]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/socket.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
man: make it more clear that the concepts systemctl(1) manage are introduced in syste...
[thirdparty/systemd.git] / src / core / socket.c
CommitLineData
d6c9574f 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
5cb5a6ff 2
a7334b09
LP		 3/***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
a7334b09
LP		 11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 16 Lesser General Public License for more details.
a7334b09 17
5430f7f2 18 You should have received a copy of the GNU Lesser General Public License
a7334b09
LP		 19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20***/
21
83c60c9f
LP		 22#include <sys/types.h>
23#include <sys/stat.h>
24#include <unistd.h>
25#include <errno.h>
26#include <fcntl.h>
f94ea366 27#include <sys/epoll.h>
034c6ed7 28#include <signal.h>
4f2d528d 29#include <arpa/inet.h>
718db961 30#include <netinet/tcp.h>
916abb21 31#include <mqueue.h>
d2edfae0 32#include <sys/xattr.h>
83c60c9f 33
718db961 34#include "sd-event.h"
83c60c9f 35#include "log.h"
23a177ef
LP		 36#include "load-dropin.h"
37#include "load-fragment.h"
9e2f7c11 38#include "strv.h"
49e942b2 39#include "mkdir.h"
9eb977db 40#include "path-util.h"
4f2d528d 41#include "unit-name.h"
41f9172f 42#include "unit-printf.h"
4fd5948e 43#include "missing.h"
a40eb732 44#include "special.h"
e51bc1a2 45#include "label.h"
9a57c629 46#include "exit-status.h"
f6a6225e 47#include "def.h"
5a045dad 48#include "smack-util.h"
718db961
LP		 49#include "bus-util.h"
50#include "bus-error.h"
e821075a
LP		 51#include "dbus-socket.h"
52#include "unit.h"
53#include "socket.h"
83c60c9f 54
acbb0225 55static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
87f0e418
LP		 56 [SOCKET_DEAD] = UNIT_INACTIVE,
57 [SOCKET_START_PRE] = UNIT_ACTIVATING,
3900e5fd 58 [SOCKET_START_CHOWN] = UNIT_ACTIVATING,
87f0e418
LP		 59 [SOCKET_START_POST] = UNIT_ACTIVATING,
60 [SOCKET_LISTENING] = UNIT_ACTIVE,
61 [SOCKET_RUNNING] = UNIT_ACTIVE,
62 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
63 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
64 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
65 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
80876c20
LP		 66 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
67 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
fdf20a31 68 [SOCKET_FAILED] = UNIT_FAILED
83c60c9f 69};
5cb5a6ff 70
718db961
LP		 71static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata);
72static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
73
a16e1123
LP		 74static void socket_init(Unit *u) {
75 Socket *s = SOCKET(u);
76
77 assert(u);
ac155bb8 78 assert(u->load_state == UNIT_STUB);
a16e1123 79
a16e1123 80 s->backlog = SOMAXCONN;
1f19a534 81 s->timeout_usec = u->manager->default_timeout_start_usec;
a16e1123 82 s->directory_mode = 0755;
9131f660 83 s->socket_mode = 0666;
a16e1123 84
6cf6bbc2
LP		 85 s->max_connections = 64;
86
4fd5948e 87 s->priority = -1;
4fd5948e
LP		 88 s->ip_tos = -1;
89 s->ip_ttl = -1;
4fd5948e 90 s->mark = -1;
4fd5948e 91
ac155bb8
MS		 92 s->exec_context.std_output = u->manager->default_std_output;
93 s->exec_context.std_error = u->manager->default_std_error;
085afe36 94
a16e1123
LP		 95 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
96}
acbb0225 97
5e94833f
LP		 98static void socket_unwatch_control_pid(Socket *s) {
99 assert(s);
100
101 if (s->control_pid <= 0)
102 return;
103
104 unit_unwatch_pid(UNIT(s), s->control_pid);
105 s->control_pid = 0;
106}
107
74051b9b 108void socket_free_ports(Socket *s) {
034c6ed7
LP		 109 SocketPort *p;
110
111 assert(s);
112
113 while ((p = s->ports)) {
71fda00f 114 LIST_REMOVE(port, s->ports, p);
034c6ed7 115
718db961
LP		 116 sd_event_source_unref(p->event_source);
117
03e334a1 118 safe_close(p->fd);
034c6ed7
LP		 119 free(p->path);
120 free(p);
121 }
74051b9b
LP		 122}
123
124static void socket_done(Unit *u) {
125 Socket *s = SOCKET(u);
126
127 assert(s);
128
129 socket_free_ports(s);
034c6ed7 130
613b411c 131 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
e537352b 132 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
034c6ed7
LP		 133 s->control_command = NULL;
134
5e94833f 135 socket_unwatch_control_pid(s);
034c6ed7 136
57020a3a 137 unit_ref_unset(&s->service);
034c6ed7 138
cebf8b20
TT		 139 free(s->tcp_congestion);
140 s->tcp_congestion = NULL;
141
acbb0225 142 free(s->bind_to_device);
e537352b 143 s->bind_to_device = NULL;
acbb0225 144
0eb59ccf
AK		 145 free(s->smack);
146 free(s->smack_ip_in);
147 free(s->smack_ip_out);
148
811ba7a0
LP		 149 strv_free(s->symlinks);
150
3900e5fd
LP		 151 free(s->user);
152 free(s->group);
153
718db961
LP		 154 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
155}
156
157static int socket_arm_timer(Socket *s) {
158 int r;
159
160 assert(s);
161
162 if (s->timeout_usec <= 0) {
163 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
164 return 0;
165 }
166
167 if (s->timer_event_source) {
168 r = sd_event_source_set_time(s->timer_event_source, now(CLOCK_MONOTONIC) + s->timeout_usec);
169 if (r < 0)
170 return r;
171
172 return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
173 }
174
6a0f1f6d
LP		 175 return sd_event_add_time(
176 UNIT(s)->manager->event,
177 &s->timer_event_source,
178 CLOCK_MONOTONIC,
179 now(CLOCK_MONOTONIC) + s->timeout_usec, 0,
180 socket_dispatch_timer, s);
5cb5a6ff
LP		 181}
182
8b835fcc
ZJS		 183int socket_instantiate_service(Socket *s) {
184 _cleanup_free_ char *prefix = NULL, *name = NULL;
b15bdda8
LP		 185 int r;
186 Unit *u;
187
188 assert(s);
189
190 /* This fills in s->service if it isn't filled in yet. For
191 * Accept=yes sockets we create the next connection service
192 * here. For Accept=no this is mostly a NOP since the service
193 * is figured out at load time anyway. */
194
8b835fcc 195 if (UNIT_DEREF(s->service) || !s->accept)
b15bdda8
LP		 196 return 0;
197
315db1a8
ZJS		 198 prefix = unit_name_to_prefix(UNIT(s)->id);
199 if (!prefix)
b15bdda8
LP		 200 return -ENOMEM;
201
315db1a8 202 if (asprintf(&name, "%s@%u.service", prefix, s->n_accepted) < 0)
b15bdda8
LP		 203 return -ENOMEM;
204
1124fe6f 205 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
b15bdda8
LP		 206 if (r < 0)
207 return r;
208
ac155bb8 209 u->no_gc = true;
57020a3a
LP		 210 unit_ref_set(&s->service, u);
211
212 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
b15bdda8
LP		 213}
214
4f2d528d
LP		 215static bool have_non_accept_socket(Socket *s) {
216 SocketPort *p;
217
218 assert(s);
219
220 if (!s->accept)
221 return true;
222
dd5ad9d4
LP		 223 LIST_FOREACH(port, p, s->ports) {
224
225 if (p->type != SOCKET_SOCKET)
226 return true;
227
4f2d528d
LP		 228 if (!socket_address_can_accept(&p->address))
229 return true;
dd5ad9d4 230 }
4f2d528d
LP		 231
232 return false;
233}
234
a57f7e2c 235static int socket_add_mount_links(Socket *s) {
6e2ef85b 236 SocketPort *p;
6e2ef85b
LP		 237 int r;
238
239 assert(s);
6e2ef85b 240
a57f7e2c
LP		 241 LIST_FOREACH(port, p, s->ports) {
242 const char *path = NULL;
6e2ef85b 243
a57f7e2c
LP		 244 if (p->type == SOCKET_SOCKET)
245 path = socket_address_get_path(&p->address);
246 else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL)
247 path = p->path;
6e2ef85b 248
a57f7e2c
LP		 249 if (!path)
250 continue;
6e2ef85b 251
a57f7e2c 252 r = unit_require_mounts_for(UNIT(s), path);
b87705cd 253 if (r < 0)
6e2ef85b 254 return r;
b87705cd 255 }
6e2ef85b
LP		 256
257 return 0;
258}
259
260static int socket_add_device_link(Socket *s) {
261 char *t;
6e2ef85b
LP		 262
263 assert(s);
264
7d0c710d 265 if (!s->bind_to_device || streq(s->bind_to_device, "lo"))
6e2ef85b
LP		 266 return 0;
267
e821075a
LP		 268 t = strappenda("/sys/subsystem/net/devices/", s->bind_to_device);
269 return unit_add_node_link(UNIT(s), t, false);
6e2ef85b
LP		 270}
271
a40eb732
LP		 272static int socket_add_default_dependencies(Socket *s) {
273 int r;
274 assert(s);
275
e3d84721
LP		 276 r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true);
277 if (r < 0)
278 return r;
2a77d31d 279
e3d84721
LP		 280 if (UNIT(s)->manager->running_as == SYSTEMD_SYSTEM) {
281 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true);
282 if (r < 0)
a40eb732 283 return r;
2a77d31d 284 }
a40eb732 285
ead8e478 286 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
a40eb732
LP		 287}
288
44a6b1b6 289_pure_ static bool socket_has_exec(Socket *s) {
4cfc6dbe
LP		 290 unsigned i;
291 assert(s);
292
293 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
294 if (s->exec_command[i])
295 return true;
296
297 return false;
298}
299
e821075a
LP		 300static int socket_add_extras(Socket *s) {
301 Unit *u = UNIT(s);
e537352b 302 int r;
44d8db9e 303
e821075a 304 assert(s);
57020a3a 305
e821075a 306 if (have_non_accept_socket(s)) {
23a177ef 307
e821075a
LP		 308 if (!UNIT_DEREF(s->service)) {
309 Unit *x;
57020a3a 310
e821075a 311 r = unit_load_related_unit(u, ".service", &x);
57020a3a 312 if (r < 0)
4f2d528d 313 return r;
e821075a
LP		 314
315 unit_ref_set(&s->service, x);
4f2d528d 316 }
44d8db9e 317
e821075a
LP		 318 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
319 if (r < 0)
6e2ef85b 320 return r;
e821075a 321 }
6e2ef85b 322
e821075a
LP		 323 r = socket_add_mount_links(s);
324 if (r < 0)
325 return r;
6e2ef85b 326
e821075a
LP		 327 r = socket_add_device_link(s);
328 if (r < 0)
329 return r;
330
598459ce 331 r = unit_patch_contexts(u);
e821075a
LP		 332 if (r < 0)
333 return r;
334
335 if (socket_has_exec(s)) {
336 r = unit_add_exec_dependencies(u, &s->exec_context);
337 if (r < 0)
338 return r;
23a177ef 339
598459ce 340 r = unit_add_default_slice(u, &s->cgroup_context);
a016b922
LP		 341 if (r < 0)
342 return r;
e821075a 343 }
a016b922 344
e821075a
LP		 345 if (u->default_dependencies) {
346 r = socket_add_default_dependencies(s);
347 if (r < 0)
348 return r;
349 }
350
351 return 0;
352}
353
811ba7a0
LP		 354static const char *socket_find_symlink_target(Socket *s) {
355 const char *found = NULL;
