]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/scope.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ci: enable arm64 runner for build/unit jobs
[thirdparty/systemd.git] / src / core / scope.c
CommitLineData
db9ecf05 1/* SPDX-License-Identifier: LGPL-2.1-or-later */
6c12b52e 2
6c12b52e
LP		 3#include <unistd.h>
4
836e4e7e
DDM		 5#include "sd-bus.h"
6
dafb4063 7#include "cgroup-setup.h"
07630cea 8#include "dbus-scope.h"
6fcbec6f 9#include "dbus-unit.h"
03860190 10#include "exit-status.h"
6c12b52e 11#include "log.h"
4ea4abb6 12#include "manager.h"
c94f6ab1 13#include "parse-util.h"
836e4e7e 14#include "pidref.h"
5918a933 15#include "random-util.h"
b5efdb8a 16#include "scope.h"
d68c645b 17#include "serialize.h"
836e4e7e 18#include "set.h"
6c12b52e 19#include "special.h"
8b43440b 20#include "string-table.h"
07630cea
LP		 21#include "string-util.h"
22#include "strv.h"
efdb0237 23#include "unit.h"
03860190 24#include "user-util.h"
6c12b52e
LP		 25
26static const UnitActiveState state_translation_table[_SCOPE_STATE_MAX] = {
17f6b640
YW		 27 [SCOPE_DEAD] = UNIT_INACTIVE,
28 [SCOPE_START_CHOWN] = UNIT_ACTIVATING,
29 [SCOPE_RUNNING] = UNIT_ACTIVE,
30 [SCOPE_ABANDONED] = UNIT_ACTIVE,
6c12b52e
LP		 31 [SCOPE_STOP_SIGTERM] = UNIT_DEACTIVATING,
32 [SCOPE_STOP_SIGKILL] = UNIT_DEACTIVATING,
17f6b640 33 [SCOPE_FAILED] = UNIT_FAILED,
6c12b52e
LP		 34};
35
718db961
LP		 36static int scope_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
37
6c12b52e 38static void scope_init(Unit *u) {
e9fa1bf7 39 Scope *s = ASSERT_PTR(SCOPE(u));
6c12b52e 40
6c12b52e
LP		 41 assert(u->load_state == UNIT_STUB);
42
9ed7de60 43 s->runtime_max_usec = USEC_INFINITY;
c9e120e0 44 s->timeout_stop_usec = u->manager->defaults.timeout_stop_usec;
1b4cd0cf 45 u->ignore_on_isolate = true;
03860190 46 s->user = s->group = NULL;
5fa09835 47 s->oom_policy = _OOM_POLICY_INVALID;
6c12b52e
LP		 48}
49
50static void scope_done(Unit *u) {
e9fa1bf7 51 Scope *s = ASSERT_PTR(SCOPE(u));
6c12b52e 52
371c0b79
LP		 53 s->controller = mfree(s->controller);
54 s->controller_track = sd_bus_track_unref(s->controller_track);
2d4a39e7 55
5dcadb4c 56 s->timer_event_source = sd_event_source_disable_unref(s->timer_event_source);
03860190
MS		 57
58 s->user = mfree(s->user);
59 s->group = mfree(s->group);
718db961
LP		 60}
61
ecea250d 62static usec_t scope_running_timeout(Scope *s) {
5918a933
AB		 63 usec_t delta = 0;
64
65 assert(s);
66
67 if (s->runtime_rand_extra_usec != 0) {
68 delta = random_u64_range(s->runtime_rand_extra_usec);
69 log_unit_debug(UNIT(s), "Adding delta of %s sec to timeout", FORMAT_TIMESPAN(delta, USEC_PER_SEC));
70 }
71
72 return usec_add(usec_add(UNIT(s)->active_enter_timestamp.monotonic,
73 s->runtime_max_usec),
74 delta);
75}
76
e9276800 77static int scope_arm_timer(Scope *s, bool relative, usec_t usec) {
718db961
LP		 78 assert(s);
79
e9276800 80 return unit_arm_timer(UNIT(s), &s->timer_event_source, relative, usec, scope_dispatch_timer);
6c12b52e
LP		 81}
82
83static void scope_set_state(Scope *s, ScopeState state) {
84 ScopeState old_state;
e9fa1bf7 85
6c12b52e
LP		 86 assert(s);
87
6fcbec6f
LP		 88 if (s->state != state)
89 bus_unit_send_pending_change_signal(UNIT(s), false);
90
