freebsd-nq/sbin/reboot/reboot.c
Bruce M Simpson d8f7093860 Block a variety of signals which may afffect reboot(8), before killing
init(8), to avoid losing a race to them and dying before being able
to call reboot(2).

PR:		bin/64664
Submitted by:	maxim
Obtained from:	NetBSD
MFC after:	30 days
2006-08-02 13:05:38 +00:00

241 lines
5.9 KiB
C

/*
* Copyright (c) 1980, 1986, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#if 0
#ifndef lint
static const char copyright[] =
"@(#) Copyright (c) 1980, 1986, 1993\n\
The Regents of the University of California. All rights reserved.\n";
#endif /* not lint */
#ifndef lint
static char sccsid[] = "@(#)reboot.c 8.1 (Berkeley) 6/5/93";
#endif /* not lint */
#endif
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
#include <sys/reboot.h>
#include <sys/types.h>
#include <sys/sysctl.h>
#include <signal.h>
#include <err.h>
#include <errno.h>
#include <fcntl.h>
#include <libutil.h>
#include <pwd.h>
#include <syslog.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
static void usage(void);
static u_int get_pageins(void);
int dohalt;
int
main(int argc, char *argv[])
{
const struct passwd *pw;
int ch, howto, i, fd, lflag, nflag, qflag, pflag, sverrno;
u_int pageins;
const char *p, *user, *kernel = NULL;
if (strstr((p = rindex(*argv, '/')) ? p + 1 : *argv, "halt")) {
dohalt = 1;
howto = RB_HALT;
} else
howto = 0;
lflag = nflag = qflag = 0;
while ((ch = getopt(argc, argv, "dk:lnpq")) != -1)
switch(ch) {
case 'd':
howto |= RB_DUMP;
break;
case 'k':
kernel = optarg;
break;
case 'l':
lflag = 1;
break;
case 'n':
nflag = 1;
howto |= RB_NOSYNC;
break;
case 'p':
pflag = 1;
howto |= RB_POWEROFF;
break;
case 'q':
qflag = 1;
break;
case '?':
default:
usage();
}
argc -= optind;
argv += optind;
if ((howto & (RB_DUMP | RB_HALT)) == (RB_DUMP | RB_HALT))
errx(1, "cannot dump (-d) when halting; must reboot instead");
if (geteuid()) {
errno = EPERM;
err(1, NULL);
}
if (qflag) {
reboot(howto);
err(1, NULL);
}
if (kernel != NULL) {
fd = open("/boot/nextboot.conf", O_WRONLY | O_CREAT | O_TRUNC,
0444);
if (fd > -1) {
(void)write(fd, "nextboot_enable=\"YES\"\n", 22);
(void)write(fd, "kernel=\"", 8L);
(void)write(fd, kernel, strlen(kernel));
(void)write(fd, "\"\n", 2);
close(fd);
}
}
/* Log the reboot. */
if (!lflag) {
if ((user = getlogin()) == NULL)
user = (pw = getpwuid(getuid())) ?
pw->pw_name : "???";
if (dohalt) {
openlog("halt", 0, LOG_AUTH | LOG_CONS);
syslog(LOG_CRIT, "halted by %s", user);
} else {
openlog("reboot", 0, LOG_AUTH | LOG_CONS);
syslog(LOG_CRIT, "rebooted by %s", user);
}
}
logwtmp("~", "shutdown", "");
/*
* Do a sync early on, so disks start transfers while we're off
* killing processes. Don't worry about writes done before the
* processes die, the reboot system call syncs the disks.
*/
if (!nflag)
sync();
/*
* Ignore signals that we can get as a result of killing
* parents, group leaders, etc.
*/
(void)signal(SIGHUP, SIG_IGN);
(void)signal(SIGINT, SIG_IGN);
(void)signal(SIGQUIT, SIG_IGN);
(void)signal(SIGTERM, SIG_IGN);
(void)signal(SIGTSTP, SIG_IGN);
/*
* If we're running in a pipeline, we don't want to die
* after killing whatever we're writing to.
*/
(void)signal(SIGPIPE, SIG_IGN);
/* Just stop init -- if we fail, we'll restart it. */
if (kill(1, SIGTSTP) == -1)
err(1, "SIGTSTP init");
/* Send a SIGTERM first, a chance to save the buffers. */
if (kill(-1, SIGTERM) == -1 && errno != ESRCH)
err(1, "SIGTERM processes");
/*
* After the processes receive the signal, start the rest of the
* buffers on their way. Wait 5 seconds between the SIGTERM and
* the SIGKILL to give everybody a chance. If there is a lot of
* paging activity then wait longer, up to a maximum of approx
* 60 seconds.
*/
sleep(2);
for (i = 0; i < 20; i++) {
pageins = get_pageins();
if (!nflag)
sync();
sleep(3);
if (get_pageins() == pageins)
break;
}
for (i = 1;; ++i) {
if (kill(-1, SIGKILL) == -1) {
if (errno == ESRCH)
break;
goto restart;
}
if (i > 5) {
(void)fprintf(stderr,
"WARNING: some process(es) wouldn't die\n");
break;
}
(void)sleep(2 * i);
}
reboot(howto);
/* FALLTHROUGH */
restart:
sverrno = errno;
errx(1, "%s%s", kill(1, SIGHUP) == -1 ? "(can't restart init): " : "",
strerror(sverrno));
/* NOTREACHED */
}
static void
usage()
{
(void)fprintf(stderr, "usage: %s [-%slnpq] [-k kernel]\n",
getprogname(), dohalt ? "" : "d");
exit(1);
}
static u_int
get_pageins()
{
u_int pageins;
size_t len;
len = sizeof(pageins);
if (sysctlbyname("vm.stats.vm.v_swappgsin", &pageins, &len, NULL, 0)
!= 0) {
warnx("v_swappgsin");
return (0);
}
return pageins;
}