[systemd-devel] [PATCH 6/6] shutdown: pivot_root to a tmpfs directory to properly umount root
harald at redhat.com
harald at redhat.com
Tue May 31 08:07:00 PDT 2011
From: Harald Hoyer <harald at redhat.com>
check for /run/initramfs/shutdown
mount bind all needed dirs to /run/initramfs
pivot_root to /run/initramfs
execute /run/initramfs/shutdown
Signed-off-by: Harald Hoyer <harald at redhat.com>
---
src/shutdown.c | 101 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 101 insertions(+), 0 deletions(-)
diff --git a/src/shutdown.c b/src/shutdown.c
index 5f60650..528b30b 100644
--- a/src/shutdown.c
+++ b/src/shutdown.c
@@ -24,6 +24,11 @@
#include <sys/reboot.h>
#include <linux/reboot.h>
#include <sys/wait.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/mount.h>
+#include <sys/syscall.h>
+#include <fcntl.h>
#include <dirent.h>
#include <errno.h>
#include <unistd.h>
@@ -39,6 +44,7 @@
#define TIMEOUT_USEC (5 * USEC_PER_SEC)
#define FINALIZE_ATTEMPTS 50
+#define pivot_root(new_root,put_old) syscall(SYS_pivot_root,new_root,put_old)
static bool ignore_proc(pid_t pid) {
if (pid == 1)
@@ -193,6 +199,90 @@ finish:
sigprocmask(SIG_SETMASK, &oldmask, NULL);
}
+static bool prepare_new_root(void) {
+ int r = false;
+ const char *dirs[] = { "/run/initramfs/oldroot",
+ "/run/initramfs/proc",
+ "/run/initramfs/sys",
+ "/run/initramfs/dev",
+ "/run/initramfs/run",
+ NULL };
+ const char **dir;
+ const char *msg;
+
+ msg = "Failed to mount bind /run/initramfs on /run/initramfs";
+ if (mount("/run/initramfs", "/run/initramfs", NULL, MS_BIND, NULL) != 0)
+ goto out;
+
+ msg="Failed to make /run/initramfs private mount %m:";
+ if (mount(NULL, "/run/initramfs", NULL, MS_PRIVATE, NULL) != 0)
+ goto out;
+
+ for (dir = &dirs[0]; *dir != NULL; dir++) {
+ asprintf((char **) &msg, "mkdir %s: %%m", *dir);
+ if (mkdir(*dir, 0755) != 0) {
+ if (errno != EEXIST)
+ goto out;
+ }
+ free((char *) msg);
+ }
+
+ msg = "Failed to mount bind /sys on /run/initramfs/sys";
+ if (mount("/sys", "/run/initramfs/sys", NULL, MS_BIND, NULL) != 0)
+ goto out;
+ msg = "Failed to mount bind /proc on /run/initramfs/proc";
+ if (mount("/proc", "/run/initramfs/proc", NULL, MS_BIND, NULL) != 0)
+ goto out;
+ msg = "Failed to mount bind /dev on /run/initramfs/dev";
+ if (mount("/dev", "/run/initramfs/dev", NULL, MS_BIND, NULL) != 0)
+ goto out;
+ msg = "Failed to mount bind /run on /run/initramfs/run";
+ if (mount("/run", "/run/initramfs/run", NULL, MS_BIND, NULL) != 0)
+ goto out;
+
+ r = true;
+ out:
+ if (!r)
+ log_error("%s: %m", msg);
+ return r;
+}
+
+static bool pivot_to_new_root(void) {
+ int fd;
+ int r = 0;
+ chdir("/run/initramfs");
+
+ /*
+ In case some evil process made "/" MS_SHARED
+ It works for pivot_root, but the ref count for the root device
+ is not decreasing :-/
+ */
+ if (mount(NULL, "/", NULL, MS_PRIVATE, NULL) != 0) {
+ log_error("Failed to make \"/\" private mount %m: ");
+ return false;
+ }
+
+ r = pivot_root(".", "oldroot");
+ if (r!=0) {
+ log_error("pivot failed: %m");
+ /* only chroot, if pivot root succeded */
+ return false;
+ }
+ chroot(".");
+ log_info("pivot rooted");
+
+ fd = open("dev/console", O_RDONLY);
+ dup2(fd, STDIN_FILENO);
+ close_nointr_nofail(fd);
+ fd = open("dev/console", O_WRONLY);
+ dup2(fd, STDOUT_FILENO);
+ close_nointr_nofail(fd);
+ fd = open("dev/console", O_WRONLY);
+ dup2(fd, STDERR_FILENO);
+ close_nointr_nofail(fd);
+ return true;
+}
+
int main(int argc, char *argv[]) {
int cmd, r;
unsigned retries;
@@ -331,6 +421,17 @@ int main(int argc, char *argv[]) {
sync();
+ if (access("/run/initramfs/shutdown", X_OK) == 0) {
+ char *new_argv[3];
+ new_argv[0] = strdup(argv[0]);
+ new_argv[1] = strdup(argv[1]);
+ new_argv[2] = NULL;
+ if (prepare_new_root() && pivot_to_new_root()) {
+ execv("/shutdown", new_argv);
+ log_error("Failed to execute shutdown binary: %m");
+ }
+ }
+
if (cmd == LINUX_REBOOT_CMD_KEXEC) {
/* We cheat and exec kexec to avoid doing all its work */
pid_t pid = fork();
--
1.7.5.2
More information about the systemd-devel
mailing list