]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/unit.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
man: document effect of --user on --unit with journalctl
[thirdparty/systemd.git] / src / core / unit.c
CommitLineData
db9ecf05 1/* SPDX-License-Identifier: LGPL-2.1-or-later */
a7334b09 2
87f0e418 3#include <errno.h>
0301abf4 4#include <stdlib.h>
4c253ed1 5#include <sys/prctl.h>
4f5dd394 6#include <unistd.h>
87f0e418 7
718db961
LP		 8#include "sd-id128.h"
9#include "sd-messages.h"
4f5dd394 10
57b7a260 11#include "all-units.h"
d68c645b 12#include "alloc-util.h"
fab34748 13#include "bpf-firewall.h"
5f8ba20d 14#include "bpf-foreign.h"
cd09a5f3 15#include "bpf-socket-bind.h"
4f5dd394
LP		 16#include "bus-common-errors.h"
17#include "bus-util.h"
fdb3deca 18#include "cgroup-setup.h"
c6c18be3 19#include "cgroup-util.h"
f4351959 20#include "chase-symlinks.h"
e30bbc90 21#include "core-varlink.h"
4f5dd394
LP		 22#include "dbus-unit.h"
23#include "dbus.h"
24#include "dropin.h"
25#include "escape.h"
26#include "execute.h"
6a48d82f 27#include "fd-util.h"
a5c32cff 28#include "fileio-label.h"
ee228be1 29#include "fileio.h"
f97b34a6 30#include "format-util.h"
4b58153d 31#include "id128-util.h"
5cfa33e0 32#include "install.h"
2d3b784d 33#include "io-util.h"
a3f5fd96 34#include "label.h"
4f5dd394
LP		 35#include "load-dropin.h"
36#include "load-fragment.h"
37#include "log.h"
38#include "macro.h"
f5947a5e 39#include "missing_audit.h"
35cd0ba5 40#include "mkdir-label.h"
4f5dd394 41#include "path-util.h"
0b452006 42#include "process-util.h"
810ef318 43#include "rm-rf.h"
48b92b37 44#include "serialize.h"
4f5dd394 45#include "set.h"
6eb7c172 46#include "signal-util.h"
d3070fbd 47#include "sparse-endian.h"
e9db43d5 48#include "special.h"
2e59b241 49#include "specifier.h"
8fcde012 50#include "stat-util.h"
d054f0a4 51#include "stdio-util.h"
5afe510c 52#include "string-table.h"
07630cea 53#include "string-util.h"
4f5dd394 54#include "strv.h"
5b262f74 55#include "terminal-util.h"
e4de7287 56#include "tmpfile-util.h"
4f4afc88 57#include "umask-util.h"
4f5dd394 58#include "unit-name.h"
e9db43d5 59#include "unit.h"
b1d4f8e1
LP		 60#include "user-util.h"
61#include "virt.h"
91ce91c7
JK		 62#if BPF_FRAMEWORK
63#include "bpf-link.h"
64#endif
87f0e418 65
37109b85
ZJS		 66/* Thresholds for logging at INFO level about resource consumption */
67#define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
68#define MENTIONWORTHY_IO_BYTES (1024 * 1024ULL)
69#define MENTIONWORTHY_IP_BYTES (0ULL)
70
71/* Thresholds for logging at INFO level about resource consumption */
72#define NOTICEWORTHY_CPU_NSEC (10*60 * NSEC_PER_SEC) /* 10 minutes */
73#define NOTICEWORTHY_IO_BYTES (10 * 1024 * 1024ULL) /* 10 MB */
74#define NOTICEWORTHY_IP_BYTES (128 * 1024 * 1024ULL) /* 128 MB */
75
87f0e418
LP		 76const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
77 [UNIT_SERVICE] = &service_vtable,
87f0e418
LP		 78 [UNIT_SOCKET] = &socket_vtable,
79 [UNIT_TARGET] = &target_vtable,
80 [UNIT_DEVICE] = &device_vtable,
81 [UNIT_MOUNT] = &mount_vtable,
82 [UNIT_AUTOMOUNT] = &automount_vtable,
01f78473 83 [UNIT_SWAP] = &swap_vtable,
e821075a 84 [UNIT_TIMER] = &timer_vtable,
a016b922 85 [UNIT_PATH] = &path_vtable,
6c12b52e 86 [UNIT_SLICE] = &slice_vtable,
5afe510c 87 [UNIT_SCOPE] = &scope_vtable,
87f0e418
LP		 88};
89
75db809a 90Unit* unit_new(Manager *m, size_t size) {
87f0e418
LP		 91 Unit *u;
92
93 assert(m);
ac155bb8 94 assert(size >= sizeof(Unit));
87f0e418 95
7d17cfbc
MS		 96 u = malloc0(size);
97 if (!u)
87f0e418
LP		 98 return NULL;
99
ac155bb8
MS		 100 u->manager = m;
101 u->type = _UNIT_TYPE_INVALID;
ac155bb8
MS		 102 u->default_dependencies = true;
103 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
d2dc52db 104 u->unit_file_preset = -1;
d420282b 105 u->on_failure_job_mode = JOB_REPLACE;
294446dc 106 u->on_success_job_mode = JOB_FAIL;
0bb814c2 107 u->cgroup_control_inotify_wd = -1;
afcfaa69 108 u->cgroup_memory_inotify_wd = -1;
36c16a7c 109 u->job_timeout = USEC_INFINITY;
a2df3ea4 110 u->job_running_timeout = USEC_INFINITY;
00d9ef85
LP		 111 u->ref_uid = UID_INVALID;
112 u->ref_gid = GID_INVALID;
fe700f46 113 u->cpu_usage_last = NSEC_INFINITY;
17f14955 114 u->cgroup_invalidated_mask |= CGROUP_MASK_BPF_FIREWALL;
7af67e9a 115 u->failure_action_exit_status = u->success_action_exit_status = -1;
87f0e418 116
6a48d82f
DM		 117 u->ip_accounting_ingress_map_fd = -1;
118 u->ip_accounting_egress_map_fd = -1;
0fd9c28c
LP		 119 for (CGroupIOAccountingMetric i = 0; i < _CGROUP_IO_ACCOUNTING_METRIC_MAX; i++)
120 u->io_accounting_last[i] = UINT64_MAX;
121
6a48d82f
DM		 122 u->ipv4_allow_map_fd = -1;
123 u->ipv6_allow_map_fd = -1;
124 u->ipv4_deny_map_fd = -1;
125 u->ipv6_deny_map_fd = -1;
126
2e59b241
LP		 127 u->last_section_private = -1;
128
7bf081a1 129 u->start_ratelimit = (RateLimit) { m->default_start_limit_interval, m->default_start_limit_burst };
0bc488c9 130 u->auto_start_stop_ratelimit = (RateLimit) { 10 * USEC_PER_SEC, 16 };
bea355da 131
87f0e418
LP		 132 return u;
133}
134
a581e45a 135int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
dc409696 136 _cleanup_(unit_freep) Unit *u = NULL;
a581e45a
LP		 137 int r;
138
139 u = unit_new(m, size);
140 if (!u)
141 return -ENOMEM;
142
143 r = unit_add_name(u, name);
dc409696 144 if (r < 0)
a581e45a 145 return r;
a581e45a 146
1cc6c93a
YW		 147 *ret = TAKE_PTR(u);
148
a581e45a
LP		 149 return r;
150}
151
303ee601 152bool unit_has_name(const Unit *u, const char *name) {
f278026d
LP		 153 assert(u);
154 assert(name);
155
4562c355
ZJS		 156 return streq_ptr(name, u->id) ||
157 set_contains(u->aliases, name);
f278026d
LP		 158}
159
598459ce
LP		 160static void unit_init(Unit *u) {
161 CGroupContext *cc;
162 ExecContext *ec;
163 KillContext *kc;
164
165 assert(u);
166 assert(u->manager);
167 assert(u->type >= 0);
168
169 cc = unit_get_cgroup_context(u);
170 if (cc) {
171 cgroup_context_init(cc);
172
173 /* Copy in the manager defaults into the cgroup
174 * context, _before_ the rest of the settings have
175 * been initialized */
176
177 cc->cpu_accounting = u->manager->default_cpu_accounting;
13c31542 178 cc->io_accounting = u->manager->default_io_accounting;
598459ce
LP		 179 cc->blockio_accounting = u->manager->default_blockio_accounting;
180 cc->memory_accounting = u->manager->default_memory_accounting;
03a7b521 181 cc->tasks_accounting = u->manager->default_tasks_accounting;
6a48d82f 182 cc->ip_accounting = u->manager->default_ip_accounting;
0af20ea2
LP		 183
184 if (u->type != UNIT_SLICE)
185 cc->tasks_max = u->manager->default_tasks_max;
598459ce
LP		 186 }
187
188 ec = unit_get_exec_context(u);
b1edf445 189 if (ec) {
598459ce
LP		 190 exec_context_init(ec);
191
d4a402e4
LP		 192 if (u->manager->default_oom_score_adjust_set) {
193 ec->oom_score_adjust = u->manager->default_oom_score_adjust;
194 ec->oom_score_adjust_set = true;
195 }
196
5e37d193
FB		 197 if (MANAGER_IS_SYSTEM(u->manager))
198 ec->keyring_mode = EXEC_KEYRING_SHARED;
199 else {
200 ec->keyring_mode = EXEC_KEYRING_INHERIT;
201
202 /* User manager might have its umask redefined by PAM or UMask=. In this
203 * case let the units it manages inherit this value by default. They can
204 * still tune this value through their own unit file */
205 (void) get_process_umask(getpid_cached(), &ec->umask);
206 }
b1edf445
LP		 207 }
208
598459ce
LP		 209 kc = unit_get_kill_context(u);
210 if (kc)
211 kill_context_init(kc);
212
213 if (UNIT_VTABLE(u)->init)
214 UNIT_VTABLE(u)->init(u);
215}
216
4562c355
ZJS		 217static int unit_add_alias(Unit *u, char *donated_name) {
218 int r;
219
220 /* Make sure that u->names is allocated. We may leave u->names
221 * empty if we fail later, but this is not a problem. */
973bc32a 222 r = set_ensure_put(&u->aliases, &string_hash_ops, donated_name);
4562c355
ZJS		 223 if (r < 0)
224 return r;
225 assert(r > 0);
226
227 return 0;
228}
229
87f0e418 230int unit_add_name(Unit *u, const char *text) {
4562c355 231 _cleanup_free_ char *name = NULL, *instance = NULL;
87f0e418 232 UnitType t;
87f0e418
LP		 233 int r;
234
235 assert(u);
236 assert(text);
237
7410616c 238 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
ac155bb8 239 if (!u->instance)
acd1987a
WY		 240 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
241 "instance is not set when adding name '%s': %m", text);
87f0e418 242
4562c355 243 r = unit_name_replace_instance(text, u->instance, &name);
7410616c 244 if (r < 0)
acd1987a
WY		 245 return log_unit_debug_errno(u, r,
246 "failed to build instance name from '%s': %m", text);
7410616c 247 } else {
4562c355
ZJS		 248 name = strdup(text);
249 if (!name)
7410616c
LP		 250 return -ENOMEM;
251 }
87f0e418 252
4562c355 253 if (unit_has_name(u, name))
7410616c 254 return 0;
4562c355
ZJS		 255
256 if (hashmap_contains(u->manager->units, name))
acd1987a 257 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
4562c355 258 "unit already exist when adding name '%s': %m", name);
7410616c 259
4562c355 260 if (!unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
acd1987a 261 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
4562c355 262 "name '%s' is invalid: %m", name);
e537352b 263
4562c355 264 t = unit_name_to_type(name);
7410616c 265 if (t < 0)
acd1987a 266 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
cd990847 267 "failed to derive unit type from name '%s': %m", name);
87f0e418 268
598459ce 269 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
acd1987a
WY		 270 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
271 "unit type is illegal: u->type(%d) and t(%d) for name '%s': %m",
4562c355 272 u->type, t, name);
87f0e418 273
4562c355 274 r = unit_name_to_instance(name, &instance);
e48614c4 275 if (r < 0)
4562c355 276 return log_unit_debug_errno(u, r, "failed to extract instance from name '%s': %m", name);
87f0e418 277
4562c355
ZJS		 278 if (instance && !unit_type_may_template(t))
279 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), "templates are not allowed for name '%s': %m", name);
9e2f7c11 280
d383acad
ZJS		 281 /* Ensure that this unit either has no instance, or that the instance matches. */
282 if (u->type != _UNIT_TYPE_INVALID && !streq_ptr(u->instance, instance))
acd1987a 283 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
ada4b34e
ZJS		 284 "cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
285 name, instance, u->instance);
9e2f7c11 286
4562c355 287 if (u->id && !unit_type_may_alias(t))
ada4b34e
ZJS		 288 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
289 "cannot add name %s, aliases are not allowed for %s units.",
290 name, unit_type_to_string(t));
9e2f7c11 291
598459ce 292 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
ada4b34e 293 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(E2BIG), "cannot add name, manager has too many units: %m");
4f0f902f 294
4562c355
ZJS		 295 /* Add name to the global hashmap first, because that's easier to undo */
296 r = hashmap_put(u->manager->units, name, u);
7410616c 297 if (r < 0)
acd1987a 298 return log_unit_debug_errno(u, r, "add unit to hashmap failed for name '%s': %m", text);
87f0e418 299
4562c355
ZJS		 300 if (u->id) {
301 r = unit_add_alias(u, name); /* unit_add_alias() takes ownership of the name on success */
302 if (r < 0) {
303 hashmap_remove(u->manager->units, name);
304 return r;
305 }
306 TAKE_PTR(name);
307
308 } else {
309 /* A new name, we don't need the set yet. */
310 assert(u->type == _UNIT_TYPE_INVALID);
311 assert(!u->instance);
312
ac155bb8 313 u->type = t;
4562c355
ZJS		 314 u->id = TAKE_PTR(name);
315 u->instance = TAKE_PTR(instance);
9e2f7c11 316
71fda00f 317 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
598459ce 318 unit_init(u);
598459ce 319 }
9e2f7c11 320
598459ce
LP		 321 unit_add_to_dbus_queue(u);
322 return 0;
87f0e418
LP		 323}
324
0ae97ec1 325int unit_choose_id(Unit *u, const char *name) {
68eda4bd 326 _cleanup_free_ char *t = NULL;
4562c355 327 char *s;
276c3e78 328 int r;
0ae97ec1
LP		 329
330 assert(u);
331 assert(name);
332
7410616c 333 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 334 if (!u->instance)
9e2f7c11
LP		 335 return -EINVAL;
336
7410616c
LP		 337 r = unit_name_replace_instance(name, u->instance, &t);
338 if (r < 0)
339 return r;
9e2f7c11
LP		 340
341 name = t;
342 }
343
4562c355
ZJS		 344 if (streq_ptr(u->id, name))
345 return 0; /* Nothing to do. */
346
347 /* Selects one of the aliases of this unit as the id */
348 s = set_get(u->aliases, (char*) name);
9e2f7c11 349 if (!s)
0ae97ec1
LP		 350 return -ENOENT;
351
4562c355
ZJS		 352 if (u->id) {
353 r = set_remove_and_put(u->aliases, name, u->id);
354 if (r < 0)
355 return r;
356 } else
357 assert_se(set_remove(u->aliases, name)); /* see set_get() above… */
276c3e78 358
4562c355 359 u->id = s; /* Old u->id is now stored in the set, and s is not stored anywhere */
c1e1601e 360 unit_add_to_dbus_queue(u);
9e2f7c11 361
0ae97ec1
LP		 362 return 0;
363}
364
f50e0a01 365int unit_set_description(Unit *u, const char *description) {
84b26d51 366 int r;
f50e0a01
LP		 367
368 assert(u);
369
84b26d51
LP		 370 r = free_and_strdup(&u->description, empty_to_null(description));
371 if (r < 0)
372 return r;
373 if (r > 0)
374 unit_add_to_dbus_queue(u);
c1e1601e 375
f50e0a01
LP		 376 return 0;
377}
378
02de9614
ZJS		 379static bool unit_success_failure_handler_has_jobs(Unit *unit) {
380 Unit *other;
381
382 UNIT_FOREACH_DEPENDENCY(other, unit, UNIT_ATOM_ON_SUCCESS)
383 if (other->job || other->nop_job)
384 return true;
385
386 UNIT_FOREACH_DEPENDENCY(other, unit, UNIT_ATOM_ON_FAILURE)
387 if (other->job || other->nop_job)
388 return true;
389
390 return false;
391}
392
f2f725e5 393bool unit_may_gc(Unit *u) {
a354329f 394 UnitActiveState state;
e98b2fbb 395 int r;
5afe510c 396
701cc384
LP		 397 assert(u);
398
f2f725e5
ZJS		 399 /* Checks whether the unit is ready to be unloaded for garbage collection.
400 * Returns true when the unit may be collected, and false if there's some
2641f02e
ZJS		 401 * reason to keep it loaded.
402 *
403 * References from other units are *not* checked here. Instead, this is done
404 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
405 */
5afe510c 406
02de9614 407 if (u->job || u->nop_job)
f2f725e5 408 return false;
6c073082 409
a354329f
LP		 410 state = unit_active_state(u);
411
7eb2a8a1 412 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
a354329f
LP		 413 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
414 UNIT_VTABLE(u)->release_resources)
7eb2a8a1 415 UNIT_VTABLE(u)->release_resources(u);
a354329f 416
f5869324 417 if (u->perpetual)
f2f725e5 418 return false;
9d576438 419
05a98afd 420 if (sd_bus_track_count(u->bus_track) > 0)
f2f725e5 421 return false;
05a98afd 422
5afe510c
LP		 423 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
424 switch (u->collect_mode) {
425
426 case COLLECT_INACTIVE:
427 if (state != UNIT_INACTIVE)
f2f725e5 428 return false;
5afe510c
LP		 429
430 break;
431
432 case COLLECT_INACTIVE_OR_FAILED:
433 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
f2f725e5 434 return false;
5afe510c
LP		 435
436 break;
437
438 default:
04499a70 439 assert_not_reached();
5afe510c
LP		 440 }
441
02de9614
ZJS		 442 /* Check if any OnFailure= or on Success= jobs may be pending */
443 if (unit_success_failure_handler_has_jobs(u))
444 return false;
445
e98b2fbb
LP		 446 if (u->cgroup_path) {
447 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
448 * around. Units with active processes should never be collected. */
449
450 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
451 if (r < 0)
6178e2f8 452 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", empty_to_root(u->cgroup_path));
e98b2fbb 453 if (r <= 0)
f2f725e5 454 return false;
e98b2fbb
LP		 455 }
456
f2f725e5
ZJS		 457 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
458 return false;
701cc384 459
f2f725e5 460 return true;
701cc384
LP		 461}
462
87f0e418
LP		 463void unit_add_to_load_queue(Unit *u) {
464 assert(u);
ac155bb8 465 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 466
ac155bb8 467 if (u->load_state != UNIT_STUB || u->in_load_queue)
87f0e418
LP		 468 return;
469
71fda00f 470 LIST_PREPEND(load_queue, u->manager->load_queue, u);
ac155bb8 471 u->in_load_queue = true;
87f0e418
LP		 472}
473
23a177ef
LP		 474void unit_add_to_cleanup_queue(Unit *u) {
475 assert(u);
476
ac155bb8 477 if (u->in_cleanup_queue)
23a177ef
LP		 478 return;
479
71fda00f 480 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
ac155bb8 481 u->in_cleanup_queue = true;
23a177ef
LP		 482}
483
701cc384
LP		 484void unit_add_to_gc_queue(Unit *u) {
485 assert(u);
486
ac155bb8 487 if (u->in_gc_queue || u->in_cleanup_queue)
701cc384
LP		 488 return;
489
f2f725e5 490 if (!unit_may_gc(u))
701cc384
LP		 491 return;
492
c5a97ed1 493 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
ac155bb8 494 u->in_gc_queue = true;
701cc384
LP		 495}
496
c1e1601e
LP		 497void unit_add_to_dbus_queue(Unit *u) {
498 assert(u);
ac155bb8 499 assert(u->type != _UNIT_TYPE_INVALID);
c1e1601e 500
ac155bb8 501 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
c1e1601e
LP		 502 return;
503
a567261a 504 /* Shortcut things if nobody cares */
8f8f05a9 505 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
ae572acd 506 sd_bus_track_count(u->bus_track) <= 0 &&
8f8f05a9 507 set_isempty(u->manager->private_buses)) {
ac155bb8 508 u->sent_dbus_new_signal = true;
94b6dfa2
LP		 509 return;
510 }
511
71fda00f 512 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
ac155bb8 513 u->in_dbus_queue = true;
c1e1601e
LP		 514}
515
fda09318 516void unit_submit_to_stop_when_unneeded_queue(Unit *u) {
a3c1168a
LP		 517 assert(u);
518
519 if (u->in_stop_when_unneeded_queue)
520 return;
521
522 if (!u->stop_when_unneeded)
523 return;
524
525 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
526 return;
527
528 LIST_PREPEND(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
529 u->in_stop_when_unneeded_queue = true;
530}
531
0bc488c9
LP		 532void unit_submit_to_start_when_upheld_queue(Unit *u) {
533 assert(u);
534
535 if (u->in_start_when_upheld_queue)
536 return;
537
538 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)))
539 return;
540
541 if (!unit_has_dependency(u, UNIT_ATOM_START_STEADILY, NULL))
542 return;
543
544 LIST_PREPEND(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
545 u->in_start_when_upheld_queue = true;
546}
547
56c59592
LP		 548void unit_submit_to_stop_when_bound_queue(Unit *u) {
549 assert(u);
550
551 if (u->in_stop_when_bound_queue)
552 return;
553
554 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
555 return;
556
557 if (!unit_has_dependency(u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT, NULL))
558 return;
559
560 LIST_PREPEND(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
561 u->in_stop_when_bound_queue = true;
562}
563
15ed3c3a 564static void unit_clear_dependencies(Unit *u) {
87f0e418
LP		 565 assert(u);
566
15ed3c3a
LP		 567 /* Removes all dependencies configured on u and their reverse dependencies. */
568
569 for (Hashmap *deps; (deps = hashmap_steal_first(u->dependencies));) {
87f0e418 570
15ed3c3a
LP		 571 for (Unit *other; (other = hashmap_steal_first_key(deps));) {
572 Hashmap *other_deps;
701cc384 573
15ed3c3a
LP		 574 HASHMAP_FOREACH(other_deps, other->dependencies)
575 hashmap_remove(other_deps, u);
576
577 unit_add_to_gc_queue(other);
578 }
579
580 hashmap_free(deps);
87f0e418
LP		 581 }
582
15ed3c3a 583 u->dependencies = hashmap_free(u->dependencies);
87f0e418
LP		 584}
585
c2756a68 586static void unit_remove_transient(Unit *u) {
c2756a68
LP		 587 assert(u);
588
589 if (!u->transient)
590 return;
591
592 if (u->fragment_path)
3f5e8115 593 (void) unlink(u->fragment_path);
c2756a68
LP		 594
595 STRV_FOREACH(i, u->dropin_paths) {
39591351 596 _cleanup_free_ char *p = NULL, *pp = NULL;
c2756a68 597
45519d13 598 if (path_extract_directory(*i, &p) < 0) /* Get the drop-in directory from the drop-in file */
39591351
LP		 599 continue;
600
45519d13 601 if (path_extract_directory(p, &pp) < 0) /* Get the config directory from the drop-in directory */
39591351
LP		 602 continue;
603
604 /* Only drop transient drop-ins */
605 if (!path_equal(u->manager->lookup_paths.transient, pp))
606 continue;
c2756a68 607
39591351
LP		 608 (void) unlink(*i);
609 (void) rmdir(p);
c2756a68
LP		 610 }
611}
612
a57f7e2c 613static void unit_free_requires_mounts_for(Unit *u) {
eef85c4a 614 assert(u);
a57f7e2c 615
eef85c4a 616 for (;;) {
c2b2df60 617 _cleanup_free_ char *path = NULL;
a57f7e2c 618
eef85c4a
LP		 619 path = hashmap_steal_first_key(u->requires_mounts_for);
620 if (!path)
621 break;
622 else {
623 char s[strlen(path) + 1];
a57f7e2c 624
eef85c4a
LP		 625 PATH_FOREACH_PREFIX_MORE(s, path) {
626 char *y;
627 Set *x;
628
629 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
630 if (!x)
631 continue;
a57f7e2c 632
eef85c4a 633 (void) set_remove(x, u);
a57f7e2c 634
eef85c4a
LP		 635 if (set_isempty(x)) {
636 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
637 free(y);
638 set_free(x);
639 }
a57f7e2c
LP		 640 }
641 }
642 }
643
eef85c4a 644 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
a57f7e2c
LP		 645}
646
598459ce
LP		 647static void unit_done(Unit *u) {
648 ExecContext *ec;
649 CGroupContext *cc;
650
651 assert(u);
652
653 if (u->type < 0)
654 return;
655
656 if (UNIT_VTABLE(u)->done)
657 UNIT_VTABLE(u)->done(u);
658
659 ec = unit_get_exec_context(u);
660 if (ec)
661 exec_context_done(ec);
662
663 cc = unit_get_cgroup_context(u);
664 if (cc)
665 cgroup_context_done(cc);
666}
667
75db809a 668Unit* unit_free(Unit *u) {
12f64221 669 Unit *slice;
87f0e418
LP		 670 char *t;
671
c9d5c9c0 672 if (!u)
75db809a 673 return NULL;
87f0e418 674
50fb00b7 675 u->transient_file = safe_fclose(u->transient_file);
4f4afc88 676
2c289ea8 677 if (!MANAGER_IS_RELOADING(u->manager))
c2756a68
LP		 678 unit_remove_transient(u);
679
c1e1601e
LP		 680 bus_unit_send_removed_signal(u);
681
598459ce 682 unit_done(u);
a013b84b 683
50be4f4a 684 unit_dequeue_rewatch_pids(u);
cf9fd508 685
73458283
YW		 686 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
687 u->bus_track = sd_bus_track_unref(u->bus_track);
05a98afd 688 u->deserialized_refs = strv_free(u->deserialized_refs);
d9e45bc3 689 u->pending_freezer_message = sd_bus_message_unref(u->pending_freezer_message);
05a98afd 690
a57f7e2c
LP		 691 unit_free_requires_mounts_for(u);
692
90e74a66 693 SET_FOREACH(t, u->aliases)
ac155bb8 694 hashmap_remove_value(u->manager->units, t, u);
4562c355
ZJS		 695 if (u->id)
696 hashmap_remove_value(u->manager->units, u->id, u);
87f0e418 697
4b58153d
LP		 698 if (!sd_id128_is_null(u->invocation_id))
699 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
700
97e7d748
MS		 701 if (u->job) {
702 Job *j = u->job;
703 job_uninstall(j);
704 job_free(j);
705 }
964e0949 706
e0209d83
MS		 707 if (u->nop_job) {
708 Job *j = u->nop_job;
709 job_uninstall(j);
710 job_free(j);
711 }
712
4c591f39
MK		 713 /* A unit is being dropped from the tree, make sure our family is realized properly. Do this after we
714 * detach the unit from slice tree in order to eliminate its effect on controller masks. */
12f64221 715 slice = UNIT_GET_SLICE(u);
d219a2b0 716 unit_clear_dependencies(u);
12f64221
LP		 717 if (slice)
718 unit_add_family_to_cgroup_realize_queue(slice);
fb46fca7 719
adefcf28
LP		 720 if (u->on_console)
721 manager_unref_console(u->manager);
722
3d027d4d
JK		 723
724 fdset_free(u->initial_socket_bind_link_fds);
91ce91c7
JK		 725#if BPF_FRAMEWORK
726 bpf_link_free(u->ipv4_socket_bind_link);
727 bpf_link_free(u->ipv6_socket_bind_link);
728#endif
729
efdb0237 730 unit_release_cgroup(u);
72673e86 731
d3070fbd
LP		 732 if (!MANAGER_IS_RELOADING(u->manager))
733 unit_unlink_state_files(u);
734
00d9ef85
LP		 735 unit_unref_uid_gid(u, false);
736
5269eb6b 737 (void) manager_update_failed_units(u->manager, u, false);
db785129 738 set_remove(u->manager->startup_units, u);
f755e3b7 739
a911bb9a
LP		 740 unit_unwatch_all_pids(u);
741
7f7d01ed
ZJS		 742 while (u->refs_by_target)
743 unit_ref_unset(u->refs_by_target);
57020a3a 744
ac155bb8 745 if (u->type != _UNIT_TYPE_INVALID)
71fda00f 746 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
ef734fd6 747
ac155bb8 748 if (u->in_load_queue)
71fda00f 749 LIST_REMOVE(load_queue, u->manager->load_queue, u);
87f0e418 750
ac155bb8 751 if (u->in_dbus_queue)
71fda00f 752 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
c1e1601e 753
13e72103
MK		 754 if (u->in_cleanup_queue)
755 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
756
a2d72e26 757 if (u->in_gc_queue)
c5a97ed1 758 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
701cc384 759
91a6073e
LP		 760 if (u->in_cgroup_realize_queue)
761 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
87f0e418 762
09e24654
LP		 763 if (u->in_cgroup_empty_queue)
764 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
765
13e72103
MK		 766 if (u->in_cgroup_oom_queue)
767 LIST_REMOVE(cgroup_oom_queue, u->manager->cgroup_oom_queue, u);
adefcf28 768
19496554
MS		 769 if (u->in_target_deps_queue)
770 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
771
a3c1168a
LP		 772 if (u->in_stop_when_unneeded_queue)
773 LIST_REMOVE(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
774
0bc488c9
LP		 775 if (u->in_start_when_upheld_queue)
776 LIST_REMOVE(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
777
56c59592
LP		 778 if (u->in_stop_when_bound_queue)
779 LIST_REMOVE(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
780
0fd9c28c 781 bpf_firewall_close(u);
fab34748 782
5f8ba20d
JK		 783 hashmap_free(u->bpf_foreign_by_key);
784
76dc1725 785 bpf_program_free(u->bpf_device_control_installed);
084c7007 786
6f50d4f7
MV		 787#if BPF_FRAMEWORK
788 bpf_link_free(u->restrict_ifaces_ingress_bpf_link);
789 bpf_link_free(u->restrict_ifaces_egress_bpf_link);
790#endif
791 fdset_free(u->initial_restric_ifaces_link_fds);
792
a946fa9b
ZJS		 793 condition_free_list(u->conditions);
794 condition_free_list(u->asserts);
f755e3b7 795
ac155bb8 796 free(u->description);
49dbfa7b 797 strv_free(u->documentation);
ac155bb8 798 free(u->fragment_path);
1b64d026 799 free(u->source_path);
ae7a7182 800 strv_free(u->dropin_paths);
ac155bb8 801 free(u->instance);
87f0e418 802
f189ab18 803 free(u->job_timeout_reboot_arg);
6bf0f408
LP		 804 free(u->reboot_arg);
805
23e9a7dd
LP		 806 free(u->access_selinux_context);
807
4562c355
ZJS		 808 set_free_free(u->aliases);
809 free(u->id);
810
48b92b37
LB		 811 activation_details_unref(u->activation_details);
812
75db809a 813 return mfree(u);
87f0e418
LP		 814}
815
d9e45bc3
MS		 816FreezerState unit_freezer_state(Unit *u) {
817 assert(u);
818
819 return u->freezer_state;
820}
821
822int unit_freezer_state_kernel(Unit *u, FreezerState *ret) {
823 char *values[1] = {};
824 int r;
825
826 assert(u);
827
828 r = cg_get_keyed_attribute(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, "cgroup.events",
829 STRV_MAKE("frozen"), values);
830 if (r < 0)
831 return r;
832
833 r = _FREEZER_STATE_INVALID;
834
835 if (values[0]) {
836 if (streq(values[0], "0"))
837 r = FREEZER_RUNNING;
838 else if (streq(values[0], "1"))
839 r = FREEZER_FROZEN;
840 }
841
842 free(values[0]);
843 *ret = r;
844
845 return 0;
846}
847
87f0e418
LP		 848UnitActiveState unit_active_state(Unit *u) {
849 assert(u);
850
ac155bb8 851 if (u->load_state == UNIT_MERGED)
6124958c
LP		 852 return unit_active_state(unit_follow_merge(u));
853
854 /* After a reload it might happen that a unit is not correctly
855 * loaded but still has a process around. That's why we won't
fdf20a31 856 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
87f0e418
LP		 857
858 return UNIT_VTABLE(u)->active_state(u);
859}
860
10a94420
LP		 861const char* unit_sub_state_to_string(Unit *u) {
862 assert(u);
863
864 return UNIT_VTABLE(u)->sub_state_to_string(u);
865}
866
15ed3c3a 867static int unit_merge_names(Unit *u, Unit *other) {
4562c355 868 char *name;
7c0b05e5 869 int r;
87f0e418 870
23a177ef
LP		 871 assert(u);
872 assert(other);
873
4562c355 874 r = unit_add_alias(u, other->id);
7c0b05e5
MS		 875 if (r < 0)
876 return r;
23a177ef 877
4562c355
ZJS		 878 r = set_move(u->aliases, other->aliases);
879 if (r < 0) {
880 set_remove(u->aliases, other->id);
881 return r;
882 }
23a177ef 883
4562c355
ZJS		 884 TAKE_PTR(other->id);
885 other->aliases = set_free_free(other->aliases);
23a177ef 886
90e74a66 887 SET_FOREACH(name, u->aliases)
4562c355 888 assert_se(hashmap_replace(u->manager->units, name, u) == 0);
7c0b05e5
MS		 889
890 return 0;
87f0e418
LP		 891}
892
15ed3c3a
LP		 893static int unit_reserve_dependencies(Unit *u, Unit *other) {
894 size_t n_reserve;
895 Hashmap* deps;
896 void *d;
897 int r;
09a65f92
MS		 898
899 assert(u);
900 assert(other);
09a65f92 901
15ed3c3a
LP		 902 /* Let's reserve some space in the dependency hashmaps so that later on merging the units cannot
903 * fail.
