]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/scope.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
core: port unit_fork_helper_process() and unit_fork_and_watch_rm_rf() to PidRef
[thirdparty/systemd.git] / src / core / scope.c
CommitLineData
db9ecf05 1/* SPDX-License-Identifier: LGPL-2.1-or-later */
6c12b52e
LP		 2
3#include <errno.h>
6c12b52e
LP		 4#include <unistd.h>
5
b5efdb8a 6#include "alloc-util.h"
dafb4063 7#include "cgroup-setup.h"
07630cea 8#include "dbus-scope.h"
6fcbec6f 9#include "dbus-unit.h"
03860190 10#include "exit-status.h"
07630cea 11#include "load-dropin.h"
6c12b52e 12#include "log.h"
428a9f6f 13#include "process-util.h"
5918a933 14#include "random-util.h"
b5efdb8a 15#include "scope.h"
d68c645b 16#include "serialize.h"
6c12b52e 17#include "special.h"
8b43440b 18#include "string-table.h"
07630cea
LP		 19#include "string-util.h"
20#include "strv.h"
6c12b52e 21#include "unit-name.h"
efdb0237 22#include "unit.h"
03860190 23#include "user-util.h"
6c12b52e
LP		 24
25static const UnitActiveState state_translation_table[_SCOPE_STATE_MAX] = {
26 [SCOPE_DEAD] = UNIT_INACTIVE,
03860190 27 [SCOPE_START_CHOWN] = UNIT_ACTIVATING,
6c12b52e 28 [SCOPE_RUNNING] = UNIT_ACTIVE,
a911bb9a 29 [SCOPE_ABANDONED] = UNIT_ACTIVE,
6c12b52e
LP		 30 [SCOPE_STOP_SIGTERM] = UNIT_DEACTIVATING,
31 [SCOPE_STOP_SIGKILL] = UNIT_DEACTIVATING,
32 [SCOPE_FAILED] = UNIT_FAILED
33};
34
718db961
LP		 35static int scope_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
36
6c12b52e
LP		 37static void scope_init(Unit *u) {
38 Scope *s = SCOPE(u);
39
40 assert(u);
41 assert(u->load_state == UNIT_STUB);
42
9ed7de60 43 s->runtime_max_usec = USEC_INFINITY;
c9e120e0 44 s->timeout_stop_usec = u->manager->defaults.timeout_stop_usec;
1b4cd0cf 45 u->ignore_on_isolate = true;
03860190 46 s->user = s->group = NULL;
5fa09835 47 s->oom_policy = _OOM_POLICY_INVALID;
6c12b52e
LP		 48}
49
50static void scope_done(Unit *u) {
51 Scope *s = SCOPE(u);
52
53 assert(u);
54
371c0b79
LP		 55 s->controller = mfree(s->controller);
56 s->controller_track = sd_bus_track_unref(s->controller_track);
2d4a39e7 57
5dcadb4c 58 s->timer_event_source = sd_event_source_disable_unref(s->timer_event_source);
03860190
MS		 59
60 s->user = mfree(s->user);
61 s->group = mfree(s->group);
718db961
LP		 62}
63
ecea250d 64static usec_t scope_running_timeout(Scope *s) {
5918a933
AB		 65 usec_t delta = 0;
66
67 assert(s);
68
69 if (s->runtime_rand_extra_usec != 0) {
70 delta = random_u64_range(s->runtime_rand_extra_usec);
71 log_unit_debug(UNIT(s), "Adding delta of %s sec to timeout", FORMAT_TIMESPAN(delta, USEC_PER_SEC));
72 }
73
74 return usec_add(usec_add(UNIT(s)->active_enter_timestamp.monotonic,
75 s->runtime_max_usec),
76 delta);
77}
78
36c16a7c 79static int scope_arm_timer(Scope *s, usec_t usec) {
718db961
LP		 80 int r;
81
82 assert(s);
83
718db961 84 if (s->timer_event_source) {
36c16a7c 85 r = sd_event_source_set_time(s->timer_event_source, usec);
718db961
LP		 86 if (r < 0)
87 return r;
88
89 return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
90 }
91
36c16a7c
LP		 92 if (usec == USEC_INFINITY)
93 return 0;
94
cbf60d0a 95 r = sd_event_add_time(
6a0f1f6d
LP		 96 UNIT(s)->manager->event,
97 &s->timer_event_source,
98 CLOCK_MONOTONIC,
36c16a7c 99 usec, 0,
6a0f1f6d 100 scope_dispatch_timer, s);
7dfbe2e3
TG		 101 if (r < 0)
102 return r;
