]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/unit.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
meson: build tests with -Wno-maybe-uninitialized if -O2/-flto are used
[thirdparty/systemd.git] / src / core / unit.c
CommitLineData
db9ecf05 1/* SPDX-License-Identifier: LGPL-2.1-or-later */
a7334b09 2
87f0e418 3#include <errno.h>
0301abf4 4#include <stdlib.h>
4c253ed1 5#include <sys/prctl.h>
4f5dd394 6#include <unistd.h>
87f0e418 7
718db961
LP		 8#include "sd-id128.h"
9#include "sd-messages.h"
4f5dd394 10
57b7a260 11#include "all-units.h"
d68c645b 12#include "alloc-util.h"
fab34748 13#include "bpf-firewall.h"
5f8ba20d 14#include "bpf-foreign.h"
4f5dd394
LP		 15#include "bus-common-errors.h"
16#include "bus-util.h"
fdb3deca 17#include "cgroup-setup.h"
c6c18be3 18#include "cgroup-util.h"
e30bbc90 19#include "core-varlink.h"
4f5dd394
LP		 20#include "dbus-unit.h"
21#include "dbus.h"
22#include "dropin.h"
23#include "escape.h"
24#include "execute.h"
6a48d82f 25#include "fd-util.h"
a5c32cff 26#include "fileio-label.h"
ee228be1 27#include "fileio.h"
f97b34a6 28#include "format-util.h"
4b58153d 29#include "id128-util.h"
5cfa33e0 30#include "install.h"
2d3b784d 31#include "io-util.h"
a3f5fd96 32#include "label.h"
4f5dd394
LP		 33#include "load-dropin.h"
34#include "load-fragment.h"
35#include "log.h"
36#include "macro.h"
f5947a5e 37#include "missing_audit.h"
4f5dd394
LP		 38#include "mkdir.h"
39#include "path-util.h"
0b452006 40#include "process-util.h"
810ef318 41#include "rm-rf.h"
4f5dd394 42#include "set.h"
6eb7c172 43#include "signal-util.h"
d3070fbd 44#include "sparse-endian.h"
e9db43d5 45#include "special.h"
2e59b241 46#include "specifier.h"
8fcde012 47#include "stat-util.h"
d054f0a4 48#include "stdio-util.h"
5afe510c 49#include "string-table.h"
07630cea 50#include "string-util.h"
4f5dd394 51#include "strv.h"
5b262f74 52#include "terminal-util.h"
e4de7287 53#include "tmpfile-util.h"
4f4afc88 54#include "umask-util.h"
4f5dd394 55#include "unit-name.h"
e9db43d5 56#include "unit.h"
b1d4f8e1
LP		 57#include "user-util.h"
58#include "virt.h"
87f0e418 59
37109b85
ZJS		 60/* Thresholds for logging at INFO level about resource consumption */
61#define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
62#define MENTIONWORTHY_IO_BYTES (1024 * 1024ULL)
63#define MENTIONWORTHY_IP_BYTES (0ULL)
64
65/* Thresholds for logging at INFO level about resource consumption */
66#define NOTICEWORTHY_CPU_NSEC (10*60 * NSEC_PER_SEC) /* 10 minutes */
67#define NOTICEWORTHY_IO_BYTES (10 * 1024 * 1024ULL) /* 10 MB */
68#define NOTICEWORTHY_IP_BYTES (128 * 1024 * 1024ULL) /* 128 MB */
69
87f0e418
LP		 70const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
71 [UNIT_SERVICE] = &service_vtable,
87f0e418
LP		 72 [UNIT_SOCKET] = &socket_vtable,
73 [UNIT_TARGET] = &target_vtable,
74 [UNIT_DEVICE] = &device_vtable,
75 [UNIT_MOUNT] = &mount_vtable,
76 [UNIT_AUTOMOUNT] = &automount_vtable,
01f78473 77 [UNIT_SWAP] = &swap_vtable,
e821075a 78 [UNIT_TIMER] = &timer_vtable,
a016b922 79 [UNIT_PATH] = &path_vtable,
6c12b52e 80 [UNIT_SLICE] = &slice_vtable,
5afe510c 81 [UNIT_SCOPE] = &scope_vtable,
87f0e418
LP		 82};
83
f2341e0a 84static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency);
d1fab3fe 85
75db809a 86Unit* unit_new(Manager *m, size_t size) {
87f0e418
LP		 87 Unit *u;
88
89 assert(m);
ac155bb8 90 assert(size >= sizeof(Unit));
87f0e418 91
7d17cfbc
MS		 92 u = malloc0(size);
93 if (!u)
87f0e418
LP		 94 return NULL;
95
ac155bb8
MS		 96 u->manager = m;
97 u->type = _UNIT_TYPE_INVALID;
ac155bb8
MS		 98 u->default_dependencies = true;
99 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
d2dc52db 100 u->unit_file_preset = -1;
d420282b 101 u->on_failure_job_mode = JOB_REPLACE;
0bb814c2 102 u->cgroup_control_inotify_wd = -1;
afcfaa69 103 u->cgroup_memory_inotify_wd = -1;
36c16a7c 104 u->job_timeout = USEC_INFINITY;
a2df3ea4 105 u->job_running_timeout = USEC_INFINITY;
00d9ef85
LP		 106 u->ref_uid = UID_INVALID;
107 u->ref_gid = GID_INVALID;
fe700f46 108 u->cpu_usage_last = NSEC_INFINITY;
17f14955 109 u->cgroup_invalidated_mask |= CGROUP_MASK_BPF_FIREWALL;
7af67e9a 110 u->failure_action_exit_status = u->success_action_exit_status = -1;
87f0e418 111
6a48d82f
DM		 112 u->ip_accounting_ingress_map_fd = -1;
113 u->ip_accounting_egress_map_fd = -1;
114 u->ipv4_allow_map_fd = -1;
115 u->ipv6_allow_map_fd = -1;
116 u->ipv4_deny_map_fd = -1;
117 u->ipv6_deny_map_fd = -1;
118
2e59b241
LP		 119 u->last_section_private = -1;
120
7bf081a1 121 u->start_ratelimit = (RateLimit) { m->default_start_limit_interval, m->default_start_limit_burst };
8c227e7f 122 u->auto_stop_ratelimit = (RateLimit) { 10 * USEC_PER_SEC, 16 };
bea355da 123
fbe14fc9
LP		 124 for (CGroupIOAccountingMetric i = 0; i < _CGROUP_IO_ACCOUNTING_METRIC_MAX; i++)
125 u->io_accounting_last[i] = UINT64_MAX;
126
87f0e418
LP		 127 return u;
128}
129
a581e45a 130int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
dc409696 131 _cleanup_(unit_freep) Unit *u = NULL;
a581e45a
LP		 132 int r;
133
134 u = unit_new(m, size);
135 if (!u)
136 return -ENOMEM;
137
138 r = unit_add_name(u, name);
dc409696 139 if (r < 0)
a581e45a 140 return r;
a581e45a 141
1cc6c93a
YW		 142 *ret = TAKE_PTR(u);
143
a581e45a
LP		 144 return r;
145}
146
303ee601 147bool unit_has_name(const Unit *u, const char *name) {
f278026d
LP		 148 assert(u);
149 assert(name);
150
4562c355
ZJS		 151 return streq_ptr(name, u->id) ||
152 set_contains(u->aliases, name);
f278026d
LP		 153}
154
598459ce
LP		 155static void unit_init(Unit *u) {
156 CGroupContext *cc;
157 ExecContext *ec;
158 KillContext *kc;
159
160 assert(u);
161 assert(u->manager);
162 assert(u->type >= 0);
163
164 cc = unit_get_cgroup_context(u);
165 if (cc) {
166 cgroup_context_init(cc);
167
168 /* Copy in the manager defaults into the cgroup
169 * context, _before_ the rest of the settings have
170 * been initialized */
171
172 cc->cpu_accounting = u->manager->default_cpu_accounting;
13c31542 173 cc->io_accounting = u->manager->default_io_accounting;
598459ce
LP		 174 cc->blockio_accounting = u->manager->default_blockio_accounting;
175 cc->memory_accounting = u->manager->default_memory_accounting;
03a7b521 176 cc->tasks_accounting = u->manager->default_tasks_accounting;
6a48d82f 177 cc->ip_accounting = u->manager->default_ip_accounting;
0af20ea2
LP		 178
179 if (u->type != UNIT_SLICE)
180 cc->tasks_max = u->manager->default_tasks_max;
598459ce
LP		 181 }
182
183 ec = unit_get_exec_context(u);
b1edf445 184 if (ec) {
598459ce
LP		 185 exec_context_init(ec);
186
5e37d193
FB		 187 if (MANAGER_IS_SYSTEM(u->manager))
188 ec->keyring_mode = EXEC_KEYRING_SHARED;
189 else {
190 ec->keyring_mode = EXEC_KEYRING_INHERIT;
191
192 /* User manager might have its umask redefined by PAM or UMask=. In this
193 * case let the units it manages inherit this value by default. They can
194 * still tune this value through their own unit file */
195 (void) get_process_umask(getpid_cached(), &ec->umask);
196 }
b1edf445
LP		 197 }
198
598459ce
LP		 199 kc = unit_get_kill_context(u);
200 if (kc)
201 kill_context_init(kc);
202
203 if (UNIT_VTABLE(u)->init)
204 UNIT_VTABLE(u)->init(u);
205}
206
4562c355
ZJS		 207static int unit_add_alias(Unit *u, char *donated_name) {
208 int r;
209
210 /* Make sure that u->names is allocated. We may leave u->names
211 * empty if we fail later, but this is not a problem. */
973bc32a 212 r = set_ensure_put(&u->aliases, &string_hash_ops, donated_name);
4562c355
ZJS		 213 if (r < 0)
214 return r;
215 assert(r > 0);
216
217 return 0;
218}
219
87f0e418 220int unit_add_name(Unit *u, const char *text) {
4562c355 221 _cleanup_free_ char *name = NULL, *instance = NULL;
87f0e418 222 UnitType t;
87f0e418
LP		 223 int r;
224
225 assert(u);
226 assert(text);
227
7410616c 228 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
ac155bb8 229 if (!u->instance)
acd1987a
WY		 230 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
231 "instance is not set when adding name '%s': %m", text);
87f0e418 232
4562c355 233 r = unit_name_replace_instance(text, u->instance, &name);
7410616c 234 if (r < 0)
acd1987a
WY		 235 return log_unit_debug_errno(u, r,
236 "failed to build instance name from '%s': %m", text);
7410616c 237 } else {
4562c355
ZJS		 238 name = strdup(text);
239 if (!name)
7410616c
LP		 240 return -ENOMEM;
241 }
87f0e418 242
4562c355 243 if (unit_has_name(u, name))
7410616c 244 return 0;
4562c355
ZJS		 245
246 if (hashmap_contains(u->manager->units, name))
acd1987a 247 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
4562c355 248 "unit already exist when adding name '%s': %m", name);
7410616c 249
4562c355 250 if (!unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
acd1987a 251 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
4562c355 252 "name '%s' is invalid: %m", name);
e537352b 253
4562c355 254 t = unit_name_to_type(name);
7410616c 255 if (t < 0)
acd1987a 256 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
cd990847 257 "failed to derive unit type from name '%s': %m", name);
87f0e418 258
598459ce 259 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
acd1987a
WY		 260 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
261 "unit type is illegal: u->type(%d) and t(%d) for name '%s': %m",
4562c355 262 u->type, t, name);
87f0e418 263
4562c355 264 r = unit_name_to_instance(name, &instance);
e48614c4 265 if (r < 0)
4562c355 266 return log_unit_debug_errno(u, r, "failed to extract instance from name '%s': %m", name);
87f0e418 267
4562c355
ZJS		 268 if (instance && !unit_type_may_template(t))
269 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), "templates are not allowed for name '%s': %m", name);
9e2f7c11 270
d383acad
ZJS		 271 /* Ensure that this unit either has no instance, or that the instance matches. */
272 if (u->type != _UNIT_TYPE_INVALID && !streq_ptr(u->instance, instance))
acd1987a 273 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
ada4b34e
ZJS		 274 "cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
275 name, instance, u->instance);
9e2f7c11 276
4562c355 277 if (u->id && !unit_type_may_alias(t))
ada4b34e
ZJS		 278 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
279 "cannot add name %s, aliases are not allowed for %s units.",
280 name, unit_type_to_string(t));
9e2f7c11 281
598459ce 282 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
ada4b34e 283 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(E2BIG), "cannot add name, manager has too many units: %m");
4f0f902f 284
4562c355
ZJS		 285 /* Add name to the global hashmap first, because that's easier to undo */
286 r = hashmap_put(u->manager->units, name, u);
7410616c 287 if (r < 0)
acd1987a 288 return log_unit_debug_errno(u, r, "add unit to hashmap failed for name '%s': %m", text);
87f0e418 289
4562c355
ZJS		 290 if (u->id) {
291 r = unit_add_alias(u, name); /* unit_add_alias() takes ownership of the name on success */
292 if (r < 0) {
293 hashmap_remove(u->manager->units, name);
294 return r;
295 }
296 TAKE_PTR(name);
297
298 } else {
299 /* A new name, we don't need the set yet. */
300 assert(u->type == _UNIT_TYPE_INVALID);
301 assert(!u->instance);
302
ac155bb8 303 u->type = t;
4562c355
ZJS		 304 u->id = TAKE_PTR(name);
305 u->instance = TAKE_PTR(instance);
9e2f7c11 306
71fda00f 307 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
598459ce 308 unit_init(u);
598459ce 309 }
9e2f7c11 310
598459ce
LP		 311 unit_add_to_dbus_queue(u);
312 return 0;
87f0e418
LP		 313}
314
0ae97ec1 315int unit_choose_id(Unit *u, const char *name) {
68eda4bd 316 _cleanup_free_ char *t = NULL;
4562c355 317 char *s;
276c3e78 318 int r;
0ae97ec1
LP		 319
320 assert(u);
321 assert(name);
322
7410616c 323 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 324 if (!u->instance)
9e2f7c11
LP		 325 return -EINVAL;
326
7410616c
LP		 327 r = unit_name_replace_instance(name, u->instance, &t);
328 if (r < 0)
329 return r;
9e2f7c11
LP		 330
331 name = t;
332 }
333
4562c355
ZJS		 334 if (streq_ptr(u->id, name))
335 return 0; /* Nothing to do. */
336
337 /* Selects one of the aliases of this unit as the id */
338 s = set_get(u->aliases, (char*) name);
9e2f7c11 339 if (!s)
0ae97ec1
LP		 340 return -ENOENT;
341
4562c355
ZJS		 342 if (u->id) {
343 r = set_remove_and_put(u->aliases, name, u->id);
344 if (r < 0)
345 return r;
346 } else
347 assert_se(set_remove(u->aliases, name)); /* see set_get() above… */
276c3e78 348
4562c355 349 u->id = s; /* Old u->id is now stored in the set, and s is not stored anywhere */
c1e1601e 350 unit_add_to_dbus_queue(u);
9e2f7c11 351
0ae97ec1
LP		 352 return 0;
353}
354
f50e0a01 355int unit_set_description(Unit *u, const char *description) {
84b26d51 356 int r;
f50e0a01
LP		 357
358 assert(u);
359
84b26d51
LP		 360 r = free_and_strdup(&u->description, empty_to_null(description));
361 if (r < 0)
362 return r;
363 if (r > 0)
364 unit_add_to_dbus_queue(u);
c1e1601e 365
f50e0a01
LP		 366 return 0;
367}
368
f2f725e5 369bool unit_may_gc(Unit *u) {
a354329f 370 UnitActiveState state;
e98b2fbb 371 int r;
5afe510c 372
701cc384
LP		 373 assert(u);
374
f2f725e5
ZJS		 375 /* Checks whether the unit is ready to be unloaded for garbage collection.
376 * Returns true when the unit may be collected, and false if there's some
2641f02e
ZJS		 377 * reason to keep it loaded.