6c12b52e
LP		 91 old_state = s->state;
92 s->state = state;
93
e1f85b49 94 if (!IN_SET(state, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL, SCOPE_START_CHOWN, SCOPE_RUNNING))
5dcadb4c 95 s->timer_event_source = sd_event_source_disable_unref(s->timer_event_source);
6c12b52e 96
55e4df21 97 if (!IN_SET(old_state, SCOPE_DEAD, SCOPE_FAILED) && IN_SET(state, SCOPE_DEAD, SCOPE_FAILED))
a911bb9a
LP		 98 unit_unwatch_all_pids(UNIT(s));
99
6c12b52e 100 if (state != old_state)
b7e4e152
MY		 101 log_unit_debug(UNIT(s), "Changed %s -> %s",
102 scope_state_to_string(old_state), scope_state_to_string(state));
6c12b52e 103
96b09de5 104 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], /* reload_success = */ true);
6c12b52e
LP		 105}
106
107static int scope_add_default_dependencies(Scope *s) {
3835b9aa
LB		 108 int r;
109
6c12b52e
LP		 110 assert(s);
111
4c9ea260
LP		 112 if (!UNIT(s)->default_dependencies)
113 return 0;
114
6c12b52e 115 /* Make sure scopes are unloaded on shutdown */
3835b9aa
LB		 116 r = unit_add_two_dependencies_by_name(
117 UNIT(s),
118 UNIT_BEFORE, UNIT_CONFLICTS,
119 SPECIAL_SHUTDOWN_TARGET, true,
120 UNIT_DEPENDENCY_DEFAULT);
121 if (r < 0)
122 return r;
123
124 return 0;
6c12b52e
LP		 125}
126
127static int scope_verify(Scope *s) {
128 assert(s);
75193d41 129 assert(UNIT(s)->load_state == UNIT_LOADED);
6c12b52e 130
efdb0237 131 if (set_isempty(UNIT(s)->pids) &&
2c289ea8 132 !MANAGER_IS_RELOADING(UNIT(s)->manager) &&
d85ff944
YW		 133 !unit_has_name(UNIT(s), SPECIAL_INIT_SCOPE))
134 return log_unit_error_errno(UNIT(s), SYNTHETIC_ERRNO(ENOENT), "Scope has no PIDs. Refusing.");
6c12b52e
LP		 135
136 return 0;
137}
138
8e4e851f
LP		 139static int scope_load_init_scope(Unit *u) {
140 assert(u);
141
142 if (!unit_has_name(u, SPECIAL_INIT_SCOPE))
143 return 0;
144
145 u->transient = true;
f5869324 146 u->perpetual = true;
8e4e851f
LP		 147
148 /* init.scope is a bit special, as it has to stick around forever. Because of its special semantics we
149 * synthesize it here, instead of relying on the unit file on disk. */
150
151 u->default_dependencies = false;
8e4e851f
LP		 152
153 /* Prettify things, if we can. */
154 if (!u->description)
155 u->description = strdup("System and Service Manager");
156 if (!u->documentation)
157 (void) strv_extend(&u->documentation, "man:systemd(1)");
158
159 return 1;
160}
161
75193d41
ZJS		 162static int scope_add_extras(Scope *s) {
163 int r;
164
165 r = unit_patch_contexts(UNIT(s));
166 if (r < 0)
167 return r;
168
169 r = unit_set_default_slice(UNIT(s));
170 if (r < 0)
171 return r;
172
5fa09835 173 if (s->oom_policy < 0)
c9e120e0 174 s->oom_policy = s->cgroup_context.delegate ? OOM_CONTINUE : UNIT(s)->manager->defaults.oom_policy;
5fa09835
ML		 175
176 s->cgroup_context.memory_oom_group = s->oom_policy == OOM_KILL;
177
75193d41
ZJS		 178 return scope_add_default_dependencies(s);
179}
180
6c12b52e 181static int scope_load(Unit *u) {
e9fa1bf7 182 Scope *s = ASSERT_PTR(SCOPE(u));
6c12b52e
LP		 183 int r;
184
6c12b52e
LP		 185 assert(u->load_state == UNIT_STUB);
186
2c289ea8 187 if (!u->transient && !MANAGER_IS_RELOADING(u->manager))
4f4afc88 188 /* Refuse to load non-transient scope units, but allow them while reloading. */
