]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/scope.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge pull request #32994 from keszybz/kernel-install-parsing
[thirdparty/systemd.git] / src / core / scope.c
CommitLineData
db9ecf05 1/* SPDX-License-Identifier: LGPL-2.1-or-later */
6c12b52e
LP		 2
3#include <errno.h>
6c12b52e
LP		 4#include <unistd.h>
5
b5efdb8a 6#include "alloc-util.h"
dafb4063 7#include "cgroup-setup.h"
07630cea 8#include "dbus-scope.h"
6fcbec6f 9#include "dbus-unit.h"
03860190 10#include "exit-status.h"
07630cea 11#include "load-dropin.h"
6c12b52e 12#include "log.h"
428a9f6f 13#include "process-util.h"
5918a933 14#include "random-util.h"
b5efdb8a 15#include "scope.h"
d68c645b 16#include "serialize.h"
6c12b52e 17#include "special.h"
8b43440b 18#include "string-table.h"
07630cea
LP		 19#include "string-util.h"
20#include "strv.h"
6c12b52e 21#include "unit-name.h"
efdb0237 22#include "unit.h"
03860190 23#include "user-util.h"
6c12b52e
LP		 24
25static const UnitActiveState state_translation_table[_SCOPE_STATE_MAX] = {
17f6b640
YW		 26 [SCOPE_DEAD] = UNIT_INACTIVE,
27 [SCOPE_START_CHOWN] = UNIT_ACTIVATING,
28 [SCOPE_RUNNING] = UNIT_ACTIVE,
29 [SCOPE_ABANDONED] = UNIT_ACTIVE,
6c12b52e
LP		 30 [SCOPE_STOP_SIGTERM] = UNIT_DEACTIVATING,
31 [SCOPE_STOP_SIGKILL] = UNIT_DEACTIVATING,
17f6b640 32 [SCOPE_FAILED] = UNIT_FAILED,
6c12b52e
LP		 33};
34
718db961
LP		 35static int scope_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
36
6c12b52e 37static void scope_init(Unit *u) {
e9fa1bf7 38 Scope *s = ASSERT_PTR(SCOPE(u));
6c12b52e 39
6c12b52e
LP		 40 assert(u->load_state == UNIT_STUB);
41
9ed7de60 42 s->runtime_max_usec = USEC_INFINITY;
c9e120e0 43 s->timeout_stop_usec = u->manager->defaults.timeout_stop_usec;
1b4cd0cf 44 u->ignore_on_isolate = true;
03860190 45 s->user = s->group = NULL;
5fa09835 46 s->oom_policy = _OOM_POLICY_INVALID;
6c12b52e
LP		 47}
48
49static void scope_done(Unit *u) {
e9fa1bf7 50 Scope *s = ASSERT_PTR(SCOPE(u));
6c12b52e 51
371c0b79
LP		 52 s->controller = mfree(s->controller);
53 s->controller_track = sd_bus_track_unref(s->controller_track);
2d4a39e7 54
5dcadb4c 55 s->timer_event_source = sd_event_source_disable_unref(s->timer_event_source);
03860190
MS		 56
57 s->user = mfree(s->user);
58 s->group = mfree(s->group);
718db961
LP		 59}
60
ecea250d 61static usec_t scope_running_timeout(Scope *s) {
5918a933
AB		 62 usec_t delta = 0;
63
64 assert(s);
65
66 if (s->runtime_rand_extra_usec != 0) {
67 delta = random_u64_range(s->runtime_rand_extra_usec);
68 log_unit_debug(UNIT(s), "Adding delta of %s sec to timeout", FORMAT_TIMESPAN(delta, USEC_PER_SEC));
69 }
70
71 return usec_add(usec_add(UNIT(s)->active_enter_timestamp.monotonic,
72 s->runtime_max_usec),
73 delta);
74}
75
e9276800 76static int scope_arm_timer(Scope *s, bool relative, usec_t usec) {
718db961
LP		 77 assert(s);
78
e9276800 79 return unit_arm_timer(UNIT(s), &s->timer_event_source, relative, usec, scope_dispatch_timer);
6c12b52e
LP		 80}
81
82static void scope_set_state(Scope *s, ScopeState state) {
83 ScopeState old_state;
e9fa1bf7 84
6c12b52e
LP		 85 assert(s);
86
6fcbec6f
LP		 87 if (s->state != state)
88 bus_unit_send_pending_change_signal(UNIT(s), false);
89
6c12b52e
LP		 90 old_state = s->state;
91 s->state = state;
92
e1f85b49 93 if (!IN_SET(state, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL, SCOPE_START_CHOWN, SCOPE_RUNNING))