378 *
379 * References from other units are *not* checked here. Instead, this is done
380 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
381 */
5afe510c 382
a354329f 383 if (u->job)
f2f725e5 384 return false;
701cc384 385
a354329f 386 if (u->nop_job)
f2f725e5 387 return false;
6c073082 388
a354329f
LP		 389 state = unit_active_state(u);
390
7eb2a8a1 391 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
a354329f
LP		 392 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
393 UNIT_VTABLE(u)->release_resources)
7eb2a8a1 394 UNIT_VTABLE(u)->release_resources(u);
a354329f 395
f5869324 396 if (u->perpetual)
f2f725e5 397 return false;
9d576438 398
05a98afd 399 if (sd_bus_track_count(u->bus_track) > 0)
f2f725e5 400 return false;
05a98afd 401
5afe510c
LP		 402 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
403 switch (u->collect_mode) {
404
405 case COLLECT_INACTIVE:
406 if (state != UNIT_INACTIVE)
f2f725e5 407 return false;
5afe510c
LP		 408
409 break;
410
411 case COLLECT_INACTIVE_OR_FAILED:
412 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
f2f725e5 413 return false;
5afe510c
LP		 414
415 break;
416
417 default:
418 assert_not_reached("Unknown garbage collection mode");
419 }
420
e98b2fbb
LP		 421 if (u->cgroup_path) {
422 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
423 * around. Units with active processes should never be collected. */
424
425 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
426 if (r < 0)
427 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path);
428 if (r <= 0)
f2f725e5 429 return false;
e98b2fbb
LP		 430 }
431
f2f725e5
ZJS		 432 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
433 return false;
701cc384 434
f2f725e5 435 return true;
701cc384
LP		 436}
437
87f0e418
LP		 438void unit_add_to_load_queue(Unit *u) {
439 assert(u);
ac155bb8 440 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 441
ac155bb8 442 if (u->load_state != UNIT_STUB || u->in_load_queue)
87f0e418
LP		 443 return;
444
71fda00f 445 LIST_PREPEND(load_queue, u->manager->load_queue, u);
ac155bb8 446 u->in_load_queue = true;
87f0e418
LP		 447}
448
23a177ef
LP		 449void unit_add_to_cleanup_queue(Unit *u) {
450 assert(u);
451
ac155bb8 452 if (u->in_cleanup_queue)
23a177ef
LP		 453 return;
454
71fda00f 455 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
ac155bb8 456 u->in_cleanup_queue = true;
23a177ef
LP		 457}
458
701cc384
LP		 459void unit_add_to_gc_queue(Unit *u) {
460 assert(u);
461
ac155bb8 462 if (u->in_gc_queue || u->in_cleanup_queue)
701cc384
LP		 463 return;
464
f2f725e5 465 if (!unit_may_gc(u))
701cc384
LP		 466 return;
467
c5a97ed1 468 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
ac155bb8 469 u->in_gc_queue = true;
701cc384
LP		 470}
471
c1e1601e
LP		 472void unit_add_to_dbus_queue(Unit *u) {
473 assert(u);
ac155bb8 474 assert(u->type != _UNIT_TYPE_INVALID);
c1e1601e 475
ac155bb8 476 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
c1e1601e
LP		 477 return;
478
a567261a 479 /* Shortcut things if nobody cares */
8f8f05a9 480 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
ae572acd 481 sd_bus_track_count(u->bus_track) <= 0 &&
8f8f05a9 482 set_isempty(u->manager->private_buses)) {
ac155bb8 483 u->sent_dbus_new_signal = true;
94b6dfa2
LP		 484 return;
485 }
486
71fda00f 487 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
ac155bb8 488 u->in_dbus_queue = true;
c1e1601e
LP		 489}
490
fda09318 491void unit_submit_to_stop_when_unneeded_queue(Unit *u) {
a3c1168a
LP		 492 assert(u);
493
494 if (u->in_stop_when_unneeded_queue)
495 return;
496
497 if (!u->stop_when_unneeded)
498 return;
499
500 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
501 return;
502
503 LIST_PREPEND(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
504 u->in_stop_when_unneeded_queue = true;
505}
506
eef85c4a 507static void bidi_set_free(Unit *u, Hashmap *h) {
87f0e418 508 Unit *other;
eef85c4a 509 void *v;
87f0e418
LP		 510
511 assert(u);
512
eef85c4a 513 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
87f0e418 514
90e74a66 515 HASHMAP_FOREACH_KEY(v, other, h) {
f6173cb9 516 for (UnitDependency d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
eef85c4a 517 hashmap_remove(other->dependencies[d], u);
701cc384
LP		 518
519 unit_add_to_gc_queue(other);
87f0e418
LP		 520 }
521
eef85c4a 522 hashmap_free(h);
87f0e418
LP		 523}
524
c2756a68
LP		 525static void unit_remove_transient(Unit *u) {
526 char **i;
527
528 assert(u);
529
530 if (!u->transient)
531 return;
532
533 if (u->fragment_path)
3f5e8115 534 (void) unlink(u->fragment_path);
c2756a68
LP		 535
536 STRV_FOREACH(i, u->dropin_paths) {
39591351 537 _cleanup_free_ char *p = NULL, *pp = NULL;
c2756a68 538
39591351
LP		 539 p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
540 if (!p)
541 continue;
542
543 pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
544 if (!pp)
545 continue;
546
547 /* Only drop transient drop-ins */
548 if (!path_equal(u->manager->lookup_paths.transient, pp))
549 continue;
c2756a68 550
39591351
LP		 551 (void) unlink(*i);
552 (void) rmdir(p);
c2756a68
LP		 553 }
554}
555
a57f7e2c 556static void unit_free_requires_mounts_for(Unit *u) {
eef85c4a 557 assert(u);
a57f7e2c 558
eef85c4a
LP		 559 for (;;) {
560 _cleanup_free_ char *path;
a57f7e2c 561
eef85c4a
LP		 562 path = hashmap_steal_first_key(u->requires_mounts_for);
563 if (!path)
564 break;
565 else {
566 char s[strlen(path) + 1];
a57f7e2c 567
eef85c4a
LP		 568 PATH_FOREACH_PREFIX_MORE(s, path) {
569 char *y;
570 Set *x;
571
572 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
573 if (!x)
574 continue;
a57f7e2c 575
eef85c4a 576 (void) set_remove(x, u);
a57f7e2c 577
eef85c4a
LP		 578 if (set_isempty(x)) {
579 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
580 free(y);
581 set_free(x);
582 }
a57f7e2c
LP		 583 }
584 }
585 }
586
eef85c4a 587 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
a57f7e2c
LP		 588}
589
598459ce
LP		 590static void unit_done(Unit *u) {
591 ExecContext *ec;
592 CGroupContext *cc;
593
594 assert(u);
595
596 if (u->type < 0)
597 return;
598
599 if (UNIT_VTABLE(u)->done)
600 UNIT_VTABLE(u)->done(u);
601
602 ec = unit_get_exec_context(u);
603 if (ec)
604 exec_context_done(ec);
605
606 cc = unit_get_cgroup_context(u);
607 if (cc)
608 cgroup_context_done(cc);
609}
610
75db809a 611Unit* unit_free(Unit *u) {
87f0e418
LP		 612 char *t;
613
c9d5c9c0 614 if (!u)
75db809a 615 return NULL;
87f0e418 616
50fb00b7 617 u->transient_file = safe_fclose(u->transient_file);
4f4afc88 618
2c289ea8 619 if (!MANAGER_IS_RELOADING(u->manager))
c2756a68
LP		 620 unit_remove_transient(u);
621
c1e1601e
LP		 622 bus_unit_send_removed_signal(u);
623
598459ce 624 unit_done(u);
a013b84b 625
50be4f4a 626 unit_dequeue_rewatch_pids(u);
cf9fd508 627
50be4f4a 628 sd_bus_slot_unref(u->match_bus_slot);
05a98afd
LP		 629 sd_bus_track_unref(u->bus_track);
630 u->deserialized_refs = strv_free(u->deserialized_refs);
d9e45bc3 631 u->pending_freezer_message = sd_bus_message_unref(u->pending_freezer_message);
05a98afd 632
a57f7e2c
LP		 633 unit_free_requires_mounts_for(u);
634
90e74a66 635 SET_FOREACH(t, u->aliases)
ac155bb8 636 hashmap_remove_value(u->manager->units, t, u);
4562c355
ZJS		 637 if (u->id)
638 hashmap_remove_value(u->manager->units, u->id, u);
87f0e418 639
4b58153d
LP		 640 if (!sd_id128_is_null(u->invocation_id))
641 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
642
97e7d748
MS		 643 if (u->job) {
644 Job *j = u->job;
645 job_uninstall(j);
646 job_free(j);
647 }
964e0949 648
e0209d83
MS		 649 if (u->nop_job) {
650 Job *j = u->nop_job;
651 job_uninstall(j);
652 job_free(j);
653 }
654
f6173cb9 655 for (UnitDependency d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
ac155bb8 656 bidi_set_free(u, u->dependencies[d]);
964e0949 657
4c591f39
MK		 658 /* A unit is being dropped from the tree, make sure our family is realized properly. Do this after we
659 * detach the unit from slice tree in order to eliminate its effect on controller masks. */
f23ba94d 660 if (UNIT_ISSET(u->slice))
4c591f39 661 unit_add_family_to_cgroup_realize_queue(UNIT_DEREF(u->slice));
fb46fca7 662
adefcf28
LP		 663 if (u->on_console)
664 manager_unref_console(u->manager);
665
efdb0237 666 unit_release_cgroup(u);
72673e86 667
d3070fbd
LP		 668 if (!MANAGER_IS_RELOADING(u->manager))
669 unit_unlink_state_files(u);
670
00d9ef85
LP		 671 unit_unref_uid_gid(u, false);
672
5269eb6b 673 (void) manager_update_failed_units(u->manager, u, false);
db785129 674 set_remove(u->manager->startup_units, u);
f755e3b7 675
a911bb9a
LP		 676 unit_unwatch_all_pids(u);
677
702a2d8f 678 unit_ref_unset(&u->slice);
7f7d01ed
ZJS		 679 while (u->refs_by_target)
680 unit_ref_unset(u->refs_by_target);
57020a3a 681
ac155bb8 682 if (u->type != _UNIT_TYPE_INVALID)
71fda00f 683 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
ef734fd6 684
ac155bb8 685 if (u->in_load_queue)
71fda00f 686 LIST_REMOVE(load_queue, u->manager->load_queue, u);
87f0e418 687
ac155bb8 688 if (u->in_dbus_queue)
71fda00f 689 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
c1e1601e 690
a2d72e26 691 if (u->in_gc_queue)
c5a97ed1 692 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
701cc384 693
91a6073e
LP		 694 if (u->in_cgroup_realize_queue)
695 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
87f0e418 696
09e24654
LP		 697 if (u->in_cgroup_empty_queue)
698 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
699
1bdf2790
ZJS		 700 if (u->in_cleanup_queue)
701 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
adefcf28 702
19496554
MS		 703 if (u->in_target_deps_queue)
704 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
705
a3c1168a
LP		 706 if (u->in_stop_when_unneeded_queue)
707 LIST_REMOVE(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
708
6a48d82f
DM		 709 safe_close(u->ip_accounting_ingress_map_fd);
710 safe_close(u->ip_accounting_egress_map_fd);
72673e86 711
6a48d82f
DM		 712 safe_close(u->ipv4_allow_map_fd);
713 safe_close(u->ipv6_allow_map_fd);
714 safe_close(u->ipv4_deny_map_fd);
715 safe_close(u->ipv6_deny_map_fd);
d3070fbd 716
6a48d82f 717 bpf_program_unref(u->ip_bpf_ingress);
aa2b6f1d 718 bpf_program_unref(u->ip_bpf_ingress_installed);
6a48d82f 719 bpf_program_unref(u->ip_bpf_egress);
aa2b6f1d 720 bpf_program_unref(u->ip_bpf_egress_installed);
00d9ef85 721
fab34748
KL		 722 set_free(u->ip_bpf_custom_ingress);
723 set_free(u->ip_bpf_custom_egress);
724 set_free(u->ip_bpf_custom_ingress_installed);
725 set_free(u->ip_bpf_custom_egress_installed);
726
5f8ba20d
JK		 727 hashmap_free(u->bpf_foreign_by_key);
728
084c7007
RG		 729 bpf_program_unref(u->bpf_device_control_installed);
730
a946fa9b
ZJS		 731 condition_free_list(u->conditions);
732 condition_free_list(u->asserts);
f755e3b7 733
ac155bb8 734 free(u->description);
49dbfa7b 735 strv_free(u->documentation);
ac155bb8 736 free(u->fragment_path);
1b64d026 737 free(u->source_path);
ae7a7182 738 strv_free(u->dropin_paths);
ac155bb8 739 free(u->instance);
87f0e418 740
f189ab18 741 free(u->job_timeout_reboot_arg);
6bf0f408
LP		 742 free(u->reboot_arg);
743
4562c355
ZJS		 744 set_free_free(u->aliases);
745 free(u->id);
746
75db809a 747 return mfree(u);
87f0e418
LP		 748}
749
d9e45bc3
MS		 750FreezerState unit_freezer_state(Unit *u) {
751 assert(u);
752
753 return u->freezer_state;
754}
755
756int unit_freezer_state_kernel(Unit *u, FreezerState *ret) {
757 char *values[1] = {};
758 int r;
759
760 assert(u);
761
762 r = cg_get_keyed_attribute(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, "cgroup.events",
763 STRV_MAKE("frozen"), values);
764 if (r < 0)
765 return r;
766
767 r = _FREEZER_STATE_INVALID;
768
769 if (values[0]) {
770 if (streq(values[0], "0"))
771 r = FREEZER_RUNNING;
772 else if (streq(values[0], "1"))
773 r = FREEZER_FROZEN;
774 }
775
776 free(values[0]);
777 *ret = r;
778
779 return 0;
780}
781
87f0e418
LP		 782UnitActiveState unit_active_state(Unit *u) {
783 assert(u);
784
ac155bb8 785 if (u->load_state == UNIT_MERGED)
6124958c
LP		 786 return unit_active_state(unit_follow_merge(u));
787
788 /* After a reload it might happen that a unit is not correctly
789 * loaded but still has a process around. That's why we won't
fdf20a31 790 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
87f0e418
LP		 791
792 return UNIT_VTABLE(u)->active_state(u);
793}
794
10a94420
LP		 795const char* unit_sub_state_to_string(Unit *u) {
796 assert(u);
797
798 return UNIT_VTABLE(u)->sub_state_to_string(u);
799}
800
eef85c4a 801static int hashmap_complete_move(Hashmap **s, Hashmap **other) {
23a177ef
LP		 802 assert(s);
803 assert(other);
87f0e418 804
23a177ef 805 if (!*other)
7c0b05e5 806 return 0;
87f0e418 807
eef85c4a
LP		 808 if (*s)
809 return hashmap_move(*s, *other);
ae2a15bc
LP		 810 else
811 *s = TAKE_PTR(*other);
7c0b05e5
MS		 812
813 return 0;
23a177ef 814}
87f0e418 815
7c0b05e5 816static int merge_names(Unit *u, Unit *other) {
4562c355 817 char *name;
7c0b05e5 818 int r;
87f0e418 819
23a177ef
LP		 820 assert(u);
821 assert(other);
822
4562c355 823 r = unit_add_alias(u, other->id);
7c0b05e5
MS		 824 if (r < 0)
825 return r;
23a177ef 826
4562c355
ZJS		 827 r = set_move(u->aliases, other->aliases);
828 if (r < 0) {
829 set_remove(u->aliases, other->id);
830 return r;
831 }
23a177ef 832
4562c355
ZJS		 833 TAKE_PTR(other->id);
834 other->aliases = set_free_free(other->aliases);
23a177ef 835
90e74a66 836 SET_FOREACH(name, u->aliases)
4562c355 837 assert_se(hashmap_replace(u->manager->units, name, u) == 0);
7c0b05e5
MS		 838
839 return 0;
87f0e418
LP		 840}
841
09a65f92
MS		 842static int reserve_dependencies(Unit *u, Unit *other, UnitDependency d) {
843 unsigned n_reserve;
844
845 assert(u);
846 assert(other);
847 assert(d < _UNIT_DEPENDENCY_MAX);
848
849 /*
850 * If u does not have this dependency set allocated, there is no need
f131770b 851 * to reserve anything. In that case other's set will be transferred
09a65f92
MS		 852 * as a whole to u by complete_move().