904 *
905 * First make some room in the per dependency type hashmaps. Using the summed size of both unit's
906 * hashmaps is an estimate that is likely too high since they probably use some of the same
907 * types. But it's never too low, and that's all we need. */
908
909 n_reserve = MIN(hashmap_size(other->dependencies), LESS_BY((size_t) _UNIT_DEPENDENCY_MAX, hashmap_size(u->dependencies)));
910 if (n_reserve > 0) {
911 r = hashmap_ensure_allocated(&u->dependencies, NULL);
912 if (r < 0)
913 return r;
914
915 r = hashmap_reserve(u->dependencies, n_reserve);
916 if (r < 0)
917 return r;
918 }
919
920 /* Now, enlarge our per dependency type hashmaps by the number of entries in the same hashmap of the
921 * other unit's dependencies.
922 *
923 * NB: If u does not have a dependency set allocated for some dependency type, there is no need to
924 * reserve anything for. In that case other's set will be transferred as a whole to u by
925 * complete_move(). */
926
927 HASHMAP_FOREACH_KEY(deps, d, u->dependencies) {
928 Hashmap *other_deps;
929
930 other_deps = hashmap_get(other->dependencies, d);
931
932 r = hashmap_reserve(deps, hashmap_size(other_deps));
933 if (r < 0)
934 return r;
935 }
936
937 return 0;
938}
939
940static void unit_maybe_warn_about_dependency(
941 Unit *u,
942 const char *other_id,
943 UnitDependency dependency) {
944
945 assert(u);
946
947 /* Only warn about some unit types */
948 if (!IN_SET(dependency,
949 UNIT_CONFLICTS,
950 UNIT_CONFLICTED_BY,
951 UNIT_BEFORE,
952 UNIT_AFTER,
294446dc 953 UNIT_ON_SUCCESS,
15ed3c3a
LP		 954 UNIT_ON_FAILURE,
955 UNIT_TRIGGERS,
956 UNIT_TRIGGERED_BY))
957 return;
958
959 if (streq_ptr(u->id, other_id))
960 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
961 else
962 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other_id), u->id);
963}
964
965static int unit_per_dependency_type_hashmap_update(
966 Hashmap *per_type,
967 Unit *other,
968 UnitDependencyMask origin_mask,
969 UnitDependencyMask destination_mask) {
970
971 UnitDependencyInfo info;
972 int r;
973
974 assert(other);
975 assert_cc(sizeof(void*) == sizeof(info));
976
977 /* Acquire the UnitDependencyInfo entry for the Unit* we are interested in, and update it if it
978 * exists, or insert it anew if not. */
09a65f92 979
15ed3c3a
LP		 980 info.data = hashmap_get(per_type, other);
981 if (info.data) {
982 /* Entry already exists. Add in our mask. */
983
984 if (FLAGS_SET(origin_mask, info.origin_mask) &&
985 FLAGS_SET(destination_mask, info.destination_mask))
986 return 0; /* NOP */
987
988 info.origin_mask |= origin_mask;
989 info.destination_mask |= destination_mask;
990
991 r = hashmap_update(per_type, other, info.data);
992 } else {
993 info = (UnitDependencyInfo) {
994 .origin_mask = origin_mask,
995 .destination_mask = destination_mask,
996 };
09a65f92 997
15ed3c3a
LP		 998 r = hashmap_put(per_type, other, info.data);
999 }
1000 if (r < 0)
1001 return r;
1002
1003
1004 return 1;
09a65f92
MS		 1005}
1006
15ed3c3a
LP		 1007static int unit_add_dependency_hashmap(
1008 Hashmap **dependencies,
1009 UnitDependency d,
1010 Unit *other,
1011 UnitDependencyMask origin_mask,
1012 UnitDependencyMask destination_mask) {
1013
1014 Hashmap *per_type;
87f0e418 1015 int r;
23a177ef 1016
15ed3c3a
LP		 1017 assert(dependencies);
1018 assert(other);
1019 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
1020 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
1021 assert(origin_mask > 0 || destination_mask > 0);
1022
1023 /* Ensure the top-level dependency hashmap exists that maps UnitDependency → Hashmap(Unit* →
1024 * UnitDependencyInfo) */
1025 r = hashmap_ensure_allocated(dependencies, NULL);
1026 if (r < 0)
1027 return r;
1028
1029 /* Acquire the inner hashmap, that maps Unit* → UnitDependencyInfo, for the specified dependency
1030 * type, and if it's missing allocate it and insert it. */
1031 per_type = hashmap_get(*dependencies, UNIT_DEPENDENCY_TO_PTR(d));
1032 if (!per_type) {
1033 per_type = hashmap_new(NULL);
1034 if (!per_type)
1035 return -ENOMEM;
1036
1037 r = hashmap_put(*dependencies, UNIT_DEPENDENCY_TO_PTR(d), per_type);
1038 if (r < 0) {
1039 hashmap_free(per_type);
1040 return r;
1041 }
1042 }
1043
1044 return unit_per_dependency_type_hashmap_update(per_type, other, origin_mask, destination_mask);
1045}
1046
1047static void unit_merge_dependencies(
1048 Unit *u,
1049 Unit *other) {
1050
1051 int r;
eef85c4a 1052
23a177ef
LP		 1053 assert(u);
1054 assert(other);
23a177ef 1055
15ed3c3a
LP		 1056 if (u == other)
1057 return;
1058
1059 for (;;) {
1060 _cleanup_(hashmap_freep) Hashmap *other_deps = NULL;
1061 UnitDependencyInfo di_back;
1062 Unit *back;
1063 void *dt; /* Actually of type UnitDependency, except that we don't bother casting it here,
1064 * since the hashmaps all want it as void pointer. */
1065
1066 /* Let's focus on one dependency type at a time, that 'other' has defined. */
1067 other_deps = hashmap_steal_first_key_and_value(other->dependencies, &dt);
1068 if (!other_deps)
1069 break; /* done! */
1070
1071 /* Now iterate through all dependencies of this dependency type, of 'other'. We refer to the
1072 * referenced units as 'back'. */
1073 HASHMAP_FOREACH_KEY(di_back.data, back, other_deps) {
1074 Hashmap *back_deps;
1075 void *back_dt;
eef85c4a 1076
e66047ff 1077 if (back == u) {
15ed3c3a
LP		 1078 /* This is a dependency pointing back to the unit we want to merge with?
1079 * Suppress it (but warn) */
1080 unit_maybe_warn_about_dependency(u, other->id, UNIT_DEPENDENCY_FROM_PTR(dt));
1081 continue;
1082 }
eef85c4a 1083
15ed3c3a
LP		 1084 /* Now iterate through all deps of 'back', and fix the ones pointing to 'other' to
1085 * point to 'u' instead. */
1086 HASHMAP_FOREACH_KEY(back_deps, back_dt, back->dependencies) {
1087 UnitDependencyInfo di_move;
eef85c4a 1088
15ed3c3a
LP		 1089 di_move.data = hashmap_remove(back_deps, other);
1090 if (!di_move.data)
1091 continue;
eef85c4a 1092
15ed3c3a
LP		 1093 assert_se(unit_per_dependency_type_hashmap_update(
1094 back_deps,
1095 u,
1096 di_move.origin_mask,
1097 di_move.destination_mask) >= 0);
1098 }
1099 }
eef85c4a 1100
15ed3c3a
LP		 1101 /* Now all references towards 'other' of the current type 'dt' are corrected to point to
1102 * 'u'. Lets's now move the deps of type 'dt' from 'other' to 'u'. First, let's try to move
1103 * them per type wholesale. */
1104 r = hashmap_put(u->dependencies, dt, other_deps);
1105 if (r == -EEXIST) {
1106 Hashmap *deps;
eef85c4a 1107
15ed3c3a 1108 /* The target unit already has dependencies of this type, let's then merge this individually. */
eef85c4a 1109
15ed3c3a
LP		 1110 assert_se(deps = hashmap_get(u->dependencies, dt));
1111
1112 for (;;) {
1113 UnitDependencyInfo di_move;
1114
1115 /* Get first dep */
1116 di_move.data = hashmap_steal_first_key_and_value(other_deps, (void**) &back);
1117 if (!di_move.data)
1118 break; /* done */
1119 if (back == u) {
1120 /* Would point back to us, ignore */
1121 unit_maybe_warn_about_dependency(u, other->id, UNIT_DEPENDENCY_FROM_PTR(dt));
1122 continue;
1123 }
23a177ef 1124
15ed3c3a
LP		 1125 assert_se(unit_per_dependency_type_hashmap_update(deps, back, di_move.origin_mask, di_move.destination_mask) >= 0);
1126 }
1127 } else {
1128 assert_se(r >= 0);
1129 TAKE_PTR(other_deps);
e66047ff 1130
15ed3c3a
LP		 1131 if (hashmap_remove(other_deps, u))
1132 unit_maybe_warn_about_dependency(u, other->id, UNIT_DEPENDENCY_FROM_PTR(dt));
1133 }
1134 }
23a177ef 1135
15ed3c3a 1136 other->dependencies = hashmap_free(other->dependencies);
23a177ef
LP		 1137}
1138
1139int unit_merge(Unit *u, Unit *other) {
09a65f92 1140 int r;
87f0e418
LP		 1141
1142 assert(u);
1143 assert(other);
ac155bb8
MS		 1144 assert(u->manager == other->manager);
1145 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 1146
cc916967
LP		 1147 other = unit_follow_merge(other);
1148
23a177ef
LP		 1149 if (other == u)
1150 return 0;
1151
ac155bb8 1152 if (u->type != other->type)
9e2f7c11
LP		 1153 return -EINVAL;
1154
8a993b61 1155 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
934e749e
LP		 1156 return -EEXIST;
1157
ec2ce0c5 1158 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
23a177ef 1159 return -EEXIST;
87f0e418 1160
d383acad
ZJS		 1161 if (!streq_ptr(u->instance, other->instance))
1162 return -EINVAL;
1163
ac155bb8 1164 if (other->job)
819e213f
LP		 1165 return -EEXIST;
1166
e0209d83
MS		 1167 if (other->nop_job)
1168 return -EEXIST;
1169
fdf20a31 1170 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
819e213f
LP		 1171 return -EEXIST;
1172
15ed3c3a
LP		 1173 /* Make reservations to ensure merge_dependencies() won't fail. We don't rollback reservations if we
1174 * fail. We don't have a way to undo reservations. A reservation is not a leak. */
1175 r = unit_reserve_dependencies(u, other);
1176 if (r < 0)
1177 return r;
09a65f92 1178
87f0e418 1179 /* Merge names */
15ed3c3a 1180 r = unit_merge_names(u, other);
7c0b05e5
MS		 1181 if (r < 0)
1182 return r;
87f0e418 1183
57020a3a 1184 /* Redirect all references */
7f7d01ed
ZJS		 1185 while (other->refs_by_target)
1186 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
57020a3a 1187
87f0e418 1188 /* Merge dependencies */
15ed3c3a 1189 unit_merge_dependencies(u, other);
87f0e418 1190
ac155bb8
MS		 1191 other->load_state = UNIT_MERGED;
1192 other->merged_into = u;
23a177ef 1193
48b92b37
LB		 1194 if (!u->activation_details)
1195 u->activation_details = activation_details_ref(other->activation_details);
1196
3616a49c
LP		 1197 /* If there is still some data attached to the other node, we
1198 * don't need it anymore, and can free it. */
ac155bb8 1199 if (other->load_state != UNIT_STUB)
3616a49c
LP		 1200 if (UNIT_VTABLE(other)->done)
1201 UNIT_VTABLE(other)->done(other);
1202
1203 unit_add_to_dbus_queue(u);
23a177ef
LP		 1204 unit_add_to_cleanup_queue(other);
1205
1206 return 0;
1207}
1208
1209int unit_merge_by_name(Unit *u, const char *name) {
934e749e 1210 _cleanup_free_ char *s = NULL;
23a177ef 1211 Unit *other;
9e2f7c11 1212 int r;
23a177ef 1213
e8630e69
ZJS		 1214 /* Either add name to u, or if a unit with name already exists, merge it with u.
1215 * If name is a template, do the same for name@instance, where instance is u's instance. */
1216
23a177ef
LP		 1217 assert(u);
1218 assert(name);
1219
7410616c 1220 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 1221 if (!u->instance)
9e2f7c11
LP		 1222 return -EINVAL;
1223
7410616c
LP		 1224 r = unit_name_replace_instance(name, u->instance, &s);
1225 if (r < 0)
1226 return r;
9e2f7c11
LP		 1227
1228 name = s;
1229 }
1230
c2756a68 1231 other = manager_get_unit(u->manager, name);
7410616c
LP		 1232 if (other)
1233 return unit_merge(u, other);
23a177ef 1234
7410616c 1235 return unit_add_name(u, name);
23a177ef
LP		 1236}
1237
1238Unit* unit_follow_merge(Unit *u) {
1239 assert(u);
1240
ac155bb8
MS		 1241 while (u->load_state == UNIT_MERGED)
1242 assert_se(u = u->merged_into);
23a177ef
LP		 1243
1244 return u;
1245}
1246
1247int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
1248 int r;
1249
1250 assert(u);
1251 assert(c);
1252
a8c5a4c6
YW		 1253 /* Unlike unit_add_dependency() or friends, this always returns 0 on success. */
1254
e1e74614 1255 if (c->working_directory && !c->working_directory_missing_ok) {
eef85c4a 1256 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
36be24c8
ZJS		 1257 if (r < 0)
1258 return r;
1259 }
1260
1261 if (c->root_directory) {
eef85c4a 1262 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
36be24c8
ZJS		 1263 if (r < 0)
1264 return r;
1265 }
1266
915e6d16 1267 if (c->root_image) {
eef85c4a 1268 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
915e6d16
LP		 1269 if (r < 0)
1270 return r;
1271 }
1272
12375b95 1273 for (ExecDirectoryType dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
ada5e276
YW		 1274 if (!u->manager->prefix[dt])
1275 continue;
1276
211a3d87 1277 for (size_t i = 0; i < c->directories[dt].n_items; i++) {
c2b2df60 1278 _cleanup_free_ char *p = NULL;
ada5e276 1279
211a3d87 1280 p = path_join(u->manager->prefix[dt], c->directories[dt].items[i].path);
ada5e276
YW		 1281 if (!p)
1282 return -ENOMEM;
1283
eef85c4a 1284 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
ada5e276
YW		 1285 if (r < 0)
1286 return r;
1287 }
1288 }
1289
463d0d15 1290 if (!MANAGER_IS_SYSTEM(u->manager))
b46a529c
LP		 1291 return 0;
1292
f3b7a79b
LP		 1293 /* For the following three directory types we need write access, and /var/ is possibly on the root
1294 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
211a3d87
LB		 1295 if (c->directories[EXEC_DIRECTORY_STATE].n_items > 0 ||
1296 c->directories[EXEC_DIRECTORY_CACHE].n_items > 0 ||
1297 c->directories[EXEC_DIRECTORY_LOGS].n_items > 0) {
f3b7a79b
LP		 1298 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_REMOUNT_FS_SERVICE, true, UNIT_DEPENDENCY_FILE);
1299 if (r < 0)
1300 return r;
1301 }
1302
b46a529c 1303 if (c->private_tmp) {
d71f0505 1304
b2c7d1bb
FB		 1305 /* FIXME: for now we make a special case for /tmp and add a weak dependency on
1306 * tmp.mount so /tmp being masked is supported. However there's no reason to treat
1307 * /tmp specifically and masking other mount units should be handled more
1308 * gracefully too, see PR#16894. */
1309 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "tmp.mount", true, UNIT_DEPENDENCY_FILE);
1310 if (r < 0)
1311 return r;
1312
1313 r = unit_require_mounts_for(u, "/var/tmp", UNIT_DEPENDENCY_FILE);
1314 if (r < 0)
1315 return r;
b46a529c 1316
35d8c19a 1317 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, true, UNIT_DEPENDENCY_FILE);
b46a529c
LP		 1318 if (r < 0)
1319 return r;
1320 }
1321
33b58dfb
LP		 1322 if (c->root_image) {
1323 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1324 * implicit dependency on udev */
1325
1326 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_UDEVD_SERVICE, true, UNIT_DEPENDENCY_FILE);
1327 if (r < 0)
1328 return r;
1329 }
1330
52c239d7
LB		 1331 if (!IN_SET(c->std_output,
1332 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
f3dc6af2 1333 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
52c239d7
LB		 1334 !IN_SET(c->std_error,
1335 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
f3dc6af2 1336 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
91dd5f7c 1337 !c->log_namespace)
23a177ef
LP		 1338 return 0;
1339
91dd5f7c
LP		 1340 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1341 * is run first. */
1342
1343 if (c->log_namespace) {
dc5437c7 1344 _cleanup_free_ char *socket_unit = NULL, *varlink_socket_unit = NULL;
23a177ef 1345
91dd5f7c
LP		 1346 r = unit_name_build_from_type("systemd-journald", c->log_namespace, UNIT_SOCKET, &socket_unit);
1347 if (r < 0)
1348 return r;
1349
1350 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, socket_unit, true, UNIT_DEPENDENCY_FILE);
1351 if (r < 0)
1352 return r;
dc5437c7
LP		 1353
1354 r = unit_name_build_from_type("systemd-journald-varlink", c->log_namespace, UNIT_SOCKET, &varlink_socket_unit);
1355 if (r < 0)
1356 return r;
1357
1358 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, varlink_socket_unit, true, UNIT_DEPENDENCY_FILE);
1359 if (r < 0)
1360 return r;
91dd5f7c
LP		 1361 } else
1362 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, true, UNIT_DEPENDENCY_FILE);
b46a529c
LP		 1363 if (r < 0)
1364 return r;
23a177ef 1365
87f0e418
LP		 1366 return 0;
1367}
1368
04d232d8 1369const char* unit_description(Unit *u) {
87f0e418
LP		 1370 assert(u);
1371
ac155bb8
MS		 1372 if (u->description)
1373 return u->description;
87f0e418 1374
ac155bb8 1375 return strna(u->id);
87f0e418
LP		 1376}
1377
e6a16a82 1378const char* unit_status_string(Unit *u, char **ret_combined_buffer) {
2a8f53c6 1379 assert(u);
04d232d8 1380 assert(u->id);
2a8f53c6 1381
04d232d8
ZJS		 1382 /* Return u->id, u->description, or "{u->id} - {u->description}".
1383 * Versions with u->description are only used if it is set.
e6a16a82
ZJS		 1384 * The last option is used if configured and the caller provided the 'ret_combined_buffer'
1385 * pointer.