5dcadb4c 94 s->timer_event_source = sd_event_source_disable_unref(s->timer_event_source);
6c12b52e 95
05d1630e 96 if (!IN_SET(old_state, SCOPE_DEAD, SCOPE_FAILED) && IN_SET(state, SCOPE_DEAD, SCOPE_FAILED)) {
a911bb9a 97 unit_unwatch_all_pids(UNIT(s));
50be4f4a
LP		 98 unit_dequeue_rewatch_pids(UNIT(s));
99 }
a911bb9a 100
6c12b52e 101 if (state != old_state)
b7e4e152
MY		 102 log_unit_debug(UNIT(s), "Changed %s -> %s",
103 scope_state_to_string(old_state), scope_state_to_string(state));
6c12b52e 104
96b09de5 105 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], /* reload_success = */ true);
6c12b52e
LP		 106}
107
108static int scope_add_default_dependencies(Scope *s) {
3835b9aa
LB		 109 int r;
110
6c12b52e
LP		 111 assert(s);
112
4c9ea260
LP		 113 if (!UNIT(s)->default_dependencies)
114 return 0;
115
6c12b52e 116 /* Make sure scopes are unloaded on shutdown */
3835b9aa
LB		 117 r = unit_add_two_dependencies_by_name(
118 UNIT(s),
119 UNIT_BEFORE, UNIT_CONFLICTS,
120 SPECIAL_SHUTDOWN_TARGET, true,
121 UNIT_DEPENDENCY_DEFAULT);
122 if (r < 0)
123 return r;
124
125 return 0;
6c12b52e
LP		 126}
127
128static int scope_verify(Scope *s) {
129 assert(s);
75193d41 130 assert(UNIT(s)->load_state == UNIT_LOADED);
6c12b52e 131
efdb0237 132 if (set_isempty(UNIT(s)->pids) &&
2c289ea8 133 !MANAGER_IS_RELOADING(UNIT(s)->manager) &&
d85ff944
YW		 134 !unit_has_name(UNIT(s), SPECIAL_INIT_SCOPE))
135 return log_unit_error_errno(UNIT(s), SYNTHETIC_ERRNO(ENOENT), "Scope has no PIDs. Refusing.");
6c12b52e
LP		 136
137 return 0;
138}
139
8e4e851f
LP		 140static int scope_load_init_scope(Unit *u) {
141 assert(u);
142
143 if (!unit_has_name(u, SPECIAL_INIT_SCOPE))
144 return 0;
145
146 u->transient = true;
f5869324 147 u->perpetual = true;
8e4e851f
LP		 148
149 /* init.scope is a bit special, as it has to stick around forever. Because of its special semantics we
150 * synthesize it here, instead of relying on the unit file on disk. */
151
152 u->default_dependencies = false;
8e4e851f
LP		 153
154 /* Prettify things, if we can. */
155 if (!u->description)
156 u->description = strdup("System and Service Manager");
157 if (!u->documentation)
158 (void) strv_extend(&u->documentation, "man:systemd(1)");
159
160 return 1;
161}
162
75193d41
ZJS		 163static int scope_add_extras(Scope *s) {
164 int r;
165
166 r = unit_patch_contexts(UNIT(s));
167 if (r < 0)
168 return r;
169
170 r = unit_set_default_slice(UNIT(s));
171 if (r < 0)
172 return r;
173
5fa09835 174 if (s->oom_policy < 0)
c9e120e0 175 s->oom_policy = s->cgroup_context.delegate ? OOM_CONTINUE : UNIT(s)->manager->defaults.oom_policy;
5fa09835
ML		 176
177 s->cgroup_context.memory_oom_group = s->oom_policy == OOM_KILL;
178
75193d41
ZJS		 179 return scope_add_default_dependencies(s);
180}
181
6c12b52e 182static int scope_load(Unit *u) {
e9fa1bf7 183 Scope *s = ASSERT_PTR(SCOPE(u));
6c12b52e
LP		 184 int r;
185
6c12b52e
LP		 186 assert(u->load_state == UNIT_STUB);
187
2c289ea8 188 if (!u->transient && !MANAGER_IS_RELOADING(u->manager))
4f4afc88 189 /* Refuse to load non-transient scope units, but allow them while reloading. */
6c12b52e
LP		 190 return -ENOENT;
191
8e4e851f
LP		 192 r = scope_load_init_scope(u);
193 if (r < 0)
194 return r;
c3620770
ZJS		 195
196 r = unit_load_fragment_and_dropin(u, false);
6c12b52e
LP		 197 if (r < 0)
198 return r;
199
75193d41
ZJS		 200 if (u->load_state != UNIT_LOADED)