853 */
854 if (!u->dependencies[d])
855 return 0;
856
857 /* merge_dependencies() will skip a u-on-u dependency */
eef85c4a 858 n_reserve = hashmap_size(other->dependencies[d]) - !!hashmap_get(other->dependencies[d], u);
09a65f92 859
eef85c4a 860 return hashmap_reserve(u->dependencies[d], n_reserve);
09a65f92
MS		 861}
862
d1fab3fe 863static void merge_dependencies(Unit *u, Unit *other, const char *other_id, UnitDependency d) {
23a177ef 864 Unit *back;
eef85c4a 865 void *v;
87f0e418 866 int r;
23a177ef 867
eef85c4a
LP		 868 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
869
23a177ef
LP		 870 assert(u);
871 assert(other);
872 assert(d < _UNIT_DEPENDENCY_MAX);
873
5238e957 874 /* Fix backwards pointers. Let's iterate through all dependent units of the other unit. */
90e74a66 875 HASHMAP_FOREACH_KEY(v, back, other->dependencies[d])
eef85c4a 876
f6173cb9
ZJS		 877 /* Let's now iterate through the dependencies of that dependencies of the other units,
878 * looking for pointers back, and let's fix them up, to instead point to 'u'. */
879 for (UnitDependency k = 0; k < _UNIT_DEPENDENCY_MAX; k++)
e66047ff 880 if (back == u) {
eef85c4a
LP		 881 /* Do not add dependencies between u and itself. */
882 if (hashmap_remove(back->dependencies[k], other))
f2341e0a 883 maybe_warn_about_dependency(u, other_id, k);
e66047ff 884 } else {
f6173cb9 885 UnitDependencyInfo di_u, di_other;
eef85c4a
LP		 886
887 /* Let's drop this dependency between "back" and "other", and let's create it between
888 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
889 * and any such dependency which might already exist */
890
891 di_other.data = hashmap_get(back->dependencies[k], other);
892 if (!di_other.data)
893 continue; /* dependency isn't set, let's try the next one */
894
895 di_u.data = hashmap_get(back->dependencies[k], u);
896
f6173cb9 897 UnitDependencyInfo di_merged = {
eef85c4a
LP		 898 .origin_mask = di_u.origin_mask | di_other.origin_mask,
899 .destination_mask = di_u.destination_mask | di_other.destination_mask,
900 };
901
902 r = hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data);
903 if (r < 0)
904 log_warning_errno(r, "Failed to remove/replace: back=%s other=%s u=%s: %m", back->id, other_id, u->id);
905 assert(r >= 0);
906
907 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
e66047ff 908 }
23a177ef 909
e66047ff 910 /* Also do not move dependencies on u to itself */
eef85c4a 911 back = hashmap_remove(other->dependencies[d], u);
d1fab3fe 912 if (back)
f2341e0a 913 maybe_warn_about_dependency(u, other_id, d);
e66047ff 914
7c0b05e5 915 /* The move cannot fail. The caller must have performed a reservation. */
eef85c4a 916 assert_se(hashmap_complete_move(&u->dependencies[d], &other->dependencies[d]) == 0);
23a177ef 917
eef85c4a 918 other->dependencies[d] = hashmap_free(other->dependencies[d]);
23a177ef
LP		 919}
920
921int unit_merge(Unit *u, Unit *other) {
d1fab3fe 922 const char *other_id = NULL;
09a65f92 923 int r;
87f0e418
LP		 924
925 assert(u);
926 assert(other);
ac155bb8
MS		 927 assert(u->manager == other->manager);
928 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 929
cc916967
LP		 930 other = unit_follow_merge(other);
931
23a177ef
LP		 932 if (other == u)
933 return 0;
934
ac155bb8 935 if (u->type != other->type)
9e2f7c11
LP		 936 return -EINVAL;
937
8a993b61 938 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
934e749e
LP		 939 return -EEXIST;
940
ec2ce0c5 941 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
23a177ef 942 return -EEXIST;
87f0e418 943
d383acad
ZJS		 944 if (!streq_ptr(u->instance, other->instance))
945 return -EINVAL;
946
ac155bb8 947 if (other->job)
819e213f
LP		 948 return -EEXIST;
949
e0209d83
MS		 950 if (other->nop_job)
951 return -EEXIST;
952
fdf20a31 953 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
819e213f
LP		 954 return -EEXIST;
955
d1fab3fe
ZJS		 956 if (other->id)
957 other_id = strdupa(other->id);
958
09a65f92 959 /* Make reservations to ensure merge_dependencies() won't fail */
f6173cb9 960 for (UnitDependency d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
09a65f92
MS		 961 r = reserve_dependencies(u, other, d);
962 /*
963 * We don't rollback reservations if we fail. We don't have
964 * a way to undo reservations. A reservation is not a leak.
965 */
966 if (r < 0)
967 return r;
968 }
969
87f0e418 970 /* Merge names */
7c0b05e5
MS		 971 r = merge_names(u, other);
972 if (r < 0)
973 return r;
87f0e418 974
57020a3a 975 /* Redirect all references */
7f7d01ed
ZJS		 976 while (other->refs_by_target)
977 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
57020a3a 978
87f0e418 979 /* Merge dependencies */
f6173cb9 980 for (UnitDependency d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
d1fab3fe 981 merge_dependencies(u, other, other_id, d);
87f0e418 982
ac155bb8
MS		 983 other->load_state = UNIT_MERGED;
984 other->merged_into = u;
23a177ef 985
3616a49c
LP		 986 /* If there is still some data attached to the other node, we
987 * don't need it anymore, and can free it. */
ac155bb8 988 if (other->load_state != UNIT_STUB)
3616a49c
LP		 989 if (UNIT_VTABLE(other)->done)
990 UNIT_VTABLE(other)->done(other);
991
992 unit_add_to_dbus_queue(u);
23a177ef
LP		 993 unit_add_to_cleanup_queue(other);
994
995 return 0;
996}
997
998int unit_merge_by_name(Unit *u, const char *name) {
934e749e 999 _cleanup_free_ char *s = NULL;
23a177ef 1000 Unit *other;
9e2f7c11 1001 int r;
23a177ef 1002
e8630e69
ZJS		 1003 /* Either add name to u, or if a unit with name already exists, merge it with u.
1004 * If name is a template, do the same for name@instance, where instance is u's instance. */
1005
23a177ef
LP		 1006 assert(u);
1007 assert(name);
1008
7410616c 1009 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 1010 if (!u->instance)
9e2f7c11
LP		 1011 return -EINVAL;
1012
7410616c
LP		 1013 r = unit_name_replace_instance(name, u->instance, &s);
1014 if (r < 0)
1015 return r;
9e2f7c11
LP		 1016
1017 name = s;
1018 }
1019
c2756a68 1020 other = manager_get_unit(u->manager, name);
7410616c
LP		 1021 if (other)
1022 return unit_merge(u, other);
23a177ef 1023
7410616c 1024 return unit_add_name(u, name);
23a177ef
LP		 1025}
1026
1027Unit* unit_follow_merge(Unit *u) {
1028 assert(u);
1029
ac155bb8
MS		 1030 while (u->load_state == UNIT_MERGED)
1031 assert_se(u = u->merged_into);
23a177ef
LP		 1032
1033 return u;
1034}
1035
1036int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
1037 int r;
1038
1039 assert(u);
1040 assert(c);
1041
e1e74614 1042 if (c->working_directory && !c->working_directory_missing_ok) {
eef85c4a 1043 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
36be24c8
ZJS		 1044 if (r < 0)
1045 return r;
1046 }
1047
1048 if (c->root_directory) {
eef85c4a 1049 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
36be24c8
ZJS		 1050 if (r < 0)
1051 return r;
1052 }
1053
915e6d16 1054 if (c->root_image) {
eef85c4a 1055 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
915e6d16
LP		 1056 if (r < 0)
1057 return r;
1058 }
1059
12375b95 1060 for (ExecDirectoryType dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
ada5e276
YW		 1061 if (!u->manager->prefix[dt])
1062 continue;
1063
12375b95 1064 char **dp;
ada5e276
YW		 1065 STRV_FOREACH(dp, c->directories[dt].paths) {
1066 _cleanup_free_ char *p;
1067
657ee2d8 1068 p = path_join(u->manager->prefix[dt], *dp);
ada5e276
YW		 1069 if (!p)
1070 return -ENOMEM;
1071
eef85c4a 1072 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
ada5e276
YW		 1073 if (r < 0)
1074 return r;
1075 }
1076 }
1077
463d0d15 1078 if (!MANAGER_IS_SYSTEM(u->manager))
b46a529c
LP		 1079 return 0;
1080
f3b7a79b
LP		 1081 /* For the following three directory types we need write access, and /var/ is possibly on the root
1082 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
1083 if (!strv_isempty(c->directories[EXEC_DIRECTORY_STATE].paths) ||
1084 !strv_isempty(c->directories[EXEC_DIRECTORY_CACHE].paths) ||
1085 !strv_isempty(c->directories[EXEC_DIRECTORY_LOGS].paths)) {
1086 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_REMOUNT_FS_SERVICE, true, UNIT_DEPENDENCY_FILE);
1087 if (r < 0)
1088 return r;
1089 }
1090
b46a529c 1091 if (c->private_tmp) {
d71f0505
LP		 1092 const char *p;
1093
1094 FOREACH_STRING(p, "/tmp", "/var/tmp") {
eef85c4a 1095 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
d71f0505
LP		 1096 if (r < 0)
1097 return r;
1098 }
b46a529c 1099
35d8c19a 1100 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, true, UNIT_DEPENDENCY_FILE);
b46a529c
LP		 1101 if (r < 0)
1102 return r;
1103 }
1104
33b58dfb
LP		 1105 if (c->root_image) {
1106 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1107 * implicit dependency on udev */
1108
1109 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_UDEVD_SERVICE, true, UNIT_DEPENDENCY_FILE);
1110 if (r < 0)
1111 return r;
1112 }
1113
52c239d7
LB		 1114 if (!IN_SET(c->std_output,
1115 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
f3dc6af2 1116 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
52c239d7
LB		 1117 !IN_SET(c->std_error,
1118 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
f3dc6af2 1119 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
91dd5f7c 1120 !c->log_namespace)
23a177ef
LP		 1121 return 0;
1122
91dd5f7c
LP		 1123 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1124 * is run first. */
1125
1126 if (c->log_namespace) {
dc5437c7 1127 _cleanup_free_ char *socket_unit = NULL, *varlink_socket_unit = NULL;
23a177ef 1128
91dd5f7c
LP		 1129 r = unit_name_build_from_type("systemd-journald", c->log_namespace, UNIT_SOCKET, &socket_unit);
1130 if (r < 0)
1131 return r;
1132
1133 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, socket_unit, true, UNIT_DEPENDENCY_FILE);
1134 if (r < 0)
1135 return r;
dc5437c7
LP		 1136
1137 r = unit_name_build_from_type("systemd-journald-varlink", c->log_namespace, UNIT_SOCKET, &varlink_socket_unit);
1138 if (r < 0)
1139 return r;
1140
1141 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, varlink_socket_unit, true, UNIT_DEPENDENCY_FILE);
1142 if (r < 0)
1143 return r;
91dd5f7c
LP		 1144 } else
1145 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, true, UNIT_DEPENDENCY_FILE);
b46a529c
LP		 1146 if (r < 0)
1147 return r;
23a177ef 1148
87f0e418
LP		 1149 return 0;
1150}
1151
87f0e418
LP		 1152const char *unit_description(Unit *u) {
1153 assert(u);
1154
ac155bb8
MS		 1155 if (u->description)
1156 return u->description;
87f0e418 1157
ac155bb8 1158 return strna(u->id);
87f0e418
LP		 1159}
1160
2a8f53c6
ZJS		 1161const char *unit_status_string(Unit *u) {
1162 assert(u);
1163
1164 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_NAME && u->id)
1165 return u->id;
1166
1167 return unit_description(u);
1168}
1169
87f0e418 1170/* Common implementation for multiple backends */
c3620770 1171int unit_load_fragment_and_dropin(Unit *u, bool fragment_required) {
23a177ef
LP		 1172 int r;
1173
1174 assert(u);
23a177ef 1175
e48614c4 1176 /* Load a .{service,socket,...} file */
4ad49000
LP		 1177 r = unit_load_fragment(u);
1178 if (r < 0)
23a177ef
LP		 1179 return r;
1180
c3620770
ZJS		 1181 if (u->load_state == UNIT_STUB) {
1182 if (fragment_required)
1183 return -ENOENT;
1184
1185 u->load_state = UNIT_LOADED;
1186 }
23a177ef 1187
9e4ea9cc
ZJS		 1188 /* Load drop-in directory data. If u is an alias, we might be reloading the
1189 * target unit needlessly. But we cannot be sure which drops-ins have already
1190 * been loaded and which not, at least without doing complicated book-keeping,
1191 * so let's always reread all drop-ins. */
c9e06956
ZJS		 1192 r = unit_load_dropin(unit_follow_merge(u));
1193 if (r < 0)
1194 return r;
1195
1196 if (u->source_path) {
1197 struct stat st;
1198
1199 if (stat(u->source_path, &st) >= 0)
1200 u->source_mtime = timespec_load(&st.st_mtim);
1201 else
1202 u->source_mtime = 0;
1203 }
1204
1205 return 0;
23a177ef
LP		 1206}
1207
19496554
MS		 1208void unit_add_to_target_deps_queue(Unit *u) {
1209 Manager *m = u->manager;
1210
1211 assert(u);
1212
1213 if (u->in_target_deps_queue)
1214 return;
1215
1216 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1217 u->in_target_deps_queue = true;
1218}
1219
bba34eed 1220int unit_add_default_target_dependency(Unit *u, Unit *target) {
98bc2000
LP		 1221 assert(u);
1222 assert(target);
1223
ac155bb8 1224 if (target->type != UNIT_TARGET)
98bc2000
LP		 1225 return 0;
1226
35b8ca3a 1227 /* Only add the dependency if both units are loaded, so that
bba34eed 1228 * that loop check below is reliable */
ac155bb8
MS		 1229 if (u->load_state != UNIT_LOADED ||
1230 target->load_state != UNIT_LOADED)
bba34eed
LP		 1231 return 0;
1232
21256a2b
LP		 1233 /* If either side wants no automatic dependencies, then let's
1234 * skip this */
ac155bb8
MS		 1235 if (!u->default_dependencies ||
1236 !target->default_dependencies)
21256a2b
LP		 1237 return 0;
1238
98bc2000 1239 /* Don't create loops */
eef85c4a 1240 if (hashmap_get(target->dependencies[UNIT_BEFORE], u))
98bc2000
LP		 1241 return 0;
1242
eef85c4a 1243 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
98bc2000
LP		 1244}
1245
e954c9cf
LP		 1246static int unit_add_slice_dependencies(Unit *u) {
1247 assert(u);
b81884e7 1248
35b7ff80 1249 if (!UNIT_HAS_CGROUP_CONTEXT(u))
e954c9cf
LP		 1250 return 0;
1251
eef85c4a
LP		 1252 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1253 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1254 relationship). */
f6173cb9 1255 UnitDependencyMask mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
eef85c4a 1256
e954c9cf 1257 if (UNIT_ISSET(u->slice))
eef85c4a 1258 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, UNIT_DEREF(u->slice), true, mask);
e954c9cf 1259
8c8da0e0 1260 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
d1fab3fe
ZJS		 1261 return 0;
1262
5a724170 1263 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, true, mask);
98bc2000
LP		 1264}
1265
e954c9cf 1266static int unit_add_mount_dependencies(Unit *u) {
eef85c4a
LP		 1267 UnitDependencyInfo di;
1268 const char *path;
9588bc32
LP		 1269 int r;
1270
1271 assert(u);
1272
90e74a66 1273 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for) {
eef85c4a 1274 char prefix[strlen(path) + 1];
9588bc32 1275
eef85c4a 1276 PATH_FOREACH_PREFIX_MORE(prefix, path) {
c7c89abb 1277 _cleanup_free_ char *p = NULL;
9588bc32
LP		 1278 Unit *m;
1279
c7c89abb 1280 r = unit_name_from_path(prefix, ".mount", &p);
9588bc32
LP		 1281 if (r < 0)
1282 return r;
c7c89abb
FB		 1283
1284 m = manager_get_unit(u->manager, p);
1285 if (!m) {
1286 /* Make sure to load the mount unit if
1287 * it exists. If so the dependencies
1288 * on this unit will be added later
1289 * during the loading of the mount
1290 * unit. */
1291 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
9588bc32 1292 continue;
c7c89abb 1293 }
9588bc32
LP		 1294 if (m == u)
1295 continue;
1296
1297 if (m->load_state != UNIT_LOADED)
1298 continue;
1299
eef85c4a 1300 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
9588bc32
LP		 1301 if (r < 0)
