]>
Commit | Line | Data |
---|---|---|
db9ecf05 | 1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ |
a7334b09 | 2 | /*** |
96b2fb93 | 3 | Copyright © 2012 Holger Hans Peter Freyther |
a7334b09 LP |
4 | ***/ |
5 | ||
3efd4195 | 6 | #include <errno.h> |
87f0e418 | 7 | #include <fcntl.h> |
25e870b5 | 8 | #include <linux/fs.h> |
5f5d8eab | 9 | #include <linux/oom.h> |
349cc4a5 | 10 | #if HAVE_SECCOMP |
618234a5 LP |
11 | #include <seccomp.h> |
12 | #endif | |
5f5d8eab | 13 | #include <sched.h> |
3d57c6ab | 14 | #include <sys/resource.h> |
3efd4195 | 15 | |
bed0b7df LP |
16 | #include "sd-messages.h" |
17 | ||
5f5d8eab | 18 | #include "af-list.h" |
57b7a260 | 19 | #include "all-units.h" |
786d19fd | 20 | #include "alloc-util.h" |
fab34748 | 21 | #include "bpf-firewall.h" |
e59ccd03 | 22 | #include "bpf-lsm.h" |
0879da98 | 23 | #include "bpf-program.h" |
cd09a5f3 | 24 | #include "bpf-socket-bind.h" |
5f5d8eab LP |
25 | #include "bus-error.h" |
26 | #include "bus-internal.h" | |
27 | #include "bus-util.h" | |
28 | #include "cap-list.h" | |
a103496c | 29 | #include "capability-util.h" |
fdb3deca | 30 | #include "cgroup-setup.h" |
3efd4195 | 31 | #include "conf-parser.h" |
e30bbc90 | 32 | #include "core-varlink.h" |
618234a5 | 33 | #include "cpu-set-util.h" |
786d19fd | 34 | #include "creds-util.h" |
5f5d8eab LP |
35 | #include "env-util.h" |
36 | #include "errno-list.h" | |
4f5dd394 | 37 | #include "escape.h" |
3ffd4af2 | 38 | #include "fd-util.h" |
0389f4fa | 39 | #include "fileio.h" |
f4f15635 | 40 | #include "fs-util.h" |
08f3be7a | 41 | #include "hexdecoct.h" |
d3070fbd | 42 | #include "io-util.h" |
032b3afb | 43 | #include "ioprio-util.h" |
da96ad5a | 44 | #include "ip-protocol-list.h" |
adce225a | 45 | #include "journal-file.h" |
eefc66aa | 46 | #include "limits-util.h" |
3ffd4af2 | 47 | #include "load-fragment.h" |
5f5d8eab | 48 | #include "log.h" |
5bead76e | 49 | #include "missing_ioprio.h" |
049af8ad | 50 | #include "mountpoint-util.h" |
d8b4d14d | 51 | #include "nulstr-util.h" |
c3eaba2d | 52 | #include "parse-helpers.h" |
6bedfcbb | 53 | #include "parse-util.h" |
9eb977db | 54 | #include "path-util.h" |
ed5033fd | 55 | #include "percent-util.h" |
7b3e062c | 56 | #include "process-util.h" |
349cc4a5 | 57 | #if HAVE_SECCOMP |
57183d11 LP |
58 | #include "seccomp-util.h" |
59 | #endif | |
07d46372 | 60 | #include "securebits-util.h" |
23e9a7dd | 61 | #include "selinux-util.h" |
5f5d8eab | 62 | #include "signal-util.h" |
5c3fa98d | 63 | #include "socket-netlink.h" |
46a9ee5d | 64 | #include "specifier.h" |
8fcde012 | 65 | #include "stat-util.h" |
07630cea | 66 | #include "string-util.h" |
5f5d8eab | 67 | #include "strv.h" |
91dd5f7c LP |
68 | #include "syslog-util.h" |
69 | #include "time-util.h" | |
5f5d8eab LP |
70 | #include "unit-name.h" |
71 | #include "unit-printf.h" | |
66dccd8d | 72 | #include "user-util.h" |
bb0c0d6f | 73 | #include "utf8.h" |
49cf4170 | 74 | #include "web-util.h" |
57183d11 | 75 | |
d2b42d63 | 76 | static int parse_socket_protocol(const char *s) { |
53577580 YW |
77 | int r; |
78 | ||
d2b42d63 | 79 | r = parse_ip_protocol(s); |
53577580 | 80 | if (r < 0) |
acf4d158 | 81 | return r; |
53577580 YW |
82 | if (!IN_SET(r, IPPROTO_UDPLITE, IPPROTO_SCTP)) |
83 | return -EPROTONOSUPPORT; | |
84 | ||
85 | return r; | |
86 | } | |
87 | ||
a07a7324 FS |
88 | int parse_crash_chvt(const char *value, int *data) { |
89 | int b; | |
90 | ||
91 | if (safe_atoi(value, data) >= 0) | |
92 | return 0; | |
93 | ||
94 | b = parse_boolean(value); | |
95 | if (b < 0) | |
96 | return b; | |
97 | ||
98 | if (b > 0) | |
99 | *data = 0; /* switch to where kmsg goes */ | |
100 | else | |
101 | *data = -1; /* turn off switching */ | |
102 | ||
103 | return 0; | |
104 | } | |
105 | ||
106 | int parse_confirm_spawn(const char *value, char **console) { | |
107 | char *s; | |
108 | int r; | |
109 | ||
110 | r = value ? parse_boolean(value) : 1; | |
111 | if (r == 0) { | |
112 | *console = NULL; | |
113 | return 0; | |
4a8daee7 | 114 | } else if (r > 0) /* on with default tty */ |
a07a7324 FS |
115 | s = strdup("/dev/console"); |
116 | else if (is_path(value)) /* on with fully qualified path */ | |
117 | s = strdup(value); | |
118 | else /* on with only a tty file name, not a fully qualified path */ | |
4a8daee7 | 119 | s = path_join("/dev/", value); |
a07a7324 FS |
120 | if (!s) |
121 | return -ENOMEM; | |
122 | ||
123 | *console = s; | |
124 | return 0; | |
125 | } | |
126 | ||
d2b42d63 | 127 | DEFINE_CONFIG_PARSE(config_parse_socket_protocol, parse_socket_protocol, "Failed to parse socket protocol"); |
53577580 | 128 | DEFINE_CONFIG_PARSE(config_parse_exec_secure_bits, secure_bits_from_string, "Failed to parse secure bits"); |
5afe510c | 129 | DEFINE_CONFIG_PARSE_ENUM(config_parse_collect_mode, collect_mode, CollectMode, "Failed to parse garbage collection mode"); |
53577580 | 130 | DEFINE_CONFIG_PARSE_ENUM(config_parse_device_policy, cgroup_device_policy, CGroupDevicePolicy, "Failed to parse device policy"); |
53577580 | 131 | DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_keyring_mode, exec_keyring_mode, ExecKeyringMode, "Failed to parse keyring mode"); |
4e399953 LP |
132 | DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_proc, protect_proc, ProtectProc, "Failed to parse /proc/ protection mode"); |
133 | DEFINE_CONFIG_PARSE_ENUM(config_parse_proc_subset, proc_subset, ProcSubset, "Failed to parse /proc/ subset mode"); | |
53577580 YW |
134 | DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_utmp_mode, exec_utmp_mode, ExecUtmpMode, "Failed to parse utmp mode"); |
135 | DEFINE_CONFIG_PARSE_ENUM(config_parse_job_mode, job_mode, JobMode, "Failed to parse job mode"); | |
53577580 | 136 | DEFINE_CONFIG_PARSE_ENUM(config_parse_notify_access, notify_access, NotifyAccess, "Failed to parse notify access specifier"); |
1e8c7bd5 YW |
137 | DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_home, protect_home, ProtectHome, "Failed to parse protect home value"); |
138 | DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_system, protect_system, ProtectSystem, "Failed to parse protect system value"); | |
53577580 YW |
139 | DEFINE_CONFIG_PARSE_ENUM(config_parse_runtime_preserve_mode, exec_preserve_mode, ExecPreserveMode, "Failed to parse runtime directory preserve mode"); |
140 | DEFINE_CONFIG_PARSE_ENUM(config_parse_service_type, service_type, ServiceType, "Failed to parse service type"); | |
596e4470 | 141 | DEFINE_CONFIG_PARSE_ENUM(config_parse_service_exit_type, service_exit_type, ServiceExitType, "Failed to parse service exit type"); |
53577580 | 142 | DEFINE_CONFIG_PARSE_ENUM(config_parse_service_restart, service_restart, ServiceRestart, "Failed to parse service restart specifier"); |
bf760801 | 143 | DEFINE_CONFIG_PARSE_ENUM(config_parse_service_timeout_failure_mode, service_timeout_failure_mode, ServiceTimeoutFailureMode, "Failed to parse timeout failure mode"); |
53577580 | 144 | DEFINE_CONFIG_PARSE_ENUM(config_parse_socket_bind, socket_address_bind_ipv6_only_or_bool, SocketAddressBindIPv6Only, "Failed to parse bind IPv6 only value"); |
afcfaa69 | 145 | DEFINE_CONFIG_PARSE_ENUM(config_parse_oom_policy, oom_policy, OOMPolicy, "Failed to parse OOM policy"); |
4e806bfa | 146 | DEFINE_CONFIG_PARSE_ENUM(config_parse_managed_oom_preference, managed_oom_preference, ManagedOOMPreference, "Failed to parse ManagedOOMPreference="); |
53577580 YW |
147 | DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_ip_tos, ip_tos, int, -1, "Failed to parse IP TOS value"); |
148 | DEFINE_CONFIG_PARSE_PTR(config_parse_blockio_weight, cg_blkio_weight_parse, uint64_t, "Invalid block IO weight"); | |
149 | DEFINE_CONFIG_PARSE_PTR(config_parse_cg_weight, cg_weight_parse, uint64_t, "Invalid weight"); | |
c8340822 | 150 | DEFINE_CONFIG_PARSE_PTR(config_parse_cg_cpu_weight, cg_cpu_weight_parse, uint64_t, "Invalid CPU weight"); |
53577580 YW |
151 | DEFINE_CONFIG_PARSE_PTR(config_parse_cpu_shares, cg_cpu_shares_parse, uint64_t, "Invalid CPU shares"); |
152 | DEFINE_CONFIG_PARSE_PTR(config_parse_exec_mount_flags, mount_propagation_flags_from_string, unsigned long, "Failed to parse mount flag"); | |
b070c7c0 | 153 | DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_numa_policy, mpol, int, -1, "Invalid NUMA policy type"); |
6327aa9f | 154 | DEFINE_CONFIG_PARSE_ENUM(config_parse_status_unit_format, status_unit_format, StatusUnitFormat, "Failed to parse status unit format"); |
9b191525 | 155 | DEFINE_CONFIG_PARSE_ENUM_FULL(config_parse_socket_timestamping, socket_timestamping_from_string_harder, SocketTimestamping, "Failed to parse timestamping precision"); |
5afe510c | 156 | |
88022148 DDM |
157 | bool contains_instance_specifier_superset(const char *s) { |
158 | const char *p, *q; | |
159 | bool percent = false; | |
160 | ||
161 | assert(s); | |
162 | ||
163 | p = strchr(s, '@'); | |
164 | if (!p) | |
165 | return false; | |
166 | ||
167 | p++; /* Skip '@' */ | |
168 | ||
169 | q = strrchr(p, '.'); | |
170 | if (!q) | |
171 | q = p + strlen(p); | |
172 | ||
173 | /* If the string is just the instance specifier, it's not a superset of the instance. */ | |
174 | if (memcmp_nn(p, q - p, "%i", strlen("%i")) == 0) | |
175 | return false; | |
176 | ||
177 | /* %i, %n and %N all expand to the instance or a superset of it. */ | |
178 | for (; p < q; p++) { | |
179 | if (*p == '%') | |
180 | percent = !percent; | |
181 | else if (percent) { | |
182 | if (IN_SET(*p, 'n', 'N', 'i')) | |
183 | return true; | |
184 | percent = false; | |
185 | } | |
186 | } | |
187 | ||
188 | return false; | |
189 | } | |
190 | ||
191 | /* `name` is the rendered version of `format` via `unit_printf` or similar functions. */ | |
192 | int unit_is_likely_recursive_template_dependency(Unit *u, const char *name, const char *format) { | |
193 | const char *fragment_path; | |
194 | int r; | |
195 | ||
196 | assert(u); | |
197 | assert(name); | |
198 | ||
199 | /* If a template unit has a direct dependency on itself that includes the unit instance as part of | |
200 | * the template instance via a unit specifier (%i, %n or %N), this will almost certainly lead to | |
201 | * infinite recursion as systemd will keep instantiating new instances of the template unit. | |
202 | * https://github.com/systemd/systemd/issues/17602 shows a good example of how this can happen in | |
203 | * practice. To guard against this, we check for templates that depend on themselves and have the | |
204 | * instantiated unit instance included as part of the template instance of the dependency via a | |
205 | * specifier. | |
206 | * | |
207 | * For example, if systemd-notify@.service depends on systemd-notify@%n.service, this will result in | |
208 | * infinite recursion. | |
209 | */ | |
210 | ||
211 | if (!unit_name_is_valid(name, UNIT_NAME_INSTANCE)) | |
212 | return false; | |
213 | ||
214 | if (!unit_name_prefix_equal(u->id, name)) | |
215 | return false; | |
216 | ||
217 | if (u->type != unit_name_to_type(name)) | |
218 | return false; | |
219 | ||
220 | r = unit_file_find_fragment(u->manager->unit_id_map, u->manager->unit_name_map, name, &fragment_path, NULL); | |
221 | if (r < 0) | |
222 | return r; | |
223 | ||
224 | /* Fragment paths should also be equal as a custom fragment for a specific template instance | |
225 | * wouldn't necessarily lead to infinite recursion. */ | |
226 | if (!path_equal_ptr(u->fragment_path, fragment_path)) | |
227 | return false; | |
228 | ||
229 | if (!contains_instance_specifier_superset(format)) | |
230 | return false; | |
231 | ||
232 | return true; | |
233 | } | |
234 | ||
f32b43bd LP |
235 | int config_parse_unit_deps( |
236 | const char *unit, | |
237 | const char *filename, | |
238 | unsigned line, | |
239 | const char *section, | |
240 | unsigned section_line, | |
241 | const char *lvalue, | |
242 | int ltype, | |
243 | const char *rvalue, | |
244 | void *data, | |
245 | void *userdata) { | |
3efd4195 | 246 | |
f975e971 | 247 | UnitDependency d = ltype; |
87f0e418 | 248 | Unit *u = userdata; |
3efd4195 LP |
249 | |
250 | assert(filename); | |
251 | assert(lvalue); | |
252 | assert(rvalue); | |
3efd4195 | 253 | |
323dda78 | 254 | for (const char *p = rvalue;;) { |
3d793d29 | 255 | _cleanup_free_ char *word = NULL, *k = NULL; |
3efd4195 | 256 | int r; |
3efd4195 | 257 | |
c89f52ac | 258 | r = extract_first_word(&p, &word, NULL, EXTRACT_RETAIN_ESCAPE); |
3d793d29 | 259 | if (r == 0) |
323dda78 | 260 | return 0; |
3d793d29 | 261 | if (r == -ENOMEM) |
74051b9b | 262 | return log_oom(); |
3d793d29 | 263 | if (r < 0) { |
323dda78 YW |
264 | log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue); |
265 | return 0; | |
3d793d29 | 266 | } |
3efd4195 | 267 | |
3d793d29 | 268 | r = unit_name_printf(u, word, &k); |
19f6d710 | 269 | if (r < 0) { |
323dda78 | 270 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word); |
19f6d710 LP |
271 | continue; |
272 | } | |
9e2f7c11 | 273 | |
88022148 DDM |
274 | r = unit_is_likely_recursive_template_dependency(u, k, word); |
275 | if (r < 0) { | |
276 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to determine if '%s' is a recursive dependency, ignoring: %m", k); | |
277 | continue; | |
278 | } | |
279 | if (r > 0) { | |
280 | log_syntax(unit, LOG_DEBUG, filename, line, 0, | |
281 | "Dropping dependency %s=%s that likely leads to infinite recursion.", | |
282 | unit_dependency_to_string(d), word); | |
283 | continue; | |
284 | } | |
285 | ||
35d8c19a | 286 | r = unit_add_dependency_by_name(u, d, k, true, UNIT_DEPENDENCY_FILE); |
57020a3a | 287 | if (r < 0) |
323dda78 | 288 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k); |
3efd4195 | 289 | } |
3efd4195 LP |
290 | } |
291 | ||
f32b43bd LP |
292 | int config_parse_obsolete_unit_deps( |
293 | const char *unit, | |
294 | const char *filename, | |
295 | unsigned line, | |
296 | const char *section, | |
297 | unsigned section_line, | |
298 | const char *lvalue, | |
299 | int ltype, | |
300 | const char *rvalue, | |
301 | void *data, | |
302 | void *userdata) { | |
303 | ||
304 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
305 | "Unit dependency type %s= is obsolete, replacing by %s=, please update your unit file", lvalue, unit_dependency_to_string(ltype)); | |
306 | ||
307 | return config_parse_unit_deps(unit, filename, line, section, section_line, lvalue, ltype, rvalue, data, userdata); | |
308 | } | |
309 | ||
b02cb41c LP |
310 | int config_parse_unit_string_printf( |
311 | const char *unit, | |
312 | const char *filename, | |
313 | unsigned line, | |
314 | const char *section, | |
315 | unsigned section_line, | |
316 | const char *lvalue, | |
317 | int ltype, | |
318 | const char *rvalue, | |
319 | void *data, | |
320 | void *userdata) { | |
932921b5 | 321 | |
74051b9b | 322 | _cleanup_free_ char *k = NULL; |
47538b76 | 323 | const Unit *u = userdata; |
19f6d710 | 324 | int r; |
932921b5 LP |
325 | |
326 | assert(filename); | |
327 | assert(lvalue); | |
328 | assert(rvalue); | |
f2d3769a | 329 | assert(u); |
932921b5 | 330 | |
19f6d710 | 331 | r = unit_full_printf(u, rvalue, &k); |
b02cb41c | 332 | if (r < 0) { |
323dda78 | 333 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); |
b02cb41c LP |
334 | return 0; |
335 | } | |
932921b5 | 336 | |
b02cb41c | 337 | return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata); |
932921b5 LP |
338 | } |
339 | ||
12ca818f LP |
340 | int config_parse_unit_strv_printf( |
341 | const char *unit, | |
342 | const char *filename, | |
343 | unsigned line, | |
344 | const char *section, | |
345 | unsigned section_line, | |
346 | const char *lvalue, | |
347 | int ltype, | |
348 | const char *rvalue, | |
349 | void *data, | |
350 | void *userdata) { | |
8fef7659 | 351 | |
47538b76 | 352 | const Unit *u = userdata; |
74051b9b | 353 | _cleanup_free_ char *k = NULL; |
19f6d710 | 354 | int r; |
8fef7659 LP |
355 | |
356 | assert(filename); | |
357 | assert(lvalue); | |
358 | assert(rvalue); | |
359 | assert(u); | |
360 | ||
19f6d710 | 361 | r = unit_full_printf(u, rvalue, &k); |
12ca818f | 362 | if (r < 0) { |
323dda78 | 363 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); |
12ca818f LP |
364 | return 0; |
365 | } | |
8fef7659 | 366 | |
12ca818f | 367 | return config_parse_strv(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata); |
8fef7659 LP |
368 | } |
369 | ||
5f5d8eab LP |
370 | int config_parse_unit_path_printf( |
371 | const char *unit, | |
372 | const char *filename, | |
373 | unsigned line, | |
374 | const char *section, | |
375 | unsigned section_line, | |
376 | const char *lvalue, | |
377 | int ltype, | |
378 | const char *rvalue, | |
379 | void *data, | |
380 | void *userdata) { | |
6ea832a2 | 381 | |
74051b9b | 382 | _cleanup_free_ char *k = NULL; |
47538b76 | 383 | const Unit *u = userdata; |
19f6d710 | 384 | int r; |
2c75fb73 | 385 | bool fatal = ltype; |
6ea832a2 LP |
386 | |
387 | assert(filename); | |
388 | assert(lvalue); | |
389 | assert(rvalue); | |
6ea832a2 LP |
390 | assert(u); |
391 | ||
06536492 | 392 | r = unit_path_printf(u, rvalue, &k); |
811ba7a0 | 393 | if (r < 0) { |
323dda78 | 394 | log_syntax(unit, fatal ? LOG_ERR : LOG_WARNING, filename, line, r, |
063c4b1a | 395 | "Failed to resolve unit specifiers in '%s'%s: %m", |
e3c3d676 | 396 | rvalue, fatal ? "" : ", ignoring"); |
2c75fb73 | 397 | return fatal ? -ENOEXEC : 0; |
811ba7a0 | 398 | } |
6ea832a2 | 399 | |
811ba7a0 LP |
400 | return config_parse_path(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata); |
401 | } | |
402 | ||
8c35c10d | 403 | int config_parse_colon_separated_paths( |
404 | const char *unit, | |
405 | const char *filename, | |
406 | unsigned line, | |
407 | const char *section, | |
408 | unsigned section_line, | |
409 | const char *lvalue, | |
410 | int ltype, | |
411 | const char *rvalue, | |
412 | void *data, | |
413 | void *userdata) { | |
414 | char ***sv = data; | |
415 | const Unit *u = userdata; | |
416 | int r; | |
417 | ||
418 | assert(filename); | |
419 | assert(lvalue); | |
420 | assert(rvalue); | |
421 | assert(data); | |
422 | ||
423 | if (isempty(rvalue)) { | |
424 | /* Empty assignment resets the list */ | |
425 | *sv = strv_free(*sv); | |
426 | return 0; | |
427 | } | |
428 | ||
429 | for (const char *p = rvalue;;) { | |
430 | _cleanup_free_ char *word = NULL, *k = NULL; | |
431 | ||
432 | r = extract_first_word(&p, &word, ":", EXTRACT_DONT_COALESCE_SEPARATORS); | |
433 | if (r == -ENOMEM) | |
434 | return log_oom(); | |
435 | if (r < 0) { | |
436 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue); | |
437 | return 0; | |
438 | } | |
439 | if (r == 0) | |
440 | break; | |
441 | ||
442 | r = unit_path_printf(u, word, &k); | |
443 | if (r < 0) { | |
444 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
445 | "Failed to resolve unit specifiers in '%s', ignoring: %m", word); | |
446 | return 0; | |
447 | } | |
448 | ||
449 | r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); | |
450 | if (r < 0) | |
451 | return 0; | |
452 | ||
453 | r = strv_consume(sv, TAKE_PTR(k)); | |
454 | if (r < 0) | |
455 | return log_oom(); | |
456 | } | |
457 | ||
458 | return 0; | |
459 | } | |
460 | ||
811ba7a0 LP |
461 | int config_parse_unit_path_strv_printf( |
462 | const char *unit, | |
463 | const char *filename, | |
464 | unsigned line, | |
465 | const char *section, | |
466 | unsigned section_line, | |
467 | const char *lvalue, | |
468 | int ltype, | |
469 | const char *rvalue, | |
470 | void *data, | |
471 | void *userdata) { | |
472 | ||
a2a5291b | 473 | char ***x = data; |
47538b76 | 474 | const Unit *u = userdata; |
811ba7a0 LP |
475 | int r; |
476 | ||
477 | assert(filename); | |
478 | assert(lvalue); | |
479 | assert(rvalue); | |
480 | assert(u); | |
481 | ||
499295fb | 482 | if (isempty(rvalue)) { |
9f2d41a6 | 483 | *x = strv_free(*x); |
499295fb YW |
484 | return 0; |
485 | } | |
486 | ||
323dda78 | 487 | for (const char *p = rvalue;;) { |
035fe294 | 488 | _cleanup_free_ char *word = NULL, *k = NULL; |
811ba7a0 | 489 | |
4ec85141 | 490 | r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE); |
035fe294 ZJS |
491 | if (r == 0) |
492 | return 0; | |
493 | if (r == -ENOMEM) | |
494 | return log_oom(); | |
495 | if (r < 0) { | |
496 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
497 | "Invalid syntax, ignoring: %s", rvalue); | |
498 | return 0; | |
499 | } | |
811ba7a0 | 500 | |
06536492 | 501 | r = unit_path_printf(u, word, &k); |
811ba7a0 | 502 | if (r < 0) { |
323dda78 | 503 | log_syntax(unit, LOG_WARNING, filename, line, r, |
063c4b1a | 504 | "Failed to resolve unit specifiers in '%s', ignoring: %m", word); |
811ba7a0 LP |
505 | return 0; |
506 | } | |
507 | ||
2f4d31c1 YW |
508 | r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); |
509 | if (r < 0) | |
811ba7a0 | 510 | return 0; |
811ba7a0 | 511 | |
7d2c9c6b | 512 | r = strv_consume(x, TAKE_PTR(k)); |
811ba7a0 LP |
513 | if (r < 0) |
514 | return log_oom(); | |
811ba7a0 | 515 | } |
6ea832a2 LP |
516 | } |
517 | ||
4a66b5c9 LP |
518 | static int patch_var_run( |
519 | const char *unit, | |
520 | const char *filename, | |
521 | unsigned line, | |
522 | const char *lvalue, | |
523 | char **path) { | |
524 | ||
525 | const char *e; | |
526 | char *z; | |
527 | ||
528 | e = path_startswith(*path, "/var/run/"); | |
529 | if (!e) | |
530 | return 0; | |
531 | ||
532 | z = path_join("/run/", e); | |
533 | if (!z) | |
534 | return log_oom(); | |
535 | ||
536 | log_syntax(unit, LOG_NOTICE, filename, line, 0, | |
537 | "%s= references a path below legacy directory /var/run/, updating %s → %s; " | |
538 | "please update the unit file accordingly.", lvalue, *path, z); | |
539 | ||
540 | free_and_replace(*path, z); | |
541 | ||
542 | return 1; | |
543 | } | |
544 | ||
545 | int config_parse_socket_listen( | |
546 | const char *unit, | |
547 | const char *filename, | |
548 | unsigned line, | |
549 | const char *section, | |
550 | unsigned section_line, | |
551 | const char *lvalue, | |
552 | int ltype, | |
553 | const char *rvalue, | |
554 | void *data, | |
555 | void *userdata) { | |
42f4e3c4 | 556 | |
b1389b0d ZJS |
557 | _cleanup_free_ SocketPort *p = NULL; |
558 | SocketPort *tail; | |
542563ba | 559 | Socket *s; |
19f6d710 | 560 | int r; |
16354eff | 561 | |
42f4e3c4 LP |
562 | assert(filename); |
563 | assert(lvalue); | |
564 | assert(rvalue); | |
565 | assert(data); | |
566 | ||
595ed347 | 567 | s = SOCKET(data); |
542563ba | 568 | |
74051b9b LP |
569 | if (isempty(rvalue)) { |
570 | /* An empty assignment removes all ports */ | |
571 | socket_free_ports(s); | |
572 | return 0; | |
573 | } | |
574 | ||
7f110ff9 LP |
575 | p = new0(SocketPort, 1); |
576 | if (!p) | |
74051b9b | 577 | return log_oom(); |
916abb21 | 578 | |
74051b9b | 579 | if (ltype != SOCKET_SOCKET) { |
2f4d31c1 | 580 | _cleanup_free_ char *k = NULL; |
916abb21 | 581 | |
06536492 | 582 | r = unit_path_printf(UNIT(s), rvalue, &k); |
19f6d710 | 583 | if (r < 0) { |
323dda78 | 584 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); |
12ca818f | 585 | return 0; |
916abb21 LP |
586 | } |
587 | ||
2f4d31c1 YW |
588 | r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); |
589 | if (r < 0) | |
590 | return 0; | |
591 | ||
4a66b5c9 LP |
592 | if (ltype == SOCKET_FIFO) { |
593 | r = patch_var_run(unit, filename, line, lvalue, &k); | |
594 | if (r < 0) | |
595 | return r; | |
596 | } | |
597 | ||
2f4d31c1 YW |
598 | free_and_replace(p->path, k); |
599 | p->type = ltype; | |
916abb21 | 600 | |
7a22745a | 601 | } else if (streq(lvalue, "ListenNetlink")) { |
74051b9b | 602 | _cleanup_free_ char *k = NULL; |
1fd45a90 | 603 | |
06536492 | 604 | r = unit_path_printf(UNIT(s), rvalue, &k); |
12ca818f | 605 | if (r < 0) { |
323dda78 | 606 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); |
12ca818f LP |
607 | return 0; |
608 | } | |
7a22745a | 609 | |
12ca818f | 610 | r = socket_address_parse_netlink(&p->address, k); |
1fd45a90 | 611 | if (r < 0) { |
323dda78 | 612 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k); |
7a22745a LP |
613 | return 0; |
614 | } | |
615 | ||
2f4d31c1 YW |
616 | p->type = SOCKET_SOCKET; |
617 | ||
542563ba | 618 | } else { |
74051b9b | 619 | _cleanup_free_ char *k = NULL; |
1fd45a90 | 620 | |
06536492 | 621 | r = unit_path_printf(UNIT(s), rvalue, &k); |
12ca818f | 622 | if (r < 0) { |
323dda78 | 623 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); |
12ca818f LP |
624 | return 0; |
625 | } | |
542563ba | 626 | |
4a66b5c9 LP |
627 | if (k[0] == '/') { /* Only for AF_UNIX file system sockets… */ |
628 | r = patch_var_run(unit, filename, line, lvalue, &k); | |
629 | if (r < 0) | |
630 | return r; | |
631 | } | |
632 | ||
12ca818f | 633 | r = socket_address_parse_and_warn(&p->address, k); |
1fd45a90 | 634 | if (r < 0) { |
f847b8b7 | 635 | if (r != -EAFNOSUPPORT) |
323dda78 | 636 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k); |
c0b34696 | 637 | return 0; |
542563ba LP |
638 | } |
639 | ||
640 | if (streq(lvalue, "ListenStream")) | |
641 | p->address.type = SOCK_STREAM; | |
642 | else if (streq(lvalue, "ListenDatagram")) | |
643 | p->address.type = SOCK_DGRAM; | |
644 | else { | |
645 | assert(streq(lvalue, "ListenSequentialPacket")); | |
646 | p->address.type = SOCK_SEQPACKET; | |
647 | } | |
648 | ||
618b3642 | 649 | if (socket_address_family(&p->address) != AF_UNIX && p->address.type == SOCK_SEQPACKET) { |
323dda78 | 650 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Address family not supported, ignoring: %s", rvalue); |
c0b34696 | 651 | return 0; |
542563ba | 652 | } |
2f4d31c1 YW |
653 | |
654 | p->type = SOCKET_SOCKET; | |
16354eff LP |
655 | } |
656 | ||
542563ba | 657 | p->fd = -1; |
15087cdb PS |
658 | p->auxiliary_fds = NULL; |
659 | p->n_auxiliary_fds = 0; | |
2e41a51e | 660 | p->socket = s; |
49f91047 | 661 | |
533f8a67 YW |
662 | LIST_FIND_TAIL(port, s->ports, tail); |
663 | LIST_INSERT_AFTER(port, s->ports, tail, p); | |
664 | ||
b1389b0d | 665 | p = NULL; |
542563ba | 666 | |
16354eff | 667 | return 0; |
42f4e3c4 LP |
668 | } |
669 | ||
41bf0590 LP |
670 | int config_parse_exec_nice( |
671 | const char *unit, | |
672 | const char *filename, | |
673 | unsigned line, | |
674 | const char *section, | |
675 | unsigned section_line, | |
676 | const char *lvalue, | |
677 | int ltype, | |
678 | const char *rvalue, | |
679 | void *data, | |
680 | void *userdata) { | |
034c6ed7 | 681 | |
fb33a393 | 682 | ExecContext *c = data; |
e8e581bf | 683 | int priority, r; |
034c6ed7 LP |
684 | |
685 | assert(filename); | |
686 | assert(lvalue); | |
687 | assert(rvalue); | |
688 | assert(data); | |
689 | ||
de5e6038 YW |
690 | if (isempty(rvalue)) { |
691 | c->nice_set = false; | |
692 | return 0; | |
693 | } | |
694 | ||
41bf0590 | 695 | r = parse_nice(rvalue, &priority); |
e8e581bf | 696 | if (r < 0) { |
41bf0590 | 697 | if (r == -ERANGE) |
323dda78 | 698 | log_syntax(unit, LOG_WARNING, filename, line, r, "Nice priority out of range, ignoring: %s", rvalue); |
41bf0590 | 699 | else |
323dda78 | 700 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse nice priority '%s', ignoring: %m", rvalue); |
c0b34696 | 701 | return 0; |
034c6ed7 LP |
702 | } |
703 | ||
fb33a393 | 704 | c->nice = priority; |
71155933 | 705 | c->nice_set = true; |
fb33a393 | 706 | |
034c6ed7 LP |
707 | return 0; |
708 | } | |
709 | ||
e9eb2c02 LP |
710 | int config_parse_exec_oom_score_adjust( |
711 | const char* unit, | |
712 | const char *filename, | |
713 | unsigned line, | |
714 | const char *section, | |
715 | unsigned section_line, | |
716 | const char *lvalue, | |
717 | int ltype, | |
718 | const char *rvalue, | |
719 | void *data, | |
720 | void *userdata) { | |
034c6ed7 | 721 | |
fb33a393 | 722 | ExecContext *c = data; |
e8e581bf | 723 | int oa, r; |
034c6ed7 LP |
724 | |
725 | assert(filename); | |
726 | assert(lvalue); | |
727 | assert(rvalue); | |
728 | assert(data); | |
729 | ||
e9eb2c02 LP |
730 | if (isempty(rvalue)) { |
731 | c->oom_score_adjust_set = false; | |
c0b34696 | 732 | return 0; |
034c6ed7 LP |
733 | } |
734 | ||
e9eb2c02 | 735 | r = parse_oom_score_adjust(rvalue, &oa); |
e9eb2c02 | 736 | if (r < 0) { |
063c4b1a | 737 | if (r == -ERANGE) |
323dda78 | 738 | log_syntax(unit, LOG_WARNING, filename, line, r, "OOM score adjust value out of range, ignoring: %s", rvalue); |
063c4b1a | 739 | else |
323dda78 | 740 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse the OOM score adjust value '%s', ignoring: %m", rvalue); |
c0b34696 | 741 | return 0; |
034c6ed7 LP |
742 | } |
743 | ||
dd6c17b1 LP |
744 | c->oom_score_adjust = oa; |
745 | c->oom_score_adjust_set = true; | |
fb33a393 | 746 | |
034c6ed7 LP |
747 | return 0; |
748 | } | |
749 | ||
ad21e542 ZJS |
750 | int config_parse_exec_coredump_filter( |
751 | const char* unit, | |
752 | const char *filename, | |
753 | unsigned line, | |
754 | const char *section, | |
755 | unsigned section_line, | |
756 | const char *lvalue, | |
757 | int ltype, | |
758 | const char *rvalue, | |
759 | void *data, | |
760 | void *userdata) { | |
761 | ||
762 | ExecContext *c = data; | |
763 | int r; | |
764 | ||
765 | assert(filename); | |
766 | assert(lvalue); | |
767 | assert(rvalue); | |
768 | assert(data); | |
769 | ||
770 | if (isempty(rvalue)) { | |
771 | c->coredump_filter = 0; | |
772 | c->coredump_filter_set = false; | |
773 | return 0; | |
774 | } | |
775 | ||
776 | uint64_t f; | |
777 | r = coredump_filter_mask_from_string(rvalue, &f); | |
778 | if (r < 0) { | |
779 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
780 | "Failed to parse the CoredumpFilter=%s, ignoring: %m", rvalue); | |