201 return 0;
6c12b52e 202
75193d41
ZJS		 203 r = scope_add_extras(s);
204 if (r < 0)
205 return r;
6c12b52e
LP		 206
207 return scope_verify(s);
208}
209
7508f7f2
PW		 210static usec_t scope_coldplug_timeout(Scope *s) {
211 assert(s);
212
213 switch (s->deserialized_state) {
214
9ed7de60 215 case SCOPE_RUNNING:
5918a933 216 return scope_running_timeout(s);
9ed7de60 217
7508f7f2
PW		 218 case SCOPE_STOP_SIGKILL:
219 case SCOPE_STOP_SIGTERM:
220 return usec_add(UNIT(s)->state_change_timestamp.monotonic, s->timeout_stop_usec);
221
222 default:
223 return USEC_INFINITY;
224 }
225}
226
be847e82 227static int scope_coldplug(Unit *u) {
e9fa1bf7 228 Scope *s = ASSERT_PTR(SCOPE(u));
6c12b52e
LP		 229 int r;
230
6c12b52e
LP		 231 assert(s->state == SCOPE_DEAD);
232
36c16a7c
LP		 233 if (s->deserialized_state == s->state)
234 return 0;
a911bb9a 235
e9276800 236 r = scope_arm_timer(s, /* relative= */ false, scope_coldplug_timeout(s));
7508f7f2
PW		 237 if (r < 0)
238 return r;
6c12b52e 239
428a9f6f
FB		 240 if (!IN_SET(s->deserialized_state, SCOPE_DEAD, SCOPE_FAILED)) {
241 if (u->pids) {
495e75ed 242 PidRef *pid;
428a9f6f 243
495e75ed
LP		 244 SET_FOREACH(pid, u->pids) {
245 r = unit_watch_pidref(u, pid, /* exclusive= */ false);
428a9f6f
FB		 246 if (r < 0 && r != -EEXIST)
247 return r;
248 }
249 } else
250 (void) unit_enqueue_rewatch_pids(u);
251 }
36c16a7c 252
371c0b79
LP		 253 bus_scope_track_controller(s);
254
36c16a7c 255 scope_set_state(s, s->deserialized_state);
6c12b52e
LP		 256 return 0;
257}
258
259static void scope_dump(Unit *u, FILE *f, const char *prefix) {
e9fa1bf7 260 Scope *s = ASSERT_PTR(SCOPE(u));
6c12b52e 261
6c12b52e 262 assert(f);
e9fa1bf7 263 assert(prefix);
6c12b52e
LP		 264
265 fprintf(f,
266 "%sScope State: %s\n"
9ed7de60 267 "%sResult: %s\n"
5918a933 268 "%sRuntimeMaxSec: %s\n"
5fa09835
ML		 269 "%sRuntimeRandomizedExtraSec: %s\n"
270 "%sOOMPolicy: %s\n",
6c12b52e 271 prefix, scope_state_to_string(s->state),
9ed7de60 272 prefix, scope_result_to_string(s->result),
5918a933 273 prefix, FORMAT_TIMESPAN(s->runtime_max_usec, USEC_PER_SEC),
5fa09835
ML		 274 prefix, FORMAT_TIMESPAN(s->runtime_rand_extra_usec, USEC_PER_SEC),
275 prefix, oom_policy_to_string(s->oom_policy));
6c12b52e 276
e9fa1bf7 277 cgroup_context_dump(u, f, prefix);
6c12b52e
LP		 278 kill_context_dump(&s->kill_context, f, prefix);
279}
280
281static void scope_enter_dead(Scope *s, ScopeResult f) {
282 assert(s);
283
a0fef983 284 if (s->result == SCOPE_SUCCESS)
6c12b52e
LP		 285 s->result = f;
286
aac99f30 287 unit_log_result(UNIT(s), s->result == SCOPE_SUCCESS, scope_result_to_string(s->result));
6c12b52e
LP		 288 scope_set_state(s, s->result != SCOPE_SUCCESS ? SCOPE_FAILED : SCOPE_DEAD);
289}
290
291static void scope_enter_signal(Scope *s, ScopeState state, ScopeResult f) {
2d4a39e7 292 bool skip_signal = false;
6c12b52e
LP		 293 int r;
294
295 assert(s);
296
a0fef983 297 if (s->result == SCOPE_SUCCESS)
6c12b52e
LP		 298 s->result = f;
299
50be4f4a
LP		 300 /* Before sending any signal, make sure we track all members of this cgroup */
301 (void) unit_watch_all_pids(UNIT(s));
302
303 /* Also, enqueue a job that we recheck all our PIDs a bit later, given that it's likely some processes have
304 * died now */
305 (void) unit_enqueue_rewatch_pids(UNIT(s));
a911bb9a 306
371c0b79
LP		 307 /* If we have a controller set let's ask the controller nicely to terminate the scope, instead of us going
