]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/unit.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
mkosi: Install less in the mkosi Fedora image
[thirdparty/systemd.git] / src / core / unit.c
CommitLineData
db9ecf05 1/* SPDX-License-Identifier: LGPL-2.1-or-later */
a7334b09 2
87f0e418 3#include <errno.h>
0301abf4 4#include <stdlib.h>
4c253ed1 5#include <sys/prctl.h>
4f5dd394 6#include <unistd.h>
87f0e418 7
718db961
LP		 8#include "sd-id128.h"
9#include "sd-messages.h"
4f5dd394 10
57b7a260 11#include "all-units.h"
d68c645b 12#include "alloc-util.h"
fab34748 13#include "bpf-firewall.h"
5f8ba20d 14#include "bpf-foreign.h"
cd09a5f3 15#include "bpf-socket-bind.h"
4f5dd394
LP		 16#include "bus-common-errors.h"
17#include "bus-util.h"
fdb3deca 18#include "cgroup-setup.h"
c6c18be3 19#include "cgroup-util.h"
f4351959 20#include "chase-symlinks.h"
e30bbc90 21#include "core-varlink.h"
4f5dd394
LP		 22#include "dbus-unit.h"
23#include "dbus.h"
24#include "dropin.h"
25#include "escape.h"
26#include "execute.h"
6a48d82f 27#include "fd-util.h"
a5c32cff 28#include "fileio-label.h"
ee228be1 29#include "fileio.h"
f97b34a6 30#include "format-util.h"
4b58153d 31#include "id128-util.h"
5cfa33e0 32#include "install.h"
2d3b784d 33#include "io-util.h"
a3f5fd96 34#include "label.h"
4f5dd394
LP		 35#include "load-dropin.h"
36#include "load-fragment.h"
37#include "log.h"
38#include "macro.h"
f5947a5e 39#include "missing_audit.h"
4f5dd394
LP		 40#include "mkdir.h"
41#include "path-util.h"
0b452006 42#include "process-util.h"
810ef318 43#include "rm-rf.h"
4f5dd394 44#include "set.h"
6eb7c172 45#include "signal-util.h"
d3070fbd 46#include "sparse-endian.h"
e9db43d5 47#include "special.h"
2e59b241 48#include "specifier.h"
8fcde012 49#include "stat-util.h"
d054f0a4 50#include "stdio-util.h"
5afe510c 51#include "string-table.h"
07630cea 52#include "string-util.h"
4f5dd394 53#include "strv.h"
5b262f74 54#include "terminal-util.h"
e4de7287 55#include "tmpfile-util.h"
4f4afc88 56#include "umask-util.h"
4f5dd394 57#include "unit-name.h"
e9db43d5 58#include "unit.h"
b1d4f8e1
LP		 59#include "user-util.h"
60#include "virt.h"
91ce91c7
JK		 61#if BPF_FRAMEWORK
62#include "bpf-link.h"
63#endif
87f0e418 64
37109b85
ZJS		 65/* Thresholds for logging at INFO level about resource consumption */
66#define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
67#define MENTIONWORTHY_IO_BYTES (1024 * 1024ULL)
68#define MENTIONWORTHY_IP_BYTES (0ULL)
69
70/* Thresholds for logging at INFO level about resource consumption */
71#define NOTICEWORTHY_CPU_NSEC (10*60 * NSEC_PER_SEC) /* 10 minutes */
72#define NOTICEWORTHY_IO_BYTES (10 * 1024 * 1024ULL) /* 10 MB */
73#define NOTICEWORTHY_IP_BYTES (128 * 1024 * 1024ULL) /* 128 MB */
74
87f0e418
LP		 75const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
76 [UNIT_SERVICE] = &service_vtable,
87f0e418
LP		 77 [UNIT_SOCKET] = &socket_vtable,
78 [UNIT_TARGET] = &target_vtable,
79 [UNIT_DEVICE] = &device_vtable,
80 [UNIT_MOUNT] = &mount_vtable,
81 [UNIT_AUTOMOUNT] = &automount_vtable,
01f78473 82 [UNIT_SWAP] = &swap_vtable,
e821075a 83 [UNIT_TIMER] = &timer_vtable,
a016b922 84 [UNIT_PATH] = &path_vtable,
6c12b52e 85 [UNIT_SLICE] = &slice_vtable,
5afe510c 86 [UNIT_SCOPE] = &scope_vtable,
87f0e418
LP		 87};
88
75db809a 89Unit* unit_new(Manager *m, size_t size) {
87f0e418
LP		 90 Unit *u;
91
92 assert(m);
ac155bb8 93 assert(size >= sizeof(Unit));
87f0e418 94
7d17cfbc
MS		 95 u = malloc0(size);
96 if (!u)
87f0e418
LP		 97 return NULL;
98
ac155bb8
MS		 99 u->manager = m;
100 u->type = _UNIT_TYPE_INVALID;
ac155bb8
MS		 101 u->default_dependencies = true;
102 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
d2dc52db 103 u->unit_file_preset = -1;
d420282b 104 u->on_failure_job_mode = JOB_REPLACE;
294446dc 105 u->on_success_job_mode = JOB_FAIL;
0bb814c2 106 u->cgroup_control_inotify_wd = -1;
afcfaa69 107 u->cgroup_memory_inotify_wd = -1;
36c16a7c 108 u->job_timeout = USEC_INFINITY;
a2df3ea4 109 u->job_running_timeout = USEC_INFINITY;
00d9ef85
LP		 110 u->ref_uid = UID_INVALID;
111 u->ref_gid = GID_INVALID;
fe700f46 112 u->cpu_usage_last = NSEC_INFINITY;
17f14955 113 u->cgroup_invalidated_mask |= CGROUP_MASK_BPF_FIREWALL;
7af67e9a 114 u->failure_action_exit_status = u->success_action_exit_status = -1;
87f0e418 115
6a48d82f
DM		 116 u->ip_accounting_ingress_map_fd = -1;
117 u->ip_accounting_egress_map_fd = -1;
0fd9c28c
LP		 118 for (CGroupIOAccountingMetric i = 0; i < _CGROUP_IO_ACCOUNTING_METRIC_MAX; i++)
119 u->io_accounting_last[i] = UINT64_MAX;
120
6a48d82f
DM		 121 u->ipv4_allow_map_fd = -1;
122 u->ipv6_allow_map_fd = -1;
123 u->ipv4_deny_map_fd = -1;
124 u->ipv6_deny_map_fd = -1;
125
2e59b241
LP		 126 u->last_section_private = -1;
127
7bf081a1 128 u->start_ratelimit = (RateLimit) { m->default_start_limit_interval, m->default_start_limit_burst };
0bc488c9 129 u->auto_start_stop_ratelimit = (RateLimit) { 10 * USEC_PER_SEC, 16 };
bea355da 130
87f0e418
LP		 131 return u;
132}
133
a581e45a 134int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
dc409696 135 _cleanup_(unit_freep) Unit *u = NULL;
a581e45a
LP		 136 int r;
137
138 u = unit_new(m, size);
139 if (!u)
140 return -ENOMEM;
141
142 r = unit_add_name(u, name);
dc409696 143 if (r < 0)
a581e45a 144 return r;
a581e45a 145
1cc6c93a
YW		 146 *ret = TAKE_PTR(u);
147
a581e45a
LP		 148 return r;
149}
150
303ee601 151bool unit_has_name(const Unit *u, const char *name) {
f278026d
LP		 152 assert(u);
153 assert(name);
154
4562c355
ZJS		 155 return streq_ptr(name, u->id) ||
156 set_contains(u->aliases, name);
f278026d
LP		 157}
158
598459ce
LP		 159static void unit_init(Unit *u) {
160 CGroupContext *cc;
161 ExecContext *ec;
162 KillContext *kc;
163
164 assert(u);
165 assert(u->manager);
166 assert(u->type >= 0);
167
168 cc = unit_get_cgroup_context(u);
169 if (cc) {
170 cgroup_context_init(cc);
171
172 /* Copy in the manager defaults into the cgroup
173 * context, _before_ the rest of the settings have
174 * been initialized */
175
176 cc->cpu_accounting = u->manager->default_cpu_accounting;
13c31542 177 cc->io_accounting = u->manager->default_io_accounting;
598459ce
LP		 178 cc->blockio_accounting = u->manager->default_blockio_accounting;
179 cc->memory_accounting = u->manager->default_memory_accounting;
03a7b521 180 cc->tasks_accounting = u->manager->default_tasks_accounting;
6a48d82f 181 cc->ip_accounting = u->manager->default_ip_accounting;
0af20ea2
LP		 182
183 if (u->type != UNIT_SLICE)
184 cc->tasks_max = u->manager->default_tasks_max;
598459ce
LP		 185 }
186
187 ec = unit_get_exec_context(u);
b1edf445 188 if (ec) {
598459ce
LP		 189 exec_context_init(ec);
190
d4a402e4
LP		 191 if (u->manager->default_oom_score_adjust_set) {
192 ec->oom_score_adjust = u->manager->default_oom_score_adjust;
193 ec->oom_score_adjust_set = true;
194 }
195
5e37d193
FB		 196 if (MANAGER_IS_SYSTEM(u->manager))
197 ec->keyring_mode = EXEC_KEYRING_SHARED;
198 else {
199 ec->keyring_mode = EXEC_KEYRING_INHERIT;
200
201 /* User manager might have its umask redefined by PAM or UMask=. In this
202 * case let the units it manages inherit this value by default. They can
203 * still tune this value through their own unit file */
204 (void) get_process_umask(getpid_cached(), &ec->umask);
205 }
b1edf445
LP		 206 }
207
598459ce
LP		 208 kc = unit_get_kill_context(u);
209 if (kc)
210 kill_context_init(kc);
211
212 if (UNIT_VTABLE(u)->init)
213 UNIT_VTABLE(u)->init(u);
214}
215
4562c355
ZJS		 216static int unit_add_alias(Unit *u, char *donated_name) {
217 int r;
218
219 /* Make sure that u->names is allocated. We may leave u->names
220 * empty if we fail later, but this is not a problem. */
973bc32a 221 r = set_ensure_put(&u->aliases, &string_hash_ops, donated_name);
4562c355
ZJS		 222 if (r < 0)
223 return r;
224 assert(r > 0);
225
226 return 0;
227}
228
87f0e418 229int unit_add_name(Unit *u, const char *text) {
4562c355 230 _cleanup_free_ char *name = NULL, *instance = NULL;
87f0e418 231 UnitType t;
87f0e418
LP		 232 int r;
233
234 assert(u);
235 assert(text);
236
7410616c 237 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
ac155bb8 238 if (!u->instance)
acd1987a
WY		 239 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
240 "instance is not set when adding name '%s': %m", text);
87f0e418 241
4562c355 242 r = unit_name_replace_instance(text, u->instance, &name);
7410616c 243 if (r < 0)
acd1987a
WY		 244 return log_unit_debug_errno(u, r,
245 "failed to build instance name from '%s': %m", text);
7410616c 246 } else {
4562c355
ZJS		 247 name = strdup(text);
248 if (!name)
7410616c
LP		 249 return -ENOMEM;
250 }
87f0e418 251
4562c355 252 if (unit_has_name(u, name))
7410616c 253 return 0;
4562c355
ZJS		 254
255 if (hashmap_contains(u->manager->units, name))
acd1987a 256 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
4562c355 257 "unit already exist when adding name '%s': %m", name);
7410616c 258
4562c355 259 if (!unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
acd1987a 260 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
4562c355 261 "name '%s' is invalid: %m", name);
e537352b 262
4562c355 263 t = unit_name_to_type(name);
7410616c 264 if (t < 0)
acd1987a 265 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
cd990847 266 "failed to derive unit type from name '%s': %m", name);
87f0e418 267
598459ce 268 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
acd1987a
WY		 269 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
270 "unit type is illegal: u->type(%d) and t(%d) for name '%s': %m",
4562c355 271 u->type, t, name);
87f0e418 272
4562c355 273 r = unit_name_to_instance(name, &instance);
e48614c4 274 if (r < 0)
4562c355 275 return log_unit_debug_errno(u, r, "failed to extract instance from name '%s': %m", name);
87f0e418 276
4562c355
ZJS		 277 if (instance && !unit_type_may_template(t))
278 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), "templates are not allowed for name '%s': %m", name);
9e2f7c11 279
d383acad
ZJS		 280 /* Ensure that this unit either has no instance, or that the instance matches. */
281 if (u->type != _UNIT_TYPE_INVALID && !streq_ptr(u->instance, instance))
acd1987a 282 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
ada4b34e
ZJS		 283 "cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
284 name, instance, u->instance);
9e2f7c11 285
4562c355 286 if (u->id && !unit_type_may_alias(t))
ada4b34e
ZJS		 287 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
288 "cannot add name %s, aliases are not allowed for %s units.",
289 name, unit_type_to_string(t));
9e2f7c11 290
598459ce 291 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
ada4b34e 292 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(E2BIG), "cannot add name, manager has too many units: %m");
4f0f902f 293
4562c355
ZJS		 294 /* Add name to the global hashmap first, because that's easier to undo */
295 r = hashmap_put(u->manager->units, name, u);
7410616c 296 if (r < 0)
acd1987a 297 return log_unit_debug_errno(u, r, "add unit to hashmap failed for name '%s': %m", text);
87f0e418 298
4562c355
ZJS		 299 if (u->id) {
300 r = unit_add_alias(u, name); /* unit_add_alias() takes ownership of the name on success */
301 if (r < 0) {
302 hashmap_remove(u->manager->units, name);
303 return r;
304 }
305 TAKE_PTR(name);
306
307 } else {
308 /* A new name, we don't need the set yet. */
309 assert(u->type == _UNIT_TYPE_INVALID);
310 assert(!u->instance);
311
ac155bb8 312 u->type = t;
4562c355
ZJS		 313 u->id = TAKE_PTR(name);
314 u->instance = TAKE_PTR(instance);
9e2f7c11 315
71fda00f 316 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
598459ce 317 unit_init(u);
598459ce 318 }
9e2f7c11 319
598459ce
LP		 320 unit_add_to_dbus_queue(u);
321 return 0;
87f0e418
LP		 322}
323
0ae97ec1 324int unit_choose_id(Unit *u, const char *name) {
68eda4bd 325 _cleanup_free_ char *t = NULL;
4562c355 326 char *s;
276c3e78 327 int r;
0ae97ec1
LP		 328
329 assert(u);
330 assert(name);
331
7410616c 332 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 333 if (!u->instance)
9e2f7c11
LP		 334 return -EINVAL;
335
7410616c
LP		 336 r = unit_name_replace_instance(name, u->instance, &t);
337 if (r < 0)
338 return r;
9e2f7c11
LP		 339
340 name = t;
341 }
342
4562c355
ZJS		 343 if (streq_ptr(u->id, name))
344 return 0; /* Nothing to do. */
345
346 /* Selects one of the aliases of this unit as the id */
347 s = set_get(u->aliases, (char*) name);
9e2f7c11 348 if (!s)
0ae97ec1
LP		 349 return -ENOENT;
350
4562c355
ZJS		 351 if (u->id) {
352 r = set_remove_and_put(u->aliases, name, u->id);
353 if (r < 0)
354 return r;
355 } else
356 assert_se(set_remove(u->aliases, name)); /* see set_get() above… */
276c3e78 357
4562c355 358 u->id = s; /* Old u->id is now stored in the set, and s is not stored anywhere */
c1e1601e 359 unit_add_to_dbus_queue(u);
9e2f7c11 360
0ae97ec1
LP		 361 return 0;
362}
363
f50e0a01 364int unit_set_description(Unit *u, const char *description) {
84b26d51 365 int r;
f50e0a01
LP		 366
367 assert(u);
368
84b26d51
LP		 369 r = free_and_strdup(&u->description, empty_to_null(description));
370 if (r < 0)
371 return r;
372 if (r > 0)
373 unit_add_to_dbus_queue(u);
c1e1601e 374
f50e0a01
LP		 375 return 0;
376}
377
f2f725e5 378bool unit_may_gc(Unit *u) {
a354329f 379 UnitActiveState state;
e98b2fbb 380 int r;
5afe510c 381
701cc384
LP		 382 assert(u);
383
f2f725e5
ZJS		 384 /* Checks whether the unit is ready to be unloaded for garbage collection.
385 * Returns true when the unit may be collected, and false if there's some
2641f02e
ZJS		 386 * reason to keep it loaded.
387 *
388 * References from other units are *not* checked here. Instead, this is done
389 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
390 */
5afe510c 391
a354329f 392 if (u->job)
f2f725e5 393 return false;
701cc384 394
a354329f 395 if (u->nop_job)
f2f725e5 396 return false;
6c073082 397
a354329f
LP		 398 state = unit_active_state(u);
399
7eb2a8a1 400 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
a354329f
LP		 401 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
402 UNIT_VTABLE(u)->release_resources)
7eb2a8a1 403 UNIT_VTABLE(u)->release_resources(u);
a354329f 404
f5869324 405 if (u->perpetual)
f2f725e5 406 return false;
9d576438 407
05a98afd 408 if (sd_bus_track_count(u->bus_track) > 0)
f2f725e5 409 return false;
05a98afd 410
5afe510c
LP		 411 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
412 switch (u->collect_mode) {
413
414 case COLLECT_INACTIVE:
415 if (state != UNIT_INACTIVE)
f2f725e5 416 return false;
5afe510c
LP		 417
418 break;
419
420 case COLLECT_INACTIVE_OR_FAILED:
421 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
f2f725e5 422 return false;
5afe510c
LP		 423
424 break;
425
426 default:
04499a70 427 assert_not_reached();
5afe510c
LP		 428 }
429
e98b2fbb
LP		 430 if (u->cgroup_path) {
431 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
432 * around. Units with active processes should never be collected. */
433
434 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
435 if (r < 0)
6178e2f8 436 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", empty_to_root(u->cgroup_path));
e98b2fbb 437 if (r <= 0)
f2f725e5 438 return false;
e98b2fbb
LP		 439 }
440
f2f725e5
ZJS		 441 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
442 return false;
701cc384 443
f2f725e5 444 return true;
701cc384
LP		 445}
446
87f0e418
LP		 447void unit_add_to_load_queue(Unit *u) {
448 assert(u);
ac155bb8 449 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 450
ac155bb8 451 if (u->load_state != UNIT_STUB || u->in_load_queue)
87f0e418
LP		 452 return;
453
71fda00f 454 LIST_PREPEND(load_queue, u->manager->load_queue, u);
ac155bb8 455 u->in_load_queue = true;
87f0e418
LP		 456}
457
23a177ef
LP		 458void unit_add_to_cleanup_queue(Unit *u) {
459 assert(u);
460
ac155bb8 461 if (u->in_cleanup_queue)
23a177ef
LP		 462 return;
463
71fda00f 464 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
ac155bb8 465 u->in_cleanup_queue = true;
23a177ef
LP		 466}
467
701cc384
LP		 468void unit_add_to_gc_queue(Unit *u) {
469 assert(u);
470
ac155bb8 471 if (u->in_gc_queue || u->in_cleanup_queue)
701cc384
LP		 472 return;
473
f2f725e5 474 if (!unit_may_gc(u))
701cc384
LP		 475 return;
476
c5a97ed1 477 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
ac155bb8 478 u->in_gc_queue = true;
701cc384
LP		 479}
480
c1e1601e
LP		 481void unit_add_to_dbus_queue(Unit *u) {
482 assert(u);
ac155bb8 483 assert(u->type != _UNIT_TYPE_INVALID);
c1e1601e 484
ac155bb8 485 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
c1e1601e
LP		 486 return;
487
a567261a 488 /* Shortcut things if nobody cares */
8f8f05a9 489 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
ae572acd 490 sd_bus_track_count(u->bus_track) <= 0 &&
8f8f05a9 491 set_isempty(u->manager->private_buses)) {
ac155bb8 492 u->sent_dbus_new_signal = true;
94b6dfa2
LP		 493 return;
494 }
495
71fda00f 496 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
ac155bb8 497 u->in_dbus_queue = true;
c1e1601e
LP		 498}
499
fda09318 500void unit_submit_to_stop_when_unneeded_queue(Unit *u) {
a3c1168a
LP		 501 assert(u);
502
503 if (u->in_stop_when_unneeded_queue)
504 return;
505
506 if (!u->stop_when_unneeded)
507 return;
508
509 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
510 return;
511
512 LIST_PREPEND(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
513 u->in_stop_when_unneeded_queue = true;
514}
515
0bc488c9
LP		 516void unit_submit_to_start_when_upheld_queue(Unit *u) {
517 assert(u);
518
519 if (u->in_start_when_upheld_queue)
520 return;
521
522 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)))
523 return;
524
525 if (!unit_has_dependency(u, UNIT_ATOM_START_STEADILY, NULL))
526 return;
527
528 LIST_PREPEND(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
529 u->in_start_when_upheld_queue = true;
530}
531
56c59592
LP		 532void unit_submit_to_stop_when_bound_queue(Unit *u) {
533 assert(u);
534
535 if (u->in_stop_when_bound_queue)
536 return;
537
538 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
539 return;
540
541 if (!unit_has_dependency(u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT, NULL))
542 return;
543
544 LIST_PREPEND(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
545 u->in_stop_when_bound_queue = true;
546}
547
15ed3c3a 548static void unit_clear_dependencies(Unit *u) {
87f0e418
LP		 549 assert(u);
550
15ed3c3a
LP		 551 /* Removes all dependencies configured on u and their reverse dependencies. */
552
553 for (Hashmap *deps; (deps = hashmap_steal_first(u->dependencies));) {
87f0e418 554
15ed3c3a
LP		 555 for (Unit *other; (other = hashmap_steal_first_key(deps));) {
556 Hashmap *other_deps;
701cc384 557
15ed3c3a
LP		 558 HASHMAP_FOREACH(other_deps, other->dependencies)
559 hashmap_remove(other_deps, u);
560
561 unit_add_to_gc_queue(other);
562 }
563
564 hashmap_free(deps);
87f0e418
LP		 565 }
566
15ed3c3a 567 u->dependencies = hashmap_free(u->dependencies);
87f0e418
LP		 568}
569
c2756a68
LP		 570static void unit_remove_transient(Unit *u) {
571 char **i;
572
573 assert(u);
574
575 if (!u->transient)
576 return;
577
578 if (u->fragment_path)
3f5e8115 579 (void) unlink(u->fragment_path);
c2756a68
LP		 580
581 STRV_FOREACH(i, u->dropin_paths) {
39591351 582 _cleanup_free_ char *p = NULL, *pp = NULL;
c2756a68 583
39591351
LP		 584 p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
585 if (!p)
586 continue;
587
588 pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
589 if (!pp)
590 continue;
591
592 /* Only drop transient drop-ins */
593 if (!path_equal(u->manager->lookup_paths.transient, pp))
594 continue;
c2756a68 595
39591351
LP		 596 (void) unlink(*i);
597 (void) rmdir(p);
c2756a68
LP		 598 }
599}
600
a57f7e2c 601static void unit_free_requires_mounts_for(Unit *u) {
eef85c4a 602 assert(u);
a57f7e2c 603
eef85c4a 604 for (;;) {
c2b2df60 605 _cleanup_free_ char *path = NULL;
a57f7e2c 606
eef85c4a
LP		 607 path = hashmap_steal_first_key(u->requires_mounts_for);
608 if (!path)
609 break;
610 else {
611 char s[strlen(path) + 1];
a57f7e2c 612
eef85c4a
LP		 613 PATH_FOREACH_PREFIX_MORE(s, path) {
614 char *y;
615 Set *x;
616
617 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
618 if (!x)
619 continue;
a57f7e2c 620
eef85c4a 621 (void) set_remove(x, u);
a57f7e2c 622
eef85c4a
LP		 623 if (set_isempty(x)) {
624 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
625 free(y);
626 set_free(x);
627 }
a57f7e2c
LP		 628 }
629 }
630 }
631
eef85c4a 632 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
a57f7e2c
LP		 633}
634
598459ce
LP		 635static void unit_done(Unit *u) {
636 ExecContext *ec;
637 CGroupContext *cc;
638
639 assert(u);
640
641 if (u->type < 0)
642 return;
643
644 if (UNIT_VTABLE(u)->done)
645 UNIT_VTABLE(u)->done(u);
646
647 ec = unit_get_exec_context(u);
648 if (ec)
649 exec_context_done(ec);
650
651 cc = unit_get_cgroup_context(u);
652 if (cc)
653 cgroup_context_done(cc);
654}
655
75db809a 656Unit* unit_free(Unit *u) {
12f64221 657 Unit *slice;
87f0e418
LP		 658 char *t;
659
c9d5c9c0 660 if (!u)
75db809a 661 return NULL;
87f0e418 662
50fb00b7 663 u->transient_file = safe_fclose(u->transient_file);
4f4afc88 664
2c289ea8 665 if (!MANAGER_IS_RELOADING(u->manager))
c2756a68
LP		 666 unit_remove_transient(u);
667
c1e1601e
LP		 668 bus_unit_send_removed_signal(u);
669
598459ce 670 unit_done(u);
a013b84b 671
50be4f4a 672 unit_dequeue_rewatch_pids(u);
cf9fd508 673
50be4f4a 674 sd_bus_slot_unref(u->match_bus_slot);
05a98afd
LP		 675 sd_bus_track_unref(u->bus_track);
676 u->deserialized_refs = strv_free(u->deserialized_refs);
d9e45bc3 677 u->pending_freezer_message = sd_bus_message_unref(u->pending_freezer_message);
05a98afd 678
a57f7e2c
LP		 679 unit_free_requires_mounts_for(u);
680
90e74a66 681 SET_FOREACH(t, u->aliases)
ac155bb8 682 hashmap_remove_value(u->manager->units, t, u);
4562c355
ZJS		 683 if (u->id)
684 hashmap_remove_value(u->manager->units, u->id, u);
87f0e418 685
4b58153d
LP		 686 if (!sd_id128_is_null(u->invocation_id))
687 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
688
97e7d748
MS		 689 if (u->job) {
690 Job *j = u->job;
691 job_uninstall(j);
692 job_free(j);
693 }
964e0949 694
e0209d83
MS		 695 if (u->nop_job) {
696 Job *j = u->nop_job;
697 job_uninstall(j);
698 job_free(j);
699 }
700
4c591f39
MK		 701 /* A unit is being dropped from the tree, make sure our family is realized properly. Do this after we
702 * detach the unit from slice tree in order to eliminate its effect on controller masks. */
12f64221 703 slice = UNIT_GET_SLICE(u);
d219a2b0 704 unit_clear_dependencies(u);
12f64221
LP		 705 if (slice)
706 unit_add_family_to_cgroup_realize_queue(slice);
fb46fca7 707
adefcf28
LP		 708 if (u->on_console)
709 manager_unref_console(u->manager);
710
3d027d4d
JK		 711
712 fdset_free(u->initial_socket_bind_link_fds);
91ce91c7
JK		 713#if BPF_FRAMEWORK
714 bpf_link_free(u->ipv4_socket_bind_link);
715 bpf_link_free(u->ipv6_socket_bind_link);
716#endif
717
efdb0237 718 unit_release_cgroup(u);
72673e86 719
d3070fbd
LP		 720 if (!MANAGER_IS_RELOADING(u->manager))
721 unit_unlink_state_files(u);
722
00d9ef85
LP		 723 unit_unref_uid_gid(u, false);
724
5269eb6b 725 (void) manager_update_failed_units(u->manager, u, false);
db785129 726 set_remove(u->manager->startup_units, u);
f755e3b7 727
a911bb9a
LP		 728 unit_unwatch_all_pids(u);
729
7f7d01ed
ZJS		 730 while (u->refs_by_target)
731 unit_ref_unset(u->refs_by_target);
57020a3a 732
ac155bb8 733 if (u->type != _UNIT_TYPE_INVALID)
71fda00f 734 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
ef734fd6 735
ac155bb8 736 if (u->in_load_queue)
71fda00f 737 LIST_REMOVE(load_queue, u->manager->load_queue, u);
87f0e418 738
ac155bb8 739 if (u->in_dbus_queue)
71fda00f 740 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
c1e1601e 741
13e72103
MK		 742 if (u->in_cleanup_queue)
743 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
744
a2d72e26 745 if (u->in_gc_queue)
c5a97ed1 746 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
701cc384 747
91a6073e
LP		 748 if (u->in_cgroup_realize_queue)
749 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
87f0e418 750
09e24654
LP		 751 if (u->in_cgroup_empty_queue)
752 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
753
13e72103
MK		 754 if (u->in_cgroup_oom_queue)
755 LIST_REMOVE(cgroup_oom_queue, u->manager->cgroup_oom_queue, u);
adefcf28 756
19496554
MS		 757 if (u->in_target_deps_queue)
758 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
759
a3c1168a
LP		 760 if (u->in_stop_when_unneeded_queue)
761 LIST_REMOVE(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
762
0bc488c9
LP		 763 if (u->in_start_when_upheld_queue)
764 LIST_REMOVE(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
765
56c59592
LP		 766 if (u->in_stop_when_bound_queue)
767 LIST_REMOVE(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
768
0fd9c28c 769 bpf_firewall_close(u);
fab34748 770
5f8ba20d
JK		 771 hashmap_free(u->bpf_foreign_by_key);
772
76dc1725 773 bpf_program_free(u->bpf_device_control_installed);
084c7007 774
6f50d4f7
MV		 775#if BPF_FRAMEWORK
776 bpf_link_free(u->restrict_ifaces_ingress_bpf_link);
777 bpf_link_free(u->restrict_ifaces_egress_bpf_link);
778#endif
779 fdset_free(u->initial_restric_ifaces_link_fds);
780
a946fa9b
ZJS		 781 condition_free_list(u->conditions);
782 condition_free_list(u->asserts);
f755e3b7 783
ac155bb8 784 free(u->description);
49dbfa7b 785 strv_free(u->documentation);
ac155bb8 786 free(u->fragment_path);
1b64d026 787 free(u->source_path);
ae7a7182 788 strv_free(u->dropin_paths);
ac155bb8 789 free(u->instance);
87f0e418 790
f189ab18 791 free(u->job_timeout_reboot_arg);
6bf0f408
LP		 792 free(u->reboot_arg);
793
4562c355
ZJS		 794 set_free_free(u->aliases);
795 free(u->id);
796
75db809a 797 return mfree(u);
87f0e418
LP		 798}
799
d9e45bc3
MS		 800FreezerState unit_freezer_state(Unit *u) {
801 assert(u);
802
803 return u->freezer_state;
804}
805
806int unit_freezer_state_kernel(Unit *u, FreezerState *ret) {
807 char *values[1] = {};
808 int r;
809
810 assert(u);
811
812 r = cg_get_keyed_attribute(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, "cgroup.events",
813 STRV_MAKE("frozen"), values);
814 if (r < 0)
815 return r;
816
817 r = _FREEZER_STATE_INVALID;
818
819 if (values[0]) {
820 if (streq(values[0], "0"))
821 r = FREEZER_RUNNING;
822 else if (streq(values[0], "1"))
823 r = FREEZER_FROZEN;
824 }
825
826 free(values[0]);
827 *ret = r;
828
829 return 0;
830}
831
87f0e418
LP		 832UnitActiveState unit_active_state(Unit *u) {
833 assert(u);
834
ac155bb8 835 if (u->load_state == UNIT_MERGED)
6124958c
LP		 836 return unit_active_state(unit_follow_merge(u));
837
838 /* After a reload it might happen that a unit is not correctly
839 * loaded but still has a process around. That's why we won't
fdf20a31 840 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
87f0e418
LP		 841
842 return UNIT_VTABLE(u)->active_state(u);
843}
844
10a94420
LP		 845const char* unit_sub_state_to_string(Unit *u) {
846 assert(u);
847
848 return UNIT_VTABLE(u)->sub_state_to_string(u);
849}
850
15ed3c3a 851static int unit_merge_names(Unit *u, Unit *other) {
4562c355 852 char *name;
7c0b05e5 853 int r;
87f0e418 854
23a177ef
LP		 855 assert(u);
856 assert(other);
857
4562c355 858 r = unit_add_alias(u, other->id);
7c0b05e5
MS		 859 if (r < 0)
860 return r;
23a177ef 861
4562c355
ZJS		 862 r = set_move(u->aliases, other->aliases);
863 if (r < 0) {
864 set_remove(u->aliases, other->id);
865 return r;
866 }
23a177ef 867
4562c355
ZJS		 868 TAKE_PTR(other->id);
869 other->aliases = set_free_free(other->aliases);
23a177ef 870
90e74a66 871 SET_FOREACH(name, u->aliases)
4562c355 872 assert_se(hashmap_replace(u->manager->units, name, u) == 0);
7c0b05e5
MS		 873
874 return 0;
87f0e418
LP		 875}
876
15ed3c3a
LP		 877static int unit_reserve_dependencies(Unit *u, Unit *other) {
878 size_t n_reserve;
879 Hashmap* deps;
880 void *d;
881 int r;
09a65f92
MS		 882
883 assert(u);
884 assert(other);
09a65f92 885
15ed3c3a
LP		 886 /* Let's reserve some space in the dependency hashmaps so that later on merging the units cannot
887 * fail.