1386 *
1387 * Note that *ret_combined_buffer may be set to NULL. */
04d232d8
ZJS		 1388
1389 if (!u->description ||
1390 u->manager->status_unit_format == STATUS_UNIT_FORMAT_NAME ||
e6a16a82
ZJS		 1391 (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && !ret_combined_buffer) ||
1392 streq(u->description, u->id)) {
1393
1394 if (ret_combined_buffer)
1395 *ret_combined_buffer = NULL;
2a8f53c6 1396 return u->id;
e6a16a82 1397 }
2a8f53c6 1398
e6a16a82
ZJS		 1399 if (ret_combined_buffer) {
1400 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED) {
1401 *ret_combined_buffer = strjoin(u->id, " - ", u->description);
1402 if (*ret_combined_buffer)
1403 return *ret_combined_buffer;
1404 log_oom(); /* Fall back to ->description */
04d232d8 1405 } else
e6a16a82 1406 *ret_combined_buffer = NULL;
04d232d8
ZJS		 1407 }
1408
1409 return u->description;
2a8f53c6
ZJS		 1410}
1411
87f0e418 1412/* Common implementation for multiple backends */
c3620770 1413int unit_load_fragment_and_dropin(Unit *u, bool fragment_required) {
23a177ef
LP		 1414 int r;
1415
1416 assert(u);
23a177ef 1417
e48614c4 1418 /* Load a .{service,socket,...} file */
4ad49000
LP		 1419 r = unit_load_fragment(u);
1420 if (r < 0)
23a177ef
LP		 1421 return r;
1422
c3620770
ZJS		 1423 if (u->load_state == UNIT_STUB) {
1424 if (fragment_required)
1425 return -ENOENT;
1426
1427 u->load_state = UNIT_LOADED;
1428 }
23a177ef 1429
9e4ea9cc
ZJS		 1430 /* Load drop-in directory data. If u is an alias, we might be reloading the
1431 * target unit needlessly. But we cannot be sure which drops-ins have already
1432 * been loaded and which not, at least without doing complicated book-keeping,
1433 * so let's always reread all drop-ins. */
c9e06956
ZJS		 1434 r = unit_load_dropin(unit_follow_merge(u));
1435 if (r < 0)
1436 return r;
1437
1438 if (u->source_path) {
1439 struct stat st;
1440
1441 if (stat(u->source_path, &st) >= 0)
1442 u->source_mtime = timespec_load(&st.st_mtim);
1443 else
1444 u->source_mtime = 0;
1445 }
1446
1447 return 0;
23a177ef
LP		 1448}
1449
19496554 1450void unit_add_to_target_deps_queue(Unit *u) {
fbd747a4 1451 Manager *m = ASSERT_PTR(ASSERT_PTR(u)->manager);
c9958c4f 1452
19496554
MS		 1453 if (u->in_target_deps_queue)
1454 return;
1455
1456 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1457 u->in_target_deps_queue = true;
1458}
1459
bba34eed 1460int unit_add_default_target_dependency(Unit *u, Unit *target) {
98bc2000
LP		 1461 assert(u);
1462 assert(target);
1463
ac155bb8 1464 if (target->type != UNIT_TARGET)
98bc2000
LP		 1465 return 0;
1466
35b8ca3a 1467 /* Only add the dependency if both units are loaded, so that
bba34eed 1468 * that loop check below is reliable */
ac155bb8
MS		 1469 if (u->load_state != UNIT_LOADED ||
1470 target->load_state != UNIT_LOADED)
bba34eed
LP		 1471 return 0;
1472
21256a2b
LP		 1473 /* If either side wants no automatic dependencies, then let's
1474 * skip this */
ac155bb8
MS		 1475 if (!u->default_dependencies ||
1476 !target->default_dependencies)
21256a2b
LP		 1477 return 0;
1478
98bc2000 1479 /* Don't create loops */
15ed3c3a 1480 if (unit_has_dependency(target, UNIT_ATOM_BEFORE, u))
98bc2000
LP		 1481 return 0;
1482
eef85c4a 1483 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
98bc2000
LP		 1484}
1485
e954c9cf 1486static int unit_add_slice_dependencies(Unit *u) {
12f64221 1487 Unit *slice;
e954c9cf 1488 assert(u);
b81884e7 1489
35b7ff80 1490 if (!UNIT_HAS_CGROUP_CONTEXT(u))
e954c9cf
LP		 1491 return 0;
1492
eef85c4a
LP		 1493 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1494 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1495 relationship). */
f6173cb9 1496 UnitDependencyMask mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
eef85c4a 1497
12f64221
LP		 1498 slice = UNIT_GET_SLICE(u);
1499 if (slice)
1500 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, slice, true, mask);
e954c9cf 1501
8c8da0e0 1502 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
d1fab3fe
ZJS		 1503 return 0;
1504
5a724170 1505 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, true, mask);
98bc2000
LP		 1506}
1507
e954c9cf 1508static int unit_add_mount_dependencies(Unit *u) {
eef85c4a
LP		 1509 UnitDependencyInfo di;
1510 const char *path;
a8c5a4c6 1511 bool changed = false;
9588bc32
LP		 1512 int r;
1513
1514 assert(u);
1515
90e74a66 1516 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for) {
eef85c4a 1517 char prefix[strlen(path) + 1];
9588bc32 1518
eef85c4a 1519 PATH_FOREACH_PREFIX_MORE(prefix, path) {
c7c89abb 1520 _cleanup_free_ char *p = NULL;
9588bc32
LP		 1521 Unit *m;
1522
c7c89abb 1523 r = unit_name_from_path(prefix, ".mount", &p);
03e52e8c 1524 if (r == -EINVAL)
598a6a84 1525 continue; /* If the path cannot be converted to a mount unit name, then it's
4076ad9d 1526 * not manageable as a unit by systemd, and hence we don't need a
598a6a84 1527 * dependency on it. Let's thus silently ignore the issue. */
9588bc32
LP		 1528 if (r < 0)
1529 return r;
c7c89abb
FB		 1530
1531 m = manager_get_unit(u->manager, p);
1532 if (!m) {
598a6a84
LP		 1533 /* Make sure to load the mount unit if it exists. If so the dependencies on
1534 * this unit will be added later during the loading of the mount unit. */
c7c89abb 1535 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
9588bc32 1536 continue;
c7c89abb 1537 }
9588bc32
LP		 1538 if (m == u)
1539 continue;
1540
1541 if (m->load_state != UNIT_LOADED)
1542 continue;
1543
eef85c4a 1544 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
9588bc32
LP		 1545 if (r < 0)
1546 return r;
a8c5a4c6 1547 changed = changed || r > 0;
9588bc32
LP		 1548
1549 if (m->fragment_path) {
eef85c4a 1550 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
9588bc32
LP		 1551 if (r < 0)
1552 return r;
a8c5a4c6 1553 changed = changed || r > 0;
9588bc32
LP		 1554 }
1555 }
1556 }
1557
a8c5a4c6 1558 return changed;
9588bc32
LP		 1559}
1560
a2db0225
AZ		 1561static int unit_add_oomd_dependencies(Unit *u) {
1562 CGroupContext *c;
1563 bool wants_oomd;
a2db0225
AZ		 1564
1565 assert(u);
1566
1567 if (!u->default_dependencies)
1568 return 0;
1569
1570 c = unit_get_cgroup_context(u);
1571 if (!c)
1572 return 0;
1573
1574 wants_oomd = (c->moom_swap == MANAGED_OOM_KILL || c->moom_mem_pressure == MANAGED_OOM_KILL);
1575 if (!wants_oomd)
1576 return 0;
1577
a8c5a4c6 1578 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "systemd-oomd.service", true, UNIT_DEPENDENCY_FILE);
a2db0225
AZ		 1579}
1580
95ae05c0 1581static int unit_add_startup_units(Unit *u) {
9dfb6a3a 1582 if (!unit_has_startup_cgroup_constraints(u))
db785129
LP		 1583 return 0;
1584
de7fef4b 1585 return set_ensure_put(&u->manager->startup_units, NULL, u);
95ae05c0
WC		 1586}
1587
294446dc
LP		 1588static int unit_validate_on_failure_job_mode(
1589 Unit *u,
1590 const char *job_mode_setting,
1591 JobMode job_mode,
1592 const char *dependency_name,
1593 UnitDependencyAtom atom) {
1594
1595 Unit *other, *found = NULL;
1596
1597 if (job_mode != JOB_ISOLATE)
1598 return 0;
1599
1600 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
1601 if (!found)
1602 found = other;
1603 else if (found != other)
1604 return log_unit_error_errno(
1605 u, SYNTHETIC_ERRNO(ENOEXEC),
1606 "More than one %s dependencies specified but %sisolate set. Refusing.",
1607 dependency_name, job_mode_setting);
1608 }
1609
1610 return 0;
1611}
1612
87f0e418
LP		 1613int unit_load(Unit *u) {
1614 int r;
1615
1616 assert(u);
1617
ac155bb8 1618 if (u->in_load_queue) {
71fda00f 1619 LIST_REMOVE(load_queue, u->manager->load_queue, u);
ac155bb8 1620 u->in_load_queue = false;
87f0e418
LP		 1621 }
1622
ac155bb8 1623 if (u->type == _UNIT_TYPE_INVALID)
e537352b
LP		 1624 return -EINVAL;
1625
ac155bb8 1626 if (u->load_state != UNIT_STUB)
87f0e418
LP		 1627 return 0;
1628
4f4afc88 1629 if (u->transient_file) {
66fa4bdd
LP		 1630 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1631 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1632
4f4afc88
LP		 1633 r = fflush_and_check(u->transient_file);
1634 if (r < 0)
1635 goto fail;
1636
50fb00b7 1637 u->transient_file = safe_fclose(u->transient_file);
f76707da 1638 u->fragment_mtime = now(CLOCK_REALTIME);
4f4afc88
LP		 1639 }
1640
c3784a7d
ZJS		 1641 r = UNIT_VTABLE(u)->load(u);
1642 if (r < 0)
23a177ef 1643 goto fail;
c3784a7d
ZJS		 1644
1645 assert(u->load_state != UNIT_STUB);
23a177ef 1646
7c8fa05c 1647 if (u->load_state == UNIT_LOADED) {
19496554 1648 unit_add_to_target_deps_queue(u);
e954c9cf
LP		 1649
1650 r = unit_add_slice_dependencies(u);
1651 if (r < 0)
1652 goto fail;
c2756a68 1653
e954c9cf 1654 r = unit_add_mount_dependencies(u);
7c8fa05c 1655 if (r < 0)
c2756a68 1656 goto fail;
7c8fa05c 1657
a2db0225
AZ		 1658 r = unit_add_oomd_dependencies(u);
1659 if (r < 0)
1660 goto fail;
1661
95ae05c0
WC		 1662 r = unit_add_startup_units(u);
1663 if (r < 0)
1664 goto fail;
1665
294446dc
LP		 1666 r = unit_validate_on_failure_job_mode(u, "OnSuccessJobMode=", u->on_success_job_mode, "OnSuccess=", UNIT_ATOM_ON_SUCCESS);
1667 if (r < 0)
1668 goto fail;
15ed3c3a 1669
294446dc
LP		 1670 r = unit_validate_on_failure_job_mode(u, "OnFailureJobMode=", u->on_failure_job_mode, "OnFailure=", UNIT_ATOM_ON_FAILURE);
1671 if (r < 0)
1672 goto fail;
bc432dc7 1673
a2df3ea4
MK		 1674 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1675 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1676
5af88058
LP		 1677 /* We finished loading, let's ensure our parents recalculate the members mask */
1678 unit_invalidate_cgroup_members_masks(u);
f68319bb
LP		 1679 }
1680
ac155bb8 1681 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
23a177ef
LP		 1682
1683 unit_add_to_dbus_queue(unit_follow_merge(u));
701cc384 1684 unit_add_to_gc_queue(u);
f561e8c6 1685 (void) manager_varlink_send_managed_oom_update(u);
87f0e418 1686
87f0e418
LP		 1687 return 0;
1688
1689fail:
81be2388
ZJS		 1690 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code
1691 * should hence return ENOEXEC to ensure units are placed in this state after loading. */
c4555ad8
LP		 1692
1693 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1694 r == -ENOEXEC ? UNIT_BAD_SETTING :
1695 UNIT_ERROR;
ac155bb8 1696 u->load_error = r;
c4555ad8 1697
c149d2b4
ZJS		 1698 /* Record the timestamp on the cache, so that if the cache gets updated between now and the next time
1699 * an attempt is made to load this unit, we know we need to check again. */
7233e91a 1700 if (u->load_state == UNIT_NOT_FOUND)
c2911d48 1701 u->fragment_not_found_timestamp_hash = u->manager->unit_cache_timestamp_hash;
7233e91a 1702
c1e1601e 1703 unit_add_to_dbus_queue(u);
9a46fc3b 1704 unit_add_to_gc_queue(u);
23a177ef 1705
c4555ad8 1706 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
87f0e418
LP		 1707}
1708
f9f88198
YW		 1709_printf_(7, 8)
1710static int log_unit_internal(void *userdata, int level, int error, const char *file, int line, const char *func, const char *format, ...) {
1711 Unit *u = userdata;
1712 va_list ap;
1713 int r;
49365733 1714
c2503e35
RH		 1715 if (u && !unit_log_level_test(u, level))
1716 return -ERRNO_VALUE(error);
1717
f9f88198
YW		 1718 va_start(ap, format);
1719 if (u)
1720 r = log_object_internalv(level, error, file, line, func,
1721 u->manager->unit_log_field,
1722 u->id,
1723 u->manager->invocation_log_field,
1724 u->invocation_id_string,
1725 format, ap);
1726 else
1727 r = log_internalv(level, error, file, line, func, format, ap);
1728 va_end(ap);
49365733 1729
f9f88198 1730 return r;
49365733
LP		 1731}
1732
97a3f4ee 1733static bool unit_test_condition(Unit *u) {
a0b191b7
LP		 1734 _cleanup_strv_free_ char **env = NULL;
1735 int r;
1736
90bbc946
LP		 1737 assert(u);
1738
ac155bb8 1739 dual_timestamp_get(&u->condition_timestamp);
90bbc946 1740
a0b191b7
LP		 1741 r = manager_get_effective_environment(u->manager, &env);
1742 if (r < 0) {
1743 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
d52cc0a5 1744 u->condition_result = true;
a0b191b7
LP		 1745 } else
1746 u->condition_result = condition_test_list(
1747 u->conditions,
1748 env,
1749 condition_type_to_string,
1750 log_unit_internal,
1751 u);
e18f8852 1752
a0b191b7 1753 unit_add_to_dbus_queue(u);
ac155bb8 1754 return u->condition_result;
90bbc946
LP		 1755}
1756
97a3f4ee 1757static bool unit_test_assert(Unit *u) {
a0b191b7
LP		 1758 _cleanup_strv_free_ char **env = NULL;
1759 int r;
1760
59fccdc5
LP		 1761 assert(u);
1762
1763 dual_timestamp_get(&u->assert_timestamp);
59fccdc5 1764
a0b191b7
LP		 1765 r = manager_get_effective_environment(u->manager, &env);
1766 if (r < 0) {
1767 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1768 u->assert_result = CONDITION_ERROR;
1769 } else
1770 u->assert_result = condition_test_list(
1771 u->asserts,
1772 env,
1773 assert_type_to_string,
1774 log_unit_internal,
1775 u);
e18f8852 1776
a0b191b7 1777 unit_add_to_dbus_queue(u);
59fccdc5
LP		 1778 return u->assert_result;
1779}
1780
04d232d8
ZJS		 1781void unit_status_printf(Unit *u, StatusType status_type, const char *status, const char *format, const char *ident) {
1782 if (log_get_show_color()) {
1783 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && strchr(ident, ' '))
1784 ident = strjoina(ANSI_HIGHLIGHT, u->id, ANSI_NORMAL, " - ", u->description);
1785 else
1786 ident = strjoina(ANSI_HIGHLIGHT, ident, ANSI_NORMAL);
1787 }
5b262f74 1788
df446f96 1789 DISABLE_WARNING_FORMAT_NONLITERAL;
04d232d8 1790 manager_status_printf(u->manager, status_type, status, format, ident);
df446f96
LP		 1791 REENABLE_WARNING;
1792}
1793
97a3f4ee 1794int unit_test_start_limit(Unit *u) {
429926e9
TR		 1795 const char *reason;
1796
6bf0f408
LP		 1797 assert(u);
1798
7bf081a1 1799 if (ratelimit_below(&u->start_ratelimit)) {
6bf0f408
LP		 1800 u->start_limit_hit = false;
1801 return 0;
1802 }
1803
1804 log_unit_warning(u, "Start request repeated too quickly.");
1805 u->start_limit_hit = true;
1806
429926e9
TR		 1807 reason = strjoina("unit ", u->id, " failed");
1808
36c4dc08
LP		 1809 emergency_action(u->manager, u->start_limit_action,
1810 EMERGENCY_ACTION_IS_WATCHDOG|EMERGENCY_ACTION_WARN,
1811 u->reboot_arg, -1, reason);
1812
1813 return -ECANCELED;
6bf0f408
LP		 1814}
1815
c891efaf 1816bool unit_shall_confirm_spawn(Unit *u) {
631b676b 1817 assert(u);
c891efaf
FB		 1818
1819 if (manager_is_confirm_spawn_disabled(u->manager))
1820 return false;
1821
1822 /* For some reasons units remaining in the same process group
1823 * as PID 1 fail to acquire the console even if it's not used
1824 * by any process. So skip the confirmation question for them. */
1825 return !unit_get_exec_context(u)->same_pgrp;
1826}
1827
631b676b
LP		 1828static bool unit_verify_deps(Unit *u) {
1829 Unit *other;
631b676b
LP		 1830
1831 assert(u);
1832
defe63b0
LP		 1833 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined
1834 * with After=. We do not check Requires= or Requisite= here as they only should have an effect on
1835 * the job processing, but do not have any effect afterwards. We don't check BindsTo= dependencies
1836 * that are not used in conjunction with After= as for them any such check would make things entirely
1837 * racy. */
631b676b 1838
15ed3c3a 1839 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
631b676b 1840
15ed3c3a 1841 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other))
631b676b
LP		 1842 continue;
1843
1844 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1845 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1846 return false;
1847 }
1848 }
1849
1850 return true;
1851}
1852
9adb6959 1853/* Errors that aren't really errors:
6bf0f408 1854 * -EALREADY: Unit is already started.
9adb6959 1855 * -ECOMM: Condition failed
6bf0f408 1856 * -EAGAIN: An operation is already in progress. Retry later.
9adb6959
LP		 1857 *
1858 * Errors that are real errors:
1859 * -EBADR: This unit type does not support starting.
2de9b979 1860 * -ECANCELED: Start limit hit, too many requests for now
6bf0f408
LP		 1861 * -EPROTO: Assert failed
1862 * -EINVAL: Unit not loaded
1863 * -EOPNOTSUPP: Unit type not supported
631b676b 1864 * -ENOLINK: The necessary dependencies are not fulfilled.
d4fd1cf2 1865 * -ESTALE: This unit has been started before and can't be started a second time
a4191c9f 1866 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
87f0e418 1867 */
48b92b37 1868int unit_start(Unit *u, ActivationDetails *details) {
87f0e418 1869 UnitActiveState state;
92ab323c 1870 Unit *following;
5f37c1a9 1871 int r;
87f0e418
LP		 1872
1873 assert(u);
1874
b161bc39
MS		 1875 /* Let's hold off running start jobs for mount units when /proc/self/mountinfo monitor is rate limited. */
1876 if (u->type == UNIT_MOUNT && sd_event_source_is_ratelimited(u->manager->mount_event_source))
1877 return -EAGAIN;
1878
5766aca8
LP		 1879 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1880 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1881 * waiting is finished. */
87f0e418
LP		 1882 state = unit_active_state(u);
1883 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1884 return -EALREADY;
380dc8b0
LP		 1885 if (state == UNIT_MAINTENANCE)
1886 return -EAGAIN;
87f0e418 1887
6bf0f408
LP		 1888 /* Units that aren't loaded cannot be started */
1889 if (u->load_state != UNIT_LOADED)
1890 return -EINVAL;
1891
d4fd1cf2
LP		 1892 /* Refuse starting scope units more than once */
1893 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1894 return -ESTALE;
1895
5766aca8
LP		 1896 /* If the conditions failed, don't do anything at all. If we already are activating this call might
1897 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1898 * recheck the condition in that case. */
a82e5507 1899 if (state != UNIT_ACTIVATING &&
5af6aa58 1900 !unit_test_condition(u))
5766aca8 1901 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(ECOMM), "Starting requested but condition failed. Not starting unit.");
52661efd 1902
59fccdc5
LP		 1903 /* If the asserts failed, fail the entire job */
1904 if (state != UNIT_ACTIVATING &&
5766aca8
LP		 1905 !unit_test_assert(u))
1906 return log_unit_notice_errno(u, SYNTHETIC_ERRNO(EPROTO), "Starting requested but asserts failed.");
59fccdc5 1907
5766aca8
LP		 1908 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1909 * condition checks, so that we rather return condition check errors (which are usually not
1910 * considered a true failure) than "not supported" errors (which are considered a failure).
d11a7645 1911 */
96cf3ec9 1912 if (!unit_type_supported(u->type))
d11a7645
LP		 1913 return -EOPNOTSUPP;
1914
5766aca8
LP		 1915 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1916 * should have taken care of this already, but let's check this here again. After all, our
413e8650 1917 * dependencies might not be in effect anymore, due to a reload or due to an unmet condition. */
631b676b
LP		 1918 if (!unit_verify_deps(u))
1919 return -ENOLINK;
1920
92ab323c 1921 /* Forward to the main object, if we aren't it. */
52990c2e
ZJS		 1922 following = unit_following(u);
1923 if (following) {
f2341e0a 1924 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
48b92b37 1925 return unit_start(following, details);
92ab323c
LP		 1926 }
1927
705578c3
MS		 1928 /* Check our ability to start early so that failure conditions don't cause us to enter a busy loop. */
1929 if (UNIT_VTABLE(u)->can_start) {
1930 r = UNIT_VTABLE(u)->can_start(u);
ce2146f5
DDM		 1931 if (r < 0)
1932 return r;
1933 }
1934
92ab323c
LP		 1935 /* If it is stopped, but we cannot start it, then fail */
1936 if (!UNIT_VTABLE(u)->start)
1937 return -EBADR;
1938
5766aca8
LP		 1939 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1940 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1941 * waits for a holdoff timer to elapse before it will start again. */
87f0e418 1942
c1e1601e 1943 unit_add_to_dbus_queue(u);
d9e45bc3 1944 unit_cgroup_freezer_action(u, FREEZER_THAW);
9e58ff9c 1945
48b92b37
LB		 1946 if (!u->activation_details) /* Older details object wins */
1947 u->activation_details = activation_details_ref(details);
1948
d1a34ae9 1949 return UNIT_VTABLE(u)->start(u);
87f0e418
LP		 1950}
1951
1952bool unit_can_start(Unit *u) {
1953 assert(u);
1954
8ff4d2ab
LP		 1955 if (u->load_state != UNIT_LOADED)
1956 return false;
1957
96cf3ec9 1958 if (!unit_type_supported(u->type))
8ff4d2ab
LP		 1959 return false;
1960
d4fd1cf2
LP		 1961 /* Scope units may be started only once */
1962 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1963 return false;
1964
87f0e418
LP		 1965 return !!UNIT_VTABLE(u)->start;
1966}
1967
2528a7a6
LP		 1968bool unit_can_isolate(Unit *u) {
1969 assert(u);
1970
1971 return unit_can_start(u) &&
ac155bb8 1972 u->allow_isolate;
2528a7a6
LP		 1973}
1974
87f0e418
LP		 1975/* Errors:
1976 * -EBADR: This unit type does not support stopping.
1977 * -EALREADY: Unit is already stopped.
1978 * -EAGAIN: An operation is already in progress. Retry later.
1979 */
1980int unit_stop(Unit *u) {
1981 UnitActiveState state;
92ab323c 1982 Unit *following;
87f0e418
LP		 1983
1984 assert(u);
1985
87f0e418 1986 state = unit_active_state(u);
fdf20a31 1987 if (UNIT_IS_INACTIVE_OR_FAILED(state))
87f0e418
LP		 1988 return -EALREADY;
1989
0faacd47
LP		 1990 following = unit_following(u);
1991 if (following) {
f2341e0a 1992 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
92ab323c
LP		 1993 return unit_stop(following);
1994 }
1995
7898b0cf
LP		 1996 if (!UNIT_VTABLE(u)->stop)
1997 return -EBADR;
1998
c1e1601e 1999 unit_add_to_dbus_queue(u);
d9e45bc3 2000 unit_cgroup_freezer_action(u, FREEZER_THAW);
9e58ff9c 2001
d1a34ae9 2002 return UNIT_VTABLE(u)->stop(u);
87f0e418
LP		 2003}
2004
f5869324
LP		 2005bool unit_can_stop(Unit *u) {
2006 assert(u);
2007
39c79477
ZJS		 2008 /* Note: if we return true here, it does not mean that the unit may be successfully stopped.
2009 * Extrinsic units follow external state and they may stop following external state changes
2010 * (hence we return true here), but an attempt to do this through the manager will fail. */
2011
96cf3ec9 2012 if (!unit_type_supported(u->type))
f5869324
LP		 2013 return false;
2014
2015 if (u->perpetual)
2016 return false;
2017
2018 return !!UNIT_VTABLE(u)->stop;
2019}
2020
87f0e418
LP		 2021/* Errors:
2022 * -EBADR: This unit type does not support reloading.
2023 * -ENOEXEC: Unit is not started.
2024 * -EAGAIN: An operation is already in progress. Retry later.