103
104 (void) sd_event_source_set_description(s->timer_event_source, "scope-timer");
105
106 return 0;
6c12b52e
LP		 107}
108
109static void scope_set_state(Scope *s, ScopeState state) {
110 ScopeState old_state;
111 assert(s);
112
6fcbec6f
LP		 113 if (s->state != state)
114 bus_unit_send_pending_change_signal(UNIT(s), false);
115
6c12b52e
LP		 116 old_state = s->state;
117 s->state = state;
118
e1f85b49 119 if (!IN_SET(state, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL, SCOPE_START_CHOWN, SCOPE_RUNNING))
5dcadb4c 120 s->timer_event_source = sd_event_source_disable_unref(s->timer_event_source);
6c12b52e 121
50be4f4a 122 if (IN_SET(state, SCOPE_DEAD, SCOPE_FAILED)) {
a911bb9a 123 unit_unwatch_all_pids(UNIT(s));
50be4f4a
LP		 124 unit_dequeue_rewatch_pids(UNIT(s));
125 }
a911bb9a 126
6c12b52e 127 if (state != old_state)
a911bb9a 128 log_debug("%s changed %s -> %s", UNIT(s)->id, scope_state_to_string(old_state), scope_state_to_string(state));
6c12b52e 129
96b09de5 130 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], /* reload_success = */ true);
6c12b52e
LP		 131}
132
133static int scope_add_default_dependencies(Scope *s) {
3835b9aa
LB		 134 int r;
135
6c12b52e
LP		 136 assert(s);
137
4c9ea260
LP		 138 if (!UNIT(s)->default_dependencies)
139 return 0;
140
6c12b52e 141 /* Make sure scopes are unloaded on shutdown */
3835b9aa
LB		 142 r = unit_add_two_dependencies_by_name(
143 UNIT(s),
144 UNIT_BEFORE, UNIT_CONFLICTS,
145 SPECIAL_SHUTDOWN_TARGET, true,
146 UNIT_DEPENDENCY_DEFAULT);
147 if (r < 0)
148 return r;
149
150 return 0;
6c12b52e
LP		 151}
152
153static int scope_verify(Scope *s) {
154 assert(s);
75193d41 155 assert(UNIT(s)->load_state == UNIT_LOADED);
6c12b52e 156
efdb0237 157 if (set_isempty(UNIT(s)->pids) &&
2c289ea8 158 !MANAGER_IS_RELOADING(UNIT(s)->manager) &&
d85ff944
YW		 159 !unit_has_name(UNIT(s), SPECIAL_INIT_SCOPE))
160 return log_unit_error_errno(UNIT(s), SYNTHETIC_ERRNO(ENOENT), "Scope has no PIDs. Refusing.");
6c12b52e
LP		 161
162 return 0;
163}
164
8e4e851f
LP		 165static int scope_load_init_scope(Unit *u) {
166 assert(u);
167
168 if (!unit_has_name(u, SPECIAL_INIT_SCOPE))
169 return 0;
170
171 u->transient = true;
f5869324 172 u->perpetual = true;
8e4e851f
LP		 173
174 /* init.scope is a bit special, as it has to stick around forever. Because of its special semantics we
175 * synthesize it here, instead of relying on the unit file on disk. */
176
177 u->default_dependencies = false;
8e4e851f
LP		 178
179 /* Prettify things, if we can. */
180 if (!u->description)
181 u->description = strdup("System and Service Manager");
182 if (!u->documentation)
183 (void) strv_extend(&u->documentation, "man:systemd(1)");
184
185 return 1;
186}
187
75193d41
ZJS		 188static int scope_add_extras(Scope *s) {
189 int r;
190
191 r = unit_patch_contexts(UNIT(s));
192 if (r < 0)
193 return r;
194
195 r = unit_set_default_slice(UNIT(s));
196 if (r < 0)
197 return r;
198
5fa09835 199 if (s->oom_policy < 0)
c9e120e0 200 s->oom_policy = s->cgroup_context.delegate ? OOM_CONTINUE : UNIT(s)->manager->defaults.oom_policy;
5fa09835
ML		 201
202 s->cgroup_context.memory_oom_group = s->oom_policy == OOM_KILL;
203
75193d41
ZJS		 204 return scope_add_default_dependencies(s);
205}
206
6c12b52e
LP		 207static int scope_load(Unit *u) {
208 Scope *s = SCOPE(u);
209 int r;
210
211 assert(s);