781 | return 0; | |
782 | } | |
783 | ||
784 | c->coredump_filter |= f; | |
785 | c->oom_score_adjust_set = true; | |
786 | return 0; | |
787 | } | |
788 | ||
d068765b LP |
789 | int config_parse_kill_mode( |
790 | const char* unit, | |
791 | const char *filename, | |
792 | unsigned line, | |
793 | const char *section, | |
794 | unsigned section_line, | |
795 | const char *lvalue, | |
796 | int ltype, | |
797 | const char *rvalue, | |
798 | void *data, | |
799 | void *userdata) { | |
800 | ||
801 | KillMode *k = data, m; | |
802 | ||
803 | assert(filename); | |
804 | assert(lvalue); | |
805 | assert(rvalue); | |
806 | assert(data); | |
807 | ||
808 | if (isempty(rvalue)) { | |
809 | *k = KILL_CONTROL_GROUP; | |
810 | return 0; | |
811 | } | |
812 | ||
813 | m = kill_mode_from_string(rvalue); | |
814 | if (m < 0) { | |
b98680b2 | 815 | log_syntax(unit, LOG_WARNING, filename, line, m, |
d068765b LP |
816 | "Failed to parse kill mode specification, ignoring: %s", rvalue); |
817 | return 0; | |
818 | } | |
819 | ||
820 | if (m == KILL_NONE) | |
821 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
822 | "Unit configured to use KillMode=none. " | |
15e6a6e8 | 823 | "This is unsafe, as it disables systemd's process lifecycle management for the service. " |
d068765b LP |
824 | "Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'. " |
825 | "Support for KillMode=none is deprecated and will eventually be removed."); | |
826 | ||
827 | *k = m; | |
828 | return 0; | |
829 | } | |
830 | ||
527b7a42 LP |
831 | int config_parse_exec( |
832 | const char *unit, | |
833 | const char *filename, | |
834 | unsigned line, | |
835 | const char *section, | |
836 | unsigned section_line, | |
837 | const char *lvalue, | |
838 | int ltype, | |
839 | const char *rvalue, | |
840 | void *data, | |
841 | void *userdata) { | |
034c6ed7 | 842 | |
46a0d98a | 843 | ExecCommand **e = data; |
47538b76 | 844 | const Unit *u = userdata; |
46a0d98a FB |
845 | const char *p; |
846 | bool semicolon; | |
7f110ff9 | 847 | int r; |
034c6ed7 LP |
848 | |
849 | assert(filename); | |
850 | assert(lvalue); | |
851 | assert(rvalue); | |
61e5d8ed | 852 | assert(e); |
034c6ed7 | 853 | |
74051b9b | 854 | e += ltype; |
c83f1f30 | 855 | |
74051b9b LP |
856 | if (isempty(rvalue)) { |
857 | /* An empty assignment resets the list */ | |
f1acf85a | 858 | *e = exec_command_free_list(*e); |
74051b9b LP |
859 | return 0; |
860 | } | |
861 | ||
bd1b973f | 862 | p = rvalue; |
46a0d98a | 863 | do { |
dea7b6b0 | 864 | _cleanup_free_ char *path = NULL, *firstword = NULL; |
165a31c0 LP |
865 | ExecCommandFlags flags = 0; |
866 | bool ignore = false, separate_argv0 = false; | |
dea7b6b0 | 867 | _cleanup_free_ ExecCommand *nce = NULL; |
46a0d98a | 868 | _cleanup_strv_free_ char **n = NULL; |
319a4f4b | 869 | size_t nlen = 0; |
5125e762 | 870 | const char *f; |
6c666e26 | 871 | |
46a0d98a FB |
872 | semicolon = false; |
873 | ||
4ec85141 | 874 | r = extract_first_word_and_warn(&p, &firstword, NULL, EXTRACT_UNQUOTE|EXTRACT_CUNESCAPE, unit, filename, line, rvalue); |
46a0d98a FB |
875 | if (r <= 0) |
876 | return 0; | |
6c666e26 | 877 | |
598c47c8 ZJS |
878 | /* A lone ";" is a separator. Let's make sure we don't treat it as an executable name. */ |
879 | if (streq(firstword, ";")) { | |
880 | semicolon = true; | |
881 | continue; | |
882 | } | |
883 | ||
46a0d98a | 884 | f = firstword; |
007f48bb | 885 | for (;;) { |
165a31c0 LP |
886 | /* We accept an absolute path as first argument. If it's prefixed with - and the path doesn't |
887 | * exist, we ignore it instead of erroring out; if it's prefixed with @, we allow overriding of | |
7ca69792 AZ |
888 | * argv[0]; if it's prefixed with :, we will not do environment variable substitution; |
889 | * if it's prefixed with +, it will be run with full privileges and no sandboxing; if | |
165a31c0 LP |
890 | * it's prefixed with '!' we apply sandboxing, but do not change user/group credentials; if |
891 | * it's prefixed with '!!', then we apply user/group credentials if the kernel supports ambient | |
892 | * capabilities -- if it doesn't we don't apply the credentials themselves, but do apply most | |
893 | * other sandboxing, with some special exceptions for changing UID. | |
894 | * | |
895 | * The idea is that '!!' may be used to write services that can take benefit of systemd's | |
896 | * UID/GID dropping if the kernel supports ambient creds, but provide an automatic fallback to | |
897 | * privilege dropping within the daemon if the kernel does not offer that. */ | |
898 | ||
899 | if (*f == '-' && !(flags & EXEC_COMMAND_IGNORE_FAILURE)) { | |
900 | flags |= EXEC_COMMAND_IGNORE_FAILURE; | |
46a0d98a | 901 | ignore = true; |
165a31c0 | 902 | } else if (*f == '@' && !separate_argv0) |
46a0d98a | 903 | separate_argv0 = true; |
7ca69792 AZ |
904 | else if (*f == ':' && !(flags & EXEC_COMMAND_NO_ENV_EXPAND)) |
905 | flags |= EXEC_COMMAND_NO_ENV_EXPAND; | |
165a31c0 LP |
906 | else if (*f == '+' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC))) |
907 | flags |= EXEC_COMMAND_FULLY_PRIVILEGED; | |
908 | else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC))) | |
909 | flags |= EXEC_COMMAND_NO_SETUID; | |
910 | else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_AMBIENT_MAGIC))) { | |
911 | flags &= ~EXEC_COMMAND_NO_SETUID; | |
912 | flags |= EXEC_COMMAND_AMBIENT_MAGIC; | |
913 | } else | |
46a0d98a | 914 | break; |
313cefa1 | 915 | f++; |
61e5d8ed | 916 | } |
46a0d98a | 917 | |
06536492 | 918 | r = unit_path_printf(u, f, &path); |
5125e762 | 919 | if (r < 0) { |
323dda78 | 920 | log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, r, |
063c4b1a | 921 | "Failed to resolve unit specifiers in '%s'%s: %m", |
bb28e684 ZJS |
922 | f, ignore ? ", ignoring" : ""); |
923 | return ignore ? 0 : -ENOEXEC; | |
5125e762 LP |
924 | } |
925 | ||
926 | if (isempty(path)) { | |
46a0d98a | 927 | /* First word is either "-" or "@" with no command. */ |
323dda78 | 928 | log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, 0, |
063c4b1a | 929 | "Empty path in command line%s: '%s'", |
bb28e684 ZJS |
930 | ignore ? ", ignoring" : "", rvalue); |
931 | return ignore ? 0 : -ENOEXEC; | |
b2fadec6 | 932 | } |
5125e762 | 933 | if (!string_is_safe(path)) { |
323dda78 | 934 | log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, 0, |
5008da1e ZJS |
935 | "Executable name contains special characters%s: %s", |
936 | ignore ? ", ignoring" : "", path); | |
bb28e684 | 937 | return ignore ? 0 : -ENOEXEC; |
46a0d98a | 938 | } |
5125e762 | 939 | if (endswith(path, "/")) { |
323dda78 | 940 | log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, 0, |
bb28e684 | 941 | "Executable path specifies a directory%s: %s", |
5008da1e | 942 | ignore ? ", ignoring" : "", path); |
bb28e684 | 943 | return ignore ? 0 : -ENOEXEC; |
46a0d98a | 944 | } |
61e5d8ed | 945 | |
108144ad | 946 | if (!(path_is_absolute(path) ? path_is_valid(path) : filename_is_valid(path))) { |
9f71ba8d ZJS |
947 | log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, 0, |
948 | "Neither a valid executable name nor an absolute path%s: %s", | |
949 | ignore ? ", ignoring" : "", path); | |
950 | return ignore ? 0 : -ENOEXEC; | |
5008da1e ZJS |
951 | } |
952 | ||
46a0d98a | 953 | if (!separate_argv0) { |
5125e762 LP |
954 | char *w = NULL; |
955 | ||
15092743 | 956 | if (!GREEDY_REALLOC0(n, nlen + 2)) |
46a0d98a | 957 | return log_oom(); |
5125e762 LP |
958 | |
959 | w = strdup(path); | |
960 | if (!w) | |
46a0d98a | 961 | return log_oom(); |
5125e762 | 962 | n[nlen++] = w; |
46a0d98a FB |
963 | n[nlen] = NULL; |
964 | } | |
7f110ff9 | 965 | |
4ff361cc | 966 | path_simplify(path); |
46a0d98a | 967 | |
4b1c1753 | 968 | while (!isempty(p)) { |
5125e762 | 969 | _cleanup_free_ char *word = NULL, *resolved = NULL; |
46a0d98a FB |
970 | |
971 | /* Check explicitly for an unquoted semicolon as | |
972 | * command separator token. */ | |
973 | if (p[0] == ';' && (!p[1] || strchr(WHITESPACE, p[1]))) { | |
313cefa1 | 974 | p++; |
46a0d98a FB |
975 | p += strspn(p, WHITESPACE); |
976 | semicolon = true; | |
977 | break; | |
c8539536 | 978 | } |
7f110ff9 | 979 | |
5125e762 LP |
980 | /* Check for \; explicitly, to not confuse it with \\; or "\;" or "\\;" etc. |
981 | * extract_first_word() would return the same for all of those. */ | |
46a0d98a | 982 | if (p[0] == '\\' && p[1] == ';' && (!p[2] || strchr(WHITESPACE, p[2]))) { |
5125e762 LP |
983 | char *w; |
984 | ||
46a0d98a FB |
985 | p += 2; |
986 | p += strspn(p, WHITESPACE); | |
5125e762 | 987 | |
15092743 | 988 | if (!GREEDY_REALLOC0(n, nlen + 2)) |
46a0d98a | 989 | return log_oom(); |
5125e762 LP |
990 | |
991 | w = strdup(";"); | |
992 | if (!w) | |
46a0d98a | 993 | return log_oom(); |
5125e762 | 994 | n[nlen++] = w; |
46a0d98a FB |
995 | n[nlen] = NULL; |
996 | continue; | |
61e5d8ed | 997 | } |
c8539536 | 998 | |
4ec85141 | 999 | r = extract_first_word_and_warn(&p, &word, NULL, EXTRACT_UNQUOTE|EXTRACT_CUNESCAPE, unit, filename, line, rvalue); |
46a0d98a FB |
1000 | if (r == 0) |
1001 | break; | |
5125e762 | 1002 | if (r < 0) |
bb28e684 | 1003 | return ignore ? 0 : -ENOEXEC; |
5125e762 | 1004 | |
58dd4999 | 1005 | r = unit_full_printf(u, word, &resolved); |
5125e762 | 1006 | if (r < 0) { |
323dda78 | 1007 | log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, r, |
063c4b1a | 1008 | "Failed to resolve unit specifiers in %s%s: %m", |
bb28e684 ZJS |
1009 | word, ignore ? ", ignoring" : ""); |
1010 | return ignore ? 0 : -ENOEXEC; | |
5125e762 | 1011 | } |
46a0d98a | 1012 | |
319a4f4b | 1013 | if (!GREEDY_REALLOC(n, nlen + 2)) |
46a0d98a | 1014 | return log_oom(); |
1cc6c93a YW |
1015 | |
1016 | n[nlen++] = TAKE_PTR(resolved); | |
46a0d98a | 1017 | n[nlen] = NULL; |
61e5d8ed LP |
1018 | } |
1019 | ||
46a0d98a | 1020 | if (!n || !n[0]) { |
323dda78 | 1021 | log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, 0, |
bb28e684 ZJS |
1022 | "Empty executable name or zeroeth argument%s: %s", |
1023 | ignore ? ", ignoring" : "", rvalue); | |
1024 | return ignore ? 0 : -ENOEXEC; | |
7f110ff9 | 1025 | } |
6c666e26 | 1026 | |
7f110ff9 | 1027 | nce = new0(ExecCommand, 1); |
46a0d98a FB |
1028 | if (!nce) |
1029 | return log_oom(); | |
61e5d8ed | 1030 | |
1cc6c93a YW |
1031 | nce->argv = TAKE_PTR(n); |
1032 | nce->path = TAKE_PTR(path); | |
165a31c0 | 1033 | nce->flags = flags; |
034c6ed7 | 1034 | |
61e5d8ed | 1035 | exec_command_append_list(e, nce); |
01f78473 | 1036 | |
46a0d98a | 1037 | /* Do not _cleanup_free_ these. */ |
46a0d98a | 1038 | nce = NULL; |
034c6ed7 | 1039 | |
46a0d98a FB |
1040 | rvalue = p; |
1041 | } while (semicolon); | |
034c6ed7 | 1042 | |
46a0d98a | 1043 | return 0; |
034c6ed7 LP |
1044 | } |
1045 | ||
d31645ad LP |
1046 | int config_parse_socket_bindtodevice( |
1047 | const char* unit, | |
1048 | const char *filename, | |
1049 | unsigned line, | |
1050 | const char *section, | |
1051 | unsigned section_line, | |
1052 | const char *lvalue, | |
1053 | int ltype, | |
1054 | const char *rvalue, | |
1055 | void *data, | |
1056 | void *userdata) { | |
acbb0225 LP |
1057 | |
1058 | Socket *s = data; | |
acbb0225 LP |
1059 | |
1060 | assert(filename); | |
1061 | assert(lvalue); | |
1062 | assert(rvalue); | |
1063 | assert(data); | |
1064 | ||
063c4b1a YW |
1065 | if (isempty(rvalue) || streq(rvalue, "*")) { |
1066 | s->bind_to_device = mfree(s->bind_to_device); | |
1067 | return 0; | |
1068 | } | |
d31645ad | 1069 | |
063c4b1a | 1070 | if (!ifname_valid(rvalue)) { |
323dda78 | 1071 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid interface name, ignoring: %s", rvalue); |
063c4b1a YW |
1072 | return 0; |
1073 | } | |
acbb0225 | 1074 | |
b3f9c17a | 1075 | return free_and_strdup_warn(&s->bind_to_device, rvalue); |
acbb0225 LP |
1076 | } |
1077 | ||
9bd6a50e LP |
1078 | int config_parse_exec_input( |
1079 | const char *unit, | |
1080 | const char *filename, | |
1081 | unsigned line, | |
1082 | const char *section, | |
1083 | unsigned section_line, | |
1084 | const char *lvalue, | |
1085 | int ltype, | |
1086 | const char *rvalue, | |
1087 | void *data, | |
1088 | void *userdata) { | |
52c239d7 | 1089 | |
52c239d7 | 1090 | ExecContext *c = data; |
47538b76 | 1091 | const Unit *u = userdata; |
2038c3f5 LP |
1092 | const char *n; |
1093 | ExecInput ei; | |
52c239d7 LB |
1094 | int r; |
1095 | ||
1096 | assert(data); | |
1097 | assert(filename); | |
1098 | assert(line); | |
1099 | assert(rvalue); | |
1100 | ||
2038c3f5 LP |
1101 | n = startswith(rvalue, "fd:"); |
1102 | if (n) { | |
1103 | _cleanup_free_ char *resolved = NULL; | |
1104 | ||
06536492 | 1105 | r = unit_fd_printf(u, n, &resolved); |
323dda78 YW |
1106 | if (r < 0) { |
1107 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", n); | |
1108 | return 0; | |
1109 | } | |
2038c3f5 LP |
1110 | |
1111 | if (isempty(resolved)) | |
1112 | resolved = mfree(resolved); | |
1113 | else if (!fdname_is_valid(resolved)) { | |
323dda78 YW |
1114 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid file descriptor name, ignoring: %s", resolved); |
1115 | return 0; | |
52c239d7 | 1116 | } |
9bd6a50e | 1117 | |
2038c3f5 LP |
1118 | free_and_replace(c->stdio_fdname[STDIN_FILENO], resolved); |
1119 | ||
1120 | ei = EXEC_INPUT_NAMED_FD; | |
1121 | ||
1122 | } else if ((n = startswith(rvalue, "file:"))) { | |
1123 | _cleanup_free_ char *resolved = NULL; | |
1124 | ||
06536492 | 1125 | r = unit_path_printf(u, n, &resolved); |
323dda78 YW |
1126 | if (r < 0) { |
1127 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", n); | |
1128 | return 0; | |
1129 | } | |
9bd6a50e | 1130 | |
2f4d31c1 YW |
1131 | r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE | PATH_CHECK_FATAL, unit, filename, line, lvalue); |
1132 | if (r < 0) | |
323dda78 | 1133 | return 0; |
2038c3f5 LP |
1134 | |
1135 | free_and_replace(c->stdio_file[STDIN_FILENO], resolved); | |
1136 | ||
1137 | ei = EXEC_INPUT_FILE; | |
9bd6a50e | 1138 | |
52c239d7 | 1139 | } else { |
9bd6a50e LP |
1140 | ei = exec_input_from_string(rvalue); |
1141 | if (ei < 0) { | |
b98680b2 | 1142 | log_syntax(unit, LOG_WARNING, filename, line, ei, "Failed to parse input specifier, ignoring: %s", rvalue); |
9bd6a50e LP |
1143 | return 0; |
1144 | } | |
52c239d7 | 1145 | } |
9bd6a50e | 1146 | |
2038c3f5 | 1147 | c->std_input = ei; |
9bd6a50e | 1148 | return 0; |
52c239d7 LB |
1149 | } |
1150 | ||
08f3be7a LP |
1151 | int config_parse_exec_input_text( |
1152 | const char *unit, | |
1153 | const char *filename, | |
1154 | unsigned line, | |
1155 | const char *section, | |
1156 | unsigned section_line, | |
1157 | const char *lvalue, | |
1158 | int ltype, | |
1159 | const char *rvalue, | |
1160 | void *data, | |
1161 | void *userdata) { | |
1162 | ||
1163 | _cleanup_free_ char *unescaped = NULL, *resolved = NULL; | |
1164 | ExecContext *c = data; | |
47538b76 | 1165 | const Unit *u = userdata; |
08f3be7a LP |
1166 | int r; |
1167 | ||
1168 | assert(data); | |
1169 | assert(filename); | |
1170 | assert(line); | |
1171 | assert(rvalue); | |
1172 | ||
1173 | if (isempty(rvalue)) { | |
1174 | /* Reset if the empty string is assigned */ | |
1175 | c->stdin_data = mfree(c->stdin_data); | |
1176 | c->stdin_data_size = 0; | |
52c239d7 LB |
1177 | return 0; |
1178 | } | |
08f3be7a | 1179 | |
e437538f ZJS |
1180 | ssize_t l = cunescape(rvalue, 0, &unescaped); |
1181 | if (l < 0) { | |
1182 | log_syntax(unit, LOG_WARNING, filename, line, l, | |
323dda78 YW |
1183 | "Failed to decode C escaped text '%s', ignoring: %m", rvalue); |
1184 | return 0; | |
1185 | } | |
08f3be7a | 1186 | |
06536492 | 1187 | r = unit_full_printf_full(u, unescaped, EXEC_STDIN_DATA_MAX, &resolved); |
323dda78 YW |
1188 | if (r < 0) { |
1189 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
1190 | "Failed to resolve unit specifiers in '%s', ignoring: %m", unescaped); | |
1191 | return 0; | |
1192 | } | |
08f3be7a | 1193 | |
e437538f | 1194 | size_t sz = strlen(resolved); |
08f3be7a LP |
1195 | if (c->stdin_data_size + sz + 1 < c->stdin_data_size || /* check for overflow */ |
1196 | c->stdin_data_size + sz + 1 > EXEC_STDIN_DATA_MAX) { | |
323dda78 YW |
1197 | log_syntax(unit, LOG_WARNING, filename, line, 0, |
1198 | "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", | |
1199 | c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX); | |
1200 | return 0; | |
08f3be7a LP |
1201 | } |
1202 | ||
e437538f | 1203 | void *p = realloc(c->stdin_data, c->stdin_data_size + sz + 1); |
08f3be7a LP |
1204 | if (!p) |
1205 | return log_oom(); | |
1206 | ||
1207 | *((char*) mempcpy((char*) p + c->stdin_data_size, resolved, sz)) = '\n'; | |
1208 | ||
1209 | c->stdin_data = p; | |
1210 | c->stdin_data_size += sz + 1; | |
1211 | ||
1212 | return 0; | |
52c239d7 LB |
1213 | } |
1214 | ||
08f3be7a LP |
1215 | int config_parse_exec_input_data( |
1216 | const char *unit, | |
1217 | const char *filename, | |
1218 | unsigned line, | |
1219 | const char *section, | |
1220 | unsigned section_line, | |
1221 | const char *lvalue, | |
1222 | int ltype, | |
1223 | const char *rvalue, | |
1224 | void *data, | |
1225 | void *userdata) { | |
1226 | ||
08f3be7a LP |
1227 | _cleanup_free_ void *p = NULL; |
1228 | ExecContext *c = data; | |
1229 | size_t sz; | |
1230 | void *q; | |
1231 | int r; | |
1232 | ||
1233 | assert(data); | |
1234 | assert(filename); | |
1235 | assert(line); | |
1236 | assert(rvalue); | |
1237 | ||
1238 | if (isempty(rvalue)) { | |
1239 | /* Reset if the empty string is assigned */ | |
1240 | c->stdin_data = mfree(c->stdin_data); | |
1241 | c->stdin_data_size = 0; | |
1242 | return 0; | |
1243 | } | |
1244 | ||
f5fbe71d | 1245 | r = unbase64mem(rvalue, SIZE_MAX, &p, &sz); |
323dda78 YW |
1246 | if (r < 0) { |
1247 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
1248 | "Failed to decode base64 data, ignoring: %s", rvalue); | |
1249 | return 0; | |
1250 | } | |
08f3be7a LP |
1251 | |
1252 | assert(sz > 0); | |
1253 | ||
1254 | if (c->stdin_data_size + sz < c->stdin_data_size || /* check for overflow */ | |
1255 | c->stdin_data_size + sz > EXEC_STDIN_DATA_MAX) { | |
323dda78 YW |
1256 | log_syntax(unit, LOG_WARNING, filename, line, 0, |
1257 | "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", | |
1258 | c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX); | |
1259 | return 0; | |
08f3be7a LP |
1260 | } |
1261 | ||
1262 | q = realloc(c->stdin_data, c->stdin_data_size + sz); | |
1263 | if (!q) | |
1264 | return log_oom(); | |
1265 | ||
1266 | memcpy((uint8_t*) q + c->stdin_data_size, p, sz); | |
1267 | ||
1268 | c->stdin_data = q; | |
1269 | c->stdin_data_size += sz; | |
1270 | ||
1271 | return 0; | |
1272 | } | |
1273 | ||
2038c3f5 LP |
1274 | int config_parse_exec_output( |
1275 | const char *unit, | |
1276 | const char *filename, | |
1277 | unsigned line, | |
1278 | const char *section, | |
1279 | unsigned section_line, | |
1280 | const char *lvalue, | |
1281 | int ltype, | |
1282 | const char *rvalue, | |
1283 | void *data, | |
1284 | void *userdata) { | |
1285 | ||
1286 | _cleanup_free_ char *resolved = NULL; | |
1287 | const char *n; | |
52c239d7 | 1288 | ExecContext *c = data; |
47538b76 | 1289 | const Unit *u = userdata; |
f3dc6af2 | 1290 | bool obsolete = false; |
52c239d7 | 1291 | ExecOutput eo; |
52c239d7 LB |
1292 | int r; |
1293 | ||
1294 | assert(data); | |
1295 | assert(filename); | |
1296 | assert(line); | |
1297 | assert(lvalue); | |
1298 | assert(rvalue); | |
1299 | ||
2038c3f5 LP |
1300 | n = startswith(rvalue, "fd:"); |
1301 | if (n) { | |
06536492 | 1302 | r = unit_fd_printf(u, n, &resolved); |
323dda78 YW |
1303 | if (r < 0) { |
1304 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n); | |
1305 | return 0; | |
1306 | } | |
2038c3f5 LP |
1307 | |
1308 | if (isempty(resolved)) | |
1309 | resolved = mfree(resolved); | |
1310 | else if (!fdname_is_valid(resolved)) { | |
323dda78 YW |
1311 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid file descriptor name, ignoring: %s", resolved); |
1312 | return 0; | |
52c239d7 | 1313 | } |
2038c3f5 | 1314 | |
52c239d7 | 1315 | eo = EXEC_OUTPUT_NAMED_FD; |
2038c3f5 | 1316 | |
f3dc6af2 LP |
1317 | } else if (streq(rvalue, "syslog")) { |
1318 | eo = EXEC_OUTPUT_JOURNAL; | |
1319 | obsolete = true; | |
1320 | ||
1321 | } else if (streq(rvalue, "syslog+console")) { | |
1322 | eo = EXEC_OUTPUT_JOURNAL_AND_CONSOLE; | |
1323 | obsolete = true; | |
1324 | ||
2038c3f5 LP |
1325 | } else if ((n = startswith(rvalue, "file:"))) { |
1326 | ||
06536492 | 1327 | r = unit_path_printf(u, n, &resolved); |
323dda78 YW |
1328 | if (r < 0) { |
1329 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", n); | |
1330 | return 0; | |
1331 | } | |
2038c3f5 | 1332 | |
2f4d31c1 YW |
1333 | r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE | PATH_CHECK_FATAL, unit, filename, line, lvalue); |
1334 | if (r < 0) | |
323dda78 | 1335 | return 0; |
2038c3f5 LP |
1336 | |
1337 | eo = EXEC_OUTPUT_FILE; | |
1338 | ||
566b7d23 ZD |
1339 | } else if ((n = startswith(rvalue, "append:"))) { |
1340 | ||
06536492 | 1341 | r = unit_path_printf(u, n, &resolved); |
323dda78 YW |
1342 | if (r < 0) { |
1343 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", n); | |
1344 | return 0; | |
1345 | } | |
566b7d23 ZD |
1346 | |
1347 | r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE | PATH_CHECK_FATAL, unit, filename, line, lvalue); | |
1348 | if (r < 0) | |
323dda78 | 1349 | return 0; |
566b7d23 ZD |
1350 | |
1351 | eo = EXEC_OUTPUT_FILE_APPEND; | |
8d7dab1f LW |
1352 | |
1353 | } else if ((n = startswith(rvalue, "truncate:"))) { | |
1354 | ||
06536492 | 1355 | r = unit_path_printf(u, n, &resolved); |
8d7dab1f LW |
1356 | if (r < 0) { |
1357 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", n); | |
1358 | return 0; | |
1359 | } | |
1360 | ||
1361 | r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE | PATH_CHECK_FATAL, unit, filename, line, lvalue); | |
1362 | if (r < 0) | |
1363 | return 0; | |
1364 | ||
1365 | eo = EXEC_OUTPUT_FILE_TRUNCATE; | |
52c239d7 LB |
1366 | } else { |
1367 | eo = exec_output_from_string(rvalue); | |
2038c3f5 | 1368 | if (eo < 0) { |
b98680b2 | 1369 | log_syntax(unit, LOG_WARNING, filename, line, eo, "Failed to parse output specifier, ignoring: %s", rvalue); |
52c239d7 LB |
1370 | return 0; |
1371 | } | |
1372 | } | |
1373 | ||
f3dc6af2 LP |
1374 | if (obsolete) |
1375 | log_syntax(unit, LOG_NOTICE, filename, line, 0, | |
1376 | "Standard output type %s is obsolete, automatically updating to %s. Please update your unit file, and consider removing the setting altogether.", | |
1377 | rvalue, exec_output_to_string(eo)); | |
1378 | ||
52c239d7 | 1379 | if (streq(lvalue, "StandardOutput")) { |
2038c3f5 LP |
1380 | if (eo == EXEC_OUTPUT_NAMED_FD) |
1381 | free_and_replace(c->stdio_fdname[STDOUT_FILENO], resolved); | |
1382 | else | |
1383 | free_and_replace(c->stdio_file[STDOUT_FILENO], resolved); | |
1384 | ||
52c239d7 | 1385 | c->std_output = eo; |
2038c3f5 | 1386 | |
52c239d7 | 1387 | } else { |
2038c3f5 LP |
1388 | assert(streq(lvalue, "StandardError")); |
1389 | ||
1390 | if (eo == EXEC_OUTPUT_NAMED_FD) | |
1391 | free_and_replace(c->stdio_fdname[STDERR_FILENO], resolved); | |
1392 | else | |
1393 | free_and_replace(c->stdio_file[STDERR_FILENO], resolved); | |
1394 | ||
1395 | c->std_error = eo; | |
52c239d7 | 1396 | } |
2038c3f5 LP |
1397 | |
1398 | return 0; | |
52c239d7 | 1399 | } |
87f0e418 | 1400 | |
e8e581bf ZJS |
1401 | int config_parse_exec_io_class(const char *unit, |
1402 | const char *filename, | |
1403 | unsigned line, | |
1404 | const char *section, | |
71a61510 | 1405 | unsigned section_line, |
e8e581bf ZJS |
1406 | const char *lvalue, |
1407 | int ltype, | |
1408 | const char *rvalue, | |
1409 | void *data, | |
1410 | void *userdata) { | |
94f04347 LP |
1411 | |
1412 | ExecContext *c = data; | |
1413 | int x; | |
1414 | ||
1415 | assert(filename); | |
1416 | assert(lvalue); | |
1417 | assert(rvalue); | |
1418 | assert(data); | |
1419 | ||
617d253a YW |
1420 | if (isempty(rvalue)) { |
1421 | c->ioprio_set = false; | |
0692548c | 1422 | c->ioprio = IOPRIO_DEFAULT_CLASS_AND_PRIO; |
617d253a YW |
1423 | return 0; |
1424 | } | |
1425 | ||
f8b69d1d MS |
1426 | x = ioprio_class_from_string(rvalue); |
1427 | if (x < 0) { | |
b98680b2 | 1428 | log_syntax(unit, LOG_WARNING, filename, line, x, "Failed to parse IO scheduling class, ignoring: %s", rvalue); |
c0b34696 | 1429 | return 0; |
0d87eb42 | 1430 | } |
94f04347 | 1431 | |
ba7772fe | 1432 | c->ioprio = ioprio_normalize(ioprio_prio_value(x, ioprio_prio_data(c->ioprio))); |
94f04347 LP |
1433 | c->ioprio_set = true; |
1434 | ||
1435 | return 0; | |
1436 | } | |
1437 | ||
e8e581bf ZJS |
1438 | int config_parse_exec_io_priority(const char *unit, |
1439 | const char *filename, | |
1440 | unsigned line, | |
1441 | const char *section, | |
71a61510 | 1442 | unsigned section_line, |
e8e581bf ZJS |
1443 | const char *lvalue, |
1444 | int ltype, | |
1445 | const char *rvalue, | |
1446 | void *data, | |
1447 | void *userdata) { | |
94f04347 LP |
1448 | |
1449 | ExecContext *c = data; | |
e8e581bf | 1450 | int i, r; |
94f04347 LP |
1451 | |
1452 | assert(filename); | |
1453 | assert(lvalue); | |
1454 | assert(rvalue); | |
1455 | assert(data); | |
1456 | ||
617d253a YW |
1457 | if (isempty(rvalue)) { |
1458 | c->ioprio_set = false; | |
0692548c | 1459 | c->ioprio = IOPRIO_DEFAULT_CLASS_AND_PRIO; |
617d253a YW |
1460 | return 0; |
1461 | } | |
1462 | ||
7f452159 LP |
1463 | r = ioprio_parse_priority(rvalue, &i); |
1464 | if (r < 0) { | |
323dda78 | 1465 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse IO priority, ignoring: %s", rvalue); |
c0b34696 | 1466 | return 0; |
071830ff LP |
1467 | } |
1468 | ||
ba7772fe | 1469 | c->ioprio = ioprio_normalize(ioprio_prio_value(ioprio_prio_class(c->ioprio), i)); |
94f04347 LP |
1470 | c->ioprio_set = true; |
1471 | ||
071830ff LP |
1472 | return 0; |
1473 | } | |
1474 | ||
e8e581bf ZJS |
1475 | int config_parse_exec_cpu_sched_policy(const char *unit, |
1476 | const char *filename, | |
1477 | unsigned line, | |
1478 | const char *section, | |
71a61510 | 1479 | unsigned section_line, |
e8e581bf ZJS |
1480 | const char *lvalue, |
1481 | int ltype, | |
1482 | const char *rvalue, | |
1483 | void *data, | |
1484 | void *userdata) { | |
9eba9da4 | 1485 | |
94f04347 LP |
1486 | ExecContext *c = data; |
1487 | int x; | |
1488 | ||
1489 | assert(filename); | |
1490 | assert(lvalue); | |
1491 | assert(rvalue); | |
1492 | assert(data); | |
1493 | ||
b00e1a9e YW |
1494 | if (isempty(rvalue)) { |
1495 | c->cpu_sched_set = false; | |
1496 | c->cpu_sched_policy = SCHED_OTHER; | |
1497 | c->cpu_sched_priority = 0; | |
1498 | return 0; | |
1499 | } | |
1500 | ||
f8b69d1d MS |
1501 | x = sched_policy_from_string(rvalue); |
1502 | if (x < 0) { | |
b98680b2 | 1503 | log_syntax(unit, LOG_WARNING, filename, line, x, "Failed to parse CPU scheduling policy, ignoring: %s", rvalue); |
c0b34696 | 1504 | return 0; |
0d87eb42 | 1505 | } |
94f04347 LP |
1506 | |
1507 | c->cpu_sched_policy = x; | |
bb112710 HHPF |
1508 | /* Moving to or from real-time policy? We need to adjust the priority */ |
1509 | c->cpu_sched_priority = CLAMP(c->cpu_sched_priority, sched_get_priority_min(x), sched_get_priority_max(x)); | |
94f04347 LP |
1510 | c->cpu_sched_set = true; |
1511 | ||
1512 | return 0; | |
1513 | } | |
1514 | ||
5e98086d ZJS |
1515 | int config_parse_exec_mount_apivfs(const char *unit, |
1516 | const char *filename, | |
1517 | unsigned line, | |
1518 | const char *section, | |
1519 | unsigned section_line, | |
1520 | const char *lvalue, | |
1521 | int ltype, | |
1522 | const char *rvalue, | |
1523 | void *data, | |
1524 | void *userdata) { | |
1525 | ||
1526 | ExecContext *c = data; | |
1527 | int k; | |
1528 | ||
1529 | assert(filename); | |
1530 | assert(lvalue); | |
1531 | assert(rvalue); | |
1532 | assert(data); | |
1533 | ||
1534 | if (isempty(rvalue)) { | |
1535 | c->mount_apivfs_set = false; | |
1536 | c->mount_apivfs = false; | |
1537 | return 0; | |
1538 | } | |
1539 | ||
1540 | k = parse_boolean(rvalue); | |
1541 | if (k < 0) { | |
1542 | log_syntax(unit, LOG_WARNING, filename, line, k, | |
1543 | "Failed to parse boolean value, ignoring: %s", | |
1544 | rvalue); | |
1545 | return 0; | |
1546 | } | |
1547 | ||
1548 | c->mount_apivfs_set = true; | |
1549 | c->mount_apivfs = k; | |
1550 | return 0; | |
1551 | } | |
1552 | ||
b070c7c0 MS |
1553 | int config_parse_numa_mask(const char *unit, |
1554 | const char *filename, | |
1555 | unsigned line, | |
1556 | const char *section, | |
1557 | unsigned section_line, | |
1558 | const char *lvalue, | |
1559 | int ltype, | |
1560 | const char *rvalue, | |
1561 | void *data, | |
1562 | void *userdata) { | |
1563 | int r; | |
1564 | NUMAPolicy *p = data; | |
1565 | ||
1566 | assert(filename); | |
1567 | assert(lvalue); | |
1568 | assert(rvalue); | |
1569 | assert(data); | |
1570 | ||
332d387f MS |
1571 | if (streq(rvalue, "all")) { |
1572 | r = numa_mask_add_all(&p->nodes); | |
323dda78 YW |
1573 | if (r < 0) |
1574 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
1575 | "Failed to create NUMA mask representing \"all\" NUMA nodes, ignoring: %m"); | |
332d387f MS |
1576 | } else { |
1577 | r = parse_cpu_set_extend(rvalue, &p->nodes, true, unit, filename, line, lvalue); | |
323dda78 YW |
1578 | if (r < 0) |
1579 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse NUMA node mask, ignoring: %s", rvalue); | |
b070c7c0 MS |
1580 | } |
1581 | ||