1302 return r;
1303
1304 if (m->fragment_path) {
eef85c4a 1305 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
9588bc32
LP		 1306 if (r < 0)
1307 return r;
1308 }
1309 }
1310 }
1311
1312 return 0;
1313}
1314
a2db0225
AZ		 1315static int unit_add_oomd_dependencies(Unit *u) {
1316 CGroupContext *c;
1317 bool wants_oomd;
1318 int r;
1319
1320 assert(u);
1321
1322 if (!u->default_dependencies)
1323 return 0;
1324
1325 c = unit_get_cgroup_context(u);
1326 if (!c)
1327 return 0;
1328
1329 wants_oomd = (c->moom_swap == MANAGED_OOM_KILL || c->moom_mem_pressure == MANAGED_OOM_KILL);
1330 if (!wants_oomd)
1331 return 0;
1332
1333 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "systemd-oomd.service", true, UNIT_DEPENDENCY_FILE);
1334 if (r < 0)
1335 return r;
1336
1337 return 0;
1338}
1339
95ae05c0
WC		 1340static int unit_add_startup_units(Unit *u) {
1341 CGroupContext *c;
95ae05c0
WC		 1342
1343 c = unit_get_cgroup_context(u);
db785129
LP		 1344 if (!c)
1345 return 0;
1346
d53d9474 1347 if (c->startup_cpu_shares == CGROUP_CPU_SHARES_INVALID &&
13c31542 1348 c->startup_io_weight == CGROUP_WEIGHT_INVALID &&
d53d9474 1349 c->startup_blockio_weight == CGROUP_BLKIO_WEIGHT_INVALID)
db785129
LP		 1350 return 0;
1351
de7fef4b 1352 return set_ensure_put(&u->manager->startup_units, NULL, u);
95ae05c0
WC		 1353}
1354
87f0e418
LP		 1355int unit_load(Unit *u) {
1356 int r;
1357
1358 assert(u);
1359
ac155bb8 1360 if (u->in_load_queue) {
71fda00f 1361 LIST_REMOVE(load_queue, u->manager->load_queue, u);
ac155bb8 1362 u->in_load_queue = false;
87f0e418
LP		 1363 }
1364
ac155bb8 1365 if (u->type == _UNIT_TYPE_INVALID)
e537352b
LP		 1366 return -EINVAL;
1367
ac155bb8 1368 if (u->load_state != UNIT_STUB)
87f0e418
LP		 1369 return 0;
1370
4f4afc88 1371 if (u->transient_file) {
66fa4bdd
LP		 1372 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1373 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1374
4f4afc88
LP		 1375 r = fflush_and_check(u->transient_file);
1376 if (r < 0)
1377 goto fail;
1378
50fb00b7 1379 u->transient_file = safe_fclose(u->transient_file);
f76707da 1380 u->fragment_mtime = now(CLOCK_REALTIME);
4f4afc88
LP		 1381 }
1382
c3784a7d
ZJS		 1383 r = UNIT_VTABLE(u)->load(u);
1384 if (r < 0)
23a177ef 1385 goto fail;
c3784a7d
ZJS		 1386
1387 assert(u->load_state != UNIT_STUB);
23a177ef 1388
7c8fa05c 1389 if (u->load_state == UNIT_LOADED) {
19496554 1390 unit_add_to_target_deps_queue(u);
e954c9cf
LP		 1391
1392 r = unit_add_slice_dependencies(u);
1393 if (r < 0)
1394 goto fail;
c2756a68 1395
e954c9cf 1396 r = unit_add_mount_dependencies(u);
7c8fa05c 1397 if (r < 0)
c2756a68 1398 goto fail;
7c8fa05c 1399
a2db0225
AZ		 1400 r = unit_add_oomd_dependencies(u);
1401 if (r < 0)
1402 goto fail;
1403
95ae05c0
WC		 1404 r = unit_add_startup_units(u);
1405 if (r < 0)
1406 goto fail;
1407
eef85c4a 1408 if (u->on_failure_job_mode == JOB_ISOLATE && hashmap_size(u->dependencies[UNIT_ON_FAILURE]) > 1) {
d85ff944
YW		 1409 r = log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOEXEC),
1410 "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
c2756a68
LP		 1411 goto fail;
1412 }
bc432dc7 1413
a2df3ea4
MK		 1414 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1415 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1416
5af88058
LP		 1417 /* We finished loading, let's ensure our parents recalculate the members mask */
1418 unit_invalidate_cgroup_members_masks(u);
f68319bb
LP		 1419 }
1420
ac155bb8 1421 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
23a177ef
LP		 1422
1423 unit_add_to_dbus_queue(unit_follow_merge(u));
701cc384 1424 unit_add_to_gc_queue(u);
f561e8c6 1425 (void) manager_varlink_send_managed_oom_update(u);
87f0e418 1426
87f0e418
LP		 1427 return 0;
1428
1429fail:
81be2388
ZJS		 1430 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code
1431 * should hence return ENOEXEC to ensure units are placed in this state after loading. */
c4555ad8
LP		 1432
1433 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1434 r == -ENOEXEC ? UNIT_BAD_SETTING :
1435 UNIT_ERROR;
ac155bb8 1436 u->load_error = r;
c4555ad8 1437
c149d2b4
ZJS		 1438 /* Record the timestamp on the cache, so that if the cache gets updated between now and the next time
1439 * an attempt is made to load this unit, we know we need to check again. */
7233e91a 1440 if (u->load_state == UNIT_NOT_FOUND)
c2911d48 1441 u->fragment_not_found_timestamp_hash = u->manager->unit_cache_timestamp_hash;
7233e91a 1442
c1e1601e 1443 unit_add_to_dbus_queue(u);
9a46fc3b 1444 unit_add_to_gc_queue(u);
23a177ef 1445
c4555ad8 1446 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
87f0e418
LP		 1447}
1448
f9f88198
YW		 1449_printf_(7, 8)
1450static int log_unit_internal(void *userdata, int level, int error, const char *file, int line, const char *func, const char *format, ...) {
1451 Unit *u = userdata;
1452 va_list ap;
1453 int r;
49365733 1454
f9f88198
YW		 1455 va_start(ap, format);
1456 if (u)
1457 r = log_object_internalv(level, error, file, line, func,
1458 u->manager->unit_log_field,
1459 u->id,
1460 u->manager->invocation_log_field,
1461 u->invocation_id_string,
1462 format, ap);
1463 else
1464 r = log_internalv(level, error, file, line, func, format, ap);
1465 va_end(ap);
49365733 1466
f9f88198 1467 return r;
49365733
LP		 1468}
1469
97a3f4ee 1470static bool unit_test_condition(Unit *u) {
a0b191b7
LP		 1471 _cleanup_strv_free_ char **env = NULL;
1472 int r;
1473
90bbc946
LP		 1474 assert(u);
1475
ac155bb8 1476 dual_timestamp_get(&u->condition_timestamp);
90bbc946 1477
a0b191b7
LP		 1478 r = manager_get_effective_environment(u->manager, &env);
1479 if (r < 0) {
1480 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1481 u->condition_result = CONDITION_ERROR;
1482 } else
1483 u->condition_result = condition_test_list(
1484 u->conditions,
1485 env,
1486 condition_type_to_string,
1487 log_unit_internal,
1488 u);
e18f8852 1489
a0b191b7 1490 unit_add_to_dbus_queue(u);
ac155bb8 1491 return u->condition_result;
90bbc946
LP		 1492}
1493
97a3f4ee 1494static bool unit_test_assert(Unit *u) {
a0b191b7
LP		 1495 _cleanup_strv_free_ char **env = NULL;
1496 int r;
1497
59fccdc5
LP		 1498 assert(u);
1499
1500 dual_timestamp_get(&u->assert_timestamp);
59fccdc5 1501
a0b191b7
LP		 1502 r = manager_get_effective_environment(u->manager, &env);
1503 if (r < 0) {
1504 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1505 u->assert_result = CONDITION_ERROR;
1506 } else
1507 u->assert_result = condition_test_list(
1508 u->asserts,
1509 env,
1510 assert_type_to_string,
1511 log_unit_internal,
1512 u);
e18f8852 1513
a0b191b7 1514 unit_add_to_dbus_queue(u);
59fccdc5
LP		 1515 return u->assert_result;
1516}
1517
5bcf34eb 1518void unit_status_printf(Unit *u, StatusType status_type, const char *status, const char *unit_status_msg_format) {
5b262f74
LP		 1519 const char *d;
1520
2a8f53c6 1521 d = unit_status_string(u);
5b262f74
LP		 1522 if (log_get_show_color())
1523 d = strjoina(ANSI_HIGHLIGHT, d, ANSI_NORMAL);
1524
df446f96 1525 DISABLE_WARNING_FORMAT_NONLITERAL;
5bcf34eb 1526 manager_status_printf(u->manager, status_type, status, unit_status_msg_format, d);
df446f96
LP		 1527 REENABLE_WARNING;
1528}
1529
97a3f4ee 1530int unit_test_start_limit(Unit *u) {
429926e9
TR		 1531 const char *reason;
1532
6bf0f408
LP		 1533 assert(u);
1534
7bf081a1 1535 if (ratelimit_below(&u->start_ratelimit)) {
6bf0f408
LP		 1536 u->start_limit_hit = false;
1537 return 0;
1538 }
1539
1540 log_unit_warning(u, "Start request repeated too quickly.");
1541 u->start_limit_hit = true;
1542
429926e9
TR		 1543 reason = strjoina("unit ", u->id, " failed");
1544
36c4dc08
LP		 1545 emergency_action(u->manager, u->start_limit_action,
1546 EMERGENCY_ACTION_IS_WATCHDOG|EMERGENCY_ACTION_WARN,
1547 u->reboot_arg, -1, reason);
1548
1549 return -ECANCELED;
6bf0f408
LP		 1550}
1551
c891efaf 1552bool unit_shall_confirm_spawn(Unit *u) {
631b676b 1553 assert(u);
c891efaf
FB		 1554
1555 if (manager_is_confirm_spawn_disabled(u->manager))
1556 return false;
1557
1558 /* For some reasons units remaining in the same process group
1559 * as PID 1 fail to acquire the console even if it's not used
1560 * by any process. So skip the confirmation question for them. */
1561 return !unit_get_exec_context(u)->same_pgrp;
1562}
1563
631b676b
LP		 1564static bool unit_verify_deps(Unit *u) {
1565 Unit *other;
eef85c4a 1566 void *v;
631b676b
LP		 1567
1568 assert(u);
1569
1570 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1571 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1572 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1573 * conjunction with After= as for them any such check would make things entirely racy. */
1574
90e74a66 1575 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO]) {
631b676b 1576
eef85c4a 1577 if (!hashmap_contains(u->dependencies[UNIT_AFTER], other))
631b676b
LP		 1578 continue;
1579
1580 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1581 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1582 return false;
1583 }
1584 }
1585
1586 return true;
1587}
1588
9adb6959 1589/* Errors that aren't really errors:
6bf0f408 1590 * -EALREADY: Unit is already started.
9adb6959 1591 * -ECOMM: Condition failed
6bf0f408 1592 * -EAGAIN: An operation is already in progress. Retry later.
9adb6959
LP		 1593 *
1594 * Errors that are real errors:
1595 * -EBADR: This unit type does not support starting.
2de9b979 1596 * -ECANCELED: Start limit hit, too many requests for now
6bf0f408
LP		 1597 * -EPROTO: Assert failed
1598 * -EINVAL: Unit not loaded
1599 * -EOPNOTSUPP: Unit type not supported
631b676b 1600 * -ENOLINK: The necessary dependencies are not fulfilled.
d4fd1cf2 1601 * -ESTALE: This unit has been started before and can't be started a second time
a4191c9f 1602 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
87f0e418
LP		 1603 */
1604int unit_start(Unit *u) {
1605 UnitActiveState state;
92ab323c 1606 Unit *following;
87f0e418
LP		 1607
1608 assert(u);
1609
5766aca8
LP		 1610 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1611 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1612 * waiting is finished. */
87f0e418
LP		 1613 state = unit_active_state(u);
1614 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1615 return -EALREADY;
380dc8b0
LP		 1616 if (state == UNIT_MAINTENANCE)
1617 return -EAGAIN;
87f0e418 1618
6bf0f408
LP		 1619 /* Units that aren't loaded cannot be started */
1620 if (u->load_state != UNIT_LOADED)
1621 return -EINVAL;
1622
d4fd1cf2
LP		 1623 /* Refuse starting scope units more than once */
1624 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1625 return -ESTALE;
1626
5766aca8
LP		 1627 /* If the conditions failed, don't do anything at all. If we already are activating this call might
1628 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1629 * recheck the condition in that case. */
a82e5507 1630 if (state != UNIT_ACTIVATING &&
5af6aa58 1631 !unit_test_condition(u))
5766aca8 1632 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(ECOMM), "Starting requested but condition failed. Not starting unit.");
52661efd 1633
59fccdc5
LP		 1634 /* If the asserts failed, fail the entire job */
1635 if (state != UNIT_ACTIVATING &&
5766aca8
LP		 1636 !unit_test_assert(u))
1637 return log_unit_notice_errno(u, SYNTHETIC_ERRNO(EPROTO), "Starting requested but asserts failed.");
59fccdc5 1638
5766aca8
LP		 1639 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1640 * condition checks, so that we rather return condition check errors (which are usually not
1641 * considered a true failure) than "not supported" errors (which are considered a failure).
d11a7645 1642 */
96cf3ec9 1643 if (!unit_type_supported(u->type))
d11a7645
LP		 1644 return -EOPNOTSUPP;
1645
5766aca8
LP		 1646 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1647 * should have taken care of this already, but let's check this here again. After all, our
1648 * dependencies might not be in effect anymore, due to a reload or due to a failed condition. */
631b676b
LP		 1649 if (!unit_verify_deps(u))
1650 return -ENOLINK;
1651
92ab323c 1652 /* Forward to the main object, if we aren't it. */
52990c2e
ZJS		 1653 following = unit_following(u);
1654 if (following) {
f2341e0a 1655 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
92ab323c
LP		 1656 return unit_start(following);
1657 }
1658
1659 /* If it is stopped, but we cannot start it, then fail */
1660 if (!UNIT_VTABLE(u)->start)
1661 return -EBADR;
1662
5766aca8
LP		 1663 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1664 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1665 * waits for a holdoff timer to elapse before it will start again. */
87f0e418 1666
c1e1601e 1667 unit_add_to_dbus_queue(u);
d9e45bc3 1668 unit_cgroup_freezer_action(u, FREEZER_THAW);
9e58ff9c 1669
d1a34ae9 1670 return UNIT_VTABLE(u)->start(u);
87f0e418
LP		 1671}
1672
1673bool unit_can_start(Unit *u) {
1674 assert(u);
1675
8ff4d2ab
LP		 1676 if (u->load_state != UNIT_LOADED)
1677 return false;
1678
96cf3ec9 1679 if (!unit_type_supported(u->type))
8ff4d2ab
LP		 1680 return false;
1681
d4fd1cf2
LP		 1682 /* Scope units may be started only once */
1683 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1684 return false;
1685
87f0e418
LP		 1686 return !!UNIT_VTABLE(u)->start;
1687}
1688
2528a7a6
LP		 1689bool unit_can_isolate(Unit *u) {
1690 assert(u);
1691
1692 return unit_can_start(u) &&
ac155bb8 1693 u->allow_isolate;
2528a7a6
LP		 1694}
1695
87f0e418
LP		 1696/* Errors:
1697 * -EBADR: This unit type does not support stopping.
1698 * -EALREADY: Unit is already stopped.
1699 * -EAGAIN: An operation is already in progress. Retry later.
1700 */
1701int unit_stop(Unit *u) {
1702 UnitActiveState state;
92ab323c 1703 Unit *following;
87f0e418
LP		 1704
1705 assert(u);
1706
87f0e418 1707 state = unit_active_state(u);
fdf20a31 1708 if (UNIT_IS_INACTIVE_OR_FAILED(state))
87f0e418
LP		 1709 return -EALREADY;
1710
0faacd47
LP		 1711 following = unit_following(u);
1712 if (following) {
f2341e0a 1713 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
92ab323c
LP		 1714 return unit_stop(following);
1715 }
1716
7898b0cf
LP		 1717 if (!UNIT_VTABLE(u)->stop)
1718 return -EBADR;
1719
c1e1601e 1720 unit_add_to_dbus_queue(u);
d9e45bc3 1721 unit_cgroup_freezer_action(u, FREEZER_THAW);
9e58ff9c 1722
d1a34ae9 1723 return UNIT_VTABLE(u)->stop(u);
87f0e418
LP		 1724}
1725
f5869324
LP		 1726bool unit_can_stop(Unit *u) {
1727 assert(u);
1728
39c79477
ZJS		 1729 /* Note: if we return true here, it does not mean that the unit may be successfully stopped.
1730 * Extrinsic units follow external state and they may stop following external state changes
1731 * (hence we return true here), but an attempt to do this through the manager will fail. */
1732
96cf3ec9 1733 if (!unit_type_supported(u->type))
f5869324
LP		 1734 return false;
1735
1736 if (u->perpetual)
1737 return false;
1738
1739 return !!UNIT_VTABLE(u)->stop;
1740}
1741
87f0e418
LP		 1742/* Errors:
1743 * -EBADR: This unit type does not support reloading.