212 assert(u->load_state == UNIT_STUB);
213
2c289ea8 214 if (!u->transient && !MANAGER_IS_RELOADING(u->manager))
4f4afc88 215 /* Refuse to load non-transient scope units, but allow them while reloading. */
6c12b52e
LP		 216 return -ENOENT;
217
8e4e851f
LP		 218 r = scope_load_init_scope(u);
219 if (r < 0)
220 return r;
c3620770
ZJS		 221
222 r = unit_load_fragment_and_dropin(u, false);
6c12b52e
LP		 223 if (r < 0)
224 return r;
225
75193d41
ZJS		 226 if (u->load_state != UNIT_LOADED)
227 return 0;
6c12b52e 228
75193d41
ZJS		 229 r = scope_add_extras(s);
230 if (r < 0)
231 return r;
6c12b52e
LP		 232
233 return scope_verify(s);
234}
235
7508f7f2
PW		 236static usec_t scope_coldplug_timeout(Scope *s) {
237 assert(s);
238
239 switch (s->deserialized_state) {
240
9ed7de60 241 case SCOPE_RUNNING:
5918a933 242 return scope_running_timeout(s);
9ed7de60 243
7508f7f2
PW		 244 case SCOPE_STOP_SIGKILL:
245 case SCOPE_STOP_SIGTERM:
246 return usec_add(UNIT(s)->state_change_timestamp.monotonic, s->timeout_stop_usec);
247
248 default:
249 return USEC_INFINITY;
250 }
251}
252
be847e82 253static int scope_coldplug(Unit *u) {
6c12b52e
LP		 254 Scope *s = SCOPE(u);
255 int r;
256
257 assert(s);
258 assert(s->state == SCOPE_DEAD);
259
36c16a7c
LP		 260 if (s->deserialized_state == s->state)
261 return 0;
a911bb9a 262
7508f7f2
PW		 263 r = scope_arm_timer(s, scope_coldplug_timeout(s));
264 if (r < 0)
265 return r;
6c12b52e 266
428a9f6f
FB		 267 if (!IN_SET(s->deserialized_state, SCOPE_DEAD, SCOPE_FAILED)) {
268 if (u->pids) {
269 void *pidp;
270
271 SET_FOREACH(pidp, u->pids) {
272 r = unit_watch_pid(u, PTR_TO_PID(pidp), false);
273 if (r < 0 && r != -EEXIST)
274 return r;
275 }
276 } else
277 (void) unit_enqueue_rewatch_pids(u);
278 }
36c16a7c 279
371c0b79
LP		 280 bus_scope_track_controller(s);
281
36c16a7c 282 scope_set_state(s, s->deserialized_state);
6c12b52e
LP		 283 return 0;
284}
285
286static void scope_dump(Unit *u, FILE *f, const char *prefix) {
287 Scope *s = SCOPE(u);
288
289 assert(s);
290 assert(f);
291
292 fprintf(f,
293 "%sScope State: %s\n"
9ed7de60 294 "%sResult: %s\n"
5918a933 295 "%sRuntimeMaxSec: %s\n"
5fa09835
ML		 296 "%sRuntimeRandomizedExtraSec: %s\n"
297 "%sOOMPolicy: %s\n",
6c12b52e 298 prefix, scope_state_to_string(s->state),
9ed7de60 299 prefix, scope_result_to_string(s->result),
5918a933 300 prefix, FORMAT_TIMESPAN(s->runtime_max_usec, USEC_PER_SEC),
5fa09835
ML		 301 prefix, FORMAT_TIMESPAN(s->runtime_rand_extra_usec, USEC_PER_SEC),
302 prefix, oom_policy_to_string(s->oom_policy));
6c12b52e 303
bc0623df 304 cgroup_context_dump(UNIT(s), f, prefix);
6c12b52e
LP		 305 kill_context_dump(&s->kill_context, f, prefix);
306}
307
308static void scope_enter_dead(Scope *s, ScopeResult f) {
309 assert(s);
310
a0fef983 311 if (s->result == SCOPE_SUCCESS)
6c12b52e
LP		 312 s->result = f;
313
aac99f30 314 unit_log_result(UNIT(s), s->result == SCOPE_SUCCESS, scope_result_to_string(s->result));
6c12b52e
LP		 315 scope_set_state(s, s->result != SCOPE_SUCCESS ? SCOPE_FAILED : SCOPE_DEAD);
316}
317
318static void scope_enter_signal(Scope *s, ScopeState state, ScopeResult f) {
2d4a39e7 319 bool skip_signal = false;
6c12b52e
LP		 320 int r;
321
322 assert(s);
323
a0fef983 324 if (s->result == SCOPE_SUCCESS)
6c12b52e
LP		 325 s->result = f;
326
50be4f4a
LP		 327 /* Before sending any signal, make sure we track all members of this cgroup */
