]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/manager.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
update TODO
[thirdparty/systemd.git] / src / core / manager.c
CommitLineData
db9ecf05 1/* SPDX-License-Identifier: LGPL-2.1-or-later */
a7334b09 2
60918275 3#include <errno.h>
400f1a33
LP		 4#include <fcntl.h>
5#include <linux/kd.h>
e46b13c8 6#include <sys/epoll.h>
400f1a33 7#include <sys/inotify.h>
e1414003 8#include <sys/ioctl.h>
400f1a33 9#include <sys/reboot.h>
8742514c 10#include <sys/timerfd.h>
400f1a33
LP		 11#include <sys/wait.h>
12#include <unistd.h>
830f6caa 13
349cc4a5 14#if HAVE_AUDIT
4927fcae 15#include <libaudit.h>
830f6caa 16#endif
60918275 17
718db961 18#include "sd-daemon.h"
718db961 19#include "sd-messages.h"
3536f49e 20#include "sd-path.h"
81527be1 21
57b7a260 22#include "all-units.h"
d68c645b 23#include "alloc-util.h"
400f1a33
LP		 24#include "audit-fd.h"
25#include "boot-timestamps.h"
26#include "bus-common-errors.h"
27#include "bus-error.h"
28#include "bus-kernel.h"
29#include "bus-util.h"
00d9ef85 30#include "clean-ipc.h"
af6b0ecc 31#include "clock-util.h"
19d22d43 32#include "core-varlink.h"
786d19fd 33#include "creds-util.h"
400f1a33
LP		 34#include "dbus-job.h"
35#include "dbus-manager.h"
36#include "dbus-unit.h"
37#include "dbus.h"
0e7f5ad9 38#include "def.h"
d063a527 39#include "dirent-util.h"
400f1a33 40#include "env-util.h"
4f5dd394 41#include "escape.h"
89711996 42#include "exec-util.h"
d3070fbd 43#include "execute.h"
400f1a33 44#include "exit-status.h"
3ffd4af2 45#include "fd-util.h"
0d39fa9c 46#include "fileio.h"
f4f15635 47#include "fs-util.h"
385093b7 48#include "generator-setup.h"
60918275 49#include "hashmap.h"
5cfa33e0 50#include "install.h"
19d22d43 51#include "io-util.h"
d3070fbd 52#include "label.h"
d904afc7 53#include "load-fragment.h"
786d19fd 54#include "locale-setup.h"
16354eff 55#include "log.h"
400f1a33 56#include "macro.h"
3ffd4af2 57#include "manager.h"
2a341bb9 58#include "manager-dump.h"
a01ba4b2 59#include "manager-serialize.h"
0a970718 60#include "memory-util.h"
49e942b2 61#include "mkdir.h"
6bedfcbb 62#include "parse-util.h"
400f1a33
LP		 63#include "path-lookup.h"
64#include "path-util.h"
65#include "process-util.h"
ea430986 66#include "ratelimit.h"
31ce987c 67#include "rlimit-util.h"
c6878637 68#include "rm-rf.h"
45ae2f72 69#include "selinux-util.h"
400f1a33 70#include "signal-util.h"
57b7a260 71#include "socket-util.h"
514f4ef5 72#include "special.h"
8fcde012 73#include "stat-util.h"
8b43440b 74#include "string-table.h"
07630cea 75#include "string-util.h"
400f1a33 76#include "strv.h"
dd1db3c2 77#include "strxcpyx.h"
6123dfaa 78#include "sysctl-util.h"
a6ecbf83 79#include "syslog-util.h"
400f1a33
LP		 80#include "terminal-util.h"
81#include "time-util.h"
82#include "transaction.h"
affb60b1 83#include "umask-util.h"
400f1a33 84#include "unit-name.h"
00d9ef85 85#include "user-util.h"
5dc4c17f 86#include "virt.h"
e96d6be7 87#include "watchdog.h"
60918275 88
a47806fa 89#define NOTIFY_RCVBUF_SIZE (8*1024*1024)
d8fdc620 90#define CGROUPS_AGENT_RCVBUF_SIZE (8*1024*1024)
a47806fa 91
03b717a3 92/* Initial delay and the interval for printing status messages about running jobs */
1b4154a8
ZJS		 93#define JOBS_IN_PROGRESS_WAIT_USEC (2*USEC_PER_SEC)
94#define JOBS_IN_PROGRESS_QUIET_WAIT_USEC (25*USEC_PER_SEC)
fd08a840 95#define JOBS_IN_PROGRESS_PERIOD_USEC (USEC_PER_SEC / 3)
03b717a3
MS		 96#define JOBS_IN_PROGRESS_PERIOD_DIVISOR 3
97
5238e957 98/* If there are more than 1K bus messages queue across our API and direct buses, then let's not add more on top until
e0a08581
LP		 99 * the queue gets more empty. */
100#define MANAGER_BUS_BUSY_THRESHOLD 1024LU
101
102/* How many units and jobs to process of the bus queue before returning to the event loop. */
103#define MANAGER_BUS_MESSAGE_BUDGET 100U
104
718db961 105static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
d8fdc620 106static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
718db961
LP		 107static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
108static int manager_dispatch_time_change_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
109static int manager_dispatch_idle_pipe_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
00d9ef85 110static int manager_dispatch_user_lookup_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
718db961 111static int manager_dispatch_jobs_in_progress(sd_event_source *source, usec_t usec, void *userdata);
752b5905 112static int manager_dispatch_run_queue(sd_event_source *source, void *userdata);
575b300b 113static int manager_dispatch_sigchld(sd_event_source *source, void *userdata);
bbf5fd8e 114static int manager_dispatch_timezone_change(sd_event_source *source, const struct inotify_event *event, void *userdata);
64691d20 115static int manager_run_environment_generators(Manager *m);
e801700e 116static int manager_run_generators(Manager *m);
06a4eb07 117static void manager_vacuum(Manager *m);
718db961 118
1b4154a8 119static usec_t manager_watch_jobs_next_time(Manager *m) {
3889fc6f
ZJS		 120 usec_t timeout;
121
122 if (MANAGER_IS_USER(m))
123 /* Let the user manager without a timeout show status quickly, so the system manager can make
124 * use of it, if it wants to. */
125 timeout = JOBS_IN_PROGRESS_WAIT_USEC * 2 / 3;
126 else if (show_status_on(m->show_status))
127 /* When status is on, just use the usual timeout. */
128 timeout = JOBS_IN_PROGRESS_WAIT_USEC;
129 else
130 timeout = JOBS_IN_PROGRESS_QUIET_WAIT_USEC;
131
132 return usec_add(now(CLOCK_MONOTONIC), timeout);
1b4154a8
ZJS		 133}
134
2ae56591 135static void manager_watch_jobs_in_progress(Manager *m) {
e5723c89 136 usec_t next;
cfa9677b 137 int r;
e5723c89 138
718db961 139 assert(m);
03b717a3 140
42bf1ae1
FB		 141 /* We do not want to show the cylon animation if the user
142 * needs to confirm service executions otherwise confirmation
143 * messages will be screwed by the cylon animation. */
b0eb2944 144 if (!manager_is_confirm_spawn_disabled(m))
42bf1ae1
FB		 145 return;
146
718db961 147 if (m->jobs_in_progress_event_source)
2ae56591 148 return;
03b717a3 149
1b4154a8 150 next = manager_watch_jobs_next_time(m);
cfa9677b 151 r = sd_event_add_time(
6a0f1f6d
LP		 152 m->event,
153 &m->jobs_in_progress_event_source,
154 CLOCK_MONOTONIC,
155 next, 0,
156 manager_dispatch_jobs_in_progress, m);
cfa9677b
MM		 157 if (r < 0)
158 return;
7dfbe2e3
TG		 159
160 (void) sd_event_source_set_description(m->jobs_in_progress_event_source, "manager-jobs-in-progress");
03b717a3
MS		 161}
162
fbd0b64f 163#define CYLON_BUFFER_EXTRA (2*STRLEN(ANSI_RED) + STRLEN(ANSI_HIGHLIGHT_RED) + 2*STRLEN(ANSI_NORMAL))
03b717a3 164
03b717a3
MS		 165static void draw_cylon(char buffer[], size_t buflen, unsigned width, unsigned pos) {
166 char *p = buffer;
167
168 assert(buflen >= CYLON_BUFFER_EXTRA + width + 1);
169 assert(pos <= width+1); /* 0 or width+1 mean that the center light is behind the corner */
170
171 if (pos > 1) {
6282c859
MS		 172 if (pos > 2)
173 p = mempset(p, ' ', pos-2);
64c3610b
FB		 174 if (log_get_show_color())
175 p = stpcpy(p, ANSI_RED);
03b717a3
MS		 176 *p++ = '*';
177 }
178
179 if (pos > 0 && pos <= width) {
64c3610b
FB		 180 if (log_get_show_color())
181 p = stpcpy(p, ANSI_HIGHLIGHT_RED);
03b717a3
MS		 182 *p++ = '*';
183 }
184
64c3610b
FB		 185 if (log_get_show_color())
186 p = stpcpy(p, ANSI_NORMAL);
03b717a3
MS		 187
188 if (pos < width) {
64c3610b
FB		 189 if (log_get_show_color())
190 p = stpcpy(p, ANSI_RED);
03b717a3 191 *p++ = '*';
6282c859
MS		 192 if (pos < width-1)
193 p = mempset(p, ' ', width-1-pos);
64c3610b
FB		 194 if (log_get_show_color())
195 strcpy(p, ANSI_NORMAL);
03b717a3 196 }
03b717a3
MS		 197}
198
1addc46c 199static void manager_flip_auto_status(Manager *m, bool enable, const char *reason) {
f755e3b7
LP		 200 assert(m);
201
cb8ccb22
ZJS		 202 if (enable) {
203 if (m->show_status == SHOW_STATUS_AUTO)
7365a296 204 manager_set_show_status(m, SHOW_STATUS_TEMPORARY, reason);
cb8ccb22
ZJS		 205 } else {
206 if (m->show_status == SHOW_STATUS_TEMPORARY)
7365a296 207 manager_set_show_status(m, SHOW_STATUS_AUTO, reason);
cb8ccb22
ZJS		 208 }
209}
210
03b717a3 211static void manager_print_jobs_in_progress(Manager *m) {
03b717a3 212 Job *j;
03b717a3
MS		 213 unsigned counter = 0, print_nr;
214 char cylon[6 + CYLON_BUFFER_EXTRA + 1];
215 unsigned cylon_pos;
8bb310c3 216 uint64_t x;
03b717a3 217
718db961 218 assert(m);
9c3349e2 219 assert(m->n_running_jobs > 0);
718db961 220
7365a296 221 manager_flip_auto_status(m, true, "delay");
d450b6f2 222
03b717a3
MS		 223 print_nr = (m->jobs_in_progress_iteration / JOBS_IN_PROGRESS_PERIOD_DIVISOR) % m->n_running_jobs;
224
90e74a66 225 HASHMAP_FOREACH(j, m->jobs)
03b717a3
MS		 226 if (j->state == JOB_RUNNING && counter++ == print_nr)
227 break;
228
e970a72e
MS		 229 /* m->n_running_jobs must be consistent with the contents of m->jobs,
230 * so the above loop must have succeeded in finding j. */
231 assert(counter == print_nr + 1);
51d122af 232 assert(j);
5a82a91a 233
03b717a3
MS		 234 cylon_pos = m->jobs_in_progress_iteration % 14;
235 if (cylon_pos >= 8)
236 cylon_pos = 14 - cylon_pos;
237 draw_cylon(cylon, sizeof(cylon), 6, cylon_pos);
238
8bb310c3
ZJS		 239 m->jobs_in_progress_iteration++;
240
3889fc6f 241 char job_of_n[STRLEN("( of ) ") + DECIMAL_STR_MAX(unsigned)*2] = "";
5291f26d 242 if (m->n_running_jobs > 1)
3889fc6f 243 xsprintf(job_of_n, "(%u of %u) ", counter, m->n_running_jobs);
03b717a3 244
5291f26d 245 bool have_timeout = job_get_timeout(j, &x) > 0;
8bb310c3 246
04d232d8
ZJS		 247 /* We want to use enough information for the user to identify previous lines talking about the same
248 * unit, but keep the message as short as possible. So if 'Starting foo.service' or 'Starting
3889fc6f 249 * foo.service - Description' were used, 'foo.service' is enough here. On the other hand, if we used
04d232d8
ZJS		 250 * 'Starting Description' before, then we shall also use 'Description' here. So we pass NULL as the
251 * second argument to unit_status_string(). */
252 const char *ident = unit_status_string(j->unit, NULL);
253
3889fc6f
ZJS		 254 const char *time = FORMAT_TIMESPAN(now(CLOCK_MONOTONIC) - j->begin_usec, 1*USEC_PER_SEC);
255 const char *limit = have_timeout ? FORMAT_TIMESPAN(x - j->begin_usec, 1*USEC_PER_SEC) : "no limit";
256
257 if (m->status_unit_format == STATUS_UNIT_FORMAT_DESCRIPTION)
258 /* When using 'Description', we effectively don't have enough space to show the nested status
259 * without ellipsization, so let's not even try. */
260 manager_status_printf(m, STATUS_TYPE_EPHEMERAL, cylon,
261 "%sA %s job is running for %s (%s / %s)",
262 job_of_n,
263 job_type_to_string(j->type),
264 ident,
265 time, limit);
266 else {
267 const char *status_text = unit_status_text(j->unit);
268
269 manager_status_printf(m, STATUS_TYPE_EPHEMERAL, cylon,
270 "%sJob %s/%s running (%s / %s)%s%s",
271 job_of_n,
272 ident,
273 job_type_to_string(j->type),
274 time, limit,
275 status_text ? ": " : "",
276 strempty(status_text));
277 }
278
279 sd_notifyf(false,
280 "STATUS=%sUser job %s/%s running (%s / %s)...",
281 job_of_n,
282 ident,
283 job_type_to_string(j->type),
284 time, limit);
285 m->status_ready = false;
03b717a3
MS		 286}
287
e46b13c8 288static int have_ask_password(void) {
c2b2df60 289 _cleanup_closedir_ DIR *dir = NULL;
8fb3f009 290 struct dirent *de;
e46b13c8
ZJS		 291
292 dir = opendir("/run/systemd/ask-password");
293 if (!dir) {
294 if (errno == ENOENT)
295 return false;
296 else
297 return -errno;
298 }
299
8fb3f009 300 FOREACH_DIRENT_ALL(de, dir, return -errno) {
e46b13c8
ZJS		 301 if (startswith(de->d_name, "ask."))
302 return true;
303 }
8fb3f009 304 return false;
e46b13c8
ZJS		 305}
306
307static int manager_dispatch_ask_password_fd(sd_event_source *source,
308 int fd, uint32_t revents, void *userdata) {
309 Manager *m = userdata;
310
311 assert(m);
312
665dfe93 313 (void) flush_fd(fd);
e46b13c8
ZJS		 314
315 m->have_ask_password = have_ask_password();
316 if (m->have_ask_password < 0)
317 /* Log error but continue. Negative have_ask_password
318 * is treated as unknown status. */
c33b3297 319 log_error_errno(m->have_ask_password, "Failed to list /run/systemd/ask-password: %m");
e46b13c8
ZJS		 320
321 return 0;
322}
323
324static void manager_close_ask_password(Manager *m) {
325 assert(m);
326
5dcadb4c 327 m->ask_password_event_source = sd_event_source_disable_unref(m->ask_password_event_source);
90990e28 328 m->ask_password_inotify_fd = safe_close(m->ask_password_inotify_fd);
e46b13c8
ZJS		 329 m->have_ask_password = -EINVAL;
330}
331
332static int manager_check_ask_password(Manager *m) {
333 int r;
334
335 assert(m);
336
337 if (!m->ask_password_event_source) {
338 assert(m->ask_password_inotify_fd < 0);
339
17e4b070 340 (void) mkdir_p_label("/run/systemd/ask-password", 0755);
e46b13c8
ZJS		 341
342 m->ask_password_inotify_fd = inotify_init1(IN_NONBLOCK|IN_CLOEXEC);
4a62c710 343 if (m->ask_password_inotify_fd < 0)
330b8fb3 344 return log_error_errno(errno, "Failed to create inotify object: %m");
e46b13c8 345
27c3112d
FB		 346 r = inotify_add_watch_and_warn(m->ask_password_inotify_fd,
347 "/run/systemd/ask-password",
348 IN_CREATE|IN_DELETE|IN_MOVE);
349 if (r < 0) {
e46b13c8 350 manager_close_ask_password(m);
27c3112d 351 return r;
e46b13c8
ZJS		 352 }
353
354 r = sd_event_add_io(m->event, &m->ask_password_event_source,
355 m->ask_password_inotify_fd, EPOLLIN,
356 manager_dispatch_ask_password_fd, m);
357 if (r < 0) {
df3d3bdf 358 log_error_errno(r, "Failed to add event source for /run/systemd/ask-password: %m");
e46b13c8 359 manager_close_ask_password(m);
df3d3bdf 360 return r;
e46b13c8
ZJS		 361 }
362
7dfbe2e3
TG		 363 (void) sd_event_source_set_description(m->ask_password_event_source, "manager-ask-password");
364
e46b13c8
ZJS		 365 /* Queries might have been added meanwhile... */
366 manager_dispatch_ask_password_fd(m->ask_password_event_source,
367 m->ask_password_inotify_fd, EPOLLIN, m);
368 }
369
370 return m->have_ask_password;
371}
372
31a7eb86 373static int manager_watch_idle_pipe(Manager *m) {
31a7eb86
ZJS		 374 int r;
375
718db961
LP		 376 assert(m);
377
378 if (m->idle_pipe_event_source)
31a7eb86
ZJS		 379 return 0;
380
381 if (m->idle_pipe[2] < 0)
382 return 0;
383
151b9b96 384 r = sd_event_add_io(m->event, &m->idle_pipe_event_source, m->idle_pipe[2], EPOLLIN, manager_dispatch_idle_pipe_fd, m);
23bbb0de
MS		 385 if (r < 0)
386 return log_error_errno(r, "Failed to watch idle pipe: %m");
31a7eb86 387
7dfbe2e3
TG		 388 (void) sd_event_source_set_description(m->idle_pipe_event_source, "manager-idle-pipe");
389
31a7eb86 390 return 0;
31a7eb86
ZJS		 391}
392
718db961
LP		 393static void manager_close_idle_pipe(Manager *m) {
394 assert(m);
31a7eb86 395
5dcadb4c 396 m->idle_pipe_event_source = sd_event_source_disable_unref(m->idle_pipe_event_source);
cd72bd8a 397
3d94f76c
LP		 398 safe_close_pair(m->idle_pipe);
399 safe_close_pair(m->idle_pipe + 2);
31a7eb86
ZJS		 400}
401
8742514c 402static int manager_setup_time_change(Manager *m) {
718db961 403 int r;
b92bea5d 404
718db961 405 assert(m);
8742514c 406
638cece4 407 if (MANAGER_IS_TEST_RUN(m))
0d8c31ff
ZJS		 408 return 0;
409
5dcadb4c 410 m->time_change_event_source = sd_event_source_disable_unref(m->time_change_event_source);
7feedd18
LP		 411 m->time_change_fd = safe_close(m->time_change_fd);
412
4f811d27 413 m->time_change_fd = time_change_fd();
4a62c710 414 if (m->time_change_fd < 0)
4f811d27 415 return log_error_errno(m->time_change_fd, "Failed to create timer change timer fd: %m");
8742514c 416
151b9b96 417 r = sd_event_add_io(m->event, &m->time_change_event_source, m->time_change_fd, EPOLLIN, manager_dispatch_time_change_fd, m);
23bbb0de
MS		 418 if (r < 0)
419 return log_error_errno(r, "Failed to create time change event source: %m");
8742514c 420
a5cc7e5a
LP		 421 /* Schedule this slightly earlier than the .timer event sources */
422 r = sd_event_source_set_priority(m->time_change_event_source, SD_EVENT_PRIORITY_NORMAL-1);
423 if (r < 0)
424 return log_error_errno(r, "Failed to set priority of time change event sources: %m");
425
7dfbe2e3
TG		 426 (void) sd_event_source_set_description(m->time_change_event_source, "manager-time-change");
427
8742514c
LP		 428 log_debug("Set up TFD_TIMER_CANCEL_ON_SET timerfd.");
429
430 return 0;
431}
432
bbf5fd8e
LP		 433static int manager_read_timezone_stat(Manager *m) {
434 struct stat st;
435 bool changed;
436
437 assert(m);
438
439 /* Read the current stat() data of /etc/localtime so that we detect changes */
440 if (lstat("/etc/localtime", &st) < 0) {
441 log_debug_errno(errno, "Failed to stat /etc/localtime, ignoring: %m");
442 changed = m->etc_localtime_accessible;
443 m->etc_localtime_accessible = false;
444 } else {
445 usec_t k;
446
447 k = timespec_load(&st.st_mtim);
448 changed = !m->etc_localtime_accessible || k != m->etc_localtime_mtime;
449
450 m->etc_localtime_mtime = k;
451 m->etc_localtime_accessible = true;
452 }
453
454 return changed;
455}
456
457static int manager_setup_timezone_change(Manager *m) {
a5cc7e5a 458 _cleanup_(sd_event_source_unrefp) sd_event_source *new_event = NULL;
bbf5fd8e
LP		 459 int r;
460
461 assert(m);
462
638cece4 463 if (MANAGER_IS_TEST_RUN(m))
bbf5fd8e
LP		 464 return 0;
465
466 /* We watch /etc/localtime for three events: change of the link count (which might mean removal from /etc even
467 * though another link might be kept), renames, and file close operations after writing. Note we don't bother
468 * with IN_DELETE_SELF, as that would just report when the inode is removed entirely, i.e. after the link count
469 * went to zero and all fds to it are closed.
470 *
471 * Note that we never follow symlinks here. This is a simplification, but should cover almost all cases
472 * correctly.
473 *
474 * Note that we create the new event source first here, before releasing the old one. This should optimize
475 * behaviour as this way sd-event can reuse the old watch in case the inode didn't change. */
476
477 r = sd_event_add_inotify(m->event, &new_event, "/etc/localtime",
478 IN_ATTRIB|IN_MOVE_SELF|IN_CLOSE_WRITE|IN_DONT_FOLLOW, manager_dispatch_timezone_change, m);
0cb21d8c
LP		 479 if (r == -ENOENT) {
480 /* If the file doesn't exist yet, subscribe to /etc instead, and wait until it is created either by
481 * O_CREATE or by rename() */
482
483 log_debug_errno(r, "/etc/localtime doesn't exist yet, watching /etc instead.");
bbf5fd8e
LP		 484 r = sd_event_add_inotify(m->event, &new_event, "/etc",
485 IN_CREATE|IN_MOVED_TO|IN_ONLYDIR, manager_dispatch_timezone_change, m);
0cb21d8c 486 }
bbf5fd8e
LP		 487 if (r < 0)
488 return log_error_errno(r, "Failed to create timezone change event source: %m");
489
a5cc7e5a
LP		 490 /* Schedule this slightly earlier than the .timer event sources */
491 r = sd_event_source_set_priority(new_event, SD_EVENT_PRIORITY_NORMAL-1);
492 if (r < 0)
493 return log_error_errno(r, "Failed to set priority of timezone change event sources: %m");
494
bbf5fd8e 495 sd_event_source_unref(m->timezone_change_event_source);
a5cc7e5a 496 m->timezone_change_event_source = TAKE_PTR(new_event);
bbf5fd8e
LP		 497
498 return 0;
499}
500
80876c20 501static int enable_special_signals(Manager *m) {
718db961 502 _cleanup_close_ int fd = -1;
80876c20
LP		 503
504 assert(m);
505
638cece4 506 if (MANAGER_IS_TEST_RUN(m))
37453b3a
EV		 507 return 0;
508
a41b539e 509 /* Enable that we get SIGINT on control-alt-del. In containers
c9999773
LP		 510 * this will fail with EPERM (older) or EINVAL (newer), so
511 * ignore that. */
4c701096 512 if (reboot(RB_DISABLE_CAD) < 0 && !IN_SET(errno, EPERM, EINVAL))
56f64d95 513 log_warning_errno(errno, "Failed to enable ctrl-alt-del handling: %m");
80876c20 514
a41b539e
LP		 515 fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
516 if (fd < 0) {
517 /* Support systems without virtual console */
518 if (fd != -ENOENT)
56f64d95 519 log_warning_errno(errno, "Failed to open /dev/tty0: %m");
a41b539e 520 } else {
80876c20
LP		 521 /* Enable that we get SIGWINCH on kbrequest */
522 if (ioctl(fd, KDSIGACCEPT, SIGWINCH) < 0)
56f64d95 523 log_warning_errno(errno, "Failed to enable kbrequest handling: %m");
80876c20
LP		 524 }
525
526 return 0;
527}
528
8750ac02
ZJS		 529#define RTSIG_IF_AVAILABLE(signum) (signum <= SIGRTMAX ? signum : -1)
530
ce578209 531static int manager_setup_signals(Manager *m) {
b92bea5d
ZJS		 532 struct sigaction sa = {
533 .sa_handler = SIG_DFL,
534 .sa_flags = SA_NOCLDSTOP|SA_RESTART,
535 };
718db961
LP		 536 sigset_t mask;
537 int r;
60918275 538
ce578209
LP		 539 assert(m);
540
57c0c30e
LP		 541 assert_se(sigaction(SIGCHLD, &sa, NULL) == 0);
542
4dffec14
LP		 543 /* We make liberal use of realtime signals here. On
544 * Linux/glibc we have 30 of them (with the exception of Linux
545 * on hppa, see below), between SIGRTMIN+0 ... SIGRTMIN+30
546 * (aka SIGRTMAX). */
7d793605 547
4dffec14 548 assert_se(sigemptyset(&mask) == 0);
7d793605
LP		 549 sigset_add_many(&mask,
550 SIGCHLD, /* Child died */
551 SIGTERM, /* Reexecute daemon */
552 SIGHUP, /* Reload configuration */
54d04cd1 553 SIGUSR1, /* systemd: reconnect to D-Bus */
7d793605
LP		 554 SIGUSR2, /* systemd: dump status */
555 SIGINT, /* Kernel sends us this on control-alt-del */
556 SIGWINCH, /* Kernel sends us this on kbrequest (alt-arrowup) */
557 SIGPWR, /* Some kernel drivers and upsd send us this on power failure */
4dffec14 558
7d793605 559 SIGRTMIN+0, /* systemd: start default.target */
0003d1ab 560 SIGRTMIN+1, /* systemd: isolate rescue.target */
7d793605
LP		 561 SIGRTMIN+2, /* systemd: isolate emergency.target */
562 SIGRTMIN+3, /* systemd: start halt.target */
563 SIGRTMIN+4, /* systemd: start poweroff.target */
564 SIGRTMIN+5, /* systemd: start reboot.target */
0003d1ab 565 SIGRTMIN+6, /* systemd: start kexec.target */
4dffec14
LP		 566
567 /* ... space for more special targets ... */
568
0003d1ab
LP		 569 SIGRTMIN+13, /* systemd: Immediate halt */
570 SIGRTMIN+14, /* systemd: Immediate poweroff */
571 SIGRTMIN+15, /* systemd: Immediate reboot */
572 SIGRTMIN+16, /* systemd: Immediate kexec */
4dffec14
LP		 573
574 /* ... space for more immediate system state changes ... */
575
0658666b
LP		 576 SIGRTMIN+20, /* systemd: enable status messages */
577 SIGRTMIN+21, /* systemd: disable status messages */
253ee27a
LP		 578 SIGRTMIN+22, /* systemd: set log level to LOG_DEBUG */
579 SIGRTMIN+23, /* systemd: set log level to LOG_INFO */
600b704e 580 SIGRTMIN+24, /* systemd: Immediate exit (--user only) */
4dffec14
LP		 581
582 /* .. one free signal here ... */
583
8750ac02
ZJS		 584 /* Apparently Linux on hppa had fewer RT signals until v3.18,
585 * SIGRTMAX was SIGRTMIN+25, and then SIGRTMIN was lowered,
586 * see commit v3.17-7614-g1f25df2eff.
