]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/socket.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
journal: new logging macros to include UNIT=
[thirdparty/systemd.git] / src / core / socket.c
CommitLineData
d6c9574f 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
5cb5a6ff 2
a7334b09
LP		 3/***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
a7334b09
LP		 11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 16 Lesser General Public License for more details.
a7334b09 17
5430f7f2 18 You should have received a copy of the GNU Lesser General Public License
a7334b09
LP		 19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20***/
21
83c60c9f
LP		 22#include <sys/types.h>
23#include <sys/stat.h>
24#include <unistd.h>
25#include <errno.h>
26#include <fcntl.h>
f94ea366 27#include <sys/epoll.h>
034c6ed7 28#include <signal.h>
4f2d528d 29#include <arpa/inet.h>
916abb21 30#include <mqueue.h>
cf37cd2f 31#ifdef HAVE_ATTR_XATTR_H
0eb59ccf 32#include <attr/xattr.h>
cf37cd2f 33#endif
83c60c9f 34
87f0e418 35#include "unit.h"
5cb5a6ff 36#include "socket.h"
cebf8b20 37#include "netinet/tcp.h"
83c60c9f 38#include "log.h"
23a177ef
LP		 39#include "load-dropin.h"
40#include "load-fragment.h"
9e2f7c11 41#include "strv.h"
49e942b2 42#include "mkdir.h"
9eb977db 43#include "path-util.h"
4f2d528d 44#include "unit-name.h"
41f9172f 45#include "unit-printf.h"
4139c1b2 46#include "dbus-socket.h"
4fd5948e 47#include "missing.h"
a40eb732 48#include "special.h"
398ef8ba 49#include "bus-errors.h"
e51bc1a2 50#include "label.h"
9a57c629 51#include "exit-status.h"
f6a6225e 52#include "def.h"
83c60c9f 53
acbb0225 54static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
87f0e418
LP		 55 [SOCKET_DEAD] = UNIT_INACTIVE,
56 [SOCKET_START_PRE] = UNIT_ACTIVATING,
57 [SOCKET_START_POST] = UNIT_ACTIVATING,
58 [SOCKET_LISTENING] = UNIT_ACTIVE,
59 [SOCKET_RUNNING] = UNIT_ACTIVE,
60 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
61 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
62 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
63 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
80876c20
LP		 64 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
65 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
fdf20a31 66 [SOCKET_FAILED] = UNIT_FAILED
83c60c9f 67};
5cb5a6ff 68
a16e1123
LP		 69static void socket_init(Unit *u) {
70 Socket *s = SOCKET(u);
71
72 assert(u);
ac155bb8 73 assert(u->load_state == UNIT_STUB);
a16e1123 74
a16e1123
LP		 75 s->backlog = SOMAXCONN;
76 s->timeout_usec = DEFAULT_TIMEOUT_USEC;
77 s->directory_mode = 0755;
9131f660 78 s->socket_mode = 0666;
a16e1123 79
6cf6bbc2
LP		 80 s->max_connections = 64;
81
4fd5948e 82 s->priority = -1;
4fd5948e
LP		 83 s->ip_tos = -1;
84 s->ip_ttl = -1;
4fd5948e 85 s->mark = -1;
4fd5948e 86
a16e1123 87 exec_context_init(&s->exec_context);
ac155bb8
MS		 88 s->exec_context.std_output = u->manager->default_std_output;
89 s->exec_context.std_error = u->manager->default_std_error;
4819ff03 90 kill_context_init(&s->kill_context);
a16e1123
LP		 91
92 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
93}
acbb0225 94
5e94833f
LP		 95static void socket_unwatch_control_pid(Socket *s) {
96 assert(s);
97
98 if (s->control_pid <= 0)
99 return;
100
101 unit_unwatch_pid(UNIT(s), s->control_pid);
102 s->control_pid = 0;
103}
104
87f0e418
LP		 105static void socket_done(Unit *u) {
106 Socket *s = SOCKET(u);
034c6ed7
LP		 107 SocketPort *p;
108
109 assert(s);
110
111 while ((p = s->ports)) {
112 LIST_REMOVE(SocketPort, port, s->ports, p);
113
a16e1123
LP		 114 if (p->fd >= 0) {
115 unit_unwatch_fd(UNIT(s), &p->fd_watch);
116 close_nointr_nofail(p->fd);
117 }
118
034c6ed7
LP		 119 free(p->path);
120 free(p);
121 }
122
123 exec_context_done(&s->exec_context);
e537352b 124 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
034c6ed7
LP		 125 s->control_command = NULL;
126
5e94833f 127 socket_unwatch_control_pid(s);
034c6ed7 128
57020a3a 129 unit_ref_unset(&s->service);
034c6ed7 130
cebf8b20
TT		 131 free(s->tcp_congestion);
132 s->tcp_congestion = NULL;
133
acbb0225 134 free(s->bind_to_device);
e537352b 135 s->bind_to_device = NULL;
acbb0225 136
0eb59ccf
AK		 137 free(s->smack);
138 free(s->smack_ip_in);
139 free(s->smack_ip_out);
140
acbb0225 141 unit_unwatch_timer(u, &s->timer_watch);
5cb5a6ff
LP		 142}
143
b15bdda8
LP		 144static int socket_instantiate_service(Socket *s) {
145 char *prefix, *name;
146 int r;
147 Unit *u;
148
149 assert(s);
150
151 /* This fills in s->service if it isn't filled in yet. For
152 * Accept=yes sockets we create the next connection service
153 * here. For Accept=no this is mostly a NOP since the service
154 * is figured out at load time anyway. */
155
57020a3a 156 if (UNIT_DEREF(s->service))
b15bdda8
LP		 157 return 0;
158
159 assert(s->accept);
160
1124fe6f 161 if (!(prefix = unit_name_to_prefix(UNIT(s)->id)))
b15bdda8
LP		 162 return -ENOMEM;
163
164 r = asprintf(&name, "%s@%u.service", prefix, s->n_accepted);
165 free(prefix);
166
167 if (r < 0)
168 return -ENOMEM;
169
1124fe6f 170 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
b15bdda8
LP		 171 free(name);
172
173 if (r < 0)
174 return r;
175
7b4bf06b 176#ifdef HAVE_SYSV_COMPAT
1b64d026 177 if (SERVICE(u)->is_sysv) {
7b4bf06b
LP		 178 log_error("Using SysV services for socket activation is not supported. Refusing.");
179 return -ENOENT;
180 }
181#endif
182
ac155bb8 183 u->no_gc = true;
57020a3a
LP		 184 unit_ref_set(&s->service, u);
185
186 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
b15bdda8
LP		 187}
188
4f2d528d
LP		 189static bool have_non_accept_socket(Socket *s) {
190 SocketPort *p;
191
192 assert(s);
193
194 if (!s->accept)
195 return true;
196
dd5ad9d4
LP		 197 LIST_FOREACH(port, p, s->ports) {
198
199 if (p->type != SOCKET_SOCKET)
200 return true;
201
4f2d528d
LP		 202 if (!socket_address_can_accept(&p->address))
203 return true;
dd5ad9d4 204 }
4f2d528d
LP		 205
206 return false;
207}
208
209static int socket_verify(Socket *s) {
210 assert(s);
211
1124fe6f 212 if (UNIT(s)->load_state != UNIT_LOADED)
4f2d528d
LP		 213 return 0;
214
215 if (!s->ports) {
1124fe6f 216 log_error("%s lacks Listen setting. Refusing.", UNIT(s)->id);
4f2d528d
LP		 217 return -EINVAL;
218 }
219
0009d2a6 220 if (s->accept && have_non_accept_socket(s)) {
1124fe6f 221 log_error("%s configured for accepting sockets, but sockets are non-accepting. Refusing.", UNIT(s)->id);
0009d2a6
LP		 222 return -EINVAL;
223 }
224
6cf6bbc2 225 if (s->accept && s->max_connections <= 0) {
1124fe6f 226 log_error("%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
4d0e5dbd
LP		 227 return -EINVAL;
228 }
229
57020a3a 230 if (s->accept && UNIT_DEREF(s->service)) {
1124fe6f 231 log_error("Explicit service configuration for accepting sockets not supported on %s. Refusing.", UNIT(s)->id);
d9ff321a
LP		 232 return -EINVAL;
233 }
234
4819ff03 235 if (s->exec_context.pam_name && s->kill_context.kill_mode != KILL_CONTROL_GROUP) {
1124fe6f 236 log_error("%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", UNIT(s)->id);
6cf6bbc2
LP		 237 return -EINVAL;
238 }
239
4f2d528d
LP		 240 return 0;
241}
242
6e2ef85b
LP		 243static bool socket_needs_mount(Socket *s, const char *prefix) {
244 SocketPort *p;
245
246 assert(s);
247
248 LIST_FOREACH(port, p, s->ports) {
249
250 if (p->type == SOCKET_SOCKET) {
251 if (socket_address_needs_mount(&p->address, prefix))
252 return true;
916abb21 253 } else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL) {
6e2ef85b
LP		 254 if (path_startswith(p->path, prefix))
255 return true;
256 }
257 }
258
259 return false;
260}
261
262int socket_add_one_mount_link(Socket *s, Mount *m) {
263 int r;
264
265 assert(s);
266 assert(m);
267
1124fe6f
MS		 268 if (UNIT(s)->load_state != UNIT_LOADED ||
269 UNIT(m)->load_state != UNIT_LOADED)
6e2ef85b
LP		 270 return 0;
271
272 if (!socket_needs_mount(s, m->where))
273 return 0;
274
b87705cd
LP		 275 r = unit_add_two_dependencies(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, UNIT(m), true);
276 if (r < 0)
6e2ef85b
LP		 277 return r;
278
279 return 0;
280}
281
282static int socket_add_mount_links(Socket *s) {
ac155bb8 283 Unit *other;
6e2ef85b
LP		 284 int r;
285
286 assert(s);
287
b87705cd
LP		 288 LIST_FOREACH(units_by_type, other, UNIT(s)->manager->units_by_type[UNIT_MOUNT]) {
289 r = socket_add_one_mount_link(s, MOUNT(other));
290 if (r < 0)
6e2ef85b 291 return r;
