]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/unit.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge pull request #24474 from yuwata/udevadm-settle-cleanups
[thirdparty/systemd.git] / src / core / unit.c
CommitLineData
db9ecf05 1/* SPDX-License-Identifier: LGPL-2.1-or-later */
a7334b09 2
87f0e418 3#include <errno.h>
0301abf4 4#include <stdlib.h>
4c253ed1 5#include <sys/prctl.h>
4f5dd394 6#include <unistd.h>
87f0e418 7
718db961
LP		 8#include "sd-id128.h"
9#include "sd-messages.h"
4f5dd394 10
57b7a260 11#include "all-units.h"
d68c645b 12#include "alloc-util.h"
fab34748 13#include "bpf-firewall.h"
5f8ba20d 14#include "bpf-foreign.h"
cd09a5f3 15#include "bpf-socket-bind.h"
4f5dd394
LP		 16#include "bus-common-errors.h"
17#include "bus-util.h"
fdb3deca 18#include "cgroup-setup.h"
c6c18be3 19#include "cgroup-util.h"
f4351959 20#include "chase-symlinks.h"
e30bbc90 21#include "core-varlink.h"
4f5dd394
LP		 22#include "dbus-unit.h"
23#include "dbus.h"
24#include "dropin.h"
25#include "escape.h"
26#include "execute.h"
6a48d82f 27#include "fd-util.h"
a5c32cff 28#include "fileio-label.h"
ee228be1 29#include "fileio.h"
f97b34a6 30#include "format-util.h"
4b58153d 31#include "id128-util.h"
5cfa33e0 32#include "install.h"
2d3b784d 33#include "io-util.h"
a3f5fd96 34#include "label.h"
4f5dd394
LP		 35#include "load-dropin.h"
36#include "load-fragment.h"
37#include "log.h"
38#include "macro.h"
f5947a5e 39#include "missing_audit.h"
35cd0ba5 40#include "mkdir-label.h"
4f5dd394 41#include "path-util.h"
0b452006 42#include "process-util.h"
810ef318 43#include "rm-rf.h"
48b92b37 44#include "serialize.h"
4f5dd394 45#include "set.h"
6eb7c172 46#include "signal-util.h"
d3070fbd 47#include "sparse-endian.h"
e9db43d5 48#include "special.h"
2e59b241 49#include "specifier.h"
8fcde012 50#include "stat-util.h"
d054f0a4 51#include "stdio-util.h"
5afe510c 52#include "string-table.h"
07630cea 53#include "string-util.h"
4f5dd394 54#include "strv.h"
5b262f74 55#include "terminal-util.h"
e4de7287 56#include "tmpfile-util.h"
4f4afc88 57#include "umask-util.h"
4f5dd394 58#include "unit-name.h"
e9db43d5 59#include "unit.h"
b1d4f8e1
LP		 60#include "user-util.h"
61#include "virt.h"
91ce91c7
JK		 62#if BPF_FRAMEWORK
63#include "bpf-link.h"
64#endif
87f0e418 65
37109b85
ZJS		 66/* Thresholds for logging at INFO level about resource consumption */
67#define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
68#define MENTIONWORTHY_IO_BYTES (1024 * 1024ULL)
69#define MENTIONWORTHY_IP_BYTES (0ULL)
70
71/* Thresholds for logging at INFO level about resource consumption */
72#define NOTICEWORTHY_CPU_NSEC (10*60 * NSEC_PER_SEC) /* 10 minutes */
73#define NOTICEWORTHY_IO_BYTES (10 * 1024 * 1024ULL) /* 10 MB */
74#define NOTICEWORTHY_IP_BYTES (128 * 1024 * 1024ULL) /* 128 MB */
75
87f0e418
LP		 76const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
77 [UNIT_SERVICE] = &service_vtable,
87f0e418
LP		 78 [UNIT_SOCKET] = &socket_vtable,
79 [UNIT_TARGET] = &target_vtable,
80 [UNIT_DEVICE] = &device_vtable,
81 [UNIT_MOUNT] = &mount_vtable,
82 [UNIT_AUTOMOUNT] = &automount_vtable,
01f78473 83 [UNIT_SWAP] = &swap_vtable,
e821075a 84 [UNIT_TIMER] = &timer_vtable,
a016b922 85 [UNIT_PATH] = &path_vtable,
6c12b52e 86 [UNIT_SLICE] = &slice_vtable,
5afe510c 87 [UNIT_SCOPE] = &scope_vtable,
87f0e418
LP		 88};
89
75db809a 90Unit* unit_new(Manager *m, size_t size) {
87f0e418
LP		 91 Unit *u;
92
93 assert(m);
ac155bb8 94 assert(size >= sizeof(Unit));
87f0e418 95
7d17cfbc
MS		 96 u = malloc0(size);
97 if (!u)
87f0e418
LP		 98 return NULL;
99
ac155bb8
MS		 100 u->manager = m;
101 u->type = _UNIT_TYPE_INVALID;
ac155bb8
MS		 102 u->default_dependencies = true;
103 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
d2dc52db 104 u->unit_file_preset = -1;
d420282b 105 u->on_failure_job_mode = JOB_REPLACE;
294446dc 106 u->on_success_job_mode = JOB_FAIL;
0bb814c2 107 u->cgroup_control_inotify_wd = -1;
afcfaa69 108 u->cgroup_memory_inotify_wd = -1;
36c16a7c 109 u->job_timeout = USEC_INFINITY;
a2df3ea4 110 u->job_running_timeout = USEC_INFINITY;
00d9ef85
LP		 111 u->ref_uid = UID_INVALID;
112 u->ref_gid = GID_INVALID;
fe700f46 113 u->cpu_usage_last = NSEC_INFINITY;
17f14955 114 u->cgroup_invalidated_mask |= CGROUP_MASK_BPF_FIREWALL;
7af67e9a 115 u->failure_action_exit_status = u->success_action_exit_status = -1;
87f0e418 116
6a48d82f
DM		 117 u->ip_accounting_ingress_map_fd = -1;
118 u->ip_accounting_egress_map_fd = -1;
0fd9c28c
LP		 119 for (CGroupIOAccountingMetric i = 0; i < _CGROUP_IO_ACCOUNTING_METRIC_MAX; i++)
120 u->io_accounting_last[i] = UINT64_MAX;
121
6a48d82f
DM		 122 u->ipv4_allow_map_fd = -1;
123 u->ipv6_allow_map_fd = -1;
124 u->ipv4_deny_map_fd = -1;
125 u->ipv6_deny_map_fd = -1;
126
2e59b241
LP		 127 u->last_section_private = -1;
128
7bf081a1 129 u->start_ratelimit = (RateLimit) { m->default_start_limit_interval, m->default_start_limit_burst };
0bc488c9 130 u->auto_start_stop_ratelimit = (RateLimit) { 10 * USEC_PER_SEC, 16 };
bea355da 131
87f0e418
LP		 132 return u;
133}
134
a581e45a 135int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
dc409696 136 _cleanup_(unit_freep) Unit *u = NULL;
a581e45a
LP		 137 int r;
138
139 u = unit_new(m, size);
140 if (!u)
141 return -ENOMEM;
142
143 r = unit_add_name(u, name);
dc409696 144 if (r < 0)
a581e45a 145 return r;
a581e45a 146
1cc6c93a
YW		 147 *ret = TAKE_PTR(u);
148
a581e45a
LP		 149 return r;
150}
151
303ee601 152bool unit_has_name(const Unit *u, const char *name) {
f278026d
LP		 153 assert(u);
154 assert(name);
155
4562c355
ZJS		 156 return streq_ptr(name, u->id) ||
157 set_contains(u->aliases, name);
f278026d
LP		 158}
159
598459ce
LP		 160static void unit_init(Unit *u) {
161 CGroupContext *cc;
162 ExecContext *ec;
163 KillContext *kc;
164
165 assert(u);
166 assert(u->manager);
167 assert(u->type >= 0);
168
169 cc = unit_get_cgroup_context(u);
170 if (cc) {
171 cgroup_context_init(cc);
172
173 /* Copy in the manager defaults into the cgroup
174 * context, _before_ the rest of the settings have
175 * been initialized */
176
177 cc->cpu_accounting = u->manager->default_cpu_accounting;
13c31542 178 cc->io_accounting = u->manager->default_io_accounting;
598459ce
LP		 179 cc->blockio_accounting = u->manager->default_blockio_accounting;
180 cc->memory_accounting = u->manager->default_memory_accounting;
03a7b521 181 cc->tasks_accounting = u->manager->default_tasks_accounting;
6a48d82f 182 cc->ip_accounting = u->manager->default_ip_accounting;
0af20ea2
LP		 183
184 if (u->type != UNIT_SLICE)
185 cc->tasks_max = u->manager->default_tasks_max;
598459ce
LP		 186 }
187
188 ec = unit_get_exec_context(u);
b1edf445 189 if (ec) {
598459ce
LP		 190 exec_context_init(ec);
191
d4a402e4
LP		 192 if (u->manager->default_oom_score_adjust_set) {
193 ec->oom_score_adjust = u->manager->default_oom_score_adjust;
194 ec->oom_score_adjust_set = true;
195 }
196
5e37d193
FB		 197 if (MANAGER_IS_SYSTEM(u->manager))
198 ec->keyring_mode = EXEC_KEYRING_SHARED;
199 else {
200 ec->keyring_mode = EXEC_KEYRING_INHERIT;
201
202 /* User manager might have its umask redefined by PAM or UMask=. In this
203 * case let the units it manages inherit this value by default. They can
204 * still tune this value through their own unit file */
205 (void) get_process_umask(getpid_cached(), &ec->umask);
206 }
b1edf445
LP		 207 }
208
598459ce
LP		 209 kc = unit_get_kill_context(u);
210 if (kc)
211 kill_context_init(kc);
212
213 if (UNIT_VTABLE(u)->init)
214 UNIT_VTABLE(u)->init(u);
215}
216
4562c355
ZJS		 217static int unit_add_alias(Unit *u, char *donated_name) {
218 int r;
219
220 /* Make sure that u->names is allocated. We may leave u->names
221 * empty if we fail later, but this is not a problem. */
973bc32a 222 r = set_ensure_put(&u->aliases, &string_hash_ops, donated_name);
4562c355
ZJS		 223 if (r < 0)
224 return r;
225 assert(r > 0);
226
227 return 0;
228}
229
87f0e418 230int unit_add_name(Unit *u, const char *text) {
4562c355 231 _cleanup_free_ char *name = NULL, *instance = NULL;
87f0e418 232 UnitType t;
87f0e418
LP		 233 int r;
234
235 assert(u);
236 assert(text);
237
7410616c 238 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
ac155bb8 239 if (!u->instance)
acd1987a
WY		 240 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
241 "instance is not set when adding name '%s': %m", text);
87f0e418 242
4562c355 243 r = unit_name_replace_instance(text, u->instance, &name);
7410616c 244 if (r < 0)
acd1987a
WY		 245 return log_unit_debug_errno(u, r,
246 "failed to build instance name from '%s': %m", text);
7410616c 247 } else {
4562c355
ZJS		 248 name = strdup(text);
249 if (!name)
7410616c
LP		 250 return -ENOMEM;
251 }
87f0e418 252
4562c355 253 if (unit_has_name(u, name))
7410616c 254 return 0;
4562c355
ZJS		 255
256 if (hashmap_contains(u->manager->units, name))
acd1987a 257 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
4562c355 258 "unit already exist when adding name '%s': %m", name);
7410616c 259
4562c355 260 if (!unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
acd1987a 261 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
4562c355 262 "name '%s' is invalid: %m", name);
e537352b 263
4562c355 264 t = unit_name_to_type(name);
7410616c 265 if (t < 0)
acd1987a 266 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
cd990847 267 "failed to derive unit type from name '%s': %m", name);
87f0e418 268
598459ce 269 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
acd1987a
WY		 270 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
271 "unit type is illegal: u->type(%d) and t(%d) for name '%s': %m",
4562c355 272 u->type, t, name);
87f0e418 273
4562c355 274 r = unit_name_to_instance(name, &instance);
e48614c4 275 if (r < 0)
4562c355 276 return log_unit_debug_errno(u, r, "failed to extract instance from name '%s': %m", name);
87f0e418 277
4562c355
ZJS		 278 if (instance && !unit_type_may_template(t))
279 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), "templates are not allowed for name '%s': %m", name);
9e2f7c11 280
d383acad
ZJS		 281 /* Ensure that this unit either has no instance, or that the instance matches. */
282 if (u->type != _UNIT_TYPE_INVALID && !streq_ptr(u->instance, instance))
acd1987a 283 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
ada4b34e
ZJS		 284 "cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
285 name, instance, u->instance);
9e2f7c11 286
4562c355 287 if (u->id && !unit_type_may_alias(t))
ada4b34e
ZJS		 288 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
289 "cannot add name %s, aliases are not allowed for %s units.",
290 name, unit_type_to_string(t));
9e2f7c11 291
598459ce 292 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
ada4b34e 293 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(E2BIG), "cannot add name, manager has too many units: %m");
4f0f902f 294
4562c355
ZJS		 295 /* Add name to the global hashmap first, because that's easier to undo */
296 r = hashmap_put(u->manager->units, name, u);
7410616c 297 if (r < 0)
acd1987a 298 return log_unit_debug_errno(u, r, "add unit to hashmap failed for name '%s': %m", text);
87f0e418 299
4562c355
ZJS		 300 if (u->id) {
301 r = unit_add_alias(u, name); /* unit_add_alias() takes ownership of the name on success */
302 if (r < 0) {
303 hashmap_remove(u->manager->units, name);
304 return r;
305 }
306 TAKE_PTR(name);
307
308 } else {
309 /* A new name, we don't need the set yet. */
310 assert(u->type == _UNIT_TYPE_INVALID);
311 assert(!u->instance);
312
ac155bb8 313 u->type = t;
4562c355
ZJS		 314 u->id = TAKE_PTR(name);
315 u->instance = TAKE_PTR(instance);
9e2f7c11 316
71fda00f 317 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
598459ce 318 unit_init(u);
598459ce 319 }
9e2f7c11 320
598459ce
LP		 321 unit_add_to_dbus_queue(u);
322 return 0;
87f0e418
LP		 323}
324
0ae97ec1 325int unit_choose_id(Unit *u, const char *name) {
68eda4bd 326 _cleanup_free_ char *t = NULL;
4562c355 327 char *s;
276c3e78 328 int r;
0ae97ec1
LP		 329
330 assert(u);
331 assert(name);
332
7410616c 333 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 334 if (!u->instance)
9e2f7c11
LP		 335 return -EINVAL;
336
7410616c
LP		 337 r = unit_name_replace_instance(name, u->instance, &t);
338 if (r < 0)
339 return r;
9e2f7c11
LP		 340
341 name = t;
342 }
343
4562c355
ZJS		 344 if (streq_ptr(u->id, name))
345 return 0; /* Nothing to do. */
346
347 /* Selects one of the aliases of this unit as the id */
348 s = set_get(u->aliases, (char*) name);
9e2f7c11 349 if (!s)
0ae97ec1
LP		 350 return -ENOENT;
351
4562c355
ZJS		 352 if (u->id) {
353 r = set_remove_and_put(u->aliases, name, u->id);
354 if (r < 0)
355 return r;
356 } else
357 assert_se(set_remove(u->aliases, name)); /* see set_get() above… */
276c3e78 358
4562c355 359 u->id = s; /* Old u->id is now stored in the set, and s is not stored anywhere */
c1e1601e 360 unit_add_to_dbus_queue(u);
9e2f7c11 361
0ae97ec1
LP		 362 return 0;
363}
364
f50e0a01 365int unit_set_description(Unit *u, const char *description) {
84b26d51 366 int r;
f50e0a01
LP		 367
368 assert(u);
369
84b26d51
LP		 370 r = free_and_strdup(&u->description, empty_to_null(description));
371 if (r < 0)
372 return r;
373 if (r > 0)
374 unit_add_to_dbus_queue(u);
c1e1601e 375
f50e0a01
LP		 376 return 0;
377}
378
02de9614
ZJS		 379static bool unit_success_failure_handler_has_jobs(Unit *unit) {
380 Unit *other;
381
382 UNIT_FOREACH_DEPENDENCY(other, unit, UNIT_ATOM_ON_SUCCESS)
383 if (other->job || other->nop_job)
384 return true;
385
386 UNIT_FOREACH_DEPENDENCY(other, unit, UNIT_ATOM_ON_FAILURE)
387 if (other->job || other->nop_job)
388 return true;
389
390 return false;
391}
392
f2f725e5 393bool unit_may_gc(Unit *u) {
a354329f 394 UnitActiveState state;
e98b2fbb 395 int r;
5afe510c 396
701cc384
LP		 397 assert(u);
398
f2f725e5
ZJS		 399 /* Checks whether the unit is ready to be unloaded for garbage collection.
400 * Returns true when the unit may be collected, and false if there's some
2641f02e
ZJS		 401 * reason to keep it loaded.
402 *
403 * References from other units are *not* checked here. Instead, this is done
404 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
405 */
5afe510c 406
02de9614 407 if (u->job || u->nop_job)
f2f725e5 408 return false;
6c073082 409
a354329f
LP		 410 state = unit_active_state(u);
411
7eb2a8a1 412 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
a354329f
LP		 413 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
414 UNIT_VTABLE(u)->release_resources)
7eb2a8a1 415 UNIT_VTABLE(u)->release_resources(u);
a354329f 416
f5869324 417 if (u->perpetual)
f2f725e5 418 return false;
9d576438 419
05a98afd 420 if (sd_bus_track_count(u->bus_track) > 0)
f2f725e5 421 return false;
05a98afd 422
5afe510c
LP		 423 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
424 switch (u->collect_mode) {
425
426 case COLLECT_INACTIVE:
427 if (state != UNIT_INACTIVE)
f2f725e5 428 return false;
5afe510c
LP		 429
430 break;
431
432 case COLLECT_INACTIVE_OR_FAILED:
433 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
f2f725e5 434 return false;
5afe510c
LP		 435
436 break;
437
438 default:
04499a70 439 assert_not_reached();
5afe510c
LP		 440 }
441
02de9614
ZJS		 442 /* Check if any OnFailure= or on Success= jobs may be pending */
443 if (unit_success_failure_handler_has_jobs(u))
444 return false;
445
e98b2fbb
LP		 446 if (u->cgroup_path) {
447 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
448 * around. Units with active processes should never be collected. */
449
450 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
451 if (r < 0)
6178e2f8 452 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", empty_to_root(u->cgroup_path));
e98b2fbb 453 if (r <= 0)
f2f725e5 454 return false;
e98b2fbb
LP		 455 }
456
f2f725e5
ZJS		 457 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
458 return false;
701cc384 459
f2f725e5 460 return true;
701cc384
LP		 461}
462
87f0e418
LP		 463void unit_add_to_load_queue(Unit *u) {
464 assert(u);
ac155bb8 465 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 466
ac155bb8 467 if (u->load_state != UNIT_STUB || u->in_load_queue)
87f0e418
LP		 468 return;
469
71fda00f 470 LIST_PREPEND(load_queue, u->manager->load_queue, u);
ac155bb8 471 u->in_load_queue = true;
87f0e418
LP		 472}
473
23a177ef
LP		 474void unit_add_to_cleanup_queue(Unit *u) {
475 assert(u);
476
ac155bb8 477 if (u->in_cleanup_queue)
23a177ef
LP		 478 return;
479
71fda00f 480 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
ac155bb8 481 u->in_cleanup_queue = true;
23a177ef
LP		 482}
483
701cc384
LP		 484void unit_add_to_gc_queue(Unit *u) {
485 assert(u);
486
ac155bb8 487 if (u->in_gc_queue || u->in_cleanup_queue)
701cc384
LP		 488 return;
489
f2f725e5 490 if (!unit_may_gc(u))
701cc384
LP		 491 return;
492
c5a97ed1 493 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
ac155bb8 494 u->in_gc_queue = true;
701cc384
LP		 495}
496
c1e1601e
LP		 497void unit_add_to_dbus_queue(Unit *u) {
498 assert(u);
ac155bb8 499 assert(u->type != _UNIT_TYPE_INVALID);
c1e1601e 500
ac155bb8 501 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
c1e1601e
LP		 502 return;
503
a567261a 504 /* Shortcut things if nobody cares */
8f8f05a9 505 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
ae572acd 506 sd_bus_track_count(u->bus_track) <= 0 &&
8f8f05a9 507 set_isempty(u->manager->private_buses)) {
ac155bb8 508 u->sent_dbus_new_signal = true;
94b6dfa2
LP		 509 return;
510 }
511
71fda00f 512 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
ac155bb8 513 u->in_dbus_queue = true;
c1e1601e
LP		 514}
515
fda09318 516void unit_submit_to_stop_when_unneeded_queue(Unit *u) {
a3c1168a
LP		 517 assert(u);
518
519 if (u->in_stop_when_unneeded_queue)
520 return;
521
522 if (!u->stop_when_unneeded)
523 return;
524
525 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
526 return;
527
528 LIST_PREPEND(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
529 u->in_stop_when_unneeded_queue = true;
530}
531
0bc488c9
LP		 532void unit_submit_to_start_when_upheld_queue(Unit *u) {
533 assert(u);
534
535 if (u->in_start_when_upheld_queue)
536 return;
537
538 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)))
539 return;
540
541 if (!unit_has_dependency(u, UNIT_ATOM_START_STEADILY, NULL))
542 return;
543
544 LIST_PREPEND(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
545 u->in_start_when_upheld_queue = true;
546}
547
56c59592
LP		 548void unit_submit_to_stop_when_bound_queue(Unit *u) {
549 assert(u);
550
551 if (u->in_stop_when_bound_queue)
552 return;
553
554 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
555 return;
556
557 if (!unit_has_dependency(u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT, NULL))
558 return;
559
560 LIST_PREPEND(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
561 u->in_stop_when_bound_queue = true;
562}
563
15ed3c3a 564static void unit_clear_dependencies(Unit *u) {
87f0e418
LP		 565 assert(u);
566
15ed3c3a
LP		 567 /* Removes all dependencies configured on u and their reverse dependencies. */
568
569 for (Hashmap *deps; (deps = hashmap_steal_first(u->dependencies));) {
87f0e418 570
15ed3c3a
LP		 571 for (Unit *other; (other = hashmap_steal_first_key(deps));) {
572 Hashmap *other_deps;
701cc384 573
15ed3c3a
LP		 574 HASHMAP_FOREACH(other_deps, other->dependencies)
575 hashmap_remove(other_deps, u);
576
577 unit_add_to_gc_queue(other);
578 }
579
580 hashmap_free(deps);
87f0e418
LP		 581 }
582
15ed3c3a 583 u->dependencies = hashmap_free(u->dependencies);
87f0e418
LP		 584}
585
c2756a68 586static void unit_remove_transient(Unit *u) {
c2756a68
LP		 587 assert(u);
588
589 if (!u->transient)
590 return;
591
592 if (u->fragment_path)
3f5e8115 593 (void) unlink(u->fragment_path);
c2756a68
LP		 594
595 STRV_FOREACH(i, u->dropin_paths) {
39591351 596 _cleanup_free_ char *p = NULL, *pp = NULL;
c2756a68 597
45519d13 598 if (path_extract_directory(*i, &p) < 0) /* Get the drop-in directory from the drop-in file */
39591351
LP		 599 continue;
600
45519d13 601 if (path_extract_directory(p, &pp) < 0) /* Get the config directory from the drop-in directory */
39591351
LP		 602 continue;
603
604 /* Only drop transient drop-ins */
605 if (!path_equal(u->manager->lookup_paths.transient, pp))
606 continue;
c2756a68 607
39591351
LP		 608 (void) unlink(*i);
609 (void) rmdir(p);
c2756a68
LP		 610 }
611}
612
a57f7e2c 613static void unit_free_requires_mounts_for(Unit *u) {
eef85c4a 614 assert(u);
a57f7e2c 615
eef85c4a 616 for (;;) {
c2b2df60 617 _cleanup_free_ char *path = NULL;
a57f7e2c 618
eef85c4a
LP		 619 path = hashmap_steal_first_key(u->requires_mounts_for);
620 if (!path)
621 break;
622 else {
623 char s[strlen(path) + 1];
a57f7e2c 624
eef85c4a
LP		 625 PATH_FOREACH_PREFIX_MORE(s, path) {
626 char *y;
627 Set *x;
628
629 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
630 if (!x)
631 continue;
a57f7e2c 632
eef85c4a 633 (void) set_remove(x, u);
a57f7e2c 634
eef85c4a
LP		 635 if (set_isempty(x)) {
636 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
637 free(y);
638 set_free(x);
639 }
a57f7e2c
LP		 640 }
641 }
642 }
643
eef85c4a 644 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
a57f7e2c
LP		 645}
646
598459ce
LP		 647static void unit_done(Unit *u) {
648 ExecContext *ec;
649 CGroupContext *cc;
650
651 assert(u);
652
653 if (u->type < 0)
654 return;
655
656 if (UNIT_VTABLE(u)->done)
657 UNIT_VTABLE(u)->done(u);
658
659 ec = unit_get_exec_context(u);
660 if (ec)
661 exec_context_done(ec);
662
663 cc = unit_get_cgroup_context(u);
664 if (cc)
665 cgroup_context_done(cc);
666}
667
75db809a 668Unit* unit_free(Unit *u) {
12f64221 669 Unit *slice;
87f0e418
LP		 670 char *t;
671
c9d5c9c0 672 if (!u)
75db809a 673 return NULL;
87f0e418 674
50fb00b7 675 u->transient_file = safe_fclose(u->transient_file);
4f4afc88 676
2c289ea8 677 if (!MANAGER_IS_RELOADING(u->manager))
c2756a68
LP		 678 unit_remove_transient(u);
679
c1e1601e
LP		 680 bus_unit_send_removed_signal(u);
681
598459ce 682 unit_done(u);
a013b84b 683
50be4f4a 684 unit_dequeue_rewatch_pids(u);
cf9fd508 685
73458283
YW		 686 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
687 u->bus_track = sd_bus_track_unref(u->bus_track);
05a98afd 688 u->deserialized_refs = strv_free(u->deserialized_refs);
d9e45bc3 689 u->pending_freezer_message = sd_bus_message_unref(u->pending_freezer_message);
05a98afd 690
a57f7e2c
LP		 691 unit_free_requires_mounts_for(u);
692
90e74a66 693 SET_FOREACH(t, u->aliases)
ac155bb8 694 hashmap_remove_value(u->manager->units, t, u);
4562c355
ZJS		 695 if (u->id)
696 hashmap_remove_value(u->manager->units, u->id, u);
87f0e418 697
4b58153d
LP		 698 if (!sd_id128_is_null(u->invocation_id))
699 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
700
97e7d748
MS		 701 if (u->job) {
702 Job *j = u->job;
703 job_uninstall(j);
704 job_free(j);
705 }
964e0949 706
e0209d83
MS		 707 if (u->nop_job) {
708 Job *j = u->nop_job;
709 job_uninstall(j);
710 job_free(j);
711 }
712
4c591f39
MK		 713 /* A unit is being dropped from the tree, make sure our family is realized properly. Do this after we
714 * detach the unit from slice tree in order to eliminate its effect on controller masks. */
12f64221 715 slice = UNIT_GET_SLICE(u);
d219a2b0 716 unit_clear_dependencies(u);
12f64221
LP		 717 if (slice)
718 unit_add_family_to_cgroup_realize_queue(slice);
fb46fca7 719
adefcf28
LP		 720 if (u->on_console)
721 manager_unref_console(u->manager);
722
3d027d4d
JK		 723
724 fdset_free(u->initial_socket_bind_link_fds);
91ce91c7
JK		 725#if BPF_FRAMEWORK
726 bpf_link_free(u->ipv4_socket_bind_link);
727 bpf_link_free(u->ipv6_socket_bind_link);
728#endif
729
efdb0237 730 unit_release_cgroup(u);
72673e86 731
d3070fbd
LP		 732 if (!MANAGER_IS_RELOADING(u->manager))
733 unit_unlink_state_files(u);
734
00d9ef85
LP		 735 unit_unref_uid_gid(u, false);
736
5269eb6b 737 (void) manager_update_failed_units(u->manager, u, false);
db785129 738 set_remove(u->manager->startup_units, u);
f755e3b7 739
a911bb9a
LP		 740 unit_unwatch_all_pids(u);
741
7f7d01ed
ZJS		 742 while (u->refs_by_target)
743 unit_ref_unset(u->refs_by_target);
57020a3a 744
ac155bb8 745 if (u->type != _UNIT_TYPE_INVALID)
71fda00f 746 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
ef734fd6 747
ac155bb8 748 if (u->in_load_queue)
71fda00f 749 LIST_REMOVE(load_queue, u->manager->load_queue, u);
87f0e418 750
ac155bb8 751 if (u->in_dbus_queue)
71fda00f 752 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
c1e1601e 753
13e72103
MK		 754 if (u->in_cleanup_queue)
755 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
756
a2d72e26 757 if (u->in_gc_queue)
c5a97ed1 758 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
701cc384 759
91a6073e
LP		 760 if (u->in_cgroup_realize_queue)
761 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
87f0e418 762
09e24654
LP		 763 if (u->in_cgroup_empty_queue)
764 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
765
13e72103
MK		 766 if (u->in_cgroup_oom_queue)
767 LIST_REMOVE(cgroup_oom_queue, u->manager->cgroup_oom_queue, u);
adefcf28 768
19496554
MS		 769 if (u->in_target_deps_queue)
770 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
771
a3c1168a
LP		 772 if (u->in_stop_when_unneeded_queue)
773 LIST_REMOVE(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
774
0bc488c9
LP		 775 if (u->in_start_when_upheld_queue)
776 LIST_REMOVE(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
777
56c59592
LP		 778 if (u->in_stop_when_bound_queue)
779 LIST_REMOVE(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
780
0fd9c28c 781 bpf_firewall_close(u);
fab34748 782
5f8ba20d
JK		 783 hashmap_free(u->bpf_foreign_by_key);
784
76dc1725 785 bpf_program_free(u->bpf_device_control_installed);
084c7007 786
6f50d4f7
MV		 787#if BPF_FRAMEWORK
788 bpf_link_free(u->restrict_ifaces_ingress_bpf_link);
789 bpf_link_free(u->restrict_ifaces_egress_bpf_link);
790#endif
791 fdset_free(u->initial_restric_ifaces_link_fds);
792
a946fa9b
ZJS		 793 condition_free_list(u->conditions);
794 condition_free_list(u->asserts);
f755e3b7 795
ac155bb8 796 free(u->description);
49dbfa7b 797 strv_free(u->documentation);
ac155bb8 798 free(u->fragment_path);
1b64d026 799 free(u->source_path);
ae7a7182 800 strv_free(u->dropin_paths);
ac155bb8 801 free(u->instance);
87f0e418 802
f189ab18 803 free(u->job_timeout_reboot_arg);
6bf0f408
LP		 804 free(u->reboot_arg);
805
23e9a7dd
LP		 806 free(u->access_selinux_context);
807
4562c355
ZJS		 808 set_free_free(u->aliases);
809 free(u->id);
810
48b92b37
LB		 811 activation_details_unref(u->activation_details);
812
75db809a 813 return mfree(u);
87f0e418
LP		 814}
815
d9e45bc3
MS		 816FreezerState unit_freezer_state(Unit *u) {
817 assert(u);
818
819 return u->freezer_state;
820}
821
822int unit_freezer_state_kernel(Unit *u, FreezerState *ret) {
823 char *values[1] = {};
824 int r;
825
826 assert(u);
827
828 r = cg_get_keyed_attribute(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, "cgroup.events",
829 STRV_MAKE("frozen"), values);
830 if (r < 0)
831 return r;
832
833 r = _FREEZER_STATE_INVALID;
834
835 if (values[0]) {
836 if (streq(values[0], "0"))
837 r = FREEZER_RUNNING;
838 else if (streq(values[0], "1"))
839 r = FREEZER_FROZEN;
840 }
841
842 free(values[0]);
843 *ret = r;
844
845 return 0;
846}
847
87f0e418
LP		 848UnitActiveState unit_active_state(Unit *u) {
849 assert(u);
850
ac155bb8 851 if (u->load_state == UNIT_MERGED)
6124958c
LP		 852 return unit_active_state(unit_follow_merge(u));
853
854 /* After a reload it might happen that a unit is not correctly
855 * loaded but still has a process around. That's why we won't
fdf20a31 856 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
87f0e418
LP		 857
858 return UNIT_VTABLE(u)->active_state(u);
859}
860
10a94420
LP		 861const char* unit_sub_state_to_string(Unit *u) {
862 assert(u);
863
864 return UNIT_VTABLE(u)->sub_state_to_string(u);
865}
866
15ed3c3a 867static int unit_merge_names(Unit *u, Unit *other) {
4562c355 868 char *name;
7c0b05e5 869 int r;
87f0e418 870
23a177ef
LP		 871 assert(u);
872 assert(other);
873
4562c355 874 r = unit_add_alias(u, other->id);
7c0b05e5
MS		 875 if (r < 0)
876 return r;
23a177ef 877
4562c355
ZJS		 878 r = set_move(u->aliases, other->aliases);
879 if (r < 0) {
880 set_remove(u->aliases, other->id);
881 return r;
882 }
23a177ef 883
4562c355
ZJS		 884 TAKE_PTR(other->id);
885 other->aliases = set_free_free(other->aliases);
23a177ef 886
90e74a66 887 SET_FOREACH(name, u->aliases)
4562c355 888 assert_se(hashmap_replace(u->manager->units, name, u) == 0);
7c0b05e5
MS		 889
890 return 0;
87f0e418
LP		 891}
892
15ed3c3a
LP		 893static int unit_reserve_dependencies(Unit *u, Unit *other) {
894 size_t n_reserve;
895 Hashmap* deps;
896 void *d;
897 int r;
09a65f92
MS		 898
899 assert(u);
900 assert(other);
09a65f92 901
15ed3c3a
LP		 902 /* Let's reserve some space in the dependency hashmaps so that later on merging the units cannot
903 * fail.