323dda78 | 1582 | return 0; |
b070c7c0 MS |
1583 | } |
1584 | ||
e8e581bf ZJS |
1585 | int config_parse_exec_cpu_sched_prio(const char *unit, |
1586 | const char *filename, | |
1587 | unsigned line, | |
1588 | const char *section, | |
71a61510 | 1589 | unsigned section_line, |
e8e581bf ZJS |
1590 | const char *lvalue, |
1591 | int ltype, | |
1592 | const char *rvalue, | |
1593 | void *data, | |
1594 | void *userdata) { | |
9eba9da4 LP |
1595 | |
1596 | ExecContext *c = data; | |
e8e581bf | 1597 | int i, min, max, r; |
9eba9da4 LP |
1598 | |
1599 | assert(filename); | |
1600 | assert(lvalue); | |
1601 | assert(rvalue); | |
1602 | assert(data); | |
1603 | ||
e8e581bf ZJS |
1604 | r = safe_atoi(rvalue, &i); |
1605 | if (r < 0) { | |
323dda78 | 1606 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse CPU scheduling priority, ignoring: %s", rvalue); |
c0b34696 | 1607 | return 0; |
94f04347 | 1608 | } |
9eba9da4 | 1609 | |
bb112710 HHPF |
1610 | /* On Linux RR/FIFO range from 1 to 99 and OTHER/BATCH may only be 0 */ |
1611 | min = sched_get_priority_min(c->cpu_sched_policy); | |
1612 | max = sched_get_priority_max(c->cpu_sched_policy); | |
1613 | ||
1614 | if (i < min || i > max) { | |
323dda78 | 1615 | log_syntax(unit, LOG_WARNING, filename, line, 0, "CPU scheduling priority is out of range, ignoring: %s", rvalue); |
bb112710 HHPF |
1616 | return 0; |
1617 | } | |
1618 | ||
94f04347 LP |
1619 | c->cpu_sched_priority = i; |
1620 | c->cpu_sched_set = true; | |
1621 | ||
1622 | return 0; | |
1623 | } | |
1624 | ||
18d73705 LB |
1625 | int config_parse_root_image_options( |
1626 | const char *unit, | |
1627 | const char *filename, | |
1628 | unsigned line, | |
1629 | const char *section, | |
1630 | unsigned section_line, | |
1631 | const char *lvalue, | |
1632 | int ltype, | |
1633 | const char *rvalue, | |
1634 | void *data, | |
1635 | void *userdata) { | |
1636 | ||
1637 | _cleanup_(mount_options_free_allp) MountOptions *options = NULL; | |
bc8d56d3 | 1638 | _cleanup_strv_free_ char **l = NULL; |
18d73705 LB |
1639 | ExecContext *c = data; |
1640 | const Unit *u = userdata; | |
18d73705 LB |
1641 | int r; |
1642 | ||
1643 | assert(filename); | |
1644 | assert(lvalue); | |
1645 | assert(rvalue); | |
1646 | assert(data); | |
1647 | ||
1648 | if (isempty(rvalue)) { | |
1649 | c->root_image_options = mount_options_free_all(c->root_image_options); | |
1650 | return 0; | |
1651 | } | |
1652 | ||
bc8d56d3 LB |
1653 | r = strv_split_colon_pairs(&l, rvalue); |
1654 | if (r == -ENOMEM) | |
1655 | return log_oom(); | |
1656 | if (r < 0) { | |
323dda78 | 1657 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s, ignoring: %s", lvalue, rvalue); |
bc8d56d3 LB |
1658 | return 0; |
1659 | } | |
18d73705 | 1660 | |
bc8d56d3 | 1661 | STRV_FOREACH_PAIR(first, second, l) { |
18d73705 | 1662 | MountOptions *o = NULL; |
9ece6444 LB |
1663 | _cleanup_free_ char *mount_options_resolved = NULL; |
1664 | const char *mount_options = NULL, *partition = "root"; | |
569a0e42 | 1665 | PartitionDesignator partition_designator; |
18d73705 | 1666 | |
9ece6444 | 1667 | /* Format is either 'root:foo' or 'foo' (root is implied) */ |
bc8d56d3 | 1668 | if (!isempty(*second)) { |
9ece6444 | 1669 | partition = *first; |
bc8d56d3 | 1670 | mount_options = *second; |
18d73705 | 1671 | } else |
bc8d56d3 | 1672 | mount_options = *first; |
18d73705 | 1673 | |
9ece6444 LB |
1674 | partition_designator = partition_designator_from_string(partition); |
1675 | if (partition_designator < 0) { | |
b98680b2 YW |
1676 | log_syntax(unit, LOG_WARNING, filename, line, partition_designator, |
1677 | "Invalid partition name %s, ignoring", partition); | |
18d73705 LB |
1678 | continue; |
1679 | } | |
18d73705 LB |
1680 | r = unit_full_printf(u, mount_options, &mount_options_resolved); |
1681 | if (r < 0) { | |
323dda78 | 1682 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", mount_options); |
18d73705 LB |
1683 | continue; |
1684 | } | |
1685 | ||
1686 | o = new(MountOptions, 1); | |
1687 | if (!o) | |
1688 | return log_oom(); | |
1689 | *o = (MountOptions) { | |
9ece6444 | 1690 | .partition_designator = partition_designator, |
18d73705 LB |
1691 | .options = TAKE_PTR(mount_options_resolved), |
1692 | }; | |
9ece6444 | 1693 | LIST_APPEND(mount_options, options, TAKE_PTR(o)); |
18d73705 LB |
1694 | } |
1695 | ||
64903d18 | 1696 | if (options) |
18d73705 | 1697 | LIST_JOIN(mount_options, c->root_image_options, options); |
64903d18 ZJS |
1698 | else |
1699 | /* empty spaces/separators only */ | |
1700 | c->root_image_options = mount_options_free_all(c->root_image_options); | |
18d73705 LB |
1701 | |
1702 | return 0; | |
1703 | } | |
1704 | ||
0389f4fa LB |
1705 | int config_parse_exec_root_hash( |
1706 | const char *unit, | |
1707 | const char *filename, | |
1708 | unsigned line, | |
1709 | const char *section, | |
1710 | unsigned section_line, | |
1711 | const char *lvalue, | |
1712 | int ltype, | |
1713 | const char *rvalue, | |
1714 | void *data, | |
1715 | void *userdata) { | |
1716 | ||
1717 | _cleanup_free_ void *roothash_decoded = NULL; | |
1718 | ExecContext *c = data; | |
1719 | size_t roothash_decoded_size = 0; | |
1720 | int r; | |
1721 | ||
1722 | assert(data); | |
1723 | assert(filename); | |
1724 | assert(line); | |
1725 | assert(rvalue); | |
1726 | ||
1727 | if (isempty(rvalue)) { | |
1728 | /* Reset if the empty string is assigned */ | |
1729 | c->root_hash_path = mfree(c->root_hash_path); | |
1730 | c->root_hash = mfree(c->root_hash); | |
1731 | c->root_hash_size = 0; | |
1732 | return 0; | |
1733 | } | |
1734 | ||
1735 | if (path_is_absolute(rvalue)) { | |
1736 | /* We have the path to a roothash to load and decode, eg: RootHash=/foo/bar.roothash */ | |
1737 | _cleanup_free_ char *p = NULL; | |
1738 | ||
1739 | p = strdup(rvalue); | |
1740 | if (!p) | |
1741 | return -ENOMEM; | |
1742 | ||
1743 | free_and_replace(c->root_hash_path, p); | |
1744 | c->root_hash = mfree(c->root_hash); | |
1745 | c->root_hash_size = 0; | |
1746 | return 0; | |
1747 | } | |
1748 | ||
1749 | /* We have a roothash to decode, eg: RootHash=012345789abcdef */ | |
1750 | r = unhexmem(rvalue, strlen(rvalue), &roothash_decoded, &roothash_decoded_size); | |
323dda78 YW |
1751 | if (r < 0) { |
1752 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to decode RootHash=, ignoring: %s", rvalue); | |
1753 | return 0; | |
1754 | } | |
1755 | if (roothash_decoded_size < sizeof(sd_id128_t)) { | |
1756 | log_syntax(unit, LOG_WARNING, filename, line, 0, "RootHash= is too short, ignoring: %s", rvalue); | |
1757 | return 0; | |
1758 | } | |
0389f4fa LB |
1759 | |
1760 | free_and_replace(c->root_hash, roothash_decoded); | |
1761 | c->root_hash_size = roothash_decoded_size; | |
1762 | c->root_hash_path = mfree(c->root_hash_path); | |
1763 | ||
1764 | return 0; | |
1765 | } | |
1766 | ||
d4d55b0d LB |
1767 | int config_parse_exec_root_hash_sig( |
1768 | const char *unit, | |
1769 | const char *filename, | |
1770 | unsigned line, | |
1771 | const char *section, | |
1772 | unsigned section_line, | |
1773 | const char *lvalue, | |
1774 | int ltype, | |
1775 | const char *rvalue, | |
1776 | void *data, | |
1777 | void *userdata) { | |
1778 | ||
1779 | _cleanup_free_ void *roothash_sig_decoded = NULL; | |
1780 | char *value; | |
1781 | ExecContext *c = data; | |
1782 | size_t roothash_sig_decoded_size = 0; | |
1783 | int r; | |
1784 | ||
1785 | assert(data); | |
1786 | assert(filename); | |
1787 | assert(line); | |
1788 | assert(rvalue); | |
1789 | ||
1790 | if (isempty(rvalue)) { | |
1791 | /* Reset if the empty string is assigned */ | |
1792 | c->root_hash_sig_path = mfree(c->root_hash_sig_path); | |
1793 | c->root_hash_sig = mfree(c->root_hash_sig); | |
1794 | c->root_hash_sig_size = 0; | |
1795 | return 0; | |
1796 | } | |
1797 | ||
1798 | if (path_is_absolute(rvalue)) { | |
1799 | /* We have the path to a roothash signature to load and decode, eg: RootHashSignature=/foo/bar.roothash.p7s */ | |
1800 | _cleanup_free_ char *p = NULL; | |
1801 | ||
1802 | p = strdup(rvalue); | |
1803 | if (!p) | |
323dda78 | 1804 | return log_oom(); |
d4d55b0d LB |
1805 | |
1806 | free_and_replace(c->root_hash_sig_path, p); | |
1807 | c->root_hash_sig = mfree(c->root_hash_sig); | |
1808 | c->root_hash_sig_size = 0; | |
1809 | return 0; | |
1810 | } | |
1811 | ||
323dda78 YW |
1812 | if (!(value = startswith(rvalue, "base64:"))) { |
1813 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
1814 | "Failed to decode RootHashSignature=, not a path but doesn't start with 'base64:', ignoring: %s", rvalue); | |
1815 | return 0; | |
1816 | } | |
d4d55b0d LB |
1817 | |
1818 | /* We have a roothash signature to decode, eg: RootHashSignature=base64:012345789abcdef */ | |
1819 | r = unbase64mem(value, strlen(value), &roothash_sig_decoded, &roothash_sig_decoded_size); | |
323dda78 YW |
1820 | if (r < 0) { |
1821 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to decode RootHashSignature=, ignoring: %s", rvalue); | |
1822 | return 0; | |
1823 | } | |
d4d55b0d LB |
1824 | |
1825 | free_and_replace(c->root_hash_sig, roothash_sig_decoded); | |
1826 | c->root_hash_sig_size = roothash_sig_decoded_size; | |
1827 | c->root_hash_sig_path = mfree(c->root_hash_sig_path); | |
1828 | ||
1829 | return 0; | |
1830 | } | |
1831 | ||
ca9169f4 YW |
1832 | int config_parse_exec_cpu_affinity( |
1833 | const char *unit, | |
1834 | const char *filename, | |
1835 | unsigned line, | |
1836 | const char *section, | |
1837 | unsigned section_line, | |
1838 | const char *lvalue, | |
1839 | int ltype, | |
1840 | const char *rvalue, | |
1841 | void *data, | |
1842 | void *userdata) { | |
94f04347 LP |
1843 | |
1844 | ExecContext *c = data; | |
54cfe9a7 FG |
1845 | const Unit *u = userdata; |
1846 | _cleanup_free_ char *k = NULL; | |
e2b2fb7f | 1847 | int r; |
94f04347 LP |
1848 | |
1849 | assert(filename); | |
1850 | assert(lvalue); | |
1851 | assert(rvalue); | |
1852 | assert(data); | |
1853 | ||
e2b2fb7f MS |
1854 | if (streq(rvalue, "numa")) { |
1855 | c->cpu_affinity_from_numa = true; | |
1856 | cpu_set_reset(&c->cpu_set); | |
1857 | ||
1858 | return 0; | |
1859 | } | |
1860 | ||
54cfe9a7 FG |
1861 | r = unit_full_printf(u, rvalue, &k); |
1862 | if (r < 0) { | |
1863 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
1864 | "Failed to resolve unit specifiers in '%s', ignoring: %m", | |
1865 | rvalue); | |
1866 | return 0; | |
1867 | } | |
1868 | ||
1869 | r = parse_cpu_set_extend(k, &c->cpu_set, true, unit, filename, line, lvalue); | |
e2b2fb7f MS |
1870 | if (r >= 0) |
1871 | c->cpu_affinity_from_numa = false; | |
1872 | ||
ca9169f4 | 1873 | return 0; |
94f04347 LP |
1874 | } |
1875 | ||
a103496c | 1876 | int config_parse_capability_set( |
65dce264 LP |
1877 | const char *unit, |
1878 | const char *filename, | |
1879 | unsigned line, | |
1880 | const char *section, | |
1881 | unsigned section_line, | |
1882 | const char *lvalue, | |
1883 | int ltype, | |
1884 | const char *rvalue, | |
1885 | void *data, | |
1886 | void *userdata) { | |
94f04347 | 1887 | |
a103496c IP |
1888 | uint64_t *capability_set = data; |
1889 | uint64_t sum = 0, initial = 0; | |
260abb78 | 1890 | bool invert = false; |
dd1f5bd0 | 1891 | int r; |
94f04347 LP |
1892 | |
1893 | assert(filename); | |
1894 | assert(lvalue); | |
1895 | assert(rvalue); | |
1896 | assert(data); | |
1897 | ||
260abb78 LP |
1898 | if (rvalue[0] == '~') { |
1899 | invert = true; | |
1900 | rvalue++; | |
1901 | } | |
1902 | ||
70d54d90 | 1903 | if (streq(lvalue, "CapabilityBoundingSet")) |
a103496c | 1904 | initial = CAP_ALL; /* initialized to all bits on */ |
755d4b67 | 1905 | /* else "AmbientCapabilities" initialized to all bits off */ |
260abb78 | 1906 | |
dd1f5bd0 | 1907 | r = capability_set_from_string(rvalue, &sum); |
dd1f5bd0 | 1908 | if (r < 0) { |
323dda78 | 1909 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s= specifier '%s', ignoring: %m", lvalue, rvalue); |
dd1f5bd0 | 1910 | return 0; |
94f04347 | 1911 | } |
9eba9da4 | 1912 | |
a103496c | 1913 | if (sum == 0 || *capability_set == initial) |
c792ec2e IP |
1914 | /* "", "~" or uninitialized data -> replace */ |
1915 | *capability_set = invert ? ~sum : sum; | |
1916 | else { | |
a103496c | 1917 | /* previous data -> merge */ |
c792ec2e IP |
1918 | if (invert) |
1919 | *capability_set &= ~sum; | |
1920 | else | |
1921 | *capability_set |= sum; | |
1922 | } | |
260abb78 | 1923 | |
9eba9da4 LP |
1924 | return 0; |
1925 | } | |
1926 | ||
5f8640fb LP |
1927 | int config_parse_exec_selinux_context( |
1928 | const char *unit, | |
1929 | const char *filename, | |
1930 | unsigned line, | |
1931 | const char *section, | |
1932 | unsigned section_line, | |
1933 | const char *lvalue, | |
1934 | int ltype, | |
1935 | const char *rvalue, | |
1936 | void *data, | |
1937 | void *userdata) { | |
1938 | ||
1939 | ExecContext *c = data; | |
47538b76 | 1940 | const Unit *u = userdata; |
5f8640fb LP |
1941 | bool ignore; |
1942 | char *k; | |
1943 | int r; | |
1944 | ||
1945 | assert(filename); | |
1946 | assert(lvalue); | |
1947 | assert(rvalue); | |
1948 | assert(data); | |
1949 | ||
1950 | if (isempty(rvalue)) { | |
a1e58e8e | 1951 | c->selinux_context = mfree(c->selinux_context); |
5f8640fb LP |
1952 | c->selinux_context_ignore = false; |
1953 | return 0; | |
1954 | } | |
1955 | ||
1956 | if (rvalue[0] == '-') { | |
1957 | ignore = true; | |
1958 | rvalue++; | |
1959 | } else | |
1960 | ignore = false; | |
1961 | ||
18913df9 | 1962 | r = unit_full_printf(u, rvalue, &k); |
5f8640fb | 1963 | if (r < 0) { |
323dda78 | 1964 | log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, r, |
063c4b1a YW |
1965 | "Failed to resolve unit specifiers in '%s'%s: %m", |
1966 | rvalue, ignore ? ", ignoring" : ""); | |
bb28e684 | 1967 | return ignore ? 0 : -ENOEXEC; |
5f8640fb LP |
1968 | } |
1969 | ||
063c4b1a | 1970 | free_and_replace(c->selinux_context, k); |
5f8640fb LP |
1971 | c->selinux_context_ignore = ignore; |
1972 | ||
1973 | return 0; | |
1974 | } | |
1975 | ||
eef65bf3 MS |
1976 | int config_parse_exec_apparmor_profile( |
1977 | const char *unit, | |
1978 | const char *filename, | |
1979 | unsigned line, | |
1980 | const char *section, | |
1981 | unsigned section_line, | |
1982 | const char *lvalue, | |
1983 | int ltype, | |
1984 | const char *rvalue, | |
1985 | void *data, | |
1986 | void *userdata) { | |
1987 | ||
1988 | ExecContext *c = data; | |
47538b76 | 1989 | const Unit *u = userdata; |
eef65bf3 MS |
1990 | bool ignore; |
1991 | char *k; | |
1992 | int r; | |
1993 | ||
1994 | assert(filename); | |
1995 | assert(lvalue); | |
1996 | assert(rvalue); | |
1997 | assert(data); | |
1998 | ||
1999 | if (isempty(rvalue)) { | |
a1e58e8e | 2000 | c->apparmor_profile = mfree(c->apparmor_profile); |
eef65bf3 MS |
2001 | c->apparmor_profile_ignore = false; |
2002 | return 0; | |
2003 | } | |
2004 | ||
2005 | if (rvalue[0] == '-') { | |
2006 | ignore = true; | |
2007 | rvalue++; | |
2008 | } else | |
2009 | ignore = false; | |
2010 | ||
18913df9 | 2011 | r = unit_full_printf(u, rvalue, &k); |
eef65bf3 | 2012 | if (r < 0) { |
323dda78 | 2013 | log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, r, |
063c4b1a YW |
2014 | "Failed to resolve unit specifiers in '%s'%s: %m", |
2015 | rvalue, ignore ? ", ignoring" : ""); | |
bb28e684 | 2016 | return ignore ? 0 : -ENOEXEC; |
eef65bf3 MS |
2017 | } |
2018 | ||
063c4b1a | 2019 | free_and_replace(c->apparmor_profile, k); |
eef65bf3 MS |
2020 | c->apparmor_profile_ignore = ignore; |
2021 | ||
2022 | return 0; | |
2023 | } | |
2024 | ||
2ca620c4 WC |
2025 | int config_parse_exec_smack_process_label( |
2026 | const char *unit, | |
2027 | const char *filename, | |
2028 | unsigned line, | |
2029 | const char *section, | |
2030 | unsigned section_line, | |
2031 | const char *lvalue, | |
2032 | int ltype, | |
2033 | const char *rvalue, | |
2034 | void *data, | |
2035 | void *userdata) { | |
2036 | ||
2037 | ExecContext *c = data; | |
47538b76 | 2038 | const Unit *u = userdata; |
2ca620c4 WC |
2039 | bool ignore; |
2040 | char *k; | |
2041 | int r; | |
2042 | ||
2043 | assert(filename); | |
2044 | assert(lvalue); | |
2045 | assert(rvalue); | |
2046 | assert(data); | |
2047 | ||
2048 | if (isempty(rvalue)) { | |
a1e58e8e | 2049 | c->smack_process_label = mfree(c->smack_process_label); |
2ca620c4 WC |
2050 | c->smack_process_label_ignore = false; |
2051 | return 0; | |
2052 | } | |
2053 | ||
2054 | if (rvalue[0] == '-') { | |
2055 | ignore = true; | |
2056 | rvalue++; | |
2057 | } else | |
2058 | ignore = false; | |
2059 | ||
18913df9 | 2060 | r = unit_full_printf(u, rvalue, &k); |
2ca620c4 | 2061 | if (r < 0) { |
323dda78 | 2062 | log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, r, |
063c4b1a YW |
2063 | "Failed to resolve unit specifiers in '%s'%s: %m", |
2064 | rvalue, ignore ? ", ignoring" : ""); | |
bb28e684 | 2065 | return ignore ? 0 : -ENOEXEC; |
2ca620c4 WC |
2066 | } |
2067 | ||
063c4b1a | 2068 | free_and_replace(c->smack_process_label, k); |
2ca620c4 WC |
2069 | c->smack_process_label_ignore = ignore; |
2070 | ||
2071 | return 0; | |
2072 | } | |
2073 | ||
25a04ae5 LP |
2074 | int config_parse_timer( |
2075 | const char *unit, | |
2076 | const char *filename, | |
2077 | unsigned line, | |
2078 | const char *section, | |
2079 | unsigned section_line, | |
2080 | const char *lvalue, | |
2081 | int ltype, | |
2082 | const char *rvalue, | |
2083 | void *data, | |
2084 | void *userdata) { | |
871d7de4 | 2085 | |
25a04ae5 LP |
2086 | _cleanup_(calendar_spec_freep) CalendarSpec *c = NULL; |
2087 | _cleanup_free_ char *k = NULL; | |
47538b76 | 2088 | const Unit *u = userdata; |
871d7de4 | 2089 | Timer *t = data; |
2507992f | 2090 | usec_t usec = 0; |
871d7de4 | 2091 | TimerValue *v; |
2507992f | 2092 | int r; |
871d7de4 LP |
2093 | |
2094 | assert(filename); | |
2095 | assert(lvalue); | |
2096 | assert(rvalue); | |
2097 | assert(data); | |
2098 | ||
74051b9b LP |
2099 | if (isempty(rvalue)) { |
2100 | /* Empty assignment resets list */ | |
2101 | timer_free_values(t); | |
2102 | return 0; | |
2103 | } | |
2104 | ||
2507992f DC |
2105 | r = unit_full_printf(u, rvalue, &k); |
2106 | if (r < 0) { | |
323dda78 | 2107 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); |
2507992f DC |
2108 | return 0; |
2109 | } | |
2110 | ||
25a04ae5 | 2111 | if (ltype == TIMER_CALENDAR) { |
dc44c96d LP |
2112 | r = calendar_spec_from_string(k, &c); |
2113 | if (r < 0) { | |
323dda78 | 2114 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse calendar specification, ignoring: %s", k); |
36697dc0 LP |
2115 | return 0; |
2116 | } | |
dc44c96d LP |
2117 | } else { |
2118 | r = parse_sec(k, &usec); | |
2119 | if (r < 0) { | |
323dda78 | 2120 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse timer value, ignoring: %s", k); |
36697dc0 LP |
2121 | return 0; |
2122 | } | |
dc44c96d | 2123 | } |
871d7de4 | 2124 | |
25a04ae5 | 2125 | v = new(TimerValue, 1); |
921b5987 | 2126 | if (!v) |
74051b9b | 2127 | return log_oom(); |
871d7de4 | 2128 | |
25a04ae5 LP |
2129 | *v = (TimerValue) { |
2130 | .base = ltype, | |
2131 | .value = usec, | |
2132 | .calendar_spec = TAKE_PTR(c), | |
2133 | }; | |
871d7de4 | 2134 | |
71fda00f | 2135 | LIST_PREPEND(value, t->values, v); |
871d7de4 LP |
2136 | |
2137 | return 0; | |
2138 | } | |
2139 | ||
3ecaa09b LP |
2140 | int config_parse_trigger_unit( |
2141 | const char *unit, | |
2142 | const char *filename, | |
2143 | unsigned line, | |
2144 | const char *section, | |
71a61510 | 2145 | unsigned section_line, |
3ecaa09b LP |
2146 | const char *lvalue, |
2147 | int ltype, | |
2148 | const char *rvalue, | |
2149 | void *data, | |
2150 | void *userdata) { | |
871d7de4 | 2151 | |
74051b9b | 2152 | _cleanup_free_ char *p = NULL; |
3ecaa09b LP |
2153 | Unit *u = data; |
2154 | UnitType type; | |
2155 | int r; | |
398ef8ba LP |
2156 | |
2157 | assert(filename); | |
2158 | assert(lvalue); | |
2159 | assert(rvalue); | |
2160 | assert(data); | |
2161 | ||
bc32241e | 2162 | if (UNIT_TRIGGER(u)) { |
323dda78 | 2163 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Multiple units to trigger specified, ignoring: %s", rvalue); |
3ecaa09b LP |
2164 | return 0; |
2165 | } | |
871d7de4 | 2166 | |
19f6d710 | 2167 | r = unit_name_printf(u, rvalue, &p); |
12ca818f | 2168 | if (r < 0) { |
323dda78 | 2169 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue); |
12ca818f LP |
2170 | return 0; |
2171 | } | |
74051b9b | 2172 | |
12ca818f | 2173 | type = unit_name_to_type(p); |
3ecaa09b | 2174 | if (type < 0) { |
b98680b2 | 2175 | log_syntax(unit, LOG_WARNING, filename, line, type, "Unit type not valid, ignoring: %s", rvalue); |
c0b34696 | 2176 | return 0; |
871d7de4 | 2177 | } |
49219a1c | 2178 | if (unit_has_name(u, p)) { |
323dda78 | 2179 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Units cannot trigger themselves, ignoring: %s", rvalue); |
3ecaa09b LP |
2180 | return 0; |
2181 | } | |
2182 | ||
5a724170 | 2183 | r = unit_add_two_dependencies_by_name(u, UNIT_BEFORE, UNIT_TRIGGERS, p, true, UNIT_DEPENDENCY_FILE); |
57020a3a | 2184 | if (r < 0) { |
323dda78 | 2185 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to add trigger on %s, ignoring: %m", p); |
c0b34696 | 2186 | return 0; |
871d7de4 LP |
2187 | } |
2188 | ||
2189 | return 0; | |
2190 | } | |
2191 | ||
e8e581bf ZJS |
2192 | int config_parse_path_spec(const char *unit, |
2193 | const char *filename, | |
2194 | unsigned line, | |
2195 | const char *section, | |
71a61510 | 2196 | unsigned section_line, |
e8e581bf ZJS |
2197 | const char *lvalue, |
2198 | int ltype, | |
2199 | const char *rvalue, | |
2200 | void *data, | |
2201 | void *userdata) { | |
01f78473 LP |
2202 | |
2203 | Path *p = data; | |
2204 | PathSpec *s; | |
2205 | PathType b; | |
7fd1b19b | 2206 | _cleanup_free_ char *k = NULL; |
19f6d710 | 2207 | int r; |
01f78473 LP |
2208 | |
2209 | assert(filename); | |
2210 | assert(lvalue); | |
2211 | assert(rvalue); | |
2212 | assert(data); | |
2213 | ||
74051b9b LP |
2214 | if (isempty(rvalue)) { |
2215 | /* Empty assignment clears list */ | |
2216 | path_free_specs(p); | |
2217 | return 0; | |
2218 | } | |
2219 | ||
93e4c84b LP |
2220 | b = path_type_from_string(lvalue); |
2221 | if (b < 0) { | |
b98680b2 | 2222 | log_syntax(unit, LOG_WARNING, filename, line, b, "Failed to parse path type, ignoring: %s", lvalue); |
c0b34696 | 2223 | return 0; |
01f78473 LP |
2224 | } |
2225 | ||
06536492 | 2226 | r = unit_path_printf(UNIT(p), rvalue, &k); |
19f6d710 | 2227 | if (r < 0) { |
323dda78 | 2228 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue); |
12ca818f | 2229 | return 0; |
487060c2 | 2230 | } |
93e4c84b | 2231 | |
2f4d31c1 YW |
2232 | r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); |
2233 | if (r < 0) | |
c0b34696 | 2234 | return 0; |
01f78473 | 2235 | |
93e4c84b | 2236 | s = new0(PathSpec, 1); |
543295ad | 2237 | if (!s) |
93e4c84b | 2238 | return log_oom(); |
01f78473 | 2239 | |
718db961 | 2240 | s->unit = UNIT(p); |
063c4b1a | 2241 | s->path = TAKE_PTR(k); |
01f78473 LP |
2242 | s->type = b; |
2243 | s->inotify_fd = -1; | |
2244 | ||
71fda00f | 2245 | LIST_PREPEND(spec, p->specs, s); |
01f78473 LP |
2246 | |
2247 | return 0; | |
2248 | } | |
2249 | ||
b02cb41c LP |
2250 | int config_parse_socket_service( |
2251 | const char *unit, | |
2252 | const char *filename, | |
2253 | unsigned line, | |
2254 | const char *section, | |
2255 | unsigned section_line, | |
2256 | const char *lvalue, | |
2257 | int ltype, | |
2258 | const char *rvalue, | |
2259 | void *data, | |
2260 | void *userdata) { | |
d9ff321a | 2261 | |
4afd3348 | 2262 | _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; |
8dd4c05b | 2263 | _cleanup_free_ char *p = NULL; |
d9ff321a | 2264 | Socket *s = data; |
4ff77f66 | 2265 | Unit *x; |
8dd4c05b | 2266 | int r; |
d9ff321a LP |
2267 | |
2268 | assert(filename); | |
2269 | assert(lvalue); | |
2270 | assert(rvalue); | |
2271 | assert(data); | |
2272 | ||
19f6d710 | 2273 | r = unit_name_printf(UNIT(s), rvalue, &p); |
613b411c | 2274 | if (r < 0) { |
323dda78 YW |
2275 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue); |
2276 | return 0; | |
613b411c | 2277 | } |
74051b9b | 2278 | |
613b411c | 2279 | if (!endswith(p, ".service")) { |
323dda78 YW |
2280 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Unit must be of type service, ignoring: %s", rvalue); |
2281 | return 0; | |
d9ff321a LP |
2282 | } |
2283 | ||
613b411c | 2284 | r = manager_load_unit(UNIT(s)->manager, p, NULL, &error, &x); |
4ff77f66 | 2285 | if (r < 0) { |
323dda78 YW |
2286 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to load unit %s, ignoring: %s", rvalue, bus_error_message(&error, r)); |
2287 | return 0; | |
d9ff321a LP |
2288 | } |
2289 | ||
7f7d01ed | 2290 | unit_ref_set(&s->service, UNIT(s), x); |
4ff77f66 | 2291 | |
d9ff321a LP |
2292 | return 0; |
2293 | } | |
2294 | ||
8dd4c05b LP |
2295 | int config_parse_fdname( |
2296 | const char *unit, | |
2297 | const char *filename, | |
2298 | unsigned line, | |
2299 | const char *section, | |
2300 | unsigned section_line, | |
2301 | const char *lvalue, | |
2302 | int ltype, | |
2303 | const char *rvalue, | |
2304 | void *data, | |
2305 | void *userdata) { | |
2306 | ||
2307 | _cleanup_free_ char *p = NULL; | |
2308 | Socket *s = data; | |
2309 | int r; | |
2310 | ||
2311 | assert(filename); | |
2312 | assert(lvalue); | |
2313 | assert(rvalue); | |
2314 | assert(data); | |
2315 | ||
2316 | if (isempty(rvalue)) { | |
2317 | s->fdname = mfree(s->fdname); | |
2318 | return 0; | |
2319 | } | |
2320 | ||
06536492 | 2321 | r = unit_fd_printf(UNIT(s), rvalue, &p); |
8dd4c05b | 2322 | if (r < 0) { |
323dda78 | 2323 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); |
8dd4c05b LP |
2324 | return 0; |
2325 | } | |
2326 | ||
2327 | if (!fdname_is_valid(p)) { | |
323dda78 | 2328 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid file descriptor name, ignoring: %s", p); |
8dd4c05b LP |
2329 | return 0; |
2330 | } | |
2331 | ||
3b319885 | 2332 | return free_and_replace(s->fdname, p); |
8dd4c05b LP |
2333 | } |
2334 | ||
b02cb41c LP |
2335 | int config_parse_service_sockets( |
2336 | const char *unit, | |
2337 | const char *filename, | |
2338 | unsigned line, | |
2339 | const char *section, | |
2340 | unsigned section_line, | |
2341 | const char *lvalue, | |
2342 | int ltype, | |
2343 | const char *rvalue, | |
2344 | void *data, | |
2345 | void *userdata) { | |
f976f3f6 LP |
2346 | |
2347 | Service *s = data; | |
b02cb41c | 2348 | int r; |
f976f3f6 LP |
2349 | |
2350 | assert(filename); | |
2351 | assert(lvalue); | |
2352 | assert(rvalue); | |
2353 | assert(data); | |
2354 | ||
323dda78 | 2355 | for (const char *p = rvalue;;) { |
6a0f3175 | 2356 | _cleanup_free_ char *word = NULL, *k = NULL; |
f976f3f6 | 2357 | |
7b2313f5 | 2358 | r = extract_first_word(&p, &word, NULL, 0); |
7b2313f5 | 2359 | if (r == -ENOMEM) |
74051b9b | 2360 | return log_oom(); |
7b2313f5 | 2361 | if (r < 0) { |
323dda78 YW |
2362 | log_syntax(unit, LOG_WARNING, filename, line, r, "Trailing garbage in sockets, ignoring: %s", rvalue); |
2363 | return 0; | |
7b2313f5 | 2364 | } |
a687f500 ZJS |
2365 | if (r == 0) |
2366 | return 0; | |
f976f3f6 | 2367 | |
7b2313f5 | 2368 | r = unit_name_printf(UNIT(s), word, &k); |
b02cb41c | 2369 | if (r < 0) { |
323dda78 | 2370 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word); |
b02cb41c LP |
2371 | continue; |
2372 | } | |
57020a3a | 2373 | |
b02cb41c | 2374 | if (!endswith(k, ".socket")) { |
323dda78 | 2375 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Unit must be of type socket, ignoring: %s", k); |
f976f3f6 LP |
2376 | continue; |
2377 | } | |
2378 | ||
5a724170 | 2379 | r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_WANTS, UNIT_AFTER, k, true, UNIT_DEPENDENCY_FILE); |
57020a3a | 2380 | if (r < 0) |
323dda78 | 2381 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k); |
f976f3f6 | 2382 | |
35d8c19a | 2383 | r = unit_add_dependency_by_name(UNIT(s), UNIT_TRIGGERED_BY, k, true, UNIT_DEPENDENCY_FILE); |
57020a3a | 2384 | if (r < 0) |
323dda78 | 2385 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k); |
f976f3f6 | 2386 | } |
f976f3f6 LP |
2387 | } |
2388 | ||
b02cb41c LP |
2389 | int config_parse_bus_name( |
2390 | const char *unit, | |
2391 | const char *filename, | |
2392 | unsigned line, | |
2393 | const char *section, | |
2394 | unsigned section_line, | |
2395 | const char *lvalue, | |
2396 | int ltype, | |
2397 | const char *rvalue, | |
2398 | void *data, | |
2399 | void *userdata) { | |
2400 | ||
2401 | _cleanup_free_ char *k = NULL; | |
47538b76 | 2402 | const Unit *u = userdata; |
b02cb41c LP |
2403 | int r; |
2404 | ||
2405 | assert(filename); | |
2406 | assert(lvalue); | |
2407 | assert(rvalue); | |
2408 | assert(u); | |
2409 | ||
06536492 | 2410 | r = unit_full_printf_full(u, rvalue, SD_BUS_MAXIMUM_NAME_LENGTH, &k); |
b02cb41c | 2411 | if (r < 0) { |
323dda78 | 2412 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue); |
b02cb41c LP |
2413 | return 0; |
2414 | } | |
2415 | ||
5453a4b1 | 2416 | if (!sd_bus_service_name_is_valid(k)) { |
323dda78 | 2417 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid bus name, ignoring: %s", k); |
b02cb41c LP |
2418 | return 0; |
2419 | } | |
2420 | ||
2421 | return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata); | |
2422 | } | |
2423 | ||
aad41f08 LP |
2424 | int config_parse_service_timeout( |
2425 | const char *unit, | |
2426 | const char *filename, | |
2427 | unsigned line, | |
2428 | const char *section, | |