b87705cd 292 }
6e2ef85b
LP		 293
294 return 0;
295}
296
297static int socket_add_device_link(Socket *s) {
298 char *t;
299 int r;
300
301 assert(s);
302
303 if (!s->bind_to_device)
304 return 0;
305
306 if (asprintf(&t, "/sys/subsystem/net/devices/%s", s->bind_to_device) < 0)
307 return -ENOMEM;
308
309 r = unit_add_node_link(UNIT(s), t, false);
310 free(t);
311
312 return r;
313}
314
a40eb732
LP		 315static int socket_add_default_dependencies(Socket *s) {
316 int r;
317 assert(s);
318
67445f4e 319 if (UNIT(s)->manager->running_as == SYSTEMD_SYSTEM) {
2a77d31d
LP		 320 if ((r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true)) < 0)
321 return r;
322
a40eb732
LP		 323 if ((r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true)) < 0)
324 return r;
2a77d31d 325 }
a40eb732 326
ead8e478 327 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
a40eb732
LP		 328}
329
4cfc6dbe
LP		 330static bool socket_has_exec(Socket *s) {
331 unsigned i;
332 assert(s);
333
334 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
335 if (s->exec_command[i])
336 return true;
337
338 return false;
339}
340
e537352b
LP		 341static int socket_load(Unit *u) {
342 Socket *s = SOCKET(u);
343 int r;
44d8db9e 344
e537352b 345 assert(u);
ac155bb8 346 assert(u->load_state == UNIT_STUB);
44d8db9e 347
e537352b 348 if ((r = unit_load_fragment_and_dropin(u)) < 0)
23a177ef 349 return r;
44d8db9e 350
23a177ef 351 /* This is a new unit? Then let's add in some extras */
ac155bb8 352 if (u->load_state == UNIT_LOADED) {
44d8db9e 353
4f2d528d 354 if (have_non_accept_socket(s)) {
d9ff321a 355
57020a3a
LP		 356 if (!UNIT_DEREF(s->service)) {
357 Unit *x;
358
359 r = unit_load_related_unit(u, ".service", &x);
360 if (r < 0)
d9ff321a 361 return r;
23a177ef 362
57020a3a
LP		 363 unit_ref_set(&s->service, x);
364 }
365
366 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
367 if (r < 0)
4f2d528d
LP		 368 return r;
369 }
44d8db9e 370
6e2ef85b
LP		 371 if ((r = socket_add_mount_links(s)) < 0)
372 return r;
373
374 if ((r = socket_add_device_link(s)) < 0)
375 return r;
376
4cfc6dbe
LP		 377 if (socket_has_exec(s))
378 if ((r = unit_add_exec_dependencies(u, &s->exec_context)) < 0)
379 return r;
23a177ef 380
d686d8a9 381 if ((r = unit_add_default_cgroups(u)) < 0)
23a177ef 382 return r;
a40eb732 383
1124fe6f 384 if (UNIT(s)->default_dependencies)
a40eb732
LP		 385 if ((r = socket_add_default_dependencies(s)) < 0)
386 return r;
e06c73cc 387
cba6e062 388 r = unit_exec_context_defaults(u, &s->exec_context);
e06c73cc
LP		 389 if (r < 0)
390 return r;
23a177ef
LP		 391 }
392
4f2d528d 393 return socket_verify(s);
44d8db9e
LP		 394}
395
7a22745a
LP		 396static const char* listen_lookup(int family, int type) {
397
398 if (family == AF_NETLINK)
399 return "ListenNetlink";
542563ba
LP		 400
401 if (type == SOCK_STREAM)
402 return "ListenStream";
403 else if (type == SOCK_DGRAM)
404 return "ListenDatagram";
405 else if (type == SOCK_SEQPACKET)
406 return "ListenSequentialPacket";
407
034c6ed7 408 assert_not_reached("Unknown socket type");
542563ba
LP		 409 return NULL;
410}
411
87f0e418 412static void socket_dump(Unit *u, FILE *f, const char *prefix) {
5cb5a6ff 413
5cb5a6ff 414 SocketExecCommand c;
87f0e418 415 Socket *s = SOCKET(u);
542563ba 416 SocketPort *p;
82ba9f08
LP		 417 const char *prefix2;
418 char *p2;
5cb5a6ff
LP		 419
420 assert(s);
fa068367 421 assert(f);
5cb5a6ff 422
82ba9f08
LP		 423 p2 = strappend(prefix, "\t");
424 prefix2 = p2 ? p2 : prefix;
c43d20a0 425
5cb5a6ff
LP		 426 fprintf(f,
427 "%sSocket State: %s\n"
81a5c6d0 428 "%sResult: %s\n"
542563ba 429 "%sBindIPv6Only: %s\n"
b5a0699f
LP		 430 "%sBacklog: %u\n"
431 "%sSocketMode: %04o\n"
4fd5948e
LP		 432 "%sDirectoryMode: %04o\n"
433 "%sKeepAlive: %s\n"
cebf8b20 434 "%sFreeBind: %s\n"
6b6d2dee 435 "%sTransparent: %s\n"
ec6370a2 436 "%sBroadcast: %s\n"
ede3deb4 437 "%sPassCredentials: %s\n"
54ecda32 438 "%sPassSecurity: %s\n"
cebf8b20 439 "%sTCPCongestion: %s\n",
a16e1123 440 prefix, socket_state_to_string(s->state),
81a5c6d0 441 prefix, socket_result_to_string(s->result),
c0120d99 442 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
b5a0699f
LP		 443 prefix, s->backlog,
444 prefix, s->socket_mode,
4fd5948e
LP		 445 prefix, s->directory_mode,
446 prefix, yes_no(s->keep_alive),
cebf8b20 447 prefix, yes_no(s->free_bind),
6b6d2dee 448 prefix, yes_no(s->transparent),
ec6370a2 449 prefix, yes_no(s->broadcast),
d68af586 450 prefix, yes_no(s->pass_cred),
54ecda32 451 prefix, yes_no(s->pass_sec),
83a95334 452 prefix, strna(s->tcp_congestion));
542563ba 453
70123e68
LP		 454 if (s->control_pid > 0)
455 fprintf(f,
bb00e604
LP		 456 "%sControl PID: %lu\n",
457 prefix, (unsigned long) s->control_pid);
70123e68 458
acbb0225
LP		 459 if (s->bind_to_device)
460 fprintf(f,
461 "%sBindToDevice: %s\n",
462 prefix, s->bind_to_device);
463
4f2d528d
LP		 464 if (s->accept)
465 fprintf(f,
6cf6bbc2
LP		 466 "%sAccepted: %u\n"
467 "%sNConnections: %u\n"
468 "%sMaxConnections: %u\n",
469 prefix, s->n_accepted,
470 prefix, s->n_connections,
471 prefix, s->max_connections);
4f2d528d 472
4fd5948e
LP		 473 if (s->priority >= 0)
474 fprintf(f,
475 "%sPriority: %i\n",
476 prefix, s->priority);
477
478 if (s->receive_buffer > 0)
479 fprintf(f,
480 "%sReceiveBuffer: %zu\n",
481 prefix, s->receive_buffer);
482
483 if (s->send_buffer > 0)
484 fprintf(f,
485 "%sSendBuffer: %zu\n",
486 prefix, s->send_buffer);
487
488 if (s->ip_tos >= 0)
489 fprintf(f,
490 "%sIPTOS: %i\n",
491 prefix, s->ip_tos);
492
493 if (s->ip_ttl >= 0)
494 fprintf(f,
495 "%sIPTTL: %i\n",
496 prefix, s->ip_ttl);
497
498 if (s->pipe_size > 0)
499 fprintf(f,
500 "%sPipeSize: %zu\n",
501 prefix, s->pipe_size);
502
503 if (s->mark >= 0)
504 fprintf(f,
505 "%sMark: %i\n",
506 prefix, s->mark);
507
916abb21
LP		 508 if (s->mq_maxmsg > 0)
509 fprintf(f,
510 "%sMessageQueueMaxMessages: %li\n",
511 prefix, s->mq_maxmsg);
512
513 if (s->mq_msgsize > 0)
514 fprintf(f,
515 "%sMessageQueueMessageSize: %li\n",
516 prefix, s->mq_msgsize);
517
0eb59ccf
AK		 518 if (s->smack)
519 fprintf(f,
520 "%sSmackLabel: %s\n",
521 prefix, s->smack);
522
523 if (s->smack_ip_in)
524 fprintf(f,
525 "%sSmackLabelIPIn: %s\n",
526 prefix, s->smack_ip_in);
527
528 if (s->smack_ip_out)
529 fprintf(f,
530 "%sSmackLabelIPOut: %s\n",
531 prefix, s->smack_ip_out);
532
034c6ed7 533 LIST_FOREACH(port, p, s->ports) {
5cb5a6ff 534
542563ba
LP		 535 if (p->type == SOCKET_SOCKET) {
536 const char *t;
537 int r;
e364ad06 538 char *k = NULL;
542563ba
LP		 539
540 if ((r = socket_address_print(&p->address, &k)) < 0)
541 t = strerror(-r);
542 else
543 t = k;
544
7a22745a 545 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
542563ba 546 free(k);
b0a3f2bc
LP		 547 } else if (p->type == SOCKET_SPECIAL)
548 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
916abb21
LP		 549 else if (p->type == SOCKET_MQUEUE)
550 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
b0a3f2bc 551 else
542563ba
LP		 552 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
553 }
5cb5a6ff
LP		 554
555 exec_context_dump(&s->exec_context, f, prefix);
4819ff03 556 kill_context_dump(&s->kill_context, f, prefix);
5cb5a6ff 557
e537352b 558 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
c43d20a0
LP		 559 if (!s->exec_command[c])
560 continue;
5cb5a6ff 561
40d50879 562 fprintf(f, "%s-> %s:\n",
a16e1123 563 prefix, socket_exec_command_to_string(c));
c43d20a0
LP		 564
565 exec_command_dump_list(s->exec_command[c], f, prefix2);
5cb5a6ff 566 }
c43d20a0 567
82ba9f08 568 free(p2);
5cb5a6ff
LP		 569}
570
4f2d528d
LP		 571static int instance_from_socket(int fd, unsigned nr, char **instance) {
572 socklen_t l;
573 char *r;
574 union {
575 struct sockaddr sa;
576 struct sockaddr_un un;
577 struct sockaddr_in in;
578 struct sockaddr_in6 in6;
579 struct sockaddr_storage storage;
580 } local, remote;
581
582 assert(fd >= 0);
583 assert(instance);
584
585 l = sizeof(local);
586 if (getsockname(fd, &local.sa, &l) < 0)
587 return -errno;
588
589 l = sizeof(remote);
590 if (getpeername(fd, &remote.sa, &l) < 0)
591 return -errno;
592
593 switch (local.sa.sa_family) {
594
595 case AF_INET: {
596 uint32_t
597 a = ntohl(local.in.sin_addr.s_addr),
598 b = ntohl(remote.in.sin_addr.s_addr);
599
600 if (asprintf(&r,
77b088c2
LP		 601 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
602 nr,
4f2d528d
LP		 603 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