6c12b52e
LP		 189 return -ENOENT;
190
8e4e851f
LP		 191 r = scope_load_init_scope(u);
192 if (r < 0)
193 return r;
c3620770
ZJS		 194
195 r = unit_load_fragment_and_dropin(u, false);
6c12b52e
LP		 196 if (r < 0)
197 return r;
198
75193d41
ZJS		 199 if (u->load_state != UNIT_LOADED)
200 return 0;
6c12b52e 201
75193d41
ZJS		 202 r = scope_add_extras(s);
203 if (r < 0)
204 return r;
6c12b52e
LP		 205
206 return scope_verify(s);
207}
208
7508f7f2
PW		 209static usec_t scope_coldplug_timeout(Scope *s) {
210 assert(s);
211
212 switch (s->deserialized_state) {
213
9ed7de60 214 case SCOPE_RUNNING:
5918a933 215 return scope_running_timeout(s);
9ed7de60 216
7508f7f2
PW		 217 case SCOPE_STOP_SIGKILL:
218 case SCOPE_STOP_SIGTERM:
219 return usec_add(UNIT(s)->state_change_timestamp.monotonic, s->timeout_stop_usec);
220
221 default:
222 return USEC_INFINITY;
223 }
224}
225
be847e82 226static int scope_coldplug(Unit *u) {
e9fa1bf7 227 Scope *s = ASSERT_PTR(SCOPE(u));
6c12b52e
LP		 228 int r;
229
6c12b52e
LP		 230 assert(s->state == SCOPE_DEAD);
231
36c16a7c
LP		 232 if (s->deserialized_state == s->state)
233 return 0;
a911bb9a 234
e9276800 235 r = scope_arm_timer(s, /* relative= */ false, scope_coldplug_timeout(s));
7508f7f2
PW		 236 if (r < 0)
237 return r;
6c12b52e 238
55e4df21
MY		 239 if (!IN_SET(s->deserialized_state, SCOPE_DEAD, SCOPE_FAILED) && u->pids) {
240 PidRef *pid;
241 SET_FOREACH(pid, u->pids) {
242 r = unit_watch_pidref(u, pid, /* exclusive= */ false);
66f83537 243 if (r < 0)
55e4df21
MY		 244 return r;
245 }
428a9f6f 246 }
36c16a7c 247
371c0b79
LP		 248 bus_scope_track_controller(s);
249
36c16a7c 250 scope_set_state(s, s->deserialized_state);
6c12b52e
LP		 251 return 0;
252}
253
254static void scope_dump(Unit *u, FILE *f, const char *prefix) {
e9fa1bf7 255 Scope *s = ASSERT_PTR(SCOPE(u));
6c12b52e 256
6c12b52e 257 assert(f);
e9fa1bf7 258 assert(prefix);
6c12b52e
LP		 259
260 fprintf(f,
261 "%sScope State: %s\n"
9ed7de60 262 "%sResult: %s\n"
5918a933 263 "%sRuntimeMaxSec: %s\n"
5fa09835
ML		 264 "%sRuntimeRandomizedExtraSec: %s\n"
265 "%sOOMPolicy: %s\n",
6c12b52e 266 prefix, scope_state_to_string(s->state),
9ed7de60 267 prefix, scope_result_to_string(s->result),
5918a933 268 prefix, FORMAT_TIMESPAN(s->runtime_max_usec, USEC_PER_SEC),
5fa09835
ML		 269 prefix, FORMAT_TIMESPAN(s->runtime_rand_extra_usec, USEC_PER_SEC),
270 prefix, oom_policy_to_string(s->oom_policy));
6c12b52e 271
e9fa1bf7 272 cgroup_context_dump(u, f, prefix);
6c12b52e
LP		 273 kill_context_dump(&s->kill_context, f, prefix);
274}
275
276static void scope_enter_dead(Scope *s, ScopeResult f) {
277 assert(s);
278
a0fef983 279 if (s->result == SCOPE_SUCCESS)
6c12b52e
LP		 280 s->result = f;
281
aac99f30 282 unit_log_result(UNIT(s), s->result == SCOPE_SUCCESS, scope_result_to_string(s->result));
6c12b52e
LP		 283 scope_set_state(s, s->result != SCOPE_SUCCESS ? SCOPE_FAILED : SCOPE_DEAD);
284}
285
286static void scope_enter_signal(Scope *s, ScopeState state, ScopeResult f) {
2d4a39e7 287 bool skip_signal = false;
6c12b52e
LP		 288 int r;
289
290 assert(s);
291
a0fef983 292 if (s->result == SCOPE_SUCCESS)
6c12b52e
LP		 293 s->result = f;
294
371c0b79