2429 | unsigned section_line, | |
2430 | const char *lvalue, | |
2431 | int ltype, | |
2432 | const char *rvalue, | |
2433 | void *data, | |
2434 | void *userdata) { | |
98709151 LN |
2435 | |
2436 | Service *s = userdata; | |
aad41f08 | 2437 | usec_t usec; |
98709151 LN |
2438 | int r; |
2439 | ||
2440 | assert(filename); | |
2441 | assert(lvalue); | |
2442 | assert(rvalue); | |
2443 | assert(s); | |
2444 | ||
6c58305a | 2445 | /* This is called for two cases: TimeoutSec= and TimeoutStartSec=. */ |
98709151 | 2446 | |
fb27be3f YW |
2447 | /* Traditionally, these options accepted 0 to disable the timeouts. However, a timeout of 0 suggests it happens |
2448 | * immediately, hence fix this to become USEC_INFINITY instead. This is in-line with how we internally handle | |
2449 | * all other timeouts. */ | |
2450 | r = parse_sec_fix_0(rvalue, &usec); | |
aad41f08 | 2451 | if (r < 0) { |
323dda78 | 2452 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue); |
aad41f08 LP |
2453 | return 0; |
2454 | } | |
d568a335 | 2455 | |
6c58305a YW |
2456 | s->start_timeout_defined = true; |
2457 | s->timeout_start_usec = usec; | |
36c16a7c | 2458 | |
6c58305a | 2459 | if (streq(lvalue, "TimeoutSec")) |
aad41f08 | 2460 | s->timeout_stop_usec = usec; |
36c16a7c | 2461 | |
d568a335 | 2462 | return 0; |
98709151 LN |
2463 | } |
2464 | ||
a61d6874 | 2465 | int config_parse_timeout_abort( |
dc653bf4 JK |
2466 | const char *unit, |
2467 | const char *filename, | |
2468 | unsigned line, | |
2469 | const char *section, | |
2470 | unsigned section_line, | |
2471 | const char *lvalue, | |
2472 | int ltype, | |
2473 | const char *rvalue, | |
2474 | void *data, | |
2475 | void *userdata) { | |
2476 | ||
a61d6874 | 2477 | usec_t *ret = data; |
dc653bf4 JK |
2478 | int r; |
2479 | ||
2480 | assert(filename); | |
2481 | assert(lvalue); | |
2482 | assert(rvalue); | |
a61d6874 ZJS |
2483 | assert(ret); |
2484 | ||
2485 | /* Note: apart from setting the arg, this returns an extra bit of information in the return value. */ | |
dc653bf4 | 2486 | |
dc653bf4 | 2487 | if (isempty(rvalue)) { |
a61d6874 ZJS |
2488 | *ret = 0; |
2489 | return 0; /* "not set" */ | |
dc653bf4 JK |
2490 | } |
2491 | ||
a61d6874 ZJS |
2492 | r = parse_sec(rvalue, ret); |
2493 | if (r < 0) | |
323dda78 | 2494 | return log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s= setting, ignoring: %s", lvalue, rvalue); |
a61d6874 ZJS |
2495 | |
2496 | return 1; /* "set" */ | |
2497 | } | |
2498 | ||
2499 | int config_parse_service_timeout_abort( | |
2500 | const char *unit, | |
2501 | const char *filename, | |
2502 | unsigned line, | |
2503 | const char *section, | |
2504 | unsigned section_line, | |
2505 | const char *lvalue, | |
2506 | int ltype, | |
2507 | const char *rvalue, | |
2508 | void *data, | |
2509 | void *userdata) { | |
2510 | ||
2511 | Service *s = userdata; | |
2512 | int r; | |
dc653bf4 | 2513 | |
a61d6874 ZJS |
2514 | assert(s); |
2515 | ||
2516 | r = config_parse_timeout_abort(unit, filename, line, section, section_line, lvalue, ltype, rvalue, | |
2517 | &s->timeout_abort_usec, s); | |
2518 | if (r >= 0) | |
2519 | s->timeout_abort_set = r; | |
dc653bf4 JK |
2520 | return 0; |
2521 | } | |
2522 | ||
89beff89 LP |
2523 | int config_parse_sec_fix_0( |
2524 | const char *unit, | |
2525 | const char *filename, | |
2526 | unsigned line, | |
2527 | const char *section, | |
2528 | unsigned section_line, | |
2529 | const char *lvalue, | |
2530 | int ltype, | |
2531 | const char *rvalue, | |
2532 | void *data, | |
2533 | void *userdata) { | |
2534 | ||
2535 | usec_t *usec = data; | |
2536 | int r; | |
2537 | ||
2538 | assert(filename); | |
2539 | assert(lvalue); | |
2540 | assert(rvalue); | |
2541 | assert(usec); | |
2542 | ||
2543 | /* This is pretty much like config_parse_sec(), except that this treats a time of 0 as infinity, for | |
2544 | * compatibility with older versions of systemd where 0 instead of infinity was used as indicator to turn off a | |
2545 | * timeout. */ | |
2546 | ||
0004f698 | 2547 | r = parse_sec_fix_0(rvalue, usec); |
323dda78 YW |
2548 | if (r < 0) |
2549 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue); | |
89beff89 | 2550 | |
89beff89 LP |
2551 | return 0; |
2552 | } | |
2553 | ||
ae480f0b | 2554 | int config_parse_user_group_compat( |
66dccd8d LP |
2555 | const char *unit, |
2556 | const char *filename, | |
2557 | unsigned line, | |
2558 | const char *section, | |
2559 | unsigned section_line, | |
2560 | const char *lvalue, | |
2561 | int ltype, | |
2562 | const char *rvalue, | |
2563 | void *data, | |
2564 | void *userdata) { | |
2565 | ||
063c4b1a YW |
2566 | _cleanup_free_ char *k = NULL; |
2567 | char **user = data; | |
47538b76 | 2568 | const Unit *u = userdata; |
66dccd8d LP |
2569 | int r; |
2570 | ||
2571 | assert(filename); | |
2572 | assert(lvalue); | |
2573 | assert(rvalue); | |
2574 | assert(u); | |
2575 | ||
063c4b1a YW |
2576 | if (isempty(rvalue)) { |
2577 | *user = mfree(*user); | |
2578 | return 0; | |
2579 | } | |
66dccd8d | 2580 | |
063c4b1a YW |
2581 | r = unit_full_printf(u, rvalue, &k); |
2582 | if (r < 0) { | |
2583 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", rvalue); | |
2584 | return -ENOEXEC; | |
66dccd8d LP |
2585 | } |
2586 | ||
7a8867ab | 2587 | if (!valid_user_group_name(k, VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX|VALID_USER_WARN)) { |
063c4b1a YW |
2588 | log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k); |
2589 | return -ENOEXEC; | |
2590 | } | |
66dccd8d | 2591 | |
bed0b7df LP |
2592 | if (strstr(lvalue, "User") && streq(k, NOBODY_USER_NAME)) |
2593 | log_struct(LOG_NOTICE, | |
2594 | "MESSAGE=%s:%u: Special user %s configured, this is not safe!", filename, line, k, | |
2595 | "UNIT=%s", unit, | |
2596 | "MESSAGE_ID=" SD_MESSAGE_NOBODY_USER_UNSUITABLE_STR, | |
2597 | "OFFENDING_USER=%s", k, | |
2598 | "CONFIG_FILE=%s", filename, | |
2599 | "CONFIG_LINE=%u", line); | |
2600 | ||
063c4b1a | 2601 | return free_and_replace(*user, k); |
66dccd8d LP |
2602 | } |
2603 | ||
ae480f0b | 2604 | int config_parse_user_group_strv_compat( |
66dccd8d LP |
2605 | const char *unit, |
2606 | const char *filename, | |
2607 | unsigned line, | |
2608 | const char *section, | |
2609 | unsigned section_line, | |
2610 | const char *lvalue, | |
2611 | int ltype, | |
2612 | const char *rvalue, | |
2613 | void *data, | |
2614 | void *userdata) { | |
2615 | ||
2616 | char ***users = data; | |
47538b76 | 2617 | const Unit *u = userdata; |
66dccd8d LP |
2618 | int r; |
2619 | ||
2620 | assert(filename); | |
2621 | assert(lvalue); | |
2622 | assert(rvalue); | |
2623 | assert(u); | |
2624 | ||
2625 | if (isempty(rvalue)) { | |
9f2d41a6 | 2626 | *users = strv_free(*users); |
66dccd8d LP |
2627 | return 0; |
2628 | } | |
2629 | ||
323dda78 | 2630 | for (const char *p = rvalue;;) { |
66dccd8d LP |
2631 | _cleanup_free_ char *word = NULL, *k = NULL; |
2632 | ||
9a82ab95 | 2633 | r = extract_first_word(&p, &word, NULL, 0); |
66dccd8d LP |
2634 | if (r == -ENOMEM) |
2635 | return log_oom(); | |
2636 | if (r < 0) { | |
bb28e684 ZJS |
2637 | log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax: %s", rvalue); |
2638 | return -ENOEXEC; | |
66dccd8d | 2639 | } |
a687f500 ZJS |
2640 | if (r == 0) |
2641 | return 0; | |
66dccd8d LP |
2642 | |
2643 | r = unit_full_printf(u, word, &k); | |
2644 | if (r < 0) { | |
bb28e684 ZJS |
2645 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", word); |
2646 | return -ENOEXEC; | |
66dccd8d LP |
2647 | } |
2648 | ||
7a8867ab | 2649 | if (!valid_user_group_name(k, VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX|VALID_USER_WARN)) { |
bb28e684 ZJS |
2650 | log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k); |
2651 | return -ENOEXEC; | |
66dccd8d LP |
2652 | } |
2653 | ||
2654 | r = strv_push(users, k); | |
2655 | if (r < 0) | |
2656 | return log_oom(); | |
2657 | ||
2658 | k = NULL; | |
2659 | } | |
66dccd8d LP |
2660 | } |
2661 | ||
5f5d8eab LP |
2662 | int config_parse_working_directory( |
2663 | const char *unit, | |
2664 | const char *filename, | |
2665 | unsigned line, | |
2666 | const char *section, | |
2667 | unsigned section_line, | |
2668 | const char *lvalue, | |
2669 | int ltype, | |
2670 | const char *rvalue, | |
2671 | void *data, | |
2672 | void *userdata) { | |
2673 | ||
2674 | ExecContext *c = data; | |
47538b76 | 2675 | const Unit *u = userdata; |
5f5d8eab LP |
2676 | bool missing_ok; |
2677 | int r; | |
2678 | ||
2679 | assert(filename); | |
2680 | assert(lvalue); | |
2681 | assert(rvalue); | |
2682 | assert(c); | |
2683 | assert(u); | |
2684 | ||
862fcffd YW |
2685 | if (isempty(rvalue)) { |
2686 | c->working_directory_home = false; | |
2687 | c->working_directory = mfree(c->working_directory); | |
2688 | return 0; | |
2689 | } | |
2690 | ||
5f5d8eab LP |
2691 | if (rvalue[0] == '-') { |
2692 | missing_ok = true; | |
2693 | rvalue++; | |
2694 | } else | |
2695 | missing_ok = false; | |
2696 | ||
2697 | if (streq(rvalue, "~")) { | |
2698 | c->working_directory_home = true; | |
2699 | c->working_directory = mfree(c->working_directory); | |
2700 | } else { | |
2701 | _cleanup_free_ char *k = NULL; | |
2702 | ||
06536492 | 2703 | r = unit_path_printf(u, rvalue, &k); |
5f5d8eab | 2704 | if (r < 0) { |
323dda78 | 2705 | log_syntax(unit, missing_ok ? LOG_WARNING : LOG_ERR, filename, line, r, |
bb28e684 ZJS |
2706 | "Failed to resolve unit specifiers in working directory path '%s'%s: %m", |
2707 | rvalue, missing_ok ? ", ignoring" : ""); | |
2708 | return missing_ok ? 0 : -ENOEXEC; | |
5f5d8eab LP |
2709 | } |
2710 | ||
2f4d31c1 YW |
2711 | r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE | (missing_ok ? 0 : PATH_CHECK_FATAL), unit, filename, line, lvalue); |
2712 | if (r < 0) | |
bb28e684 | 2713 | return missing_ok ? 0 : -ENOEXEC; |
5f5d8eab | 2714 | |
5f5d8eab | 2715 | c->working_directory_home = false; |
bb28e684 | 2716 | free_and_replace(c->working_directory, k); |
5f5d8eab LP |
2717 | } |
2718 | ||
2719 | c->working_directory_missing_ok = missing_ok; | |
2720 | return 0; | |
2721 | } | |
2722 | ||
e8e581bf ZJS |
2723 | int config_parse_unit_env_file(const char *unit, |
2724 | const char *filename, | |
2725 | unsigned line, | |
2726 | const char *section, | |
71a61510 | 2727 | unsigned section_line, |
e8e581bf ZJS |
2728 | const char *lvalue, |
2729 | int ltype, | |
2730 | const char *rvalue, | |
2731 | void *data, | |
2732 | void *userdata) { | |
ddb26e18 | 2733 | |
853b8397 | 2734 | char ***env = data; |
47538b76 | 2735 | const Unit *u = userdata; |
19f6d710 | 2736 | _cleanup_free_ char *n = NULL; |
853b8397 | 2737 | int r; |
ddb26e18 LP |
2738 | |
2739 | assert(filename); | |
2740 | assert(lvalue); | |
2741 | assert(rvalue); | |
2742 | assert(data); | |
2743 | ||
74051b9b LP |
2744 | if (isempty(rvalue)) { |
2745 | /* Empty assignment frees the list */ | |
6796073e | 2746 | *env = strv_free(*env); |
74051b9b LP |
2747 | return 0; |
2748 | } | |
2749 | ||
06536492 | 2750 | r = unit_full_printf_full(u, rvalue, PATH_MAX, &n); |
12ca818f | 2751 | if (r < 0) { |
323dda78 | 2752 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); |
12ca818f LP |
2753 | return 0; |
2754 | } | |
8fef7659 | 2755 | |
2f4d31c1 YW |
2756 | r = path_simplify_and_warn(n[0] == '-' ? n + 1 : n, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); |
2757 | if (r < 0) | |
afe4bfe2 | 2758 | return 0; |
afe4bfe2 | 2759 | |
2f4d31c1 | 2760 | r = strv_push(env, n); |
853b8397 LP |
2761 | if (r < 0) |
2762 | return log_oom(); | |
2763 | ||
2f4d31c1 YW |
2764 | n = NULL; |
2765 | ||
853b8397 LP |
2766 | return 0; |
2767 | } | |
2768 | ||
f7f3f5c3 LP |
2769 | int config_parse_environ( |
2770 | const char *unit, | |
2771 | const char *filename, | |
2772 | unsigned line, | |
2773 | const char *section, | |
2774 | unsigned section_line, | |
2775 | const char *lvalue, | |
2776 | int ltype, | |
2777 | const char *rvalue, | |
2778 | void *data, | |
2779 | void *userdata) { | |
853b8397 | 2780 | |
47538b76 | 2781 | const Unit *u = userdata; |
035fe294 | 2782 | char ***env = data; |
19f6d710 | 2783 | int r; |
853b8397 LP |
2784 | |
2785 | assert(filename); | |
2786 | assert(lvalue); | |
2787 | assert(rvalue); | |
97d0e5f8 | 2788 | assert(data); |
853b8397 LP |
2789 | |
2790 | if (isempty(rvalue)) { | |
2791 | /* Empty assignment resets the list */ | |
6796073e | 2792 | *env = strv_free(*env); |
853b8397 LP |
2793 | return 0; |
2794 | } | |
2795 | ||
323dda78 | 2796 | for (const char *p = rvalue;; ) { |
13734c75 | 2797 | _cleanup_free_ char *word = NULL, *resolved = NULL; |
035fe294 | 2798 | |
4ec85141 | 2799 | r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_UNQUOTE); |
035fe294 ZJS |
2800 | if (r == -ENOMEM) |
2801 | return log_oom(); | |
12ca818f | 2802 | if (r < 0) { |
035fe294 ZJS |
2803 | log_syntax(unit, LOG_WARNING, filename, line, r, |
2804 | "Invalid syntax, ignoring: %s", rvalue); | |
12ca818f LP |
2805 | return 0; |
2806 | } | |
a687f500 ZJS |
2807 | if (r == 0) |
2808 | return 0; | |
97d0e5f8 | 2809 | |
46a9ee5d | 2810 | if (u) |
06536492 | 2811 | r = unit_env_printf(u, word, &resolved); |
46a9ee5d | 2812 | else |
de61a04b | 2813 | r = specifier_printf(word, sc_arg_max(), system_and_tmp_specifier_table, NULL, NULL, &resolved); |
46a9ee5d LP |
2814 | if (r < 0) { |
2815 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
2816 | "Failed to resolve specifiers in %s, ignoring: %m", word); | |
2817 | continue; | |
2818 | } | |
853b8397 | 2819 | |
13734c75 | 2820 | if (!env_assignment_is_valid(resolved)) { |
323dda78 | 2821 | log_syntax(unit, LOG_WARNING, filename, line, 0, |
13734c75 | 2822 | "Invalid environment assignment, ignoring: %s", resolved); |
853b8397 LP |
2823 | continue; |
2824 | } | |
2825 | ||
13734c75 | 2826 | r = strv_env_replace_consume(env, TAKE_PTR(resolved)); |
54ac3494 | 2827 | if (r < 0) |
13734c75 | 2828 | return log_error_errno(r, "Failed to update environment: %m"); |
853b8397 | 2829 | } |
ddb26e18 LP |
2830 | } |
2831 | ||
00819cc1 LP |
2832 | int config_parse_pass_environ( |
2833 | const char *unit, | |
2834 | const char *filename, | |
2835 | unsigned line, | |
2836 | const char *section, | |
2837 | unsigned section_line, | |
2838 | const char *lvalue, | |
2839 | int ltype, | |
2840 | const char *rvalue, | |
2841 | void *data, | |
2842 | void *userdata) { | |
b4c14404 | 2843 | |
b4c14404 | 2844 | _cleanup_strv_free_ char **n = NULL; |
47538b76 | 2845 | const Unit *u = userdata; |
319a4f4b LP |
2846 | char*** passenv = data; |
2847 | size_t nlen = 0; | |
b4c14404 FB |
2848 | int r; |
2849 | ||
2850 | assert(filename); | |
2851 | assert(lvalue); | |
2852 | assert(rvalue); | |
2853 | assert(data); | |
2854 | ||
2855 | if (isempty(rvalue)) { | |
2856 | /* Empty assignment resets the list */ | |
2857 | *passenv = strv_free(*passenv); | |
2858 | return 0; | |
2859 | } | |
2860 | ||
323dda78 | 2861 | for (const char *p = rvalue;;) { |
41de9cc2 | 2862 | _cleanup_free_ char *word = NULL, *k = NULL; |
b4c14404 | 2863 | |
4ec85141 | 2864 | r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE); |
b4c14404 FB |
2865 | if (r == -ENOMEM) |
2866 | return log_oom(); | |
2867 | if (r < 0) { | |
323dda78 | 2868 | log_syntax(unit, LOG_WARNING, filename, line, r, |
063c4b1a | 2869 | "Trailing garbage in %s, ignoring: %s", lvalue, rvalue); |
b4c14404 FB |
2870 | break; |
2871 | } | |
a687f500 ZJS |
2872 | if (r == 0) |
2873 | break; | |
b4c14404 | 2874 | |
41de9cc2 | 2875 | if (u) { |
06536492 | 2876 | r = unit_env_printf(u, word, &k); |
41de9cc2 | 2877 | if (r < 0) { |
323dda78 | 2878 | log_syntax(unit, LOG_WARNING, filename, line, r, |
063c4b1a | 2879 | "Failed to resolve specifiers in %s, ignoring: %m", word); |
41de9cc2 LP |
2880 | continue; |
2881 | } | |
ae2a15bc LP |
2882 | } else |
2883 | k = TAKE_PTR(word); | |
41de9cc2 LP |
2884 | |
2885 | if (!env_name_is_valid(k)) { | |
323dda78 | 2886 | log_syntax(unit, LOG_WARNING, filename, line, 0, |
41de9cc2 | 2887 | "Invalid environment name for %s, ignoring: %s", lvalue, k); |
b4c14404 FB |
2888 | continue; |
2889 | } | |
2890 | ||
319a4f4b | 2891 | if (!GREEDY_REALLOC(n, nlen + 2)) |
b4c14404 | 2892 | return log_oom(); |
41de9cc2 | 2893 | |
1cc6c93a | 2894 | n[nlen++] = TAKE_PTR(k); |
b4c14404 | 2895 | n[nlen] = NULL; |
b4c14404 FB |
2896 | } |
2897 | ||
2898 | if (n) { | |
2899 | r = strv_extend_strv(passenv, n, true); | |
2900 | if (r < 0) | |
16eb0c4a | 2901 | return log_oom(); |
b4c14404 FB |
2902 | } |
2903 | ||
2904 | return 0; | |
2905 | } | |
2906 | ||
00819cc1 LP |
2907 | int config_parse_unset_environ( |
2908 | const char *unit, | |
2909 | const char *filename, | |
2910 | unsigned line, | |
2911 | const char *section, | |
2912 | unsigned section_line, | |
2913 | const char *lvalue, | |
2914 | int ltype, | |
2915 | const char *rvalue, | |
2916 | void *data, | |
2917 | void *userdata) { | |
2918 | ||
2919 | _cleanup_strv_free_ char **n = NULL; | |
00819cc1 | 2920 | char*** unsetenv = data; |
47538b76 | 2921 | const Unit *u = userdata; |
319a4f4b | 2922 | size_t nlen = 0; |
00819cc1 LP |
2923 | int r; |
2924 | ||
2925 | assert(filename); | |
2926 | assert(lvalue); | |
2927 | assert(rvalue); | |
2928 | assert(data); | |
2929 | ||
2930 | if (isempty(rvalue)) { | |
2931 | /* Empty assignment resets the list */ | |
2932 | *unsetenv = strv_free(*unsetenv); | |
2933 | return 0; | |
2934 | } | |
2935 | ||
323dda78 | 2936 | for (const char *p = rvalue;;) { |
00819cc1 LP |
2937 | _cleanup_free_ char *word = NULL, *k = NULL; |
2938 | ||
4ec85141 | 2939 | r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_UNQUOTE); |
00819cc1 LP |
2940 | if (r == -ENOMEM) |
2941 | return log_oom(); | |
2942 | if (r < 0) { | |
323dda78 | 2943 | log_syntax(unit, LOG_WARNING, filename, line, r, |
063c4b1a | 2944 | "Trailing garbage in %s, ignoring: %s", lvalue, rvalue); |
00819cc1 LP |
2945 | break; |
2946 | } | |
a687f500 ZJS |
2947 | if (r == 0) |
2948 | break; | |
00819cc1 LP |
2949 | |
2950 | if (u) { | |
06536492 | 2951 | r = unit_env_printf(u, word, &k); |
00819cc1 | 2952 | if (r < 0) { |
323dda78 | 2953 | log_syntax(unit, LOG_WARNING, filename, line, r, |
063c4b1a | 2954 | "Failed to resolve unit specifiers in %s, ignoring: %m", word); |
00819cc1 LP |
2955 | continue; |
2956 | } | |
ae2a15bc LP |
2957 | } else |
2958 | k = TAKE_PTR(word); | |
00819cc1 LP |
2959 | |
2960 | if (!env_assignment_is_valid(k) && !env_name_is_valid(k)) { | |
323dda78 | 2961 | log_syntax(unit, LOG_WARNING, filename, line, 0, |
00819cc1 LP |
2962 | "Invalid environment name or assignment %s, ignoring: %s", lvalue, k); |
2963 | continue; | |
2964 | } | |
2965 | ||
319a4f4b | 2966 | if (!GREEDY_REALLOC(n, nlen + 2)) |
00819cc1 LP |
2967 | return log_oom(); |
2968 | ||
1cc6c93a | 2969 | n[nlen++] = TAKE_PTR(k); |
00819cc1 | 2970 | n[nlen] = NULL; |
00819cc1 LP |
2971 | } |
2972 | ||
2973 | if (n) { | |
2974 | r = strv_extend_strv(unsetenv, n, true); | |
2975 | if (r < 0) | |
16eb0c4a | 2976 | return log_oom(); |
00819cc1 LP |
2977 | } |
2978 | ||
2979 | return 0; | |
2980 | } | |
2981 | ||
d3070fbd LP |
2982 | int config_parse_log_extra_fields( |
2983 | const char *unit, | |
2984 | const char *filename, | |
2985 | unsigned line, | |
2986 | const char *section, | |
2987 | unsigned section_line, | |
2988 | const char *lvalue, | |
2989 | int ltype, | |
2990 | const char *rvalue, | |
2991 | void *data, | |
2992 | void *userdata) { | |
2993 | ||
2994 | ExecContext *c = data; | |
47538b76 | 2995 | const Unit *u = userdata; |
d3070fbd LP |
2996 | int r; |
2997 | ||
2998 | assert(filename); | |
2999 | assert(lvalue); | |
3000 | assert(rvalue); | |
3001 | assert(c); | |
3002 | ||
3003 | if (isempty(rvalue)) { | |
3004 | exec_context_free_log_extra_fields(c); | |
3005 | return 0; | |
3006 | } | |
3007 | ||
323dda78 | 3008 | for (const char *p = rvalue;;) { |
d3070fbd LP |
3009 | _cleanup_free_ char *word = NULL, *k = NULL; |
3010 | struct iovec *t; | |
3011 | const char *eq; | |
3012 | ||
4ec85141 | 3013 | r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_UNQUOTE); |
d3070fbd LP |
3014 | if (r == -ENOMEM) |
3015 | return log_oom(); | |
3016 | if (r < 0) { | |
3017 | log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue); | |
3018 | return 0; | |
3019 | } | |
a687f500 ZJS |
3020 | if (r == 0) |
3021 | return 0; | |
d3070fbd LP |
3022 | |
3023 | r = unit_full_printf(u, word, &k); | |
3024 | if (r < 0) { | |
323dda78 | 3025 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", word); |
d3070fbd LP |
3026 | continue; |
3027 | } | |
3028 | ||
3029 | eq = strchr(k, '='); | |
3030 | if (!eq) { | |
323dda78 | 3031 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Log field lacks '=' character, ignoring: %s", k); |
d3070fbd LP |
3032 | continue; |
3033 | } | |
3034 | ||
3035 | if (!journal_field_valid(k, eq-k, false)) { | |
323dda78 | 3036 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Log field name is invalid, ignoring: %s", k); |
d3070fbd LP |
3037 | continue; |
3038 | } | |
3039 | ||
aa484f35 | 3040 | t = reallocarray(c->log_extra_fields, c->n_log_extra_fields+1, sizeof(struct iovec)); |
d3070fbd LP |
3041 | if (!t) |
3042 | return log_oom(); | |
3043 | ||
3044 | c->log_extra_fields = t; | |
3045 | c->log_extra_fields[c->n_log_extra_fields++] = IOVEC_MAKE_STRING(k); | |
3046 | ||
3047 | k = NULL; | |
3048 | } | |
d3070fbd LP |
3049 | } |
3050 | ||
91dd5f7c LP |
3051 | int config_parse_log_namespace( |
3052 | const char *unit, | |
3053 | const char *filename, | |
3054 | unsigned line, | |
3055 | const char *section, | |
3056 | unsigned section_line, | |
3057 | const char *lvalue, | |
3058 | int ltype, | |
3059 | const char *rvalue, | |
3060 | void *data, | |
3061 | void *userdata) { | |
3062 | ||
3063 | _cleanup_free_ char *k = NULL; | |
3064 | ExecContext *c = data; | |
3065 | const Unit *u = userdata; | |
3066 | int r; | |
3067 | ||
3068 | assert(filename); | |
3069 | assert(lvalue); | |
3070 | assert(rvalue); | |
3071 | assert(c); | |
3072 | ||
3073 | if (isempty(rvalue)) { | |
3074 | c->log_namespace = mfree(c->log_namespace); | |
3075 | return 0; | |
3076 | } | |
3077 | ||
06536492 | 3078 | r = unit_full_printf_full(u, rvalue, NAME_MAX, &k); |
91dd5f7c | 3079 | if (r < 0) { |
323dda78 | 3080 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue); |
91dd5f7c LP |
3081 | return 0; |
3082 | } | |
3083 | ||
3084 | if (!log_namespace_name_valid(k)) { | |
323dda78 | 3085 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Specified log namespace name is not valid, ignoring: %s", k); |
91dd5f7c LP |
3086 | return 0; |
3087 | } | |
3088 | ||
3089 | free_and_replace(c->log_namespace, k); | |
3090 | return 0; | |
3091 | } | |
3092 | ||
59fccdc5 LP |
3093 | int config_parse_unit_condition_path( |
3094 | const char *unit, | |
3095 | const char *filename, | |
3096 | unsigned line, | |
3097 | const char *section, | |
3098 | unsigned section_line, | |
3099 | const char *lvalue, | |
3100 | int ltype, | |
3101 | const char *rvalue, | |
3102 | void *data, | |
3103 | void *userdata) { | |
52661efd | 3104 | |
2fbe635a | 3105 | _cleanup_free_ char *p = NULL; |
59fccdc5 LP |
3106 | Condition **list = data, *c; |
3107 | ConditionType t = ltype; | |
3108 | bool trigger, negate; | |
47538b76 | 3109 | const Unit *u = userdata; |
19f6d710 | 3110 | int r; |
52661efd LP |
3111 | |
3112 | assert(filename); | |
3113 | assert(lvalue); | |
3114 | assert(rvalue); | |
3115 | assert(data); | |
3116 | ||
74051b9b LP |
3117 | if (isempty(rvalue)) { |
3118 | /* Empty assignment resets the list */ | |
447021aa | 3119 | *list = condition_free_list(*list); |
74051b9b LP |
3120 | return 0; |
3121 | } | |
3122 | ||
ab7f148f LP |
3123 | trigger = rvalue[0] == '|'; |
3124 | if (trigger) | |
267632f0 LP |
3125 | rvalue++; |
3126 | ||
ab7f148f LP |
3127 | negate = rvalue[0] == '!'; |
3128 | if (negate) | |
52661efd LP |
3129 | rvalue++; |
3130 | ||
06536492 | 3131 | r = unit_path_printf(u, rvalue, &p); |
59fccdc5 | 3132 | if (r < 0) { |
323dda78 | 3133 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue); |
59fccdc5 | 3134 | return 0; |
19f6d710 | 3135 | } |
095b2d7a | 3136 | |
2f4d31c1 YW |
3137 | r = path_simplify_and_warn(p, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); |
3138 | if (r < 0) | |
52661efd | 3139 | return 0; |
52661efd | 3140 | |
59fccdc5 | 3141 | c = condition_new(t, p, trigger, negate); |
ab7f148f | 3142 | if (!c) |
74051b9b | 3143 | return log_oom(); |
52661efd | 3144 | |
59fccdc5 | 3145 | LIST_PREPEND(conditions, *list, c); |
52661efd LP |
3146 | return 0; |
3147 | } | |
3148 | ||
59fccdc5 LP |
3149 | int config_parse_unit_condition_string( |
3150 | const char *unit, | |
3151 | const char *filename, | |
3152 | unsigned line, | |
3153 | const char *section, | |
3154 | unsigned section_line, | |
3155 | const char *lvalue, | |
3156 | int ltype, | |
3157 | const char *rvalue, | |
3158 | void *data, | |
3159 | void *userdata) { | |
039655a4 | 3160 | |
2fbe635a | 3161 | _cleanup_free_ char *s = NULL; |
59fccdc5 LP |
3162 | Condition **list = data, *c; |
3163 | ConditionType t = ltype; | |
3164 | bool trigger, negate; | |
47538b76 | 3165 | const Unit *u = userdata; |
19f6d710 | 3166 | int r; |
039655a4 LP |
3167 | |
3168 | assert(filename); | |
3169 | assert(lvalue); | |
3170 | assert(rvalue); | |
3171 | assert(data); | |
3172 | ||
74051b9b LP |
3173 | if (isempty(rvalue)) { |
3174 | /* Empty assignment resets the list */ | |
447021aa | 3175 | *list = condition_free_list(*list); |
74051b9b LP |
3176 | return 0; |
3177 | } | |
3178 | ||
9266f31e | 3179 | trigger = *rvalue == '|'; |
c0d6e764 | 3180 | if (trigger) |
9266f31e | 3181 | rvalue += 1 + strspn(rvalue + 1, WHITESPACE); |
267632f0 | 3182 | |
9266f31e | 3183 | negate = *rvalue == '!'; |
c0d6e764 | 3184 | if (negate) |
9266f31e | 3185 | rvalue += 1 + strspn(rvalue + 1, WHITESPACE); |
039655a4 | 3186 | |
19f6d710 | 3187 | r = unit_full_printf(u, rvalue, &s); |
59fccdc5 | 3188 | if (r < 0) { |
323dda78 | 3189 | log_syntax(unit, LOG_WARNING, filename, line, r, |
cae90de3 | 3190 | "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); |
59fccdc5 | 3191 | return 0; |
19f6d710 | 3192 | } |
095b2d7a | 3193 | |
59fccdc5 | 3194 | c = condition_new(t, s, trigger, negate); |
c0d6e764 LP |
3195 | if (!c) |
3196 | return log_oom(); | |
039655a4 | 3197 | |
59fccdc5 | 3198 | LIST_PREPEND(conditions, *list, c); |
039655a4 LP |
3199 | return 0; |
3200 | } | |
3201 | ||
a57f7e2c LP |
3202 | int config_parse_unit_requires_mounts_for( |
3203 | const char *unit, | |
3204 | const char *filename, | |
3205 | unsigned line, | |
3206 | const char *section, | |
71a61510 | 3207 | unsigned section_line, |
a57f7e2c LP |
3208 | const char *lvalue, |
3209 | int ltype, | |
3210 | const char *rvalue, | |
3211 | void *data, | |
3212 | void *userdata) { | |
7c8fa05c LP |
3213 | |
3214 | Unit *u = userdata; | |
035fe294 | 3215 | int r; |
7c8fa05c LP |
3216 | |
3217 | assert(filename); | |
3218 | assert(lvalue); | |
3219 | assert(rvalue); | |
3220 | assert(data); | |
3221 | ||
323dda78 | 3222 | for (const char *p = rvalue;;) { |
744bb5b1 | 3223 | _cleanup_free_ char *word = NULL, *resolved = NULL; |
a57f7e2c | 3224 | |
4ec85141 | 3225 | r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE); |
035fe294 | 3226 | if (r == -ENOMEM) |
a57f7e2c | 3227 | return log_oom(); |
035fe294 ZJS |
3228 | if (r < 0) { |
3229 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
3230 | "Invalid syntax, ignoring: %s", rvalue); | |
3231 | return 0; | |
3232 | } | |
a687f500 ZJS |
3233 | if (r == 0) |
3234 | return 0; | |
7c8fa05c | 3235 | |
06536492 | 3236 | r = unit_path_printf(u, word, &resolved); |
744bb5b1 | 3237 | if (r < 0) { |
323dda78 | 3238 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word); |
744bb5b1 LP |
3239 | continue; |
3240 | } | |
3241 | ||
2f4d31c1 YW |
3242 | r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); |
3243 | if (r < 0) | |
3244 | continue; | |
3245 | ||
eef85c4a | 3246 | r = unit_require_mounts_for(u, resolved, UNIT_DEPENDENCY_FILE); |
a57f7e2c | 3247 | if (r < 0) { |
323dda78 | 3248 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to add required mount '%s', ignoring: %m", resolved); |
a57f7e2c LP |
3249 | continue; |
3250 | } | |
3251 | } | |
7c8fa05c | 3252 | } |
9e372868 | 3253 | |
8c6493e5 YW |
3254 | int config_parse_documentation( |
3255 | const char *unit, | |
3256 | const char *filename, | |
3257 | unsigned line, | |
3258 | const char *section, | |
3259 | unsigned section_line, | |
3260 | const char *lvalue, | |
3261 | int ltype, | |
3262 | const char *rvalue, | |
3263 | void *data, | |
3264 | void *userdata) { | |
49dbfa7b LP |
3265 | |
3266 | Unit *u = userdata; | |
3267 | int r; | |
3268 | char **a, **b; | |
3269 | ||
3270 | assert(filename); | |
3271 | assert(lvalue); | |
3272 | assert(rvalue); | |
3273 | assert(u); | |
3274 | ||
74051b9b LP |
3275 | if (isempty(rvalue)) { |
3276 | /* Empty assignment resets the list */ | |
6796073e | 3277 | u->documentation = strv_free(u->documentation); |
74051b9b LP |
3278 | return 0; |
3279 | } | |
3280 | ||
71a61510 | 3281 | r = config_parse_unit_strv_printf(unit, filename, line, section, section_line, lvalue, ltype, |
e8e581bf | 3282 | rvalue, data, userdata); |
49dbfa7b LP |
3283 | if (r < 0) |
3284 | return r; | |
3285 | ||
3286 | for (a = b = u->documentation; a && *a; a++) { | |
3287 | ||
a2e03378 | 3288 | if (documentation_url_is_valid(*a)) |
49dbfa7b LP |
3289 | *(b++) = *a; |
3290 | else { | |