888 *
889 * First make some room in the per dependency type hashmaps. Using the summed size of both unit's
890 * hashmaps is an estimate that is likely too high since they probably use some of the same
891 * types. But it's never too low, and that's all we need. */
892
893 n_reserve = MIN(hashmap_size(other->dependencies), LESS_BY((size_t) _UNIT_DEPENDENCY_MAX, hashmap_size(u->dependencies)));
894 if (n_reserve > 0) {
895 r = hashmap_ensure_allocated(&u->dependencies, NULL);
896 if (r < 0)
897 return r;
898
899 r = hashmap_reserve(u->dependencies, n_reserve);
900 if (r < 0)
901 return r;
902 }
903
904 /* Now, enlarge our per dependency type hashmaps by the number of entries in the same hashmap of the
905 * other unit's dependencies.
906 *
907 * NB: If u does not have a dependency set allocated for some dependency type, there is no need to
908 * reserve anything for. In that case other's set will be transferred as a whole to u by
909 * complete_move(). */
910
911 HASHMAP_FOREACH_KEY(deps, d, u->dependencies) {
912 Hashmap *other_deps;
913
914 other_deps = hashmap_get(other->dependencies, d);
915
916 r = hashmap_reserve(deps, hashmap_size(other_deps));
917 if (r < 0)
918 return r;
919 }
920
921 return 0;
922}
923
924static void unit_maybe_warn_about_dependency(
925 Unit *u,
926 const char *other_id,
927 UnitDependency dependency) {
928
929 assert(u);
930
931 /* Only warn about some unit types */
932 if (!IN_SET(dependency,
933 UNIT_CONFLICTS,
934 UNIT_CONFLICTED_BY,
935 UNIT_BEFORE,
936 UNIT_AFTER,
294446dc 937 UNIT_ON_SUCCESS,
15ed3c3a
LP		 938 UNIT_ON_FAILURE,
939 UNIT_TRIGGERS,
940 UNIT_TRIGGERED_BY))
941 return;
942
943 if (streq_ptr(u->id, other_id))
944 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
945 else
946 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other_id), u->id);
947}
948
949static int unit_per_dependency_type_hashmap_update(
950 Hashmap *per_type,
951 Unit *other,
952 UnitDependencyMask origin_mask,
953 UnitDependencyMask destination_mask) {
954
955 UnitDependencyInfo info;
956 int r;
957
958 assert(other);
959 assert_cc(sizeof(void*) == sizeof(info));
960
961 /* Acquire the UnitDependencyInfo entry for the Unit* we are interested in, and update it if it
962 * exists, or insert it anew if not. */
09a65f92 963
15ed3c3a
LP		 964 info.data = hashmap_get(per_type, other);
965 if (info.data) {
966 /* Entry already exists. Add in our mask. */
967
968 if (FLAGS_SET(origin_mask, info.origin_mask) &&
969 FLAGS_SET(destination_mask, info.destination_mask))
970 return 0; /* NOP */
971
972 info.origin_mask |= origin_mask;
973 info.destination_mask |= destination_mask;
974
975 r = hashmap_update(per_type, other, info.data);
976 } else {
977 info = (UnitDependencyInfo) {
978 .origin_mask = origin_mask,
979 .destination_mask = destination_mask,
980 };
09a65f92 981
15ed3c3a
LP		 982 r = hashmap_put(per_type, other, info.data);
983 }
984 if (r < 0)
985 return r;
986
987
988 return 1;
09a65f92
MS		 989}
990
15ed3c3a
LP		 991static int unit_add_dependency_hashmap(
992 Hashmap **dependencies,
993 UnitDependency d,
994 Unit *other,
995 UnitDependencyMask origin_mask,
996 UnitDependencyMask destination_mask) {
997
998 Hashmap *per_type;
87f0e418 999 int r;
23a177ef 1000
15ed3c3a
LP		 1001 assert(dependencies);
1002 assert(other);
1003 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
1004 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
1005 assert(origin_mask > 0 || destination_mask > 0);
1006
1007 /* Ensure the top-level dependency hashmap exists that maps UnitDependency → Hashmap(Unit* →
1008 * UnitDependencyInfo) */
1009 r = hashmap_ensure_allocated(dependencies, NULL);
1010 if (r < 0)
1011 return r;
1012
1013 /* Acquire the inner hashmap, that maps Unit* → UnitDependencyInfo, for the specified dependency
1014 * type, and if it's missing allocate it and insert it. */
1015 per_type = hashmap_get(*dependencies, UNIT_DEPENDENCY_TO_PTR(d));
1016 if (!per_type) {
1017 per_type = hashmap_new(NULL);
1018 if (!per_type)
1019 return -ENOMEM;
1020
1021 r = hashmap_put(*dependencies, UNIT_DEPENDENCY_TO_PTR(d), per_type);
1022 if (r < 0) {
1023 hashmap_free(per_type);
1024 return r;
1025 }
1026 }
1027
1028 return unit_per_dependency_type_hashmap_update(per_type, other, origin_mask, destination_mask);
1029}
1030
1031static void unit_merge_dependencies(
1032 Unit *u,
1033 Unit *other) {
1034
1035 int r;
eef85c4a 1036
23a177ef
LP		 1037 assert(u);
1038 assert(other);
23a177ef 1039
15ed3c3a
LP		 1040 if (u == other)
1041 return;
1042
1043 for (;;) {
1044 _cleanup_(hashmap_freep) Hashmap *other_deps = NULL;
1045 UnitDependencyInfo di_back;
1046 Unit *back;
1047 void *dt; /* Actually of type UnitDependency, except that we don't bother casting it here,
1048 * since the hashmaps all want it as void pointer. */
1049
1050 /* Let's focus on one dependency type at a time, that 'other' has defined. */
1051 other_deps = hashmap_steal_first_key_and_value(other->dependencies, &dt);
1052 if (!other_deps)
1053 break; /* done! */
1054
1055 /* Now iterate through all dependencies of this dependency type, of 'other'. We refer to the
1056 * referenced units as 'back'. */
1057 HASHMAP_FOREACH_KEY(di_back.data, back, other_deps) {
1058 Hashmap *back_deps;
1059 void *back_dt;
eef85c4a 1060
e66047ff 1061 if (back == u) {
15ed3c3a
LP		 1062 /* This is a dependency pointing back to the unit we want to merge with?
1063 * Suppress it (but warn) */
1064 unit_maybe_warn_about_dependency(u, other->id, UNIT_DEPENDENCY_FROM_PTR(dt));
1065 continue;
1066 }
eef85c4a 1067
15ed3c3a
LP		 1068 /* Now iterate through all deps of 'back', and fix the ones pointing to 'other' to
1069 * point to 'u' instead. */
1070 HASHMAP_FOREACH_KEY(back_deps, back_dt, back->dependencies) {
1071 UnitDependencyInfo di_move;
eef85c4a 1072
15ed3c3a
LP		 1073 di_move.data = hashmap_remove(back_deps, other);
1074 if (!di_move.data)
1075 continue;
eef85c4a 1076
15ed3c3a
LP		 1077 assert_se(unit_per_dependency_type_hashmap_update(
1078 back_deps,
1079 u,
1080 di_move.origin_mask,
1081 di_move.destination_mask) >= 0);
1082 }
1083 }
eef85c4a 1084
15ed3c3a
LP		 1085 /* Now all references towards 'other' of the current type 'dt' are corrected to point to
1086 * 'u'. Lets's now move the deps of type 'dt' from 'other' to 'u'. First, let's try to move
1087 * them per type wholesale. */
1088 r = hashmap_put(u->dependencies, dt, other_deps);
1089 if (r == -EEXIST) {
1090 Hashmap *deps;
eef85c4a 1091
15ed3c3a 1092 /* The target unit already has dependencies of this type, let's then merge this individually. */
eef85c4a 1093
15ed3c3a
LP		 1094 assert_se(deps = hashmap_get(u->dependencies, dt));
1095
1096 for (;;) {
1097 UnitDependencyInfo di_move;
1098
1099 /* Get first dep */
1100 di_move.data = hashmap_steal_first_key_and_value(other_deps, (void**) &back);
1101 if (!di_move.data)
1102 break; /* done */
1103 if (back == u) {
1104 /* Would point back to us, ignore */
1105 unit_maybe_warn_about_dependency(u, other->id, UNIT_DEPENDENCY_FROM_PTR(dt));
1106 continue;
1107 }
23a177ef 1108
15ed3c3a
LP		 1109 assert_se(unit_per_dependency_type_hashmap_update(deps, back, di_move.origin_mask, di_move.destination_mask) >= 0);
1110 }
1111 } else {
1112 assert_se(r >= 0);
1113 TAKE_PTR(other_deps);
e66047ff 1114
15ed3c3a
LP		 1115 if (hashmap_remove(other_deps, u))
1116 unit_maybe_warn_about_dependency(u, other->id, UNIT_DEPENDENCY_FROM_PTR(dt));
1117 }
1118 }
23a177ef 1119
15ed3c3a 1120 other->dependencies = hashmap_free(other->dependencies);
23a177ef
LP		 1121}
1122
1123int unit_merge(Unit *u, Unit *other) {
09a65f92 1124 int r;
87f0e418
LP		 1125
1126 assert(u);
1127 assert(other);
ac155bb8
MS		 1128 assert(u->manager == other->manager);
1129 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 1130
cc916967
LP		 1131 other = unit_follow_merge(other);
1132
23a177ef
LP		 1133 if (other == u)
1134 return 0;
1135
ac155bb8 1136 if (u->type != other->type)
9e2f7c11
LP		 1137 return -EINVAL;
1138
8a993b61 1139 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
934e749e
LP		 1140 return -EEXIST;
1141
ec2ce0c5 1142 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
23a177ef 1143 return -EEXIST;
87f0e418 1144
d383acad
ZJS		 1145 if (!streq_ptr(u->instance, other->instance))
1146 return -EINVAL;
1147
ac155bb8 1148 if (other->job)
819e213f
LP		 1149 return -EEXIST;
1150
e0209d83
MS		 1151 if (other->nop_job)
1152 return -EEXIST;
1153
fdf20a31 1154 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
819e213f
LP		 1155 return -EEXIST;
1156
15ed3c3a
LP		 1157 /* Make reservations to ensure merge_dependencies() won't fail. We don't rollback reservations if we
1158 * fail. We don't have a way to undo reservations. A reservation is not a leak. */
1159 r = unit_reserve_dependencies(u, other);
1160 if (r < 0)
1161 return r;
09a65f92 1162
87f0e418 1163 /* Merge names */
15ed3c3a 1164 r = unit_merge_names(u, other);
7c0b05e5
MS		 1165 if (r < 0)
1166 return r;
87f0e418 1167
57020a3a 1168 /* Redirect all references */
7f7d01ed
ZJS		 1169 while (other->refs_by_target)
1170 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
57020a3a 1171
87f0e418 1172 /* Merge dependencies */
15ed3c3a 1173 unit_merge_dependencies(u, other);
87f0e418 1174
ac155bb8
MS		 1175 other->load_state = UNIT_MERGED;
1176 other->merged_into = u;
23a177ef 1177
3616a49c
LP		 1178 /* If there is still some data attached to the other node, we
1179 * don't need it anymore, and can free it. */
ac155bb8 1180 if (other->load_state != UNIT_STUB)
3616a49c
LP		 1181 if (UNIT_VTABLE(other)->done)
1182 UNIT_VTABLE(other)->done(other);
1183
1184 unit_add_to_dbus_queue(u);
23a177ef
LP		 1185 unit_add_to_cleanup_queue(other);
1186
1187 return 0;
1188}
1189
1190int unit_merge_by_name(Unit *u, const char *name) {
934e749e 1191 _cleanup_free_ char *s = NULL;
23a177ef 1192 Unit *other;
9e2f7c11 1193 int r;
23a177ef 1194
e8630e69
ZJS		 1195 /* Either add name to u, or if a unit with name already exists, merge it with u.
1196 * If name is a template, do the same for name@instance, where instance is u's instance. */
1197
23a177ef
LP		 1198 assert(u);
1199 assert(name);
1200
7410616c 1201 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 1202 if (!u->instance)
9e2f7c11
LP		 1203 return -EINVAL;
1204
7410616c
LP		 1205 r = unit_name_replace_instance(name, u->instance, &s);
1206 if (r < 0)
1207 return r;
9e2f7c11
LP		 1208
1209 name = s;
1210 }
1211
c2756a68 1212 other = manager_get_unit(u->manager, name);
7410616c
LP		 1213 if (other)
1214 return unit_merge(u, other);
23a177ef 1215
7410616c 1216 return unit_add_name(u, name);
23a177ef
LP		 1217}
1218
1219Unit* unit_follow_merge(Unit *u) {
1220 assert(u);
1221
ac155bb8
MS		 1222 while (u->load_state == UNIT_MERGED)
1223 assert_se(u = u->merged_into);
23a177ef
LP		 1224
1225 return u;
1226}
1227
1228int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
1229 int r;
1230
1231 assert(u);
1232 assert(c);
1233
e1e74614 1234 if (c->working_directory && !c->working_directory_missing_ok) {
eef85c4a 1235 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
36be24c8
ZJS		 1236 if (r < 0)
1237 return r;
1238 }
1239
1240 if (c->root_directory) {
eef85c4a 1241 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
36be24c8
ZJS		 1242 if (r < 0)
1243 return r;
1244 }
1245
915e6d16 1246 if (c->root_image) {
eef85c4a 1247 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
915e6d16
LP		 1248 if (r < 0)
1249 return r;
1250 }
1251
12375b95 1252 for (ExecDirectoryType dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
ada5e276
YW		 1253 if (!u->manager->prefix[dt])
1254 continue;
1255
211a3d87 1256 for (size_t i = 0; i < c->directories[dt].n_items; i++) {
c2b2df60 1257 _cleanup_free_ char *p = NULL;
ada5e276 1258
211a3d87 1259 p = path_join(u->manager->prefix[dt], c->directories[dt].items[i].path);
ada5e276
YW		 1260 if (!p)
1261 return -ENOMEM;
1262
eef85c4a 1263 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
ada5e276
YW		 1264 if (r < 0)
1265 return r;
1266 }
1267 }
1268
463d0d15 1269 if (!MANAGER_IS_SYSTEM(u->manager))
b46a529c
LP		 1270 return 0;
1271
f3b7a79b
LP		 1272 /* For the following three directory types we need write access, and /var/ is possibly on the root
1273 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
211a3d87
LB		 1274 if (c->directories[EXEC_DIRECTORY_STATE].n_items > 0 ||
1275 c->directories[EXEC_DIRECTORY_CACHE].n_items > 0 ||
1276 c->directories[EXEC_DIRECTORY_LOGS].n_items > 0) {
f3b7a79b
LP		 1277 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_REMOUNT_FS_SERVICE, true, UNIT_DEPENDENCY_FILE);
1278 if (r < 0)
1279 return r;
1280 }
1281
b46a529c 1282 if (c->private_tmp) {
d71f0505 1283
b2c7d1bb
FB		 1284 /* FIXME: for now we make a special case for /tmp and add a weak dependency on
1285 * tmp.mount so /tmp being masked is supported. However there's no reason to treat
1286 * /tmp specifically and masking other mount units should be handled more
1287 * gracefully too, see PR#16894. */
1288 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "tmp.mount", true, UNIT_DEPENDENCY_FILE);
1289 if (r < 0)
1290 return r;
1291
1292 r = unit_require_mounts_for(u, "/var/tmp", UNIT_DEPENDENCY_FILE);
1293 if (r < 0)
1294 return r;
b46a529c 1295
35d8c19a 1296 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, true, UNIT_DEPENDENCY_FILE);
b46a529c
LP		 1297 if (r < 0)
1298 return r;
1299 }
1300
33b58dfb
LP		 1301 if (c->root_image) {
1302 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1303 * implicit dependency on udev */
1304
1305 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_UDEVD_SERVICE, true, UNIT_DEPENDENCY_FILE);
1306 if (r < 0)
1307 return r;
1308 }
1309
52c239d7
LB		 1310 if (!IN_SET(c->std_output,
1311 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
f3dc6af2 1312 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
52c239d7
LB		 1313 !IN_SET(c->std_error,
1314 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
f3dc6af2 1315 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
91dd5f7c 1316 !c->log_namespace)
23a177ef
LP		 1317 return 0;
1318
91dd5f7c
LP		 1319 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1320 * is run first. */
1321
1322 if (c->log_namespace) {
dc5437c7 1323 _cleanup_free_ char *socket_unit = NULL, *varlink_socket_unit = NULL;
23a177ef 1324
91dd5f7c
LP		 1325 r = unit_name_build_from_type("systemd-journald", c->log_namespace, UNIT_SOCKET, &socket_unit);
1326 if (r < 0)
1327 return r;
1328
1329 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, socket_unit, true, UNIT_DEPENDENCY_FILE);
1330 if (r < 0)
1331 return r;
dc5437c7
LP		 1332
1333 r = unit_name_build_from_type("systemd-journald-varlink", c->log_namespace, UNIT_SOCKET, &varlink_socket_unit);
1334 if (r < 0)
1335 return r;
1336
1337 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, varlink_socket_unit, true, UNIT_DEPENDENCY_FILE);
1338 if (r < 0)
1339 return r;
91dd5f7c
LP		 1340 } else
1341 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, true, UNIT_DEPENDENCY_FILE);
b46a529c
LP		 1342 if (r < 0)
1343 return r;
23a177ef 1344
87f0e418
LP		 1345 return 0;
1346}
1347
04d232d8 1348const char* unit_description(Unit *u) {
87f0e418
LP		 1349 assert(u);
1350
ac155bb8
MS		 1351 if (u->description)
1352 return u->description;
87f0e418 1353
ac155bb8 1354 return strna(u->id);
87f0e418
LP		 1355}
1356
e6a16a82 1357const char* unit_status_string(Unit *u, char **ret_combined_buffer) {
2a8f53c6 1358 assert(u);
04d232d8 1359 assert(u->id);
2a8f53c6 1360
04d232d8
ZJS		 1361 /* Return u->id, u->description, or "{u->id} - {u->description}".
1362 * Versions with u->description are only used if it is set.
e6a16a82
ZJS		 1363 * The last option is used if configured and the caller provided the 'ret_combined_buffer'
1364 * pointer.