1744 * -ENOEXEC: Unit is not started.
1745 * -EAGAIN: An operation is already in progress. Retry later.
1746 */
1747int unit_reload(Unit *u) {
1748 UnitActiveState state;
92ab323c 1749 Unit *following;
87f0e418
LP		 1750
1751 assert(u);
1752
ac155bb8 1753 if (u->load_state != UNIT_LOADED)
6124958c
LP		 1754 return -EINVAL;
1755
87f0e418
LP		 1756 if (!unit_can_reload(u))
1757 return -EBADR;
1758
1759 state = unit_active_state(u);
e364ad06 1760 if (state == UNIT_RELOADING)
6255af75 1761 return -EAGAIN;
87f0e418 1762
d85ff944
YW		 1763 if (state != UNIT_ACTIVE)
1764 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "Unit cannot be reloaded because it is inactive.");
87f0e418 1765
e48614c4
ZJS		 1766 following = unit_following(u);
1767 if (following) {
f2341e0a 1768 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
92ab323c
LP		 1769 return unit_reload(following);
1770 }
1771
c1e1601e 1772 unit_add_to_dbus_queue(u);
82a2b6bb 1773
f54bcca5
JR		 1774 if (!UNIT_VTABLE(u)->reload) {
1775 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
2ad2e41a 1776 unit_notify(u, unit_active_state(u), unit_active_state(u), 0);
f54bcca5
JR		 1777 return 0;
1778 }
1779
d9e45bc3
MS		 1780 unit_cgroup_freezer_action(u, FREEZER_THAW);
1781
d1a34ae9 1782 return UNIT_VTABLE(u)->reload(u);
87f0e418
LP		 1783}
1784
1785bool unit_can_reload(Unit *u) {
1786 assert(u);
1787
f54bcca5
JR		 1788 if (UNIT_VTABLE(u)->can_reload)
1789 return UNIT_VTABLE(u)->can_reload(u);
87f0e418 1790
eef85c4a 1791 if (!hashmap_isempty(u->dependencies[UNIT_PROPAGATES_RELOAD_TO]))
87f0e418
LP		 1792 return true;
1793
f54bcca5 1794 return UNIT_VTABLE(u)->reload;
87f0e418
LP		 1795}
1796
a3c1168a
LP		 1797bool unit_is_unneeded(Unit *u) {
1798 static const UnitDependency deps[] = {
be7d9ff7 1799 UNIT_REQUIRED_BY,
084918ba 1800 UNIT_REQUISITE_OF,
be7d9ff7
LP		 1801 UNIT_WANTED_BY,
1802 UNIT_BOUND_BY,
1803 };
f3bff0eb
LP		 1804
1805 assert(u);
1806
ac155bb8 1807 if (!u->stop_when_unneeded)
a3c1168a 1808 return false;
f3bff0eb 1809
a3c1168a
LP		 1810 /* Don't clean up while the unit is transitioning or is even inactive. */
1811 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
1812 return false;
1813 if (u->job)
1814 return false;
f3bff0eb 1815
12375b95 1816 for (size_t j = 0; j < ELEMENTSOF(deps); j++) {
eef85c4a 1817 Unit *other;
eef85c4a
LP		 1818 void *v;
1819
fda09318 1820 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
a3c1168a 1821 * restart, then don't clean this one up. */
b81884e7 1822
90e74a66 1823 HASHMAP_FOREACH_KEY(v, other, u->dependencies[deps[j]]) {
93d4cb09 1824 if (other->job)
a3c1168a
LP		 1825 return false;
1826
1827 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
1828 return false;
1829
1830 if (unit_will_restart(other))
1831 return false;
1832 }
bea355da
LP		 1833 }
1834
a3c1168a
LP		 1835 return true;
1836}
f3bff0eb 1837
a3c1168a
LP		 1838static void check_unneeded_dependencies(Unit *u) {
1839
1840 static const UnitDependency deps[] = {
1841 UNIT_REQUIRES,
1842 UNIT_REQUISITE,
1843 UNIT_WANTS,
1844 UNIT_BINDS_TO,
1845 };
a3c1168a
LP		 1846
1847 assert(u);
1848
1849 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
1850
12375b95 1851 for (size_t j = 0; j < ELEMENTSOF(deps); j++) {
a3c1168a 1852 Unit *other;
a3c1168a
LP		 1853 void *v;
1854
90e74a66 1855 HASHMAP_FOREACH_KEY(v, other, u->dependencies[deps[j]])
fda09318 1856 unit_submit_to_stop_when_unneeded_queue(other);
a3c1168a 1857 }
f3bff0eb
LP		 1858}
1859
ff502445 1860static void unit_check_binds_to(Unit *u) {
4afd3348 1861 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
ff502445
LP		 1862 bool stop = false;
1863 Unit *other;
eef85c4a 1864 void *v;
67bfdc97 1865 int r;
ff502445
LP		 1866
1867 assert(u);
1868
1869 if (u->job)
1870 return;
1871
1872 if (unit_active_state(u) != UNIT_ACTIVE)
1873 return;
1874
90e74a66 1875 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO]) {
ff502445
LP		 1876 if (other->job)
1877 continue;
13ddc3fc
ZJS		 1878
1879 if (!other->coldplugged)
1880 /* We might yet create a job for the other unit… */
1881 continue;
ff502445
LP		 1882
1883 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
1884 continue;
1885
1886 stop = true;
98f738b6 1887 break;
ff502445
LP		 1888 }
1889
1890 if (!stop)
1891 return;
1892
595bfe7d 1893 /* If stopping a unit fails continuously we might enter a stop
67bfdc97
LP		 1894 * loop here, hence stop acting on the service being
1895 * unnecessary after a while. */
7994ac1d 1896 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
67bfdc97
LP		 1897 log_unit_warning(u, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other->id);
1898 return;
1899 }
1900
98f738b6 1901 assert(other);
f2341e0a 1902 log_unit_info(u, "Unit is bound to inactive unit %s. Stopping, too.", other->id);
ff502445
LP		 1903
1904 /* A unit we need to run is gone. Sniff. Let's stop this. */
50cbaba4 1905 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, NULL, &error, NULL);
67bfdc97 1906 if (r < 0)
4bd29fe5 1907 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
ff502445
LP		 1908}
1909
87f0e418 1910static void retroactively_start_dependencies(Unit *u) {
87f0e418 1911 Unit *other;
eef85c4a 1912 void *v;
87f0e418
LP		 1913
1914 assert(u);
1915 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
1916
90e74a66 1917 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES])
eef85c4a 1918 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
b81884e7 1919 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
50cbaba4 1920 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL, NULL);
b81884e7 1921
90e74a66 1922 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO])
eef85c4a 1923 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
b81884e7 1924 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
50cbaba4 1925 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL, NULL);
87f0e418 1926
90e74a66 1927 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS])
eef85c4a 1928 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
b81884e7 1929 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
50cbaba4 1930 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL, NULL);
87f0e418 1931
90e74a66 1932 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTS])
b81884e7 1933 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
50cbaba4 1934 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
69dd2852 1935
90e74a66 1936 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTED_BY])
b81884e7 1937 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
50cbaba4 1938 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
87f0e418
LP		 1939}
1940
1941static void retroactively_stop_dependencies(Unit *u) {
87f0e418 1942 Unit *other;
eef85c4a 1943 void *v;
87f0e418
LP		 1944
1945 assert(u);
1946 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
1947
b81884e7 1948 /* Pull down units which are bound to us recursively if enabled */
90e74a66 1949 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BOUND_BY])
b81884e7 1950 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
50cbaba4 1951 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
cd0504d0
MS		 1952}
1953
3ecaa09b 1954void unit_start_on_failure(Unit *u) {
c0daa706 1955 Unit *other;
eef85c4a 1956 void *v;
7f66b026 1957 int r;
c0daa706
LP		 1958
1959 assert(u);
1960
eef85c4a 1961 if (hashmap_size(u->dependencies[UNIT_ON_FAILURE]) <= 0)
222ae6a8
LP		 1962 return;
1963
f2341e0a 1964 log_unit_info(u, "Triggering OnFailure= dependencies.");
222ae6a8 1965
90e74a66 1966 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_ON_FAILURE]) {
7f66b026 1967 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
222ae6a8 1968
50cbaba4 1969 r = manager_add_job(u->manager, JOB_START, other, u->on_failure_job_mode, NULL, &error, NULL);
c1b6628d 1970 if (r < 0)
7f66b026 1971 log_unit_warning_errno(u, r, "Failed to enqueue OnFailure= job, ignoring: %s", bus_error_message(&error, r));
222ae6a8 1972 }
c0daa706
LP		 1973}
1974
3ecaa09b
LP		 1975void unit_trigger_notify(Unit *u) {
1976 Unit *other;
eef85c4a 1977 void *v;
3ecaa09b
LP		 1978
1979 assert(u);
1980
90e74a66 1981 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_TRIGGERED_BY])
3ecaa09b
LP		 1982 if (UNIT_VTABLE(other)->trigger_notify)
1983 UNIT_VTABLE(other)->trigger_notify(other, u);
1984}
1985
37109b85
ZJS		 1986static int raise_level(int log_level, bool condition_info, bool condition_notice) {
1987 if (condition_notice && log_level > LOG_NOTICE)
1988 return LOG_NOTICE;
1989 if (condition_info && log_level > LOG_INFO)
1990 return LOG_INFO;
1991 return log_level;
1992}
1993
915b1d01 1994static int unit_log_resources(Unit *u) {
bc40a20e
LP		 1995 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + _CGROUP_IO_ACCOUNTING_METRIC_MAX + 4];
1996 bool any_traffic = false, have_ip_accounting = false, any_io = false, have_io_accounting = false;
1997 _cleanup_free_ char *igress = NULL, *egress = NULL, *rr = NULL, *wr = NULL;
162392b7 1998 int log_level = LOG_DEBUG; /* May be raised if resources consumed over a threshold */
915b1d01 1999 size_t n_message_parts = 0, n_iovec = 0;
bc40a20e 2000 char* message_parts[1 + 2 + 2 + 1], *t;
915b1d01 2001 nsec_t nsec = NSEC_INFINITY;
915b1d01
LP		 2002 int r;
2003 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2004 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2005 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2006 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2007 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2008 };
bc40a20e
LP		 2009 const char* const io_fields[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
2010 [CGROUP_IO_READ_BYTES] = "IO_METRIC_READ_BYTES",
2011 [CGROUP_IO_WRITE_BYTES] = "IO_METRIC_WRITE_BYTES",
2012 [CGROUP_IO_READ_OPERATIONS] = "IO_METRIC_READ_OPERATIONS",
2013 [CGROUP_IO_WRITE_OPERATIONS] = "IO_METRIC_WRITE_OPERATIONS",
2014 };
915b1d01
LP		 2015
2016 assert(u);
2017
2018 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2019 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2020 * information and the complete data in structured fields. */
2021
2022 (void) unit_get_cpu_usage(u, &nsec);
2023 if (nsec != NSEC_INFINITY) {
2024 char buf[FORMAT_TIMESPAN_MAX] = "";
2025
2026 /* Format the CPU time for inclusion in the structured log message */
2027 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2028 r = log_oom();
2029 goto finish;
2030 }
2031 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2032
2033 /* Format the CPU time for inclusion in the human language message string */
2034 format_timespan(buf, sizeof(buf), nsec / NSEC_PER_USEC, USEC_PER_MSEC);
ec9d636b 2035 t = strjoin("consumed ", buf, " CPU time");
915b1d01
LP		 2036 if (!t) {
2037 r = log_oom();
2038 goto finish;
2039 }
2040
2041 message_parts[n_message_parts++] = t;
37109b85
ZJS		 2042
2043 log_level = raise_level(log_level,
2044 nsec > NOTICEWORTHY_CPU_NSEC,
2045 nsec > MENTIONWORTHY_CPU_NSEC);
915b1d01
LP		 2046 }
2047
bc40a20e
LP		 2048 for (CGroupIOAccountingMetric k = 0; k < _CGROUP_IO_ACCOUNTING_METRIC_MAX; k++) {
2049 char buf[FORMAT_BYTES_MAX] = "";
2050 uint64_t value = UINT64_MAX;
2051
2052 assert(io_fields[k]);
2053
2054 (void) unit_get_io_accounting(u, k, k > 0, &value);
2055 if (value == UINT64_MAX)
2056 continue;
2057
2058 have_io_accounting = true;
2059 if (value > 0)
2060 any_io = true;
2061
2062 /* Format IO accounting data for inclusion in the structured log message */
2063 if (asprintf(&t, "%s=%" PRIu64, io_fields[k], value) < 0) {
2064 r = log_oom();
2065 goto finish;
2066 }
2067 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2068
2069 /* Format the IO accounting data for inclusion in the human language message string, but only
2070 * for the bytes counters (and not for the operations counters) */
2071 if (k == CGROUP_IO_READ_BYTES) {
2072 assert(!rr);
2073 rr = strjoin("read ", format_bytes(buf, sizeof(buf), value), " from disk");
2074 if (!rr) {
2075 r = log_oom();
2076 goto finish;
2077 }
2078 } else if (k == CGROUP_IO_WRITE_BYTES) {
2079 assert(!wr);
2080 wr = strjoin("written ", format_bytes(buf, sizeof(buf), value), " to disk");
2081 if (!wr) {
2082 r = log_oom();
2083 goto finish;
2084 }
2085 }
37109b85
ZJS		 2086
2087 if (IN_SET(k, CGROUP_IO_READ_BYTES, CGROUP_IO_WRITE_BYTES))
2088 log_level = raise_level(log_level,
2089 value > MENTIONWORTHY_IO_BYTES,
2090 value > NOTICEWORTHY_IO_BYTES);
bc40a20e
LP		 2091 }
2092
2093 if (have_io_accounting) {
2094 if (any_io) {
2095 if (rr)
2096 message_parts[n_message_parts++] = TAKE_PTR(rr);
2097 if (wr)
2098 message_parts[n_message_parts++] = TAKE_PTR(wr);
2099
2100 } else {
2101 char *k;
2102
2103 k = strdup("no IO");
2104 if (!k) {
2105 r = log_oom();
2106 goto finish;
2107 }
2108
2109 message_parts[n_message_parts++] = k;
2110 }
2111 }
2112
12375b95 2113 for (CGroupIPAccountingMetric m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
915b1d01
LP		 2114 char buf[FORMAT_BYTES_MAX] = "";
2115 uint64_t value = UINT64_MAX;
2116
2117 assert(ip_fields[m]);
2118
2119 (void) unit_get_ip_accounting(u, m, &value);
2120 if (value == UINT64_MAX)
2121 continue;
82044702
LP		 2122
2123 have_ip_accounting = true;
a87b1faa
LP		 2124 if (value > 0)
2125 any_traffic = true;
915b1d01
LP		 2126
2127 /* Format IP accounting data for inclusion in the structured log message */
2128 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2129 r = log_oom();
2130 goto finish;
2131 }
2132 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2133
2134 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2135 * bytes counters (and not for the packets counters) */
a87b1faa
LP		 2136 if (m == CGROUP_IP_INGRESS_BYTES) {
2137 assert(!igress);
ec9d636b 2138 igress = strjoin("received ", format_bytes(buf, sizeof(buf), value), " IP traffic");
a87b1faa
LP		 2139 if (!igress) {
2140 r = log_oom();
2141 goto finish;
2142 }
2143 } else if (m == CGROUP_IP_EGRESS_BYTES) {
2144 assert(!egress);
ec9d636b 2145 egress = strjoin("sent ", format_bytes(buf, sizeof(buf), value), " IP traffic");
a87b1faa
LP		 2146 if (!egress) {
2147 r = log_oom();
2148 goto finish;
2149 }
2150 }
37109b85
ZJS		 2151
2152 if (IN_SET(m, CGROUP_IP_INGRESS_BYTES, CGROUP_IP_EGRESS_BYTES))
2153 log_level = raise_level(log_level,
2154 value > MENTIONWORTHY_IP_BYTES,
2155 value > NOTICEWORTHY_IP_BYTES);
a87b1faa
LP		 2156 }
2157
82044702
LP		 2158 if (have_ip_accounting) {
2159 if (any_traffic) {
2160 if (igress)
2161 message_parts[n_message_parts++] = TAKE_PTR(igress);
2162 if (egress)
2163 message_parts[n_message_parts++] = TAKE_PTR(egress);
a87b1faa 2164
82044702
LP		 2165 } else {
2166 char *k;
915b1d01 2167
82044702
LP		 2168 k = strdup("no IP traffic");
2169 if (!k) {
2170 r = log_oom();
2171 goto finish;
2172 }
2173
2174 message_parts[n_message_parts++] = k;
2175 }
915b1d01
LP		 2176 }
2177
2178 /* Is there any accounting data available at all? */
2179 if (n_iovec == 0) {
2180 r = 0;
2181 goto finish;
2182 }
2183
2184 if (n_message_parts == 0)
a87b1faa 2185 t = strjoina("MESSAGE=", u->id, ": Completed.");
915b1d01
LP		 2186 else {
2187 _cleanup_free_ char *joined;
2188
2189 message_parts[n_message_parts] = NULL;
2190
2191 joined = strv_join(message_parts, ", ");
2192 if (!joined) {
2193 r = log_oom();
2194 goto finish;
2195 }
2196
ec9d636b 2197 joined[0] = ascii_toupper(joined[0]);
a87b1faa 2198 t = strjoina("MESSAGE=", u->id, ": ", joined, ".");
915b1d01
LP		 2199 }
2200
2201 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2202 * and hence don't increase n_iovec for them */
2203 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2204 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2205
2206 t = strjoina(u->manager->unit_log_field, u->id);
2207 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2208
2209 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2210 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2211
37109b85 2212 log_struct_iovec(log_level, iovec, n_iovec + 4);
915b1d01
LP		 2213 r = 0;
2214
2215finish:
12375b95 2216 for (size_t i = 0; i < n_message_parts; i++)
915b1d01
LP		 2217 free(message_parts[i]);
2218
12375b95 2219 for (size_t i = 0; i < n_iovec; i++)
915b1d01
LP		 2220 free(iovec[i].iov_base);
2221
2222 return r;
2223
2224}
2225
adefcf28
LP		 2226static void unit_update_on_console(Unit *u) {
2227 bool b;
2228