323dda78 | 3291 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid URL, ignoring: %s", *a); |
49dbfa7b LP |
3292 | free(*a); |
3293 | } | |
3294 | } | |
f6d2d421 ZJS |
3295 | if (b) |
3296 | *b = NULL; | |
49dbfa7b | 3297 | |
8c6493e5 | 3298 | return 0; |
49dbfa7b LP |
3299 | } |
3300 | ||
349cc4a5 | 3301 | #if HAVE_SECCOMP |
17df7223 LP |
3302 | int config_parse_syscall_filter( |
3303 | const char *unit, | |
3304 | const char *filename, | |
3305 | unsigned line, | |
3306 | const char *section, | |
3307 | unsigned section_line, | |
3308 | const char *lvalue, | |
3309 | int ltype, | |
3310 | const char *rvalue, | |
3311 | void *data, | |
3312 | void *userdata) { | |
3313 | ||
8351ceae | 3314 | ExecContext *c = data; |
0a0e594a | 3315 | _unused_ const Unit *u = userdata; |
b5fb3789 | 3316 | bool invert = false; |
17df7223 | 3317 | int r; |
8351ceae LP |
3318 | |
3319 | assert(filename); | |
3320 | assert(lvalue); | |
3321 | assert(rvalue); | |
3322 | assert(u); | |
3323 | ||
74051b9b LP |
3324 | if (isempty(rvalue)) { |
3325 | /* Empty assignment resets the list */ | |
8cfa775f | 3326 | c->syscall_filter = hashmap_free(c->syscall_filter); |
6b000af4 | 3327 | c->syscall_allow_list = false; |
74051b9b LP |
3328 | return 0; |
3329 | } | |
3330 | ||
8351ceae LP |
3331 | if (rvalue[0] == '~') { |
3332 | invert = true; | |
3333 | rvalue++; | |
3334 | } | |
3335 | ||
17df7223 | 3336 | if (!c->syscall_filter) { |
8cfa775f | 3337 | c->syscall_filter = hashmap_new(NULL); |
17df7223 LP |
3338 | if (!c->syscall_filter) |
3339 | return log_oom(); | |
3340 | ||
c0467cf3 | 3341 | if (invert) |
17df7223 | 3342 | /* Allow everything but the ones listed */ |
6b000af4 | 3343 | c->syscall_allow_list = false; |
c0467cf3 | 3344 | else { |
17df7223 | 3345 | /* Allow nothing but the ones listed */ |
6b000af4 | 3346 | c->syscall_allow_list = true; |
8351ceae | 3347 | |
387f6955 | 3348 | /* Accept default syscalls if we are on an allow_list */ |
2f6b9110 LP |
3349 | r = seccomp_parse_syscall_filter( |
3350 | "@default", -1, c->syscall_filter, | |
6b000af4 | 3351 | SECCOMP_PARSE_PERMISSIVE|SECCOMP_PARSE_ALLOW_LIST, |
58f6ab44 ZJS |
3352 | unit, |
3353 | NULL, 0); | |
201c1cc2 TM |
3354 | if (r < 0) |
3355 | return r; | |
c0467cf3 | 3356 | } |
8351ceae LP |
3357 | } |
3358 | ||
323dda78 | 3359 | for (const char *p = rvalue;;) { |
8cfa775f YW |
3360 | _cleanup_free_ char *word = NULL, *name = NULL; |
3361 | int num; | |
8351ceae | 3362 | |
8130926d | 3363 | r = extract_first_word(&p, &word, NULL, 0); |
8130926d | 3364 | if (r == -ENOMEM) |
74051b9b | 3365 | return log_oom(); |
8130926d | 3366 | if (r < 0) { |
084a46d7 YW |
3367 | log_syntax(unit, LOG_WARNING, filename, line, r, |
3368 | "Invalid syntax, ignoring: %s", rvalue); | |
063c4b1a | 3369 | return 0; |
8130926d | 3370 | } |
a687f500 ZJS |
3371 | if (r == 0) |
3372 | return 0; | |
8351ceae | 3373 | |
8cfa775f YW |
3374 | r = parse_syscall_and_errno(word, &name, &num); |
3375 | if (r < 0) { | |
084a46d7 YW |
3376 | log_syntax(unit, LOG_WARNING, filename, line, r, |
3377 | "Failed to parse syscall:errno, ignoring: %s", word); | |
3378 | continue; | |
3379 | } | |
3380 | if (!invert && num >= 0) { | |
3381 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
3382 | "Allow-listed system calls cannot take error number, ignoring: %s", word); | |
8cfa775f YW |
3383 | continue; |
3384 | } | |
3385 | ||
58f6ab44 | 3386 | r = seccomp_parse_syscall_filter( |
acd142af LP |
3387 | name, num, c->syscall_filter, |
3388 | SECCOMP_PARSE_LOG|SECCOMP_PARSE_PERMISSIVE| | |
3389 | (invert ? SECCOMP_PARSE_INVERT : 0)| | |
6b000af4 | 3390 | (c->syscall_allow_list ? SECCOMP_PARSE_ALLOW_LIST : 0), |
acd142af | 3391 | unit, filename, line); |
201c1cc2 TM |
3392 | if (r < 0) |
3393 | return r; | |
c0467cf3 | 3394 | } |
17df7223 LP |
3395 | } |
3396 | ||
9df2cdd8 TM |
3397 | int config_parse_syscall_log( |
3398 | const char *unit, | |
3399 | const char *filename, | |
3400 | unsigned line, | |
3401 | const char *section, | |
3402 | unsigned section_line, | |
3403 | const char *lvalue, | |
3404 | int ltype, | |
3405 | const char *rvalue, | |
3406 | void *data, | |
3407 | void *userdata) { | |
3408 | ||
3409 | ExecContext *c = data; | |
3410 | _unused_ const Unit *u = userdata; | |
3411 | bool invert = false; | |
3412 | const char *p; | |
3413 | int r; | |
3414 | ||
3415 | assert(filename); | |
3416 | assert(lvalue); | |
3417 | assert(rvalue); | |
3418 | assert(u); | |
3419 | ||
3420 | if (isempty(rvalue)) { | |
3421 | /* Empty assignment resets the list */ | |
3422 | c->syscall_log = hashmap_free(c->syscall_log); | |
3423 | c->syscall_log_allow_list = false; | |
3424 | return 0; | |
3425 | } | |
3426 | ||
3427 | if (rvalue[0] == '~') { | |
3428 | invert = true; | |
3429 | rvalue++; | |
3430 | } | |
3431 | ||
3432 | if (!c->syscall_log) { | |
3433 | c->syscall_log = hashmap_new(NULL); | |
3434 | if (!c->syscall_log) | |
3435 | return log_oom(); | |
3436 | ||
3437 | if (invert) | |
3438 | /* Log everything but the ones listed */ | |
3439 | c->syscall_log_allow_list = false; | |
3440 | else | |
3441 | /* Log nothing but the ones listed */ | |
3442 | c->syscall_log_allow_list = true; | |
3443 | } | |
3444 | ||
3445 | p = rvalue; | |
3446 | for (;;) { | |
696a13ba | 3447 | _cleanup_free_ char *word = NULL; |
9df2cdd8 TM |
3448 | |
3449 | r = extract_first_word(&p, &word, NULL, 0); | |
9df2cdd8 TM |
3450 | if (r == -ENOMEM) |
3451 | return log_oom(); | |
3452 | if (r < 0) { | |
3453 | log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue); | |
3454 | return 0; | |
3455 | } | |
a687f500 ZJS |
3456 | if (r == 0) |
3457 | return 0; | |
9df2cdd8 | 3458 | |
9df2cdd8 | 3459 | r = seccomp_parse_syscall_filter( |
696a13ba | 3460 | word, -1, c->syscall_log, |
9df2cdd8 TM |
3461 | SECCOMP_PARSE_LOG|SECCOMP_PARSE_PERMISSIVE| |
3462 | (invert ? SECCOMP_PARSE_INVERT : 0)| | |
3463 | (c->syscall_log_allow_list ? SECCOMP_PARSE_ALLOW_LIST : 0), | |
3464 | unit, filename, line); | |
3465 | if (r < 0) | |
3466 | return r; | |
3467 | } | |
3468 | } | |
3469 | ||
57183d11 LP |
3470 | int config_parse_syscall_archs( |
3471 | const char *unit, | |
3472 | const char *filename, | |
3473 | unsigned line, | |
3474 | const char *section, | |
3475 | unsigned section_line, | |
3476 | const char *lvalue, | |
3477 | int ltype, | |
3478 | const char *rvalue, | |
3479 | void *data, | |
3480 | void *userdata) { | |
3481 | ||
d3b1c508 | 3482 | Set **archs = data; |
57183d11 LP |
3483 | int r; |
3484 | ||
3485 | if (isempty(rvalue)) { | |
525d3cc7 | 3486 | *archs = set_free(*archs); |
57183d11 LP |
3487 | return 0; |
3488 | } | |
3489 | ||
323dda78 | 3490 | for (const char *p = rvalue;;) { |
035fe294 | 3491 | _cleanup_free_ char *word = NULL; |
57183d11 LP |
3492 | uint32_t a; |
3493 | ||
4ec85141 | 3494 | r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE); |
035fe294 | 3495 | if (r == -ENOMEM) |
57183d11 | 3496 | return log_oom(); |
035fe294 ZJS |
3497 | if (r < 0) { |
3498 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
3499 | "Invalid syntax, ignoring: %s", rvalue); | |
3500 | return 0; | |
3501 | } | |
a687f500 ZJS |
3502 | if (r == 0) |
3503 | return 0; | |
57183d11 | 3504 | |
035fe294 | 3505 | r = seccomp_arch_from_string(word, &a); |
57183d11 | 3506 | if (r < 0) { |
323dda78 | 3507 | log_syntax(unit, LOG_WARNING, filename, line, r, |
035fe294 | 3508 | "Failed to parse system call architecture \"%s\", ignoring: %m", word); |
57183d11 LP |
3509 | continue; |
3510 | } | |
3511 | ||
de7fef4b | 3512 | r = set_ensure_put(archs, NULL, UINT32_TO_PTR(a + 1)); |
57183d11 LP |
3513 | if (r < 0) |
3514 | return log_oom(); | |
3515 | } | |
57183d11 LP |
3516 | } |
3517 | ||
17df7223 LP |
3518 | int config_parse_syscall_errno( |
3519 | const char *unit, | |
3520 | const char *filename, | |
3521 | unsigned line, | |
3522 | const char *section, | |
3523 | unsigned section_line, | |
3524 | const char *lvalue, | |
3525 | int ltype, | |
3526 | const char *rvalue, | |
3527 | void *data, | |
3528 | void *userdata) { | |
3529 | ||
3530 | ExecContext *c = data; | |
3531 | int e; | |
3532 | ||
3533 | assert(filename); | |
3534 | assert(lvalue); | |
3535 | assert(rvalue); | |
3536 | ||
005bfaf1 | 3537 | if (isempty(rvalue) || streq(rvalue, "kill")) { |
17df7223 | 3538 | /* Empty assignment resets to KILL */ |
005bfaf1 | 3539 | c->syscall_errno = SECCOMP_ERROR_NUMBER_KILL; |
17df7223 | 3540 | return 0; |
8351ceae LP |
3541 | } |
3542 | ||
3df90f24 | 3543 | e = parse_errno(rvalue); |
b98680b2 YW |
3544 | if (e < 0) { |
3545 | log_syntax(unit, LOG_WARNING, filename, line, e, "Failed to parse error number, ignoring: %s", rvalue); | |
3546 | return 0; | |
3547 | } | |
3548 | if (e == 0) { | |
3549 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid error number, ignoring: %s", rvalue); | |
17df7223 LP |
3550 | return 0; |
3551 | } | |
8351ceae | 3552 | |
17df7223 | 3553 | c->syscall_errno = e; |
8351ceae LP |
3554 | return 0; |
3555 | } | |
4298d0b5 LP |
3556 | |
3557 | int config_parse_address_families( | |
3558 | const char *unit, | |
3559 | const char *filename, | |
3560 | unsigned line, | |
3561 | const char *section, | |
3562 | unsigned section_line, | |
3563 | const char *lvalue, | |
3564 | int ltype, | |
3565 | const char *rvalue, | |
3566 | void *data, | |
3567 | void *userdata) { | |
3568 | ||
3569 | ExecContext *c = data; | |
4298d0b5 | 3570 | bool invert = false; |
4298d0b5 LP |
3571 | int r; |
3572 | ||
3573 | assert(filename); | |
3574 | assert(lvalue); | |
3575 | assert(rvalue); | |
4298d0b5 LP |
3576 | |
3577 | if (isempty(rvalue)) { | |
3578 | /* Empty assignment resets the list */ | |
525d3cc7 | 3579 | c->address_families = set_free(c->address_families); |
6b000af4 | 3580 | c->address_families_allow_list = false; |
4298d0b5 LP |
3581 | return 0; |
3582 | } | |
3583 | ||
4e6c50a5 YW |
3584 | if (streq(rvalue, "none")) { |
3585 | /* Forbid all address families. */ | |
3586 | c->address_families = set_free(c->address_families); | |
3587 | c->address_families_allow_list = true; | |
3588 | return 0; | |
3589 | } | |
3590 | ||
4298d0b5 LP |
3591 | if (rvalue[0] == '~') { |
3592 | invert = true; | |
3593 | rvalue++; | |
3594 | } | |
3595 | ||
3596 | if (!c->address_families) { | |
d5099efc | 3597 | c->address_families = set_new(NULL); |
4298d0b5 LP |
3598 | if (!c->address_families) |
3599 | return log_oom(); | |
3600 | ||
6b000af4 | 3601 | c->address_families_allow_list = !invert; |
4298d0b5 LP |
3602 | } |
3603 | ||
323dda78 | 3604 | for (const char *p = rvalue;;) { |
035fe294 | 3605 | _cleanup_free_ char *word = NULL; |
4298d0b5 LP |
3606 | int af; |
3607 | ||
4ec85141 | 3608 | r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE); |
035fe294 | 3609 | if (r == -ENOMEM) |
4298d0b5 | 3610 | return log_oom(); |
035fe294 ZJS |
3611 | if (r < 0) { |
3612 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
3613 | "Invalid syntax, ignoring: %s", rvalue); | |
3614 | return 0; | |
3615 | } | |
a687f500 ZJS |
3616 | if (r == 0) |
3617 | return 0; | |
4298d0b5 | 3618 | |
035fe294 | 3619 | af = af_from_name(word); |
acf4d158 | 3620 | if (af < 0) { |
323dda78 | 3621 | log_syntax(unit, LOG_WARNING, filename, line, af, |
063c4b1a | 3622 | "Failed to parse address family, ignoring: %s", word); |
4298d0b5 LP |
3623 | continue; |
3624 | } | |
3625 | ||
3626 | /* If we previously wanted to forbid an address family and now | |
035fe294 | 3627 | * we want to allow it, then just remove it from the list. |
4298d0b5 | 3628 | */ |
6b000af4 | 3629 | if (!invert == c->address_families_allow_list) { |
4298d0b5 | 3630 | r = set_put(c->address_families, INT_TO_PTR(af)); |
4298d0b5 LP |
3631 | if (r < 0) |
3632 | return log_oom(); | |
3633 | } else | |
3634 | set_remove(c->address_families, INT_TO_PTR(af)); | |
3635 | } | |
4298d0b5 | 3636 | } |
add00535 LP |
3637 | |
3638 | int config_parse_restrict_namespaces( | |
3639 | const char *unit, | |
3640 | const char *filename, | |
3641 | unsigned line, | |
3642 | const char *section, | |
3643 | unsigned section_line, | |
3644 | const char *lvalue, | |
3645 | int ltype, | |
3646 | const char *rvalue, | |
3647 | void *data, | |
3648 | void *userdata) { | |
3649 | ||
3650 | ExecContext *c = data; | |
aa9d574d | 3651 | unsigned long flags; |
add00535 LP |
3652 | bool invert = false; |
3653 | int r; | |
3654 | ||
3655 | if (isempty(rvalue)) { | |
3656 | /* Reset to the default. */ | |
aa9d574d YW |
3657 | c->restrict_namespaces = NAMESPACE_FLAGS_INITIAL; |
3658 | return 0; | |
3659 | } | |
3660 | ||
3661 | /* Boolean parameter ignores the previous settings */ | |
3662 | r = parse_boolean(rvalue); | |
3663 | if (r > 0) { | |
3664 | c->restrict_namespaces = 0; | |
3665 | return 0; | |
3666 | } else if (r == 0) { | |
add00535 LP |
3667 | c->restrict_namespaces = NAMESPACE_FLAGS_ALL; |
3668 | return 0; | |
3669 | } | |
3670 | ||
3671 | if (rvalue[0] == '~') { | |
3672 | invert = true; | |
3673 | rvalue++; | |
3674 | } | |
3675 | ||
aa9d574d YW |
3676 | /* Not a boolean argument, in this case it's a list of namespace types. */ |
3677 | r = namespace_flags_from_string(rvalue, &flags); | |
3678 | if (r < 0) { | |
323dda78 | 3679 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse namespace type string, ignoring: %s", rvalue); |
aa9d574d | 3680 | return 0; |
add00535 LP |
3681 | } |
3682 | ||
aa9d574d YW |
3683 | if (c->restrict_namespaces == NAMESPACE_FLAGS_INITIAL) |
3684 | /* Initial assignment. Just set the value. */ | |
3685 | c->restrict_namespaces = invert ? (~flags) & NAMESPACE_FLAGS_ALL : flags; | |
3686 | else | |
3687 | /* Merge the value with the previous one. */ | |
3688 | SET_FLAG(c->restrict_namespaces, flags, !invert); | |
add00535 LP |
3689 | |
3690 | return 0; | |
3691 | } | |
c0467cf3 | 3692 | #endif |
8351ceae | 3693 | |
e59ccd03 ILG |
3694 | int config_parse_restrict_filesystems( |
3695 | const char *unit, | |
3696 | const char *filename, | |
3697 | unsigned line, | |
3698 | const char *section, | |
3699 | unsigned section_line, | |
3700 | const char *lvalue, | |
3701 | int ltype, | |
3702 | const char *rvalue, | |
3703 | void *data, | |
3704 | void *userdata) { | |
3705 | ExecContext *c = data; | |
3706 | bool invert = false; | |
3707 | int r; | |
3708 | ||
3709 | assert(filename); | |
3710 | assert(lvalue); | |
3711 | assert(rvalue); | |
3712 | assert(data); | |
3713 | ||
3714 | if (isempty(rvalue)) { | |
3715 | /* Empty assignment resets the list */ | |
3716 | c->restrict_filesystems = set_free(c->restrict_filesystems); | |
3717 | c->restrict_filesystems_allow_list = false; | |
3718 | return 0; | |
3719 | } | |
3720 | ||
3721 | if (rvalue[0] == '~') { | |
3722 | invert = true; | |
3723 | rvalue++; | |
3724 | } | |
3725 | ||
3726 | if (!c->restrict_filesystems) { | |
3727 | if (invert) | |
3728 | /* Allow everything but the ones listed */ | |
3729 | c->restrict_filesystems_allow_list = false; | |
3730 | else | |
3731 | /* Allow nothing but the ones listed */ | |
3732 | c->restrict_filesystems_allow_list = true; | |
3733 | } | |
3734 | ||
3735 | for (const char *p = rvalue;;) { | |
3736 | _cleanup_free_ char *word = NULL; | |
3737 | ||
3738 | r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE); | |
3739 | if (r == 0) | |
3740 | break; | |
3741 | if (r == -ENOMEM) | |
3742 | return log_oom(); | |
3743 | if (r < 0) { | |
3744 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
3745 | "Trailing garbage in %s, ignoring: %s", lvalue, rvalue); | |
3746 | break; | |
3747 | } | |
3748 | ||
3749 | r = lsm_bpf_parse_filesystem( | |
3750 | word, | |
3751 | &c->restrict_filesystems, | |
3752 | FILESYSTEM_PARSE_LOG| | |
3753 | (invert ? FILESYSTEM_PARSE_INVERT : 0)| | |
3754 | (c->restrict_filesystems_allow_list ? FILESYSTEM_PARSE_ALLOW_LIST : 0), | |
3755 | unit, filename, line); | |
3756 | ||
3757 | if (r < 0) | |
3758 | return r; | |
3759 | } | |
3760 | ||
3761 | return 0; | |
3762 | } | |
3763 | ||
a016b922 LP |
3764 | int config_parse_unit_slice( |
3765 | const char *unit, | |
3766 | const char *filename, | |
3767 | unsigned line, | |
3768 | const char *section, | |
71a61510 | 3769 | unsigned section_line, |
a016b922 LP |
3770 | const char *lvalue, |
3771 | int ltype, | |
3772 | const char *rvalue, | |
3773 | void *data, | |
3774 | void *userdata) { | |
3775 | ||
063c4b1a | 3776 | _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; |
a016b922 | 3777 | _cleanup_free_ char *k = NULL; |
abc9fa1c | 3778 | Unit *u = userdata, *slice; |
a016b922 LP |
3779 | int r; |
3780 | ||
3781 | assert(filename); | |
3782 | assert(lvalue); | |
3783 | assert(rvalue); | |
3784 | assert(u); | |
3785 | ||
19f6d710 | 3786 | r = unit_name_printf(u, rvalue, &k); |
d79200e2 | 3787 | if (r < 0) { |
323dda78 | 3788 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue); |
d79200e2 | 3789 | return 0; |
19f6d710 | 3790 | } |
a016b922 | 3791 | |
063c4b1a | 3792 | r = manager_load_unit(u->manager, k, NULL, &error, &slice); |
a016b922 | 3793 | if (r < 0) { |
323dda78 | 3794 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to load slice unit %s, ignoring: %s", k, bus_error_message(&error, r)); |
a016b922 LP |
3795 | return 0; |
3796 | } | |
3797 | ||
899acf5c | 3798 | r = unit_set_slice(u, slice); |
d79200e2 | 3799 | if (r < 0) { |
323dda78 | 3800 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to assign slice %s to unit %s, ignoring: %m", slice->id, u->id); |
a016b922 LP |
3801 | return 0; |
3802 | } | |
3803 | ||
a016b922 LP |
3804 | return 0; |
3805 | } | |
3806 | ||
b2f8b02e LP |
3807 | int config_parse_cpu_quota( |
3808 | const char *unit, | |
3809 | const char *filename, | |
3810 | unsigned line, | |
3811 | const char *section, | |
3812 | unsigned section_line, | |
3813 | const char *lvalue, | |
3814 | int ltype, | |
3815 | const char *rvalue, | |
3816 | void *data, | |
3817 | void *userdata) { | |
3818 | ||
3819 | CGroupContext *c = data; | |
9184ca48 | 3820 | int r; |
b2f8b02e LP |
3821 | |
3822 | assert(filename); | |
3823 | assert(lvalue); | |
3824 | assert(rvalue); | |
3825 | ||
3826 | if (isempty(rvalue)) { | |
3a43da28 | 3827 | c->cpu_quota_per_sec_usec = USEC_INFINITY; |
b2f8b02e LP |
3828 | return 0; |
3829 | } | |
3830 | ||
fe845b5e | 3831 | r = parse_permyriad_unbounded(rvalue); |
9184ca48 | 3832 | if (r <= 0) { |
323dda78 | 3833 | log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid CPU quota '%s', ignoring.", rvalue); |
9a054909 | 3834 | return 0; |
b2f8b02e LP |
3835 | } |
3836 | ||
fe845b5e | 3837 | c->cpu_quota_per_sec_usec = ((usec_t) r * USEC_PER_SEC) / 10000U; |
b2f8b02e LP |
3838 | return 0; |
3839 | } | |
3840 | ||
31d3a520 | 3841 | int config_parse_allowed_cpuset( |
047f5d63 PH |
3842 | const char *unit, |
3843 | const char *filename, | |
3844 | unsigned line, | |
3845 | const char *section, | |
3846 | unsigned section_line, | |
3847 | const char *lvalue, | |
3848 | int ltype, | |
3849 | const char *rvalue, | |
3850 | void *data, | |
3851 | void *userdata) { | |
3852 | ||
31d3a520 | 3853 | CPUSet *c = data; |
047f5d63 | 3854 | |
31d3a520 | 3855 | (void) parse_cpu_set_extend(rvalue, c, true, unit, filename, line, lvalue); |
047f5d63 PH |
3856 | return 0; |
3857 | } | |
3858 | ||
4ad49000 LP |
3859 | int config_parse_memory_limit( |
3860 | const char *unit, | |
3861 | const char *filename, | |
3862 | unsigned line, | |
3863 | const char *section, | |
71a61510 | 3864 | unsigned section_line, |
4ad49000 LP |
3865 | const char *lvalue, |
3866 | int ltype, | |
3867 | const char *rvalue, | |
3868 | void *data, | |
3869 | void *userdata) { | |
3870 | ||
3871 | CGroupContext *c = data; | |
da4d897e | 3872 | uint64_t bytes = CGROUP_LIMIT_MAX; |
4ad49000 LP |
3873 | int r; |
3874 | ||
67e2baff MK |
3875 | if (isempty(rvalue) && STR_IN_SET(lvalue, "DefaultMemoryLow", |
3876 | "DefaultMemoryMin", | |
3877 | "MemoryLow", | |
3878 | "MemoryMin")) | |
db2b8d2e | 3879 | bytes = CGROUP_LIMIT_MIN; |
67e2baff | 3880 | else if (!isempty(rvalue) && !streq(rvalue, "infinity")) { |
875ae566 | 3881 | |
fe845b5e | 3882 | r = parse_permyriad(rvalue); |
875ae566 LP |
3883 | if (r < 0) { |
3884 | r = parse_size(rvalue, 1024, &bytes); | |
3885 | if (r < 0) { | |
323dda78 | 3886 | log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid memory limit '%s', ignoring: %m", rvalue); |
875ae566 LP |
3887 | return 0; |
3888 | } | |
3889 | } else | |
fe845b5e | 3890 | bytes = physical_memory_scale(r, 10000U); |
875ae566 | 3891 | |
906bdbf5 | 3892 | if (bytes >= UINT64_MAX || |
22bf131b | 3893 | (bytes <= 0 && !STR_IN_SET(lvalue, "MemorySwapMax", "MemoryLow", "MemoryMin", "DefaultMemoryLow", "DefaultMemoryMin"))) { |
323dda78 | 3894 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Memory limit '%s' out of range, ignoring.", rvalue); |
da4d897e TH |
3895 | return 0; |
3896 | } | |
4ad49000 LP |
3897 | } |
3898 | ||
c52db42b | 3899 | if (streq(lvalue, "DefaultMemoryLow")) { |
db2b8d2e | 3900 | c->default_memory_low = bytes; |
c52db42b | 3901 | c->default_memory_low_set = true; |
7ad5439e | 3902 | } else if (streq(lvalue, "DefaultMemoryMin")) { |
db2b8d2e | 3903 | c->default_memory_min = bytes; |
7ad5439e | 3904 | c->default_memory_min_set = true; |
7ad5439e | 3905 | } else if (streq(lvalue, "MemoryMin")) { |
48422635 | 3906 | c->memory_min = bytes; |
311a0e2e | 3907 | c->memory_min_set = true; |
7ad5439e | 3908 | } else if (streq(lvalue, "MemoryLow")) { |
da4d897e | 3909 | c->memory_low = bytes; |
311a0e2e | 3910 | c->memory_low_set = true; |
c52db42b | 3911 | } else if (streq(lvalue, "MemoryHigh")) |
da4d897e TH |
3912 | c->memory_high = bytes; |
3913 | else if (streq(lvalue, "MemoryMax")) | |
3914 | c->memory_max = bytes; | |
96e131ea WC |
3915 | else if (streq(lvalue, "MemorySwapMax")) |
3916 | c->memory_swap_max = bytes; | |
3917 | else if (streq(lvalue, "MemoryLimit")) | |
da4d897e | 3918 | c->memory_limit = bytes; |
96e131ea WC |
3919 | else |
3920 | return -EINVAL; | |
4ad49000 | 3921 | |
4ad49000 LP |
3922 | return 0; |
3923 | } | |
3924 | ||
03a7b521 LP |
3925 | int config_parse_tasks_max( |
3926 | const char *unit, | |
3927 | const char *filename, | |
3928 | unsigned line, | |
3929 | const char *section, | |
3930 | unsigned section_line, | |
3931 | const char *lvalue, | |
3932 | int ltype, | |
3933 | const char *rvalue, | |
3934 | void *data, | |
3935 | void *userdata) { | |
3936 | ||
47538b76 | 3937 | const Unit *u = userdata; |
3a0f06c4 ZJS |
3938 | TasksMax *tasks_max = data; |
3939 | uint64_t v; | |
03a7b521 LP |
3940 | int r; |
3941 | ||
f5058264 | 3942 | if (isempty(rvalue)) { |
3a0f06c4 | 3943 | *tasks_max = u ? u->manager->default_tasks_max : TASKS_MAX_UNSET; |
f5058264 TH |
3944 | return 0; |
3945 | } | |
3946 | ||
3947 | if (streq(rvalue, "infinity")) { | |
3a0f06c4 | 3948 | *tasks_max = TASKS_MAX_UNSET; |
03a7b521 LP |
3949 | return 0; |
3950 | } | |
3951 | ||
fe845b5e | 3952 | r = parse_permyriad(rvalue); |
3a0f06c4 | 3953 | if (r >= 0) |
fe845b5e | 3954 | *tasks_max = (TasksMax) { r, 10000U }; /* r‱ */ |
3a0f06c4 | 3955 | else { |
f5058264 | 3956 | r = safe_atou64(rvalue, &v); |
83f8e808 | 3957 | if (r < 0) { |
323dda78 | 3958 | log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid maximum tasks value '%s', ignoring: %m", rvalue); |
83f8e808 LP |
3959 | return 0; |
3960 | } | |
83f8e808 | 3961 | |
3a0f06c4 | 3962 | if (v <= 0 || v >= UINT64_MAX) { |
323dda78 | 3963 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Maximum tasks value '%s' out of range, ignoring.", rvalue); |
3a0f06c4 ZJS |
3964 | return 0; |
3965 | } | |
3966 | ||
3967 | *tasks_max = (TasksMax) { v }; | |
03a7b521 LP |
3968 | } |
3969 | ||
3970 | return 0; | |
3971 | } | |
3972 | ||
02638280 LP |
3973 | int config_parse_delegate( |
3974 | const char *unit, | |
3975 | const char *filename, | |
3976 | unsigned line, | |
3977 | const char *section, | |
3978 | unsigned section_line, | |
3979 | const char *lvalue, | |
3980 | int ltype, | |
3981 | const char *rvalue, | |
3982 | void *data, | |
3983 | void *userdata) { | |
3984 | ||
3985 | CGroupContext *c = data; | |
ecae73d7 | 3986 | UnitType t; |
02638280 LP |
3987 | int r; |
3988 | ||
ecae73d7 ZJS |
3989 | t = unit_name_to_type(unit); |
3990 | assert(t != _UNIT_TYPE_INVALID); | |
3991 | ||
3992 | if (!unit_vtable[t]->can_delegate) { | |
323dda78 | 3993 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Delegate= setting not supported for this unit type, ignoring."); |
ecae73d7 ZJS |
3994 | return 0; |
3995 | } | |
3996 | ||
02638280 LP |
3997 | /* We either accept a boolean value, which may be used to turn on delegation for all controllers, or turn it |
3998 | * off for all. Or it takes a list of controller names, in which case we add the specified controllers to the | |
3999 | * mask to delegate. */ | |
4000 | ||
1bdfc7b9 | 4001 | if (isempty(rvalue)) { |
d48013f8 YW |
4002 | /* An empty string resets controllers and set Delegate=yes. */ |
4003 | c->delegate = true; | |
1bdfc7b9 YW |
4004 | c->delegate_controllers = 0; |
4005 | return 0; | |
4006 | } | |
4007 | ||
02638280 LP |
4008 | r = parse_boolean(rvalue); |
4009 | if (r < 0) { | |
02638280 LP |
4010 | CGroupMask mask = 0; |
4011 | ||
323dda78 | 4012 | for (const char *p = rvalue;;) { |
02638280 LP |
4013 | _cleanup_free_ char *word = NULL; |
4014 | CGroupController cc; | |
4015 | ||
4ec85141 | 4016 | r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE); |
02638280 LP |
4017 | if (r == -ENOMEM) |
4018 | return log_oom(); | |
4019 | if (r < 0) { | |
323dda78 | 4020 | log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue); |
ff1b8455 | 4021 | return 0; |
02638280 | 4022 | } |
a687f500 ZJS |
4023 | if (r == 0) |
4024 | break; | |
02638280 LP |
4025 | |
4026 | cc = cgroup_controller_from_string(word); | |
4027 | if (cc < 0) { | |
323dda78 | 4028 | log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid controller name '%s', ignoring", word); |
02638280 LP |
4029 | continue; |
4030 | } | |
4031 | ||
4032 | mask |= CGROUP_CONTROLLER_TO_MASK(cc); | |
4033 | } | |
4034 | ||
4035 | c->delegate = true; | |
4036 | c->delegate_controllers |= mask; | |
4037 | ||
4038 | } else if (r > 0) { | |
4039 | c->delegate = true; | |
4040 | c->delegate_controllers = _CGROUP_MASK_ALL; | |
4041 | } else { | |
4042 | c->delegate = false; | |
4043 | c->delegate_controllers = 0; | |
4044 | } | |
4045 | ||
4046 | return 0; | |
4047 | } | |
4048 | ||
4d824a4e AZ |
4049 | int config_parse_managed_oom_mode( |
4050 | const char *unit, | |
4051 | const char *filename, | |
4052 | unsigned line, | |
4053 | const char *section, | |
4054 | unsigned section_line, | |
4055 | const char *lvalue, | |
4056 | int ltype, | |
4057 | const char *rvalue, | |
4058 | void *data, | |
4059 | void *userdata) { | |
ed5033fd | 4060 | |
4d824a4e AZ |
4061 | ManagedOOMMode *mode = data, m; |
4062 | UnitType t; | |
4063 | ||
4064 | t = unit_name_to_type(unit); | |
4065 | assert(t != _UNIT_TYPE_INVALID); | |
4066 | ||
4067 | if (!unit_vtable[t]->can_set_managed_oom) | |
4068 | return log_syntax(unit, LOG_WARNING, filename, line, 0, "%s= is not supported for this unit type, ignoring.", lvalue); | |
4069 | ||
4070 | if (isempty(rvalue)) { | |
4071 | *mode = MANAGED_OOM_AUTO; | |
f561e8c6 | 4072 | return 0; |
4d824a4e AZ |
4073 | } |
4074 | ||
4075 | m = managed_oom_mode_from_string(rvalue); | |
4076 | if (m < 0) { | |
b98680b2 | 4077 | log_syntax(unit, LOG_WARNING, filename, line, m, "Invalid syntax, ignoring: %s", rvalue); |
4d824a4e AZ |
4078 | return 0; |
4079 | } | |
ed5033fd | 4080 | |
4d824a4e AZ |
4081 | *mode = m; |
4082 | return 0; | |
4083 | } | |
4084 | ||
4085 | int config_parse_managed_oom_mem_pressure_limit( | |
4086 | const char *unit, | |
4087 | const char *filename, | |
4088 | unsigned line, | |
4089 | const char *section, | |
4090 | unsigned section_line, | |
4091 | const char *lvalue, | |
4092 | int ltype, | |
4093 | const char *rvalue, | |
4094 | void *data, | |
4095 | void *userdata) { | |
ed5033fd | 4096 | |
0a9f9344 | 4097 | uint32_t *limit = data; |
4d824a4e AZ |
4098 | UnitType t; |
4099 | int r; | |
4100 | ||
4101 | t = unit_name_to_type(unit); | |
4102 | assert(t != _UNIT_TYPE_INVALID); | |
4103 | ||
4104 | if (!unit_vtable[t]->can_set_managed_oom) | |
4105 | return log_syntax(unit, LOG_WARNING, filename, line, 0, "%s= is not supported for this unit type, ignoring.", lvalue); | |
4106 | ||
4107 | if (isempty(rvalue)) { | |
f561e8c6 AZ |
4108 | *limit = 0; |
4109 | return 0; | |
4d824a4e AZ |
4110 | } |
4111 | ||
0a9f9344 | 4112 | r = parse_permyriad(rvalue); |
4d824a4e | 4113 | if (r < 0) { |
0a9f9344 | 4114 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse memory pressure limit value, ignoring: %s", rvalue); |
4d824a4e AZ |
4115 | return 0; |
4116 | } | |
4117 | ||
d9d3f05d LP |
4118 | /* Normalize to 2^32-1 == 100% */ |
4119 | *limit = UINT32_SCALE_FROM_PERMYRIAD(r); | |
4d824a4e AZ |
4120 | return 0; |
4121 | } | |
4122 | ||
4ad49000 LP |
4123 | int config_parse_device_allow( |
4124 | const char *unit, | |
4125 | const char *filename, | |
4126 | unsigned line, | |
4127 | const char *section, | |
71a61510 | 4128 | unsigned section_line, |
4ad49000 LP |
4129 | const char *lvalue, |
4130 | int ltype, | |
4131 | const char *rvalue, | |
4132 | void *data, | |
4133 | void *userdata) { | |
4134 | ||
c9f620bf | 4135 | _cleanup_free_ char *path = NULL, *resolved = NULL; |
4ad49000 | 4136 | CGroupContext *c = data; |
c9f620bf | 4137 | const char *p = rvalue; |
1116e14c | 4138 | int r; |
4ad49000 LP |
4139 | |
4140 | if (isempty(rvalue)) { | |
4141 | while (c->device_allow) | |