LP		 295 /* If we have a controller set let's ask the controller nicely to terminate the scope, instead of us going
296 * directly into SIGTERM berserk mode */
2d4a39e7
LP		 297 if (state == SCOPE_STOP_SIGTERM)
298 skip_signal = bus_scope_send_request_stop(s) > 0;
299
59ec09a8
ZJS		 300 if (skip_signal)
301 r = 1; /* wait */
302 else {
2d4a39e7
LP		 303 r = unit_kill_context(
304 UNIT(s),
3862e809
LP		 305 state != SCOPE_STOP_SIGTERM ? KILL_KILL :
306 s->was_abandoned ? KILL_TERMINATE_AND_LOG :
b826e317 307 KILL_TERMINATE);
c5acfe18
LP		 308 if (r < 0) {
309 log_unit_warning_errno(UNIT(s), r, "Failed to kill processes: %m");
2d4a39e7 310 goto fail;
c5acfe18 311 }
59ec09a8 312 }
6c12b52e
LP		 313
314 if (r > 0) {
e9276800 315 r = scope_arm_timer(s, /* relative= */ true, s->timeout_stop_usec);
c5acfe18
LP		 316 if (r < 0) {
317 log_unit_warning_errno(UNIT(s), r, "Failed to install timer: %m");
718db961 318 goto fail;
c5acfe18 319 }
6c12b52e
LP		 320
321 scope_set_state(s, state);
ac84d1fb
LP		 322 } else if (state == SCOPE_STOP_SIGTERM)
323 scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_SUCCESS);
324 else
6c12b52e
LP		 325 scope_enter_dead(s, SCOPE_SUCCESS);
326
327 return;
328
329fail:
6c12b52e
LP		 330 scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
331}
332
03860190 333static int scope_enter_start_chown(Scope *s) {
e9fa1bf7 334 Unit *u = UNIT(ASSERT_PTR(s));
4775b55d 335 _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
6c12b52e
LP		 336 int r;
337
03860190 338 assert(s->user);
6c12b52e 339
9cc54544
LP		 340 if (!s->cgroup_runtime)
341 return -EINVAL;
342
e9276800 343 r = scope_arm_timer(s, /* relative= */ true, u->manager->defaults.timeout_start_usec);
03860190
MS		 344 if (r < 0)
345 return r;
efdb0237 346
5162829e 347 r = unit_fork_helper_process(u, "(sd-chown-cgroup)", /* into_cgroup= */ true, &pidref);
03860190
MS		 348 if (r < 0)
349 goto fail;
7b617155 350
03860190
MS		 351 if (r == 0) {
352 uid_t uid = UID_INVALID;
353 gid_t gid = GID_INVALID;
6c12b52e 354
03860190
MS		 355 if (!isempty(s->user)) {
356 const char *user = s->user;
6c12b52e 357
03860190
MS		 358 r = get_user_creds(&user, &uid, &gid, NULL, NULL, 0);
359 if (r < 0) {
360 log_unit_error_errno(UNIT(s), r, "Failed to resolve user \"%s\": %m", user);
361 _exit(EXIT_USER);
362 }
363 }
364
365 if (!isempty(s->group)) {
366 const char *group = s->group;
367
368 r = get_group_creds(&group, &gid, 0);
369 if (r < 0) {
370 log_unit_error_errno(UNIT(s), r, "Failed to resolve group \"%s\": %m", group);
371 _exit(EXIT_GROUP);
372 }
373 }
374
188286ee 375 r = cg_set_access(s->cgroup_runtime->cgroup_path, uid, gid);
03860190
MS		 376 if (r < 0) {
377 log_unit_error_errno(UNIT(s), r, "Failed to adjust control group access: %m");
378 _exit(EXIT_CGROUP);
379 }
380
381 _exit(EXIT_SUCCESS);
382 }
383
495e75ed 384 r = unit_watch_pidref(UNIT(s), &pidref, /* exclusive= */ true);
03860190
MS		 385 if (r < 0)
386 goto fail;
387
388 scope_set_state(s, SCOPE_START_CHOWN);
389
390 return 1;
391fail:
392 s->timer_event_source = sd_event_source_disable_unref(s->timer_event_source);
393 return r;
394}
395
396static int scope_enter_running(Scope *s) {
e9fa1bf7 397 Unit *u = UNIT(ASSERT_PTR(s));
03860190
MS		 398 int r;