604 ntohs(local.in.sin_port),
605 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
606 ntohs(remote.in.sin_port)) < 0)
607 return -ENOMEM;
608
609 break;
610 }
611
612 case AF_INET6: {
c65a0b14 613 static const unsigned char ipv4_prefix[] = {
2b061f5a
LP		 614 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
615 };
616
617 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
618 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
619 const uint8_t
620 *a = local.in6.sin6_addr.s6_addr+12,
621 *b = remote.in6.sin6_addr.s6_addr+12;
622
623 if (asprintf(&r,
77b088c2
LP		 624 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
625 nr,
2b061f5a
LP		 626 a[0], a[1], a[2], a[3],
627 ntohs(local.in6.sin6_port),
628 b[0], b[1], b[2], b[3],
629 ntohs(remote.in6.sin6_port)) < 0)
630 return -ENOMEM;
631 } else {
632 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
633
634 if (asprintf(&r,
77b088c2
LP		 635 "%u-%s:%u-%s:%u",
636 nr,
2b061f5a
LP		 637 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
638 ntohs(local.in6.sin6_port),
639 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
640 ntohs(remote.in6.sin6_port)) < 0)
641 return -ENOMEM;
642 }
4f2d528d
LP		 643
644 break;
645 }
646
647 case AF_UNIX: {
648 struct ucred ucred;
649
650 l = sizeof(ucred);
651 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &ucred, &l) < 0)
652 return -errno;
653
654 if (asprintf(&r,
bb00e604 655 "%u-%lu-%lu",
4f2d528d 656 nr,
bb00e604
LP		 657 (unsigned long) ucred.pid,
658 (unsigned long) ucred.uid) < 0)
4f2d528d
LP		 659 return -ENOMEM;
660
661 break;
662 }
663
664 default:
665 assert_not_reached("Unhandled socket type.");
666 }
667
668 *instance = r;
669 return 0;
670}
671
034c6ed7 672static void socket_close_fds(Socket *s) {
83c60c9f
LP		 673 SocketPort *p;
674
675 assert(s);
676
034c6ed7 677 LIST_FOREACH(port, p, s->ports) {
83c60c9f
LP		 678 if (p->fd < 0)
679 continue;
680
acbb0225 681 unit_unwatch_fd(UNIT(s), &p->fd_watch);
a16e1123
LP		 682 close_nointr_nofail(p->fd);
683
684 /* One little note: we should never delete any sockets
685 * in the file system here! After all some other
686 * process we spawned might still have a reference of
687 * this fd and wants to continue to use it. Therefore
688 * we delete sockets in the file system before we
689 * create a new one, not after we stopped using
690 * one! */
9152c765 691
83c60c9f
LP		 692 p->fd = -1;
693 }
694}
695
4fd5948e
LP		 696static void socket_apply_socket_options(Socket *s, int fd) {
697 assert(s);
698 assert(fd >= 0);
699
700 if (s->keep_alive) {
701 int b = s->keep_alive;
702 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
703 log_warning("SO_KEEPALIVE failed: %m");
704 }
705
ec6370a2
LP		 706 if (s->broadcast) {
707 int one = 1;
708 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
709 log_warning("SO_BROADCAST failed: %m");
710 }
711
d68af586
MS		 712 if (s->pass_cred) {
713 int one = 1;
714 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
715 log_warning("SO_PASSCRED failed: %m");
716 }
717
54ecda32
LP		 718 if (s->pass_sec) {
719 int one = 1;
720 if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
721 log_warning("SO_PASSSEC failed: %m");
722 }
723
4fd5948e
LP		 724 if (s->priority >= 0)
725 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
726 log_warning("SO_PRIORITY failed: %m");
727
728 if (s->receive_buffer > 0) {
729 int value = (int) s->receive_buffer;
7d9eaa84
LP		 730
731 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
732
b8cef44e 733 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
7d9eaa84
LP		 734 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
735 log_warning("SO_RCVBUF failed: %m");
4fd5948e
LP		 736 }
737
738 if (s->send_buffer > 0) {
739 int value = (int) s->send_buffer;
b8cef44e 740 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
7d9eaa84
LP		 741 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
742 log_warning("SO_SNDBUF failed: %m");
4fd5948e
LP		 743 }
744
745 if (s->mark >= 0)
746 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
747 log_warning("SO_MARK failed: %m");
748
749 if (s->ip_tos >= 0)
750 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
751 log_warning("IP_TOS failed: %m");
752
46925ac5
LP		 753 if (s->ip_ttl >= 0) {
754 int r, x;
755
756 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
5bfcc1c6
FF		 757
758 if (socket_ipv6_is_supported())
759 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
760 else {
761 x = -1;
762 errno = EAFNOSUPPORT;
763 }
46925ac5
LP		 764
765 if (r < 0 && x < 0)
766 log_warning("IP_TTL/IPV6_UNICAST_HOPS failed: %m");
767 }
cebf8b20
TT		 768
769 if (s->tcp_congestion)
770 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
771 log_warning("TCP_CONGESTION failed: %m");
0eb59ccf 772
cf37cd2f 773#ifdef HAVE_ATTR_XATTR_H
0eb59ccf
AK		 774 if (s->smack_ip_in)
775 if (fsetxattr(fd, "security.SMACK64IPIN", s->smack_ip_in, strlen(s->smack_ip_in), 0) < 0)
776 log_error("fsetxattr(\"security.SMACK64IPIN\"): %m");
777
778 if (s->smack_ip_out)
779 if (fsetxattr(fd, "security.SMACK64IPOUT", s->smack_ip_out, strlen(s->smack_ip_out), 0) < 0)
780 log_error("fsetxattr(\"security.SMACK64IPOUT\"): %m");
cf37cd2f 781#endif
4fd5948e
LP		 782}
783
b15bdda8 784static void socket_apply_fifo_options(Socket *s, int fd) {
4fd5948e
LP		 785 assert(s);
786 assert(fd >= 0);
787
788 if (s->pipe_size > 0)
789 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
790 log_warning("F_SETPIPE_SZ: %m");
0eb59ccf 791
cf37cd2f 792#ifdef HAVE_ATTR_XATTR_H
0eb59ccf
AK		 793 if (s->smack)
794 if (fsetxattr(fd, "security.SMACK64", s->smack, strlen(s->smack), 0) < 0)
795 log_error("fsetxattr(\"security.SMACK64\"): %m");
cf37cd2f 796#endif
4fd5948e
LP		 797}
798
b15bdda8
LP		 799static int fifo_address_create(
800 const char *path,
801 mode_t directory_mode,
802 mode_t socket_mode,
b15bdda8
LP		 803 int *_fd) {
804
7a58bfa4 805 int fd = -1, r = 0;
b15bdda8
LP		 806 struct stat st;
807 mode_t old_mask;
808
809 assert(path);
810 assert(_fd);
811
d2e54fae 812 mkdir_parents_label(path, directory_mode);
b15bdda8 813
e9a5ef7c
KS		 814 r = label_context_set(path, S_IFIFO);
815 if (r < 0)
56cf987f 816 goto fail;
b15bdda8
LP		 817
818 /* Enforce the right access mode for the fifo */
819 old_mask = umask(~ socket_mode);
820
821 /* Include the original umask in our mask */
822 umask(~socket_mode | old_mask);
823
824 r = mkfifo(path, socket_mode);
825 umask(old_mask);
826
94bc2731 827 if (r < 0 && errno != EEXIST) {
b15bdda8
LP		 828 r = -errno;
829 goto fail;
830 }
831
e4f44e73 832 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
b15bdda8
LP		 833 r = -errno;
834 goto fail;
835 }
836
e9a5ef7c 837 label_context_clear();
7a58bfa4 838
b15bdda8
LP		 839 if (fstat(fd, &st) < 0) {
840 r = -errno;
841 goto fail;
842 }
843
844 if (!S_ISFIFO(st.st_mode) ||
de0200fc 845 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
e4f44e73
DR		 846 st.st_uid != getuid() ||
847 st.st_gid != getgid()) {
b15bdda8
LP		 848
849 r = -EEXIST;
850 goto fail;
851 }
852
853 *_fd = fd;
854 return 0;
855
856fail:
e9a5ef7c 857 label_context_clear();
56cf987f 858
b15bdda8
LP		 859 if (fd >= 0)
860 close_nointr_nofail(fd);
861
862 return r;
863}
864
b0a3f2bc
LP		 865static int special_address_create(
866 const char *path,
867 int *_fd) {
868
869 int fd = -1, r = 0;
870 struct stat st;
871
872 assert(path);
873 assert(_fd);
874
875 if ((fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
876 r = -errno;
877 goto fail;
878 }
879
880 if (fstat(fd, &st) < 0) {
881 r = -errno;
882 goto fail;
883 }
884
885 /* Check whether this is a /proc, /sys or /dev file or char device */
886 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
887 r = -EEXIST;
888 goto fail;
889 }
890
891 *_fd = fd;
892 return 0;
893
894fail:
895 if (fd >= 0)
896 close_nointr_nofail(fd);
897
898 return r;
899}
900
916abb21
LP		 901static int mq_address_create(
902 const char *path,
903 mode_t mq_mode,
904 long maxmsg,
905 long msgsize,
906 int *_fd) {
907
908 int fd = -1, r = 0;
909 struct stat st;
910 mode_t old_mask;
911 struct mq_attr _attr, *attr = NULL;
912
913 assert(path);
914 assert(_fd);
915
916 if (maxmsg > 0 && msgsize > 0) {
917 zero(_attr);
918 _attr.mq_flags = O_NONBLOCK;
919 _attr.mq_maxmsg = maxmsg;
920 _attr.mq_msgsize = msgsize;
921 attr = &_attr;
922 }
923
924 /* Enforce the right access mode for the mq */
925 old_mask = umask(~ mq_mode);
926