356 SocketPort *p;
357
358 LIST_FOREACH(port, p, s->ports) {
359 const char *f = NULL;
360
361 switch (p->type) {
362
363 case SOCKET_FIFO:
364 f = p->path;
365 break;
366
367 case SOCKET_SOCKET:
368 if (p->address.sockaddr.un.sun_path[0] != 0)
369 f = p->address.sockaddr.un.sun_path;
370 break;
371
372 default:
373 break;
374 }
375
376 if (f) {
377 if (found)
378 return NULL;
379
380 found = f;
381 }
382 }
383
384 return found;
385}
386
e821075a
LP		 387static int socket_verify(Socket *s) {
388 assert(s);
389
390 if (UNIT(s)->load_state != UNIT_LOADED)
391 return 0;
392
393 if (!s->ports) {
394 log_error_unit(UNIT(s)->id, "%s lacks Listen setting. Refusing.", UNIT(s)->id);
395 return -EINVAL;
396 }
397
398 if (s->accept && have_non_accept_socket(s)) {
399 log_error_unit(UNIT(s)->id, "%s configured for accepting sockets, but sockets are non-accepting. Refusing.",
400 UNIT(s)->id);
401 return -EINVAL;
402 }
403
404 if (s->accept && s->max_connections <= 0) {
405 log_error_unit(UNIT(s)->id, "%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
406 return -EINVAL;
407 }
e06c73cc 408
e821075a
LP		 409 if (s->accept && UNIT_DEREF(s->service)) {
410 log_error_unit(UNIT(s)->id, "Explicit service configuration for accepting sockets not supported on %s. Refusing.", UNIT(s)->id);
411 return -EINVAL;
412 }
413
414 if (s->exec_context.pam_name && s->kill_context.kill_mode != KILL_CONTROL_GROUP) {
415 log_error_unit(UNIT(s)->id, "%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", UNIT(s)->id);
416 return -EINVAL;
417 }
418
811ba7a0
LP		 419 if (!strv_isempty(s->symlinks) && !socket_find_symlink_target(s)) {
420 log_error_unit(UNIT(s)->id, "%s has symlinks set but none or more than one node in the file system. Refusing.", UNIT(s)->id);
421 return -EINVAL;
422 }
423
e821075a
LP		 424 return 0;
425}
426
427static int socket_load(Unit *u) {
428 Socket *s = SOCKET(u);
429 int r;
430
431 assert(u);
432 assert(u->load_state == UNIT_STUB);
433
434 r = unit_load_fragment_and_dropin(u);
435 if (r < 0)
436 return r;
437
438 if (u->load_state == UNIT_LOADED) {
439 /* This is a new unit? Then let's add in some extras */
440 r = socket_add_extras(s);
e06c73cc
LP		 441 if (r < 0)
442 return r;
23a177ef
LP		 443 }
444
4f2d528d 445 return socket_verify(s);
44d8db9e
LP		 446}
447
44a6b1b6 448_const_ static const char* listen_lookup(int family, int type) {
7a22745a
LP		 449
450 if (family == AF_NETLINK)
451 return "ListenNetlink";
542563ba
LP		 452
453 if (type == SOCK_STREAM)
454 return "ListenStream";
455 else if (type == SOCK_DGRAM)
456 return "ListenDatagram";
457 else if (type == SOCK_SEQPACKET)
458 return "ListenSequentialPacket";
459
034c6ed7 460 assert_not_reached("Unknown socket type");
542563ba
LP		 461 return NULL;
462}
463
87f0e418 464static void socket_dump(Unit *u, FILE *f, const char *prefix) {
209e9dcd 465 char time_string[FORMAT_TIMESPAN_MAX];
5cb5a6ff 466 SocketExecCommand c;
87f0e418 467 Socket *s = SOCKET(u);
542563ba 468 SocketPort *p;
82ba9f08 469 const char *prefix2;
5cb5a6ff
LP		 470
471 assert(s);
fa068367 472 assert(f);
5cb5a6ff 473
4c940960 474 prefix = strempty(prefix);
e821075a 475 prefix2 = strappenda(prefix, "\t");
c43d20a0 476
5cb5a6ff
LP		 477 fprintf(f,
478 "%sSocket State: %s\n"
81a5c6d0 479 "%sResult: %s\n"
542563ba 480 "%sBindIPv6Only: %s\n"
b5a0699f
LP		 481 "%sBacklog: %u\n"
482 "%sSocketMode: %04o\n"
4fd5948e
LP		 483 "%sDirectoryMode: %04o\n"
484 "%sKeepAlive: %s\n"
4427c3f4 485 "%sNoDelay: %s\n"
cebf8b20 486 "%sFreeBind: %s\n"
6b6d2dee 487 "%sTransparent: %s\n"
ec6370a2 488 "%sBroadcast: %s\n"
ede3deb4 489 "%sPassCredentials: %s\n"
54ecda32 490 "%sPassSecurity: %s\n"
bd1fe7c7 491 "%sTCPCongestion: %s\n"
3bb07b76 492 "%sRemoveOnStop: %s\n",
a16e1123 493 prefix, socket_state_to_string(s->state),
81a5c6d0 494 prefix, socket_result_to_string(s->result),
c0120d99 495 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
b5a0699f
LP		 496 prefix, s->backlog,
497 prefix, s->socket_mode,
4fd5948e
LP		 498 prefix, s->directory_mode,
499 prefix, yes_no(s->keep_alive),
4427c3f4 500 prefix, yes_no(s->no_delay),
cebf8b20 501 prefix, yes_no(s->free_bind),
6b6d2dee 502 prefix, yes_no(s->transparent),
ec6370a2 503 prefix, yes_no(s->broadcast),
d68af586 504 prefix, yes_no(s->pass_cred),
54ecda32 505 prefix, yes_no(s->pass_sec),
bd1fe7c7 506 prefix, strna(s->tcp_congestion),
3bb07b76 507 prefix, yes_no(s->remove_on_stop));
542563ba 508
70123e68
LP		 509 if (s->control_pid > 0)
510 fprintf(f,
de0671ee
ZJS		 511 "%sControl PID: "PID_FMT"\n",
512 prefix, s->control_pid);
70123e68 513
acbb0225
LP		 514 if (s->bind_to_device)
515 fprintf(f,
516 "%sBindToDevice: %s\n",
517 prefix, s->bind_to_device);
518
4f2d528d
LP		 519 if (s->accept)
520 fprintf(f,
6cf6bbc2
LP		 521 "%sAccepted: %u\n"
522 "%sNConnections: %u\n"
523 "%sMaxConnections: %u\n",
524 prefix, s->n_accepted,
525 prefix, s->n_connections,
526 prefix, s->max_connections);
4f2d528d 527
4fd5948e
LP		 528 if (s->priority >= 0)
529 fprintf(f,
530 "%sPriority: %i\n",
531 prefix, s->priority);
532
533 if (s->receive_buffer > 0)
534 fprintf(f,
535 "%sReceiveBuffer: %zu\n",
536 prefix, s->receive_buffer);
537
538 if (s->send_buffer > 0)
539 fprintf(f,
540 "%sSendBuffer: %zu\n",
541 prefix, s->send_buffer);
542
543 if (s->ip_tos >= 0)
544 fprintf(f,
545 "%sIPTOS: %i\n",
546 prefix, s->ip_tos);
547
548 if (s->ip_ttl >= 0)
549 fprintf(f,
550 "%sIPTTL: %i\n",
551 prefix, s->ip_ttl);
552
553 if (s->pipe_size > 0)
554 fprintf(f,
555 "%sPipeSize: %zu\n",
556 prefix, s->pipe_size);
557
558 if (s->mark >= 0)
559 fprintf(f,
560 "%sMark: %i\n",
561 prefix, s->mark);
562
916abb21
LP		 563 if (s->mq_maxmsg > 0)
564 fprintf(f,
565 "%sMessageQueueMaxMessages: %li\n",
566 prefix, s->mq_maxmsg);
567
568 if (s->mq_msgsize > 0)
569 fprintf(f,
570 "%sMessageQueueMessageSize: %li\n",
571 prefix, s->mq_msgsize);
572
718db961 573 if (s->reuse_port)
f7db7a69
SL		 574 fprintf(f,
575 "%sReusePort: %s\n",
718db961 576 prefix, yes_no(s->reuse_port));
f7db7a69 577
0eb59ccf
AK		 578 if (s->smack)
579 fprintf(f,
580 "%sSmackLabel: %s\n",
581 prefix, s->smack);
582
583 if (s->smack_ip_in)
584 fprintf(f,
585 "%sSmackLabelIPIn: %s\n",
586 prefix, s->smack_ip_in);
587
588 if (s->smack_ip_out)
589 fprintf(f,
590 "%sSmackLabelIPOut: %s\n",
591 prefix, s->smack_ip_out);
592
3900e5fd
LP		 593 if (!isempty(s->user) || !isempty(s->group))
594 fprintf(f,
595 "%sOwnerUser: %s\n"
596 "%sOwnerGroup: %s\n",
597 prefix, strna(s->user),
598 prefix, strna(s->group));
599
3cd761e4 600 if (s->keep_alive_time > 0)
209e9dcd 601 fprintf(f,
3cd761e4
LP		 602 "%sKeepAliveTimeSec: %s\n",
603 prefix, format_timespan(time_string, FORMAT_TIMESPAN_MAX, s->keep_alive_time, USEC_PER_SEC));
209e9dcd 604
3cd761e4 605 if (s->keep_alive_interval)
209e9dcd 606 fprintf(f,
3cd761e4
LP		 607 "%sKeepAliveIntervalSec: %s\n",
608 prefix, format_timespan(time_string, FORMAT_TIMESPAN_MAX, s->keep_alive_interval, USEC_PER_SEC));
209e9dcd 609
3cd761e4 610 if (s->keep_alive_cnt)
209e9dcd
SS		 611 fprintf(f,
612 "%sKeepAliveProbes: %u\n",
613 prefix, s->keep_alive_cnt);
614
3cd761e4 615 if (s->defer_accept)
cc567c9b 616 fprintf(f,
3cd761e4
LP		 617 "%sDeferAcceptSec: %s\n",
618 prefix, format_timespan(time_string, FORMAT_TIMESPAN_MAX, s->defer_accept, USEC_PER_SEC));
cc567c9b 619
034c6ed7 620 LIST_FOREACH(port, p, s->ports) {
5cb5a6ff 621
542563ba
LP		 622 if (p->type == SOCKET_SOCKET) {
623 const char *t;
624 int r;
e364ad06 625 char *k = NULL;
542563ba
LP		 626
627 if ((r = socket_address_print(&p->address, &k)) < 0)
628 t = strerror(-r);
629 else
630 t = k;
631
7a22745a 632 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
542563ba 633 free(k);
b0a3f2bc
LP		 634 } else if (p->type == SOCKET_SPECIAL)
635 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
916abb21
LP		 636 else if (p->type == SOCKET_MQUEUE)
637 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
b0a3f2bc 638 else
542563ba
LP		 639 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
640 }
5cb5a6ff
LP		 641
642 exec_context_dump(&s->exec_context, f, prefix);
4819ff03 643 kill_context_dump(&s->kill_context, f, prefix);
5cb5a6ff 644
e537352b 645 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
c43d20a0
LP		 646 if (!s->exec_command[c])
647 continue;
5cb5a6ff 648
40d50879 649 fprintf(f, "%s-> %s:\n",
a16e1123 650 prefix, socket_exec_command_to_string(c));
c43d20a0
LP		 651
652 exec_command_dump_list(s->exec_command[c], f, prefix2);
5cb5a6ff
LP		 653 }
654}
655
4f2d528d
LP		 656static int instance_from_socket(int fd, unsigned nr, char **instance) {
657 socklen_t l;
658 char *r;
9d16d0c7 659 union sockaddr_union local, remote;
4f2d528d
LP		 660
661 assert(fd >= 0);
662 assert(instance);
663
664 l = sizeof(local);
665 if (getsockname(fd, &local.sa, &l) < 0)
666 return -errno;
667
668 l = sizeof(remote);
669 if (getpeername(fd, &remote.sa, &l) < 0)
670 return -errno;
671
672 switch (local.sa.sa_family) {
673
674 case AF_INET: {
675 uint32_t
676 a = ntohl(local.in.sin_addr.s_addr),
677 b = ntohl(remote.in.sin_addr.s_addr);
678
679 if (asprintf(&r,
77b088c2
LP		 680 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
681 nr,
4f2d528d
LP		 682 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
683 ntohs(local.in.sin_port),
684 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
685 ntohs(remote.in.sin_port)) < 0)
686 return -ENOMEM;
687
688 break;
689 }
690
691 case AF_INET6: {
c65a0b14 692 static const unsigned char ipv4_prefix[] = {
2b061f5a
LP		 693 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
694 };
695
696 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
697 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
698 const uint8_t
699 *a = local.in6.sin6_addr.s6_addr+12,
700 *b = remote.in6.sin6_addr.s6_addr+12;
701
702 if (asprintf(&r,
77b088c2
LP		 703 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
704 nr,
2b061f5a
LP		 705 a[0], a[1], a[2], a[3],
706 ntohs(local.in6.sin6_port),
707 b[0], b[1], b[2], b[3],
708 ntohs(remote.in6.sin6_port)) < 0)
709 return -ENOMEM;