2229 assert(u);
2230
2231 b = unit_needs_console(u);
2232 if (u->on_console == b)
2233 return;
2234
2235 u->on_console = b;
2236 if (b)
2237 manager_ref_console(u->manager);
2238 else
2239 manager_unref_console(u->manager);
adefcf28
LP		 2240}
2241
6eb65e7c
LP		 2242static void unit_emit_audit_start(Unit *u) {
2243 assert(u);
2244
2245 if (u->type != UNIT_SERVICE)
2246 return;
2247
2248 /* Write audit record if we have just finished starting up */
2249 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, true);
2250 u->in_audit = true;
2251}
2252
2253static void unit_emit_audit_stop(Unit *u, UnitActiveState state) {
2254 assert(u);
2255
2256 if (u->type != UNIT_SERVICE)
2257 return;
2258
2259 if (u->in_audit) {
2260 /* Write audit record if we have just finished shutting down */
2261 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, state == UNIT_INACTIVE);
2262 u->in_audit = false;
2263 } else {
2264 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2265 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, state == UNIT_INACTIVE);
2266
2267 if (state == UNIT_INACTIVE)
2268 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, true);
2269 }
2270}
2271
16c74914
LP		 2272static bool unit_process_job(Job *j, UnitActiveState ns, UnitNotifyFlags flags) {
2273 bool unexpected = false;
31cd5f63 2274 JobResult result;
16c74914
LP		 2275
2276 assert(j);
2277
2278 if (j->state == JOB_WAITING)
2279
2280 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2281 * due to EAGAIN. */
2282 job_add_to_run_queue(j);
2283
2284 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2285 * hence needs to invalidate jobs. */
2286
2287 switch (j->type) {
2288
2289 case JOB_START:
2290 case JOB_VERIFY_ACTIVE:
2291
2292 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2293 job_finish_and_invalidate(j, JOB_DONE, true, false);
2294 else if (j->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2295 unexpected = true;
2296
31cd5f63
AZ		 2297 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2298 if (ns == UNIT_FAILED)
2299 result = JOB_FAILED;
31cd5f63
AZ		 2300 else
2301 result = JOB_DONE;
2302
2303 job_finish_and_invalidate(j, result, true, false);
2304 }
16c74914
LP		 2305 }
2306
2307 break;
2308
2309 case JOB_RELOAD:
2310 case JOB_RELOAD_OR_START:
2311 case JOB_TRY_RELOAD:
2312
2313 if (j->state == JOB_RUNNING) {
2314 if (ns == UNIT_ACTIVE)
2315 job_finish_and_invalidate(j, (flags & UNIT_NOTIFY_RELOAD_FAILURE) ? JOB_FAILED : JOB_DONE, true, false);
2316 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2317 unexpected = true;
2318
2319 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2320 job_finish_and_invalidate(j, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2321 }
2322 }
2323
2324 break;
2325
2326 case JOB_STOP:
2327 case JOB_RESTART:
2328 case JOB_TRY_RESTART:
2329
2330 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2331 job_finish_and_invalidate(j, JOB_DONE, true, false);
2332 else if (j->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2333 unexpected = true;
2334 job_finish_and_invalidate(j, JOB_FAILED, true, false);
2335 }
2336
2337 break;
2338
2339 default:
2340 assert_not_reached("Job type unknown");
2341 }
2342
2343 return unexpected;
2344}
2345
2ad2e41a 2346void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, UnitNotifyFlags flags) {
429926e9 2347 const char *reason;
8559b3b7 2348 Manager *m;
a096ed36 2349
87f0e418
LP		 2350 assert(u);
2351 assert(os < _UNIT_ACTIVE_STATE_MAX);
2352 assert(ns < _UNIT_ACTIVE_STATE_MAX);
87f0e418 2353
8559b3b7
LP		 2354 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2355 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2356 * remounted this function will be called too! */
87f0e418 2357
546ac4f0
MS		 2358 m = u->manager;
2359
3c4832ad
LP		 2360 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2361 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2362 unit_add_to_dbus_queue(u);
2363
e30bbc90
AZ		 2364 /* Update systemd-oomd on the property/state change */
2365 if (os != ns) {
2366 /* Always send an update if the unit is going into an inactive state so systemd-oomd knows to stop
2367 * monitoring.
2368 * Also send an update whenever the unit goes active; this is to handle a case where an override file
2369 * sets one of the ManagedOOM*= properties to "kill", then later removes it. systemd-oomd needs to
2370 * know to stop monitoring when the unit changes from "kill" -> "auto" on daemon-reload, but we don't
2371 * have the information on the property. Thus, indiscriminately send an update. */
f561e8c6 2372 if (UNIT_IS_INACTIVE_OR_FAILED(ns) || UNIT_IS_ACTIVE_OR_RELOADING(ns))
e30bbc90
AZ		 2373 (void) manager_varlink_send_managed_oom_update(u);
2374 }
2375
f755e3b7 2376 /* Update timestamps for state changes */
2c289ea8 2377 if (!MANAGER_IS_RELOADING(m)) {
a483fb59 2378 dual_timestamp_get(&u->state_change_timestamp);
173e3821 2379
bdbf9951 2380 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2381 u->inactive_exit_timestamp = u->state_change_timestamp;
bdbf9951 2382 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2383 u->inactive_enter_timestamp = u->state_change_timestamp;
bdbf9951
LP		 2384
2385 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2386 u->active_enter_timestamp = u->state_change_timestamp;
bdbf9951 2387 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2388 u->active_exit_timestamp = u->state_change_timestamp;
bdbf9951 2389 }
87f0e418 2390
865cc19a 2391 /* Keep track of failed units */
8724defe 2392 (void) manager_update_failed_units(m, u, ns == UNIT_FAILED);
f755e3b7 2393
d3070fbd
LP		 2394 /* Make sure the cgroup and state files are always removed when we become inactive */
2395 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
ff68472a
ZJS		 2396 SET_FLAG(u->markers,
2397 (1u << UNIT_MARKER_NEEDS_RELOAD)|(1u << UNIT_MARKER_NEEDS_RESTART),
2398 false);
efdb0237 2399 unit_prune_cgroup(u);
d3070fbd 2400 unit_unlink_state_files(u);
ff68472a
ZJS		 2401 } else if (ns != os && ns == UNIT_RELOADING)
2402 SET_FLAG(u->markers, 1u << UNIT_MARKER_NEEDS_RELOAD, false);
fb385181 2403
adefcf28 2404 unit_update_on_console(u);
7ed9f6cd 2405
2c289ea8 2406 if (!MANAGER_IS_RELOADING(m)) {
a1c7334b
LP		 2407 bool unexpected;
2408
2409 /* Let's propagate state changes to the job */
2410 if (u->job)
2411 unexpected = unit_process_job(u->job, ns, flags);
2412 else
2413 unexpected = true;
f3bff0eb 2414
a1c7334b
LP		 2415 /* If this state change happened without being requested by a job, then let's retroactively start or
2416 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2417 * additional jobs just because something is already activated. */
bdbf9951
LP		 2418
2419 if (unexpected) {
2420 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2421 retroactively_start_dependencies(u);
2422 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2423 retroactively_stop_dependencies(u);
2424 }
5de9682c 2425
cd0504d0 2426 /* stop unneeded units regardless if going down was expected or not */
a3c1168a 2427 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
cd0504d0
MS		 2428 check_unneeded_dependencies(u);
2429
bdbf9951 2430 if (ns != os && ns == UNIT_FAILED) {
ed77d407 2431 log_unit_debug(u, "Unit entered failed state.");
2ad2e41a
LP		 2432
2433 if (!(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
2434 unit_start_on_failure(u);
cd6d0a45 2435 }
e537352b 2436
256f65d0
LP		 2437 if (UNIT_IS_ACTIVE_OR_RELOADING(ns) && !UNIT_IS_ACTIVE_OR_RELOADING(os)) {
2438 /* This unit just finished starting up */
3b2775c5 2439
6eb65e7c 2440 unit_emit_audit_start(u);
546ac4f0 2441 manager_send_unit_plymouth(m, u);
256f65d0 2442 }
bdbf9951 2443
256f65d0 2444 if (UNIT_IS_INACTIVE_OR_FAILED(ns) && !UNIT_IS_INACTIVE_OR_FAILED(os)) {
915b1d01 2445 /* This unit just stopped/failed. */
256f65d0 2446
6eb65e7c 2447 unit_emit_audit_stop(u, ns);
915b1d01 2448 unit_log_resources(u);
cd6d0a45 2449 }
f278026d
LP		 2450 }
2451
31dc1ca3
LP		 2452 manager_recheck_journal(m);
2453 manager_recheck_dbus(m);
e63ebf71 2454
3ecaa09b 2455 unit_trigger_notify(u);
3b2775c5 2456
8724defe 2457 if (!MANAGER_IS_RELOADING(m)) {
8559b3b7 2458 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
fda09318 2459 unit_submit_to_stop_when_unneeded_queue(u);
c1e1601e 2460
8559b3b7
LP		 2461 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when
2462 * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive,
ff502445
LP		 2463 * without ever entering started.) */
2464 unit_check_binds_to(u);
53c35a76 2465
429926e9
TR		 2466 if (os != UNIT_FAILED && ns == UNIT_FAILED) {
2467 reason = strjoina("unit ", u->id, " failed");
36c4dc08 2468 emergency_action(m, u->failure_action, 0, u->reboot_arg, unit_failure_action_exit_status(u), reason);
429926e9
TR		 2469 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE) {
2470 reason = strjoina("unit ", u->id, " succeeded");
36c4dc08 2471 emergency_action(m, u->success_action, 0, u->reboot_arg, unit_success_action_exit_status(u), reason);
429926e9 2472 }
ff502445
LP		 2473 }
2474
701cc384 2475 unit_add_to_gc_queue(u);
87f0e418
LP		 2476}
2477
f75f613d 2478int unit_watch_pid(Unit *u, pid_t pid, bool exclusive) {
62a76913 2479 int r;
a911bb9a 2480
87f0e418 2481 assert(u);
62a76913 2482 assert(pid_is_valid(pid));
87f0e418 2483
62a76913 2484 /* Watch a specific PID */
5ba6985b 2485
f75f613d
FB		 2486 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2487 * opportunity to remove any stalled references to this PID as they can be created
2488 * easily (when watching a process which is not our direct child). */
2489 if (exclusive)
2490 manager_unwatch_pid(u->manager, pid);
2491
d5099efc 2492 r = set_ensure_allocated(&u->pids, NULL);
5ba6985b
LP		 2493 if (r < 0)
2494 return r;
2495
62a76913 2496 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
a911bb9a
LP		 2497 if (r < 0)
2498 return r;
2499
62a76913
LP		 2500 /* First try, let's add the unit keyed by "pid". */
2501 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2502 if (r == -EEXIST) {
2503 Unit **array;
2504 bool found = false;
2505 size_t n = 0;
05e343b7 2506
62a76913
LP		 2507 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2508 * to an array of Units rather than just a Unit), lists us already. */
a911bb9a 2509
62a76913
LP		 2510 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2511 if (array)
2512 for (; array[n]; n++)
2513 if (array[n] == u)
2514 found = true;
a911bb9a 2515
62a76913
LP		 2516 if (found) /* Found it already? if so, do nothing */
2517 r = 0;
2518 else {
2519 Unit **new_array;
2520
2521 /* Allocate a new array */
2522 new_array = new(Unit*, n + 2);
2523 if (!new_array)
2524 return -ENOMEM;
2525
2526 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2527 new_array[n] = u;
2528 new_array[n+1] = NULL;
2529
2530 /* Add or replace the old array */
2531 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2532 if (r < 0) {
2533 free(new_array);
2534 return r;
2535 }
2536
2537 free(array);
2538 }
2539 } else if (r < 0)
2540 return r;
2541
2542 r = set_put(u->pids, PID_TO_PTR(pid));
2543 if (r < 0)
2544 return r;
2545
2546 return 0;
87f0e418
LP		 2547}
2548
2549void unit_unwatch_pid(Unit *u, pid_t pid) {
62a76913
LP		 2550 Unit **array;
2551
87f0e418 2552 assert(u);
62a76913
LP		 2553 assert(pid_is_valid(pid));
2554
2555 /* First let's drop the unit in case it's keyed as "pid". */
2556 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2557
2558 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2559 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2560 if (array) {
62a76913 2561 /* Let's iterate through the array, dropping our own entry */
12375b95
ZJS		 2562
2563 size_t m = 0;
2564 for (size_t n = 0; array[n]; n++)
62a76913
LP		 2565 if (array[n] != u)
2566 array[m++] = array[n];
2567 array[m] = NULL;
2568
2569 if (m == 0) {
2570 /* The array is now empty, remove the entire entry */
20c3acfa 2571 assert_se(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
62a76913
LP		 2572 free(array);
2573 }
2574 }
87f0e418 2575
fea72cc0 2576 (void) set_remove(u->pids, PID_TO_PTR(pid));
a911bb9a
LP		 2577}
2578
bd44e61b
LP		 2579void unit_unwatch_all_pids(Unit *u) {
2580 assert(u);
2581
2582 while (!set_isempty(u->pids))
fea72cc0 2583 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
bd44e61b 2584
efdb0237 2585 u->pids = set_free(u->pids);
a911bb9a
LP		 2586}
2587
50be4f4a
LP		 2588static void unit_tidy_watch_pids(Unit *u) {
2589 pid_t except1, except2;
a911bb9a
LP		 2590 void *e;
2591
2592 assert(u);
2593
2594 /* Cleans dead PIDs from our list */
2595
50be4f4a
LP		 2596 except1 = unit_main_pid(u);
2597 except2 = unit_control_pid(u);
2598
90e74a66 2599 SET_FOREACH(e, u->pids) {
fea72cc0 2600 pid_t pid = PTR_TO_PID(e);
a911bb9a
LP		 2601
2602 if (pid == except1 || pid == except2)
2603 continue;
2604
9f5650ae 2605 if (!pid_is_unwaited(pid))
bd44e61b 2606 unit_unwatch_pid(u, pid);
a911bb9a 2607 }
87f0e418
LP		 2608}
2609
50be4f4a
LP		 2610static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
2611 Unit *u = userdata;
2612
2613 assert(s);
2614 assert(u);
2615
2616 unit_tidy_watch_pids(u);
2617 unit_watch_all_pids(u);
2618
2619 /* If the PID set is empty now, then let's finish this off. */
2620 unit_synthesize_cgroup_empty_event(u);
2621
2622 return 0;
2623}
2624
2625int unit_enqueue_rewatch_pids(Unit *u) {
2626 int r;
2627
2628 assert(u);
2629
2630 if (!u->cgroup_path)
2631 return -ENOENT;
2632
2633 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
2634 if (r < 0)
2635 return r;
2636 if (r > 0) /* On unified we can use proper notifications */
2637 return 0;
2638
2639 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2640 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2641 * involves issuing kill(pid, 0) on all processes we watch. */
2642
2643 if (!u->rewatch_pids_event_source) {
2644 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
2645
2646 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
2647 if (r < 0)
2648 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
2649
2650 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
2651 if (r < 0)
28b77ab2 2652 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: %m");
50be4f4a
LP		 2653
2654 (void) sd_event_source_set_description(s, "tidy-watch-pids");
2655
2656 u->rewatch_pids_event_source = TAKE_PTR(s);
2657 }
2658
2659 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
2660 if (r < 0)
2661 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
2662
2663 return 0;
2664}
2665
2666void unit_dequeue_rewatch_pids(Unit *u) {
2667 int r;
2668 assert(u);
2669
2670 if (!u->rewatch_pids_event_source)
2671 return;
2672
2673 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
2674 if (r < 0)
2675 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2676
2677 u->rewatch_pids_event_source = sd_event_source_unref(u->rewatch_pids_event_source);
2678}
2679
87f0e418
LP		 2680bool unit_job_is_applicable(Unit *u, JobType j) {
2681 assert(u);
2682 assert(j >= 0 && j < _JOB_TYPE_MAX);
2683
2684 switch (j) {
2685
2686 case JOB_VERIFY_ACTIVE:
2687 case JOB_START:
e0209d83 2688 case JOB_NOP:
f5869324 2689 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
86b52a39 2690 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
f5869324 2691 * jobs for it. */
87f0e418
LP		 2692 return true;
2693
f5869324
LP		 2694 case JOB_STOP:
2695 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
86b52a39 2696 * external events), hence it makes no sense to permit enqueuing such a request either. */
f5869324
LP		 2697 return !u->perpetual;
2698
87f0e418
LP		 2699 case JOB_RESTART:
2700 case JOB_TRY_RESTART:
f5869324 2701 return unit_can_stop(u) && unit_can_start(u);
87f0e418
LP		 2702
2703 case JOB_RELOAD:
3282591d 2704 case JOB_TRY_RELOAD:
87f0e418
LP		 2705 return unit_can_reload(u);
2706
2707 case JOB_RELOAD_OR_START:
2708 return unit_can_reload(u) && unit_can_start(u);
2709
2710 default:
2711 assert_not_reached("Invalid job type");
2712 }
2713}
2714
f2341e0a
LP		 2715static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency) {
2716 assert(u);
d1fab3fe 2717
f2341e0a
LP		 2718 /* Only warn about some unit types */
2719 if (!IN_SET(dependency, UNIT_CONFLICTS, UNIT_CONFLICTED_BY, UNIT_BEFORE, UNIT_AFTER, UNIT_ON_FAILURE, UNIT_TRIGGERS, UNIT_TRIGGERED_BY))
2720 return;
3f3cc397 2721
f2341e0a