927 /* Include the original umask in our mask */
928 umask(~mq_mode | old_mask);
929
930 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
931 umask(old_mask);
932
8ea913b2 933 if (fd < 0) {
916abb21
LP		 934 r = -errno;
935 goto fail;
936 }
937
938 if (fstat(fd, &st) < 0) {
939 r = -errno;
940 goto fail;
941 }
942
943 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
944 st.st_uid != getuid() ||
945 st.st_gid != getgid()) {
946
947 r = -EEXIST;
948 goto fail;
949 }
950
951 *_fd = fd;
952 return 0;
953
954fail:
955 if (fd >= 0)
956 close_nointr_nofail(fd);
957
958 return r;
959}
960
034c6ed7 961static int socket_open_fds(Socket *s) {
83c60c9f
LP		 962 SocketPort *p;
963 int r;
56cf987f 964 char *label = NULL;
049f8642 965 bool know_label = false;
83c60c9f
LP		 966
967 assert(s);
968
034c6ed7 969 LIST_FOREACH(port, p, s->ports) {
83c60c9f 970
034c6ed7
LP		 971 if (p->fd >= 0)
972 continue;
83c60c9f
LP		 973
974 if (p->type == SOCKET_SOCKET) {
975
049f8642
LP		 976 if (!know_label) {
977
978 if ((r = socket_instantiate_service(s)) < 0)
979 return r;
980
57020a3a
LP		 981 if (UNIT_DEREF(s->service) &&
982 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
983 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
189583d7
LP		 984
985 if (r < 0) {
a7444eda
LP		 986 if (r != -EPERM)
987 return r;
988 }
189583d7 989 }
049f8642
LP		 990
991 know_label = true;
992 }
993
b5a0699f
LP		 994 if ((r = socket_address_listen(
995 &p->address,
996 s->backlog,
997 s->bind_ipv6_only,
998 s->bind_to_device,
4fd5948e 999 s->free_bind,
6b6d2dee 1000 s->transparent,
b5a0699f
LP		 1001 s->directory_mode,
1002 s->socket_mode,
56cf987f 1003 label,
b5a0699f 1004 &p->fd)) < 0)
83c60c9f
LP		 1005 goto rollback;
1006
4fd5948e
LP		 1007 socket_apply_socket_options(s, p->fd);
1008
b0a3f2bc
LP		 1009 } else if (p->type == SOCKET_SPECIAL) {
1010
1011 if ((r = special_address_create(
1012 p->path,
1013 &p->fd)) < 0)
1014 goto rollback;
1015
b15bdda8 1016 } else if (p->type == SOCKET_FIFO) {
83c60c9f 1017
b15bdda8
LP		 1018 if ((r = fifo_address_create(
1019 p->path,
1020 s->directory_mode,
1021 s->socket_mode,
b15bdda8 1022 &p->fd)) < 0)
83c60c9f 1023 goto rollback;
83c60c9f 1024
b15bdda8 1025 socket_apply_fifo_options(s, p->fd);
916abb21 1026 } else if (p->type == SOCKET_MQUEUE) {
83c60c9f 1027
916abb21
LP		 1028 if ((r = mq_address_create(
1029 p->path,
1030 s->socket_mode,
1031 s->mq_maxmsg,
1032 s->mq_msgsize,
1033 &p->fd)) < 0)
1034 goto rollback;
b15bdda8
LP		 1035 } else
1036 assert_not_reached("Unknown port type");
034c6ed7
LP		 1037 }
1038
56cf987f 1039 label_free(label);
034c6ed7
LP		 1040 return 0;
1041
1042rollback:
1043 socket_close_fds(s);
56cf987f 1044 label_free(label);
034c6ed7
LP		 1045 return r;
1046}
1047
1048static void socket_unwatch_fds(Socket *s) {
1049 SocketPort *p;
9152c765 1050
034c6ed7
LP		 1051 assert(s);
1052
1053 LIST_FOREACH(port, p, s->ports) {
1054 if (p->fd < 0)
1055 continue;
1056
acbb0225 1057 unit_unwatch_fd(UNIT(s), &p->fd_watch);
83c60c9f 1058 }
034c6ed7
LP		 1059}
1060
1061static int socket_watch_fds(Socket *s) {
1062 SocketPort *p;
1063 int r;
1064
1065 assert(s);
83c60c9f 1066
034c6ed7
LP		 1067 LIST_FOREACH(port, p, s->ports) {
1068 if (p->fd < 0)
1069 continue;
1070
cabab516 1071 p->fd_watch.socket_accept =
4f2d528d 1072 s->accept &&
dd5ad9d4 1073 p->type == SOCKET_SOCKET &&
4f2d528d
LP		 1074 socket_address_can_accept(&p->address);
1075
f94ea366 1076 if ((r = unit_watch_fd(UNIT(s), p->fd, EPOLLIN, &p->fd_watch)) < 0)
034c6ed7
LP		 1077 goto fail;
1078 }
83c60c9f 1079
542563ba 1080 return 0;
83c60c9f 1081
034c6ed7
LP		 1082fail:
1083 socket_unwatch_fds(s);
1084 return r;
1085}
1086
1087static void socket_set_state(Socket *s, SocketState state) {
1088 SocketState old_state;
1089 assert(s);
1090
1091 old_state = s->state;
1092 s->state = state;
1093
1094 if (state != SOCKET_START_PRE &&
1095 state != SOCKET_START_POST &&
1096 state != SOCKET_STOP_PRE &&
1097 state != SOCKET_STOP_PRE_SIGTERM &&
1098 state != SOCKET_STOP_PRE_SIGKILL &&
1099 state != SOCKET_STOP_POST &&
80876c20
LP		 1100 state != SOCKET_FINAL_SIGTERM &&
1101 state != SOCKET_FINAL_SIGKILL) {
acbb0225 1102 unit_unwatch_timer(UNIT(s), &s->timer_watch);
5e94833f 1103 socket_unwatch_control_pid(s);
034c6ed7 1104 s->control_command = NULL;
a16e1123 1105 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
e537352b 1106 }
034c6ed7 1107
a16e1123
LP		 1108 if (state != SOCKET_LISTENING)
1109 socket_unwatch_fds(s);
1110
034c6ed7
LP		 1111 if (state != SOCKET_START_POST &&
1112 state != SOCKET_LISTENING &&
1113 state != SOCKET_RUNNING &&
1114 state != SOCKET_STOP_PRE &&
1115 state != SOCKET_STOP_PRE_SIGTERM &&
1116 state != SOCKET_STOP_PRE_SIGKILL)
1117 socket_close_fds(s);
1118
e537352b 1119 if (state != old_state)
40d50879 1120 log_debug("%s changed %s -> %s",
1124fe6f 1121 UNIT(s)->id,
a16e1123
LP		 1122 socket_state_to_string(old_state),
1123 socket_state_to_string(state));
acbb0225 1124
e2f3b44c 1125 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
034c6ed7
LP		 1126}
1127
a16e1123
LP		 1128static int socket_coldplug(Unit *u) {
1129 Socket *s = SOCKET(u);
1130 int r;
1131
1132 assert(s);
1133 assert(s->state == SOCKET_DEAD);
1134
1135 if (s->deserialized_state != s->state) {
1136
1137 if (s->deserialized_state == SOCKET_START_PRE ||
1138 s->deserialized_state == SOCKET_START_POST ||
1139 s->deserialized_state == SOCKET_STOP_PRE ||
1140 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1141 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL ||
1142 s->deserialized_state == SOCKET_STOP_POST ||
1143 s->deserialized_state == SOCKET_FINAL_SIGTERM ||
1144 s->deserialized_state == SOCKET_FINAL_SIGKILL) {
1145
1146 if (s->control_pid <= 0)
1147 return -EBADMSG;
1148
36697dc0
LP		 1149 r = unit_watch_pid(UNIT(s), s->control_pid);
1150 if (r < 0)
a16e1123
LP		 1151 return r;
1152
36697dc0
LP		 1153 r = unit_watch_timer(UNIT(s), CLOCK_MONOTONIC, true, s->timeout_usec, &s->timer_watch);
1154 if (r < 0)
a16e1123
LP		 1155 return r;
1156 }
1157
1158 if (s->deserialized_state == SOCKET_START_POST ||
1159 s->deserialized_state == SOCKET_LISTENING ||
1160 s->deserialized_state == SOCKET_RUNNING ||
1161 s->deserialized_state == SOCKET_STOP_PRE ||
1162 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1163 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL)
1164 if ((r = socket_open_fds(s)) < 0)
1165 return r;
1166
1167 if (s->deserialized_state == SOCKET_LISTENING)
1168 if ((r = socket_watch_fds(s)) < 0)
1169 return r;
1170
1171 socket_set_state(s, s->deserialized_state);
1172 }
1173
1174 return 0;
1175}
1176
e537352b 1177static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
034c6ed7
LP		 1178 pid_t pid;
1179 int r;
9e2f7c11 1180 char **argv;
034c6ed7
LP		 1181
1182 assert(s);
1183 assert(c);
1184 assert(_pid);
1185
36697dc0
LP		 1186 r = unit_watch_timer(UNIT(s), CLOCK_MONOTONIC, true, s->timeout_usec, &s->timer_watch);
1187 if (r < 0)
e537352b 1188 goto fail;
034c6ed7 1189
36697dc0
LP		 1190 argv = unit_full_printf_strv(UNIT(s), c->argv);
1191 if (!argv) {
9e2f7c11
LP		 1192 r = -ENOMEM;
1193 goto fail;
1194 }
1195
1196 r = exec_spawn(c,
1197 argv,
1198 &s->exec_context,
1199 NULL, 0,
1124fe6f 1200 UNIT(s)->manager->environment,
9e2f7c11
LP		 1201 true,
1202 true,
1e3ad081 1203 true,
1124fe6f
MS		 1204 UNIT(s)->manager->confirm_spawn,
1205 UNIT(s)->cgroup_bondings,
1206 UNIT(s)->cgroup_attributes,
ecedd90f 1207 NULL,
62bca2c6 1208 UNIT(s)->id,
f2b68789 1209 NULL,
9e2f7c11
LP		 1210 &pid);
1211
1212 strv_free(argv);
1213 if (r < 0)
034c6ed7
LP		 1214 goto fail;
1215
87f0e418 1216 if ((r = unit_watch_pid(UNIT(s), pid)) < 0)
034c6ed7
LP		 1217 /* FIXME: we need to do something here */
1218 goto fail;
83c60c9f 1219
034c6ed7
LP		 1220 *_pid = pid;
1221
1222 return 0;
1223
1224fail:
e537352b 1225 unit_unwatch_timer(UNIT(s), &s->timer_watch);
83c60c9f
LP		 1226
1227 return r;
542563ba
LP		 1228}
1229
cfc4eb4c 1230static void socket_enter_dead(Socket *s, SocketResult f) {
034c6ed7
LP		 1231 assert(s);
1232
cfc4eb4c
LP		 1233 if (f != SOCKET_SUCCESS)
1234 s->result = f;
034c6ed7 1235
cfc4eb4c 1236 socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
034c6ed7
LP		 1237}
1238
cfc4eb4c 1239static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
80876c20 1240
cfc4eb4c 1241static void socket_enter_stop_post(Socket *s, SocketResult f) {
034c6ed7
LP		 1242 int r;