904 *
905 * First make some room in the per dependency type hashmaps. Using the summed size of both unit's
906 * hashmaps is an estimate that is likely too high since they probably use some of the same
907 * types. But it's never too low, and that's all we need. */
908
909 n_reserve = MIN(hashmap_size(other->dependencies), LESS_BY((size_t) _UNIT_DEPENDENCY_MAX, hashmap_size(u->dependencies)));
910 if (n_reserve > 0) {
911 r = hashmap_ensure_allocated(&u->dependencies, NULL);
912 if (r < 0)
913 return r;
914
915 r = hashmap_reserve(u->dependencies, n_reserve);
916 if (r < 0)
917 return r;
918 }
919
920 /* Now, enlarge our per dependency type hashmaps by the number of entries in the same hashmap of the
921 * other unit's dependencies.
922 *
923 * NB: If u does not have a dependency set allocated for some dependency type, there is no need to
924 * reserve anything for. In that case other's set will be transferred as a whole to u by
925 * complete_move(). */
926
927 HASHMAP_FOREACH_KEY(deps, d, u->dependencies) {
928 Hashmap *other_deps;
929
930 other_deps = hashmap_get(other->dependencies, d);
931
932 r = hashmap_reserve(deps, hashmap_size(other_deps));
933 if (r < 0)
934 return r;
935 }
936
937 return 0;
938}
939
940static void unit_maybe_warn_about_dependency(
941 Unit *u,
942 const char *other_id,
943 UnitDependency dependency) {
944
945 assert(u);
946
947 /* Only warn about some unit types */
948 if (!IN_SET(dependency,
949 UNIT_CONFLICTS,
950 UNIT_CONFLICTED_BY,
951 UNIT_BEFORE,
952 UNIT_AFTER,
294446dc 953 UNIT_ON_SUCCESS,
15ed3c3a
LP		 954 UNIT_ON_FAILURE,
955 UNIT_TRIGGERS,
956 UNIT_TRIGGERED_BY))
957 return;
958
959 if (streq_ptr(u->id, other_id))
960 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
961 else
962 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other_id), u->id);
963}
964
965static int unit_per_dependency_type_hashmap_update(
966 Hashmap *per_type,
967 Unit *other,
968 UnitDependencyMask origin_mask,
969 UnitDependencyMask destination_mask) {
970
971 UnitDependencyInfo info;
972 int r;
973
974 assert(other);
975 assert_cc(sizeof(void*) == sizeof(info));
976
977 /* Acquire the UnitDependencyInfo entry for the Unit* we are interested in, and update it if it
978 * exists, or insert it anew if not. */
09a65f92 979
15ed3c3a
LP		 980 info.data = hashmap_get(per_type, other);
981 if (info.data) {
982 /* Entry already exists. Add in our mask. */
983
984 if (FLAGS_SET(origin_mask, info.origin_mask) &&
985 FLAGS_SET(destination_mask, info.destination_mask))
986 return 0; /* NOP */
987
988 info.origin_mask |= origin_mask;
989 info.destination_mask |= destination_mask;
990
991 r = hashmap_update(per_type, other, info.data);
992 } else {
993 info = (UnitDependencyInfo) {
994 .origin_mask = origin_mask,
995 .destination_mask = destination_mask,
996 };
09a65f92 997
15ed3c3a
LP		 998 r = hashmap_put(per_type, other, info.data);
999 }
1000 if (r < 0)
1001 return r;
1002
1003
1004 return 1;
09a65f92
MS		 1005}
1006
15ed3c3a
LP		 1007static int unit_add_dependency_hashmap(
1008 Hashmap **dependencies,
1009 UnitDependency d,
1010 Unit *other,
1011 UnitDependencyMask origin_mask,
1012 UnitDependencyMask destination_mask) {
1013
1014 Hashmap *per_type;
87f0e418 1015 int r;
23a177ef 1016
15ed3c3a
LP		 1017 assert(dependencies);
1018 assert(other);
1019 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
1020 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
1021 assert(origin_mask > 0 || destination_mask > 0);
1022
1023 /* Ensure the top-level dependency hashmap exists that maps UnitDependency → Hashmap(Unit* →
1024 * UnitDependencyInfo) */
1025 r = hashmap_ensure_allocated(dependencies, NULL);
1026 if (r < 0)
1027 return r;
1028
1029 /* Acquire the inner hashmap, that maps Unit* → UnitDependencyInfo, for the specified dependency
1030 * type, and if it's missing allocate it and insert it. */
1031 per_type = hashmap_get(*dependencies, UNIT_DEPENDENCY_TO_PTR(d));
1032 if (!per_type) {
1033 per_type = hashmap_new(NULL);
1034 if (!per_type)
1035 return -ENOMEM;
1036
1037 r = hashmap_put(*dependencies, UNIT_DEPENDENCY_TO_PTR(d), per_type);
1038 if (r < 0) {
1039 hashmap_free(per_type);
1040 return r;
1041 }
1042 }
1043
1044 return unit_per_dependency_type_hashmap_update(per_type, other, origin_mask, destination_mask);
1045}
1046
1047static void unit_merge_dependencies(
1048 Unit *u,
1049 Unit *other) {
1050
1051 int r;
eef85c4a 1052
23a177ef
LP		 1053 assert(u);
1054 assert(other);
23a177ef 1055
15ed3c3a
LP		 1056 if (u == other)
1057 return;
1058
1059 for (;;) {
1060 _cleanup_(hashmap_freep) Hashmap *other_deps = NULL;
1061 UnitDependencyInfo di_back;
1062 Unit *back;
1063 void *dt; /* Actually of type UnitDependency, except that we don't bother casting it here,
1064 * since the hashmaps all want it as void pointer. */
1065
1066 /* Let's focus on one dependency type at a time, that 'other' has defined. */
1067 other_deps = hashmap_steal_first_key_and_value(other->dependencies, &dt);
1068 if (!other_deps)
1069 break; /* done! */
1070
1071 /* Now iterate through all dependencies of this dependency type, of 'other'. We refer to the
1072 * referenced units as 'back'. */
1073 HASHMAP_FOREACH_KEY(di_back.data, back, other_deps) {
1074 Hashmap *back_deps;
1075 void *back_dt;
eef85c4a 1076
e66047ff 1077 if (back == u) {
15ed3c3a
LP		 1078 /* This is a dependency pointing back to the unit we want to merge with?
1079 * Suppress it (but warn) */
1080 unit_maybe_warn_about_dependency(u, other->id, UNIT_DEPENDENCY_FROM_PTR(dt));
1081 continue;
1082 }
eef85c4a 1083
15ed3c3a
LP		 1084 /* Now iterate through all deps of 'back', and fix the ones pointing to 'other' to
1085 * point to 'u' instead. */
1086 HASHMAP_FOREACH_KEY(back_deps, back_dt, back->dependencies) {
1087 UnitDependencyInfo di_move;
eef85c4a 1088
15ed3c3a
LP		 1089 di_move.data = hashmap_remove(back_deps, other);
1090 if (!di_move.data)
1091 continue;
eef85c4a 1092
15ed3c3a
LP		 1093 assert_se(unit_per_dependency_type_hashmap_update(
1094 back_deps,
1095 u,
1096 di_move.origin_mask,
1097 di_move.destination_mask) >= 0);
1098 }
1099 }
eef85c4a 1100
15ed3c3a
LP		 1101 /* Now all references towards 'other' of the current type 'dt' are corrected to point to
1102 * 'u'. Lets's now move the deps of type 'dt' from 'other' to 'u'. First, let's try to move
1103 * them per type wholesale. */
1104 r = hashmap_put(u->dependencies, dt, other_deps);
1105 if (r == -EEXIST) {
1106 Hashmap *deps;
eef85c4a 1107
15ed3c3a 1108 /* The target unit already has dependencies of this type, let's then merge this individually. */
eef85c4a 1109
15ed3c3a
LP		 1110 assert_se(deps = hashmap_get(u->dependencies, dt));
1111
1112 for (;;) {
1113 UnitDependencyInfo di_move;
1114
1115 /* Get first dep */
1116 di_move.data = hashmap_steal_first_key_and_value(other_deps, (void**) &back);
1117 if (!di_move.data)
1118 break; /* done */
1119 if (back == u) {
1120 /* Would point back to us, ignore */
1121 unit_maybe_warn_about_dependency(u, other->id, UNIT_DEPENDENCY_FROM_PTR(dt));
1122 continue;
1123 }
23a177ef 1124
15ed3c3a
LP		 1125 assert_se(unit_per_dependency_type_hashmap_update(deps, back, di_move.origin_mask, di_move.destination_mask) >= 0);
1126 }
1127 } else {
1128 assert_se(r >= 0);
1129 TAKE_PTR(other_deps);
e66047ff 1130
15ed3c3a
LP		 1131 if (hashmap_remove(other_deps, u))
1132 unit_maybe_warn_about_dependency(u, other->id, UNIT_DEPENDENCY_FROM_PTR(dt));
1133 }
1134 }
23a177ef 1135
15ed3c3a 1136 other->dependencies = hashmap_free(other->dependencies);
23a177ef
LP		 1137}
1138
1139int unit_merge(Unit *u, Unit *other) {
09a65f92 1140 int r;
87f0e418
LP		 1141
1142 assert(u);
1143 assert(other);
ac155bb8
MS		 1144 assert(u->manager == other->manager);
1145 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 1146
cc916967
LP		 1147 other = unit_follow_merge(other);
1148
23a177ef
LP		 1149 if (other == u)
1150 return 0;
1151
ac155bb8 1152 if (u->type != other->type)
9e2f7c11
LP		 1153 return -EINVAL;
1154
8a993b61 1155 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
934e749e
LP		 1156 return -EEXIST;
1157
ec2ce0c5 1158 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
23a177ef 1159 return -EEXIST;
87f0e418 1160
d383acad
ZJS		 1161 if (!streq_ptr(u->instance, other->instance))
1162 return -EINVAL;
1163
ac155bb8 1164 if (other->job)
819e213f
LP		 1165 return -EEXIST;
1166
e0209d83
MS		 1167 if (other->nop_job)
1168 return -EEXIST;
1169
fdf20a31 1170 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
819e213f
LP		 1171 return -EEXIST;
1172
15ed3c3a
LP		 1173 /* Make reservations to ensure merge_dependencies() won't fail. We don't rollback reservations if we
1174 * fail. We don't have a way to undo reservations. A reservation is not a leak. */
1175 r = unit_reserve_dependencies(u, other);
1176 if (r < 0)
1177 return r;
09a65f92 1178
87f0e418 1179 /* Merge names */
15ed3c3a 1180 r = unit_merge_names(u, other);
7c0b05e5
MS		 1181 if (r < 0)
1182 return r;
87f0e418 1183
57020a3a 1184 /* Redirect all references */
7f7d01ed
ZJS		 1185 while (other->refs_by_target)
1186 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
57020a3a 1187
87f0e418 1188 /* Merge dependencies */
15ed3c3a 1189 unit_merge_dependencies(u, other);
87f0e418 1190
ac155bb8
MS		 1191 other->load_state = UNIT_MERGED;
1192 other->merged_into = u;
23a177ef 1193
48b92b37
LB		 1194 if (!u->activation_details)
1195 u->activation_details = activation_details_ref(other->activation_details);
1196
3616a49c
LP		 1197 /* If there is still some data attached to the other node, we
1198 * don't need it anymore, and can free it. */
ac155bb8 1199 if (other->load_state != UNIT_STUB)
3616a49c
LP		 1200 if (UNIT_VTABLE(other)->done)
1201 UNIT_VTABLE(other)->done(other);
1202
1203 unit_add_to_dbus_queue(u);
23a177ef
LP		 1204 unit_add_to_cleanup_queue(other);
1205
1206 return 0;
1207}
1208
1209int unit_merge_by_name(Unit *u, const char *name) {
934e749e 1210 _cleanup_free_ char *s = NULL;
23a177ef 1211 Unit *other;
9e2f7c11 1212 int r;
23a177ef 1213
e8630e69
ZJS		 1214 /* Either add name to u, or if a unit with name already exists, merge it with u.
1215 * If name is a template, do the same for name@instance, where instance is u's instance. */
1216
23a177ef
LP		 1217 assert(u);
1218 assert(name);
1219
7410616c 1220 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 1221 if (!u->instance)
9e2f7c11
LP		 1222 return -EINVAL;
1223
7410616c
LP		 1224 r = unit_name_replace_instance(name, u->instance, &s);
1225 if (r < 0)
1226 return r;
9e2f7c11
LP		 1227
1228 name = s;
1229 }
1230
c2756a68 1231 other = manager_get_unit(u->manager, name);
7410616c
LP		 1232 if (other)
1233 return unit_merge(u, other);
23a177ef 1234
7410616c 1235 return unit_add_name(u, name);
23a177ef
LP		 1236}
1237
1238Unit* unit_follow_merge(Unit *u) {
1239 assert(u);
1240
ac155bb8
MS		 1241 while (u->load_state == UNIT_MERGED)
1242 assert_se(u = u->merged_into);
23a177ef
LP		 1243
1244 return u;
1245}
1246
1247int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
1248 int r;
1249
1250 assert(u);
1251 assert(c);
1252
a8c5a4c6
YW		 1253 /* Unlike unit_add_dependency() or friends, this always returns 0 on success. */
1254
e1e74614 1255 if (c->working_directory && !c->working_directory_missing_ok) {
eef85c4a 1256 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
36be24c8
ZJS		 1257 if (r < 0)
1258 return r;
1259 }
1260
1261 if (c->root_directory) {
eef85c4a 1262 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
36be24c8
ZJS		 1263 if (r < 0)
1264 return r;
1265 }
1266
915e6d16 1267 if (c->root_image) {
eef85c4a 1268 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
915e6d16
LP		 1269 if (r < 0)
1270 return r;
1271 }
1272
12375b95 1273 for (ExecDirectoryType dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
ada5e276
YW		 1274 if (!u->manager->prefix[dt])
1275 continue;
1276
211a3d87 1277 for (size_t i = 0; i < c->directories[dt].n_items; i++) {
c2b2df60 1278 _cleanup_free_ char *p = NULL;
ada5e276 1279
211a3d87 1280 p = path_join(u->manager->prefix[dt], c->directories[dt].items[i].path);
ada5e276
YW		 1281 if (!p)
1282 return -ENOMEM;
1283
eef85c4a 1284 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
ada5e276
YW		 1285 if (r < 0)
1286 return r;
1287 }
1288 }
1289
463d0d15 1290 if (!MANAGER_IS_SYSTEM(u->manager))
b46a529c
LP		 1291 return 0;
1292
f3b7a79b
LP		 1293 /* For the following three directory types we need write access, and /var/ is possibly on the root
1294 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
211a3d87
LB		 1295 if (c->directories[EXEC_DIRECTORY_STATE].n_items > 0 ||
1296 c->directories[EXEC_DIRECTORY_CACHE].n_items > 0 ||
1297 c->directories[EXEC_DIRECTORY_LOGS].n_items > 0) {
f3b7a79b
LP		 1298 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_REMOUNT_FS_SERVICE, true, UNIT_DEPENDENCY_FILE);
1299 if (r < 0)
1300 return r;
1301 }
1302
b46a529c 1303 if (c->private_tmp) {
d71f0505 1304
b2c7d1bb
FB		 1305 /* FIXME: for now we make a special case for /tmp and add a weak dependency on
1306 * tmp.mount so /tmp being masked is supported. However there's no reason to treat
1307 * /tmp specifically and masking other mount units should be handled more
1308 * gracefully too, see PR#16894. */
1309 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "tmp.mount", true, UNIT_DEPENDENCY_FILE);
1310 if (r < 0)
1311 return r;
1312
1313 r = unit_require_mounts_for(u, "/var/tmp", UNIT_DEPENDENCY_FILE);
1314 if (r < 0)
1315 return r;
b46a529c 1316
35d8c19a 1317 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, true, UNIT_DEPENDENCY_FILE);
b46a529c
LP		 1318 if (r < 0)
1319 return r;
1320 }
1321
33b58dfb
LP		 1322 if (c->root_image) {
1323 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1324 * implicit dependency on udev */
1325
1326 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_UDEVD_SERVICE, true, UNIT_DEPENDENCY_FILE);
1327 if (r < 0)
1328 return r;
1329 }
1330
52c239d7
LB		 1331 if (!IN_SET(c->std_output,
1332 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
f3dc6af2 1333 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
52c239d7
LB		 1334 !IN_SET(c->std_error,
1335 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
f3dc6af2 1336 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
91dd5f7c 1337 !c->log_namespace)
23a177ef
LP		 1338 return 0;
1339
91dd5f7c
LP		 1340 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1341 * is run first. */
1342
1343 if (c->log_namespace) {
dc5437c7 1344 _cleanup_free_ char *socket_unit = NULL, *varlink_socket_unit = NULL;
23a177ef 1345
91dd5f7c
LP		 1346 r = unit_name_build_from_type("systemd-journald", c->log_namespace, UNIT_SOCKET, &socket_unit);
1347 if (r < 0)
1348 return r;
1349
1350 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, socket_unit, true, UNIT_DEPENDENCY_FILE);
1351 if (r < 0)
1352 return r;
dc5437c7
LP		 1353
1354 r = unit_name_build_from_type("systemd-journald-varlink", c->log_namespace, UNIT_SOCKET, &varlink_socket_unit);
1355 if (r < 0)
1356 return r;
1357
1358 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, varlink_socket_unit, true, UNIT_DEPENDENCY_FILE);
1359 if (r < 0)
1360 return r;
91dd5f7c
LP		 1361 } else
1362 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, true, UNIT_DEPENDENCY_FILE);
b46a529c
LP		 1363 if (r < 0)
1364 return r;
23a177ef 1365
87f0e418
LP		 1366 return 0;
1367}
1368
04d232d8 1369const char* unit_description(Unit *u) {
87f0e418
LP		 1370 assert(u);
1371
ac155bb8
MS		 1372 if (u->description)
1373 return u->description;
87f0e418 1374
ac155bb8 1375 return strna(u->id);
87f0e418
LP		 1376}
1377
e6a16a82 1378const char* unit_status_string(Unit *u, char **ret_combined_buffer) {
2a8f53c6 1379 assert(u);
04d232d8 1380 assert(u->id);
2a8f53c6 1381
04d232d8
ZJS		 1382 /* Return u->id, u->description, or "{u->id} - {u->description}".
1383 * Versions with u->description are only used if it is set.
e6a16a82
ZJS		 1384 * The last option is used if configured and the caller provided the 'ret_combined_buffer'
1385 * pointer.