710 } else {
711 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
712
713 if (asprintf(&r,
77b088c2
LP		 714 "%u-%s:%u-%s:%u",
715 nr,
2b061f5a
LP		 716 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
717 ntohs(local.in6.sin6_port),
718 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
719 ntohs(remote.in6.sin6_port)) < 0)
720 return -ENOMEM;
721 }
4f2d528d
LP		 722
723 break;
724 }
725
726 case AF_UNIX: {
727 struct ucred ucred;
eff05270 728 int k;
4f2d528d 729
eff05270 730 k = getpeercred(fd, &ucred);
d38f6e34
ZJS		 731 if (k >= 0) {
732 if (asprintf(&r,
733 "%u-"PID_FMT"-"UID_FMT,
734 nr, ucred.pid, ucred.uid) < 0)
735 return -ENOMEM;
736 } else if (k == -ENODATA) {
737 /* This handles the case where somebody is
738 * connecting from another pid/uid namespace
739 * (e.g. from outside of our container). */
740 if (asprintf(&r,
741 "%u-unknown",
742 nr) < 0)
743 return -ENOMEM;
744 } else
eff05270 745 return k;
2f20a8eb 746
2f20a8eb 747 break;
4f2d528d
LP		 748 }
749
750 default:
751 assert_not_reached("Unhandled socket type.");
752 }
753
754 *instance = r;
755 return 0;
756}
757
034c6ed7 758static void socket_close_fds(Socket *s) {
83c60c9f 759 SocketPort *p;
811ba7a0 760 char **i;
83c60c9f
LP		 761
762 assert(s);
763
034c6ed7 764 LIST_FOREACH(port, p, s->ports) {
718db961
LP		 765
766 p->event_source = sd_event_source_unref(p->event_source);
767
83c60c9f
LP		 768 if (p->fd < 0)
769 continue;
770
03e334a1 771 p->fd = safe_close(p->fd);
a16e1123 772
bd1fe7c7
LP		 773 /* One little note: we should normally not delete any
774 * sockets in the file system here! After all some
775 * other process we spawned might still have a
776 * reference of this fd and wants to continue to use
777 * it. Therefore we delete sockets in the file system
778 * before we create a new one, not after we stopped
779 * using one! */
780
781 if (s->remove_on_stop) {
782 switch (p->type) {
783
784 case SOCKET_FIFO:
785 unlink(p->path);
786 break;
787
788 case SOCKET_MQUEUE:
789 mq_unlink(p->path);
790 break;
791
792 case SOCKET_SOCKET:
793 socket_address_unlink(&p->address);
794 break;
795
796 default:
797 break;
798 }
799 }
83c60c9f 800 }
811ba7a0
LP		 801
802 if (s->remove_on_stop)
803 STRV_FOREACH(i, s->symlinks)
804 unlink(*i);
83c60c9f
LP		 805}
806
4fd5948e
LP		 807static void socket_apply_socket_options(Socket *s, int fd) {
808 assert(s);
809 assert(fd >= 0);
810
811 if (s->keep_alive) {
812 int b = s->keep_alive;
813 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
66870f90 814 log_warning_unit(UNIT(s)->id, "SO_KEEPALIVE failed: %m");
4fd5948e
LP		 815 }
816
209e9dcd
SS		 817 if (s->keep_alive_time) {
818 int value = s->keep_alive_time / USEC_PER_SEC;
819 if (setsockopt(fd, SOL_TCP, TCP_KEEPIDLE, &value, sizeof(value)) < 0)
820 log_warning_unit(UNIT(s)->id, "TCP_KEEPIDLE failed: %m");
821 }
822
823 if (s->keep_alive_interval) {
824 int value = s->keep_alive_interval / USEC_PER_SEC;
825 if (setsockopt(fd, SOL_TCP, TCP_KEEPINTVL, &value, sizeof(value)) < 0)
826 log_warning_unit(UNIT(s)->id, "TCP_KEEPINTVL failed: %m");
827 }
828
829 if (s->keep_alive_cnt) {
830 int value = s->keep_alive_cnt;
831 if (setsockopt(fd, SOL_SOCKET, TCP_KEEPCNT, &value, sizeof(value)) < 0)
832 log_warning_unit(UNIT(s)->id, "TCP_KEEPCNT failed: %m");
833 }
834
cc567c9b
SS		 835 if (s->defer_accept) {
836 int value = s->defer_accept / USEC_PER_SEC;
837 if (setsockopt(fd, SOL_TCP, TCP_DEFER_ACCEPT, &value, sizeof(value)) < 0)
838 log_warning_unit(UNIT(s)->id, "TCP_DEFER_ACCEPT failed: %m");
839 }
840
4427c3f4
SS		 841 if (s->no_delay) {
842 int b = s->no_delay;
843 if (setsockopt(fd, SOL_TCP, TCP_NODELAY, &b, sizeof(b)) < 0)
844 log_warning_unit(UNIT(s)->id, "TCP_NODELAY failed: %m");
845 }
846
ec6370a2
LP		 847 if (s->broadcast) {
848 int one = 1;
849 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
66870f90 850 log_warning_unit(UNIT(s)->id, "SO_BROADCAST failed: %m");
ec6370a2
LP		 851 }
852
d68af586
MS		 853 if (s->pass_cred) {
854 int one = 1;
855 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
66870f90 856 log_warning_unit(UNIT(s)->id, "SO_PASSCRED failed: %m");
d68af586
MS		 857 }
858
54ecda32
LP		 859 if (s->pass_sec) {
860 int one = 1;
861 if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
66870f90 862 log_warning_unit(UNIT(s)->id, "SO_PASSSEC failed: %m");
54ecda32
LP		 863 }
864
4fd5948e
LP		 865 if (s->priority >= 0)
866 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
66870f90 867 log_warning_unit(UNIT(s)->id, "SO_PRIORITY failed: %m");
4fd5948e
LP		 868
869 if (s->receive_buffer > 0) {
870 int value = (int) s->receive_buffer;
7d9eaa84
LP		 871
872 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
873
b8cef44e 874 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
7d9eaa84 875 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
66870f90 876 log_warning_unit(UNIT(s)->id, "SO_RCVBUF failed: %m");
4fd5948e
LP		 877 }
878
879 if (s->send_buffer > 0) {
880 int value = (int) s->send_buffer;
b8cef44e 881 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
7d9eaa84 882 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
66870f90 883 log_warning_unit(UNIT(s)->id, "SO_SNDBUF failed: %m");
4fd5948e
LP		 884 }
885
886 if (s->mark >= 0)
887 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
66870f90 888 log_warning_unit(UNIT(s)->id, "SO_MARK failed: %m");
4fd5948e
LP		 889
890 if (s->ip_tos >= 0)
891 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
66870f90 892 log_warning_unit(UNIT(s)->id, "IP_TOS failed: %m");
4fd5948e 893
46925ac5
LP		 894 if (s->ip_ttl >= 0) {
895 int r, x;
896
897 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
5bfcc1c6
FF		 898
899 if (socket_ipv6_is_supported())
900 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
901 else {
902 x = -1;
903 errno = EAFNOSUPPORT;
904 }
46925ac5
LP		 905
906 if (r < 0 && x < 0)
66870f90
ZJS		 907 log_warning_unit(UNIT(s)->id,
908 "IP_TTL/IPV6_UNICAST_HOPS failed: %m");
46925ac5 909 }
cebf8b20
TT		 910
911 if (s->tcp_congestion)
912 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
66870f90 913 log_warning_unit(UNIT(s)->id, "TCP_CONGESTION failed: %m");
0eb59ccf 914
718db961
LP		 915 if (s->reuse_port) {
916 int b = s->reuse_port;
f0511bd7 917 if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &b, sizeof(b)) < 0)
f7db7a69
SL		 918 log_warning_unit(UNIT(s)->id, "SO_REUSEPORT failed: %m");
919 }
920
9a4e038c
KS		 921 if (s->smack_ip_in)
922 if (smack_label_ip_in_fd(fd, s->smack_ip_in) < 0)
923 log_error_unit(UNIT(s)->id, "smack_label_ip_in_fd: %m");
924
925 if (s->smack_ip_out)
926 if (smack_label_ip_out_fd(fd, s->smack_ip_out) < 0)
927 log_error_unit(UNIT(s)->id, "smack_label_ip_out_fd: %m");
4fd5948e
LP		 928}
929
b15bdda8 930static void socket_apply_fifo_options(Socket *s, int fd) {
4fd5948e
LP		 931 assert(s);
932 assert(fd >= 0);
933
934 if (s->pipe_size > 0)
935 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
66870f90
ZJS		 936 log_warning_unit(UNIT(s)->id,
937 "F_SETPIPE_SZ: %m");
0eb59ccf 938
9a4e038c
KS		 939 if (s->smack)
940 if (smack_label_fd(fd, s->smack) < 0)
941 log_error_unit(UNIT(s)->id, "smack_label_fd: %m");
4fd5948e
LP		 942}
943
b15bdda8
LP		 944static int fifo_address_create(
945 const char *path,
946 mode_t directory_mode,
947 mode_t socket_mode,
b15bdda8
LP		 948 int *_fd) {
949
7a58bfa4 950 int fd = -1, r = 0;
b15bdda8
LP		 951 struct stat st;
952 mode_t old_mask;
953
954 assert(path);
955 assert(_fd);
956
d2e54fae 957 mkdir_parents_label(path, directory_mode);
b15bdda8 958
e9a5ef7c
KS		 959 r = label_context_set(path, S_IFIFO);
960 if (r < 0)
56cf987f 961 goto fail;
b15bdda8
LP		 962
963 /* Enforce the right access mode for the fifo */
964 old_mask = umask(~ socket_mode);
965
966 /* Include the original umask in our mask */
967 umask(~socket_mode | old_mask);
968
969 r = mkfifo(path, socket_mode);
970 umask(old_mask);
971
94bc2731 972 if (r < 0 && errno != EEXIST) {
b15bdda8
LP		 973 r = -errno;
974 goto fail;
975 }
976
e4f44e73 977 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
b15bdda8
LP		 978 r = -errno;
979 goto fail;
980 }
981
e9a5ef7c 982 label_context_clear();
7a58bfa4 983
b15bdda8
LP		 984 if (fstat(fd, &st) < 0) {
985 r = -errno;
986 goto fail;
987 }
988
989 if (!S_ISFIFO(st.st_mode) ||
de0200fc 990 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
e4f44e73
DR		 991 st.st_uid != getuid() ||
992 st.st_gid != getgid()) {
b15bdda8
LP		 993
994 r = -EEXIST;
995 goto fail;
996 }
997
998 *_fd = fd;
999 return 0;
1000
1001fail:
e9a5ef7c 1002 label_context_clear();
03e334a1 1003 safe_close(fd);
b15bdda8
LP		 1004
1005 return r;
1006}
1007
b0a3f2bc
LP		 1008static int special_address_create(
1009 const char *path,
1010 int *_fd) {
1011
1012 int fd = -1, r = 0;
1013 struct stat st;
1014
1015 assert(path);
1016 assert(_fd);
1017
811ba7a0
LP		 1018 fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW);
1019 if (fd < 0) {
b0a3f2bc
LP		 1020 r = -errno;
1021 goto fail;
1022 }
1023
1024 if (fstat(fd, &st) < 0) {
1025 r = -errno;
1026 goto fail;
1027 }
1028
1029 /* Check whether this is a /proc, /sys or /dev file or char device */
1030 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
1031 r = -EEXIST;
1032 goto fail;
1033 }
1034
1035 *_fd = fd;
1036 return 0;
1037
1038fail:
03e334a1 1039 safe_close(fd);
b0a3f2bc
LP		 1040
1041 return r;
1042}
1043
916abb21
LP		 1044static int mq_address_create(
1045 const char *path,
1046 mode_t mq_mode,
1047 long maxmsg,
1048 long msgsize,
1049 int *_fd) {
1050
1051 int fd = -1, r = 0;
1052 struct stat st;
1053 mode_t old_mask;
1054 struct mq_attr _attr, *attr = NULL;
1055
1056 assert(path);
1057 assert(_fd);
1058
1059 if (maxmsg > 0 && msgsize > 0) {
1060 zero(_attr);
1061 _attr.mq_flags = O_NONBLOCK;
1062 _attr.mq_maxmsg = maxmsg;
1063 _attr.mq_msgsize = msgsize;
1064 attr = &_attr;
1065 }
1066
1067 /* Enforce the right access mode for the mq */
1068 old_mask = umask(~ mq_mode);
1069
1070 /* Include the original umask in our mask */
1071 umask(~mq_mode | old_mask);
916abb21