1243 assert(s);
1244
cfc4eb4c
LP		 1245 if (f != SOCKET_SUCCESS)
1246 s->result = f;
034c6ed7 1247
5e94833f
LP		 1248 socket_unwatch_control_pid(s);
1249
a16e1123
LP		 1250 s->control_command_id = SOCKET_EXEC_STOP_POST;
1251
80876c20 1252 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST])) {
e537352b 1253 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1254 goto fail;
1255
80876c20
LP		 1256 socket_set_state(s, SOCKET_STOP_POST);
1257 } else
cfc4eb4c 1258 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
034c6ed7
LP		 1259
1260 return;
1261
1262fail:
1124fe6f 1263 log_warning("%s failed to run 'stop-post' task: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1264 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1265}
1266
cfc4eb4c 1267static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
034c6ed7 1268 int r;
ca949c9d
LP		 1269 Set *pid_set = NULL;
1270 bool wait_for_exit = false;
034c6ed7
LP		 1271
1272 assert(s);
1273
cfc4eb4c
LP		 1274 if (f != SOCKET_SUCCESS)
1275 s->result = f;
034c6ed7 1276
4819ff03
LP		 1277 if (s->kill_context.kill_mode != KILL_NONE) {
1278 int sig = (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_FINAL_SIGTERM) ? s->kill_context.kill_signal : SIGKILL;
034c6ed7 1279
ca949c9d 1280 if (s->control_pid > 0) {
cd25cce9 1281 if (kill_and_sigcont(s->control_pid, sig) < 0 && errno != ESRCH)
50159e6a 1282
ca949c9d
LP		 1283 log_warning("Failed to kill control process %li: %m", (long) s->control_pid);
1284 else
1285 wait_for_exit = true;
034c6ed7 1286 }
50159e6a 1287
4819ff03 1288 if (s->kill_context.kill_mode == KILL_CONTROL_GROUP) {
ca949c9d
LP		 1289
1290 if (!(pid_set = set_new(trivial_hash_func, trivial_compare_func))) {
1291 r = -ENOMEM;
50159e6a
LP		 1292 goto fail;
1293 }
ca949c9d
LP		 1294
1295 /* Exclude the control pid from being killed via the cgroup */
1296 if (s->control_pid > 0)
1297 if ((r = set_put(pid_set, LONG_TO_PTR(s->control_pid))) < 0)
1298 goto fail;
1299
88f3e0c9 1300 r = cgroup_bonding_kill_list(UNIT(s)->cgroup_bondings, sig, true, false, pid_set, NULL);
ecedd90f 1301 if (r < 0) {
ca949c9d
LP		 1302 if (r != -EAGAIN && r != -ESRCH && r != -ENOENT)
1303 log_warning("Failed to kill control group: %s", strerror(-r));
1304 } else if (r > 0)
1305 wait_for_exit = true;
1306
1307 set_free(pid_set);
da19d5c1 1308 pid_set = NULL;
ca949c9d 1309 }
d6ea93e3 1310 }
034c6ed7 1311
ca949c9d 1312 if (wait_for_exit) {
36697dc0
LP		 1313 r = unit_watch_timer(UNIT(s), CLOCK_MONOTONIC, true, s->timeout_usec, &s->timer_watch);
1314 if (r < 0)
80876c20 1315 goto fail;
d6ea93e3 1316
80876c20
LP		 1317 socket_set_state(s, state);
1318 } else if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
cfc4eb4c 1319 socket_enter_stop_post(s, SOCKET_SUCCESS);
80876c20 1320 else
cfc4eb4c 1321 socket_enter_dead(s, SOCKET_SUCCESS);
034c6ed7
LP		 1322
1323 return;
1324
1325fail:
1124fe6f 1326 log_warning("%s failed to kill processes: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1327
1328 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
cfc4eb4c 1329 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1330 else
cfc4eb4c 1331 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
ca949c9d
LP		 1332
1333 if (pid_set)
1334 set_free(pid_set);
034c6ed7
LP		 1335}
1336
cfc4eb4c 1337static void socket_enter_stop_pre(Socket *s, SocketResult f) {
034c6ed7
LP		 1338 int r;
1339 assert(s);
1340
cfc4eb4c
LP		 1341 if (f != SOCKET_SUCCESS)
1342 s->result = f;
034c6ed7 1343
5e94833f
LP		 1344 socket_unwatch_control_pid(s);
1345
a16e1123
LP		 1346 s->control_command_id = SOCKET_EXEC_STOP_PRE;
1347
80876c20 1348 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE])) {
e537352b 1349 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1350 goto fail;
1351
80876c20
LP		 1352 socket_set_state(s, SOCKET_STOP_PRE);
1353 } else
cfc4eb4c 1354 socket_enter_stop_post(s, SOCKET_SUCCESS);
034c6ed7
LP		 1355
1356 return;
1357
1358fail:
1124fe6f 1359 log_warning("%s failed to run 'stop-pre' task: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1360 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1361}
1362
e9af15c3
LP		 1363static void socket_enter_listening(Socket *s) {
1364 int r;
1365 assert(s);
1366
cfc4eb4c
LP		 1367 r = socket_watch_fds(s);
1368 if (r < 0) {
1124fe6f 1369 log_warning("%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
e9af15c3
LP		 1370 goto fail;
1371 }
1372
1373 socket_set_state(s, SOCKET_LISTENING);
1374 return;
1375
1376fail:
cfc4eb4c 1377 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
e9af15c3
LP		 1378}
1379
034c6ed7
LP		 1380static void socket_enter_start_post(Socket *s) {
1381 int r;
1382 assert(s);
1383
cfc4eb4c
LP		 1384 r = socket_open_fds(s);
1385 if (r < 0) {
1124fe6f 1386 log_warning("%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1387 goto fail;
1388 }
1389
5e94833f
LP		 1390 socket_unwatch_control_pid(s);
1391
a16e1123
LP		 1392 s->control_command_id = SOCKET_EXEC_START_POST;
1393
80876c20 1394 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_POST])) {
cfc4eb4c
LP		 1395 r = socket_spawn(s, s->control_command, &s->control_pid);
1396 if (r < 0) {
1124fe6f 1397 log_warning("%s failed to run 'start-post' task: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1398 goto fail;
1399 }
1400
80876c20
LP		 1401 socket_set_state(s, SOCKET_START_POST);
1402 } else
e9af15c3 1403 socket_enter_listening(s);
034c6ed7
LP		 1404
1405 return;
1406
1407fail:
cfc4eb4c 1408 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1409}
1410
1411static void socket_enter_start_pre(Socket *s) {
1412 int r;
1413 assert(s);
1414
5e94833f
LP		 1415 socket_unwatch_control_pid(s);
1416
a16e1123
LP		 1417 s->control_command_id = SOCKET_EXEC_START_PRE;
1418
80876c20 1419 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_PRE])) {
e537352b 1420 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1421 goto fail;
1422
80876c20
LP		 1423 socket_set_state(s, SOCKET_START_PRE);
1424 } else
034c6ed7
LP		 1425 socket_enter_start_post(s);
1426
1427 return;
1428
1429fail:
1124fe6f 1430 log_warning("%s failed to run 'start-pre' task: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1431 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1432}
1433
4f2d528d 1434static void socket_enter_running(Socket *s, int cfd) {
034c6ed7 1435 int r;
398ef8ba 1436 DBusError error;
034c6ed7
LP		 1437
1438 assert(s);
398ef8ba 1439 dbus_error_init(&error);
034c6ed7 1440
ba3e67a7
LP		 1441 /* We don't take connections anymore if we are supposed to
1442 * shut down anyway */
18ffdfda 1443 if (unit_pending_inactive(UNIT(s))) {
1124fe6f 1444 log_debug("Suppressing connection request on %s since unit stop is scheduled.", UNIT(s)->id);
5d909e3e 1445
7c610628
LP		 1446 if (cfd >= 0)
1447 close_nointr_nofail(cfd);
1448 else {
1449 /* Flush all sockets by closing and reopening them */
1450 socket_close_fds(s);
1451
1a710b43
MS		 1452 r = socket_watch_fds(s);
1453 if (r < 0) {
1124fe6f 1454 log_warning("%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1455 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
7c610628
LP		 1456 }
1457 }
1458
ba3e67a7
LP		 1459 return;
1460 }
1461
4f2d528d 1462 if (cfd < 0) {
57020a3a
LP		 1463 Iterator i;
1464 Unit *u;
f976f3f6 1465 bool pending = false;
f976f3f6
LP		 1466
1467 /* If there's already a start pending don't bother to
1468 * do anything */
1124fe6f 1469 SET_FOREACH(u, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
57020a3a
LP		 1470 if (unit_pending_active(u)) {
1471 pending = true;
1472 break;
1473 }
f976f3f6 1474
1a710b43
MS		 1475 if (!pending) {
1476 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1477 if (r < 0)
f976f3f6 1478 goto fail;
1a710b43 1479 }
4f2d528d
LP		 1480
1481 socket_set_state(s, SOCKET_RUNNING);
1482 } else {
b4f10a5e 1483 char *prefix, *instance = NULL, *name;
b15bdda8 1484 Service *service;
4f2d528d 1485
6cf6bbc2 1486 if (s->n_connections >= s->max_connections) {
80cba379 1487 log_warning("%s: Too many incoming connections (%u)", UNIT(s)->id, s->n_connections);
6cf6bbc2
LP		 1488 close_nointr_nofail(cfd);
1489 return;
1490 }
1491
1a710b43
MS		 1492 r = socket_instantiate_service(s);
1493 if (r < 0)
b15bdda8
LP		 1494 goto fail;
1495
1a710b43
MS		 1496 r = instance_from_socket(cfd, s->n_accepted, &instance);
1497 if (r < 0) {
1498 if (r != -ENOTCONN)
1499 goto fail;
1500
1501 /* ENOTCONN is legitimate if TCP RST was received.