4142 | cgroup_context_free_device_allow(c, c->device_allow); | |
4143 | ||
4144 | return 0; | |
4145 | } | |
4146 | ||
4ec85141 | 4147 | r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE); |
c9f620bf YW |
4148 | if (r == -ENOMEM) |
4149 | return log_oom(); | |
a687f500 | 4150 | if (r <= 0) { |
1116e14c | 4151 | log_syntax(unit, LOG_WARNING, filename, line, r, |
c9f620bf | 4152 | "Failed to extract device path and rights from '%s', ignoring.", rvalue); |
20d52ab6 | 4153 | return 0; |
1116e14c NBS |
4154 | } |
4155 | ||
06536492 | 4156 | r = unit_path_printf(userdata, path, &resolved); |
c9f620bf YW |
4157 | if (r < 0) { |
4158 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
4159 | "Failed to resolve unit specifiers in '%s', ignoring: %m", path); | |
4ad49000 LP |
4160 | return 0; |
4161 | } | |
4162 | ||
49fe5c09 | 4163 | if (!STARTSWITH_SET(resolved, "block-", "char-")) { |
2f4d31c1 | 4164 | |
57e84e75 LP |
4165 | r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue); |
4166 | if (r < 0) | |
4167 | return 0; | |
4168 | ||
4169 | if (!valid_device_node_path(resolved)) { | |
323dda78 | 4170 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved); |
57e84e75 LP |
4171 | return 0; |
4172 | } | |
c9f620bf | 4173 | } |
4ad49000 | 4174 | |
c9f620bf | 4175 | if (!isempty(p) && !in_charset(p, "rwm")) { |
323dda78 | 4176 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid device rights '%s', ignoring.", p); |
4ad49000 LP |
4177 | return 0; |
4178 | } | |
4179 | ||
fd870bac | 4180 | return cgroup_add_device_allow(c, resolved, p); |
4ad49000 LP |
4181 | } |
4182 | ||
13c31542 TH |
4183 | int config_parse_io_device_weight( |
4184 | const char *unit, | |
4185 | const char *filename, | |
4186 | unsigned line, | |
4187 | const char *section, | |
4188 | unsigned section_line, | |
4189 | const char *lvalue, | |
4190 | int ltype, | |
4191 | const char *rvalue, | |
4192 | void *data, | |
4193 | void *userdata) { | |
4194 | ||
c9f620bf | 4195 | _cleanup_free_ char *path = NULL, *resolved = NULL; |
13c31542 TH |
4196 | CGroupIODeviceWeight *w; |
4197 | CGroupContext *c = data; | |
c9f620bf | 4198 | const char *p = rvalue; |
13c31542 | 4199 | uint64_t u; |
13c31542 TH |
4200 | int r; |
4201 | ||
4202 | assert(filename); | |
4203 | assert(lvalue); | |
4204 | assert(rvalue); | |
4205 | ||
4206 | if (isempty(rvalue)) { | |
4207 | while (c->io_device_weights) | |
4208 | cgroup_context_free_io_device_weight(c, c->io_device_weights); | |
4209 | ||
4210 | return 0; | |
4211 | } | |
4212 | ||
4ec85141 | 4213 | r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE); |
c9f620bf YW |
4214 | if (r == -ENOMEM) |
4215 | return log_oom(); | |
6a35d52d | 4216 | if (r < 0) { |
c9f620bf | 4217 | log_syntax(unit, LOG_WARNING, filename, line, r, |
c9f620bf | 4218 | "Failed to extract device path and weight from '%s', ignoring.", rvalue); |
13c31542 TH |
4219 | return 0; |
4220 | } | |
6a35d52d YW |
4221 | if (r == 0 || isempty(p)) { |
4222 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
4223 | "Invalid device path or weight specified in '%s', ignoring.", rvalue); | |
4224 | return 0; | |
4225 | } | |
13c31542 | 4226 | |
06536492 | 4227 | r = unit_path_printf(userdata, path, &resolved); |
c9f620bf YW |
4228 | if (r < 0) { |
4229 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
4230 | "Failed to resolve unit specifiers in '%s', ignoring: %m", path); | |
4231 | return 0; | |
4232 | } | |
13c31542 | 4233 | |
2f4d31c1 YW |
4234 | r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue); |
4235 | if (r < 0) | |
4236 | return 0; | |
4237 | ||
c9f620bf | 4238 | r = cg_weight_parse(p, &u); |
13c31542 | 4239 | if (r < 0) { |
323dda78 | 4240 | log_syntax(unit, LOG_WARNING, filename, line, r, "IO weight '%s' invalid, ignoring: %m", p); |
13c31542 TH |
4241 | return 0; |
4242 | } | |
4243 | ||
4244 | assert(u != CGROUP_WEIGHT_INVALID); | |
4245 | ||
4246 | w = new0(CGroupIODeviceWeight, 1); | |
4247 | if (!w) | |
4248 | return log_oom(); | |
4249 | ||
c9f620bf | 4250 | w->path = TAKE_PTR(resolved); |
13c31542 TH |
4251 | w->weight = u; |
4252 | ||
4253 | LIST_PREPEND(device_weights, c->io_device_weights, w); | |
4254 | return 0; | |
4255 | } | |
4256 | ||
6ae4283c TH |
4257 | int config_parse_io_device_latency( |
4258 | const char *unit, | |
4259 | const char *filename, | |
4260 | unsigned line, | |
4261 | const char *section, | |
4262 | unsigned section_line, | |
4263 | const char *lvalue, | |
4264 | int ltype, | |
4265 | const char *rvalue, | |
4266 | void *data, | |
4267 | void *userdata) { | |
4268 | ||
4269 | _cleanup_free_ char *path = NULL, *resolved = NULL; | |
4270 | CGroupIODeviceLatency *l; | |
4271 | CGroupContext *c = data; | |
4272 | const char *p = rvalue; | |
4273 | usec_t usec; | |
4274 | int r; | |
4275 | ||
4276 | assert(filename); | |
4277 | assert(lvalue); | |
4278 | assert(rvalue); | |
4279 | ||
4280 | if (isempty(rvalue)) { | |
4281 | while (c->io_device_latencies) | |
4282 | cgroup_context_free_io_device_latency(c, c->io_device_latencies); | |
4283 | ||
4284 | return 0; | |
4285 | } | |
4286 | ||
4ec85141 | 4287 | r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE); |
6ae4283c TH |
4288 | if (r == -ENOMEM) |
4289 | return log_oom(); | |
6a35d52d | 4290 | if (r < 0) { |
6ae4283c | 4291 | log_syntax(unit, LOG_WARNING, filename, line, r, |
6ae4283c TH |
4292 | "Failed to extract device path and latency from '%s', ignoring.", rvalue); |
4293 | return 0; | |
4294 | } | |
6a35d52d YW |
4295 | if (r == 0 || isempty(p)) { |
4296 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
4297 | "Invalid device path or latency specified in '%s', ignoring.", rvalue); | |
4298 | return 0; | |
4299 | } | |
6ae4283c | 4300 | |
06536492 | 4301 | r = unit_path_printf(userdata, path, &resolved); |
6ae4283c TH |
4302 | if (r < 0) { |
4303 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
4304 | "Failed to resolve unit specifiers in '%s', ignoring: %m", path); | |
4305 | return 0; | |
4306 | } | |
4307 | ||
4308 | r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue); | |
4309 | if (r < 0) | |
4310 | return 0; | |
4311 | ||
323dda78 YW |
4312 | r = parse_sec(p, &usec); |
4313 | if (r < 0) { | |
4314 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse timer value, ignoring: %s", p); | |
6ae4283c TH |
4315 | return 0; |
4316 | } | |
4317 | ||
4318 | l = new0(CGroupIODeviceLatency, 1); | |
4319 | if (!l) | |
4320 | return log_oom(); | |
4321 | ||
4322 | l->path = TAKE_PTR(resolved); | |
4323 | l->target_usec = usec; | |
4324 | ||
4325 | LIST_PREPEND(device_latencies, c->io_device_latencies, l); | |
4326 | return 0; | |
4327 | } | |
4328 | ||
13c31542 TH |
4329 | int config_parse_io_limit( |
4330 | const char *unit, | |
4331 | const char *filename, | |
4332 | unsigned line, | |
4333 | const char *section, | |
4334 | unsigned section_line, | |
4335 | const char *lvalue, | |
4336 | int ltype, | |
4337 | const char *rvalue, | |
4338 | void *data, | |
4339 | void *userdata) { | |
4340 | ||
c9f620bf | 4341 | _cleanup_free_ char *path = NULL, *resolved = NULL; |
03677889 | 4342 | CGroupIODeviceLimit *l = NULL; |
13c31542 | 4343 | CGroupContext *c = data; |
9be57249 | 4344 | CGroupIOLimitType type; |
c9f620bf | 4345 | const char *p = rvalue; |
13c31542 | 4346 | uint64_t num; |
13c31542 TH |
4347 | int r; |
4348 | ||
4349 | assert(filename); | |
4350 | assert(lvalue); | |
4351 | assert(rvalue); | |
4352 | ||
9be57249 TH |
4353 | type = cgroup_io_limit_type_from_string(lvalue); |
4354 | assert(type >= 0); | |
13c31542 TH |
4355 | |
4356 | if (isempty(rvalue)) { | |
03677889 YW |
4357 | LIST_FOREACH(device_limits, t, c->io_device_limits) |
4358 | t->limits[type] = cgroup_io_limit_defaults[type]; | |
13c31542 TH |
4359 | return 0; |
4360 | } | |
4361 | ||
4ec85141 | 4362 | r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE); |
c9f620bf YW |
4363 | if (r == -ENOMEM) |
4364 | return log_oom(); | |
6a35d52d | 4365 | if (r < 0) { |
c9f620bf | 4366 | log_syntax(unit, LOG_WARNING, filename, line, r, |
c9f620bf | 4367 | "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue); |
13c31542 TH |
4368 | return 0; |
4369 | } | |
6a35d52d YW |
4370 | if (r == 0 || isempty(p)) { |
4371 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
4372 | "Invalid device node or bandwidth specified in '%s', ignoring.", rvalue); | |
4373 | return 0; | |
4374 | } | |
13c31542 | 4375 | |
06536492 | 4376 | r = unit_path_printf(userdata, path, &resolved); |
c9f620bf YW |
4377 | if (r < 0) { |
4378 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
4379 | "Failed to resolve unit specifiers in '%s', ignoring: %m", path); | |
4380 | return 0; | |
4381 | } | |
13c31542 | 4382 | |
2f4d31c1 YW |
4383 | r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue); |
4384 | if (r < 0) | |
4385 | return 0; | |
4386 | ||
9d5e9b4a | 4387 | if (streq("infinity", p)) |
13c31542 | 4388 | num = CGROUP_LIMIT_MAX; |
9d5e9b4a | 4389 | else { |
c9f620bf | 4390 | r = parse_size(p, 1000, &num); |
13c31542 | 4391 | if (r < 0 || num <= 0) { |
323dda78 | 4392 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid IO limit '%s', ignoring.", p); |
13c31542 TH |
4393 | return 0; |
4394 | } | |
4395 | } | |
4396 | ||
03677889 | 4397 | LIST_FOREACH(device_limits, t, c->io_device_limits) |
c9f620bf | 4398 | if (path_equal(resolved, t->path)) { |
13c31542 TH |
4399 | l = t; |
4400 | break; | |
4401 | } | |
13c31542 TH |
4402 | |
4403 | if (!l) { | |
9be57249 TH |
4404 | CGroupIOLimitType ttype; |
4405 | ||
13c31542 TH |
4406 | l = new0(CGroupIODeviceLimit, 1); |
4407 | if (!l) | |
4408 | return log_oom(); | |
4409 | ||
c9f620bf | 4410 | l->path = TAKE_PTR(resolved); |
9be57249 TH |
4411 | for (ttype = 0; ttype < _CGROUP_IO_LIMIT_TYPE_MAX; ttype++) |
4412 | l->limits[ttype] = cgroup_io_limit_defaults[ttype]; | |
13c31542 TH |
4413 | |
4414 | LIST_PREPEND(device_limits, c->io_device_limits, l); | |
4415 | } | |
4416 | ||
9be57249 | 4417 | l->limits[type] = num; |
13c31542 TH |
4418 | |
4419 | return 0; | |
4420 | } | |
4421 | ||
8e7076ca LP |
4422 | int config_parse_blockio_device_weight( |
4423 | const char *unit, | |
4424 | const char *filename, | |
4425 | unsigned line, | |
4426 | const char *section, | |
71a61510 | 4427 | unsigned section_line, |
8e7076ca LP |
4428 | const char *lvalue, |
4429 | int ltype, | |
4430 | const char *rvalue, | |
4431 | void *data, | |
4432 | void *userdata) { | |
4433 | ||
c9f620bf | 4434 | _cleanup_free_ char *path = NULL, *resolved = NULL; |
8e7076ca | 4435 | CGroupBlockIODeviceWeight *w; |
4ad49000 | 4436 | CGroupContext *c = data; |
c9f620bf | 4437 | const char *p = rvalue; |
d53d9474 | 4438 | uint64_t u; |
4ad49000 LP |
4439 | int r; |
4440 | ||
4441 | assert(filename); | |
4442 | assert(lvalue); | |
4443 | assert(rvalue); | |
4444 | ||
4445 | if (isempty(rvalue)) { | |
4ad49000 LP |
4446 | while (c->blockio_device_weights) |
4447 | cgroup_context_free_blockio_device_weight(c, c->blockio_device_weights); | |
4448 | ||
4449 | return 0; | |
4450 | } | |
4451 | ||
4ec85141 | 4452 | r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE); |
c9f620bf YW |
4453 | if (r == -ENOMEM) |
4454 | return log_oom(); | |
6a35d52d | 4455 | if (r < 0) { |
c9f620bf | 4456 | log_syntax(unit, LOG_WARNING, filename, line, r, |
c9f620bf | 4457 | "Failed to extract device node and weight from '%s', ignoring.", rvalue); |
8e7076ca LP |
4458 | return 0; |
4459 | } | |
6a35d52d YW |
4460 | if (r == 0 || isempty(p)) { |
4461 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
4462 | "Invalid device node or weight specified in '%s', ignoring.", rvalue); | |
4463 | return 0; | |
4464 | } | |
4ad49000 | 4465 | |
06536492 | 4466 | r = unit_path_printf(userdata, path, &resolved); |
c9f620bf YW |
4467 | if (r < 0) { |
4468 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
4469 | "Failed to resolve unit specifiers in '%s', ignoring: %m", path); | |
4470 | return 0; | |
4471 | } | |
4ad49000 | 4472 | |
2f4d31c1 YW |
4473 | r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue); |
4474 | if (r < 0) | |
4475 | return 0; | |
4476 | ||
c9f620bf | 4477 | r = cg_blkio_weight_parse(p, &u); |
d53d9474 | 4478 | if (r < 0) { |
323dda78 | 4479 | log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid block IO weight '%s', ignoring: %m", p); |
4ad49000 LP |
4480 | return 0; |
4481 | } | |
4482 | ||
d53d9474 LP |
4483 | assert(u != CGROUP_BLKIO_WEIGHT_INVALID); |
4484 | ||
8e7076ca LP |
4485 | w = new0(CGroupBlockIODeviceWeight, 1); |
4486 | if (!w) | |
4487 | return log_oom(); | |
4ad49000 | 4488 | |
c9f620bf | 4489 | w->path = TAKE_PTR(resolved); |
d53d9474 | 4490 | w->weight = u; |
4ad49000 | 4491 | |
71fda00f | 4492 | LIST_PREPEND(device_weights, c->blockio_device_weights, w); |
4ad49000 LP |
4493 | return 0; |
4494 | } | |
4495 | ||
4496 | int config_parse_blockio_bandwidth( | |
4497 | const char *unit, | |
4498 | const char *filename, | |
4499 | unsigned line, | |
4500 | const char *section, | |
71a61510 | 4501 | unsigned section_line, |
4ad49000 LP |
4502 | const char *lvalue, |
4503 | int ltype, | |
4504 | const char *rvalue, | |
4505 | void *data, | |
4506 | void *userdata) { | |
4507 | ||
c9f620bf | 4508 | _cleanup_free_ char *path = NULL, *resolved = NULL; |
03677889 | 4509 | CGroupBlockIODeviceBandwidth *b = NULL; |
4ad49000 | 4510 | CGroupContext *c = data; |
c9f620bf | 4511 | const char *p = rvalue; |
59f448cf | 4512 | uint64_t bytes; |
47c0980d | 4513 | bool read; |
4ad49000 LP |
4514 | int r; |
4515 | ||
4516 | assert(filename); | |
4517 | assert(lvalue); | |
4518 | assert(rvalue); | |
4519 | ||
47c0980d G |
4520 | read = streq("BlockIOReadBandwidth", lvalue); |
4521 | ||
4ad49000 | 4522 | if (isempty(rvalue)) { |
03677889 YW |
4523 | LIST_FOREACH(device_bandwidths, t, c->blockio_device_bandwidths) { |
4524 | t->rbps = CGROUP_LIMIT_MAX; | |
4525 | t->wbps = CGROUP_LIMIT_MAX; | |
979d0311 | 4526 | } |
4ad49000 LP |
4527 | return 0; |
4528 | } | |
4529 | ||
4ec85141 | 4530 | r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE); |
c9f620bf YW |
4531 | if (r == -ENOMEM) |
4532 | return log_oom(); | |
6a35d52d | 4533 | if (r < 0) { |
c9f620bf | 4534 | log_syntax(unit, LOG_WARNING, filename, line, r, |
c9f620bf | 4535 | "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue); |
4ad49000 LP |
4536 | return 0; |
4537 | } | |
6a35d52d YW |
4538 | if (r == 0 || isempty(p)) { |
4539 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
4540 | "Invalid device node or bandwidth specified in '%s', ignoring.", rvalue); | |
4541 | return 0; | |
4542 | } | |
4ad49000 | 4543 | |
06536492 | 4544 | r = unit_path_printf(userdata, path, &resolved); |
c9f620bf YW |
4545 | if (r < 0) { |
4546 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
4547 | "Failed to resolve unit specifiers in '%s', ignoring: %m", path); | |
4548 | return 0; | |
4549 | } | |
4ad49000 | 4550 | |
2f4d31c1 YW |
4551 | r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue); |
4552 | if (r < 0) | |
4553 | return 0; | |
4554 | ||
c9f620bf | 4555 | r = parse_size(p, 1000, &bytes); |
4ad49000 | 4556 | if (r < 0 || bytes <= 0) { |
323dda78 | 4557 | log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid Block IO Bandwidth '%s', ignoring.", p); |
4ad49000 LP |
4558 | return 0; |
4559 | } | |
4560 | ||
03677889 | 4561 | LIST_FOREACH(device_bandwidths, t, c->blockio_device_bandwidths) |
c9f620bf | 4562 | if (path_equal(resolved, t->path)) { |
979d0311 TH |
4563 | b = t; |
4564 | break; | |
4565 | } | |
4ad49000 | 4566 | |
03677889 | 4567 | if (!b) { |
979d0311 TH |
4568 | b = new0(CGroupBlockIODeviceBandwidth, 1); |
4569 | if (!b) | |
4570 | return log_oom(); | |
4571 | ||
c9f620bf | 4572 | b->path = TAKE_PTR(resolved); |
979d0311 TH |
4573 | b->rbps = CGROUP_LIMIT_MAX; |
4574 | b->wbps = CGROUP_LIMIT_MAX; | |
4575 | ||
4576 | LIST_PREPEND(device_bandwidths, c->blockio_device_bandwidths, b); | |
4577 | } | |
4ad49000 | 4578 | |
979d0311 TH |
4579 | if (read) |
4580 | b->rbps = bytes; | |
4581 | else | |
4582 | b->wbps = bytes; | |
4ad49000 LP |
4583 | |
4584 | return 0; | |
4585 | } | |
4586 | ||
d420282b LP |
4587 | int config_parse_job_mode_isolate( |
4588 | const char *unit, | |
4589 | const char *filename, | |
4590 | unsigned line, | |
4591 | const char *section, | |
4592 | unsigned section_line, | |
4593 | const char *lvalue, | |
4594 | int ltype, | |
4595 | const char *rvalue, | |
4596 | void *data, | |
4597 | void *userdata) { | |
4598 | ||
4599 | JobMode *m = data; | |
4600 | int r; | |
4601 | ||
4602 | assert(filename); | |
4603 | assert(lvalue); | |
4604 | assert(rvalue); | |
4605 | ||
4606 | r = parse_boolean(rvalue); | |
4607 | if (r < 0) { | |
323dda78 | 4608 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse boolean, ignoring: %s", rvalue); |
d420282b LP |
4609 | return 0; |
4610 | } | |
4611 | ||
8ab39347 YW |
4612 | log_notice("%s is deprecated. Please use OnFailureJobMode= instead", lvalue); |
4613 | ||
d420282b LP |
4614 | *m = r ? JOB_ISOLATE : JOB_REPLACE; |
4615 | return 0; | |
4616 | } | |
4617 | ||
3536f49e | 4618 | int config_parse_exec_directories( |
e66cf1a3 LP |
4619 | const char *unit, |
4620 | const char *filename, | |
4621 | unsigned line, | |
4622 | const char *section, | |
4623 | unsigned section_line, | |
4624 | const char *lvalue, | |
4625 | int ltype, | |
4626 | const char *rvalue, | |
4627 | void *data, | |
4628 | void *userdata) { | |
4629 | ||
211a3d87 | 4630 | ExecDirectory *ed = data; |
47538b76 | 4631 | const Unit *u = userdata; |
e66cf1a3 LP |
4632 | int r; |
4633 | ||
4634 | assert(filename); | |
4635 | assert(lvalue); | |
4636 | assert(rvalue); | |
4637 | assert(data); | |
4638 | ||
4639 | if (isempty(rvalue)) { | |
4640 | /* Empty assignment resets the list */ | |
211a3d87 | 4641 | exec_directory_done(ed); |
e66cf1a3 LP |
4642 | return 0; |
4643 | } | |
4644 | ||
323dda78 | 4645 | for (const char *p = rvalue;;) { |
211a3d87 | 4646 | _cleanup_free_ char *tuple = NULL; |
e66cf1a3 | 4647 | |
211a3d87 | 4648 | r = extract_first_word(&p, &tuple, NULL, EXTRACT_UNQUOTE|EXTRACT_RETAIN_ESCAPE); |
035fe294 | 4649 | if (r == -ENOMEM) |
e66cf1a3 | 4650 | return log_oom(); |
035fe294 ZJS |
4651 | if (r < 0) { |
4652 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
211a3d87 | 4653 | "Invalid syntax %s=%s, ignoring: %m", lvalue, rvalue); |
035fe294 ZJS |
4654 | return 0; |
4655 | } | |
091e9efe LP |
4656 | if (r == 0) |
4657 | return 0; | |
e66cf1a3 | 4658 | |
211a3d87 LB |
4659 | _cleanup_free_ char *src = NULL, *dest = NULL; |
4660 | const char *q = tuple; | |
4661 | r = extract_many_words(&q, ":", EXTRACT_CUNESCAPE|EXTRACT_UNESCAPE_SEPARATORS, &src, &dest, NULL); | |
4662 | if (r == -ENOMEM) | |
4663 | return log_oom(); | |
4664 | if (r <= 0) { | |
4665 | log_syntax(unit, LOG_WARNING, filename, line, r ?: SYNTHETIC_ERRNO(EINVAL), | |
4666 | "Invalid syntax in %s=, ignoring: %s", lvalue, tuple); | |
4667 | return 0; | |
4668 | } | |
4669 | ||
4670 | _cleanup_free_ char *sresolved = NULL; | |
4671 | r = unit_path_printf(u, src, &sresolved); | |
9b5864d9 | 4672 | if (r < 0) { |
330f8990 | 4673 | log_syntax(unit, LOG_WARNING, filename, line, r, |
211a3d87 | 4674 | "Failed to resolve unit specifiers in \"%s\", ignoring: %m", src); |
9b5864d9 MG |
4675 | continue; |
4676 | } | |
4677 | ||
211a3d87 | 4678 | r = path_simplify_and_warn(sresolved, PATH_CHECK_RELATIVE, unit, filename, line, lvalue); |
2f4d31c1 | 4679 | if (r < 0) |
e8865688 | 4680 | continue; |
e8865688 | 4681 | |
211a3d87 | 4682 | if (path_startswith(sresolved, "private")) { |
330f8990 | 4683 | log_syntax(unit, LOG_WARNING, filename, line, 0, |
211a3d87 | 4684 | "%s= path can't be 'private', ignoring assignment: %s", lvalue, tuple); |
e66cf1a3 LP |
4685 | continue; |
4686 | } | |
4687 | ||
211a3d87 LB |
4688 | /* For State and Runtime directories we support an optional destination parameter, which |
4689 | * will be used to create a symlink to the source. */ | |
4690 | _cleanup_strv_free_ char **symlinks = NULL; | |
4691 | if (!isempty(dest)) { | |
4692 | _cleanup_free_ char *dresolved = NULL; | |
4693 | ||
4694 | if (streq(lvalue, "ConfigurationDirectory")) { | |
4695 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
4696 | "Destination parameter is not supported for ConfigurationDirectory, ignoring: %s", tuple); | |
4697 | continue; | |
4698 | } | |
4699 | ||
4700 | r = unit_path_printf(u, dest, &dresolved); | |
4701 | if (r < 0) { | |
4702 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
4703 | "Failed to resolve unit specifiers in \"%s\", ignoring: %m", dest); | |
4704 | continue; | |
4705 | } | |
4706 | ||
4707 | r = path_simplify_and_warn(dresolved, PATH_CHECK_RELATIVE, unit, filename, line, lvalue); | |
4708 | if (r < 0) | |
4709 | continue; | |
4710 | ||
4711 | r = strv_consume(&symlinks, TAKE_PTR(dresolved)); | |
4712 | if (r < 0) | |
4713 | return log_oom(); | |
4714 | } | |
4715 | ||
4716 | r = exec_directory_add(&ed->items, &ed->n_items, sresolved, symlinks); | |
e66cf1a3 LP |
4717 | if (r < 0) |
4718 | return log_oom(); | |
e66cf1a3 | 4719 | } |
e66cf1a3 LP |
4720 | } |
4721 | ||
bb0c0d6f LP |
4722 | int config_parse_set_credential( |
4723 | const char *unit, | |
4724 | const char *filename, | |
4725 | unsigned line, | |
4726 | const char *section, | |
4727 | unsigned section_line, | |
4728 | const char *lvalue, | |
4729 | int ltype, | |
4730 | const char *rvalue, | |
4731 | void *data, | |
4732 | void *userdata) { | |
4733 | ||
43144be4 LP |
4734 | _cleanup_free_ char *word = NULL, *k = NULL; |
4735 | _cleanup_free_ void *d = NULL; | |
bb0c0d6f LP |
4736 | ExecContext *context = data; |
4737 | ExecSetCredential *old; | |
4738 | Unit *u = userdata; | |
43144be4 LP |
4739 | bool encrypted = ltype; |
4740 | const char *p = rvalue; | |
4741 | size_t size; | |
4742 | int r; | |
bb0c0d6f LP |
4743 | |
4744 | assert(filename); | |
4745 | assert(lvalue); | |
4746 | assert(rvalue); | |
4747 | assert(context); | |
4748 | ||
4749 | if (isempty(rvalue)) { | |
4750 | /* Empty assignment resets the list */ | |
4751 | context->set_credentials = hashmap_free(context->set_credentials); | |
4752 | return 0; | |
4753 | } | |
4754 | ||
bb0c0d6f LP |
4755 | r = extract_first_word(&p, &word, ":", EXTRACT_DONT_COALESCE_SEPARATORS); |
4756 | if (r == -ENOMEM) | |
4757 | return log_oom(); | |
6a35d52d YW |
4758 | if (r < 0) { |
4759 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to extract credential name, ignoring: %s", rvalue); | |
4760 | return 0; | |
4761 | } | |
4762 | if (r == 0 || isempty(p)) { | |
4763 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid syntax, ignoring: %s", rvalue); | |
bb0c0d6f LP |
4764 | return 0; |
4765 | } | |
4766 | ||
06536492 | 4767 | r = unit_cred_printf(u, word, &k); |
bb0c0d6f LP |
4768 | if (r < 0) { |
4769 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in \"%s\", ignoring: %m", word); | |
4770 | return 0; | |
4771 | } | |
4772 | if (!credential_name_valid(k)) { | |
4773 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Credential name \"%s\" not valid, ignoring.", k); | |
4774 | return 0; | |
4775 | } | |
4776 | ||
43144be4 LP |
4777 | if (encrypted) { |
4778 | r = unbase64mem_full(p, SIZE_MAX, true, &d, &size); | |
4779 | if (r < 0) { | |
4780 | log_syntax(unit, LOG_WARNING, filename, line, r, "Encrypted credential data not valid Base64 data, ignoring."); | |
4781 | return 0; | |
4782 | } | |
4783 | } else { | |
1421705d | 4784 | char *unescaped; |
e437538f | 4785 | ssize_t l; |
43144be4 LP |
4786 | |
4787 | /* We support escape codes here, so that users can insert trailing \n if they like */ | |
4788 | l = cunescape(p, UNESCAPE_ACCEPT_NUL, &unescaped); | |
4789 | if (l < 0) { | |
4790 | log_syntax(unit, LOG_WARNING, filename, line, l, "Can't unescape \"%s\", ignoring: %m", p); | |
4791 | return 0; | |
4792 | } | |
4793 | ||
4794 | d = unescaped; | |
4795 | size = l; | |
bb0c0d6f LP |
4796 | } |
4797 | ||
4798 | old = hashmap_get(context->set_credentials, k); | |
4799 | if (old) { | |
43144be4 LP |
4800 | free_and_replace(old->data, d); |
4801 | old->size = size; | |
4802 | old->encrypted = encrypted; | |
bb0c0d6f LP |
4803 | } else { |
4804 | _cleanup_(exec_set_credential_freep) ExecSetCredential *sc = NULL; | |
4805 | ||
43144be4 | 4806 | sc = new(ExecSetCredential, 1); |
bb0c0d6f LP |
4807 | if (!sc) |
4808 | return log_oom(); | |
4809 | ||
43144be4 LP |
4810 | *sc = (ExecSetCredential) { |
4811 | .id = TAKE_PTR(k), | |
4812 | .data = TAKE_PTR(d), | |
4813 | .size = size, | |
4814 | .encrypted = encrypted, | |
4815 | }; | |
bb0c0d6f | 4816 | |
f85f5f0d SS |
4817 | r = hashmap_ensure_put(&context->set_credentials, &exec_set_credential_hash_ops, sc->id, sc); |
4818 | if (r == -ENOMEM) | |
4819 | return log_oom(); | |
2400743e | 4820 | if (r < 0) { |
43144be4 | 4821 | log_syntax(unit, LOG_WARNING, filename, line, r, |
2400743e YW |
4822 | "Duplicated credential value '%s', ignoring assignment: %s", sc->id, rvalue); |
4823 | return 0; | |
4824 | } | |
bb0c0d6f | 4825 | |
bb0c0d6f LP |
4826 | TAKE_PTR(sc); |
4827 | } | |
4828 | ||
4829 | return 0; | |
4830 | } | |
4831 | ||
4832 | int config_parse_load_credential( | |
4833 | const char *unit, | |
4834 | const char *filename, | |
4835 | unsigned line, | |
4836 | const char *section, | |
4837 | unsigned section_line, | |
4838 | const char *lvalue, | |
4839 | int ltype, | |
4840 | const char *rvalue, | |
4841 | void *data, | |
4842 | void *userdata) { | |
4843 | ||
4844 | _cleanup_free_ char *word = NULL, *k = NULL, *q = NULL; | |
4845 | ExecContext *context = data; | |
43144be4 LP |
4846 | ExecLoadCredential *old; |
4847 | bool encrypted = ltype; | |
bb0c0d6f LP |
4848 | Unit *u = userdata; |
4849 | const char *p; | |
4850 | int r; | |
4851 | ||
4852 | assert(filename); | |
4853 | assert(lvalue); | |
4854 | assert(rvalue); | |
4855 | assert(context); | |
4856 | ||
4857 | if (isempty(rvalue)) { | |
4858 | /* Empty assignment resets the list */ | |
43144be4 | 4859 | context->load_credentials = hashmap_free(context->load_credentials); |
bb0c0d6f LP |
4860 | return 0; |
4861 | } | |
4862 | ||
4863 | p = rvalue; | |
4864 | r = extract_first_word(&p, &word, ":", EXTRACT_DONT_COALESCE_SEPARATORS); | |
4865 | if (r == -ENOMEM) | |
4866 | return log_oom(); | |
4867 | if (r <= 0) { | |
4868 | log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue); | |
4869 | return 0; | |
4870 | } | |
4871 | ||
06536492 | 4872 | r = unit_cred_printf(u, word, &k); |
bb0c0d6f LP |
4873 | if (r < 0) { |
4874 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in \"%s\", ignoring: %m", word); | |
4875 | return 0; | |
4876 | } | |
4877 | if (!credential_name_valid(k)) { | |
4878 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Credential name \"%s\" not valid, ignoring.", k); | |
4879 | return 0; | |
4880 | } | |
8a29862e LP |
4881 | |
4882 | if (isempty(p)) { | |
08a7e545 | 4883 | /* If only one field is specified take it as shortcut for inheriting a credential named |
8a29862e LP |
4884 | * the same way from our parent */ |
4885 | q = strdup(k); | |
4886 | if (!q) | |
4887 | return log_oom(); | |
4888 | } else { | |
06536492 | 4889 | r = unit_path_printf(u, p, &q); |
8a29862e LP |
4890 | if (r < 0) { |
4891 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in \"%s\", ignoring: %m", p); | |
4892 | return 0; | |
4893 | } | |
4894 | if (path_is_absolute(q) ? !path_is_normalized(q) : !credential_name_valid(q)) { | |
43144be4 | 4895 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Credential source \"%s\" not valid, ignoring.", q); |
8a29862e LP |
4896 | return 0; |
4897 | } | |
bb0c0d6f LP |
4898 | } |
4899 | ||
43144be4 LP |
4900 | old = hashmap_get(context->load_credentials, k); |
4901 | if (old) { | |
4902 | free_and_replace(old->path, q); | |
4903 | old->encrypted = encrypted; | |
4904 | } else { | |
4905 | _cleanup_(exec_load_credential_freep) ExecLoadCredential *lc = NULL; | |
4906 | ||
4907 | lc = new(ExecLoadCredential, 1); | |
4908 | if (!lc) | |
4909 | return log_oom(); | |
4910 | ||
4911 | *lc = (ExecLoadCredential) { | |
4912 | .id = TAKE_PTR(k), | |
4913 | .path = TAKE_PTR(q), | |
4914 | .encrypted = encrypted, | |
4915 | }; | |
4916 | ||
4917 | r = hashmap_ensure_put(&context->load_credentials, &exec_load_credential_hash_ops, lc->id, lc); | |
4918 | if (r == -ENOMEM) | |
4919 | return log_oom(); | |
4920 | if (r < 0) { | |
4921 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
4922 | "Duplicated credential value '%s', ignoring assignment: %s", lc->id, rvalue); | |
4923 | return 0; | |
4924 | } | |
4925 | ||
4926 | TAKE_PTR(lc); | |
4927 | } | |
bb0c0d6f LP |
4928 | |
4929 | return 0; | |
4930 | } | |
4931 | ||
3af00fb8 LP |
4932 | int config_parse_set_status( |
4933 | const char *unit, | |
4934 | const char *filename, | |
4935 | unsigned line, | |
4936 | const char *section, | |
4937 | unsigned section_line, | |
4938 | const char *lvalue, | |
4939 | int ltype, | |
4940 | const char *rvalue, | |
4941 | void *data, | |
4942 | void *userdata) { | |
4943 | ||
3af00fb8 | 4944 | ExitStatusSet *status_set = data; |
7896ad8f | 4945 | int r; |
3af00fb8 LP |
4946 | |
4947 | assert(filename); | |
4948 | assert(lvalue); | |
4949 | assert(rvalue); | |
7896ad8f | 4950 | assert(status_set); |
3af00fb8 | 4951 | |
3e2d435b | 4952 | /* Empty assignment resets the list */ |
3af00fb8 | 4953 | if (isempty(rvalue)) { |
3e2d435b | 4954 | exit_status_set_free(status_set); |
3af00fb8 LP |
4955 | return 0; |
4956 | } | |
4957 | ||