2025 */
2026int unit_reload(Unit *u) {
2027 UnitActiveState state;
92ab323c 2028 Unit *following;
87f0e418
LP		 2029
2030 assert(u);
2031
ac155bb8 2032 if (u->load_state != UNIT_LOADED)
6124958c
LP		 2033 return -EINVAL;
2034
87f0e418
LP		 2035 if (!unit_can_reload(u))
2036 return -EBADR;
2037
2038 state = unit_active_state(u);
e364ad06 2039 if (state == UNIT_RELOADING)
6255af75 2040 return -EAGAIN;
87f0e418 2041
d85ff944
YW		 2042 if (state != UNIT_ACTIVE)
2043 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "Unit cannot be reloaded because it is inactive.");
87f0e418 2044
e48614c4
ZJS		 2045 following = unit_following(u);
2046 if (following) {
f2341e0a 2047 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
92ab323c
LP		 2048 return unit_reload(following);
2049 }
2050
c1e1601e 2051 unit_add_to_dbus_queue(u);
82a2b6bb 2052
f54bcca5
JR		 2053 if (!UNIT_VTABLE(u)->reload) {
2054 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
2ad2e41a 2055 unit_notify(u, unit_active_state(u), unit_active_state(u), 0);
f54bcca5
JR		 2056 return 0;
2057 }
2058
d9e45bc3
MS		 2059 unit_cgroup_freezer_action(u, FREEZER_THAW);
2060
d1a34ae9 2061 return UNIT_VTABLE(u)->reload(u);
87f0e418
LP		 2062}
2063
2064bool unit_can_reload(Unit *u) {
2065 assert(u);
2066
f54bcca5
JR		 2067 if (UNIT_VTABLE(u)->can_reload)
2068 return UNIT_VTABLE(u)->can_reload(u);
87f0e418 2069
15ed3c3a 2070 if (unit_has_dependency(u, UNIT_ATOM_PROPAGATES_RELOAD_TO, NULL))
87f0e418
LP		 2071 return true;
2072
f54bcca5 2073 return UNIT_VTABLE(u)->reload;
87f0e418
LP		 2074}
2075
a3c1168a 2076bool unit_is_unneeded(Unit *u) {
15ed3c3a 2077 Unit *other;
f3bff0eb
LP		 2078 assert(u);
2079
ac155bb8 2080 if (!u->stop_when_unneeded)
a3c1168a 2081 return false;
f3bff0eb 2082
a3c1168a 2083 /* Don't clean up while the unit is transitioning or is even inactive. */
116654d2 2084 if (unit_active_state(u) != UNIT_ACTIVE)
a3c1168a
LP		 2085 return false;
2086 if (u->job)
2087 return false;
f3bff0eb 2088
15ed3c3a 2089 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_PINS_STOP_WHEN_UNNEEDED) {
fda09318 2090 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
a3c1168a 2091 * restart, then don't clean this one up. */
b81884e7 2092
15ed3c3a
LP		 2093 if (other->job)
2094 return false;
a3c1168a 2095
15ed3c3a
LP		 2096 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2097 return false;
a3c1168a 2098
15ed3c3a
LP		 2099 if (unit_will_restart(other))
2100 return false;
bea355da
LP		 2101 }
2102
a3c1168a
LP		 2103 return true;
2104}
f3bff0eb 2105
0bc488c9
LP		 2106bool unit_is_upheld_by_active(Unit *u, Unit **ret_culprit) {
2107 Unit *other;
2108
2109 assert(u);
2110
2111 /* Checks if the unit needs to be started because it currently is not running, but some other unit
2112 * that is active declared an Uphold= dependencies on it */
2113
2114 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)) || u->job) {
2115 if (ret_culprit)
2116 *ret_culprit = NULL;
2117 return false;
2118 }
2119
2120 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_START_STEADILY) {
2121 if (other->job)
2122 continue;
2123
2124 if (UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
2125 if (ret_culprit)
2126 *ret_culprit = other;
2127 return true;
2128 }
2129 }
2130
2131 if (ret_culprit)
2132 *ret_culprit = NULL;
2133 return false;
2134}
2135
56c59592
LP		 2136bool unit_is_bound_by_inactive(Unit *u, Unit **ret_culprit) {
2137 Unit *other;
2138
2139 assert(u);
2140
2141 /* Checks whether this unit is bound to another unit that is inactive, i.e. whether we should stop
7802194a 2142 * because the other unit is down. */
56c59592
LP		 2143
2144 if (unit_active_state(u) != UNIT_ACTIVE || u->job) {
2145 /* Don't clean up while the unit is transitioning or is even inactive. */
2146 if (ret_culprit)
2147 *ret_culprit = NULL;
2148 return false;
2149 }
2150
2151 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
2152 if (other->job)
2153 continue;
2154
2155 if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other))) {
3da36106 2156 if (ret_culprit)
56c59592
LP		 2157 *ret_culprit = other;
2158
2159 return true;
2160 }
2161 }
2162
2163 if (ret_culprit)
2164 *ret_culprit = NULL;
2165 return false;
2166}
2167
a3c1168a 2168static void check_unneeded_dependencies(Unit *u) {
15ed3c3a 2169 Unit *other;
a3c1168a
LP		 2170 assert(u);
2171
2172 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2173
15ed3c3a
LP		 2174 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_STOP_WHEN_UNNEEDED_QUEUE)
2175 unit_submit_to_stop_when_unneeded_queue(other);
f3bff0eb
LP		 2176}
2177
0bc488c9
LP		 2178static void check_uphold_dependencies(Unit *u) {
2179 Unit *other;
2180 assert(u);
2181
2182 /* Add all units this unit depends on to the queue that processes Uphold= behaviour. */
2183
2184 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_START_WHEN_UPHELD_QUEUE)
2185 unit_submit_to_start_when_upheld_queue(other);
2186}
2187
56c59592 2188static void check_bound_by_dependencies(Unit *u) {
ff502445 2189 Unit *other;
ff502445
LP		 2190 assert(u);
2191
56c59592 2192 /* Add all units this unit depends on to the queue that processes BindsTo= stop behaviour. */
ff502445 2193
56c59592
LP		 2194 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_CANNOT_BE_ACTIVE_WITHOUT_QUEUE)
2195 unit_submit_to_stop_when_bound_queue(other);
ff502445
LP		 2196}
2197
87f0e418 2198static void retroactively_start_dependencies(Unit *u) {
87f0e418
LP		 2199 Unit *other;
2200
2201 assert(u);
2202 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2203
15ed3c3a
LP		 2204 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_REPLACE) /* Requires= + BindsTo= */
2205 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
b81884e7 2206 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
50cbaba4 2207 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL, NULL);
b81884e7 2208
15ed3c3a
LP		 2209 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_FAIL) /* Wants= */
2210 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
b81884e7 2211 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
50cbaba4 2212 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL, NULL);
87f0e418 2213
15ed3c3a 2214 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_START) /* Conflicts= (and inverse) */
b81884e7 2215 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
50cbaba4 2216 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
87f0e418
LP		 2217}
2218
2219static void retroactively_stop_dependencies(Unit *u) {
87f0e418
LP		 2220 Unit *other;
2221
2222 assert(u);
2223 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2224
b81884e7 2225 /* Pull down units which are bound to us recursively if enabled */
15ed3c3a 2226 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_STOP) /* BoundBy= */
b81884e7 2227 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
50cbaba4 2228 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
cd0504d0
MS		 2229}
2230
294446dc
LP		 2231void unit_start_on_failure(
2232 Unit *u,
2233 const char *dependency_name,
2234 UnitDependencyAtom atom,
2235 JobMode job_mode) {
2236
82acee14 2237 int n_jobs = -1;
c0daa706 2238 Unit *other;
7f66b026 2239 int r;
c0daa706
LP		 2240
2241 assert(u);
294446dc
LP		 2242 assert(dependency_name);
2243 assert(IN_SET(atom, UNIT_ATOM_ON_SUCCESS, UNIT_ATOM_ON_FAILURE));
2244
2245 /* Act on OnFailure= and OnSuccess= dependencies */
c0daa706 2246
294446dc 2247 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
7f66b026 2248 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
222ae6a8 2249
82acee14 2250 if (n_jobs < 0) {
294446dc 2251 log_unit_info(u, "Triggering %s dependencies.", dependency_name);
82acee14 2252 n_jobs = 0;
15ed3c3a
LP		 2253 }
2254
95c81c55 2255 r = manager_add_job(u->manager, JOB_START, other, job_mode, NULL, &error, NULL);
c1b6628d 2256 if (r < 0)
294446dc
LP		 2257 log_unit_warning_errno(
2258 u, r, "Failed to enqueue %s job, ignoring: %s",
2259 dependency_name, bus_error_message(&error, r));
82acee14 2260 n_jobs ++;
222ae6a8 2261 }
294446dc 2262
82acee14 2263 if (n_jobs >= 0)
c0f86d66 2264 log_unit_debug(u, "Triggering %s dependencies done (%i %s).",
82acee14 2265 dependency_name, n_jobs, n_jobs == 1 ? "job" : "jobs");
c0daa706
LP		 2266}
2267
3ecaa09b
LP		 2268void unit_trigger_notify(Unit *u) {
2269 Unit *other;
3ecaa09b
LP		 2270
2271 assert(u);
2272
15ed3c3a 2273 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_TRIGGERED_BY)
3ecaa09b
LP		 2274 if (UNIT_VTABLE(other)->trigger_notify)
2275 UNIT_VTABLE(other)->trigger_notify(other, u);
2276}
2277
37109b85
ZJS		 2278static int raise_level(int log_level, bool condition_info, bool condition_notice) {
2279 if (condition_notice && log_level > LOG_NOTICE)
2280 return LOG_NOTICE;
2281 if (condition_info && log_level > LOG_INFO)
2282 return LOG_INFO;
2283 return log_level;
2284}
2285
915b1d01 2286static int unit_log_resources(Unit *u) {
bc40a20e
LP		 2287 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + _CGROUP_IO_ACCOUNTING_METRIC_MAX + 4];
2288 bool any_traffic = false, have_ip_accounting = false, any_io = false, have_io_accounting = false;
2289 _cleanup_free_ char *igress = NULL, *egress = NULL, *rr = NULL, *wr = NULL;
162392b7 2290 int log_level = LOG_DEBUG; /* May be raised if resources consumed over a threshold */
915b1d01 2291 size_t n_message_parts = 0, n_iovec = 0;
bc40a20e 2292 char* message_parts[1 + 2 + 2 + 1], *t;
915b1d01 2293 nsec_t nsec = NSEC_INFINITY;
915b1d01
LP		 2294 int r;
2295 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2296 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2297 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2298 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2299 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2300 };
bc40a20e
LP		 2301 const char* const io_fields[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
2302 [CGROUP_IO_READ_BYTES] = "IO_METRIC_READ_BYTES",
2303 [CGROUP_IO_WRITE_BYTES] = "IO_METRIC_WRITE_BYTES",
2304 [CGROUP_IO_READ_OPERATIONS] = "IO_METRIC_READ_OPERATIONS",
2305 [CGROUP_IO_WRITE_OPERATIONS] = "IO_METRIC_WRITE_OPERATIONS",
2306 };
915b1d01
LP		 2307
2308 assert(u);
2309
2310 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2311 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2312 * information and the complete data in structured fields. */
2313
2314 (void) unit_get_cpu_usage(u, &nsec);
2315 if (nsec != NSEC_INFINITY) {
915b1d01
LP		 2316 /* Format the CPU time for inclusion in the structured log message */
2317 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2318 r = log_oom();
2319 goto finish;
2320 }
2321 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2322
2323 /* Format the CPU time for inclusion in the human language message string */
5291f26d 2324 t = strjoin("consumed ", FORMAT_TIMESPAN(nsec / NSEC_PER_USEC, USEC_PER_MSEC), " CPU time");
915b1d01
LP		 2325 if (!t) {
2326 r = log_oom();
2327 goto finish;
2328 }
2329
2330 message_parts[n_message_parts++] = t;
37109b85
ZJS		 2331
2332 log_level = raise_level(log_level,
ef6bb4dd
CG		 2333 nsec > MENTIONWORTHY_CPU_NSEC,
2334 nsec > NOTICEWORTHY_CPU_NSEC);
915b1d01
LP		 2335 }
2336
bc40a20e 2337 for (CGroupIOAccountingMetric k = 0; k < _CGROUP_IO_ACCOUNTING_METRIC_MAX; k++) {
bc40a20e
LP		 2338 uint64_t value = UINT64_MAX;
2339
2340 assert(io_fields[k]);
2341
2342 (void) unit_get_io_accounting(u, k, k > 0, &value);
2343 if (value == UINT64_MAX)
2344 continue;
2345
2346 have_io_accounting = true;
2347 if (value > 0)
2348 any_io = true;
2349
2350 /* Format IO accounting data for inclusion in the structured log message */
2351 if (asprintf(&t, "%s=%" PRIu64, io_fields[k], value) < 0) {
2352 r = log_oom();
2353 goto finish;
2354 }
2355 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2356
2357 /* Format the IO accounting data for inclusion in the human language message string, but only
2358 * for the bytes counters (and not for the operations counters) */
2359 if (k == CGROUP_IO_READ_BYTES) {
2360 assert(!rr);
2b59bf51 2361 rr = strjoin("read ", strna(FORMAT_BYTES(value)), " from disk");
bc40a20e
LP		 2362 if (!rr) {
2363 r = log_oom();
2364 goto finish;
2365 }
2366 } else if (k == CGROUP_IO_WRITE_BYTES) {
2367 assert(!wr);
2b59bf51 2368 wr = strjoin("written ", strna(FORMAT_BYTES(value)), " to disk");
bc40a20e
LP		 2369 if (!wr) {
2370 r = log_oom();
2371 goto finish;
2372 }
2373 }
37109b85
ZJS		 2374
2375 if (IN_SET(k, CGROUP_IO_READ_BYTES, CGROUP_IO_WRITE_BYTES))
2376 log_level = raise_level(log_level,
2377 value > MENTIONWORTHY_IO_BYTES,
2378 value > NOTICEWORTHY_IO_BYTES);
bc40a20e
LP		 2379 }
2380
2381 if (have_io_accounting) {
2382 if (any_io) {
2383 if (rr)
2384 message_parts[n_message_parts++] = TAKE_PTR(rr);
2385 if (wr)
2386 message_parts[n_message_parts++] = TAKE_PTR(wr);
2387
2388 } else {
2389 char *k;
2390
2391 k = strdup("no IO");
2392 if (!k) {
2393 r = log_oom();
2394 goto finish;
2395 }
2396
2397 message_parts[n_message_parts++] = k;
2398 }
2399 }
2400
12375b95 2401 for (CGroupIPAccountingMetric m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
915b1d01
LP		 2402 uint64_t value = UINT64_MAX;
2403
2404 assert(ip_fields[m]);
2405
2406 (void) unit_get_ip_accounting(u, m, &value);
2407 if (value == UINT64_MAX)
2408 continue;
82044702
LP		 2409
2410 have_ip_accounting = true;
a87b1faa
LP		 2411 if (value > 0)
2412 any_traffic = true;
915b1d01
LP		 2413
2414 /* Format IP accounting data for inclusion in the structured log message */
2415 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2416 r = log_oom();
2417 goto finish;
2418 }
2419 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2420
2421 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2422 * bytes counters (and not for the packets counters) */
a87b1faa
LP		 2423 if (m == CGROUP_IP_INGRESS_BYTES) {
2424 assert(!igress);
2b59bf51 2425 igress = strjoin("received ", strna(FORMAT_BYTES(value)), " IP traffic");
a87b1faa
LP		 2426 if (!igress) {
2427 r = log_oom();
2428 goto finish;
2429 }
2430 } else if (m == CGROUP_IP_EGRESS_BYTES) {
2431 assert(!egress);
2b59bf51 2432 egress = strjoin("sent ", strna(FORMAT_BYTES(value)), " IP traffic");
a87b1faa
LP		 2433 if (!egress) {
2434 r = log_oom();
2435 goto finish;
2436 }
2437 }
37109b85
ZJS		 2438
2439 if (IN_SET(m, CGROUP_IP_INGRESS_BYTES, CGROUP_IP_EGRESS_BYTES))
2440 log_level = raise_level(log_level,
2441 value > MENTIONWORTHY_IP_BYTES,
2442 value > NOTICEWORTHY_IP_BYTES);
a87b1faa
LP		 2443 }
2444
c2503e35
RH		 2445 /* This check is here because it is the earliest point following all possible log_level assignments. If
2446 * log_level is assigned anywhere after this point, move this check. */
2447 if (!unit_log_level_test(u, log_level)) {
2448 r = 0;
2449 goto finish;
2450 }
2451
82044702
LP		 2452 if (have_ip_accounting) {
2453 if (any_traffic) {
2454 if (igress)
2455 message_parts[n_message_parts++] = TAKE_PTR(igress);
2456 if (egress)
2457 message_parts[n_message_parts++] = TAKE_PTR(egress);
a87b1faa 2458
82044702
LP		 2459 } else {
2460 char *k;
915b1d01 2461
82044702
LP		 2462 k = strdup("no IP traffic");
2463 if (!k) {
2464 r = log_oom();
2465 goto finish;
2466 }
2467
2468 message_parts[n_message_parts++] = k;
2469 }
915b1d01
LP		 2470 }
2471
2472 /* Is there any accounting data available at all? */
2473 if (n_iovec == 0) {
2474 r = 0;
2475 goto finish;
2476 }
2477
2478 if (n_message_parts == 0)
a87b1faa 2479 t = strjoina("MESSAGE=", u->id, ": Completed.");
915b1d01 2480 else {
c2b2df60 2481 _cleanup_free_ char *joined = NULL;
915b1d01
LP		 2482
2483 message_parts[n_message_parts] = NULL;
2484
2485 joined = strv_join(message_parts, ", ");
2486 if (!joined) {
2487 r = log_oom();
2488 goto finish;
2489 }
2490
ec9d636b 2491 joined[0] = ascii_toupper(joined[0]);
a87b1faa 2492 t = strjoina("MESSAGE=", u->id, ": ", joined, ".");
915b1d01
LP		 2493 }
2494
2495 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2496 * and hence don't increase n_iovec for them */
2497 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2498 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2499
2500 t = strjoina(u->manager->unit_log_field, u->id);
2501 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2502
2503 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2504 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2505
c2503e35 2506 log_unit_struct_iovec(u, log_level, iovec, n_iovec + 4);
915b1d01
LP		 2507 r = 0;
2508
2509finish:
12375b95 2510 for (size_t i = 0; i < n_message_parts; i++)
915b1d01
LP		 2511 free(message_parts[i]);
2512
12375b95 2513 for (size_t i = 0; i < n_iovec; i++)
915b1d01
LP		 2514 free(iovec[i].iov_base);
2515
2516 return r;
2517
2518}
2519
adefcf28
LP		 2520static void unit_update_on_console(Unit *u) {
2521 bool b;
2522
2523 assert(u);
2524
2525 b = unit_needs_console(u);
2526 if (u->on_console == b)
2527 return;
2528
2529 u->on_console = b;
2530 if (b)
2531 manager_ref_console(u->manager);
2532 else
2533 manager_unref_console(u->manager);
adefcf28
LP		 2534}
2535
6eb65e7c
LP		 2536static void unit_emit_audit_start(Unit *u) {
2537 assert(u);
2538
2539 if (u->type != UNIT_SERVICE)
2540 return;
2541
2542 /* Write audit record if we have just finished starting up */
2543 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, true);
2544 u->in_audit = true;
2545}
2546
2547static void unit_emit_audit_stop(Unit *u, UnitActiveState state) {
2548 assert(u);
2549
2550 if (u->type != UNIT_SERVICE)
2551 return;
2552
2553 if (u->in_audit) {
2554 /* Write audit record if we have just finished shutting down */
2555 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, state == UNIT_INACTIVE);
2556 u->in_audit = false;
2557 } else {
2558 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2559 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, state == UNIT_INACTIVE);
2560
2561 if (state == UNIT_INACTIVE)
2562 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, true);
2563 }
2564}
2565
16c74914
LP		 2566static bool unit_process_job(Job *j, UnitActiveState ns, UnitNotifyFlags flags) {
2567 bool unexpected = false;
31cd5f63 2568 JobResult result;
16c74914
LP		 2569
2570 assert(j);
2571
2572 if (j->state == JOB_WAITING)
2573
2574 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2575 * due to EAGAIN. */
2576 job_add_to_run_queue(j);
2577
2578 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2579 * hence needs to invalidate jobs. */
2580
2581 switch (j->type) {
2582
2583 case JOB_START:
2584 case JOB_VERIFY_ACTIVE:
2585
2586 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2587 job_finish_and_invalidate(j, JOB_DONE, true, false);
2588 else if (j->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2589 unexpected = true;
2590
31cd5f63
AZ		 2591 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2592 if (ns == UNIT_FAILED)
2593 result = JOB_FAILED;
31cd5f63
AZ		 2594 else
2595 result = JOB_DONE;
2596
2597 job_finish_and_invalidate(j, result, true, false);
2598 }
16c74914
LP		 2599 }
2600
2601 break;
2602
2603 case JOB_RELOAD:
2604 case JOB_RELOAD_OR_START:
2605 case JOB_TRY_RELOAD:
2606
2607 if (j->state == JOB_RUNNING) {
2608 if (ns == UNIT_ACTIVE)
2609 job_finish_and_invalidate(j, (flags & UNIT_NOTIFY_RELOAD_FAILURE) ? JOB_FAILED : JOB_DONE, true, false);
2610 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2611 unexpected = true;
2612
2613 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2614 job_finish_and_invalidate(j, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2615 }
2616 }
2617
2618 break;
2619
2620 case JOB_STOP:
2621 case JOB_RESTART:
2622 case JOB_TRY_RESTART:
2623
2624 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2625 job_finish_and_invalidate(j, JOB_DONE, true, false);
2626 else if (j->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2627 unexpected = true;
2628 job_finish_and_invalidate(j, JOB_FAILED, true, false);
2629 }
2630
2631 break;
2632
2633 default:
04499a70 2634 assert_not_reached();
16c74914
LP		 2635 }
2636
2637 return unexpected;
2638}
2639
2ad2e41a 2640void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, UnitNotifyFlags flags) {
429926e9 2641 const char *reason;
8559b3b7 2642 Manager *m;
a096ed36 2643
87f0e418
LP		 2644 assert(u);
2645 assert(os < _UNIT_ACTIVE_STATE_MAX);
2646 assert(ns < _UNIT_ACTIVE_STATE_MAX);
87f0e418 2647
8559b3b7
LP		 2648 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2649 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2650 * remounted this function will be called too! */
87f0e418 2651
546ac4f0
MS		 2652 m = u->manager;
2653
3c4832ad
LP		 2654 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2655 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2656 unit_add_to_dbus_queue(u);
2657
e30bbc90
AZ		 2658 /* Update systemd-oomd on the property/state change */
2659 if (os != ns) {
2660 /* Always send an update if the unit is going into an inactive state so systemd-oomd knows to stop
2661 * monitoring.
2662 * Also send an update whenever the unit goes active; this is to handle a case where an override file
2663 * sets one of the ManagedOOM*= properties to "kill", then later removes it. systemd-oomd needs to
2664 * know to stop monitoring when the unit changes from "kill" -> "auto" on daemon-reload, but we don't
2665 * have the information on the property. Thus, indiscriminately send an update. */
f561e8c6 2666 if (UNIT_IS_INACTIVE_OR_FAILED(ns) || UNIT_IS_ACTIVE_OR_RELOADING(ns))
e30bbc90
AZ		 2667 (void) manager_varlink_send_managed_oom_update(u);
2668 }
2669
f755e3b7 2670 /* Update timestamps for state changes */
2c289ea8 2671 if (!MANAGER_IS_RELOADING(m)) {
a483fb59 2672 dual_timestamp_get(&u->state_change_timestamp);
173e3821 2673
bdbf9951 2674 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2675 u->inactive_exit_timestamp = u->state_change_timestamp;
bdbf9951 2676 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2677 u->inactive_enter_timestamp = u->state_change_timestamp;
bdbf9951
LP		 2678
2679 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2680 u->active_enter_timestamp = u->state_change_timestamp;
bdbf9951 2681 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2682 u->active_exit_timestamp = u->state_change_timestamp;
bdbf9951 2683 }
87f0e418 2684
865cc19a 2685 /* Keep track of failed units */
8724defe 2686 (void) manager_update_failed_units(m, u, ns == UNIT_FAILED);
f755e3b7 2687
d3070fbd
LP		 2688 /* Make sure the cgroup and state files are always removed when we become inactive */
2689 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
ff68472a
ZJS		 2690 SET_FLAG(u->markers,
2691 (1u << UNIT_MARKER_NEEDS_RELOAD)|(1u << UNIT_MARKER_NEEDS_RESTART),
2692 false);
efdb0237 2693 unit_prune_cgroup(u);
d3070fbd 2694 unit_unlink_state_files(u);
ff68472a
ZJS		 2695 } else if (ns != os && ns == UNIT_RELOADING)
2696 SET_FLAG(u->markers, 1u << UNIT_MARKER_NEEDS_RELOAD, false);
fb385181 2697
adefcf28 2698 unit_update_on_console(u);
7ed9f6cd 2699
2c289ea8 2700 if (!MANAGER_IS_RELOADING(m)) {
a1c7334b
LP		 2701 bool unexpected;
2702
2703 /* Let's propagate state changes to the job */
2704 if (u->job)
2705 unexpected = unit_process_job(u->job, ns, flags);
2706 else
2707 unexpected = true;
f3bff0eb 2708
a1c7334b
LP		 2709 /* If this state change happened without being requested by a job, then let's retroactively start or
2710 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2711 * additional jobs just because something is already activated. */
bdbf9951
LP		 2712
2713 if (unexpected) {
2714 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2715 retroactively_start_dependencies(u);
2716 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2717 retroactively_stop_dependencies(u);
2718 }
5de9682c 2719
bdbf9951 2720 if (ns != os && ns == UNIT_FAILED) {
ed77d407 2721 log_unit_debug(u, "Unit entered failed state.");
2ad2e41a
LP		 2722
2723 if (!(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
294446dc 2724 unit_start_on_failure(u, "OnFailure=", UNIT_ATOM_ON_FAILURE, u->on_failure_job_mode);
cd6d0a45 2725 }
e537352b 2726
256f65d0
LP		 2727 if (UNIT_IS_ACTIVE_OR_RELOADING(ns) && !UNIT_IS_ACTIVE_OR_RELOADING(os)) {
2728 /* This unit just finished starting up */
3b2775c5 2729
6eb65e7c 2730 unit_emit_audit_start(u);
546ac4f0 2731 manager_send_unit_plymouth(m, u);
256f65d0 2732 }
bdbf9951 2733
256f65d0 2734 if (UNIT_IS_INACTIVE_OR_FAILED(ns) && !UNIT_IS_INACTIVE_OR_FAILED(os)) {
915b1d01 2735 /* This unit just stopped/failed. */
256f65d0 2736
6eb65e7c 2737 unit_emit_audit_stop(u, ns);
915b1d01 2738 unit_log_resources(u);
cd6d0a45 2739 }
294446dc
LP		 2740
2741 if (ns == UNIT_INACTIVE && !IN_SET(os, UNIT_FAILED, UNIT_INACTIVE, UNIT_MAINTENANCE) &&
2742 !(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
2743 unit_start_on_failure(u, "OnSuccess=", UNIT_ATOM_ON_SUCCESS, u->on_success_job_mode);
f278026d
LP		 2744 }
2745
31dc1ca3
LP		 2746 manager_recheck_journal(m);
2747 manager_recheck_dbus(m);
e63ebf71 2748
3ecaa09b 2749 unit_trigger_notify(u);
3b2775c5 2750
8724defe 2751 if (!MANAGER_IS_RELOADING(m)) {
429926e9
TR		 2752 if (os != UNIT_FAILED && ns == UNIT_FAILED) {
2753 reason = strjoina("unit ", u->id, " failed");
36c4dc08 2754 emergency_action(m, u->failure_action, 0, u->reboot_arg, unit_failure_action_exit_status(u), reason);
429926e9
TR		 2755 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE) {
2756 reason = strjoina("unit ", u->id, " succeeded");
36c4dc08 2757 emergency_action(m, u->success_action, 0, u->reboot_arg, unit_success_action_exit_status(u), reason);
429926e9 2758 }
ff502445
LP		 2759 }
2760
99e9af25 2761 /* And now, add the unit or depending units to various queues that will act on the new situation if
48008c1c 2762 * needed. These queues generally check for continuous state changes rather than events (like most of