1502 * This connection is over, but the socket unit lives on. */
1503 close_nointr_nofail(cfd);
1504 return;
1505 }
4f2d528d 1506
1a710b43
MS		 1507 prefix = unit_name_to_prefix(UNIT(s)->id);
1508 if (!prefix) {
4f2d528d
LP		 1509 free(instance);
1510 r = -ENOMEM;
1511 goto fail;
1512 }
1513
1514 name = unit_name_build(prefix, instance, ".service");
1515 free(prefix);
1516 free(instance);
1517
b6dbbe1c 1518 if (!name) {
4f2d528d 1519 r = -ENOMEM;
b6dbbe1c
LP		 1520 goto fail;
1521 }
4f2d528d 1522
1a710b43
MS		 1523 r = unit_add_name(UNIT_DEREF(s->service), name);
1524 if (r < 0) {
b15bdda8 1525 free(name);
4f2d528d 1526 goto fail;
b15bdda8
LP		 1527 }
1528
57020a3a
LP		 1529 service = SERVICE(UNIT_DEREF(s->service));
1530 unit_ref_unset(&s->service);
b15bdda8 1531 s->n_accepted ++;
4f2d528d 1532
1124fe6f 1533 UNIT(service)->no_gc = false;
6c073082 1534
b15bdda8
LP		 1535 unit_choose_id(UNIT(service), name);
1536 free(name);
1537
1a710b43
MS		 1538 r = service_set_socket_fd(service, cfd, s);
1539 if (r < 0)
4f2d528d
LP		 1540 goto fail;
1541
1542 cfd = -1;
6cf6bbc2
LP		 1543 s->n_connections ++;
1544
1a710b43
MS		 1545 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1546 if (r < 0)
4f2d528d 1547 goto fail;
c4e2ceae
LP		 1548
1549 /* Notify clients about changed counters */
1550 unit_add_to_dbus_queue(UNIT(s));
4f2d528d 1551 }
034c6ed7 1552
034c6ed7
LP		 1553 return;
1554
1555fail:
10f70492 1556 log_warning("%s failed to queue service startup job (Maybe the service file is missing or not a %s unit?): %s", UNIT(s)->id, cfd >= 0 ? "template" : "non-template", bus_error(&error, r));
60089004 1557 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
4f2d528d
LP		 1558
1559 if (cfd >= 0)
1560 close_nointr_nofail(cfd);
398ef8ba
LP		 1561
1562 dbus_error_free(&error);
034c6ed7
LP		 1563}
1564
cfc4eb4c 1565static void socket_run_next(Socket *s) {
034c6ed7
LP		 1566 int r;
1567
1568 assert(s);
1569 assert(s->control_command);
1570 assert(s->control_command->command_next);
1571
5e94833f
LP		 1572 socket_unwatch_control_pid(s);
1573
034c6ed7
LP		 1574 s->control_command = s->control_command->command_next;
1575
e537352b 1576 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1577 goto fail;
1578
1579 return;
1580
1581fail:
1124fe6f 1582 log_warning("%s failed to run next task: %s", UNIT(s)->id, strerror(-r));
80876c20
LP		 1583
1584 if (s->state == SOCKET_START_POST)
cfc4eb4c 1585 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1586 else if (s->state == SOCKET_STOP_POST)
cfc4eb4c 1587 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1588 else
cfc4eb4c 1589 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1590}
1591
87f0e418
LP		 1592static int socket_start(Unit *u) {
1593 Socket *s = SOCKET(u);
83c60c9f
LP		 1594
1595 assert(s);
1596
034c6ed7
LP		 1597 /* We cannot fulfill this request right now, try again later
1598 * please! */
1599 if (s->state == SOCKET_STOP_PRE ||
1600 s->state == SOCKET_STOP_PRE_SIGKILL ||
1601 s->state == SOCKET_STOP_PRE_SIGTERM ||
1602 s->state == SOCKET_STOP_POST ||
80876c20
LP		 1603 s->state == SOCKET_FINAL_SIGTERM ||
1604 s->state == SOCKET_FINAL_SIGKILL)
034c6ed7
LP		 1605 return -EAGAIN;
1606
83c60c9f
LP		 1607 if (s->state == SOCKET_START_PRE ||
1608 s->state == SOCKET_START_POST)
034c6ed7 1609 return 0;
83c60c9f 1610
034c6ed7 1611 /* Cannot run this without the service being around */
57020a3a
LP		 1612 if (UNIT_DEREF(s->service)) {
1613 Service *service;
1614
1615 service = SERVICE(UNIT_DEREF(s->service));
1616
1124fe6f
MS		 1617 if (UNIT(service)->load_state != UNIT_LOADED) {
1618 log_error("Socket service %s not loaded, refusing.", UNIT(service)->id);
4f2d528d 1619 return -ENOENT;
4ac9236f 1620 }
4f2d528d 1621
35b8ca3a 1622 /* If the service is already active we cannot start the
4f2d528d 1623 * socket */
57020a3a
LP		 1624 if (service->state != SERVICE_DEAD &&
1625 service->state != SERVICE_FAILED &&
1626 service->state != SERVICE_AUTO_RESTART) {
1124fe6f 1627 log_error("Socket service %s already active, refusing.", UNIT(service)->id);
4f2d528d 1628 return -EBUSY;
4ac9236f 1629 }
7b4bf06b
LP		 1630
1631#ifdef HAVE_SYSV_COMPAT
1b64d026 1632 if (service->is_sysv) {
7b4bf06b
LP		 1633 log_error("Using SysV services for socket activation is not supported. Refusing.");
1634 return -ENOENT;
1635 }
1636#endif
4f2d528d 1637 }
e537352b 1638
fdf20a31 1639 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
83c60c9f 1640
cfc4eb4c 1641 s->result = SOCKET_SUCCESS;
034c6ed7
LP		 1642 socket_enter_start_pre(s);
1643 return 0;
1644}
83c60c9f 1645
87f0e418
LP		 1646static int socket_stop(Unit *u) {
1647 Socket *s = SOCKET(u);
034c6ed7
LP		 1648
1649 assert(s);
1650
e537352b
LP		 1651 /* Already on it */
1652 if (s->state == SOCKET_STOP_PRE ||
1653 s->state == SOCKET_STOP_PRE_SIGTERM ||
1654 s->state == SOCKET_STOP_PRE_SIGKILL ||
1655 s->state == SOCKET_STOP_POST ||
80876c20 1656 s->state == SOCKET_FINAL_SIGTERM ||
3f6c78dc 1657 s->state == SOCKET_FINAL_SIGKILL)
e537352b
LP		 1658 return 0;
1659
3f6c78dc
LP		 1660 /* If there's already something running we go directly into
1661 * kill mode. */
1662 if (s->state == SOCKET_START_PRE ||
1663 s->state == SOCKET_START_POST) {
cfc4eb4c 1664 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
3f6c78dc
LP		 1665 return -EAGAIN;
1666 }
1667
034c6ed7 1668 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
83c60c9f 1669
cfc4eb4c 1670 socket_enter_stop_pre(s, SOCKET_SUCCESS);
542563ba
LP		 1671 return 0;
1672}
1673
a16e1123
LP		 1674static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1675 Socket *s = SOCKET(u);
1676 SocketPort *p;
1677 int r;
1678
1679 assert(u);
1680 assert(f);
1681 assert(fds);
1682
1683 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
cfc4eb4c 1684 unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
a16e1123
LP		 1685 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1686
1687 if (s->control_pid > 0)
5925dd3c 1688 unit_serialize_item_format(u, f, "control-pid", "%lu", (unsigned long) s->control_pid);
a16e1123
LP		 1689
1690 if (s->control_command_id >= 0)
1691 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1692
1693 LIST_FOREACH(port, p, s->ports) {
1694 int copy;
1695
1696 if (p->fd < 0)
1697 continue;
1698
1699 if ((copy = fdset_put_dup(fds, p->fd)) < 0)
1700 return copy;
1701
1702 if (p->type == SOCKET_SOCKET) {
1703 char *t;
1704
ee092817
LP		 1705 r = socket_address_print(&p->address, &t);
1706 if (r < 0)
a16e1123
LP		 1707 return r;
1708
7a22745a
LP		 1709 if (socket_address_family(&p->address) == AF_NETLINK)
1710 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
1711 else
1712 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
a16e1123 1713 free(t);
b0a3f2bc
LP		 1714 } else if (p->type == SOCKET_SPECIAL)
1715 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
ee092817
LP		 1716 else if (p->type == SOCKET_MQUEUE)
1717 unit_serialize_item_format(u, f, "mqueue", "%i %s", copy, p->path);
b0a3f2bc 1718 else {
a16e1123
LP		 1719 assert(p->type == SOCKET_FIFO);
1720 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
1721 }
1722 }
1723
1724 return 0;
1725}
1726
1727static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
1728 Socket *s = SOCKET(u);
a16e1123
LP		 1729
1730 assert(u);
1731 assert(key);
1732 assert(value);
1733 assert(fds);
1734
1735 if (streq(key, "state")) {
1736 SocketState state;
1737
ee092817
LP		 1738 state = socket_state_from_string(value);
1739 if (state < 0)
a16e1123
LP		 1740 log_debug("Failed to parse state value %s", value);
1741 else
1742 s->deserialized_state = state;
cfc4eb4c
LP		 1743 } else if (streq(key, "result")) {
1744 SocketResult f;
a16e1123 1745
cfc4eb4c
LP		 1746 f = socket_result_from_string(value);
1747 if (f < 0)
1748 log_debug("Failed to parse result value %s", value);
1749 else if (f != SOCKET_SUCCESS)
1750 s->result = f;
a16e1123
LP		 1751
1752 } else if (streq(key, "n-accepted")) {
1753 unsigned k;
1754
e364ad06 1755 if (safe_atou(value, &k) < 0)
a16e1123
LP		 1756 log_debug("Failed to parse n-accepted value %s", value);
1757 else
1758 s->n_accepted += k;
1759 } else if (streq(key, "control-pid")) {
5925dd3c 1760 pid_t pid;
a16e1123 1761
e364ad06 1762 if (parse_pid(value, &pid) < 0)
a16e1123
LP		 1763 log_debug("Failed to parse control-pid value %s", value);
1764 else
5925dd3c 1765 s->control_pid = pid;
a16e1123
LP		 1766 } else if (streq(key, "control-command")) {
1767 SocketExecCommand id;
1768
1769 if ((id = socket_exec_command_from_string(value)) < 0)
1770 log_debug("Failed to parse exec-command value %s", value);
1771 else {
1772 s->control_command_id = id;
1773 s->control_command = s->exec_command[id];
1774 }
1775 } else if (streq(key, "fifo")) {
1776 int fd, skip = 0;
1777 SocketPort *p;
1778
1779 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1780 log_debug("Failed to parse fifo value %s", value);
1781 else {
1782
1783 LIST_FOREACH(port, p, s->ports)
b0a3f2bc
LP		 1784 if (p->type == SOCKET_FIFO &&
1785 streq_ptr(p->path, value+skip))
1786 break;
1787
1788 if (p) {
1789 if (p->fd >= 0)
1790 close_nointr_nofail(p->fd);
1791 p->fd = fdset_remove(fds, fd);
1792 }
1793 }
1794
1795 } else if (streq(key, "special")) {
1796 int fd, skip = 0;
1797 SocketPort *p;
1798
1799 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1800 log_debug("Failed to parse special value %s", value);
1801 else {
1802
1803 LIST_FOREACH(port, p, s->ports)
1804 if (p->type == SOCKET_SPECIAL &&
1805 streq_ptr(p->path, value+skip))
a16e1123
LP		 1806 break;
1807
1808 if (p) {
1809 if (p->fd >= 0)
1810 close_nointr_nofail(p->fd);
1811 p->fd = fdset_remove(fds, fd);
1812 }
1813 }
1814
ee092817
LP		 1815 } else if (streq(key, "mqueue")) {
1816 int fd, skip = 0;
1817 SocketPort *p;
1818
1819 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1820 log_debug("Failed to parse mqueue value %s", value);
1821 else {
1822
1823 LIST_FOREACH(port, p, s->ports)
1824 if (p->type == SOCKET_MQUEUE &&
1825 streq_ptr(p->path, value+skip))
