1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */ 28 /* All Rights Reserved */ 29 30 /* 31 * University Copyright- Copyright (c) 1982, 1986, 1988 32 * The Regents of the University of California 33 * All Rights Reserved 34 * 35 * University Acknowledgment- Portions of this document are derived from 36 * software developed by the University of California, Berkeley, and its 37 * contributors. 38 */ 39 40 #pragma ident "%Z%%M% %I% %E% SMI" 41 42 /* 43 * Common code for halt(1M), poweroff(1M), and reboot(1M). We use 44 * argv[0] to determine which behavior to exhibit. 45 */ 46 47 #include <sys/stat.h> 48 #include <sys/types.h> 49 #include <sys/uadmin.h> 50 #include <alloca.h> 51 #include <assert.h> 52 #include <errno.h> 53 #include <fcntl.h> 54 #include <libgen.h> 55 #include <libscf.h> 56 #include <locale.h> 57 #include <libintl.h> 58 #include <syslog.h> 59 #include <signal.h> 60 #include <strings.h> 61 #include <unistd.h> 62 #include <stdlib.h> 63 #include <stdio.h> 64 #include <strings.h> 65 #include <time.h> 66 #include <utmpx.h> 67 #include <pwd.h> 68 #include <zone.h> 69 #if !defined(TEXT_DOMAIN) 70 #define TEXT_DOMAIN "SYS_TEST" 71 #endif 72 73 extern int audit_halt_setup(int, char **); 74 extern int audit_halt_success(void); 75 extern int audit_halt_fail(void); 76 77 extern int audit_reboot_setup(void); 78 extern int audit_reboot_success(void); 79 extern int audit_reboot_fail(void); 80 81 typedef struct ctidlist_struct { 82 ctid_t ctid; 83 struct ctidlist_struct *next; 84 } ctidlist_t; 85 86 static ctidlist_t *ctidlist = NULL; 87 static ctid_t startdct = -1; 88 89 #define FMRI_STARTD_CONTRACT \ 90 "svc:/system/svc/restarter:default/:properties/restarter/contract" 91 92 static void 93 stop_startd() 94 { 95 ctid_t ctid; 96 97 scf_handle_t *h; 98 scf_property_t *prop = NULL; 99 scf_value_t *val = NULL; 100 uint64_t uint64; 101 int ret; 102 103 h = scf_handle_create(SCF_VERSION); 104 if (h == NULL) 105 return; 106 107 ret = scf_handle_bind(h); 108 if (ret) { 109 scf_handle_destroy(h); 110 return; 111 } 112 113 prop = scf_property_create(h); 114 val = scf_value_create(h); 115 116 if (!(prop && val)) 117 goto out; 118 119 ret = scf_handle_decode_fmri(h, FMRI_STARTD_CONTRACT, 120 NULL, NULL, NULL, NULL, prop, SCF_DECODE_FMRI_EXACT); 121 if (ret) 122 goto out; 123 124 ret = scf_property_is_type(prop, SCF_TYPE_COUNT); 125 if (ret) 126 goto out; 127 128 ret = scf_property_get_value(prop, val); 129 if (ret) 130 goto out; 131 132 ret = scf_value_get_count(val, &uint64); 133 if (ret) 134 goto out; 135 136 ctid = (ctid_t)uint64; 137 startdct = ctid; 138 (void) sigsend(P_CTID, ctid, SIGSTOP); 139 140 out: 141 if (prop) 142 scf_property_destroy(prop); 143 if (val) 144 scf_value_destroy(val); 145 146 (void) scf_handle_unbind(h); 147 scf_handle_destroy(h); 148 } 149 150 static void 151 continue_startd() 152 { 153 if (startdct != -1) 154 (void) sigsend(P_CTID, startdct, SIGCONT); 155 } 156 157 #define FMRI_RESTARTER_PROP "/:properties/general/restarter" 158 #define FMRI_CONTRACT_PROP "/:properties/restarter/contract" 159 160 static int 161 save_ctid(ctid_t ctid) 162 { 163 ctidlist_t *next; 164 165 for (next = ctidlist; next != NULL; next = next->next) 166 if (next->ctid == ctid) 167 return (-1); 168 169 next = (ctidlist_t *)malloc(sizeof (ctidlist_t)); 170 if (next == NULL) 171 return (-1); 172 173 next->ctid = ctid; 174 next->next = ctidlist; 175 ctidlist = next; 176 return (0); 177 } 178 179 static void 180 stop_delegates() 181 { 182 ctid_t ctid; 183 scf_handle_t *h; 184 scf_scope_t *sc = NULL; 185 scf_service_t *svc = NULL; 186 scf_instance_t *inst = NULL; 187 scf_snapshot_t *snap = NULL; 188 scf_snapshot_t *isnap = NULL; 189 scf_propertygroup_t *pg = NULL; 190 scf_property_t *prop = NULL; 191 scf_value_t *val = NULL; 192 scf_iter_t *siter = NULL; 193 scf_iter_t *iiter = NULL; 194 char *fmri; 195 ssize_t length; 196 197 uint64_t uint64; 198 ssize_t bytes; 199 int ret; 200 201 length = scf_limit(SCF_LIMIT_MAX_FMRI_LENGTH); 202 if (length <= 0) 203 return; 204 205 length++; 206 fmri = alloca(length * sizeof (char)); 207 208 h = scf_handle_create(SCF_VERSION); 209 if (!h) 210 return; 211 212 ret = scf_handle_bind(h); 213 if (ret) { 214 scf_handle_destroy(h); 215 return; 216 } 217 218 sc = scf_scope_create(h); 219 svc = scf_service_create(h); 220 inst = scf_instance_create(h); 221 snap = scf_snapshot_create(h); 222 pg = scf_pg_create(h); 223 prop = scf_property_create(h); 224 val = scf_value_create(h); 225 siter = scf_iter_create(h); 226 iiter = scf_iter_create(h); 227 228 if (!(sc && svc && inst && snap && 229 pg && prop && val && siter && iiter)) 230 goto out; 231 232 ret = scf_handle_get_scope(h, SCF_SCOPE_LOCAL, sc); 233 if (ret) 234 goto out; 235 236 ret = scf_iter_scope_services(siter, sc); 237 if (ret) 238 goto out; 239 240 while (scf_iter_next_service(siter, svc) == 1) { 241 242 ret = scf_iter_service_instances(iiter, svc); 243 if (ret) 244 continue; 245 246 while (scf_iter_next_instance(iiter, inst) == 1) { 247 248 ret = scf_instance_get_snapshot(inst, "running", snap); 249 if (ret) 250 isnap = NULL; 251 else 252 isnap = snap; 253 254 ret = scf_instance_get_pg_composed(inst, isnap, 255 SCF_PG_GENERAL, pg); 256 if (ret) 257 continue; 258 259 ret = scf_pg_get_property(pg, "restarter", prop); 260 if (ret) 261 continue; 262 263 ret = scf_property_is_type(prop, SCF_TYPE_ASTRING); 264 if (ret) 265 continue; 266 267 ret = scf_property_get_value(prop, val); 268 if (ret) 269 continue; 270 271 bytes = scf_value_get_astring(val, fmri, length); 272 if (bytes <= 0 || bytes >= length) 273 continue; 274 275 if (strlcat(fmri, FMRI_CONTRACT_PROP, length) >= 276 length) 277 continue; 278 279 ret = scf_handle_decode_fmri(h, fmri, NULL, NULL, 280 NULL, NULL, prop, SCF_DECODE_FMRI_EXACT); 281 if (ret) 282 continue; 283 284 ret = scf_property_is_type(prop, SCF_TYPE_COUNT); 285 if (ret) 286 continue; 287 288 ret = scf_property_get_value(prop, val); 289 if (ret) 290 continue; 291 292 ret = scf_value_get_count(val, &uint64); 293 if (ret) 294 continue; 295 296 ctid = (ctid_t)uint64; 297 if (save_ctid(ctid) == 0) { 298 (void) sigsend(P_CTID, ctid, SIGSTOP); 299 } 300 } 301 } 302 out: 303 if (sc) 304 scf_scope_destroy(sc); 305 if (svc) 306 scf_service_destroy(svc); 307 if (inst) 308 scf_instance_destroy(inst); 309 if (snap) 310 scf_snapshot_destroy(snap); 311 if (pg) 312 scf_pg_destroy(pg); 313 if (prop) 314 scf_property_destroy(prop); 315 if (val) 316 scf_value_destroy(val); 317 if (siter) 318 scf_iter_destroy(siter); 319 if (iiter) 320 scf_iter_destroy(iiter); 321 322 (void) scf_handle_unbind(h); 323 scf_handle_destroy(h); 324 } 325 326 static void 327 continue_delegates() 328 { 329 ctidlist_t *next; 330 for (next = ctidlist; next != NULL; next = next->next) 331 (void) sigsend(P_CTID, next->ctid, SIGCONT); 332 } 333 334 static void 335 stop_restarters() 336 { 337 stop_startd(); 338 stop_delegates(); 339 } 340 341 static void 342 continue_restarters() 343 { 344 continue_startd(); 345 continue_delegates(); 346 } 347 348 /* 349 * Copy an array of strings into buf, separated by spaces. Returns 0 on 350 * success. 