1386 *
1387 * Note that *ret_combined_buffer may be set to NULL. */
04d232d8
ZJS		 1388
1389 if (!u->description ||
1390 u->manager->status_unit_format == STATUS_UNIT_FORMAT_NAME ||
e6a16a82
ZJS		 1391 (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && !ret_combined_buffer) ||
1392 streq(u->description, u->id)) {
1393
1394 if (ret_combined_buffer)
1395 *ret_combined_buffer = NULL;
2a8f53c6 1396 return u->id;
e6a16a82 1397 }
2a8f53c6 1398
e6a16a82
ZJS		 1399 if (ret_combined_buffer) {
1400 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED) {
1401 *ret_combined_buffer = strjoin(u->id, " - ", u->description);
1402 if (*ret_combined_buffer)
1403 return *ret_combined_buffer;
1404 log_oom(); /* Fall back to ->description */
04d232d8 1405 } else
e6a16a82 1406 *ret_combined_buffer = NULL;
04d232d8
ZJS		 1407 }
1408
1409 return u->description;
2a8f53c6
ZJS		 1410}
1411
87f0e418 1412/* Common implementation for multiple backends */
c3620770 1413int unit_load_fragment_and_dropin(Unit *u, bool fragment_required) {
23a177ef
LP		 1414 int r;
1415
1416 assert(u);
23a177ef 1417
e48614c4 1418 /* Load a .{service,socket,...} file */
4ad49000
LP		 1419 r = unit_load_fragment(u);
1420 if (r < 0)
23a177ef
LP		 1421 return r;
1422
c3620770
ZJS		 1423 if (u->load_state == UNIT_STUB) {
1424 if (fragment_required)
1425 return -ENOENT;
1426
1427 u->load_state = UNIT_LOADED;
1428 }
23a177ef 1429
9e4ea9cc
ZJS		 1430 /* Load drop-in directory data. If u is an alias, we might be reloading the
1431 * target unit needlessly. But we cannot be sure which drops-ins have already
1432 * been loaded and which not, at least without doing complicated book-keeping,
1433 * so let's always reread all drop-ins. */
c9e06956
ZJS		 1434 r = unit_load_dropin(unit_follow_merge(u));
1435 if (r < 0)
1436 return r;
1437
1438 if (u->source_path) {
1439 struct stat st;
1440
1441 if (stat(u->source_path, &st) >= 0)
1442 u->source_mtime = timespec_load(&st.st_mtim);
1443 else
1444 u->source_mtime = 0;
1445 }
1446
1447 return 0;
23a177ef
LP		 1448}
1449
19496554
MS		 1450void unit_add_to_target_deps_queue(Unit *u) {
1451 Manager *m = u->manager;
1452
1453 assert(u);
1454
1455 if (u->in_target_deps_queue)
1456 return;
1457
1458 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1459 u->in_target_deps_queue = true;
1460}
1461
bba34eed 1462int unit_add_default_target_dependency(Unit *u, Unit *target) {
98bc2000
LP		 1463 assert(u);
1464 assert(target);
1465
ac155bb8 1466 if (target->type != UNIT_TARGET)
98bc2000
LP		 1467 return 0;
1468
35b8ca3a 1469 /* Only add the dependency if both units are loaded, so that
bba34eed 1470 * that loop check below is reliable */
ac155bb8
MS		 1471 if (u->load_state != UNIT_LOADED ||
1472 target->load_state != UNIT_LOADED)
bba34eed
LP		 1473 return 0;
1474
21256a2b
LP		 1475 /* If either side wants no automatic dependencies, then let's
1476 * skip this */
ac155bb8
MS		 1477 if (!u->default_dependencies ||
1478 !target->default_dependencies)
21256a2b
LP		 1479 return 0;
1480
98bc2000 1481 /* Don't create loops */
15ed3c3a 1482 if (unit_has_dependency(target, UNIT_ATOM_BEFORE, u))
98bc2000
LP		 1483 return 0;
1484
eef85c4a 1485 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
98bc2000
LP		 1486}
1487
e954c9cf 1488static int unit_add_slice_dependencies(Unit *u) {
12f64221 1489 Unit *slice;
e954c9cf 1490 assert(u);
b81884e7 1491
35b7ff80 1492 if (!UNIT_HAS_CGROUP_CONTEXT(u))
e954c9cf
LP		 1493 return 0;
1494
eef85c4a
LP		 1495 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1496 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1497 relationship). */
f6173cb9 1498 UnitDependencyMask mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
eef85c4a 1499
12f64221
LP		 1500 slice = UNIT_GET_SLICE(u);
1501 if (slice)
1502 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, slice, true, mask);
e954c9cf 1503
8c8da0e0 1504 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
d1fab3fe
ZJS		 1505 return 0;
1506
5a724170 1507 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, true, mask);
98bc2000
LP		 1508}
1509
e954c9cf 1510static int unit_add_mount_dependencies(Unit *u) {
eef85c4a
LP		 1511 UnitDependencyInfo di;
1512 const char *path;
a8c5a4c6 1513 bool changed = false;
9588bc32
LP		 1514 int r;
1515
1516 assert(u);
1517
90e74a66 1518 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for) {
eef85c4a 1519 char prefix[strlen(path) + 1];
9588bc32 1520
eef85c4a 1521 PATH_FOREACH_PREFIX_MORE(prefix, path) {
c7c89abb 1522 _cleanup_free_ char *p = NULL;
9588bc32
LP		 1523 Unit *m;
1524
c7c89abb 1525 r = unit_name_from_path(prefix, ".mount", &p);
03e52e8c 1526 if (r == -EINVAL)
598a6a84 1527 continue; /* If the path cannot be converted to a mount unit name, then it's
4076ad9d 1528 * not manageable as a unit by systemd, and hence we don't need a
598a6a84 1529 * dependency on it. Let's thus silently ignore the issue. */
9588bc32
LP		 1530 if (r < 0)
1531 return r;
c7c89abb
FB		 1532
1533 m = manager_get_unit(u->manager, p);
1534 if (!m) {
598a6a84
LP		 1535 /* Make sure to load the mount unit if it exists. If so the dependencies on
1536 * this unit will be added later during the loading of the mount unit. */
c7c89abb 1537 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
9588bc32 1538 continue;
c7c89abb 1539 }
9588bc32
LP		 1540 if (m == u)
1541 continue;
1542
1543 if (m->load_state != UNIT_LOADED)
1544 continue;
1545
eef85c4a 1546 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
9588bc32
LP		 1547 if (r < 0)
1548 return r;
a8c5a4c6 1549 changed = changed || r > 0;
9588bc32
LP		 1550
1551 if (m->fragment_path) {
eef85c4a 1552 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
9588bc32
LP		 1553 if (r < 0)
1554 return r;
a8c5a4c6 1555 changed = changed || r > 0;
9588bc32
LP		 1556 }
1557 }
1558 }
1559
a8c5a4c6 1560 return changed;
9588bc32
LP		 1561}
1562
a2db0225
AZ		 1563static int unit_add_oomd_dependencies(Unit *u) {
1564 CGroupContext *c;
1565 bool wants_oomd;
a2db0225
AZ		 1566
1567 assert(u);
1568
1569 if (!u->default_dependencies)
1570 return 0;
1571
1572 c = unit_get_cgroup_context(u);
1573 if (!c)
1574 return 0;
1575
1576 wants_oomd = (c->moom_swap == MANAGED_OOM_KILL || c->moom_mem_pressure == MANAGED_OOM_KILL);
1577 if (!wants_oomd)
1578 return 0;
1579
a8c5a4c6 1580 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "systemd-oomd.service", true, UNIT_DEPENDENCY_FILE);
a2db0225
AZ		 1581}
1582
95ae05c0 1583static int unit_add_startup_units(Unit *u) {
9dfb6a3a 1584 if (!unit_has_startup_cgroup_constraints(u))
db785129
LP		 1585 return 0;
1586
de7fef4b 1587 return set_ensure_put(&u->manager->startup_units, NULL, u);
95ae05c0
WC		 1588}
1589
294446dc
LP		 1590static int unit_validate_on_failure_job_mode(
1591 Unit *u,
1592 const char *job_mode_setting,
1593 JobMode job_mode,
1594 const char *dependency_name,
1595 UnitDependencyAtom atom) {
1596
1597 Unit *other, *found = NULL;
1598
1599 if (job_mode != JOB_ISOLATE)
1600 return 0;
1601
1602 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
1603 if (!found)
1604 found = other;
1605 else if (found != other)
1606 return log_unit_error_errno(
1607 u, SYNTHETIC_ERRNO(ENOEXEC),
1608 "More than one %s dependencies specified but %sisolate set. Refusing.",
1609 dependency_name, job_mode_setting);
1610 }
1611
1612 return 0;
1613}
1614
87f0e418
LP		 1615int unit_load(Unit *u) {
1616 int r;
1617
1618 assert(u);
1619
ac155bb8 1620 if (u->in_load_queue) {
71fda00f 1621 LIST_REMOVE(load_queue, u->manager->load_queue, u);
ac155bb8 1622 u->in_load_queue = false;
87f0e418
LP		 1623 }
1624
ac155bb8 1625 if (u->type == _UNIT_TYPE_INVALID)
e537352b
LP		 1626 return -EINVAL;
1627
ac155bb8 1628 if (u->load_state != UNIT_STUB)
87f0e418
LP		 1629 return 0;
1630
4f4afc88 1631 if (u->transient_file) {
66fa4bdd
LP		 1632 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1633 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1634
4f4afc88
LP		 1635 r = fflush_and_check(u->transient_file);
1636 if (r < 0)
1637 goto fail;
1638
50fb00b7 1639 u->transient_file = safe_fclose(u->transient_file);
f76707da 1640 u->fragment_mtime = now(CLOCK_REALTIME);
4f4afc88
LP		 1641 }
1642
c3784a7d
ZJS		 1643 r = UNIT_VTABLE(u)->load(u);
1644 if (r < 0)
23a177ef 1645 goto fail;
c3784a7d
ZJS		 1646
1647 assert(u->load_state != UNIT_STUB);
23a177ef 1648
7c8fa05c 1649 if (u->load_state == UNIT_LOADED) {
19496554 1650 unit_add_to_target_deps_queue(u);
e954c9cf
LP		 1651
1652 r = unit_add_slice_dependencies(u);
1653 if (r < 0)
1654 goto fail;
c2756a68 1655
e954c9cf 1656 r = unit_add_mount_dependencies(u);
7c8fa05c 1657 if (r < 0)
c2756a68 1658 goto fail;
7c8fa05c 1659
a2db0225
AZ		 1660 r = unit_add_oomd_dependencies(u);
1661 if (r < 0)
1662 goto fail;
1663
95ae05c0
WC		 1664 r = unit_add_startup_units(u);
1665 if (r < 0)
1666 goto fail;
1667
294446dc
LP		 1668 r = unit_validate_on_failure_job_mode(u, "OnSuccessJobMode=", u->on_success_job_mode, "OnSuccess=", UNIT_ATOM_ON_SUCCESS);
1669 if (r < 0)
1670 goto fail;
15ed3c3a 1671
294446dc
LP		 1672 r = unit_validate_on_failure_job_mode(u, "OnFailureJobMode=", u->on_failure_job_mode, "OnFailure=", UNIT_ATOM_ON_FAILURE);
1673 if (r < 0)
1674 goto fail;
bc432dc7 1675
a2df3ea4
MK		 1676 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1677 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1678
5af88058
LP		 1679 /* We finished loading, let's ensure our parents recalculate the members mask */
1680 unit_invalidate_cgroup_members_masks(u);
f68319bb
LP		 1681 }
1682
ac155bb8 1683 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
23a177ef
LP		 1684
1685 unit_add_to_dbus_queue(unit_follow_merge(u));
701cc384 1686 unit_add_to_gc_queue(u);
f561e8c6 1687 (void) manager_varlink_send_managed_oom_update(u);
87f0e418 1688
87f0e418
LP		 1689 return 0;
1690
1691fail:
81be2388
ZJS		 1692 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code
1693 * should hence return ENOEXEC to ensure units are placed in this state after loading. */
c4555ad8
LP		 1694
1695 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1696 r == -ENOEXEC ? UNIT_BAD_SETTING :
1697 UNIT_ERROR;
ac155bb8 1698 u->load_error = r;
c4555ad8 1699
c149d2b4
ZJS		 1700 /* Record the timestamp on the cache, so that if the cache gets updated between now and the next time
1701 * an attempt is made to load this unit, we know we need to check again. */
7233e91a 1702 if (u->load_state == UNIT_NOT_FOUND)
c2911d48 1703 u->fragment_not_found_timestamp_hash = u->manager->unit_cache_timestamp_hash;
7233e91a 1704
c1e1601e 1705 unit_add_to_dbus_queue(u);
9a46fc3b 1706 unit_add_to_gc_queue(u);
23a177ef 1707
c4555ad8 1708 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
87f0e418
LP		 1709}
1710
f9f88198
YW		 1711_printf_(7, 8)
1712static int log_unit_internal(void *userdata, int level, int error, const char *file, int line, const char *func, const char *format, ...) {
1713 Unit *u = userdata;
1714 va_list ap;
1715 int r;
49365733 1716
c2503e35
RH		 1717 if (u && !unit_log_level_test(u, level))
1718 return -ERRNO_VALUE(error);
1719
f9f88198
YW		 1720 va_start(ap, format);
1721 if (u)
1722 r = log_object_internalv(level, error, file, line, func,
1723 u->manager->unit_log_field,
1724 u->id,
1725 u->manager->invocation_log_field,
1726 u->invocation_id_string,
1727 format, ap);
1728 else
1729 r = log_internalv(level, error, file, line, func, format, ap);
1730 va_end(ap);
49365733 1731
f9f88198 1732 return r;
49365733
LP		 1733}
1734
97a3f4ee 1735static bool unit_test_condition(Unit *u) {
a0b191b7
LP		 1736 _cleanup_strv_free_ char **env = NULL;
1737 int r;
1738
90bbc946
LP		 1739 assert(u);
1740
ac155bb8 1741 dual_timestamp_get(&u->condition_timestamp);
90bbc946 1742
a0b191b7
LP		 1743 r = manager_get_effective_environment(u->manager, &env);
1744 if (r < 0) {
1745 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
d52cc0a5 1746 u->condition_result = true;
a0b191b7
LP		 1747 } else
1748 u->condition_result = condition_test_list(
1749 u->conditions,
1750 env,
1751 condition_type_to_string,
1752 log_unit_internal,
1753 u);
e18f8852 1754
a0b191b7 1755 unit_add_to_dbus_queue(u);
ac155bb8 1756 return u->condition_result;
90bbc946
LP		 1757}
1758
97a3f4ee 1759static bool unit_test_assert(Unit *u) {
a0b191b7
LP		 1760 _cleanup_strv_free_ char **env = NULL;
1761 int r;
1762
59fccdc5
LP		 1763 assert(u);
1764
1765 dual_timestamp_get(&u->assert_timestamp);
59fccdc5 1766
a0b191b7
LP		 1767 r = manager_get_effective_environment(u->manager, &env);
1768 if (r < 0) {
1769 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1770 u->assert_result = CONDITION_ERROR;
1771 } else
1772 u->assert_result = condition_test_list(
1773 u->asserts,
1774 env,
1775 assert_type_to_string,
1776 log_unit_internal,
1777 u);
e18f8852 1778
a0b191b7 1779 unit_add_to_dbus_queue(u);
59fccdc5
LP		 1780 return u->assert_result;
1781}
1782
04d232d8
ZJS		 1783void unit_status_printf(Unit *u, StatusType status_type, const char *status, const char *format, const char *ident) {
1784 if (log_get_show_color()) {
1785 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && strchr(ident, ' '))
1786 ident = strjoina(ANSI_HIGHLIGHT, u->id, ANSI_NORMAL, " - ", u->description);
1787 else
1788 ident = strjoina(ANSI_HIGHLIGHT, ident, ANSI_NORMAL);
1789 }
5b262f74 1790
df446f96 1791 DISABLE_WARNING_FORMAT_NONLITERAL;
04d232d8 1792 manager_status_printf(u->manager, status_type, status, format, ident);
df446f96
LP		 1793 REENABLE_WARNING;
1794}
1795
97a3f4ee 1796int unit_test_start_limit(Unit *u) {
429926e9
TR		 1797 const char *reason;
1798
6bf0f408
LP		 1799 assert(u);
1800
7bf081a1 1801 if (ratelimit_below(&u->start_ratelimit)) {
6bf0f408
LP		 1802 u->start_limit_hit = false;
1803 return 0;
1804 }
1805
1806 log_unit_warning(u, "Start request repeated too quickly.");
1807 u->start_limit_hit = true;
1808
429926e9
TR		 1809 reason = strjoina("unit ", u->id, " failed");
1810
36c4dc08
LP		 1811 emergency_action(u->manager, u->start_limit_action,
1812 EMERGENCY_ACTION_IS_WATCHDOG|EMERGENCY_ACTION_WARN,
1813 u->reboot_arg, -1, reason);
1814
1815 return -ECANCELED;
6bf0f408
LP		 1816}
1817
c891efaf 1818bool unit_shall_confirm_spawn(Unit *u) {
631b676b 1819 assert(u);
c891efaf
FB		 1820
1821 if (manager_is_confirm_spawn_disabled(u->manager))
1822 return false;
1823
1824 /* For some reasons units remaining in the same process group
1825 * as PID 1 fail to acquire the console even if it's not used
1826 * by any process. So skip the confirmation question for them. */
1827 return !unit_get_exec_context(u)->same_pgrp;
1828}
1829
631b676b
LP		 1830static bool unit_verify_deps(Unit *u) {
1831 Unit *other;
631b676b
LP		 1832
1833 assert(u);
1834
defe63b0
LP		 1835 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined
1836 * with After=. We do not check Requires= or Requisite= here as they only should have an effect on
1837 * the job processing, but do not have any effect afterwards. We don't check BindsTo= dependencies
1838 * that are not used in conjunction with After= as for them any such check would make things entirely
1839 * racy. */
631b676b 1840
15ed3c3a 1841 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
631b676b 1842
15ed3c3a 1843 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other))
631b676b
LP		 1844 continue;
1845
1846 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1847 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1848 return false;
1849 }
1850 }
1851
1852 return true;
1853}
1854
9adb6959 1855/* Errors that aren't really errors:
6bf0f408 1856 * -EALREADY: Unit is already started.
9adb6959 1857 * -ECOMM: Condition failed
6bf0f408 1858 * -EAGAIN: An operation is already in progress. Retry later.
9adb6959
LP		 1859 *
1860 * Errors that are real errors:
1861 * -EBADR: This unit type does not support starting.
2de9b979 1862 * -ECANCELED: Start limit hit, too many requests for now
6bf0f408
LP		 1863 * -EPROTO: Assert failed
1864 * -EINVAL: Unit not loaded
1865 * -EOPNOTSUPP: Unit type not supported
631b676b 1866 * -ENOLINK: The necessary dependencies are not fulfilled.
d4fd1cf2 1867 * -ESTALE: This unit has been started before and can't be started a second time
a4191c9f 1868 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
87f0e418 1869 */
48b92b37 1870int unit_start(Unit *u, ActivationDetails *details) {
87f0e418 1871 UnitActiveState state;
92ab323c 1872 Unit *following;
5f37c1a9 1873 int r;
87f0e418
LP		 1874
1875 assert(u);
1876
b161bc39
MS		 1877 /* Let's hold off running start jobs for mount units when /proc/self/mountinfo monitor is rate limited. */
1878 if (u->type == UNIT_MOUNT && sd_event_source_is_ratelimited(u->manager->mount_event_source))
1879 return -EAGAIN;
1880
5766aca8
LP		 1881 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1882 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1883 * waiting is finished. */
87f0e418
LP		 1884 state = unit_active_state(u);
1885 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1886 return -EALREADY;
380dc8b0
LP		 1887 if (state == UNIT_MAINTENANCE)
1888 return -EAGAIN;
87f0e418 1889
6bf0f408
LP		 1890 /* Units that aren't loaded cannot be started */
1891 if (u->load_state != UNIT_LOADED)
1892 return -EINVAL;
1893
d4fd1cf2
LP		 1894 /* Refuse starting scope units more than once */
1895 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1896 return -ESTALE;
1897
5766aca8
LP		 1898 /* If the conditions failed, don't do anything at all. If we already are activating this call might
1899 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1900 * recheck the condition in that case. */
a82e5507 1901 if (state != UNIT_ACTIVATING &&
5af6aa58 1902 !unit_test_condition(u))
5766aca8 1903 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(ECOMM), "Starting requested but condition failed. Not starting unit.");
52661efd 1904
59fccdc5
LP		 1905 /* If the asserts failed, fail the entire job */
1906 if (state != UNIT_ACTIVATING &&
5766aca8
LP		 1907 !unit_test_assert(u))
1908 return log_unit_notice_errno(u, SYNTHETIC_ERRNO(EPROTO), "Starting requested but asserts failed.");
59fccdc5 1909
5766aca8
LP		 1910 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1911 * condition checks, so that we rather return condition check errors (which are usually not
1912 * considered a true failure) than "not supported" errors (which are considered a failure).
d11a7645 1913 */
96cf3ec9 1914 if (!unit_type_supported(u->type))
d11a7645
LP		 1915 return -EOPNOTSUPP;
1916
5766aca8
LP		 1917 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1918 * should have taken care of this already, but let's check this here again. After all, our
1919 * dependencies might not be in effect anymore, due to a reload or due to a failed condition. */
631b676b
LP		 1920 if (!unit_verify_deps(u))
1921 return -ENOLINK;
1922
92ab323c 1923 /* Forward to the main object, if we aren't it. */
52990c2e
ZJS		 1924 following = unit_following(u);
1925 if (following) {
f2341e0a 1926 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
48b92b37 1927 return unit_start(following, details);
92ab323c
LP		 1928 }
1929
705578c3
MS		 1930 /* Check our ability to start early so that failure conditions don't cause us to enter a busy loop. */
1931 if (UNIT_VTABLE(u)->can_start) {
1932 r = UNIT_VTABLE(u)->can_start(u);
ce2146f5
DDM		 1933 if (r < 0)
1934 return r;
1935 }
1936
92ab323c
LP		 1937 /* If it is stopped, but we cannot start it, then fail */
1938 if (!UNIT_VTABLE(u)->start)
1939 return -EBADR;
1940
5766aca8
LP		 1941 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1942 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1943 * waits for a holdoff timer to elapse before it will start again. */
87f0e418 1944
c1e1601e 1945 unit_add_to_dbus_queue(u);
d9e45bc3 1946 unit_cgroup_freezer_action(u, FREEZER_THAW);
9e58ff9c 1947
48b92b37
LB		 1948 if (!u->activation_details) /* Older details object wins */
1949 u->activation_details = activation_details_ref(details);
1950
d1a34ae9 1951 return UNIT_VTABLE(u)->start(u);
87f0e418
LP		 1952}
1953
1954bool unit_can_start(Unit *u) {
1955 assert(u);
1956
8ff4d2ab
LP		 1957 if (u->load_state != UNIT_LOADED)
1958 return false;
1959
96cf3ec9 1960 if (!unit_type_supported(u->type))
8ff4d2ab
LP		 1961 return false;
1962
d4fd1cf2
LP		 1963 /* Scope units may be started only once */
1964 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1965 return false;
1966
87f0e418
LP		 1967 return !!UNIT_VTABLE(u)->start;
1968}
1969
2528a7a6
LP		 1970bool unit_can_isolate(Unit *u) {
1971 assert(u);
1972
1973 return unit_can_start(u) &&
ac155bb8 1974 u->allow_isolate;
2528a7a6
LP		 1975}
1976
87f0e418
LP		 1977/* Errors:
1978 * -EBADR: This unit type does not support stopping.
1979 * -EALREADY: Unit is already stopped.
1980 * -EAGAIN: An operation is already in progress. Retry later.
1981 */
1982int unit_stop(Unit *u) {
1983 UnitActiveState state;
92ab323c 1984 Unit *following;
87f0e418
LP		 1985
1986 assert(u);
1987
87f0e418 1988 state = unit_active_state(u);
fdf20a31 1989 if (UNIT_IS_INACTIVE_OR_FAILED(state))
87f0e418
LP		 1990 return -EALREADY;
1991
0faacd47
LP		 1992 following = unit_following(u);
1993 if (following) {
f2341e0a 1994 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
92ab323c
LP		 1995 return unit_stop(following);
1996 }
1997
7898b0cf
LP		 1998 if (!UNIT_VTABLE(u)->stop)
1999 return -EBADR;
2000
c1e1601e 2001 unit_add_to_dbus_queue(u);
d9e45bc3 2002 unit_cgroup_freezer_action(u, FREEZER_THAW);
9e58ff9c 2003
d1a34ae9 2004 return UNIT_VTABLE(u)->stop(u);
87f0e418
LP		 2005}
2006
f5869324
LP		 2007bool unit_can_stop(Unit *u) {
2008 assert(u);
2009
39c79477
ZJS		 2010 /* Note: if we return true here, it does not mean that the unit may be successfully stopped.
2011 * Extrinsic units follow external state and they may stop following external state changes
2012 * (hence we return true here), but an attempt to do this through the manager will fail. */
2013
96cf3ec9 2014 if (!unit_type_supported(u->type))
f5869324
LP		 2015 return false;
2016
2017 if (u->perpetual)
2018 return false;
2019
2020 return !!UNIT_VTABLE(u)->stop;
2021}
2022
87f0e418
LP		 2023/* Errors:
2024 * -EBADR: This unit type does not support reloading.
2025 * -ENOEXEC: Unit is not started.
2026 * -EAGAIN: An operation is already in progress. Retry later.