399
371c0b79
LP		 400 (void) bus_scope_track_controller(s);
401
4b58153d
LP		 402 r = unit_acquire_invocation_id(u);
403 if (r < 0)
404 return r;
405
01542056 406 unit_export_state_files(u);
d3070fbd 407
01542056 408 r = unit_attach_pids_to_cgroup(u, u->pids, NULL);
dd305ec9 409 if (r < 0) {
01542056 410 log_unit_warning_errno(u, r, "Failed to add PIDs to scope's control group: %m");
648cb024 411 goto fail;
dd305ec9 412 }
8d3e4ac7 413 if (r == 0) {
648cb024
LP		 414 r = log_unit_warning_errno(u, SYNTHETIC_ERRNO(ECHILD), "No PIDs left to attach to the scope's control group, refusing.");
415 goto fail;
8d3e4ac7
LP		 416 }
417 log_unit_debug(u, "%i %s added to scope's control group.", r, r == 1 ? "process" : "processes");
6c12b52e 418
6c12b52e
LP		 419 s->result = SCOPE_SUCCESS;
420
421 scope_set_state(s, SCOPE_RUNNING);
b91ada2a 422
9ed7de60 423 /* Set the maximum runtime timeout. */
e9276800 424 scope_arm_timer(s, /* relative= */ false, scope_running_timeout(s));
9ed7de60 425
55e4df21 426 /* Unwatch all pids we've just added to cgroup. We rely on empty notifications there. */
e9eec8b5
FB		 427 unit_unwatch_all_pids(u);
428
82a2b6bb 429 return 1;
648cb024
LP		 430
431fail:
432 scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
433 return r;
6c12b52e
LP		 434}
435
03860190 436static int scope_start(Unit *u) {
e9fa1bf7 437 Scope *s = ASSERT_PTR(SCOPE(u));
03860190
MS		 438
439 if (unit_has_name(u, SPECIAL_INIT_SCOPE))
440 return -EPERM;
441
442 if (s->state == SCOPE_FAILED)
443 return -EPERM;
444
445 /* We can't fulfill this right now, please try again later */
446 if (IN_SET(s->state, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
447 return -EAGAIN;
448
449 assert(s->state == SCOPE_DEAD);
450
451 if (!u->transient && !MANAGER_IS_RELOADING(u->manager))
452 return -ENOENT;
453
454 (void) unit_realize_cgroup(u);
455 (void) unit_reset_accounting(u);
456
457 /* We check only for User= option to keep behavior consistent with logic for service units,
5c19169f 458 * i.e. having 'Delegate=true Group=foo' w/o specifying User= has no effect. */
03860190
MS		 459 if (s->user && unit_cgroup_delegate(u))
460 return scope_enter_start_chown(s);
461
462 return scope_enter_running(s);
463}
464
6c12b52e 465static int scope_stop(Unit *u) {
e9fa1bf7 466 Scope *s = ASSERT_PTR(SCOPE(u));
6c12b52e 467
3742095b 468 if (IN_SET(s->state, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
6c12b52e
LP		 469 return 0;
470
3742095b 471 assert(IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED));
6c12b52e
LP		 472
473 scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_SUCCESS);
82a2b6bb 474 return 1;
6c12b52e
LP		 475}
476
8bcca7e2 477static void scope_reset_failed(Unit *u) {
e9fa1bf7 478 Scope *s = ASSERT_PTR(SCOPE(u));
8bcca7e2
LP		 479
480 if (s->state == SCOPE_FAILED)
481 scope_set_state(s, SCOPE_DEAD);
482
483 s->result = SCOPE_SUCCESS;
484}
485
7a7821c8 486static int scope_get_timeout(Unit *u, usec_t *timeout) {
e9fa1bf7 487 Scope *s = ASSERT_PTR(SCOPE(u));
7a7821c8 488 usec_t t;
68db7a3b
ZJS		 489 int r;
490
491 if (!s->timer_event_source)
492 return 0;
493
7a7821c8 494 r = sd_event_source_get_time(s->timer_event_source, &t);
68db7a3b
ZJS		 495 if (r < 0)