LP		 1072 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
1073 umask(old_mask);
1074
8ea913b2 1075 if (fd < 0) {
916abb21
LP		 1076 r = -errno;
1077 goto fail;
1078 }
1079
1080 if (fstat(fd, &st) < 0) {
1081 r = -errno;
1082 goto fail;
1083 }
1084
1085 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
1086 st.st_uid != getuid() ||
1087 st.st_gid != getgid()) {
1088
1089 r = -EEXIST;
1090 goto fail;
1091 }
1092
1093 *_fd = fd;
1094 return 0;
1095
1096fail:
03e334a1 1097 safe_close(fd);
916abb21
LP		 1098 return r;
1099}
1100
811ba7a0
LP		 1101static int socket_symlink(Socket *s) {
1102 const char *p;
1103 char **i;
1104
1105 assert(s);
1106
1107 p = socket_find_symlink_target(s);
1108 if (!p)
1109 return 0;
1110
1111 STRV_FOREACH(i, s->symlinks)
1112 symlink(p, *i);
1113
1114 return 0;
1115}
1116
034c6ed7 1117static int socket_open_fds(Socket *s) {
83c60c9f
LP		 1118 SocketPort *p;
1119 int r;
56cf987f 1120 char *label = NULL;
049f8642 1121 bool know_label = false;
83c60c9f
LP		 1122
1123 assert(s);
1124
034c6ed7 1125 LIST_FOREACH(port, p, s->ports) {
83c60c9f 1126
034c6ed7
LP		 1127 if (p->fd >= 0)
1128 continue;
83c60c9f
LP		 1129
1130 if (p->type == SOCKET_SOCKET) {
3bb07b76 1131
049f8642
LP		 1132 if (!know_label) {
1133
bd1fe7c7
LP		 1134 r = socket_instantiate_service(s);
1135 if (r < 0)
049f8642
LP		 1136 return r;
1137
9444b1f2 1138 if (UNIT_ISSET(s->service) &&
57020a3a
LP		 1139 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
1140 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
bd1fe7c7
LP		 1141 if (r < 0 && r != -EPERM)
1142 return r;
189583d7 1143 }
049f8642
LP		 1144
1145 know_label = true;
1146 }
1147
175a3d25
LP		 1148 r = socket_address_listen(
1149 &p->address,
1150 SOCK_CLOEXEC|SOCK_NONBLOCK,
1151 s->backlog,
1152 s->bind_ipv6_only,
1153 s->bind_to_device,
1154 s->free_bind,
1155 s->transparent,
1156 s->directory_mode,
1157 s->socket_mode,
1158 label);
1159 if (r < 0)
83c60c9f
LP		 1160 goto rollback;
1161
175a3d25 1162 p->fd = r;
4fd5948e 1163 socket_apply_socket_options(s, p->fd);
811ba7a0 1164 socket_symlink(s);
4fd5948e 1165
b0a3f2bc
LP		 1166 } else if (p->type == SOCKET_SPECIAL) {
1167
175a3d25
LP		 1168 r = special_address_create(
1169 p->path,
1170 &p->fd);
1171 if (r < 0)
b0a3f2bc
LP		 1172 goto rollback;
1173
b15bdda8 1174 } else if (p->type == SOCKET_FIFO) {
83c60c9f 1175
175a3d25
LP		 1176 r = fifo_address_create(
1177 p->path,
1178 s->directory_mode,
1179 s->socket_mode,
1180 &p->fd);
1181 if (r < 0)
83c60c9f 1182 goto rollback;
83c60c9f 1183
b15bdda8 1184 socket_apply_fifo_options(s, p->fd);
811ba7a0
LP		 1185 socket_symlink(s);
1186
916abb21 1187 } else if (p->type == SOCKET_MQUEUE) {
83c60c9f 1188
175a3d25
LP		 1189 r = mq_address_create(
1190 p->path,
1191 s->socket_mode,
1192 s->mq_maxmsg,
1193 s->mq_msgsize,
1194 &p->fd);
1195 if (r < 0)
916abb21 1196 goto rollback;
b15bdda8
LP		 1197 } else
1198 assert_not_reached("Unknown port type");
034c6ed7
LP		 1199 }
1200
56cf987f 1201 label_free(label);
034c6ed7
LP		 1202 return 0;
1203
1204rollback:
1205 socket_close_fds(s);
56cf987f 1206 label_free(label);
034c6ed7
LP		 1207 return r;
1208}
1209
1210static void socket_unwatch_fds(Socket *s) {
1211 SocketPort *p;
718db961 1212 int r;
9152c765 1213
034c6ed7
LP		 1214 assert(s);
1215
1216 LIST_FOREACH(port, p, s->ports) {
1217 if (p->fd < 0)
1218 continue;
1219
a4152e3f
LP		 1220 if (!p->event_source)
1221 continue;
1222
1223 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_OFF);
1224 if (r < 0)
1225 log_debug_unit(UNIT(s)->id, "Failed to disable event source.");
83c60c9f 1226 }
034c6ed7
LP		 1227}
1228
1229static int socket_watch_fds(Socket *s) {
1230 SocketPort *p;
1231 int r;
1232
1233 assert(s);
83c60c9f 1234
034c6ed7
LP		 1235 LIST_FOREACH(port, p, s->ports) {
1236 if (p->fd < 0)
1237 continue;
1238
718db961
LP		 1239 if (p->event_source)
1240 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_ON);
1241 else
151b9b96 1242 r = sd_event_add_io(UNIT(s)->manager->event, &p->event_source, p->fd, EPOLLIN, socket_dispatch_io, p);
4f2d528d 1243
718db961
LP		 1244 if (r < 0) {
1245 log_warning_unit(UNIT(s)->id, "Failed to watch listening fds: %s", strerror(-r));
034c6ed7 1246 goto fail;
718db961 1247 }
034c6ed7 1248 }
83c60c9f 1249
542563ba 1250 return 0;
83c60c9f 1251
034c6ed7
LP		 1252fail:
1253 socket_unwatch_fds(s);
1254 return r;
1255}
1256
1257static void socket_set_state(Socket *s, SocketState state) {
1258 SocketState old_state;
1259 assert(s);
1260
1261 old_state = s->state;
1262 s->state = state;
1263
bd1fe7c7
LP		 1264 if (!IN_SET(state,
1265 SOCKET_START_PRE,
3900e5fd 1266 SOCKET_START_CHOWN,
bd1fe7c7
LP		 1267 SOCKET_START_POST,
1268 SOCKET_STOP_PRE,
1269 SOCKET_STOP_PRE_SIGTERM,
1270 SOCKET_STOP_PRE_SIGKILL,
1271 SOCKET_STOP_POST,
1272 SOCKET_FINAL_SIGTERM,
1273 SOCKET_FINAL_SIGKILL)) {
718db961
LP		 1274
1275 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
5e94833f 1276 socket_unwatch_control_pid(s);
034c6ed7 1277 s->control_command = NULL;
a16e1123 1278 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
e537352b 1279 }
034c6ed7 1280
a16e1123
LP		 1281 if (state != SOCKET_LISTENING)
1282 socket_unwatch_fds(s);
1283
bd1fe7c7 1284 if (!IN_SET(state,
3900e5fd 1285 SOCKET_START_CHOWN,
bd1fe7c7
LP		 1286 SOCKET_START_POST,
1287 SOCKET_LISTENING,
1288 SOCKET_RUNNING,
1289 SOCKET_STOP_PRE,
1290 SOCKET_STOP_PRE_SIGTERM,
1291 SOCKET_STOP_PRE_SIGKILL))
034c6ed7
LP		 1292 socket_close_fds(s);
1293
e537352b 1294 if (state != old_state)
e821075a
LP		 1295 log_debug_unit(UNIT(s)->id, "%s changed %s -> %s",
1296 UNIT(s)->id, socket_state_to_string(old_state), socket_state_to_string(state));
acbb0225 1297
e2f3b44c 1298 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
034c6ed7
LP		 1299}
1300
a16e1123
LP		 1301static int socket_coldplug(Unit *u) {
1302 Socket *s = SOCKET(u);
1303 int r;
1304
1305 assert(s);
1306 assert(s->state == SOCKET_DEAD);
1307
e821075a
LP		 1308 if (s->deserialized_state == s->state)
1309 return 0;
a16e1123 1310
3900e5fd
LP		 1311 if (IN_SET(s->deserialized_state,
1312 SOCKET_START_PRE,
1313 SOCKET_START_CHOWN,
1314 SOCKET_START_POST,
1315 SOCKET_STOP_PRE,
1316 SOCKET_STOP_PRE_SIGTERM,
1317 SOCKET_STOP_PRE_SIGKILL,
1318 SOCKET_STOP_POST,
1319 SOCKET_FINAL_SIGTERM,
1320 SOCKET_FINAL_SIGKILL)) {
a16e1123 1321
e821075a
LP		 1322 if (s->control_pid <= 0)
1323 return -EBADMSG;
a16e1123 1324
e821075a
LP		 1325 r = unit_watch_pid(UNIT(s), s->control_pid);
1326 if (r < 0)
1327 return r;
a16e1123 1328
e821075a
LP		 1329 r = socket_arm_timer(s);
1330 if (r < 0)
1331 return r;
1332 }
a16e1123 1333
3900e5fd
LP		 1334 if (IN_SET(s->deserialized_state,
1335 SOCKET_START_CHOWN,
1336 SOCKET_START_POST,
1337 SOCKET_LISTENING,
1338 SOCKET_RUNNING,
1339 SOCKET_STOP_PRE,
1340 SOCKET_STOP_PRE_SIGTERM,
1341 SOCKET_STOP_PRE_SIGKILL)) {
e821075a
LP		 1342 r = socket_open_fds(s);
1343 if (r < 0)
1344 return r;
1345 }
a16e1123 1346
e821075a
LP		 1347 if (s->deserialized_state == SOCKET_LISTENING) {
1348 r = socket_watch_fds(s);
1349 if (r < 0)
1350 return r;
a16e1123
LP		 1351 }
1352
e821075a 1353 socket_set_state(s, s->deserialized_state);
a16e1123
LP		 1354 return 0;
1355}
1356
e537352b 1357static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
3900e5fd 1358 _cleanup_free_ char **argv = NULL;
034c6ed7
LP		 1359 pid_t pid;
1360 int r;
1361
1362 assert(s);
1363 assert(c);
1364 assert(_pid);
1365
4ad49000
LP		 1366 unit_realize_cgroup(UNIT(s));
1367
613b411c
LP		 1368 r = unit_setup_exec_runtime(UNIT(s));
1369 if (r < 0)
1370 goto fail;
1371
718db961 1372 r = socket_arm_timer(s);
36697dc0 1373 if (r < 0)
e537352b 1374 goto fail;
034c6ed7 1375
19f6d710
LP		 1376 r = unit_full_printf_strv(UNIT(s), c->argv, &argv);
1377 if (r < 0)
9e2f7c11 1378 goto fail;
9e2f7c11
LP		 1379
1380 r = exec_spawn(c,
1381 argv,
1382 &s->exec_context,
1383 NULL, 0,
1124fe6f 1384 UNIT(s)->manager->environment,
9e2f7c11
LP		 1385 true,
1386 true,
1e3ad081 1387 true,
1124fe6f 1388 UNIT(s)->manager->confirm_spawn,
13b84ec7 1389 UNIT(s)->manager->cgroup_supported,
4ad49000 1390 UNIT(s)->cgroup_path,
e66cf1a3 1391 manager_get_runtime_prefix(UNIT(s)->manager),
62bca2c6 1392 UNIT(s)->id,
09812eb7 1393 0,
f2b68789 1394 NULL,
613b411c 1395 s->exec_runtime,
9e2f7c11 1396 &pid);
cee288ad
TA		 1397 if (r < 0)
1398 goto fail;
9e2f7c11 1399
3900e5fd 1400 r = unit_watch_pid(UNIT(s), pid);
9e2f7c11 1401 if (r < 0)
3900e5fd 1402 /* FIXME: we need to do something here */
034c6ed7
LP		 1403 goto fail;
1404
3900e5fd
LP		 1405 *_pid = pid;
1406 return 0;
1407
1408fail:
1409 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1410 return r;
1411}
1412
1413static int socket_chown(Socket *s, pid_t *_pid) {
1414 pid_t pid;
1415 int r;
1416
1417 r = socket_arm_timer(s);
1418 if (r < 0)
1419 goto fail;
1420
1421 /* We have to resolve the user names out-of-process, hence
1422 * let's fork here. It's messy, but well, what can we do? */
1423
1424 pid = fork();
1425 if (pid < 0)
1426 return -errno;
1427
1428 if (pid == 0) {
1429 SocketPort *p;
1430 uid_t uid = (uid_t) -1;
1431 gid_t gid = (gid_t) -1;
1432 int ret;
1433
1434 default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
1435 ignore_signals(SIGPIPE, -1);
1436 log_forget_fds();
1437
1438 if (!isempty(s->user)) {
1439 const char *user = s->user;
1440
1441 r = get_user_creds(&user, &uid, &gid, NULL, NULL);
1442 if (r < 0) {
1443 ret = EXIT_USER;
1444 goto fail_child;
1445 }
1446 }
1447
1448 if (!isempty(s->group)) {
1449 const char *group = s->group;
1450
1451 r = get_group_creds(&group, &gid);
1452 if (r < 0) {
1453 ret = EXIT_GROUP;
1454 goto fail_child;
1455 }
1456 }
1457
1458 LIST_FOREACH(port, p, s->ports) {
e5a1c18d 1459 const char *path = NULL;
3900e5fd
LP		 1460
1461 if (p->type == SOCKET_SOCKET)
1462 path = socket_address_get_path(&p->address);
1463 else if (p->type == SOCKET_FIFO)
1464 path = p->path;
1465
1466 if (!path)
1467 continue;
1468
1469 if (chown(path, uid, gid) < 0) {
1470 r = -errno;
1471 ret = EXIT_CHOWN;
1472 goto fail_child;
1473 }
1474 }