308 * directly into SIGTERM berserk mode */
2d4a39e7
LP		 309 if (state == SCOPE_STOP_SIGTERM)
310 skip_signal = bus_scope_send_request_stop(s) > 0;
311
59ec09a8
ZJS		 312 if (skip_signal)
313 r = 1; /* wait */
314 else {
2d4a39e7
LP		 315 r = unit_kill_context(
316 UNIT(s),
3862e809
LP		 317 state != SCOPE_STOP_SIGTERM ? KILL_KILL :
318 s->was_abandoned ? KILL_TERMINATE_AND_LOG :
b826e317 319 KILL_TERMINATE);
c5acfe18
LP		 320 if (r < 0) {
321 log_unit_warning_errno(UNIT(s), r, "Failed to kill processes: %m");
2d4a39e7 322 goto fail;
c5acfe18 323 }
59ec09a8 324 }
6c12b52e
LP		 325
326 if (r > 0) {
e9276800 327 r = scope_arm_timer(s, /* relative= */ true, s->timeout_stop_usec);
c5acfe18
LP		 328 if (r < 0) {
329 log_unit_warning_errno(UNIT(s), r, "Failed to install timer: %m");
718db961 330 goto fail;
c5acfe18 331 }
6c12b52e
LP		 332
333 scope_set_state(s, state);
ac84d1fb
LP		 334 } else if (state == SCOPE_STOP_SIGTERM)
335 scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_SUCCESS);
336 else
6c12b52e
LP		 337 scope_enter_dead(s, SCOPE_SUCCESS);
338
339 return;
340
341fail:
6c12b52e
LP		 342 scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
343}
344
03860190 345static int scope_enter_start_chown(Scope *s) {
e9fa1bf7 346 Unit *u = UNIT(ASSERT_PTR(s));
4775b55d 347 _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
6c12b52e
LP		 348 int r;
349
03860190 350 assert(s->user);
6c12b52e 351
9cc54544
LP		 352 if (!s->cgroup_runtime)
353 return -EINVAL;
354
e9276800 355 r = scope_arm_timer(s, /* relative= */ true, u->manager->defaults.timeout_start_usec);
03860190
MS		 356 if (r < 0)
357 return r;
efdb0237 358
4775b55d 359 r = unit_fork_helper_process(u, "(sd-chown-cgroup)", &pidref);
03860190
MS		 360 if (r < 0)
361 goto fail;
7b617155 362
03860190
MS		 363 if (r == 0) {
364 uid_t uid = UID_INVALID;
365 gid_t gid = GID_INVALID;
6c12b52e 366
03860190
MS		 367 if (!isempty(s->user)) {
368 const char *user = s->user;
6c12b52e 369
03860190
MS		 370 r = get_user_creds(&user, &uid, &gid, NULL, NULL, 0);
371 if (r < 0) {
372 log_unit_error_errno(UNIT(s), r, "Failed to resolve user \"%s\": %m", user);
373 _exit(EXIT_USER);
374 }
375 }
376
377 if (!isempty(s->group)) {
378 const char *group = s->group;
379
380 r = get_group_creds(&group, &gid, 0);
381 if (r < 0) {
382 log_unit_error_errno(UNIT(s), r, "Failed to resolve group \"%s\": %m", group);
383 _exit(EXIT_GROUP);
384 }
385 }
386
9cc54544 387 r = cg_set_access(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_runtime->cgroup_path, uid, gid);
03860190
MS		 388 if (r < 0) {
389 log_unit_error_errno(UNIT(s), r, "Failed to adjust control group access: %m");
390 _exit(EXIT_CGROUP);
391 }
392
393 _exit(EXIT_SUCCESS);
394 }
395
495e75ed 396 r = unit_watch_pidref(UNIT(s), &pidref, /* exclusive= */ true);
03860190
MS		 397 if (r < 0)
398 goto fail;
399
400 scope_set_state(s, SCOPE_START_CHOWN);
401
402 return 1;
403fail:
404 s->timer_event_source = sd_event_source_disable_unref(s->timer_event_source);
405 return r;
406}
407
408static int scope_enter_running(Scope *s) {
e9fa1bf7 409 Unit *u = UNIT(ASSERT_PTR(s));
03860190
MS		 410 int r;
411
371c0b79
LP		 412 (void) bus_scope_track_controller(s);
413
4b58153d
LP		 414 r = unit_acquire_invocation_id(u);
415 if (r < 0)
416 return r;
417
01542056 418 unit_export_state_files(u);
d3070fbd 419