1365 *
1366 * Note that *ret_combined_buffer may be set to NULL. */
04d232d8
ZJS		 1367
1368 if (!u->description ||
1369 u->manager->status_unit_format == STATUS_UNIT_FORMAT_NAME ||
e6a16a82
ZJS		 1370 (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && !ret_combined_buffer) ||
1371 streq(u->description, u->id)) {
1372
1373 if (ret_combined_buffer)
1374 *ret_combined_buffer = NULL;
2a8f53c6 1375 return u->id;
e6a16a82 1376 }
2a8f53c6 1377
e6a16a82
ZJS		 1378 if (ret_combined_buffer) {
1379 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED) {
1380 *ret_combined_buffer = strjoin(u->id, " - ", u->description);
1381 if (*ret_combined_buffer)
1382 return *ret_combined_buffer;
1383 log_oom(); /* Fall back to ->description */
04d232d8 1384 } else
e6a16a82 1385 *ret_combined_buffer = NULL;
04d232d8
ZJS		 1386 }
1387
1388 return u->description;
2a8f53c6
ZJS		 1389}
1390
87f0e418 1391/* Common implementation for multiple backends */
c3620770 1392int unit_load_fragment_and_dropin(Unit *u, bool fragment_required) {
23a177ef
LP		 1393 int r;
1394
1395 assert(u);
23a177ef 1396
e48614c4 1397 /* Load a .{service,socket,...} file */
4ad49000
LP		 1398 r = unit_load_fragment(u);
1399 if (r < 0)
23a177ef
LP		 1400 return r;
1401
c3620770
ZJS		 1402 if (u->load_state == UNIT_STUB) {
1403 if (fragment_required)
1404 return -ENOENT;
1405
1406 u->load_state = UNIT_LOADED;
1407 }
23a177ef 1408
9e4ea9cc
ZJS		 1409 /* Load drop-in directory data. If u is an alias, we might be reloading the
1410 * target unit needlessly. But we cannot be sure which drops-ins have already
1411 * been loaded and which not, at least without doing complicated book-keeping,
1412 * so let's always reread all drop-ins. */
c9e06956
ZJS		 1413 r = unit_load_dropin(unit_follow_merge(u));
1414 if (r < 0)
1415 return r;
1416
1417 if (u->source_path) {
1418 struct stat st;
1419
1420 if (stat(u->source_path, &st) >= 0)
1421 u->source_mtime = timespec_load(&st.st_mtim);
1422 else
1423 u->source_mtime = 0;
1424 }
1425
1426 return 0;
23a177ef
LP		 1427}
1428
19496554
MS		 1429void unit_add_to_target_deps_queue(Unit *u) {
1430 Manager *m = u->manager;
1431
1432 assert(u);
1433
1434 if (u->in_target_deps_queue)
1435 return;
1436
1437 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1438 u->in_target_deps_queue = true;
1439}
1440
bba34eed 1441int unit_add_default_target_dependency(Unit *u, Unit *target) {
98bc2000
LP		 1442 assert(u);
1443 assert(target);
1444
ac155bb8 1445 if (target->type != UNIT_TARGET)
98bc2000
LP		 1446 return 0;
1447
35b8ca3a 1448 /* Only add the dependency if both units are loaded, so that
bba34eed 1449 * that loop check below is reliable */
ac155bb8
MS		 1450 if (u->load_state != UNIT_LOADED ||
1451 target->load_state != UNIT_LOADED)
bba34eed
LP		 1452 return 0;
1453
21256a2b
LP		 1454 /* If either side wants no automatic dependencies, then let's
1455 * skip this */
ac155bb8
MS		 1456 if (!u->default_dependencies ||
1457 !target->default_dependencies)
21256a2b
LP		 1458 return 0;
1459
98bc2000 1460 /* Don't create loops */
15ed3c3a 1461 if (unit_has_dependency(target, UNIT_ATOM_BEFORE, u))
98bc2000
LP		 1462 return 0;
1463
eef85c4a 1464 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
98bc2000
LP		 1465}
1466
e954c9cf 1467static int unit_add_slice_dependencies(Unit *u) {
12f64221 1468 Unit *slice;
e954c9cf 1469 assert(u);
b81884e7 1470
35b7ff80 1471 if (!UNIT_HAS_CGROUP_CONTEXT(u))
e954c9cf
LP		 1472 return 0;
1473
eef85c4a
LP		 1474 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1475 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1476 relationship). */
f6173cb9 1477 UnitDependencyMask mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
eef85c4a 1478
12f64221
LP		 1479 slice = UNIT_GET_SLICE(u);
1480 if (slice)
1481 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, slice, true, mask);
e954c9cf 1482
8c8da0e0 1483 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
d1fab3fe
ZJS		 1484 return 0;
1485
5a724170 1486 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, true, mask);
98bc2000
LP		 1487}
1488
e954c9cf 1489static int unit_add_mount_dependencies(Unit *u) {
eef85c4a
LP		 1490 UnitDependencyInfo di;
1491 const char *path;
9588bc32
LP		 1492 int r;
1493
1494 assert(u);
1495
90e74a66 1496 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for) {
eef85c4a 1497 char prefix[strlen(path) + 1];
9588bc32 1498
eef85c4a 1499 PATH_FOREACH_PREFIX_MORE(prefix, path) {
c7c89abb 1500 _cleanup_free_ char *p = NULL;
9588bc32
LP		 1501 Unit *m;
1502
c7c89abb 1503 r = unit_name_from_path(prefix, ".mount", &p);
598a6a84
LP		 1504 if (IN_SET(r, -EINVAL, -ENAMETOOLONG))
1505 continue; /* If the path cannot be converted to a mount unit name, then it's
4076ad9d 1506 * not manageable as a unit by systemd, and hence we don't need a
598a6a84 1507 * dependency on it. Let's thus silently ignore the issue. */
9588bc32
LP		 1508 if (r < 0)
1509 return r;
c7c89abb
FB		 1510
1511 m = manager_get_unit(u->manager, p);
1512 if (!m) {
598a6a84
LP		 1513 /* Make sure to load the mount unit if it exists. If so the dependencies on
1514 * this unit will be added later during the loading of the mount unit. */
c7c89abb 1515 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
9588bc32 1516 continue;
c7c89abb 1517 }
9588bc32
LP		 1518 if (m == u)
1519 continue;
1520
1521 if (m->load_state != UNIT_LOADED)
1522 continue;
1523
eef85c4a 1524 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
9588bc32
LP		 1525 if (r < 0)
1526 return r;
1527
1528 if (m->fragment_path) {
eef85c4a 1529 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
9588bc32
LP		 1530 if (r < 0)
1531 return r;
1532 }
1533 }
1534 }
1535
1536 return 0;
1537}
1538
a2db0225
AZ		 1539static int unit_add_oomd_dependencies(Unit *u) {
1540 CGroupContext *c;
1541 bool wants_oomd;
1542 int r;
1543
1544 assert(u);
1545
1546 if (!u->default_dependencies)
1547 return 0;
1548
1549 c = unit_get_cgroup_context(u);
1550 if (!c)
1551 return 0;
1552
1553 wants_oomd = (c->moom_swap == MANAGED_OOM_KILL || c->moom_mem_pressure == MANAGED_OOM_KILL);
1554 if (!wants_oomd)
1555 return 0;
1556
1557 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "systemd-oomd.service", true, UNIT_DEPENDENCY_FILE);
1558 if (r < 0)
1559 return r;
1560
1561 return 0;
1562}
1563
95ae05c0 1564static int unit_add_startup_units(Unit *u) {
9dfb6a3a 1565 if (!unit_has_startup_cgroup_constraints(u))
db785129
LP		 1566 return 0;
1567
de7fef4b 1568 return set_ensure_put(&u->manager->startup_units, NULL, u);
95ae05c0
WC		 1569}
1570
294446dc
LP		 1571static int unit_validate_on_failure_job_mode(
1572 Unit *u,
1573 const char *job_mode_setting,
1574 JobMode job_mode,
1575 const char *dependency_name,
1576 UnitDependencyAtom atom) {
1577
1578 Unit *other, *found = NULL;
1579
1580 if (job_mode != JOB_ISOLATE)
1581 return 0;
1582
1583 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
1584 if (!found)
1585 found = other;
1586 else if (found != other)
1587 return log_unit_error_errno(
1588 u, SYNTHETIC_ERRNO(ENOEXEC),
1589 "More than one %s dependencies specified but %sisolate set. Refusing.",
1590 dependency_name, job_mode_setting);
1591 }
1592
1593 return 0;
1594}
1595
87f0e418
LP		 1596int unit_load(Unit *u) {
1597 int r;
1598
1599 assert(u);
1600
ac155bb8 1601 if (u->in_load_queue) {
71fda00f 1602 LIST_REMOVE(load_queue, u->manager->load_queue, u);
ac155bb8 1603 u->in_load_queue = false;
87f0e418
LP		 1604 }
1605
ac155bb8 1606 if (u->type == _UNIT_TYPE_INVALID)
e537352b
LP		 1607 return -EINVAL;
1608
ac155bb8 1609 if (u->load_state != UNIT_STUB)
87f0e418
LP		 1610 return 0;
1611
4f4afc88 1612 if (u->transient_file) {
66fa4bdd
LP		 1613 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1614 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1615
4f4afc88
LP		 1616 r = fflush_and_check(u->transient_file);
1617 if (r < 0)
1618 goto fail;
1619
50fb00b7 1620 u->transient_file = safe_fclose(u->transient_file);
f76707da 1621 u->fragment_mtime = now(CLOCK_REALTIME);
4f4afc88
LP		 1622 }
1623
c3784a7d
ZJS		 1624 r = UNIT_VTABLE(u)->load(u);
1625 if (r < 0)
23a177ef 1626 goto fail;
c3784a7d
ZJS		 1627
1628 assert(u->load_state != UNIT_STUB);
23a177ef 1629
7c8fa05c 1630 if (u->load_state == UNIT_LOADED) {
19496554 1631 unit_add_to_target_deps_queue(u);
e954c9cf
LP		 1632
1633 r = unit_add_slice_dependencies(u);
1634 if (r < 0)
1635 goto fail;
c2756a68 1636
e954c9cf 1637 r = unit_add_mount_dependencies(u);
7c8fa05c 1638 if (r < 0)
c2756a68 1639 goto fail;
7c8fa05c 1640
a2db0225
AZ		 1641 r = unit_add_oomd_dependencies(u);
1642 if (r < 0)
1643 goto fail;
1644
95ae05c0
WC		 1645 r = unit_add_startup_units(u);
1646 if (r < 0)
1647 goto fail;
1648
294446dc
LP		 1649 r = unit_validate_on_failure_job_mode(u, "OnSuccessJobMode=", u->on_success_job_mode, "OnSuccess=", UNIT_ATOM_ON_SUCCESS);
1650 if (r < 0)
1651 goto fail;
15ed3c3a 1652
294446dc
LP		 1653 r = unit_validate_on_failure_job_mode(u, "OnFailureJobMode=", u->on_failure_job_mode, "OnFailure=", UNIT_ATOM_ON_FAILURE);
1654 if (r < 0)
1655 goto fail;
bc432dc7 1656
a2df3ea4
MK		 1657 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1658 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1659
5af88058
LP		 1660 /* We finished loading, let's ensure our parents recalculate the members mask */
1661 unit_invalidate_cgroup_members_masks(u);
f68319bb
LP		 1662 }
1663
ac155bb8 1664 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
23a177ef
LP		 1665
1666 unit_add_to_dbus_queue(unit_follow_merge(u));
701cc384 1667 unit_add_to_gc_queue(u);
f561e8c6 1668 (void) manager_varlink_send_managed_oom_update(u);
87f0e418 1669
87f0e418
LP		 1670 return 0;
1671
1672fail:
81be2388
ZJS		 1673 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code
1674 * should hence return ENOEXEC to ensure units are placed in this state after loading. */
c4555ad8
LP		 1675
1676 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1677 r == -ENOEXEC ? UNIT_BAD_SETTING :
1678 UNIT_ERROR;
ac155bb8 1679 u->load_error = r;
c4555ad8 1680
c149d2b4
ZJS		 1681 /* Record the timestamp on the cache, so that if the cache gets updated between now and the next time
1682 * an attempt is made to load this unit, we know we need to check again. */
7233e91a 1683 if (u->load_state == UNIT_NOT_FOUND)
c2911d48 1684 u->fragment_not_found_timestamp_hash = u->manager->unit_cache_timestamp_hash;
7233e91a 1685
c1e1601e 1686 unit_add_to_dbus_queue(u);
9a46fc3b 1687 unit_add_to_gc_queue(u);
23a177ef 1688
c4555ad8 1689 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
87f0e418
LP		 1690}
1691
f9f88198
YW		 1692_printf_(7, 8)
1693static int log_unit_internal(void *userdata, int level, int error, const char *file, int line, const char *func, const char *format, ...) {
1694 Unit *u = userdata;
1695 va_list ap;
1696 int r;
49365733 1697
c2503e35
RH		 1698 if (u && !unit_log_level_test(u, level))
1699 return -ERRNO_VALUE(error);
1700
f9f88198
YW		 1701 va_start(ap, format);
1702 if (u)
1703 r = log_object_internalv(level, error, file, line, func,
1704 u->manager->unit_log_field,
1705 u->id,
1706 u->manager->invocation_log_field,
1707 u->invocation_id_string,
1708 format, ap);
1709 else
1710 r = log_internalv(level, error, file, line, func, format, ap);
1711 va_end(ap);
49365733 1712
f9f88198 1713 return r;
49365733
LP		 1714}
1715
97a3f4ee 1716static bool unit_test_condition(Unit *u) {
a0b191b7
LP		 1717 _cleanup_strv_free_ char **env = NULL;
1718 int r;
1719
90bbc946
LP		 1720 assert(u);
1721
ac155bb8 1722 dual_timestamp_get(&u->condition_timestamp);
90bbc946 1723
a0b191b7
LP		 1724 r = manager_get_effective_environment(u->manager, &env);
1725 if (r < 0) {
1726 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
d52cc0a5 1727 u->condition_result = true;
a0b191b7
LP		 1728 } else
1729 u->condition_result = condition_test_list(
1730 u->conditions,
1731 env,
1732 condition_type_to_string,
1733 log_unit_internal,
1734 u);
e18f8852 1735
a0b191b7 1736 unit_add_to_dbus_queue(u);
ac155bb8 1737 return u->condition_result;
90bbc946
LP		 1738}
1739
97a3f4ee 1740static bool unit_test_assert(Unit *u) {
a0b191b7
LP		 1741 _cleanup_strv_free_ char **env = NULL;
1742 int r;
1743
59fccdc5
LP		 1744 assert(u);
1745
1746 dual_timestamp_get(&u->assert_timestamp);
59fccdc5 1747
a0b191b7
LP		 1748 r = manager_get_effective_environment(u->manager, &env);
1749 if (r < 0) {
1750 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1751 u->assert_result = CONDITION_ERROR;
1752 } else
1753 u->assert_result = condition_test_list(
1754 u->asserts,
1755 env,
1756 assert_type_to_string,
1757 log_unit_internal,
1758 u);
e18f8852 1759
a0b191b7 1760 unit_add_to_dbus_queue(u);
59fccdc5
LP		 1761 return u->assert_result;
1762}
1763
04d232d8
ZJS		 1764void unit_status_printf(Unit *u, StatusType status_type, const char *status, const char *format, const char *ident) {
1765 if (log_get_show_color()) {
1766 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && strchr(ident, ' '))
1767 ident = strjoina(ANSI_HIGHLIGHT, u->id, ANSI_NORMAL, " - ", u->description);
1768 else
1769 ident = strjoina(ANSI_HIGHLIGHT, ident, ANSI_NORMAL);
1770 }
5b262f74 1771
df446f96 1772 DISABLE_WARNING_FORMAT_NONLITERAL;
04d232d8 1773 manager_status_printf(u->manager, status_type, status, format, ident);
df446f96
LP		 1774 REENABLE_WARNING;
1775}
1776
97a3f4ee 1777int unit_test_start_limit(Unit *u) {
429926e9
TR		 1778 const char *reason;
1779
6bf0f408
LP		 1780 assert(u);
1781
7bf081a1 1782 if (ratelimit_below(&u->start_ratelimit)) {
6bf0f408
LP		 1783 u->start_limit_hit = false;
1784 return 0;
1785 }
1786
1787 log_unit_warning(u, "Start request repeated too quickly.");
1788 u->start_limit_hit = true;
1789
429926e9
TR		 1790 reason = strjoina("unit ", u->id, " failed");
1791
36c4dc08
LP		 1792 emergency_action(u->manager, u->start_limit_action,
1793 EMERGENCY_ACTION_IS_WATCHDOG|EMERGENCY_ACTION_WARN,
1794 u->reboot_arg, -1, reason);
1795
1796 return -ECANCELED;
6bf0f408
LP		 1797}
1798
c891efaf 1799bool unit_shall_confirm_spawn(Unit *u) {
631b676b 1800 assert(u);
c891efaf
FB		 1801
1802 if (manager_is_confirm_spawn_disabled(u->manager))
1803 return false;
1804
1805 /* For some reasons units remaining in the same process group
1806 * as PID 1 fail to acquire the console even if it's not used
1807 * by any process. So skip the confirmation question for them. */
1808 return !unit_get_exec_context(u)->same_pgrp;
1809}
1810
631b676b
LP		 1811static bool unit_verify_deps(Unit *u) {
1812 Unit *other;
631b676b
LP		 1813
1814 assert(u);
1815
defe63b0
LP		 1816 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined
1817 * with After=. We do not check Requires= or Requisite= here as they only should have an effect on
1818 * the job processing, but do not have any effect afterwards. We don't check BindsTo= dependencies
1819 * that are not used in conjunction with After= as for them any such check would make things entirely
1820 * racy. */
631b676b 1821
15ed3c3a 1822 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
631b676b 1823
15ed3c3a 1824 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other))
631b676b
LP		 1825 continue;
1826
1827 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1828 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1829 return false;
1830 }
1831 }
1832
1833 return true;
1834}
1835
9adb6959 1836/* Errors that aren't really errors:
6bf0f408 1837 * -EALREADY: Unit is already started.
9adb6959 1838 * -ECOMM: Condition failed
6bf0f408 1839 * -EAGAIN: An operation is already in progress. Retry later.
9adb6959
LP		 1840 *
1841 * Errors that are real errors:
1842 * -EBADR: This unit type does not support starting.
2de9b979 1843 * -ECANCELED: Start limit hit, too many requests for now
6bf0f408
LP		 1844 * -EPROTO: Assert failed
1845 * -EINVAL: Unit not loaded
1846 * -EOPNOTSUPP: Unit type not supported
631b676b 1847 * -ENOLINK: The necessary dependencies are not fulfilled.
d4fd1cf2 1848 * -ESTALE: This unit has been started before and can't be started a second time
a4191c9f 1849 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
87f0e418
LP		 1850 */
1851int unit_start(Unit *u) {
1852 UnitActiveState state;
92ab323c 1853 Unit *following;
87f0e418
LP		 1854
1855 assert(u);
1856
9727f242
DDM		 1857 /* Check start rate limiting early so that failure conditions don't cause us to enter a busy loop. */
1858 if (UNIT_VTABLE(u)->test_start_limit) {
1859 int r = UNIT_VTABLE(u)->test_start_limit(u);
1860 if (r < 0)
1861 return r;
1862 }
1863
5766aca8
LP		 1864 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1865 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1866 * waiting is finished. */
87f0e418
LP		 1867 state = unit_active_state(u);
1868 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1869 return -EALREADY;
380dc8b0
LP		 1870 if (state == UNIT_MAINTENANCE)
1871 return -EAGAIN;
87f0e418 1872
6bf0f408
LP		 1873 /* Units that aren't loaded cannot be started */
1874 if (u->load_state != UNIT_LOADED)
1875 return -EINVAL;
1876
d4fd1cf2
LP		 1877 /* Refuse starting scope units more than once */
1878 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1879 return -ESTALE;
1880
5766aca8
LP		 1881 /* If the conditions failed, don't do anything at all. If we already are activating this call might
1882 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1883 * recheck the condition in that case. */
a82e5507 1884 if (state != UNIT_ACTIVATING &&
5af6aa58 1885 !unit_test_condition(u))
5766aca8 1886 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(ECOMM), "Starting requested but condition failed. Not starting unit.");
52661efd 1887
59fccdc5
LP		 1888 /* If the asserts failed, fail the entire job */
1889 if (state != UNIT_ACTIVATING &&
5766aca8
LP		 1890 !unit_test_assert(u))
1891 return log_unit_notice_errno(u, SYNTHETIC_ERRNO(EPROTO), "Starting requested but asserts failed.");
59fccdc5 1892
5766aca8
LP		 1893 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1894 * condition checks, so that we rather return condition check errors (which are usually not
1895 * considered a true failure) than "not supported" errors (which are considered a failure).
d11a7645 1896 */
96cf3ec9 1897 if (!unit_type_supported(u->type))
d11a7645
LP		 1898 return -EOPNOTSUPP;
1899
5766aca8
LP		 1900 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1901 * should have taken care of this already, but let's check this here again. After all, our
1902 * dependencies might not be in effect anymore, due to a reload or due to a failed condition. */
631b676b
LP		 1903 if (!unit_verify_deps(u))
1904 return -ENOLINK;
1905
92ab323c 1906 /* Forward to the main object, if we aren't it. */
52990c2e
ZJS		 1907 following = unit_following(u);
1908 if (following) {
f2341e0a 1909 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
92ab323c
LP		 1910 return unit_start(following);
1911 }
1912
1913 /* If it is stopped, but we cannot start it, then fail */
1914 if (!UNIT_VTABLE(u)->start)
1915 return -EBADR;
1916
5766aca8
LP		 1917 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1918 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1919 * waits for a holdoff timer to elapse before it will start again. */
87f0e418 1920
c1e1601e 1921 unit_add_to_dbus_queue(u);
d9e45bc3 1922 unit_cgroup_freezer_action(u, FREEZER_THAW);
9e58ff9c 1923
d1a34ae9 1924 return UNIT_VTABLE(u)->start(u);
87f0e418
LP		 1925}
1926
1927bool unit_can_start(Unit *u) {
1928 assert(u);
1929
8ff4d2ab
LP		 1930 if (u->load_state != UNIT_LOADED)
1931 return false;
1932
96cf3ec9 1933 if (!unit_type_supported(u->type))
8ff4d2ab
LP		 1934 return false;
1935
d4fd1cf2
LP		 1936 /* Scope units may be started only once */
1937 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1938 return false;
1939
87f0e418
LP		 1940 return !!UNIT_VTABLE(u)->start;
1941}
1942
2528a7a6
LP		 1943bool unit_can_isolate(Unit *u) {
1944 assert(u);
1945
1946 return unit_can_start(u) &&
ac155bb8 1947 u->allow_isolate;
2528a7a6
LP		 1948}
1949
87f0e418
LP		 1950/* Errors:
1951 * -EBADR: This unit type does not support stopping.
1952 * -EALREADY: Unit is already stopped.
1953 * -EAGAIN: An operation is already in progress. Retry later.
1954 */
1955int unit_stop(Unit *u) {
1956 UnitActiveState state;
92ab323c 1957 Unit *following;
87f0e418
LP		 1958
1959 assert(u);
1960
87f0e418 1961 state = unit_active_state(u);
fdf20a31 1962 if (UNIT_IS_INACTIVE_OR_FAILED(state))
87f0e418
LP		 1963 return -EALREADY;
1964
0faacd47
LP		 1965 following = unit_following(u);
1966 if (following) {
f2341e0a 1967 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
92ab323c
LP		 1968 return unit_stop(following);
1969 }
1970
7898b0cf
LP		 1971 if (!UNIT_VTABLE(u)->stop)
1972 return -EBADR;
1973
c1e1601e 1974 unit_add_to_dbus_queue(u);
d9e45bc3 1975 unit_cgroup_freezer_action(u, FREEZER_THAW);
9e58ff9c 1976
d1a34ae9 1977 return UNIT_VTABLE(u)->stop(u);
87f0e418
LP		 1978}
1979
f5869324
LP		 1980bool unit_can_stop(Unit *u) {
1981 assert(u);
1982
39c79477
ZJS		 1983 /* Note: if we return true here, it does not mean that the unit may be successfully stopped.
1984 * Extrinsic units follow external state and they may stop following external state changes
1985 * (hence we return true here), but an attempt to do this through the manager will fail. */
1986
96cf3ec9 1987 if (!unit_type_supported(u->type))
f5869324
LP		 1988 return false;
1989
1990 if (u->perpetual)
1991 return false;
1992
1993 return !!UNIT_VTABLE(u)->stop;
1994}
1995
87f0e418
LP		 1996/* Errors:
1997 * -EBADR: This unit type does not support reloading.
1998 * -ENOEXEC: Unit is not started.
1999 * -EAGAIN: An operation is already in progress. Retry later.