1475
1476 _exit(0);
1477
1478 fail_child:
1479 log_open();
1480 log_error("Failed to chown socket at step %s: %s", exit_status_to_string(ret, EXIT_STATUS_SYSTEMD), strerror(-r));
1481
1482 _exit(ret);
1483 }
1484
718db961
LP		 1485 r = unit_watch_pid(UNIT(s), pid);
1486 if (r < 0)
034c6ed7 1487 goto fail;
83c60c9f 1488
034c6ed7 1489 *_pid = pid;
034c6ed7
LP		 1490 return 0;
1491
1492fail:
718db961 1493 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
83c60c9f 1494 return r;
542563ba
LP		 1495}
1496
cfc4eb4c 1497static void socket_enter_dead(Socket *s, SocketResult f) {
034c6ed7
LP		 1498 assert(s);
1499
cfc4eb4c
LP		 1500 if (f != SOCKET_SUCCESS)
1501 s->result = f;
034c6ed7 1502
613b411c
LP		 1503 exec_runtime_destroy(s->exec_runtime);
1504 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
1505
e66cf1a3
LP		 1506 exec_context_destroy_runtime_directory(&s->exec_context, manager_get_runtime_prefix(UNIT(s)->manager));
1507
cfc4eb4c 1508 socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
034c6ed7
LP		 1509}
1510
cfc4eb4c 1511static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
80876c20 1512
cfc4eb4c 1513static void socket_enter_stop_post(Socket *s, SocketResult f) {
034c6ed7
LP		 1514 int r;
1515 assert(s);
1516
cfc4eb4c
LP		 1517 if (f != SOCKET_SUCCESS)
1518 s->result = f;
034c6ed7 1519
5e94833f 1520 socket_unwatch_control_pid(s);
a16e1123 1521 s->control_command_id = SOCKET_EXEC_STOP_POST;
3900e5fd 1522 s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST];
a16e1123 1523
3900e5fd
LP		 1524 if (s->control_command) {
1525 r = socket_spawn(s, s->control_command, &s->control_pid);
1526 if (r < 0)
034c6ed7
LP		 1527 goto fail;
1528
80876c20
LP		 1529 socket_set_state(s, SOCKET_STOP_POST);
1530 } else
cfc4eb4c 1531 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
034c6ed7
LP		 1532
1533 return;
1534
1535fail:
66870f90
ZJS		 1536 log_warning_unit(UNIT(s)->id,
1537 "%s failed to run 'stop-post' task: %s",
1538 UNIT(s)->id, strerror(-r));
cfc4eb4c 1539 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1540}
1541
cfc4eb4c 1542static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
034c6ed7
LP		 1543 int r;
1544
1545 assert(s);
1546
cfc4eb4c
LP		 1547 if (f != SOCKET_SUCCESS)
1548 s->result = f;
034c6ed7 1549
cd2086fe
LP		 1550 r = unit_kill_context(
1551 UNIT(s),
1552 &s->kill_context,
1553 state != SOCKET_STOP_PRE_SIGTERM && state != SOCKET_FINAL_SIGTERM,
1554 -1,
1555 s->control_pid,
1556 false);
1557 if (r < 0)
1558 goto fail;
034c6ed7 1559
cd2086fe 1560 if (r > 0) {
718db961 1561 r = socket_arm_timer(s);
36697dc0 1562 if (r < 0)
80876c20 1563 goto fail;
d6ea93e3 1564
80876c20 1565 socket_set_state(s, state);
ac84d1fb
LP		 1566 } else if (state == SOCKET_STOP_PRE_SIGTERM)
1567 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_SUCCESS);
1568 else if (state == SOCKET_STOP_PRE_SIGKILL)
cfc4eb4c 1569 socket_enter_stop_post(s, SOCKET_SUCCESS);
ac84d1fb
LP		 1570 else if (state == SOCKET_FINAL_SIGTERM)
1571 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_SUCCESS);
80876c20 1572 else
cfc4eb4c 1573 socket_enter_dead(s, SOCKET_SUCCESS);
034c6ed7
LP		 1574
1575 return;
1576
1577fail:
e821075a 1578 log_warning_unit(UNIT(s)->id, "%s failed to kill processes: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1579
1580 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
cfc4eb4c 1581 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1582 else
cfc4eb4c 1583 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1584}
1585
cfc4eb4c 1586static void socket_enter_stop_pre(Socket *s, SocketResult f) {
034c6ed7
LP		 1587 int r;
1588 assert(s);
1589
cfc4eb4c
LP		 1590 if (f != SOCKET_SUCCESS)
1591 s->result = f;
034c6ed7 1592
5e94833f 1593 socket_unwatch_control_pid(s);
a16e1123 1594 s->control_command_id = SOCKET_EXEC_STOP_PRE;
3900e5fd 1595 s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE];
a16e1123 1596
3900e5fd
LP		 1597 if (s->control_command) {
1598 r = socket_spawn(s, s->control_command, &s->control_pid);
1599 if (r < 0)
034c6ed7
LP		 1600 goto fail;
1601
80876c20
LP		 1602 socket_set_state(s, SOCKET_STOP_PRE);
1603 } else
cfc4eb4c 1604 socket_enter_stop_post(s, SOCKET_SUCCESS);
034c6ed7
LP		 1605
1606 return;
1607
1608fail:
e821075a 1609 log_warning_unit(UNIT(s)->id, "%s failed to run 'stop-pre' task: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1610 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1611}
1612
e9af15c3
LP		 1613static void socket_enter_listening(Socket *s) {
1614 int r;
1615 assert(s);
1616
cfc4eb4c
LP		 1617 r = socket_watch_fds(s);
1618 if (r < 0) {
e821075a 1619 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
e9af15c3
LP		 1620 goto fail;
1621 }
1622
1623 socket_set_state(s, SOCKET_LISTENING);
1624 return;
1625
1626fail:
cfc4eb4c 1627 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
e9af15c3
LP		 1628}
1629
034c6ed7
LP		 1630static void socket_enter_start_post(Socket *s) {
1631 int r;
1632 assert(s);
1633
3900e5fd
LP		 1634 socket_unwatch_control_pid(s);
1635 s->control_command_id = SOCKET_EXEC_START_POST;
1636 s->control_command = s->exec_command[SOCKET_EXEC_START_POST];
1637
1638 if (s->control_command) {
1639 r = socket_spawn(s, s->control_command, &s->control_pid);
1640 if (r < 0) {
1641 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-post' task: %s", UNIT(s)->id, strerror(-r));
1642 goto fail;
1643 }
1644
1645 socket_set_state(s, SOCKET_START_POST);
1646 } else
1647 socket_enter_listening(s);
1648
1649 return;
1650
1651fail:
1652 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1653}
1654
1655static void socket_enter_start_chown(Socket *s) {
1656 int r;
1657
1658 assert(s);
1659
cfc4eb4c
LP		 1660 r = socket_open_fds(s);
1661 if (r < 0) {
e821075a 1662 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1663 goto fail;
1664 }
1665
3900e5fd 1666 if (!isempty(s->user) || !isempty(s->group)) {
5e94833f 1667
3900e5fd
LP		 1668 socket_unwatch_control_pid(s);
1669 s->control_command_id = SOCKET_EXEC_START_CHOWN;
1670 s->control_command = NULL;
a16e1123 1671
3900e5fd 1672 r = socket_chown(s, &s->control_pid);
cfc4eb4c 1673 if (r < 0) {
3900e5fd 1674 log_warning_unit(UNIT(s)->id, "%s failed to fork 'start-chown' task: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1675 goto fail;
1676 }
1677
3900e5fd 1678 socket_set_state(s, SOCKET_START_CHOWN);
80876c20 1679 } else
3900e5fd 1680 socket_enter_start_post(s);
034c6ed7
LP		 1681
1682 return;
1683
1684fail:
cfc4eb4c 1685 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1686}
1687
1688static void socket_enter_start_pre(Socket *s) {
1689 int r;
1690 assert(s);
1691
5e94833f 1692 socket_unwatch_control_pid(s);
a16e1123 1693 s->control_command_id = SOCKET_EXEC_START_PRE;
3900e5fd 1694 s->control_command = s->exec_command[SOCKET_EXEC_START_PRE];
a16e1123 1695
3900e5fd 1696 if (s->control_command) {
e821075a 1697 r = socket_spawn(s, s->control_command, &s->control_pid);
3900e5fd
LP		 1698 if (r < 0) {
1699 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-pre' task: %s", UNIT(s)->id, strerror(-r));
034c6ed7 1700 goto fail;
3900e5fd 1701 }
034c6ed7 1702
80876c20
LP		 1703 socket_set_state(s, SOCKET_START_PRE);
1704 } else
3900e5fd 1705 socket_enter_start_chown(s);
034c6ed7
LP		 1706
1707 return;
1708
1709fail:
cfc4eb4c 1710 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1711}
1712
4f2d528d 1713static void socket_enter_running(Socket *s, int cfd) {
718db961 1714 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
034c6ed7
LP		 1715 int r;
1716
1717 assert(s);
1718
ba3e67a7
LP		 1719 /* We don't take connections anymore if we are supposed to
1720 * shut down anyway */
31afa0a4 1721 if (unit_stop_pending(UNIT(s))) {
e821075a
LP		 1722
1723 log_debug_unit(UNIT(s)->id, "Suppressing connection request on %s since unit stop is scheduled.", UNIT(s)->id);
5d909e3e 1724
7c610628 1725 if (cfd >= 0)
03e334a1 1726 safe_close(cfd);
7c610628
LP		 1727 else {
1728 /* Flush all sockets by closing and reopening them */
1729 socket_close_fds(s);
1730
16ac4014
LP		 1731 r = socket_open_fds(s);
1732 if (r < 0) {
1733 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1734 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1735 return;
1736 }
1737
1a710b43
MS		 1738 r = socket_watch_fds(s);
1739 if (r < 0) {
e821075a 1740 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1741 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
7c610628
LP		 1742 }
1743 }
1744
ba3e67a7
LP		 1745 return;
1746 }
1747
4f2d528d 1748 if (cfd < 0) {
57020a3a 1749 Iterator i;
e821075a 1750 Unit *other;
f976f3f6 1751 bool pending = false;
f976f3f6
LP		 1752
1753 /* If there's already a start pending don't bother to
1754 * do anything */
e821075a
LP		 1755 SET_FOREACH(other, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
1756 if (unit_active_or_pending(other)) {
57020a3a
LP		 1757 pending = true;
1758 break;
1759 }
f976f3f6 1760
1a710b43 1761 if (!pending) {
640ace4a
LP		 1762 if (!UNIT_ISSET(s->service)) {
1763 log_error_unit(UNIT(s)->id, "%s: service to activate vanished, refusing activation.", UNIT(s)->id);
1764 r = -ENOENT;
1765 goto fail;
1766 }
1767
1a710b43
MS		 1768 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1769 if (r < 0)
f976f3f6 1770 goto fail;
1a710b43 1771 }
4f2d528d
LP		 1772
1773 socket_set_state(s, SOCKET_RUNNING);
1774 } else {
e55001eb 1775 _cleanup_free_ char *prefix = NULL, *instance = NULL, *name = NULL;
b15bdda8 1776 Service *service;
4f2d528d 1777
6cf6bbc2 1778 if (s->n_connections >= s->max_connections) {
e821075a 1779 log_warning_unit(UNIT(s)->id, "%s: Too many incoming connections (%u)", UNIT(s)->id, s->n_connections);
03e334a1 1780 safe_close(cfd);
6cf6bbc2
LP		 1781 return;
1782 }
1783
1a710b43
MS		 1784 r = socket_instantiate_service(s);
1785 if (r < 0)
b15bdda8
LP		 1786 goto fail;
1787
1a710b43
MS		 1788 r = instance_from_socket(cfd, s->n_accepted, &instance);
1789 if (r < 0) {
1790 if (r != -ENOTCONN)
1791 goto fail;
1792
1793 /* ENOTCONN is legitimate if TCP RST was received.