01542056 420 r = unit_attach_pids_to_cgroup(u, u->pids, NULL);
dd305ec9 421 if (r < 0) {
01542056 422 log_unit_warning_errno(u, r, "Failed to add PIDs to scope's control group: %m");
648cb024 423 goto fail;
dd305ec9 424 }
8d3e4ac7 425 if (r == 0) {
648cb024
LP		 426 r = log_unit_warning_errno(u, SYNTHETIC_ERRNO(ECHILD), "No PIDs left to attach to the scope's control group, refusing.");
427 goto fail;
8d3e4ac7
LP		 428 }
429 log_unit_debug(u, "%i %s added to scope's control group.", r, r == 1 ? "process" : "processes");
6c12b52e 430
6c12b52e
LP		 431 s->result = SCOPE_SUCCESS;
432
433 scope_set_state(s, SCOPE_RUNNING);
b91ada2a 434
9ed7de60 435 /* Set the maximum runtime timeout. */
e9276800 436 scope_arm_timer(s, /* relative= */ false, scope_running_timeout(s));
9ed7de60 437
e9eec8b5
FB		 438 /* On unified we use proper notifications hence we can unwatch the PIDs
439 * we just attached to the scope. This can also be done on legacy as
440 * we're going to update the list of the processes we watch with the
441 * PIDs currently in the scope anyway. */
442 unit_unwatch_all_pids(u);
443
444 /* Start watching the PIDs currently in the scope (legacy hierarchy only) */
01542056 445 (void) unit_enqueue_rewatch_pids(u);
82a2b6bb 446 return 1;
648cb024
LP		 447
448fail:
449 scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
450 return r;
6c12b52e
LP		 451}
452
03860190 453static int scope_start(Unit *u) {
e9fa1bf7 454 Scope *s = ASSERT_PTR(SCOPE(u));
03860190
MS		 455
456 if (unit_has_name(u, SPECIAL_INIT_SCOPE))
457 return -EPERM;
458
459 if (s->state == SCOPE_FAILED)
460 return -EPERM;
461
462 /* We can't fulfill this right now, please try again later */
463 if (IN_SET(s->state, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
464 return -EAGAIN;
465
466 assert(s->state == SCOPE_DEAD);
467
468 if (!u->transient && !MANAGER_IS_RELOADING(u->manager))
469 return -ENOENT;
470
471 (void) unit_realize_cgroup(u);
472 (void) unit_reset_accounting(u);
473
474 /* We check only for User= option to keep behavior consistent with logic for service units,
5c19169f 475 * i.e. having 'Delegate=true Group=foo' w/o specifying User= has no effect. */
03860190
MS		 476 if (s->user && unit_cgroup_delegate(u))
477 return scope_enter_start_chown(s);
478
479 return scope_enter_running(s);
480}
481
6c12b52e 482static int scope_stop(Unit *u) {
e9fa1bf7 483 Scope *s = ASSERT_PTR(SCOPE(u));
6c12b52e 484
3742095b 485 if (IN_SET(s->state, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
6c12b52e
LP		 486 return 0;
487
3742095b 488 assert(IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED));
6c12b52e
LP		 489
490 scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_SUCCESS);
82a2b6bb 491 return 1;
6c12b52e
LP		 492}
493
8bcca7e2 494static void scope_reset_failed(Unit *u) {
e9fa1bf7 495 Scope *s = ASSERT_PTR(SCOPE(u));
8bcca7e2
LP		 496
497 if (s->state == SCOPE_FAILED)
498 scope_set_state(s, SCOPE_DEAD);
499
500 s->result = SCOPE_SUCCESS;
501}
502
7a7821c8 503static int scope_get_timeout(Unit *u, usec_t *timeout) {
e9fa1bf7 504 Scope *s = ASSERT_PTR(SCOPE(u));
7a7821c8 505 usec_t t;
68db7a3b
ZJS		 506 int r;
507
508 if (!s->timer_event_source)
509 return 0;
510
7a7821c8 511 r = sd_event_source_get_time(s->timer_event_source, &t);
68db7a3b
ZJS		 512 if (r < 0)
513 return r;
7a7821c8
LP		 514 if (t == USEC_INFINITY)
515 return 0;
68db7a3b 516
7a7821c8 517 *timeout = t;