7896ad8f ZJS |
4958 | for (const char *p = rvalue;;) { |
4959 | _cleanup_free_ char *word = NULL; | |
23d5dd16 | 4960 | Bitmap *bitmap; |
3af00fb8 | 4961 | |
7896ad8f | 4962 | r = extract_first_word(&p, &word, NULL, 0); |
323dda78 YW |
4963 | if (r == -ENOMEM) |
4964 | return log_oom(); | |
4965 | if (r < 0) { | |
4966 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
4967 | "Failed to parse %s=%s, ignoring: %m", lvalue, rvalue); | |
4968 | return 0; | |
4969 | } | |
7896ad8f ZJS |
4970 | if (r == 0) |
4971 | return 0; | |
3af00fb8 | 4972 | |
2e2ed880 ZJS |
4973 | /* We need to call exit_status_from_string() first, because we want |
4974 | * to parse numbers as exit statuses, not signals. */ | |
3af00fb8 | 4975 | |
7896ad8f | 4976 | r = exit_status_from_string(word); |
2e2ed880 ZJS |
4977 | if (r >= 0) { |
4978 | assert(r >= 0 && r < 256); | |
4979 | bitmap = &status_set->status; | |
3af00fb8 | 4980 | } else { |
7896ad8f ZJS |
4981 | r = signal_from_string(word); |
4982 | if (r < 0) { | |
b98680b2 | 4983 | log_syntax(unit, LOG_WARNING, filename, line, r, |
2e2ed880 | 4984 | "Failed to parse value, ignoring: %s", word); |
1e2fd62d | 4985 | continue; |
3af00fb8 | 4986 | } |
2e2ed880 | 4987 | bitmap = &status_set->signal; |
3af00fb8 | 4988 | } |
1e2fd62d | 4989 | |
2e2ed880 | 4990 | r = bitmap_set(bitmap, r); |
063c4b1a | 4991 | if (r < 0) |
323dda78 YW |
4992 | log_syntax(unit, LOG_WARNING, filename, line, r, |
4993 | "Failed to set signal or status %s, ignoring: %m", word); | |
3af00fb8 | 4994 | } |
3af00fb8 LP |
4995 | } |
4996 | ||
94828d2d LP |
4997 | int config_parse_namespace_path_strv( |
4998 | const char *unit, | |
4999 | const char *filename, | |
5000 | unsigned line, | |
5001 | const char *section, | |
5002 | unsigned section_line, | |
5003 | const char *lvalue, | |
5004 | int ltype, | |
5005 | const char *rvalue, | |
5006 | void *data, | |
5007 | void *userdata) { | |
5008 | ||
47538b76 | 5009 | const Unit *u = userdata; |
a2a5291b | 5010 | char*** sv = data; |
94828d2d LP |
5011 | int r; |
5012 | ||
5013 | assert(filename); | |
5014 | assert(lvalue); | |
5015 | assert(rvalue); | |
5016 | assert(data); | |
5017 | ||
5018 | if (isempty(rvalue)) { | |
5019 | /* Empty assignment resets the list */ | |
6796073e | 5020 | *sv = strv_free(*sv); |
94828d2d LP |
5021 | return 0; |
5022 | } | |
5023 | ||
323dda78 | 5024 | for (const char *p = rvalue;;) { |
7b07e993 | 5025 | _cleanup_free_ char *word = NULL, *resolved = NULL, *joined = NULL; |
20b7a007 LP |
5026 | const char *w; |
5027 | bool ignore_enoent = false, shall_prefix = false; | |
94828d2d | 5028 | |
4ec85141 | 5029 | r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE); |
0293a7a8 EV |
5030 | if (r == -ENOMEM) |
5031 | return log_oom(); | |
727f76d7 | 5032 | if (r < 0) { |
323dda78 | 5033 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue); |
727f76d7 EV |
5034 | return 0; |
5035 | } | |
a687f500 ZJS |
5036 | if (r == 0) |
5037 | break; | |
94828d2d | 5038 | |
20b7a007 LP |
5039 | w = word; |
5040 | if (startswith(w, "-")) { | |
5041 | ignore_enoent = true; | |
5042 | w++; | |
5043 | } | |
5044 | if (startswith(w, "+")) { | |
5045 | shall_prefix = true; | |
5046 | w++; | |
5047 | } | |
7b07e993 | 5048 | |
06536492 | 5049 | r = unit_path_printf(u, w, &resolved); |
7b07e993 | 5050 | if (r < 0) { |
323dda78 | 5051 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s: %m", w); |
94828d2d LP |
5052 | continue; |
5053 | } | |
5054 | ||
2f4d31c1 YW |
5055 | r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); |
5056 | if (r < 0) | |
7b07e993 | 5057 | continue; |
94828d2d | 5058 | |
20b7a007 LP |
5059 | joined = strjoin(ignore_enoent ? "-" : "", |
5060 | shall_prefix ? "+" : "", | |
5061 | resolved); | |
7b07e993 LP |
5062 | |
5063 | r = strv_push(sv, joined); | |
94828d2d LP |
5064 | if (r < 0) |
5065 | return log_oom(); | |
5066 | ||
7b07e993 | 5067 | joined = NULL; |
94828d2d LP |
5068 | } |
5069 | ||
5070 | return 0; | |
5071 | } | |
5072 | ||
2abd4e38 YW |
5073 | int config_parse_temporary_filesystems( |
5074 | const char *unit, | |
5075 | const char *filename, | |
5076 | unsigned line, | |
5077 | const char *section, | |
5078 | unsigned section_line, | |
5079 | const char *lvalue, | |
5080 | int ltype, | |
5081 | const char *rvalue, | |
5082 | void *data, | |
5083 | void *userdata) { | |
5084 | ||
47538b76 | 5085 | const Unit *u = userdata; |
2abd4e38 | 5086 | ExecContext *c = data; |
2abd4e38 YW |
5087 | int r; |
5088 | ||
5089 | assert(filename); | |
5090 | assert(lvalue); | |
5091 | assert(rvalue); | |
5092 | assert(data); | |
5093 | ||
5094 | if (isempty(rvalue)) { | |
5095 | /* Empty assignment resets the list */ | |
5096 | temporary_filesystem_free_many(c->temporary_filesystems, c->n_temporary_filesystems); | |
5097 | c->temporary_filesystems = NULL; | |
5098 | c->n_temporary_filesystems = 0; | |
5099 | return 0; | |
5100 | } | |
5101 | ||
323dda78 | 5102 | for (const char *p = rvalue;;) { |
2abd4e38 YW |
5103 | _cleanup_free_ char *word = NULL, *path = NULL, *resolved = NULL; |
5104 | const char *w; | |
5105 | ||
4ec85141 | 5106 | r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE); |
2abd4e38 YW |
5107 | if (r == -ENOMEM) |
5108 | return log_oom(); | |
5109 | if (r < 0) { | |
323dda78 | 5110 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue); |
2abd4e38 YW |
5111 | return 0; |
5112 | } | |
a687f500 ZJS |
5113 | if (r == 0) |
5114 | return 0; | |
2abd4e38 YW |
5115 | |
5116 | w = word; | |
5117 | r = extract_first_word(&w, &path, ":", EXTRACT_DONT_COALESCE_SEPARATORS); | |
063c4b1a YW |
5118 | if (r == -ENOMEM) |
5119 | return log_oom(); | |
5120 | if (r < 0) { | |
323dda78 | 5121 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to extract first word, ignoring: %s", word); |
063c4b1a YW |
5122 | continue; |
5123 | } | |
5124 | if (r == 0) { | |
323dda78 | 5125 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid syntax, ignoring: %s", word); |
063c4b1a YW |
5126 | continue; |
5127 | } | |
2abd4e38 | 5128 | |
06536492 | 5129 | r = unit_path_printf(u, path, &resolved); |
2abd4e38 | 5130 | if (r < 0) { |
323dda78 | 5131 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", path); |
2abd4e38 YW |
5132 | continue; |
5133 | } | |
5134 | ||
2f4d31c1 YW |
5135 | r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); |
5136 | if (r < 0) | |
2abd4e38 | 5137 | continue; |
2abd4e38 | 5138 | |
a26fec24 | 5139 | r = temporary_filesystem_add(&c->temporary_filesystems, &c->n_temporary_filesystems, resolved, w); |
6302d1ea | 5140 | if (r < 0) |
2abd4e38 | 5141 | return log_oom(); |
2abd4e38 | 5142 | } |
2abd4e38 YW |
5143 | } |
5144 | ||
d2d6c096 LP |
5145 | int config_parse_bind_paths( |
5146 | const char *unit, | |
5147 | const char *filename, | |
5148 | unsigned line, | |
5149 | const char *section, | |
5150 | unsigned section_line, | |
5151 | const char *lvalue, | |
5152 | int ltype, | |
5153 | const char *rvalue, | |
5154 | void *data, | |
5155 | void *userdata) { | |
5156 | ||
5157 | ExecContext *c = data; | |
47538b76 | 5158 | const Unit *u = userdata; |
d2d6c096 LP |
5159 | int r; |
5160 | ||
5161 | assert(filename); | |
5162 | assert(lvalue); | |
5163 | assert(rvalue); | |
5164 | assert(data); | |
5165 | ||
5166 | if (isempty(rvalue)) { | |
5167 | /* Empty assignment resets the list */ | |
5168 | bind_mount_free_many(c->bind_mounts, c->n_bind_mounts); | |
5169 | c->bind_mounts = NULL; | |
5170 | c->n_bind_mounts = 0; | |
5171 | return 0; | |
5172 | } | |
5173 | ||
323dda78 | 5174 | for (const char *p = rvalue;;) { |
d2d6c096 | 5175 | _cleanup_free_ char *source = NULL, *destination = NULL; |
42d43f21 | 5176 | _cleanup_free_ char *sresolved = NULL, *dresolved = NULL; |
d2d6c096 LP |
5177 | char *s = NULL, *d = NULL; |
5178 | bool rbind = true, ignore_enoent = false; | |
5179 | ||
4ec85141 | 5180 | r = extract_first_word(&p, &source, ":" WHITESPACE, EXTRACT_UNQUOTE|EXTRACT_DONT_COALESCE_SEPARATORS); |
d2d6c096 LP |
5181 | if (r == -ENOMEM) |
5182 | return log_oom(); | |
5183 | if (r < 0) { | |
323dda78 | 5184 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s, ignoring: %s", lvalue, rvalue); |
d2d6c096 LP |
5185 | return 0; |
5186 | } | |
a687f500 ZJS |
5187 | if (r == 0) |
5188 | break; | |
d2d6c096 | 5189 | |
06536492 | 5190 | r = unit_full_printf_full(u, source, PATH_MAX, &sresolved); |
42d43f21 | 5191 | if (r < 0) { |
323dda78 | 5192 | log_syntax(unit, LOG_WARNING, filename, line, r, |
556a7bbe | 5193 | "Failed to resolve unit specifiers in \"%s\", ignoring: %m", source); |
2f4d31c1 | 5194 | continue; |
42d43f21 DC |
5195 | } |
5196 | ||
5197 | s = sresolved; | |
d2d6c096 LP |
5198 | if (s[0] == '-') { |
5199 | ignore_enoent = true; | |
5200 | s++; | |
5201 | } | |
5202 | ||
2f4d31c1 YW |
5203 | r = path_simplify_and_warn(s, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); |
5204 | if (r < 0) | |
5205 | continue; | |
d2d6c096 LP |
5206 | |
5207 | /* Optionally, the destination is specified. */ | |
5208 | if (p && p[-1] == ':') { | |
4ec85141 | 5209 | r = extract_first_word(&p, &destination, ":" WHITESPACE, EXTRACT_UNQUOTE|EXTRACT_DONT_COALESCE_SEPARATORS); |
d2d6c096 LP |
5210 | if (r == -ENOMEM) |
5211 | return log_oom(); | |
5212 | if (r < 0) { | |
323dda78 | 5213 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s, ignoring: %s", lvalue, rvalue); |
d2d6c096 LP |
5214 | return 0; |
5215 | } | |
5216 | if (r == 0) { | |
323dda78 | 5217 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Missing argument after ':', ignoring: %s", s); |
2f4d31c1 | 5218 | continue; |
d2d6c096 LP |
5219 | } |
5220 | ||
06536492 | 5221 | r = unit_path_printf(u, destination, &dresolved); |
42d43f21 | 5222 | if (r < 0) { |
323dda78 | 5223 | log_syntax(unit, LOG_WARNING, filename, line, r, |
556a7bbe | 5224 | "Failed to resolve specifiers in \"%s\", ignoring: %m", destination); |
2f4d31c1 | 5225 | continue; |
42d43f21 DC |
5226 | } |
5227 | ||
2f4d31c1 YW |
5228 | r = path_simplify_and_warn(dresolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); |
5229 | if (r < 0) | |
5230 | continue; | |
d2d6c096 | 5231 | |
2f4d31c1 | 5232 | d = dresolved; |
d2d6c096 LP |
5233 | |
5234 | /* Optionally, there's also a short option string specified */ | |
5235 | if (p && p[-1] == ':') { | |
5236 | _cleanup_free_ char *options = NULL; | |
5237 | ||
4ec85141 | 5238 | r = extract_first_word(&p, &options, NULL, EXTRACT_UNQUOTE); |
d2d6c096 LP |
5239 | if (r == -ENOMEM) |
5240 | return log_oom(); | |
5241 | if (r < 0) { | |
6a35d52d | 5242 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s=, ignoring: %s", lvalue, rvalue); |
d2d6c096 LP |
5243 | return 0; |
5244 | } | |
5245 | ||
5246 | if (isempty(options) || streq(options, "rbind")) | |
5247 | rbind = true; | |
5248 | else if (streq(options, "norbind")) | |
5249 | rbind = false; | |
5250 | else { | |
323dda78 | 5251 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid option string, ignoring setting: %s", options); |
2f4d31c1 | 5252 | continue; |
d2d6c096 LP |
5253 | } |
5254 | } | |
5255 | } else | |
5256 | d = s; | |
5257 | ||
5258 | r = bind_mount_add(&c->bind_mounts, &c->n_bind_mounts, | |
5259 | &(BindMount) { | |
5260 | .source = s, | |
5261 | .destination = d, | |
5262 | .read_only = !!strstr(lvalue, "ReadOnly"), | |
5263 | .recursive = rbind, | |
5264 | .ignore_enoent = ignore_enoent, | |
5265 | }); | |
5266 | if (r < 0) | |
5267 | return log_oom(); | |
5268 | } | |
5269 | ||
5270 | return 0; | |
5271 | } | |
5272 | ||
b3d13314 LB |
5273 | int config_parse_mount_images( |
5274 | const char *unit, | |
5275 | const char *filename, | |
5276 | unsigned line, | |
5277 | const char *section, | |
5278 | unsigned section_line, | |
5279 | const char *lvalue, | |
5280 | int ltype, | |
5281 | const char *rvalue, | |
5282 | void *data, | |
5283 | void *userdata) { | |
5284 | ||
b3d13314 LB |
5285 | ExecContext *c = data; |
5286 | const Unit *u = userdata; | |
b3d13314 LB |
5287 | int r; |
5288 | ||
5289 | assert(filename); | |
5290 | assert(lvalue); | |
5291 | assert(rvalue); | |
5292 | assert(data); | |
5293 | ||
5294 | if (isempty(rvalue)) { | |
5295 | /* Empty assignment resets the list */ | |
5296 | c->mount_images = mount_image_free_many(c->mount_images, &c->n_mount_images); | |
5297 | return 0; | |
5298 | } | |
5299 | ||
323dda78 | 5300 | for (const char *p = rvalue;;) { |
427353f6 LB |
5301 | _cleanup_(mount_options_free_allp) MountOptions *options = NULL; |
5302 | _cleanup_free_ char *first = NULL, *second = NULL, *tuple = NULL; | |
b3d13314 | 5303 | _cleanup_free_ char *sresolved = NULL, *dresolved = NULL; |
427353f6 | 5304 | const char *q = NULL; |
b3d13314 LB |
5305 | char *s = NULL; |
5306 | bool permissive = false; | |
5307 | ||
427353f6 | 5308 | r = extract_first_word(&p, &tuple, NULL, EXTRACT_UNQUOTE|EXTRACT_RETAIN_ESCAPE); |
323dda78 YW |
5309 | if (r == -ENOMEM) |
5310 | return log_oom(); | |
5311 | if (r < 0) { | |
5312 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
5313 | "Invalid syntax %s=%s, ignoring: %m", lvalue, rvalue); | |
5314 | return 0; | |
5315 | } | |
427353f6 | 5316 | if (r == 0) |
323dda78 | 5317 | return 0; |
427353f6 LB |
5318 | |
5319 | q = tuple; | |
5320 | r = extract_many_words(&q, ":", EXTRACT_CUNESCAPE|EXTRACT_UNESCAPE_SEPARATORS, &first, &second, NULL); | |
323dda78 YW |
5321 | if (r == -ENOMEM) |
5322 | return log_oom(); | |
5323 | if (r < 0) { | |
5324 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
5325 | "Invalid syntax in %s=, ignoring: %s", lvalue, tuple); | |
5326 | return 0; | |
5327 | } | |
427353f6 LB |
5328 | if (r == 0) |
5329 | continue; | |
5330 | ||
6c3f7ca0 | 5331 | s = first; |
b3d13314 LB |
5332 | if (s[0] == '-') { |
5333 | permissive = true; | |
5334 | s++; | |
5335 | } | |
5336 | ||
06536492 | 5337 | r = unit_path_printf(u, s, &sresolved); |
6c3f7ca0 LB |
5338 | if (r < 0) { |
5339 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
5340 | "Failed to resolve unit specifiers in \"%s\", ignoring: %m", s); | |
5341 | continue; | |
5342 | } | |
5343 | ||
5344 | r = path_simplify_and_warn(sresolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); | |
b3d13314 LB |
5345 | if (r < 0) |
5346 | continue; | |
5347 | ||
427353f6 | 5348 | if (isempty(second)) { |
323dda78 | 5349 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Missing destination in %s, ignoring: %s", lvalue, rvalue); |
b3d13314 LB |
5350 | continue; |
5351 | } | |
5352 | ||
06536492 | 5353 | r = unit_path_printf(u, second, &dresolved); |
b3d13314 | 5354 | if (r < 0) { |
323dda78 | 5355 | log_syntax(unit, LOG_WARNING, filename, line, r, |
427353f6 | 5356 | "Failed to resolve specifiers in \"%s\", ignoring: %m", second); |
b3d13314 LB |
5357 | continue; |
5358 | } | |
5359 | ||
5360 | r = path_simplify_and_warn(dresolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); | |
5361 | if (r < 0) | |
5362 | continue; | |
5363 | ||
427353f6 LB |
5364 | for (;;) { |
5365 | _cleanup_free_ char *partition = NULL, *mount_options = NULL, *mount_options_resolved = NULL; | |
5366 | MountOptions *o = NULL; | |
569a0e42 | 5367 | PartitionDesignator partition_designator; |
427353f6 LB |
5368 | |
5369 | r = extract_many_words(&q, ":", EXTRACT_CUNESCAPE|EXTRACT_UNESCAPE_SEPARATORS, &partition, &mount_options, NULL); | |
323dda78 YW |
5370 | if (r == -ENOMEM) |
5371 | return log_oom(); | |
5372 | if (r < 0) { | |
5373 | log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", q); | |
5374 | return 0; | |
5375 | } | |
427353f6 LB |
5376 | if (r == 0) |
5377 | break; | |
5378 | /* Single set of options, applying to the root partition/single filesystem */ | |
5379 | if (r == 1) { | |
5380 | r = unit_full_printf(u, partition, &mount_options_resolved); | |
5381 | if (r < 0) { | |
323dda78 | 5382 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", first); |
427353f6 LB |
5383 | continue; |
5384 | } | |
5385 | ||
5386 | o = new(MountOptions, 1); | |
5387 | if (!o) | |
5388 | return log_oom(); | |
5389 | *o = (MountOptions) { | |
5390 | .partition_designator = PARTITION_ROOT, | |
5391 | .options = TAKE_PTR(mount_options_resolved), | |
5392 | }; | |
5393 | LIST_APPEND(mount_options, options, o); | |
5394 | ||
5395 | break; | |
5396 | } | |
5397 | ||
5398 | partition_designator = partition_designator_from_string(partition); | |
5399 | if (partition_designator < 0) { | |
b98680b2 YW |
5400 | log_syntax(unit, LOG_WARNING, filename, line, partition_designator, |
5401 | "Invalid partition name %s, ignoring", partition); | |
427353f6 LB |
5402 | continue; |
5403 | } | |
5404 | r = unit_full_printf(u, mount_options, &mount_options_resolved); | |
5405 | if (r < 0) { | |
323dda78 | 5406 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", mount_options); |
427353f6 LB |
5407 | continue; |
5408 | } | |
5409 | ||
5410 | o = new(MountOptions, 1); | |
5411 | if (!o) | |
5412 | return log_oom(); | |
5413 | *o = (MountOptions) { | |
5414 | .partition_designator = partition_designator, | |
5415 | .options = TAKE_PTR(mount_options_resolved), | |
5416 | }; | |
5417 | LIST_APPEND(mount_options, options, o); | |
5418 | } | |
5419 | ||
b3d13314 LB |
5420 | r = mount_image_add(&c->mount_images, &c->n_mount_images, |
5421 | &(MountImage) { | |
6c3f7ca0 | 5422 | .source = sresolved, |
b3d13314 | 5423 | .destination = dresolved, |
427353f6 | 5424 | .mount_options = options, |
b3d13314 | 5425 | .ignore_enoent = permissive, |
93f59701 LB |
5426 | .type = MOUNT_IMAGE_DISCRETE, |
5427 | }); | |
5428 | if (r < 0) | |
5429 | return log_oom(); | |
5430 | } | |
5431 | } | |
5432 | ||
5433 | int config_parse_extension_images( | |
5434 | const char *unit, | |
5435 | const char *filename, | |
5436 | unsigned line, | |
5437 | const char *section, | |
5438 | unsigned section_line, | |
5439 | const char *lvalue, | |
5440 | int ltype, | |
5441 | const char *rvalue, | |
5442 | void *data, | |
5443 | void *userdata) { | |
5444 | ||
5445 | ExecContext *c = data; | |
5446 | const Unit *u = userdata; | |
5447 | int r; | |
5448 | ||
5449 | assert(filename); | |
5450 | assert(lvalue); | |
5451 | assert(rvalue); | |
5452 | assert(data); | |
5453 | ||
5454 | if (isempty(rvalue)) { | |
5455 | /* Empty assignment resets the list */ | |
5456 | c->extension_images = mount_image_free_many(c->extension_images, &c->n_extension_images); | |
5457 | return 0; | |
5458 | } | |
5459 | ||
5460 | for (const char *p = rvalue;;) { | |
5461 | _cleanup_free_ char *source = NULL, *tuple = NULL, *sresolved = NULL; | |
5462 | _cleanup_(mount_options_free_allp) MountOptions *options = NULL; | |
5463 | bool permissive = false; | |
5464 | const char *q = NULL; | |
5465 | char *s = NULL; | |
5466 | ||
5467 | r = extract_first_word(&p, &tuple, NULL, EXTRACT_UNQUOTE|EXTRACT_RETAIN_ESCAPE); | |
5468 | if (r == -ENOMEM) | |
5469 | return log_oom(); | |
5470 | if (r < 0) { | |
5471 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
5472 | "Invalid syntax %s=%s, ignoring: %m", lvalue, rvalue); | |
5473 | return 0; | |
5474 | } | |
5475 | if (r == 0) | |
5476 | return 0; | |
5477 | ||
5478 | q = tuple; | |
5479 | r = extract_first_word(&q, &source, ":", EXTRACT_CUNESCAPE|EXTRACT_UNESCAPE_SEPARATORS); | |
5480 | if (r == -ENOMEM) | |
5481 | return log_oom(); | |
5482 | if (r < 0) { | |
5483 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
5484 | "Invalid syntax in %s=, ignoring: %s", lvalue, tuple); | |
5485 | return 0; | |
5486 | } | |
5487 | if (r == 0) | |
5488 | continue; | |
5489 | ||
5490 | s = source; | |
5491 | if (s[0] == '-') { | |
5492 | permissive = true; | |
5493 | s++; | |
5494 | } | |
5495 | ||
06536492 | 5496 | r = unit_path_printf(u, s, &sresolved); |
93f59701 LB |
5497 | if (r < 0) { |
5498 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
5499 | "Failed to resolve unit specifiers in \"%s\", ignoring: %m", s); | |
5500 | continue; | |
5501 | } | |
5502 | ||
5503 | r = path_simplify_and_warn(sresolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); | |
5504 | if (r < 0) | |
5505 | continue; | |
5506 | ||
5507 | for (;;) { | |
5508 | _cleanup_free_ char *partition = NULL, *mount_options = NULL, *mount_options_resolved = NULL; | |
5509 | MountOptions *o = NULL; | |
5510 | PartitionDesignator partition_designator; | |
5511 | ||
5512 | r = extract_many_words(&q, ":", EXTRACT_CUNESCAPE|EXTRACT_UNESCAPE_SEPARATORS, &partition, &mount_options, NULL); | |
5513 | if (r == -ENOMEM) | |
5514 | return log_oom(); | |
5515 | if (r < 0) { | |
5516 | log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", q); | |
5517 | return 0; | |
5518 | } | |
5519 | if (r == 0) | |
5520 | break; | |
5521 | /* Single set of options, applying to the root partition/single filesystem */ | |
5522 | if (r == 1) { | |
5523 | r = unit_full_printf(u, partition, &mount_options_resolved); | |
5524 | if (r < 0) { | |
5525 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", partition); | |
5526 | continue; | |
5527 | } | |
5528 | ||
5529 | o = new(MountOptions, 1); | |
5530 | if (!o) | |
5531 | return log_oom(); | |
5532 | *o = (MountOptions) { | |
5533 | .partition_designator = PARTITION_ROOT, | |
5534 | .options = TAKE_PTR(mount_options_resolved), | |
5535 | }; | |
5536 | LIST_APPEND(mount_options, options, o); | |
5537 | ||
5538 | break; | |
5539 | } | |
5540 | ||
5541 | partition_designator = partition_designator_from_string(partition); | |
5542 | if (partition_designator < 0) { | |
5543 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid partition name %s, ignoring", partition); | |
5544 | continue; | |
5545 | } | |
5546 | r = unit_full_printf(u, mount_options, &mount_options_resolved); | |
5547 | if (r < 0) { | |
5548 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", mount_options); | |
5549 | continue; | |
5550 | } | |
5551 | ||
5552 | o = new(MountOptions, 1); | |
5553 | if (!o) | |
5554 | return log_oom(); | |
5555 | *o = (MountOptions) { | |
5556 | .partition_designator = partition_designator, | |
5557 | .options = TAKE_PTR(mount_options_resolved), | |
5558 | }; | |
5559 | LIST_APPEND(mount_options, options, o); | |
5560 | } | |
5561 | ||
5562 | r = mount_image_add(&c->extension_images, &c->n_extension_images, | |
5563 | &(MountImage) { | |
5564 | .source = sresolved, | |
5565 | .mount_options = options, | |
5566 | .ignore_enoent = permissive, | |
5567 | .type = MOUNT_IMAGE_EXTENSION, | |
b3d13314 LB |
5568 | }); |
5569 | if (r < 0) | |
5570 | return log_oom(); | |
5571 | } | |
b3d13314 LB |
5572 | } |
5573 | ||
eae51da3 LP |
5574 | int config_parse_job_timeout_sec( |
5575 | const char* unit, | |
5576 | const char *filename, | |
5577 | unsigned line, | |
5578 | const char *section, | |
5579 | unsigned section_line, | |
5580 | const char *lvalue, | |
5581 | int ltype, | |
5582 | const char *rvalue, | |
5583 | void *data, | |
5584 | void *userdata) { | |
5585 | ||
5586 | Unit *u = data; | |
5587 | usec_t usec; | |
5588 | int r; | |
5589 | ||
5590 | assert(filename); | |
5591 | assert(lvalue); | |
5592 | assert(rvalue); | |
5593 | assert(u); | |
5594 | ||
5595 | r = parse_sec_fix_0(rvalue, &usec); | |
5596 | if (r < 0) { | |
323dda78 | 5597 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse JobTimeoutSec= parameter, ignoring: %s", rvalue); |
eae51da3 LP |
5598 | return 0; |
5599 | } | |
5600 | ||
5601 | /* If the user explicitly changed JobTimeoutSec= also change JobRunningTimeoutSec=, for compatibility with old | |
c05f3c8f | 5602 | * versions. If JobRunningTimeoutSec= was explicitly set, avoid this however as whatever the user picked should |
eae51da3 LP |
5603 | * count. */ |
5604 | ||
5605 | if (!u->job_running_timeout_set) | |
5606 | u->job_running_timeout = usec; | |
5607 | ||
5608 | u->job_timeout = usec; | |
5609 | ||
5610 | return 0; | |
5611 | } | |
5612 | ||
5613 | int config_parse_job_running_timeout_sec( | |
5614 | const char* unit, | |
5615 | const char *filename, | |
5616 | unsigned line, | |
5617 | const char *section, | |
5618 | unsigned section_line, | |
5619 | const char *lvalue, | |
5620 | int ltype, | |
5621 | const char *rvalue, | |
5622 | void *data, | |
5623 | void *userdata) { | |
5624 | ||
5625 | Unit *u = data; | |
5626 | usec_t usec; | |
5627 | int r; | |
5628 | ||
5629 | assert(filename); | |
5630 | assert(lvalue); | |
5631 | assert(rvalue); | |
5632 | assert(u); | |
5633 | ||
5634 | r = parse_sec_fix_0(rvalue, &usec); | |
5635 | if (r < 0) { | |
323dda78 | 5636 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse JobRunningTimeoutSec= parameter, ignoring: %s", rvalue); |
eae51da3 LP |
5637 | return 0; |
5638 | } | |
5639 | ||
5640 | u->job_running_timeout = usec; | |
5641 | u->job_running_timeout_set = true; | |
5642 | ||
5643 | return 0; | |
5644 | } | |
5645 | ||
54fcb619 ZJS |
5646 | int config_parse_emergency_action( |
5647 | const char* unit, | |
5648 | const char *filename, | |
5649 | unsigned line, | |
5650 | const char *section, | |
5651 | unsigned section_line, | |
5652 | const char *lvalue, | |
5653 | int ltype, | |
5654 | const char *rvalue, | |
5655 | void *data, | |
5656 | void *userdata) { | |
5657 | ||
5658 | Manager *m = NULL; | |
5659 | EmergencyAction *x = data; | |
5660 | int r; | |
5661 | ||
5662 | assert(filename); | |
5663 | assert(lvalue); | |
5664 | assert(rvalue); | |
5665 | assert(data); | |
5666 | ||
5667 | if (unit) | |
5668 | m = ((Unit*) userdata)->manager; | |
5669 | else | |
5670 | m = data; | |
5671 | ||
5672 | r = parse_emergency_action(rvalue, MANAGER_IS_SYSTEM(m), x); | |
5673 | if (r < 0) { | |
469f76f1 ZJS |
5674 | if (r == -EOPNOTSUPP && MANAGER_IS_USER(m)) { |
5675 | /* Compat mode: remove for systemd 241. */ | |
5676 | ||
5677 | log_syntax(unit, LOG_INFO, filename, line, r, | |
5678 | "%s= in user mode specified as \"%s\", using \"exit-force\" instead.", | |
5679 | lvalue, rvalue); | |
5680 | *x = EMERGENCY_ACTION_EXIT_FORCE; | |
5681 | return 0; | |
5682 | } | |
5683 | ||
54fcb619 | 5684 | if (r == -EOPNOTSUPP) |
323dda78 | 5685 | log_syntax(unit, LOG_WARNING, filename, line, r, |
54fcb619 ZJS |
5686 | "%s= specified as %s mode action, ignoring: %s", |
5687 | lvalue, MANAGER_IS_SYSTEM(m) ? "user" : "system", rvalue); | |
5688 | else | |
323dda78 | 5689 | log_syntax(unit, LOG_WARNING, filename, line, r, |
54fcb619 ZJS |
5690 | "Failed to parse %s=, ignoring: %s", lvalue, rvalue); |
5691 | return 0; | |
5692 | } | |
5693 | ||
5694 | return 0; | |
5695 | } | |
5696 | ||
a9353a5c LP |
5697 | int config_parse_pid_file( |
5698 | const char *unit, | |
5699 | const char *filename, | |
5700 | unsigned line, | |
5701 | const char *section, | |
5702 | unsigned section_line, | |
5703 | const char *lvalue, | |
5704 | int ltype, | |
5705 | const char *rvalue, | |
5706 | void *data, | |
5707 | void *userdata) { | |
5708 | ||
5709 | _cleanup_free_ char *k = NULL, *n = NULL; | |
47538b76 | 5710 | const Unit *u = userdata; |
a9353a5c | 5711 | char **s = data; |
a9353a5c LP |
5712 | int r; |
5713 | ||
5714 | assert(filename); | |
5715 | assert(lvalue); | |
5716 | assert(rvalue); | |
5717 | assert(u); | |
5718 | ||
b8055c05 YW |
5719 | if (isempty(rvalue)) { |
5720 | /* An empty assignment removes already set value. */ | |
5721 | *s = mfree(*s); | |
5722 | return 0; | |
5723 | } | |
5724 | ||
06536492 | 5725 | r = unit_path_printf(u, rvalue, &k); |
a9353a5c | 5726 | if (r < 0) { |
323dda78 | 5727 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); |
a9353a5c LP |
5728 | return 0; |
5729 | } | |
5730 | ||
5731 | /* If this is a relative path make it absolute by prefixing the /run */ | |
5732 | n = path_make_absolute(k, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]); | |
5733 | if (!n) | |
5734 | return log_oom(); | |
5735 | ||
5736 | /* Check that the result is a sensible path */ | |
5737 | r = path_simplify_and_warn(n, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); | |
5738 | if (r < 0) | |
5739 | return r; | |
5740 | ||
4a66b5c9 LP |
5741 | r = patch_var_run(unit, filename, line, lvalue, &n); |
5742 | if (r < 0) | |
5743 | return r; | |
a9353a5c | 5744 | |
4a66b5c9 | 5745 | free_and_replace(*s, n); |
a9353a5c LP |
5746 | return 0; |
5747 | } | |
5748 | ||
7af67e9a LP |
5749 | int config_parse_exit_status( |
5750 | const char *unit, | |
5751 | const char *filename, | |
5752 | unsigned line, | |
5753 | const char *section, | |
5754 | unsigned section_line, | |
5755 | const char *lvalue, | |
5756 | int ltype, | |
5757 | const char *rvalue, | |
5758 | void *data, | |
5759 | void *userdata) { | |
5760 | ||
5761 | int *exit_status = data, r; | |
5762 | uint8_t u; | |
5763 | ||
5764 | assert(filename); | |
5765 | assert(lvalue); | |
5766 | assert(rvalue); | |
5767 | assert(exit_status); | |
5768 | ||
5769 | if (isempty(rvalue)) { | |
5770 | *exit_status = -1; | |
5771 | return 0; | |
5772 | } | |
5773 | ||
5774 | r = safe_atou8(rvalue, &u); | |
5775 | if (r < 0) { | |
323dda78 | 5776 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse exit status '%s', ignoring: %m", rvalue); |
7af67e9a LP |
5777 | return 0; |
5778 | } | |
5779 | ||
5780 | *exit_status = u; | |
5781 | return 0; | |
5782 | } | |
5783 | ||
c72703e2 CD |
5784 | int config_parse_disable_controllers( |
5785 | const char *unit, | |
5786 | const char *filename, | |
5787 | unsigned line, | |
5788 | const char *section, | |
5789 | unsigned section_line, | |
5790 | const char *lvalue, | |
5791 | int ltype, | |
5792 | const char *rvalue, | |
5793 | void *data, | |
5794 | void *userdata) { | |
5795 | ||
5796 | int r; | |
5797 | CGroupContext *c = data; | |
5798 | CGroupMask disabled_mask; | |
5799 | ||