2027 */
2028int unit_reload(Unit *u) {
2029 UnitActiveState state;
92ab323c 2030 Unit *following;
87f0e418
LP		 2031
2032 assert(u);
2033
ac155bb8 2034 if (u->load_state != UNIT_LOADED)
6124958c
LP		 2035 return -EINVAL;
2036
87f0e418
LP		 2037 if (!unit_can_reload(u))
2038 return -EBADR;
2039
2040 state = unit_active_state(u);
e364ad06 2041 if (state == UNIT_RELOADING)
6255af75 2042 return -EAGAIN;
87f0e418 2043
d85ff944
YW		 2044 if (state != UNIT_ACTIVE)
2045 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "Unit cannot be reloaded because it is inactive.");
87f0e418 2046
e48614c4
ZJS		 2047 following = unit_following(u);
2048 if (following) {
f2341e0a 2049 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
92ab323c
LP		 2050 return unit_reload(following);
2051 }
2052
c1e1601e 2053 unit_add_to_dbus_queue(u);
82a2b6bb 2054
f54bcca5
JR		 2055 if (!UNIT_VTABLE(u)->reload) {
2056 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
2ad2e41a 2057 unit_notify(u, unit_active_state(u), unit_active_state(u), 0);
f54bcca5
JR		 2058 return 0;
2059 }
2060
d9e45bc3
MS		 2061 unit_cgroup_freezer_action(u, FREEZER_THAW);
2062
d1a34ae9 2063 return UNIT_VTABLE(u)->reload(u);
87f0e418
LP		 2064}
2065
2066bool unit_can_reload(Unit *u) {
2067 assert(u);
2068
f54bcca5
JR		 2069 if (UNIT_VTABLE(u)->can_reload)
2070 return UNIT_VTABLE(u)->can_reload(u);
87f0e418 2071
15ed3c3a 2072 if (unit_has_dependency(u, UNIT_ATOM_PROPAGATES_RELOAD_TO, NULL))
87f0e418
LP		 2073 return true;
2074
f54bcca5 2075 return UNIT_VTABLE(u)->reload;
87f0e418
LP		 2076}
2077
a3c1168a 2078bool unit_is_unneeded(Unit *u) {
15ed3c3a 2079 Unit *other;
f3bff0eb
LP		 2080 assert(u);
2081
ac155bb8 2082 if (!u->stop_when_unneeded)
a3c1168a 2083 return false;
f3bff0eb 2084
a3c1168a 2085 /* Don't clean up while the unit is transitioning or is even inactive. */
116654d2 2086 if (unit_active_state(u) != UNIT_ACTIVE)
a3c1168a
LP		 2087 return false;
2088 if (u->job)
2089 return false;
f3bff0eb 2090
15ed3c3a 2091 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_PINS_STOP_WHEN_UNNEEDED) {
fda09318 2092 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
a3c1168a 2093 * restart, then don't clean this one up. */
b81884e7 2094
15ed3c3a
LP		 2095 if (other->job)
2096 return false;
a3c1168a 2097
15ed3c3a
LP		 2098 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2099 return false;
a3c1168a 2100
15ed3c3a
LP		 2101 if (unit_will_restart(other))
2102 return false;
bea355da
LP		 2103 }
2104
a3c1168a
LP		 2105 return true;
2106}
f3bff0eb 2107
0bc488c9
LP		 2108bool unit_is_upheld_by_active(Unit *u, Unit **ret_culprit) {
2109 Unit *other;
2110
2111 assert(u);
2112
2113 /* Checks if the unit needs to be started because it currently is not running, but some other unit
2114 * that is active declared an Uphold= dependencies on it */
2115
2116 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)) || u->job) {
2117 if (ret_culprit)
2118 *ret_culprit = NULL;
2119 return false;
2120 }
2121
2122 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_START_STEADILY) {
2123 if (other->job)
2124 continue;
2125
2126 if (UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
2127 if (ret_culprit)
2128 *ret_culprit = other;
2129 return true;
2130 }
2131 }
2132
2133 if (ret_culprit)
2134 *ret_culprit = NULL;
2135 return false;
2136}
2137
56c59592
LP		 2138bool unit_is_bound_by_inactive(Unit *u, Unit **ret_culprit) {
2139 Unit *other;
2140
2141 assert(u);
2142
2143 /* Checks whether this unit is bound to another unit that is inactive, i.e. whether we should stop
7802194a 2144 * because the other unit is down. */
56c59592
LP		 2145
2146 if (unit_active_state(u) != UNIT_ACTIVE || u->job) {
2147 /* Don't clean up while the unit is transitioning or is even inactive. */
2148 if (ret_culprit)
2149 *ret_culprit = NULL;
2150 return false;
2151 }
2152
2153 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
2154 if (other->job)
2155 continue;
2156
2157 if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other))) {
3da36106 2158 if (ret_culprit)
56c59592
LP		 2159 *ret_culprit = other;
2160
2161 return true;
2162 }
2163 }
2164
2165 if (ret_culprit)
2166 *ret_culprit = NULL;
2167 return false;
2168}
2169
a3c1168a 2170static void check_unneeded_dependencies(Unit *u) {
15ed3c3a 2171 Unit *other;
a3c1168a
LP		 2172 assert(u);
2173
2174 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2175
15ed3c3a
LP		 2176 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_STOP_WHEN_UNNEEDED_QUEUE)
2177 unit_submit_to_stop_when_unneeded_queue(other);
f3bff0eb
LP		 2178}
2179
0bc488c9
LP		 2180static void check_uphold_dependencies(Unit *u) {
2181 Unit *other;
2182 assert(u);
2183
2184 /* Add all units this unit depends on to the queue that processes Uphold= behaviour. */
2185
2186 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_START_WHEN_UPHELD_QUEUE)
2187 unit_submit_to_start_when_upheld_queue(other);
2188}
2189
56c59592 2190static void check_bound_by_dependencies(Unit *u) {
ff502445 2191 Unit *other;
ff502445
LP		 2192 assert(u);
2193
56c59592 2194 /* Add all units this unit depends on to the queue that processes BindsTo= stop behaviour. */
ff502445 2195
56c59592
LP		 2196 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_CANNOT_BE_ACTIVE_WITHOUT_QUEUE)
2197 unit_submit_to_stop_when_bound_queue(other);
ff502445
LP		 2198}
2199
87f0e418 2200static void retroactively_start_dependencies(Unit *u) {
87f0e418
LP		 2201 Unit *other;
2202
2203 assert(u);
2204 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2205
15ed3c3a
LP		 2206 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_REPLACE) /* Requires= + BindsTo= */
2207 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
b81884e7 2208 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
50cbaba4 2209 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL, NULL);
b81884e7 2210
15ed3c3a
LP		 2211 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_FAIL) /* Wants= */
2212 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
b81884e7 2213 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
50cbaba4 2214 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL, NULL);
87f0e418 2215
15ed3c3a 2216 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_START) /* Conflicts= (and inverse) */
b81884e7 2217 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
50cbaba4 2218 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
87f0e418
LP		 2219}
2220
2221static void retroactively_stop_dependencies(Unit *u) {
87f0e418
LP		 2222 Unit *other;
2223
2224 assert(u);
2225 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2226
b81884e7 2227 /* Pull down units which are bound to us recursively if enabled */
15ed3c3a 2228 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_STOP) /* BoundBy= */
b81884e7 2229 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
50cbaba4 2230 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
cd0504d0
MS		 2231}
2232
294446dc
LP		 2233void unit_start_on_failure(
2234 Unit *u,
2235 const char *dependency_name,
2236 UnitDependencyAtom atom,
2237 JobMode job_mode) {
2238
82acee14 2239 int n_jobs = -1;
c0daa706 2240 Unit *other;
7f66b026 2241 int r;
c0daa706
LP		 2242
2243 assert(u);
294446dc
LP		 2244 assert(dependency_name);
2245 assert(IN_SET(atom, UNIT_ATOM_ON_SUCCESS, UNIT_ATOM_ON_FAILURE));
2246
2247 /* Act on OnFailure= and OnSuccess= dependencies */
c0daa706 2248
294446dc 2249 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
7f66b026 2250 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
222ae6a8 2251
82acee14 2252 if (n_jobs < 0) {
294446dc 2253 log_unit_info(u, "Triggering %s dependencies.", dependency_name);
82acee14 2254 n_jobs = 0;
15ed3c3a
LP		 2255 }
2256
95c81c55 2257 r = manager_add_job(u->manager, JOB_START, other, job_mode, NULL, &error, NULL);
c1b6628d 2258 if (r < 0)
294446dc
LP		 2259 log_unit_warning_errno(
2260 u, r, "Failed to enqueue %s job, ignoring: %s",
2261 dependency_name, bus_error_message(&error, r));
82acee14 2262 n_jobs ++;
222ae6a8 2263 }
294446dc 2264
82acee14
ZJS		 2265 if (n_jobs >= 0)
2266 log_unit_debug(u, "Triggering %s dependencies done (%u %s).",
2267 dependency_name, n_jobs, n_jobs == 1 ? "job" : "jobs");
c0daa706
LP		 2268}
2269
3ecaa09b
LP		 2270void unit_trigger_notify(Unit *u) {
2271 Unit *other;
3ecaa09b
LP		 2272
2273 assert(u);
2274
15ed3c3a 2275 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_TRIGGERED_BY)
3ecaa09b
LP		 2276 if (UNIT_VTABLE(other)->trigger_notify)
2277 UNIT_VTABLE(other)->trigger_notify(other, u);
2278}
2279
37109b85
ZJS		 2280static int raise_level(int log_level, bool condition_info, bool condition_notice) {
2281 if (condition_notice && log_level > LOG_NOTICE)
2282 return LOG_NOTICE;
2283 if (condition_info && log_level > LOG_INFO)
2284 return LOG_INFO;
2285 return log_level;
2286}
2287
915b1d01 2288static int unit_log_resources(Unit *u) {
bc40a20e
LP		 2289 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + _CGROUP_IO_ACCOUNTING_METRIC_MAX + 4];
2290 bool any_traffic = false, have_ip_accounting = false, any_io = false, have_io_accounting = false;
2291 _cleanup_free_ char *igress = NULL, *egress = NULL, *rr = NULL, *wr = NULL;
162392b7 2292 int log_level = LOG_DEBUG; /* May be raised if resources consumed over a threshold */
915b1d01 2293 size_t n_message_parts = 0, n_iovec = 0;
bc40a20e 2294 char* message_parts[1 + 2 + 2 + 1], *t;
915b1d01 2295 nsec_t nsec = NSEC_INFINITY;
915b1d01
LP		 2296 int r;
2297 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2298 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2299 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2300 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2301 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2302 };
bc40a20e
LP		 2303 const char* const io_fields[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
2304 [CGROUP_IO_READ_BYTES] = "IO_METRIC_READ_BYTES",
2305 [CGROUP_IO_WRITE_BYTES] = "IO_METRIC_WRITE_BYTES",
2306 [CGROUP_IO_READ_OPERATIONS] = "IO_METRIC_READ_OPERATIONS",
2307 [CGROUP_IO_WRITE_OPERATIONS] = "IO_METRIC_WRITE_OPERATIONS",
2308 };
915b1d01
LP		 2309
2310 assert(u);
2311
2312 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2313 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2314 * information and the complete data in structured fields. */
2315
2316 (void) unit_get_cpu_usage(u, &nsec);
2317 if (nsec != NSEC_INFINITY) {
915b1d01
LP		 2318 /* Format the CPU time for inclusion in the structured log message */
2319 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2320 r = log_oom();
2321 goto finish;
2322 }
2323 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2324
2325 /* Format the CPU time for inclusion in the human language message string */
5291f26d 2326 t = strjoin("consumed ", FORMAT_TIMESPAN(nsec / NSEC_PER_USEC, USEC_PER_MSEC), " CPU time");
915b1d01
LP		 2327 if (!t) {
2328 r = log_oom();
2329 goto finish;
2330 }
2331
2332 message_parts[n_message_parts++] = t;
37109b85
ZJS		 2333
2334 log_level = raise_level(log_level,
ef6bb4dd
CG		 2335 nsec > MENTIONWORTHY_CPU_NSEC,
2336 nsec > NOTICEWORTHY_CPU_NSEC);
915b1d01
LP		 2337 }
2338
bc40a20e 2339 for (CGroupIOAccountingMetric k = 0; k < _CGROUP_IO_ACCOUNTING_METRIC_MAX; k++) {
bc40a20e
LP		 2340 uint64_t value = UINT64_MAX;
2341
2342 assert(io_fields[k]);
2343
2344 (void) unit_get_io_accounting(u, k, k > 0, &value);
2345 if (value == UINT64_MAX)
2346 continue;
2347
2348 have_io_accounting = true;
2349 if (value > 0)
2350 any_io = true;
2351
2352 /* Format IO accounting data for inclusion in the structured log message */
2353 if (asprintf(&t, "%s=%" PRIu64, io_fields[k], value) < 0) {
2354 r = log_oom();
2355 goto finish;
2356 }
2357 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2358
2359 /* Format the IO accounting data for inclusion in the human language message string, but only
2360 * for the bytes counters (and not for the operations counters) */
2361 if (k == CGROUP_IO_READ_BYTES) {
2362 assert(!rr);
2b59bf51 2363 rr = strjoin("read ", strna(FORMAT_BYTES(value)), " from disk");
bc40a20e
LP		 2364 if (!rr) {
2365 r = log_oom();
2366 goto finish;
2367 }
2368 } else if (k == CGROUP_IO_WRITE_BYTES) {
2369 assert(!wr);
2b59bf51 2370 wr = strjoin("written ", strna(FORMAT_BYTES(value)), " to disk");
bc40a20e
LP		 2371 if (!wr) {
2372 r = log_oom();
2373 goto finish;
2374 }
2375 }
37109b85
ZJS		 2376
2377 if (IN_SET(k, CGROUP_IO_READ_BYTES, CGROUP_IO_WRITE_BYTES))
2378 log_level = raise_level(log_level,
2379 value > MENTIONWORTHY_IO_BYTES,
2380 value > NOTICEWORTHY_IO_BYTES);
bc40a20e
LP		 2381 }
2382
2383 if (have_io_accounting) {
2384 if (any_io) {
2385 if (rr)
2386 message_parts[n_message_parts++] = TAKE_PTR(rr);
2387 if (wr)
2388 message_parts[n_message_parts++] = TAKE_PTR(wr);
2389
2390 } else {
2391 char *k;
2392
2393 k = strdup("no IO");
2394 if (!k) {
2395 r = log_oom();
2396 goto finish;
2397 }
2398
2399 message_parts[n_message_parts++] = k;
2400 }
2401 }
2402
12375b95 2403 for (CGroupIPAccountingMetric m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
915b1d01
LP		 2404 uint64_t value = UINT64_MAX;
2405
2406 assert(ip_fields[m]);
2407
2408 (void) unit_get_ip_accounting(u, m, &value);
2409 if (value == UINT64_MAX)
2410 continue;
82044702
LP		 2411
2412 have_ip_accounting = true;
a87b1faa
LP		 2413 if (value > 0)
2414 any_traffic = true;
915b1d01
LP		 2415
2416 /* Format IP accounting data for inclusion in the structured log message */
2417 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2418 r = log_oom();
2419 goto finish;
2420 }
2421 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2422
2423 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2424 * bytes counters (and not for the packets counters) */
a87b1faa
LP		 2425 if (m == CGROUP_IP_INGRESS_BYTES) {
2426 assert(!igress);
2b59bf51 2427 igress = strjoin("received ", strna(FORMAT_BYTES(value)), " IP traffic");
a87b1faa
LP		 2428 if (!igress) {
2429 r = log_oom();
2430 goto finish;
2431 }
2432 } else if (m == CGROUP_IP_EGRESS_BYTES) {
2433 assert(!egress);
2b59bf51 2434 egress = strjoin("sent ", strna(FORMAT_BYTES(value)), " IP traffic");
a87b1faa
LP		 2435 if (!egress) {
2436 r = log_oom();
2437 goto finish;
2438 }
2439 }
37109b85
ZJS		 2440
2441 if (IN_SET(m, CGROUP_IP_INGRESS_BYTES, CGROUP_IP_EGRESS_BYTES))
2442 log_level = raise_level(log_level,
2443 value > MENTIONWORTHY_IP_BYTES,
2444 value > NOTICEWORTHY_IP_BYTES);
a87b1faa
LP		 2445 }
2446
c2503e35
RH		 2447 /* This check is here because it is the earliest point following all possible log_level assignments. If
2448 * log_level is assigned anywhere after this point, move this check. */
2449 if (!unit_log_level_test(u, log_level)) {
2450 r = 0;
2451 goto finish;
2452 }
2453
82044702
LP		 2454 if (have_ip_accounting) {
2455 if (any_traffic) {
2456 if (igress)
2457 message_parts[n_message_parts++] = TAKE_PTR(igress);
2458 if (egress)
2459 message_parts[n_message_parts++] = TAKE_PTR(egress);
a87b1faa 2460
82044702
LP		 2461 } else {
2462 char *k;
915b1d01 2463
82044702
LP		 2464 k = strdup("no IP traffic");
2465 if (!k) {
2466 r = log_oom();
2467 goto finish;
2468 }
2469
2470 message_parts[n_message_parts++] = k;
2471 }
915b1d01
LP		 2472 }
2473
2474 /* Is there any accounting data available at all? */
2475 if (n_iovec == 0) {
2476 r = 0;
2477 goto finish;
2478 }
2479
2480 if (n_message_parts == 0)
a87b1faa 2481 t = strjoina("MESSAGE=", u->id, ": Completed.");
915b1d01 2482 else {
c2b2df60 2483 _cleanup_free_ char *joined = NULL;
915b1d01
LP		 2484
2485 message_parts[n_message_parts] = NULL;
2486
2487 joined = strv_join(message_parts, ", ");
2488 if (!joined) {
2489 r = log_oom();
2490 goto finish;
2491 }
2492
ec9d636b 2493 joined[0] = ascii_toupper(joined[0]);
a87b1faa 2494 t = strjoina("MESSAGE=", u->id, ": ", joined, ".");
915b1d01
LP		 2495 }
2496
2497 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2498 * and hence don't increase n_iovec for them */
2499 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2500 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2501
2502 t = strjoina(u->manager->unit_log_field, u->id);
2503 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2504
2505 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2506 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2507
c2503e35 2508 log_unit_struct_iovec(u, log_level, iovec, n_iovec + 4);
915b1d01
LP		 2509 r = 0;
2510
2511finish:
12375b95 2512 for (size_t i = 0; i < n_message_parts; i++)
915b1d01
LP		 2513 free(message_parts[i]);
2514
12375b95 2515 for (size_t i = 0; i < n_iovec; i++)
915b1d01
LP		 2516 free(iovec[i].iov_base);
2517
2518 return r;
2519
2520}
2521
adefcf28
LP		 2522static void unit_update_on_console(Unit *u) {
2523 bool b;
2524
2525 assert(u);
2526
2527 b = unit_needs_console(u);
2528 if (u->on_console == b)
2529 return;
2530
2531 u->on_console = b;
2532 if (b)
2533 manager_ref_console(u->manager);
2534 else
2535 manager_unref_console(u->manager);
adefcf28
LP		 2536}
2537
6eb65e7c
LP		 2538static void unit_emit_audit_start(Unit *u) {
2539 assert(u);
2540
2541 if (u->type != UNIT_SERVICE)
2542 return;
2543
2544 /* Write audit record if we have just finished starting up */
2545 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, true);
2546 u->in_audit = true;
2547}
2548
2549static void unit_emit_audit_stop(Unit *u, UnitActiveState state) {
2550 assert(u);
2551
2552 if (u->type != UNIT_SERVICE)
2553 return;
2554
2555 if (u->in_audit) {
2556 /* Write audit record if we have just finished shutting down */
2557 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, state == UNIT_INACTIVE);
2558 u->in_audit = false;
2559 } else {
2560 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2561 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, state == UNIT_INACTIVE);
2562
2563 if (state == UNIT_INACTIVE)
2564 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, true);
2565 }
2566}
2567
16c74914
LP		 2568static bool unit_process_job(Job *j, UnitActiveState ns, UnitNotifyFlags flags) {
2569 bool unexpected = false;
31cd5f63 2570 JobResult result;
16c74914
LP		 2571
2572 assert(j);
2573
2574 if (j->state == JOB_WAITING)
2575
2576 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2577 * due to EAGAIN. */
2578 job_add_to_run_queue(j);
2579
2580 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2581 * hence needs to invalidate jobs. */
2582
2583 switch (j->type) {
2584
2585 case JOB_START:
2586 case JOB_VERIFY_ACTIVE:
2587
2588 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2589 job_finish_and_invalidate(j, JOB_DONE, true, false);
2590 else if (j->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2591 unexpected = true;
2592
31cd5f63
AZ		 2593 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2594 if (ns == UNIT_FAILED)
2595 result = JOB_FAILED;
31cd5f63
AZ		 2596 else
2597 result = JOB_DONE;
2598
2599 job_finish_and_invalidate(j, result, true, false);
2600 }
16c74914
LP		 2601 }
2602
2603 break;
2604
2605 case JOB_RELOAD:
2606 case JOB_RELOAD_OR_START:
2607 case JOB_TRY_RELOAD:
2608
2609 if (j->state == JOB_RUNNING) {
2610 if (ns == UNIT_ACTIVE)
2611 job_finish_and_invalidate(j, (flags & UNIT_NOTIFY_RELOAD_FAILURE) ? JOB_FAILED : JOB_DONE, true, false);
2612 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2613 unexpected = true;
2614
2615 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2616 job_finish_and_invalidate(j, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2617 }
2618 }
2619
2620 break;
2621
2622 case JOB_STOP:
2623 case JOB_RESTART:
2624 case JOB_TRY_RESTART:
2625
2626 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2627 job_finish_and_invalidate(j, JOB_DONE, true, false);
2628 else if (j->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2629 unexpected = true;
2630 job_finish_and_invalidate(j, JOB_FAILED, true, false);
2631 }
2632
2633 break;
2634
2635 default:
04499a70 2636 assert_not_reached();
16c74914
LP		 2637 }
2638
2639 return unexpected;
2640}
2641
2ad2e41a 2642void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, UnitNotifyFlags flags) {
429926e9 2643 const char *reason;
8559b3b7 2644 Manager *m;
a096ed36 2645
87f0e418
LP		 2646 assert(u);
2647 assert(os < _UNIT_ACTIVE_STATE_MAX);
2648 assert(ns < _UNIT_ACTIVE_STATE_MAX);
87f0e418 2649
8559b3b7
LP		 2650 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2651 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2652 * remounted this function will be called too! */
87f0e418 2653
546ac4f0
MS		 2654 m = u->manager;
2655
3c4832ad
LP		 2656 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2657 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2658 unit_add_to_dbus_queue(u);
2659
e30bbc90
AZ		 2660 /* Update systemd-oomd on the property/state change */
2661 if (os != ns) {
2662 /* Always send an update if the unit is going into an inactive state so systemd-oomd knows to stop
2663 * monitoring.
2664 * Also send an update whenever the unit goes active; this is to handle a case where an override file
2665 * sets one of the ManagedOOM*= properties to "kill", then later removes it. systemd-oomd needs to
2666 * know to stop monitoring when the unit changes from "kill" -> "auto" on daemon-reload, but we don't
2667 * have the information on the property. Thus, indiscriminately send an update. */
f561e8c6 2668 if (UNIT_IS_INACTIVE_OR_FAILED(ns) || UNIT_IS_ACTIVE_OR_RELOADING(ns))
e30bbc90
AZ		 2669 (void) manager_varlink_send_managed_oom_update(u);
2670 }
2671
f755e3b7 2672 /* Update timestamps for state changes */
2c289ea8 2673 if (!MANAGER_IS_RELOADING(m)) {
a483fb59 2674 dual_timestamp_get(&u->state_change_timestamp);
173e3821 2675
bdbf9951 2676 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2677 u->inactive_exit_timestamp = u->state_change_timestamp;
bdbf9951 2678 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2679 u->inactive_enter_timestamp = u->state_change_timestamp;
bdbf9951
LP		 2680
2681 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2682 u->active_enter_timestamp = u->state_change_timestamp;
bdbf9951 2683 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2684 u->active_exit_timestamp = u->state_change_timestamp;
bdbf9951 2685 }
87f0e418 2686
865cc19a 2687 /* Keep track of failed units */
8724defe 2688 (void) manager_update_failed_units(m, u, ns == UNIT_FAILED);
f755e3b7 2689
d3070fbd
LP		 2690 /* Make sure the cgroup and state files are always removed when we become inactive */
2691 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
ff68472a
ZJS		 2692 SET_FLAG(u->markers,
2693 (1u << UNIT_MARKER_NEEDS_RELOAD)|(1u << UNIT_MARKER_NEEDS_RESTART),
2694 false);
efdb0237 2695 unit_prune_cgroup(u);
d3070fbd 2696 unit_unlink_state_files(u);
ff68472a
ZJS		 2697 } else if (ns != os && ns == UNIT_RELOADING)
2698 SET_FLAG(u->markers, 1u << UNIT_MARKER_NEEDS_RELOAD, false);
fb385181 2699
adefcf28 2700 unit_update_on_console(u);
7ed9f6cd 2701
2c289ea8 2702 if (!MANAGER_IS_RELOADING(m)) {
a1c7334b
LP		 2703 bool unexpected;
2704
2705 /* Let's propagate state changes to the job */
2706 if (u->job)
2707 unexpected = unit_process_job(u->job, ns, flags);
2708 else
2709 unexpected = true;
f3bff0eb 2710
a1c7334b
LP		 2711 /* If this state change happened without being requested by a job, then let's retroactively start or
2712 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2713 * additional jobs just because something is already activated. */
bdbf9951
LP		 2714
2715 if (unexpected) {
2716 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2717 retroactively_start_dependencies(u);
2718 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2719 retroactively_stop_dependencies(u);
2720 }
5de9682c 2721
bdbf9951 2722 if (ns != os && ns == UNIT_FAILED) {
ed77d407 2723 log_unit_debug(u, "Unit entered failed state.");
2ad2e41a
LP		 2724
2725 if (!(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
294446dc 2726 unit_start_on_failure(u, "OnFailure=", UNIT_ATOM_ON_FAILURE, u->on_failure_job_mode);
cd6d0a45 2727 }
e537352b 2728
256f65d0
LP		 2729 if (UNIT_IS_ACTIVE_OR_RELOADING(ns) && !UNIT_IS_ACTIVE_OR_RELOADING(os)) {
2730 /* This unit just finished starting up */
3b2775c5 2731
6eb65e7c 2732 unit_emit_audit_start(u);
546ac4f0 2733 manager_send_unit_plymouth(m, u);
256f65d0 2734 }
bdbf9951 2735
256f65d0 2736 if (UNIT_IS_INACTIVE_OR_FAILED(ns) && !UNIT_IS_INACTIVE_OR_FAILED(os)) {
915b1d01 2737 /* This unit just stopped/failed. */
256f65d0 2738
6eb65e7c 2739 unit_emit_audit_stop(u, ns);
915b1d01 2740 unit_log_resources(u);
cd6d0a45 2741 }
294446dc
LP		 2742
2743 if (ns == UNIT_INACTIVE && !IN_SET(os, UNIT_FAILED, UNIT_INACTIVE, UNIT_MAINTENANCE) &&
2744 !(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
2745 unit_start_on_failure(u, "OnSuccess=", UNIT_ATOM_ON_SUCCESS, u->on_success_job_mode);
f278026d
LP		 2746 }
2747
31dc1ca3
LP		 2748 manager_recheck_journal(m);
2749 manager_recheck_dbus(m);
e63ebf71 2750
3ecaa09b 2751 unit_trigger_notify(u);
3b2775c5 2752
8724defe 2753 if (!MANAGER_IS_RELOADING(m)) {
429926e9
TR		 2754 if (os != UNIT_FAILED && ns == UNIT_FAILED) {
2755 reason = strjoina("unit ", u->id, " failed");
36c4dc08 2756 emergency_action(m, u->failure_action, 0, u->reboot_arg, unit_failure_action_exit_status(u), reason);
429926e9
TR		 2757 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE) {
2758 reason = strjoina("unit ", u->id, " succeeded");
36c4dc08 2759 emergency_action(m, u->success_action, 0, u->reboot_arg, unit_success_action_exit_status(u), reason);
429926e9 2760 }
ff502445
LP		 2761 }
2762
99e9af25 2763 /* And now, add the unit or depending units to various queues that will act on the new situation if