68db7a3b
ZJS		 518 return 1;
519}
520
6c12b52e 521static int scope_serialize(Unit *u, FILE *f, FDSet *fds) {
e9fa1bf7 522 Scope *s = ASSERT_PTR(SCOPE(u));
495e75ed 523 PidRef *pid;
6c12b52e 524
6c12b52e
LP		 525 assert(f);
526 assert(fds);
527
d68c645b
LP		 528 (void) serialize_item(f, "state", scope_state_to_string(s->state));
529 (void) serialize_bool(f, "was-abandoned", s->was_abandoned);
33fe0afe
LP		 530
531 if (s->controller)
d68c645b 532 (void) serialize_item(f, "controller", s->controller);
33fe0afe 533
495e75ed 534 SET_FOREACH(pid, u->pids)
2a7451dc 535 serialize_pidref(f, fds, "pids", pid);
428a9f6f 536
6c12b52e
LP		 537 return 0;
538}
539
540static int scope_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
e9fa1bf7 541 Scope *s = ASSERT_PTR(SCOPE(u));
33fe0afe 542 int r;
6c12b52e 543
6c12b52e
LP		 544 assert(key);
545 assert(value);
546 assert(fds);
547
548 if (streq(key, "state")) {
549 ScopeState state;
550
551 state = scope_state_from_string(value);
552 if (state < 0)
f2341e0a 553 log_unit_debug(u, "Failed to parse state value: %s", value);
6c12b52e
LP		 554 else
555 s->deserialized_state = state;
556
3862e809
LP		 557 } else if (streq(key, "was-abandoned")) {
558 int k;
559
560 k = parse_boolean(value);
561 if (k < 0)
562 log_unit_debug(u, "Failed to parse boolean value: %s", value);
563 else
564 s->was_abandoned = k;
33fe0afe
LP		 565 } else if (streq(key, "controller")) {
566
567 r = free_and_strdup(&s->controller, value);
568 if (r < 0)
d68c645b 569 return log_oom();
33fe0afe 570
428a9f6f 571 } else if (streq(key, "pids")) {
2a7451dc 572 _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
495e75ed 573
70727771
DDM		 574 /* We don't check if we already received the pid before here because unit_watch_pidref()
575 * does this check internally and discards the new pidref if we already received it before. */
2a7451dc
LP		 576 if (deserialize_pidref(fds, value, &pidref) >= 0) {
577 r = unit_watch_pidref(u, &pidref, /* exclusive= */ false);
578 if (r < 0)
579 log_unit_debug(u, "Failed to watch PID, ignoring: %s", value);
580 }
6c12b52e 581 } else
f2341e0a 582 log_unit_debug(u, "Unknown serialization key: %s", key);
6c12b52e
LP		 583
584 return 0;
585}
586
a911bb9a 587static void scope_notify_cgroup_empty_event(Unit *u) {
e9fa1bf7 588 Scope *s = ASSERT_PTR(SCOPE(u));
a911bb9a 589
f2341e0a 590 log_unit_debug(u, "cgroup is empty");
a911bb9a
LP		 591
592 if (IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
593 scope_enter_dead(s, SCOPE_SUCCESS);
594}
595
7238fd51 596static void scope_notify_cgroup_oom_event(Unit *u, bool managed_oom) {
e9fa1bf7 597 Scope *s = ASSERT_PTR(SCOPE(u));
7238fd51 598
599 if (managed_oom)
600 log_unit_debug(u, "Process(es) of control group were killed by systemd-oomd.");
601 else
602 log_unit_debug(u, "Process of control group was killed by the OOM killer.");
603
5fa09835
ML		 604 if (s->oom_policy == OOM_CONTINUE)
605 return;
606
7238fd51 607 switch (s->state) {
608
609 case SCOPE_START_CHOWN:
610 case SCOPE_RUNNING:
5fa09835
ML		 611 scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_FAILURE_OOM_KILL);
612 break;
613
7238fd51 614 case SCOPE_STOP_SIGTERM:
615 scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_FAILURE_OOM_KILL);
616 break;
617
618 case SCOPE_STOP_SIGKILL:
619 if (s->result == SCOPE_SUCCESS)
620 s->result = SCOPE_FAILURE_OOM_KILL;
621 break;