587 *
588 * We cannot unconditionally make use of those signals here,
589 * so let's use a runtime check. Since these commands are
590 * accessible by different means and only really a safety
591 * net, the missing functionality on hppa shouldn't matter.
592 */
593
594 RTSIG_IF_AVAILABLE(SIGRTMIN+26), /* systemd: set log target to journal-or-kmsg */
595 RTSIG_IF_AVAILABLE(SIGRTMIN+27), /* systemd: set log target to console */
596 RTSIG_IF_AVAILABLE(SIGRTMIN+28), /* systemd: set log target to kmsg */
597 RTSIG_IF_AVAILABLE(SIGRTMIN+29), /* systemd: set log target to syslog-or-kmsg (obsolete) */
4dffec14
LP		 598
599 /* ... one free signal here SIGRTMIN+30 ... */
7d793605 600 -1);
ce578209
LP		 601 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
602
718db961
LP		 603 m->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
604 if (m->signal_fd < 0)
ce578209
LP		 605 return -errno;
606
151b9b96 607 r = sd_event_add_io(m->event, &m->signal_event_source, m->signal_fd, EPOLLIN, manager_dispatch_signal_fd, m);
718db961
LP		 608 if (r < 0)
609 return r;
ce578209 610
7dfbe2e3
TG		 611 (void) sd_event_source_set_description(m->signal_event_source, "manager-signal");
612
d8fdc620
LP		 613 /* Process signals a bit earlier than the rest of things, but later than notify_fd processing, so that the
614 * notify processing can still figure out to which process/service a message belongs, before we reap the
615 * process. Also, process this before handling cgroup notifications, so that we always collect child exit
616 * status information before detecting that there's no process in a cgroup. */
617 r = sd_event_source_set_priority(m->signal_event_source, SD_EVENT_PRIORITY_NORMAL-6);
29083707
LP		 618 if (r < 0)
619 return r;
620
463d0d15 621 if (MANAGER_IS_SYSTEM(m))
80876c20 622 return enable_special_signals(m);
e1414003 623
ce578209
LP		 624 return 0;
625}
626
1ad6e8b3 627static char** sanitize_environment(char **l) {
f069efb4 628
47cf8ff2 629 /* Let's remove some environment variables that we need ourselves to communicate with our clients */
f069efb4 630 strv_env_unset_many(
1ad6e8b3 631 l,
8047ac8f
LP		 632 "CACHE_DIRECTORY",
633 "CONFIGURATION_DIRECTORY",
bb0c0d6f 634 "CREDENTIALS_DIRECTORY",
47cf8ff2
LP		 635 "EXIT_CODE",
636 "EXIT_STATUS",
637 "INVOCATION_ID",
638 "JOURNAL_STREAM",
639 "LISTEN_FDNAMES",
640 "LISTEN_FDS",
641 "LISTEN_PID",
8047ac8f 642 "LOGS_DIRECTORY",
f069efb4
LP		 643 "MAINPID",
644 "MANAGERPID",
47cf8ff2 645 "NOTIFY_SOCKET",
dcf3c3c3 646 "PIDFILE",
47cf8ff2
LP		 647 "REMOTE_ADDR",
648 "REMOTE_PORT",
8047ac8f 649 "RUNTIME_DIRECTORY",
47cf8ff2 650 "SERVICE_RESULT",
8047ac8f 651 "STATE_DIRECTORY",
f069efb4
LP		 652 "WATCHDOG_PID",
653 "WATCHDOG_USEC",
654 NULL);
47cf8ff2
LP		 655
656 /* Let's order the environment alphabetically, just to make it pretty */
305757d8 657 return strv_sort(l);
f069efb4
LP		 658}
659
79a224c4 660int manager_default_environment(Manager *m) {
db11487d
ZJS		 661 int r;
662
71ecc858
LP		 663 assert(m);
664
1ad6e8b3
LP		 665 m->transient_environment = strv_free(m->transient_environment);
666
463d0d15 667 if (MANAGER_IS_SYSTEM(m)) {
e21fea24
KS		 668 /* The system manager always starts with a clean
669 * environment for its children. It does not import
71cb7d30 670 * the kernel's or the parents' exported variables.
e21fea24 671 *
71cb7d30 672 * The initial passed environment is untouched to keep
e21fea24
KS		 673 * /proc/self/environ valid; it is used for tagging
674 * the init process inside containers. */
1ad6e8b3 675 m->transient_environment = strv_new("PATH=" DEFAULT_PATH);
db11487d
ZJS		 676 if (!m->transient_environment)
677 return log_oom();
e21fea24
KS		 678
679 /* Import locale variables LC_*= from configuration */
1ad6e8b3 680 (void) locale_setup(&m->transient_environment);
db11487d 681 } else {
aaf057c4 682 /* The user manager passes its own environment along to its children, except for $PATH. */
1ad6e8b3 683 m->transient_environment = strv_copy(environ);
db11487d
ZJS		 684 if (!m->transient_environment)
685 return log_oom();
686
aaf057c4 687 r = strv_env_replace_strdup(&m->transient_environment, "PATH=" DEFAULT_USER_PATH);
db11487d
ZJS		 688 if (r < 0)
689 return log_oom();
db11487d 690 }
8b55b8c4 691
1ad6e8b3 692 sanitize_environment(m->transient_environment);
9d5a3757 693
e21fea24 694 return 0;
71ecc858
LP		 695}
696
3536f49e
YW		 697static int manager_setup_prefix(Manager *m) {
698 struct table_entry {
699 uint64_t type;
700 const char *suffix;
701 };
702
72fd1768 703 static const struct table_entry paths_system[_EXEC_DIRECTORY_TYPE_MAX] = {
9978e631
ZJS		 704 [EXEC_DIRECTORY_RUNTIME] = { SD_PATH_SYSTEM_RUNTIME, NULL },
705 [EXEC_DIRECTORY_STATE] = { SD_PATH_SYSTEM_STATE_PRIVATE, NULL },
706 [EXEC_DIRECTORY_CACHE] = { SD_PATH_SYSTEM_STATE_CACHE, NULL },
707 [EXEC_DIRECTORY_LOGS] = { SD_PATH_SYSTEM_STATE_LOGS, NULL },
3536f49e
YW		 708 [EXEC_DIRECTORY_CONFIGURATION] = { SD_PATH_SYSTEM_CONFIGURATION, NULL },
709 };
710
72fd1768 711 static const struct table_entry paths_user[_EXEC_DIRECTORY_TYPE_MAX] = {
9978e631
ZJS		 712 [EXEC_DIRECTORY_RUNTIME] = { SD_PATH_USER_RUNTIME, NULL },
713 [EXEC_DIRECTORY_STATE] = { SD_PATH_USER_CONFIGURATION, NULL },
714 [EXEC_DIRECTORY_CACHE] = { SD_PATH_USER_STATE_CACHE, NULL },
715 [EXEC_DIRECTORY_LOGS] = { SD_PATH_USER_CONFIGURATION, "log" },
716 [EXEC_DIRECTORY_CONFIGURATION] = { SD_PATH_USER_CONFIGURATION, NULL },
3536f49e
YW		 717 };
718
3536f49e
YW		 719 assert(m);
720
24b45970
ZJS		 721 const struct table_entry *p = MANAGER_IS_SYSTEM(m) ? paths_system : paths_user;
722 int r;
3536f49e 723
24b45970 724 for (ExecDirectoryType i = 0; i < _EXEC_DIRECTORY_TYPE_MAX; i++) {
51327bcc 725 r = sd_path_lookup(p[i].type, p[i].suffix, &m->prefix[i]);
3536f49e 726 if (r < 0)
998df7ce
ZJS		 727 return log_warning_errno(r, "Failed to lookup %s path: %m",
728 exec_directory_type_to_string(i));
3536f49e
YW		 729 }
730
731 return 0;
732}
733
e8630e69
ZJS		 734static void manager_free_unit_name_maps(Manager *m) {
735 m->unit_id_map = hashmap_free(m->unit_id_map);
736 m->unit_name_map = hashmap_free(m->unit_name_map);
3fb2326f 737 m->unit_path_cache = set_free(m->unit_path_cache);
c2911d48 738 m->unit_cache_timestamp_hash = 0;
e8630e69
ZJS		 739}
740
279d81dd
LP		 741static int manager_setup_run_queue(Manager *m) {
742 int r;
743
744 assert(m);
745 assert(!m->run_queue_event_source);
746
747 r = sd_event_add_defer(m->event, &m->run_queue_event_source, manager_dispatch_run_queue, m);
748 if (r < 0)
749 return r;
750
751 r = sd_event_source_set_priority(m->run_queue_event_source, SD_EVENT_PRIORITY_IDLE);
752 if (r < 0)
753 return r;
754
755 r = sd_event_source_set_enabled(m->run_queue_event_source, SD_EVENT_OFF);
756 if (r < 0)
757 return r;
758
759 (void) sd_event_source_set_description(m->run_queue_event_source, "manager-run-queue");
760
761 return 0;
762}
763
575b300b
LP		 764static int manager_setup_sigchld_event_source(Manager *m) {
765 int r;
766
767 assert(m);
768 assert(!m->sigchld_event_source);
769
770 r = sd_event_add_defer(m->event, &m->sigchld_event_source, manager_dispatch_sigchld, m);
771 if (r < 0)
772 return r;
773
774 r = sd_event_source_set_priority(m->sigchld_event_source, SD_EVENT_PRIORITY_NORMAL-7);
775 if (r < 0)
776 return r;
777
778 r = sd_event_source_set_enabled(m->sigchld_event_source, SD_EVENT_OFF);
779 if (r < 0)
780 return r;
781
782 (void) sd_event_source_set_description(m->sigchld_event_source, "manager-sigchld");
783
784 return 0;
785}
786
638cece4 787int manager_new(UnitFileScope scope, ManagerTestRunFlags test_run_flags, Manager **_m) {
c70cac54 788 _cleanup_(manager_freep) Manager *m = NULL;
bb0c0d6f 789 const char *e;
e3dd987c 790 int r;
8e274523
LP		 791
792 assert(_m);
463d0d15 793 assert(IN_SET(scope, UNIT_FILE_SYSTEM, UNIT_FILE_USER));
ce578209 794
3ad228ce 795 m = new(Manager, 1);
915b3753 796 if (!m)
8e274523 797 return -ENOMEM;
60918275 798
3ad228ce
LP		 799 *m = (Manager) {
800 .unit_file_scope = scope,
801 .objective = _MANAGER_OBJECTIVE_INVALID,
802
36cf4507
ZJS		 803 .status_unit_format = STATUS_UNIT_FORMAT_DEFAULT,
804
3ad228ce
LP		 805 .default_timer_accuracy_usec = USEC_PER_MINUTE,
806 .default_memory_accounting = MEMORY_ACCOUNTING_DEFAULT,
807 .default_tasks_accounting = true,
3a0f06c4 808 .default_tasks_max = TASKS_MAX_UNSET,
3ad228ce
LP		 809 .default_timeout_start_usec = DEFAULT_TIMEOUT_USEC,
810 .default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC,
811 .default_restart_usec = DEFAULT_RESTART_USEC,
812
813 .original_log_level = -1,
814 .original_log_target = _LOG_TARGET_INVALID,
815
986935cf
FB		 816 .watchdog_overridden[WATCHDOG_RUNTIME] = USEC_INFINITY,
817 .watchdog_overridden[WATCHDOG_REBOOT] = USEC_INFINITY,
818 .watchdog_overridden[WATCHDOG_KEXEC] = USEC_INFINITY,
819
44a41954
FB		 820 .show_status_overridden = _SHOW_STATUS_INVALID,
821
3ad228ce
LP		 822 .notify_fd = -1,
823 .cgroups_agent_fd = -1,
824 .signal_fd = -1,
825 .time_change_fd = -1,
826 .user_lookup_fds = { -1, -1 },
827 .private_listen_fd = -1,
828 .dev_autofs_fd = -1,
829 .cgroup_inotify_fd = -1,
830 .pin_cgroupfs_fd = -1,
831 .ask_password_inotify_fd = -1,
832 .idle_pipe = { -1, -1, -1, -1},
833
834 /* start as id #1, so that we can leave #0 around as "null-like" value */
835 .current_job_id = 1,
836
837 .have_ask_password = -EINVAL, /* we don't know */
838 .first_boot = -1,
839 .test_run_flags = test_run_flags,
afcfaa69
LP		 840
841 .default_oom_policy = OOM_STOP,
3ad228ce 842 };
80876c20 843
349cc4a5 844#if ENABLE_EFI
463d0d15 845 if (MANAGER_IS_SYSTEM(m) && detect_container() <= 0)
9f9f0342
LP		 846 boot_timestamps(m->timestamps + MANAGER_TIMESTAMP_USERSPACE,
847 m->timestamps + MANAGER_TIMESTAMP_FIRMWARE,
848 m->timestamps + MANAGER_TIMESTAMP_LOADER);
463d0d15
LP		 849#endif
850
f2341e0a 851 /* Prepare log fields we can use for structured logging */
463d0d15
LP		 852 if (MANAGER_IS_SYSTEM(m)) {
853 m->unit_log_field = "UNIT=";
854 m->unit_log_format_string = "UNIT=%s";
4b58153d
LP		 855
856 m->invocation_log_field = "INVOCATION_ID=";
f1c50bec 857 m->invocation_log_format_string = "INVOCATION_ID=%s";
463d0d15
LP		 858 } else {
859 m->unit_log_field = "USER_UNIT=";
860 m->unit_log_format_string = "USER_UNIT=%s";
4b58153d
LP		 861
862 m->invocation_log_field = "USER_INVOCATION_ID=";
f1c50bec 863 m->invocation_log_format_string = "USER_INVOCATION_ID=%s";
463d0d15 864 }
f2341e0a 865
2e5c94b9 866 /* Reboot immediately if the user hits C-A-D more often than 7x per 2s */
8c227e7f 867 m->ctrl_alt_del_ratelimit = (RateLimit) { .interval = 2 * USEC_PER_SEC, .burst = 7 };
2e5c94b9 868
e21fea24
KS		 869 r = manager_default_environment(m);
870 if (r < 0)
c70cac54 871 return r;
1137a57c 872
d5099efc 873 r = hashmap_ensure_allocated(&m->units, &string_hash_ops);
718db961 874 if (r < 0)
c70cac54 875 return r;
60918275 876
548f6937 877 r = hashmap_ensure_allocated(&m->cgroup_unit, &path_hash_ops);
718db961 878 if (r < 0)
c70cac54 879 return r;
9152c765 880
d5099efc 881 r = hashmap_ensure_allocated(&m->watch_bus, &string_hash_ops);
718db961 882 if (r < 0)
c70cac54 883 return r;
05e343b7 884
da8e1782
MO		 885 r = prioq_ensure_allocated(&m->run_queue, compare_job_priority);
886 if (r < 0)
887 return r;
888
e8112e67 889 r = manager_setup_prefix(m);
718db961 890 if (r < 0)
c70cac54 891 return r;
8742514c 892
786d19fd
LP		 893 r = get_credentials_dir(&e);
894 if (r >= 0) {
bb0c0d6f
LP		 895 m->received_credentials = strdup(e);
896 if (!m->received_credentials)
897 return -ENOMEM;
898 }
899
e8112e67 900 r = sd_event_default(&m->event);
8742514c 901 if (r < 0)
c70cac54 902 return r;
9152c765 903
e8112e67 904 r = manager_setup_run_queue(m);
a1d32bac 905 if (r < 0)
c70cac54 906 return r;
8e274523 907
5dd2f5ff 908 if (FLAGS_SET(test_run_flags, MANAGER_TEST_RUN_MINIMAL)) {
e8112e67
ZJS		 909 m->cgroup_root = strdup("");
910 if (!m->cgroup_root)
911 return -ENOMEM;
912 } else {
913 r = manager_setup_signals(m);
914 if (r < 0)
915 return r;
8c47c732 916
e8112e67
ZJS		 917 r = manager_setup_cgroup(m);
918 if (r < 0)
919 return r;
575b300b 920
e8112e67
ZJS		 921 r = manager_setup_time_change(m);
922 if (r < 0)
923 return r;
9670d583 924
bbf5fd8e
LP		 925 r = manager_read_timezone_stat(m);
926 if (r < 0)
927 return r;
928
ea5c5f68 929 (void) manager_setup_timezone_change(m);
bbf5fd8e 930
e8112e67
ZJS		 931 r = manager_setup_sigchld_event_source(m);
932 if (r < 0)
933 return r;
934 }
e27fe688 935
2f8c48b6
AZ		 936 if (test_run_flags == 0) {
937 if (MANAGER_IS_SYSTEM(m))
938 r = mkdir_label("/run/systemd/units", 0755);
939 else {
940 _cleanup_free_ char *units_path = NULL;
941 r = xdg_user_runtime_dir(&units_path, "/systemd/units");
942 if (r < 0)
943 return r;
944 r = mkdir_p_label(units_path, 0755);
945 }
946
d3070fbd 947 if (r < 0 && r != -EEXIST)
c70cac54 948 return r;
d3070fbd
LP		 949 }
950
e27fe688
LP		 951 m->taint_usr =
952 !in_initrd() &&
953 dir_is_empty("/usr") > 0;
954
232f6754
ZJS		 955 /* Note that we do not set up the notify fd here. We do that after deserialization,
956 * since they might have gotten serialized across the reexec. */
3536f49e 957
1cc6c93a
YW		 958 *_m = TAKE_PTR(m);
959
8e274523 960 return 0;
60918275
LP		 961}
962
d86f9d52 963static int manager_setup_notify(Manager *m) {
7181dbdb 964 int r;
d86f9d52 965
638cece4 966 if (MANAGER_IS_TEST_RUN(m))
0d8c31ff
ZJS		 967 return 0;
968
d86f9d52
LP		 969 if (m->notify_fd < 0) {
970 _cleanup_close_ int fd = -1;
f36a9d59
ZJS		 971 union sockaddr_union sa;
972 socklen_t sa_len;
d86f9d52
LP		 973
974 /* First free all secondary fields */
a1e58e8e 975 m->notify_socket = mfree(m->notify_socket);
5dcadb4c 976 m->notify_event_source = sd_event_source_disable_unref(m->notify_event_source);
d86f9d52
LP		 977
978 fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
4a62c710
MS		 979 if (fd < 0)
980 return log_error_errno(errno, "Failed to allocate notification socket: %m");
d86f9d52 981
a47806fa
LP		 982 fd_inc_rcvbuf(fd, NOTIFY_RCVBUF_SIZE);
983
b910cc72 984 m->notify_socket = path_join(m->prefix[EXEC_DIRECTORY_RUNTIME], "systemd/notify");
498e87d6
LP		 985 if (!m->notify_socket)
986 return log_oom();
987
f36a9d59
ZJS		 988 r = sockaddr_un_set_path(&sa.un, m->notify_socket);
989 if (r < 0)
990 return log_error_errno(r, "Notify socket '%s' not valid for AF_UNIX socket address, refusing.",
991 m->notify_socket);
992 sa_len = r;
15a3e96f 993
498e87d6 994 (void) mkdir_parents_label(m->notify_socket, 0755);
fbda85b0 995 (void) sockaddr_un_unlink(&sa.un);
7181dbdb 996
45ae2f72 997 r = mac_selinux_bind(fd, &sa.sa, sa_len);
4a62c710 998 if (r < 0)
45ae2f72 999 return log_error_errno(r, "bind(%s) failed: %m", m->notify_socket);
d86f9d52 1000
2ff48e98 1001 r = setsockopt_int(fd, SOL_SOCKET, SO_PASSCRED, true);
4a62c710 1002 if (r < 0)
2ff48e98 1003 return log_error_errno(r, "SO_PASSCRED failed: %m");
d86f9d52 1004
c10d6bdb 1005 m->notify_fd = TAKE_FD(fd);
d86f9d52
LP		 1006
1007 log_debug("Using notification socket %s", m->notify_socket);
1008 }
1009
1010 if (!m->notify_event_source) {
151b9b96 1011 r = sd_event_add_io(m->event, &m->notify_event_source, m->notify_fd, EPOLLIN, manager_dispatch_notify_fd, m);
895b3a7b
MS		 1012 if (r < 0)
1013 return log_error_errno(r, "Failed to allocate notify event source: %m");
d86f9d52 1014
d8fdc620
LP		 1015 /* Process notification messages a bit earlier than SIGCHLD, so that we can still identify to which
1016 * service an exit message belongs. */
575b300b 1017 r = sd_event_source_set_priority(m->notify_event_source, SD_EVENT_PRIORITY_NORMAL-8);
23bbb0de
MS		 1018 if (r < 0)
1019 return log_error_errno(r, "Failed to set priority of notify event source: %m");
7dfbe2e3
TG		 1020
1021 (void) sd_event_source_set_description(m->notify_event_source, "manager-notify");
d86f9d52
LP		 1022 }
1023
1024 return 0;
1025}
1026
d8fdc620
LP		 1027static int manager_setup_cgroups_agent(Manager *m) {
1028
1029 static const union sockaddr_union sa = {
1030 .un.sun_family = AF_UNIX,
1031 .un.sun_path = "/run/systemd/cgroups-agent",
1032 };
1033 int r;
1034
1035 /* This creates a listening socket we receive cgroups agent messages on. We do not use D-Bus for delivering
1036 * these messages from the cgroups agent binary to PID 1, as the cgroups agent binary is very short-living, and
1037 * each instance of it needs a new D-Bus connection. Since D-Bus connections are SOCK_STREAM/AF_UNIX, on
1038 * overloaded systems the backlog of the D-Bus socket becomes relevant, as not more than the configured number
1039 * of D-Bus connections may be queued until the kernel will start dropping further incoming connections,
1040 * possibly resulting in lost cgroups agent messages. To avoid this, we'll use a private SOCK_DGRAM/AF_UNIX
1041 * socket, where no backlog is relevant as communication may take place without an actual connect() cycle, and
1042 * we thus won't lose messages.