328 (void) unit_watch_all_pids(UNIT(s));
329
330 /* Also, enqueue a job that we recheck all our PIDs a bit later, given that it's likely some processes have
331 * died now */
332 (void) unit_enqueue_rewatch_pids(UNIT(s));
a911bb9a 333
371c0b79
LP		 334 /* If we have a controller set let's ask the controller nicely to terminate the scope, instead of us going
335 * directly into SIGTERM berserk mode */
2d4a39e7
LP		 336 if (state == SCOPE_STOP_SIGTERM)
337 skip_signal = bus_scope_send_request_stop(s) > 0;
338
59ec09a8
ZJS		 339 if (skip_signal)
340 r = 1; /* wait */
341 else {
2d4a39e7
LP		 342 r = unit_kill_context(
343 UNIT(s),
344 &s->kill_context,
3862e809
LP		 345 state != SCOPE_STOP_SIGTERM ? KILL_KILL :
346 s->was_abandoned ? KILL_TERMINATE_AND_LOG :
347 KILL_TERMINATE,
7901288a
LP		 348 /* main_pid= */ NULL,
349 /* control_pid= */ NULL,
350 /* main_pid_alien= */ false);
2d4a39e7
LP		 351 if (r < 0)
352 goto fail;
59ec09a8 353 }
6c12b52e
LP		 354
355 if (r > 0) {
36c16a7c 356 r = scope_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->timeout_stop_usec));
718db961
LP		 357 if (r < 0)
358 goto fail;
6c12b52e
LP		 359
360 scope_set_state(s, state);
ac84d1fb
LP		 361 } else if (state == SCOPE_STOP_SIGTERM)
362 scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_SUCCESS);
363 else
6c12b52e
LP		 364 scope_enter_dead(s, SCOPE_SUCCESS);
365
366 return;
367
368fail:
f2341e0a 369 log_unit_warning_errno(UNIT(s), r, "Failed to kill processes: %m");
6c12b52e
LP		 370
371 scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
372}
373
03860190 374static int scope_enter_start_chown(Scope *s) {
4775b55d 375 _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
03860190 376 Unit *u = UNIT(s);
6c12b52e
LP		 377 int r;
378
379 assert(s);
03860190 380 assert(s->user);
6c12b52e 381
c9e120e0 382 r = scope_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), u->manager->defaults.timeout_start_usec));
03860190
MS		 383 if (r < 0)
384 return r;
efdb0237 385
4775b55d 386 r = unit_fork_helper_process(u, "(sd-chown-cgroup)", &pidref);
03860190
MS		 387 if (r < 0)
388 goto fail;
7b617155 389
03860190
MS		 390 if (r == 0) {
391 uid_t uid = UID_INVALID;
392 gid_t gid = GID_INVALID;
6c12b52e 393
03860190
MS		 394 if (!isempty(s->user)) {
395 const char *user = s->user;
6c12b52e 396
03860190
MS		 397 r = get_user_creds(&user, &uid, &gid, NULL, NULL, 0);
398 if (r < 0) {
399 log_unit_error_errno(UNIT(s), r, "Failed to resolve user \"%s\": %m", user);
400 _exit(EXIT_USER);
401 }
402 }
403
404 if (!isempty(s->group)) {
405 const char *group = s->group;
406
407 r = get_group_creds(&group, &gid, 0);
408 if (r < 0) {
409 log_unit_error_errno(UNIT(s), r, "Failed to resolve group \"%s\": %m", group);
410 _exit(EXIT_GROUP);
411 }
412 }
413
414 r = cg_set_access(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, uid, gid);
415 if (r < 0) {
416 log_unit_error_errno(UNIT(s), r, "Failed to adjust control group access: %m");
417 _exit(EXIT_CGROUP);
418 }
419
420 _exit(EXIT_SUCCESS);
421 }
422
4775b55d 423 r = unit_watch_pid(UNIT(s), pidref.pid, /* exclusive= */ true);
03860190
MS		 424 if (r < 0)
425 goto fail;
426
427 scope_set_state(s, SCOPE_START_CHOWN);
428
429 return 1;
430fail:
431 s->timer_event_source = sd_event_source_disable_unref(s->timer_event_source);
432 return r;