2000 */
2001int unit_reload(Unit *u) {
2002 UnitActiveState state;
92ab323c 2003 Unit *following;
87f0e418
LP		 2004
2005 assert(u);
2006
ac155bb8 2007 if (u->load_state != UNIT_LOADED)
6124958c
LP		 2008 return -EINVAL;
2009
87f0e418
LP		 2010 if (!unit_can_reload(u))
2011 return -EBADR;
2012
2013 state = unit_active_state(u);
e364ad06 2014 if (state == UNIT_RELOADING)
6255af75 2015 return -EAGAIN;
87f0e418 2016
d85ff944
YW		 2017 if (state != UNIT_ACTIVE)
2018 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "Unit cannot be reloaded because it is inactive.");
87f0e418 2019
e48614c4
ZJS		 2020 following = unit_following(u);
2021 if (following) {
f2341e0a 2022 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
92ab323c
LP		 2023 return unit_reload(following);
2024 }
2025
c1e1601e 2026 unit_add_to_dbus_queue(u);
82a2b6bb 2027
f54bcca5
JR		 2028 if (!UNIT_VTABLE(u)->reload) {
2029 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
2ad2e41a 2030 unit_notify(u, unit_active_state(u), unit_active_state(u), 0);
f54bcca5
JR		 2031 return 0;
2032 }
2033
d9e45bc3
MS		 2034 unit_cgroup_freezer_action(u, FREEZER_THAW);
2035
d1a34ae9 2036 return UNIT_VTABLE(u)->reload(u);
87f0e418
LP		 2037}
2038
2039bool unit_can_reload(Unit *u) {
2040 assert(u);
2041
f54bcca5
JR		 2042 if (UNIT_VTABLE(u)->can_reload)
2043 return UNIT_VTABLE(u)->can_reload(u);
87f0e418 2044
15ed3c3a 2045 if (unit_has_dependency(u, UNIT_ATOM_PROPAGATES_RELOAD_TO, NULL))
87f0e418
LP		 2046 return true;
2047
f54bcca5 2048 return UNIT_VTABLE(u)->reload;
87f0e418
LP		 2049}
2050
a3c1168a 2051bool unit_is_unneeded(Unit *u) {
15ed3c3a 2052 Unit *other;
f3bff0eb
LP		 2053 assert(u);
2054
ac155bb8 2055 if (!u->stop_when_unneeded)
a3c1168a 2056 return false;
f3bff0eb 2057
a3c1168a 2058 /* Don't clean up while the unit is transitioning or is even inactive. */
116654d2 2059 if (unit_active_state(u) != UNIT_ACTIVE)
a3c1168a
LP		 2060 return false;
2061 if (u->job)
2062 return false;
f3bff0eb 2063
15ed3c3a 2064 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_PINS_STOP_WHEN_UNNEEDED) {
fda09318 2065 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
a3c1168a 2066 * restart, then don't clean this one up. */
b81884e7 2067
15ed3c3a
LP		 2068 if (other->job)
2069 return false;
a3c1168a 2070
15ed3c3a
LP		 2071 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2072 return false;
a3c1168a 2073
15ed3c3a
LP		 2074 if (unit_will_restart(other))
2075 return false;
bea355da
LP		 2076 }
2077
a3c1168a
LP		 2078 return true;
2079}
f3bff0eb 2080
0bc488c9
LP		 2081bool unit_is_upheld_by_active(Unit *u, Unit **ret_culprit) {
2082 Unit *other;
2083
2084 assert(u);
2085
2086 /* Checks if the unit needs to be started because it currently is not running, but some other unit
2087 * that is active declared an Uphold= dependencies on it */
2088
2089 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)) || u->job) {
2090 if (ret_culprit)
2091 *ret_culprit = NULL;
2092 return false;
2093 }
2094
2095 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_START_STEADILY) {
2096 if (other->job)
2097 continue;
2098
2099 if (UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
2100 if (ret_culprit)
2101 *ret_culprit = other;
2102 return true;
2103 }
2104 }
2105
2106 if (ret_culprit)
2107 *ret_culprit = NULL;
2108 return false;
2109}
2110
56c59592
LP		 2111bool unit_is_bound_by_inactive(Unit *u, Unit **ret_culprit) {
2112 Unit *other;
2113
2114 assert(u);
2115
2116 /* Checks whether this unit is bound to another unit that is inactive, i.e. whether we should stop
7802194a 2117 * because the other unit is down. */
56c59592
LP		 2118
2119 if (unit_active_state(u) != UNIT_ACTIVE || u->job) {
2120 /* Don't clean up while the unit is transitioning or is even inactive. */
2121 if (ret_culprit)
2122 *ret_culprit = NULL;
2123 return false;
2124 }
2125
2126 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
2127 if (other->job)
2128 continue;
2129
2130 if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other))) {
2131 if (*ret_culprit)
2132 *ret_culprit = other;
2133
2134 return true;
2135 }
2136 }
2137
2138 if (ret_culprit)
2139 *ret_culprit = NULL;
2140 return false;
2141}
2142
a3c1168a 2143static void check_unneeded_dependencies(Unit *u) {
15ed3c3a 2144 Unit *other;
a3c1168a
LP		 2145 assert(u);
2146
2147 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2148
15ed3c3a
LP		 2149 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_STOP_WHEN_UNNEEDED_QUEUE)
2150 unit_submit_to_stop_when_unneeded_queue(other);
f3bff0eb
LP		 2151}
2152
0bc488c9
LP		 2153static void check_uphold_dependencies(Unit *u) {
2154 Unit *other;
2155 assert(u);
2156
2157 /* Add all units this unit depends on to the queue that processes Uphold= behaviour. */
2158
2159 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_START_WHEN_UPHELD_QUEUE)
2160 unit_submit_to_start_when_upheld_queue(other);
2161}
2162
56c59592 2163static void check_bound_by_dependencies(Unit *u) {
ff502445 2164 Unit *other;
ff502445
LP		 2165 assert(u);
2166
56c59592 2167 /* Add all units this unit depends on to the queue that processes BindsTo= stop behaviour. */
ff502445 2168
56c59592
LP		 2169 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_CANNOT_BE_ACTIVE_WITHOUT_QUEUE)
2170 unit_submit_to_stop_when_bound_queue(other);
ff502445
LP		 2171}
2172
87f0e418 2173static void retroactively_start_dependencies(Unit *u) {
87f0e418
LP		 2174 Unit *other;
2175
2176 assert(u);
2177 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2178
15ed3c3a
LP		 2179 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_REPLACE) /* Requires= + BindsTo= */
2180 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
b81884e7 2181 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
50cbaba4 2182 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL, NULL);
b81884e7 2183
15ed3c3a
LP		 2184 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_FAIL) /* Wants= */
2185 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
b81884e7 2186 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
50cbaba4 2187 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL, NULL);
87f0e418 2188
15ed3c3a 2189 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_START) /* Conflicts= (and inverse) */
b81884e7 2190 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
50cbaba4 2191 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
87f0e418
LP		 2192}
2193
2194static void retroactively_stop_dependencies(Unit *u) {
87f0e418
LP		 2195 Unit *other;
2196
2197 assert(u);
2198 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2199
b81884e7 2200 /* Pull down units which are bound to us recursively if enabled */
15ed3c3a 2201 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_STOP) /* BoundBy= */
b81884e7 2202 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
50cbaba4 2203 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
cd0504d0
MS		 2204}
2205
294446dc
LP		 2206void unit_start_on_failure(
2207 Unit *u,
2208 const char *dependency_name,
2209 UnitDependencyAtom atom,
2210 JobMode job_mode) {
2211
15ed3c3a 2212 bool logged = false;
c0daa706 2213 Unit *other;
7f66b026 2214 int r;
c0daa706
LP		 2215
2216 assert(u);
294446dc
LP		 2217 assert(dependency_name);
2218 assert(IN_SET(atom, UNIT_ATOM_ON_SUCCESS, UNIT_ATOM_ON_FAILURE));
2219
2220 /* Act on OnFailure= and OnSuccess= dependencies */
c0daa706 2221
294446dc 2222 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
7f66b026 2223 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
222ae6a8 2224
15ed3c3a 2225 if (!logged) {
294446dc 2226 log_unit_info(u, "Triggering %s dependencies.", dependency_name);
15ed3c3a
LP		 2227 logged = true;
2228 }
2229
294446dc 2230 r = manager_add_job(u->manager, JOB_START, other, job_mode, NULL, &error, NULL);
c1b6628d 2231 if (r < 0)
294446dc
LP		 2232 log_unit_warning_errno(
2233 u, r, "Failed to enqueue %s job, ignoring: %s",
2234 dependency_name, bus_error_message(&error, r));
222ae6a8 2235 }
294446dc
LP		 2236
2237 if (logged)
2238 log_unit_debug(u, "Triggering %s dependencies done.", dependency_name);
c0daa706
LP		 2239}
2240
3ecaa09b
LP		 2241void unit_trigger_notify(Unit *u) {
2242 Unit *other;
3ecaa09b
LP		 2243
2244 assert(u);
2245
15ed3c3a 2246 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_TRIGGERED_BY)
3ecaa09b
LP		 2247 if (UNIT_VTABLE(other)->trigger_notify)
2248 UNIT_VTABLE(other)->trigger_notify(other, u);
2249}
2250
37109b85
ZJS		 2251static int raise_level(int log_level, bool condition_info, bool condition_notice) {
2252 if (condition_notice && log_level > LOG_NOTICE)
2253 return LOG_NOTICE;
2254 if (condition_info && log_level > LOG_INFO)
2255 return LOG_INFO;
2256 return log_level;
2257}
2258
915b1d01 2259static int unit_log_resources(Unit *u) {
bc40a20e
LP		 2260 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + _CGROUP_IO_ACCOUNTING_METRIC_MAX + 4];
2261 bool any_traffic = false, have_ip_accounting = false, any_io = false, have_io_accounting = false;
2262 _cleanup_free_ char *igress = NULL, *egress = NULL, *rr = NULL, *wr = NULL;
162392b7 2263 int log_level = LOG_DEBUG; /* May be raised if resources consumed over a threshold */
915b1d01 2264 size_t n_message_parts = 0, n_iovec = 0;
bc40a20e 2265 char* message_parts[1 + 2 + 2 + 1], *t;
915b1d01 2266 nsec_t nsec = NSEC_INFINITY;
915b1d01
LP		 2267 int r;
2268 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2269 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2270 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2271 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2272 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2273 };
bc40a20e
LP		 2274 const char* const io_fields[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
2275 [CGROUP_IO_READ_BYTES] = "IO_METRIC_READ_BYTES",
2276 [CGROUP_IO_WRITE_BYTES] = "IO_METRIC_WRITE_BYTES",
2277 [CGROUP_IO_READ_OPERATIONS] = "IO_METRIC_READ_OPERATIONS",
2278 [CGROUP_IO_WRITE_OPERATIONS] = "IO_METRIC_WRITE_OPERATIONS",
2279 };
915b1d01
LP		 2280
2281 assert(u);
2282
2283 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2284 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2285 * information and the complete data in structured fields. */
2286
2287 (void) unit_get_cpu_usage(u, &nsec);
2288 if (nsec != NSEC_INFINITY) {
915b1d01
LP		 2289 /* Format the CPU time for inclusion in the structured log message */
2290 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2291 r = log_oom();
2292 goto finish;
2293 }
2294 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2295
2296 /* Format the CPU time for inclusion in the human language message string */
5291f26d 2297 t = strjoin("consumed ", FORMAT_TIMESPAN(nsec / NSEC_PER_USEC, USEC_PER_MSEC), " CPU time");
915b1d01
LP		 2298 if (!t) {
2299 r = log_oom();
2300 goto finish;
2301 }
2302
2303 message_parts[n_message_parts++] = t;
37109b85
ZJS		 2304
2305 log_level = raise_level(log_level,
2306 nsec > NOTICEWORTHY_CPU_NSEC,
2307 nsec > MENTIONWORTHY_CPU_NSEC);
915b1d01
LP		 2308 }
2309
bc40a20e 2310 for (CGroupIOAccountingMetric k = 0; k < _CGROUP_IO_ACCOUNTING_METRIC_MAX; k++) {
bc40a20e
LP		 2311 uint64_t value = UINT64_MAX;
2312
2313 assert(io_fields[k]);
2314
2315 (void) unit_get_io_accounting(u, k, k > 0, &value);
2316 if (value == UINT64_MAX)
2317 continue;
2318
2319 have_io_accounting = true;
2320 if (value > 0)
2321 any_io = true;
2322
2323 /* Format IO accounting data for inclusion in the structured log message */
2324 if (asprintf(&t, "%s=%" PRIu64, io_fields[k], value) < 0) {
2325 r = log_oom();
2326 goto finish;
2327 }
2328 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2329
2330 /* Format the IO accounting data for inclusion in the human language message string, but only
2331 * for the bytes counters (and not for the operations counters) */
2332 if (k == CGROUP_IO_READ_BYTES) {
2333 assert(!rr);
2b59bf51 2334 rr = strjoin("read ", strna(FORMAT_BYTES(value)), " from disk");
bc40a20e
LP		 2335 if (!rr) {
2336 r = log_oom();
2337 goto finish;
2338 }
2339 } else if (k == CGROUP_IO_WRITE_BYTES) {
2340 assert(!wr);
2b59bf51 2341 wr = strjoin("written ", strna(FORMAT_BYTES(value)), " to disk");
bc40a20e
LP		 2342 if (!wr) {
2343 r = log_oom();
2344 goto finish;
2345 }
2346 }
37109b85
ZJS		 2347
2348 if (IN_SET(k, CGROUP_IO_READ_BYTES, CGROUP_IO_WRITE_BYTES))
2349 log_level = raise_level(log_level,
2350 value > MENTIONWORTHY_IO_BYTES,
2351 value > NOTICEWORTHY_IO_BYTES);
bc40a20e
LP		 2352 }
2353
2354 if (have_io_accounting) {
2355 if (any_io) {
2356 if (rr)
2357 message_parts[n_message_parts++] = TAKE_PTR(rr);
2358 if (wr)
2359 message_parts[n_message_parts++] = TAKE_PTR(wr);
2360
2361 } else {
2362 char *k;
2363
2364 k = strdup("no IO");
2365 if (!k) {
2366 r = log_oom();
2367 goto finish;
2368 }
2369
2370 message_parts[n_message_parts++] = k;
2371 }
2372 }
2373
12375b95 2374 for (CGroupIPAccountingMetric m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
915b1d01
LP		 2375 uint64_t value = UINT64_MAX;
2376
2377 assert(ip_fields[m]);
2378
2379 (void) unit_get_ip_accounting(u, m, &value);
2380 if (value == UINT64_MAX)
2381 continue;
82044702
LP		 2382
2383 have_ip_accounting = true;
a87b1faa
LP		 2384 if (value > 0)
2385 any_traffic = true;
915b1d01
LP		 2386
2387 /* Format IP accounting data for inclusion in the structured log message */
2388 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2389 r = log_oom();
2390 goto finish;
2391 }
2392 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2393
2394 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2395 * bytes counters (and not for the packets counters) */
a87b1faa
LP		 2396 if (m == CGROUP_IP_INGRESS_BYTES) {
2397 assert(!igress);
2b59bf51 2398 igress = strjoin("received ", strna(FORMAT_BYTES(value)), " IP traffic");
a87b1faa
LP		 2399 if (!igress) {
2400 r = log_oom();
2401 goto finish;
2402 }
2403 } else if (m == CGROUP_IP_EGRESS_BYTES) {
2404 assert(!egress);
2b59bf51 2405 egress = strjoin("sent ", strna(FORMAT_BYTES(value)), " IP traffic");
a87b1faa
LP		 2406 if (!egress) {
2407 r = log_oom();
2408 goto finish;
2409 }
2410 }
37109b85
ZJS		 2411
2412 if (IN_SET(m, CGROUP_IP_INGRESS_BYTES, CGROUP_IP_EGRESS_BYTES))
2413 log_level = raise_level(log_level,
2414 value > MENTIONWORTHY_IP_BYTES,
2415 value > NOTICEWORTHY_IP_BYTES);
a87b1faa
LP		 2416 }
2417
c2503e35
RH		 2418 /* This check is here because it is the earliest point following all possible log_level assignments. If
2419 * log_level is assigned anywhere after this point, move this check. */
2420 if (!unit_log_level_test(u, log_level)) {
2421 r = 0;
2422 goto finish;
2423 }
2424
82044702
LP		 2425 if (have_ip_accounting) {
2426 if (any_traffic) {
2427 if (igress)
2428 message_parts[n_message_parts++] = TAKE_PTR(igress);
2429 if (egress)
2430 message_parts[n_message_parts++] = TAKE_PTR(egress);
a87b1faa 2431
82044702
LP		 2432 } else {
2433 char *k;
915b1d01 2434
82044702
LP		 2435 k = strdup("no IP traffic");
2436 if (!k) {
2437 r = log_oom();
2438 goto finish;
2439 }
2440
2441 message_parts[n_message_parts++] = k;
2442 }
915b1d01
LP		 2443 }
2444
2445 /* Is there any accounting data available at all? */
2446 if (n_iovec == 0) {
2447 r = 0;
2448 goto finish;
2449 }
2450
2451 if (n_message_parts == 0)
a87b1faa 2452 t = strjoina("MESSAGE=", u->id, ": Completed.");
915b1d01 2453 else {
c2b2df60 2454 _cleanup_free_ char *joined = NULL;
915b1d01
LP		 2455
2456 message_parts[n_message_parts] = NULL;
2457
2458 joined = strv_join(message_parts, ", ");
2459 if (!joined) {
2460 r = log_oom();
2461 goto finish;
2462 }
2463
ec9d636b 2464 joined[0] = ascii_toupper(joined[0]);
a87b1faa 2465 t = strjoina("MESSAGE=", u->id, ": ", joined, ".");
915b1d01
LP		 2466 }
2467
2468 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2469 * and hence don't increase n_iovec for them */
2470 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2471 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2472
2473 t = strjoina(u->manager->unit_log_field, u->id);
2474 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2475
2476 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2477 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2478
c2503e35 2479 log_unit_struct_iovec(u, log_level, iovec, n_iovec + 4);
915b1d01
LP		 2480 r = 0;
2481
2482finish:
12375b95 2483 for (size_t i = 0; i < n_message_parts; i++)
915b1d01
LP		 2484 free(message_parts[i]);
2485
12375b95 2486 for (size_t i = 0; i < n_iovec; i++)
915b1d01
LP		 2487 free(iovec[i].iov_base);
2488
2489 return r;
2490
2491}
2492
adefcf28
LP		 2493static void unit_update_on_console(Unit *u) {
2494 bool b;
2495
2496 assert(u);
2497
2498 b = unit_needs_console(u);
2499 if (u->on_console == b)
2500 return;
2501
2502 u->on_console = b;
2503 if (b)
2504 manager_ref_console(u->manager);
2505 else
2506 manager_unref_console(u->manager);
adefcf28
LP		 2507}
2508
6eb65e7c
LP		 2509static void unit_emit_audit_start(Unit *u) {
2510 assert(u);
2511
2512 if (u->type != UNIT_SERVICE)
2513 return;
2514
2515 /* Write audit record if we have just finished starting up */
2516 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, true);
2517 u->in_audit = true;
2518}
2519
2520static void unit_emit_audit_stop(Unit *u, UnitActiveState state) {
2521 assert(u);
2522
2523 if (u->type != UNIT_SERVICE)
2524 return;
2525
2526 if (u->in_audit) {
2527 /* Write audit record if we have just finished shutting down */
2528 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, state == UNIT_INACTIVE);
2529 u->in_audit = false;
2530 } else {
2531 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2532 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, state == UNIT_INACTIVE);
2533
2534 if (state == UNIT_INACTIVE)
2535 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, true);
2536 }
2537}
2538
16c74914
LP		 2539static bool unit_process_job(Job *j, UnitActiveState ns, UnitNotifyFlags flags) {
2540 bool unexpected = false;
31cd5f63 2541 JobResult result;
16c74914
LP		 2542
2543 assert(j);
2544
2545 if (j->state == JOB_WAITING)
2546
2547 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2548 * due to EAGAIN. */
2549 job_add_to_run_queue(j);
2550
2551 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2552 * hence needs to invalidate jobs. */
2553
2554 switch (j->type) {
2555
2556 case JOB_START:
2557 case JOB_VERIFY_ACTIVE:
2558
2559 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2560 job_finish_and_invalidate(j, JOB_DONE, true, false);
2561 else if (j->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2562 unexpected = true;
2563
31cd5f63
AZ		 2564 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2565 if (ns == UNIT_FAILED)
2566 result = JOB_FAILED;
31cd5f63
AZ		 2567 else
2568 result = JOB_DONE;
2569
2570 job_finish_and_invalidate(j, result, true, false);
2571 }
16c74914
LP		 2572 }
2573
2574 break;
2575
2576 case JOB_RELOAD:
2577 case JOB_RELOAD_OR_START:
2578 case JOB_TRY_RELOAD:
2579
2580 if (j->state == JOB_RUNNING) {
2581 if (ns == UNIT_ACTIVE)
2582 job_finish_and_invalidate(j, (flags & UNIT_NOTIFY_RELOAD_FAILURE) ? JOB_FAILED : JOB_DONE, true, false);
2583 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2584 unexpected = true;
2585
2586 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2587 job_finish_and_invalidate(j, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2588 }
2589 }
2590
2591 break;
2592
2593 case JOB_STOP:
2594 case JOB_RESTART:
2595 case JOB_TRY_RESTART:
2596
2597 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2598 job_finish_and_invalidate(j, JOB_DONE, true, false);
2599 else if (j->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2600 unexpected = true;
2601 job_finish_and_invalidate(j, JOB_FAILED, true, false);
2602 }
2603
2604 break;
2605
2606 default:
04499a70 2607 assert_not_reached();
16c74914
LP		 2608 }
2609
2610 return unexpected;
2611}
2612
2ad2e41a 2613void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, UnitNotifyFlags flags) {
429926e9 2614 const char *reason;
8559b3b7 2615 Manager *m;
a096ed36 2616
87f0e418
LP		 2617 assert(u);
2618 assert(os < _UNIT_ACTIVE_STATE_MAX);
2619 assert(ns < _UNIT_ACTIVE_STATE_MAX);
87f0e418 2620
8559b3b7
LP		 2621 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2622 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2623 * remounted this function will be called too! */
87f0e418 2624
546ac4f0
MS		 2625 m = u->manager;
2626
3c4832ad
LP		 2627 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2628 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2629 unit_add_to_dbus_queue(u);
2630
e30bbc90
AZ		 2631 /* Update systemd-oomd on the property/state change */
2632 if (os != ns) {
2633 /* Always send an update if the unit is going into an inactive state so systemd-oomd knows to stop
2634 * monitoring.