1043 *
1044 * Note that PID 1 will forward the agent message to system bus, so that the user systemd instance may listen
1045 * to it. The system instance hence listens on this special socket, but the user instances listen on the system
1046 * bus for these messages. */
1047
638cece4 1048 if (MANAGER_IS_TEST_RUN(m))
d8fdc620
LP		 1049 return 0;
1050
1051 if (!MANAGER_IS_SYSTEM(m))
1052 return 0;
1053
c22800e4 1054 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
b4cccbc1
LP		 1055 if (r < 0)
1056 return log_error_errno(r, "Failed to determine whether unified cgroups hierarchy is used: %m");
1057 if (r > 0) /* We don't need this anymore on the unified hierarchy */
d8fdc620
LP		 1058 return 0;
1059
1060 if (m->cgroups_agent_fd < 0) {
1061 _cleanup_close_ int fd = -1;
1062
1063 /* First free all secondary fields */
5dcadb4c 1064 m->cgroups_agent_event_source = sd_event_source_disable_unref(m->cgroups_agent_event_source);
d8fdc620
LP		 1065
1066 fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1067 if (fd < 0)
1068 return log_error_errno(errno, "Failed to allocate cgroups agent socket: %m");
1069
1070 fd_inc_rcvbuf(fd, CGROUPS_AGENT_RCVBUF_SIZE);
1071
155b6876 1072 (void) sockaddr_un_unlink(&sa.un);
d8fdc620
LP		 1073
1074 /* Only allow root to connect to this socket */
1075 RUN_WITH_UMASK(0077)
fc2fffe7 1076 r = bind(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
d8fdc620
LP		 1077 if (r < 0)
1078 return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
1079
0b7e8b32 1080 m->cgroups_agent_fd = TAKE_FD(fd);
d8fdc620
LP		 1081 }
1082
1083 if (!m->cgroups_agent_event_source) {
1084 r = sd_event_add_io(m->event, &m->cgroups_agent_event_source, m->cgroups_agent_fd, EPOLLIN, manager_dispatch_cgroups_agent_fd, m);
1085 if (r < 0)
1086 return log_error_errno(r, "Failed to allocate cgroups agent event source: %m");
1087
cbe83389
LP		 1088 /* Process cgroups notifications early. Note that when the agent notification is received
1089 * we'll just enqueue the unit in the cgroup empty queue, hence pick a high priority than
1090 * that. Also see handling of cgroup inotify for the unified cgroup stuff. */
1091 r = sd_event_source_set_priority(m->cgroups_agent_event_source, SD_EVENT_PRIORITY_NORMAL-9);
d8fdc620
LP		 1092 if (r < 0)
1093 return log_error_errno(r, "Failed to set priority of cgroups agent event source: %m");
1094
1095 (void) sd_event_source_set_description(m->cgroups_agent_event_source, "manager-cgroups-agent");
1096 }
1097
1098 return 0;
1099}
1100
00d9ef85
LP		 1101static int manager_setup_user_lookup_fd(Manager *m) {
1102 int r;
1103
1104 assert(m);
1105
1106 /* Set up the socket pair used for passing UID/GID resolution results from forked off processes to PID
1107 * 1. Background: we can't do name lookups (NSS) from PID 1, since it might involve IPC and thus activation,
1108 * and we might hence deadlock on ourselves. Hence we do all user/group lookups asynchronously from the forked
1109 * off processes right before executing the binaries to start. In order to be able to clean up any IPC objects
1110 * created by a unit (see RemoveIPC=) we need to know in PID 1 the used UID/GID of the executed processes,
1111 * hence we establish this communication channel so that forked off processes can pass their UID/GID
1112 * information back to PID 1. The forked off processes send their resolved UID/GID to PID 1 in a simple
1113 * datagram, along with their unit name, so that we can share one communication socket pair among all units for
1114 * this purpose.
1115 *
1116 * You might wonder why we need a communication channel for this that is independent of the usual notification
1117 * socket scheme (i.e. $NOTIFY_SOCKET). The primary difference is about trust: data sent via the $NOTIFY_SOCKET
1118 * channel is only accepted if it originates from the right unit and if reception was enabled for it. The user
1119 * lookup socket OTOH is only accessible by PID 1 and its children until they exec(), and always available.
1120 *
1121 * Note that this function is called under two circumstances: when we first initialize (in which case we
1122 * allocate both the socket pair and the event source to listen on it), and when we deserialize after a reload
1123 * (in which case the socket pair already exists but we still need to allocate the event source for it). */
1124
1125 if (m->user_lookup_fds[0] < 0) {
1126
1127 /* Free all secondary fields */
1128 safe_close_pair(m->user_lookup_fds);
5dcadb4c 1129 m->user_lookup_event_source = sd_event_source_disable_unref(m->user_lookup_event_source);
00d9ef85
LP		 1130
1131 if (socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, m->user_lookup_fds) < 0)
1132 return log_error_errno(errno, "Failed to allocate user lookup socket: %m");
1133
1134 (void) fd_inc_rcvbuf(m->user_lookup_fds[0], NOTIFY_RCVBUF_SIZE);
1135 }
1136
1137 if (!m->user_lookup_event_source) {
1138 r = sd_event_add_io(m->event, &m->user_lookup_event_source, m->user_lookup_fds[0], EPOLLIN, manager_dispatch_user_lookup_fd, m);
1139 if (r < 0)
1140 return log_error_errno(errno, "Failed to allocate user lookup event source: %m");
1141
1142 /* Process even earlier than the notify event source, so that we always know first about valid UID/GID
1143 * resolutions */
67ae4e8d 1144 r = sd_event_source_set_priority(m->user_lookup_event_source, SD_EVENT_PRIORITY_NORMAL-11);
00d9ef85 1145 if (r < 0)
5238e957 1146 return log_error_errno(errno, "Failed to set priority of user lookup event source: %m");
00d9ef85
LP		 1147
1148 (void) sd_event_source_set_description(m->user_lookup_event_source, "user-lookup");
1149 }
1150
1151 return 0;
1152}
1153
23a177ef 1154static unsigned manager_dispatch_cleanup_queue(Manager *m) {
595ed347 1155 Unit *u;
23a177ef
LP		 1156 unsigned n = 0;
1157
1158 assert(m);
1159
595ed347
MS		 1160 while ((u = m->cleanup_queue)) {
1161 assert(u->in_cleanup_queue);
23a177ef 1162
595ed347 1163 unit_free(u);
23a177ef
LP		 1164 n++;
1165 }
1166
1167 return n;
1168}
1169
eced69b3 1170enum {
35b8ca3a 1171 GC_OFFSET_IN_PATH, /* This one is on the path we were traveling */
eced69b3
LP		 1172 GC_OFFSET_UNSURE, /* No clue */
1173 GC_OFFSET_GOOD, /* We still need this unit */
1174 GC_OFFSET_BAD, /* We don't need this unit anymore */
1175 _GC_OFFSET_MAX
1176};
1177
00d9ef85 1178static void unit_gc_mark_good(Unit *u, unsigned gc_marker) {
4892084f
LN		 1179 Unit *other;
1180
1181 u->gc_marker = gc_marker + GC_OFFSET_GOOD;
1182
1183 /* Recursively mark referenced units as GOOD as well */
15ed3c3a 1184 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_REFERENCES)
4892084f
LN		 1185 if (other->gc_marker == gc_marker + GC_OFFSET_UNSURE)
1186 unit_gc_mark_good(other, gc_marker);
1187}
1188
eced69b3 1189static void unit_gc_sweep(Unit *u, unsigned gc_marker) {
701cc384 1190 Unit *other;
eced69b3 1191 bool is_bad;
701cc384
LP		 1192
1193 assert(u);
1194
4c701096
YW		 1195 if (IN_SET(u->gc_marker - gc_marker,
1196 GC_OFFSET_GOOD, GC_OFFSET_BAD, GC_OFFSET_UNSURE, GC_OFFSET_IN_PATH))
701cc384
LP		 1197 return;
1198
ac155bb8 1199 if (u->in_cleanup_queue)
701cc384
LP		 1200 goto bad;
1201
f2f725e5 1202 if (!unit_may_gc(u))
701cc384
LP		 1203 goto good;
1204
ac155bb8 1205 u->gc_marker = gc_marker + GC_OFFSET_IN_PATH;
eced69b3
LP		 1206
1207 is_bad = true;
1208
15ed3c3a 1209 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_REFERENCED_BY) {
701cc384
LP		 1210 unit_gc_sweep(other, gc_marker);
1211
ac155bb8 1212 if (other->gc_marker == gc_marker + GC_OFFSET_GOOD)
701cc384 1213 goto good;
eced69b3 1214
ac155bb8 1215 if (other->gc_marker != gc_marker + GC_OFFSET_BAD)
eced69b3 1216 is_bad = false;
701cc384
LP		 1217 }
1218
ef3fc326
ZJS		 1219 const UnitRef *ref;
1220 LIST_FOREACH(refs_by_target, ref, u->refs_by_target) {
1221 unit_gc_sweep(ref->source, gc_marker);
2641f02e 1222
ef3fc326
ZJS		 1223 if (ref->source->gc_marker == gc_marker + GC_OFFSET_GOOD)
1224 goto good;
2641f02e 1225
ef3fc326
ZJS		 1226 if (ref->source->gc_marker != gc_marker + GC_OFFSET_BAD)
1227 is_bad = false;
2641f02e 1228 }
701cc384 1229
eced69b3
LP		 1230 if (is_bad)
1231 goto bad;
1232
1233 /* We were unable to find anything out about this entry, so
1234 * let's investigate it later */
ac155bb8 1235 u->gc_marker = gc_marker + GC_OFFSET_UNSURE;
eced69b3
LP		 1236 unit_add_to_gc_queue(u);
1237 return;
1238
701cc384 1239bad:
eced69b3
LP		 1240 /* We definitely know that this one is not useful anymore, so
1241 * let's mark it for deletion */
ac155bb8 1242 u->gc_marker = gc_marker + GC_OFFSET_BAD;
eced69b3 1243 unit_add_to_cleanup_queue(u);
701cc384
LP		 1244 return;
1245
1246good:
4892084f 1247 unit_gc_mark_good(u, gc_marker);
701cc384
LP		 1248}
1249
c5a97ed1
LP		 1250static unsigned manager_dispatch_gc_unit_queue(Manager *m) {
1251 unsigned n = 0, gc_marker;
595ed347 1252 Unit *u;
701cc384
LP		 1253
1254 assert(m);
1255
cf1265e1 1256 /* log_debug("Running GC..."); */
701cc384 1257
eced69b3
LP		 1258 m->gc_marker += _GC_OFFSET_MAX;
1259 if (m->gc_marker + _GC_OFFSET_MAX <= _GC_OFFSET_MAX)
c9c0cadb 1260 m->gc_marker = 1;
701cc384 1261
eced69b3
LP		 1262 gc_marker = m->gc_marker;
1263
c5a97ed1 1264 while ((u = m->gc_unit_queue)) {
595ed347 1265 assert(u->in_gc_queue);
701cc384 1266
595ed347 1267 unit_gc_sweep(u, gc_marker);
eced69b3 1268
c5a97ed1 1269 LIST_REMOVE(gc_queue, m->gc_unit_queue, u);
595ed347 1270 u->in_gc_queue = false;
701cc384
LP		 1271
1272 n++;
1273
4c701096
YW		 1274 if (IN_SET(u->gc_marker - gc_marker,
1275 GC_OFFSET_BAD, GC_OFFSET_UNSURE)) {
cc3bc3e6 1276 if (u->id)
f2341e0a 1277 log_unit_debug(u, "Collecting.");
595ed347
MS		 1278 u->gc_marker = gc_marker + GC_OFFSET_BAD;
1279 unit_add_to_cleanup_queue(u);
701cc384
LP		 1280 }
1281 }
1282
701cc384
LP		 1283 return n;
1284}
1285
c5a97ed1
LP		 1286static unsigned manager_dispatch_gc_job_queue(Manager *m) {
1287 unsigned n = 0;
1288 Job *j;
1289
1290 assert(m);
1291
1292 while ((j = m->gc_job_queue)) {
1293 assert(j->in_gc_queue);
1294
1295 LIST_REMOVE(gc_queue, m->gc_job_queue, j);
1296 j->in_gc_queue = false;
1297
1298 n++;
1299
2ab3050f 1300 if (!job_may_gc(j))
c5a97ed1
LP		 1301 continue;
1302
1303 log_unit_debug(j->unit, "Collecting job.");
1304 (void) job_finish_and_invalidate(j, JOB_COLLECTED, false, false);
1305 }
1306
1307 return n;
1308}
1309
a3c1168a
LP		 1310static unsigned manager_dispatch_stop_when_unneeded_queue(Manager *m) {
1311 unsigned n = 0;
1312 Unit *u;
1313 int r;
1314
1315 assert(m);
1316
1317 while ((u = m->stop_when_unneeded_queue)) {
1318 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
a3c1168a
LP		 1319
1320 assert(u->in_stop_when_unneeded_queue);
1321 LIST_REMOVE(stop_when_unneeded_queue, m->stop_when_unneeded_queue, u);
1322 u->in_stop_when_unneeded_queue = false;
1323
1324 n++;
1325
1326 if (!unit_is_unneeded(u))
1327 continue;
1328
1329 log_unit_debug(u, "Unit is not needed anymore.");
1330
1331 /* If stopping a unit fails continuously we might enter a stop loop here, hence stop acting on the
1332 * service being unnecessary after a while. */
1333
0bc488c9 1334 if (!ratelimit_below(&u->auto_start_stop_ratelimit)) {
a3c1168a
LP		 1335 log_unit_warning(u, "Unit not needed anymore, but not stopping since we tried this too often recently.");
1336 continue;
1337 }
1338
1339 /* Ok, nobody needs us anymore. Sniff. Then let's commit suicide */
50cbaba4 1340 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, NULL, &error, NULL);
a3c1168a
LP		 1341 if (r < 0)
1342 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
1343 }
1344
1345 return n;
1346}
1347
0bc488c9
LP		 1348static unsigned manager_dispatch_start_when_upheld_queue(Manager *m) {
1349 unsigned n = 0;
1350 Unit *u;
1351 int r;
1352
1353 assert(m);
1354
1355 while ((u = m->start_when_upheld_queue)) {
1356 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1357 Unit *culprit = NULL;
1358
1359 assert(u->in_start_when_upheld_queue);
1360 LIST_REMOVE(start_when_upheld_queue, m->start_when_upheld_queue, u);
1361 u->in_start_when_upheld_queue = false;
1362
1363 n++;
1364
1365 if (!unit_is_upheld_by_active(u, &culprit))
1366 continue;
1367
1368 log_unit_debug(u, "Unit is started because upheld by active unit %s.", culprit->id);
1369
1370 /* If stopping a unit fails continuously we might enter a stop loop here, hence stop acting on the
1371 * service being unnecessary after a while. */
1372
1373 if (!ratelimit_below(&u->auto_start_stop_ratelimit)) {
1374 log_unit_warning(u, "Unit needs to be started because active unit %s upholds it, but not starting since we tried this too often recently.", culprit->id);
1375 continue;
1376 }
1377
1378 r = manager_add_job(u->manager, JOB_START, u, JOB_FAIL, NULL, &error, NULL);
1379 if (r < 0)
1380 log_unit_warning_errno(u, r, "Failed to enqueue start job, ignoring: %s", bus_error_message(&error, r));
1381 }
1382
1383 return n;
1384}
1385
56c59592
LP		 1386static unsigned manager_dispatch_stop_when_bound_queue(Manager *m) {
1387 unsigned n = 0;
1388 Unit *u;
1389 int r;
1390
1391 assert(m);
1392
1393 while ((u = m->stop_when_bound_queue)) {
1394 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1395 Unit *culprit = NULL;
1396
1397 assert(u->in_stop_when_bound_queue);
1398 LIST_REMOVE(stop_when_bound_queue, m->stop_when_bound_queue, u);
1399 u->in_stop_when_bound_queue = false;
1400
1401 n++;
1402
1403 if (!unit_is_bound_by_inactive(u, &culprit))
1404 continue;
1405
1406 log_unit_debug(u, "Unit is stopped because bound to inactive unit %s.", culprit->id);
1407
1408 /* If stopping a unit fails continuously we might enter a stop loop here, hence stop acting on the
1409 * service being unnecessary after a while. */
1410
1411 if (!ratelimit_below(&u->auto_start_stop_ratelimit)) {
1412 log_unit_warning(u, "Unit needs to be stopped because it is bound to inactive unit %s it, but not stopping since we tried this too often recently.", culprit->id);
1413 continue;
1414 }
1415
1416 r = manager_add_job(u->manager, JOB_STOP, u, JOB_REPLACE, NULL, &error, NULL);
1417 if (r < 0)
1418 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
1419 }
1420
1421 return n;
1422}
1423
a16e1123 1424static void manager_clear_jobs_and_units(Manager *m) {
a16e1123 1425 Unit *u;
60918275
LP		 1426
1427 assert(m);
1428
87f0e418
LP		 1429 while ((u = hashmap_first(m->units)))
1430 unit_free(u);
964e0949
LP		 1431
1432 manager_dispatch_cleanup_queue(m);
1433
1434 assert(!m->load_queue);
da8e1782 1435 assert(prioq_isempty(m->run_queue));
964e0949
LP		 1436 assert(!m->dbus_unit_queue);
1437 assert(!m->dbus_job_queue);
1438 assert(!m->cleanup_queue);
c5a97ed1
LP		 1439 assert(!m->gc_unit_queue);
1440 assert(!m->gc_job_queue);
a3c1168a 1441 assert(!m->stop_when_unneeded_queue);
0bc488c9 1442 assert(!m->start_when_upheld_queue);
56c59592 1443 assert(!m->stop_when_bound_queue);
964e0949 1444
964e0949
LP		 1445 assert(hashmap_isempty(m->jobs));
1446 assert(hashmap_isempty(m->units));
9e9e2b72
MS		 1447
1448 m->n_on_console = 0;
1449 m->n_running_jobs = 0;
1e75824c
MK		 1450 m->n_installed_jobs = 0;
1451 m->n_failed_jobs = 0;
a16e1123
LP		 1452}
1453
06d8d842 1454Manager* manager_free(Manager *m) {
06d8d842
ZJS		 1455 if (!m)
1456 return NULL;
a16e1123
LP		 1457
1458 manager_clear_jobs_and_units(m);
23a177ef 1459
24b45970 1460 for (UnitType c = 0; c < _UNIT_TYPE_MAX; c++)
7824bbeb
LP		 1461 if (unit_vtable[c]->shutdown)
1462 unit_vtable[c]->shutdown(m);
1463
86036b26
LP		 1464 /* Keep the cgroup hierarchy in place except when we know we are going down for good */
1465 manager_shutdown_cgroup(m, IN_SET(m->objective, MANAGER_EXIT, MANAGER_REBOOT, MANAGER_POWEROFF, MANAGER_HALT, MANAGER_KEXEC));
8e274523 1466
07a78643 1467 lookup_paths_flush_generator(&m->lookup_paths);
5a1e9937 1468
5e8d1c9a 1469 bus_done(m);
19d22d43 1470 manager_varlink_done(m);
ea430986 1471
e8a565cb
YW		 1472 exec_runtime_vacuum(m);
1473 hashmap_free(m->exec_runtime_by_id);
1474
29206d46
LP		 1475 dynamic_user_vacuum(m, false);
1476 hashmap_free(m->dynamic_users);
1477
87f0e418 1478 hashmap_free(m->units);
4b58153d 1479 hashmap_free(m->units_by_invocation_id);
60918275 1480 hashmap_free(m->jobs);
62a76913 1481 hashmap_free(m->watch_pids);
05e343b7 1482 hashmap_free(m->watch_bus);
9152c765 1483
da8e1782
MO		 1484 prioq_free(m->run_queue);
1485
95ae05c0 1486 set_free(m->startup_units);
f755e3b7
LP		 1487 set_free(m->failed_units);
1488
718db961 1489 sd_event_source_unref(m->signal_event_source);
575b300b 1490 sd_event_source_unref(m->sigchld_event_source);
718db961 1491 sd_event_source_unref(m->notify_event_source);
d8fdc620 1492 sd_event_source_unref(m->cgroups_agent_event_source);
718db961 1493 sd_event_source_unref(m->time_change_event_source);
bbf5fd8e 1494 sd_event_source_unref(m->timezone_change_event_source);
718db961 1495 sd_event_source_unref(m->jobs_in_progress_event_source);
752b5905 1496 sd_event_source_unref(m->run_queue_event_source);
00d9ef85 1497 sd_event_source_unref(m->user_lookup_event_source);
718db961 1498
03e334a1
LP		 1499 safe_close(m->signal_fd);
1500 safe_close(m->notify_fd);
d8fdc620 1501 safe_close(m->cgroups_agent_fd);
03e334a1 1502 safe_close(m->time_change_fd);
00d9ef85 1503 safe_close_pair(m->user_lookup_fds);
718db961 1504
e46b13c8
ZJS		 1505 manager_close_ask_password(m);
1506
718db961
LP		 1507 manager_close_idle_pipe(m);
1508
1509 sd_event_unref(m->event);
60918275 1510
c952c6ec
LP		 1511 free(m->notify_socket);
1512
84e3543e 1513 lookup_paths_free(&m->lookup_paths);
1ad6e8b3
LP		 1514 strv_free(m->transient_environment);
1515 strv_free(m->client_environment);
036643a2 1516
4ad49000 1517 hashmap_free(m->cgroup_unit);
e8630e69 1518 manager_free_unit_name_maps(m);
33be102a 1519
664f88a7
LP		 1520 free(m->switch_root);
1521 free(m->switch_root_init);
1522
31ce987c 1523 rlimit_free_all(m->rlimit);
c93ff2e9 1524
a57f7e2c
LP		 1525 assert(hashmap_isempty(m->units_requiring_mounts_for));
1526 hashmap_free(m->units_requiring_mounts_for);
1527
00d9ef85
LP		 1528 hashmap_free(m->uid_refs);
1529 hashmap_free(m->gid_refs);
1530
24b45970 1531 for (ExecDirectoryType dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++)
35aba85a 1532 m->prefix[dt] = mfree(m->prefix[dt]);
bb0c0d6f 1533 free(m->received_credentials);
35aba85a 1534
6b430fdb 1535 return mfree(m);
60918275
LP		 1536}
1537
04eb582a 1538static void manager_enumerate_perpetual(Manager *m) {
04eb582a
LP		 1539 assert(m);
1540
b1d5246d
ZJS		 1541 if (m->test_run_flags == MANAGER_TEST_RUN_MINIMAL)
1542 return;
1543
04eb582a 1544 /* Let's ask every type to load all units from disk/kernel that it might know */
24b45970 1545 for (UnitType c = 0; c < _UNIT_TYPE_MAX; c++) {
04eb582a
LP		 1546 if (!unit_type_supported(c)) {
1547 log_debug("Unit type .%s is not supported on this system.", unit_type_to_string(c));
1548 continue;
1549 }
1550
1551 if (unit_vtable[c]->enumerate_perpetual)
1552 unit_vtable[c]->enumerate_perpetual(m);
1553 }
1554}
1555
a1113e08 1556static void manager_enumerate(Manager *m) {
f50e0a01
LP		 1557 assert(m);