1826 break;
1827
1828 if (p) {
1829 if (p->fd >= 0)
1830 close_nointr_nofail(p->fd);
1831 p->fd = fdset_remove(fds, fd);
1832 }
1833 }
1834
a16e1123 1835 } else if (streq(key, "socket")) {
27ca8d7a 1836 int fd, type, skip = 0;
a16e1123
LP		 1837 SocketPort *p;
1838
27ca8d7a 1839 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
a16e1123
LP		 1840 log_debug("Failed to parse socket value %s", value);
1841 else {
1842
1843 LIST_FOREACH(port, p, s->ports)
27ca8d7a 1844 if (socket_address_is(&p->address, value+skip, type))
a16e1123
LP		 1845 break;
1846
1847 if (p) {
1848 if (p->fd >= 0)
1849 close_nointr_nofail(p->fd);
1850 p->fd = fdset_remove(fds, fd);
1851 }
1852 }
1853
7a22745a
LP		 1854 } else if (streq(key, "netlink")) {
1855 int fd, skip = 0;
1856 SocketPort *p;
1857
1858 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1859 log_debug("Failed to parse socket value %s", value);
1860 else {
1861
1862 LIST_FOREACH(port, p, s->ports)
1863 if (socket_address_is_netlink(&p->address, value+skip))
1864 break;
1865
1866 if (p) {
1867 if (p->fd >= 0)
1868 close_nointr_nofail(p->fd);
1869 p->fd = fdset_remove(fds, fd);
1870 }
1871 }
1872
a16e1123
LP		 1873 } else
1874 log_debug("Unknown serialization key '%s'", key);
1875
1876 return 0;
1877}
1878
01e10de3
LP		 1879static int socket_distribute_fds(Unit *u, FDSet *fds) {
1880 Socket *s = SOCKET(u);
1881 SocketPort *p;
1882
1883 assert(u);
1884
1885 LIST_FOREACH(port, p, s->ports) {
1886 Iterator i;
1887 int fd;
1888
1889 if (p->type != SOCKET_SOCKET)
1890 continue;
1891
1892 if (p->fd >= 0)
1893 continue;
1894
1895 FDSET_FOREACH(fd, fds, i) {
1896 if (socket_address_matches_fd(&p->address, fd)) {
1897 p->fd = fdset_remove(fds, fd);
1898 s->deserialized_state = SOCKET_LISTENING;
1899 break;
1900 }
1901 }
1902 }
1903
1904 return 0;
1905}
1906
87f0e418
LP		 1907static UnitActiveState socket_active_state(Unit *u) {
1908 assert(u);
5cb5a6ff 1909
acbb0225 1910 return state_translation_table[SOCKET(u)->state];
5cb5a6ff
LP		 1911}
1912
10a94420
LP		 1913static const char *socket_sub_state_to_string(Unit *u) {
1914 assert(u);
1915
a16e1123 1916 return socket_state_to_string(SOCKET(u)->state);
10a94420
LP		 1917}
1918
6cf6bbc2
LP		 1919static bool socket_check_gc(Unit *u) {
1920 Socket *s = SOCKET(u);
1921
1922 assert(u);
1923
1924 return s->n_connections > 0;
1925}
1926
acbb0225 1927static void socket_fd_event(Unit *u, int fd, uint32_t events, Watch *w) {
87f0e418 1928 Socket *s = SOCKET(u);
4f2d528d 1929 int cfd = -1;
9152c765 1930
034c6ed7 1931 assert(s);
8d567588 1932 assert(fd >= 0);
9152c765 1933
871d7de4
LP		 1934 if (s->state != SOCKET_LISTENING)
1935 return;
1936
ac155bb8 1937 log_debug("Incoming traffic on %s", u->id);
9152c765 1938
4f2d528d 1939 if (events != EPOLLIN) {
641e01dc
LP		 1940
1941 if (events & EPOLLHUP)
ac155bb8 1942 log_error("%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.", u->id);
641e01dc 1943 else
ac155bb8 1944 log_error("%s: Got unexpected poll event (0x%x) on socket.", u->id, events);
641e01dc 1945
8d567588 1946 goto fail;
4f2d528d
LP		 1947 }
1948
cabab516 1949 if (w->socket_accept) {
4f2d528d
LP		 1950 for (;;) {
1951
b14eda96
LP		 1952 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK);
1953 if (cfd < 0) {
4f2d528d
LP		 1954
1955 if (errno == EINTR)
1956 continue;
1957
1958 log_error("Failed to accept socket: %m");
8d567588 1959 goto fail;
4f2d528d
LP		 1960 }
1961
1962 break;
1963 }
4fd5948e
LP		 1964
1965 socket_apply_socket_options(s, cfd);
4f2d528d 1966 }
9152c765 1967
4f2d528d 1968 socket_enter_running(s, cfd);
8d567588
LP		 1969 return;
1970
1971fail:
cfc4eb4c 1972 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
9152c765
LP		 1973}
1974
87f0e418
LP		 1975static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
1976 Socket *s = SOCKET(u);
cfc4eb4c 1977 SocketResult f;
5cb5a6ff
LP		 1978
1979 assert(s);
034c6ed7 1980 assert(pid >= 0);
5cb5a6ff 1981
8c47c732
LP		 1982 if (pid != s->control_pid)
1983 return;
542563ba 1984
034c6ed7
LP		 1985 s->control_pid = 0;
1986
96342de6 1987 if (is_clean_exit(code, status, NULL))
cfc4eb4c
LP		 1988 f = SOCKET_SUCCESS;
1989 else if (code == CLD_EXITED)
1990 f = SOCKET_FAILURE_EXIT_CODE;
1991 else if (code == CLD_KILLED)
1992 f = SOCKET_FAILURE_SIGNAL;
1993 else if (code == CLD_DUMPED)
1994 f = SOCKET_FAILURE_CORE_DUMP;
1995 else
1996 assert_not_reached("Unknown code");
8c47c732 1997
b708e7ce 1998 if (s->control_command) {
6ea832a2 1999 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
a16e1123 2000
b708e7ce 2001 if (s->control_command->ignore)
cfc4eb4c 2002 f = SOCKET_SUCCESS;
b708e7ce
LP		 2003 }
2004
cfc4eb4c 2005 log_full(f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE,
ac155bb8 2006 "%s control process exited, code=%s status=%i", u->id, sigchld_code_to_string(code), status);
034c6ed7 2007
cfc4eb4c
LP		 2008 if (f != SOCKET_SUCCESS)
2009 s->result = f;
2010
2011 if (s->control_command &&
2012 s->control_command->command_next &&
2013 f == SOCKET_SUCCESS) {
2014
ac155bb8 2015 log_debug("%s running next command for state %s", u->id, socket_state_to_string(s->state));
cfc4eb4c 2016 socket_run_next(s);
acbb0225 2017 } else {
a16e1123
LP		 2018 s->control_command = NULL;
2019 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
2020
034c6ed7
LP		 2021 /* No further commands for this step, so let's figure
2022 * out what to do next */
5cb5a6ff 2023
ac155bb8 2024 log_debug("%s got final SIGCHLD for state %s", u->id, socket_state_to_string(s->state));
acbb0225 2025
034c6ed7
LP		 2026 switch (s->state) {
2027
2028 case SOCKET_START_PRE:
cfc4eb4c 2029 if (f == SOCKET_SUCCESS)
acbb0225 2030 socket_enter_start_post(s);
034c6ed7 2031 else
cfc4eb4c 2032 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
034c6ed7
LP		 2033 break;
2034
2035 case SOCKET_START_POST:
cfc4eb4c 2036 if (f == SOCKET_SUCCESS)
e9af15c3 2037 socket_enter_listening(s);
034c6ed7 2038 else
cfc4eb4c 2039 socket_enter_stop_pre(s, f);
034c6ed7
LP		 2040 break;
2041
2042 case SOCKET_STOP_PRE:
2043 case SOCKET_STOP_PRE_SIGTERM:
2044 case SOCKET_STOP_PRE_SIGKILL:
cfc4eb4c 2045 socket_enter_stop_post(s, f);
034c6ed7
LP		 2046 break;
2047
2048 case SOCKET_STOP_POST:
80876c20
LP		 2049 case SOCKET_FINAL_SIGTERM:
2050 case SOCKET_FINAL_SIGKILL:
cfc4eb4c 2051 socket_enter_dead(s, f);
034c6ed7
LP		 2052 break;
2053
2054 default:
2055 assert_not_reached("Uh, control process died at wrong time.");
2056 }
2057 }
c4e2ceae
LP		 2058
2059 /* Notify clients about changed exit status */
2060 unit_add_to_dbus_queue(u);
034c6ed7 2061}
5cb5a6ff 2062
acbb0225 2063static void socket_timer_event(Unit *u, uint64_t elapsed, Watch *w) {
87f0e418 2064 Socket *s = SOCKET(u);
5cb5a6ff 2065
034c6ed7
LP		 2066 assert(s);
2067 assert(elapsed == 1);
acbb0225 2068 assert(w == &s->timer_watch);
034c6ed7
LP		 2069
2070 switch (s->state) {
2071
2072 case SOCKET_START_PRE:
ac155bb8 2073 log_warning("%s starting timed out. Terminating.", u->id);
cfc4eb4c 2074 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
da19d5c1 2075 break;
80876c20 2076
034c6ed7 2077 case SOCKET_START_POST:
ac155bb8 2078 log_warning("%s starting timed out. Stopping.", u->id);
cfc4eb4c 2079 socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2080 break;
2081
2082 case SOCKET_STOP_PRE:
ac155bb8 2083 log_warning("%s stopping timed out. Terminating.", u->id);
cfc4eb4c 2084 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2085 break;
2086
2087 case SOCKET_STOP_PRE_SIGTERM:
4819ff03 2088 if (s->kill_context.send_sigkill) {
ac155bb8 2089 log_warning("%s stopping timed out. Killing.", u->id);
cfc4eb4c 2090 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
ba035df2 2091 } else {
ac155bb8 2092 log_warning("%s stopping timed out. Skipping SIGKILL. Ignoring.", u->id);
cfc4eb4c 2093 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
ba035df2 2094 }
034c6ed7
LP		 2095 break;
2096
2097 case SOCKET_STOP_PRE_SIGKILL:
ac155bb8 2098 log_warning("%s still around after SIGKILL. Ignoring.", u->id);
cfc4eb4c 2099 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2100 break;
2101
2102 case SOCKET_STOP_POST:
ac155bb8 2103 log_warning("%s stopping timed out (2). Terminating.", u->id);
cfc4eb4c 2104 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2105 break;
2106
80876c20 2107 case SOCKET_FINAL_SIGTERM:
4819ff03 2108 if (s->kill_context.send_sigkill) {
ac155bb8 2109 log_warning("%s stopping timed out (2). Killing.", u->id);
cfc4eb4c 2110 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
ba035df2 2111 } else {
ac155bb8 2112 log_warning("%s stopping timed out (2). Skipping SIGKILL. Ignoring.", u->id);
cfc4eb4c 2113 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
ba035df2 2114 }
034c6ed7
LP		 2115 break;
2116
80876c20 2117 case SOCKET_FINAL_SIGKILL:
ac155bb8 2118 log_warning("%s still around after SIGKILL (2). Entering failed mode.", u->id);
cfc4eb4c 2119 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2120 break;
2121
2122 default:
2123 assert_not_reached("Timeout at wrong time.");
2124 }
5cb5a6ff
LP		 2125}
2126
44d8db9e
LP		 2127int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
2128 int *rfds;
2129 unsigned rn_fds, k;
2130 SocketPort *p;
2131
2132 assert(s);
2133 assert(fds);
2134 assert(n_fds);
2135
2136 /* Called from the service code for requesting our fds */
2137
2138 rn_fds = 0;
2139 LIST_FOREACH(port, p, s->ports)
2140 if (p->fd >= 0)
2141 rn_fds++;
2142
de3756ab
LP		 2143 if (rn_fds <= 0) {
2144 *fds = NULL;
2145 *n_fds = 0;
2146 return 0;
2147 }
2148
e364ad06 2149 if (!(rfds = new(int, rn_fds)))
44d8db9e
LP		 2150 return -ENOMEM;
2151
2152 k = 0;
2153 LIST_FOREACH(port, p, s->ports)
2154 if (p->fd >= 0)
2155 rfds[k++] = p->fd;
2156
2157 assert(k == rn_fds);
2158
2159 *fds = rfds;
2160 *n_fds = rn_fds;
2161
2162 return 0;
2163}
2164
6bda96a0 2165void socket_notify_service_dead(Socket *s, bool failed_permanent) {
ceee3d82
LP		 2166 assert(s);
2167
6cf6bbc2
LP		 2168 /* The service is dead. Dang!