5800 | /* 1. If empty, make all controllers eligible for use again. | |
5801 | * 2. If non-empty, merge all listed controllers, space separated. */ | |
5802 | ||
5803 | if (isempty(rvalue)) { | |
5804 | c->disable_controllers = 0; | |
5805 | return 0; | |
5806 | } | |
5807 | ||
5808 | r = cg_mask_from_string(rvalue, &disabled_mask); | |
5809 | if (r < 0 || disabled_mask <= 0) { | |
323dda78 | 5810 | log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid cgroup string: %s, ignoring", rvalue); |
c72703e2 CD |
5811 | return 0; |
5812 | } | |
5813 | ||
5814 | c->disable_controllers |= disabled_mask; | |
5815 | ||
5816 | return 0; | |
5817 | } | |
5818 | ||
fab34748 KL |
5819 | int config_parse_ip_filter_bpf_progs( |
5820 | const char *unit, | |
5821 | const char *filename, | |
5822 | unsigned line, | |
5823 | const char *section, | |
5824 | unsigned section_line, | |
5825 | const char *lvalue, | |
5826 | int ltype, | |
5827 | const char *rvalue, | |
5828 | void *data, | |
5829 | void *userdata) { | |
5830 | ||
5831 | _cleanup_free_ char *resolved = NULL; | |
47538b76 | 5832 | const Unit *u = userdata; |
fab34748 KL |
5833 | char ***paths = data; |
5834 | int r; | |
5835 | ||
5836 | assert(filename); | |
5837 | assert(lvalue); | |
5838 | assert(rvalue); | |
5839 | assert(paths); | |
5840 | ||
5841 | if (isempty(rvalue)) { | |
5842 | *paths = strv_free(*paths); | |
5843 | return 0; | |
5844 | } | |
5845 | ||
06536492 | 5846 | r = unit_path_printf(u, rvalue, &resolved); |
fab34748 | 5847 | if (r < 0) { |
323dda78 | 5848 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); |
fab34748 KL |
5849 | return 0; |
5850 | } | |
5851 | ||
5852 | r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); | |
5853 | if (r < 0) | |
5854 | return 0; | |
5855 | ||
5856 | if (strv_contains(*paths, resolved)) | |
5857 | return 0; | |
5858 | ||
5859 | r = strv_extend(paths, resolved); | |
5860 | if (r < 0) | |
5861 | return log_oom(); | |
5862 | ||
5863 | r = bpf_firewall_supported(); | |
5864 | if (r < 0) | |
5865 | return r; | |
5866 | if (r != BPF_FIREWALL_SUPPORTED_WITH_MULTI) { | |
5867 | static bool warned = false; | |
5868 | ||
5869 | log_full(warned ? LOG_DEBUG : LOG_WARNING, | |
5870 | "File %s:%u configures an IP firewall with BPF programs (%s=%s), but the local system does not support BPF/cgroup based firewalling with multiple filters.\n" | |
5871 | "Starting this unit will fail! (This warning is only shown for the first loaded unit using IP firewalling.)", filename, line, lvalue, rvalue); | |
5872 | ||
5873 | warned = true; | |
5874 | } | |
5875 | ||
5876 | return 0; | |
5877 | } | |
5878 | ||
0879da98 JK |
5879 | int config_parse_bpf_foreign_program( |
5880 | const char *unit, | |
5881 | const char *filename, | |
5882 | unsigned line, | |
5883 | const char *section, | |
5884 | unsigned section_line, | |
5885 | const char *lvalue, | |
5886 | int ltype, | |
5887 | const char *rvalue, | |
5888 | void *data, | |
5889 | void *userdata) { | |
5890 | _cleanup_free_ char *resolved = NULL, *word = NULL; | |
5891 | CGroupContext *c = data; | |
6a35d52d | 5892 | const char *p = rvalue; |
0879da98 JK |
5893 | Unit *u = userdata; |
5894 | int attach_type, r; | |
5895 | ||
5896 | assert(filename); | |
5897 | assert(lvalue); | |
5898 | assert(rvalue); | |
5899 | ||
5900 | if (isempty(rvalue)) { | |
5901 | while (c->bpf_foreign_programs) | |
5902 | cgroup_context_remove_bpf_foreign_program(c, c->bpf_foreign_programs); | |
5903 | ||
5904 | return 0; | |
5905 | } | |
5906 | ||
6a35d52d | 5907 | r = extract_first_word(&p, &word, ":", 0); |
0879da98 JK |
5908 | if (r == -ENOMEM) |
5909 | return log_oom(); | |
6a35d52d | 5910 | if (r < 0) { |
0879da98 JK |
5911 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse foreign BPF program, ignoring: %s", rvalue); |
5912 | return 0; | |
5913 | } | |
6a35d52d YW |
5914 | if (r == 0 || isempty(p)) { |
5915 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid syntax in %s=, ignoring: %s", lvalue, rvalue); | |
5916 | return 0; | |
5917 | } | |
0879da98 JK |
5918 | |
5919 | attach_type = bpf_cgroup_attach_type_from_string(word); | |
5920 | if (attach_type < 0) { | |
5921 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Unknown BPF attach type=%s, ignoring: %s", word, rvalue); | |
5922 | return 0; | |
5923 | } | |
5924 | ||
6a35d52d | 5925 | r = unit_path_printf(u, p, &resolved); |
0879da98 | 5926 | if (r < 0) { |
6a35d52d | 5927 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %s", p, rvalue); |
0879da98 JK |
5928 | return 0; |
5929 | } | |
5930 | ||
5931 | r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); | |
5932 | if (r < 0) | |
5933 | return 0; | |
5934 | ||
5935 | r = cgroup_add_bpf_foreign_program(c, attach_type, resolved); | |
5936 | if (r < 0) | |
5937 | return log_error_errno(r, "Failed to add foreign BPF program to cgroup context: %m"); | |
5938 | ||
5939 | return 0; | |
5940 | } | |
5941 | ||
8dd210ab JK |
5942 | int config_parse_cgroup_socket_bind( |
5943 | const char *unit, | |
5944 | const char *filename, | |
5945 | unsigned line, | |
5946 | const char *section, | |
5947 | unsigned section_line, | |
5948 | const char *lvalue, | |
5949 | int ltype, | |
5950 | const char *rvalue, | |
5951 | void *data, | |
5952 | void *userdata) { | |
5953 | _cleanup_free_ CGroupSocketBindItem *item = NULL; | |
8dd210ab | 5954 | CGroupSocketBindItem **head = data; |
5587ce7f JK |
5955 | uint16_t nr_ports, port_min; |
5956 | int af, ip_protocol, r; | |
8dd210ab JK |
5957 | |
5958 | if (isempty(rvalue)) { | |
5959 | cgroup_context_remove_socket_bind(head); | |
5960 | return 0; | |
5961 | } | |
5962 | ||
5587ce7f | 5963 | r = parse_socket_bind_item(rvalue, &af, &ip_protocol, &nr_ports, &port_min); |
8dd210ab JK |
5964 | if (r == -ENOMEM) |
5965 | return log_oom(); | |
5587ce7f | 5966 | if (r < 0) { |
cc87b3f6 ZJS |
5967 | log_syntax(unit, LOG_WARNING, filename, line, r, |
5968 | "Unable to parse %s= assignment, ignoring: %s", lvalue, rvalue); | |
5969 | return 0; | |
5970 | } | |
8dd210ab | 5971 | |
8dd210ab JK |
5972 | item = new(CGroupSocketBindItem, 1); |
5973 | if (!item) | |
5974 | return log_oom(); | |
5975 | *item = (CGroupSocketBindItem) { | |
5976 | .address_family = af, | |
5587ce7f | 5977 | .ip_protocol = ip_protocol, |
8dd210ab JK |
5978 | .nr_ports = nr_ports, |
5979 | .port_min = port_min, | |
5980 | }; | |
5981 | ||
5982 | LIST_PREPEND(socket_bind_items, *head, TAKE_PTR(item)); | |
5983 | ||
5984 | return 0; | |
5985 | } | |
5986 | ||
4f0c25c7 MV |
5987 | int config_parse_restrict_network_interfaces( |
5988 | const char *unit, | |
5989 | const char *filename, | |
5990 | unsigned line, | |
5991 | const char *section, | |
5992 | unsigned section_line, | |
5993 | const char *lvalue, | |
5994 | int ltype, | |
5995 | const char *rvalue, | |
5996 | void *data, | |
5997 | void *userdata) { | |
5998 | CGroupContext *c = data; | |
5999 | bool is_allow_rule = true; | |
6000 | int r; | |
6001 | ||
6002 | assert(filename); | |
6003 | assert(lvalue); | |
6004 | assert(rvalue); | |
6005 | assert(data); | |
6006 | ||
6007 | if (isempty(rvalue)) { | |
6008 | /* Empty assignment resets the list */ | |
6009 | c->restrict_network_interfaces = set_free(c->restrict_network_interfaces); | |
6010 | return 0; | |
6011 | } | |
6012 | ||
6013 | if (rvalue[0] == '~') { | |
6014 | is_allow_rule = false; | |
6015 | rvalue++; | |
6016 | } | |
6017 | ||
6018 | if (set_isempty(c->restrict_network_interfaces)) | |
6019 | /* Only initialize this when creating the set */ | |
6020 | c->restrict_network_interfaces_is_allow_list = is_allow_rule; | |
6021 | ||
6022 | for (const char *p = rvalue;;) { | |
6023 | _cleanup_free_ char *word = NULL; | |
6024 | ||
6025 | r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE); | |
6026 | if (r == 0) | |
6027 | break; | |
6028 | if (r == -ENOMEM) | |
6029 | return log_oom(); | |
6030 | if (r < 0) { | |
6031 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
6032 | "Trailing garbage in %s, ignoring: %s", lvalue, rvalue); | |
6033 | break; | |
6034 | } | |
6035 | ||
6036 | if (!ifname_valid(word)) { | |
6037 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid interface name, ignoring: %s", word); | |
6038 | continue; | |
6039 | } | |
6040 | ||
6041 | if (c->restrict_network_interfaces_is_allow_list != is_allow_rule) | |
6042 | free(set_remove(c->restrict_network_interfaces, word)); | |
6043 | else { | |
6044 | r = set_put_strdup(&c->restrict_network_interfaces, word); | |
6045 | if (r < 0) | |
6046 | return log_oom(); | |
6047 | } | |
6048 | } | |
6049 | ||
6050 | return 0; | |
6051 | } | |
6052 | ||
23a177ef LP |
6053 | static int merge_by_names(Unit **u, Set *names, const char *id) { |
6054 | char *k; | |
6055 | int r; | |
6056 | ||
6057 | assert(u); | |
6058 | assert(*u); | |
23a177ef | 6059 | |
e8630e69 | 6060 | /* Let's try to add in all names that are aliases of this unit */ |
23a177ef | 6061 | while ((k = set_steal_first(names))) { |
e8630e69 | 6062 | _cleanup_free_ _unused_ char *free_k = k; |
23a177ef | 6063 | |
e8630e69 | 6064 | /* First try to merge in the other name into our unit */ |
9946996c LP |
6065 | r = unit_merge_by_name(*u, k); |
6066 | if (r < 0) { | |
23a177ef LP |
6067 | Unit *other; |
6068 | ||
e8630e69 ZJS |
6069 | /* Hmm, we couldn't merge the other unit into ours? Then let's try it the other way |
6070 | * round. */ | |
036643a2 | 6071 | |
e8630e69 ZJS |
6072 | other = manager_get_unit((*u)->manager, k); |
6073 | if (!other) | |
6074 | return r; /* return previous failure */ | |
036643a2 | 6075 | |
e8630e69 ZJS |
6076 | r = unit_merge(other, *u); |
6077 | if (r < 0) | |
a837f088 | 6078 | return r; |
fe51822e | 6079 | |
e8630e69 ZJS |
6080 | *u = other; |
6081 | return merge_by_names(u, names, NULL); | |
036643a2 | 6082 | } |
034c6ed7 | 6083 | |
e8630e69 ZJS |
6084 | if (streq_ptr(id, k)) |
6085 | unit_choose_id(*u, id); | |
1b64d026 LP |
6086 | } |
6087 | ||
e48614c4 | 6088 | return 0; |
0301abf4 LP |
6089 | } |
6090 | ||
e537352b | 6091 | int unit_load_fragment(Unit *u) { |
e8630e69 ZJS |
6092 | const char *fragment; |
6093 | _cleanup_set_free_free_ Set *names = NULL; | |
23a177ef | 6094 | int r; |
0301abf4 LP |
6095 | |
6096 | assert(u); | |
ac155bb8 MS |
6097 | assert(u->load_state == UNIT_STUB); |
6098 | assert(u->id); | |
23a177ef | 6099 | |
3f5e8115 | 6100 | if (u->transient) { |
23e9a7dd | 6101 | u->access_selinux_context = mfree(u->access_selinux_context); |
3f5e8115 LP |
6102 | u->load_state = UNIT_LOADED; |
6103 | return 0; | |
6104 | } | |
6105 | ||
91e0ee5f ZJS |
6106 | /* Possibly rebuild the fragment map to catch new units */ |
6107 | r = unit_file_build_name_map(&u->manager->lookup_paths, | |
c2911d48 | 6108 | &u->manager->unit_cache_timestamp_hash, |
91e0ee5f ZJS |
6109 | &u->manager->unit_id_map, |
6110 | &u->manager->unit_name_map, | |
6111 | &u->manager->unit_path_cache); | |
9946996c | 6112 | if (r < 0) |
14140908 | 6113 | return log_error_errno(r, "Failed to rebuild name map: %m"); |
91e0ee5f | 6114 | |
e8630e69 ZJS |
6115 | r = unit_file_find_fragment(u->manager->unit_id_map, |
6116 | u->manager->unit_name_map, | |
6117 | u->id, | |
6118 | &fragment, | |
6119 | &names); | |
6120 | if (r < 0 && r != -ENOENT) | |
294d81f1 LP |
6121 | return r; |
6122 | ||
e8630e69 ZJS |
6123 | if (fragment) { |
6124 | /* Open the file, check if this is a mask, otherwise read. */ | |
6125 | _cleanup_fclose_ FILE *f = NULL; | |
c9e06956 | 6126 | struct stat st; |
0301abf4 | 6127 | |
e8630e69 ZJS |
6128 | /* Try to open the file name. A symlink is OK, for example for linked files or masks. We |
6129 | * expect that all symlinks within the lookup paths have been already resolved, but we don't | |
6130 | * verify this here. */ | |
6131 | f = fopen(fragment, "re"); | |
6132 | if (!f) | |
6133 | return log_unit_notice_errno(u, errno, "Failed to open %s: %m", fragment); | |
6ccb1b44 | 6134 | |
e8630e69 ZJS |
6135 | if (fstat(fileno(f), &st) < 0) |
6136 | return -errno; | |
294d81f1 | 6137 | |
e8630e69 | 6138 | r = free_and_strdup(&u->fragment_path, fragment); |
7410616c LP |
6139 | if (r < 0) |
6140 | return r; | |
294d81f1 | 6141 | |
e8630e69 | 6142 | if (null_or_empty(&st)) { |
88414eed LP |
6143 | /* Unit file is masked */ |
6144 | ||
6145 | u->load_state = u->perpetual ? UNIT_LOADED : UNIT_MASKED; /* don't allow perpetual units to ever be masked */ | |
e8630e69 | 6146 | u->fragment_mtime = 0; |
23e9a7dd | 6147 | u->access_selinux_context = mfree(u->access_selinux_context); |
e8630e69 | 6148 | } else { |
23e9a7dd LP |
6149 | #if HAVE_SELINUX |
6150 | if (mac_selinux_use()) { | |
6151 | _cleanup_freecon_ char *selcon = NULL; | |
6152 | ||
6153 | /* Cache the SELinux context of the unit file here. We'll make use of when checking access permissions to loaded units */ | |
6154 | r = fgetfilecon_raw(fileno(f), &selcon); | |
6155 | if (r < 0) | |
6156 | log_unit_warning_errno(u, r, "Failed to read SELinux context of '%s', ignoring: %m", fragment); | |
6157 | ||
6158 | r = free_and_strdup(&u->access_selinux_context, selcon); | |
6159 | if (r < 0) | |
6160 | return r; | |
6161 | } else | |
6162 | #endif | |
6163 | u->access_selinux_context = mfree(u->access_selinux_context); | |
6164 | ||
e8630e69 ZJS |
6165 | u->load_state = UNIT_LOADED; |
6166 | u->fragment_mtime = timespec_load(&st.st_mtim); | |
6167 | ||
6168 | /* Now, parse the file contents */ | |
6169 | r = config_parse(u->id, fragment, f, | |
6170 | UNIT_VTABLE(u)->sections, | |
6171 | config_item_perf_lookup, load_fragment_gperf_lookup, | |
7ade8982 | 6172 | 0, |
4f9ff96a LP |
6173 | u, |
6174 | NULL); | |
bb28e684 | 6175 | if (r == -ENOEXEC) |
e8630e69 ZJS |
6176 | log_unit_notice_errno(u, r, "Unit configuration has fatal error, unit will not be started."); |
6177 | if (r < 0) | |
6178 | return r; | |
bb28e684 | 6179 | } |
e8630e69 | 6180 | } |
890f434c | 6181 | |
3aa57658 ZJS |
6182 | /* Call merge_by_names with the name derived from the fragment path as the preferred name. |
6183 | * | |
6184 | * We do the merge dance here because for some unit types, the unit might have aliases which are not | |
e8630e69 ZJS |
6185 | * declared in the file system. In particular, this is true (and frequent) for device and swap units. |
6186 | */ | |
e8630e69 ZJS |
6187 | const char *id = u->id; |
6188 | _cleanup_free_ char *free_id = NULL; | |
294d81f1 | 6189 | |
e8630e69 ZJS |
6190 | if (fragment) { |
6191 | id = basename(fragment); | |
6192 | if (unit_name_is_valid(id, UNIT_NAME_TEMPLATE)) { | |
6193 | assert(u->instance); /* If we're not trying to use a template for non-instanced unit, | |
6194 | * this must be set. */ | |
890f434c | 6195 | |
e8630e69 ZJS |
6196 | r = unit_name_replace_instance(id, u->instance, &free_id); |
6197 | if (r < 0) | |
6198 | return log_debug_errno(r, "Failed to build id (%s + %s): %m", id, u->instance); | |
6199 | id = free_id; | |
abc08d4d | 6200 | } |
071830ff LP |
6201 | } |
6202 | ||
3aa57658 | 6203 | Unit *merged = u; |
e8630e69 ZJS |
6204 | r = merge_by_names(&merged, names, id); |
6205 | if (r < 0) | |
6206 | return r; | |
6207 | ||
6208 | if (merged != u) | |
6209 | u->load_state = UNIT_MERGED; | |
6210 | ||
23a177ef | 6211 | return 0; |
3efd4195 | 6212 | } |
e537352b LP |
6213 | |
6214 | void unit_dump_config_items(FILE *f) { | |
f975e971 LP |
6215 | static const struct { |
6216 | const ConfigParserCallback callback; | |
6217 | const char *rvalue; | |
6218 | } table[] = { | |
17df7223 | 6219 | { config_parse_warn_compat, "NOTSUPPORTED" }, |
f975e971 LP |
6220 | { config_parse_int, "INTEGER" }, |
6221 | { config_parse_unsigned, "UNSIGNED" }, | |
5556b5fe | 6222 | { config_parse_iec_size, "SIZE" }, |
59f448cf | 6223 | { config_parse_iec_uint64, "SIZE" }, |
50299121 | 6224 | { config_parse_si_uint64, "SIZE" }, |
f975e971 LP |
6225 | { config_parse_bool, "BOOLEAN" }, |
6226 | { config_parse_string, "STRING" }, | |
6227 | { config_parse_path, "PATH" }, | |
6228 | { config_parse_unit_path_printf, "PATH" }, | |
8c35c10d | 6229 | { config_parse_colon_separated_paths, "PATH" }, |
f975e971 LP |
6230 | { config_parse_strv, "STRING [...]" }, |
6231 | { config_parse_exec_nice, "NICE" }, | |
6232 | { config_parse_exec_oom_score_adjust, "OOMSCOREADJUST" }, | |
6233 | { config_parse_exec_io_class, "IOCLASS" }, | |
6234 | { config_parse_exec_io_priority, "IOPRIORITY" }, | |
6235 | { config_parse_exec_cpu_sched_policy, "CPUSCHEDPOLICY" }, | |
6236 | { config_parse_exec_cpu_sched_prio, "CPUSCHEDPRIO" }, | |
6237 | { config_parse_exec_cpu_affinity, "CPUAFFINITY" }, | |
6238 | { config_parse_mode, "MODE" }, | |
6239 | { config_parse_unit_env_file, "FILE" }, | |
52c239d7 LB |
6240 | { config_parse_exec_output, "OUTPUT" }, |
6241 | { config_parse_exec_input, "INPUT" }, | |
ca37242e LP |
6242 | { config_parse_log_facility, "FACILITY" }, |
6243 | { config_parse_log_level, "LEVEL" }, | |
f975e971 | 6244 | { config_parse_exec_secure_bits, "SECUREBITS" }, |
a103496c | 6245 | { config_parse_capability_set, "BOUNDINGSET" }, |
4f424df7 | 6246 | { config_parse_rlimit, "LIMIT" }, |
f975e971 | 6247 | { config_parse_unit_deps, "UNIT [...]" }, |
f975e971 LP |
6248 | { config_parse_exec, "PATH [ARGUMENT [...]]" }, |
6249 | { config_parse_service_type, "SERVICETYPE" }, | |
596e4470 | 6250 | { config_parse_service_exit_type, "SERVICEEXITTYPE" }, |
f975e971 | 6251 | { config_parse_service_restart, "SERVICERESTART" }, |
bf760801 | 6252 | { config_parse_service_timeout_failure_mode, "TIMEOUTMODE" }, |
f975e971 | 6253 | { config_parse_kill_mode, "KILLMODE" }, |
f757855e | 6254 | { config_parse_signal, "SIGNAL" }, |
f975e971 LP |
6255 | { config_parse_socket_listen, "SOCKET [...]" }, |
6256 | { config_parse_socket_bind, "SOCKETBIND" }, | |
6257 | { config_parse_socket_bindtodevice, "NETWORKINTERFACE" }, | |
7f602784 | 6258 | { config_parse_sec, "SECONDS" }, |
d88a251b | 6259 | { config_parse_nsec, "NANOSECONDS" }, |
94828d2d | 6260 | { config_parse_namespace_path_strv, "PATH [...]" }, |
d2d6c096 | 6261 | { config_parse_bind_paths, "PATH[:PATH[:OPTIONS]] [...]" }, |
7c8fa05c | 6262 | { config_parse_unit_requires_mounts_for, "PATH [...]" }, |
f975e971 LP |
6263 | { config_parse_exec_mount_flags, "MOUNTFLAG [...]" }, |
6264 | { config_parse_unit_string_printf, "STRING" }, | |
3ecaa09b | 6265 | { config_parse_trigger_unit, "UNIT" }, |
f975e971 | 6266 | { config_parse_timer, "TIMER" }, |
f975e971 | 6267 | { config_parse_path_spec, "PATH" }, |
f975e971 LP |
6268 | { config_parse_notify_access, "ACCESS" }, |
6269 | { config_parse_ip_tos, "TOS" }, | |
6270 | { config_parse_unit_condition_path, "CONDITION" }, | |
6271 | { config_parse_unit_condition_string, "CONDITION" }, | |
a016b922 | 6272 | { config_parse_unit_slice, "SLICE" }, |
7f0386f6 LP |
6273 | { config_parse_documentation, "URL" }, |
6274 | { config_parse_service_timeout, "SECONDS" }, | |
87a47f99 | 6275 | { config_parse_emergency_action, "ACTION" }, |
7f0386f6 LP |
6276 | { config_parse_set_status, "STATUS" }, |
6277 | { config_parse_service_sockets, "SOCKETS" }, | |
7f0386f6 | 6278 | { config_parse_environ, "ENVIRON" }, |
349cc4a5 | 6279 | #if HAVE_SECCOMP |
17df7223 | 6280 | { config_parse_syscall_filter, "SYSCALLS" }, |
6a6751fe | 6281 | { config_parse_syscall_archs, "ARCHS" }, |
17df7223 | 6282 | { config_parse_syscall_errno, "ERRNO" }, |
9df2cdd8 | 6283 | { config_parse_syscall_log, "SYSCALLS" }, |
4298d0b5 | 6284 | { config_parse_address_families, "FAMILIES" }, |
add00535 | 6285 | { config_parse_restrict_namespaces, "NAMESPACES" }, |
c0467cf3 | 6286 | #endif |
e59ccd03 | 6287 | { config_parse_restrict_filesystems, "FILESYSTEMS" }, |
7f0386f6 | 6288 | { config_parse_cpu_shares, "SHARES" }, |
984faf29 | 6289 | { config_parse_cg_weight, "WEIGHT" }, |
c8340822 | 6290 | { config_parse_cg_cpu_weight, "CPUWEIGHT" }, |
7f0386f6 LP |
6291 | { config_parse_memory_limit, "LIMIT" }, |
6292 | { config_parse_device_allow, "DEVICE" }, | |
6293 | { config_parse_device_policy, "POLICY" }, | |
13c31542 | 6294 | { config_parse_io_limit, "LIMIT" }, |
13c31542 | 6295 | { config_parse_io_device_weight, "DEVICEWEIGHT" }, |
6ae4283c | 6296 | { config_parse_io_device_latency, "DEVICELATENCY" }, |
7f0386f6 LP |
6297 | { config_parse_blockio_bandwidth, "BANDWIDTH" }, |
6298 | { config_parse_blockio_weight, "WEIGHT" }, | |
6299 | { config_parse_blockio_device_weight, "DEVICEWEIGHT" }, | |
6300 | { config_parse_long, "LONG" }, | |
6301 | { config_parse_socket_service, "SERVICE" }, | |
349cc4a5 | 6302 | #if HAVE_SELINUX |
6a6751fe LP |
6303 | { config_parse_exec_selinux_context, "LABEL" }, |
6304 | #endif | |
6305 | { config_parse_job_mode, "MODE" }, | |
6306 | { config_parse_job_mode_isolate, "BOOLEAN" }, | |
4298d0b5 | 6307 | { config_parse_personality, "PERSONALITY" }, |
f975e971 LP |
6308 | }; |
6309 | ||
6310 | const char *prev = NULL; | |
6311 | const char *i; | |
6312 | ||
6313 | assert(f); | |
e537352b | 6314 | |
f975e971 LP |
6315 | NULSTR_FOREACH(i, load_fragment_gperf_nulstr) { |
6316 | const char *rvalue = "OTHER", *lvalue; | |
313b7856 | 6317 | const ConfigPerfItem *p; |
f975e971 | 6318 | const char *dot; |
f975e971 LP |
6319 | |
6320 | assert_se(p = load_fragment_gperf_lookup(i, strlen(i))); | |
6321 | ||
313b7856 LP |
6322 | /* Hide legacy settings */ |
6323 | if (p->parse == config_parse_warn_compat && | |
6324 | p->ltype == DISABLED_LEGACY) | |
6325 | continue; | |
6326 | ||
601844b7 | 6327 | for (size_t j = 0; j < ELEMENTSOF(table); j++) |
313b7856 LP |
6328 | if (p->parse == table[j].callback) { |
6329 | rvalue = table[j].rvalue; | |
6330 | break; | |
6331 | } | |
6332 | ||
f975e971 LP |
6333 | dot = strchr(i, '.'); |
6334 | lvalue = dot ? dot + 1 : i; | |
f975e971 | 6335 | |
601844b7 YW |
6336 | if (dot) { |
6337 | size_t prefix_len = dot - i; | |
6338 | ||
641906e9 | 6339 | if (!prev || !strneq(prev, i, prefix_len+1)) { |
f975e971 LP |
6340 | if (prev) |
6341 | fputc('\n', f); | |
6342 | ||
6343 | fprintf(f, "[%.*s]\n", (int) prefix_len, i); | |
6344 | } | |
601844b7 | 6345 | } |
f975e971 | 6346 | |
f975e971 LP |
6347 | fprintf(f, "%s=%s\n", lvalue, rvalue); |
6348 | prev = i; | |
6349 | } | |
e537352b | 6350 | } |
a07a7324 FS |
6351 | |
6352 | int config_parse_cpu_affinity2( | |
6353 | const char *unit, | |
6354 | const char *filename, | |
6355 | unsigned line, | |
6356 | const char *section, | |
6357 | unsigned section_line, | |
6358 | const char *lvalue, | |
6359 | int ltype, | |
6360 | const char *rvalue, | |
6361 | void *data, | |
6362 | void *userdata) { | |
6363 | ||
6364 | CPUSet *affinity = data; | |
6365 | ||
6366 | assert(affinity); | |
6367 | ||
6368 | (void) parse_cpu_set_extend(rvalue, affinity, true, unit, filename, line, lvalue); | |
6369 | ||
6370 | return 0; | |
6371 | } | |
6372 | ||
6373 | int config_parse_show_status( | |
6374 | const char* unit, | |
6375 | const char *filename, | |
6376 | unsigned line, | |
6377 | const char *section, | |
6378 | unsigned section_line, | |
6379 | const char *lvalue, | |
6380 | int ltype, | |
6381 | const char *rvalue, | |
6382 | void *data, | |
6383 | void *userdata) { | |
6384 | ||
6385 | int k; | |
6386 | ShowStatus *b = data; | |
6387 | ||
6388 | assert(filename); | |
6389 | assert(lvalue); | |
6390 | assert(rvalue); | |
6391 | assert(data); | |
6392 | ||
6393 | k = parse_show_status(rvalue, b); | |
323dda78 YW |
6394 | if (k < 0) |
6395 | log_syntax(unit, LOG_WARNING, filename, line, k, "Failed to parse show status setting, ignoring: %s", rvalue); | |
a07a7324 FS |
6396 | |
6397 | return 0; | |
6398 | } | |
6399 | ||
6400 | int config_parse_output_restricted( | |
6401 | const char* unit, | |
6402 | const char *filename, | |
6403 | unsigned line, | |
6404 | const char *section, | |
6405 | unsigned section_line, | |
6406 | const char *lvalue, | |
6407 | int ltype, | |
6408 | const char *rvalue, | |
6409 | void *data, | |
6410 | void *userdata) { | |
6411 | ||
6412 | ExecOutput t, *eo = data; | |
f3dc6af2 | 6413 | bool obsolete = false; |
a07a7324 FS |
6414 | |
6415 | assert(filename); | |
6416 | assert(lvalue); | |
6417 | assert(rvalue); | |
6418 | assert(data); | |
6419 | ||
f3dc6af2 LP |
6420 | if (streq(rvalue, "syslog")) { |
6421 | t = EXEC_OUTPUT_JOURNAL; | |
6422 | obsolete = true; | |
6423 | } else if (streq(rvalue, "syslog+console")) { | |
6424 | t = EXEC_OUTPUT_JOURNAL_AND_CONSOLE; | |
6425 | obsolete = true; | |
6426 | } else { | |
6427 | t = exec_output_from_string(rvalue); | |
6428 | if (t < 0) { | |
b98680b2 | 6429 | log_syntax(unit, LOG_WARNING, filename, line, t, "Failed to parse output type, ignoring: %s", rvalue); |
f3dc6af2 LP |
6430 | return 0; |
6431 | } | |
a07a7324 | 6432 | |
8d7dab1f LW |
6433 | if (IN_SET(t, EXEC_OUTPUT_SOCKET, EXEC_OUTPUT_NAMED_FD, EXEC_OUTPUT_FILE, EXEC_OUTPUT_FILE_APPEND, EXEC_OUTPUT_FILE_TRUNCATE)) { |
6434 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Standard output types socket, fd:, file:, append:, truncate: are not supported as defaults, ignoring: %s", rvalue); | |
f3dc6af2 LP |
6435 | return 0; |
6436 | } | |
a07a7324 FS |
6437 | } |
6438 | ||
f3dc6af2 LP |
6439 | if (obsolete) |
6440 | log_syntax(unit, LOG_NOTICE, filename, line, 0, | |
6441 | "Standard output type %s is obsolete, automatically updating to %s. Please update your configuration.", | |
6442 | rvalue, exec_output_to_string(t)); | |
6443 | ||
a07a7324 FS |
6444 | *eo = t; |
6445 | return 0; | |
6446 | } | |
6447 | ||
6448 | int config_parse_crash_chvt( | |
6449 | const char* unit, | |
6450 | const char *filename, | |
6451 | unsigned line, | |
6452 | const char *section, | |
6453 | unsigned section_line, | |
6454 | const char *lvalue, | |
6455 | int ltype, | |
6456 | const char *rvalue, | |
6457 | void *data, | |
6458 | void *userdata) { | |
6459 | ||
6460 | int r; | |
6461 | ||
6462 | assert(filename); | |
6463 | assert(lvalue); | |
6464 | assert(rvalue); | |
6465 | assert(data); | |
6466 | ||
6467 | r = parse_crash_chvt(rvalue, data); | |
323dda78 YW |
6468 | if (r < 0) |
6469 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse CrashChangeVT= setting, ignoring: %s", rvalue); | |
a07a7324 FS |
6470 | |
6471 | return 0; | |
6472 | } | |
eb34a981 LP |
6473 | |
6474 | int config_parse_swap_priority( | |
6475 | const char *unit, | |
6476 | const char *filename, | |
6477 | unsigned line, | |
6478 | const char *section, | |
6479 | unsigned section_line, | |
6480 | const char *lvalue, | |
6481 | int ltype, | |
6482 | const char *rvalue, | |
6483 | void *data, | |
6484 | void *userdata) { | |
6485 | ||
6486 | Swap *s = userdata; | |
6487 | int r, priority; | |
6488 | ||
6489 | assert(s); | |
6490 | assert(filename); | |
6491 | assert(lvalue); | |
6492 | assert(rvalue); | |
6493 | assert(data); | |
6494 | ||
6495 | if (isempty(rvalue)) { | |
6496 | s->parameters_fragment.priority = -1; | |
6497 | s->parameters_fragment.priority_set = false; | |
6498 | return 0; | |
6499 | } | |
6500 | ||
6501 | r = safe_atoi(rvalue, &priority); | |
6502 | if (r < 0) { | |
323dda78 | 6503 | log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid swap priority '%s', ignoring.", rvalue); |
eb34a981 LP |
6504 | return 0; |
6505 | } | |
6506 | ||
6507 | if (priority < -1) { | |
323dda78 | 6508 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Sorry, swap priorities smaller than -1 may only be assigned by the kernel itself, ignoring: %s", rvalue); |
eb34a981 LP |
6509 | return 0; |
6510 | } | |
6511 | ||
6512 | if (priority > 32767) { | |
323dda78 | 6513 | log_syntax(unit, LOG_WARNING, filename, line, 0, "Swap priority out of range, ignoring: %s", rvalue); |
eb34a981 LP |
6514 | return 0; |
6515 | } | |
6516 | ||
6517 | s->parameters_fragment.priority = priority; | |
6518 | s->parameters_fragment.priority_set = true; | |
6519 | return 0; | |
6520 | } | |
8a85c5b6 FB |
6521 | |
6522 | int config_parse_watchdog_sec( | |
6523 | const char *unit, | |
6524 | const char *filename, | |
6525 | unsigned line, | |
6526 | const char *section, | |
6527 | unsigned section_line, | |
6528 | const char *lvalue, | |
6529 | int ltype, | |
6530 | const char *rvalue, | |
6531 | void *data, | |
6532 | void *userdata) { | |
6533 | ||
c91c95e6 LP |
6534 | usec_t *usec = data; |
6535 | ||
8a85c5b6 FB |
6536 | assert(filename); |
6537 | assert(lvalue); | |
6538 | assert(rvalue); | |
6539 | ||
6540 | /* This is called for {Runtime,Reboot,KExec}WatchdogSec= where "default" maps to | |
6541 | * USEC_INFINITY internally. */ | |
6542 | ||
c91c95e6 | 6543 | if (streq(rvalue, "default")) |
8a85c5b6 | 6544 | *usec = USEC_INFINITY; |
c91c95e6 LP |
6545 | else if (streq(rvalue, "off")) |
6546 | *usec = 0; | |
6547 | else | |
6548 | return config_parse_sec(unit, filename, line, section, section_line, lvalue, ltype, rvalue, data, userdata); | |
8a85c5b6 | 6549 | |
c91c95e6 | 6550 | return 0; |
8a85c5b6 | 6551 | } |
51462135 DDM |
6552 | |
6553 | int config_parse_tty_size( | |
6554 | const char *unit, | |
6555 | const char *filename, | |
6556 | unsigned line, | |
6557 | const char *section, | |
6558 | unsigned section_line, | |
6559 | const char *lvalue, | |
6560 | int ltype, | |
6561 | const char *rvalue, | |
6562 | void *data, | |
6563 | void *userdata) { | |
6564 | ||
6565 | unsigned *sz = data; | |
6566 | ||
6567 | assert(filename); | |
6568 | assert(lvalue); | |
6569 | assert(rvalue); | |
6570 | ||
6571 | if (isempty(rvalue)) { | |
6572 | *sz = UINT_MAX; | |
6573 | return 0; | |
6574 | } | |
6575 | ||
6576 | return config_parse_unsigned(unit, filename, line, section, section_line, lvalue, ltype, rvalue, data, userdata); | |
6577 | } |