1558
b1d5246d
ZJS		 1559 if (m->test_run_flags == MANAGER_TEST_RUN_MINIMAL)
1560 return;
1561
04eb582a 1562 /* Let's ask every type to load all units from disk/kernel that it might know */
24b45970 1563 for (UnitType c = 0; c < _UNIT_TYPE_MAX; c++) {
1c2e9646 1564 if (!unit_type_supported(c)) {
03afec3c 1565 log_debug("Unit type .%s is not supported on this system.", unit_type_to_string(c));
0faacd47 1566 continue;
a57f7e2c 1567 }
f50e0a01 1568
94b01dae
ZJS		 1569 if (unit_vtable[c]->enumerate)
1570 unit_vtable[c]->enumerate(m);
0faacd47
LP		 1571 }
1572
f50e0a01 1573 manager_dispatch_load_queue(m);
a16e1123
LP		 1574}
1575
007c6337 1576static void manager_coldplug(Manager *m) {
a16e1123
LP		 1577 Unit *u;
1578 char *k;
007c6337 1579 int r;
a16e1123
LP		 1580
1581 assert(m);
f50e0a01 1582
f0831ed2
LP		 1583 log_debug("Invoking unit coldplug() handlers…");
1584
1585 /* Let's place the units back into their deserialized state */
90e74a66 1586 HASHMAP_FOREACH_KEY(u, k, m->units) {
f50e0a01
LP		 1587
1588 /* ignore aliases */
ac155bb8 1589 if (u->id != k)
f50e0a01
LP		 1590 continue;
1591
007c6337
LP		 1592 r = unit_coldplug(u);
1593 if (r < 0)
1594 log_warning_errno(r, "We couldn't coldplug %s, proceeding anyway: %m", u->id);
f50e0a01 1595 }
a16e1123
LP		 1596}
1597
f0831ed2 1598static void manager_catchup(Manager *m) {
f0831ed2
LP		 1599 Unit *u;
1600 char *k;
1601
1602 assert(m);
1603
1604 log_debug("Invoking unit catchup() handlers…");
1605
1606 /* Let's catch up on any state changes that happened while we were reloading/reexecing */
90e74a66 1607 HASHMAP_FOREACH_KEY(u, k, m->units) {
f0831ed2
LP		 1608
1609 /* ignore aliases */
1610 if (u->id != k)
1611 continue;
1612
1613 unit_catchup(u);
1614 }
1615}
1616
9ff1a6f1 1617static void manager_distribute_fds(Manager *m, FDSet *fds) {
9ff1a6f1 1618 Unit *u;
9588bc32
LP		 1619
1620 assert(m);
1621
90e74a66 1622 HASHMAP_FOREACH(u, m->units) {
9588bc32
LP		 1623
1624 if (fdset_size(fds) <= 0)
1625 break;
1626
9ff1a6f1
LP		 1627 if (!UNIT_VTABLE(u)->distribute_fds)
1628 continue;
9588bc32 1629
9ff1a6f1
LP		 1630 UNIT_VTABLE(u)->distribute_fds(u, fds);
1631 }
9588bc32
LP		 1632}
1633
8559b3b7
LP		 1634static bool manager_dbus_is_running(Manager *m, bool deserialized) {
1635 Unit *u;
1636
1637 assert(m);
1638
1639 /* This checks whether the dbus instance we are supposed to expose our APIs on is up. We check both the socket
1640 * and the service unit. If the 'deserialized' parameter is true we'll check the deserialized state of the unit
1641 * rather than the current one. */
1642
638cece4 1643 if (MANAGER_IS_TEST_RUN(m))
8559b3b7
LP		 1644 return false;
1645
8559b3b7
LP		 1646 u = manager_get_unit(m, SPECIAL_DBUS_SOCKET);
1647 if (!u)
1648 return false;
1649 if ((deserialized ? SOCKET(u)->deserialized_state : SOCKET(u)->state) != SOCKET_RUNNING)
1650 return false;
1651
1652 u = manager_get_unit(m, SPECIAL_DBUS_SERVICE);
1653 if (!u)
1654 return false;
1655 if (!IN_SET((deserialized ? SERVICE(u)->deserialized_state : SERVICE(u)->state), SERVICE_RUNNING, SERVICE_RELOAD))
1656 return false;
1657
1658 return true;
1659}
1660
9d4c195c
LP		 1661static void manager_setup_bus(Manager *m) {
1662 assert(m);
1663
1664 /* Let's set up our private bus connection now, unconditionally */
1665 (void) bus_init_private(m);
1666
1667 /* If we are in --user mode also connect to the system bus now */
1668 if (MANAGER_IS_USER(m))
1669 (void) bus_init_system(m);
1670
1671 /* Let's connect to the bus now, but only if the unit is supposed to be up */
1672 if (manager_dbus_is_running(m, MANAGER_IS_RELOADING(m))) {
1673 (void) bus_init_api(m);
1674
1675 if (MANAGER_IS_SYSTEM(m))
1676 (void) bus_init_system(m);
1677 }
1678}
1679
159f1e76
LP		 1680static void manager_preset_all(Manager *m) {
1681 int r;
1682
1683 assert(m);
1684
1685 if (m->first_boot <= 0)
1686 return;
1687
1688 if (!MANAGER_IS_SYSTEM(m))
1689 return;
1690
638cece4 1691 if (MANAGER_IS_TEST_RUN(m))
159f1e76
LP		 1692 return;
1693
1694 /* If this is the first boot, and we are in the host system, then preset everything */
1695 r = unit_file_preset_all(UNIT_FILE_SYSTEM, 0, NULL, UNIT_FILE_PRESET_ENABLE_ONLY, NULL, 0);
1696 if (r < 0)
1697 log_full_errno(r == -EEXIST ? LOG_NOTICE : LOG_WARNING, r,
1698 "Failed to populate /etc with preset unit settings, ignoring: %m");
1699 else
1700 log_info("Populated /etc with preset unit settings.");
1701}
1702
5ce5e1ad
LP		 1703static void manager_ready(Manager *m) {
1704 assert(m);
1705
1706 /* After having loaded everything, do the final round of catching up with what might have changed */
1707
1708 m->objective = MANAGER_OK; /* Tell everyone we are up now */
1709
1710 /* It might be safe to log to the journal now and connect to dbus */
1711 manager_recheck_journal(m);
1712 manager_recheck_dbus(m);
1713
5ce5e1ad
LP		 1714 /* Let's finally catch up with any changes that took place while we were reloading/reexecing */
1715 manager_catchup(m);
c6e892bc
YW		 1716
1717 m->honor_device_enumeration = true;
5ce5e1ad
LP		 1718}
1719
a01ba4b2 1720Manager* manager_reloading_start(Manager *m) {
d147e2b6
ZJS		 1721 m->n_reloading++;
1722 return m;
1723}
a01ba4b2 1724void manager_reloading_stopp(Manager **m) {
d147e2b6
ZJS		 1725 if (*m) {
1726 assert((*m)->n_reloading > 0);
1727 (*m)->n_reloading--;
1728 }
1729}
1730
a16e1123 1731int manager_startup(Manager *m, FILE *serialization, FDSet *fds) {
17f01ace 1732 int r;
a16e1123
LP		 1733
1734 assert(m);
1735
a1f31f47
ZJS		 1736 /* If we are running in test mode, we still want to run the generators,
1737 * but we should not touch the real generator directories. */
1738 r = lookup_paths_init(&m->lookup_paths, m->unit_file_scope,
638cece4 1739 MANAGER_IS_TEST_RUN(m) ? LOOKUP_PATHS_TEMPORARY_GENERATED : 0,
a1f31f47 1740 NULL);
e801700e 1741 if (r < 0)
572986ca 1742 return log_error_errno(r, "Failed to initialize path lookup table: %m");
5a1e9937 1743
d4ee7bd8 1744 dual_timestamp_get(m->timestamps + manager_timestamp_initrd_mangle(MANAGER_TIMESTAMP_GENERATORS_START));
eb523bfb
LP		 1745 r = manager_run_environment_generators(m);
1746 if (r >= 0)
1747 r = manager_run_generators(m);
d4ee7bd8 1748 dual_timestamp_get(m->timestamps + manager_timestamp_initrd_mangle(MANAGER_TIMESTAMP_GENERATORS_FINISH));
07719a21
LP		 1749 if (r < 0)
1750 return r;
1751
159f1e76 1752 manager_preset_all(m);
572986ca 1753
581fef8d 1754 lookup_paths_log(&m->lookup_paths);
572986ca 1755
4df7d537
ZJS		 1756 {
1757 /* This block is (optionally) done with the reloading counter bumped */
1758 _cleanup_(manager_reloading_stopp) Manager *reloading = NULL;
1759
1760 /* If we will deserialize make sure that during enumeration this is already known, so we increase the
1761 * counter here already */
1762 if (serialization)
1763 reloading = manager_reloading_start(m);
1764
1765 /* First, enumerate what we can from all config files */
1766 dual_timestamp_get(m->timestamps + manager_timestamp_initrd_mangle(MANAGER_TIMESTAMP_UNITS_LOAD_START));
1767 manager_enumerate_perpetual(m);
1768 manager_enumerate(m);
1769 dual_timestamp_get(m->timestamps + manager_timestamp_initrd_mangle(MANAGER_TIMESTAMP_UNITS_LOAD_FINISH));
1770
1771 /* Second, deserialize if there is something to deserialize */
1772 if (serialization) {
1773 r = manager_deserialize(m, serialization, fds);
1774 if (r < 0)
1775 return log_error_errno(r, "Deserialization failed: %m");
1776 }
01e10de3 1777
4df7d537
ZJS		 1778 /* Any fds left? Find some unit which wants them. This is useful to allow container managers to pass
1779 * some file descriptors to us pre-initialized. This enables socket-based activation of entire
1780 * containers. */
1781 manager_distribute_fds(m, fds);
d86f9d52 1782
4df7d537
ZJS		 1783 /* We might have deserialized the notify fd, but if we didn't then let's create the bus now */
1784 r = manager_setup_notify(m);
1785 if (r < 0)
1786 /* No sense to continue without notifications, our children would fail anyway. */
1787 return r;
d8fdc620 1788
4df7d537
ZJS		 1789 r = manager_setup_cgroups_agent(m);
1790 if (r < 0)
1791 /* Likewise, no sense to continue without empty cgroup notifications. */
1792 return r;
00d9ef85 1793
4df7d537
ZJS		 1794 r = manager_setup_user_lookup_fd(m);
1795 if (r < 0)
1796 /* This shouldn't fail, except if things are really broken. */
1797 return r;
8559b3b7 1798
4df7d537
ZJS		 1799 /* Connect to the bus if we are good for it */
1800 manager_setup_bus(m);
e3dd987c 1801
5238e957 1802 /* Now that we are connected to all possible buses, let's deserialize who is tracking us. */
4df7d537
ZJS		 1803 r = bus_track_coldplug(m, &m->subscribed, false, m->deserialized_subscribed);
1804 if (r < 0)
1805 log_warning_errno(r, "Failed to deserialized tracked clients, ignoring: %m");
1806 m->deserialized_subscribed = strv_free(m->deserialized_subscribed);
a16e1123 1807
19d22d43
LP		 1808 r = manager_varlink_init(m);
1809 if (r < 0)
1810 log_warning_errno(r, "Failed to set up Varlink server, ignoring: %m");
1811
4df7d537
ZJS		 1812 /* Third, fire things up! */
1813 manager_coldplug(m);
3ad2afb6 1814
4df7d537
ZJS		 1815 /* Clean up runtime objects */
1816 manager_vacuum(m);
71445ae7 1817
4df7d537
ZJS		 1818 if (serialization)
1819 /* Let's wait for the UnitNew/JobNew messages being sent, before we notify that the
1820 * reload is finished */
1821 m->send_reloading_done = true;
9f611ad8
LP		 1822 }
1823
5ce5e1ad 1824 manager_ready(m);
f0831ed2 1825
17f01ace 1826 return 0;
f50e0a01
LP		 1827}
1828
50cbaba4
LP		 1829int manager_add_job(
1830 Manager *m,
1831 JobType type,
1832 Unit *unit,
1833 JobMode mode,
1834 Set *affected_jobs,
1835 sd_bus_error *error,
1836 Job **ret) {
1837
7527cb52 1838 Transaction *tr;
50cbaba4 1839 int r;
e5b5ae50
LP		 1840
1841 assert(m);
1842 assert(type < _JOB_TYPE_MAX);
87f0e418 1843 assert(unit);
e5b5ae50 1844 assert(mode < _JOB_MODE_MAX);
60918275 1845
7358dc02 1846 if (mode == JOB_ISOLATE && type != JOB_START)
1b09b81c 1847 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Isolate is only valid for start.");
c497c7a9 1848
7358dc02 1849 if (mode == JOB_ISOLATE && !unit->allow_isolate)
1b09b81c 1850 return sd_bus_error_set(error, BUS_ERROR_NO_ISOLATION, "Operation refused, unit may not be isolated.");
2528a7a6 1851
1f0f9f21 1852 if (mode == JOB_TRIGGERING && type != JOB_STOP)
1b09b81c 1853 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "--job-mode=triggering is only valid for stop.");
1f0f9f21 1854
f2341e0a 1855 log_unit_debug(unit, "Trying to enqueue job %s/%s/%s", unit->id, job_type_to_string(type), job_mode_to_string(mode));
9f04bd52 1856
c6497ccb 1857 type = job_type_collapse(type, unit);
e0209d83 1858
23ade460 1859 tr = transaction_new(mode == JOB_REPLACE_IRREVERSIBLY);
7527cb52
MS		 1860 if (!tr)
1861 return -ENOMEM;
11dd41ce 1862
4bd29fe5 1863 r = transaction_add_job_and_dependencies(tr, type, unit, NULL, true, false,
3742095b 1864 IN_SET(mode, JOB_IGNORE_DEPENDENCIES, JOB_IGNORE_REQUIREMENTS),
50cbaba4 1865 mode == JOB_IGNORE_DEPENDENCIES, error);
7527cb52
MS		 1866 if (r < 0)
1867 goto tr_abort;
c497c7a9 1868
7527cb52
MS		 1869 if (mode == JOB_ISOLATE) {
1870 r = transaction_add_isolate_jobs(tr, m);
1871 if (r < 0)
1872 goto tr_abort;
1873 }
1874
1f0f9f21
KK		 1875 if (mode == JOB_TRIGGERING) {
1876 r = transaction_add_triggering_jobs(tr, unit);
1877 if (r < 0)
1878 goto tr_abort;
1879 }
1880
50cbaba4 1881 r = transaction_activate(tr, m, mode, affected_jobs, error);
7527cb52
MS		 1882 if (r < 0)
1883 goto tr_abort;
e5b5ae50 1884
f2341e0a 1885 log_unit_debug(unit,
66870f90
ZJS		 1886 "Enqueued job %s/%s as %u", unit->id,
1887 job_type_to_string(type), (unsigned) tr->anchor_job->id);
f50e0a01 1888
50cbaba4
LP		 1889 if (ret)
1890 *ret = tr->anchor_job;
60918275 1891
7527cb52 1892 transaction_free(tr);
e5b5ae50 1893 return 0;
7527cb52
MS		 1894
1895tr_abort:
1896 transaction_abort(tr);
1897 transaction_free(tr);
1898 return r;
e5b5ae50 1899}
60918275 1900
50cbaba4 1901int manager_add_job_by_name(Manager *m, JobType type, const char *name, JobMode mode, Set *affected_jobs, sd_bus_error *e, Job **ret) {
4440b27d 1902 Unit *unit = NULL; /* just to appease gcc, initialization is not really necessary */
28247076
LP		 1903 int r;
1904
1905 assert(m);
1906 assert(type < _JOB_TYPE_MAX);
1907 assert(name);
1908 assert(mode < _JOB_MODE_MAX);
1909
c3090674
LP		 1910 r = manager_load_unit(m, name, NULL, NULL, &unit);
1911 if (r < 0)
28247076 1912 return r;
4440b27d 1913 assert(unit);
28247076 1914
50cbaba4 1915 return manager_add_job(m, type, unit, mode, affected_jobs, e, ret);
53f18416
LP		 1916}
1917
50cbaba4 1918int manager_add_job_by_name_and_warn(Manager *m, JobType type, const char *name, JobMode mode, Set *affected_jobs, Job **ret) {
4afd3348 1919 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
53f18416
LP		 1920 int r;
1921
1922 assert(m);
1923 assert(type < _JOB_TYPE_MAX);
1924 assert(name);
1925 assert(mode < _JOB_MODE_MAX);
1926
50cbaba4 1927 r = manager_add_job_by_name(m, type, name, mode, affected_jobs, &error, ret);
53f18416
LP		 1928 if (r < 0)
1929 return log_warning_errno(r, "Failed to enqueue %s job for %s: %s", job_mode_to_string(mode), name, bus_error_message(&error, r));
1930
1931 return r;
28247076
LP		 1932}
1933
15d167f8
JW		 1934int manager_propagate_reload(Manager *m, Unit *unit, JobMode mode, sd_bus_error *e) {
1935 int r;
1936 Transaction *tr;
1937
1938 assert(m);
1939 assert(unit);
1940 assert(mode < _JOB_MODE_MAX);
1941 assert(mode != JOB_ISOLATE); /* Isolate is only valid for start */
1942
1943 tr = transaction_new(mode == JOB_REPLACE_IRREVERSIBLY);
1944 if (!tr)
1945 return -ENOMEM;
1946
1947 /* We need an anchor job */
1948 r = transaction_add_job_and_dependencies(tr, JOB_NOP, unit, NULL, false, false, true, true, e);
1949 if (r < 0)
1950 goto tr_abort;
1951
1952 /* Failure in adding individual dependencies is ignored, so this always succeeds. */
1953 transaction_add_propagate_reload_jobs(tr, unit, tr->anchor_job, mode == JOB_IGNORE_DEPENDENCIES, e);
1954
50cbaba4 1955 r = transaction_activate(tr, m, mode, NULL, e);
15d167f8
JW		 1956 if (r < 0)
1957 goto tr_abort;
1958
1959 transaction_free(tr);
1960 return 0;
1961
1962tr_abort:
1963 transaction_abort(tr);
1964 transaction_free(tr);
1965 return r;
1966}
1967
60918275
LP		 1968Job *manager_get_job(Manager *m, uint32_t id) {
1969 assert(m);
1970
1971 return hashmap_get(m->jobs, UINT32_TO_PTR(id));
1972}
1973
87f0e418 1974Unit *manager_get_unit(Manager *m, const char *name) {
60918275
LP		 1975 assert(m);
1976 assert(name);
1977
87f0e418 1978 return hashmap_get(m->units, name);
60918275
LP		 1979}
1980
19496554
MS		 1981static int manager_dispatch_target_deps_queue(Manager *m) {
1982 Unit *u;
19496554
MS		 1983 int r = 0;
1984
19496554
MS		 1985 assert(m);
1986
1987 while ((u = m->target_deps_queue)) {
15ed3c3a
LP		 1988 _cleanup_free_ Unit **targets = NULL;
1989 int n_targets;
1990
19496554
MS		 1991 assert(u->in_target_deps_queue);
1992
1993 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
1994 u->in_target_deps_queue = false;
1995
15ed3c3a
LP		 1996 /* Take an "atomic" snapshot of dependencies here, as the call below will likely modify the
1997 * dependencies, and we can't have it that hash tables we iterate through are modified while
1998 * we are iterating through them. */
1999 n_targets = unit_get_dependency_array(u, UNIT_ATOM_DEFAULT_TARGET_DEPENDENCIES, &targets);
2000 if (n_targets < 0)
2001 return n_targets;
19496554 2002
15ed3c3a
LP		 2003 for (int i = 0; i < n_targets; i++) {
2004 r = unit_add_default_target_dependency(u, targets[i]);
2005 if (r < 0)
2006 return r;
19496554
MS		 2007 }
2008 }
2009
2010 return r;
2011}
2012
c1e1601e 2013unsigned manager_dispatch_load_queue(Manager *m) {
595ed347 2014 Unit *u;
c1e1601e 2015 unsigned n = 0;
60918275
LP		 2016
2017 assert(m);
2018
223dabab
LP		 2019 /* Make sure we are not run recursively */
2020 if (m->dispatching_load_queue)
c1e1601e 2021 return 0;
223dabab
LP		 2022
2023 m->dispatching_load_queue = true;
2024
87f0e418 2025 /* Dispatches the load queue. Takes a unit from the queue and
60918275
LP		 2026 * tries to load its data until the queue is empty */
2027
595ed347
MS		 2028 while ((u = m->load_queue)) {
2029 assert(u->in_load_queue);
034c6ed7 2030
595ed347 2031 unit_load(u);
c1e1601e 2032 n++;
60918275
LP		 2033 }
2034
223dabab 2035 m->dispatching_load_queue = false;
19496554
MS		 2036
2037 /* Dispatch the units waiting for their target dependencies to be added now, as all targets that we know about
2038 * should be loaded and have aliases resolved */
2039 (void) manager_dispatch_target_deps_queue(m);
2040
c1e1601e 2041 return n;
60918275
LP		 2042}
2043
81be2388 2044bool manager_unit_cache_should_retry_load(Unit *u) {
cda66772
LB		 2045 assert(u);
2046
81be2388
ZJS		 2047 /* Automatic reloading from disk only applies to units which were not found sometime in the past, and
2048 * the not-found stub is kept pinned in the unit graph by dependencies. For units that were
2049 * previously loaded, we don't do automatic reloading, and daemon-reload is necessary to update. */
cda66772
LB		 2050 if (u->load_state != UNIT_NOT_FOUND)
2051 return false;
2052
81be2388
ZJS		 2053 /* The cache has been updated since the last time we tried to load the unit. There might be new
2054 * fragment paths to read. */
c2911d48 2055 if (u->manager->unit_cache_timestamp_hash != u->fragment_not_found_timestamp_hash)
cda66772 2056 return true;
d904afc7 2057
81be2388 2058 /* The cache needs to be updated because there are modifications on disk. */
c2911d48 2059 return !lookup_paths_timestamp_hash_same(&u->manager->lookup_paths, u->manager->unit_cache_timestamp_hash, NULL);
d904afc7
LB		 2060}
2061
c2756a68
LP		 2062int manager_load_unit_prepare(
2063 Manager *m,
2064 const char *name,
2065 const char *path,
718db961 2066 sd_bus_error *e,
c2756a68
LP		 2067 Unit **_ret) {
2068
dc409696 2069 _cleanup_(unit_freep) Unit *cleanup_ret = NULL;
87f0e418 2070 Unit *ret;
7d17cfbc 2071 UnitType t;
60918275
LP		 2072 int r;
2073
2074 assert(m);
7a6a095a 2075 assert(_ret);
60918275 2076
526e3cbb 2077 /* This will prepare the unit for loading, but not actually load anything from disk. */
0301abf4 2078
526e3cbb 2079 if (path && !path_is_absolute(path))
718db961 2080 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Path %s is not absolute.", path);
9e2f7c11 2081
08f46856
BR		 2082 if (!name) {
2083 /* 'name' and 'path' must not both be null. Check here 'path' using assert_se() to
2084 * workaround a bug in gcc that generates a -Wnonnull warning when calling basename(),
2085 * but this cannot be possible in any code path (See #6119). */
2086 assert_se(path);
2b6bf07d 2087 name = basename(path);
08f46856 2088 }
9e2f7c11 2089
7d17cfbc
MS		 2090 t = unit_name_to_type(name);
2091
5d512d54
LN		 2092 if (t == _UNIT_TYPE_INVALID || !unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE)) {
2093 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE))