622 /* SCOPE_DEAD, SCOPE_ABANDONED, and SCOPE_FAILED end up in default */
623 default:
624 ;
625 }
626}
627
a911bb9a 628static void scope_sigchld_event(Unit *u, pid_t pid, int code, int status) {
e9fa1bf7 629 Scope *s = ASSERT_PTR(SCOPE(u));
03860190
MS		 630
631 if (s->state == SCOPE_START_CHOWN) {
632 if (!is_clean_exit(code, status, EXIT_CLEAN_COMMAND, NULL))
633 scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
634 else
635 scope_enter_running(s);
636 return;
637 }
a911bb9a 638
11aef522
LP		 639 /* If we get a SIGCHLD event for one of the processes we were interested in, then we look for others to
640 * watch, under the assumption that we'll sooner or later get a SIGCHLD for them, as the original
641 * process we watched was probably the parent of them, and they are hence now our children. */
a911bb9a 642
50be4f4a 643 (void) unit_enqueue_rewatch_pids(u);
a911bb9a
LP		 644}
645
718db961 646static int scope_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
e9fa1bf7 647 Scope *s = ASSERT_PTR(SCOPE(userdata));
6c12b52e 648
718db961 649 assert(s->timer_event_source == source);
6c12b52e
LP		 650
651 switch (s->state) {
652
9ed7de60
PW		 653 case SCOPE_RUNNING:
654 log_unit_warning(UNIT(s), "Scope reached runtime time limit. Stopping.");
655 scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_FAILURE_TIMEOUT);
656 break;
657
6c12b52e
LP		 658 case SCOPE_STOP_SIGTERM:
659 if (s->kill_context.send_sigkill) {
f2341e0a 660 log_unit_warning(UNIT(s), "Stopping timed out. Killing.");
6c12b52e
LP		 661 scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_FAILURE_TIMEOUT);
662 } else {
f2341e0a 663 log_unit_warning(UNIT(s), "Stopping timed out. Skipping SIGKILL.");
6c12b52e
LP		 664 scope_enter_dead(s, SCOPE_FAILURE_TIMEOUT);
665 }
666
667 break;
668
669 case SCOPE_STOP_SIGKILL:
f2341e0a 670 log_unit_warning(UNIT(s), "Still around after SIGKILL. Ignoring.");
6c12b52e
LP		 671 scope_enter_dead(s, SCOPE_FAILURE_TIMEOUT);
672 break;
673
03860190
MS		 674 case SCOPE_START_CHOWN:
675 log_unit_warning(UNIT(s), "User lookup timed out. Entering failed state.");
676 scope_enter_dead(s, SCOPE_FAILURE_TIMEOUT);
677 break;
678
6c12b52e 679 default:
04499a70 680 assert_not_reached();
6c12b52e 681 }
718db961
LP		 682
683 return 0;
6c12b52e
LP		 684}
685
a911bb9a
LP		 686int scope_abandon(Scope *s) {
687 assert(s);
6c12b52e 688
efdb0237
LP		 689 if (unit_has_name(UNIT(s), SPECIAL_INIT_SCOPE))
690 return -EPERM;
691
a911bb9a
LP		 692 if (!IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED))
693 return -ESTALE;
6c12b52e 694
3862e809 695 s->was_abandoned = true;
371c0b79 696
a1e58e8e 697 s->controller = mfree(s->controller);
371c0b79
LP		 698 s->controller_track = sd_bus_track_unref(s->controller_track);
699
8cb83266 700 scope_set_state(s, SCOPE_ABANDONED);
6c12b52e 701
50be4f4a
LP		 702 /* The client is no longer watching the remaining processes, so let's step in here, under the assumption that
703 * the remaining processes will be sooner or later reassigned to us as parent. */
704 (void) unit_enqueue_rewatch_pids(UNIT(s));
6c12b52e 705
a911bb9a 706 return 0;
6c12b52e
LP		 707}
708
d1e8e8b5 709static UnitActiveState scope_active_state(Unit *u) {
e9fa1bf7 710 Scope *s = ASSERT_PTR(SCOPE(u));
6c12b52e 711
e9fa1bf7 712 return state_translation_table[s->state];
6c12b52e
LP		 713}
714
d1e8e8b5 715static const char *scope_sub_state_to_string(Unit *u) {