1794 * This connection is over, but the socket unit lives on. */
03e334a1 1795 safe_close(cfd);
1a710b43
MS		 1796 return;
1797 }
4f2d528d 1798
1a710b43
MS		 1799 prefix = unit_name_to_prefix(UNIT(s)->id);
1800 if (!prefix) {
4f2d528d
LP		 1801 r = -ENOMEM;
1802 goto fail;
1803 }
1804
1805 name = unit_name_build(prefix, instance, ".service");
b6dbbe1c 1806 if (!name) {
4f2d528d 1807 r = -ENOMEM;
b6dbbe1c
LP		 1808 goto fail;
1809 }
4f2d528d 1810
1a710b43 1811 r = unit_add_name(UNIT_DEREF(s->service), name);
e55001eb 1812 if (r < 0)
4f2d528d 1813 goto fail;
b15bdda8 1814
57020a3a
LP		 1815 service = SERVICE(UNIT_DEREF(s->service));
1816 unit_ref_unset(&s->service);
b15bdda8 1817 s->n_accepted ++;
4f2d528d 1818
1124fe6f 1819 UNIT(service)->no_gc = false;
6c073082 1820
b15bdda8 1821 unit_choose_id(UNIT(service), name);
b15bdda8 1822
1a710b43
MS		 1823 r = service_set_socket_fd(service, cfd, s);
1824 if (r < 0)
4f2d528d
LP		 1825 goto fail;
1826
1827 cfd = -1;
6cf6bbc2
LP		 1828 s->n_connections ++;
1829
1a710b43
MS		 1830 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1831 if (r < 0)
4f2d528d 1832 goto fail;
c4e2ceae
LP		 1833
1834 /* Notify clients about changed counters */
1835 unit_add_to_dbus_queue(UNIT(s));
4f2d528d 1836 }
034c6ed7 1837
034c6ed7
LP		 1838 return;
1839
1840fail:
e821075a
LP		 1841 log_warning_unit(UNIT(s)->id, "%s failed to queue service startup job (Maybe the service file is missing or not a %s unit?): %s",
1842 UNIT(s)->id, cfd >= 0 ? "template" : "non-template",
718db961 1843 bus_error_message(&error, r));
e821075a 1844
60089004 1845 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
03e334a1 1846 safe_close(cfd);
034c6ed7
LP		 1847}
1848
cfc4eb4c 1849static void socket_run_next(Socket *s) {
034c6ed7
LP		 1850 int r;
1851
1852 assert(s);
1853 assert(s->control_command);
1854 assert(s->control_command->command_next);
1855
5e94833f
LP		 1856 socket_unwatch_control_pid(s);
1857
034c6ed7
LP		 1858 s->control_command = s->control_command->command_next;
1859
e821075a
LP		 1860 r = socket_spawn(s, s->control_command, &s->control_pid);
1861 if (r < 0)
034c6ed7
LP		 1862 goto fail;
1863
1864 return;
1865
1866fail:
e821075a 1867 log_warning_unit(UNIT(s)->id, "%s failed to run next task: %s", UNIT(s)->id, strerror(-r));
80876c20
LP		 1868
1869 if (s->state == SOCKET_START_POST)
cfc4eb4c 1870 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1871 else if (s->state == SOCKET_STOP_POST)
cfc4eb4c 1872 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1873 else
cfc4eb4c 1874 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1875}
1876
87f0e418
LP		 1877static int socket_start(Unit *u) {
1878 Socket *s = SOCKET(u);
83c60c9f
LP		 1879
1880 assert(s);
1881
034c6ed7
LP		 1882 /* We cannot fulfill this request right now, try again later
1883 * please! */
3900e5fd
LP		 1884 if (IN_SET(s->state,
1885 SOCKET_STOP_PRE,
1886 SOCKET_STOP_PRE_SIGKILL,
1887 SOCKET_STOP_PRE_SIGTERM,
1888 SOCKET_STOP_POST,
1889 SOCKET_FINAL_SIGTERM,
1890 SOCKET_FINAL_SIGKILL))
034c6ed7
LP		 1891 return -EAGAIN;
1892
a4152e3f 1893 /* Already on it! */
3900e5fd
LP		 1894 if (IN_SET(s->state,
1895 SOCKET_START_PRE,
1896 SOCKET_START_CHOWN,
1897 SOCKET_START_POST))
034c6ed7 1898 return 0;
83c60c9f 1899
034c6ed7 1900 /* Cannot run this without the service being around */
9444b1f2 1901 if (UNIT_ISSET(s->service)) {
57020a3a
LP		 1902 Service *service;
1903
1904 service = SERVICE(UNIT_DEREF(s->service));
1905
1124fe6f 1906 if (UNIT(service)->load_state != UNIT_LOADED) {
e821075a 1907 log_error_unit(u->id, "Socket service %s not loaded, refusing.", UNIT(service)->id);
4f2d528d 1908 return -ENOENT;
4ac9236f 1909 }
4f2d528d 1910
35b8ca3a 1911 /* If the service is already active we cannot start the
4f2d528d 1912 * socket */
57020a3a
LP		 1913 if (service->state != SERVICE_DEAD &&
1914 service->state != SERVICE_FAILED &&
1915 service->state != SERVICE_AUTO_RESTART) {
e821075a 1916 log_error_unit(u->id, "Socket service %s already active, refusing.", UNIT(service)->id);
4f2d528d 1917 return -EBUSY;
4ac9236f 1918 }
4f2d528d 1919 }
e537352b 1920
fdf20a31 1921 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
83c60c9f 1922
cfc4eb4c 1923 s->result = SOCKET_SUCCESS;
034c6ed7 1924 socket_enter_start_pre(s);
e821075a 1925
034c6ed7
LP		 1926 return 0;
1927}
83c60c9f 1928
87f0e418
LP		 1929static int socket_stop(Unit *u) {
1930 Socket *s = SOCKET(u);
034c6ed7
LP		 1931
1932 assert(s);
1933
e537352b 1934 /* Already on it */
3900e5fd
LP		 1935 if (IN_SET(s->state,
1936 SOCKET_STOP_PRE,
1937 SOCKET_STOP_PRE_SIGTERM,
1938 SOCKET_STOP_PRE_SIGKILL,
1939 SOCKET_STOP_POST,
1940 SOCKET_FINAL_SIGTERM,
1941 SOCKET_FINAL_SIGKILL))
e537352b
LP		 1942 return 0;
1943
3f6c78dc
LP		 1944 /* If there's already something running we go directly into
1945 * kill mode. */
3900e5fd
LP		 1946 if (IN_SET(s->state,
1947 SOCKET_START_PRE,
1948 SOCKET_START_CHOWN,
1949 SOCKET_START_POST)) {
cfc4eb4c 1950 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
3f6c78dc
LP		 1951 return -EAGAIN;
1952 }
1953
034c6ed7 1954 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
83c60c9f 1955
cfc4eb4c 1956 socket_enter_stop_pre(s, SOCKET_SUCCESS);
542563ba
LP		 1957 return 0;
1958}
1959
a16e1123
LP		 1960static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1961 Socket *s = SOCKET(u);
1962 SocketPort *p;
1963 int r;
1964
1965 assert(u);
1966 assert(f);
1967 assert(fds);
1968
1969 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
cfc4eb4c 1970 unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
a16e1123
LP		 1971 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1972
1973 if (s->control_pid > 0)
de0671ee 1974 unit_serialize_item_format(u, f, "control-pid", PID_FMT, s->control_pid);
a16e1123
LP		 1975
1976 if (s->control_command_id >= 0)
1977 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1978
1979 LIST_FOREACH(port, p, s->ports) {
1980 int copy;
1981
1982 if (p->fd < 0)
1983 continue;
1984
613b411c
LP		 1985 copy = fdset_put_dup(fds, p->fd);
1986 if (copy < 0)
a16e1123
LP		 1987 return copy;
1988
1989 if (p->type == SOCKET_SOCKET) {
613b411c 1990 _cleanup_free_ char *t = NULL;
a16e1123 1991
ee092817
LP		 1992 r = socket_address_print(&p->address, &t);
1993 if (r < 0)
a16e1123
LP		 1994 return r;
1995
7a22745a
LP		 1996 if (socket_address_family(&p->address) == AF_NETLINK)
1997 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
1998 else
1999 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
613b411c 2000
b0a3f2bc
LP		 2001 } else if (p->type == SOCKET_SPECIAL)
2002 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
ee092817
LP		 2003 else if (p->type == SOCKET_MQUEUE)
2004 unit_serialize_item_format(u, f, "mqueue", "%i %s", copy, p->path);
b0a3f2bc 2005 else {
a16e1123
LP		 2006 assert(p->type == SOCKET_FIFO);
2007 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
2008 }
2009 }
2010
2011 return 0;
2012}
2013
2014static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
2015 Socket *s = SOCKET(u);
a16e1123
LP		 2016
2017 assert(u);
2018 assert(key);
2019 assert(value);
a16e1123
LP		 2020
2021 if (streq(key, "state")) {
2022 SocketState state;
2023
ee092817
LP		 2024 state = socket_state_from_string(value);
2025 if (state < 0)
e821075a 2026 log_debug_unit(u->id, "Failed to parse state value %s", value);
a16e1123
LP		 2027 else
2028 s->deserialized_state = state;
cfc4eb4c
LP		 2029 } else if (streq(key, "result")) {
2030 SocketResult f;
a16e1123 2031
cfc4eb4c
LP		 2032 f = socket_result_from_string(value);
2033 if (f < 0)
e821075a 2034 log_debug_unit(u->id, "Failed to parse result value %s", value);
cfc4eb4c
LP		 2035 else if (f != SOCKET_SUCCESS)
2036 s->result = f;
a16e1123
LP		 2037
2038 } else if (streq(key, "n-accepted")) {
2039 unsigned k;
2040
e364ad06 2041 if (safe_atou(value, &k) < 0)
e821075a 2042 log_debug_unit(u->id, "Failed to parse n-accepted value %s", value);
a16e1123
LP		 2043 else
2044 s->n_accepted += k;
2045 } else if (streq(key, "control-pid")) {
5925dd3c 2046 pid_t pid;
a16e1123 2047
e364ad06 2048 if (parse_pid(value, &pid) < 0)
e821075a 2049 log_debug_unit(u->id, "Failed to parse control-pid value %s", value);
a16e1123 2050 else
5925dd3c 2051 s->control_pid = pid;
a16e1123
LP		 2052 } else if (streq(key, "control-command")) {
2053 SocketExecCommand id;
2054
66870f90
ZJS		 2055 id = socket_exec_command_from_string(value);
2056 if (id < 0)
e821075a 2057 log_debug_unit(u->id, "Failed to parse exec-command value %s", value);
a16e1123
LP		 2058 else {
2059 s->control_command_id = id;
2060 s->control_command = s->exec_command[id];
2061 }
2062 } else if (streq(key, "fifo")) {
2063 int fd, skip = 0;
2064 SocketPort *p;
2065
2066 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
e821075a 2067 log_debug_unit(u->id, "Failed to parse fifo value %s", value);
a16e1123
LP		 2068 else {
2069
2070 LIST_FOREACH(port, p, s->ports)
b0a3f2bc
LP		 2071 if (p->type == SOCKET_FIFO &&
2072 streq_ptr(p->path, value+skip))
2073 break;
2074
2075 if (p) {
03e334a1 2076 safe_close(p->fd);
b0a3f2bc
LP		 2077 p->fd = fdset_remove(fds, fd);
2078 }
2079 }
2080
2081 } else if (streq(key, "special")) {
2082 int fd, skip = 0;
2083 SocketPort *p;
2084
2085 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
e821075a 2086 log_debug_unit(u->id, "Failed to parse special value %s", value);
b0a3f2bc
LP		 2087 else {
2088
2089 LIST_FOREACH(port, p, s->ports)
2090 if (p->type == SOCKET_SPECIAL &&
2091 streq_ptr(p->path, value+skip))
a16e1123
LP		 2092 break;
2093
2094 if (p) {