2094 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is missing the instance name.", name);
2095
718db961 2096 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is not valid.", name);
5d512d54 2097 }
60918275 2098
7d17cfbc
MS		 2099 ret = manager_get_unit(m, name);
2100 if (ret) {
d904afc7
LB		 2101 /* The time-based cache allows to start new units without daemon-reload,
2102 * but if they are already referenced (because of dependencies or ordering)
2103 * then we have to force a load of the fragment. As an optimization, check
2104 * first if anything in the usual paths was modified since the last time
7233e91a
LB		 2105 * the cache was loaded. Also check if the last time an attempt to load the
2106 * unit was made was before the most recent cache refresh, so that we know
81be2388 2107 * we need to try again — even if the cache is current, it might have been
7233e91a
LB		 2108 * updated in a different context before we had a chance to retry loading
2109 * this particular unit. */
81be2388 2110 if (manager_unit_cache_should_retry_load(ret))
d904afc7
LB		 2111 ret->load_state = UNIT_STUB;
2112 else {
2113 *_ret = ret;
2114 return 1;
2115 }
2116 } else {
2117 ret = cleanup_ret = unit_new(m, unit_vtable[t]->object_size);
2118 if (!ret)
2119 return -ENOMEM;
034c6ed7 2120 }
60918275 2121
7d17cfbc 2122 if (path) {
d904afc7
LB		 2123 r = free_and_strdup(&ret->fragment_path, path);
2124 if (r < 0)
2125 return r;
7d17cfbc 2126 }
0301abf4 2127
1058cbf2 2128 r = unit_add_name(ret, name);
dc409696 2129 if (r < 0)
1ffba6fe 2130 return r;
60918275 2131
87f0e418 2132 unit_add_to_load_queue(ret);
c1e1601e 2133 unit_add_to_dbus_queue(ret);
949061f0 2134 unit_add_to_gc_queue(ret);
c1e1601e 2135
7a6a095a 2136 *_ret = ret;
dc409696 2137 cleanup_ret = NULL;
db06e3b6
LP		 2138
2139 return 0;
2140}
2141
c2756a68
LP		 2142int manager_load_unit(
2143 Manager *m,
2144 const char *name,
2145 const char *path,
718db961 2146 sd_bus_error *e,
c2756a68
LP		 2147 Unit **_ret) {
2148
db06e3b6
LP		 2149 int r;
2150
2151 assert(m);
7a6a095a 2152 assert(_ret);
db06e3b6
LP		 2153
2154 /* This will load the service information files, but not actually
2155 * start any services or anything. */
2156
c3090674
LP		 2157 r = manager_load_unit_prepare(m, name, path, e, _ret);
2158 if (r != 0)
db06e3b6
LP		 2159 return r;
2160
f50e0a01 2161 manager_dispatch_load_queue(m);
60918275 2162
7a6a095a 2163 *_ret = unit_follow_merge(*_ret);
4109ede7
ZJS		 2164 return 0;
2165}
2166
2167int manager_load_startable_unit_or_warn(
2168 Manager *m,
2169 const char *name,
2170 const char *path,
2171 Unit **ret) {
2172
2173 /* Load a unit, make sure it loaded fully and is not masked. */
2174
2175 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2176 Unit *unit;
2177 int r;
2178
2179 r = manager_load_unit(m, name, path, &error, &unit);
2180 if (r < 0)
2181 return log_error_errno(r, "Failed to load %s %s: %s",
8ace1db7 2182 name ? "unit" : "unit file", name ?: path,
4109ede7 2183 bus_error_message(&error, r));
8ace1db7
LP		 2184
2185 r = bus_unit_validate_load_state(unit, &error);
2186 if (r < 0)
2187 return log_error_errno(r, "%s", bus_error_message(&error, r));
9e2f7c11 2188
4109ede7 2189 *ret = unit;
60918275
LP		 2190 return 0;
2191}
a66d02c3 2192
7fad411c
LP		 2193void manager_clear_jobs(Manager *m) {
2194 Job *j;
2195
2196 assert(m);
2197
7fad411c 2198 while ((j = hashmap_first(m->jobs)))
5273510e 2199 /* No need to recurse. We're cancelling all jobs. */
833f92ad 2200 job_finish_and_invalidate(j, JOB_CANCELED, false, false);
7fad411c 2201}
83c60c9f 2202
f75f613d
FB		 2203void manager_unwatch_pid(Manager *m, pid_t pid) {
2204 assert(m);
2205
2206 /* First let's drop the unit keyed as "pid". */
2207 (void) hashmap_remove(m->watch_pids, PID_TO_PTR(pid));
2208
2209 /* Then, let's also drop the array keyed by -pid. */
2210 free(hashmap_remove(m->watch_pids, PID_TO_PTR(-pid)));
2211}
2212
752b5905
LP		 2213static int manager_dispatch_run_queue(sd_event_source *source, void *userdata) {
2214 Manager *m = userdata;
83c60c9f 2215 Job *j;
034c6ed7 2216
752b5905
LP		 2217 assert(source);
2218 assert(m);
9152c765 2219
da8e1782 2220 while ((j = prioq_peek(m->run_queue))) {
ac1135be 2221 assert(j->installed);
034c6ed7
LP		 2222 assert(j->in_run_queue);
2223
6e64994d 2224 (void) job_run_and_invalidate(j);
9152c765 2225 }
034c6ed7 2226
a0b64226 2227 if (m->n_running_jobs > 0)
03b717a3
MS		 2228 manager_watch_jobs_in_progress(m);
2229
31a7eb86
ZJS		 2230 if (m->n_on_console > 0)
2231 manager_watch_idle_pipe(m);
2232
752b5905 2233 return 1;
c1e1601e
LP		 2234}
2235
9588bc32 2236static unsigned manager_dispatch_dbus_queue(Manager *m) {
e0a08581 2237 unsigned n = 0, budget;
595ed347 2238 Unit *u;
e0a08581 2239 Job *j;
c1e1601e
LP		 2240
2241 assert(m);
2242
b8d381c4
LP		 2243 /* When we are reloading, let's not wait with generating signals, since we need to exit the manager as quickly
2244 * as we can. There's no point in throttling generation of signals in that case. */
2245 if (MANAGER_IS_RELOADING(m) || m->send_reloading_done || m->pending_reload_message)
f5fbe71d 2246 budget = UINT_MAX; /* infinite budget in this case */
b8d381c4
LP		 2247 else {
2248 /* Anything to do at all? */
2249 if (!m->dbus_unit_queue && !m->dbus_job_queue)
2250 return 0;
2251
2252 /* Do we have overly many messages queued at the moment? If so, let's not enqueue more on top, let's
2253 * sit this cycle out, and process things in a later cycle when the queues got a bit emptier. */
2254 if (manager_bus_n_queued_write(m) > MANAGER_BUS_BUSY_THRESHOLD)
2255 return 0;
2256
2257 /* Only process a certain number of units/jobs per event loop iteration. Even if the bus queue wasn't
2258 * overly full before this call we shouldn't increase it in size too wildly in one step, and we
2259 * shouldn't monopolize CPU time with generating these messages. Note the difference in counting of
2260 * this "budget" and the "threshold" above: the "budget" is decreased only once per generated message,
5238e957
BB		 2261 * regardless how many buses/direct connections it is enqueued on, while the "threshold" is applied to
2262 * each queued instance of bus message, i.e. if the same message is enqueued to five buses/direct
b8d381c4
LP		 2263 * connections it will be counted five times. This difference in counting ("references"
2264 * vs. "instances") is primarily a result of the fact that it's easier to implement it this way,
2265 * however it also reflects the thinking that the "threshold" should put a limit on used queue memory,
2266 * i.e. space, while the "budget" should put a limit on time. Also note that the "threshold" is
2267 * currently chosen much higher than the "budget". */
2268 budget = MANAGER_BUS_MESSAGE_BUDGET;
2269 }
e0a08581 2270
b8d381c4 2271 while (budget != 0 && (u = m->dbus_unit_queue)) {
e0a08581 2272
595ed347 2273 assert(u->in_dbus_queue);
c1e1601e 2274
595ed347 2275 bus_unit_send_change_signal(u);
b8d381c4
LP		 2276 n++;
2277
f5fbe71d 2278 if (budget != UINT_MAX)
b8d381c4 2279 budget--;
c1e1601e
LP		 2280 }
2281
b8d381c4 2282 while (budget != 0 && (j = m->dbus_job_queue)) {
c1e1601e
LP		 2283 assert(j->in_dbus_queue);
2284
2285 bus_job_send_change_signal(j);
b8d381c4
LP		 2286 n++;
2287
f5fbe71d 2288 if (budget != UINT_MAX)
b8d381c4 2289 budget--;
c1e1601e
LP		 2290 }
2291
b8d381c4 2292 if (m->send_reloading_done) {
71445ae7 2293 m->send_reloading_done = false;
718db961 2294 bus_manager_send_reloading(m, false);
b8d381c4 2295 n++;
71445ae7
LP		 2296 }
2297
b8d381c4 2298 if (m->pending_reload_message) {
209de525 2299 bus_send_pending_reload_message(m);
e0a08581
LP		 2300 n++;
2301 }
718db961 2302
c1e1601e 2303 return n;
9152c765
LP		 2304}
2305
d8fdc620
LP		 2306static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2307 Manager *m = userdata;
60473f0c 2308 char buf[PATH_MAX];
d8fdc620
LP		 2309 ssize_t n;
2310
2311 n = recv(fd, buf, sizeof(buf), 0);
2312 if (n < 0)
2313 return log_error_errno(errno, "Failed to read cgroups agent message: %m");
2314 if (n == 0) {
2315 log_error("Got zero-length cgroups agent message, ignoring.");
2316 return 0;
2317 }
2318 if ((size_t) n >= sizeof(buf)) {
2319 log_error("Got overly long cgroups agent message, ignoring.");
2320 return 0;
2321 }
2322
2323 if (memchr(buf, 0, n)) {
2324 log_error("Got cgroups agent message with embedded NUL byte, ignoring.");
2325 return 0;
2326 }
2327 buf[n] = 0;
2328
2329 manager_notify_cgroup_empty(m, buf);
d5f15326 2330 (void) bus_forward_agent_released(m, buf);
d8fdc620
LP		 2331
2332 return 0;
2333}
2334
5151b4cc 2335static bool manager_process_barrier_fd(char * const *tags, FDSet *fds) {
4f07ddfa
KKD		 2336
2337 /* nothing else must be sent when using BARRIER=1 */
5151b4cc
BR		 2338 if (strv_contains(tags, "BARRIER=1")) {
2339 if (strv_length(tags) == 1) {
2340 if (fdset_size(fds) != 1)
2341 log_warning("Got incorrect number of fds with BARRIER=1, closing them.");
2342 } else
2343 log_warning("Extra notification messages sent with BARRIER=1, ignoring everything.");
2344
2345 /* Drop the message if BARRIER=1 was found */
4f07ddfa 2346 return true;
5151b4cc 2347 }
4f07ddfa
KKD		 2348
2349 return false;
2350}
2351
db256aab
LP		 2352static void manager_invoke_notify_message(
2353 Manager *m,
2354 Unit *u,
2355 const struct ucred *ucred,
5151b4cc 2356 char * const *tags,
db256aab
LP		 2357 FDSet *fds) {
2358
5ba6985b
LP		 2359 assert(m);
2360 assert(u);
db256aab 2361 assert(ucred);
5151b4cc 2362 assert(tags);
5ba6985b 2363
62a76913 2364 if (u->notifygen == m->notifygen) /* Already invoked on this same unit in this same iteration? */
5ba6985b 2365 return;
62a76913
LP		 2366 u->notifygen = m->notifygen;
2367
5151b4cc 2368 if (UNIT_VTABLE(u)->notify_message)
db256aab 2369 UNIT_VTABLE(u)->notify_message(u, ucred, tags, fds);
62a76913 2370
5151b4cc
BR		 2371 else if (DEBUG_LOGGING) {
2372 _cleanup_free_ char *buf = NULL, *x = NULL, *y = NULL;
a86b7675 2373
5151b4cc
BR		 2374 buf = strv_join(tags, ", ");
2375 if (buf)
2376 x = ellipsize(buf, 20, 90);
a86b7675 2377 if (x)
da5fb861
LP		 2378 y = cescape(x);
2379
a86b7675
ZJS		 2380 log_unit_debug(u, "Got notification message \"%s\", ignoring.", strnull(y));
2381 }
5ba6985b
LP		 2382}
2383
718db961 2384static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
3d0b8a55 2385
b215b0ed 2386 _cleanup_fdset_free_ FDSet *fds = NULL;
718db961 2387 Manager *m = userdata;
b215b0ed
DH		 2388 char buf[NOTIFY_BUFFER_MAX+1];
2389 struct iovec iovec = {
2390 .iov_base = buf,
2391 .iov_len = sizeof(buf)-1,
2392 };
fb29cdbe
LP		 2393 CMSG_BUFFER_TYPE(CMSG_SPACE(sizeof(struct ucred)) +
2394 CMSG_SPACE(sizeof(int) * NOTIFY_FD_MAX)) control;
b215b0ed
DH		 2395 struct msghdr msghdr = {
2396 .msg_iov = &iovec,
2397 .msg_iovlen = 1,
2398 .msg_control = &control,
2399 .msg_controllen = sizeof(control),
2400 };
2401
2402 struct cmsghdr *cmsg;
2403 struct ucred *ucred = NULL;
62a76913 2404 _cleanup_free_ Unit **array_copy = NULL;
5151b4cc 2405 _cleanup_strv_free_ char **tags = NULL;
62a76913 2406 Unit *u1, *u2, **array;
b215b0ed 2407 int r, *fd_array = NULL;
da6053d0 2408 size_t n_fds = 0;
62a76913 2409 bool found = false;
8c47c732
LP		 2410 ssize_t n;
2411
2412 assert(m);
718db961
LP		 2413 assert(m->notify_fd == fd);
2414
2415 if (revents != EPOLLIN) {
2416 log_warning("Got unexpected poll event for notify fd.");
2417 return 0;
2418 }
8c47c732 2419
3691bcf3
LP		 2420 n = recvmsg_safe(m->notify_fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC|MSG_TRUNC);
2421 if (IN_SET(n, -EAGAIN, -EINTR))
2422 return 0; /* Spurious wakeup, try again */
741bfd7f
LP		 2423 if (n == -EXFULL) {
2424 log_warning("Got message with truncated control data (too many fds sent?), ignoring.");
2425 return 0;
2426 }
3691bcf3
LP		 2427 if (n < 0)
2428 /* If this is any other, real error, then let's stop processing this socket. This of course
2429 * means we won't take notification messages anymore, but that's still better than busy
2430 * looping around this: being woken up over and over again but being unable to actually read
2431 * the message off the socket. */
2432 return log_error_errno(n, "Failed to receive notification message: %m");
a354329f 2433
b215b0ed
DH		 2434 CMSG_FOREACH(cmsg, &msghdr) {
2435 if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
a354329f 2436
3691bcf3 2437 assert(!fd_array);
b215b0ed
DH		 2438 fd_array = (int*) CMSG_DATA(cmsg);
2439 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
a354329f 2440
b215b0ed
DH		 2441 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2442 cmsg->cmsg_type == SCM_CREDENTIALS &&
2443 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred))) {
a354329f 2444
3691bcf3 2445 assert(!ucred);
b215b0ed 2446 ucred = (struct ucred*) CMSG_DATA(cmsg);
a354329f 2447 }
b215b0ed 2448 }
a354329f 2449
b215b0ed
DH		 2450 if (n_fds > 0) {
2451 assert(fd_array);
a354329f 2452
b215b0ed
DH		 2453 r = fdset_new_array(&fds, fd_array, n_fds);
2454 if (r < 0) {
2455 close_many(fd_array, n_fds);
9987750e
FB		 2456 log_oom();
2457 return 0;
a354329f 2458 }
b215b0ed 2459 }
8c47c732 2460
15e23e8c 2461 if (!ucred || !pid_is_valid(ucred->pid)) {
b215b0ed
DH		 2462 log_warning("Received notify message without valid credentials. Ignoring.");
2463 return 0;
2464 }
8c47c732 2465
045a3d59 2466 if ((size_t) n >= sizeof(buf) || (msghdr.msg_flags & MSG_TRUNC)) {
b215b0ed
DH		 2467 log_warning("Received notify message exceeded maximum size. Ignoring.");
2468 return 0;
2469 }
8c47c732 2470
875ca88d
LP		 2471 /* As extra safety check, let's make sure the string we get doesn't contain embedded NUL bytes. We permit one
2472 * trailing NUL byte in the message, but don't expect it. */
2473 if (n > 1 && memchr(buf, 0, n-1)) {
2474 log_warning("Received notify message with embedded NUL bytes. Ignoring.");
2475 return 0;
2476 }
2477
5151b4cc 2478 /* Make sure it's NUL-terminated, then parse it to obtain the tags list */
b215b0ed 2479 buf[n] = 0;
5151b4cc
BR		 2480 tags = strv_split_newlines(buf);
2481 if (!tags) {
2482 log_oom();
2483 return 0;
2484 }
8c47c732 2485
4f07ddfa 2486 /* possibly a barrier fd, let's see */
5151b4cc 2487 if (manager_process_barrier_fd(tags, fds))
4f07ddfa
KKD		 2488 return 0;
2489
62a76913
LP		 2490 /* Increase the generation counter used for filtering out duplicate unit invocations. */
2491 m->notifygen++;
2492
2493 /* Notify every unit that might be interested, which might be multiple. */
b215b0ed 2494 u1 = manager_get_unit_by_pid_cgroup(m, ucred->pid);
62a76913
LP		 2495 u2 = hashmap_get(m->watch_pids, PID_TO_PTR(ucred->pid));
2496 array = hashmap_get(m->watch_pids, PID_TO_PTR(-ucred->pid));
2497 if (array) {
2498 size_t k = 0;
5ba6985b 2499
62a76913
LP		 2500 while (array[k])
2501 k++;
5ba6985b 2502
62a76913
LP		 2503 array_copy = newdup(Unit*, array, k+1);
2504 if (!array_copy)
2505 log_oom();
2506 }
2507 /* And now invoke the per-unit callbacks. Note that manager_invoke_notify_message() will handle duplicate units
2508 * make sure we only invoke each unit's handler once. */
2509 if (u1) {
5151b4cc 2510 manager_invoke_notify_message(m, u1, ucred, tags, fds);
62a76913
LP		 2511 found = true;
2512 }
2513 if (u2) {
5151b4cc 2514 manager_invoke_notify_message(m, u2, ucred, tags, fds);
62a76913
LP		 2515 found = true;
2516 }
2517 if (array_copy)
2518 for (size_t i = 0; array_copy[i]; i++) {
5151b4cc 2519 manager_invoke_notify_message(m, array_copy[i], ucred, tags, fds);
62a76913
LP		 2520 found = true;
2521 }
8c47c732 2522
62a76913
LP		 2523 if (!found)
2524 log_warning("Cannot find unit for notify message of PID "PID_FMT", ignoring.", ucred->pid);
a354329f 2525
b215b0ed 2526 if (fdset_size(fds) > 0)
5fd2c135 2527 log_warning("Got extra auxiliary fds with notification message, closing them.");
8c47c732
LP		 2528
2529 return 0;
2530}
2531
62a76913
LP		 2532static void manager_invoke_sigchld_event(
2533 Manager *m,
2534 Unit *u,
2535 const siginfo_t *si) {
36f20ae3 2536
5ba6985b
LP		 2537 assert(m);
2538 assert(u);
2539 assert(si);
2540
62a76913
LP		 2541 /* Already invoked the handler of this unit in this iteration? Then don't process this again */
2542 if (u->sigchldgen == m->sigchldgen)
2543 return;
2544 u->sigchldgen = m->sigchldgen;
5ba6985b 2545
62a76913 2546 log_unit_debug(u, "Child "PID_FMT" belongs to %s.", si->si_pid, u->id);
5ba6985b 2547 unit_unwatch_pid(u, si->si_pid);
e57051f5 2548
62a76913
LP		 2549 if (UNIT_VTABLE(u)->sigchld_event)
2550 UNIT_VTABLE(u)->sigchld_event(u, si->si_pid, si->si_code, si->si_status);
5ba6985b
LP		 2551}
2552
575b300b
LP		 2553static int manager_dispatch_sigchld(sd_event_source *source, void *userdata) {
2554 Manager *m = userdata;
2555 siginfo_t si = {};
2556 int r;
2557
2558 assert(source);
9152c765
LP		 2559 assert(m);
2560
0a51b45c 2561 /* First we call waitid() for a PID and do not reap the zombie. That way we can still access /proc/$PID for it
575b300b 2562 * while it is a zombie. */
9152c765 2563
575b300b 2564 if (waitid(P_ALL, 0, &si, WEXITED|WNOHANG|WNOWAIT) < 0) {
acbb0225 2565
8afabc50
AJ		 2566 if (errno != ECHILD)
2567 log_error_errno(errno, "Failed to peek for child with waitid(), ignoring: %m");
acbb0225 2568
8afabc50 2569 goto turn_off;
575b300b 2570 }
4112df16 2571
575b300b
LP		 2572 if (si.si_pid <= 0)
2573 goto turn_off;
2574
2575 if (IN_SET(si.si_code, CLD_EXITED, CLD_KILLED, CLD_DUMPED)) {
62a76913 2576 _cleanup_free_ Unit **array_copy = NULL;
575b300b 2577 _cleanup_free_ char *name = NULL;
62a76913 2578 Unit *u1, *u2, **array;
575b300b
LP		 2579
2580 (void) get_process_comm(si.si_pid, &name);
2581
2582 log_debug("Child "PID_FMT" (%s) died (code=%s, status=%i/%s)",
2583 si.si_pid, strna(name),
2584 sigchld_code_to_string(si.si_code),
2585 si.si_status,
2586 strna(si.si_code == CLD_EXITED
2587 ? exit_status_to_string(si.si_status, EXIT_STATUS_FULL)
2588 : signal_to_string(si.si_status)));
2589
62a76913
LP		 2590 /* Increase the generation counter used for filtering out duplicate unit invocations */
2591 m->sigchldgen++;
2592
2593 /* And now figure out the unit this belongs to, it might be multiple... */
575b300b 2594 u1 = manager_get_unit_by_pid_cgroup(m, si.si_pid);
62a76913
LP		 2595 u2 = hashmap_get(m->watch_pids, PID_TO_PTR(si.si_pid));
2596 array = hashmap_get(m->watch_pids, PID_TO_PTR(-si.si_pid));
2597 if (array) {
2598 size_t n = 0;
2599
5238e957 2600 /* Count how many entries the array has */
62a76913
LP		 2601 while (array[n])
2602 n++;
2603
2604 /* Make a copy of the array so that we don't trip up on the array changing beneath us */
2605 array_copy = newdup(Unit*, array, n+1);
2606 if (!array_copy)
2607 log_oom();
2608 }
2609
2610 /* Finally, execute them all. Note that u1, u2 and the array might contain duplicates, but
2611 * that's fine, manager_invoke_sigchld_event() will ensure we only invoke the handlers once for
2612 * each iteration. */
2ba6ae6b
ZJS		 2613 if (u1) {
2614 /* We check for oom condition, in case we got SIGCHLD before the oom notification.