48008c1c 2764 * needed. These queues generally check for continuous state changes rather than events (like most of
99e9af25
LP		 2765 * the state propagation above), and do work deferred instead of instantly, since they typically
2766 * don't want to run during reloading, and usually involve checking combined state of multiple units
2767 * at once. */
2768
2769 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2770 /* Stop unneeded units and bound-by units regardless if going down was expected or not */
2771 check_unneeded_dependencies(u);
2772 check_bound_by_dependencies(u);
2773
2774 /* Maybe someone wants us to remain up? */
2775 unit_submit_to_start_when_upheld_queue(u);
2776
2777 /* Maybe the unit should be GC'ed now? */
2778 unit_add_to_gc_queue(u);
2779 }
2780
2781 if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
2782 /* Start uphold units regardless if going up was expected or not */
2783 check_uphold_dependencies(u);
2784
2785 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2786 unit_submit_to_stop_when_unneeded_queue(u);
2787
2788 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens
2789 * when something BindsTo= to a Type=oneshot unit, as these units go directly from starting to
2790 * inactive, without ever entering started.) */
2791 unit_submit_to_stop_when_bound_queue(u);
2792 }
87f0e418
LP		 2793}
2794
f75f613d 2795int unit_watch_pid(Unit *u, pid_t pid, bool exclusive) {
62a76913 2796 int r;
a911bb9a 2797
87f0e418 2798 assert(u);
62a76913 2799 assert(pid_is_valid(pid));
87f0e418 2800
62a76913 2801 /* Watch a specific PID */
5ba6985b 2802
f75f613d
FB		 2803 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2804 * opportunity to remove any stalled references to this PID as they can be created
2805 * easily (when watching a process which is not our direct child). */
2806 if (exclusive)
2807 manager_unwatch_pid(u->manager, pid);
2808
d5099efc 2809 r = set_ensure_allocated(&u->pids, NULL);
5ba6985b
LP		 2810 if (r < 0)
2811 return r;
2812
62a76913 2813 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
a911bb9a
LP		 2814 if (r < 0)
2815 return r;
2816
62a76913
LP		 2817 /* First try, let's add the unit keyed by "pid". */
2818 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2819 if (r == -EEXIST) {
2820 Unit **array;
2821 bool found = false;
2822 size_t n = 0;
05e343b7 2823
62a76913
LP		 2824 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2825 * to an array of Units rather than just a Unit), lists us already. */
a911bb9a 2826
62a76913
LP		 2827 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2828 if (array)
2829 for (; array[n]; n++)
2830 if (array[n] == u)
2831 found = true;
a911bb9a 2832
62a76913
LP		 2833 if (found) /* Found it already? if so, do nothing */
2834 r = 0;
2835 else {
2836 Unit **new_array;
2837
2838 /* Allocate a new array */
2839 new_array = new(Unit*, n + 2);
2840 if (!new_array)
2841 return -ENOMEM;
2842
2843 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2844 new_array[n] = u;
2845 new_array[n+1] = NULL;
2846
2847 /* Add or replace the old array */
2848 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2849 if (r < 0) {
2850 free(new_array);
2851 return r;
2852 }
2853
2854 free(array);
2855 }
2856 } else if (r < 0)
2857 return r;
2858
2859 r = set_put(u->pids, PID_TO_PTR(pid));
2860 if (r < 0)
2861 return r;
2862
2863 return 0;
87f0e418
LP		 2864}
2865
2866void unit_unwatch_pid(Unit *u, pid_t pid) {
62a76913
LP		 2867 Unit **array;
2868
87f0e418 2869 assert(u);
62a76913
LP		 2870 assert(pid_is_valid(pid));
2871
2872 /* First let's drop the unit in case it's keyed as "pid". */
2873 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2874
2875 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2876 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2877 if (array) {
62a76913 2878 /* Let's iterate through the array, dropping our own entry */
12375b95
ZJS		 2879
2880 size_t m = 0;
2881 for (size_t n = 0; array[n]; n++)
62a76913
LP		 2882 if (array[n] != u)
2883 array[m++] = array[n];
2884 array[m] = NULL;
2885
2886 if (m == 0) {
2887 /* The array is now empty, remove the entire entry */
20c3acfa 2888 assert_se(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
62a76913
LP		 2889 free(array);
2890 }
2891 }
87f0e418 2892
fea72cc0 2893 (void) set_remove(u->pids, PID_TO_PTR(pid));
a911bb9a
LP		 2894}
2895
bd44e61b
LP		 2896void unit_unwatch_all_pids(Unit *u) {
2897 assert(u);
2898
2899 while (!set_isempty(u->pids))
fea72cc0 2900 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
bd44e61b 2901
efdb0237 2902 u->pids = set_free(u->pids);
a911bb9a
LP		 2903}
2904
50be4f4a
LP		 2905static void unit_tidy_watch_pids(Unit *u) {
2906 pid_t except1, except2;
a911bb9a
LP		 2907 void *e;
2908
2909 assert(u);
2910
2911 /* Cleans dead PIDs from our list */
2912
50be4f4a
LP		 2913 except1 = unit_main_pid(u);
2914 except2 = unit_control_pid(u);
2915
90e74a66 2916 SET_FOREACH(e, u->pids) {
fea72cc0 2917 pid_t pid = PTR_TO_PID(e);
a911bb9a
LP		 2918
2919 if (pid == except1 || pid == except2)
2920 continue;
2921
9f5650ae 2922 if (!pid_is_unwaited(pid))
bd44e61b 2923 unit_unwatch_pid(u, pid);
a911bb9a 2924 }
87f0e418
LP		 2925}
2926
50be4f4a
LP		 2927static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
2928 Unit *u = userdata;
2929
2930 assert(s);
2931 assert(u);
2932
2933 unit_tidy_watch_pids(u);
2934 unit_watch_all_pids(u);
2935
2936 /* If the PID set is empty now, then let's finish this off. */
2937 unit_synthesize_cgroup_empty_event(u);
2938
2939 return 0;
2940}
2941
2942int unit_enqueue_rewatch_pids(Unit *u) {
2943 int r;
2944
2945 assert(u);
2946
2947 if (!u->cgroup_path)
2948 return -ENOENT;
2949
2950 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
2951 if (r < 0)
2952 return r;
2953 if (r > 0) /* On unified we can use proper notifications */
2954 return 0;
2955
2956 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2957 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2958 * involves issuing kill(pid, 0) on all processes we watch. */
2959
2960 if (!u->rewatch_pids_event_source) {
2961 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
2962
2963 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
2964 if (r < 0)
2965 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
2966
2967 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
2968 if (r < 0)
28b77ab2 2969 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: %m");
50be4f4a
LP		 2970
2971 (void) sd_event_source_set_description(s, "tidy-watch-pids");
2972
2973 u->rewatch_pids_event_source = TAKE_PTR(s);
2974 }
2975
2976 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
2977 if (r < 0)
2978 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
2979
2980 return 0;
2981}
2982
2983void unit_dequeue_rewatch_pids(Unit *u) {
2984 int r;
2985 assert(u);
2986
2987 if (!u->rewatch_pids_event_source)
2988 return;
2989
2990 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
2991 if (r < 0)
2992 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2993
5dcadb4c 2994 u->rewatch_pids_event_source = sd_event_source_disable_unref(u->rewatch_pids_event_source);
50be4f4a
LP		 2995}
2996
87f0e418
LP		 2997bool unit_job_is_applicable(Unit *u, JobType j) {
2998 assert(u);
2999 assert(j >= 0 && j < _JOB_TYPE_MAX);
3000
3001 switch (j) {
3002
3003 case JOB_VERIFY_ACTIVE:
3004 case JOB_START:
e0209d83 3005 case JOB_NOP:
f5869324 3006 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
86b52a39 3007 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
f5869324 3008 * jobs for it. */
87f0e418
LP		 3009 return true;
3010
f5869324
LP		 3011 case JOB_STOP:
3012 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
86b52a39 3013 * external events), hence it makes no sense to permit enqueuing such a request either. */
f5869324
LP		 3014 return !u->perpetual;
3015
87f0e418
LP		 3016 case JOB_RESTART:
3017 case JOB_TRY_RESTART:
f5869324 3018 return unit_can_stop(u) && unit_can_start(u);
87f0e418
LP		 3019
3020 case JOB_RELOAD:
3282591d 3021 case JOB_TRY_RELOAD:
87f0e418
LP		 3022 return unit_can_reload(u);
3023
3024 case JOB_RELOAD_OR_START:
3025 return unit_can_reload(u) && unit_can_start(u);
3026
3027 default:
04499a70 3028 assert_not_reached();
87f0e418
LP		 3029 }
3030}
3031
eef85c4a
LP		 3032int unit_add_dependency(
3033 Unit *u,
3034 UnitDependency d,
3035 Unit *other,
3036 bool add_reference,
3037 UnitDependencyMask mask) {
87f0e418
LP		 3038
3039 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
fb138166
ZJS		 3040 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
3041 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
3042 [UNIT_WANTS] = UNIT_WANTED_BY,
3043 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
3044 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
3045 [UNIT_UPHOLDS] = UNIT_UPHELD_BY,
3046 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
3047 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
3048 [UNIT_WANTED_BY] = UNIT_WANTS,
3049 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
3050 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
3051 [UNIT_UPHELD_BY] = UNIT_UPHOLDS,
3052 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
3053 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
3054 [UNIT_BEFORE] = UNIT_AFTER,
3055 [UNIT_AFTER] = UNIT_BEFORE,
3056 [UNIT_ON_SUCCESS] = UNIT_ON_SUCCESS_OF,
3057 [UNIT_ON_SUCCESS_OF] = UNIT_ON_SUCCESS,
3058 [UNIT_ON_FAILURE] = UNIT_ON_FAILURE_OF,
3059 [UNIT_ON_FAILURE_OF] = UNIT_ON_FAILURE,
3060 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
3061 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
3062 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
85e9a101 3063 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
fb138166
ZJS		 3064 [UNIT_PROPAGATES_STOP_TO] = UNIT_STOP_PROPAGATED_FROM,
3065 [UNIT_STOP_PROPAGATED_FROM] = UNIT_PROPAGATES_STOP_TO,
3066 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF, /* symmetric! 👓 */
3067 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
3068 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
3069 [UNIT_IN_SLICE] = UNIT_SLICE_OF,
3070 [UNIT_SLICE_OF] = UNIT_IN_SLICE,
87f0e418 3071 };
eef85c4a 3072 Unit *original_u = u, *original_other = other;
15ed3c3a 3073 UnitDependencyAtom a;
eef85c4a 3074 int r;
15ed3c3a
LP		 3075
3076 /* Helper to know whether sending a notification is necessary or not: if the dependency is already
3077 * there, no need to notify! */
ac17080c 3078 bool notify, notify_other = false;
87f0e418
LP		 3079
3080 assert(u);
3081 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
87f0e418
LP		 3082 assert(other);
3083
9f151f29
LP		 3084 u = unit_follow_merge(u);
3085 other = unit_follow_merge(other);
15ed3c3a
LP		 3086 a = unit_dependency_to_atom(d);
3087 assert(a >= 0);
9f151f29 3088
15ed3c3a 3089 /* We won't allow dependencies on ourselves. We will not consider them an error however. */
d1fab3fe 3090 if (u == other) {
15ed3c3a 3091 unit_maybe_warn_about_dependency(original_u, original_other->id, d);
87f0e418 3092 return 0;
d1fab3fe 3093 }
87f0e418 3094
f14d6810
MG		 3095 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3096 return 0;
3097
15ed3c3a
LP		 3098 /* Note that ordering a device unit after a unit is permitted since it allows to start its job
3099 * running timeout at a specific time. */
3100 if (FLAGS_SET(a, UNIT_ATOM_BEFORE) && other->type == UNIT_DEVICE) {
b862c257 3101 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
c80a9a33
LP		 3102 return 0;
3103 }
3104
15ed3c3a 3105 if (FLAGS_SET(a, UNIT_ATOM_ON_FAILURE) && !UNIT_VTABLE(u)->can_fail) {
c80a9a33
LP		 3106 log_unit_warning(u, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other->id, unit_type_to_string(u->type));
3107 return 0;
3108 }
3109
15ed3c3a 3110 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERS) && !UNIT_VTABLE(u)->can_trigger)
c80a9a33
LP		 3111 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3112 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(u->type));
15ed3c3a 3113 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERED_BY) && !UNIT_VTABLE(other)->can_trigger)
c80a9a33
LP		 3114 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3115 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(other->type));
3116
d219a2b0
LP		 3117 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && other->type != UNIT_SLICE)
3118 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3119 "Requested dependency Slice=%s refused (%s is not a slice unit).", other->id, other->id);
3120 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && u->type != UNIT_SLICE)
3121 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3122 "Requested dependency SliceOf=%s refused (%s is not a slice unit).", other->id, u->id);
3123
3124 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && !UNIT_HAS_CGROUP_CONTEXT(u))
3125 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3126 "Requested dependency Slice=%s refused (%s is not a cgroup unit).", other->id, u->id);
3127
3128 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && !UNIT_HAS_CGROUP_CONTEXT(other))
3129 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3130 "Requested dependency SliceOf=%s refused (%s is not a cgroup unit).", other->id, other->id);
3131
15ed3c3a 3132 r = unit_add_dependency_hashmap(&u->dependencies, d, other, mask, 0);
613b411c 3133 if (r < 0)
87f0e418 3134 return r;
ac17080c 3135 notify = r > 0;
87f0e418 3136
eef85c4a 3137 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
15ed3c3a 3138 r = unit_add_dependency_hashmap(&other->dependencies, inverse_table[d], u, 0, mask);
613b411c
LP		 3139 if (r < 0)
3140 return r;
ac17080c 3141 notify_other = r > 0;
613b411c
LP		 3142 }
3143
3144 if (add_reference) {
15ed3c3a 3145 r = unit_add_dependency_hashmap(&u->dependencies, UNIT_REFERENCES, other, mask, 0);
613b411c 3146 if (r < 0)
5de9682c 3147 return r;
ac17080c 3148 notify = notify || r > 0;
5de9682c 3149
15ed3c3a 3150 r = unit_add_dependency_hashmap(&other->dependencies, UNIT_REFERENCED_BY, u, 0, mask);
613b411c 3151 if (r < 0)
701cc384 3152 return r;
ac17080c 3153 notify_other = notify_other || r > 0;
613b411c 3154 }
87f0e418 3155
ac17080c 3156 if (notify)
5177cb0a 3157 unit_add_to_dbus_queue(u);
ac17080c
YW		 3158 if (notify_other)
3159 unit_add_to_dbus_queue(other);
15ed3c3a 3160
ac17080c 3161 return notify || notify_other;
87f0e418 3162}
0301abf4 3163
eef85c4a 3164int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
a8c5a4c6 3165 int r, s;
2c966c03
LP		 3166
3167 assert(u);
3168
eef85c4a 3169 r = unit_add_dependency(u, d, other, add_reference, mask);
3f3cc397 3170 if (r < 0)
2c966c03
LP		 3171 return r;
3172
a8c5a4c6
YW		 3173 s = unit_add_dependency(u, e, other, add_reference, mask);
3174 if (s < 0)
3175 return s;
3176
3177 return r > 0 || s > 0;
2c966c03
LP		 3178}
3179
23e8c796 3180static int resolve_template(Unit *u, const char *name, char **buf, const char **ret) {
7410616c 3181 int r;
9e2f7c11
LP		 3182
3183 assert(u);
23e8c796 3184 assert(name);
7410616c
LP		 3185 assert(buf);
3186 assert(ret);
9e2f7c11 3187
7410616c
LP		 3188 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
3189 *buf = NULL;
3190 *ret = name;
3191 return 0;
9e2f7c11
LP		 3192 }
3193
ac155bb8 3194 if (u->instance)
7410616c 3195 r = unit_name_replace_instance(name, u->instance, buf);
9e2f7c11 3196 else {
ae018d9b 3197 _cleanup_free_ char *i = NULL;
9e2f7c11 3198
7410616c
LP		 3199 r = unit_name_to_prefix(u->id, &i);
3200 if (r < 0)
3201 return r;
9e2f7c11 3202
7410616c 3203 r = unit_name_replace_instance(name, i, buf);
9e2f7c11 3204 }
7410616c
LP		 3205 if (r < 0)
3206 return r;
9e2f7c11 3207
7410616c
LP		 3208 *ret = *buf;
3209 return 0;
9e2f7c11
LP		 3210}
3211
35d8c19a 3212int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 3213 _cleanup_free_ char *buf = NULL;
09b6b09f
LP		 3214 Unit *other;
3215 int r;
3216
9e2f7c11 3217 assert(u);
35d8c19a 3218 assert(name);
09b6b09f 3219
23e8c796 3220 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 3221 if (r < 0)
3222 return r;
09b6b09f 3223
f14d6810
MG		 3224 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3225 return 0;
3226
35d8c19a 3227 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
8afbb8e1
LP		 3228 if (r < 0)
3229 return r;
9e2f7c11 3230
eef85c4a 3231 return unit_add_dependency(u, d, other, add_reference, mask);
09b6b09f
LP		 3232}
3233
5a724170 3234int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 3235 _cleanup_free_ char *buf = NULL;
2c966c03
LP		 3236 Unit *other;
3237 int r;
2c966c03
LP		 3238
3239 assert(u);
5a724170 3240 assert(name);
2c966c03 3241
23e8c796 3242 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 3243 if (r < 0)
3244 return r;
2c966c03 3245
f14d6810
MG		 3246 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3247 return 0;
3248
5a724170 3249 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3f3cc397 3250 if (r < 0)
68eda4bd 3251 return r;
2c966c03 3252
eef85c4a 3253 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2c966c03
LP		 3254}
3255
0301abf4 3256int set_unit_path(const char *p) {
0301abf4 3257 /* This is mostly for debug purposes */
7c248223 3258 return RET_NERRNO(setenv("SYSTEMD_UNIT_PATH", p, 1));
0301abf4 3259}
88066b3a 3260
ea430986 3261char *unit_dbus_path(Unit *u) {
ea430986
LP		 3262 assert(u);
3263
ac155bb8 3264 if (!u->id)
04ade7d2
LP		 3265 return NULL;
3266
48899192 3267 return unit_dbus_path_from_name(u->id);
ea430986
LP		 3268}
3269
4b58153d
LP		 3270char *unit_dbus_path_invocation_id(Unit *u) {
3271 assert(u);
3272
3273 if (sd_id128_is_null(u->invocation_id))
3274 return NULL;
3275
3276 return unit_dbus_path_from_name(u->invocation_id_string);
3277}
3278
2d3b784d 3279int unit_set_invocation_id(Unit *u, sd_id128_t id) {
db868d45
ZJS		 3280 int r;
3281
3282 assert(u);
3283
3284 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
3285
3286 if (sd_id128_equal(u->invocation_id, id))
3287 return 0;
3288
3289 if (!sd_id128_is_null(u->invocation_id))
3290 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
3291
3292 if (sd_id128_is_null(id)) {
3293 r = 0;
3294 goto reset;
3295 }
3296
3297 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
3298 if (r < 0)
3299 goto reset;
3300
3301 u->invocation_id = id;
3302 sd_id128_to_string(id, u->invocation_id_string);
3303
3304 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
3305 if (r < 0)
3306 goto reset;
3307
3308 return 0;
3309
3310reset:
3311 u->invocation_id = SD_ID128_NULL;
3312 u->invocation_id_string[0] = 0;
3313 return r;
3314}
3315
899acf5c 3316int unit_set_slice(Unit *u, Unit *slice) {
d219a2b0
LP		 3317 int r;
3318
d79200e2
LP		 3319 assert(u);
3320 assert(slice);
3321
d219a2b0
LP		 3322 /* Sets the unit slice if it has not been set before. Is extra careful, to only allow this for units
3323 * that actually have a cgroup context. Also, we don't allow to set this for slices (since the parent
3324 * slice is derived from the name). Make sure the unit we set is actually a slice. */
d79200e2
LP		 3325
3326 if (!UNIT_HAS_CGROUP_CONTEXT(u))
3327 return -EOPNOTSUPP;
3328
3329 if (u->type == UNIT_SLICE)
3330 return -EINVAL;
3331
102ef982
LP		 3332 if (unit_active_state(u) != UNIT_INACTIVE)
3333 return -EBUSY;
3334
d79200e2
LP		 3335 if (slice->type != UNIT_SLICE)
3336 return -EINVAL;
3337
efdb0237
LP		 3338 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3339 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3340 return -EPERM;
3341
12f64221 3342 if (UNIT_GET_SLICE(u) == slice)
d79200e2
LP		 3343 return 0;
3344
99e66921 3345 /* Disallow slice changes if @u is already bound to cgroups */
12f64221 3346 if (UNIT_GET_SLICE(u) && u->cgroup_realized)
d79200e2
LP		 3347 return -EBUSY;
3348
899acf5c
AZ		 3349 /* Remove any slices assigned prior; we should only have one UNIT_IN_SLICE dependency */
3350 if (UNIT_GET_SLICE(u))
3351 unit_remove_dependencies(u, UNIT_DEPENDENCY_SLICE_PROPERTY);
3352
3353 r = unit_add_dependency(u, UNIT_IN_SLICE, slice, true, UNIT_DEPENDENCY_SLICE_PROPERTY);
d219a2b0
LP		 3354 if (r < 0)
3355 return r;
3356
d79200e2
LP		 3357 return 1;
3358}
3359
3360int unit_set_default_slice(Unit *u) {
a8833944 3361 const char *slice_name;
a016b922
LP		 3362 Unit *slice;
3363 int r;
3364
3365 assert(u);
3366
f14d6810
MG		 3367 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3368 return 0;
3369
12f64221 3370 if (UNIT_GET_SLICE(u))
a016b922
LP		 3371 return 0;
3372
a8833944
LP		 3373 if (u->instance) {
3374 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
68eda4bd 3375
a8833944
LP		 3376 /* Implicitly place all instantiated units in their
3377 * own per-template slice */
3378
7410616c
LP		 3379 r = unit_name_to_prefix(u->id, &prefix);
3380 if (r < 0)
3381 return r;
a8833944
LP		 3382
3383 /* The prefix is already escaped, but it might include
3384 * "-" which has a special meaning for slice units,
3385 * hence escape it here extra. */
7410616c 3386 escaped = unit_name_escape(prefix);
a8833944
LP		 3387 if (!escaped)
3388 return -ENOMEM;
3389
463d0d15 3390 if (MANAGER_IS_SYSTEM(u->manager))
00e7b3c8 3391 slice_name = strjoina("system-", escaped, ".slice");
a8833944 3392 else
7f3b86a4 3393 slice_name = strjoina("app-", escaped, ".slice");
5ee24fa0
ZJS		 3394
3395 } else if (unit_is_extrinsic(u))
3396 /* Keep all extrinsic units (e.g. perpetual units and swap and mount units in user mode) in
3397 * the root slice. They don't really belong in one of the subslices. */
3398 slice_name = SPECIAL_ROOT_SLICE;
3399
3400 else if (MANAGER_IS_SYSTEM(u->manager))
3401 slice_name = SPECIAL_SYSTEM_SLICE;
3402 else
3403 slice_name = SPECIAL_APP_SLICE;
a8833944
LP		 3404
3405 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
a016b922
LP		 3406 if (r < 0)
3407 return r;
3408
899acf5c 3409 return unit_set_slice(u, slice);
a016b922
LP		 3410}
3411
9444b1f2 3412const char *unit_slice_name(Unit *u) {
12f64221 3413 Unit *slice;
9444b1f2
LP		 3414 assert(u);
3415
12f64221
LP		 3416 slice = UNIT_GET_SLICE(u);
3417 if (!slice)
9444b1f2
LP		 3418 return NULL;
3419
12f64221 3420 return slice->id;
9444b1f2
LP		 3421}
3422
f6ff8c29 3423int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
78edb35a 3424 _cleanup_free_ char *t = NULL;
f6ff8c29
LP		 3425 int r;
3426
3427 assert(u);
3428 assert(type);
3429 assert(_found);
3430
7410616c
LP		 3431 r = unit_name_change_suffix(u->id, type, &t);
3432 if (r < 0)
3433 return r;
3434 if (unit_has_name(u, t))
3435 return -EINVAL;
f6ff8c29 3436
ac155bb8 3437 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
9e2f7c11 3438 assert(r < 0 || *_found != u);
f6ff8c29
LP		 3439 return r;
3440}
3441
bbc29086 3442static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
fc67a943 3443 const char *new_owner;
bbc29086
DM		 3444 Unit *u = userdata;
3445 int r;
3446
3447 assert(message);
3448 assert(u);
3449
fc67a943 3450 r = sd_bus_message_read(message, "sss", NULL, NULL, &new_owner);
bbc29086
DM		 3451 if (r < 0) {
3452 bus_log_parse_error(r);
3453 return 0;
3454 }
3455
3456 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3457 UNIT_VTABLE(u)->bus_name_owner_change(u, empty_to_null(new_owner));
a5a8776a
MJ		 3458
3459 return 0;
3460}
3461
3462static int get_name_owner_handler(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3463 const sd_bus_error *e;
3464 const char *new_owner;
3465 Unit *u = userdata;
3466 int r;
3467
3468 assert(message);
3469 assert(u);
3470
3471 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3472
a5a8776a 3473 e = sd_bus_message_get_error(message);
a5a8776a 3474 if (e) {
33322185
YW		 3475 if (!sd_bus_error_has_name(e, "org.freedesktop.DBus.Error.NameHasNoOwner")) {
3476 r = sd_bus_error_get_errno(e);
3477 log_unit_error_errno(u, r,
3478 "Unexpected error response from GetNameOwner(): %s",
3479 bus_error_message(e, r));
3480 }
a5a8776a 3481
fc67a943
LP		 3482 new_owner = NULL;
3483 } else {
3484 r = sd_bus_message_read(message, "s", &new_owner);
3485 if (r < 0)
3486 return bus_log_parse_error(r);
a5a8776a 3487
fc67a943
LP		 3488 assert(!isempty(new_owner));
3489 }
a5a8776a
MJ		 3490
3491 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3492 UNIT_VTABLE(u)->bus_name_owner_change(u, new_owner);
bbc29086
DM		 3493
3494 return 0;
3495}
3496
9806e87d
LP		 3497int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3498 const char *match;
a5b07847 3499 int r;
bbc29086 3500
9806e87d
LP		 3501 assert(u);
3502 assert(bus);
3503 assert(name);
bbc29086 3504
a5b07847 3505 if (u->match_bus_slot || u->get_name_owner_slot)
bbc29086
DM		 3506 return -EBUSY;
3507
9806e87d 3508 match = strjoina("type='signal',"
81d62103
ZJS		 3509 "sender='org.freedesktop.DBus',"
3510 "path='/org/freedesktop/DBus',"
3511 "interface='org.freedesktop.DBus',"
3512 "member='NameOwnerChanged',"
3513 "arg0='", name, "'");
bbc29086 3514
a5b07847 3515 r = sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
a5a8776a
MJ		 3516 if (r < 0)
3517 return r;
3518
a5b07847
LP		 3519 r = sd_bus_call_method_async(
3520 bus,
3521 &u->get_name_owner_slot,
3522 "org.freedesktop.DBus",
3523 "/org/freedesktop/DBus",
3524 "org.freedesktop.DBus",
3525 "GetNameOwner",
3526 get_name_owner_handler,
3527 u,
3528 "s", name);
3529 if (r < 0) {
3530 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3531 return r;
3532 }
3533
3534 log_unit_debug(u, "Watching D-Bus name '%s'.", name);
3535 return 0;
bbc29086
DM		 3536}
3537
05e343b7 3538int unit_watch_bus_name(Unit *u, const char *name) {
bbc29086
DM		 3539 int r;
3540
05e343b7
LP		 3541 assert(u);
3542 assert(name);
3543
3544 /* Watch a specific name on the bus. We only support one unit
3545 * watching each name for now. */
3546
bbc29086
DM		 3547 if (u->manager->api_bus) {
3548 /* If the bus is already available, install the match directly.