2169 *
2170 * This is strictly for one-instance-for-all-connections
2171 * services. */
ceee3d82
LP		 2172
2173 if (s->state == SOCKET_RUNNING) {
6bda96a0
LP		 2174 log_debug("%s got notified about service death (failed permanently: %s)", UNIT(s)->id, yes_no(failed_permanent));
2175 if (failed_permanent)
2176 socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT);
c2f34808
MS		 2177 else
2178 socket_enter_listening(s);
ceee3d82
LP		 2179 }
2180}
2181
6cf6bbc2
LP		 2182void socket_connection_unref(Socket *s) {
2183 assert(s);
2184
2185 /* The service is dead. Yay!
2186 *
35b8ca3a 2187 * This is strictly for one-instance-per-connection
6cf6bbc2
LP		 2188 * services. */
2189
2190 assert(s->n_connections > 0);
2191 s->n_connections--;
2192
1124fe6f 2193 log_debug("%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
6cf6bbc2
LP		 2194}
2195
fdf20a31 2196static void socket_reset_failed(Unit *u) {
5632e374
LP		 2197 Socket *s = SOCKET(u);
2198
2199 assert(s);
2200
fdf20a31 2201 if (s->state == SOCKET_FAILED)
5632e374
LP		 2202 socket_set_state(s, SOCKET_DEAD);
2203
cfc4eb4c 2204 s->result = SOCKET_SUCCESS;
5632e374
LP		 2205}
2206
c74f17d9 2207static int socket_kill(Unit *u, KillWho who, int signo, DBusError *error) {
8a0867d6
LP		 2208 Socket *s = SOCKET(u);
2209 int r = 0;
2210 Set *pid_set = NULL;
2211
2212 assert(s);
2213
2214 if (who == KILL_MAIN) {
2215 dbus_set_error(error, BUS_ERROR_NO_SUCH_PROCESS, "Socket units have no main processes");
a17204af 2216 return -ESRCH;
8a0867d6
LP		 2217 }
2218
2219 if (s->control_pid <= 0 && who == KILL_CONTROL) {
2220 dbus_set_error(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
a17204af 2221 return -ESRCH;
8a0867d6
LP		 2222 }
2223
3611581e
LP		 2224 if (who == KILL_CONTROL || who == KILL_ALL)
2225 if (s->control_pid > 0)
2226 if (kill(s->control_pid, signo) < 0)
2227 r = -errno;
8a0867d6 2228
c74f17d9 2229 if (who == KILL_ALL) {
8a0867d6
LP		 2230 int q;
2231
c74f17d9
LP		 2232 pid_set = set_new(trivial_hash_func, trivial_compare_func);
2233 if (!pid_set)
8a0867d6
LP		 2234 return -ENOMEM;
2235
2236 /* Exclude the control pid from being killed via the cgroup */
c74f17d9
LP		 2237 if (s->control_pid > 0) {
2238 q = set_put(pid_set, LONG_TO_PTR(s->control_pid));
2239 if (q < 0) {
8a0867d6
LP		 2240 r = q;
2241 goto finish;
2242 }
c74f17d9 2243 }
8a0867d6 2244
88f3e0c9 2245 q = cgroup_bonding_kill_list(UNIT(s)->cgroup_bondings, signo, false, false, pid_set, NULL);
c74f17d9
LP		 2246 if (q < 0 && q != -EAGAIN && q != -ESRCH && q != -ENOENT)
2247 r = q;
8a0867d6
LP		 2248 }
2249
2250finish:
2251 if (pid_set)
2252 set_free(pid_set);
2253
2254 return r;
2255}
2256
a16e1123
LP		 2257static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2258 [SOCKET_DEAD] = "dead",
2259 [SOCKET_START_PRE] = "start-pre",
2260 [SOCKET_START_POST] = "start-post",
2261 [SOCKET_LISTENING] = "listening",
2262 [SOCKET_RUNNING] = "running",
2263 [SOCKET_STOP_PRE] = "stop-pre",
2264 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2265 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2266 [SOCKET_STOP_POST] = "stop-post",
2267 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2268 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
fdf20a31 2269 [SOCKET_FAILED] = "failed"
a16e1123
LP		 2270};
2271
2272DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2273
2274static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2275 [SOCKET_EXEC_START_PRE] = "StartPre",
2276 [SOCKET_EXEC_START_POST] = "StartPost",
2277 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2278 [SOCKET_EXEC_STOP_POST] = "StopPost"
2279};
2280
2281DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2282
cfc4eb4c
LP		 2283static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
2284 [SOCKET_SUCCESS] = "success",
2285 [SOCKET_FAILURE_RESOURCES] = "resources",
2286 [SOCKET_FAILURE_TIMEOUT] = "timeout",
2287 [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
2288 [SOCKET_FAILURE_SIGNAL] = "signal",
c2f34808 2289 [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
6bda96a0 2290 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT] = "service-failed-permanent"
cfc4eb4c
LP		 2291};
2292
2293DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
2294
87f0e418 2295const UnitVTable socket_vtable = {
7d17cfbc 2296 .object_size = sizeof(Socket),
3ef63c31
LP		 2297 .exec_context_offset = offsetof(Socket, exec_context),
2298
f975e971
LP		 2299 .sections =
2300 "Unit\0"
2301 "Socket\0"
2302 "Install\0",
5cb5a6ff 2303
034c6ed7
LP		 2304 .init = socket_init,
2305 .done = socket_done,
a16e1123
LP		 2306 .load = socket_load,
2307
8a0867d6
LP		 2308 .kill = socket_kill,
2309
a16e1123 2310 .coldplug = socket_coldplug,
034c6ed7 2311
5cb5a6ff
LP		 2312 .dump = socket_dump,
2313
542563ba
LP		 2314 .start = socket_start,
2315 .stop = socket_stop,
5cb5a6ff 2316
a16e1123
LP		 2317 .serialize = socket_serialize,
2318 .deserialize_item = socket_deserialize_item,
01e10de3 2319 .distribute_fds = socket_distribute_fds,
a16e1123 2320
5cb5a6ff 2321 .active_state = socket_active_state,
10a94420 2322 .sub_state_to_string = socket_sub_state_to_string,
5cb5a6ff 2323
6cf6bbc2
LP		 2324 .check_gc = socket_check_gc,
2325
9152c765 2326 .fd_event = socket_fd_event,
034c6ed7 2327 .sigchld_event = socket_sigchld_event,
4139c1b2
LP		 2328 .timer_event = socket_timer_event,
2329
fdf20a31 2330 .reset_failed = socket_reset_failed,
5632e374 2331
c4e2ceae
LP		 2332 .bus_interface = "org.freedesktop.systemd1.Socket",
2333 .bus_message_handler = bus_socket_message_handler,
c6918296
MS		 2334 .bus_invalidating_properties = bus_socket_invalidating_properties,
2335
2336 .status_message_formats = {
2337 /*.starting_stopping = {
2338 [0] = "Starting socket %s...",
2339 [1] = "Stopping socket %s...",
2340 },*/
2341 .finished_start_job = {
2342 [JOB_DONE] = "Listening on %s.",
2343 [JOB_FAILED] = "Failed to listen on %s.",
2344 [JOB_DEPENDENCY] = "Dependency failed for %s.",
2345 [JOB_TIMEOUT] = "Timed out starting %s.",
2346 },
2347 .finished_stop_job = {
2348 [JOB_DONE] = "Closed %s.",
2349 [JOB_FAILED] = "Failed stopping %s.",
2350 [JOB_TIMEOUT] = "Timed out stopping %s.",
2351 },
2352 },
5cb5a6ff 2353};
Unnamed repository; edit this file 'description' to name the repository.