99e9af25
LP		 2763 * the state propagation above), and do work deferred instead of instantly, since they typically
2764 * don't want to run during reloading, and usually involve checking combined state of multiple units
2765 * at once. */
2766
2767 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2768 /* Stop unneeded units and bound-by units regardless if going down was expected or not */
2769 check_unneeded_dependencies(u);
2770 check_bound_by_dependencies(u);
2771
2772 /* Maybe someone wants us to remain up? */
2773 unit_submit_to_start_when_upheld_queue(u);
2774
2775 /* Maybe the unit should be GC'ed now? */
2776 unit_add_to_gc_queue(u);
2777 }
2778
2779 if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
2780 /* Start uphold units regardless if going up was expected or not */
2781 check_uphold_dependencies(u);
2782
2783 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2784 unit_submit_to_stop_when_unneeded_queue(u);
2785
2786 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens
2787 * when something BindsTo= to a Type=oneshot unit, as these units go directly from starting to
2788 * inactive, without ever entering started.) */
2789 unit_submit_to_stop_when_bound_queue(u);
2790 }
87f0e418
LP		 2791}
2792
f75f613d 2793int unit_watch_pid(Unit *u, pid_t pid, bool exclusive) {
62a76913 2794 int r;
a911bb9a 2795
87f0e418 2796 assert(u);
62a76913 2797 assert(pid_is_valid(pid));
87f0e418 2798
62a76913 2799 /* Watch a specific PID */
5ba6985b 2800
f75f613d
FB		 2801 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2802 * opportunity to remove any stalled references to this PID as they can be created
2803 * easily (when watching a process which is not our direct child). */
2804 if (exclusive)
2805 manager_unwatch_pid(u->manager, pid);
2806
d5099efc 2807 r = set_ensure_allocated(&u->pids, NULL);
5ba6985b
LP		 2808 if (r < 0)
2809 return r;
2810
62a76913 2811 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
a911bb9a
LP		 2812 if (r < 0)
2813 return r;
2814
62a76913
LP		 2815 /* First try, let's add the unit keyed by "pid". */
2816 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2817 if (r == -EEXIST) {
2818 Unit **array;
2819 bool found = false;
2820 size_t n = 0;
05e343b7 2821
62a76913
LP		 2822 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2823 * to an array of Units rather than just a Unit), lists us already. */
a911bb9a 2824
62a76913
LP		 2825 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2826 if (array)
2827 for (; array[n]; n++)
2828 if (array[n] == u)
2829 found = true;
a911bb9a 2830
62a76913
LP		 2831 if (found) /* Found it already? if so, do nothing */
2832 r = 0;
2833 else {
2834 Unit **new_array;
2835
2836 /* Allocate a new array */
2837 new_array = new(Unit*, n + 2);
2838 if (!new_array)
2839 return -ENOMEM;
2840
2841 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2842 new_array[n] = u;
2843 new_array[n+1] = NULL;
2844
2845 /* Add or replace the old array */
2846 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2847 if (r < 0) {
2848 free(new_array);
2849 return r;
2850 }
2851
2852 free(array);
2853 }
2854 } else if (r < 0)
2855 return r;
2856
2857 r = set_put(u->pids, PID_TO_PTR(pid));
2858 if (r < 0)
2859 return r;
2860
2861 return 0;
87f0e418
LP		 2862}
2863
2864void unit_unwatch_pid(Unit *u, pid_t pid) {
62a76913
LP		 2865 Unit **array;
2866
87f0e418 2867 assert(u);
62a76913
LP		 2868 assert(pid_is_valid(pid));
2869
2870 /* First let's drop the unit in case it's keyed as "pid". */
2871 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2872
2873 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2874 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2875 if (array) {
62a76913 2876 /* Let's iterate through the array, dropping our own entry */
12375b95
ZJS		 2877
2878 size_t m = 0;
2879 for (size_t n = 0; array[n]; n++)
62a76913
LP		 2880 if (array[n] != u)
2881 array[m++] = array[n];
2882 array[m] = NULL;
2883
2884 if (m == 0) {
2885 /* The array is now empty, remove the entire entry */
20c3acfa 2886 assert_se(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
62a76913
LP		 2887 free(array);
2888 }
2889 }
87f0e418 2890
fea72cc0 2891 (void) set_remove(u->pids, PID_TO_PTR(pid));
a911bb9a
LP		 2892}
2893
bd44e61b
LP		 2894void unit_unwatch_all_pids(Unit *u) {
2895 assert(u);
2896
2897 while (!set_isempty(u->pids))
fea72cc0 2898 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
bd44e61b 2899
efdb0237 2900 u->pids = set_free(u->pids);
a911bb9a
LP		 2901}
2902
50be4f4a
LP		 2903static void unit_tidy_watch_pids(Unit *u) {
2904 pid_t except1, except2;
a911bb9a
LP		 2905 void *e;
2906
2907 assert(u);
2908
2909 /* Cleans dead PIDs from our list */
2910
50be4f4a
LP		 2911 except1 = unit_main_pid(u);
2912 except2 = unit_control_pid(u);
2913
90e74a66 2914 SET_FOREACH(e, u->pids) {
fea72cc0 2915 pid_t pid = PTR_TO_PID(e);
a911bb9a
LP		 2916
2917 if (pid == except1 || pid == except2)
2918 continue;
2919
9f5650ae 2920 if (!pid_is_unwaited(pid))
bd44e61b 2921 unit_unwatch_pid(u, pid);
a911bb9a 2922 }
87f0e418
LP		 2923}
2924
50be4f4a 2925static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
99534007 2926 Unit *u = ASSERT_PTR(userdata);
50be4f4a
LP		 2927
2928 assert(s);
50be4f4a
LP		 2929
2930 unit_tidy_watch_pids(u);
2931 unit_watch_all_pids(u);
2932
2933 /* If the PID set is empty now, then let's finish this off. */
2934 unit_synthesize_cgroup_empty_event(u);
2935
2936 return 0;
2937}
2938
2939int unit_enqueue_rewatch_pids(Unit *u) {
2940 int r;
2941
2942 assert(u);
2943
2944 if (!u->cgroup_path)
2945 return -ENOENT;
2946
2947 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
2948 if (r < 0)
2949 return r;
2950 if (r > 0) /* On unified we can use proper notifications */
2951 return 0;
2952
2953 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2954 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2955 * involves issuing kill(pid, 0) on all processes we watch. */
2956
2957 if (!u->rewatch_pids_event_source) {
2958 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
2959
2960 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
2961 if (r < 0)
2962 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
2963
2964 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
2965 if (r < 0)
28b77ab2 2966 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: %m");
50be4f4a
LP		 2967
2968 (void) sd_event_source_set_description(s, "tidy-watch-pids");
2969
2970 u->rewatch_pids_event_source = TAKE_PTR(s);
2971 }
2972
2973 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
2974 if (r < 0)
2975 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
2976
2977 return 0;
2978}
2979
2980void unit_dequeue_rewatch_pids(Unit *u) {
2981 int r;
2982 assert(u);
2983
2984 if (!u->rewatch_pids_event_source)
2985 return;
2986
2987 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
2988 if (r < 0)
2989 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2990
5dcadb4c 2991 u->rewatch_pids_event_source = sd_event_source_disable_unref(u->rewatch_pids_event_source);
50be4f4a
LP		 2992}
2993
87f0e418
LP		 2994bool unit_job_is_applicable(Unit *u, JobType j) {
2995 assert(u);
2996 assert(j >= 0 && j < _JOB_TYPE_MAX);
2997
2998 switch (j) {
2999
3000 case JOB_VERIFY_ACTIVE:
3001 case JOB_START:
e0209d83 3002 case JOB_NOP:
f5869324 3003 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
86b52a39 3004 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
f5869324 3005 * jobs for it. */
87f0e418
LP		 3006 return true;
3007
f5869324
LP		 3008 case JOB_STOP:
3009 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
86b52a39 3010 * external events), hence it makes no sense to permit enqueuing such a request either. */
f5869324
LP		 3011 return !u->perpetual;
3012
87f0e418
LP		 3013 case JOB_RESTART:
3014 case JOB_TRY_RESTART:
f5869324 3015 return unit_can_stop(u) && unit_can_start(u);
87f0e418
LP		 3016
3017 case JOB_RELOAD:
3282591d 3018 case JOB_TRY_RELOAD:
87f0e418
LP		 3019 return unit_can_reload(u);
3020
3021 case JOB_RELOAD_OR_START:
3022 return unit_can_reload(u) && unit_can_start(u);
3023
3024 default:
04499a70 3025 assert_not_reached();
87f0e418
LP		 3026 }
3027}
3028
eef85c4a
LP		 3029int unit_add_dependency(
3030 Unit *u,
3031 UnitDependency d,
3032 Unit *other,
3033 bool add_reference,
3034 UnitDependencyMask mask) {
87f0e418
LP		 3035
3036 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
fb138166
ZJS		 3037 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
3038 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
3039 [UNIT_WANTS] = UNIT_WANTED_BY,
3040 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
3041 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
3042 [UNIT_UPHOLDS] = UNIT_UPHELD_BY,
3043 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
3044 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
3045 [UNIT_WANTED_BY] = UNIT_WANTS,
3046 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
3047 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
3048 [UNIT_UPHELD_BY] = UNIT_UPHOLDS,
3049 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
3050 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
3051 [UNIT_BEFORE] = UNIT_AFTER,
3052 [UNIT_AFTER] = UNIT_BEFORE,
3053 [UNIT_ON_SUCCESS] = UNIT_ON_SUCCESS_OF,
3054 [UNIT_ON_SUCCESS_OF] = UNIT_ON_SUCCESS,
3055 [UNIT_ON_FAILURE] = UNIT_ON_FAILURE_OF,
3056 [UNIT_ON_FAILURE_OF] = UNIT_ON_FAILURE,
3057 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
3058 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
3059 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
85e9a101 3060 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
fb138166
ZJS		 3061 [UNIT_PROPAGATES_STOP_TO] = UNIT_STOP_PROPAGATED_FROM,
3062 [UNIT_STOP_PROPAGATED_FROM] = UNIT_PROPAGATES_STOP_TO,
3063 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF, /* symmetric! 👓 */
3064 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
3065 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
3066 [UNIT_IN_SLICE] = UNIT_SLICE_OF,
3067 [UNIT_SLICE_OF] = UNIT_IN_SLICE,
87f0e418 3068 };
eef85c4a 3069 Unit *original_u = u, *original_other = other;
15ed3c3a 3070 UnitDependencyAtom a;
eef85c4a 3071 int r;
15ed3c3a
LP		 3072
3073 /* Helper to know whether sending a notification is necessary or not: if the dependency is already
3074 * there, no need to notify! */
ac17080c 3075 bool notify, notify_other = false;
87f0e418
LP		 3076
3077 assert(u);
3078 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
87f0e418
LP		 3079 assert(other);
3080
9f151f29
LP		 3081 u = unit_follow_merge(u);
3082 other = unit_follow_merge(other);
15ed3c3a
LP		 3083 a = unit_dependency_to_atom(d);
3084 assert(a >= 0);
9f151f29 3085
15ed3c3a 3086 /* We won't allow dependencies on ourselves. We will not consider them an error however. */
d1fab3fe 3087 if (u == other) {
15ed3c3a 3088 unit_maybe_warn_about_dependency(original_u, original_other->id, d);
87f0e418 3089 return 0;
d1fab3fe 3090 }
87f0e418 3091
f14d6810
MG		 3092 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3093 return 0;
3094
15ed3c3a
LP		 3095 /* Note that ordering a device unit after a unit is permitted since it allows to start its job
3096 * running timeout at a specific time. */
3097 if (FLAGS_SET(a, UNIT_ATOM_BEFORE) && other->type == UNIT_DEVICE) {
b862c257 3098 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
c80a9a33
LP		 3099 return 0;
3100 }
3101
15ed3c3a 3102 if (FLAGS_SET(a, UNIT_ATOM_ON_FAILURE) && !UNIT_VTABLE(u)->can_fail) {
c80a9a33
LP		 3103 log_unit_warning(u, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other->id, unit_type_to_string(u->type));
3104 return 0;
3105 }
3106
15ed3c3a 3107 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERS) && !UNIT_VTABLE(u)->can_trigger)
c80a9a33
LP		 3108 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3109 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(u->type));
15ed3c3a 3110 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERED_BY) && !UNIT_VTABLE(other)->can_trigger)
c80a9a33
LP		 3111 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3112 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(other->type));
3113
d219a2b0
LP		 3114 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && other->type != UNIT_SLICE)
3115 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3116 "Requested dependency Slice=%s refused (%s is not a slice unit).", other->id, other->id);
3117 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && u->type != UNIT_SLICE)
3118 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3119 "Requested dependency SliceOf=%s refused (%s is not a slice unit).", other->id, u->id);
3120
3121 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && !UNIT_HAS_CGROUP_CONTEXT(u))
3122 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3123 "Requested dependency Slice=%s refused (%s is not a cgroup unit).", other->id, u->id);
3124
3125 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && !UNIT_HAS_CGROUP_CONTEXT(other))
3126 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3127 "Requested dependency SliceOf=%s refused (%s is not a cgroup unit).", other->id, other->id);
3128
15ed3c3a 3129 r = unit_add_dependency_hashmap(&u->dependencies, d, other, mask, 0);
613b411c 3130 if (r < 0)
87f0e418 3131 return r;
ac17080c 3132 notify = r > 0;
87f0e418 3133
eef85c4a 3134 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
15ed3c3a 3135 r = unit_add_dependency_hashmap(&other->dependencies, inverse_table[d], u, 0, mask);
613b411c
LP		 3136 if (r < 0)
3137 return r;
ac17080c 3138 notify_other = r > 0;
613b411c
LP		 3139 }
3140
3141 if (add_reference) {
15ed3c3a 3142 r = unit_add_dependency_hashmap(&u->dependencies, UNIT_REFERENCES, other, mask, 0);
613b411c 3143 if (r < 0)
5de9682c 3144 return r;
ac17080c 3145 notify = notify || r > 0;
5de9682c 3146
15ed3c3a 3147 r = unit_add_dependency_hashmap(&other->dependencies, UNIT_REFERENCED_BY, u, 0, mask);
613b411c 3148 if (r < 0)
701cc384 3149 return r;
ac17080c 3150 notify_other = notify_other || r > 0;
613b411c 3151 }
87f0e418 3152
ac17080c 3153 if (notify)
5177cb0a 3154 unit_add_to_dbus_queue(u);
ac17080c
YW		 3155 if (notify_other)
3156 unit_add_to_dbus_queue(other);
15ed3c3a 3157
ac17080c 3158 return notify || notify_other;
87f0e418 3159}
0301abf4 3160
eef85c4a 3161int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
a8c5a4c6 3162 int r, s;
2c966c03
LP		 3163
3164 assert(u);
3165
eef85c4a 3166 r = unit_add_dependency(u, d, other, add_reference, mask);
3f3cc397 3167 if (r < 0)
2c966c03
LP		 3168 return r;
3169
a8c5a4c6
YW		 3170 s = unit_add_dependency(u, e, other, add_reference, mask);
3171 if (s < 0)
3172 return s;
3173
3174 return r > 0 || s > 0;
2c966c03
LP		 3175}
3176
23e8c796 3177static int resolve_template(Unit *u, const char *name, char **buf, const char **ret) {
7410616c 3178 int r;
9e2f7c11
LP		 3179
3180 assert(u);
23e8c796 3181 assert(name);
7410616c
LP		 3182 assert(buf);
3183 assert(ret);
9e2f7c11 3184
7410616c
LP		 3185 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
3186 *buf = NULL;
3187 *ret = name;
3188 return 0;
9e2f7c11
LP		 3189 }
3190
ac155bb8 3191 if (u->instance)
7410616c 3192 r = unit_name_replace_instance(name, u->instance, buf);
9e2f7c11 3193 else {
ae018d9b 3194 _cleanup_free_ char *i = NULL;
9e2f7c11 3195
7410616c
LP		 3196 r = unit_name_to_prefix(u->id, &i);
3197 if (r < 0)
3198 return r;
9e2f7c11 3199
7410616c 3200 r = unit_name_replace_instance(name, i, buf);
9e2f7c11 3201 }
7410616c
LP		 3202 if (r < 0)
3203 return r;
9e2f7c11 3204
7410616c
LP		 3205 *ret = *buf;
3206 return 0;
9e2f7c11
LP		 3207}
3208
35d8c19a 3209int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 3210 _cleanup_free_ char *buf = NULL;
09b6b09f
LP		 3211 Unit *other;
3212 int r;
3213
9e2f7c11 3214 assert(u);
35d8c19a 3215 assert(name);
09b6b09f 3216
23e8c796 3217 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 3218 if (r < 0)
3219 return r;
09b6b09f 3220
f14d6810
MG		 3221 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3222 return 0;
3223
35d8c19a 3224 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
8afbb8e1
LP		 3225 if (r < 0)
3226 return r;
9e2f7c11 3227
eef85c4a 3228 return unit_add_dependency(u, d, other, add_reference, mask);
09b6b09f
LP		 3229}
3230
5a724170 3231int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 3232 _cleanup_free_ char *buf = NULL;
2c966c03
LP		 3233 Unit *other;
3234 int r;
2c966c03
LP		 3235
3236 assert(u);
5a724170 3237 assert(name);
2c966c03 3238
23e8c796 3239 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 3240 if (r < 0)
3241 return r;
2c966c03 3242
f14d6810
MG		 3243 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3244 return 0;
3245
5a724170 3246 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3f3cc397 3247 if (r < 0)
68eda4bd 3248 return r;
2c966c03 3249
eef85c4a 3250 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2c966c03
LP		 3251}
3252
0301abf4 3253int set_unit_path(const char *p) {
0301abf4 3254 /* This is mostly for debug purposes */
7c248223 3255 return RET_NERRNO(setenv("SYSTEMD_UNIT_PATH", p, 1));
0301abf4 3256}
88066b3a 3257
ea430986 3258char *unit_dbus_path(Unit *u) {
ea430986
LP		 3259 assert(u);
3260
ac155bb8 3261 if (!u->id)
04ade7d2
LP		 3262 return NULL;
3263
48899192 3264 return unit_dbus_path_from_name(u->id);
ea430986
LP		 3265}
3266
4b58153d
LP		 3267char *unit_dbus_path_invocation_id(Unit *u) {
3268 assert(u);
3269
3270 if (sd_id128_is_null(u->invocation_id))
3271 return NULL;
3272
3273 return unit_dbus_path_from_name(u->invocation_id_string);
3274}
3275
2d3b784d 3276int unit_set_invocation_id(Unit *u, sd_id128_t id) {
db868d45
ZJS		 3277 int r;
3278
3279 assert(u);
3280
3281 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
3282
3283 if (sd_id128_equal(u->invocation_id, id))
3284 return 0;
3285
3286 if (!sd_id128_is_null(u->invocation_id))
3287 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
3288
3289 if (sd_id128_is_null(id)) {
3290 r = 0;
3291 goto reset;
3292 }
3293
3294 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
3295 if (r < 0)
3296 goto reset;
3297
3298 u->invocation_id = id;
3299 sd_id128_to_string(id, u->invocation_id_string);
3300
3301 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
3302 if (r < 0)
3303 goto reset;
3304
3305 return 0;
3306
3307reset:
3308 u->invocation_id = SD_ID128_NULL;
3309 u->invocation_id_string[0] = 0;
3310 return r;
3311}
3312
899acf5c 3313int unit_set_slice(Unit *u, Unit *slice) {
d219a2b0
LP		 3314 int r;
3315
d79200e2
LP		 3316 assert(u);
3317 assert(slice);
3318
d219a2b0
LP		 3319 /* Sets the unit slice if it has not been set before. Is extra careful, to only allow this for units
3320 * that actually have a cgroup context. Also, we don't allow to set this for slices (since the parent
3321 * slice is derived from the name). Make sure the unit we set is actually a slice. */
d79200e2
LP		 3322
3323 if (!UNIT_HAS_CGROUP_CONTEXT(u))
3324 return -EOPNOTSUPP;
3325
3326 if (u->type == UNIT_SLICE)
3327 return -EINVAL;
3328
102ef982
LP		 3329 if (unit_active_state(u) != UNIT_INACTIVE)
3330 return -EBUSY;
3331
d79200e2
LP		 3332 if (slice->type != UNIT_SLICE)
3333 return -EINVAL;
3334
efdb0237
LP		 3335 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3336 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3337 return -EPERM;
3338
12f64221 3339 if (UNIT_GET_SLICE(u) == slice)
d79200e2
LP		 3340 return 0;
3341
99e66921 3342 /* Disallow slice changes if @u is already bound to cgroups */
12f64221 3343 if (UNIT_GET_SLICE(u) && u->cgroup_realized)
d79200e2
LP		 3344 return -EBUSY;
3345
899acf5c
AZ		 3346 /* Remove any slices assigned prior; we should only have one UNIT_IN_SLICE dependency */
3347 if (UNIT_GET_SLICE(u))
3348 unit_remove_dependencies(u, UNIT_DEPENDENCY_SLICE_PROPERTY);
3349
3350 r = unit_add_dependency(u, UNIT_IN_SLICE, slice, true, UNIT_DEPENDENCY_SLICE_PROPERTY);
d219a2b0
LP		 3351 if (r < 0)
3352 return r;
3353
d79200e2
LP		 3354 return 1;
3355}
3356
3357int unit_set_default_slice(Unit *u) {
a8833944 3358 const char *slice_name;
a016b922
LP		 3359 Unit *slice;
3360 int r;
3361
3362 assert(u);
3363
f14d6810
MG		 3364 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3365 return 0;
3366
12f64221 3367 if (UNIT_GET_SLICE(u))
a016b922
LP		 3368 return 0;
3369
a8833944
LP		 3370 if (u->instance) {
3371 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
68eda4bd 3372
a8833944
LP		 3373 /* Implicitly place all instantiated units in their
3374 * own per-template slice */
3375
7410616c
LP		 3376 r = unit_name_to_prefix(u->id, &prefix);
3377 if (r < 0)
3378 return r;
a8833944
LP		 3379
3380 /* The prefix is already escaped, but it might include
3381 * "-" which has a special meaning for slice units,
3382 * hence escape it here extra. */
7410616c 3383 escaped = unit_name_escape(prefix);
a8833944
LP		 3384 if (!escaped)
3385 return -ENOMEM;
3386
463d0d15 3387 if (MANAGER_IS_SYSTEM(u->manager))
00e7b3c8 3388 slice_name = strjoina("system-", escaped, ".slice");
a8833944 3389 else
7f3b86a4 3390 slice_name = strjoina("app-", escaped, ".slice");
5ee24fa0
ZJS		 3391
3392 } else if (unit_is_extrinsic(u))
3393 /* Keep all extrinsic units (e.g. perpetual units and swap and mount units in user mode) in
3394 * the root slice. They don't really belong in one of the subslices. */
3395 slice_name = SPECIAL_ROOT_SLICE;
3396
3397 else if (MANAGER_IS_SYSTEM(u->manager))
3398 slice_name = SPECIAL_SYSTEM_SLICE;
3399 else
3400 slice_name = SPECIAL_APP_SLICE;
a8833944
LP		 3401
3402 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
a016b922
LP		 3403 if (r < 0)
3404 return r;
3405
899acf5c 3406 return unit_set_slice(u, slice);
a016b922
LP		 3407}
3408
9444b1f2 3409const char *unit_slice_name(Unit *u) {
12f64221 3410 Unit *slice;
9444b1f2
LP		 3411 assert(u);
3412
12f64221
LP		 3413 slice = UNIT_GET_SLICE(u);
3414 if (!slice)
9444b1f2
LP		 3415 return NULL;
3416
12f64221 3417 return slice->id;
9444b1f2
LP		 3418}
3419
f6ff8c29 3420int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
78edb35a 3421 _cleanup_free_ char *t = NULL;
f6ff8c29
LP		 3422 int r;
3423
3424 assert(u);
3425 assert(type);
3426 assert(_found);
3427
7410616c
LP		 3428 r = unit_name_change_suffix(u->id, type, &t);
3429 if (r < 0)
3430 return r;
3431 if (unit_has_name(u, t))
3432 return -EINVAL;
f6ff8c29 3433
ac155bb8 3434 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
9e2f7c11 3435 assert(r < 0 || *_found != u);
f6ff8c29
LP		 3436 return r;
3437}
3438
bbc29086 3439static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
fc67a943 3440 const char *new_owner;
99534007 3441 Unit *u = ASSERT_PTR(userdata);
bbc29086
DM		 3442 int r;
3443
3444 assert(message);
bbc29086 3445
fc67a943 3446 r = sd_bus_message_read(message, "sss", NULL, NULL, &new_owner);
bbc29086
DM		 3447 if (r < 0) {
3448 bus_log_parse_error(r);
3449 return 0;
3450 }
3451
3452 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3453 UNIT_VTABLE(u)->bus_name_owner_change(u, empty_to_null(new_owner));
a5a8776a
MJ		 3454
3455 return 0;
3456}
3457
3458static int get_name_owner_handler(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3459 const sd_bus_error *e;
3460 const char *new_owner;
99534007 3461 Unit *u = ASSERT_PTR(userdata);
a5a8776a
MJ		 3462 int r;
3463
3464 assert(message);
a5a8776a
MJ		 3465
3466 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3467
a5a8776a 3468 e = sd_bus_message_get_error(message);
a5a8776a 3469 if (e) {
33322185
YW		 3470 if (!sd_bus_error_has_name(e, "org.freedesktop.DBus.Error.NameHasNoOwner")) {
3471 r = sd_bus_error_get_errno(e);
3472 log_unit_error_errno(u, r,
3473 "Unexpected error response from GetNameOwner(): %s",
3474 bus_error_message(e, r));
3475 }
a5a8776a 3476
fc67a943
LP		 3477 new_owner = NULL;
3478 } else {
3479 r = sd_bus_message_read(message, "s", &new_owner);
3480 if (r < 0)
3481 return bus_log_parse_error(r);
a5a8776a 3482
fc67a943
LP		 3483 assert(!isempty(new_owner));
3484 }
a5a8776a
MJ		 3485
3486 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3487 UNIT_VTABLE(u)->bus_name_owner_change(u, new_owner);
bbc29086
DM		 3488
3489 return 0;
3490}
3491
9806e87d
LP		 3492int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3493 const char *match;
a5b07847 3494 int r;
bbc29086 3495
9806e87d
LP		 3496 assert(u);
3497 assert(bus);
3498 assert(name);
bbc29086 3499
a5b07847 3500 if (u->match_bus_slot || u->get_name_owner_slot)
bbc29086
DM		 3501 return -EBUSY;
3502
9806e87d 3503 match = strjoina("type='signal',"
81d62103
ZJS		 3504 "sender='org.freedesktop.DBus',"
3505 "path='/org/freedesktop/DBus',"
3506 "interface='org.freedesktop.DBus',"
3507 "member='NameOwnerChanged',"
3508 "arg0='", name, "'");
bbc29086 3509
a5b07847 3510 r = sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
a5a8776a
MJ		 3511 if (r < 0)
3512 return r;
3513
a5b07847
LP		 3514 r = sd_bus_call_method_async(
3515 bus,
3516 &u->get_name_owner_slot,
3517 "org.freedesktop.DBus",
3518 "/org/freedesktop/DBus",
3519 "org.freedesktop.DBus",
3520 "GetNameOwner",
3521 get_name_owner_handler,
3522 u,
3523 "s", name);
3524 if (r < 0) {
3525 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3526 return r;
3527 }
3528
3529 log_unit_debug(u, "Watching D-Bus name '%s'.", name);
3530 return 0;
bbc29086
DM		 3531}
3532
05e343b7 3533int unit_watch_bus_name(Unit *u, const char *name) {
bbc29086
DM		 3534 int r;
3535
05e343b7
LP		 3536 assert(u);
3537 assert(name);
3538
3539 /* Watch a specific name on the bus. We only support one unit
3540 * watching each name for now. */
3541
bbc29086
DM		 3542 if (u->manager->api_bus) {
3543 /* If the bus is already available, install the match directly.