496 return r;
7a7821c8
LP		 497 if (t == USEC_INFINITY)
498 return 0;
68db7a3b 499
7a7821c8 500 *timeout = t;
68db7a3b
ZJS		 501 return 1;
502}
503
6c12b52e 504static int scope_serialize(Unit *u, FILE *f, FDSet *fds) {
e9fa1bf7 505 Scope *s = ASSERT_PTR(SCOPE(u));
495e75ed 506 PidRef *pid;
6c12b52e 507
6c12b52e
LP		 508 assert(f);
509 assert(fds);
510
d68c645b
LP		 511 (void) serialize_item(f, "state", scope_state_to_string(s->state));
512 (void) serialize_bool(f, "was-abandoned", s->was_abandoned);
33fe0afe
LP		 513
514 if (s->controller)
d68c645b 515 (void) serialize_item(f, "controller", s->controller);
33fe0afe 516
495e75ed 517 SET_FOREACH(pid, u->pids)
2a7451dc 518 serialize_pidref(f, fds, "pids", pid);
428a9f6f 519
6c12b52e
LP		 520 return 0;
521}
522
523static int scope_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
e9fa1bf7 524 Scope *s = ASSERT_PTR(SCOPE(u));
33fe0afe 525 int r;
6c12b52e 526
6c12b52e
LP		 527 assert(key);
528 assert(value);
529 assert(fds);
530
531 if (streq(key, "state")) {
532 ScopeState state;
533
534 state = scope_state_from_string(value);
535 if (state < 0)
f2341e0a 536 log_unit_debug(u, "Failed to parse state value: %s", value);
6c12b52e
LP		 537 else
538 s->deserialized_state = state;
539
3862e809
LP		 540 } else if (streq(key, "was-abandoned")) {
541 int k;
542
543 k = parse_boolean(value);
544 if (k < 0)
545 log_unit_debug(u, "Failed to parse boolean value: %s", value);
546 else
547 s->was_abandoned = k;
33fe0afe
LP		 548 } else if (streq(key, "controller")) {
549
550 r = free_and_strdup(&s->controller, value);
551 if (r < 0)
d68c645b 552 return log_oom();
33fe0afe 553
428a9f6f 554 } else if (streq(key, "pids")) {
2a7451dc 555 _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
495e75ed 556
70727771
DDM		 557 /* We don't check if we already received the pid before here because unit_watch_pidref()
558 * does this check internally and discards the new pidref if we already received it before. */
2a7451dc
LP		 559 if (deserialize_pidref(fds, value, &pidref) >= 0) {
560 r = unit_watch_pidref(u, &pidref, /* exclusive= */ false);
561 if (r < 0)
562 log_unit_debug(u, "Failed to watch PID, ignoring: %s", value);
563 }
6c12b52e 564 } else
f2341e0a 565 log_unit_debug(u, "Unknown serialization key: %s", key);
6c12b52e
LP		 566
567 return 0;
568}
569
a911bb9a 570static void scope_notify_cgroup_empty_event(Unit *u) {
e9fa1bf7 571 Scope *s = ASSERT_PTR(SCOPE(u));
a911bb9a 572
f2341e0a 573 log_unit_debug(u, "cgroup is empty");
a911bb9a
LP		 574
575 if (IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
576 scope_enter_dead(s, SCOPE_SUCCESS);
577}
578
7238fd51 579static void scope_notify_cgroup_oom_event(Unit *u, bool managed_oom) {
e9fa1bf7 580 Scope *s = ASSERT_PTR(SCOPE(u));
7238fd51 581
582 if (managed_oom)
583 log_unit_debug(u, "Process(es) of control group were killed by systemd-oomd.");
584 else
585 log_unit_debug(u, "Process of control group was killed by the OOM killer.");
586
5fa09835
ML		 587 if (s->oom_policy == OOM_CONTINUE)
588 return;
589
7238fd51 590 switch (s->state) {
591
592 case SCOPE_START_CHOWN:
593 case SCOPE_RUNNING:
5fa09835
ML		 594 scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_FAILURE_OOM_KILL);