351 */ 352 static int 353 gather_args(char **args, char *buf, size_t buf_sz) 354 { 355 if (strlcpy(buf, *args, buf_sz) >= buf_sz) 356 return (-1); 357 358 for (++args; *args != NULL; ++args) { 359 if (strlcat(buf, " ", buf_sz) >= buf_sz) 360 return (-1); 361 if (strlcat(buf, *args, buf_sz) >= buf_sz) 362 return (-1); 363 } 364 365 return (0); 366 } 367 368 int 369 main(int argc, char *argv[]) 370 { 371 char *cmdname = basename(argv[0]); 372 char *ttyn = ttyname(STDERR_FILENO); 373 374 int qflag = 0, needlog = 1, nosync = 0; 375 uintptr_t mdep = NULL; 376 int cmd, fcn, c, aval, r; 377 const char *usage; 378 zoneid_t zoneid = getzoneid(); 379 pid_t init_pid = 1; 380 381 char bootargs_buf[257]; /* uadmin()'s buffer is 257 bytes. */ 382 383 const char * const resetting = "/etc/svc/volatile/resetting"; 384 385 386 (void) setlocale(LC_ALL, ""); 387 (void) textdomain(TEXT_DOMAIN); 388 389 if (strcmp(cmdname, "halt") == 0) { 390 (void) audit_halt_setup(argc, argv); 391 usage = gettext("usage: %s [ -dlnqy ]\n"); 392 cmd = A_SHUTDOWN; 393 fcn = AD_HALT; 394 } else if (strcmp(cmdname, "poweroff") == 0) { 395 (void) audit_halt_setup(argc, argv); 396 usage = gettext("usage: %s [ -dlnqy ]\n"); 397 cmd = A_SHUTDOWN; 398 fcn = AD_POWEROFF; 399 } else if (strcmp(cmdname, "reboot") == 0) { 400 (void) audit_reboot_setup(); 401 usage = gettext("usage: %s [ -dlnq ] [ boot args ]\n"); 402 cmd = A_SHUTDOWN; 403 fcn = AD_BOOT; 404 } else { 405 (void) fprintf(stderr, 406 gettext("%s: not installed properly\n"), cmdname); 407 return (1); 408 } 409 410 while ((c = getopt(argc, argv, "dlnqy")) != EOF) { 411 switch (c) { 412 case 'd': 413 if (zoneid == GLOBAL_ZONEID) 414 cmd = A_DUMP; 415 else { 416 (void) fprintf(stderr, 417 gettext("%s: -d only valid from global" 418 " zone\n"), cmdname); 419 return (1); 420 } 421 break; 422 case 'l': 423 needlog = 0; 424 break; 425 case 'n': 426 nosync = 1; 427 break; 428 case 'q': 429 qflag = 1; 430 break; 431 case 'y': 432 ttyn = NULL; 433 break; 434 default: 435 /* 436 * TRANSLATION_NOTE 437 * Don't translate the words "halt" or "reboot" 438 */ 439 (void) fprintf(stderr, usage, cmdname); 440 return (1); 441 } 442 } 443 444 argc -= optind; 445 argv += optind; 446 447 if (argc != 0) { 448 if (fcn != AD_BOOT) { 449 (void) fprintf(stderr, usage, cmdname); 450 return (1); 451 } 452 453 /* Gather the arguments into bootargs_buf. */ 454 if (gather_args(argv, bootargs_buf, sizeof (bootargs_buf)) != 455 0) { 456 (void) fprintf(stderr, 457 gettext("%s: Boot arguments too long.