_unit },
{ "link", 2, VERB_ANY, 0, enable_unit },
{ "revert", 2, VERB_ANY, 0, enable_unit },
{ "switch-root", 2, VERB_ANY, VERB_NOCHROOT, switch_root },
{ "list-dependencies", VERB_ANY, 2, VERB_NOCHROOT, list_dependencies },
{ "set-default", 2, 2, 0, set_default },
{ "get-default", VERB_ANY, 1, 0, get_default },
{ "set-property", 3, VERB_ANY, VERB_NOCHROOT, set_property },
{ "is-system-running", VERB_ANY, 1, 0, is_system_running },
{ "add-wants", 3, VERB_ANY, 0, add_dependency },
{ "add-requires", 3, VERB_ANY, 0, add_dependency },
{ "edit", 2, VERB_ANY, VERB_NOCHROOT, edit },
{ "list-units", VERB_ANY, VERB_ANY, VERB_DEFAULT|VERB_ONLINE_ONLY, list_units },
{ "list-unit-files", VERB_ANY, VERB_ANY, 0, list_unit_files },
{ "list-sockets", VERB_ANY, VERB_ANY, VERB_ONLINE_ONLY, list_sockets },
{ "list-timers", VERB_ANY, VERB_ANY, VERB_ONLINE_ONLY, list_timers },
{ "list-jobs", VERB_ANY, VERB_ANY, VERB_ONLINE_ONLY, list_jobs },
{ "list-machines", VERB_ANY, VERB_ANY, VERB_ONLINE_ONLY|VERB_MUST_BE_ROOT, list_machines },
{ "clear-jobs", VERB_ANY, 1, VERB_ONLINE_ONLY, trivial_method },
{ "cancel", VERB_ANY, VERB_ANY, VERB_ONLINE_ONLY, cancel_job },
{ "start", 2, VERB_ANY, VERB_ONLINE_ONLY, start_unit },
{ "stop", 2, VERB_ANY, VERB_ONLINE_ONLY, start_unit },
{ "condstop", 2, VERB_ANY, VERB_ONLINE_ONLY, start_unit }, /* For compatibility with ALTLinux */
{ "reload", 2, VERB_ANY, VERB_ONLINE_ONLY, start_unit },
{ "restart", 2, VERB_ANY, VERB_ONLINE_ONLY, start_unit },
{ "try-restart", 2, VERB_ANY, VERB_ONLINE_ONLY, start_unit },
{ "reload-or-restart", 2, VERB_ANY, VERB_ONLINE_ONLY, start_unit },
{ "reload-or-try-restart", 2, VERB_ANY, VERB_ONLINE_ONLY, start_unit }, /* For compatbility with old systemctl <= 228 */
{ "try-reload-or-restart", 2, VERB_ANY, VERB_ONLINE_ONLY, start_unit },
{ "force-reload", 2, VERB_ANY, VERB_ONLINE_ONLY, start_unit }, /* For compatibility with SysV */
{ "condreload", 2, VERB_ANY, VERB_ONLINE_ONLY, start_unit }, /* For compatibility with ALTLinux */
{ "condrestart", 2, VERB_ANY, VERB_ONLINE_ONLY, start_unit }, /* For compatibility with RH */
{ "isolate", 2, 2, VERB_ONLINE_ONLY, start_unit },
{ "kill", 2, VERB_ANY, VERB_ONLINE_ONLY, kill_unit },
{ "is-active", 2, VERB_ANY, VERB_ONLINE_ONLY, check_unit_active },
{ "check", 2, VERB_ANY, VERB_ONLINE_ONLY, check_unit_active },
{ "is-failed", 2, VERB_ANY, VERB_ONLINE_ONLY, check_unit_failed },
{ "show", VERB_ANY, VERB_ANY, VERB_ONLINE_ONLY, show },
{ "cat", 2, VERB_ANY, VERB_ONLINE_ONLY, cat },
{ "status", VERB_ANY, VERB_ANY, VERB_ONLINE_ONLY, show },
{ "help", VERB_ANY, VERB_ANY, VERB_ONLINE_ONLY, show },
{ "daemon-reload", VERB_ANY, 1, VERB_ONLINE_ONLY, daemon_reload },
{ "daemon-reexec", VERB_ANY, 1, VERB_ONLINE_ONLY, daemon_reload },
{ "show-environment", VERB_ANY, 1, VERB_ONLINE_ONLY, show_environment },
{ "set-environment", 2, VERB_ANY, VERB_ONLINE_ONLY, set_environment },
{ "unset-environment", 2, VERB_ANY, VERB_ONLINE_ONLY, set_environment },
{ "import-environment", VERB_ANY, VERB_ANY, VERB_ONLINE_ONLY, import_environment },
{ "halt", VERB_ANY, 1, VERB_ONLINE_ONLY, start_system_special },
{ "poweroff", VERB_ANY, 1, VERB_ONLINE_ONLY, start_system_special },
{ "reboot", VERB_ANY, 2, VERB_ONLINE_ONLY, start_system_special },
{ "kexec", VERB_ANY, 1, VERB_ONLINE_ONLY, start_system_special },
{ "suspend", VERB_ANY, 1, VERB_ONLINE_ONLY, start_system_special },
{ "hibernate", VERB_ANY, 1, VERB_ONLINE_ONLY, start_system_special },
{ "hybrid-sleep", VERB_ANY, 1, VERB_ONLINE_ONLY, start_system_special },
{ "default", VERB_ANY, 1, VERB_ONLINE_ONLY, start_special },
{ "rescue", VERB_ANY, 1, VERB_ONLINE_ONLY, start_system_special },
{ "emergency", VERB_ANY, 1, VERB_ONLINE_ONLY, start_system_special },
{ "exit", VERB_ANY, 2, VERB_ONLINE_ONLY, start_special },
{ "reset-failed", VERB_ANY, VERB_ANY, VERB_ONLINE_ONLY, reset_failed },
{ "enable", 2, VERB_ANY, 0, enable_unit },
{ "disable", 2, VERB_ANY, 0, enable_unit },
{ "is-enabled", 2, VERB_ANY, 0, unit_is_enabled },
{ "reenable", 2, VERB_ANY, 0, enable_unit },
{ "preset", 2, VERB_ANY, 0, enable_unit },
{ "preset-all", VERB_ANY, 1, 0, preset_all },
{ "mask", 2, VERB_ANY, 0, enable_unit },
{ "unmask", 2, VERB_ANY, 0, enable_unit },
{ "link", 2, VERB_ANY, 0, enable_unit },
{ "revert", 2, VERB_ANY, 0, enable_unit },
{ "switch-root", 2, VERB_ANY, VERB_ONLINE_ONLY, switch_root },
{ "list-dependencies", VERB_ANY, 2, VERB_ONLINE_ONLY, list_dependencies },
{ "set-default", 2, 2, 0, set_default },
{ "get-default", VERB_ANY, 1, 0, get_default },
{ "set-property", 3, VERB_ANY, VERB_ONLINE_ONLY, set_property },
{ "is-system-running", VERB_ANY, 1, 0, is_system_running },
{ "add-wants", 3, VERB_ANY, 0, add_dependency },
{ "add-requires", 3, VERB_ANY, 0, add_dependency },
{ "edit", 2, VERB_ANY, VERB_ONLINE_ONLY, edit },
{}
};