433}
434
435static int scope_enter_running(Scope *s) {
436 Unit *u = UNIT(s);
437 int r;
438
439 assert(s);
6c12b52e 440
371c0b79
LP		 441 (void) bus_scope_track_controller(s);
442
4b58153d
LP		 443 r = unit_acquire_invocation_id(u);
444 if (r < 0)
445 return r;
446
01542056 447 unit_export_state_files(u);
d3070fbd 448
01542056 449 r = unit_attach_pids_to_cgroup(u, u->pids, NULL);
dd305ec9 450 if (r < 0) {
01542056 451 log_unit_warning_errno(u, r, "Failed to add PIDs to scope's control group: %m");
68a01fb6 452 scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
6c12b52e 453 return r;
dd305ec9 454 }
8d3e4ac7 455 if (r == 0) {
e99b9285 456 log_unit_warning(u, "No PIDs left to attach to the scope's control group, refusing.");
8d3e4ac7
LP		 457 scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
458 return -ECHILD;
459 }
460 log_unit_debug(u, "%i %s added to scope's control group.", r, r == 1 ? "process" : "processes");
6c12b52e 461
6c12b52e
LP		 462 s->result = SCOPE_SUCCESS;
463
464 scope_set_state(s, SCOPE_RUNNING);
b91ada2a 465
9ed7de60 466 /* Set the maximum runtime timeout. */
5918a933 467 scope_arm_timer(s, scope_running_timeout(s));
9ed7de60 468
e9eec8b5
FB		 469 /* On unified we use proper notifications hence we can unwatch the PIDs
470 * we just attached to the scope. This can also be done on legacy as
471 * we're going to update the list of the processes we watch with the
472 * PIDs currently in the scope anyway. */
473 unit_unwatch_all_pids(u);
474
475 /* Start watching the PIDs currently in the scope (legacy hierarchy only) */
01542056 476 (void) unit_enqueue_rewatch_pids(u);
82a2b6bb 477 return 1;
6c12b52e
LP		 478}
479
03860190
MS		 480static int scope_start(Unit *u) {
481 Scope *s = SCOPE(u);
482
483 assert(s);
484
485 if (unit_has_name(u, SPECIAL_INIT_SCOPE))
486 return -EPERM;
487
488 if (s->state == SCOPE_FAILED)
489 return -EPERM;
490
491 /* We can't fulfill this right now, please try again later */
492 if (IN_SET(s->state, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
493 return -EAGAIN;
494
495 assert(s->state == SCOPE_DEAD);
496
497 if (!u->transient && !MANAGER_IS_RELOADING(u->manager))
498 return -ENOENT;
499
500 (void) unit_realize_cgroup(u);
501 (void) unit_reset_accounting(u);
502
503 /* We check only for User= option to keep behavior consistent with logic for service units,
5c19169f 504 * i.e. having 'Delegate=true Group=foo' w/o specifying User= has no effect. */
03860190
MS		 505 if (s->user && unit_cgroup_delegate(u))
506 return scope_enter_start_chown(s);
507
508 return scope_enter_running(s);
509}
510
6c12b52e
LP		 511static int scope_stop(Unit *u) {
512 Scope *s = SCOPE(u);
513
514 assert(s);
6c12b52e 515
3742095b 516 if (IN_SET(s->state, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
6c12b52e
LP		 517 return 0;
518
3742095b 519 assert(IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED));
6c12b52e
LP		 520
521 scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_SUCCESS);
82a2b6bb 522 return 1;
6c12b52e
LP		 523}
524
8bcca7e2
LP		 525static void scope_reset_failed(Unit *u) {
526 Scope *s = SCOPE(u);
527
528 assert(s);
529
530 if (s->state == SCOPE_FAILED)
531 scope_set_state(s, SCOPE_DEAD);
532
533 s->result = SCOPE_SUCCESS;
534}
535
7a7821c8 536static int scope_get_timeout(Unit *u, usec_t *timeout) {
68db7a3b 537 Scope *s = SCOPE(u);