595 break;
596
7238fd51 597 case SCOPE_STOP_SIGTERM:
598 scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_FAILURE_OOM_KILL);
599 break;
600
601 case SCOPE_STOP_SIGKILL:
602 if (s->result == SCOPE_SUCCESS)
603 s->result = SCOPE_FAILURE_OOM_KILL;
604 break;
605 /* SCOPE_DEAD, SCOPE_ABANDONED, and SCOPE_FAILED end up in default */
606 default:
607 ;
608 }
609}
610
a911bb9a 611static void scope_sigchld_event(Unit *u, pid_t pid, int code, int status) {
e9fa1bf7 612 Scope *s = ASSERT_PTR(SCOPE(u));
03860190
MS		 613
614 if (s->state == SCOPE_START_CHOWN) {
615 if (!is_clean_exit(code, status, EXIT_CLEAN_COMMAND, NULL))
616 scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
617 else
618 scope_enter_running(s);
619 return;
620 }
a911bb9a
LP		 621}
622
718db961 623static int scope_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
e9fa1bf7 624 Scope *s = ASSERT_PTR(SCOPE(userdata));
6c12b52e 625
718db961 626 assert(s->timer_event_source == source);
6c12b52e
LP		 627
628 switch (s->state) {
629
9ed7de60
PW		 630 case SCOPE_RUNNING:
631 log_unit_warning(UNIT(s), "Scope reached runtime time limit. Stopping.");
632 scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_FAILURE_TIMEOUT);
633 break;
634
6c12b52e
LP		 635 case SCOPE_STOP_SIGTERM:
636 if (s->kill_context.send_sigkill) {
f2341e0a 637 log_unit_warning(UNIT(s), "Stopping timed out. Killing.");
6c12b52e
LP		 638 scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_FAILURE_TIMEOUT);
639 } else {
f2341e0a 640 log_unit_warning(UNIT(s), "Stopping timed out. Skipping SIGKILL.");
6c12b52e
LP		 641 scope_enter_dead(s, SCOPE_FAILURE_TIMEOUT);
642 }
643
644 break;
645
646 case SCOPE_STOP_SIGKILL:
f2341e0a 647 log_unit_warning(UNIT(s), "Still around after SIGKILL. Ignoring.");
6c12b52e
LP		 648 scope_enter_dead(s, SCOPE_FAILURE_TIMEOUT);
649 break;
650
03860190
MS		 651 case SCOPE_START_CHOWN:
652 log_unit_warning(UNIT(s), "User lookup timed out. Entering failed state.");
653 scope_enter_dead(s, SCOPE_FAILURE_TIMEOUT);
654 break;
655
6c12b52e 656 default:
04499a70 657 assert_not_reached();
6c12b52e 658 }
718db961
LP		 659
660 return 0;
6c12b52e
LP		 661}
662
a911bb9a
LP		 663int scope_abandon(Scope *s) {
664 assert(s);
6c12b52e 665
efdb0237
LP		 666 if (unit_has_name(UNIT(s), SPECIAL_INIT_SCOPE))
667 return -EPERM;
668
a911bb9a
LP		 669 if (!IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED))
670 return -ESTALE;
6c12b52e 671
3862e809 672 s->was_abandoned = true;
371c0b79 673
a1e58e8e 674 s->controller = mfree(s->controller);
371c0b79
LP		 675 s->controller_track = sd_bus_track_unref(s->controller_track);
676
8cb83266 677 scope_set_state(s, SCOPE_ABANDONED);
6c12b52e 678
a911bb9a 679 return 0;
6c12b52e
LP		 680}
681
d1e8e8b5 682static UnitActiveState scope_active_state(Unit *u) {
e9fa1bf7 683 Scope *s = ASSERT_PTR(SCOPE(u));
6c12b52e 684
e9fa1bf7 685 return state_translation_table[s->state];
6c12b52e
LP		 686}
687
d1e8e8b5 688static const char *scope_sub_state_to_string(Unit *u) {
e9fa1bf7 689 Scope *s = ASSERT_PTR(SCOPE(u));
6c12b52e 690
e9fa1bf7 691 return scope_state_to_string(s->state);
6c12b52e
LP		 692}
693
04eb582a 694static void scope_enumerate_perpetual(Manager *m) {