03e334a1 2095 safe_close(p->fd);
a16e1123
LP		 2096 p->fd = fdset_remove(fds, fd);
2097 }
2098 }
2099
ee092817
LP		 2100 } else if (streq(key, "mqueue")) {
2101 int fd, skip = 0;
2102 SocketPort *p;
2103
2104 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
e821075a 2105 log_debug_unit(u->id, "Failed to parse mqueue value %s", value);
ee092817
LP		 2106 else {
2107
2108 LIST_FOREACH(port, p, s->ports)
2109 if (p->type == SOCKET_MQUEUE &&
2110 streq_ptr(p->path, value+skip))
2111 break;
2112
2113 if (p) {
03e334a1 2114 safe_close(p->fd);
ee092817
LP		 2115 p->fd = fdset_remove(fds, fd);
2116 }
2117 }
2118
a16e1123 2119 } else if (streq(key, "socket")) {
27ca8d7a 2120 int fd, type, skip = 0;
a16e1123
LP		 2121 SocketPort *p;
2122
27ca8d7a 2123 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
e821075a 2124 log_debug_unit(u->id, "Failed to parse socket value %s", value);
a16e1123
LP		 2125 else {
2126
2127 LIST_FOREACH(port, p, s->ports)
27ca8d7a 2128 if (socket_address_is(&p->address, value+skip, type))
a16e1123
LP		 2129 break;
2130
2131 if (p) {
03e334a1 2132 safe_close(p->fd);
a16e1123
LP		 2133 p->fd = fdset_remove(fds, fd);
2134 }
2135 }
2136
7a22745a
LP		 2137 } else if (streq(key, "netlink")) {
2138 int fd, skip = 0;
2139 SocketPort *p;
2140
2141 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
e821075a 2142 log_debug_unit(u->id, "Failed to parse socket value %s", value);
7a22745a
LP		 2143 else {
2144
2145 LIST_FOREACH(port, p, s->ports)
2146 if (socket_address_is_netlink(&p->address, value+skip))
2147 break;
2148
2149 if (p) {
03e334a1 2150 safe_close(p->fd);
7a22745a
LP		 2151 p->fd = fdset_remove(fds, fd);
2152 }
2153 }
a16e1123 2154 } else
e821075a 2155 log_debug_unit(UNIT(s)->id, "Unknown serialization key '%s'", key);
a16e1123
LP		 2156
2157 return 0;
2158}
2159
01e10de3
LP		 2160static int socket_distribute_fds(Unit *u, FDSet *fds) {
2161 Socket *s = SOCKET(u);
2162 SocketPort *p;
2163
2164 assert(u);
2165
2166 LIST_FOREACH(port, p, s->ports) {
2167 Iterator i;
2168 int fd;
2169
2170 if (p->type != SOCKET_SOCKET)
2171 continue;
2172
2173 if (p->fd >= 0)
2174 continue;
2175
2176 FDSET_FOREACH(fd, fds, i) {
2177 if (socket_address_matches_fd(&p->address, fd)) {
2178 p->fd = fdset_remove(fds, fd);
2179 s->deserialized_state = SOCKET_LISTENING;
2180 break;
2181 }
2182 }
2183 }
2184
2185 return 0;
2186}
2187
44a6b1b6 2188_pure_ static UnitActiveState socket_active_state(Unit *u) {
87f0e418 2189 assert(u);
5cb5a6ff 2190
acbb0225 2191 return state_translation_table[SOCKET(u)->state];
5cb5a6ff
LP		 2192}
2193
44a6b1b6 2194_pure_ static const char *socket_sub_state_to_string(Unit *u) {
10a94420
LP		 2195 assert(u);
2196
a16e1123 2197 return socket_state_to_string(SOCKET(u)->state);
10a94420
LP		 2198}
2199
67419600
OS		 2200const char* socket_port_type_to_string(SocketPort *p) {
2201
2202 assert(p);
2203
2204 switch (p->type) {
718db961
LP		 2205
2206 case SOCKET_SOCKET:
2207
2208 switch (p->address.type) {
2209
2210 case SOCK_STREAM:
2211 return "Stream";
2212
2213 case SOCK_DGRAM:
2214 return "Datagram";
2215
2216 case SOCK_SEQPACKET:
2217 return "SequentialPacket";
2218
2219 case SOCK_RAW:
2220 if (socket_address_family(&p->address) == AF_NETLINK)
2221 return "Netlink";
2222
2223 default:
2224 return NULL;
2225 }
2226
2227 case SOCKET_SPECIAL:
2228 return "Special";
2229
2230 case SOCKET_MQUEUE:
2231 return "MessageQueue";
2232
2233 case SOCKET_FIFO:
2234 return "FIFO";
2235
2236 default:
2237 return NULL;
67419600
OS		 2238 }
2239}
2240
44a6b1b6 2241_pure_ static bool socket_check_gc(Unit *u) {
6cf6bbc2
LP		 2242 Socket *s = SOCKET(u);
2243
2244 assert(u);
2245
2246 return s->n_connections > 0;
2247}
2248
718db961
LP		 2249static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2250 SocketPort *p = userdata;
4f2d528d 2251 int cfd = -1;
9152c765 2252
718db961 2253 assert(p);
8d567588 2254 assert(fd >= 0);
9152c765 2255
718db961
LP		 2256 if (p->socket->state != SOCKET_LISTENING)
2257 return 0;
871d7de4 2258
718db961 2259 log_debug_unit(UNIT(p->socket)->id, "Incoming traffic on %s", UNIT(p->socket)->id);
9152c765 2260
718db961 2261 if (revents != EPOLLIN) {
641e01dc 2262
718db961 2263 if (revents & EPOLLHUP)
e821075a 2264 log_error_unit(UNIT(p->socket)->id, "%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.",
718db961 2265 UNIT(p->socket)->id);
641e01dc 2266 else
e821075a 2267 log_error_unit(UNIT(p->socket)->id, "%s: Got unexpected poll event (0x%x) on socket.",
718db961 2268 UNIT(p->socket)->id, revents);
641e01dc 2269
8d567588 2270 goto fail;
4f2d528d
LP		 2271 }
2272
718db961
LP		 2273 if (p->socket->accept &&
2274 p->type == SOCKET_SOCKET &&
2275 socket_address_can_accept(&p->address)) {
2276
4f2d528d
LP		 2277 for (;;) {
2278
b14eda96
LP		 2279 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK);
2280 if (cfd < 0) {
4f2d528d
LP		 2281
2282 if (errno == EINTR)
2283 continue;
2284
718db961 2285 log_error_unit(UNIT(p->socket)->id,
66870f90 2286 "Failed to accept socket: %m");
8d567588 2287 goto fail;
4f2d528d
LP		 2288 }
2289
2290 break;
2291 }
4fd5948e 2292
718db961 2293 socket_apply_socket_options(p->socket, cfd);
4f2d528d 2294 }
9152c765 2295
718db961
LP		 2296 socket_enter_running(p->socket, cfd);
2297 return 0;
8d567588
LP		 2298
2299fail:
718db961
LP		 2300 socket_enter_stop_pre(p->socket, SOCKET_FAILURE_RESOURCES);
2301 return 0;
9152c765
LP		 2302}
2303
87f0e418
LP		 2304static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
2305 Socket *s = SOCKET(u);
cfc4eb4c 2306 SocketResult f;
5cb5a6ff
LP		 2307
2308 assert(s);
034c6ed7 2309 assert(pid >= 0);
5cb5a6ff 2310
8c47c732
LP		 2311 if (pid != s->control_pid)
2312 return;
542563ba 2313
034c6ed7
LP		 2314 s->control_pid = 0;
2315
96342de6 2316 if (is_clean_exit(code, status, NULL))
cfc4eb4c
LP		 2317 f = SOCKET_SUCCESS;
2318 else if (code == CLD_EXITED)
2319 f = SOCKET_FAILURE_EXIT_CODE;
2320 else if (code == CLD_KILLED)
2321 f = SOCKET_FAILURE_SIGNAL;
2322 else if (code == CLD_DUMPED)
2323 f = SOCKET_FAILURE_CORE_DUMP;
2324 else
a4152e3f 2325 assert_not_reached("Unknown sigchld code");
8c47c732 2326
b708e7ce 2327 if (s->control_command) {
6ea832a2 2328 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
a16e1123 2329
b708e7ce 2330 if (s->control_command->ignore)
cfc4eb4c 2331 f = SOCKET_SUCCESS;
b708e7ce
LP		 2332 }
2333
66870f90
ZJS		 2334 log_full_unit(f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE,
2335 u->id,
2336 "%s control process exited, code=%s status=%i",
2337 u->id, sigchld_code_to_string(code), status);
034c6ed7 2338
cfc4eb4c
LP		 2339 if (f != SOCKET_SUCCESS)
2340 s->result = f;
2341
2342 if (s->control_command &&
2343 s->control_command->command_next &&
2344 f == SOCKET_SUCCESS) {
2345
66870f90
ZJS		 2346 log_debug_unit(u->id,
2347 "%s running next command for state %s",
2348 u->id, socket_state_to_string(s->state));
cfc4eb4c 2349 socket_run_next(s);
acbb0225 2350 } else {
a16e1123
LP		 2351 s->control_command = NULL;
2352 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
2353
034c6ed7
LP		 2354 /* No further commands for this step, so let's figure
2355 * out what to do next */
5cb5a6ff 2356
66870f90
ZJS		 2357 log_debug_unit(u->id,
2358 "%s got final SIGCHLD for state %s",
2359 u->id, socket_state_to_string(s->state));
acbb0225 2360
034c6ed7
LP		 2361 switch (s->state) {
2362
2363 case SOCKET_START_PRE:
cfc4eb4c 2364 if (f == SOCKET_SUCCESS)
3900e5fd 2365 socket_enter_start_chown(s);
034c6ed7 2366 else
cfc4eb4c 2367 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
034c6ed7
LP		 2368 break;
2369
3900e5fd
LP		 2370 case SOCKET_START_CHOWN:
2371 if (f == SOCKET_SUCCESS)
2372 socket_enter_start_post(s);
2373 else
2374 socket_enter_stop_pre(s, f);
2375 break;
2376
034c6ed7 2377 case SOCKET_START_POST:
cfc4eb4c 2378 if (f == SOCKET_SUCCESS)
e9af15c3 2379 socket_enter_listening(s);
034c6ed7 2380 else
cfc4eb4c 2381 socket_enter_stop_pre(s, f);
034c6ed7
LP		 2382 break;
2383
2384 case SOCKET_STOP_PRE:
2385 case SOCKET_STOP_PRE_SIGTERM:
2386 case SOCKET_STOP_PRE_SIGKILL:
cfc4eb4c 2387 socket_enter_stop_post(s, f);
034c6ed7
LP		 2388 break;
2389
2390 case SOCKET_STOP_POST:
80876c20
LP		 2391 case SOCKET_FINAL_SIGTERM:
2392 case SOCKET_FINAL_SIGKILL:
cfc4eb4c 2393 socket_enter_dead(s, f);
034c6ed7
LP		 2394 break;
2395
2396 default:
2397 assert_not_reached("Uh, control process died at wrong time.");
2398 }
2399 }
c4e2ceae
LP		 2400
2401 /* Notify clients about changed exit status */
2402 unit_add_to_dbus_queue(u);
034c6ed7 2403}
5cb5a6ff 2404
718db961
LP		 2405static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
2406 Socket *s = SOCKET(userdata);
5cb5a6ff 2407
034c6ed7 2408 assert(s);
718db961 2409 assert(s->timer_event_source == source);
034c6ed7
LP		 2410
2411 switch (s->state) {
2412
2413 case SOCKET_START_PRE:
3900e5fd 2414 log_warning_unit(UNIT(s)->id, "%s starting timed out. Terminating.", UNIT(s)->id);
cfc4eb4c 2415 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
da19d5c1 2416 break;
80876c20 2417
3900e5fd 2418 case SOCKET_START_CHOWN:
034c6ed7 2419 case SOCKET_START_POST:
3900e5fd 2420 log_warning_unit(UNIT(s)->id, "%s starting timed out. Stopping.", UNIT(s)->id);
cfc4eb4c 2421 socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2422 break;
2423
2424 case SOCKET_STOP_PRE:
3900e5fd 2425 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Terminating.", UNIT(s)->id);
cfc4eb4c 2426 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2427 break;
2428
2429 case SOCKET_STOP_PRE_SIGTERM:
4819ff03 2430 if (s->kill_context.send_sigkill) {
3900e5fd 2431 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Killing.", UNIT(s)->id);
cfc4eb4c 2432 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
ba035df2 2433 } else {
3900e5fd 2434 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Skipping SIGKILL. Ignoring.", UNIT(s)->id);
cfc4eb4c 2435 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
ba035df2 2436 }
034c6ed7
LP		 2437 break;
2438
2439 case SOCKET_STOP_PRE_SIGKILL:
3900e5fd 2440 log_warning_unit(UNIT(s)->id, "%s still around after SIGKILL. Ignoring.", UNIT(s)->id);
cfc4eb4c 2441 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2442 break;
2443
2444 case SOCKET_STOP_POST:
3900e5fd 2445 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Terminating.", UNIT(s)->id);
cfc4eb4c 2446 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2447 break;
2448
80876c20 2449 case SOCKET_FINAL_SIGTERM:
4819ff03 2450 if (s->kill_context.send_sigkill) {
3900e5fd 2451 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Killing.", UNIT(s)->id);
cfc4eb4c 2452 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
ba035df2 2453 } else {
3900e5fd 2454 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Skipping SIGKILL. Ignoring.", UNIT(s)->id);
cfc4eb4c 2455 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
ba035df2 2456 }
034c6ed7
LP		 2457 break;
2458
80876c20 2459 case SOCKET_FINAL_SIGKILL:
3900e5fd 2460 log_warning_unit(UNIT(s)->id, "%s still around after SIGKILL (2). Entering failed mode.", UNIT(s)->id);
cfc4eb4c 2461 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2462 break;
2463
2464 default:
2465 assert_not_reached("Timeout at wrong time.");
2466 }
718db961
LP		 2467
2468 return 0;
5cb5a6ff
LP		 2469}
2470
44d8db9e
LP		 2471int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
2472 int *rfds;
2473 unsigned rn_fds, k;
2474 SocketPort *p;
2475
2476 assert(s);
2477 assert(fds);
2478 assert(n_fds);
2479
2480 /* Called from the service code for requesting our fds */
2481
2482 rn_fds = 0;
2483 LIST_FOREACH(port, p, s->ports)
2484 if (p->fd >= 0)
2485 rn_fds++;
2486
de3756ab
LP		 2487 if (rn_fds <= 0) {
2488 *fds = NULL;
2489 *n_fds = 0;
2490 return 0;
2491 }
2492
e364ad06 2493 if (!(rfds = new(int, rn_fds)))
44d8db9e
LP		 2494 return -ENOMEM;
2495
2496 k = 0;
2497 LIST_FOREACH(port, p, s->ports)
2498 if (p->fd >= 0)
2499 rfds[k++] = p->fd;
2500
2501 assert(k == rn_fds);
2502
2503 *fds = rfds;
2504 *n_fds = rn_fds;
2505
2506 return 0;
2507}
2508
e821075a
LP		 2509static void socket_reset_failed(Unit *u) {
2510 Socket *s = SOCKET(u);
2511
2512 assert(s);
2513
2514 if (s->state == SOCKET_FAILED)
2515 socket_set_state(s, SOCKET_DEAD);
2516
2517 s->result = SOCKET_SUCCESS;
2518}
2519
d137a488 2520static void socket_notify_service_dead(Socket *s, bool failed_permanent) {
ceee3d82
LP		 2521 assert(s);
2522
6cf6bbc2
LP		 2523 /* The service is dead. Dang!
2524 *
2525 * This is strictly for one-instance-for-all-connections
2526 * services. */
ceee3d82
LP		 2527
2528 if (s->state == SOCKET_RUNNING) {
e821075a 2529 log_debug_unit(UNIT(s)->id, "%s got notified about service death (failed permanently: %s)", UNIT(s)->id, yes_no(failed_permanent));
6bda96a0
LP		 2530 if (failed_permanent)
2531 socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT);
c2f34808
MS		 2532 else
2533 socket_enter_listening(s);
ceee3d82
LP		 2534 }
2535}
2536
6cf6bbc2
LP		 2537void socket_connection_unref(Socket *s) {
2538 assert(s);
2539
2540 /* The service is dead. Yay!
2541 *
35b8ca3a 2542 * This is strictly for one-instance-per-connection
6cf6bbc2
LP		 2543 * services. */
2544
2545 assert(s->n_connections > 0);
2546 s->n_connections--;
2547
e821075a 2548 log_debug_unit(UNIT(s)->id, "%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
5632e374
LP		 2549}
2550
d137a488
UTL		 2551static void socket_trigger_notify(Unit *u, Unit *other) {
2552 Socket *s = SOCKET(u);
e821075a 2553 Service *se;
d137a488
UTL		 2554
2555 assert(u);
2556 assert(other);
2557
2558 /* Don't propagate state changes from the service if we are
2559 already down or accepting connections */
2560 if ((s->state != SOCKET_RUNNING &&
2561 s->state != SOCKET_LISTENING) ||
2562 s->accept)
2563 return;
2564
2565 if (other->load_state != UNIT_LOADED ||
2566 other->type != UNIT_SERVICE)
2567 return;
2568
e821075a
LP		 2569 se = SERVICE(other);
2570
d137a488
UTL		 2571 if (se->state == SERVICE_FAILED)
2572 socket_notify_service_dead(s, se->result == SERVICE_FAILURE_START_LIMIT);
2573
2574 if (se->state == SERVICE_DEAD ||
2575 se->state == SERVICE_STOP ||
2576 se->state == SERVICE_STOP_SIGTERM ||
2577 se->state == SERVICE_STOP_SIGKILL ||
2578 se->state == SERVICE_STOP_POST ||
2579 se->state == SERVICE_FINAL_SIGTERM ||
2580 se->state == SERVICE_FINAL_SIGKILL ||
2581 se->state == SERVICE_AUTO_RESTART)
2582 socket_notify_service_dead(s, false);
2583
2584 if (se->state == SERVICE_RUNNING)
2585 socket_set_state(s, SOCKET_RUNNING);
2586}
2587
718db961 2588static int socket_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
814cc562 2589 return unit_kill_common(u, who, signo, -1, SOCKET(u)->control_pid, error);
8a0867d6
LP		 2590}
2591
68db7a3b
ZJS		 2592static int socket_get_timeout(Unit *u, uint64_t *timeout) {
2593 Socket *s = SOCKET(u);
2594 int r;
2595
2596 if (!s->timer_event_source)
2597 return 0;
2598
2599 r = sd_event_source_get_time(s->timer_event_source, timeout);
2600 if (r < 0)
2601 return r;
2602
2603 return 1;
2604}
2605
a16e1123
LP		 2606static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2607 [SOCKET_DEAD] = "dead",
2608 [SOCKET_START_PRE] = "start-pre",
3900e5fd 2609 [SOCKET_START_CHOWN] = "start-chown",
a16e1123
LP		 2610 [SOCKET_START_POST] = "start-post",
2611 [SOCKET_LISTENING] = "listening",
2612 [SOCKET_RUNNING] = "running",
2613 [SOCKET_STOP_PRE] = "stop-pre",
2614 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2615 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2616 [SOCKET_STOP_POST] = "stop-post",
2617 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2618 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
fdf20a31 2619 [SOCKET_FAILED] = "failed"
a16e1123
LP		 2620};
2621
2622DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2623
2624static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2625 [SOCKET_EXEC_START_PRE] = "StartPre",
3900e5fd 2626 [SOCKET_EXEC_START_CHOWN] = "StartChown",
a16e1123
LP		 2627 [SOCKET_EXEC_START_POST] = "StartPost",
2628 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2629 [SOCKET_EXEC_STOP_POST] = "StopPost"
2630};
2631
2632DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2633
cfc4eb4c
LP		 2634static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
2635 [SOCKET_SUCCESS] = "success",
2636 [SOCKET_FAILURE_RESOURCES] = "resources",
2637 [SOCKET_FAILURE_TIMEOUT] = "timeout",
2638 [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
2639 [SOCKET_FAILURE_SIGNAL] = "signal",
c2f34808 2640 [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
6bda96a0 2641 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT] = "service-failed-permanent"
cfc4eb4c
LP		 2642};
2643
2644DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
2645
87f0e418 2646const UnitVTable socket_vtable = {
7d17cfbc 2647 .object_size = sizeof(Socket),
718db961
LP		 2648 .exec_context_offset = offsetof(Socket, exec_context),
2649 .cgroup_context_offset = offsetof(Socket, cgroup_context),
2650 .kill_context_offset = offsetof(Socket, kill_context),
613b411c 2651 .exec_runtime_offset = offsetof(Socket, exec_runtime),
3ef63c31 2652
f975e971
LP		 2653 .sections =
2654 "Unit\0"
2655 "Socket\0"
2656 "Install\0",
4ad49000 2657 .private_section = "Socket",
71645aca 2658
034c6ed7
LP		 2659 .init = socket_init,
2660 .done = socket_done,
a16e1123
LP		 2661 .load = socket_load,
2662
2663 .coldplug = socket_coldplug,
034c6ed7 2664
5cb5a6ff
LP		 2665 .dump = socket_dump,
2666
542563ba
LP		 2667 .start = socket_start,
2668 .stop = socket_stop,
5cb5a6ff 2669
718db961
LP		 2670 .kill = socket_kill,
2671
68db7a3b
ZJS		 2672 .get_timeout = socket_get_timeout,
2673
a16e1123
LP		 2674 .serialize = socket_serialize,
2675 .deserialize_item = socket_deserialize_item,
01e10de3 2676 .distribute_fds = socket_distribute_fds,
a16e1123 2677
5cb5a6ff 2678 .active_state = socket_active_state,
10a94420 2679 .sub_state_to_string = socket_sub_state_to_string,
5cb5a6ff 2680
6cf6bbc2
LP		 2681 .check_gc = socket_check_gc,
2682
034c6ed7 2683 .sigchld_event = socket_sigchld_event,
4139c1b2 2684
d137a488
UTL		 2685 .trigger_notify = socket_trigger_notify,
2686
fdf20a31 2687 .reset_failed = socket_reset_failed,
5632e374 2688
c4e2ceae 2689 .bus_interface = "org.freedesktop.systemd1.Socket",
718db961 2690 .bus_vtable = bus_socket_vtable,
74c964d3
LP		 2691 .bus_set_property = bus_socket_set_property,
2692 .bus_commit_properties = bus_socket_commit_properties,
c6918296
MS		 2693
2694 .status_message_formats = {
2695 /*.starting_stopping = {
2696 [0] = "Starting socket %s...",
2697 [1] = "Stopping socket %s...",
2698 },*/
2699 .finished_start_job = {
2700 [JOB_DONE] = "Listening on %s.",
2701 [JOB_FAILED] = "Failed to listen on %s.",
2702 [JOB_DEPENDENCY] = "Dependency failed for %s.",
2703 [JOB_TIMEOUT] = "Timed out starting %s.",
2704 },
2705 .finished_stop_job = {
2706 [JOB_DONE] = "Closed %s.",
2707 [JOB_FAILED] = "Failed stopping %s.",
2708 [JOB_TIMEOUT] = "Timed out stopping %s.",
2709 },
2710 },
5cb5a6ff 2711};
Unnamed repository; edit this file 'description' to name the repository.