7a7821c8 538 usec_t t;
68db7a3b
ZJS		 539 int r;
540
541 if (!s->timer_event_source)
542 return 0;
543
7a7821c8 544 r = sd_event_source_get_time(s->timer_event_source, &t);
68db7a3b
ZJS		 545 if (r < 0)
546 return r;
7a7821c8
LP		 547 if (t == USEC_INFINITY)
548 return 0;
68db7a3b 549
7a7821c8 550 *timeout = t;
68db7a3b
ZJS		 551 return 1;
552}
553
6c12b52e
LP		 554static int scope_serialize(Unit *u, FILE *f, FDSet *fds) {
555 Scope *s = SCOPE(u);
428a9f6f 556 void *pidp;
6c12b52e
LP		 557
558 assert(s);
559 assert(f);
560 assert(fds);
561
d68c645b
LP		 562 (void) serialize_item(f, "state", scope_state_to_string(s->state));
563 (void) serialize_bool(f, "was-abandoned", s->was_abandoned);
33fe0afe
LP		 564
565 if (s->controller)
d68c645b 566 (void) serialize_item(f, "controller", s->controller);
33fe0afe 567
428a9f6f
FB		 568 SET_FOREACH(pidp, u->pids)
569 serialize_item_format(f, "pids", PID_FMT, PTR_TO_PID(pidp));
570
6c12b52e
LP		 571 return 0;
572}
573
574static int scope_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
575 Scope *s = SCOPE(u);
33fe0afe 576 int r;
6c12b52e
LP		 577
578 assert(u);
579 assert(key);
580 assert(value);
581 assert(fds);
582
583 if (streq(key, "state")) {
584 ScopeState state;
585
586 state = scope_state_from_string(value);
587 if (state < 0)
f2341e0a 588 log_unit_debug(u, "Failed to parse state value: %s", value);
6c12b52e
LP		 589 else
590 s->deserialized_state = state;
591
3862e809
LP		 592 } else if (streq(key, "was-abandoned")) {
593 int k;
594
595 k = parse_boolean(value);
596 if (k < 0)
597 log_unit_debug(u, "Failed to parse boolean value: %s", value);
598 else
599 s->was_abandoned = k;
33fe0afe
LP		 600 } else if (streq(key, "controller")) {
601
602 r = free_and_strdup(&s->controller, value);
603 if (r < 0)
d68c645b 604 return log_oom();
33fe0afe 605
428a9f6f
FB		 606 } else if (streq(key, "pids")) {
607 pid_t pid;
608
609 if (parse_pid(value, &pid) < 0)
610 log_unit_debug(u, "Failed to parse pids value: %s", value);
611 else {
614f57ed 612 r = set_ensure_put(&u->pids, NULL, PID_TO_PTR(pid));
428a9f6f
FB		 613 if (r < 0)
614 return r;
615 }
6c12b52e 616 } else
f2341e0a 617 log_unit_debug(u, "Unknown serialization key: %s", key);
6c12b52e
LP		 618
619 return 0;
620}
621
a911bb9a
LP		 622static void scope_notify_cgroup_empty_event(Unit *u) {
623 Scope *s = SCOPE(u);
624 assert(u);
625
f2341e0a 626 log_unit_debug(u, "cgroup is empty");
a911bb9a
LP		 627
628 if (IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
629 scope_enter_dead(s, SCOPE_SUCCESS);
630}
631
7238fd51 632static void scope_notify_cgroup_oom_event(Unit *u, bool managed_oom) {
633 Scope *s = SCOPE(u);
634
635 if (managed_oom)
636 log_unit_debug(u, "Process(es) of control group were killed by systemd-oomd.");
637 else
638 log_unit_debug(u, "Process of control group was killed by the OOM killer.");
639
5fa09835
ML		 640 if (s->oom_policy == OOM_CONTINUE)
641 return;
642
7238fd51 643 switch (s->state) {
644
645 case SCOPE_START_CHOWN:
646 case SCOPE_RUNNING:
5fa09835
ML		 647 scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_FAILURE_OOM_KILL);
648 break;
649
7238fd51 650 case SCOPE_STOP_SIGTERM:
651 scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_FAILURE_OOM_KILL);
652 break;
653
654 case SCOPE_STOP_SIGKILL:
655 if (s->result == SCOPE_SUCCESS)
656 s->result = SCOPE_FAILURE_OOM_KILL;