3549 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
9806e87d 3550 r = unit_install_bus_match(u, u->manager->api_bus, name);
bbc29086 3551 if (r < 0)
8ea823b6 3552 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
bbc29086
DM		 3553 }
3554
3555 r = hashmap_put(u->manager->watch_bus, name, u);
3556 if (r < 0) {
3557 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5b07847 3558 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
bbc29086
DM		 3559 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3560 }
3561
3562 return 0;
05e343b7
LP		 3563}
3564
3565void unit_unwatch_bus_name(Unit *u, const char *name) {
3566 assert(u);
3567 assert(name);
3568
8367fea5 3569 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
bbc29086 3570 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5a8776a 3571 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
05e343b7
LP		 3572}
3573
d336ba9f 3574int unit_add_node_dependency(Unit *u, const char *what, UnitDependency dep, UnitDependencyMask mask) {
68eda4bd 3575 _cleanup_free_ char *e = NULL;
44b0d1fd 3576 Unit *device;
6e2ef85b
LP		 3577 int r;
3578
3579 assert(u);
3580
6e2ef85b 3581 /* Adds in links to the device node that this unit is based on */
47bc12e1
LP		 3582 if (isempty(what))
3583 return 0;
6e2ef85b 3584
8407a5d0 3585 if (!is_device_path(what))
6e2ef85b
LP		 3586 return 0;
3587
44b0d1fd 3588 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
1c2e9646 3589 if (!unit_type_supported(UNIT_DEVICE))
47bc12e1
LP		 3590 return 0;
3591
7410616c
LP		 3592 r = unit_name_from_path(what, ".device", &e);
3593 if (r < 0)
3594 return r;
6e2ef85b 3595
ac155bb8 3596 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
6e2ef85b
LP		 3597 if (r < 0)
3598 return r;
3599
ebc8968b
FB		 3600 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3601 dep = UNIT_BINDS_TO;
3602
d336ba9f
FB		 3603 return unit_add_two_dependencies(u, UNIT_AFTER,
3604 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3605 device, true, mask);
6e2ef85b 3606}
a16e1123 3607
44b0d1fd
LP		 3608int unit_add_blockdev_dependency(Unit *u, const char *what, UnitDependencyMask mask) {
3609 _cleanup_free_ char *escaped = NULL, *target = NULL;
3610 int r;
3611
3612 assert(u);
3613
3614 if (isempty(what))
3615 return 0;
3616
3617 if (!path_startswith(what, "/dev/"))
3618 return 0;
3619
3620 /* If we don't support devices, then also don't bother with blockdev@.target */
3621 if (!unit_type_supported(UNIT_DEVICE))
3622 return 0;
3623
3624 r = unit_name_path_escape(what, &escaped);
3625 if (r < 0)
3626 return r;
3627
3628 r = unit_name_build("blockdev", escaped, ".target", &target);
3629 if (r < 0)
3630 return r;
3631
3632 return unit_add_dependency_by_name(u, UNIT_AFTER, target, true, mask);
3633}
3634
be847e82 3635int unit_coldplug(Unit *u) {
05a98afd 3636 int r = 0, q;
cca098b0
LP		 3637
3638 assert(u);
3639
f0831ed2 3640 /* Make sure we don't enter a loop, when coldplugging recursively. */
f78f265f
LP		 3641 if (u->coldplugged)
3642 return 0;
3643
3644 u->coldplugged = true;
3645
05a98afd
LP		 3646 STRV_FOREACH(i, u->deserialized_refs) {
3647 q = bus_unit_track_add_name(u, *i);
3648 if (q < 0 && r >= 0)
3649 r = q;
3650 }
3651 u->deserialized_refs = strv_free(u->deserialized_refs);
cca098b0 3652
05a98afd
LP		 3653 if (UNIT_VTABLE(u)->coldplug) {
3654 q = UNIT_VTABLE(u)->coldplug(u);
3655 if (q < 0 && r >= 0)
3656 r = q;
3657 }
5a6158b6 3658
7dbd330c
GL		 3659 if (u->job) {
3660 q = job_coldplug(u->job);
3661 if (q < 0 && r >= 0)
3662 r = q;
3663 }
3664 if (u->nop_job) {
3665 q = job_coldplug(u->nop_job);
05a98afd
LP		 3666 if (q < 0 && r >= 0)
3667 r = q;
3668 }
cca098b0 3669
05a98afd 3670 return r;
cca098b0
LP		 3671}
3672
f0831ed2
LP		 3673void unit_catchup(Unit *u) {
3674 assert(u);
3675
3676 if (UNIT_VTABLE(u)->catchup)
3677 UNIT_VTABLE(u)->catchup(u);
869f52f2
DS		 3678
3679 unit_cgroup_catchup(u);
f0831ed2
LP		 3680}
3681
ba25d39e 3682static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
21b95806
ZJS		 3683 struct stat st;
3684
3685 if (!path)
3686 return false;
3687
77969722
LP		 3688 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3689 * are never out-of-date. */
3690 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3691 return false;
3692
21b95806
ZJS		 3693 if (stat(path, &st) < 0)
3694 /* What, cannot access this anymore? */
3695 return true;
3696
ba25d39e
ZJS		 3697 if (path_masked)
3698 /* For masked files check if they are still so */
3699 return !null_or_empty(&st);
3700 else
3a8db9fe 3701 /* For non-empty files check the mtime */
87ec20ef 3702 return timespec_load(&st.st_mtim) > mtime;
21b95806
ZJS		 3703
3704 return false;
3705}
3706
45fb0699 3707bool unit_need_daemon_reload(Unit *u) {
ae7a7182 3708 _cleanup_strv_free_ char **t = NULL;
1b64d026 3709
45fb0699
LP		 3710 assert(u);
3711
ba25d39e
ZJS		 3712 /* For unit files, we allow masking… */
3713 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3714 u->load_state == UNIT_MASKED))
21b95806 3715 return true;
5f4b19f4 3716
ba25d39e
ZJS		 3717 /* Source paths should not be masked… */
3718 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
ab932a62 3719 return true;
ae7a7182 3720
19a44dfe
LR		 3721 if (u->load_state == UNIT_LOADED)
3722 (void) unit_find_dropin_paths(u, &t);
ab932a62
LP		 3723 if (!strv_equal(u->dropin_paths, t))
3724 return true;
6d10d308 3725
ba25d39e 3726 /* … any drop-ins that are masked are simply omitted from the list. */
ab932a62 3727 STRV_FOREACH(path, u->dropin_paths)
ba25d39e 3728 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
ab932a62 3729 return true;
21b95806 3730
ab932a62 3731 return false;
45fb0699
LP		 3732}
3733
fdf20a31 3734void unit_reset_failed(Unit *u) {
5632e374
LP		 3735 assert(u);
3736
fdf20a31
MM		 3737 if (UNIT_VTABLE(u)->reset_failed)
3738 UNIT_VTABLE(u)->reset_failed(u);
6bf0f408 3739
7bf081a1 3740 ratelimit_reset(&u->start_ratelimit);
6bf0f408 3741 u->start_limit_hit = false;
5632e374
LP		 3742}
3743
a7f241db
LP		 3744Unit *unit_following(Unit *u) {
3745 assert(u);
3746
3747 if (UNIT_VTABLE(u)->following)
3748 return UNIT_VTABLE(u)->following(u);
3749
3750 return NULL;
3751}
3752
31afa0a4 3753bool unit_stop_pending(Unit *u) {
18ffdfda
LP		 3754 assert(u);
3755
31afa0a4
LP		 3756 /* This call does check the current state of the unit. It's
3757 * hence useful to be called from state change calls of the
3758 * unit itself, where the state isn't updated yet. This is
3759 * different from unit_inactive_or_pending() which checks both
3760 * the current state and for a queued job. */
18ffdfda 3761
28a2dfe8 3762 return unit_has_job_type(u, JOB_STOP);
31afa0a4
LP		 3763}
3764
3765bool unit_inactive_or_pending(Unit *u) {
3766 assert(u);
3767
3768 /* Returns true if the unit is inactive or going down */
18ffdfda 3769
d956ac29
LP		 3770 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3771 return true;
3772
31afa0a4 3773 if (unit_stop_pending(u))
18ffdfda
LP		 3774 return true;
3775
3776 return false;
3777}
3778
31afa0a4 3779bool unit_active_or_pending(Unit *u) {
f976f3f6
LP		 3780 assert(u);
3781
f60c2665 3782 /* Returns true if the unit is active or going up */
f976f3f6
LP		 3783
3784 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3785 return true;
3786
ac155bb8 3787 if (u->job &&
3742095b 3788 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
f976f3f6
LP		 3789 return true;
3790
3791 return false;
3792}
3793
52a12341
YW		 3794bool unit_will_restart_default(Unit *u) {
3795 assert(u);
3796
28a2dfe8 3797 return unit_has_job_type(u, JOB_START);
52a12341
YW		 3798}
3799
deb4e708
MK		 3800bool unit_will_restart(Unit *u) {
3801 assert(u);
3802
3803 if (!UNIT_VTABLE(u)->will_restart)
3804 return false;
3805
3806 return UNIT_VTABLE(u)->will_restart(u);
3807}
3808
718db961 3809int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
8a0867d6
LP		 3810 assert(u);
3811 assert(w >= 0 && w < _KILL_WHO_MAX);
6eb7c172 3812 assert(SIGNAL_VALID(signo));
8a0867d6 3813
8a0867d6 3814 if (!UNIT_VTABLE(u)->kill)
15411c0c 3815 return -EOPNOTSUPP;
8a0867d6 3816
c74f17d9 3817 return UNIT_VTABLE(u)->kill(u, w, signo, error);
8a0867d6
LP		 3818}
3819
38c41427
NK		 3820void unit_notify_cgroup_oom(Unit *u, bool managed_oom) {
3821 assert(u);
3822
3823 if (UNIT_VTABLE(u)->notify_cgroup_oom)
3824 UNIT_VTABLE(u)->notify_cgroup_oom(u, managed_oom);
3825}
3826
82659fd7 3827static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
af4fa99d 3828 _cleanup_set_free_ Set *pid_set = NULL;
82659fd7
LP		 3829 int r;
3830
d5099efc 3831 pid_set = set_new(NULL);
82659fd7
LP		 3832 if (!pid_set)
3833 return NULL;
3834
3835 /* Exclude the main/control pids from being killed via the cgroup */
3836 if (main_pid > 0) {
fea72cc0 3837 r = set_put(pid_set, PID_TO_PTR(main_pid));
82659fd7 3838 if (r < 0)
95f14a3e 3839 return NULL;
82659fd7
LP		 3840 }
3841
3842 if (control_pid > 0) {
fea72cc0 3843 r = set_put(pid_set, PID_TO_PTR(control_pid));
82659fd7 3844 if (r < 0)
95f14a3e 3845 return NULL;
82659fd7
LP		 3846 }
3847
95f14a3e 3848 return TAKE_PTR(pid_set);
82659fd7
LP		 3849}
3850
d9911002
LP		 3851static int kill_common_log(pid_t pid, int signo, void *userdata) {
3852 _cleanup_free_ char *comm = NULL;
3853 Unit *u = userdata;
3854
3855 assert(u);
3856
3857 (void) get_process_comm(pid, &comm);
3858 log_unit_info(u, "Sending signal SIG%s to process " PID_FMT " (%s) on client request.",
3859 signal_to_string(signo), pid, strna(comm));
3860
3861 return 1;
3862}
3863
d91c34f2
LP		 3864int unit_kill_common(
3865 Unit *u,
3866 KillWho who,
3867 int signo,
3868 pid_t main_pid,
3869 pid_t control_pid,
718db961 3870 sd_bus_error *error) {
d91c34f2 3871
814cc562 3872 int r = 0;
ac5e3a50 3873 bool killed = false;
814cc562 3874
8aff7ac4
LP		 3875 /* This is the common implementation for explicit user-requested killing of unit processes, shared by
3876 * various unit types. Do not confuse with unit_kill_context(), which is what we use when we want to
3877 * stop a service ourselves. */
3878
ac5e3a50 3879 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
814cc562 3880 if (main_pid < 0)
7358dc02 3881 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
8aff7ac4 3882 if (main_pid == 0)
7358dc02 3883 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
814cc562
MS		 3884 }
3885
ac5e3a50 3886 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
814cc562 3887 if (control_pid < 0)
7358dc02 3888 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
8aff7ac4 3889 if (control_pid == 0)
7358dc02 3890 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
814cc562
MS		 3891 }
3892
ac5e3a50
JS		 3893 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
3894 if (control_pid > 0) {
d9911002
LP		 3895 _cleanup_free_ char *comm = NULL;
3896 (void) get_process_comm(control_pid, &comm);
3897
3898 if (kill(control_pid, signo) < 0) {
3899 /* Report this failure both to the logs and to the client */
3900 sd_bus_error_set_errnof(
3901 error, errno,
3902 "Failed to send signal SIG%s to control process " PID_FMT " (%s): %m",
3903 signal_to_string(signo), control_pid, strna(comm));
3904 r = log_unit_warning_errno(
3905 u, errno,
3906 "Failed to send signal SIG%s to control process " PID_FMT " (%s) on client request: %m",
3907 signal_to_string(signo), control_pid, strna(comm));
3908 } else {
3909 log_unit_info(u, "Sent signal SIG%s to control process " PID_FMT " (%s) on client request.",
3910 signal_to_string(signo), control_pid, strna(comm));
ac5e3a50 3911 killed = true;
d9911002 3912 }
ac5e3a50 3913 }
814cc562 3914
ac5e3a50
JS		 3915 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
3916 if (main_pid > 0) {
d9911002
LP		 3917 _cleanup_free_ char *comm = NULL;
3918 (void) get_process_comm(main_pid, &comm);
3919
3920 if (kill(main_pid, signo) < 0) {
3921 if (r == 0)
3922 sd_bus_error_set_errnof(
3923 error, errno,
3924 "Failed to send signal SIG%s to main process " PID_FMT " (%s): %m",
3925 signal_to_string(signo), main_pid, strna(comm));
3926
3927 r = log_unit_warning_errno(
3928 u, errno,
3929 "Failed to send signal SIG%s to main process " PID_FMT " (%s) on client request: %m",
3930 signal_to_string(signo), main_pid, strna(comm));
3931 } else {
3932 log_unit_info(u, "Sent signal SIG%s to main process " PID_FMT " (%s) on client request.",
3933 signal_to_string(signo), main_pid, strna(comm));
ac5e3a50 3934 killed = true;
d9911002 3935 }
ac5e3a50 3936 }
814cc562 3937
ac5e3a50 3938 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
814cc562
MS		 3939 _cleanup_set_free_ Set *pid_set = NULL;
3940 int q;
3941
82659fd7
LP		 3942 /* Exclude the main/control pids from being killed via the cgroup */
3943 pid_set = unit_pid_set(main_pid, control_pid);
814cc562 3944 if (!pid_set)
d9911002
LP		 3945 return log_oom();
3946
3947 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, kill_common_log, u);
3948 if (q < 0) {
3949 if (!IN_SET(q, -ESRCH, -ENOENT)) {
3950 if (r == 0)
3951 sd_bus_error_set_errnof(
3952 error, q,
3953 "Failed to send signal SIG%s to auxiliary processes: %m",
3954 signal_to_string(signo));
3955
3956 r = log_unit_warning_errno(
3957 u, q,
3958 "Failed to send signal SIG%s to auxiliary processes on client request: %m",
3959 signal_to_string(signo));
3960 }
3961 } else
ac5e3a50 3962 killed = true;
814cc562
MS		 3963 }
3964
2ae0508e
LP		 3965 /* If the "fail" versions of the operation are requested, then complain if the set of processes we killed is empty */
3966 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL, KILL_MAIN_FAIL))
3967 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No matching processes to kill");
ac5e3a50 3968
814cc562
MS		 3969 return r;
3970}
3971
6210e7fc
LP		 3972int unit_following_set(Unit *u, Set **s) {
3973 assert(u);
3974 assert(s);
3975
3976 if (UNIT_VTABLE(u)->following_set)
3977 return UNIT_VTABLE(u)->following_set(u, s);
3978
3979 *s = NULL;
3980 return 0;
3981}
3982
a4375746 3983UnitFileState unit_get_unit_file_state(Unit *u) {
0ec0deaa
LP		 3984 int r;
3985
a4375746
LP		 3986 assert(u);
3987
0ec0deaa
LP		 3988 if (u->unit_file_state < 0 && u->fragment_path) {
3989 r = unit_file_get_state(
463d0d15 3990 u->manager->unit_file_scope,
0ec0deaa 3991 NULL,
9ea3a0e7 3992 u->id,
0ec0deaa
LP		 3993 &u->unit_file_state);
3994 if (r < 0)
3995 u->unit_file_state = UNIT_FILE_BAD;
3996 }
a4375746 3997
ac155bb8 3998 return u->unit_file_state;
a4375746
LP		 3999}
4000
d2dc52db
LP		 4001int unit_get_unit_file_preset(Unit *u) {
4002 assert(u);
4003
4004 if (u->unit_file_preset < 0 && u->fragment_path)
4005 u->unit_file_preset = unit_file_query_preset(
463d0d15 4006 u->manager->unit_file_scope,
0ec0deaa 4007 NULL,
8f7b2566
ZJS		 4008 basename(u->fragment_path),
4009 NULL);
d2dc52db
LP		 4010
4011 return u->unit_file_preset;
4012}
4013
7f7d01ed 4014Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
57020a3a 4015 assert(ref);
7f7d01ed
ZJS		 4016 assert(source);
4017 assert(target);
57020a3a 4018
7f7d01ed 4019 if (ref->target)
57020a3a
LP		 4020 unit_ref_unset(ref);
4021
7f7d01ed
ZJS		 4022 ref->source = source;
4023 ref->target = target;
4024 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
4025 return target;
57020a3a
LP		 4026}
4027
4028void unit_ref_unset(UnitRef *ref) {
4029 assert(ref);
4030
7f7d01ed 4031 if (!ref->target)
57020a3a
LP		 4032 return;
4033
b75102e5
LP		 4034 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4035 * be unreferenced now. */
7f7d01ed 4036 unit_add_to_gc_queue(ref->target);
b75102e5 4037
7f7d01ed
ZJS		 4038 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
4039 ref->source = ref->target = NULL;
57020a3a
LP		 4040}
4041
29206d46
LP		 4042static int user_from_unit_name(Unit *u, char **ret) {
4043
4044 static const uint8_t hash_key[] = {
4045 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4046 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4047 };
4048
4049 _cleanup_free_ char *n = NULL;
4050 int r;
4051
4052 r = unit_name_to_prefix(u->id, &n);
4053 if (r < 0)
4054 return r;
4055
7a8867ab 4056 if (valid_user_group_name(n, 0)) {
ae2a15bc 4057 *ret = TAKE_PTR(n);
29206d46
LP		 4058 return 0;
4059 }
4060
4061 /* If we can't use the unit name as a user name, then let's hash it and use that */
4062 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4063 return -ENOMEM;
4064
4065 return 0;
4066}
4067
598459ce
LP		 4068int unit_patch_contexts(Unit *u) {
4069 CGroupContext *cc;
4070 ExecContext *ec;
cba6e062
LP		 4071 int r;
4072
e06c73cc 4073 assert(u);
e06c73cc 4074
598459ce
LP		 4075 /* Patch in the manager defaults into the exec and cgroup
4076 * contexts, _after_ the rest of the settings have been
4077 * initialized */
085afe36 4078
598459ce
LP		 4079 ec = unit_get_exec_context(u);
4080 if (ec) {
4081 /* This only copies in the ones that need memory */
12375b95 4082 for (unsigned i = 0; i < _RLIMIT_MAX; i++)
598459ce
LP		 4083 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4084 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4085 if (!ec->rlimit[i])
4086 return -ENOMEM;
4087 }
4088
463d0d15 4089 if (MANAGER_IS_USER(u->manager) &&
598459ce
LP		 4090 !ec->working_directory) {
4091
4092 r = get_home_dir(&ec->working_directory);
4093 if (r < 0)
4094 return r;
4c08c824
LP		 4095
4096 /* Allow user services to run, even if the
4097 * home directory is missing */
4098 ec->working_directory_missing_ok = true;
cba6e062
LP		 4099 }
4100
598459ce 4101 if (ec->private_devices)
2cd0a735 4102 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
502d704e
DH		 4103
4104 if (ec->protect_kernel_modules)
4105 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
29206d46 4106
84703040
KK		 4107 if (ec->protect_kernel_logs)
4108 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYSLOG);
4109
fc64760d
KK		 4110 if (ec->protect_clock)
4111 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_SYS_TIME) | (UINT64_C(1) << CAP_WAKE_ALARM));
4112
29206d46
LP		 4113 if (ec->dynamic_user) {
4114 if (!ec->user) {
4115 r = user_from_unit_name(u, &ec->user);
4116 if (r < 0)
4117 return r;
4118 }
4119
4120 if (!ec->group) {
4121 ec->group = strdup(ec->user);
4122 if (!ec->group)
4123 return -ENOMEM;
4124 }
4125
bf65b7e0
LP		 4126 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4127 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4128 * sandbox. */
63bb64a0 4129
29206d46 4130 ec->private_tmp = true;
00d9ef85 4131 ec->remove_ipc = true;
63bb64a0
LP		 4132 ec->protect_system = PROTECT_SYSTEM_STRICT;
4133 if (ec->protect_home == PROTECT_HOME_NO)
4134 ec->protect_home = PROTECT_HOME_READ_ONLY;
bf65b7e0
LP		 4135
4136 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4137 * them. */
4138 ec->no_new_privileges = true;
4139 ec->restrict_suid_sgid = true;
29206d46 4140 }
cba6e062
LP		 4141 }
4142
598459ce 4143 cc = unit_get_cgroup_context(u);
fe65e88b 4144 if (cc && ec) {
f513e420 4145
fe65e88b 4146 if (ec->private_devices &&
084870f9
ZJS		 4147 cc->device_policy == CGROUP_DEVICE_POLICY_AUTO)
4148 cc->device_policy = CGROUP_DEVICE_POLICY_CLOSED;
fe65e88b 4149
64903d18 4150 if ((ec->root_image || ec->mount_images) &&
084870f9 4151 (cc->device_policy != CGROUP_DEVICE_POLICY_AUTO || cc->device_allow)) {
fe65e88b 4152
b3d13314 4153 /* When RootImage= or MountImages= is specified, the following devices are touched. */
0cffae95
LB		 4154 FOREACH_STRING(p, "/dev/loop-control", "/dev/mapper/control") {
4155 r = cgroup_add_device_allow(cc, p, "rw");
4156 if (r < 0)
4157 return r;
4158 }
4159 FOREACH_STRING(p, "block-loop", "block-blkext", "block-device-mapper") {
4160 r = cgroup_add_device_allow(cc, p, "rwm");
4161 if (r < 0)
4162 return r;
4163 }
867af728 4164
0cffae95
LB		 4165 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices.
4166 * Same for mapper and verity. */
4167 FOREACH_STRING(p, "modprobe@loop.service", "modprobe@dm_mod.service", "modprobe@dm_verity.service") {
4168 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, p, true, UNIT_DEPENDENCY_FILE);
4169 if (r < 0)
4170 return r;
4171 }
fe65e88b 4172 }
fc64760d
KK		 4173
4174 if (ec->protect_clock) {
4175 r = cgroup_add_device_allow(cc, "char-rtc", "r");
4176 if (r < 0)
4177 return r;
4178 }
598459ce 4179 }
f1660f96 4180
cba6e062 4181 return 0;
e06c73cc
LP		 4182}
4183
c2503e35 4184ExecContext *unit_get_exec_context(const Unit *u) {
3ef63c31
LP		 4185 size_t offset;
4186 assert(u);
4187
598459ce
LP		 4188 if (u->type < 0)
4189 return NULL;
4190
3ef63c31
LP		 4191 offset = UNIT_VTABLE(u)->exec_context_offset;
4192 if (offset <= 0)
4193 return NULL;
4194
4195 return (ExecContext*) ((uint8_t*) u + offset);
4196}
4197
718db961
LP		 4198KillContext *unit_get_kill_context(Unit *u) {
4199 size_t offset;
4200 assert(u);
4201
598459ce
LP		 4202 if (u->type < 0)
4203 return NULL;
4204
718db961
LP		 4205 offset = UNIT_VTABLE(u)->kill_context_offset;
4206 if (offset <= 0)
4207 return NULL;
4208
4209 return (KillContext*) ((uint8_t*) u + offset);
4210}
4211
4ad49000
LP		 4212CGroupContext *unit_get_cgroup_context(Unit *u) {
4213 size_t offset;
4214
598459ce
LP		 4215 if (u->type < 0)
4216 return NULL;
4217
4ad49000
LP		 4218 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4219 if (offset <= 0)
4220 return NULL;
4221
4222 return (CGroupContext*) ((uint8_t*) u + offset);
4223}
4224
613b411c
LP		 4225ExecRuntime *unit_get_exec_runtime(Unit *u) {
4226 size_t offset;
4227
598459ce
LP		 4228 if (u->type < 0)
4229 return NULL;
4230
613b411c
LP		 4231 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4232 if (offset <= 0)
4233 return NULL;
4234
4235 return *(ExecRuntime**) ((uint8_t*) u + offset);
4236}
4237
2e59b241 4238static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
3f5e8115
LP		 4239 assert(u);
4240
2e59b241 4241 if (UNIT_WRITE_FLAGS_NOOP(flags))
4f4afc88
LP		 4242 return NULL;
4243
39591351
LP		 4244 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4245 return u->manager->lookup_paths.transient;
26d04f86 4246
2e59b241 4247 if (flags & UNIT_PERSISTENT)
4f4afc88 4248 return u->manager->lookup_paths.persistent_control;
26d04f86 4249
2e59b241
LP		 4250 if (flags & UNIT_RUNTIME)
4251 return u->manager->lookup_paths.runtime_control;
4252
39591351 4253 return NULL;
71645aca
LP		 4254}
4255
2e59b241 4256char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
24536beb
ZJS		 4257 assert(!FLAGS_SET(flags, UNIT_ESCAPE_EXEC_SYNTAX | UNIT_ESCAPE_C));
4258
4259 _cleanup_free_ char *t = NULL;
2e59b241
LP		 4260
4261 if (!s)
4262 return NULL;
4263
24536beb
ZJS		 4264 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the
4265 * allocated return buffer pointer is also written to *buf, except if no escaping was necessary, in
4266 * which case *buf is set to NULL, and the input pointer is returned as-is. This means the return
4267 * value always contains a properly escaped version, but *buf when passed only contains a pointer if
4268 * an allocation was necessary. If *buf is not specified, then the return value always needs to be
4269 * freed. Callers can use this to optimize memory allocations. */
2e59b241
LP		 4270
4271 if (flags & UNIT_ESCAPE_SPECIFIERS) {
24536beb
ZJS		 4272 t = specifier_escape(s);
4273 if (!t)
2e59b241
LP		 4274 return NULL;
4275
24536beb 4276 s = t;
2e59b241
LP		 4277 }
4278
24536beb
ZJS		 4279 /* We either do c-escaping or shell-escaping, to additionally escape characters that we parse for
4280 * ExecStart= and friend, i.e. '$' and ';' and quotes. */
4281
4282 if (flags & UNIT_ESCAPE_EXEC_SYNTAX) {
4283 char *t2 = shell_escape(s, "$;'\"");
4284 if (!t2)
4285 return NULL;
4286 free_and_replace(t, t2);
4287
4288 s = t;
2e59b241 4289
24536beb
ZJS		 4290 } else if (flags & UNIT_ESCAPE_C) {
4291 char *t2 = cescape(s);
4292 if (!t2)
2e59b241 4293 return NULL;
24536beb 4294 free_and_replace(t, t2);
2e59b241 4295
24536beb 4296 s = t;
2e59b241
LP		 4297 }
4298
4299 if (buf) {
24536beb
ZJS		 4300 *buf = TAKE_PTR(t);
4301 return (char*) s;
2e59b241
LP		 4302 }
4303
24536beb 4304 return TAKE_PTR(t) ?: strdup(s);
2e59b241
LP		 4305}
4306
4307char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4308 _cleanup_free_ char *result = NULL;
319a4f4b 4309 size_t n = 0;
2e59b241 4310
24536beb
ZJS		 4311 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command
4312 * lines in a way suitable for ExecStart= stanzas. */
2e59b241
LP		 4313
4314 STRV_FOREACH(i, l) {
4315 _cleanup_free_ char *buf = NULL;
4316 const char *p;
4317 size_t a;
4318 char *q;
4319
4320 p = unit_escape_setting(*i, flags, &buf);
4321 if (!p)
4322 return NULL;
4323
4324 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
319a4f4b 4325 if (!GREEDY_REALLOC(result, n + a + 1))
2e59b241
LP		 4326 return NULL;
4327
4328 q = result + n;
4329 if (n > 0)
4330 *(q++) = ' ';
4331
4332 *(q++) = '"';
4333 q = stpcpy(q, p);
4334 *(q++) = '"';
4335
4336 n += a;
4337 }
4338
319a4f4b 4339 if (!GREEDY_REALLOC(result, n + 1))
2e59b241
LP		 4340 return NULL;
4341
4342 result[n] = 0;
4343
ae2a15bc 4344 return TAKE_PTR(result);
2e59b241
LP		 4345}
4346
4347int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4348 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
2a9a6f8a 4349 const char *dir, *wrapped;
26d04f86 4350 int r;
71645aca
LP		 4351
4352 assert(u);
2e59b241
LP		 4353 assert(name);
4354 assert(data);
4355
4356 if (UNIT_WRITE_FLAGS_NOOP(flags))
4357 return 0;
4358
4359 data = unit_escape_setting(data, flags, &escaped);
4360 if (!data)
4361 return -ENOMEM;
4362
4363 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4364 * previous section header is the same */
4365
4366 if (flags & UNIT_PRIVATE) {
4367 if (!UNIT_VTABLE(u)->private_section)
4368 return -EINVAL;
4369
4370 if (!u->transient_file || u->last_section_private < 0)
4371 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4372 else if (u->last_section_private == 0)
4373 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4374 } else {
4375 if (!u->transient_file || u->last_section_private < 0)
4376 data = strjoina("[Unit]\n", data);
4377 else if (u->last_section_private > 0)
4378 data = strjoina("\n[Unit]\n", data);
4379 }
71645aca 4380
4f4afc88
LP		 4381 if (u->transient_file) {
4382 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4383 * write to the transient unit file. */
4384 fputs(data, u->transient_file);
4f4afc88 4385
2e59b241
LP		 4386 if (!endswith(data, "\n"))
4387 fputc('\n', u->transient_file);
4388
4389 /* Remember which section we wrote this entry to */
4390 u->last_section_private = !!(flags & UNIT_PRIVATE);
8e2af478 4391 return 0;
2e59b241 4392 }
8e2af478 4393
2e59b241 4394 dir = unit_drop_in_dir(u, flags);
39591351
LP		 4395 if (!dir)
4396 return -EINVAL;
71645aca 4397
2a9a6f8a 4398 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
3f71dec5 4399 "# or an equivalent operation. Do not edit.\n",
2a9a6f8a
ZJS		 4400 data,
4401 "\n");
e20b2a86 4402
815b09d3 4403 r = drop_in_file(dir, u->id, 50, name, &p, &q);
adb76a70
WC		 4404 if (r < 0)
4405 return r;
4406
45639f1b 4407 (void) mkdir_p_label(p, 0755);
4dba44a5
ZJS		 4408
4409 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4410 * recreate the cache after every drop-in we write. */
4411 if (u->manager->unit_path_cache) {
be327321 4412 r = set_put_strdup(&u->manager->unit_path_cache, p);
4dba44a5
ZJS		 4413 if (r < 0)
4414 return r;
4415 }
4416
2a9a6f8a 4417 r = write_string_file_atomic_label(q, wrapped);
adb76a70
WC		 4418 if (r < 0)
4419 return r;
4420
815b09d3 4421 r = strv_push(&u->dropin_paths, q);
adb76a70
WC		 4422 if (r < 0)
4423 return r;
815b09d3 4424 q = NULL;
adb76a70 4425
adb76a70
WC		 4426 strv_uniq(u->dropin_paths);
4427
4428 u->dropin_mtime = now(CLOCK_REALTIME);
4429
4430 return 0;
26d04f86 4431}
71645aca 4432
2e59b241 4433int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
b9ec9359
LP		 4434 _cleanup_free_ char *p = NULL;
4435 va_list ap;
4436 int r;
4437
4438 assert(u);
4439 assert(name);
4440 assert(format);
4441
2e59b241 4442 if (UNIT_WRITE_FLAGS_NOOP(flags))
b9ec9359
LP		 4443 return 0;
4444
4445 va_start(ap, format);
4446 r = vasprintf(&p, format, ap);
4447 va_end(ap);
4448
4449 if (r < 0)
4450 return -ENOMEM;