efdb0237
LP		 695 Unit *u;
696 int r;
697
698 assert(m);
699
700 /* Let's unconditionally add the "init.scope" special unit
701 * that encapsulates PID 1. Note that PID 1 already is in the
702 * cgroup for this, we hence just need to allocate the object
703 * for it and that's it. */
704
705 u = manager_get_unit(m, SPECIAL_INIT_SCOPE);
706 if (!u) {
a581e45a 707 r = unit_new_for_name(m, sizeof(Scope), SPECIAL_INIT_SCOPE, &u);
2b2ca7ff
ZJS		 708 if (r < 0)
709 return (void) log_error_errno(r, "Failed to allocate the special %s unit: %m",
710 SPECIAL_INIT_SCOPE);
efdb0237
LP		 711 }
712
713 u->transient = true;
f5869324 714 u->perpetual = true;
efdb0237 715 SCOPE(u)->deserialized_state = SCOPE_RUNNING;
efdb0237
LP		 716
717 unit_add_to_load_queue(u);
718 unit_add_to_dbus_queue(u);
020b2e41
LB		 719 /* Enqueue an explicit cgroup realization here. Unlike other cgroups this one already exists and is
720 * populated (by us, after all!) already, even when we are not in a reload cycle. Hence we cannot
721 * apply the settings at creation time anymore, but let's at least apply them asynchronously. */
722 unit_add_to_cgroup_realize_queue(u);
efdb0237
LP		 723}
724
6c12b52e 725static const char* const scope_result_table[_SCOPE_RESULT_MAX] = {
48d83e33 726 [SCOPE_SUCCESS] = "success",
6c12b52e 727 [SCOPE_FAILURE_RESOURCES] = "resources",
48d83e33 728 [SCOPE_FAILURE_TIMEOUT] = "timeout",
7238fd51 729 [SCOPE_FAILURE_OOM_KILL] = "oom-kill",
6c12b52e
LP		 730};
731
732DEFINE_STRING_TABLE_LOOKUP(scope_result, ScopeResult);
733
734const UnitVTable scope_vtable = {
735 .object_size = sizeof(Scope),
718db961
LP		 736 .cgroup_context_offset = offsetof(Scope, cgroup_context),
737 .kill_context_offset = offsetof(Scope, kill_context),
9cc54544 738 .cgroup_runtime_offset = offsetof(Scope, cgroup_runtime),
718db961 739
6c12b52e
LP		 740 .sections =
741 "Unit\0"
742 "Scope\0"
743 "Install\0",
6c12b52e 744 .private_section = "Scope",
6c12b52e 745
700e2d63 746 .can_transient = true,
1d9cc876 747 .can_delegate = true,
c80a9a33 748 .can_fail = true,
d4fd1cf2 749 .once_only = true,
4d824a4e 750 .can_set_managed_oom = true,
6c12b52e
LP		 751
752 .init = scope_init,
753 .load = scope_load,
754 .done = scope_done,
755
756 .coldplug = scope_coldplug,
757
758 .dump = scope_dump,
759
760 .start = scope_start,
761 .stop = scope_stop,
762
16b6af6a 763 .freezer_action = unit_cgroup_freezer_action,
d9e45bc3 764
68db7a3b
ZJS		 765 .get_timeout = scope_get_timeout,
766
6c12b52e
LP		 767 .serialize = scope_serialize,
768 .deserialize_item = scope_deserialize_item,
769
770 .active_state = scope_active_state,
771 .sub_state_to_string = scope_sub_state_to_string,
772
a911bb9a
LP		 773 .sigchld_event = scope_sigchld_event,
774
8bcca7e2
LP		 775 .reset_failed = scope_reset_failed,
776
6c12b52e 777 .notify_cgroup_empty = scope_notify_cgroup_empty_event,
7238fd51 778 .notify_cgroup_oom = scope_notify_cgroup_oom_event,
6c12b52e 779
6c12b52e
LP		 780 .bus_set_property = bus_scope_set_property,
781 .bus_commit_properties = bus_scope_commit_properties,
782
04eb582a 783 .enumerate_perpetual = scope_enumerate_perpetual,
6c12b52e 784};
Unnamed repository; edit this file 'description' to name the repository.