657 break;
658 /* SCOPE_DEAD, SCOPE_ABANDONED, and SCOPE_FAILED end up in default */
659 default:
660 ;
661 }
662}
663
a911bb9a 664static void scope_sigchld_event(Unit *u, pid_t pid, int code, int status) {
03860190
MS		 665 Scope *s = SCOPE(u);
666
667 assert(s);
668
669 if (s->state == SCOPE_START_CHOWN) {
670 if (!is_clean_exit(code, status, EXIT_CLEAN_COMMAND, NULL))
671 scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
672 else
673 scope_enter_running(s);
674 return;
675 }
a911bb9a 676
11aef522
LP		 677 /* If we get a SIGCHLD event for one of the processes we were interested in, then we look for others to
678 * watch, under the assumption that we'll sooner or later get a SIGCHLD for them, as the original
679 * process we watched was probably the parent of them, and they are hence now our children. */
a911bb9a 680
50be4f4a 681 (void) unit_enqueue_rewatch_pids(u);
a911bb9a
LP		 682}
683
718db961
LP		 684static int scope_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
685 Scope *s = SCOPE(userdata);
6c12b52e
LP		 686
687 assert(s);
718db961 688 assert(s->timer_event_source == source);
6c12b52e
LP		 689
690 switch (s->state) {
691
9ed7de60
PW		 692 case SCOPE_RUNNING:
693 log_unit_warning(UNIT(s), "Scope reached runtime time limit. Stopping.");
694 scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_FAILURE_TIMEOUT);
695 break;
696
6c12b52e
LP		 697 case SCOPE_STOP_SIGTERM:
698 if (s->kill_context.send_sigkill) {
f2341e0a 699 log_unit_warning(UNIT(s), "Stopping timed out. Killing.");
6c12b52e
LP		 700 scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_FAILURE_TIMEOUT);
701 } else {
f2341e0a 702 log_unit_warning(UNIT(s), "Stopping timed out. Skipping SIGKILL.");
6c12b52e
LP		 703 scope_enter_dead(s, SCOPE_FAILURE_TIMEOUT);
704 }
705
706 break;
707
708 case SCOPE_STOP_SIGKILL:
f2341e0a 709 log_unit_warning(UNIT(s), "Still around after SIGKILL. Ignoring.");
6c12b52e
LP		 710 scope_enter_dead(s, SCOPE_FAILURE_TIMEOUT);
711 break;
712
03860190
MS		 713 case SCOPE_START_CHOWN:
714 log_unit_warning(UNIT(s), "User lookup timed out. Entering failed state.");
715 scope_enter_dead(s, SCOPE_FAILURE_TIMEOUT);
716 break;
717
6c12b52e 718 default:
04499a70 719 assert_not_reached();
6c12b52e 720 }
718db961
LP		 721
722 return 0;
6c12b52e
LP		 723}
724
a911bb9a
LP		 725int scope_abandon(Scope *s) {
726 assert(s);
6c12b52e 727
efdb0237
LP		 728 if (unit_has_name(UNIT(s), SPECIAL_INIT_SCOPE))
729 return -EPERM;
730
a911bb9a
LP		 731 if (!IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED))
732 return -ESTALE;
6c12b52e 733
3862e809 734 s->was_abandoned = true;
371c0b79 735
a1e58e8e 736 s->controller = mfree(s->controller);
371c0b79
LP		 737 s->controller_track = sd_bus_track_unref(s->controller_track);
738
8cb83266 739 scope_set_state(s, SCOPE_ABANDONED);
6c12b52e 740
50be4f4a
LP		 741 /* The client is no longer watching the remaining processes, so let's step in here, under the assumption that
742 * the remaining processes will be sooner or later reassigned to us as parent. */
743 (void) unit_enqueue_rewatch_pids(UNIT(s));
6c12b52e 744
a911bb9a 745 return 0;
6c12b52e
LP		 746}
747
d1e8e8b5 748static UnitActiveState scope_active_state(Unit *u) {
6c12b52e
LP		 749 assert(u);
750
751 return state_translation_table[SCOPE(u)->state];
752}
753
d1e8e8b5 754static const char *scope_sub_state_to_string(Unit *u) {