LP		 2722 if (streq_ptr(u->id, other))
2723 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
2724 else
2725 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other), u->id);
d1fab3fe
ZJS		 2726}
2727
eef85c4a
LP		 2728static int unit_add_dependency_hashmap(
2729 Hashmap **h,
2730 Unit *other,
2731 UnitDependencyMask origin_mask,
2732 UnitDependencyMask destination_mask) {
2733
2734 UnitDependencyInfo info;
2735 int r;
2736
2737 assert(h);
2738 assert(other);
2739 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
2740 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
2741 assert(origin_mask > 0 || destination_mask > 0);
2742
2743 r = hashmap_ensure_allocated(h, NULL);
2744 if (r < 0)
2745 return r;
2746
2747 assert_cc(sizeof(void*) == sizeof(info));
2748
2749 info.data = hashmap_get(*h, other);
2750 if (info.data) {
2751 /* Entry already exists. Add in our mask. */
2752
d94a24ca
ZJS		 2753 if (FLAGS_SET(origin_mask, info.origin_mask) &&
2754 FLAGS_SET(destination_mask, info.destination_mask))
eef85c4a
LP		 2755 return 0; /* NOP */
2756
2757 info.origin_mask |= origin_mask;
2758 info.destination_mask |= destination_mask;
2759
2760 r = hashmap_update(*h, other, info.data);
2761 } else {
2762 info = (UnitDependencyInfo) {
2763 .origin_mask = origin_mask,
2764 .destination_mask = destination_mask,
2765 };
2766
2767 r = hashmap_put(*h, other, info.data);
2768 }
2769 if (r < 0)
2770 return r;
2771
2772 return 1;
2773}
2774
2775int unit_add_dependency(
2776 Unit *u,
2777 UnitDependency d,
2778 Unit *other,
2779 bool add_reference,
2780 UnitDependencyMask mask) {
87f0e418
LP		 2781
2782 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
2783 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
87f0e418 2784 [UNIT_WANTS] = UNIT_WANTED_BY,
be7d9ff7 2785 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
7f2cddae 2786 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
60649f17 2787 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
be7d9ff7 2788 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
be7d9ff7 2789 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
be7d9ff7 2790 [UNIT_WANTED_BY] = UNIT_WANTS,
7f2cddae 2791 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
60649f17 2792 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
69dd2852
LP		 2793 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
2794 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
87f0e418 2795 [UNIT_BEFORE] = UNIT_AFTER,
701cc384 2796 [UNIT_AFTER] = UNIT_BEFORE,
5de9682c 2797 [UNIT_ON_FAILURE] = _UNIT_DEPENDENCY_INVALID,
701cc384 2798 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
57020a3a
LP		 2799 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
2800 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
4dcc1cb4 2801 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
7f2cddae 2802 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
85e9a101 2803 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
613b411c 2804 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF,
87f0e418 2805 };
eef85c4a
LP		 2806 Unit *original_u = u, *original_other = other;
2807 int r;
5177cb0a
RM		 2808 /* Helper to know whether sending a notification is necessary or not:
2809 * if the dependency is already there, no need to notify! */
2810 bool noop = true;
87f0e418
LP		 2811
2812 assert(u);
2813 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
87f0e418
LP		 2814 assert(other);
2815
9f151f29
LP		 2816 u = unit_follow_merge(u);
2817 other = unit_follow_merge(other);
2818
87f0e418
LP		 2819 /* We won't allow dependencies on ourselves. We will not
2820 * consider them an error however. */
d1fab3fe 2821 if (u == other) {
eef85c4a 2822 maybe_warn_about_dependency(original_u, original_other->id, d);
87f0e418 2823 return 0;
d1fab3fe 2824 }
87f0e418 2825
b862c257
FB		 2826 /* Note that ordering a device unit after a unit is permitted since it
2827 * allows to start its job running timeout at a specific time. */
2828 if (d == UNIT_BEFORE && other->type == UNIT_DEVICE) {
2829 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
c80a9a33
LP		 2830 return 0;
2831 }
2832
2833 if (d == UNIT_ON_FAILURE && !UNIT_VTABLE(u)->can_fail) {
2834 log_unit_warning(u, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other->id, unit_type_to_string(u->type));
2835 return 0;
2836 }
2837
2838 if (d == UNIT_TRIGGERS && !UNIT_VTABLE(u)->can_trigger)
2839 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
2840 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(u->type));
2841 if (d == UNIT_TRIGGERED_BY && !UNIT_VTABLE(other)->can_trigger)
2842 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
2843 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(other->type));
2844
eef85c4a 2845 r = unit_add_dependency_hashmap(u->dependencies + d, other, mask, 0);
613b411c 2846 if (r < 0)
87f0e418 2847 return r;
5177cb0a
RM		 2848 else if (r > 0)
2849 noop = false;
87f0e418 2850
eef85c4a
LP		 2851 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
2852 r = unit_add_dependency_hashmap(other->dependencies + inverse_table[d], u, 0, mask);
613b411c
LP		 2853 if (r < 0)
2854 return r;
5177cb0a
RM		 2855 else if (r > 0)
2856 noop = false;
613b411c
LP		 2857 }
2858
2859 if (add_reference) {
eef85c4a 2860 r = unit_add_dependency_hashmap(u->dependencies + UNIT_REFERENCES, other, mask, 0);
613b411c 2861 if (r < 0)
5de9682c 2862 return r;
5177cb0a
RM		 2863 else if (r > 0)
2864 noop = false;
5de9682c 2865
eef85c4a 2866 r = unit_add_dependency_hashmap(other->dependencies + UNIT_REFERENCED_BY, u, 0, mask);
613b411c 2867 if (r < 0)
701cc384 2868 return r;
5177cb0a
RM		 2869 else if (r > 0)
2870 noop = false;
613b411c 2871 }
87f0e418 2872
5177cb0a
RM		 2873 if (!noop)
2874 unit_add_to_dbus_queue(u);
87f0e418
LP		 2875 return 0;
2876}
0301abf4 2877
eef85c4a 2878int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
2c966c03
LP		 2879 int r;
2880
2881 assert(u);
2882
eef85c4a 2883 r = unit_add_dependency(u, d, other, add_reference, mask);
3f3cc397 2884 if (r < 0)
2c966c03
LP		 2885 return r;
2886
eef85c4a 2887 return unit_add_dependency(u, e, other, add_reference, mask);
2c966c03
LP		 2888}
2889
23e8c796 2890static int resolve_template(Unit *u, const char *name, char **buf, const char **ret) {
7410616c 2891 int r;
9e2f7c11
LP		 2892
2893 assert(u);
23e8c796 2894 assert(name);
7410616c
LP		 2895 assert(buf);
2896 assert(ret);
9e2f7c11 2897
7410616c
LP		 2898 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
2899 *buf = NULL;
2900 *ret = name;
2901 return 0;
9e2f7c11
LP		 2902 }
2903
ac155bb8 2904 if (u->instance)
7410616c 2905 r = unit_name_replace_instance(name, u->instance, buf);
9e2f7c11 2906 else {
ae018d9b 2907 _cleanup_free_ char *i = NULL;
9e2f7c11 2908
7410616c
LP		 2909 r = unit_name_to_prefix(u->id, &i);
2910 if (r < 0)
2911 return r;
9e2f7c11 2912
7410616c 2913 r = unit_name_replace_instance(name, i, buf);
9e2f7c11 2914 }
7410616c
LP		 2915 if (r < 0)
2916 return r;
9e2f7c11 2917
7410616c
LP		 2918 *ret = *buf;
2919 return 0;
9e2f7c11
LP		 2920}
2921
35d8c19a 2922int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 2923 _cleanup_free_ char *buf = NULL;
09b6b09f
LP		 2924 Unit *other;
2925 int r;
2926
9e2f7c11 2927 assert(u);
35d8c19a 2928 assert(name);
09b6b09f 2929
23e8c796 2930 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 2931 if (r < 0)
2932 return r;
09b6b09f 2933
35d8c19a 2934 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
8afbb8e1
LP		 2935 if (r < 0)
2936 return r;
9e2f7c11 2937
eef85c4a 2938 return unit_add_dependency(u, d, other, add_reference, mask);
09b6b09f
LP		 2939}
2940
5a724170 2941int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 2942 _cleanup_free_ char *buf = NULL;
2c966c03
LP		 2943 Unit *other;
2944 int r;
2c966c03
LP		 2945
2946 assert(u);
5a724170 2947 assert(name);
2c966c03 2948
23e8c796 2949 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 2950 if (r < 0)
2951 return r;
2c966c03 2952
5a724170 2953 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3f3cc397 2954 if (r < 0)
68eda4bd 2955 return r;
2c966c03 2956
eef85c4a 2957 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2c966c03
LP		 2958}
2959
0301abf4 2960int set_unit_path(const char *p) {
0301abf4 2961 /* This is mostly for debug purposes */
cbe46ead 2962 if (setenv("SYSTEMD_UNIT_PATH", p, 1) < 0)
26d04f86 2963 return -errno;
0301abf4
LP		 2964
2965 return 0;
2966}
88066b3a 2967
ea430986 2968char *unit_dbus_path(Unit *u) {
ea430986
LP		 2969 assert(u);
2970
ac155bb8 2971 if (!u->id)
04ade7d2
LP		 2972 return NULL;
2973
48899192 2974 return unit_dbus_path_from_name(u->id);
ea430986
LP		 2975}
2976
4b58153d
LP		 2977char *unit_dbus_path_invocation_id(Unit *u) {
2978 assert(u);
2979
2980 if (sd_id128_is_null(u->invocation_id))
2981 return NULL;
2982
2983 return unit_dbus_path_from_name(u->invocation_id_string);
2984}
2985
2d3b784d 2986int unit_set_invocation_id(Unit *u, sd_id128_t id) {
db868d45
ZJS		 2987 int r;
2988
2989 assert(u);
2990
2991 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
2992
2993 if (sd_id128_equal(u->invocation_id, id))
2994 return 0;
2995
2996 if (!sd_id128_is_null(u->invocation_id))
2997 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
2998
2999 if (sd_id128_is_null(id)) {
3000 r = 0;
3001 goto reset;
3002 }
3003
3004 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
3005 if (r < 0)
3006 goto reset;
3007
3008 u->invocation_id = id;
3009 sd_id128_to_string(id, u->invocation_id_string);
3010
3011 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
3012 if (r < 0)
3013 goto reset;
3014
3015 return 0;
3016
3017reset:
3018 u->invocation_id = SD_ID128_NULL;
3019 u->invocation_id_string[0] = 0;
3020 return r;
3021}
3022
d79200e2
LP		 3023int unit_set_slice(Unit *u, Unit *slice) {
3024 assert(u);
3025 assert(slice);
3026
3027 /* Sets the unit slice if it has not been set before. Is extra
3028 * careful, to only allow this for units that actually have a
3029 * cgroup context. Also, we don't allow to set this for slices
3030 * (since the parent slice is derived from the name). Make
3031 * sure the unit we set is actually a slice. */
3032
3033 if (!UNIT_HAS_CGROUP_CONTEXT(u))
3034 return -EOPNOTSUPP;
3035
3036 if (u->type == UNIT_SLICE)
3037 return -EINVAL;
3038
102ef982
LP		 3039 if (unit_active_state(u) != UNIT_INACTIVE)
3040 return -EBUSY;
3041
d79200e2
LP		 3042 if (slice->type != UNIT_SLICE)
3043 return -EINVAL;
3044
efdb0237
LP		 3045 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3046 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3047 return -EPERM;
3048
d79200e2
LP		 3049 if (UNIT_DEREF(u->slice) == slice)
3050 return 0;
3051
99e66921
TH		 3052 /* Disallow slice changes if @u is already bound to cgroups */
3053 if (UNIT_ISSET(u->slice) && u->cgroup_realized)
d79200e2
LP		 3054 return -EBUSY;
3055
7f7d01ed 3056 unit_ref_set(&u->slice, u, slice);
d79200e2
LP		 3057 return 1;
3058}
3059
3060int unit_set_default_slice(Unit *u) {
a8833944 3061 const char *slice_name;
a016b922
LP		 3062 Unit *slice;
3063 int r;
3064
3065 assert(u);
3066
9444b1f2 3067 if (UNIT_ISSET(u->slice))
a016b922
LP		 3068 return 0;
3069
a8833944
LP		 3070 if (u->instance) {
3071 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
68eda4bd 3072
a8833944
LP		 3073 /* Implicitly place all instantiated units in their
3074 * own per-template slice */
3075
7410616c
LP		 3076 r = unit_name_to_prefix(u->id, &prefix);
3077 if (r < 0)
3078 return r;
a8833944
LP		 3079
3080 /* The prefix is already escaped, but it might include
3081 * "-" which has a special meaning for slice units,
3082 * hence escape it here extra. */
7410616c 3083 escaped = unit_name_escape(prefix);
a8833944
LP		 3084 if (!escaped)
3085 return -ENOMEM;
3086
463d0d15 3087 if (MANAGER_IS_SYSTEM(u->manager))
00e7b3c8 3088 slice_name = strjoina("system-", escaped, ".slice");
a8833944 3089 else
7f3b86a4 3090 slice_name = strjoina("app-", escaped, ".slice");
5ee24fa0
ZJS		 3091
3092 } else if (unit_is_extrinsic(u))
3093 /* Keep all extrinsic units (e.g. perpetual units and swap and mount units in user mode) in
3094 * the root slice. They don't really belong in one of the subslices. */
3095 slice_name = SPECIAL_ROOT_SLICE;
3096
3097 else if (MANAGER_IS_SYSTEM(u->manager))
3098 slice_name = SPECIAL_SYSTEM_SLICE;
3099 else
3100 slice_name = SPECIAL_APP_SLICE;
a8833944
LP		 3101
3102 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
a016b922
LP		 3103 if (r < 0)
3104 return r;
3105
d79200e2 3106 return unit_set_slice(u, slice);
a016b922
LP		 3107}
3108
9444b1f2
LP		 3109const char *unit_slice_name(Unit *u) {
3110 assert(u);
3111
3112 if (!UNIT_ISSET(u->slice))
3113 return NULL;
3114
3115 return UNIT_DEREF(u->slice)->id;
3116}
3117
f6ff8c29 3118int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
78edb35a 3119 _cleanup_free_ char *t = NULL;
f6ff8c29
LP		 3120 int r;
3121
3122 assert(u);
3123 assert(type);
3124 assert(_found);
3125
7410616c
LP		 3126 r = unit_name_change_suffix(u->id, type, &t);
3127 if (r < 0)
3128 return r;
3129 if (unit_has_name(u, t))
3130 return -EINVAL;
f6ff8c29 3131
ac155bb8 3132 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
9e2f7c11 3133 assert(r < 0 || *_found != u);
f6ff8c29
LP		 3134 return r;
3135}
3136
bbc29086 3137static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
fc67a943 3138 const char *new_owner;
bbc29086
DM		 3139 Unit *u = userdata;
3140 int r;
3141
3142 assert(message);
3143 assert(u);
3144
fc67a943 3145 r = sd_bus_message_read(message, "sss", NULL, NULL, &new_owner);
bbc29086
DM		 3146 if (r < 0) {
3147 bus_log_parse_error(r);
3148 return 0;
3149 }
3150
3151 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3152 UNIT_VTABLE(u)->bus_name_owner_change(u, empty_to_null(new_owner));
a5a8776a
MJ		 3153
3154 return 0;
3155}
3156
3157static int get_name_owner_handler(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3158 const sd_bus_error *e;
3159 const char *new_owner;
3160 Unit *u = userdata;
3161 int r;
3162
3163 assert(message);
3164 assert(u);
3165
3166 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3167
a5a8776a 3168 e = sd_bus_message_get_error(message);
a5a8776a 3169 if (e) {
a54654ba
LP		 3170 if (!sd_bus_error_has_name(e, "org.freedesktop.DBus.Error.NameHasNoOwner"))
3171 log_unit_error(u, "Unexpected error response from GetNameOwner(): %s", e->message);
a5a8776a 3172
fc67a943
LP		 3173 new_owner = NULL;
3174 } else {
3175 r = sd_bus_message_read(message, "s", &new_owner);
3176 if (r < 0)
3177 return bus_log_parse_error(r);
a5a8776a 3178
fc67a943
LP		 3179 assert(!isempty(new_owner));
3180 }
a5a8776a
MJ		 3181
3182 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3183 UNIT_VTABLE(u)->bus_name_owner_change(u, new_owner);
bbc29086
DM		 3184
3185 return 0;
3186}
3187
9806e87d
LP		 3188int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3189 const char *match;
a5b07847 3190 int r;
bbc29086 3191
9806e87d
LP		 3192 assert(u);
3193 assert(bus);
3194 assert(name);
bbc29086 3195
a5b07847 3196 if (u->match_bus_slot || u->get_name_owner_slot)
bbc29086
DM		 3197 return -EBUSY;
3198
9806e87d 3199 match = strjoina("type='signal',"
81d62103
ZJS		 3200 "sender='org.freedesktop.DBus',"
3201 "path='/org/freedesktop/DBus',"
3202 "interface='org.freedesktop.DBus',"
3203 "member='NameOwnerChanged',"
3204 "arg0='", name, "'");
bbc29086 3205
a5b07847 3206 r = sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
a5a8776a
MJ		 3207 if (r < 0)
3208 return r;
3209
a5b07847
LP		 3210 r = sd_bus_call_method_async(
3211 bus,
3212 &u->get_name_owner_slot,
3213 "org.freedesktop.DBus",
3214 "/org/freedesktop/DBus",
3215 "org.freedesktop.DBus",
3216 "GetNameOwner",
3217 get_name_owner_handler,
3218 u,
3219 "s", name);
3220 if (r < 0) {
3221 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3222 return r;
3223 }
3224
3225 log_unit_debug(u, "Watching D-Bus name '%s'.", name);
3226 return 0;
bbc29086
DM		 3227}
3228
05e343b7 3229int unit_watch_bus_name(Unit *u, const char *name) {
bbc29086
DM		 3230 int r;
3231
05e343b7
LP		 3232 assert(u);
3233 assert(name);
3234
3235 /* Watch a specific name on the bus. We only support one unit
3236 * watching each name for now. */
3237
bbc29086
DM		 3238 if (u->manager->api_bus) {
3239 /* If the bus is already available, install the match directly.