2615 * We only do this for the cgroup the PID belonged to. */
2616 (void) unit_check_oom(u1);
2617
fe8d22fb
AZ		 2618 /* This only logs for now. In the future when the interface for kills/notifications
2619 * is more stable we can extend service results table similar to how kernel oom kills
2620 * are managed. */
2621 (void) unit_check_oomd_kill(u1);
2622
62a76913 2623 manager_invoke_sigchld_event(m, u1, &si);
2ba6ae6b 2624 }
62a76913
LP		 2625 if (u2)
2626 manager_invoke_sigchld_event(m, u2, &si);
2627 if (array_copy)
2628 for (size_t i = 0; array_copy[i]; i++)
2629 manager_invoke_sigchld_event(m, array_copy[i], &si);
575b300b 2630 }
9152c765 2631
575b300b
LP		 2632 /* And now, we actually reap the zombie. */
2633 if (waitid(P_PID, si.si_pid, &si, WEXITED) < 0) {
2634 log_error_errno(errno, "Failed to dequeue child, ignoring: %m");
2635 return 0;
2636 }
9152c765 2637
575b300b 2638 return 0;
8c47c732 2639
575b300b
LP		 2640turn_off:
2641 /* All children processed for now, turn off event source */
4112df16 2642
575b300b
LP		 2643 r = sd_event_source_set_enabled(m->sigchld_event_source, SD_EVENT_OFF);
2644 if (r < 0)
2645 return log_error_errno(r, "Failed to disable SIGCHLD event source: %m");
9152c765
LP		 2646
2647 return 0;
2648}
2649
5f968096
ZJS		 2650static void manager_start_special(Manager *m, const char *name, JobMode mode) {
2651 Job *job;
398ef8ba 2652
5f968096
ZJS		 2653 if (manager_add_job_by_name_and_warn(m, JOB_START, name, mode, NULL, &job) < 0)
2654 return;
1e001f52 2655
5f968096
ZJS		 2656 const char *s = unit_status_string(job->unit, NULL);
2657
2658 log_info("Activating special unit %s...", s);
3889fc6f
ZJS		 2659
2660 sd_notifyf(false,
2661 "STATUS=Activating special unit %s...", s);
2662 m->status_ready = false;
28247076
LP		 2663}
2664
24dd31c1
LN		 2665static void manager_handle_ctrl_alt_del(Manager *m) {
2666 /* If the user presses C-A-D more than
2667 * 7 times within 2s, we reboot/shutdown immediately,
2668 * unless it was disabled in system.conf */
2669
7994ac1d 2670 if (ratelimit_below(&m->ctrl_alt_del_ratelimit) || m->cad_burst_action == EMERGENCY_ACTION_NONE)
5f968096 2671 manager_start_special(m, SPECIAL_CTRL_ALT_DEL_TARGET, JOB_REPLACE_IRREVERSIBLY);
ae8c7939 2672 else
7af67e9a 2673 emergency_action(m, m->cad_burst_action, EMERGENCY_ACTION_WARN, NULL, -1,
ae8c7939 2674 "Ctrl-Alt-Del was pressed more than 7 times within 2s");
24dd31c1
LN		 2675}
2676
718db961
LP		 2677static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2678 Manager *m = userdata;
9152c765
LP		 2679 ssize_t n;
2680 struct signalfd_siginfo sfsi;
dacd6cee 2681 int r;
9152c765
LP		 2682
2683 assert(m);
718db961
LP		 2684 assert(m->signal_fd == fd);
2685
2686 if (revents != EPOLLIN) {
2687 log_warning("Got unexpected events from signal file descriptor.");
2688 return 0;
2689 }
9152c765 2690
575b300b
LP		 2691 n = read(m->signal_fd, &sfsi, sizeof(sfsi));
2692 if (n != sizeof(sfsi)) {
2693 if (n >= 0) {
2694 log_warning("Truncated read from signal fd (%zu bytes), ignoring!", n);
2695 return 0;
2696 }
9152c765 2697
575b300b
LP		 2698 if (IN_SET(errno, EINTR, EAGAIN))
2699 return 0;
9152c765 2700
575b300b
LP		 2701 /* We return an error here, which will kill this handler,
2702 * to avoid a busy loop on read error. */
2703 return log_error_errno(errno, "Reading from signal fd failed: %m");
2704 }
9152c765 2705
575b300b
LP		 2706 log_received_signal(sfsi.ssi_signo == SIGCHLD ||
2707 (sfsi.ssi_signo == SIGTERM && MANAGER_IS_USER(m))
2708 ? LOG_DEBUG : LOG_INFO,
2709 &sfsi);
1e001f52 2710
575b300b 2711 switch (sfsi.ssi_signo) {
b9cd2ec1 2712
575b300b
LP		 2713 case SIGCHLD:
2714 r = sd_event_source_set_enabled(m->sigchld_event_source, SD_EVENT_ON);
2715 if (r < 0)
8afabc50 2716 log_warning_errno(r, "Failed to enable SIGCHLD event source, ignoring: %m");
b9cd2ec1 2717
575b300b 2718 break;
84e9af1e 2719
575b300b
LP		 2720 case SIGTERM:
2721 if (MANAGER_IS_SYSTEM(m)) {
ba0c7754 2722 /* This is for compatibility with the original sysvinit */
c52b19d6
LP		 2723 if (verify_run_space_and_log("Refusing to reexecute") < 0)
2724 break;
2725
2726 m->objective = MANAGER_REEXECUTE;
a1b256b0 2727 break;
575b300b 2728 }
84e9af1e 2729
575b300b
LP		 2730 _fallthrough_;
2731 case SIGINT:
2732 if (MANAGER_IS_SYSTEM(m))
2733 manager_handle_ctrl_alt_del(m);
2734 else
5f968096 2735 manager_start_special(m, SPECIAL_EXIT_TARGET, JOB_REPLACE_IRREVERSIBLY);
575b300b 2736 break;
84e9af1e 2737
575b300b 2738 case SIGWINCH:
ba0c7754 2739 /* This is a nop on non-init */
575b300b 2740 if (MANAGER_IS_SYSTEM(m))
5f968096 2741 manager_start_special(m, SPECIAL_KBREQUEST_TARGET, JOB_REPLACE);
84e9af1e 2742
575b300b 2743 break;
84e9af1e 2744
575b300b 2745 case SIGPWR:
ba0c7754 2746 /* This is a nop on non-init */
575b300b 2747 if (MANAGER_IS_SYSTEM(m))
5f968096 2748 manager_start_special(m, SPECIAL_SIGPWR_TARGET, JOB_REPLACE);
6632c602 2749
575b300b 2750 break;
57ee42ce 2751
8559b3b7 2752 case SIGUSR1:
8559b3b7 2753 if (manager_dbus_is_running(m, false)) {
575b300b 2754 log_info("Trying to reconnect to bus...");
575b300b 2755
8559b3b7
LP		 2756 (void) bus_init_api(m);
2757
2758 if (MANAGER_IS_SYSTEM(m))
2759 (void) bus_init_system(m);
5f968096
ZJS		 2760 } else
2761 manager_start_special(m, SPECIAL_DBUS_SERVICE, JOB_REPLACE);
57ee42ce 2762
575b300b 2763 break;
575b300b
LP		 2764
2765 case SIGUSR2: {
2766 _cleanup_free_ char *dump = NULL;
2767
2768 r = manager_get_dump_string(m, &dump);
2769 if (r < 0) {
2770 log_warning_errno(errno, "Failed to acquire manager dump: %m");
57ee42ce
LP		 2771 break;
2772 }
2773
575b300b
LP		 2774 log_dump(LOG_INFO, dump);
2775 break;
2776 }
2149e37c 2777
575b300b 2778 case SIGHUP:
c52b19d6
LP		 2779 if (verify_run_space_and_log("Refusing to reload") < 0)
2780 break;
2781
2782 m->objective = MANAGER_RELOAD;
575b300b
LP		 2783 break;
2784
2785 default: {
2786
2787 /* Starting SIGRTMIN+0 */
2788 static const struct {
2789 const char *target;
2790 JobMode mode;
2791 } target_table[] = {
2792 [0] = { SPECIAL_DEFAULT_TARGET, JOB_ISOLATE },
2793 [1] = { SPECIAL_RESCUE_TARGET, JOB_ISOLATE },
2794 [2] = { SPECIAL_EMERGENCY_TARGET, JOB_ISOLATE },
2795 [3] = { SPECIAL_HALT_TARGET, JOB_REPLACE_IRREVERSIBLY },
2796 [4] = { SPECIAL_POWEROFF_TARGET, JOB_REPLACE_IRREVERSIBLY },
2797 [5] = { SPECIAL_REBOOT_TARGET, JOB_REPLACE_IRREVERSIBLY },
2798 [6] = { SPECIAL_KEXEC_TARGET, JOB_REPLACE_IRREVERSIBLY },
2799 };
2800
2801 /* Starting SIGRTMIN+13, so that target halt and system halt are 10 apart */
af41e508 2802 static const ManagerObjective objective_table[] = {
575b300b
LP		 2803 [0] = MANAGER_HALT,
2804 [1] = MANAGER_POWEROFF,
2805 [2] = MANAGER_REBOOT,
2806 [3] = MANAGER_KEXEC,
2807 };
b2cdc666 2808
575b300b
LP		 2809 if ((int) sfsi.ssi_signo >= SIGRTMIN+0 &&
2810 (int) sfsi.ssi_signo < SIGRTMIN+(int) ELEMENTSOF(target_table)) {
2811 int idx = (int) sfsi.ssi_signo - SIGRTMIN;
5f968096 2812 manager_start_special(m, target_table[idx].target, target_table[idx].mode);
1005d14f 2813 break;
2149e37c 2814 }
1005d14f 2815
575b300b 2816 if ((int) sfsi.ssi_signo >= SIGRTMIN+13 &&
af41e508
LP		 2817 (int) sfsi.ssi_signo < SIGRTMIN+13+(int) ELEMENTSOF(objective_table)) {
2818 m->objective = objective_table[sfsi.ssi_signo - SIGRTMIN - 13];
575b300b
LP		 2819 break;
2820 }
2821
2822 switch (sfsi.ssi_signo - SIGRTMIN) {
2823
2824 case 20:
43bba15a 2825 manager_override_show_status(m, SHOW_STATUS_YES, "signal");
a16e1123
LP		 2826 break;
2827
575b300b 2828 case 21:
43bba15a 2829 manager_override_show_status(m, SHOW_STATUS_NO, "signal");
575b300b 2830 break;
7d793605 2831
575b300b 2832 case 22:
a6ecbf83 2833 manager_override_log_level(m, LOG_DEBUG);
575b300b
LP		 2834 break;
2835
2836 case 23:
a6ecbf83 2837 manager_restore_original_log_level(m);
575b300b 2838 break;
0003d1ab 2839
575b300b
LP		 2840 case 24:
2841 if (MANAGER_IS_USER(m)) {
af41e508 2842 m->objective = MANAGER_EXIT;
575b300b 2843 return 0;
0658666b 2844 }
9152c765 2845
575b300b
LP		 2846 /* This is a nop on init */
2847 break;
2848
2849 case 26:
2850 case 29: /* compatibility: used to be mapped to LOG_TARGET_SYSLOG_OR_KMSG */
bda7d78b 2851 manager_restore_original_log_target(m);
575b300b
LP		 2852 break;
2853
2854 case 27:
bda7d78b 2855 manager_override_log_target(m, LOG_TARGET_CONSOLE);
575b300b
LP		 2856 break;
2857
2858 case 28:
bda7d78b 2859 manager_override_log_target(m, LOG_TARGET_KMSG);
575b300b
LP		 2860 break;
2861
2862 default:
2863 log_warning("Got unhandled signal <%s>.", signal_to_string(sfsi.ssi_signo));
2864 }
2865 }}
034c6ed7
LP		 2866
2867 return 0;
2868}
2869
718db961
LP		 2870static int manager_dispatch_time_change_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2871 Manager *m = userdata;
718db961 2872 Unit *u;
034c6ed7
LP		 2873
2874 assert(m);
718db961 2875 assert(m->time_change_fd == fd);
034c6ed7 2876
a80c1575 2877 log_struct(LOG_DEBUG,
2b044526 2878 "MESSAGE_ID=" SD_MESSAGE_TIME_CHANGE_STR,
a1230ff9 2879 LOG_MESSAGE("Time has been changed"));
034c6ed7 2880
718db961 2881 /* Restart the watch */
7feedd18 2882 (void) manager_setup_time_change(m);
4e434314 2883
90e74a66 2884 HASHMAP_FOREACH(u, m->units)
718db961
LP		 2885 if (UNIT_VTABLE(u)->time_change)
2886 UNIT_VTABLE(u)->time_change(u);
ea430986 2887
718db961
LP		 2888 return 0;
2889}
ea430986 2890
bbf5fd8e
LP		 2891static int manager_dispatch_timezone_change(
2892 sd_event_source *source,
2893 const struct inotify_event *e,
2894 void *userdata) {
2895
2896 Manager *m = userdata;
2897 int changed;
bbf5fd8e
LP		 2898 Unit *u;
2899
2900 assert(m);
2901
2902 log_debug("inotify event for /etc/localtime");
2903
2904 changed = manager_read_timezone_stat(m);
f20db199 2905 if (changed <= 0)
bbf5fd8e 2906 return changed;
bbf5fd8e
LP		 2907
2908 /* Something changed, restart the watch, to ensure we watch the new /etc/localtime if it changed */
2909 (void) manager_setup_timezone_change(m);
2910
2911 /* Read the new timezone */
2912 tzset();
2913
2914 log_debug("Timezone has been changed (now: %s).", tzname[daylight]);
2915
90e74a66 2916 HASHMAP_FOREACH(u, m->units)
bbf5fd8e
LP		 2917 if (UNIT_VTABLE(u)->timezone_change)
2918 UNIT_VTABLE(u)->timezone_change(u);
2919
2920 return 0;
2921}
2922
718db961
LP		 2923static int manager_dispatch_idle_pipe_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2924 Manager *m = userdata;
8742514c 2925
718db961
LP		 2926 assert(m);
2927 assert(m->idle_pipe[2] == fd);
8742514c 2928
5a69973f
LP		 2929 /* There's at least one Type=idle child that just gave up on us waiting for the boot process to complete. Let's
2930 * now turn off any further console output if there's at least one service that needs console access, so that
2931 * from now on our own output should not spill into that service's output anymore. After all, we support
2932 * Type=idle only to beautify console output and it generally is set on services that want to own the console
2933 * exclusively without our interference. */
718db961 2934 m->no_console_output = m->n_on_console > 0;
03b717a3 2935
5a69973f
LP		 2936 /* Acknowledge the child's request, and let all all other children know too that they shouldn't wait any longer
2937 * by closing the pipes towards them, which is what they are waiting for. */
718db961 2938 manager_close_idle_pipe(m);
03b717a3 2939
718db961
LP		 2940 return 0;
2941}
31a7eb86 2942
718db961
LP		 2943static int manager_dispatch_jobs_in_progress(sd_event_source *source, usec_t usec, void *userdata) {
2944 Manager *m = userdata;
fd08a840 2945 int r;
31a7eb86 2946
718db961 2947 assert(m);
fd08a840 2948 assert(source);
9152c765 2949
718db961 2950 manager_print_jobs_in_progress(m);
fd08a840 2951
39cf0351 2952 r = sd_event_source_set_time_relative(source, JOBS_IN_PROGRESS_PERIOD_USEC);
fd08a840
ZJS		 2953 if (r < 0)
2954 return r;
2955
2956 return sd_event_source_set_enabled(source, SD_EVENT_ONESHOT);
9152c765
LP		 2957}
2958
2959int manager_loop(Manager *m) {
8c227e7f 2960 RateLimit rl = { .interval = 1*USEC_PER_SEC, .burst = 50000 };
9152c765 2961 int r;
9152c765
LP		 2962
2963 assert(m);
1fb70e66 2964 assert(m->objective == MANAGER_OK); /* Ensure manager_startup() has been called */
9152c765 2965
b0c918b9
LP		 2966 manager_check_finished(m);
2967
575b300b
LP		 2968 /* There might still be some zombies hanging around from before we were exec()'ed. Let's reap them. */
2969 r = sd_event_source_set_enabled(m->sigchld_event_source, SD_EVENT_ON);
e96d6be7 2970 if (r < 0)
575b300b 2971 return log_error_errno(r, "Failed to enable SIGCHLD event source: %m");
a4312405 2972
af41e508 2973 while (m->objective == MANAGER_OK) {
986935cf 2974 usec_t wait_usec, watchdog_usec;
9152c765 2975
986935cf 2976 watchdog_usec = manager_get_watchdog(m, WATCHDOG_RUNTIME);
61927b9f 2977 if (m->runtime_watchdog_running)
bfeb927a 2978 (void) watchdog_ping();
61927b9f
MM		 2979 else if (timestamp_is_set(watchdog_usec))
2980 manager_retry_runtime_watchdog(m);
e96d6be7 2981
7994ac1d 2982 if (!ratelimit_below(&rl)) {
ea430986
LP		 2983 /* Yay, something is going seriously wrong, pause a little */
2984 log_warning("Looping too fast. Throttling execution a little.");
2985 sleep(1);
2986 }
2987
37a8e683 2988 if (manager_dispatch_load_queue(m) > 0)
23a177ef
LP		 2989 continue;
2990
c5a97ed1
LP		 2991 if (manager_dispatch_gc_job_queue(m) > 0)
2992 continue;
2993
2994 if (manager_dispatch_gc_unit_queue(m) > 0)
701cc384
LP		 2995 continue;
2996
cf1265e1 2997 if (manager_dispatch_cleanup_queue(m) > 0)
c1e1601e 2998 continue;
034c6ed7 2999
91a6073e 3000 if (manager_dispatch_cgroup_realize_queue(m) > 0)
c1e1601e
LP		 3001 continue;
3002
0bc488c9
LP		 3003 if (manager_dispatch_start_when_upheld_queue(m) > 0)
3004 continue;
3005
56c59592
LP		 3006 if (manager_dispatch_stop_when_bound_queue(m) > 0)
3007 continue;
3008
a3c1168a
LP		 3009 if (manager_dispatch_stop_when_unneeded_queue(m) > 0)
3010 continue;
3011
c1e1601e 3012 if (manager_dispatch_dbus_queue(m) > 0)
ea430986 3013 continue;
ea430986 3014
c5f8a179 3015 /* Sleep for watchdog runtime wait time */
986935cf 3016 if (timestamp_is_set(watchdog_usec))
c5f8a179
AP		 3017 wait_usec = watchdog_runtime_wait();
3018 else
3a43da28 3019 wait_usec = USEC_INFINITY;
9152c765 3020
718db961 3021 r = sd_event_run(m->event, wait_usec);
23bbb0de
MS		 3022 if (r < 0)
3023 return log_error_errno(r, "Failed to run event loop: %m");
a16e1123 3024 }
957ca890 3025
af41e508 3026 return m->objective;
83c60c9f 3027}
ea430986 3028
718db961 3029int manager_load_unit_from_dbus_path(Manager *m, const char *s, sd_bus_error *e, Unit **_u) {
ede3a796 3030 _cleanup_free_ char *n = NULL;
4b58153d 3031 sd_id128_t invocation_id;
ea430986 3032 Unit *u;
80fbf05e 3033 int r;
ea430986
LP		 3034
3035 assert(m);
3036 assert(s);
3037 assert(_u);
3038
ede3a796
LP		 3039 r = unit_name_from_dbus_path(s, &n);
3040 if (r < 0)
3041 return r;
ea430986 3042
4b58153d
LP		 3043 /* Permit addressing units by invocation ID: if the passed bus path is suffixed by a 128bit ID then we use it
3044 * as invocation ID. */
3045 r = sd_id128_from_string(n, &invocation_id);
3046 if (r >= 0) {
3047 u = hashmap_get(m->units_by_invocation_id, &invocation_id);
3048 if (u) {
3049 *_u = u;
3050 return 0;
3051 }
3052
930c124c
ZJS		 3053 return sd_bus_error_setf(e, BUS_ERROR_NO_UNIT_FOR_INVOCATION_ID,
3054 "No unit with the specified invocation ID " SD_ID128_FORMAT_STR " known.",
3055 SD_ID128_FORMAT_VAL(invocation_id));
4b58153d
LP		 3056 }
3057
00c83b43 3058 /* If this didn't work, we check if this is a unit name */
930c124c
ZJS		 3059 if (!unit_name_is_valid(n, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE)) {
3060 _cleanup_free_ char *nn = NULL;
3061
3062 nn = cescape(n);
3063 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS,
3064 "Unit name %s is neither a valid invocation ID nor unit name.", strnull(nn));
3065 }
00c83b43 3066
80fbf05e 3067 r = manager_load_unit(m, n, NULL, e, &u);
80fbf05e
MS		 3068 if (r < 0)
3069 return r;
ea430986
LP		 3070
3071 *_u = u;
ea430986
LP		 3072 return 0;
3073}
86fbf370
LP		 3074
3075int manager_get_job_from_dbus_path(Manager *m, const char *s, Job **_j) {
718db961 3076 const char *p;
86fbf370 3077 unsigned id;
718db961 3078 Job *j;
86fbf370
LP		 3079 int r;
3080
3081 assert(m);
3082 assert(s);
3083 assert(_j);
3084
718db961
LP		 3085 p = startswith(s, "/org/freedesktop/systemd1/job/");
3086 if (!p)
86fbf370
LP		 3087 return -EINVAL;
3088
718db961 3089 r = safe_atou(p, &id);
8742514c 3090 if (r < 0)
86fbf370
LP		 3091 return r;
3092
8742514c
LP		 3093 j = manager_get_job(m, id);
3094 if (!j)
86fbf370
LP		 3095 return -ENOENT;
3096
3097 *_j = j;
3098
3099 return 0;
3100}
dfcd764e 3101
4927fcae 3102void manager_send_unit_audit(Manager *m, Unit *u, int type, bool success) {
e537352b 3103
349cc4a5 3104#if HAVE_AUDIT
2ba11090 3105 _cleanup_free_ char *p = NULL;
0aa281df 3106 const char *msg;
7410616c 3107 int audit_fd, r;
e537352b 3108
463d0d15 3109 if (!MANAGER_IS_SYSTEM(m))
a1a078ee
LP		 3110 return;
3111
c1165f82
LP		 3112 audit_fd = get_audit_fd();
3113 if (audit_fd < 0)
e537352b
LP		 3114 return;
3115
bbd3a7ba
LP		 3116 /* Don't generate audit events if the service was already
3117 * started and we're just deserializing */
2c289ea8 3118 if (MANAGER_IS_RELOADING(m))
bbd3a7ba
LP		 3119 return;
3120
ac155bb8 3121 if (u->type != UNIT_SERVICE)
f1dd0c3f
LP		 3122 return;
3123
7410616c
LP		 3124 r = unit_name_to_prefix_and_instance(u->id, &p);
3125 if (r < 0) {
3126 log_error_errno(r, "Failed to extract prefix and instance of unit name: %m");
e537352b
LP		 3127 return;
3128 }
3129
63c372cb 3130 msg = strjoina("unit=", p);
0aa281df
LP		 3131 if (audit_log_user_comm_message(audit_fd, type, msg, "systemd", NULL, NULL, NULL, success) < 0) {
3132 if (errno == EPERM)
391ade86 3133 /* We aren't allowed to send audit messages?
44785992 3134 * Then let's not retry again. */
c1165f82 3135 close_audit_fd();
0aa281df 3136 else
56f64d95 3137 log_warning_errno(errno, "Failed to send audit message: %m");
391ade86 3138 }
4927fcae 3139#endif
e537352b 3140
e537352b
LP		 3141}
3142
e983b760 3143void manager_send_unit_plymouth(Manager *m, Unit *u) {
fc2fffe7 3144 static const union sockaddr_union sa = PLYMOUTH_SOCKET;
2ba11090
ZJS		 3145 _cleanup_free_ char *message = NULL;
3146 _cleanup_close_ int fd = -1;
fc2fffe7 3147 int n = 0;
e983b760
LP		 3148
3149 /* Don't generate plymouth events if the service was already
3150 * started and we're just deserializing */
2c289ea8 3151 if (MANAGER_IS_RELOADING(m))
e983b760
LP		 3152 return;
3153
463d0d15 3154 if (!MANAGER_IS_SYSTEM(m))
e983b760
LP		 3155 return;
3156
75f86906 3157 if (detect_container() > 0)
3772995a
LP		 3158 return;
3159
ec2ce0c5 3160 if (!IN_SET(u->type, UNIT_SERVICE, UNIT_MOUNT, UNIT_SWAP))
e983b760
LP		 3161 return;
3162
3163 /* We set SOCK_NONBLOCK here so that we rather drop the
3164 * message then wait for plymouth */
e62d8c39
ZJS		 3165 fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
3166 if (fd < 0) {
56f64d95 3167 log_error_errno(errno, "socket() failed: %m");
e983b760
LP		 3168 return;
3169 }
3170
fc2fffe7 3171 if (connect(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un)) < 0) {
f60a028a 3172 if (!IN_SET(errno, EAGAIN, ENOENT) && !ERRNO_IS_DISCONNECT(errno))
56f64d95 3173 log_error_errno(errno, "connect() failed: %m");
2ba11090 3174 return;
e983b760
LP		 3175 }
3176
305757d8
ZJS		 3177 if (asprintf(&message, "U\002%c%s%n", (int) (strlen(u->id) + 1), u->id, &n) < 0)
3178 return (void) log_oom();
e983b760
LP		 3179
3180 errno = 0;
2ba11090 3181 if (write(fd, message, n + 1) != n + 1)
f60a028a 3182 if (!IN_SET(errno, EAGAIN, ENOENT) && !ERRNO_IS_DISCONNECT(errno))
56f64d95 3183 log_error_errno(errno, "Failed to write Plymouth message: %m");
e983b760
LP		 3184}
3185
986935cf
FB		 3186usec_t manager_get_watchdog(Manager *m, WatchdogType t) {
3187 assert(m);
3188
3189 if (MANAGER_IS_USER(m))
3190 return USEC_INFINITY;
3191
3192 if (timestamp_is_set(m->watchdog_overridden[t]))
3193 return m->watchdog_overridden[t];
3194
3195 return m->watchdog[t];
3196}
3197
3198void manager_set_watchdog(Manager *m, WatchdogType t, usec_t timeout) {
3199 int r = 0;
3200
3201 assert(m);
3202
3203 if (MANAGER_IS_USER(m))
3204 return;
3205
3206 if (m->watchdog[t] == timeout)
3207 return;
3208
3209 if (t == WATCHDOG_RUNTIME)
3210 if (!timestamp_is_set(m->watchdog_overridden[WATCHDOG_RUNTIME])) {
61927b9f 3211 if (timestamp_is_set(timeout)) {
986935cf 3212 r = watchdog_set_timeout(&timeout);
61927b9f
MM		 3213
3214 if (r >= 0)
3215 m->runtime_watchdog_running = true;
3216 } else {
986935cf 3217 watchdog_close(true);
61927b9f
MM		 3218 m->runtime_watchdog_running = false;
3219 }
986935cf
FB		 3220 }
3221
61927b9f 3222 m->watchdog[t] = timeout;
986935cf
FB		 3223}
3224
43bba15a 3225int manager_override_watchdog(Manager *m, WatchdogType t, usec_t timeout) {
986935cf
FB		 3226 int r = 0;
3227
3228 assert(m);
3229
3230 if (MANAGER_IS_USER(m))
3231 return 0;
3232
3233 if (m->watchdog_overridden[t] == timeout)
3234 return 0;
3235
3236 if (t == WATCHDOG_RUNTIME) {
3237 usec_t *p;
3238
3239 p = timestamp_is_set(timeout) ? &timeout : &m->watchdog[t];
61927b9f 3240 if (timestamp_is_set(*p)) {
986935cf 3241 r = watchdog_set_timeout(p);
61927b9f
MM		 3242
3243 if (r >= 0)
3244 m->runtime_watchdog_running = true;
3245 } else {
986935cf 3246 watchdog_close(true);
61927b9f
MM		 3247 m->runtime_watchdog_running = false;
3248 }
986935cf
FB		 3249 }
3250
61927b9f 3251 m->watchdog_overridden[t] = timeout;
986935cf
FB		 3252
3253 return 0;
3254}
3255
61927b9f
MM		 3256void manager_retry_runtime_watchdog(Manager *m) {
3257 int r = 0;
3258
3259 assert(m);
3260
3261 if (timestamp_is_set(m->watchdog_overridden[WATCHDOG_RUNTIME]))
3262 r = watchdog_set_timeout(&m->watchdog_overridden[WATCHDOG_RUNTIME]);
3263 else
3264 r = watchdog_set_timeout(&m->watchdog[WATCHDOG_RUNTIME]);
3265
3266 if (r >= 0)
3267 m->runtime_watchdog_running = true;
3268}
3269
a16e1123 3270int manager_reload(Manager *m) {
d147e2b6 3271 _cleanup_(manager_reloading_stopp) Manager *reloading = NULL;
51d122af 3272 _cleanup_fdset_free_ FDSet *fds = NULL;
6a33af40
LP		 3273 _cleanup_fclose_ FILE *f = NULL;
3274 int r;
a16e1123
LP		 3275
3276 assert(m);
3277
07719a21
LP		 3278 r = manager_open_serialization(m, &f);
3279 if (r < 0)
6a33af40 3280 return log_error_errno(r, "Failed to create serialization file: %m");
38c52d46 3281
07719a21 3282 fds = fdset_new();
6a33af40
LP		 3283 if (!fds)
3284 return log_oom();
3285
d147e2b6
ZJS		 3286 /* We are officially in reload mode from here on. */
3287 reloading = manager_reloading_start(m);
a16e1123 3288
b3680f49 3289 r = manager_serialize(m, f, fds, false);
d147e2b6 3290 if (r < 0)
d68c645b 3291 return r;
a16e1123 3292
d147e2b6
ZJS		 3293 if (fseeko(f, 0, SEEK_SET) < 0)
3294 return log_error_errno(errno, "Failed to seek to beginning of serialization: %m");