2635 * Also send an update whenever the unit goes active; this is to handle a case where an override file
2636 * sets one of the ManagedOOM*= properties to "kill", then later removes it. systemd-oomd needs to
2637 * know to stop monitoring when the unit changes from "kill" -> "auto" on daemon-reload, but we don't
2638 * have the information on the property. Thus, indiscriminately send an update. */
f561e8c6 2639 if (UNIT_IS_INACTIVE_OR_FAILED(ns) || UNIT_IS_ACTIVE_OR_RELOADING(ns))
e30bbc90
AZ		 2640 (void) manager_varlink_send_managed_oom_update(u);
2641 }
2642
f755e3b7 2643 /* Update timestamps for state changes */
2c289ea8 2644 if (!MANAGER_IS_RELOADING(m)) {
a483fb59 2645 dual_timestamp_get(&u->state_change_timestamp);
173e3821 2646
bdbf9951 2647 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2648 u->inactive_exit_timestamp = u->state_change_timestamp;
bdbf9951 2649 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2650 u->inactive_enter_timestamp = u->state_change_timestamp;
bdbf9951
LP		 2651
2652 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2653 u->active_enter_timestamp = u->state_change_timestamp;
bdbf9951 2654 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2655 u->active_exit_timestamp = u->state_change_timestamp;
bdbf9951 2656 }
87f0e418 2657
865cc19a 2658 /* Keep track of failed units */
8724defe 2659 (void) manager_update_failed_units(m, u, ns == UNIT_FAILED);
f755e3b7 2660
d3070fbd
LP		 2661 /* Make sure the cgroup and state files are always removed when we become inactive */
2662 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
ff68472a
ZJS		 2663 SET_FLAG(u->markers,
2664 (1u << UNIT_MARKER_NEEDS_RELOAD)|(1u << UNIT_MARKER_NEEDS_RESTART),
2665 false);
efdb0237 2666 unit_prune_cgroup(u);
d3070fbd 2667 unit_unlink_state_files(u);
ff68472a
ZJS		 2668 } else if (ns != os && ns == UNIT_RELOADING)
2669 SET_FLAG(u->markers, 1u << UNIT_MARKER_NEEDS_RELOAD, false);
fb385181 2670
adefcf28 2671 unit_update_on_console(u);
7ed9f6cd 2672
2c289ea8 2673 if (!MANAGER_IS_RELOADING(m)) {
a1c7334b
LP		 2674 bool unexpected;
2675
2676 /* Let's propagate state changes to the job */
2677 if (u->job)
2678 unexpected = unit_process_job(u->job, ns, flags);
2679 else
2680 unexpected = true;
f3bff0eb 2681
a1c7334b
LP		 2682 /* If this state change happened without being requested by a job, then let's retroactively start or
2683 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2684 * additional jobs just because something is already activated. */
bdbf9951
LP		 2685
2686 if (unexpected) {
2687 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2688 retroactively_start_dependencies(u);
2689 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2690 retroactively_stop_dependencies(u);
2691 }
5de9682c 2692
bdbf9951 2693 if (ns != os && ns == UNIT_FAILED) {
ed77d407 2694 log_unit_debug(u, "Unit entered failed state.");
2ad2e41a
LP		 2695
2696 if (!(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
294446dc 2697 unit_start_on_failure(u, "OnFailure=", UNIT_ATOM_ON_FAILURE, u->on_failure_job_mode);
cd6d0a45 2698 }
e537352b 2699
256f65d0
LP		 2700 if (UNIT_IS_ACTIVE_OR_RELOADING(ns) && !UNIT_IS_ACTIVE_OR_RELOADING(os)) {
2701 /* This unit just finished starting up */
3b2775c5 2702
6eb65e7c 2703 unit_emit_audit_start(u);
546ac4f0 2704 manager_send_unit_plymouth(m, u);
256f65d0 2705 }
bdbf9951 2706
256f65d0 2707 if (UNIT_IS_INACTIVE_OR_FAILED(ns) && !UNIT_IS_INACTIVE_OR_FAILED(os)) {
915b1d01 2708 /* This unit just stopped/failed. */
256f65d0 2709
6eb65e7c 2710 unit_emit_audit_stop(u, ns);
915b1d01 2711 unit_log_resources(u);
cd6d0a45 2712 }
294446dc
LP		 2713
2714 if (ns == UNIT_INACTIVE && !IN_SET(os, UNIT_FAILED, UNIT_INACTIVE, UNIT_MAINTENANCE) &&
2715 !(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
2716 unit_start_on_failure(u, "OnSuccess=", UNIT_ATOM_ON_SUCCESS, u->on_success_job_mode);
f278026d
LP		 2717 }
2718
31dc1ca3
LP		 2719 manager_recheck_journal(m);
2720 manager_recheck_dbus(m);
e63ebf71 2721
3ecaa09b 2722 unit_trigger_notify(u);
3b2775c5 2723
8724defe 2724 if (!MANAGER_IS_RELOADING(m)) {
429926e9
TR		 2725 if (os != UNIT_FAILED && ns == UNIT_FAILED) {
2726 reason = strjoina("unit ", u->id, " failed");
36c4dc08 2727 emergency_action(m, u->failure_action, 0, u->reboot_arg, unit_failure_action_exit_status(u), reason);
429926e9
TR		 2728 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE) {
2729 reason = strjoina("unit ", u->id, " succeeded");
36c4dc08 2730 emergency_action(m, u->success_action, 0, u->reboot_arg, unit_success_action_exit_status(u), reason);
429926e9 2731 }
ff502445
LP		 2732 }
2733
99e9af25 2734 /* And now, add the unit or depending units to various queues that will act on the new situation if
48008c1c 2735 * needed. These queues generally check for continuous state changes rather than events (like most of
99e9af25
LP		 2736 * the state propagation above), and do work deferred instead of instantly, since they typically
2737 * don't want to run during reloading, and usually involve checking combined state of multiple units
2738 * at once. */
2739
2740 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2741 /* Stop unneeded units and bound-by units regardless if going down was expected or not */
2742 check_unneeded_dependencies(u);
2743 check_bound_by_dependencies(u);
2744
2745 /* Maybe someone wants us to remain up? */
2746 unit_submit_to_start_when_upheld_queue(u);
2747
2748 /* Maybe the unit should be GC'ed now? */
2749 unit_add_to_gc_queue(u);
2750 }
2751
2752 if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
2753 /* Start uphold units regardless if going up was expected or not */
2754 check_uphold_dependencies(u);
2755
2756 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2757 unit_submit_to_stop_when_unneeded_queue(u);
2758
2759 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens
2760 * when something BindsTo= to a Type=oneshot unit, as these units go directly from starting to
2761 * inactive, without ever entering started.) */
2762 unit_submit_to_stop_when_bound_queue(u);
2763 }
87f0e418
LP		 2764}
2765
f75f613d 2766int unit_watch_pid(Unit *u, pid_t pid, bool exclusive) {
62a76913 2767 int r;
a911bb9a 2768
87f0e418 2769 assert(u);
62a76913 2770 assert(pid_is_valid(pid));
87f0e418 2771
62a76913 2772 /* Watch a specific PID */
5ba6985b 2773
f75f613d
FB		 2774 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2775 * opportunity to remove any stalled references to this PID as they can be created
2776 * easily (when watching a process which is not our direct child). */
2777 if (exclusive)
2778 manager_unwatch_pid(u->manager, pid);
2779
d5099efc 2780 r = set_ensure_allocated(&u->pids, NULL);
5ba6985b
LP		 2781 if (r < 0)
2782 return r;
2783
62a76913 2784 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
a911bb9a
LP		 2785 if (r < 0)
2786 return r;
2787
62a76913
LP		 2788 /* First try, let's add the unit keyed by "pid". */
2789 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2790 if (r == -EEXIST) {
2791 Unit **array;
2792 bool found = false;
2793 size_t n = 0;
05e343b7 2794
62a76913
LP		 2795 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2796 * to an array of Units rather than just a Unit), lists us already. */
a911bb9a 2797
62a76913
LP		 2798 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2799 if (array)
2800 for (; array[n]; n++)
2801 if (array[n] == u)
2802 found = true;
a911bb9a 2803
62a76913
LP		 2804 if (found) /* Found it already? if so, do nothing */
2805 r = 0;
2806 else {
2807 Unit **new_array;
2808
2809 /* Allocate a new array */
2810 new_array = new(Unit*, n + 2);
2811 if (!new_array)
2812 return -ENOMEM;
2813
2814 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2815 new_array[n] = u;
2816 new_array[n+1] = NULL;
2817
2818 /* Add or replace the old array */
2819 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2820 if (r < 0) {
2821 free(new_array);
2822 return r;
2823 }
2824
2825 free(array);
2826 }
2827 } else if (r < 0)
2828 return r;
2829
2830 r = set_put(u->pids, PID_TO_PTR(pid));
2831 if (r < 0)
2832 return r;
2833
2834 return 0;
87f0e418
LP		 2835}
2836
2837void unit_unwatch_pid(Unit *u, pid_t pid) {
62a76913
LP		 2838 Unit **array;
2839
87f0e418 2840 assert(u);
62a76913
LP		 2841 assert(pid_is_valid(pid));
2842
2843 /* First let's drop the unit in case it's keyed as "pid". */
2844 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2845
2846 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2847 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2848 if (array) {
62a76913 2849 /* Let's iterate through the array, dropping our own entry */
12375b95
ZJS		 2850
2851 size_t m = 0;
2852 for (size_t n = 0; array[n]; n++)
62a76913
LP		 2853 if (array[n] != u)
2854 array[m++] = array[n];
2855 array[m] = NULL;
2856
2857 if (m == 0) {
2858 /* The array is now empty, remove the entire entry */
20c3acfa 2859 assert_se(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
62a76913
LP		 2860 free(array);
2861 }
2862 }
87f0e418 2863
fea72cc0 2864 (void) set_remove(u->pids, PID_TO_PTR(pid));
a911bb9a
LP		 2865}
2866
bd44e61b
LP		 2867void unit_unwatch_all_pids(Unit *u) {
2868 assert(u);
2869
2870 while (!set_isempty(u->pids))
fea72cc0 2871 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
bd44e61b 2872
efdb0237 2873 u->pids = set_free(u->pids);
a911bb9a
LP		 2874}
2875
50be4f4a
LP		 2876static void unit_tidy_watch_pids(Unit *u) {
2877 pid_t except1, except2;
a911bb9a
LP		 2878 void *e;
2879
2880 assert(u);
2881
2882 /* Cleans dead PIDs from our list */
2883
50be4f4a
LP		 2884 except1 = unit_main_pid(u);
2885 except2 = unit_control_pid(u);
2886
90e74a66 2887 SET_FOREACH(e, u->pids) {
fea72cc0 2888 pid_t pid = PTR_TO_PID(e);
a911bb9a
LP		 2889
2890 if (pid == except1 || pid == except2)
2891 continue;
2892
9f5650ae 2893 if (!pid_is_unwaited(pid))
bd44e61b 2894 unit_unwatch_pid(u, pid);
a911bb9a 2895 }
87f0e418
LP		 2896}
2897
50be4f4a
LP		 2898static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
2899 Unit *u = userdata;
2900
2901 assert(s);
2902 assert(u);
2903
2904 unit_tidy_watch_pids(u);
2905 unit_watch_all_pids(u);
2906
2907 /* If the PID set is empty now, then let's finish this off. */
2908 unit_synthesize_cgroup_empty_event(u);
2909
2910 return 0;
2911}
2912
2913int unit_enqueue_rewatch_pids(Unit *u) {
2914 int r;
2915
2916 assert(u);
2917
2918 if (!u->cgroup_path)
2919 return -ENOENT;
2920
2921 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
2922 if (r < 0)
2923 return r;
2924 if (r > 0) /* On unified we can use proper notifications */
2925 return 0;
2926
2927 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2928 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2929 * involves issuing kill(pid, 0) on all processes we watch. */
2930
2931 if (!u->rewatch_pids_event_source) {
2932 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
2933
2934 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
2935 if (r < 0)
2936 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
2937
2938 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
2939 if (r < 0)
28b77ab2 2940 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: %m");
50be4f4a
LP		 2941
2942 (void) sd_event_source_set_description(s, "tidy-watch-pids");
2943
2944 u->rewatch_pids_event_source = TAKE_PTR(s);
2945 }
2946
2947 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
2948 if (r < 0)
2949 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
2950
2951 return 0;
2952}
2953
2954void unit_dequeue_rewatch_pids(Unit *u) {
2955 int r;
2956 assert(u);
2957
2958 if (!u->rewatch_pids_event_source)
2959 return;
2960
2961 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
2962 if (r < 0)
2963 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2964
5dcadb4c 2965 u->rewatch_pids_event_source = sd_event_source_disable_unref(u->rewatch_pids_event_source);
50be4f4a
LP		 2966}
2967
87f0e418
LP		 2968bool unit_job_is_applicable(Unit *u, JobType j) {
2969 assert(u);
2970 assert(j >= 0 && j < _JOB_TYPE_MAX);
2971
2972 switch (j) {
2973
2974 case JOB_VERIFY_ACTIVE:
2975 case JOB_START:
e0209d83 2976 case JOB_NOP:
f5869324 2977 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
86b52a39 2978 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
f5869324 2979 * jobs for it. */
87f0e418
LP		 2980 return true;
2981
f5869324
LP		 2982 case JOB_STOP:
2983 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
86b52a39 2984 * external events), hence it makes no sense to permit enqueuing such a request either. */
f5869324
LP		 2985 return !u->perpetual;
2986
87f0e418
LP		 2987 case JOB_RESTART:
2988 case JOB_TRY_RESTART:
f5869324 2989 return unit_can_stop(u) && unit_can_start(u);
87f0e418
LP		 2990
2991 case JOB_RELOAD:
3282591d 2992 case JOB_TRY_RELOAD:
87f0e418
LP		 2993 return unit_can_reload(u);
2994
2995 case JOB_RELOAD_OR_START:
2996 return unit_can_reload(u) && unit_can_start(u);
2997
2998 default:
04499a70 2999 assert_not_reached();
87f0e418
LP		 3000 }
3001}
3002
eef85c4a
LP		 3003int unit_add_dependency(
3004 Unit *u,
3005 UnitDependency d,
3006 Unit *other,
3007 bool add_reference,
3008 UnitDependencyMask mask) {
87f0e418
LP		 3009
3010 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
3011 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
be7d9ff7 3012 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
7e9212bf 3013 [UNIT_WANTS] = UNIT_WANTED_BY,
7f2cddae 3014 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
60649f17 3015 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
0bc488c9 3016 [UNIT_UPHOLDS] = UNIT_UPHELD_BY,
be7d9ff7 3017 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
be7d9ff7 3018 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
be7d9ff7 3019 [UNIT_WANTED_BY] = UNIT_WANTS,
7f2cddae 3020 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
60649f17 3021 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
0bc488c9 3022 [UNIT_UPHELD_BY] = UNIT_UPHOLDS,
69dd2852
LP		 3023 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
3024 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
87f0e418 3025 [UNIT_BEFORE] = UNIT_AFTER,
701cc384 3026 [UNIT_AFTER] = UNIT_BEFORE,
294446dc
LP		 3027 [UNIT_ON_SUCCESS] = UNIT_ON_SUCCESS_OF,
3028 [UNIT_ON_SUCCESS_OF] = UNIT_ON_SUCCESS,
629b2a6f
LP		 3029 [UNIT_ON_FAILURE] = UNIT_ON_FAILURE_OF,
3030 [UNIT_ON_FAILURE_OF] = UNIT_ON_FAILURE,
57020a3a 3031 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
4dcc1cb4 3032 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
7f2cddae 3033 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
85e9a101 3034 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
ffec78c0
LP		 3035 [UNIT_PROPAGATES_STOP_TO] = UNIT_STOP_PROPAGATED_FROM,
3036 [UNIT_STOP_PROPAGATED_FROM] = UNIT_PROPAGATES_STOP_TO,
defe63b0 3037 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF, /* symmetric! 👓 */
7e9212bf
LP		 3038 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
3039 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
d219a2b0
LP		 3040 [UNIT_IN_SLICE] = UNIT_SLICE_OF,
3041 [UNIT_SLICE_OF] = UNIT_IN_SLICE,
87f0e418 3042 };
eef85c4a 3043 Unit *original_u = u, *original_other = other;
15ed3c3a 3044 UnitDependencyAtom a;
eef85c4a 3045 int r;
15ed3c3a
LP		 3046
3047 /* Helper to know whether sending a notification is necessary or not: if the dependency is already
3048 * there, no need to notify! */
3049 bool noop;
87f0e418
LP		 3050
3051 assert(u);
3052 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
87f0e418
LP		 3053 assert(other);
3054
9f151f29
LP		 3055 u = unit_follow_merge(u);
3056 other = unit_follow_merge(other);
15ed3c3a
LP		 3057 a = unit_dependency_to_atom(d);
3058 assert(a >= 0);
9f151f29 3059
15ed3c3a 3060 /* We won't allow dependencies on ourselves. We will not consider them an error however. */
d1fab3fe 3061 if (u == other) {
15ed3c3a 3062 unit_maybe_warn_about_dependency(original_u, original_other->id, d);
87f0e418 3063 return 0;
d1fab3fe 3064 }
87f0e418 3065
f14d6810
MG		 3066 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3067 return 0;
3068
15ed3c3a
LP		 3069 /* Note that ordering a device unit after a unit is permitted since it allows to start its job
3070 * running timeout at a specific time. */
3071 if (FLAGS_SET(a, UNIT_ATOM_BEFORE) && other->type == UNIT_DEVICE) {
b862c257 3072 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
c80a9a33
LP		 3073 return 0;
3074 }
3075
15ed3c3a 3076 if (FLAGS_SET(a, UNIT_ATOM_ON_FAILURE) && !UNIT_VTABLE(u)->can_fail) {
c80a9a33
LP		 3077 log_unit_warning(u, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other->id, unit_type_to_string(u->type));
3078 return 0;
3079 }
3080
15ed3c3a 3081 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERS) && !UNIT_VTABLE(u)->can_trigger)
c80a9a33
LP		 3082 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3083 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(u->type));
15ed3c3a 3084 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERED_BY) && !UNIT_VTABLE(other)->can_trigger)
c80a9a33
LP		 3085 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3086 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(other->type));
3087
d219a2b0
LP		 3088 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && other->type != UNIT_SLICE)
3089 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3090 "Requested dependency Slice=%s refused (%s is not a slice unit).", other->id, other->id);
3091 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && u->type != UNIT_SLICE)
3092 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3093 "Requested dependency SliceOf=%s refused (%s is not a slice unit).", other->id, u->id);
3094
3095 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && !UNIT_HAS_CGROUP_CONTEXT(u))
3096 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3097 "Requested dependency Slice=%s refused (%s is not a cgroup unit).", other->id, u->id);
3098
3099 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && !UNIT_HAS_CGROUP_CONTEXT(other))
3100 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3101 "Requested dependency SliceOf=%s refused (%s is not a cgroup unit).", other->id, other->id);
3102
15ed3c3a 3103 r = unit_add_dependency_hashmap(&u->dependencies, d, other, mask, 0);
613b411c 3104 if (r < 0)
87f0e418 3105 return r;
15ed3c3a 3106 noop = !r;
87f0e418 3107
eef85c4a 3108 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
15ed3c3a 3109 r = unit_add_dependency_hashmap(&other->dependencies, inverse_table[d], u, 0, mask);
613b411c
LP		 3110 if (r < 0)
3111 return r;
15ed3c3a 3112 if (r)
5177cb0a 3113 noop = false;
613b411c
LP		 3114 }
3115
3116 if (add_reference) {
15ed3c3a 3117 r = unit_add_dependency_hashmap(&u->dependencies, UNIT_REFERENCES, other, mask, 0);
613b411c 3118 if (r < 0)
5de9682c 3119 return r;
15ed3c3a 3120 if (r)
5177cb0a 3121 noop = false;
5de9682c 3122
15ed3c3a 3123 r = unit_add_dependency_hashmap(&other->dependencies, UNIT_REFERENCED_BY, u, 0, mask);
613b411c 3124 if (r < 0)
701cc384 3125 return r;
15ed3c3a 3126 if (r)
5177cb0a 3127 noop = false;
613b411c 3128 }
87f0e418 3129
5177cb0a
RM		 3130 if (!noop)
3131 unit_add_to_dbus_queue(u);
15ed3c3a 3132
87f0e418
LP		 3133 return 0;
3134}
0301abf4 3135
eef85c4a 3136int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
2c966c03
LP		 3137 int r;
3138
3139 assert(u);
3140
eef85c4a 3141 r = unit_add_dependency(u, d, other, add_reference, mask);
3f3cc397 3142 if (r < 0)
2c966c03
LP		 3143 return r;
3144
eef85c4a 3145 return unit_add_dependency(u, e, other, add_reference, mask);
2c966c03
LP		 3146}
3147
23e8c796 3148static int resolve_template(Unit *u, const char *name, char **buf, const char **ret) {
7410616c 3149 int r;
9e2f7c11
LP		 3150
3151 assert(u);
23e8c796 3152 assert(name);
7410616c
LP		 3153 assert(buf);
3154 assert(ret);
9e2f7c11 3155
7410616c
LP		 3156 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
3157 *buf = NULL;
3158 *ret = name;
3159 return 0;
9e2f7c11
LP		 3160 }
3161
ac155bb8 3162 if (u->instance)
7410616c 3163 r = unit_name_replace_instance(name, u->instance, buf);
9e2f7c11 3164 else {
ae018d9b 3165 _cleanup_free_ char *i = NULL;
9e2f7c11 3166
7410616c
LP		 3167 r = unit_name_to_prefix(u->id, &i);
3168 if (r < 0)
3169 return r;
9e2f7c11 3170
7410616c 3171 r = unit_name_replace_instance(name, i, buf);
9e2f7c11 3172 }
7410616c
LP		 3173 if (r < 0)
3174 return r;
9e2f7c11 3175
7410616c
LP		 3176 *ret = *buf;
3177 return 0;
9e2f7c11
LP		 3178}
3179
35d8c19a 3180int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 3181 _cleanup_free_ char *buf = NULL;
09b6b09f
LP		 3182 Unit *other;
3183 int r;
3184
9e2f7c11 3185 assert(u);
35d8c19a 3186 assert(name);
09b6b09f 3187
23e8c796 3188 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 3189 if (r < 0)
3190 return r;
09b6b09f 3191
f14d6810
MG		 3192 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3193 return 0;
3194
35d8c19a 3195 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
8afbb8e1
LP		 3196 if (r < 0)
3197 return r;
9e2f7c11 3198
eef85c4a 3199 return unit_add_dependency(u, d, other, add_reference, mask);
09b6b09f
LP		 3200}
3201
5a724170 3202int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 3203 _cleanup_free_ char *buf = NULL;
2c966c03
LP		 3204 Unit *other;
3205 int r;
2c966c03
LP		 3206
3207 assert(u);
5a724170 3208 assert(name);
2c966c03 3209
23e8c796 3210 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 3211 if (r < 0)
3212 return r;
2c966c03 3213
f14d6810
MG		 3214 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3215 return 0;
3216
5a724170 3217 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3f3cc397 3218 if (r < 0)
68eda4bd 3219 return r;
2c966c03 3220
eef85c4a 3221 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2c966c03
LP		 3222}
3223
0301abf4 3224int set_unit_path(const char *p) {
0301abf4 3225 /* This is mostly for debug purposes */
cbe46ead 3226 if (setenv("SYSTEMD_UNIT_PATH", p, 1) < 0)
26d04f86 3227 return -errno;
0301abf4
LP		 3228
3229 return 0;
3230}
88066b3a 3231
ea430986 3232char *unit_dbus_path(Unit *u) {
ea430986
LP		 3233 assert(u);
3234
ac155bb8 3235 if (!u->id)
04ade7d2
LP		 3236 return NULL;
3237
48899192 3238 return unit_dbus_path_from_name(u->id);
ea430986
LP		 3239}
3240
4b58153d
LP		 3241char *unit_dbus_path_invocation_id(Unit *u) {
3242 assert(u);
3243
3244 if (sd_id128_is_null(u->invocation_id))
3245 return NULL;
3246
3247 return unit_dbus_path_from_name(u->invocation_id_string);
3248}
3249
2d3b784d 3250int unit_set_invocation_id(Unit *u, sd_id128_t id) {
db868d45
ZJS		 3251 int r;
3252
3253 assert(u);
3254
3255 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
3256
3257 if (sd_id128_equal(u->invocation_id, id))
3258 return 0;
3259
3260 if (!sd_id128_is_null(u->invocation_id))
3261 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
3262
3263 if (sd_id128_is_null(id)) {
3264 r = 0;
3265 goto reset;
3266 }
3267
3268 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
3269 if (r < 0)
3270 goto reset;
3271
3272 u->invocation_id = id;
3273 sd_id128_to_string(id, u->invocation_id_string);
3274
3275 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
3276 if (r < 0)
3277 goto reset;
3278
3279 return 0;
3280
3281reset:
3282 u->invocation_id = SD_ID128_NULL;
3283 u->invocation_id_string[0] = 0;
3284 return r;
3285}
3286
d219a2b0
LP		 3287int unit_set_slice(Unit *u, Unit *slice, UnitDependencyMask mask) {
3288 int r;
3289
d79200e2
LP		 3290 assert(u);
3291 assert(slice);
3292
d219a2b0
LP		 3293 /* Sets the unit slice if it has not been set before. Is extra careful, to only allow this for units
3294 * that actually have a cgroup context. Also, we don't allow to set this for slices (since the parent
3295 * slice is derived from the name). Make sure the unit we set is actually a slice. */
d79200e2
LP		 3296
3297 if (!UNIT_HAS_CGROUP_CONTEXT(u))
3298 return -EOPNOTSUPP;
3299
3300 if (u->type == UNIT_SLICE)
3301 return -EINVAL;
3302
102ef982
LP		 3303 if (unit_active_state(u) != UNIT_INACTIVE)
3304 return -EBUSY;
3305
d79200e2
LP		 3306 if (slice->type != UNIT_SLICE)
3307 return -EINVAL;
3308
efdb0237
LP		 3309 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3310 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3311 return -EPERM;
3312
12f64221 3313 if (UNIT_GET_SLICE(u) == slice)
d79200e2
LP		 3314 return 0;
3315
99e66921 3316 /* Disallow slice changes if @u is already bound to cgroups */
12f64221 3317 if (UNIT_GET_SLICE(u) && u->cgroup_realized)
d79200e2
LP		 3318 return -EBUSY;
3319
d219a2b0
LP		 3320 r = unit_add_dependency(u, UNIT_IN_SLICE, slice, true, mask);
3321 if (r < 0)
3322 return r;
3323
d79200e2
LP		 3324 return 1;
3325}
3326
3327int unit_set_default_slice(Unit *u) {
a8833944 3328 const char *slice_name;
a016b922
LP		 3329 Unit *slice;
3330 int r;
3331
3332 assert(u);
3333
f14d6810
MG		 3334 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3335 return 0;
3336
12f64221 3337 if (UNIT_GET_SLICE(u))
a016b922
LP		 3338 return 0;
3339
a8833944
LP		 3340 if (u->instance) {
3341 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
68eda4bd 3342
a8833944
LP		 3343 /* Implicitly place all instantiated units in their
3344 * own per-template slice */
3345
7410616c
LP		 3346 r = unit_name_to_prefix(u->id, &prefix);
3347 if (r < 0)
3348 return r;
a8833944
LP		 3349
3350 /* The prefix is already escaped, but it might include
3351 * "-" which has a special meaning for slice units,
3352 * hence escape it here extra. */
7410616c 3353 escaped = unit_name_escape(prefix);
a8833944
LP		 3354 if (!escaped)
3355 return -ENOMEM;
3356
463d0d15 3357 if (MANAGER_IS_SYSTEM(u->manager))
00e7b3c8 3358 slice_name = strjoina("system-", escaped, ".slice");
a8833944 3359 else
7f3b86a4 3360 slice_name = strjoina("app-", escaped, ".slice");
5ee24fa0
ZJS		 3361
3362 } else if (unit_is_extrinsic(u))
3363 /* Keep all extrinsic units (e.g. perpetual units and swap and mount units in user mode) in
3364 * the root slice. They don't really belong in one of the subslices. */
3365 slice_name = SPECIAL_ROOT_SLICE;
3366
3367 else if (MANAGER_IS_SYSTEM(u->manager))
3368 slice_name = SPECIAL_SYSTEM_SLICE;
3369 else
3370 slice_name = SPECIAL_APP_SLICE;
a8833944
LP		 3371
3372 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
a016b922
LP		 3373 if (r < 0)
3374 return r;
3375
d219a2b0 3376 return unit_set_slice(u, slice, UNIT_DEPENDENCY_FILE);
a016b922
LP		 3377}
3378
9444b1f2 3379const char *unit_slice_name(Unit *u) {
12f64221 3380 Unit *slice;
9444b1f2
LP		 3381 assert(u);
3382
12f64221
LP		 3383 slice = UNIT_GET_SLICE(u);
3384 if (!slice)
9444b1f2
LP		 3385 return NULL;
3386
12f64221 3387 return slice->id;
9444b1f2
LP		 3388}
3389
f6ff8c29 3390int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
78edb35a 3391 _cleanup_free_ char *t = NULL;
f6ff8c29
LP		 3392 int r;
3393
3394 assert(u);
3395 assert(type);
3396 assert(_found);
3397
7410616c
LP		 3398 r = unit_name_change_suffix(u->id, type, &t);
3399 if (r < 0)
3400 return r;
3401 if (unit_has_name(u, t))
3402 return -EINVAL;
f6ff8c29 3403
ac155bb8 3404 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
9e2f7c11 3405 assert(r < 0 || *_found != u);
f6ff8c29
LP		 3406 return r;
3407}
3408
bbc29086 3409static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
fc67a943 3410 const char *new_owner;
bbc29086
DM		 3411 Unit *u = userdata;
3412 int r;
3413
3414 assert(message);
3415 assert(u);
3416
fc67a943 3417 r = sd_bus_message_read(message, "sss", NULL, NULL, &new_owner);
bbc29086
DM		 3418 if (r < 0) {
3419 bus_log_parse_error(r);
3420 return 0;
3421 }
3422
3423 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3424 UNIT_VTABLE(u)->bus_name_owner_change(u, empty_to_null(new_owner));
a5a8776a
MJ		 3425
3426 return 0;
3427}
3428
3429static int get_name_owner_handler(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3430 const sd_bus_error *e;
3431 const char *new_owner;
3432 Unit *u = userdata;
3433 int r;
3434
3435 assert(message);
3436 assert(u);
3437
3438 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3439
a5a8776a 3440 e = sd_bus_message_get_error(message);
a5a8776a 3441 if (e) {
a54654ba
LP		 3442 if (!sd_bus_error_has_name(e, "org.freedesktop.DBus.Error.NameHasNoOwner"))
3443 log_unit_error(u, "Unexpected error response from GetNameOwner(): %s", e->message);
a5a8776a 3444
fc67a943
LP		 3445 new_owner = NULL;
3446 } else {
3447 r = sd_bus_message_read(message, "s", &new_owner);
3448 if (r < 0)
3449 return bus_log_parse_error(r);
a5a8776a 3450
fc67a943
LP		 3451 assert(!isempty(new_owner));
3452 }
a5a8776a
MJ		 3453
3454 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3455 UNIT_VTABLE(u)->bus_name_owner_change(u, new_owner);
bbc29086
DM		 3456
3457 return 0;
3458}
3459
9806e87d
LP		 3460int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3461 const char *match;
a5b07847 3462 int r;
bbc29086 3463
9806e87d
LP		 3464 assert(u);
3465 assert(bus);
3466 assert(name);
bbc29086 3467
a5b07847 3468 if (u->match_bus_slot || u->get_name_owner_slot)
bbc29086
DM		 3469 return -EBUSY;
3470
9806e87d 3471 match = strjoina("type='signal',"
81d62103
ZJS		 3472 "sender='org.freedesktop.DBus',"
3473 "path='/org/freedesktop/DBus',"
3474 "interface='org.freedesktop.DBus',"
3475 "member='NameOwnerChanged',"
3476 "arg0='", name, "'");
bbc29086 3477
a5b07847 3478 r = sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
a5a8776a
MJ		 3479 if (r < 0)
3480 return r;
3481
a5b07847
LP		 3482 r = sd_bus_call_method_async(
3483 bus,
3484 &u->get_name_owner_slot,
3485 "org.freedesktop.DBus",
3486 "/org/freedesktop/DBus",
3487 "org.freedesktop.DBus",
3488 "GetNameOwner",
3489 get_name_owner_handler,
3490 u,
3491 "s", name);
3492 if (r < 0) {
3493 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3494 return r;
3495 }
3496
3497 log_unit_debug(u, "Watching D-Bus name '%s'.", name);
3498 return 0;
bbc29086
DM		 3499}
3500
05e343b7 3501int unit_watch_bus_name(Unit *u, const char *name) {
bbc29086
DM		 3502 int r;
3503
05e343b7
LP		 3504 assert(u);
3505 assert(name);
3506
3507 /* Watch a specific name on the bus. We only support one unit
3508 * watching each name for now. */
3509
bbc29086
DM		 3510 if (u->manager->api_bus) {
3511 /* If the bus is already available, install the match directly.