3544 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
9806e87d 3545 r = unit_install_bus_match(u, u->manager->api_bus, name);
bbc29086 3546 if (r < 0)
8ea823b6 3547 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
bbc29086
DM		 3548 }
3549
3550 r = hashmap_put(u->manager->watch_bus, name, u);
3551 if (r < 0) {
3552 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5b07847 3553 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
bbc29086
DM		 3554 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3555 }
3556
3557 return 0;
05e343b7
LP		 3558}
3559
3560void unit_unwatch_bus_name(Unit *u, const char *name) {
3561 assert(u);
3562 assert(name);
3563
8367fea5 3564 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
bbc29086 3565 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5a8776a 3566 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
05e343b7
LP		 3567}
3568
d336ba9f 3569int unit_add_node_dependency(Unit *u, const char *what, UnitDependency dep, UnitDependencyMask mask) {
68eda4bd 3570 _cleanup_free_ char *e = NULL;
44b0d1fd 3571 Unit *device;
6e2ef85b
LP		 3572 int r;
3573
3574 assert(u);
3575
6e2ef85b 3576 /* Adds in links to the device node that this unit is based on */
47bc12e1
LP		 3577 if (isempty(what))
3578 return 0;
6e2ef85b 3579
8407a5d0 3580 if (!is_device_path(what))
6e2ef85b
LP		 3581 return 0;
3582
44b0d1fd 3583 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
1c2e9646 3584 if (!unit_type_supported(UNIT_DEVICE))
47bc12e1
LP		 3585 return 0;
3586
7410616c
LP		 3587 r = unit_name_from_path(what, ".device", &e);
3588 if (r < 0)
3589 return r;
6e2ef85b 3590
ac155bb8 3591 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
6e2ef85b
LP		 3592 if (r < 0)
3593 return r;
3594
ebc8968b
FB		 3595 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3596 dep = UNIT_BINDS_TO;
3597
d336ba9f
FB		 3598 return unit_add_two_dependencies(u, UNIT_AFTER,
3599 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3600 device, true, mask);
6e2ef85b 3601}
a16e1123 3602
44b0d1fd
LP		 3603int unit_add_blockdev_dependency(Unit *u, const char *what, UnitDependencyMask mask) {
3604 _cleanup_free_ char *escaped = NULL, *target = NULL;
3605 int r;
3606
3607 assert(u);
3608
3609 if (isempty(what))
3610 return 0;
3611
3612 if (!path_startswith(what, "/dev/"))
3613 return 0;
3614
3615 /* If we don't support devices, then also don't bother with blockdev@.target */
3616 if (!unit_type_supported(UNIT_DEVICE))
3617 return 0;
3618
3619 r = unit_name_path_escape(what, &escaped);
3620 if (r < 0)
3621 return r;
3622
3623 r = unit_name_build("blockdev", escaped, ".target", &target);
3624 if (r < 0)
3625 return r;
3626
3627 return unit_add_dependency_by_name(u, UNIT_AFTER, target, true, mask);
3628}
3629
be847e82 3630int unit_coldplug(Unit *u) {
05a98afd 3631 int r = 0, q;
cca098b0
LP		 3632
3633 assert(u);
3634
f0831ed2 3635 /* Make sure we don't enter a loop, when coldplugging recursively. */
f78f265f
LP		 3636 if (u->coldplugged)
3637 return 0;
3638
3639 u->coldplugged = true;
3640
05a98afd
LP		 3641 STRV_FOREACH(i, u->deserialized_refs) {
3642 q = bus_unit_track_add_name(u, *i);
3643 if (q < 0 && r >= 0)
3644 r = q;
3645 }
3646 u->deserialized_refs = strv_free(u->deserialized_refs);
cca098b0 3647
05a98afd
LP		 3648 if (UNIT_VTABLE(u)->coldplug) {
3649 q = UNIT_VTABLE(u)->coldplug(u);
3650 if (q < 0 && r >= 0)
3651 r = q;
3652 }
5a6158b6 3653
7dbd330c
GL		 3654 if (u->job) {
3655 q = job_coldplug(u->job);
3656 if (q < 0 && r >= 0)
3657 r = q;
3658 }
3659 if (u->nop_job) {
3660 q = job_coldplug(u->nop_job);
05a98afd
LP		 3661 if (q < 0 && r >= 0)
3662 r = q;
3663 }
cca098b0 3664
05a98afd 3665 return r;
cca098b0
LP		 3666}
3667
f0831ed2
LP		 3668void unit_catchup(Unit *u) {
3669 assert(u);
3670
3671 if (UNIT_VTABLE(u)->catchup)
3672 UNIT_VTABLE(u)->catchup(u);
869f52f2
DS		 3673
3674 unit_cgroup_catchup(u);
f0831ed2
LP		 3675}
3676
ba25d39e 3677static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
21b95806
ZJS		 3678 struct stat st;
3679
3680 if (!path)
3681 return false;
3682
77969722
LP		 3683 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3684 * are never out-of-date. */
3685 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3686 return false;
3687
21b95806
ZJS		 3688 if (stat(path, &st) < 0)
3689 /* What, cannot access this anymore? */
3690 return true;
3691
ba25d39e
ZJS		 3692 if (path_masked)
3693 /* For masked files check if they are still so */
3694 return !null_or_empty(&st);
3695 else
3a8db9fe 3696 /* For non-empty files check the mtime */
87ec20ef 3697 return timespec_load(&st.st_mtim) > mtime;
21b95806
ZJS		 3698
3699 return false;
3700}
3701
45fb0699 3702bool unit_need_daemon_reload(Unit *u) {
ae7a7182 3703 _cleanup_strv_free_ char **t = NULL;
1b64d026 3704
45fb0699
LP		 3705 assert(u);
3706
ba25d39e
ZJS		 3707 /* For unit files, we allow masking… */
3708 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3709 u->load_state == UNIT_MASKED))
21b95806 3710 return true;
5f4b19f4 3711
ba25d39e
ZJS		 3712 /* Source paths should not be masked… */
3713 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
ab932a62 3714 return true;
ae7a7182 3715
19a44dfe
LR		 3716 if (u->load_state == UNIT_LOADED)
3717 (void) unit_find_dropin_paths(u, &t);
ab932a62
LP		 3718 if (!strv_equal(u->dropin_paths, t))
3719 return true;
6d10d308 3720
ba25d39e 3721 /* … any drop-ins that are masked are simply omitted from the list. */
ab932a62 3722 STRV_FOREACH(path, u->dropin_paths)
ba25d39e 3723 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
ab932a62 3724 return true;
21b95806 3725
ab932a62 3726 return false;
45fb0699
LP		 3727}
3728
fdf20a31 3729void unit_reset_failed(Unit *u) {
5632e374
LP		 3730 assert(u);
3731
fdf20a31
MM		 3732 if (UNIT_VTABLE(u)->reset_failed)
3733 UNIT_VTABLE(u)->reset_failed(u);
6bf0f408 3734
7bf081a1 3735 ratelimit_reset(&u->start_ratelimit);
6bf0f408 3736 u->start_limit_hit = false;
5632e374
LP		 3737}
3738
a7f241db
LP		 3739Unit *unit_following(Unit *u) {
3740 assert(u);
3741
3742 if (UNIT_VTABLE(u)->following)
3743 return UNIT_VTABLE(u)->following(u);
3744
3745 return NULL;
3746}
3747
31afa0a4 3748bool unit_stop_pending(Unit *u) {
18ffdfda
LP		 3749 assert(u);
3750
31afa0a4
LP		 3751 /* This call does check the current state of the unit. It's
3752 * hence useful to be called from state change calls of the
3753 * unit itself, where the state isn't updated yet. This is
3754 * different from unit_inactive_or_pending() which checks both
3755 * the current state and for a queued job. */
18ffdfda 3756
28a2dfe8 3757 return unit_has_job_type(u, JOB_STOP);
31afa0a4
LP		 3758}
3759
3760bool unit_inactive_or_pending(Unit *u) {
3761 assert(u);
3762
3763 /* Returns true if the unit is inactive or going down */
18ffdfda 3764
d956ac29
LP		 3765 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3766 return true;
3767
31afa0a4 3768 if (unit_stop_pending(u))
18ffdfda
LP		 3769 return true;
3770
3771 return false;
3772}
3773
31afa0a4 3774bool unit_active_or_pending(Unit *u) {
f976f3f6
LP		 3775 assert(u);
3776
f60c2665 3777 /* Returns true if the unit is active or going up */
f976f3f6
LP		 3778
3779 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3780 return true;
3781
ac155bb8 3782 if (u->job &&
3742095b 3783 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
f976f3f6
LP		 3784 return true;
3785
3786 return false;
3787}
3788
52a12341
YW		 3789bool unit_will_restart_default(Unit *u) {
3790 assert(u);
3791
28a2dfe8 3792 return unit_has_job_type(u, JOB_START);
52a12341
YW		 3793}
3794
deb4e708
MK		 3795bool unit_will_restart(Unit *u) {
3796 assert(u);
3797
3798 if (!UNIT_VTABLE(u)->will_restart)
3799 return false;
3800
3801 return UNIT_VTABLE(u)->will_restart(u);
3802}
3803
718db961 3804int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
8a0867d6
LP		 3805 assert(u);
3806 assert(w >= 0 && w < _KILL_WHO_MAX);
6eb7c172 3807 assert(SIGNAL_VALID(signo));
8a0867d6 3808
8a0867d6 3809 if (!UNIT_VTABLE(u)->kill)
15411c0c 3810 return -EOPNOTSUPP;
8a0867d6 3811
c74f17d9 3812 return UNIT_VTABLE(u)->kill(u, w, signo, error);
8a0867d6
LP		 3813}
3814
38c41427
NK		 3815void unit_notify_cgroup_oom(Unit *u, bool managed_oom) {
3816 assert(u);
3817
3818 if (UNIT_VTABLE(u)->notify_cgroup_oom)
3819 UNIT_VTABLE(u)->notify_cgroup_oom(u, managed_oom);
3820}
3821
82659fd7 3822static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
af4fa99d 3823 _cleanup_set_free_ Set *pid_set = NULL;
82659fd7
LP		 3824 int r;
3825
d5099efc 3826 pid_set = set_new(NULL);
82659fd7
LP		 3827 if (!pid_set)
3828 return NULL;
3829
3830 /* Exclude the main/control pids from being killed via the cgroup */
3831 if (main_pid > 0) {
fea72cc0 3832 r = set_put(pid_set, PID_TO_PTR(main_pid));
82659fd7 3833 if (r < 0)
95f14a3e 3834 return NULL;
82659fd7
LP		 3835 }
3836
3837 if (control_pid > 0) {
fea72cc0 3838 r = set_put(pid_set, PID_TO_PTR(control_pid));
82659fd7 3839 if (r < 0)
95f14a3e 3840 return NULL;
82659fd7
LP		 3841 }
3842
95f14a3e 3843 return TAKE_PTR(pid_set);
82659fd7
LP		 3844}
3845
d9911002
LP		 3846static int kill_common_log(pid_t pid, int signo, void *userdata) {
3847 _cleanup_free_ char *comm = NULL;
99534007 3848 Unit *u = ASSERT_PTR(userdata);
d9911002
LP		 3849
3850 (void) get_process_comm(pid, &comm);
3851 log_unit_info(u, "Sending signal SIG%s to process " PID_FMT " (%s) on client request.",
3852 signal_to_string(signo), pid, strna(comm));
3853
3854 return 1;
3855}
3856
d91c34f2
LP		 3857int unit_kill_common(
3858 Unit *u,
3859 KillWho who,
3860 int signo,
3861 pid_t main_pid,
3862 pid_t control_pid,
718db961 3863 sd_bus_error *error) {
d91c34f2 3864
814cc562 3865 int r = 0;
ac5e3a50 3866 bool killed = false;
814cc562 3867
8aff7ac4
LP		 3868 /* This is the common implementation for explicit user-requested killing of unit processes, shared by
3869 * various unit types. Do not confuse with unit_kill_context(), which is what we use when we want to
3870 * stop a service ourselves. */
3871
ac5e3a50 3872 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
814cc562 3873 if (main_pid < 0)
7358dc02 3874 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
8aff7ac4 3875 if (main_pid == 0)
7358dc02 3876 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
814cc562
MS		 3877 }
3878
ac5e3a50 3879 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
814cc562 3880 if (control_pid < 0)
7358dc02 3881 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
8aff7ac4 3882 if (control_pid == 0)
7358dc02 3883 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
814cc562
MS		 3884 }
3885
ac5e3a50
JS		 3886 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
3887 if (control_pid > 0) {
d9911002
LP		 3888 _cleanup_free_ char *comm = NULL;
3889 (void) get_process_comm(control_pid, &comm);
3890
3891 if (kill(control_pid, signo) < 0) {
3892 /* Report this failure both to the logs and to the client */
3893 sd_bus_error_set_errnof(
3894 error, errno,
3895 "Failed to send signal SIG%s to control process " PID_FMT " (%s): %m",
3896 signal_to_string(signo), control_pid, strna(comm));
3897 r = log_unit_warning_errno(
3898 u, errno,
3899 "Failed to send signal SIG%s to control process " PID_FMT " (%s) on client request: %m",
3900 signal_to_string(signo), control_pid, strna(comm));
3901 } else {
3902 log_unit_info(u, "Sent signal SIG%s to control process " PID_FMT " (%s) on client request.",
3903 signal_to_string(signo), control_pid, strna(comm));
ac5e3a50 3904 killed = true;
d9911002 3905 }
ac5e3a50 3906 }
814cc562 3907
ac5e3a50
JS		 3908 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
3909 if (main_pid > 0) {
d9911002
LP		 3910 _cleanup_free_ char *comm = NULL;
3911 (void) get_process_comm(main_pid, &comm);
3912
3913 if (kill(main_pid, signo) < 0) {
3914 if (r == 0)
3915 sd_bus_error_set_errnof(
3916 error, errno,
3917 "Failed to send signal SIG%s to main process " PID_FMT " (%s): %m",
3918 signal_to_string(signo), main_pid, strna(comm));
3919
3920 r = log_unit_warning_errno(
3921 u, errno,
3922 "Failed to send signal SIG%s to main process " PID_FMT " (%s) on client request: %m",
3923 signal_to_string(signo), main_pid, strna(comm));
3924 } else {
3925 log_unit_info(u, "Sent signal SIG%s to main process " PID_FMT " (%s) on client request.",
3926 signal_to_string(signo), main_pid, strna(comm));
ac5e3a50 3927 killed = true;
d9911002 3928 }
ac5e3a50 3929 }
814cc562 3930
ac5e3a50 3931 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
814cc562
MS		 3932 _cleanup_set_free_ Set *pid_set = NULL;
3933 int q;
3934
82659fd7
LP		 3935 /* Exclude the main/control pids from being killed via the cgroup */
3936 pid_set = unit_pid_set(main_pid, control_pid);
814cc562 3937 if (!pid_set)
d9911002
LP		 3938 return log_oom();
3939
3940 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, kill_common_log, u);
3941 if (q < 0) {
3942 if (!IN_SET(q, -ESRCH, -ENOENT)) {
3943 if (r == 0)
3944 sd_bus_error_set_errnof(
3945 error, q,
3946 "Failed to send signal SIG%s to auxiliary processes: %m",
3947 signal_to_string(signo));
3948
3949 r = log_unit_warning_errno(
3950 u, q,
3951 "Failed to send signal SIG%s to auxiliary processes on client request: %m",
3952 signal_to_string(signo));
3953 }
3954 } else
ac5e3a50 3955 killed = true;
814cc562
MS		 3956 }
3957
2ae0508e
LP		 3958 /* If the "fail" versions of the operation are requested, then complain if the set of processes we killed is empty */
3959 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL, KILL_MAIN_FAIL))
3960 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No matching processes to kill");
ac5e3a50 3961
814cc562
MS		 3962 return r;
3963}
3964
6210e7fc
LP		 3965int unit_following_set(Unit *u, Set **s) {
3966 assert(u);
3967 assert(s);
3968
3969 if (UNIT_VTABLE(u)->following_set)
3970 return UNIT_VTABLE(u)->following_set(u, s);
3971
3972 *s = NULL;
3973 return 0;
3974}
3975
a4375746 3976UnitFileState unit_get_unit_file_state(Unit *u) {
0ec0deaa
LP		 3977 int r;
3978
a4375746
LP		 3979 assert(u);
3980
0ec0deaa
LP		 3981 if (u->unit_file_state < 0 && u->fragment_path) {
3982 r = unit_file_get_state(
463d0d15 3983 u->manager->unit_file_scope,
0ec0deaa 3984 NULL,
9ea3a0e7 3985 u->id,
0ec0deaa
LP		 3986 &u->unit_file_state);
3987 if (r < 0)
3988 u->unit_file_state = UNIT_FILE_BAD;
3989 }
a4375746 3990
ac155bb8 3991 return u->unit_file_state;
a4375746
LP		 3992}
3993
d2dc52db
LP		 3994int unit_get_unit_file_preset(Unit *u) {
3995 assert(u);
3996
3997 if (u->unit_file_preset < 0 && u->fragment_path)
3998 u->unit_file_preset = unit_file_query_preset(
463d0d15 3999 u->manager->unit_file_scope,
0ec0deaa 4000 NULL,
8f7b2566
ZJS		 4001 basename(u->fragment_path),
4002 NULL);
d2dc52db
LP		 4003
4004 return u->unit_file_preset;
4005}
4006
7f7d01ed 4007Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
57020a3a 4008 assert(ref);
7f7d01ed
ZJS		 4009 assert(source);
4010 assert(target);
57020a3a 4011
7f7d01ed 4012 if (ref->target)
57020a3a
LP		 4013 unit_ref_unset(ref);
4014
7f7d01ed
ZJS		 4015 ref->source = source;
4016 ref->target = target;
4017 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
4018 return target;
57020a3a
LP		 4019}
4020
4021void unit_ref_unset(UnitRef *ref) {
4022 assert(ref);
4023
7f7d01ed 4024 if (!ref->target)
57020a3a
LP		 4025 return;
4026
b75102e5
LP		 4027 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4028 * be unreferenced now. */
7f7d01ed 4029 unit_add_to_gc_queue(ref->target);
b75102e5 4030
7f7d01ed
ZJS		 4031 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
4032 ref->source = ref->target = NULL;
57020a3a
LP		 4033}
4034
29206d46
LP		 4035static int user_from_unit_name(Unit *u, char **ret) {
4036
4037 static const uint8_t hash_key[] = {
4038 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4039 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4040 };
4041
4042 _cleanup_free_ char *n = NULL;
4043 int r;
4044
4045 r = unit_name_to_prefix(u->id, &n);
4046 if (r < 0)
4047 return r;
4048
7a8867ab 4049 if (valid_user_group_name(n, 0)) {
ae2a15bc 4050 *ret = TAKE_PTR(n);
29206d46
LP		 4051 return 0;
4052 }
4053
4054 /* If we can't use the unit name as a user name, then let's hash it and use that */
4055 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4056 return -ENOMEM;
4057
4058 return 0;
4059}
4060
598459ce
LP		 4061int unit_patch_contexts(Unit *u) {
4062 CGroupContext *cc;
4063 ExecContext *ec;
cba6e062
LP		 4064 int r;
4065
e06c73cc 4066 assert(u);
e06c73cc 4067
598459ce
LP		 4068 /* Patch in the manager defaults into the exec and cgroup
4069 * contexts, _after_ the rest of the settings have been
4070 * initialized */
085afe36 4071
598459ce
LP		 4072 ec = unit_get_exec_context(u);
4073 if (ec) {
4074 /* This only copies in the ones that need memory */
12375b95 4075 for (unsigned i = 0; i < _RLIMIT_MAX; i++)
598459ce
LP		 4076 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4077 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4078 if (!ec->rlimit[i])
4079 return -ENOMEM;
4080 }
4081
463d0d15 4082 if (MANAGER_IS_USER(u->manager) &&
598459ce
LP		 4083 !ec->working_directory) {
4084
4085 r = get_home_dir(&ec->working_directory);
4086 if (r < 0)
4087 return r;
4c08c824
LP		 4088
4089 /* Allow user services to run, even if the
4090 * home directory is missing */
4091 ec->working_directory_missing_ok = true;
cba6e062
LP		 4092 }
4093
598459ce 4094 if (ec->private_devices)
2cd0a735 4095 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
502d704e
DH		 4096
4097 if (ec->protect_kernel_modules)
4098 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
29206d46 4099
84703040
KK		 4100 if (ec->protect_kernel_logs)
4101 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYSLOG);
4102
fc64760d
KK		 4103 if (ec->protect_clock)
4104 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_SYS_TIME) | (UINT64_C(1) << CAP_WAKE_ALARM));
4105
29206d46
LP		 4106 if (ec->dynamic_user) {
4107 if (!ec->user) {
4108 r = user_from_unit_name(u, &ec->user);
4109 if (r < 0)
4110 return r;
4111 }
4112
4113 if (!ec->group) {
4114 ec->group = strdup(ec->user);
4115 if (!ec->group)
4116 return -ENOMEM;
4117 }
4118
bf65b7e0
LP		 4119 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4120 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4121 * sandbox. */
63bb64a0 4122
29206d46 4123 ec->private_tmp = true;
00d9ef85 4124 ec->remove_ipc = true;
63bb64a0
LP		 4125 ec->protect_system = PROTECT_SYSTEM_STRICT;
4126 if (ec->protect_home == PROTECT_HOME_NO)
4127 ec->protect_home = PROTECT_HOME_READ_ONLY;
bf65b7e0
LP		 4128
4129 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4130 * them. */
4131 ec->no_new_privileges = true;
4132 ec->restrict_suid_sgid = true;
29206d46 4133 }
a2ab603c
YW		 4134
4135 for (ExecDirectoryType dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++)
4136 exec_directory_sort(ec->directories + dt);
cba6e062
LP		 4137 }
4138
598459ce 4139 cc = unit_get_cgroup_context(u);
fe65e88b 4140 if (cc && ec) {
f513e420 4141
fe65e88b 4142 if (ec->private_devices &&
084870f9
ZJS		 4143 cc->device_policy == CGROUP_DEVICE_POLICY_AUTO)
4144 cc->device_policy = CGROUP_DEVICE_POLICY_CLOSED;
fe65e88b 4145
64903d18 4146 if ((ec->root_image || ec->mount_images) &&
084870f9 4147 (cc->device_policy != CGROUP_DEVICE_POLICY_AUTO || cc->device_allow)) {
fe65e88b 4148
b3d13314 4149 /* When RootImage= or MountImages= is specified, the following devices are touched. */
0cffae95
LB		 4150 FOREACH_STRING(p, "/dev/loop-control", "/dev/mapper/control") {
4151 r = cgroup_add_device_allow(cc, p, "rw");
4152 if (r < 0)
4153 return r;
4154 }
4155 FOREACH_STRING(p, "block-loop", "block-blkext", "block-device-mapper") {
4156 r = cgroup_add_device_allow(cc, p, "rwm");
4157 if (r < 0)
4158 return r;
4159 }
867af728 4160
0cffae95
LB		 4161 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices.
4162 * Same for mapper and verity. */
4163 FOREACH_STRING(p, "modprobe@loop.service", "modprobe@dm_mod.service", "modprobe@dm_verity.service") {
4164 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, p, true, UNIT_DEPENDENCY_FILE);
4165 if (r < 0)
4166 return r;
4167 }
fe65e88b 4168 }
fc64760d
KK		 4169
4170 if (ec->protect_clock) {
4171 r = cgroup_add_device_allow(cc, "char-rtc", "r");
4172 if (r < 0)
4173 return r;
4174 }
598459ce 4175 }
f1660f96 4176
cba6e062 4177 return 0;
e06c73cc
LP		 4178}
4179
c2503e35 4180ExecContext *unit_get_exec_context(const Unit *u) {
3ef63c31
LP		 4181 size_t offset;
4182 assert(u);
4183
598459ce
LP		 4184 if (u->type < 0)
4185 return NULL;
4186
3ef63c31
LP		 4187 offset = UNIT_VTABLE(u)->exec_context_offset;
4188 if (offset <= 0)
4189 return NULL;
4190
4191 return (ExecContext*) ((uint8_t*) u + offset);
4192}
4193
718db961
LP		 4194KillContext *unit_get_kill_context(Unit *u) {
4195 size_t offset;
4196 assert(u);
4197
598459ce
LP		 4198 if (u->type < 0)
4199 return NULL;
4200
718db961
LP		 4201 offset = UNIT_VTABLE(u)->kill_context_offset;
4202 if (offset <= 0)
4203 return NULL;
4204
4205 return (KillContext*) ((uint8_t*) u + offset);
4206}
4207
4ad49000
LP		 4208CGroupContext *unit_get_cgroup_context(Unit *u) {
4209 size_t offset;
4210
598459ce
LP		 4211 if (u->type < 0)
4212 return NULL;
4213
4ad49000
LP		 4214 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4215 if (offset <= 0)
4216 return NULL;
4217
4218 return (CGroupContext*) ((uint8_t*) u + offset);
4219}
4220
613b411c
LP		 4221ExecRuntime *unit_get_exec_runtime(Unit *u) {
4222 size_t offset;
4223
598459ce
LP		 4224 if (u->type < 0)
4225 return NULL;
4226
613b411c
LP		 4227 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4228 if (offset <= 0)
4229 return NULL;
4230
4231 return *(ExecRuntime**) ((uint8_t*) u + offset);
4232}
4233
2e59b241 4234static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
3f5e8115
LP		 4235 assert(u);
4236
2e59b241 4237 if (UNIT_WRITE_FLAGS_NOOP(flags))
4f4afc88
LP		 4238 return NULL;
4239
39591351
LP		 4240 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4241 return u->manager->lookup_paths.transient;
26d04f86 4242
2e59b241 4243 if (flags & UNIT_PERSISTENT)
4f4afc88 4244 return u->manager->lookup_paths.persistent_control;
26d04f86 4245
2e59b241
LP		 4246 if (flags & UNIT_RUNTIME)
4247 return u->manager->lookup_paths.runtime_control;
4248
39591351 4249 return NULL;
71645aca
LP		 4250}
4251
2e59b241 4252char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
24536beb
ZJS		 4253 assert(!FLAGS_SET(flags, UNIT_ESCAPE_EXEC_SYNTAX | UNIT_ESCAPE_C));
4254
4255 _cleanup_free_ char *t = NULL;
2e59b241
LP		 4256
4257 if (!s)
4258 return NULL;
4259
24536beb
ZJS		 4260 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the
4261 * allocated return buffer pointer is also written to *buf, except if no escaping was necessary, in
4262 * which case *buf is set to NULL, and the input pointer is returned as-is. This means the return
4263 * value always contains a properly escaped version, but *buf when passed only contains a pointer if
4264 * an allocation was necessary. If *buf is not specified, then the return value always needs to be
4265 * freed. Callers can use this to optimize memory allocations. */
2e59b241
LP		 4266
4267 if (flags & UNIT_ESCAPE_SPECIFIERS) {
24536beb
ZJS		 4268 t = specifier_escape(s);
4269 if (!t)
2e59b241
LP		 4270 return NULL;
4271
24536beb 4272 s = t;
2e59b241
LP		 4273 }
4274
24536beb
ZJS		 4275 /* We either do c-escaping or shell-escaping, to additionally escape characters that we parse for
4276 * ExecStart= and friend, i.e. '$' and ';' and quotes. */
4277
4278 if (flags & UNIT_ESCAPE_EXEC_SYNTAX) {
4279 char *t2 = shell_escape(s, "$;'\"");
4280 if (!t2)
4281 return NULL;
4282 free_and_replace(t, t2);
4283
4284 s = t;
2e59b241 4285
24536beb
ZJS		 4286 } else if (flags & UNIT_ESCAPE_C) {
4287 char *t2 = cescape(s);
4288 if (!t2)
2e59b241 4289 return NULL;
24536beb 4290 free_and_replace(t, t2);
2e59b241 4291
24536beb 4292 s = t;
2e59b241
LP		 4293 }
4294
4295 if (buf) {
24536beb
ZJS		 4296 *buf = TAKE_PTR(t);
4297 return (char*) s;
2e59b241
LP		 4298 }
4299
24536beb 4300 return TAKE_PTR(t) ?: strdup(s);
2e59b241
LP		 4301}
4302
4303char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4304 _cleanup_free_ char *result = NULL;
319a4f4b 4305 size_t n = 0;
2e59b241 4306
24536beb
ZJS		 4307 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command
4308 * lines in a way suitable for ExecStart= stanzas. */
2e59b241
LP		 4309
4310 STRV_FOREACH(i, l) {
4311 _cleanup_free_ char *buf = NULL;
4312 const char *p;
4313 size_t a;
4314 char *q;
4315
4316 p = unit_escape_setting(*i, flags, &buf);
4317 if (!p)
4318 return NULL;
4319
4320 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
319a4f4b 4321 if (!GREEDY_REALLOC(result, n + a + 1))
2e59b241
LP		 4322 return NULL;
4323
4324 q = result + n;
4325 if (n > 0)
4326 *(q++) = ' ';
4327
4328 *(q++) = '"';
4329 q = stpcpy(q, p);
4330 *(q++) = '"';
4331
4332 n += a;
4333 }
4334
319a4f4b 4335 if (!GREEDY_REALLOC(result, n + 1))
2e59b241
LP		 4336 return NULL;
4337
4338 result[n] = 0;
4339
ae2a15bc 4340 return TAKE_PTR(result);
2e59b241
LP		 4341}
4342
4343int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4344 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
2a9a6f8a 4345 const char *dir, *wrapped;
26d04f86 4346 int r;
71645aca
LP		 4347
4348 assert(u);
2e59b241
LP		 4349 assert(name);
4350 assert(data);
4351
4352 if (UNIT_WRITE_FLAGS_NOOP(flags))
4353 return 0;
4354
4355 data = unit_escape_setting(data, flags, &escaped);
4356 if (!data)
4357 return -ENOMEM;
4358
4359 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4360 * previous section header is the same */
4361
4362 if (flags & UNIT_PRIVATE) {
4363 if (!UNIT_VTABLE(u)->private_section)
4364 return -EINVAL;
4365
4366 if (!u->transient_file || u->last_section_private < 0)
4367 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4368 else if (u->last_section_private == 0)
4369 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4370 } else {
4371 if (!u->transient_file || u->last_section_private < 0)
4372 data = strjoina("[Unit]\n", data);
4373 else if (u->last_section_private > 0)
4374 data = strjoina("\n[Unit]\n", data);
4375 }
71645aca 4376
4f4afc88
LP		 4377 if (u->transient_file) {
4378 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4379 * write to the transient unit file. */
4380 fputs(data, u->transient_file);
4f4afc88 4381
2e59b241
LP		 4382 if (!endswith(data, "\n"))
4383 fputc('\n', u->transient_file);
4384
4385 /* Remember which section we wrote this entry to */
4386 u->last_section_private = !!(flags & UNIT_PRIVATE);
8e2af478 4387 return 0;
2e59b241 4388 }
8e2af478 4389
2e59b241 4390 dir = unit_drop_in_dir(u, flags);
39591351
LP		 4391 if (!dir)
4392 return -EINVAL;
71645aca 4393
2a9a6f8a 4394 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
3f71dec5 4395 "# or an equivalent operation. Do not edit.\n",
2a9a6f8a
ZJS		 4396 data,
4397 "\n");
e20b2a86 4398
815b09d3 4399 r = drop_in_file(dir, u->id, 50, name, &p, &q);
adb76a70
WC		 4400 if (r < 0)
4401 return r;
4402
45639f1b 4403 (void) mkdir_p_label(p, 0755);
4dba44a5
ZJS		 4404
4405 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4406 * recreate the cache after every drop-in we write. */
4407 if (u->manager->unit_path_cache) {
be327321 4408 r = set_put_strdup(&u->manager->unit_path_cache, p);
4dba44a5
ZJS		 4409 if (r < 0)
4410 return r;
4411 }
4412
2a9a6f8a 4413 r = write_string_file_atomic_label(q, wrapped);
adb76a70
WC		 4414 if (r < 0)
4415 return r;
4416
815b09d3 4417 r = strv_push(&u->dropin_paths, q);
adb76a70
WC		 4418 if (r < 0)
4419 return r;
815b09d3 4420 q = NULL;
adb76a70 4421
adb76a70
WC		 4422 strv_uniq(u->dropin_paths);
4423
4424 u->dropin_mtime = now(CLOCK_REALTIME);
4425
4426 return 0;
26d04f86 4427}
71645aca 4428
2e59b241 4429int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
b9ec9359
LP		 4430 _cleanup_free_ char *p = NULL;
4431 va_list ap;
4432 int r;
4433
4434 assert(u);
4435 assert(name);
4436 assert(format);
4437
2e59b241 4438 if (UNIT_WRITE_FLAGS_NOOP(flags))
b9ec9359
LP		 4439 return 0;
4440
4441 va_start(ap, format);
4442 r = vasprintf(&p, format, ap);
4443 va_end(ap);
4444
4445 if (r < 0)
4446 return -ENOMEM;
4447
2e59b241 4448 return unit_write_setting(u, flags, name, p);