a16e1123 3295
6a33af40 3296 /* 💀 This is the point of no return, from here on there is no way back. 💀 */
d147e2b6 3297 reloading = NULL;
6a33af40
LP		 3298
3299 bus_manager_send_reloading(m, true);
3300
3301 /* Start by flushing out all jobs and units, all generated units, all runtime environments, all dynamic users
3302 * and everything else that is worth flushing out. We'll get it all back from the serialization — if we need
7802194a 3303 * it. */
6a33af40 3304
a16e1123 3305 manager_clear_jobs_and_units(m);
07a78643 3306 lookup_paths_flush_generator(&m->lookup_paths);
84e3543e 3307 lookup_paths_free(&m->lookup_paths);
e8a565cb 3308 exec_runtime_vacuum(m);
29206d46 3309 dynamic_user_vacuum(m, false);
00d9ef85
LP		 3310 m->uid_refs = hashmap_free(m->uid_refs);
3311 m->gid_refs = hashmap_free(m->gid_refs);
2ded0c04 3312
7c3733d5 3313 r = lookup_paths_init(&m->lookup_paths, m->unit_file_scope, 0, NULL);
6a33af40
LP		 3314 if (r < 0)
3315 log_warning_errno(r, "Failed to initialize path lookup table, ignoring: %m");
5a1e9937 3316
6a33af40
LP		 3317 (void) manager_run_environment_generators(m);
3318 (void) manager_run_generators(m);
64691d20 3319
581fef8d 3320 lookup_paths_log(&m->lookup_paths);
07719a21 3321
91e0ee5f 3322 /* We flushed out generated files, for which we don't watch mtime, so we should flush the old map. */
e8630e69 3323 manager_free_unit_name_maps(m);
5a1e9937 3324
6a33af40 3325 /* First, enumerate what we can from kernel and suchlike */
3ad2afb6 3326 manager_enumerate_perpetual(m);
ba64af90 3327 manager_enumerate(m);
a16e1123
LP		 3328
3329 /* Second, deserialize our stored data */
6a33af40
LP		 3330 r = manager_deserialize(m, f, fds);
3331 if (r < 0)
3332 log_warning_errno(r, "Deserialization failed, proceeding anyway: %m");
a16e1123 3333
6a33af40 3334 /* We don't need the serialization anymore */
62b0cbb3 3335 f = safe_fclose(f);
a16e1123 3336
6a33af40
LP		 3337 /* Re-register notify_fd as event source, and set up other sockets/communication channels we might need */
3338 (void) manager_setup_notify(m);
3339 (void) manager_setup_cgroups_agent(m);
3340 (void) manager_setup_user_lookup_fd(m);
00d9ef85 3341
a16e1123 3342 /* Third, fire things up! */
007c6337 3343 manager_coldplug(m);
a16e1123 3344
5197be06
LP		 3345 /* Clean up runtime objects no longer referenced */
3346 manager_vacuum(m);
e8a565cb 3347
3deed59a
AA		 3348 /* Clean up deserialized tracked clients */
3349 m->deserialized_subscribed = strv_free(m->deserialized_subscribed);
3350
6a33af40 3351 /* Consider the reload process complete now. */
31dc1ca3
LP		 3352 assert(m->n_reloading > 0);
3353 m->n_reloading--;
3354
c6e892bc
YW		 3355 /* On manager reloading, device tag data should exists, thus, we should honor the results of device
3356 * enumeration. The flag should be always set correctly by the serialized data, but it may fail. So,
3357 * let's always set the flag here for safety. */
3358 m->honor_device_enumeration = true;
3359
5ce5e1ad 3360 manager_ready(m);
8936a5e3 3361
71445ae7 3362 m->send_reloading_done = true;
6a33af40 3363 return 0;
a16e1123
LP		 3364}
3365
fdf20a31 3366void manager_reset_failed(Manager *m) {
5632e374 3367 Unit *u;
5632e374
LP		 3368
3369 assert(m);
3370
90e74a66 3371 HASHMAP_FOREACH(u, m->units)
fdf20a31 3372 unit_reset_failed(u);
5632e374
LP		 3373}
3374
31afa0a4 3375bool manager_unit_inactive_or_pending(Manager *m, const char *name) {
8f6df3fa
LP		 3376 Unit *u;
3377
3378 assert(m);
3379 assert(name);
3380
3381 /* Returns true if the unit is inactive or going down */
bd0af849
ZJS		 3382 u = manager_get_unit(m, name);
3383 if (!u)
8f6df3fa
LP		 3384 return true;
3385
31afa0a4 3386 return unit_inactive_or_pending(u);
8f6df3fa
LP		 3387}
3388
d8eb10d6
ZJS		 3389static void log_taint_string(Manager *m) {
3390 _cleanup_free_ char *taint = NULL;
3391
3392 assert(m);
3393
3394 if (MANAGER_IS_USER(m) || m->taint_logged)
3395 return;
3396
3397 m->taint_logged = true; /* only check for taint once */
3398
3399 taint = manager_taint_string(m);
3400 if (isempty(taint))
3401 return;
3402
3403 log_struct(LOG_NOTICE,
3404 LOG_MESSAGE("System is tainted: %s", taint),
3405 "TAINT=%s", taint,
a1230ff9 3406 "MESSAGE_ID=" SD_MESSAGE_TAINTED_STR);
d8eb10d6
ZJS		 3407}
3408
56dacdbc 3409static void manager_notify_finished(Manager *m) {
915b3753 3410 usec_t firmware_usec, loader_usec, kernel_usec, initrd_usec, userspace_usec, total_usec;
b0c918b9 3411
638cece4 3412 if (MANAGER_IS_TEST_RUN(m))
b0c918b9
LP		 3413 return;
3414
463d0d15 3415 if (MANAGER_IS_SYSTEM(m) && detect_container() <= 0) {
dc3c9f5e
ZJS		 3416 char buf[FORMAT_TIMESPAN_MAX + STRLEN(" (firmware) + ") + FORMAT_TIMESPAN_MAX + STRLEN(" (loader) + ")]
3417 = {};
3418 char *p = buf;
3419 size_t size = sizeof buf;
e03ae661 3420
9f9f0342
LP		 3421 /* Note that MANAGER_TIMESTAMP_KERNEL's monotonic value is always at 0, and
3422 * MANAGER_TIMESTAMP_FIRMWARE's and MANAGER_TIMESTAMP_LOADER's monotonic value should be considered
915b3753
LP		 3423 * negative values. */
3424
9f9f0342
LP		 3425 firmware_usec = m->timestamps[MANAGER_TIMESTAMP_FIRMWARE].monotonic - m->timestamps[MANAGER_TIMESTAMP_LOADER].monotonic;
3426 loader_usec = m->timestamps[MANAGER_TIMESTAMP_LOADER].monotonic - m->timestamps[MANAGER_TIMESTAMP_KERNEL].monotonic;
3427 userspace_usec = m->timestamps[MANAGER_TIMESTAMP_FINISH].monotonic - m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic;
3428 total_usec = m->timestamps[MANAGER_TIMESTAMP_FIRMWARE].monotonic + m->timestamps[MANAGER_TIMESTAMP_FINISH].monotonic;
18fa6b27 3429
dd1db3c2 3430 if (firmware_usec > 0)
5291f26d 3431 size = strpcpyf(&p, size, "%s (firmware) + ", FORMAT_TIMESPAN(firmware_usec, USEC_PER_MSEC));
dd1db3c2 3432 if (loader_usec > 0)
5291f26d 3433 size = strpcpyf(&p, size, "%s (loader) + ", FORMAT_TIMESPAN(loader_usec, USEC_PER_MSEC));
dd1db3c2 3434
9f9f0342 3435 if (dual_timestamp_is_set(&m->timestamps[MANAGER_TIMESTAMP_INITRD])) {
18fa6b27 3436
7802194a 3437 /* The initrd case on bare-metal */
9f9f0342
LP		 3438 kernel_usec = m->timestamps[MANAGER_TIMESTAMP_INITRD].monotonic - m->timestamps[MANAGER_TIMESTAMP_KERNEL].monotonic;
3439 initrd_usec = m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic - m->timestamps[MANAGER_TIMESTAMP_INITRD].monotonic;
18fa6b27 3440
e12919e8 3441 log_struct(LOG_INFO,
2b044526 3442 "MESSAGE_ID=" SD_MESSAGE_STARTUP_FINISHED_STR,
e12919e8
LP		 3443 "KERNEL_USEC="USEC_FMT, kernel_usec,
3444 "INITRD_USEC="USEC_FMT, initrd_usec,
3445 "USERSPACE_USEC="USEC_FMT, userspace_usec,
dd1db3c2
YW		 3446 LOG_MESSAGE("Startup finished in %s%s (kernel) + %s (initrd) + %s (userspace) = %s.",
3447 buf,
5291f26d
ZJS		 3448 FORMAT_TIMESPAN(kernel_usec, USEC_PER_MSEC),
3449 FORMAT_TIMESPAN(initrd_usec, USEC_PER_MSEC),
3450 FORMAT_TIMESPAN(userspace_usec, USEC_PER_MSEC),
3451 FORMAT_TIMESPAN(total_usec, USEC_PER_MSEC)));
18fa6b27 3452 } else {
7802194a 3453 /* The initrd-less case on bare-metal */
9f9f0342
LP		 3454
3455 kernel_usec = m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic - m->timestamps[MANAGER_TIMESTAMP_KERNEL].monotonic;
18fa6b27
LP		 3456 initrd_usec = 0;
3457
81270860 3458 log_struct(LOG_INFO,
2b044526 3459 "MESSAGE_ID=" SD_MESSAGE_STARTUP_FINISHED_STR,
e12919e8 3460 "KERNEL_USEC="USEC_FMT, kernel_usec,
ccd06097 3461 "USERSPACE_USEC="USEC_FMT, userspace_usec,
dd1db3c2
YW		 3462 LOG_MESSAGE("Startup finished in %s%s (kernel) + %s (userspace) = %s.",
3463 buf,
5291f26d
ZJS		 3464 FORMAT_TIMESPAN(kernel_usec, USEC_PER_MSEC),
3465 FORMAT_TIMESPAN(userspace_usec, USEC_PER_MSEC),
3466 FORMAT_TIMESPAN(total_usec, USEC_PER_MSEC)));
e12919e8
LP		 3467 }
3468 } else {
4adf314b 3469 /* The container and --user case */
e12919e8 3470 firmware_usec = loader_usec = initrd_usec = kernel_usec = 0;
9f9f0342 3471 total_usec = userspace_usec = m->timestamps[MANAGER_TIMESTAMP_FINISH].monotonic - m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic;
e12919e8
LP		 3472
3473 log_struct(LOG_INFO,
2b044526 3474 "MESSAGE_ID=" SD_MESSAGE_USER_STARTUP_FINISHED_STR,
e12919e8 3475 "USERSPACE_USEC="USEC_FMT, userspace_usec,
e2cc6eca 3476 LOG_MESSAGE("Startup finished in %s.",
5291f26d 3477 FORMAT_TIMESPAN(total_usec, USEC_PER_MSEC)));
18fa6b27 3478 }
b0c918b9 3479
718db961 3480 bus_manager_send_finished(m, firmware_usec, loader_usec, kernel_usec, initrd_usec, userspace_usec, total_usec);
530345e7 3481
d8eb10d6 3482 log_taint_string(m);
b0c918b9
LP		 3483}
3484
6d932659 3485static void user_manager_send_ready(Manager *m) {
4adf314b
LP		 3486 assert(m);
3487
3488 /* We send READY=1 on reaching basic.target only when running in --user mode. */
3489 if (!MANAGER_IS_USER(m) || m->ready_sent)
3490 return;
3491
4adf314b
LP		 3492 sd_notifyf(false,
3493 "READY=1\n"
3494 "STATUS=Reached " SPECIAL_BASIC_TARGET ".");
6d932659
ZJS		 3495 m->ready_sent = true;
3496 m->status_ready = false;
3497}
3498
3499static void manager_send_ready(Manager *m) {
3500 if (m->ready_sent && m->status_ready)
3501 /* Skip the notification if nothing changed. */
3502 return;
3503
3504 sd_notifyf(false,
3505 "%sSTATUS=Ready.",
3506 m->ready_sent ? "READY=1\n" : "");
3507 m->ready_sent = m->status_ready = true;
4adf314b
LP		 3508}
3509
3510static void manager_check_basic_target(Manager *m) {
3511 Unit *u;
3512
3513 assert(m);
3514
3515 /* Small shortcut */
3516 if (m->ready_sent && m->taint_logged)
3517 return;
3518
3519 u = manager_get_unit(m, SPECIAL_BASIC_TARGET);
3520 if (!u || !UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
3521 return;
3522
3523 /* For user managers, send out READY=1 as soon as we reach basic.target */
6d932659 3524 user_manager_send_ready(m);
4adf314b
LP		 3525
3526 /* Log the taint string as soon as we reach basic.target */
3527 log_taint_string(m);
3528}
3529
56dacdbc 3530void manager_check_finished(Manager *m) {
56dacdbc
ZJS		 3531 assert(m);
3532
2c289ea8 3533 if (MANAGER_IS_RELOADING(m))
aad1976f
LP		 3534 return;
3535
4259d202
LP		 3536 /* Verify that we have entered the event loop already, and not left it again. */
3537 if (!MANAGER_IS_RUNNING(m))
9771b62d
LP		 3538 return;
3539
4adf314b 3540 manager_check_basic_target(m);
0c2826c6 3541
56dacdbc 3542 if (hashmap_size(m->jobs) > 0) {
56dacdbc 3543 if (m->jobs_in_progress_event_source)
2ae56591 3544 /* Ignore any failure, this is only for feedback */
1b4154a8
ZJS		 3545 (void) sd_event_source_set_time(m->jobs_in_progress_event_source,
3546 manager_watch_jobs_next_time(m));
56dacdbc
ZJS		 3547 return;
3548 }
3549
a4ac27c1
ZJS		 3550 /* The jobs hashmap tends to grow a lot during boot, and then it's not reused until shutdown. Let's
3551 kill the hashmap if it is relatively large. */
3552 if (hashmap_buckets(m->jobs) > hashmap_size(m->units) / 10)
3553 m->jobs = hashmap_free(m->jobs);
3554
6d932659
ZJS		 3555 manager_send_ready(m);
3556
3557 if (MANAGER_IS_FINISHED(m))
3558 return;
3559
7365a296 3560 manager_flip_auto_status(m, false, "boot finished");
56dacdbc
ZJS		 3561
3562 /* Notify Type=idle units that we are done now */
56dacdbc
ZJS		 3563 manager_close_idle_pipe(m);
3564
3565 /* Turn off confirm spawn now */
7d5ceb64 3566 m->confirm_spawn = NULL;
56dacdbc
ZJS		 3567
3568 /* No need to update ask password status when we're going non-interactive */
3569 manager_close_ask_password(m);
3570
3571 /* This is no longer the first boot */
3572 manager_set_first_boot(m, false);
3573
9f9f0342 3574 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_FINISH);
56dacdbc
ZJS		 3575
3576 manager_notify_finished(m);
3577
e7ab4d1a 3578 manager_invalidate_startup_units(m);
56dacdbc
ZJS		 3579}
3580
64691d20
ZJS		 3581static bool generator_path_any(const char* const* paths) {
3582 char **path;
3583 bool found = false;
3584
3585 /* Optimize by skipping the whole process by not creating output directories
3586 * if no generators are found. */
3587 STRV_FOREACH(path, (char**) paths)
3588 if (access(*path, F_OK) == 0)
3589 found = true;
3590 else if (errno != ENOENT)
3591 log_warning_errno(errno, "Failed to open generator directory %s: %m", *path);
3592
3593 return found;
3594}
3595
64691d20
ZJS		 3596static int manager_run_environment_generators(Manager *m) {
3597 char **tmp = NULL; /* this is only used in the forked process, no cleanup here */
cccf5703 3598 _cleanup_strv_free_ char **paths = NULL;
1ad6e8b3
LP		 3599 void* args[] = {
3600 [STDOUT_GENERATE] = &tmp,
3601 [STDOUT_COLLECT] = &tmp,
3602 [STDOUT_CONSUME] = &m->transient_environment,
3603 };
e3b8d063 3604 int r;
64691d20 3605
638cece4 3606 if (MANAGER_IS_TEST_RUN(m) && !(m->test_run_flags & MANAGER_TEST_RUN_ENV_GENERATORS))
e0a3da1f
ZJS		 3607 return 0;
3608
cccf5703
BB		 3609 paths = env_generator_binary_paths(MANAGER_IS_SYSTEM(m));
3610 if (!paths)
3611 return log_oom();
64691d20 3612
cccf5703 3613 if (!generator_path_any((const char* const*) paths))
64691d20
ZJS		 3614 return 0;
3615
e3b8d063 3616 RUN_WITH_UMASK(0022)
cccf5703 3617 r = execute_directories((const char* const*) paths, DEFAULT_TIMEOUT_USEC, gather_environment,
43f565c6
YW		 3618 args, NULL, m->transient_environment,
3619 EXEC_DIR_PARALLEL | EXEC_DIR_IGNORE_ERRORS | EXEC_DIR_SET_SYSTEMD_EXEC_PID);
e3b8d063 3620 return r;
64691d20
ZJS		 3621}
3622
e801700e 3623static int manager_run_generators(Manager *m) {
f42348ac 3624 _cleanup_strv_free_ char **paths = NULL;
07719a21 3625 const char *argv[5];
07719a21 3626 int r;
5a1e9937
LP		 3627
3628 assert(m);
3629
638cece4 3630 if (MANAGER_IS_TEST_RUN(m) && !(m->test_run_flags & MANAGER_TEST_RUN_GENERATORS))
e0a3da1f
ZJS		 3631 return 0;
3632
9183df70 3633 paths = generator_binary_paths(m->unit_file_scope);
e801700e
ZJS		 3634 if (!paths)
3635 return log_oom();
5a1e9937 3636
64691d20
ZJS		 3637 if (!generator_path_any((const char* const*) paths))
3638 return 0;
5a1e9937 3639
cd64fd56 3640 r = lookup_paths_mkdir_generator(&m->lookup_paths);
7eb4f326
LP		 3641 if (r < 0) {
3642 log_error_errno(r, "Failed to create generator directories: %m");
07719a21 3643 goto finish;
7eb4f326 3644 }
5a1e9937 3645
83cc030f 3646 argv[0] = NULL; /* Leave this empty, execute_directory() will fill something in */
a3c4eb07
LP		 3647 argv[1] = m->lookup_paths.generator;
3648 argv[2] = m->lookup_paths.generator_early;
3649 argv[3] = m->lookup_paths.generator_late;
07719a21 3650 argv[4] = NULL;
5a1e9937 3651
718db961 3652 RUN_WITH_UMASK(0022)
4b05f0c9 3653 (void) execute_directories((const char* const*) paths, DEFAULT_TIMEOUT_USEC, NULL, NULL,
43f565c6
YW		 3654 (char**) argv, m->transient_environment,
3655 EXEC_DIR_PARALLEL | EXEC_DIR_IGNORE_ERRORS | EXEC_DIR_SET_SYSTEMD_EXEC_PID);
7eb4f326
LP		 3656
3657 r = 0;
5a1e9937 3658
718db961 3659finish:
cd64fd56 3660 lookup_paths_trim_generator(&m->lookup_paths);
e801700e 3661 return r;
5a1e9937
LP		 3662}
3663
1ad6e8b3
LP		 3664int manager_transient_environment_add(Manager *m, char **plus) {
3665 char **a;
3666
3667 assert(m);
3668
3669 if (strv_isempty(plus))
3670 return 0;
3671
3672 a = strv_env_merge(2, m->transient_environment, plus);
3673 if (!a)
2fbbbf9a 3674 return log_oom();
1ad6e8b3
LP		 3675
3676 sanitize_environment(a);
3677
3678 return strv_free_and_replace(m->transient_environment, a);
3679}
3680
3681int manager_client_environment_modify(
3682 Manager *m,
3683 char **minus,
3684 char **plus) {
3685
718db961 3686 char **a = NULL, **b = NULL, **l;
1ad6e8b3 3687
97d0e5f8 3688 assert(m);
bcd8e6d1 3689
1ad6e8b3
LP		 3690 if (strv_isempty(minus) && strv_isempty(plus))
3691 return 0;
3692
3693 l = m->client_environment;
bcd8e6d1 3694
718db961
LP		 3695 if (!strv_isempty(minus)) {
3696 a = strv_env_delete(l, 1, minus);
3697 if (!a)
3698 return -ENOMEM;
3699
3700 l = a;
3701 }
3702
3703 if (!strv_isempty(plus)) {
3704 b = strv_env_merge(2, l, plus);
aa9f8a30
AH		 3705 if (!b) {
3706 strv_free(a);
718db961 3707 return -ENOMEM;
aa9f8a30 3708 }
bcd8e6d1 3709
718db961
LP		 3710 l = b;
3711 }
3712
1ad6e8b3
LP		 3713 if (m->client_environment != l)
3714 strv_free(m->client_environment);
3715
718db961
LP		 3716 if (a != l)
3717 strv_free(a);
3718 if (b != l)
3719 strv_free(b);
3720
1ad6e8b3
LP		 3721 m->client_environment = sanitize_environment(l);
3722 return 0;
3723}
3724
3725int manager_get_effective_environment(Manager *m, char ***ret) {
3726 char **l;
3727
3728 assert(m);
3729 assert(ret);
3730
3731 l = strv_env_merge(2, m->transient_environment, m->client_environment);
3732 if (!l)
3733 return -ENOMEM;
f069efb4 3734
1ad6e8b3 3735 *ret = l;
97d0e5f8
UTL		 3736 return 0;
3737}
3738
c93ff2e9 3739int manager_set_default_rlimits(Manager *m, struct rlimit **default_rlimit) {
c93ff2e9
FC		 3740 assert(m);
3741
5b10116e 3742 for (unsigned i = 0; i < _RLIMIT_MAX; i++) {
d9814c76
EV		 3743 m->rlimit[i] = mfree(m->rlimit[i]);
3744
07719a21
LP		 3745 if (!default_rlimit[i])
3746 continue;
c93ff2e9 3747
07719a21
LP		 3748 m->rlimit[i] = newdup(struct rlimit, default_rlimit[i], 1);
3749 if (!m->rlimit[i])
3ce40911 3750 return log_oom();
c93ff2e9
FC		 3751 }
3752
3753 return 0;
3754}
3755
8559b3b7
LP		 3756void manager_recheck_dbus(Manager *m) {
3757 assert(m);
3758
3759 /* Connects to the bus if the dbus service and socket are running. If we are running in user mode this is all
3760 * it does. In system mode we'll also connect to the system bus (which will most likely just reuse the
3761 * connection of the API bus). That's because the system bus after all runs as service of the system instance,
3762 * while in the user instance we can assume it's already there. */
3763
31dc1ca3
LP		 3764 if (MANAGER_IS_RELOADING(m))
3765 return; /* don't check while we are reloading… */
3766
8559b3b7
LP		 3767 if (manager_dbus_is_running(m, false)) {
3768 (void) bus_init_api(m);
3769
3770 if (MANAGER_IS_SYSTEM(m))
3771 (void) bus_init_system(m);
3772 } else {
3773 (void) bus_done_api(m);
3774
3775 if (MANAGER_IS_SYSTEM(m))
3776 (void) bus_done_system(m);
3777 }
3778}
3779
d075092f 3780static bool manager_journal_is_running(Manager *m) {
f1dd0c3f
LP		 3781 Unit *u;
3782
3783 assert(m);
3784
638cece4 3785 if (MANAGER_IS_TEST_RUN(m))
7d814a19
LP		 3786 return false;
3787
d075092f 3788 /* If we are the user manager we can safely assume that the journal is up */
463d0d15 3789 if (!MANAGER_IS_SYSTEM(m))
d075092f 3790 return true;
f1dd0c3f 3791
d075092f 3792 /* Check that the socket is not only up, but in RUNNING state */
731a676c 3793 u = manager_get_unit(m, SPECIAL_JOURNALD_SOCKET);
d075092f
LP		 3794 if (!u)
3795 return false;
3796 if (SOCKET(u)->state != SOCKET_RUNNING)
3797 return false;
f1dd0c3f 3798
d075092f 3799 /* Similar, check if the daemon itself is fully up, too */
731a676c 3800 u = manager_get_unit(m, SPECIAL_JOURNALD_SERVICE);
d075092f
LP		 3801 if (!u)
3802 return false;
217677ab 3803 if (!IN_SET(SERVICE(u)->state, SERVICE_RELOAD, SERVICE_RUNNING))
d075092f
LP		 3804 return false;
3805
3806 return true;
3807}
3808
6123dfaa
ZJS		 3809void disable_printk_ratelimit(void) {
3810 /* Disable kernel's printk ratelimit.
3811 *
3812 * Logging to /dev/kmsg is most useful during early boot and shutdown, where normal logging
3813 * mechanisms are not available. The semantics of this sysctl are such that any kernel command-line
3814 * setting takes precedence. */
3815 int r;
3816
3817 r = sysctl_write("kernel/printk_devkmsg", "on");
3818 if (r < 0)
3819 log_debug_errno(r, "Failed to set sysctl kernel.printk_devkmsg=on: %m");
3820}
3821
d075092f
LP		 3822void manager_recheck_journal(Manager *m) {
3823
3824 assert(m);
3825
3826 /* Don't bother with this unless we are in the special situation of being PID 1 */
3827 if (getpid_cached() != 1)
731a676c 3828 return;
f1dd0c3f 3829
31dc1ca3
LP		 3830 /* Don't check this while we are reloading, things might still change */
3831 if (MANAGER_IS_RELOADING(m))
3832 return;
3833
cedf5088
LP		 3834 /* The journal is fully and entirely up? If so, let's permit logging to it, if that's configured. If the
3835 * journal is down, don't ever log to it, otherwise we might end up deadlocking ourselves as we might trigger
3836 * an activation ourselves we can't fulfill. */
3837 log_set_prohibit_ipc(!manager_journal_is_running(m));
cc2b9e6b 3838 log_open();
f1dd0c3f
LP		 3839}
3840
44a41954
FB		 3841static ShowStatus manager_get_show_status(Manager *m) {
3842 assert(m);
3843
3844 if (MANAGER_IS_USER(m))
3845 return _SHOW_STATUS_INVALID;
3846
3847 if (m->show_status_overridden != _SHOW_STATUS_INVALID)
3848 return m->show_status_overridden;
3849
3850 return m->show_status;
3851}
3852
3853bool manager_get_show_status_on(Manager *m) {
3854 assert(m);
3855
3856 return show_status_on(manager_get_show_status(m));
3857}
b309078a 3858
3ceb3471
FB		 3859static void set_show_status_marker(bool b) {
3860 if (b)
3861 (void) touch("/run/systemd/show-status");
3862 else
3863 (void) unlink("/run/systemd/show-status");
3864}
3865
44a41954 3866void manager_set_show_status(Manager *m, ShowStatus mode, const char *reason) {
27d340c7 3867 assert(m);
44a41954 3868 assert(reason);
0d066dd1 3869 assert(mode >= 0 && mode < _SHOW_STATUS_MAX);
27d340c7 3870
44a41954 3871 if (MANAGER_IS_USER(m))
27d340c7
LP		 3872 return;
3873
ef15d3e1
ZJS		 3874 if (mode == m->show_status)
3875 return;
3876
44a41954
FB		 3877 if (m->show_status_overridden == _SHOW_STATUS_INVALID) {
3878 bool enabled;
3879
3880 enabled = show_status_on(mode);
3881 log_debug("%s (%s) showing of status (%s).",
3882 enabled ? "Enabling" : "Disabling",
3883 strna(show_status_to_string(mode)),
3884 reason);
3885
3ceb3471 3886 set_show_status_marker(enabled);
44a41954
FB		 3887 }
3888
3889 m->show_status = mode;
3890}
3891
43bba15a 3892void manager_override_show_status(Manager *m, ShowStatus mode, const char *reason) {
44a41954
FB		 3893 assert(m);
3894 assert(mode < _SHOW_STATUS_MAX);
3895
3896 if (MANAGER_IS_USER(m))
3897 return;
3898
3899 if (mode == m->show_status_overridden)
3900 return;
3901
3902 m->show_status_overridden = mode;
3903
3904 if (mode == _SHOW_STATUS_INVALID)
3905 mode = m->show_status;
3906
ef15d3e1 3907 log_debug("%s (%s) showing of status (%s).",
44a41954 3908 m->show_status_overridden != _SHOW_STATUS_INVALID ? "Overriding" : "Restoring",
ef15d3e1
ZJS		 3909 strna(show_status_to_string(mode)),
3910 reason);
b309078a 3911
3ceb3471 3912 set_show_status_marker(show_status_on(mode));
27d340c7
LP		 3913}
3914
7d5ceb64
FB		 3915const char *manager_get_confirm_spawn(Manager *m) {
3916 static int last_errno = 0;
7d5ceb64
FB		 3917 struct stat st;
3918 int r;
3919
ea758432
LP		 3920 assert(m);
3921
7d5ceb64
FB		 3922 /* Here's the deal: we want to test the validity of the console but don't want
3923 * PID1 to go through the whole console process which might block. But we also
3924 * want to warn the user only once if something is wrong with the console so we
3925 * cannot do the sanity checks after spawning our children. So here we simply do
3926 * really basic tests to hopefully trap common errors.