3512 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
9806e87d 3513 r = unit_install_bus_match(u, u->manager->api_bus, name);
bbc29086 3514 if (r < 0)
8ea823b6 3515 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
bbc29086
DM		 3516 }
3517
3518 r = hashmap_put(u->manager->watch_bus, name, u);
3519 if (r < 0) {
3520 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5b07847 3521 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
bbc29086
DM		 3522 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3523 }
3524
3525 return 0;
05e343b7
LP		 3526}
3527
3528void unit_unwatch_bus_name(Unit *u, const char *name) {
3529 assert(u);
3530 assert(name);
3531
8367fea5 3532 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
bbc29086 3533 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5a8776a 3534 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
05e343b7
LP		 3535}
3536
d336ba9f 3537int unit_add_node_dependency(Unit *u, const char *what, UnitDependency dep, UnitDependencyMask mask) {
68eda4bd 3538 _cleanup_free_ char *e = NULL;
44b0d1fd 3539 Unit *device;
6e2ef85b
LP		 3540 int r;
3541
3542 assert(u);
3543
6e2ef85b 3544 /* Adds in links to the device node that this unit is based on */
47bc12e1
LP		 3545 if (isempty(what))
3546 return 0;
6e2ef85b 3547
8407a5d0 3548 if (!is_device_path(what))
6e2ef85b
LP		 3549 return 0;
3550
44b0d1fd 3551 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
1c2e9646 3552 if (!unit_type_supported(UNIT_DEVICE))
47bc12e1
LP		 3553 return 0;
3554
7410616c
LP		 3555 r = unit_name_from_path(what, ".device", &e);
3556 if (r < 0)
3557 return r;
6e2ef85b 3558
ac155bb8 3559 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
6e2ef85b
LP		 3560 if (r < 0)
3561 return r;
3562
ebc8968b
FB		 3563 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3564 dep = UNIT_BINDS_TO;
3565
d336ba9f
FB		 3566 return unit_add_two_dependencies(u, UNIT_AFTER,
3567 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3568 device, true, mask);
6e2ef85b 3569}
a16e1123 3570
44b0d1fd
LP		 3571int unit_add_blockdev_dependency(Unit *u, const char *what, UnitDependencyMask mask) {
3572 _cleanup_free_ char *escaped = NULL, *target = NULL;
3573 int r;
3574
3575 assert(u);
3576
3577 if (isempty(what))
3578 return 0;
3579
3580 if (!path_startswith(what, "/dev/"))
3581 return 0;
3582
3583 /* If we don't support devices, then also don't bother with blockdev@.target */
3584 if (!unit_type_supported(UNIT_DEVICE))
3585 return 0;
3586
3587 r = unit_name_path_escape(what, &escaped);
3588 if (r < 0)
3589 return r;
3590
3591 r = unit_name_build("blockdev", escaped, ".target", &target);
3592 if (r < 0)
3593 return r;
3594
3595 return unit_add_dependency_by_name(u, UNIT_AFTER, target, true, mask);
3596}
3597
be847e82 3598int unit_coldplug(Unit *u) {
05a98afd
LP		 3599 int r = 0, q;
3600 char **i;
cca098b0
LP		 3601
3602 assert(u);
3603
f0831ed2 3604 /* Make sure we don't enter a loop, when coldplugging recursively. */
f78f265f
LP		 3605 if (u->coldplugged)
3606 return 0;
3607
3608 u->coldplugged = true;
3609
05a98afd
LP		 3610 STRV_FOREACH(i, u->deserialized_refs) {
3611 q = bus_unit_track_add_name(u, *i);
3612 if (q < 0 && r >= 0)
3613 r = q;
3614 }
3615 u->deserialized_refs = strv_free(u->deserialized_refs);
cca098b0 3616
05a98afd
LP		 3617 if (UNIT_VTABLE(u)->coldplug) {
3618 q = UNIT_VTABLE(u)->coldplug(u);
3619 if (q < 0 && r >= 0)
3620 r = q;
3621 }
5a6158b6 3622
7dbd330c
GL		 3623 if (u->job) {
3624 q = job_coldplug(u->job);
3625 if (q < 0 && r >= 0)
3626 r = q;
3627 }
3628 if (u->nop_job) {
3629 q = job_coldplug(u->nop_job);
05a98afd
LP		 3630 if (q < 0 && r >= 0)
3631 r = q;
3632 }
cca098b0 3633
05a98afd 3634 return r;
cca098b0
LP		 3635}
3636
f0831ed2
LP		 3637void unit_catchup(Unit *u) {
3638 assert(u);
3639
3640 if (UNIT_VTABLE(u)->catchup)
3641 UNIT_VTABLE(u)->catchup(u);
869f52f2
DS		 3642
3643 unit_cgroup_catchup(u);
f0831ed2
LP		 3644}
3645
ba25d39e 3646static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
21b95806
ZJS		 3647 struct stat st;
3648
3649 if (!path)
3650 return false;
3651
77969722
LP		 3652 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3653 * are never out-of-date. */
3654 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3655 return false;
3656
21b95806
ZJS		 3657 if (stat(path, &st) < 0)
3658 /* What, cannot access this anymore? */
3659 return true;
3660
ba25d39e
ZJS		 3661 if (path_masked)
3662 /* For masked files check if they are still so */
3663 return !null_or_empty(&st);
3664 else
3a8db9fe 3665 /* For non-empty files check the mtime */
87ec20ef 3666 return timespec_load(&st.st_mtim) > mtime;
21b95806
ZJS		 3667
3668 return false;
3669}
3670
45fb0699 3671bool unit_need_daemon_reload(Unit *u) {
ae7a7182
OS		 3672 _cleanup_strv_free_ char **t = NULL;
3673 char **path;
1b64d026 3674
45fb0699
LP		 3675 assert(u);
3676
ba25d39e
ZJS		 3677 /* For unit files, we allow masking… */
3678 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3679 u->load_state == UNIT_MASKED))
21b95806 3680 return true;
5f4b19f4 3681
ba25d39e
ZJS		 3682 /* Source paths should not be masked… */
3683 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
ab932a62 3684 return true;
ae7a7182 3685
19a44dfe
LR		 3686 if (u->load_state == UNIT_LOADED)
3687 (void) unit_find_dropin_paths(u, &t);
ab932a62
LP		 3688 if (!strv_equal(u->dropin_paths, t))
3689 return true;
6d10d308 3690
ba25d39e 3691 /* … any drop-ins that are masked are simply omitted from the list. */
ab932a62 3692 STRV_FOREACH(path, u->dropin_paths)
ba25d39e 3693 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
ab932a62 3694 return true;
21b95806 3695
ab932a62 3696 return false;
45fb0699
LP		 3697}
3698
fdf20a31 3699void unit_reset_failed(Unit *u) {
5632e374
LP		 3700 assert(u);
3701
fdf20a31
MM		 3702 if (UNIT_VTABLE(u)->reset_failed)
3703 UNIT_VTABLE(u)->reset_failed(u);
6bf0f408 3704
7bf081a1 3705 ratelimit_reset(&u->start_ratelimit);
6bf0f408 3706 u->start_limit_hit = false;
5632e374
LP		 3707}
3708
a7f241db
LP		 3709Unit *unit_following(Unit *u) {
3710 assert(u);
3711
3712 if (UNIT_VTABLE(u)->following)
3713 return UNIT_VTABLE(u)->following(u);
3714
3715 return NULL;
3716}
3717
31afa0a4 3718bool unit_stop_pending(Unit *u) {
18ffdfda
LP		 3719 assert(u);
3720
31afa0a4
LP		 3721 /* This call does check the current state of the unit. It's
3722 * hence useful to be called from state change calls of the
3723 * unit itself, where the state isn't updated yet. This is
3724 * different from unit_inactive_or_pending() which checks both
3725 * the current state and for a queued job. */
18ffdfda 3726
28a2dfe8 3727 return unit_has_job_type(u, JOB_STOP);
31afa0a4
LP		 3728}
3729
3730bool unit_inactive_or_pending(Unit *u) {
3731 assert(u);
3732
3733 /* Returns true if the unit is inactive or going down */
18ffdfda 3734
d956ac29
LP		 3735 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3736 return true;
3737
31afa0a4 3738 if (unit_stop_pending(u))
18ffdfda
LP		 3739 return true;
3740
3741 return false;
3742}
3743
31afa0a4 3744bool unit_active_or_pending(Unit *u) {
f976f3f6
LP		 3745 assert(u);
3746
f60c2665 3747 /* Returns true if the unit is active or going up */
f976f3f6
LP		 3748
3749 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3750 return true;
3751
ac155bb8 3752 if (u->job &&
3742095b 3753 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
f976f3f6
LP		 3754 return true;
3755
3756 return false;
3757}
3758
52a12341
YW		 3759bool unit_will_restart_default(Unit *u) {
3760 assert(u);
3761
28a2dfe8 3762 return unit_has_job_type(u, JOB_START);
52a12341
YW		 3763}
3764
deb4e708
MK		 3765bool unit_will_restart(Unit *u) {
3766 assert(u);
3767
3768 if (!UNIT_VTABLE(u)->will_restart)
3769 return false;
3770
3771 return UNIT_VTABLE(u)->will_restart(u);
3772}
3773
718db961 3774int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
8a0867d6
LP		 3775 assert(u);
3776 assert(w >= 0 && w < _KILL_WHO_MAX);
6eb7c172 3777 assert(SIGNAL_VALID(signo));
8a0867d6 3778
8a0867d6 3779 if (!UNIT_VTABLE(u)->kill)
15411c0c 3780 return -EOPNOTSUPP;
8a0867d6 3781
c74f17d9 3782 return UNIT_VTABLE(u)->kill(u, w, signo, error);
8a0867d6
LP		 3783}
3784
82659fd7 3785static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
af4fa99d 3786 _cleanup_set_free_ Set *pid_set = NULL;
82659fd7
LP		 3787 int r;
3788
d5099efc 3789 pid_set = set_new(NULL);
82659fd7
LP		 3790 if (!pid_set)
3791 return NULL;
3792
3793 /* Exclude the main/control pids from being killed via the cgroup */
3794 if (main_pid > 0) {
fea72cc0 3795 r = set_put(pid_set, PID_TO_PTR(main_pid));
82659fd7 3796 if (r < 0)
95f14a3e 3797 return NULL;
82659fd7
LP		 3798 }
3799
3800 if (control_pid > 0) {
fea72cc0 3801 r = set_put(pid_set, PID_TO_PTR(control_pid));
82659fd7 3802 if (r < 0)
95f14a3e 3803 return NULL;
82659fd7
LP		 3804 }
3805
95f14a3e 3806 return TAKE_PTR(pid_set);
82659fd7
LP		 3807}
3808
d9911002
LP		 3809static int kill_common_log(pid_t pid, int signo, void *userdata) {
3810 _cleanup_free_ char *comm = NULL;
3811 Unit *u = userdata;
3812
3813 assert(u);
3814
3815 (void) get_process_comm(pid, &comm);
3816 log_unit_info(u, "Sending signal SIG%s to process " PID_FMT " (%s) on client request.",
3817 signal_to_string(signo), pid, strna(comm));
3818
3819 return 1;
3820}
3821
d91c34f2
LP		 3822int unit_kill_common(
3823 Unit *u,
3824 KillWho who,
3825 int signo,
3826 pid_t main_pid,
3827 pid_t control_pid,
718db961 3828 sd_bus_error *error) {
d91c34f2 3829
814cc562 3830 int r = 0;
ac5e3a50 3831 bool killed = false;
814cc562 3832
8aff7ac4
LP		 3833 /* This is the common implementation for explicit user-requested killing of unit processes, shared by
3834 * various unit types. Do not confuse with unit_kill_context(), which is what we use when we want to
3835 * stop a service ourselves. */
3836
ac5e3a50 3837 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
814cc562 3838 if (main_pid < 0)
7358dc02 3839 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
8aff7ac4 3840 if (main_pid == 0)
7358dc02 3841 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
814cc562
MS		 3842 }
3843
ac5e3a50 3844 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
814cc562 3845 if (control_pid < 0)
7358dc02 3846 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
8aff7ac4 3847 if (control_pid == 0)
7358dc02 3848 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
814cc562
MS		 3849 }
3850
ac5e3a50
JS		 3851 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
3852 if (control_pid > 0) {
d9911002
LP		 3853 _cleanup_free_ char *comm = NULL;
3854 (void) get_process_comm(control_pid, &comm);
3855
3856 if (kill(control_pid, signo) < 0) {
3857 /* Report this failure both to the logs and to the client */
3858 sd_bus_error_set_errnof(
3859 error, errno,
3860 "Failed to send signal SIG%s to control process " PID_FMT " (%s): %m",
3861 signal_to_string(signo), control_pid, strna(comm));
3862 r = log_unit_warning_errno(
3863 u, errno,
3864 "Failed to send signal SIG%s to control process " PID_FMT " (%s) on client request: %m",
3865 signal_to_string(signo), control_pid, strna(comm));
3866 } else {
3867 log_unit_info(u, "Sent signal SIG%s to control process " PID_FMT " (%s) on client request.",
3868 signal_to_string(signo), control_pid, strna(comm));
ac5e3a50 3869 killed = true;
d9911002 3870 }
ac5e3a50 3871 }
814cc562 3872
ac5e3a50
JS		 3873 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
3874 if (main_pid > 0) {
d9911002
LP		 3875 _cleanup_free_ char *comm = NULL;
3876 (void) get_process_comm(main_pid, &comm);
3877
3878 if (kill(main_pid, signo) < 0) {
3879 if (r == 0)
3880 sd_bus_error_set_errnof(
3881 error, errno,
3882 "Failed to send signal SIG%s to main process " PID_FMT " (%s): %m",
3883 signal_to_string(signo), main_pid, strna(comm));
3884
3885 r = log_unit_warning_errno(
3886 u, errno,
3887 "Failed to send signal SIG%s to main process " PID_FMT " (%s) on client request: %m",
3888 signal_to_string(signo), main_pid, strna(comm));
3889 } else {
3890 log_unit_info(u, "Sent signal SIG%s to main process " PID_FMT " (%s) on client request.",
3891 signal_to_string(signo), main_pid, strna(comm));
ac5e3a50 3892 killed = true;
d9911002 3893 }
ac5e3a50 3894 }
814cc562 3895
ac5e3a50 3896 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
814cc562
MS		 3897 _cleanup_set_free_ Set *pid_set = NULL;
3898 int q;
3899
82659fd7
LP		 3900 /* Exclude the main/control pids from being killed via the cgroup */
3901 pid_set = unit_pid_set(main_pid, control_pid);
814cc562 3902 if (!pid_set)
d9911002
LP		 3903 return log_oom();
3904
3905 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, kill_common_log, u);
3906 if (q < 0) {
3907 if (!IN_SET(q, -ESRCH, -ENOENT)) {
3908 if (r == 0)
3909 sd_bus_error_set_errnof(
3910 error, q,
3911 "Failed to send signal SIG%s to auxiliary processes: %m",
3912 signal_to_string(signo));
3913
3914 r = log_unit_warning_errno(
3915 u, q,
3916 "Failed to send signal SIG%s to auxiliary processes on client request: %m",
3917 signal_to_string(signo));
3918 }
3919 } else
ac5e3a50 3920 killed = true;
814cc562
MS		 3921 }
3922
2ae0508e
LP		 3923 /* If the "fail" versions of the operation are requested, then complain if the set of processes we killed is empty */
3924 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL, KILL_MAIN_FAIL))
3925 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No matching processes to kill");
ac5e3a50 3926
814cc562
MS		 3927 return r;
3928}
3929
6210e7fc
LP		 3930int unit_following_set(Unit *u, Set **s) {
3931 assert(u);
3932 assert(s);
3933
3934 if (UNIT_VTABLE(u)->following_set)
3935 return UNIT_VTABLE(u)->following_set(u, s);
3936
3937 *s = NULL;
3938 return 0;
3939}
3940
a4375746 3941UnitFileState unit_get_unit_file_state(Unit *u) {
0ec0deaa
LP		 3942 int r;
3943
a4375746
LP		 3944 assert(u);
3945
0ec0deaa
LP		 3946 if (u->unit_file_state < 0 && u->fragment_path) {
3947 r = unit_file_get_state(
463d0d15 3948 u->manager->unit_file_scope,
0ec0deaa 3949 NULL,
9ea3a0e7 3950 u->id,
0ec0deaa
LP		 3951 &u->unit_file_state);
3952 if (r < 0)
3953 u->unit_file_state = UNIT_FILE_BAD;
3954 }
a4375746 3955
ac155bb8 3956 return u->unit_file_state;
a4375746
LP		 3957}
3958
d2dc52db
LP		 3959int unit_get_unit_file_preset(Unit *u) {
3960 assert(u);
3961
3962 if (u->unit_file_preset < 0 && u->fragment_path)
3963 u->unit_file_preset = unit_file_query_preset(
463d0d15 3964 u->manager->unit_file_scope,
0ec0deaa 3965 NULL,
8f7b2566
ZJS		 3966 basename(u->fragment_path),
3967 NULL);
d2dc52db
LP		 3968
3969 return u->unit_file_preset;
3970}
3971
7f7d01ed 3972Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
57020a3a 3973 assert(ref);
7f7d01ed
ZJS		 3974 assert(source);
3975 assert(target);
57020a3a 3976
7f7d01ed 3977 if (ref->target)
57020a3a
LP		 3978 unit_ref_unset(ref);
3979
7f7d01ed
ZJS		 3980 ref->source = source;
3981 ref->target = target;
3982 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
3983 return target;
57020a3a
LP		 3984}
3985
3986void unit_ref_unset(UnitRef *ref) {
3987 assert(ref);
3988
7f7d01ed 3989 if (!ref->target)
57020a3a
LP		 3990 return;
3991
b75102e5
LP		 3992 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
3993 * be unreferenced now. */
7f7d01ed 3994 unit_add_to_gc_queue(ref->target);
b75102e5 3995
7f7d01ed
ZJS		 3996 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
3997 ref->source = ref->target = NULL;
57020a3a
LP		 3998}
3999
29206d46
LP		 4000static int user_from_unit_name(Unit *u, char **ret) {
4001
4002 static const uint8_t hash_key[] = {
4003 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4004 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4005 };
4006
4007 _cleanup_free_ char *n = NULL;
4008 int r;
4009
4010 r = unit_name_to_prefix(u->id, &n);
4011 if (r < 0)
4012 return r;
4013
7a8867ab 4014 if (valid_user_group_name(n, 0)) {
ae2a15bc 4015 *ret = TAKE_PTR(n);
29206d46
LP		 4016 return 0;
4017 }
4018
4019 /* If we can't use the unit name as a user name, then let's hash it and use that */
4020 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4021 return -ENOMEM;
4022
4023 return 0;
4024}
4025
598459ce
LP		 4026int unit_patch_contexts(Unit *u) {
4027 CGroupContext *cc;
4028 ExecContext *ec;
cba6e062
LP		 4029 int r;
4030
e06c73cc 4031 assert(u);
e06c73cc 4032
598459ce
LP		 4033 /* Patch in the manager defaults into the exec and cgroup
4034 * contexts, _after_ the rest of the settings have been
4035 * initialized */
085afe36 4036
598459ce
LP		 4037 ec = unit_get_exec_context(u);
4038 if (ec) {
4039 /* This only copies in the ones that need memory */
12375b95 4040 for (unsigned i = 0; i < _RLIMIT_MAX; i++)
598459ce
LP		 4041 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4042 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4043 if (!ec->rlimit[i])
4044 return -ENOMEM;
4045 }
4046
463d0d15 4047 if (MANAGER_IS_USER(u->manager) &&
598459ce
LP		 4048 !ec->working_directory) {
4049
4050 r = get_home_dir(&ec->working_directory);
4051 if (r < 0)
4052 return r;
4c08c824
LP		 4053
4054 /* Allow user services to run, even if the
4055 * home directory is missing */
4056 ec->working_directory_missing_ok = true;
cba6e062
LP		 4057 }
4058
598459ce 4059 if (ec->private_devices)
2cd0a735 4060 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
502d704e
DH		 4061
4062 if (ec->protect_kernel_modules)
4063 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
29206d46 4064
84703040
KK		 4065 if (ec->protect_kernel_logs)
4066 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYSLOG);
4067
fc64760d
KK		 4068 if (ec->protect_clock)
4069 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_SYS_TIME) | (UINT64_C(1) << CAP_WAKE_ALARM));
4070
29206d46
LP		 4071 if (ec->dynamic_user) {
4072 if (!ec->user) {
4073 r = user_from_unit_name(u, &ec->user);
4074 if (r < 0)
4075 return r;
4076 }
4077
4078 if (!ec->group) {
4079 ec->group = strdup(ec->user);
4080 if (!ec->group)
4081 return -ENOMEM;
4082 }
4083
bf65b7e0
LP		 4084 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4085 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4086 * sandbox. */
63bb64a0 4087
29206d46 4088 ec->private_tmp = true;
00d9ef85 4089 ec->remove_ipc = true;
63bb64a0
LP		 4090 ec->protect_system = PROTECT_SYSTEM_STRICT;
4091 if (ec->protect_home == PROTECT_HOME_NO)
4092 ec->protect_home = PROTECT_HOME_READ_ONLY;
bf65b7e0
LP		 4093
4094 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4095 * them. */
4096 ec->no_new_privileges = true;
4097 ec->restrict_suid_sgid = true;
29206d46 4098 }
cba6e062
LP		 4099 }
4100
598459ce 4101 cc = unit_get_cgroup_context(u);
fe65e88b 4102 if (cc && ec) {
f513e420 4103
fe65e88b 4104 if (ec->private_devices &&
084870f9
ZJS		 4105 cc->device_policy == CGROUP_DEVICE_POLICY_AUTO)
4106 cc->device_policy = CGROUP_DEVICE_POLICY_CLOSED;
fe65e88b 4107
b3d13314 4108 if ((ec->root_image || !LIST_IS_EMPTY(ec->mount_images)) &&
084870f9 4109 (cc->device_policy != CGROUP_DEVICE_POLICY_AUTO || cc->device_allow)) {
0cffae95 4110 const char *p;
fe65e88b 4111
b3d13314 4112 /* When RootImage= or MountImages= is specified, the following devices are touched. */
0cffae95
LB		 4113 FOREACH_STRING(p, "/dev/loop-control", "/dev/mapper/control") {
4114 r = cgroup_add_device_allow(cc, p, "rw");
4115 if (r < 0)
4116 return r;
4117 }
4118 FOREACH_STRING(p, "block-loop", "block-blkext", "block-device-mapper") {
4119 r = cgroup_add_device_allow(cc, p, "rwm");
4120 if (r < 0)
4121 return r;
4122 }
867af728 4123
0cffae95
LB		 4124 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices.