4451
2e59b241 4452 return unit_write_setting(u, flags, name, p);
b9ec9359 4453}
71645aca 4454
c2756a68 4455int unit_make_transient(Unit *u) {
0126c8f3 4456 _cleanup_free_ char *path = NULL;
4f4afc88 4457 FILE *f;
4f4afc88 4458
c2756a68
LP		 4459 assert(u);
4460
3f5e8115
LP		 4461 if (!UNIT_VTABLE(u)->can_transient)
4462 return -EOPNOTSUPP;
4463
45639f1b
LP		 4464 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4465
657ee2d8 4466 path = path_join(u->manager->lookup_paths.transient, u->id);
4f4afc88
LP		 4467 if (!path)
4468 return -ENOMEM;
4469
4470 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4471 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4472
78e334b5 4473 RUN_WITH_UMASK(0022) {
4f4afc88 4474 f = fopen(path, "we");
0126c8f3 4475 if (!f)
78e334b5 4476 return -errno;
4f4afc88
LP		 4477 }
4478
0126c8f3 4479 safe_fclose(u->transient_file);
4f4afc88
LP		 4480 u->transient_file = f;
4481
0126c8f3 4482 free_and_replace(u->fragment_path, path);
7c65093a 4483
7c65093a
LP		 4484 u->source_path = mfree(u->source_path);
4485 u->dropin_paths = strv_free(u->dropin_paths);
4486 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4487
4f4afc88
LP		 4488 u->load_state = UNIT_STUB;
4489 u->load_error = 0;
4490 u->transient = true;
4491
7c65093a
LP		 4492 unit_add_to_dbus_queue(u);
4493 unit_add_to_gc_queue(u);
c2756a68 4494
4f4afc88
LP		 4495 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4496 u->transient_file);
4497
3f5e8115 4498 return 0;
c2756a68
LP		 4499}
4500
c53d2d54 4501static int log_kill(pid_t pid, int sig, void *userdata) {
1d98fef1
LP		 4502 _cleanup_free_ char *comm = NULL;
4503
4504 (void) get_process_comm(pid, &comm);
4505
4506 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4507 only, like for example systemd's own PAM stub process. */
4508 if (comm && comm[0] == '(')
c53d2d54 4509 return 0;
1d98fef1
LP		 4510
4511 log_unit_notice(userdata,
4512 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4513 pid,
4514 strna(comm),
4515 signal_to_string(sig));
c53d2d54
DB		 4516
4517 return 1;
1d98fef1
LP		 4518}
4519
4ab1670f 4520static int operation_to_signal(const KillContext *c, KillOperation k, bool *noteworthy) {
1d98fef1
LP		 4521 assert(c);
4522
4523 switch (k) {
4524
4525 case KILL_TERMINATE:
4526 case KILL_TERMINATE_AND_LOG:
4ab1670f 4527 *noteworthy = false;
1d98fef1
LP		 4528 return c->kill_signal;
4529
a232ebcc 4530 case KILL_RESTART:
4ab1670f 4531 *noteworthy = false;
a232ebcc
ZJS		 4532 return restart_kill_signal(c);
4533
1d98fef1 4534 case KILL_KILL:
4ab1670f 4535 *noteworthy = true;
fbb48d4c 4536 return c->final_kill_signal;
1d98fef1 4537
c87700a1 4538 case KILL_WATCHDOG:
4ab1670f 4539 *noteworthy = true;
c87700a1 4540 return c->watchdog_signal;
1d98fef1
LP		 4541
4542 default:
04499a70 4543 assert_not_reached();
1d98fef1
LP		 4544 }
4545}
4546
cd2086fe
LP		 4547int unit_kill_context(
4548 Unit *u,
4549 KillContext *c,
db2cb23b 4550 KillOperation k,
cd2086fe
LP		 4551 pid_t main_pid,
4552 pid_t control_pid,
4553 bool main_pid_alien) {
4554
1d98fef1 4555 bool wait_for_exit = false, send_sighup;
59ec09a8 4556 cg_kill_log_func_t log_func = NULL;
b821a397 4557 int sig, r;
cd2086fe
LP		 4558
4559 assert(u);
4560 assert(c);
4561
8aff7ac4
LP		 4562 /* Kill the processes belonging to this unit, in preparation for shutting the unit down. Returns > 0
4563 * if we killed something worth waiting for, 0 otherwise. Do not confuse with unit_kill_common()
4564 * which is used for user-requested killing of unit processes. */
1d98fef1 4565
cd2086fe
LP		 4566 if (c->kill_mode == KILL_NONE)
4567 return 0;
4568
4ab1670f
ZJS		 4569 bool noteworthy;
4570 sig = operation_to_signal(c, k, &noteworthy);
4571 if (noteworthy)
4572 log_func = log_kill;
1d98fef1
LP		 4573
4574 send_sighup =
4575 c->send_sighup &&
4576 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4577 sig != SIGHUP;
4578
cd2086fe 4579 if (main_pid > 0) {
1d98fef1
LP		 4580 if (log_func)
4581 log_func(main_pid, sig, u);
cd2086fe 4582
1d98fef1 4583 r = kill_and_sigcont(main_pid, sig);
cd2086fe
LP		 4584 if (r < 0 && r != -ESRCH) {
4585 _cleanup_free_ char *comm = NULL;
1d98fef1 4586 (void) get_process_comm(main_pid, &comm);
cd2086fe 4587
b821a397 4588 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
82659fd7 4589 } else {
bc6aed7b
LP		 4590 if (!main_pid_alien)
4591 wait_for_exit = true;
82659fd7 4592
1d98fef1 4593 if (r != -ESRCH && send_sighup)
d0667321 4594 (void) kill(main_pid, SIGHUP);
82659fd7 4595 }
cd2086fe
LP		 4596 }
4597
4598 if (control_pid > 0) {
1d98fef1
LP		 4599 if (log_func)
4600 log_func(control_pid, sig, u);
cd2086fe 4601
1d98fef1 4602 r = kill_and_sigcont(control_pid, sig);
cd2086fe
LP		 4603 if (r < 0 && r != -ESRCH) {
4604 _cleanup_free_ char *comm = NULL;
1d98fef1 4605 (void) get_process_comm(control_pid, &comm);
cd2086fe 4606
b821a397 4607 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
82659fd7 4608 } else {
cd2086fe 4609 wait_for_exit = true;
82659fd7 4610
1d98fef1 4611 if (r != -ESRCH && send_sighup)
d0667321 4612 (void) kill(control_pid, SIGHUP);
82659fd7 4613 }
cd2086fe
LP		 4614 }
4615
b821a397
LP		 4616 if (u->cgroup_path &&
4617 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
cd2086fe
LP		 4618 _cleanup_set_free_ Set *pid_set = NULL;
4619
82659fd7
LP		 4620 /* Exclude the main/control pids from being killed via the cgroup */
4621 pid_set = unit_pid_set(main_pid, control_pid);
cd2086fe
LP		 4622 if (!pid_set)
4623 return -ENOMEM;
4624
1d98fef1
LP		 4625 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4626 sig,
4627 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4628 pid_set,
4629 log_func, u);
cd2086fe 4630 if (r < 0) {
4c701096 4631 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
6178e2f8 4632 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", empty_to_root(u->cgroup_path));
b821a397 4633
82659fd7 4634 } else if (r > 0) {
bc6aed7b 4635
1d9cc876
LP		 4636 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4637 * we are running in a container or if this is a delegation unit, simply because cgroup
4638 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4639 * of containers it can be confused easily by left-over directories in the cgroup — which
4640 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4641 * there we get proper events. Hence rely on them. */
efdb0237 4642
c22800e4 4643 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
1d9cc876 4644 (detect_container() == 0 && !unit_cgroup_delegate(u)))
e9db43d5 4645 wait_for_exit = true;
58ea275a 4646
1d98fef1 4647 if (send_sighup) {
82659fd7
LP		 4648 set_free(pid_set);
4649
4650 pid_set = unit_pid_set(main_pid, control_pid);
4651 if (!pid_set)
4652 return -ENOMEM;
4653
c8aa4b5b
LP		 4654 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4655 SIGHUP,
4656 CGROUP_IGNORE_SELF,
4657 pid_set,
4658 NULL, NULL);
82659fd7
LP		 4659 }
4660 }
cd2086fe
LP		 4661 }
4662
4663 return wait_for_exit;
4664}
4665
eef85c4a 4666int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
a57f7e2c
LP		 4667 int r;
4668
4669 assert(u);
4670 assert(path);
4671
ac19bdd0
ZJS		 4672 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these
4673 * paths in the unit (from the path to the UnitDependencyInfo structure indicating how to the
4674 * dependency came to be). However, we build a prefix table for all possible prefixes so that new
4675 * appearing mount units can easily determine which units to make themselves a dependency of. */
a57f7e2c 4676
70b64bd3
ZJS		 4677 if (!path_is_absolute(path))
4678 return -EINVAL;
4679
ac19bdd0
ZJS		 4680 if (hashmap_contains(u->requires_mounts_for, path)) /* Exit quickly if the path is already covered. */
4681 return 0;
eef85c4a 4682
ac19bdd0 4683 _cleanup_free_ char *p = strdup(path);
a57f7e2c
LP		 4684 if (!p)
4685 return -ENOMEM;
4686
ac19bdd0
ZJS		 4687 /* Use the canonical form of the path as the stored key. We call path_is_normalized()
4688 * only after simplification, since path_is_normalized() rejects paths with '.'.
4689 * path_is_normalized() also verifies that the path fits in PATH_MAX. */
4ff361cc 4690 path = path_simplify(p);
a57f7e2c 4691
ca8700e9 4692 if (!path_is_normalized(path))
a57f7e2c 4693 return -EPERM;
a57f7e2c 4694
ac19bdd0 4695 UnitDependencyInfo di = {
eef85c4a
LP		 4696 .origin_mask = mask
4697 };
4698
ac19bdd0 4699 r = hashmap_ensure_put(&u->requires_mounts_for, &path_hash_ops, p, di.data);
ca8700e9 4700 if (r < 0)
a57f7e2c 4701 return r;
ac19bdd0
ZJS		 4702 assert(r > 0);
4703 TAKE_PTR(p); /* path remains a valid pointer to the string stored in the hashmap */
a57f7e2c 4704
4cb06c59 4705 char prefix[strlen(path) + 1];
ca8700e9 4706 PATH_FOREACH_PREFIX_MORE(prefix, path) {
a57f7e2c
LP		 4707 Set *x;
4708
4709 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4710 if (!x) {
ca8700e9 4711 _cleanup_free_ char *q = NULL;
a57f7e2c 4712
548f6937 4713 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
742f41ad
LP		 4714 if (r < 0)
4715 return r;
a57f7e2c
LP		 4716
4717 q = strdup(prefix);
4718 if (!q)
4719 return -ENOMEM;
4720
d5099efc 4721 x = set_new(NULL);
ca8700e9 4722 if (!x)
a57f7e2c 4723 return -ENOMEM;
a57f7e2c
LP		 4724
4725 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4726 if (r < 0) {
a57f7e2c
LP		 4727 set_free(x);
4728 return r;
4729 }
ca8700e9 4730 q = NULL;
a57f7e2c
LP		 4731 }
4732
4733 r = set_put(x, u);
4734 if (r < 0)
4735 return r;
4736 }
4737
4738 return 0;
4739}
4740
613b411c
LP		 4741int unit_setup_exec_runtime(Unit *u) {
4742 ExecRuntime **rt;
4743 size_t offset;
613b411c 4744 Unit *other;
e8a565cb 4745 int r;
613b411c
LP		 4746
4747 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4748 assert(offset > 0);
4749
06b643e7 4750 /* Check if there already is an ExecRuntime for this unit? */
613b411c
LP		 4751 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4752 if (*rt)
4753 return 0;
4754
4755 /* Try to get it from somebody else */
15ed3c3a 4756 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_JOINS_NAMESPACE_OF) {
e8a565cb
YW		 4757 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
4758 if (r == 1)
4759 return 1;
613b411c
LP		 4760 }
4761
e8a565cb 4762 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
613b411c
LP		 4763}
4764
29206d46
LP		 4765int unit_setup_dynamic_creds(Unit *u) {
4766 ExecContext *ec;
4767 DynamicCreds *dcreds;
4768 size_t offset;
4769
4770 assert(u);
4771
4772 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4773 assert(offset > 0);
4774 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4775
4776 ec = unit_get_exec_context(u);
4777 assert(ec);
4778
4779 if (!ec->dynamic_user)
4780 return 0;
4781
4782 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4783}
4784
1c2e9646
LP		 4785bool unit_type_supported(UnitType t) {
4786 if (_unlikely_(t < 0))
4787 return false;
4788 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4789 return false;
4790
4791 if (!unit_vtable[t]->supported)
4792 return true;
4793
4794 return unit_vtable[t]->supported();
4795}
4796
8b4305c7
LP		 4797void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4798 int r;
4799
4800 assert(u);
4801 assert(where);
4802
c2503e35
RH		 4803 if (!unit_log_level_test(u, LOG_NOTICE))
4804 return;
4805
db55bbf2 4806 r = dir_is_empty(where, /* ignore_hidden_or_backup= */ false);
3f602115 4807 if (r > 0 || r == -ENOTDIR)
8b4305c7
LP		 4808 return;
4809 if (r < 0) {
4810 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4811 return;
4812 }
4813
c2503e35
RH		 4814 log_unit_struct(u, LOG_NOTICE,
4815 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4816 LOG_UNIT_INVOCATION_ID(u),
4817 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4818 "WHERE=%s", where);
8b4305c7
LP		 4819}
4820
25cd4964 4821int unit_fail_if_noncanonical(Unit *u, const char* where) {
58d9d89b 4822 _cleanup_free_ char *canonical_where = NULL;
8b4305c7
LP		 4823 int r;
4824
4825 assert(u);
4826 assert(where);
4827
a5648b80 4828 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where, NULL);
8b4305c7 4829 if (r < 0) {
25cd4964 4830 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
8b4305c7
LP		 4831 return 0;
4832 }
25cd4964
AJ		 4833
4834 /* We will happily ignore a trailing slash (or any redundant slashes) */
4835 if (path_equal(where, canonical_where))
8b4305c7
LP		 4836 return 0;
4837
25cd4964 4838 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
c2503e35
RH		 4839 log_unit_struct(u, LOG_ERR,
4840 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4841 LOG_UNIT_INVOCATION_ID(u),
4842 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
4843 "WHERE=%s", where);
8b4305c7
LP		 4844
4845 return -ELOOP;
4846}
0f13f3bd
LP		 4847
4848bool unit_is_pristine(Unit *u) {
4849 assert(u);
4850
7c65093a 4851 /* Check if the unit already exists or is already around,
0f13f3bd
LP		 4852 * in a number of different ways. Note that to cater for unit
4853 * types such as slice, we are generally fine with units that
e9e8cbc8
ZJS		 4854 * are marked UNIT_LOADED even though nothing was actually
4855 * loaded, as those unit types don't require a file on disk. */
0f13f3bd
LP		 4856
4857 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
4858 u->fragment_path ||
4859 u->source_path ||
4860 !strv_isempty(u->dropin_paths) ||
0f13f3bd
LP		 4861 u->job ||
4862 u->merged_into);
4863}
291d565a
LP		 4864
4865pid_t unit_control_pid(Unit *u) {
4866 assert(u);
4867
4868 if (UNIT_VTABLE(u)->control_pid)
4869 return UNIT_VTABLE(u)->control_pid(u);
4870
4871 return 0;
4872}
4873
4874pid_t unit_main_pid(Unit *u) {
4875 assert(u);
4876
4877 if (UNIT_VTABLE(u)->main_pid)
4878 return UNIT_VTABLE(u)->main_pid(u);
4879
4880 return 0;
4881}
00d9ef85
LP		 4882
4883static void unit_unref_uid_internal(
4884 Unit *u,
4885 uid_t *ref_uid,
4886 bool destroy_now,
4887 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4888
4889 assert(u);
4890 assert(ref_uid);
4891 assert(_manager_unref_uid);
4892
4893 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4894 * gid_t are actually the same time, with the same validity rules.
4895 *
4896 * Drops a reference to UID/GID from a unit. */
4897
4898 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4899 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4900
4901 if (!uid_is_valid(*ref_uid))
4902 return;
4903
4904 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4905 *ref_uid = UID_INVALID;
4906}
4907
b90cf102 4908static void unit_unref_uid(Unit *u, bool destroy_now) {
00d9ef85
LP		 4909 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4910}
4911
b90cf102 4912static void unit_unref_gid(Unit *u, bool destroy_now) {
00d9ef85
LP		 4913 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4914}
4915
b90cf102
LP		 4916void unit_unref_uid_gid(Unit *u, bool destroy_now) {
4917 assert(u);
4918
4919 unit_unref_uid(u, destroy_now);
4920 unit_unref_gid(u, destroy_now);
4921}
4922
00d9ef85
LP		 4923static int unit_ref_uid_internal(
4924 Unit *u,
4925 uid_t *ref_uid,
4926 uid_t uid,
4927 bool clean_ipc,
4928 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
4929
4930 int r;
4931
4932 assert(u);
4933 assert(ref_uid);
4934 assert(uid_is_valid(uid));
4935 assert(_manager_ref_uid);
4936
4937 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4938 * are actually the same type, and have the same validity rules.
4939 *
4940 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4941 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4942 * drops to zero. */
4943
4944 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4945 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4946
4947 if (*ref_uid == uid)
4948 return 0;
4949
4950 if (uid_is_valid(*ref_uid)) /* Already set? */
4951 return -EBUSY;
4952
4953 r = _manager_ref_uid(u->manager, uid, clean_ipc);
4954 if (r < 0)
4955 return r;
4956
4957 *ref_uid = uid;
4958 return 1;
4959}
4960
b90cf102 4961static int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
00d9ef85
LP		 4962 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
4963}
4964
b90cf102 4965static int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
00d9ef85
LP		 4966 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
4967}
4968
4969static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
4970 int r = 0, q = 0;
4971
4972 assert(u);
4973
4974 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4975
4976 if (uid_is_valid(uid)) {
4977 r = unit_ref_uid(u, uid, clean_ipc);
4978 if (r < 0)
4979 return r;
4980 }
4981
4982 if (gid_is_valid(gid)) {
4983 q = unit_ref_gid(u, gid, clean_ipc);
4984 if (q < 0) {
4985 if (r > 0)
4986 unit_unref_uid(u, false);
4987
4988 return q;
4989 }
4990 }
4991
4992 return r > 0 || q > 0;
4993}
4994
4995int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
4996 ExecContext *c;
4997 int r;
4998
4999 assert(u);
5000
5001 c = unit_get_exec_context(u);
5002
5003 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
5004 if (r < 0)
5005 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
5006
5007 return r;
5008}
5009
00d9ef85
LP		 5010void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
5011 int r;
5012
5013 assert(u);
5014
5015 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
5016 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
5017 * objects when no service references the UID/GID anymore. */
5018
5019 r = unit_ref_uid_gid(u, uid, gid);
5020 if (r > 0)
37d0b962 5021 unit_add_to_dbus_queue(u);
00d9ef85 5022}
4b58153d 5023
4b58153d
LP		 5024int unit_acquire_invocation_id(Unit *u) {
5025 sd_id128_t id;
5026 int r;
5027
5028 assert(u);
5029
5030 r = sd_id128_randomize(&id);
5031 if (r < 0)
5032 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
5033
5034 r = unit_set_invocation_id(u, id);
5035 if (r < 0)
5036 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
5037
af92c603 5038 unit_add_to_dbus_queue(u);
4b58153d
LP		 5039 return 0;
5040}
f0d47797 5041
1ad6e8b3
LP		 5042int unit_set_exec_params(Unit *u, ExecParameters *p) {
5043 int r;
5044
7960b0c7
LP		 5045 assert(u);
5046 assert(p);
f0d47797 5047
004c7f16 5048 /* Copy parameters from manager */
1ad6e8b3
LP		 5049 r = manager_get_effective_environment(u->manager, &p->environment);
5050 if (r < 0)
5051 return r;
5052
004c7f16
LP		 5053 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
5054 p->cgroup_supported = u->manager->cgroup_supported;
5055 p->prefix = u->manager->prefix;
5056 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5057
5238e957 5058 /* Copy parameters from unit */
7960b0c7 5059 p->cgroup_path = u->cgroup_path;
1d9cc876 5060 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
1ad6e8b3 5061
2ad591a3
LP		 5062 p->received_credentials_directory = u->manager->received_credentials_directory;
5063 p->received_encrypted_credentials_directory = u->manager->received_encrypted_credentials_directory;
bb0c0d6f 5064
1ad6e8b3 5065 return 0;
f0d47797 5066}
a79279c7 5067
4c253ed1 5068int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
a79279c7
LP		 5069 int r;
5070
5071 assert(u);
5072 assert(ret);
5073
5074 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5075 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5076
5077 (void) unit_realize_cgroup(u);
5078
4c253ed1
LP		 5079 r = safe_fork(name, FORK_REOPEN_LOG, ret);
5080 if (r != 0)
5081 return r;
a79279c7 5082
9c274488
LP		 5083 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE);
5084 (void) ignore_signals(SIGPIPE);
a79279c7 5085
4c253ed1 5086 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
a79279c7 5087
4c253ed1
LP		 5088 if (u->cgroup_path) {
5089 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5090 if (r < 0) {
6178e2f8 5091 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", empty_to_root(u->cgroup_path));
4c253ed1 5092 _exit(EXIT_CGROUP);
a79279c7 5093 }
a79279c7
LP		 5094 }
5095
4c253ed1 5096 return 0;
a79279c7 5097}
c999cf38 5098
810ef318
YW		 5099int unit_fork_and_watch_rm_rf(Unit *u, char **paths, pid_t *ret_pid) {
5100 pid_t pid;
5101 int r;
5102
5103 assert(u);
5104 assert(ret_pid);
5105
5106 r = unit_fork_helper_process(u, "(sd-rmrf)", &pid);
5107 if (r < 0)
5108 return r;
5109 if (r == 0) {
5110 int ret = EXIT_SUCCESS;
810ef318
YW		 5111
5112 STRV_FOREACH(i, paths) {
5113 r = rm_rf(*i, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_MISSING_OK);
5114 if (r < 0) {
5115 log_error_errno(r, "Failed to remove '%s': %m", *i);
5116 ret = EXIT_FAILURE;
5117 }
5118 }
5119
5120 _exit(ret);
5121 }
5122
5123 r = unit_watch_pid(u, pid, true);
5124 if (r < 0)
5125 return r;
5126
5127 *ret_pid = pid;
5128 return 0;
5129}
5130
15ed3c3a
LP		 5131static void unit_update_dependency_mask(Hashmap *deps, Unit *other, UnitDependencyInfo di) {
5132 assert(deps);
c999cf38
LP		 5133 assert(other);
5134
15ed3c3a 5135 if (di.origin_mask == 0 && di.destination_mask == 0)
c999cf38 5136 /* No bit set anymore, let's drop the whole entry */
15ed3c3a
LP		 5137 assert_se(hashmap_remove(deps, other));
5138 else
c999cf38 5139 /* Mask was reduced, let's update the entry */
15ed3c3a 5140 assert_se(hashmap_update(deps, other, di.data) == 0);
c999cf38
LP		 5141}
5142
5143void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
15ed3c3a 5144 Hashmap *deps;
c999cf38
LP		 5145 assert(u);
5146
5147 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5148
5149 if (mask == 0)
5150 return;
5151
15ed3c3a 5152 HASHMAP_FOREACH(deps, u->dependencies) {
c999cf38
LP		 5153 bool done;
5154
5155 do {
5156 UnitDependencyInfo di;
5157 Unit *other;
c999cf38
LP		 5158
5159 done = true;
5160
15ed3c3a
LP		 5161 HASHMAP_FOREACH_KEY(di.data, other, deps) {
5162 Hashmap *other_deps;
5163
1d6cc5d0 5164 if (FLAGS_SET(~mask, di.origin_mask))
c999cf38 5165 continue;
15ed3c3a 5166
c999cf38 5167 di.origin_mask &= ~mask;
15ed3c3a 5168 unit_update_dependency_mask(deps, other, di);
c999cf38 5169
defe63b0
LP		 5170 /* We updated the dependency from our unit to the other unit now. But most
5171 * dependencies imply a reverse dependency. Hence, let's delete that one
5172 * too. For that we go through all dependency types on the other unit and
5173 * delete all those which point to us and have the right mask set. */
c999cf38 5174
15ed3c3a 5175 HASHMAP_FOREACH(other_deps, other->dependencies) {
c999cf38
LP		 5176 UnitDependencyInfo dj;
5177
15ed3c3a 5178 dj.data = hashmap_get(other_deps, u);
1d6cc5d0 5179 if (FLAGS_SET(~mask, dj.destination_mask))
c999cf38 5180 continue;
c999cf38 5181
15ed3c3a
LP		 5182 dj.destination_mask &= ~mask;
5183 unit_update_dependency_mask(other_deps, u, dj);
c999cf38
LP		 5184 }
5185
5186 unit_add_to_gc_queue(other);
5187
156ba52b
YW		 5188 /* The unit 'other' may not be wanted by the unit 'u'. */
5189 unit_submit_to_stop_when_unneeded_queue(other);
5190
c999cf38
LP		 5191 done = false;
5192 break;
5193 }
5194
5195 } while (!done);
5196 }
5197}
d3070fbd 5198
2f8c48b6
AZ		 5199static int unit_get_invocation_path(Unit *u, char **ret) {
5200 char *p;
5201 int r;
5202
5203 assert(u);
5204 assert(ret);
5205
5206 if (MANAGER_IS_SYSTEM(u->manager))
5207 p = strjoin("/run/systemd/units/invocation:", u->id);
5208 else {
5209 _cleanup_free_ char *user_path = NULL;
5210 r = xdg_user_runtime_dir(&user_path, "/systemd/units/invocation:");
5211 if (r < 0)
5212 return r;
5213 p = strjoin(user_path, u->id);
5214 }
5215
5216 if (!p)
5217 return -ENOMEM;
5218
5219 *ret = p;
5220 return 0;
5221}
5222
d3070fbd 5223static int unit_export_invocation_id(Unit *u) {
2f8c48b6 5224 _cleanup_free_ char *p = NULL;
d3070fbd
LP		 5225 int r;
5226
5227 assert(u);
5228
5229 if (u->exported_invocation_id)
5230 return 0;
5231
5232 if (sd_id128_is_null(u->invocation_id))
5233 return 0;
5234
2f8c48b6
AZ		 5235 r = unit_get_invocation_path(u, &p);
5236 if (r < 0)
5237 return log_unit_debug_errno(u, r, "Failed to get invocation path: %m");
5238
a3f5fd96 5239 r = symlink_atomic_label(u->invocation_id_string, p);
d3070fbd
LP		 5240 if (r < 0)
5241 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5242
5243 u->exported_invocation_id = true;
5244 return 0;
5245}
5246
5247static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5248 const char *p;
5249 char buf[2];
5250 int r;
5251
5252 assert(u);
5253 assert(c);
5254
5255 if (u->exported_log_level_max)
5256 return 0;
5257
5258 if (c->log_level_max < 0)
5259 return 0;
5260
5261 assert(c->log_level_max <= 7);
5262
5263 buf[0] = '0' + c->log_level_max;
5264 buf[1] = 0;
5265
5266 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5267 r = symlink_atomic(buf, p);
5268 if (r < 0)
5269 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5270
5271 u->exported_log_level_max = true;
5272 return 0;
5273}
5274
5275static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5276 _cleanup_close_ int fd = -1;
5277 struct iovec *iovec;
5278 const char *p;
5279 char *pattern;
5280 le64_t *sizes;
5281 ssize_t n;
d3070fbd
LP		 5282 int r;
5283
5284 if (u->exported_log_extra_fields)
5285 return 0;
5286
5287 if (c->n_log_extra_fields <= 0)
5288 return 0;
5289
5290 sizes = newa(le64_t, c->n_log_extra_fields);
5291 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5292
12375b95 5293 for (size_t i = 0; i < c->n_log_extra_fields; i++) {
d3070fbd
LP		 5294 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5295
5296 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5297 iovec[i*2+1] = c->log_extra_fields[i];
5298 }
5299
5300 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5301 pattern = strjoina(p, ".XXXXXX");
5302
5303 fd = mkostemp_safe(pattern);
5304 if (fd < 0)
5305 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5306
5307 n = writev(fd, iovec, c->n_log_extra_fields*2);
5308 if (n < 0) {
5309 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5310 goto fail;
5311 }
5312
5313 (void) fchmod(fd, 0644);
5314
5315 if (rename(pattern, p) < 0) {
5316 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5317 goto fail;
5318 }
5319
5320 u->exported_log_extra_fields = true;
5321 return 0;
5322
5323fail:
5324 (void) unlink(pattern);
5325 return r;
5326}
5327
5ac1530e 5328static int unit_export_log_ratelimit_interval(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5329 _cleanup_free_ char *buf = NULL;
5330 const char *p;
5331 int r;
5332
5333 assert(u);
5334 assert(c);
5335
5ac1530e 5336 if (u->exported_log_ratelimit_interval)
90fc172e
AZ		 5337 return 0;
5338
5ac1530e 5339 if (c->log_ratelimit_interval_usec == 0)
90fc172e
AZ		 5340 return 0;
5341
5342 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5343
5ac1530e 5344 if (asprintf(&buf, "%" PRIu64, c->log_ratelimit_interval_usec) < 0)
90fc172e
AZ		 5345 return log_oom();
5346
5347 r = symlink_atomic(buf, p);
5348 if (r < 0)
5349 return log_unit_debug_errno(u, r, "Failed to create log rate limit interval symlink %s: %m", p);
5350
5ac1530e 5351 u->exported_log_ratelimit_interval = true;
90fc172e
AZ		 5352 return 0;
5353}
5354
5ac1530e 5355static int unit_export_log_ratelimit_burst(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5356 _cleanup_free_ char *buf = NULL;
5357 const char *p;
5358 int r;
5359
5360 assert(u);
5361 assert(c);
5362
5ac1530e 5363 if (u->exported_log_ratelimit_burst)
90fc172e
AZ		 5364 return 0;
5365
5ac1530e 5366 if (c->log_ratelimit_burst == 0)
90fc172e
AZ		 5367 return 0;
5368
5369 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5370
5ac1530e 5371 if (asprintf(&buf, "%u", c->log_ratelimit_burst) < 0)
90fc172e
AZ		 5372 return log_oom();
5373
5374 r = symlink_atomic(buf, p);
5375 if (r < 0)
5376 return log_unit_debug_errno(u, r, "Failed to create log rate limit burst symlink %s: %m", p);
5377
5ac1530e 5378 u->exported_log_ratelimit_burst = true;
90fc172e
AZ		 5379 return 0;
5380}
5381
d3070fbd
LP		 5382void unit_export_state_files(Unit *u) {
5383 const ExecContext *c;
5384
5385 assert(u);
5386
5387 if (!u->id)
5388 return;
5389
638cece4 5390 if (MANAGER_IS_TEST_RUN(u->manager))
8f632531
LP		 5391 return;
5392
d3070fbd
LP		 5393 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5394 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5395 * the IPC system itself and PID 1 also log to the journal.