6c12b52e
LP		 755 assert(u);
756
757 return scope_state_to_string(SCOPE(u)->state);
758}
759
04eb582a 760static void scope_enumerate_perpetual(Manager *m) {
efdb0237
LP		 761 Unit *u;
762 int r;
763
764 assert(m);
765
766 /* Let's unconditionally add the "init.scope" special unit
767 * that encapsulates PID 1. Note that PID 1 already is in the
768 * cgroup for this, we hence just need to allocate the object
769 * for it and that's it. */
770
771 u = manager_get_unit(m, SPECIAL_INIT_SCOPE);
772 if (!u) {
a581e45a 773 r = unit_new_for_name(m, sizeof(Scope), SPECIAL_INIT_SCOPE, &u);
efdb0237 774 if (r < 0) {
a581e45a 775 log_error_errno(r, "Failed to allocate the special " SPECIAL_INIT_SCOPE " unit: %m");
ba64af90 776 return;
efdb0237
LP		 777 }
778 }
779
780 u->transient = true;
f5869324 781 u->perpetual = true;
efdb0237 782 SCOPE(u)->deserialized_state = SCOPE_RUNNING;
efdb0237
LP		 783
784 unit_add_to_load_queue(u);
785 unit_add_to_dbus_queue(u);
020b2e41
LB		 786 /* Enqueue an explicit cgroup realization here. Unlike other cgroups this one already exists and is
787 * populated (by us, after all!) already, even when we are not in a reload cycle. Hence we cannot
788 * apply the settings at creation time anymore, but let's at least apply them asynchronously. */
789 unit_add_to_cgroup_realize_queue(u);
efdb0237
LP		 790}
791
6c12b52e 792static const char* const scope_result_table[_SCOPE_RESULT_MAX] = {
48d83e33 793 [SCOPE_SUCCESS] = "success",
6c12b52e 794 [SCOPE_FAILURE_RESOURCES] = "resources",
48d83e33 795 [SCOPE_FAILURE_TIMEOUT] = "timeout",
7238fd51 796 [SCOPE_FAILURE_OOM_KILL] = "oom-kill",
6c12b52e
LP		 797};
798
799DEFINE_STRING_TABLE_LOOKUP(scope_result, ScopeResult);
800
801const UnitVTable scope_vtable = {
802 .object_size = sizeof(Scope),
718db961
LP		 803 .cgroup_context_offset = offsetof(Scope, cgroup_context),
804 .kill_context_offset = offsetof(Scope, kill_context),
805
6c12b52e
LP		 806 .sections =
807 "Unit\0"
808 "Scope\0"
809 "Install\0",
6c12b52e 810 .private_section = "Scope",
6c12b52e 811
700e2d63 812 .can_transient = true,
1d9cc876 813 .can_delegate = true,
c80a9a33 814 .can_fail = true,
d4fd1cf2 815 .once_only = true,
4d824a4e 816 .can_set_managed_oom = true,
6c12b52e
LP		 817
818 .init = scope_init,
819 .load = scope_load,
820 .done = scope_done,
821
822 .coldplug = scope_coldplug,
823
824 .dump = scope_dump,
825
826 .start = scope_start,
827 .stop = scope_stop,
828
d9e45bc3
MS		 829 .freeze = unit_freeze_vtable_common,
830 .thaw = unit_thaw_vtable_common,
831
68db7a3b
ZJS		 832 .get_timeout = scope_get_timeout,
833
6c12b52e
LP		 834 .serialize = scope_serialize,
835 .deserialize_item = scope_deserialize_item,
836
837 .active_state = scope_active_state,
838 .sub_state_to_string = scope_sub_state_to_string,
839
a911bb9a
LP		 840 .sigchld_event = scope_sigchld_event,
841
8bcca7e2
LP		 842 .reset_failed = scope_reset_failed,
843
6c12b52e 844 .notify_cgroup_empty = scope_notify_cgroup_empty_event,
7238fd51 845 .notify_cgroup_oom = scope_notify_cgroup_oom_event,
6c12b52e 846
6c12b52e
LP		 847 .bus_set_property = bus_scope_set_property,
848 .bus_commit_properties = bus_scope_commit_properties,
849
04eb582a 850 .enumerate_perpetual = scope_enumerate_perpetual,
6c12b52e 851};
Unnamed repository; edit this file 'description' to name the repository.