e9fa1bf7 716 Scope *s = ASSERT_PTR(SCOPE(u));
6c12b52e 717
e9fa1bf7 718 return scope_state_to_string(s->state);
6c12b52e
LP		 719}
720
04eb582a 721static void scope_enumerate_perpetual(Manager *m) {
efdb0237
LP		 722 Unit *u;
723 int r;
724
725 assert(m);
726
727 /* Let's unconditionally add the "init.scope" special unit
728 * that encapsulates PID 1. Note that PID 1 already is in the
729 * cgroup for this, we hence just need to allocate the object
730 * for it and that's it. */
731
732 u = manager_get_unit(m, SPECIAL_INIT_SCOPE);
733 if (!u) {
a581e45a 734 r = unit_new_for_name(m, sizeof(Scope), SPECIAL_INIT_SCOPE, &u);
efdb0237 735 if (r < 0) {
a581e45a 736 log_error_errno(r, "Failed to allocate the special " SPECIAL_INIT_SCOPE " unit: %m");
ba64af90 737 return;
efdb0237
LP		 738 }
739 }
740
741 u->transient = true;
f5869324 742 u->perpetual = true;
efdb0237 743 SCOPE(u)->deserialized_state = SCOPE_RUNNING;
efdb0237
LP		 744
745 unit_add_to_load_queue(u);
746 unit_add_to_dbus_queue(u);
020b2e41
LB		 747 /* Enqueue an explicit cgroup realization here. Unlike other cgroups this one already exists and is
748 * populated (by us, after all!) already, even when we are not in a reload cycle. Hence we cannot
749 * apply the settings at creation time anymore, but let's at least apply them asynchronously. */
750 unit_add_to_cgroup_realize_queue(u);
efdb0237
LP		 751}
752
6c12b52e 753static const char* const scope_result_table[_SCOPE_RESULT_MAX] = {
48d83e33 754 [SCOPE_SUCCESS] = "success",
6c12b52e 755 [SCOPE_FAILURE_RESOURCES] = "resources",
48d83e33 756 [SCOPE_FAILURE_TIMEOUT] = "timeout",
7238fd51 757 [SCOPE_FAILURE_OOM_KILL] = "oom-kill",
6c12b52e
LP		 758};
759
760DEFINE_STRING_TABLE_LOOKUP(scope_result, ScopeResult);
761
762const UnitVTable scope_vtable = {
763 .object_size = sizeof(Scope),
718db961
LP		 764 .cgroup_context_offset = offsetof(Scope, cgroup_context),
765 .kill_context_offset = offsetof(Scope, kill_context),
9cc54544 766 .cgroup_runtime_offset = offsetof(Scope, cgroup_runtime),
718db961 767
6c12b52e
LP		 768 .sections =
769 "Unit\0"
770 "Scope\0"
771 "Install\0",
6c12b52e 772 .private_section = "Scope",
6c12b52e 773
700e2d63 774 .can_transient = true,
1d9cc876 775 .can_delegate = true,
c80a9a33 776 .can_fail = true,
d4fd1cf2 777 .once_only = true,
4d824a4e 778 .can_set_managed_oom = true,
6c12b52e
LP		 779
780 .init = scope_init,
781 .load = scope_load,
782 .done = scope_done,
783
784 .coldplug = scope_coldplug,
785
786 .dump = scope_dump,
787
788 .start = scope_start,
789 .stop = scope_stop,
790
16b6af6a 791 .freezer_action = unit_cgroup_freezer_action,
d9e45bc3 792
68db7a3b
ZJS		 793 .get_timeout = scope_get_timeout,
794
6c12b52e
LP		 795 .serialize = scope_serialize,
796 .deserialize_item = scope_deserialize_item,
797
798 .active_state = scope_active_state,
799 .sub_state_to_string = scope_sub_state_to_string,
800
a911bb9a
LP		 801 .sigchld_event = scope_sigchld_event,
802
8bcca7e2
LP		 803 .reset_failed = scope_reset_failed,
804
6c12b52e 805 .notify_cgroup_empty = scope_notify_cgroup_empty_event,
7238fd51 806 .notify_cgroup_oom = scope_notify_cgroup_oom_event,
6c12b52e 807
6c12b52e
LP		 808 .bus_set_property = bus_scope_set_property,
809 .bus_commit_properties = bus_scope_commit_properties,
810
04eb582a 811 .enumerate_perpetual = scope_enumerate_perpetual,
6c12b52e 812};
Unnamed repository; edit this file 'description' to name the repository.