\n"), cmdname); 458 return (1); 459 } 460 mdep = (uintptr_t)bootargs_buf; 461 } 462 463 if (geteuid() != 0) { 464 (void) fprintf(stderr, 465 gettext("%s: permission denied\n"), cmdname); 466 goto fail; 467 } 468 469 if (fcn != AD_BOOT && ttyn != NULL && 470 strncmp(ttyn, "/dev/term/", strlen("/dev/term/")) == 0) { 471 /* 472 * TRANSLATION_NOTE 473 * Don't translate ``halt -y'' 474 */ 475 (void) fprintf(stderr, 476 gettext("%s: dangerous on a dialup;"), cmdname); 477 (void) fprintf(stderr, 478 gettext("use ``%s -y'' if you are really sure\n"), cmdname); 479 goto fail; 480 } 481 482 if (needlog) { 483 char *user = getlogin(); 484 struct passwd *pw; 485 486 openlog(cmdname, 0, LOG_AUTH); 487 if (user == NULL && (pw = getpwuid(getuid())) != NULL) 488 user = pw->pw_name; 489 if (user == NULL) 490 user = "root"; 491 syslog(LOG_CRIT, "%sed by %s", cmdname, user); 492 } 493 494 /* 495 * We must assume success and log it before auditd is terminated. 496 */ 497 if (fcn == AD_BOOT) 498 aval = audit_reboot_success(); 499 else 500 aval = audit_halt_success(); 501 502 if (aval == -1) { 503 (void) fprintf(stderr, 504 gettext("%s: can't turn off auditd\n"), cmdname); 505 if (needlog) 506 (void) sleep(5); /* Give syslogd time to record this */ 507 } 508 509 (void) signal(SIGHUP, SIG_IGN); /* for remote connections */ 510 511 if (zone_getattr(getzoneid(), ZONE_ATTR_INITPID, &init_pid, 512 sizeof (init_pid)) != sizeof (init_pid)) { 513 assert(errno == ESRCH); 514 init_pid = -1; 515 } 516 517 /* sync boot archive in the global zone */ 518 if (getzoneid() == GLOBAL_ZONEID && !nosync) { 519 (void) system("/sbin/bootadm -a update_all"); 520 } 521 522 /* 523 * If we're not forcing a crash dump, mark the system as quiescing for 524 * smf(5)'s benefit, and idle the init process. 525 */ 526 if (cmd != A_DUMP) { 527 if (init_pid != -1 && kill(init_pid, SIGTSTP) == -1) { 528 /* 529 * TRANSLATION_NOTE 530 * Don't translate the word "init" 531 */ 532 (void) fprintf(stderr, 533 gettext("%s: can't idle init\n"), cmdname); 534 535 goto fail; 536 } 537 538 if (creat(resetting, 0755) == -1) 539 (void) fprintf(stderr, 540 gettext("%s: could not create %s.\n"), 541 cmdname, resetting); 542 543 /* 544 * Stop all restarters so they do not try to restart services 545 * that are terminated. 546 */ 547 stop_restarters(); 548 } 549 550 /* 551 * Make sure we don't get stopped by a jobcontrol shell 552 * once we start killing everybody. 553 */ 554 (void) signal(SIGTSTP, SIG_IGN); 555 (void) signal(SIGTTIN, SIG_IGN); 556 (void) signal(SIGTTOU, SIG_IGN); 557 (void) signal(SIGTERM, SIG_IGN); 558 559 /* 560 * If we're not forcing a crash dump, give everyone 5 seconds to 561 * handle a SIGTERM and clean up properly. 562 */ 563 if (cmd != A_DUMP) { 564 (void) kill(-1, SIGTERM); 565 (void) sleep(5); 566 } 567 568 if (!qflag && !nosync) { 569 struct utmpx wtmpx; 570 571 bzero(&wtmpx, sizeof (struct utmpx)); 572 (void) strcpy(wtmpx.ut_line, "~"); 573 (void) time(&wtmpx.ut_tv.tv_sec); 574 575 if (cmd == A_DUMP) 576 (void) strcpy(wtmpx.ut_name, "crash dump"); 577 else 578 (void) strcpy(wtmpx.ut_name, "shutdown"); 579 580 (void) updwtmpx(WTMPX_FILE, &wtmpx); 581 sync(); 582 } 583 584 if (cmd == A_DUMP && nosync != 0) 585 (void) uadmin(A_DUMP, AD_NOSYNC, NULL); 586 587 (void) uadmin(cmd, fcn, mdep); 588 perror(cmdname); 589 590 do 591 r = remove(resetting); 592 while (r != 0 && errno == EINTR); 593 if (r != 0 && errno != ENOENT) 594 (void) fprintf(stderr, gettext("%s: could not remove %s.\n"), 595 cmdname, resetting); 596 597 continue_restarters(); 598 599 if (init_pid != -1) 600 /* tell init to restate current level */ 601 (void) kill(init_pid, SIGHUP); 602 603 fail: 604 if (fcn == AD_BOOT) 605 (void) audit_reboot_fail(); 606 else 607 (void) audit_halt_fail(); 608 609 return (1); 610 } 611