b9ec9359 4449}
71645aca 4450
c2756a68 4451int unit_make_transient(Unit *u) {
0126c8f3 4452 _cleanup_free_ char *path = NULL;
4f4afc88 4453 FILE *f;
4f4afc88 4454
c2756a68
LP		 4455 assert(u);
4456
3f5e8115
LP		 4457 if (!UNIT_VTABLE(u)->can_transient)
4458 return -EOPNOTSUPP;
4459
45639f1b
LP		 4460 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4461
657ee2d8 4462 path = path_join(u->manager->lookup_paths.transient, u->id);
4f4afc88
LP		 4463 if (!path)
4464 return -ENOMEM;
4465
4466 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4467 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4468
78e334b5 4469 RUN_WITH_UMASK(0022) {
4f4afc88 4470 f = fopen(path, "we");
0126c8f3 4471 if (!f)
78e334b5 4472 return -errno;
4f4afc88
LP		 4473 }
4474
0126c8f3 4475 safe_fclose(u->transient_file);
4f4afc88
LP		 4476 u->transient_file = f;
4477
0126c8f3 4478 free_and_replace(u->fragment_path, path);
7c65093a 4479
7c65093a
LP		 4480 u->source_path = mfree(u->source_path);
4481 u->dropin_paths = strv_free(u->dropin_paths);
4482 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4483
4f4afc88
LP		 4484 u->load_state = UNIT_STUB;
4485 u->load_error = 0;
4486 u->transient = true;
4487
7c65093a
LP		 4488 unit_add_to_dbus_queue(u);
4489 unit_add_to_gc_queue(u);
c2756a68 4490
4f4afc88
LP		 4491 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4492 u->transient_file);
4493
3f5e8115 4494 return 0;
c2756a68
LP		 4495}
4496
c53d2d54 4497static int log_kill(pid_t pid, int sig, void *userdata) {
1d98fef1
LP		 4498 _cleanup_free_ char *comm = NULL;
4499
4500 (void) get_process_comm(pid, &comm);
4501
4502 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4503 only, like for example systemd's own PAM stub process. */
4504 if (comm && comm[0] == '(')
c53d2d54 4505 return 0;
1d98fef1
LP		 4506
4507 log_unit_notice(userdata,
4508 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4509 pid,
4510 strna(comm),
4511 signal_to_string(sig));
c53d2d54
DB		 4512
4513 return 1;
1d98fef1
LP		 4514}
4515
4ab1670f 4516static int operation_to_signal(const KillContext *c, KillOperation k, bool *noteworthy) {
1d98fef1
LP		 4517 assert(c);
4518
4519 switch (k) {
4520
4521 case KILL_TERMINATE:
4522 case KILL_TERMINATE_AND_LOG:
4ab1670f 4523 *noteworthy = false;
1d98fef1
LP		 4524 return c->kill_signal;
4525
a232ebcc 4526 case KILL_RESTART:
4ab1670f 4527 *noteworthy = false;
a232ebcc
ZJS		 4528 return restart_kill_signal(c);
4529
1d98fef1 4530 case KILL_KILL:
4ab1670f 4531 *noteworthy = true;
fbb48d4c 4532 return c->final_kill_signal;
1d98fef1 4533
c87700a1 4534 case KILL_WATCHDOG:
4ab1670f 4535 *noteworthy = true;
c87700a1 4536 return c->watchdog_signal;
1d98fef1
LP		 4537
4538 default:
04499a70 4539 assert_not_reached();
1d98fef1
LP		 4540 }
4541}
4542
cd2086fe
LP		 4543int unit_kill_context(
4544 Unit *u,
4545 KillContext *c,
db2cb23b 4546 KillOperation k,
cd2086fe
LP		 4547 pid_t main_pid,
4548 pid_t control_pid,
4549 bool main_pid_alien) {
4550
1d98fef1 4551 bool wait_for_exit = false, send_sighup;
59ec09a8 4552 cg_kill_log_func_t log_func = NULL;
b821a397 4553 int sig, r;
cd2086fe
LP		 4554
4555 assert(u);
4556 assert(c);
4557
8aff7ac4
LP		 4558 /* Kill the processes belonging to this unit, in preparation for shutting the unit down. Returns > 0
4559 * if we killed something worth waiting for, 0 otherwise. Do not confuse with unit_kill_common()
4560 * which is used for user-requested killing of unit processes. */
1d98fef1 4561
cd2086fe
LP		 4562 if (c->kill_mode == KILL_NONE)
4563 return 0;
4564
4ab1670f
ZJS		 4565 bool noteworthy;
4566 sig = operation_to_signal(c, k, &noteworthy);
4567 if (noteworthy)
4568 log_func = log_kill;
1d98fef1
LP		 4569
4570 send_sighup =
4571 c->send_sighup &&
4572 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4573 sig != SIGHUP;
4574
cd2086fe 4575 if (main_pid > 0) {
1d98fef1
LP		 4576 if (log_func)
4577 log_func(main_pid, sig, u);
cd2086fe 4578
1d98fef1 4579 r = kill_and_sigcont(main_pid, sig);
cd2086fe
LP		 4580 if (r < 0 && r != -ESRCH) {
4581 _cleanup_free_ char *comm = NULL;
1d98fef1 4582 (void) get_process_comm(main_pid, &comm);
cd2086fe 4583
b821a397 4584 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
82659fd7 4585 } else {
bc6aed7b
LP		 4586 if (!main_pid_alien)
4587 wait_for_exit = true;
82659fd7 4588
1d98fef1 4589 if (r != -ESRCH && send_sighup)
d0667321 4590 (void) kill(main_pid, SIGHUP);
82659fd7 4591 }
cd2086fe
LP		 4592 }
4593
4594 if (control_pid > 0) {
1d98fef1
LP		 4595 if (log_func)
4596 log_func(control_pid, sig, u);
cd2086fe 4597
1d98fef1 4598 r = kill_and_sigcont(control_pid, sig);
cd2086fe
LP		 4599 if (r < 0 && r != -ESRCH) {
4600 _cleanup_free_ char *comm = NULL;
1d98fef1 4601 (void) get_process_comm(control_pid, &comm);
cd2086fe 4602
b821a397 4603 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
82659fd7 4604 } else {
cd2086fe 4605 wait_for_exit = true;
82659fd7 4606
1d98fef1 4607 if (r != -ESRCH && send_sighup)
d0667321 4608 (void) kill(control_pid, SIGHUP);
82659fd7 4609 }
cd2086fe
LP		 4610 }
4611
b821a397
LP		 4612 if (u->cgroup_path &&
4613 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
cd2086fe
LP		 4614 _cleanup_set_free_ Set *pid_set = NULL;
4615
82659fd7
LP		 4616 /* Exclude the main/control pids from being killed via the cgroup */
4617 pid_set = unit_pid_set(main_pid, control_pid);
cd2086fe
LP		 4618 if (!pid_set)
4619 return -ENOMEM;
4620
1d98fef1
LP		 4621 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4622 sig,
4623 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4624 pid_set,
4625 log_func, u);
cd2086fe 4626 if (r < 0) {
4c701096 4627 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
6178e2f8 4628 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", empty_to_root(u->cgroup_path));
b821a397 4629
82659fd7 4630 } else if (r > 0) {
bc6aed7b 4631
1d9cc876
LP		 4632 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4633 * we are running in a container or if this is a delegation unit, simply because cgroup
4634 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4635 * of containers it can be confused easily by left-over directories in the cgroup — which
4636 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4637 * there we get proper events. Hence rely on them. */
efdb0237 4638
c22800e4 4639 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
1d9cc876 4640 (detect_container() == 0 && !unit_cgroup_delegate(u)))
e9db43d5 4641 wait_for_exit = true;
58ea275a 4642
1d98fef1 4643 if (send_sighup) {
82659fd7
LP		 4644 set_free(pid_set);
4645
4646 pid_set = unit_pid_set(main_pid, control_pid);
4647 if (!pid_set)
4648 return -ENOMEM;
4649
c8aa4b5b
LP		 4650 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4651 SIGHUP,
4652 CGROUP_IGNORE_SELF,
4653 pid_set,
4654 NULL, NULL);
82659fd7
LP		 4655 }
4656 }
cd2086fe
LP		 4657 }
4658
4659 return wait_for_exit;
4660}
4661
eef85c4a 4662int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
a57f7e2c
LP		 4663 int r;
4664
4665 assert(u);
4666 assert(path);
4667
ac19bdd0
ZJS		 4668 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these
4669 * paths in the unit (from the path to the UnitDependencyInfo structure indicating how to the
4670 * dependency came to be). However, we build a prefix table for all possible prefixes so that new
4671 * appearing mount units can easily determine which units to make themselves a dependency of. */
a57f7e2c 4672
70b64bd3
ZJS		 4673 if (!path_is_absolute(path))
4674 return -EINVAL;
4675
ac19bdd0
ZJS		 4676 if (hashmap_contains(u->requires_mounts_for, path)) /* Exit quickly if the path is already covered. */
4677 return 0;
eef85c4a 4678
ac19bdd0 4679 _cleanup_free_ char *p = strdup(path);
a57f7e2c
LP		 4680 if (!p)
4681 return -ENOMEM;
4682
ac19bdd0
ZJS		 4683 /* Use the canonical form of the path as the stored key. We call path_is_normalized()
4684 * only after simplification, since path_is_normalized() rejects paths with '.'.
4685 * path_is_normalized() also verifies that the path fits in PATH_MAX. */
4ff361cc 4686 path = path_simplify(p);
a57f7e2c 4687
ca8700e9 4688 if (!path_is_normalized(path))
a57f7e2c 4689 return -EPERM;
a57f7e2c 4690
ac19bdd0 4691 UnitDependencyInfo di = {
eef85c4a
LP		 4692 .origin_mask = mask
4693 };
4694
ac19bdd0 4695 r = hashmap_ensure_put(&u->requires_mounts_for, &path_hash_ops, p, di.data);
ca8700e9 4696 if (r < 0)
a57f7e2c 4697 return r;
ac19bdd0
ZJS		 4698 assert(r > 0);
4699 TAKE_PTR(p); /* path remains a valid pointer to the string stored in the hashmap */
a57f7e2c 4700
4cb06c59 4701 char prefix[strlen(path) + 1];
ca8700e9 4702 PATH_FOREACH_PREFIX_MORE(prefix, path) {
a57f7e2c
LP		 4703 Set *x;
4704
4705 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4706 if (!x) {
ca8700e9 4707 _cleanup_free_ char *q = NULL;
a57f7e2c 4708
548f6937 4709 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
742f41ad
LP		 4710 if (r < 0)
4711 return r;
a57f7e2c
LP		 4712
4713 q = strdup(prefix);
4714 if (!q)
4715 return -ENOMEM;
4716
d5099efc 4717 x = set_new(NULL);
ca8700e9 4718 if (!x)
a57f7e2c 4719 return -ENOMEM;
a57f7e2c
LP		 4720
4721 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4722 if (r < 0) {
a57f7e2c
LP		 4723 set_free(x);
4724 return r;
4725 }
ca8700e9 4726 q = NULL;
a57f7e2c
LP		 4727 }
4728
4729 r = set_put(x, u);
4730 if (r < 0)
4731 return r;
4732 }
4733
4734 return 0;
4735}
4736
613b411c
LP		 4737int unit_setup_exec_runtime(Unit *u) {
4738 ExecRuntime **rt;
4739 size_t offset;
613b411c 4740 Unit *other;
e8a565cb 4741 int r;
613b411c
LP		 4742
4743 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4744 assert(offset > 0);
4745
06b643e7 4746 /* Check if there already is an ExecRuntime for this unit? */
613b411c
LP		 4747 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4748 if (*rt)
4749 return 0;
4750
4751 /* Try to get it from somebody else */
15ed3c3a 4752 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_JOINS_NAMESPACE_OF) {
e8a565cb
YW		 4753 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
4754 if (r == 1)
4755 return 1;
613b411c
LP		 4756 }
4757
e8a565cb 4758 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
613b411c
LP		 4759}
4760
29206d46
LP		 4761int unit_setup_dynamic_creds(Unit *u) {
4762 ExecContext *ec;
4763 DynamicCreds *dcreds;
4764 size_t offset;
4765
4766 assert(u);
4767
4768 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4769 assert(offset > 0);
4770 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4771
4772 ec = unit_get_exec_context(u);
4773 assert(ec);
4774
4775 if (!ec->dynamic_user)
4776 return 0;
4777
4778 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4779}
4780
1c2e9646
LP		 4781bool unit_type_supported(UnitType t) {
4782 if (_unlikely_(t < 0))
4783 return false;
4784 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4785 return false;
4786
4787 if (!unit_vtable[t]->supported)
4788 return true;
4789
4790 return unit_vtable[t]->supported();
4791}
4792
8b4305c7
LP		 4793void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4794 int r;
4795
4796 assert(u);
4797 assert(where);
4798
c2503e35
RH		 4799 if (!unit_log_level_test(u, LOG_NOTICE))
4800 return;
4801
db55bbf2 4802 r = dir_is_empty(where, /* ignore_hidden_or_backup= */ false);
3f602115 4803 if (r > 0 || r == -ENOTDIR)
8b4305c7
LP		 4804 return;
4805 if (r < 0) {
4806 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4807 return;
4808 }
4809
c2503e35
RH		 4810 log_unit_struct(u, LOG_NOTICE,
4811 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4812 LOG_UNIT_INVOCATION_ID(u),
4813 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4814 "WHERE=%s", where);
8b4305c7
LP		 4815}
4816
25cd4964 4817int unit_fail_if_noncanonical(Unit *u, const char* where) {
58d9d89b 4818 _cleanup_free_ char *canonical_where = NULL;
8b4305c7
LP		 4819 int r;
4820
4821 assert(u);
4822 assert(where);
4823
a5648b80 4824 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where, NULL);
8b4305c7 4825 if (r < 0) {
25cd4964 4826 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
8b4305c7
LP		 4827 return 0;
4828 }
25cd4964
AJ		 4829
4830 /* We will happily ignore a trailing slash (or any redundant slashes) */
4831 if (path_equal(where, canonical_where))
8b4305c7
LP		 4832 return 0;
4833
25cd4964 4834 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
c2503e35
RH		 4835 log_unit_struct(u, LOG_ERR,
4836 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4837 LOG_UNIT_INVOCATION_ID(u),
4838 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
4839 "WHERE=%s", where);
8b4305c7
LP		 4840
4841 return -ELOOP;
4842}
0f13f3bd
LP		 4843
4844bool unit_is_pristine(Unit *u) {
4845 assert(u);
4846
1f832446
ZJS		 4847 /* Check if the unit already exists or is already around, in a number of different ways. Note that to
4848 * cater for unit types such as slice, we are generally fine with units that are marked UNIT_LOADED
4849 * even though nothing was actually loaded, as those unit types don't require a file on disk.
4850 *
4851 * Note that we don't check for drop-ins here, because we allow drop-ins for transient units
4852 * identically to non-transient units, both unit-specific and hierarchical. E.g. for a-b-c.service:
4853 * service.d/….conf, a-.service.d/….conf, a-b-.service.d/….conf, a-b-c.service.d/….conf.
4854 */
0f13f3bd 4855
b146a734
ZJS		 4856 return IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) &&
4857 !u->fragment_path &&
4858 !u->source_path &&
b146a734
ZJS		 4859 !u->job &&
4860 !u->merged_into;
0f13f3bd 4861}
291d565a
LP		 4862
4863pid_t unit_control_pid(Unit *u) {
4864 assert(u);
4865
4866 if (UNIT_VTABLE(u)->control_pid)
4867 return UNIT_VTABLE(u)->control_pid(u);
4868
4869 return 0;
4870}
4871
4872pid_t unit_main_pid(Unit *u) {
4873 assert(u);
4874
4875 if (UNIT_VTABLE(u)->main_pid)
4876 return UNIT_VTABLE(u)->main_pid(u);
4877
4878 return 0;
4879}
00d9ef85
LP		 4880
4881static void unit_unref_uid_internal(
4882 Unit *u,
4883 uid_t *ref_uid,
4884 bool destroy_now,
4885 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4886
4887 assert(u);
4888 assert(ref_uid);
4889 assert(_manager_unref_uid);
4890
4891 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4892 * gid_t are actually the same time, with the same validity rules.
4893 *
4894 * Drops a reference to UID/GID from a unit. */
4895
4896 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4897 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4898
4899 if (!uid_is_valid(*ref_uid))
4900 return;
4901
4902 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4903 *ref_uid = UID_INVALID;
4904}
4905
b90cf102 4906static void unit_unref_uid(Unit *u, bool destroy_now) {
00d9ef85
LP		 4907 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4908}
4909
b90cf102 4910static void unit_unref_gid(Unit *u, bool destroy_now) {
00d9ef85
LP		 4911 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4912}
4913
b90cf102
LP		 4914void unit_unref_uid_gid(Unit *u, bool destroy_now) {
4915 assert(u);
4916
4917 unit_unref_uid(u, destroy_now);
4918 unit_unref_gid(u, destroy_now);
4919}
4920
00d9ef85
LP		 4921static int unit_ref_uid_internal(
4922 Unit *u,
4923 uid_t *ref_uid,
4924 uid_t uid,
4925 bool clean_ipc,
4926 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
4927
4928 int r;
4929
4930 assert(u);
4931 assert(ref_uid);
4932 assert(uid_is_valid(uid));
4933 assert(_manager_ref_uid);
4934
4935 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4936 * are actually the same type, and have the same validity rules.
4937 *
4938 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4939 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4940 * drops to zero. */
4941
4942 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4943 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4944
4945 if (*ref_uid == uid)
4946 return 0;
4947
4948 if (uid_is_valid(*ref_uid)) /* Already set? */
4949 return -EBUSY;
4950
4951 r = _manager_ref_uid(u->manager, uid, clean_ipc);
4952 if (r < 0)
4953 return r;
4954
4955 *ref_uid = uid;
4956 return 1;
4957}
4958
b90cf102 4959static int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
00d9ef85
LP		 4960 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
4961}
4962
b90cf102 4963static int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
00d9ef85
LP		 4964 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
4965}
4966
4967static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
4968 int r = 0, q = 0;
4969
4970 assert(u);
4971
4972 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4973
4974 if (uid_is_valid(uid)) {
4975 r = unit_ref_uid(u, uid, clean_ipc);
4976 if (r < 0)
4977 return r;
4978 }
4979
4980 if (gid_is_valid(gid)) {
4981 q = unit_ref_gid(u, gid, clean_ipc);
4982 if (q < 0) {
4983 if (r > 0)
4984 unit_unref_uid(u, false);
4985
4986 return q;
4987 }
4988 }
4989
4990 return r > 0 || q > 0;
4991}
4992
4993int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
4994 ExecContext *c;
4995 int r;
4996
4997 assert(u);
4998
4999 c = unit_get_exec_context(u);
5000
5001 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
5002 if (r < 0)
5003 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
5004
5005 return r;
5006}
5007
00d9ef85
LP		 5008void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
5009 int r;
5010
5011 assert(u);
5012
5013 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
5014 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
5015 * objects when no service references the UID/GID anymore. */
5016
5017 r = unit_ref_uid_gid(u, uid, gid);
5018 if (r > 0)
37d0b962 5019 unit_add_to_dbus_queue(u);
00d9ef85 5020}
4b58153d 5021
4b58153d
LP		 5022int unit_acquire_invocation_id(Unit *u) {
5023 sd_id128_t id;
5024 int r;
5025
5026 assert(u);
5027
5028 r = sd_id128_randomize(&id);
5029 if (r < 0)
5030 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
5031
5032 r = unit_set_invocation_id(u, id);
5033 if (r < 0)
5034 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
5035
af92c603 5036 unit_add_to_dbus_queue(u);
4b58153d
LP		 5037 return 0;
5038}
f0d47797 5039
1ad6e8b3
LP		 5040int unit_set_exec_params(Unit *u, ExecParameters *p) {
5041 int r;
5042
7960b0c7
LP		 5043 assert(u);
5044 assert(p);
f0d47797 5045
004c7f16 5046 /* Copy parameters from manager */
1ad6e8b3
LP		 5047 r = manager_get_effective_environment(u->manager, &p->environment);
5048 if (r < 0)
5049 return r;
5050
004c7f16
LP		 5051 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
5052 p->cgroup_supported = u->manager->cgroup_supported;
5053 p->prefix = u->manager->prefix;
5054 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5055
5238e957 5056 /* Copy parameters from unit */
7960b0c7 5057 p->cgroup_path = u->cgroup_path;
1d9cc876 5058 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
1ad6e8b3 5059
2ad591a3
LP		 5060 p->received_credentials_directory = u->manager->received_credentials_directory;
5061 p->received_encrypted_credentials_directory = u->manager->received_encrypted_credentials_directory;
bb0c0d6f 5062
1ad6e8b3 5063 return 0;
f0d47797 5064}
a79279c7 5065
4c253ed1 5066int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
a79279c7
LP		 5067 int r;
5068
5069 assert(u);
5070 assert(ret);
5071
5072 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5073 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5074
5075 (void) unit_realize_cgroup(u);
5076
4c253ed1
LP		 5077 r = safe_fork(name, FORK_REOPEN_LOG, ret);
5078 if (r != 0)
5079 return r;
a79279c7 5080
9c274488
LP		 5081 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE);
5082 (void) ignore_signals(SIGPIPE);
a79279c7 5083
4c253ed1 5084 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
a79279c7 5085
4c253ed1
LP		 5086 if (u->cgroup_path) {
5087 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5088 if (r < 0) {
6178e2f8 5089 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", empty_to_root(u->cgroup_path));
4c253ed1 5090 _exit(EXIT_CGROUP);
a79279c7 5091 }
a79279c7
LP		 5092 }
5093
4c253ed1 5094 return 0;
a79279c7 5095}
c999cf38 5096
810ef318
YW		 5097int unit_fork_and_watch_rm_rf(Unit *u, char **paths, pid_t *ret_pid) {
5098 pid_t pid;
5099 int r;
5100
5101 assert(u);
5102 assert(ret_pid);
5103
5104 r = unit_fork_helper_process(u, "(sd-rmrf)", &pid);
5105 if (r < 0)
5106 return r;
5107 if (r == 0) {
5108 int ret = EXIT_SUCCESS;
810ef318
YW		 5109
5110 STRV_FOREACH(i, paths) {
5111 r = rm_rf(*i, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_MISSING_OK);
5112 if (r < 0) {
5113 log_error_errno(r, "Failed to remove '%s': %m", *i);
5114 ret = EXIT_FAILURE;
5115 }
5116 }
5117
5118 _exit(ret);
5119 }
5120
5121 r = unit_watch_pid(u, pid, true);
5122 if (r < 0)
5123 return r;
5124
5125 *ret_pid = pid;
5126 return 0;
5127}
5128
15ed3c3a
LP		 5129static void unit_update_dependency_mask(Hashmap *deps, Unit *other, UnitDependencyInfo di) {
5130 assert(deps);
c999cf38
LP		 5131 assert(other);
5132
15ed3c3a 5133 if (di.origin_mask == 0 && di.destination_mask == 0)
c999cf38 5134 /* No bit set anymore, let's drop the whole entry */
15ed3c3a
LP		 5135 assert_se(hashmap_remove(deps, other));
5136 else
c999cf38 5137 /* Mask was reduced, let's update the entry */
15ed3c3a 5138 assert_se(hashmap_update(deps, other, di.data) == 0);
c999cf38
LP		 5139}
5140
5141void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
15ed3c3a 5142 Hashmap *deps;
c999cf38
LP		 5143 assert(u);
5144
5145 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5146
5147 if (mask == 0)
5148 return;
5149
15ed3c3a 5150 HASHMAP_FOREACH(deps, u->dependencies) {
c999cf38
LP		 5151 bool done;
5152
5153 do {
5154 UnitDependencyInfo di;
5155 Unit *other;
c999cf38
LP		 5156
5157 done = true;
5158
15ed3c3a
LP		 5159 HASHMAP_FOREACH_KEY(di.data, other, deps) {
5160 Hashmap *other_deps;
5161
1d6cc5d0 5162 if (FLAGS_SET(~mask, di.origin_mask))
c999cf38 5163 continue;
15ed3c3a 5164
c999cf38 5165 di.origin_mask &= ~mask;
15ed3c3a 5166 unit_update_dependency_mask(deps, other, di);
c999cf38 5167
defe63b0
LP		 5168 /* We updated the dependency from our unit to the other unit now. But most
5169 * dependencies imply a reverse dependency. Hence, let's delete that one
5170 * too. For that we go through all dependency types on the other unit and
5171 * delete all those which point to us and have the right mask set. */
c999cf38 5172
15ed3c3a 5173 HASHMAP_FOREACH(other_deps, other->dependencies) {
c999cf38
LP		 5174 UnitDependencyInfo dj;
5175
15ed3c3a 5176 dj.data = hashmap_get(other_deps, u);
1d6cc5d0 5177 if (FLAGS_SET(~mask, dj.destination_mask))
c999cf38 5178 continue;
c999cf38 5179
15ed3c3a
LP		 5180 dj.destination_mask &= ~mask;
5181 unit_update_dependency_mask(other_deps, u, dj);
c999cf38
LP		 5182 }
5183
5184 unit_add_to_gc_queue(other);
5185
156ba52b
YW		 5186 /* The unit 'other' may not be wanted by the unit 'u'. */
5187 unit_submit_to_stop_when_unneeded_queue(other);
5188
c999cf38
LP		 5189 done = false;
5190 break;
5191 }
5192
5193 } while (!done);
5194 }
5195}
d3070fbd 5196
2f8c48b6
AZ		 5197static int unit_get_invocation_path(Unit *u, char **ret) {
5198 char *p;
5199 int r;
5200
5201 assert(u);
5202 assert(ret);
5203
5204 if (MANAGER_IS_SYSTEM(u->manager))
5205 p = strjoin("/run/systemd/units/invocation:", u->id);
5206 else {
5207 _cleanup_free_ char *user_path = NULL;
5208 r = xdg_user_runtime_dir(&user_path, "/systemd/units/invocation:");
5209 if (r < 0)
5210 return r;
5211 p = strjoin(user_path, u->id);
5212 }
5213
5214 if (!p)
5215 return -ENOMEM;
5216
5217 *ret = p;
5218 return 0;
5219}
5220
d3070fbd 5221static int unit_export_invocation_id(Unit *u) {
2f8c48b6 5222 _cleanup_free_ char *p = NULL;
d3070fbd
LP		 5223 int r;
5224
5225 assert(u);
5226
5227 if (u->exported_invocation_id)
5228 return 0;
5229
5230 if (sd_id128_is_null(u->invocation_id))
5231 return 0;
5232
2f8c48b6
AZ		 5233 r = unit_get_invocation_path(u, &p);
5234 if (r < 0)
5235 return log_unit_debug_errno(u, r, "Failed to get invocation path: %m");
5236
a3f5fd96 5237 r = symlink_atomic_label(u->invocation_id_string, p);
d3070fbd
LP		 5238 if (r < 0)
5239 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5240
5241 u->exported_invocation_id = true;
5242 return 0;
5243}
5244
5245static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5246 const char *p;
5247 char buf[2];
5248 int r;
5249
5250 assert(u);
5251 assert(c);
5252
5253 if (u->exported_log_level_max)
5254 return 0;
5255
5256 if (c->log_level_max < 0)
5257 return 0;
5258
5259 assert(c->log_level_max <= 7);
5260
5261 buf[0] = '0' + c->log_level_max;
5262 buf[1] = 0;
5263
5264 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5265 r = symlink_atomic(buf, p);
5266 if (r < 0)
5267 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5268
5269 u->exported_log_level_max = true;
5270 return 0;
5271}
5272
5273static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5274 _cleanup_close_ int fd = -1;
5275 struct iovec *iovec;
5276 const char *p;
5277 char *pattern;
5278 le64_t *sizes;
5279 ssize_t n;
d3070fbd
LP		 5280 int r;
5281
5282 if (u->exported_log_extra_fields)
5283 return 0;
5284
5285 if (c->n_log_extra_fields <= 0)
5286 return 0;
5287
5288 sizes = newa(le64_t, c->n_log_extra_fields);
5289 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5290
12375b95 5291 for (size_t i = 0; i < c->n_log_extra_fields; i++) {
d3070fbd
LP		 5292 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5293
5294 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5295 iovec[i*2+1] = c->log_extra_fields[i];
5296 }
5297
5298 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5299 pattern = strjoina(p, ".XXXXXX");
5300
5301 fd = mkostemp_safe(pattern);
5302 if (fd < 0)
5303 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5304
5305 n = writev(fd, iovec, c->n_log_extra_fields*2);
5306 if (n < 0) {
5307 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5308 goto fail;
5309 }
5310
5311 (void) fchmod(fd, 0644);
5312
5313 if (rename(pattern, p) < 0) {
5314 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5315 goto fail;
5316 }
5317
5318 u->exported_log_extra_fields = true;
5319 return 0;
5320
5321fail:
5322 (void) unlink(pattern);
5323 return r;
5324}
5325
5ac1530e 5326static int unit_export_log_ratelimit_interval(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5327 _cleanup_free_ char *buf = NULL;
5328 const char *p;
5329 int r;
5330
5331 assert(u);
5332 assert(c);
5333
5ac1530e 5334 if (u->exported_log_ratelimit_interval)
90fc172e
AZ		 5335 return 0;
5336
5ac1530e 5337 if (c->log_ratelimit_interval_usec == 0)
90fc172e
AZ		 5338 return 0;
5339
5340 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5341
5ac1530e 5342 if (asprintf(&buf, "%" PRIu64, c->log_ratelimit_interval_usec) < 0)
90fc172e
AZ		 5343 return log_oom();
5344
5345 r = symlink_atomic(buf, p);
5346 if (r < 0)
5347 return log_unit_debug_errno(u, r, "Failed to create log rate limit interval symlink %s: %m", p);
5348
5ac1530e 5349 u->exported_log_ratelimit_interval = true;
90fc172e
AZ		 5350 return 0;
5351}
5352
5ac1530e 5353static int unit_export_log_ratelimit_burst(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5354 _cleanup_free_ char *buf = NULL;
5355 const char *p;
5356 int r;
5357
5358 assert(u);
5359 assert(c);
5360
5ac1530e 5361 if (u->exported_log_ratelimit_burst)
90fc172e
AZ		 5362 return 0;
5363
5ac1530e 5364 if (c->log_ratelimit_burst == 0)
90fc172e
AZ		 5365 return 0;
5366
5367 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5368
5ac1530e 5369 if (asprintf(&buf, "%u", c->log_ratelimit_burst) < 0)
90fc172e
AZ		 5370 return log_oom();
5371
5372 r = symlink_atomic(buf, p);
5373 if (r < 0)
5374 return log_unit_debug_errno(u, r, "Failed to create log rate limit burst symlink %s: %m", p);
5375
5ac1530e 5376 u->exported_log_ratelimit_burst = true;
90fc172e
AZ		 5377 return 0;
5378}
5379
d3070fbd
LP		 5380void unit_export_state_files(Unit *u) {
5381 const ExecContext *c;
5382
5383 assert(u);
5384
5385 if (!u->id)
5386 return;
5387
638cece4 5388 if (MANAGER_IS_TEST_RUN(u->manager))
8f632531
LP		 5389 return;
5390
d3070fbd
LP		 5391 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5392 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5393 * the IPC system itself and PID 1 also log to the journal.