5396 *
5397 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5398 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5399 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5400 * namespace at least.
5401 *
5402 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5403 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5404 * them with one. */
5405
5406 (void) unit_export_invocation_id(u);
5407
2f8c48b6
AZ		 5408 if (!MANAGER_IS_SYSTEM(u->manager))
5409 return;
5410
d3070fbd
LP		 5411 c = unit_get_exec_context(u);
5412 if (c) {
5413 (void) unit_export_log_level_max(u, c);
5414 (void) unit_export_log_extra_fields(u, c);
5ac1530e
ZJS		 5415 (void) unit_export_log_ratelimit_interval(u, c);
5416 (void) unit_export_log_ratelimit_burst(u, c);
d3070fbd
LP		 5417 }
5418}
5419
5420void unit_unlink_state_files(Unit *u) {
5421 const char *p;
5422
5423 assert(u);
5424
5425 if (!u->id)
5426 return;
5427
d3070fbd
LP		 5428 /* Undoes the effect of unit_export_state() */
5429
5430 if (u->exported_invocation_id) {
2f8c48b6
AZ		 5431 _cleanup_free_ char *invocation_path = NULL;
5432 int r = unit_get_invocation_path(u, &invocation_path);
5433 if (r >= 0) {
5434 (void) unlink(invocation_path);
5435 u->exported_invocation_id = false;
5436 }
d3070fbd
LP		 5437 }
5438
2f8c48b6
AZ		 5439 if (!MANAGER_IS_SYSTEM(u->manager))
5440 return;
5441
d3070fbd
LP		 5442 if (u->exported_log_level_max) {
5443 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5444 (void) unlink(p);
5445
5446 u->exported_log_level_max = false;
5447 }
5448
5449 if (u->exported_log_extra_fields) {
5450 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5451 (void) unlink(p);
5452
5453 u->exported_log_extra_fields = false;
5454 }
90fc172e 5455
5ac1530e 5456 if (u->exported_log_ratelimit_interval) {
90fc172e
AZ		 5457 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5458 (void) unlink(p);
5459
5ac1530e 5460 u->exported_log_ratelimit_interval = false;
90fc172e
AZ		 5461 }
5462
5ac1530e 5463 if (u->exported_log_ratelimit_burst) {
90fc172e
AZ		 5464 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5465 (void) unlink(p);
5466
5ac1530e 5467 u->exported_log_ratelimit_burst = false;
90fc172e 5468 }
d3070fbd 5469}
5afe510c 5470
3c7416b6
LP		 5471int unit_prepare_exec(Unit *u) {
5472 int r;
5473
5474 assert(u);
5475
fab34748
KL		 5476 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5477 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5478 r = bpf_firewall_load_custom(u);
5479 if (r < 0)
5480 return r;
5481
3c7416b6
LP		 5482 /* Prepares everything so that we can fork of a process for this unit */
5483
5484 (void) unit_realize_cgroup(u);
5485
5486 if (u->reset_accounting) {
9b2559a1 5487 (void) unit_reset_accounting(u);
3c7416b6
LP		 5488 u->reset_accounting = false;
5489 }
5490
5491 unit_export_state_files(u);
5492
5493 r = unit_setup_exec_runtime(u);
5494 if (r < 0)
5495 return r;
5496
5497 r = unit_setup_dynamic_creds(u);
5498 if (r < 0)
5499 return r;
5500
5501 return 0;
5502}
5503
4c425434
LP		 5504static bool ignore_leftover_process(const char *comm) {
5505 return comm && comm[0] == '('; /* Most likely our own helper process (PAM?), ignore */
5506}
5507
5508int unit_log_leftover_process_start(pid_t pid, int sig, void *userdata) {
a4634b21
LP		 5509 _cleanup_free_ char *comm = NULL;
5510
5511 (void) get_process_comm(pid, &comm);
5512
4c425434 5513 if (ignore_leftover_process(comm))
c53d2d54 5514 return 0;
a4634b21 5515
4c425434
LP		 5516 /* During start we print a warning */
5517
a4634b21
LP		 5518 log_unit_warning(userdata,
5519 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5520 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5521 pid, strna(comm));
c53d2d54
DB		 5522
5523 return 1;
a4634b21
LP		 5524}
5525
4c425434
LP		 5526int unit_log_leftover_process_stop(pid_t pid, int sig, void *userdata) {
5527 _cleanup_free_ char *comm = NULL;
5528
5529 (void) get_process_comm(pid, &comm);
5530
5531 if (ignore_leftover_process(comm))
5532 return 0;
5533
5534 /* During stop we only print an informational message */
5535
5536 log_unit_info(userdata,
5537 "Unit process " PID_FMT " (%s) remains running after unit stopped.",
5538 pid, strna(comm));
5539
5540 return 1;
5541}
5542
5543int unit_warn_leftover_processes(Unit *u, cg_kill_log_func_t log_func) {
a4634b21
LP		 5544 assert(u);
5545
5546 (void) unit_pick_cgroup_path(u);
5547
5548 if (!u->cgroup_path)
c53d2d54 5549 return 0;
a4634b21 5550
4c425434 5551 return cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_func, u);
a4634b21
LP		 5552}
5553
bb2c7685
LP		 5554bool unit_needs_console(Unit *u) {
5555 ExecContext *ec;
5556 UnitActiveState state;
5557
5558 assert(u);
5559
5560 state = unit_active_state(u);
5561
5562 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5563 return false;
5564
5565 if (UNIT_VTABLE(u)->needs_console)
5566 return UNIT_VTABLE(u)->needs_console(u);
5567
5568 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5569 ec = unit_get_exec_context(u);
5570 if (!ec)
5571 return false;
5572
5573 return exec_context_may_touch_console(ec);
5574}
5575
6592b975
LP		 5576int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5577 int r;
5578
5579 assert(u);
5580
5581 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5582 * and not a kernel thread either */
5583
5584 /* First, a simple range check */
5585 if (!pid_is_valid(pid))
5586 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5587
5588 /* Some extra safety check */
5589 if (pid == 1 || pid == getpid_cached())
3fe91079 5590 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid);
6592b975
LP		 5591
5592 /* Don't even begin to bother with kernel threads */
5593 r = is_kernel_thread(pid);
5594 if (r == -ESRCH)
5595 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5596 if (r < 0)
5597 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5598 if (r > 0)
5599 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5600
5601 return 0;
5602}
5603
523ee2d4
LP		 5604void unit_log_success(Unit *u) {
5605 assert(u);
5606
edf2ee22
JM		 5607 /* Let's show message "Deactivated successfully" in debug mode (when manager is user) rather than in info mode.
5608 * This message has low information value for regular users and it might be a bit overwhelming on a system with
5609 * a lot of devices. */
5610 log_unit_struct(u,
5611 MANAGER_IS_USER(u->manager) ? LOG_DEBUG : LOG_INFO,
c2503e35
RH		 5612 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR,
5613 LOG_UNIT_INVOCATION_ID(u),
5614 LOG_UNIT_MESSAGE(u, "Deactivated successfully."));
523ee2d4
LP		 5615}
5616
7c047d74
LP		 5617void unit_log_failure(Unit *u, const char *result) {
5618 assert(u);
5619 assert(result);
5620
c2503e35
RH		 5621 log_unit_struct(u, LOG_WARNING,
5622 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR,
5623 LOG_UNIT_INVOCATION_ID(u),
5624 LOG_UNIT_MESSAGE(u, "Failed with result '%s'.", result),
5625 "UNIT_RESULT=%s", result);
7c047d74
LP		 5626}
5627
31cd5f63
AZ		 5628void unit_log_skip(Unit *u, const char *result) {
5629 assert(u);
5630 assert(result);
5631
c2503e35
RH		 5632 log_unit_struct(u, LOG_INFO,
5633 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR,
5634 LOG_UNIT_INVOCATION_ID(u),
5635 LOG_UNIT_MESSAGE(u, "Skipped due to '%s'.", result),
5636 "UNIT_RESULT=%s", result);
31cd5f63
AZ		 5637}
5638
91bbd9b7
LP		 5639void unit_log_process_exit(
5640 Unit *u,
91bbd9b7
LP		 5641 const char *kind,
5642 const char *command,
5cc2cd1c 5643 bool success,
91bbd9b7
LP		 5644 int code,
5645 int status) {
5646
5cc2cd1c
ZJS		 5647 int level;
5648
91bbd9b7
LP		 5649 assert(u);
5650 assert(kind);
5651
5cc2cd1c
ZJS		 5652 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
5653 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
5654 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
5655 * WARNING. */
5656 if (success)
5657 level = LOG_DEBUG;
5658 else if (code == CLD_EXITED)
5659 level = LOG_NOTICE;
5660 else
91bbd9b7
LP		 5661 level = LOG_WARNING;
5662
c2503e35
RH		 5663 log_unit_struct(u, level,
5664 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR,
58441bc1 5665 LOG_UNIT_MESSAGE(u, "%s exited, code=%s, status=%i/%s%s",
c2503e35
RH		 5666 kind,
5667 sigchld_code_to_string(code), status,
5668 strna(code == CLD_EXITED
5669 ? exit_status_to_string(status, EXIT_STATUS_FULL)
58441bc1
ZJS		 5670 : signal_to_string(status)),
5671 success ? " (success)" : ""),
c2503e35
RH		 5672 "EXIT_CODE=%s", sigchld_code_to_string(code),
5673 "EXIT_STATUS=%i", status,
5674 "COMMAND=%s", strna(command),
5675 LOG_UNIT_INVOCATION_ID(u));
91bbd9b7
LP		 5676}
5677
7af67e9a
LP		 5678int unit_exit_status(Unit *u) {
5679 assert(u);
5680
5681 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
5682 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
5683 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
5684 * service process has exited abnormally (signal/coredump). */
5685
5686 if (!UNIT_VTABLE(u)->exit_status)
5687 return -EOPNOTSUPP;
5688
5689 return UNIT_VTABLE(u)->exit_status(u);
5690}
5691
5692int unit_failure_action_exit_status(Unit *u) {
5693 int r;
5694
5695 assert(u);
5696
5697 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
5698
5699 if (u->failure_action_exit_status >= 0)
5700 return u->failure_action_exit_status;
5701
5702 r = unit_exit_status(u);
5703 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5704 return 255;
5705
5706 return r;
5707}
5708
5709int unit_success_action_exit_status(Unit *u) {
5710 int r;
5711
5712 assert(u);
5713
5714 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
5715
5716 if (u->success_action_exit_status >= 0)
5717 return u->success_action_exit_status;
5718
5719 r = unit_exit_status(u);
5720 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5721 return 255;
5722
5723 return r;
5724}
5725
a4191c9f
LP		 5726int unit_test_trigger_loaded(Unit *u) {
5727 Unit *trigger;
5728
5729 /* Tests whether the unit to trigger is loaded */
5730
5731 trigger = UNIT_TRIGGER(u);
5732 if (!trigger)
e7b9f4d9
ZJS		 5733 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
5734 "Refusing to start, no unit to trigger.");
a4191c9f 5735 if (trigger->load_state != UNIT_LOADED)
e7b9f4d9
ZJS		 5736 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
5737 "Refusing to start, unit %s to trigger not loaded.", trigger->id);
a4191c9f
LP		 5738
5739 return 0;
5740}
5741
bb0c0d6f
LP		 5742void unit_destroy_runtime_data(Unit *u, const ExecContext *context) {
5743 assert(u);
5744 assert(context);
5745
95939aed
YW		 5746 if (context->runtime_directory_preserve_mode == EXEC_PRESERVE_NO ||
5747 (context->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART && !unit_will_restart(u)))
5748 exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
bb0c0d6f
LP		 5749
5750 exec_context_destroy_credentials(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME], u->id);
95939aed
YW		 5751}
5752
380dc8b0
LP		 5753int unit_clean(Unit *u, ExecCleanMask mask) {
5754 UnitActiveState state;
5755
5756 assert(u);
5757
5758 /* Special return values:
5759 *
5760 * -EOPNOTSUPP → cleaning not supported for this unit type
5761 * -EUNATCH → cleaning not defined for this resource type
5762 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
5763 * a job queued or similar
5764 */
5765
5766 if (!UNIT_VTABLE(u)->clean)
5767 return -EOPNOTSUPP;
5768
5769 if (mask == 0)
5770 return -EUNATCH;
5771
5772 if (u->load_state != UNIT_LOADED)
5773 return -EBUSY;
5774
5775 if (u->job)
5776 return -EBUSY;
5777
5778 state = unit_active_state(u);
5779 if (!IN_SET(state, UNIT_INACTIVE))
5780 return -EBUSY;
5781
5782 return UNIT_VTABLE(u)->clean(u, mask);
5783}
5784
5785int unit_can_clean(Unit *u, ExecCleanMask *ret) {
5786 assert(u);
5787
5788 if (!UNIT_VTABLE(u)->clean ||
5789 u->load_state != UNIT_LOADED) {
5790 *ret = 0;
5791 return 0;
5792 }
5793
5794 /* When the clean() method is set, can_clean() really should be set too */
5795 assert(UNIT_VTABLE(u)->can_clean);
5796
5797 return UNIT_VTABLE(u)->can_clean(u, ret);
5798}
5799
d9e45bc3
MS		 5800bool unit_can_freeze(Unit *u) {
5801 assert(u);
5802
5803 if (UNIT_VTABLE(u)->can_freeze)
5804 return UNIT_VTABLE(u)->can_freeze(u);
5805
5806 return UNIT_VTABLE(u)->freeze;
5807}
5808
5809void unit_frozen(Unit *u) {
5810 assert(u);
5811
5812 u->freezer_state = FREEZER_FROZEN;
5813
5814 bus_unit_send_pending_freezer_message(u);
5815}
5816
5817void unit_thawed(Unit *u) {
5818 assert(u);
5819
5820 u->freezer_state = FREEZER_RUNNING;
5821
5822 bus_unit_send_pending_freezer_message(u);
5823}
5824
5825static int unit_freezer_action(Unit *u, FreezerAction action) {
5826 UnitActiveState s;
5827 int (*method)(Unit*);
5828 int r;
5829
5830 assert(u);
5831 assert(IN_SET(action, FREEZER_FREEZE, FREEZER_THAW));
5832
5833 method = action == FREEZER_FREEZE ? UNIT_VTABLE(u)->freeze : UNIT_VTABLE(u)->thaw;
5834 if (!method || !cg_freezer_supported())
5835 return -EOPNOTSUPP;
5836
5837 if (u->job)
5838 return -EBUSY;
5839
5840 if (u->load_state != UNIT_LOADED)
5841 return -EHOSTDOWN;
5842
5843 s = unit_active_state(u);
5844 if (s != UNIT_ACTIVE)
5845 return -EHOSTDOWN;
5846
5847 if (IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING))
5848 return -EALREADY;
5849
5850 r = method(u);
5851 if (r <= 0)
5852 return r;
5853
d171e72e
YW		 5854 assert(IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING));
5855
d9e45bc3
MS		 5856 return 1;
5857}
5858
5859int unit_freeze(Unit *u) {
5860 return unit_freezer_action(u, FREEZER_FREEZE);
5861}
5862
5863int unit_thaw(Unit *u) {
5864 return unit_freezer_action(u, FREEZER_THAW);
5865}
5866
5867/* Wrappers around low-level cgroup freezer operations common for service and scope units */
5868int unit_freeze_vtable_common(Unit *u) {
5869 return unit_cgroup_freezer_action(u, FREEZER_FREEZE);
5870}
5871
5872int unit_thaw_vtable_common(Unit *u) {
5873 return unit_cgroup_freezer_action(u, FREEZER_THAW);
5874}
5875
6e548561 5876Condition *unit_find_failed_condition(Unit *u) {
03677889 5877 Condition *failed_trigger = NULL;
6e548561
DDM		 5878 bool has_succeeded_trigger = false;
5879
5880 if (u->condition_result)
5881 return NULL;
5882
5883 LIST_FOREACH(conditions, c, u->conditions)
5884 if (c->trigger) {
5885 if (c->result == CONDITION_SUCCEEDED)
5886 has_succeeded_trigger = true;
5887 else if (!failed_trigger)
5888 failed_trigger = c;
5889 } else if (c->result != CONDITION_SUCCEEDED)
5890 return c;
5891
5892 return failed_trigger && !has_succeeded_trigger ? failed_trigger : NULL;
5893}
5894
5afe510c
LP		 5895static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5896 [COLLECT_INACTIVE] = "inactive",
5897 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5898};
5899
5900DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
15ed3c3a
LP		 5901
5902Unit* unit_has_dependency(const Unit *u, UnitDependencyAtom atom, Unit *other) {
5903 Unit *i;
5904
5905 assert(u);
5906
5907 /* Checks if the unit has a dependency on 'other' with the specified dependency atom. If 'other' is
5908 * NULL checks if the unit has *any* dependency of that atom. Returns 'other' if found (or if 'other'
5909 * is NULL the first entry found), or NULL if not found. */
5910
5911 UNIT_FOREACH_DEPENDENCY(i, u, atom)
5912 if (!other || other == i)
5913 return i;
5914
5915 return NULL;
5916}
5917
5918int unit_get_dependency_array(const Unit *u, UnitDependencyAtom atom, Unit ***ret_array) {
5919 _cleanup_free_ Unit **array = NULL;
5920 size_t n = 0;
5921 Unit *other;
5922
5923 assert(u);
5924 assert(ret_array);
5925
5926 /* Gets a list of units matching a specific atom as array. This is useful when iterating through
5927 * dependencies while modifying them: the array is an "atomic snapshot" of sorts, that can be read
48008c1c 5928 * while the dependency table is continuously updated. */
15ed3c3a
LP		 5929
5930 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
5931 if (!GREEDY_REALLOC(array, n + 1))
5932 return -ENOMEM;
5933
5934 array[n++] = other;
5935 }
5936
5937 *ret_array = TAKE_PTR(array);
5938
5939 assert(n <= INT_MAX);
5940 return (int) n;
5941}
48b92b37
LB		 5942
5943const ActivationDetailsVTable * const activation_details_vtable[_UNIT_TYPE_MAX] = {
4c420328 5944 [UNIT_PATH] = &activation_details_path_vtable,
c8bc7519 5945 [UNIT_TIMER] = &activation_details_timer_vtable,
48b92b37
LB		 5946};
5947
5948ActivationDetails *activation_details_new(Unit *trigger_unit) {
5949 _cleanup_free_ ActivationDetails *details = NULL;
5950
5951 assert(trigger_unit);
5952 assert(trigger_unit->type != _UNIT_TYPE_INVALID);
5953 assert(trigger_unit->id);
5954
5955 details = malloc0(activation_details_vtable[trigger_unit->type]->object_size);
5956 if (!details)
5957 return NULL;
5958
5959 *details = (ActivationDetails) {
5960 .n_ref = 1,
5961 .trigger_unit_type = trigger_unit->type,
5962 };
5963
5964 details->trigger_unit_name = strdup(trigger_unit->id);
5965 if (!details->trigger_unit_name)
5966 return NULL;
5967
5968 if (ACTIVATION_DETAILS_VTABLE(details)->init)
5969 ACTIVATION_DETAILS_VTABLE(details)->init(details, trigger_unit);
5970
5971 return TAKE_PTR(details);
5972}
5973
5974static ActivationDetails *activation_details_free(ActivationDetails *details) {
5975 if (!details)
5976 return NULL;
5977
5978 if (ACTIVATION_DETAILS_VTABLE(details)->done)
5979 ACTIVATION_DETAILS_VTABLE(details)->done(details);
5980
5981 free(details->trigger_unit_name);
5982
5983 return mfree(details);
5984}
5985
5986void activation_details_serialize(ActivationDetails *details, FILE *f) {
5987 if (!details || details->trigger_unit_type == _UNIT_TYPE_INVALID)
5988 return;
5989
5990 (void) serialize_item(f, "activation-details-unit-type", unit_type_to_string(details->trigger_unit_type));
5991 if (details->trigger_unit_name)
5992 (void) serialize_item(f, "activation-details-unit-name", details->trigger_unit_name);
5993 if (ACTIVATION_DETAILS_VTABLE(details)->serialize)
5994 ACTIVATION_DETAILS_VTABLE(details)->serialize(details, f);
5995}
5996
5997int activation_details_deserialize(const char *key, const char *value, ActivationDetails **details) {
5998 assert(key);
5999 assert(value);
6000 assert(details);
6001
6002 if (!*details) {
6003 UnitType t;
6004
6005 if (!streq(key, "activation-details-unit-type"))
6006 return -EINVAL;
6007
6008 t = unit_type_from_string(value);
6009 if (t == _UNIT_TYPE_INVALID)
6010 return -EINVAL;
6011
6012 *details = malloc0(activation_details_vtable[t]->object_size);
6013 if (!*details)
6014 return -ENOMEM;
6015
6016 **details = (ActivationDetails) {
6017 .n_ref = 1,
6018 .trigger_unit_type = t,
6019 };
6020
6021 return 0;
6022 }
6023
6024 if (streq(key, "activation-details-unit-name")) {
6025 (*details)->trigger_unit_name = strdup(value);
6026 if (!(*details)->trigger_unit_name)
6027 return -ENOMEM;
6028
6029 return 0;
6030 }
6031
6032 if (ACTIVATION_DETAILS_VTABLE(*details)->deserialize)
6033 return ACTIVATION_DETAILS_VTABLE(*details)->deserialize(key, value, details);
6034
6035 return -EINVAL;
6036}
6037
6038int activation_details_append_env(ActivationDetails *details, char ***strv) {
6039 int r = 0;
6040
6041 assert(strv);
6042
6043 if (!details)
6044 return 0;
6045
6046 if (!isempty(details->trigger_unit_name)) {
6047 char *s = strjoin("TRIGGER_UNIT=", details->trigger_unit_name);
6048 if (!s)
6049 return -ENOMEM;
6050
6051 r = strv_consume(strv, TAKE_PTR(s));
6052 if (r < 0)
6053 return r;
6054 }
6055
6056 if (ACTIVATION_DETAILS_VTABLE(details)->append_env) {
6057 r = ACTIVATION_DETAILS_VTABLE(details)->append_env(details, strv);
6058 if (r < 0)
6059 return r;
6060 }
6061
6062 return r + !isempty(details->trigger_unit_name); /* Return the number of variables added to the env block */
6063}
6064
6065int activation_details_append_pair(ActivationDetails *details, char ***strv) {
6066 int r = 0;
6067
6068 assert(strv);
6069
6070 if (!details)
6071 return 0;
6072
6073 if (!isempty(details->trigger_unit_name)) {
6074 r = strv_extend(strv, "trigger_unit");
6075 if (r < 0)
6076 return r;
6077
6078 r = strv_extend(strv, details->trigger_unit_name);
6079 if (r < 0)
6080 return r;
6081 }
6082
6083 if (ACTIVATION_DETAILS_VTABLE(details)->append_env) {
6084 r = ACTIVATION_DETAILS_VTABLE(details)->append_pair(details, strv);
6085 if (r < 0)
6086 return r;
6087 }
6088
6089 return r + !isempty(details->trigger_unit_name); /* Return the number of pairs added to the strv */
6090}
6091
6092DEFINE_TRIVIAL_REF_UNREF_FUNC(ActivationDetails, activation_details, activation_details_free);
Unnamed repository; edit this file 'description' to name the repository.