3927 *
3928 * If the console suddenly disappear at the time our children will really it
3929 * then they will simply fail to acquire it and a positive answer will be
2aed63f4 3930 * assumed. New children will fall back to /dev/console though.
7d5ceb64
FB		 3931 *
3932 * Note: TTYs are devices that can come and go any time, and frequently aren't
3933 * available yet during early boot (consider a USB rs232 dongle...). If for any
2aed63f4 3934 * reason the configured console is not ready, we fall back to the default
7d5ceb64
FB		 3935 * console. */
3936
ea758432
LP		 3937 if (!m->confirm_spawn || path_equal(m->confirm_spawn, "/dev/console"))
3938 return m->confirm_spawn;
7d5ceb64 3939
ea758432
LP		 3940 if (stat(m->confirm_spawn, &st) < 0) {
3941 r = -errno;
7d5ceb64 3942 goto fail;
ea758432 3943 }
7d5ceb64
FB		 3944
3945 if (!S_ISCHR(st.st_mode)) {
ea758432 3946 r = -ENOTTY;
7d5ceb64
FB		 3947 goto fail;
3948 }
3949
3950 last_errno = 0;
ea758432
LP		 3951 return m->confirm_spawn;
3952
7d5ceb64 3953fail:
ea758432
LP		 3954 if (last_errno != r)
3955 last_errno = log_warning_errno(r, "Failed to open %s, using default console: %m", m->confirm_spawn);
3956
7d5ceb64
FB		 3957 return "/dev/console";
3958}
3959
e2680723
LP		 3960void manager_set_first_boot(Manager *m, bool b) {
3961 assert(m);
3962
463d0d15 3963 if (!MANAGER_IS_SYSTEM(m))
e2680723
LP		 3964 return;
3965
ae2a2c53
LP		 3966 if (m->first_boot != (int) b) {
3967 if (b)
3968 (void) touch("/run/systemd/first-boot");
3969 else
3970 (void) unlink("/run/systemd/first-boot");
3971 }
e2680723 3972
ae2a2c53 3973 m->first_boot = b;
e2680723
LP		 3974}
3975
b0eb2944
FB		 3976void manager_disable_confirm_spawn(void) {
3977 (void) touch("/run/systemd/confirm_spawn_disabled");
3978}
3979
3980bool manager_is_confirm_spawn_disabled(Manager *m) {
3981 if (!m->confirm_spawn)
3982 return true;
3983
3984 return access("/run/systemd/confirm_spawn_disabled", F_OK) >= 0;
3985}
3986
0d6d3cf0
FB		 3987static bool manager_should_show_status(Manager *m, StatusType type) {
3988 assert(m);
3989
3990 if (!MANAGER_IS_SYSTEM(m))
3991 return false;
3992
3993 if (m->no_console_output)
3994 return false;
3995
3996 if (!IN_SET(manager_state(m), MANAGER_INITIALIZING, MANAGER_STARTING, MANAGER_STOPPING))
3997 return false;
3998
3999 /* If we cannot find out the status properly, just proceed. */
4000 if (type != STATUS_TYPE_EMERGENCY && manager_check_ask_password(m) > 0)
4001 return false;
4002
4003 if (type == STATUS_TYPE_NOTICE && m->show_status != SHOW_STATUS_NO)
4004 return true;
4005
44a41954 4006 return manager_get_show_status_on(m);
0d6d3cf0
FB		 4007}
4008
127d5fd1 4009void manager_status_printf(Manager *m, StatusType type, const char *status, const char *format, ...) {
25cee550
MS		 4010 va_list ap;
4011
cb6531be
ZJS		 4012 /* If m is NULL, assume we're after shutdown and let the messages through. */
4013
0d6d3cf0 4014 if (m && !manager_should_show_status(m, type))
25cee550
MS		 4015 return;
4016
03b717a3
MS		 4017 /* XXX We should totally drop the check for ephemeral here
4018 * and thus effectively make 'Type=idle' pointless. */
cb6531be 4019 if (type == STATUS_TYPE_EPHEMERAL && m && m->n_on_console > 0)
03b717a3
MS		 4020 return;
4021
25cee550 4022 va_start(ap, format);
a885727a 4023 status_vprintf(status, SHOW_STATUS_ELLIPSIZE|(type == STATUS_TYPE_EPHEMERAL ? SHOW_STATUS_EPHEMERAL : 0), format, ap);
25cee550
MS		 4024 va_end(ap);
4025}
4026
ac19bdd0 4027Set* manager_get_units_requiring_mounts_for(Manager *m, const char *path) {
a57f7e2c
LP		 4028 assert(m);
4029 assert(path);
4030
ac19bdd0
ZJS		 4031 if (path_equal(path, "/"))
4032 path = "";
a57f7e2c 4033
ac19bdd0 4034 return hashmap_get(m->units_requiring_mounts_for, path);
a57f7e2c 4035}
e66cf1a3 4036
5269eb6b 4037int manager_update_failed_units(Manager *m, Unit *u, bool failed) {
03455c28 4038 unsigned size;
5269eb6b 4039 int r;
03455c28
LDM		 4040
4041 assert(m);
4042 assert(u->manager == m);
4043
4044 size = set_size(m->failed_units);
4045
9fff8981 4046 if (failed) {
de7fef4b 4047 r = set_ensure_put(&m->failed_units, NULL, u);
5269eb6b
LP		 4048 if (r < 0)
4049 return log_oom();
9fff8981 4050 } else
5269eb6b 4051 (void) set_remove(m->failed_units, u);
03455c28
LDM		 4052
4053 if (set_size(m->failed_units) != size)
4054 bus_manager_send_change_signal(m);
5269eb6b
LP		 4055
4056 return 0;
03455c28
LDM		 4057}
4058
f755e3b7
LP		 4059ManagerState manager_state(Manager *m) {
4060 Unit *u;
4061
4062 assert(m);
4063
f9d29f6d
JB		 4064 /* Is the special shutdown target active or queued? If so, we are in shutdown state */
4065 u = manager_get_unit(m, SPECIAL_SHUTDOWN_TARGET);
4066 if (u && unit_active_or_pending(u))
4067 return MANAGER_STOPPING;
4068
f755e3b7 4069 /* Did we ever finish booting? If not then we are still starting up */
49d5666c 4070 if (!MANAGER_IS_FINISHED(m)) {
d81afec1
LP		 4071
4072 u = manager_get_unit(m, SPECIAL_BASIC_TARGET);
4073 if (!u || !UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
4074 return MANAGER_INITIALIZING;
4075
f755e3b7 4076 return MANAGER_STARTING;
d81afec1 4077 }
f755e3b7 4078
45a7b16b
LP		 4079 if (MANAGER_IS_SYSTEM(m)) {
4080 /* Are the rescue or emergency targets active or queued? If so we are in maintenance state */
4081 u = manager_get_unit(m, SPECIAL_RESCUE_TARGET);
4082 if (u && unit_active_or_pending(u))
4083 return MANAGER_MAINTENANCE;
f755e3b7 4084
45a7b16b
LP		 4085 u = manager_get_unit(m, SPECIAL_EMERGENCY_TARGET);
4086 if (u && unit_active_or_pending(u))
4087 return MANAGER_MAINTENANCE;
4088 }
f755e3b7
LP		 4089
4090 /* Are there any failed units? If so, we are in degraded mode */
4091 if (set_size(m->failed_units) > 0)
4092 return MANAGER_DEGRADED;
4093
4094 return MANAGER_RUNNING;
4095}
4096
00d9ef85 4097static void manager_unref_uid_internal(
010becd9 4098 Hashmap *uid_refs,
00d9ef85
LP		 4099 uid_t uid,
4100 bool destroy_now,
4101 int (*_clean_ipc)(uid_t uid)) {
4102
4103 uint32_t c, n;
4104
00d9ef85
LP		 4105 assert(uid_is_valid(uid));
4106 assert(_clean_ipc);
4107
4108 /* A generic implementation, covering both manager_unref_uid() and manager_unref_gid(), under the assumption
4109 * that uid_t and gid_t are actually defined the same way, with the same validity rules.
4110 *
4111 * We store a hashmap where the UID/GID is they key and the value is a 32bit reference counter, whose highest
4112 * bit is used as flag for marking UIDs/GIDs whose IPC objects to remove when the last reference to the UID/GID
4113 * is dropped. The flag is set to on, once at least one reference from a unit where RemoveIPC= is set is added
4114 * on a UID/GID. It is reset when the UID's/GID's reference counter drops to 0 again. */
4115
4116 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4117 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4118
4119 if (uid == 0) /* We don't keep track of root, and will never destroy it */
4120 return;
4121
010becd9 4122 c = PTR_TO_UINT32(hashmap_get(uid_refs, UID_TO_PTR(uid)));
00d9ef85
LP		 4123
4124 n = c & ~DESTROY_IPC_FLAG;
4125 assert(n > 0);
4126 n--;
4127
4128 if (destroy_now && n == 0) {
010becd9 4129 hashmap_remove(uid_refs, UID_TO_PTR(uid));
00d9ef85
LP		 4130
4131 if (c & DESTROY_IPC_FLAG) {
4132 log_debug("%s " UID_FMT " is no longer referenced, cleaning up its IPC.",
4133 _clean_ipc == clean_ipc_by_uid ? "UID" : "GID",
4134 uid);
4135 (void) _clean_ipc(uid);
4136 }
4137 } else {
4138 c = n | (c & DESTROY_IPC_FLAG);
010becd9 4139 assert_se(hashmap_update(uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c)) >= 0);
00d9ef85
LP		 4140 }
4141}
4142
4143void manager_unref_uid(Manager *m, uid_t uid, bool destroy_now) {
010becd9 4144 manager_unref_uid_internal(m->uid_refs, uid, destroy_now, clean_ipc_by_uid);
00d9ef85
LP		 4145}
4146
4147void manager_unref_gid(Manager *m, gid_t gid, bool destroy_now) {
010becd9 4148 manager_unref_uid_internal(m->gid_refs, (uid_t) gid, destroy_now, clean_ipc_by_gid);
00d9ef85
LP		 4149}
4150
4151static int manager_ref_uid_internal(
00d9ef85
LP		 4152 Hashmap **uid_refs,
4153 uid_t uid,
4154 bool clean_ipc) {
4155
4156 uint32_t c, n;
4157 int r;
4158
00d9ef85
LP		 4159 assert(uid_refs);
4160 assert(uid_is_valid(uid));
4161
4162 /* A generic implementation, covering both manager_ref_uid() and manager_ref_gid(), under the assumption
4163 * that uid_t and gid_t are actually defined the same way, with the same validity rules. */
4164
4165 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4166 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4167
4168 if (uid == 0) /* We don't keep track of root, and will never destroy it */
4169 return 0;
4170
4171 r = hashmap_ensure_allocated(uid_refs, &trivial_hash_ops);
4172 if (r < 0)
4173 return r;
4174
4175 c = PTR_TO_UINT32(hashmap_get(*uid_refs, UID_TO_PTR(uid)));
4176
4177 n = c & ~DESTROY_IPC_FLAG;
4178 n++;
4179
4180 if (n & DESTROY_IPC_FLAG) /* check for overflow */
4181 return -EOVERFLOW;
4182
4183 c = n | (c & DESTROY_IPC_FLAG) | (clean_ipc ? DESTROY_IPC_FLAG : 0);
4184
4185 return hashmap_replace(*uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c));
4186}
4187
4188int manager_ref_uid(Manager *m, uid_t uid, bool clean_ipc) {
010becd9 4189 return manager_ref_uid_internal(&m->uid_refs, uid, clean_ipc);
00d9ef85
LP		 4190}
4191
4192int manager_ref_gid(Manager *m, gid_t gid, bool clean_ipc) {
010becd9 4193 return manager_ref_uid_internal(&m->gid_refs, (uid_t) gid, clean_ipc);
00d9ef85
LP		 4194}
4195
4196static void manager_vacuum_uid_refs_internal(
010becd9 4197 Hashmap *uid_refs,
00d9ef85
LP		 4198 int (*_clean_ipc)(uid_t uid)) {
4199
00d9ef85
LP		 4200 void *p, *k;
4201
00d9ef85
LP		 4202 assert(_clean_ipc);
4203
010becd9 4204 HASHMAP_FOREACH_KEY(p, k, uid_refs) {
00d9ef85
LP		 4205 uint32_t c, n;
4206 uid_t uid;
4207
4208 uid = PTR_TO_UID(k);
4209 c = PTR_TO_UINT32(p);
4210
4211 n = c & ~DESTROY_IPC_FLAG;
4212 if (n > 0)
4213 continue;
4214
4215 if (c & DESTROY_IPC_FLAG) {
4216 log_debug("Found unreferenced %s " UID_FMT " after reload/reexec. Cleaning up.",
4217 _clean_ipc == clean_ipc_by_uid ? "UID" : "GID",
4218 uid);
4219 (void) _clean_ipc(uid);
4220 }
4221
010becd9 4222 assert_se(hashmap_remove(uid_refs, k) == p);
00d9ef85
LP		 4223 }
4224}
4225
06a4eb07 4226static void manager_vacuum_uid_refs(Manager *m) {
010becd9 4227 manager_vacuum_uid_refs_internal(m->uid_refs, clean_ipc_by_uid);
00d9ef85
LP		 4228}
4229
06a4eb07 4230static void manager_vacuum_gid_refs(Manager *m) {
010becd9 4231 manager_vacuum_uid_refs_internal(m->gid_refs, clean_ipc_by_gid);
00d9ef85
LP		 4232}
4233
06a4eb07
FB		 4234static void manager_vacuum(Manager *m) {
4235 assert(m);
4236
4237 /* Release any dynamic users no longer referenced */
4238 dynamic_user_vacuum(m, true);
4239
4240 /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */
4241 manager_vacuum_uid_refs(m);
4242 manager_vacuum_gid_refs(m);
4243
4244 /* Release any runtimes no longer referenced */
4245 exec_runtime_vacuum(m);
4246}
4247
00d9ef85
LP		 4248int manager_dispatch_user_lookup_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
4249 struct buffer {
4250 uid_t uid;
4251 gid_t gid;
4252 char unit_name[UNIT_NAME_MAX+1];
4253 } _packed_ buffer;
4254
4255 Manager *m = userdata;
4256 ssize_t l;
4257 size_t n;
4258 Unit *u;
4259
4260 assert_se(source);
4261 assert_se(m);
4262
4263 /* Invoked whenever a child process succeeded resolving its user/group to use and sent us the resulting UID/GID
4264 * in a datagram. We parse the datagram here and pass it off to the unit, so that it can add a reference to the
4265 * UID/GID so that it can destroy the UID/GID's IPC objects when the reference counter drops to 0. */
4266
4267 l = recv(fd, &buffer, sizeof(buffer), MSG_DONTWAIT);
4268 if (l < 0) {
4c701096 4269 if (IN_SET(errno, EINTR, EAGAIN))
00d9ef85
LP		 4270 return 0;
4271
4272 return log_error_errno(errno, "Failed to read from user lookup fd: %m");
4273 }
4274
4275 if ((size_t) l <= offsetof(struct buffer, unit_name)) {
4276 log_warning("Received too short user lookup message, ignoring.");
4277 return 0;
4278 }
4279
4280 if ((size_t) l > offsetof(struct buffer, unit_name) + UNIT_NAME_MAX) {
4281 log_warning("Received too long user lookup message, ignoring.");
4282 return 0;
4283 }
4284
4285 if (!uid_is_valid(buffer.uid) && !gid_is_valid(buffer.gid)) {
4286 log_warning("Got user lookup message with invalid UID/GID pair, ignoring.");
4287 return 0;
4288 }
4289
4290 n = (size_t) l - offsetof(struct buffer, unit_name);
4291 if (memchr(buffer.unit_name, 0, n)) {
4292 log_warning("Received lookup message with embedded NUL character, ignoring.");
4293 return 0;
4294 }
4295
4296 buffer.unit_name[n] = 0;
4297 u = manager_get_unit(m, buffer.unit_name);
4298 if (!u) {
4299 log_debug("Got user lookup message but unit doesn't exist, ignoring.");
4300 return 0;
4301 }
4302
4303 log_unit_debug(u, "User lookup succeeded: uid=" UID_FMT " gid=" GID_FMT, buffer.uid, buffer.gid);
4304
4305 unit_notify_user_lookup(u, buffer.uid, buffer.gid);
4306 return 0;
4307}
4308
af6b0ecc 4309char *manager_taint_string(Manager *m) {
90d7464d 4310 _cleanup_free_ char *destination = NULL, *overflowuid = NULL, *overflowgid = NULL;
af6b0ecc
LP		 4311 char *buf, *e;
4312 int r;
4313
198ce932
ZJS		 4314 /* Returns a "taint string", e.g. "local-hwclock:var-run-bad".
4315 * Only things that are detected at runtime should be tagged
4316 * here. For stuff that is set during compilation, emit a warning
4317 * in the configuration phase. */
4318
af6b0ecc
LP		 4319 assert(m);
4320
4321 buf = new(char, sizeof("split-usr:"
4322 "cgroups-missing:"
82f30632 4323 "cgrousv1:"
af6b0ecc
LP		 4324 "local-hwclock:"
4325 "var-run-bad:"
90d7464d
LP		 4326 "overflowuid-not-65534:"
4327 "overflowgid-not-65534:"));
af6b0ecc
LP		 4328 if (!buf)
4329 return NULL;
4330
4331 e = buf;
0fd402b0 4332 buf[0] = 0;
af6b0ecc
LP		 4333
4334 if (m->taint_usr)
4335 e = stpcpy(e, "split-usr:");
4336
4337 if (access("/proc/cgroups", F_OK) < 0)
4338 e = stpcpy(e, "cgroups-missing:");
4339
82f30632
LP		 4340 if (cg_all_unified() == 0)
4341 e = stpcpy(e, "cgroupsv1:");
4342
af6b0ecc
LP		 4343 if (clock_is_localtime(NULL) > 0)
4344 e = stpcpy(e, "local-hwclock:");
4345
4346 r = readlink_malloc("/var/run", &destination);
4347 if (r < 0 || !PATH_IN_SET(destination, "../run", "/run"))
4348 e = stpcpy(e, "var-run-bad:");
4349
90d7464d
LP		 4350 r = read_one_line_file("/proc/sys/kernel/overflowuid", &overflowuid);
4351 if (r >= 0 && !streq(overflowuid, "65534"))
4352 e = stpcpy(e, "overflowuid-not-65534:");
4353
4354 r = read_one_line_file("/proc/sys/kernel/overflowgid", &overflowgid);
4355 if (r >= 0 && !streq(overflowgid, "65534"))
4356 e = stpcpy(e, "overflowgid-not-65534:");
4357
af6b0ecc
LP		 4358 /* remove the last ':' */
4359 if (e != buf)
4360 e[-1] = 0;
4361
4362 return buf;
4363}
4364
adefcf28
LP		 4365void manager_ref_console(Manager *m) {
4366 assert(m);
4367
4368 m->n_on_console++;
4369}
4370
4371void manager_unref_console(Manager *m) {
4372
4373 assert(m->n_on_console > 0);
4374 m->n_on_console--;
4375
4376 if (m->n_on_console == 0)
4377 m->no_console_output = false; /* unset no_console_output flag, since the console is definitely free now */
4378}
4379
a6ecbf83
FB		 4380void manager_override_log_level(Manager *m, int level) {
4381 _cleanup_free_ char *s = NULL;
4382 assert(m);
4383
4384 if (!m->log_level_overridden) {
4385 m->original_log_level = log_get_max_level();
4386 m->log_level_overridden = true;
4387 }
4388
4389 (void) log_level_to_string_alloc(level, &s);
4390 log_info("Setting log level to %s.", strna(s));
4391
4392 log_set_max_level(level);
4393}
4394
4395void manager_restore_original_log_level(Manager *m) {
4396 _cleanup_free_ char *s = NULL;
4397 assert(m);
4398
4399 if (!m->log_level_overridden)
4400 return;
4401
4402 (void) log_level_to_string_alloc(m->original_log_level, &s);
4403 log_info("Restoring log level to original (%s).", strna(s));
4404
4405 log_set_max_level(m->original_log_level);
4406 m->log_level_overridden = false;
4407}
4408
bda7d78b
FB		 4409void manager_override_log_target(Manager *m, LogTarget target) {
4410 assert(m);
4411
4412 if (!m->log_target_overridden) {
4413 m->original_log_target = log_get_target();
4414 m->log_target_overridden = true;
4415 }
4416
4417 log_info("Setting log target to %s.", log_target_to_string(target));
4418 log_set_target(target);
4419}
4420
4421void manager_restore_original_log_target(Manager *m) {
4422 assert(m);
4423
4424 if (!m->log_target_overridden)
4425 return;
4426
4427 log_info("Restoring log target to original %s.", log_target_to_string(m->original_log_target));
4428
4429 log_set_target(m->original_log_target);
4430 m->log_target_overridden = false;
4431}
4432
d4ee7bd8
YW		 4433ManagerTimestamp manager_timestamp_initrd_mangle(ManagerTimestamp s) {
4434 if (in_initrd() &&
4435 s >= MANAGER_TIMESTAMP_SECURITY_START &&
4436 s <= MANAGER_TIMESTAMP_UNITS_LOAD_FINISH)
4437 return s - MANAGER_TIMESTAMP_SECURITY_START + MANAGER_TIMESTAMP_INITRD_SECURITY_START;
4438 return s;
4439}
4440
f755e3b7 4441static const char *const manager_state_table[_MANAGER_STATE_MAX] = {
d81afec1 4442 [MANAGER_INITIALIZING] = "initializing",
48d83e33
ZJS		 4443 [MANAGER_STARTING] = "starting",
4444 [MANAGER_RUNNING] = "running",
4445 [MANAGER_DEGRADED] = "degraded",
4446 [MANAGER_MAINTENANCE] = "maintenance",
4447 [MANAGER_STOPPING] = "stopping",
f755e3b7
LP		 4448};
4449
4450DEFINE_STRING_TABLE_LOOKUP(manager_state, ManagerState);
9f9f0342
LP		 4451
4452static const char *const manager_timestamp_table[_MANAGER_TIMESTAMP_MAX] = {
48d83e33
ZJS		 4453 [MANAGER_TIMESTAMP_FIRMWARE] = "firmware",
4454 [MANAGER_TIMESTAMP_LOADER] = "loader",
4455 [MANAGER_TIMESTAMP_KERNEL] = "kernel",
4456 [MANAGER_TIMESTAMP_INITRD] = "initrd",
4457 [MANAGER_TIMESTAMP_USERSPACE] = "userspace",
4458 [MANAGER_TIMESTAMP_FINISH] = "finish",
4459 [MANAGER_TIMESTAMP_SECURITY_START] = "security-start",
4460 [MANAGER_TIMESTAMP_SECURITY_FINISH] = "security-finish",
4461 [MANAGER_TIMESTAMP_GENERATORS_START] = "generators-start",
4462 [MANAGER_TIMESTAMP_GENERATORS_FINISH] = "generators-finish",
4463 [MANAGER_TIMESTAMP_UNITS_LOAD_START] = "units-load-start",
4464 [MANAGER_TIMESTAMP_UNITS_LOAD_FINISH] = "units-load-finish",
4465 [MANAGER_TIMESTAMP_INITRD_SECURITY_START] = "initrd-security-start",
4466 [MANAGER_TIMESTAMP_INITRD_SECURITY_FINISH] = "initrd-security-finish",
4467 [MANAGER_TIMESTAMP_INITRD_GENERATORS_START] = "initrd-generators-start",
d4ee7bd8 4468 [MANAGER_TIMESTAMP_INITRD_GENERATORS_FINISH] = "initrd-generators-finish",
48d83e33 4469 [MANAGER_TIMESTAMP_INITRD_UNITS_LOAD_START] = "initrd-units-load-start",
d4ee7bd8 4470 [MANAGER_TIMESTAMP_INITRD_UNITS_LOAD_FINISH] = "initrd-units-load-finish",
9f9f0342
LP		 4471};
4472
4473DEFINE_STRING_TABLE_LOOKUP(manager_timestamp, ManagerTimestamp);
afcfaa69
LP		 4474
4475static const char* const oom_policy_table[_OOM_POLICY_MAX] = {
4476 [OOM_CONTINUE] = "continue",
48d83e33
ZJS		 4477 [OOM_STOP] = "stop",
4478 [OOM_KILL] = "kill",
afcfaa69
LP		 4479};
4480
4481DEFINE_STRING_TABLE_LOOKUP(oom_policy, OOMPolicy);
Unnamed repository; edit this file 'description' to name the repository.