4125 * Same for mapper and verity. */
4126 FOREACH_STRING(p, "modprobe@loop.service", "modprobe@dm_mod.service", "modprobe@dm_verity.service") {
4127 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, p, true, UNIT_DEPENDENCY_FILE);
4128 if (r < 0)
4129 return r;
4130 }
fe65e88b 4131 }
fc64760d
KK		 4132
4133 if (ec->protect_clock) {
4134 r = cgroup_add_device_allow(cc, "char-rtc", "r");
4135 if (r < 0)
4136 return r;
4137 }
598459ce 4138 }
f1660f96 4139
cba6e062 4140 return 0;
e06c73cc
LP		 4141}
4142
c2503e35 4143ExecContext *unit_get_exec_context(const Unit *u) {
3ef63c31
LP		 4144 size_t offset;
4145 assert(u);
4146
598459ce
LP		 4147 if (u->type < 0)
4148 return NULL;
4149
3ef63c31
LP		 4150 offset = UNIT_VTABLE(u)->exec_context_offset;
4151 if (offset <= 0)
4152 return NULL;
4153
4154 return (ExecContext*) ((uint8_t*) u + offset);
4155}
4156
718db961
LP		 4157KillContext *unit_get_kill_context(Unit *u) {
4158 size_t offset;
4159 assert(u);
4160
598459ce
LP		 4161 if (u->type < 0)
4162 return NULL;
4163
718db961
LP		 4164 offset = UNIT_VTABLE(u)->kill_context_offset;
4165 if (offset <= 0)
4166 return NULL;
4167
4168 return (KillContext*) ((uint8_t*) u + offset);
4169}
4170
4ad49000
LP		 4171CGroupContext *unit_get_cgroup_context(Unit *u) {
4172 size_t offset;
4173
598459ce
LP		 4174 if (u->type < 0)
4175 return NULL;
4176
4ad49000
LP		 4177 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4178 if (offset <= 0)
4179 return NULL;
4180
4181 return (CGroupContext*) ((uint8_t*) u + offset);
4182}
4183
613b411c
LP		 4184ExecRuntime *unit_get_exec_runtime(Unit *u) {
4185 size_t offset;
4186
598459ce
LP		 4187 if (u->type < 0)
4188 return NULL;
4189
613b411c
LP		 4190 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4191 if (offset <= 0)
4192 return NULL;
4193
4194 return *(ExecRuntime**) ((uint8_t*) u + offset);
4195}
4196
2e59b241 4197static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
3f5e8115
LP		 4198 assert(u);
4199
2e59b241 4200 if (UNIT_WRITE_FLAGS_NOOP(flags))
4f4afc88
LP		 4201 return NULL;
4202
39591351
LP		 4203 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4204 return u->manager->lookup_paths.transient;
26d04f86 4205
2e59b241 4206 if (flags & UNIT_PERSISTENT)
4f4afc88 4207 return u->manager->lookup_paths.persistent_control;
26d04f86 4208
2e59b241
LP		 4209 if (flags & UNIT_RUNTIME)
4210 return u->manager->lookup_paths.runtime_control;
4211
39591351 4212 return NULL;
71645aca
LP		 4213}
4214
2e59b241
LP		 4215char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4216 char *ret = NULL;
4217
4218 if (!s)
4219 return NULL;
4220
4221 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4222 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4223 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4224 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4225 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4226 * allocations. */
4227
4228 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4229 ret = specifier_escape(s);
4230 if (!ret)
4231 return NULL;
4232
4233 s = ret;
4234 }
4235
4236 if (flags & UNIT_ESCAPE_C) {
4237 char *a;
4238
4239 a = cescape(s);
4240 free(ret);
4241 if (!a)
4242 return NULL;
4243
4244 ret = a;
4245 }
4246
4247 if (buf) {
4248 *buf = ret;
4249 return ret ?: (char*) s;
4250 }
4251
4252 return ret ?: strdup(s);
4253}
4254
4255char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4256 _cleanup_free_ char *result = NULL;
319a4f4b 4257 size_t n = 0;
ae2a15bc 4258 char **i;
2e59b241
LP		 4259
4260 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4261 * way suitable for ExecStart= stanzas */
4262
4263 STRV_FOREACH(i, l) {
4264 _cleanup_free_ char *buf = NULL;
4265 const char *p;
4266 size_t a;
4267 char *q;
4268
4269 p = unit_escape_setting(*i, flags, &buf);
4270 if (!p)
4271 return NULL;
4272
4273 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
319a4f4b 4274 if (!GREEDY_REALLOC(result, n + a + 1))
2e59b241
LP		 4275 return NULL;
4276
4277 q = result + n;
4278 if (n > 0)
4279 *(q++) = ' ';
4280
4281 *(q++) = '"';
4282 q = stpcpy(q, p);
4283 *(q++) = '"';
4284
4285 n += a;
4286 }
4287
319a4f4b 4288 if (!GREEDY_REALLOC(result, n + 1))
2e59b241
LP		 4289 return NULL;
4290
4291 result[n] = 0;
4292
ae2a15bc 4293 return TAKE_PTR(result);
2e59b241
LP		 4294}
4295
4296int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4297 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
2a9a6f8a 4298 const char *dir, *wrapped;
26d04f86 4299 int r;
71645aca
LP		 4300
4301 assert(u);
2e59b241
LP		 4302 assert(name);
4303 assert(data);
4304
4305 if (UNIT_WRITE_FLAGS_NOOP(flags))
4306 return 0;
4307
4308 data = unit_escape_setting(data, flags, &escaped);
4309 if (!data)
4310 return -ENOMEM;
4311
4312 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4313 * previous section header is the same */
4314
4315 if (flags & UNIT_PRIVATE) {
4316 if (!UNIT_VTABLE(u)->private_section)
4317 return -EINVAL;
4318
4319 if (!u->transient_file || u->last_section_private < 0)
4320 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4321 else if (u->last_section_private == 0)
4322 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4323 } else {
4324 if (!u->transient_file || u->last_section_private < 0)
4325 data = strjoina("[Unit]\n", data);
4326 else if (u->last_section_private > 0)
4327 data = strjoina("\n[Unit]\n", data);
4328 }
71645aca 4329
4f4afc88
LP		 4330 if (u->transient_file) {
4331 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4332 * write to the transient unit file. */
4333 fputs(data, u->transient_file);
4f4afc88 4334
2e59b241
LP		 4335 if (!endswith(data, "\n"))
4336 fputc('\n', u->transient_file);
4337
4338 /* Remember which section we wrote this entry to */
4339 u->last_section_private = !!(flags & UNIT_PRIVATE);
8e2af478 4340 return 0;
2e59b241 4341 }
8e2af478 4342
2e59b241 4343 dir = unit_drop_in_dir(u, flags);
39591351
LP		 4344 if (!dir)
4345 return -EINVAL;
71645aca 4346
2a9a6f8a 4347 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
3f71dec5 4348 "# or an equivalent operation. Do not edit.\n",
2a9a6f8a
ZJS		 4349 data,
4350 "\n");
e20b2a86 4351
815b09d3 4352 r = drop_in_file(dir, u->id, 50, name, &p, &q);
adb76a70
WC		 4353 if (r < 0)
4354 return r;
4355
45639f1b 4356 (void) mkdir_p_label(p, 0755);
4dba44a5
ZJS		 4357
4358 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4359 * recreate the cache after every drop-in we write. */
4360 if (u->manager->unit_path_cache) {
be327321 4361 r = set_put_strdup(&u->manager->unit_path_cache, p);
4dba44a5
ZJS		 4362 if (r < 0)
4363 return r;
4364 }
4365
2a9a6f8a 4366 r = write_string_file_atomic_label(q, wrapped);
adb76a70
WC		 4367 if (r < 0)
4368 return r;
4369
815b09d3 4370 r = strv_push(&u->dropin_paths, q);
adb76a70
WC		 4371 if (r < 0)
4372 return r;
815b09d3 4373 q = NULL;
adb76a70 4374
adb76a70
WC		 4375 strv_uniq(u->dropin_paths);
4376
4377 u->dropin_mtime = now(CLOCK_REALTIME);
4378
4379 return 0;
26d04f86 4380}
71645aca 4381
2e59b241 4382int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
b9ec9359
LP		 4383 _cleanup_free_ char *p = NULL;
4384 va_list ap;
4385 int r;
4386
4387 assert(u);
4388 assert(name);
4389 assert(format);
4390
2e59b241 4391 if (UNIT_WRITE_FLAGS_NOOP(flags))
b9ec9359
LP		 4392 return 0;
4393
4394 va_start(ap, format);
4395 r = vasprintf(&p, format, ap);
4396 va_end(ap);
4397
4398 if (r < 0)
4399 return -ENOMEM;
4400
2e59b241 4401 return unit_write_setting(u, flags, name, p);
b9ec9359 4402}
71645aca 4403
c2756a68 4404int unit_make_transient(Unit *u) {
0126c8f3 4405 _cleanup_free_ char *path = NULL;
4f4afc88 4406 FILE *f;
4f4afc88 4407
c2756a68
LP		 4408 assert(u);
4409
3f5e8115
LP		 4410 if (!UNIT_VTABLE(u)->can_transient)
4411 return -EOPNOTSUPP;
4412
45639f1b
LP		 4413 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4414
657ee2d8 4415 path = path_join(u->manager->lookup_paths.transient, u->id);
4f4afc88
LP		 4416 if (!path)
4417 return -ENOMEM;
4418
4419 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4420 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4421
78e334b5 4422 RUN_WITH_UMASK(0022) {
4f4afc88 4423 f = fopen(path, "we");
0126c8f3 4424 if (!f)
78e334b5 4425 return -errno;
4f4afc88
LP		 4426 }
4427
0126c8f3 4428 safe_fclose(u->transient_file);
4f4afc88
LP		 4429 u->transient_file = f;
4430
0126c8f3 4431 free_and_replace(u->fragment_path, path);
7c65093a 4432
7c65093a
LP		 4433 u->source_path = mfree(u->source_path);
4434 u->dropin_paths = strv_free(u->dropin_paths);
4435 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4436
4f4afc88
LP		 4437 u->load_state = UNIT_STUB;
4438 u->load_error = 0;
4439 u->transient = true;
4440
7c65093a
LP		 4441 unit_add_to_dbus_queue(u);
4442 unit_add_to_gc_queue(u);
c2756a68 4443
4f4afc88
LP		 4444 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4445 u->transient_file);
4446
3f5e8115 4447 return 0;
c2756a68
LP		 4448}
4449
c53d2d54 4450static int log_kill(pid_t pid, int sig, void *userdata) {
1d98fef1
LP		 4451 _cleanup_free_ char *comm = NULL;
4452
4453 (void) get_process_comm(pid, &comm);
4454
4455 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4456 only, like for example systemd's own PAM stub process. */
4457 if (comm && comm[0] == '(')
c53d2d54 4458 return 0;
1d98fef1
LP		 4459
4460 log_unit_notice(userdata,
4461 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4462 pid,
4463 strna(comm),
4464 signal_to_string(sig));
c53d2d54
DB		 4465
4466 return 1;
1d98fef1
LP		 4467}
4468
4ab1670f 4469static int operation_to_signal(const KillContext *c, KillOperation k, bool *noteworthy) {
1d98fef1
LP		 4470 assert(c);
4471
4472 switch (k) {
4473
4474 case KILL_TERMINATE:
4475 case KILL_TERMINATE_AND_LOG:
4ab1670f 4476 *noteworthy = false;
1d98fef1
LP		 4477 return c->kill_signal;
4478
a232ebcc 4479 case KILL_RESTART:
4ab1670f 4480 *noteworthy = false;
a232ebcc
ZJS		 4481 return restart_kill_signal(c);
4482
1d98fef1 4483 case KILL_KILL:
4ab1670f 4484 *noteworthy = true;
fbb48d4c 4485 return c->final_kill_signal;
1d98fef1 4486
c87700a1 4487 case KILL_WATCHDOG:
4ab1670f 4488 *noteworthy = true;
c87700a1 4489 return c->watchdog_signal;
1d98fef1
LP		 4490
4491 default:
04499a70 4492 assert_not_reached();
1d98fef1
LP		 4493 }
4494}
4495
cd2086fe
LP		 4496int unit_kill_context(
4497 Unit *u,
4498 KillContext *c,
db2cb23b 4499 KillOperation k,
cd2086fe
LP		 4500 pid_t main_pid,
4501 pid_t control_pid,
4502 bool main_pid_alien) {
4503
1d98fef1 4504 bool wait_for_exit = false, send_sighup;
59ec09a8 4505 cg_kill_log_func_t log_func = NULL;
b821a397 4506 int sig, r;
cd2086fe
LP		 4507
4508 assert(u);
4509 assert(c);
4510
8aff7ac4
LP		 4511 /* Kill the processes belonging to this unit, in preparation for shutting the unit down. Returns > 0
4512 * if we killed something worth waiting for, 0 otherwise. Do not confuse with unit_kill_common()
4513 * which is used for user-requested killing of unit processes. */
1d98fef1 4514
cd2086fe
LP		 4515 if (c->kill_mode == KILL_NONE)
4516 return 0;
4517
4ab1670f
ZJS		 4518 bool noteworthy;
4519 sig = operation_to_signal(c, k, &noteworthy);
4520 if (noteworthy)
4521 log_func = log_kill;
1d98fef1
LP		 4522
4523 send_sighup =
4524 c->send_sighup &&
4525 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4526 sig != SIGHUP;
4527
cd2086fe 4528 if (main_pid > 0) {
1d98fef1
LP		 4529 if (log_func)
4530 log_func(main_pid, sig, u);
cd2086fe 4531
1d98fef1 4532 r = kill_and_sigcont(main_pid, sig);
cd2086fe
LP		 4533 if (r < 0 && r != -ESRCH) {
4534 _cleanup_free_ char *comm = NULL;
1d98fef1 4535 (void) get_process_comm(main_pid, &comm);
cd2086fe 4536
b821a397 4537 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
82659fd7 4538 } else {
bc6aed7b
LP		 4539 if (!main_pid_alien)
4540 wait_for_exit = true;
82659fd7 4541
1d98fef1 4542 if (r != -ESRCH && send_sighup)
d0667321 4543 (void) kill(main_pid, SIGHUP);
82659fd7 4544 }
cd2086fe
LP		 4545 }
4546
4547 if (control_pid > 0) {
1d98fef1
LP		 4548 if (log_func)
4549 log_func(control_pid, sig, u);
cd2086fe 4550
1d98fef1 4551 r = kill_and_sigcont(control_pid, sig);
cd2086fe
LP		 4552 if (r < 0 && r != -ESRCH) {
4553 _cleanup_free_ char *comm = NULL;
1d98fef1 4554 (void) get_process_comm(control_pid, &comm);
cd2086fe 4555
b821a397 4556 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
82659fd7 4557 } else {
cd2086fe 4558 wait_for_exit = true;
82659fd7 4559
1d98fef1 4560 if (r != -ESRCH && send_sighup)
d0667321 4561 (void) kill(control_pid, SIGHUP);
82659fd7 4562 }
cd2086fe
LP		 4563 }
4564
b821a397
LP		 4565 if (u->cgroup_path &&
4566 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
cd2086fe
LP		 4567 _cleanup_set_free_ Set *pid_set = NULL;
4568
82659fd7
LP		 4569 /* Exclude the main/control pids from being killed via the cgroup */
4570 pid_set = unit_pid_set(main_pid, control_pid);
cd2086fe
LP		 4571 if (!pid_set)
4572 return -ENOMEM;
4573
1d98fef1
LP		 4574 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4575 sig,
4576 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4577 pid_set,
4578 log_func, u);
cd2086fe 4579 if (r < 0) {
4c701096 4580 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
6178e2f8 4581 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", empty_to_root(u->cgroup_path));
b821a397 4582
82659fd7 4583 } else if (r > 0) {
bc6aed7b 4584
1d9cc876
LP		 4585 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4586 * we are running in a container or if this is a delegation unit, simply because cgroup
4587 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4588 * of containers it can be confused easily by left-over directories in the cgroup — which
4589 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4590 * there we get proper events. Hence rely on them. */
efdb0237 4591
c22800e4 4592 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
1d9cc876 4593 (detect_container() == 0 && !unit_cgroup_delegate(u)))
e9db43d5 4594 wait_for_exit = true;
58ea275a 4595
1d98fef1 4596 if (send_sighup) {
82659fd7
LP		 4597 set_free(pid_set);
4598
4599 pid_set = unit_pid_set(main_pid, control_pid);
4600 if (!pid_set)
4601 return -ENOMEM;
4602
c8aa4b5b
LP		 4603 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4604 SIGHUP,
4605 CGROUP_IGNORE_SELF,
4606 pid_set,
4607 NULL, NULL);
82659fd7
LP		 4608 }
4609 }
cd2086fe
LP		 4610 }
4611
4612 return wait_for_exit;
4613}
4614
eef85c4a 4615int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
a57f7e2c
LP		 4616 int r;
4617
4618 assert(u);
4619 assert(path);
4620
ac19bdd0
ZJS		 4621 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these
4622 * paths in the unit (from the path to the UnitDependencyInfo structure indicating how to the
4623 * dependency came to be). However, we build a prefix table for all possible prefixes so that new
4624 * appearing mount units can easily determine which units to make themselves a dependency of. */
a57f7e2c 4625
70b64bd3
ZJS		 4626 if (!path_is_absolute(path))
4627 return -EINVAL;
4628
ac19bdd0
ZJS		 4629 if (hashmap_contains(u->requires_mounts_for, path)) /* Exit quickly if the path is already covered. */
4630 return 0;
eef85c4a 4631
ac19bdd0 4632 _cleanup_free_ char *p = strdup(path);
a57f7e2c
LP		 4633 if (!p)
4634 return -ENOMEM;
4635
ac19bdd0
ZJS		 4636 /* Use the canonical form of the path as the stored key. We call path_is_normalized()
4637 * only after simplification, since path_is_normalized() rejects paths with '.'.
4638 * path_is_normalized() also verifies that the path fits in PATH_MAX. */
4ff361cc 4639 path = path_simplify(p);
a57f7e2c 4640
ca8700e9 4641 if (!path_is_normalized(path))
a57f7e2c 4642 return -EPERM;
a57f7e2c 4643
ac19bdd0 4644 UnitDependencyInfo di = {
eef85c4a
LP		 4645 .origin_mask = mask
4646 };
4647
ac19bdd0 4648 r = hashmap_ensure_put(&u->requires_mounts_for, &path_hash_ops, p, di.data);
ca8700e9 4649 if (r < 0)
a57f7e2c 4650 return r;
ac19bdd0
ZJS		 4651 assert(r > 0);
4652 TAKE_PTR(p); /* path remains a valid pointer to the string stored in the hashmap */
a57f7e2c 4653
4cb06c59 4654 char prefix[strlen(path) + 1];
ca8700e9 4655 PATH_FOREACH_PREFIX_MORE(prefix, path) {
a57f7e2c
LP		 4656 Set *x;
4657
4658 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4659 if (!x) {
ca8700e9 4660 _cleanup_free_ char *q = NULL;
a57f7e2c 4661
548f6937 4662 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
742f41ad
LP		 4663 if (r < 0)
4664 return r;
a57f7e2c
LP		 4665
4666 q = strdup(prefix);
4667 if (!q)
4668 return -ENOMEM;
4669
d5099efc 4670 x = set_new(NULL);
ca8700e9 4671 if (!x)
a57f7e2c 4672 return -ENOMEM;
a57f7e2c
LP		 4673
4674 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4675 if (r < 0) {
a57f7e2c
LP		 4676 set_free(x);
4677 return r;
4678 }
ca8700e9 4679 q = NULL;
a57f7e2c
LP		 4680 }
4681
4682 r = set_put(x, u);
4683 if (r < 0)
4684 return r;
4685 }
4686
4687 return 0;
4688}
4689
613b411c
LP		 4690int unit_setup_exec_runtime(Unit *u) {
4691 ExecRuntime **rt;
4692 size_t offset;
613b411c 4693 Unit *other;
e8a565cb 4694 int r;
613b411c
LP		 4695
4696 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4697 assert(offset > 0);
4698
06b643e7 4699 /* Check if there already is an ExecRuntime for this unit? */
613b411c
LP		 4700 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4701 if (*rt)
4702 return 0;
4703
4704 /* Try to get it from somebody else */
15ed3c3a 4705 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_JOINS_NAMESPACE_OF) {
e8a565cb
YW		 4706 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
4707 if (r == 1)
4708 return 1;
613b411c
LP		 4709 }
4710
e8a565cb 4711 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
613b411c
LP		 4712}
4713
29206d46
LP		 4714int unit_setup_dynamic_creds(Unit *u) {
4715 ExecContext *ec;
4716 DynamicCreds *dcreds;
4717 size_t offset;
4718
4719 assert(u);
4720
4721 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4722 assert(offset > 0);
4723 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4724
4725 ec = unit_get_exec_context(u);
4726 assert(ec);
4727
4728 if (!ec->dynamic_user)
4729 return 0;
4730
4731 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4732}
4733
1c2e9646
LP		 4734bool unit_type_supported(UnitType t) {
4735 if (_unlikely_(t < 0))
4736 return false;
4737 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4738 return false;
4739
4740 if (!unit_vtable[t]->supported)
4741 return true;
4742
4743 return unit_vtable[t]->supported();
4744}
4745
8b4305c7
LP		 4746void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4747 int r;
4748
4749 assert(u);
4750 assert(where);
4751
c2503e35
RH		 4752 if (!unit_log_level_test(u, LOG_NOTICE))
4753 return;
4754
8b4305c7 4755 r = dir_is_empty(where);
3f602115 4756 if (r > 0 || r == -ENOTDIR)
8b4305c7
LP		 4757 return;
4758 if (r < 0) {
4759 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4760 return;
4761 }
4762
c2503e35
RH		 4763 log_unit_struct(u, LOG_NOTICE,
4764 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4765 LOG_UNIT_INVOCATION_ID(u),
4766 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4767 "WHERE=%s", where);
8b4305c7
LP		 4768}
4769
25cd4964 4770int unit_fail_if_noncanonical(Unit *u, const char* where) {
58d9d89b 4771 _cleanup_free_ char *canonical_where = NULL;
8b4305c7
LP		 4772 int r;
4773
4774 assert(u);
4775 assert(where);
4776
a5648b80 4777 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where, NULL);
8b4305c7 4778 if (r < 0) {
25cd4964 4779 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
8b4305c7
LP		 4780 return 0;
4781 }
25cd4964
AJ		 4782
4783 /* We will happily ignore a trailing slash (or any redundant slashes) */
4784 if (path_equal(where, canonical_where))
8b4305c7
LP		 4785 return 0;
4786
25cd4964 4787 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
c2503e35
RH		 4788 log_unit_struct(u, LOG_ERR,
4789 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4790 LOG_UNIT_INVOCATION_ID(u),
4791 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
4792 "WHERE=%s", where);
8b4305c7
LP		 4793
4794 return -ELOOP;
4795}
0f13f3bd
LP		 4796
4797bool unit_is_pristine(Unit *u) {
4798 assert(u);
4799
7c65093a 4800 /* Check if the unit already exists or is already around,
0f13f3bd
LP		 4801 * in a number of different ways. Note that to cater for unit
4802 * types such as slice, we are generally fine with units that
e9e8cbc8
ZJS		 4803 * are marked UNIT_LOADED even though nothing was actually
4804 * loaded, as those unit types don't require a file on disk. */
0f13f3bd
LP		 4805
4806 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
4807 u->fragment_path ||
4808 u->source_path ||
4809 !strv_isempty(u->dropin_paths) ||
0f13f3bd
LP		 4810 u->job ||
4811 u->merged_into);
4812}
291d565a
LP		 4813
4814pid_t unit_control_pid(Unit *u) {
4815 assert(u);
4816
4817 if (UNIT_VTABLE(u)->control_pid)
4818 return UNIT_VTABLE(u)->control_pid(u);
4819
4820 return 0;
4821}
4822
4823pid_t unit_main_pid(Unit *u) {
4824 assert(u);
4825
4826 if (UNIT_VTABLE(u)->main_pid)
4827 return UNIT_VTABLE(u)->main_pid(u);
4828
4829 return 0;
4830}
00d9ef85
LP		 4831
4832static void unit_unref_uid_internal(
4833 Unit *u,
4834 uid_t *ref_uid,
4835 bool destroy_now,
4836 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4837
4838 assert(u);
4839 assert(ref_uid);
4840 assert(_manager_unref_uid);
4841
4842 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4843 * gid_t are actually the same time, with the same validity rules.
4844 *
4845 * Drops a reference to UID/GID from a unit. */
4846
4847 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4848 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4849
4850 if (!uid_is_valid(*ref_uid))
4851 return;
4852
4853 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4854 *ref_uid = UID_INVALID;
4855}
4856
b90cf102 4857static void unit_unref_uid(Unit *u, bool destroy_now) {
00d9ef85
LP		 4858 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4859}
4860
b90cf102 4861static void unit_unref_gid(Unit *u, bool destroy_now) {
00d9ef85
LP		 4862 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4863}
4864
b90cf102
LP		 4865void unit_unref_uid_gid(Unit *u, bool destroy_now) {
4866 assert(u);
4867
4868 unit_unref_uid(u, destroy_now);
4869 unit_unref_gid(u, destroy_now);
4870}
4871
00d9ef85
LP		 4872static int unit_ref_uid_internal(
4873 Unit *u,
4874 uid_t *ref_uid,
4875 uid_t uid,
4876 bool clean_ipc,
4877 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
4878
4879 int r;
4880
4881 assert(u);
4882 assert(ref_uid);
4883 assert(uid_is_valid(uid));
4884 assert(_manager_ref_uid);
4885
4886 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4887 * are actually the same type, and have the same validity rules.