5394 *
5395 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5396 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5397 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5398 * namespace at least.
5399 *
5400 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5401 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5402 * them with one. */
5403
5404 (void) unit_export_invocation_id(u);
5405
2f8c48b6
AZ		 5406 if (!MANAGER_IS_SYSTEM(u->manager))
5407 return;
5408
d3070fbd
LP		 5409 c = unit_get_exec_context(u);
5410 if (c) {
5411 (void) unit_export_log_level_max(u, c);
5412 (void) unit_export_log_extra_fields(u, c);
5ac1530e
ZJS		 5413 (void) unit_export_log_ratelimit_interval(u, c);
5414 (void) unit_export_log_ratelimit_burst(u, c);
d3070fbd
LP		 5415 }
5416}
5417
5418void unit_unlink_state_files(Unit *u) {
5419 const char *p;
5420
5421 assert(u);
5422
5423 if (!u->id)
5424 return;
5425
d3070fbd
LP		 5426 /* Undoes the effect of unit_export_state() */
5427
5428 if (u->exported_invocation_id) {
2f8c48b6
AZ		 5429 _cleanup_free_ char *invocation_path = NULL;
5430 int r = unit_get_invocation_path(u, &invocation_path);
5431 if (r >= 0) {
5432 (void) unlink(invocation_path);
5433 u->exported_invocation_id = false;
5434 }
d3070fbd
LP		 5435 }
5436
2f8c48b6
AZ		 5437 if (!MANAGER_IS_SYSTEM(u->manager))
5438 return;
5439
d3070fbd
LP		 5440 if (u->exported_log_level_max) {
5441 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5442 (void) unlink(p);
5443
5444 u->exported_log_level_max = false;
5445 }
5446
5447 if (u->exported_log_extra_fields) {
5448 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5449 (void) unlink(p);
5450
5451 u->exported_log_extra_fields = false;
5452 }
90fc172e 5453
5ac1530e 5454 if (u->exported_log_ratelimit_interval) {
90fc172e
AZ		 5455 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5456 (void) unlink(p);
5457
5ac1530e 5458 u->exported_log_ratelimit_interval = false;
90fc172e
AZ		 5459 }
5460
5ac1530e 5461 if (u->exported_log_ratelimit_burst) {
90fc172e
AZ		 5462 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5463 (void) unlink(p);
5464
5ac1530e 5465 u->exported_log_ratelimit_burst = false;
90fc172e 5466 }
d3070fbd 5467}
5afe510c 5468
3c7416b6
LP		 5469int unit_prepare_exec(Unit *u) {
5470 int r;
5471
5472 assert(u);
5473
fab34748
KL		 5474 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5475 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5476 r = bpf_firewall_load_custom(u);
5477 if (r < 0)
5478 return r;
5479
3c7416b6
LP		 5480 /* Prepares everything so that we can fork of a process for this unit */
5481
5482 (void) unit_realize_cgroup(u);
5483
5484 if (u->reset_accounting) {
9b2559a1 5485 (void) unit_reset_accounting(u);
3c7416b6
LP		 5486 u->reset_accounting = false;
5487 }
5488
5489 unit_export_state_files(u);
5490
5491 r = unit_setup_exec_runtime(u);
5492 if (r < 0)
5493 return r;
5494
5495 r = unit_setup_dynamic_creds(u);
5496 if (r < 0)
5497 return r;
5498
5499 return 0;
5500}
5501
4c425434
LP		 5502static bool ignore_leftover_process(const char *comm) {
5503 return comm && comm[0] == '('; /* Most likely our own helper process (PAM?), ignore */
5504}
5505
5506int unit_log_leftover_process_start(pid_t pid, int sig, void *userdata) {
a4634b21
LP		 5507 _cleanup_free_ char *comm = NULL;
5508
5509 (void) get_process_comm(pid, &comm);
5510
4c425434 5511 if (ignore_leftover_process(comm))
c53d2d54 5512 return 0;
a4634b21 5513
4c425434
LP		 5514 /* During start we print a warning */
5515
a4634b21
LP		 5516 log_unit_warning(userdata,
5517 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5518 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5519 pid, strna(comm));
c53d2d54
DB		 5520
5521 return 1;
a4634b21
LP		 5522}
5523
4c425434
LP		 5524int unit_log_leftover_process_stop(pid_t pid, int sig, void *userdata) {
5525 _cleanup_free_ char *comm = NULL;
5526
5527 (void) get_process_comm(pid, &comm);
5528
5529 if (ignore_leftover_process(comm))
5530 return 0;
5531
5532 /* During stop we only print an informational message */
5533
5534 log_unit_info(userdata,
5535 "Unit process " PID_FMT " (%s) remains running after unit stopped.",
5536 pid, strna(comm));
5537
5538 return 1;
5539}
5540
5541int unit_warn_leftover_processes(Unit *u, cg_kill_log_func_t log_func) {
a4634b21
LP		 5542 assert(u);
5543
5544 (void) unit_pick_cgroup_path(u);
5545
5546 if (!u->cgroup_path)
c53d2d54 5547 return 0;
a4634b21 5548
4c425434 5549 return cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_func, u);
a4634b21
LP		 5550}
5551
bb2c7685
LP		 5552bool unit_needs_console(Unit *u) {
5553 ExecContext *ec;
5554 UnitActiveState state;
5555
5556 assert(u);
5557
5558 state = unit_active_state(u);
5559
5560 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5561 return false;
5562
5563 if (UNIT_VTABLE(u)->needs_console)
5564 return UNIT_VTABLE(u)->needs_console(u);
5565
5566 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5567 ec = unit_get_exec_context(u);
5568 if (!ec)
5569 return false;
5570
5571 return exec_context_may_touch_console(ec);
5572}
5573
6592b975
LP		 5574int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5575 int r;
5576
5577 assert(u);
5578
5579 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5580 * and not a kernel thread either */
5581
5582 /* First, a simple range check */
5583 if (!pid_is_valid(pid))
5584 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5585
5586 /* Some extra safety check */
5587 if (pid == 1 || pid == getpid_cached())
3fe91079 5588 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid);
6592b975
LP		 5589
5590 /* Don't even begin to bother with kernel threads */
5591 r = is_kernel_thread(pid);
5592 if (r == -ESRCH)
5593 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5594 if (r < 0)
5595 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5596 if (r > 0)
5597 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5598
5599 return 0;
5600}
5601
523ee2d4
LP		 5602void unit_log_success(Unit *u) {
5603 assert(u);
5604
edf2ee22
JM		 5605 /* Let's show message "Deactivated successfully" in debug mode (when manager is user) rather than in info mode.
5606 * This message has low information value for regular users and it might be a bit overwhelming on a system with
5607 * a lot of devices. */
5608 log_unit_struct(u,
5609 MANAGER_IS_USER(u->manager) ? LOG_DEBUG : LOG_INFO,
c2503e35
RH		 5610 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR,
5611 LOG_UNIT_INVOCATION_ID(u),
5612 LOG_UNIT_MESSAGE(u, "Deactivated successfully."));
523ee2d4
LP		 5613}
5614
7c047d74
LP		 5615void unit_log_failure(Unit *u, const char *result) {
5616 assert(u);
5617 assert(result);
5618
c2503e35
RH		 5619 log_unit_struct(u, LOG_WARNING,
5620 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR,
5621 LOG_UNIT_INVOCATION_ID(u),
5622 LOG_UNIT_MESSAGE(u, "Failed with result '%s'.", result),
5623 "UNIT_RESULT=%s", result);
7c047d74
LP		 5624}
5625
31cd5f63
AZ		 5626void unit_log_skip(Unit *u, const char *result) {
5627 assert(u);
5628 assert(result);
5629
c2503e35
RH		 5630 log_unit_struct(u, LOG_INFO,
5631 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR,
5632 LOG_UNIT_INVOCATION_ID(u),
5633 LOG_UNIT_MESSAGE(u, "Skipped due to '%s'.", result),
5634 "UNIT_RESULT=%s", result);
31cd5f63
AZ		 5635}
5636
91bbd9b7
LP		 5637void unit_log_process_exit(
5638 Unit *u,
91bbd9b7
LP		 5639 const char *kind,
5640 const char *command,
5cc2cd1c 5641 bool success,
91bbd9b7
LP		 5642 int code,
5643 int status) {
5644
5cc2cd1c
ZJS		 5645 int level;
5646
91bbd9b7
LP		 5647 assert(u);
5648 assert(kind);
5649
5cc2cd1c
ZJS		 5650 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
5651 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
5652 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
5653 * WARNING. */
5654 if (success)
5655 level = LOG_DEBUG;
5656 else if (code == CLD_EXITED)
5657 level = LOG_NOTICE;
5658 else
91bbd9b7
LP		 5659 level = LOG_WARNING;
5660
c2503e35
RH		 5661 log_unit_struct(u, level,
5662 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR,
58441bc1 5663 LOG_UNIT_MESSAGE(u, "%s exited, code=%s, status=%i/%s%s",
c2503e35
RH		 5664 kind,
5665 sigchld_code_to_string(code), status,
5666 strna(code == CLD_EXITED
5667 ? exit_status_to_string(status, EXIT_STATUS_FULL)
58441bc1
ZJS		 5668 : signal_to_string(status)),
5669 success ? " (success)" : ""),
c2503e35
RH		 5670 "EXIT_CODE=%s", sigchld_code_to_string(code),
5671 "EXIT_STATUS=%i", status,
5672 "COMMAND=%s", strna(command),
5673 LOG_UNIT_INVOCATION_ID(u));
91bbd9b7
LP		 5674}
5675
7af67e9a
LP		 5676int unit_exit_status(Unit *u) {
5677 assert(u);
5678
5679 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
5680 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
5681 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
5682 * service process has exited abnormally (signal/coredump). */
5683
5684 if (!UNIT_VTABLE(u)->exit_status)
5685 return -EOPNOTSUPP;
5686
5687 return UNIT_VTABLE(u)->exit_status(u);
5688}
5689
5690int unit_failure_action_exit_status(Unit *u) {
5691 int r;
5692
5693 assert(u);
5694
5695 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
5696
5697 if (u->failure_action_exit_status >= 0)
5698 return u->failure_action_exit_status;
5699
5700 r = unit_exit_status(u);
5701 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5702 return 255;
5703
5704 return r;
5705}
5706
5707int unit_success_action_exit_status(Unit *u) {
5708 int r;
5709
5710 assert(u);
5711
5712 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
5713
5714 if (u->success_action_exit_status >= 0)
5715 return u->success_action_exit_status;
5716
5717 r = unit_exit_status(u);
5718 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5719 return 255;
5720
5721 return r;
5722}
5723
a4191c9f
LP		 5724int unit_test_trigger_loaded(Unit *u) {
5725 Unit *trigger;
5726
5727 /* Tests whether the unit to trigger is loaded */
5728
5729 trigger = UNIT_TRIGGER(u);
5730 if (!trigger)
e7b9f4d9
ZJS		 5731 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
5732 "Refusing to start, no unit to trigger.");
a4191c9f 5733 if (trigger->load_state != UNIT_LOADED)
e7b9f4d9
ZJS		 5734 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
5735 "Refusing to start, unit %s to trigger not loaded.", trigger->id);
a4191c9f
LP		 5736
5737 return 0;
5738}
5739
bb0c0d6f
LP		 5740void unit_destroy_runtime_data(Unit *u, const ExecContext *context) {
5741 assert(u);
5742 assert(context);
5743
95939aed
YW		 5744 if (context->runtime_directory_preserve_mode == EXEC_PRESERVE_NO ||
5745 (context->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART && !unit_will_restart(u)))
5746 exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
bb0c0d6f
LP		 5747
5748 exec_context_destroy_credentials(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME], u->id);
95939aed
YW		 5749}
5750
380dc8b0
LP		 5751int unit_clean(Unit *u, ExecCleanMask mask) {
5752 UnitActiveState state;
5753
5754 assert(u);
5755
5756 /* Special return values:
5757 *
5758 * -EOPNOTSUPP → cleaning not supported for this unit type
5759 * -EUNATCH → cleaning not defined for this resource type
5760 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
5761 * a job queued or similar
5762 */
5763
5764 if (!UNIT_VTABLE(u)->clean)
5765 return -EOPNOTSUPP;
5766
5767 if (mask == 0)
5768 return -EUNATCH;
5769
5770 if (u->load_state != UNIT_LOADED)
5771 return -EBUSY;
5772
5773 if (u->job)
5774 return -EBUSY;
5775
5776 state = unit_active_state(u);
5777 if (!IN_SET(state, UNIT_INACTIVE))
5778 return -EBUSY;
5779
5780 return UNIT_VTABLE(u)->clean(u, mask);
5781}
5782
5783int unit_can_clean(Unit *u, ExecCleanMask *ret) {
5784 assert(u);
5785
5786 if (!UNIT_VTABLE(u)->clean ||
5787 u->load_state != UNIT_LOADED) {
5788 *ret = 0;
5789 return 0;
5790 }
5791
5792 /* When the clean() method is set, can_clean() really should be set too */
5793 assert(UNIT_VTABLE(u)->can_clean);
5794
5795 return UNIT_VTABLE(u)->can_clean(u, ret);
5796}
5797
d9e45bc3
MS		 5798bool unit_can_freeze(Unit *u) {
5799 assert(u);
5800
5801 if (UNIT_VTABLE(u)->can_freeze)
5802 return UNIT_VTABLE(u)->can_freeze(u);
5803
5804 return UNIT_VTABLE(u)->freeze;
5805}
5806
5807void unit_frozen(Unit *u) {
5808 assert(u);
5809
5810 u->freezer_state = FREEZER_FROZEN;
5811
5812 bus_unit_send_pending_freezer_message(u);
5813}
5814
5815void unit_thawed(Unit *u) {
5816 assert(u);
5817
5818 u->freezer_state = FREEZER_RUNNING;
5819
5820 bus_unit_send_pending_freezer_message(u);
5821}
5822
5823static int unit_freezer_action(Unit *u, FreezerAction action) {
5824 UnitActiveState s;
5825 int (*method)(Unit*);
5826 int r;
5827
5828 assert(u);
5829 assert(IN_SET(action, FREEZER_FREEZE, FREEZER_THAW));
5830
5831 method = action == FREEZER_FREEZE ? UNIT_VTABLE(u)->freeze : UNIT_VTABLE(u)->thaw;
5832 if (!method || !cg_freezer_supported())
5833 return -EOPNOTSUPP;
5834
5835 if (u->job)
5836 return -EBUSY;
5837
5838 if (u->load_state != UNIT_LOADED)
5839 return -EHOSTDOWN;
5840
5841 s = unit_active_state(u);
5842 if (s != UNIT_ACTIVE)
5843 return -EHOSTDOWN;
5844
5845 if (IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING))
5846 return -EALREADY;
5847
5848 r = method(u);
5849 if (r <= 0)
5850 return r;
5851
d171e72e
YW		 5852 assert(IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING));
5853
d9e45bc3
MS		 5854 return 1;
5855}
5856
5857int unit_freeze(Unit *u) {
5858 return unit_freezer_action(u, FREEZER_FREEZE);
5859}
5860
5861int unit_thaw(Unit *u) {
5862 return unit_freezer_action(u, FREEZER_THAW);
5863}
5864
5865/* Wrappers around low-level cgroup freezer operations common for service and scope units */
5866int unit_freeze_vtable_common(Unit *u) {
5867 return unit_cgroup_freezer_action(u, FREEZER_FREEZE);
5868}
5869
5870int unit_thaw_vtable_common(Unit *u) {
5871 return unit_cgroup_freezer_action(u, FREEZER_THAW);
5872}
5873
6e548561 5874Condition *unit_find_failed_condition(Unit *u) {
03677889 5875 Condition *failed_trigger = NULL;
6e548561
DDM		 5876 bool has_succeeded_trigger = false;
5877
5878 if (u->condition_result)
5879 return NULL;
5880
5881 LIST_FOREACH(conditions, c, u->conditions)
5882 if (c->trigger) {
5883 if (c->result == CONDITION_SUCCEEDED)
5884 has_succeeded_trigger = true;
5885 else if (!failed_trigger)
5886 failed_trigger = c;
5887 } else if (c->result != CONDITION_SUCCEEDED)
5888 return c;
5889
5890 return failed_trigger && !has_succeeded_trigger ? failed_trigger : NULL;
5891}
5892
5afe510c
LP		 5893static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5894 [COLLECT_INACTIVE] = "inactive",
5895 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5896};
5897
5898DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
15ed3c3a
LP		 5899
5900Unit* unit_has_dependency(const Unit *u, UnitDependencyAtom atom, Unit *other) {
5901 Unit *i;
5902
5903 assert(u);
5904
5905 /* Checks if the unit has a dependency on 'other' with the specified dependency atom. If 'other' is
5906 * NULL checks if the unit has *any* dependency of that atom. Returns 'other' if found (or if 'other'
5907 * is NULL the first entry found), or NULL if not found. */
5908
5909 UNIT_FOREACH_DEPENDENCY(i, u, atom)
5910 if (!other || other == i)
5911 return i;
5912
5913 return NULL;
5914}
5915
5916int unit_get_dependency_array(const Unit *u, UnitDependencyAtom atom, Unit ***ret_array) {
5917 _cleanup_free_ Unit **array = NULL;
5918 size_t n = 0;
5919 Unit *other;
5920
5921 assert(u);
5922 assert(ret_array);
5923
5924 /* Gets a list of units matching a specific atom as array. This is useful when iterating through
5925 * dependencies while modifying them: the array is an "atomic snapshot" of sorts, that can be read
48008c1c 5926 * while the dependency table is continuously updated. */
15ed3c3a
LP		 5927
5928 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
5929 if (!GREEDY_REALLOC(array, n + 1))
5930 return -ENOMEM;
5931
5932 array[n++] = other;
5933 }
5934
5935 *ret_array = TAKE_PTR(array);
5936
5937 assert(n <= INT_MAX);
5938 return (int) n;
5939}
48b92b37
LB		 5940
5941const ActivationDetailsVTable * const activation_details_vtable[_UNIT_TYPE_MAX] = {
4c420328 5942 [UNIT_PATH] = &activation_details_path_vtable,
c8bc7519 5943 [UNIT_TIMER] = &activation_details_timer_vtable,
48b92b37
LB		 5944};
5945
5946ActivationDetails *activation_details_new(Unit *trigger_unit) {
5947 _cleanup_free_ ActivationDetails *details = NULL;
5948
5949 assert(trigger_unit);
5950 assert(trigger_unit->type != _UNIT_TYPE_INVALID);
5951 assert(trigger_unit->id);
5952
5953 details = malloc0(activation_details_vtable[trigger_unit->type]->object_size);
5954 if (!details)
5955 return NULL;
5956
5957 *details = (ActivationDetails) {
5958 .n_ref = 1,
5959 .trigger_unit_type = trigger_unit->type,
5960 };
5961
5962 details->trigger_unit_name = strdup(trigger_unit->id);
5963 if (!details->trigger_unit_name)
5964 return NULL;
5965
5966 if (ACTIVATION_DETAILS_VTABLE(details)->init)
5967 ACTIVATION_DETAILS_VTABLE(details)->init(details, trigger_unit);
5968
5969 return TAKE_PTR(details);
5970}
5971
5972static ActivationDetails *activation_details_free(ActivationDetails *details) {
5973 if (!details)
5974 return NULL;
5975
5976 if (ACTIVATION_DETAILS_VTABLE(details)->done)
5977 ACTIVATION_DETAILS_VTABLE(details)->done(details);
5978
5979 free(details->trigger_unit_name);
5980
5981 return mfree(details);
5982}
5983
5984void activation_details_serialize(ActivationDetails *details, FILE *f) {
5985 if (!details || details->trigger_unit_type == _UNIT_TYPE_INVALID)
5986 return;
5987
5988 (void) serialize_item(f, "activation-details-unit-type", unit_type_to_string(details->trigger_unit_type));
5989 if (details->trigger_unit_name)
5990 (void) serialize_item(f, "activation-details-unit-name", details->trigger_unit_name);
5991 if (ACTIVATION_DETAILS_VTABLE(details)->serialize)
5992 ACTIVATION_DETAILS_VTABLE(details)->serialize(details, f);
5993}
5994
5995int activation_details_deserialize(const char *key, const char *value, ActivationDetails **details) {
5996 assert(key);
5997 assert(value);
5998 assert(details);
5999
6000 if (!*details) {
6001 UnitType t;
6002
6003 if (!streq(key, "activation-details-unit-type"))
6004 return -EINVAL;
6005
6006 t = unit_type_from_string(value);
6007 if (t == _UNIT_TYPE_INVALID)
6008 return -EINVAL;
6009
6010 *details = malloc0(activation_details_vtable[t]->object_size);
6011 if (!*details)
6012 return -ENOMEM;
6013
6014 **details = (ActivationDetails) {
6015 .n_ref = 1,
6016 .trigger_unit_type = t,
6017 };
6018
6019 return 0;
6020 }
6021
6022 if (streq(key, "activation-details-unit-name")) {
6023 (*details)->trigger_unit_name = strdup(value);
6024 if (!(*details)->trigger_unit_name)
6025 return -ENOMEM;
6026
6027 return 0;
6028 }
6029
6030 if (ACTIVATION_DETAILS_VTABLE(*details)->deserialize)
6031 return ACTIVATION_DETAILS_VTABLE(*details)->deserialize(key, value, details);
6032
6033 return -EINVAL;
6034}
6035
6036int activation_details_append_env(ActivationDetails *details, char ***strv) {
6037 int r = 0;
6038
6039 assert(strv);
6040
6041 if (!details)
6042 return 0;
6043
6044 if (!isempty(details->trigger_unit_name)) {
6045 char *s = strjoin("TRIGGER_UNIT=", details->trigger_unit_name);
6046 if (!s)
6047 return -ENOMEM;
6048
6049 r = strv_consume(strv, TAKE_PTR(s));
6050 if (r < 0)
6051 return r;
6052 }
6053
6054 if (ACTIVATION_DETAILS_VTABLE(details)->append_env) {
6055 r = ACTIVATION_DETAILS_VTABLE(details)->append_env(details, strv);
6056 if (r < 0)
6057 return r;
6058 }
6059
6060 return r + !isempty(details->trigger_unit_name); /* Return the number of variables added to the env block */
6061}
6062
6063int activation_details_append_pair(ActivationDetails *details, char ***strv) {
6064 int r = 0;
6065
6066 assert(strv);
6067
6068 if (!details)
6069 return 0;
6070
6071 if (!isempty(details->trigger_unit_name)) {
6072 r = strv_extend(strv, "trigger_unit");
6073 if (r < 0)
6074 return r;
6075
6076 r = strv_extend(strv, details->trigger_unit_name);
6077 if (r < 0)
6078 return r;
6079 }
6080
6081 if (ACTIVATION_DETAILS_VTABLE(details)->append_env) {
6082 r = ACTIVATION_DETAILS_VTABLE(details)->append_pair(details, strv);
6083 if (r < 0)
6084 return r;
6085 }
6086
6087 return r + !isempty(details->trigger_unit_name); /* Return the number of pairs added to the strv */
6088}
6089
6090DEFINE_TRIVIAL_REF_UNREF_FUNC(ActivationDetails, activation_details, activation_details_free);
Unnamed repository; edit this file 'description' to name the repository.