4888 *
4889 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4890 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4891 * drops to zero. */
4892
4893 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4894 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4895
4896 if (*ref_uid == uid)
4897 return 0;
4898
4899 if (uid_is_valid(*ref_uid)) /* Already set? */
4900 return -EBUSY;
4901
4902 r = _manager_ref_uid(u->manager, uid, clean_ipc);
4903 if (r < 0)
4904 return r;
4905
4906 *ref_uid = uid;
4907 return 1;
4908}
4909
b90cf102 4910static int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
00d9ef85
LP		 4911 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
4912}
4913
b90cf102 4914static int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
00d9ef85
LP		 4915 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
4916}
4917
4918static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
4919 int r = 0, q = 0;
4920
4921 assert(u);
4922
4923 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4924
4925 if (uid_is_valid(uid)) {
4926 r = unit_ref_uid(u, uid, clean_ipc);
4927 if (r < 0)
4928 return r;
4929 }
4930
4931 if (gid_is_valid(gid)) {
4932 q = unit_ref_gid(u, gid, clean_ipc);
4933 if (q < 0) {
4934 if (r > 0)
4935 unit_unref_uid(u, false);
4936
4937 return q;
4938 }
4939 }
4940
4941 return r > 0 || q > 0;
4942}
4943
4944int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
4945 ExecContext *c;
4946 int r;
4947
4948 assert(u);
4949
4950 c = unit_get_exec_context(u);
4951
4952 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
4953 if (r < 0)
4954 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
4955
4956 return r;
4957}
4958
00d9ef85
LP		 4959void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
4960 int r;
4961
4962 assert(u);
4963
4964 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
4965 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
4966 * objects when no service references the UID/GID anymore. */
4967
4968 r = unit_ref_uid_gid(u, uid, gid);
4969 if (r > 0)
37d0b962 4970 unit_add_to_dbus_queue(u);
00d9ef85 4971}
4b58153d 4972
4b58153d
LP		 4973int unit_acquire_invocation_id(Unit *u) {
4974 sd_id128_t id;
4975 int r;
4976
4977 assert(u);
4978
4979 r = sd_id128_randomize(&id);
4980 if (r < 0)
4981 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
4982
4983 r = unit_set_invocation_id(u, id);
4984 if (r < 0)
4985 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
4986
af92c603 4987 unit_add_to_dbus_queue(u);
4b58153d
LP		 4988 return 0;
4989}
f0d47797 4990
1ad6e8b3
LP		 4991int unit_set_exec_params(Unit *u, ExecParameters *p) {
4992 int r;
4993
7960b0c7
LP		 4994 assert(u);
4995 assert(p);
f0d47797 4996
004c7f16 4997 /* Copy parameters from manager */
1ad6e8b3
LP		 4998 r = manager_get_effective_environment(u->manager, &p->environment);
4999 if (r < 0)
5000 return r;
5001
004c7f16
LP		 5002 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
5003 p->cgroup_supported = u->manager->cgroup_supported;
5004 p->prefix = u->manager->prefix;
5005 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5006
5238e957 5007 /* Copy parameters from unit */
7960b0c7 5008 p->cgroup_path = u->cgroup_path;
1d9cc876 5009 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
1ad6e8b3 5010
bb0c0d6f
LP		 5011 p->received_credentials = u->manager->received_credentials;
5012
1ad6e8b3 5013 return 0;
f0d47797 5014}
a79279c7 5015
4c253ed1 5016int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
a79279c7
LP		 5017 int r;
5018
5019 assert(u);
5020 assert(ret);
5021
5022 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5023 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5024
5025 (void) unit_realize_cgroup(u);
5026
4c253ed1
LP		 5027 r = safe_fork(name, FORK_REOPEN_LOG, ret);
5028 if (r != 0)
5029 return r;
a79279c7 5030
9c274488
LP		 5031 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE);
5032 (void) ignore_signals(SIGPIPE);
a79279c7 5033
4c253ed1 5034 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
a79279c7 5035
4c253ed1
LP		 5036 if (u->cgroup_path) {
5037 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5038 if (r < 0) {
6178e2f8 5039 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", empty_to_root(u->cgroup_path));
4c253ed1 5040 _exit(EXIT_CGROUP);
a79279c7 5041 }
a79279c7
LP		 5042 }
5043
4c253ed1 5044 return 0;
a79279c7 5045}
c999cf38 5046
810ef318
YW		 5047int unit_fork_and_watch_rm_rf(Unit *u, char **paths, pid_t *ret_pid) {
5048 pid_t pid;
5049 int r;
5050
5051 assert(u);
5052 assert(ret_pid);
5053
5054 r = unit_fork_helper_process(u, "(sd-rmrf)", &pid);
5055 if (r < 0)
5056 return r;
5057 if (r == 0) {
5058 int ret = EXIT_SUCCESS;
5059 char **i;
5060
5061 STRV_FOREACH(i, paths) {
5062 r = rm_rf(*i, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_MISSING_OK);
5063 if (r < 0) {
5064 log_error_errno(r, "Failed to remove '%s': %m", *i);
5065 ret = EXIT_FAILURE;
5066 }
5067 }
5068
5069 _exit(ret);
5070 }
5071
5072 r = unit_watch_pid(u, pid, true);
5073 if (r < 0)
5074 return r;
5075
5076 *ret_pid = pid;
5077 return 0;
5078}
5079
15ed3c3a
LP		 5080static void unit_update_dependency_mask(Hashmap *deps, Unit *other, UnitDependencyInfo di) {
5081 assert(deps);
c999cf38
LP		 5082 assert(other);
5083
15ed3c3a 5084 if (di.origin_mask == 0 && di.destination_mask == 0)
c999cf38 5085 /* No bit set anymore, let's drop the whole entry */
15ed3c3a
LP		 5086 assert_se(hashmap_remove(deps, other));
5087 else
c999cf38 5088 /* Mask was reduced, let's update the entry */
15ed3c3a 5089 assert_se(hashmap_update(deps, other, di.data) == 0);
c999cf38
LP		 5090}
5091
5092void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
15ed3c3a 5093 Hashmap *deps;
c999cf38
LP		 5094 assert(u);
5095
5096 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5097
5098 if (mask == 0)
5099 return;
5100
15ed3c3a 5101 HASHMAP_FOREACH(deps, u->dependencies) {
c999cf38
LP		 5102 bool done;
5103
5104 do {
5105 UnitDependencyInfo di;
5106 Unit *other;
c999cf38
LP		 5107
5108 done = true;
5109
15ed3c3a
LP		 5110 HASHMAP_FOREACH_KEY(di.data, other, deps) {
5111 Hashmap *other_deps;
5112
1d6cc5d0 5113 if (FLAGS_SET(~mask, di.origin_mask))
c999cf38 5114 continue;
15ed3c3a 5115
c999cf38 5116 di.origin_mask &= ~mask;
15ed3c3a 5117 unit_update_dependency_mask(deps, other, di);
c999cf38 5118
defe63b0
LP		 5119 /* We updated the dependency from our unit to the other unit now. But most
5120 * dependencies imply a reverse dependency. Hence, let's delete that one
5121 * too. For that we go through all dependency types on the other unit and
5122 * delete all those which point to us and have the right mask set. */
c999cf38 5123
15ed3c3a 5124 HASHMAP_FOREACH(other_deps, other->dependencies) {
c999cf38
LP		 5125 UnitDependencyInfo dj;
5126
15ed3c3a 5127 dj.data = hashmap_get(other_deps, u);
1d6cc5d0 5128 if (FLAGS_SET(~mask, dj.destination_mask))
c999cf38 5129 continue;
c999cf38 5130
15ed3c3a
LP		 5131 dj.destination_mask &= ~mask;
5132 unit_update_dependency_mask(other_deps, u, dj);
c999cf38
LP		 5133 }
5134
5135 unit_add_to_gc_queue(other);
5136
5137 done = false;
5138 break;
5139 }
5140
5141 } while (!done);
5142 }
5143}
d3070fbd 5144
2f8c48b6
AZ		 5145static int unit_get_invocation_path(Unit *u, char **ret) {
5146 char *p;
5147 int r;
5148
5149 assert(u);
5150 assert(ret);
5151
5152 if (MANAGER_IS_SYSTEM(u->manager))
5153 p = strjoin("/run/systemd/units/invocation:", u->id);
5154 else {
5155 _cleanup_free_ char *user_path = NULL;
5156 r = xdg_user_runtime_dir(&user_path, "/systemd/units/invocation:");
5157 if (r < 0)
5158 return r;
5159 p = strjoin(user_path, u->id);
5160 }
5161
5162 if (!p)
5163 return -ENOMEM;
5164
5165 *ret = p;
5166 return 0;
5167}
5168
d3070fbd 5169static int unit_export_invocation_id(Unit *u) {
2f8c48b6 5170 _cleanup_free_ char *p = NULL;
d3070fbd
LP		 5171 int r;
5172
5173 assert(u);
5174
5175 if (u->exported_invocation_id)
5176 return 0;
5177
5178 if (sd_id128_is_null(u->invocation_id))
5179 return 0;
5180
2f8c48b6
AZ		 5181 r = unit_get_invocation_path(u, &p);
5182 if (r < 0)
5183 return log_unit_debug_errno(u, r, "Failed to get invocation path: %m");
5184
a3f5fd96 5185 r = symlink_atomic_label(u->invocation_id_string, p);
d3070fbd
LP		 5186 if (r < 0)
5187 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5188
5189 u->exported_invocation_id = true;
5190 return 0;
5191}
5192
5193static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5194 const char *p;
5195 char buf[2];
5196 int r;
5197
5198 assert(u);
5199 assert(c);
5200
5201 if (u->exported_log_level_max)
5202 return 0;
5203
5204 if (c->log_level_max < 0)
5205 return 0;
5206
5207 assert(c->log_level_max <= 7);
5208
5209 buf[0] = '0' + c->log_level_max;
5210 buf[1] = 0;
5211
5212 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5213 r = symlink_atomic(buf, p);
5214 if (r < 0)
5215 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5216
5217 u->exported_log_level_max = true;
5218 return 0;
5219}
5220
5221static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5222 _cleanup_close_ int fd = -1;
5223 struct iovec *iovec;
5224 const char *p;
5225 char *pattern;
5226 le64_t *sizes;
5227 ssize_t n;
d3070fbd
LP		 5228 int r;
5229
5230 if (u->exported_log_extra_fields)
5231 return 0;
5232
5233 if (c->n_log_extra_fields <= 0)
5234 return 0;
5235
5236 sizes = newa(le64_t, c->n_log_extra_fields);
5237 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5238
12375b95 5239 for (size_t i = 0; i < c->n_log_extra_fields; i++) {
d3070fbd
LP		 5240 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5241
5242 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5243 iovec[i*2+1] = c->log_extra_fields[i];
5244 }
5245
5246 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5247 pattern = strjoina(p, ".XXXXXX");
5248
5249 fd = mkostemp_safe(pattern);
5250 if (fd < 0)
5251 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5252
5253 n = writev(fd, iovec, c->n_log_extra_fields*2);
5254 if (n < 0) {
5255 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5256 goto fail;
5257 }
5258
5259 (void) fchmod(fd, 0644);
5260
5261 if (rename(pattern, p) < 0) {
5262 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5263 goto fail;
5264 }
5265
5266 u->exported_log_extra_fields = true;
5267 return 0;
5268
5269fail:
5270 (void) unlink(pattern);
5271 return r;
5272}
5273
5ac1530e 5274static int unit_export_log_ratelimit_interval(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5275 _cleanup_free_ char *buf = NULL;
5276 const char *p;
5277 int r;
5278
5279 assert(u);
5280 assert(c);
5281
5ac1530e 5282 if (u->exported_log_ratelimit_interval)
90fc172e
AZ		 5283 return 0;
5284
5ac1530e 5285 if (c->log_ratelimit_interval_usec == 0)
90fc172e
AZ		 5286 return 0;
5287
5288 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5289
5ac1530e 5290 if (asprintf(&buf, "%" PRIu64, c->log_ratelimit_interval_usec) < 0)
90fc172e
AZ		 5291 return log_oom();
5292
5293 r = symlink_atomic(buf, p);
5294 if (r < 0)
5295 return log_unit_debug_errno(u, r, "Failed to create log rate limit interval symlink %s: %m", p);
5296
5ac1530e 5297 u->exported_log_ratelimit_interval = true;
90fc172e
AZ		 5298 return 0;
5299}
5300
5ac1530e 5301static int unit_export_log_ratelimit_burst(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5302 _cleanup_free_ char *buf = NULL;
5303 const char *p;
5304 int r;
5305
5306 assert(u);
5307 assert(c);
5308
5ac1530e 5309 if (u->exported_log_ratelimit_burst)
90fc172e
AZ		 5310 return 0;
5311
5ac1530e 5312 if (c->log_ratelimit_burst == 0)
90fc172e
AZ		 5313 return 0;
5314
5315 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5316
5ac1530e 5317 if (asprintf(&buf, "%u", c->log_ratelimit_burst) < 0)
90fc172e
AZ		 5318 return log_oom();
5319
5320 r = symlink_atomic(buf, p);
5321 if (r < 0)
5322 return log_unit_debug_errno(u, r, "Failed to create log rate limit burst symlink %s: %m", p);
5323
5ac1530e 5324 u->exported_log_ratelimit_burst = true;
90fc172e
AZ		 5325 return 0;
5326}
5327
d3070fbd
LP		 5328void unit_export_state_files(Unit *u) {
5329 const ExecContext *c;
5330
5331 assert(u);
5332
5333 if (!u->id)
5334 return;
5335
638cece4 5336 if (MANAGER_IS_TEST_RUN(u->manager))
8f632531
LP		 5337 return;
5338
d3070fbd
LP		 5339 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5340 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5341 * the IPC system itself and PID 1 also log to the journal.
5342 *
5343 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5344 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5345 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5346 * namespace at least.
5347 *
5348 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5349 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5350 * them with one. */
5351
5352 (void) unit_export_invocation_id(u);
5353
2f8c48b6
AZ		 5354 if (!MANAGER_IS_SYSTEM(u->manager))
5355 return;
5356
d3070fbd
LP		 5357 c = unit_get_exec_context(u);
5358 if (c) {
5359 (void) unit_export_log_level_max(u, c);
5360 (void) unit_export_log_extra_fields(u, c);
5ac1530e
ZJS		 5361 (void) unit_export_log_ratelimit_interval(u, c);
5362 (void) unit_export_log_ratelimit_burst(u, c);
d3070fbd
LP		 5363 }
5364}
5365
5366void unit_unlink_state_files(Unit *u) {
5367 const char *p;
5368
5369 assert(u);
5370
5371 if (!u->id)
5372 return;
5373
d3070fbd
LP		 5374 /* Undoes the effect of unit_export_state() */
5375
5376 if (u->exported_invocation_id) {
2f8c48b6
AZ		 5377 _cleanup_free_ char *invocation_path = NULL;
5378 int r = unit_get_invocation_path(u, &invocation_path);
5379 if (r >= 0) {
5380 (void) unlink(invocation_path);
5381 u->exported_invocation_id = false;
5382 }
d3070fbd
LP		 5383 }
5384
2f8c48b6
AZ		 5385 if (!MANAGER_IS_SYSTEM(u->manager))
5386 return;
5387
d3070fbd
LP		 5388 if (u->exported_log_level_max) {
5389 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5390 (void) unlink(p);
5391
5392 u->exported_log_level_max = false;
5393 }
5394
5395 if (u->exported_log_extra_fields) {
5396 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5397 (void) unlink(p);
5398
5399 u->exported_log_extra_fields = false;
5400 }
90fc172e 5401
5ac1530e 5402 if (u->exported_log_ratelimit_interval) {
90fc172e
AZ		 5403 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5404 (void) unlink(p);
5405
5ac1530e 5406 u->exported_log_ratelimit_interval = false;
90fc172e
AZ		 5407 }
5408
5ac1530e 5409 if (u->exported_log_ratelimit_burst) {
90fc172e
AZ		 5410 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5411 (void) unlink(p);
5412
5ac1530e 5413 u->exported_log_ratelimit_burst = false;
90fc172e 5414 }
d3070fbd 5415}
5afe510c 5416
3c7416b6
LP		 5417int unit_prepare_exec(Unit *u) {
5418 int r;
5419
5420 assert(u);
5421
fab34748
KL		 5422 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5423 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5424 r = bpf_firewall_load_custom(u);
5425 if (r < 0)
5426 return r;
5427
3c7416b6
LP		 5428 /* Prepares everything so that we can fork of a process for this unit */
5429
5430 (void) unit_realize_cgroup(u);
5431
5432 if (u->reset_accounting) {
9b2559a1 5433 (void) unit_reset_accounting(u);
3c7416b6
LP		 5434 u->reset_accounting = false;
5435 }
5436
5437 unit_export_state_files(u);
5438
5439 r = unit_setup_exec_runtime(u);
5440 if (r < 0)
5441 return r;
5442
5443 r = unit_setup_dynamic_creds(u);
5444 if (r < 0)
5445 return r;
5446
5447 return 0;
5448}
5449
4c425434
LP		 5450static bool ignore_leftover_process(const char *comm) {
5451 return comm && comm[0] == '('; /* Most likely our own helper process (PAM?), ignore */
5452}
5453
5454int unit_log_leftover_process_start(pid_t pid, int sig, void *userdata) {
a4634b21
LP		 5455 _cleanup_free_ char *comm = NULL;
5456
5457 (void) get_process_comm(pid, &comm);
5458
4c425434 5459 if (ignore_leftover_process(comm))
c53d2d54 5460 return 0;
a4634b21 5461
4c425434
LP		 5462 /* During start we print a warning */
5463
a4634b21
LP		 5464 log_unit_warning(userdata,
5465 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5466 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5467 pid, strna(comm));
c53d2d54
DB		 5468
5469 return 1;
a4634b21
LP		 5470}
5471
4c425434
LP		 5472int unit_log_leftover_process_stop(pid_t pid, int sig, void *userdata) {
5473 _cleanup_free_ char *comm = NULL;
5474
5475 (void) get_process_comm(pid, &comm);
5476
5477 if (ignore_leftover_process(comm))
5478 return 0;
5479
5480 /* During stop we only print an informational message */
5481
5482 log_unit_info(userdata,
5483 "Unit process " PID_FMT " (%s) remains running after unit stopped.",
5484 pid, strna(comm));
5485
5486 return 1;
5487}
5488
5489int unit_warn_leftover_processes(Unit *u, cg_kill_log_func_t log_func) {
a4634b21
LP		 5490 assert(u);
5491
5492 (void) unit_pick_cgroup_path(u);
5493
5494 if (!u->cgroup_path)
c53d2d54 5495 return 0;
a4634b21 5496
4c425434 5497 return cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_func, u);
a4634b21
LP		 5498}
5499
bb2c7685
LP		 5500bool unit_needs_console(Unit *u) {
5501 ExecContext *ec;
5502 UnitActiveState state;
5503
5504 assert(u);
5505
5506 state = unit_active_state(u);
5507
5508 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5509 return false;
5510
5511 if (UNIT_VTABLE(u)->needs_console)
5512 return UNIT_VTABLE(u)->needs_console(u);
5513
5514 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5515 ec = unit_get_exec_context(u);
5516 if (!ec)
5517 return false;
5518
5519 return exec_context_may_touch_console(ec);
5520}
5521
f156e60c 5522const char *unit_label_path(const Unit *u) {
81e9871e
LP		 5523 const char *p;
5524
f156e60c
CG		 5525 assert(u);
5526
81e9871e
LP		 5527 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5528 * when validating access checks. */
5529
9cbf1282
LP		 5530 if (IN_SET(u->load_state, UNIT_MASKED, UNIT_NOT_FOUND, UNIT_MERGED))
5531 return NULL; /* Shortcut things if we know there is no real, relevant unit file around */
5532
81e9871e
LP		 5533 p = u->source_path ?: u->fragment_path;
5534 if (!p)
5535 return NULL;
5536
9cbf1282
LP		 5537 if (IN_SET(u->load_state, UNIT_LOADED, UNIT_BAD_SETTING, UNIT_ERROR))
5538 return p; /* Shortcut things, if we successfully loaded at least some stuff from the unit file */
5539
5540 /* Not loaded yet, we need to go to disk */
5541 assert(u->load_state == UNIT_STUB);
5542
81e9871e 5543 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
640f3b14 5544 if (null_or_empty_path(p) > 0)
81e9871e
LP		 5545 return NULL;
5546
5547 return p;
5548}
5549
6592b975
LP		 5550int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5551 int r;
5552
5553 assert(u);
5554
5555 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5556 * and not a kernel thread either */
5557
5558 /* First, a simple range check */
5559 if (!pid_is_valid(pid))
5560 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5561
5562 /* Some extra safety check */
5563 if (pid == 1 || pid == getpid_cached())
3fe91079 5564 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid);
6592b975
LP		 5565
5566 /* Don't even begin to bother with kernel threads */
5567 r = is_kernel_thread(pid);
5568 if (r == -ESRCH)
5569 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5570 if (r < 0)
5571 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5572 if (r > 0)
5573 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5574
5575 return 0;
5576}
5577
523ee2d4
LP		 5578void unit_log_success(Unit *u) {
5579 assert(u);
5580
edf2ee22
JM		 5581 /* Let's show message "Deactivated successfully" in debug mode (when manager is user) rather than in info mode.
5582 * This message has low information value for regular users and it might be a bit overwhelming on a system with
5583 * a lot of devices. */
5584 log_unit_struct(u,
5585 MANAGER_IS_USER(u->manager) ? LOG_DEBUG : LOG_INFO,
c2503e35
RH		 5586 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR,
5587 LOG_UNIT_INVOCATION_ID(u),
5588 LOG_UNIT_MESSAGE(u, "Deactivated successfully."));
523ee2d4
LP		 5589}
5590
7c047d74
LP		 5591void unit_log_failure(Unit *u, const char *result) {
5592 assert(u);
5593 assert(result);
5594
c2503e35
RH		 5595 log_unit_struct(u, LOG_WARNING,
5596 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR,
5597 LOG_UNIT_INVOCATION_ID(u),
5598 LOG_UNIT_MESSAGE(u, "Failed with result '%s'.", result),
5599 "UNIT_RESULT=%s", result);
7c047d74
LP		 5600}
5601
31cd5f63
AZ		 5602void unit_log_skip(Unit *u, const char *result) {
5603 assert(u);
5604 assert(result);
5605
c2503e35
RH		 5606 log_unit_struct(u, LOG_INFO,
5607 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR,
5608 LOG_UNIT_INVOCATION_ID(u),
5609 LOG_UNIT_MESSAGE(u, "Skipped due to '%s'.", result),
5610 "UNIT_RESULT=%s", result);
31cd5f63
AZ		 5611}
5612
91bbd9b7
LP		 5613void unit_log_process_exit(
5614 Unit *u,
91bbd9b7
LP		 5615 const char *kind,
5616 const char *command,
5cc2cd1c 5617 bool success,
91bbd9b7
LP		 5618 int code,
5619 int status) {
5620
5cc2cd1c
ZJS		 5621 int level;
5622
91bbd9b7
LP		 5623 assert(u);
5624 assert(kind);
5625
5cc2cd1c
ZJS		 5626 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
5627 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
5628 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
5629 * WARNING. */
5630 if (success)
5631 level = LOG_DEBUG;
5632 else if (code == CLD_EXITED)
5633 level = LOG_NOTICE;
5634 else
91bbd9b7
LP		 5635 level = LOG_WARNING;
5636
c2503e35
RH		 5637 log_unit_struct(u, level,
5638 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR,
58441bc1 5639 LOG_UNIT_MESSAGE(u, "%s exited, code=%s, status=%i/%s%s",
c2503e35
RH		 5640 kind,
5641 sigchld_code_to_string(code), status,
5642 strna(code == CLD_EXITED
5643 ? exit_status_to_string(status, EXIT_STATUS_FULL)
58441bc1
ZJS		 5644 : signal_to_string(status)),
5645 success ? " (success)" : ""),
c2503e35
RH		 5646 "EXIT_CODE=%s", sigchld_code_to_string(code),
5647 "EXIT_STATUS=%i", status,
5648 "COMMAND=%s", strna(command),
5649 LOG_UNIT_INVOCATION_ID(u));
91bbd9b7
LP		 5650}
5651
7af67e9a
LP		 5652int unit_exit_status(Unit *u) {
5653 assert(u);
5654
5655 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
5656 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
5657 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
5658 * service process has exited abnormally (signal/coredump). */
5659
5660 if (!UNIT_VTABLE(u)->exit_status)
5661 return -EOPNOTSUPP;
5662
5663 return UNIT_VTABLE(u)->exit_status(u);
5664}
5665
5666int unit_failure_action_exit_status(Unit *u) {
5667 int r;
5668
5669 assert(u);
5670
5671 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
5672
5673 if (u->failure_action_exit_status >= 0)
5674 return u->failure_action_exit_status;
5675
5676 r = unit_exit_status(u);
5677 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5678 return 255;
5679
5680 return r;
5681}
5682
5683int unit_success_action_exit_status(Unit *u) {
5684 int r;
5685
5686 assert(u);
5687
5688 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
5689
5690 if (u->success_action_exit_status >= 0)
5691 return u->success_action_exit_status;
5692
5693 r = unit_exit_status(u);
5694 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5695 return 255;
5696
5697 return r;
5698}
5699
a4191c9f
LP		 5700int unit_test_trigger_loaded(Unit *u) {
5701 Unit *trigger;
5702
5703 /* Tests whether the unit to trigger is loaded */
5704
5705 trigger = UNIT_TRIGGER(u);
5706 if (!trigger)
e7b9f4d9
ZJS		 5707 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
5708 "Refusing to start, no unit to trigger.");
a4191c9f 5709 if (trigger->load_state != UNIT_LOADED)
e7b9f4d9
ZJS		 5710 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
5711 "Refusing to start, unit %s to trigger not loaded.", trigger->id);
a4191c9f
LP		 5712
5713 return 0;
5714}
5715
bb0c0d6f
LP		 5716void unit_destroy_runtime_data(Unit *u, const ExecContext *context) {
5717 assert(u);
5718 assert(context);
5719
95939aed
YW		 5720 if (context->runtime_directory_preserve_mode == EXEC_PRESERVE_NO ||
5721 (context->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART && !unit_will_restart(u)))
5722 exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
bb0c0d6f
LP		 5723
5724 exec_context_destroy_credentials(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME], u->id);
95939aed
YW		 5725}
5726
380dc8b0
LP		 5727int unit_clean(Unit *u, ExecCleanMask mask) {
5728 UnitActiveState state;
5729
5730 assert(u);
5731
5732 /* Special return values:
5733 *
5734 * -EOPNOTSUPP → cleaning not supported for this unit type
5735 * -EUNATCH → cleaning not defined for this resource type
5736 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
5737 * a job queued or similar
5738 */
5739
5740 if (!UNIT_VTABLE(u)->clean)
5741 return -EOPNOTSUPP;
5742
5743 if (mask == 0)
5744 return -EUNATCH;
5745
5746 if (u->load_state != UNIT_LOADED)
5747 return -EBUSY;
5748
5749 if (u->job)
5750 return -EBUSY;
5751
5752 state = unit_active_state(u);
5753 if (!IN_SET(state, UNIT_INACTIVE))
5754 return -EBUSY;
5755
5756 return UNIT_VTABLE(u)->clean(u, mask);
5757}
5758
5759int unit_can_clean(Unit *u, ExecCleanMask *ret) {
5760 assert(u);
5761
5762 if (!UNIT_VTABLE(u)->clean ||
5763 u->load_state != UNIT_LOADED) {
5764 *ret = 0;
5765 return 0;
5766 }
5767
5768 /* When the clean() method is set, can_clean() really should be set too */
5769 assert(UNIT_VTABLE(u)->can_clean);
5770
5771 return UNIT_VTABLE(u)->can_clean(u, ret);
5772}
5773
d9e45bc3
MS		 5774bool unit_can_freeze(Unit *u) {
5775 assert(u);
5776
5777 if (UNIT_VTABLE(u)->can_freeze)
5778 return UNIT_VTABLE(u)->can_freeze(u);
5779
5780 return UNIT_VTABLE(u)->freeze;
5781}
5782
5783void unit_frozen(Unit *u) {
5784 assert(u);
5785
5786 u->freezer_state = FREEZER_FROZEN;
5787
5788 bus_unit_send_pending_freezer_message(u);
5789}
5790
5791void unit_thawed(Unit *u) {
5792 assert(u);
5793
5794 u->freezer_state = FREEZER_RUNNING;
5795
5796 bus_unit_send_pending_freezer_message(u);
5797}
5798
5799static int unit_freezer_action(Unit *u, FreezerAction action) {
5800 UnitActiveState s;
5801 int (*method)(Unit*);
5802 int r;
5803
5804 assert(u);
5805 assert(IN_SET(action, FREEZER_FREEZE, FREEZER_THAW));
5806
5807 method = action == FREEZER_FREEZE ? UNIT_VTABLE(u)->freeze : UNIT_VTABLE(u)->thaw;
5808 if (!method || !cg_freezer_supported())
5809 return -EOPNOTSUPP;
5810
5811 if (u->job)
5812 return -EBUSY;
5813
5814 if (u->load_state != UNIT_LOADED)
5815 return -EHOSTDOWN;
5816
5817 s = unit_active_state(u);
5818 if (s != UNIT_ACTIVE)
5819 return -EHOSTDOWN;
5820
5821 if (IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING))
5822 return -EALREADY;
5823
5824 r = method(u);
5825 if (r <= 0)
5826 return r;
5827
5828 return 1;
5829}
5830
5831int unit_freeze(Unit *u) {
5832 return unit_freezer_action(u, FREEZER_FREEZE);
5833}
5834
5835int unit_thaw(Unit *u) {
5836 return unit_freezer_action(u, FREEZER_THAW);
5837}
5838
5839/* Wrappers around low-level cgroup freezer operations common for service and scope units */
5840int unit_freeze_vtable_common(Unit *u) {
5841 return unit_cgroup_freezer_action(u, FREEZER_FREEZE);
5842}
5843
5844int unit_thaw_vtable_common(Unit *u) {
5845 return unit_cgroup_freezer_action(u, FREEZER_THAW);
5846}
5847
6e548561
DDM		 5848Condition *unit_find_failed_condition(Unit *u) {
5849 Condition *c, *failed_trigger = NULL;
5850 bool has_succeeded_trigger = false;
5851
5852 if (u->condition_result)
5853 return NULL;
5854
5855 LIST_FOREACH(conditions, c, u->conditions)
5856 if (c->trigger) {
5857 if (c->result == CONDITION_SUCCEEDED)
5858 has_succeeded_trigger = true;
5859 else if (!failed_trigger)
5860 failed_trigger = c;
5861 } else if (c->result != CONDITION_SUCCEEDED)
5862 return c;
5863
5864 return failed_trigger && !has_succeeded_trigger ? failed_trigger : NULL;
5865}
5866
5afe510c
LP		 5867static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5868 [COLLECT_INACTIVE] = "inactive",
5869 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5870};
5871
5872DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
15ed3c3a
LP		 5873
5874Unit* unit_has_dependency(const Unit *u, UnitDependencyAtom atom, Unit *other) {
5875 Unit *i;
5876
5877 assert(u);
5878
5879 /* Checks if the unit has a dependency on 'other' with the specified dependency atom. If 'other' is
5880 * NULL checks if the unit has *any* dependency of that atom. Returns 'other' if found (or if 'other'
5881 * is NULL the first entry found), or NULL if not found. */
5882
5883 UNIT_FOREACH_DEPENDENCY(i, u, atom)
5884 if (!other || other == i)
5885 return i;
5886
5887 return NULL;
5888}
5889
5890int unit_get_dependency_array(const Unit *u, UnitDependencyAtom atom, Unit ***ret_array) {
5891 _cleanup_free_ Unit **array = NULL;
5892 size_t n = 0;
5893 Unit *other;
5894
5895 assert(u);
5896 assert(ret_array);
5897
5898 /* Gets a list of units matching a specific atom as array. This is useful when iterating through
5899 * dependencies while modifying them: the array is an "atomic snapshot" of sorts, that can be read
48008c1c 5900 * while the dependency table is continuously updated. */
15ed3c3a
LP		 5901
5902 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
5903 if (!GREEDY_REALLOC(array, n + 1))
5904 return -ENOMEM;
5905
5906 array[n++] = other;
5907 }
5908
5909 *ret_array = TAKE_PTR(array);
5910
5911 assert(n <= INT_MAX);
5912 return (int) n;
5913}
Unnamed repository; edit this file 'description' to name the repository.