3240 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
9806e87d 3241 r = unit_install_bus_match(u, u->manager->api_bus, name);
bbc29086 3242 if (r < 0)
8ea823b6 3243 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
bbc29086
DM		 3244 }
3245
3246 r = hashmap_put(u->manager->watch_bus, name, u);
3247 if (r < 0) {
3248 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5b07847 3249 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
bbc29086
DM		 3250 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3251 }
3252
3253 return 0;
05e343b7
LP		 3254}
3255
3256void unit_unwatch_bus_name(Unit *u, const char *name) {
3257 assert(u);
3258 assert(name);
3259
8367fea5 3260 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
bbc29086 3261 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5a8776a 3262 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
05e343b7
LP		 3263}
3264
a16e1123
LP		 3265bool unit_can_serialize(Unit *u) {
3266 assert(u);
3267
3268 return UNIT_VTABLE(u)->serialize && UNIT_VTABLE(u)->deserialize_item;
3269}
3270
d336ba9f 3271int unit_add_node_dependency(Unit *u, const char *what, UnitDependency dep, UnitDependencyMask mask) {
68eda4bd 3272 _cleanup_free_ char *e = NULL;
44b0d1fd 3273 Unit *device;
6e2ef85b
LP		 3274 int r;
3275
3276 assert(u);
3277
6e2ef85b 3278 /* Adds in links to the device node that this unit is based on */
47bc12e1
LP		 3279 if (isempty(what))
3280 return 0;
6e2ef85b 3281
8407a5d0 3282 if (!is_device_path(what))
6e2ef85b
LP		 3283 return 0;
3284
44b0d1fd 3285 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
1c2e9646 3286 if (!unit_type_supported(UNIT_DEVICE))
47bc12e1
LP		 3287 return 0;
3288
7410616c
LP		 3289 r = unit_name_from_path(what, ".device", &e);
3290 if (r < 0)
3291 return r;
6e2ef85b 3292
ac155bb8 3293 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
6e2ef85b
LP		 3294 if (r < 0)
3295 return r;
3296
ebc8968b
FB		 3297 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3298 dep = UNIT_BINDS_TO;
3299
d336ba9f
FB		 3300 return unit_add_two_dependencies(u, UNIT_AFTER,
3301 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3302 device, true, mask);
6e2ef85b 3303}
a16e1123 3304
44b0d1fd
LP		 3305int unit_add_blockdev_dependency(Unit *u, const char *what, UnitDependencyMask mask) {
3306 _cleanup_free_ char *escaped = NULL, *target = NULL;
3307 int r;
3308
3309 assert(u);
3310
3311 if (isempty(what))
3312 return 0;
3313
3314 if (!path_startswith(what, "/dev/"))
3315 return 0;
3316
3317 /* If we don't support devices, then also don't bother with blockdev@.target */
3318 if (!unit_type_supported(UNIT_DEVICE))
3319 return 0;
3320
3321 r = unit_name_path_escape(what, &escaped);
3322 if (r < 0)
3323 return r;
3324
3325 r = unit_name_build("blockdev", escaped, ".target", &target);
3326 if (r < 0)
3327 return r;
3328
3329 return unit_add_dependency_by_name(u, UNIT_AFTER, target, true, mask);
3330}
3331
be847e82 3332int unit_coldplug(Unit *u) {
05a98afd
LP		 3333 int r = 0, q;
3334 char **i;
b49e14d5 3335 Job *uj;
cca098b0
LP		 3336
3337 assert(u);
3338
f0831ed2 3339 /* Make sure we don't enter a loop, when coldplugging recursively. */
f78f265f
LP		 3340 if (u->coldplugged)
3341 return 0;
3342
3343 u->coldplugged = true;
3344
05a98afd
LP		 3345 STRV_FOREACH(i, u->deserialized_refs) {
3346 q = bus_unit_track_add_name(u, *i);
3347 if (q < 0 && r >= 0)
3348 r = q;
3349 }
3350 u->deserialized_refs = strv_free(u->deserialized_refs);
cca098b0 3351
05a98afd
LP		 3352 if (UNIT_VTABLE(u)->coldplug) {
3353 q = UNIT_VTABLE(u)->coldplug(u);
3354 if (q < 0 && r >= 0)
3355 r = q;
3356 }
5a6158b6 3357
b49e14d5 3358 uj = u->job ?: u->nop_job;
3359 if (uj) {
3360 q = job_coldplug(uj);
05a98afd
LP		 3361 if (q < 0 && r >= 0)
3362 r = q;
3363 }
cca098b0 3364
05a98afd 3365 return r;
cca098b0
LP		 3366}
3367
f0831ed2
LP		 3368void unit_catchup(Unit *u) {
3369 assert(u);
3370
3371 if (UNIT_VTABLE(u)->catchup)
3372 UNIT_VTABLE(u)->catchup(u);
3373}
3374
ba25d39e 3375static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
21b95806
ZJS		 3376 struct stat st;
3377
3378 if (!path)
3379 return false;
3380
77969722
LP		 3381 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3382 * are never out-of-date. */
3383 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3384 return false;
3385
21b95806
ZJS		 3386 if (stat(path, &st) < 0)
3387 /* What, cannot access this anymore? */
3388 return true;
3389
ba25d39e
ZJS		 3390 if (path_masked)
3391 /* For masked files check if they are still so */
3392 return !null_or_empty(&st);
3393 else
3a8db9fe 3394 /* For non-empty files check the mtime */
87ec20ef 3395 return timespec_load(&st.st_mtim) > mtime;
21b95806
ZJS		 3396
3397 return false;
3398}
3399
45fb0699 3400bool unit_need_daemon_reload(Unit *u) {
ae7a7182
OS		 3401 _cleanup_strv_free_ char **t = NULL;
3402 char **path;
1b64d026 3403
45fb0699
LP		 3404 assert(u);
3405
ba25d39e
ZJS		 3406 /* For unit files, we allow masking… */
3407 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3408 u->load_state == UNIT_MASKED))
21b95806 3409 return true;
5f4b19f4 3410
ba25d39e
ZJS		 3411 /* Source paths should not be masked… */
3412 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
ab932a62 3413 return true;
ae7a7182 3414
19a44dfe
LR		 3415 if (u->load_state == UNIT_LOADED)
3416 (void) unit_find_dropin_paths(u, &t);
ab932a62
LP		 3417 if (!strv_equal(u->dropin_paths, t))
3418 return true;
6d10d308 3419
ba25d39e 3420 /* … any drop-ins that are masked are simply omitted from the list. */
ab932a62 3421 STRV_FOREACH(path, u->dropin_paths)
ba25d39e 3422 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
ab932a62 3423 return true;
21b95806 3424
ab932a62 3425 return false;
45fb0699
LP		 3426}
3427
fdf20a31 3428void unit_reset_failed(Unit *u) {
5632e374
LP		 3429 assert(u);
3430
fdf20a31
MM		 3431 if (UNIT_VTABLE(u)->reset_failed)
3432 UNIT_VTABLE(u)->reset_failed(u);
6bf0f408 3433
7bf081a1 3434 ratelimit_reset(&u->start_ratelimit);
6bf0f408 3435 u->start_limit_hit = false;
5632e374
LP		 3436}
3437
a7f241db
LP		 3438Unit *unit_following(Unit *u) {
3439 assert(u);
3440
3441 if (UNIT_VTABLE(u)->following)
3442 return UNIT_VTABLE(u)->following(u);
3443
3444 return NULL;
3445}
3446
31afa0a4 3447bool unit_stop_pending(Unit *u) {
18ffdfda
LP		 3448 assert(u);
3449
31afa0a4
LP		 3450 /* This call does check the current state of the unit. It's
3451 * hence useful to be called from state change calls of the
3452 * unit itself, where the state isn't updated yet. This is
3453 * different from unit_inactive_or_pending() which checks both
3454 * the current state and for a queued job. */
18ffdfda 3455
28a2dfe8 3456 return unit_has_job_type(u, JOB_STOP);
31afa0a4
LP		 3457}
3458
3459bool unit_inactive_or_pending(Unit *u) {
3460 assert(u);
3461
3462 /* Returns true if the unit is inactive or going down */
18ffdfda 3463
d956ac29
LP		 3464 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3465 return true;
3466
31afa0a4 3467 if (unit_stop_pending(u))
18ffdfda
LP		 3468 return true;
3469
3470 return false;
3471}
3472
31afa0a4 3473bool unit_active_or_pending(Unit *u) {
f976f3f6
LP		 3474 assert(u);
3475
f60c2665 3476 /* Returns true if the unit is active or going up */
f976f3f6
LP		 3477
3478 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3479 return true;
3480
ac155bb8 3481 if (u->job &&
3742095b 3482 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
f976f3f6
LP		 3483 return true;
3484
3485 return false;
3486}
3487
52a12341
YW		 3488bool unit_will_restart_default(Unit *u) {
3489 assert(u);
3490
28a2dfe8 3491 return unit_has_job_type(u, JOB_START);
52a12341
YW		 3492}
3493
deb4e708
MK		 3494bool unit_will_restart(Unit *u) {
3495 assert(u);
3496
3497 if (!UNIT_VTABLE(u)->will_restart)
3498 return false;
3499
3500 return UNIT_VTABLE(u)->will_restart(u);
3501}
3502
718db961 3503int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
8a0867d6
LP		 3504 assert(u);
3505 assert(w >= 0 && w < _KILL_WHO_MAX);
6eb7c172 3506 assert(SIGNAL_VALID(signo));
8a0867d6 3507
8a0867d6 3508 if (!UNIT_VTABLE(u)->kill)
15411c0c 3509 return -EOPNOTSUPP;
8a0867d6 3510
c74f17d9 3511 return UNIT_VTABLE(u)->kill(u, w, signo, error);
8a0867d6
LP		 3512}
3513
82659fd7 3514static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
af4fa99d 3515 _cleanup_set_free_ Set *pid_set = NULL;
82659fd7
LP		 3516 int r;
3517
d5099efc 3518 pid_set = set_new(NULL);
82659fd7
LP		 3519 if (!pid_set)
3520 return NULL;
3521
3522 /* Exclude the main/control pids from being killed via the cgroup */
3523 if (main_pid > 0) {
fea72cc0 3524 r = set_put(pid_set, PID_TO_PTR(main_pid));
82659fd7 3525 if (r < 0)
95f14a3e 3526 return NULL;
82659fd7
LP		 3527 }
3528
3529 if (control_pid > 0) {
fea72cc0 3530 r = set_put(pid_set, PID_TO_PTR(control_pid));
82659fd7 3531 if (r < 0)
95f14a3e 3532 return NULL;
82659fd7
LP		 3533 }
3534
95f14a3e 3535 return TAKE_PTR(pid_set);
82659fd7
LP		 3536}
3537
d9911002
LP		 3538static int kill_common_log(pid_t pid, int signo, void *userdata) {
3539 _cleanup_free_ char *comm = NULL;
3540 Unit *u = userdata;
3541
3542 assert(u);
3543
3544 (void) get_process_comm(pid, &comm);
3545 log_unit_info(u, "Sending signal SIG%s to process " PID_FMT " (%s) on client request.",
3546 signal_to_string(signo), pid, strna(comm));
3547
3548 return 1;
3549}
3550
d91c34f2
LP		 3551int unit_kill_common(
3552 Unit *u,
3553 KillWho who,
3554 int signo,
3555 pid_t main_pid,
3556 pid_t control_pid,
718db961 3557 sd_bus_error *error) {
d91c34f2 3558
814cc562 3559 int r = 0;
ac5e3a50 3560 bool killed = false;
814cc562 3561
8aff7ac4
LP		 3562 /* This is the common implementation for explicit user-requested killing of unit processes, shared by
3563 * various unit types. Do not confuse with unit_kill_context(), which is what we use when we want to
3564 * stop a service ourselves. */
3565
ac5e3a50 3566 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
814cc562 3567 if (main_pid < 0)
7358dc02 3568 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
8aff7ac4 3569 if (main_pid == 0)
7358dc02 3570 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
814cc562
MS		 3571 }
3572
ac5e3a50 3573 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
814cc562 3574 if (control_pid < 0)
7358dc02 3575 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
8aff7ac4 3576 if (control_pid == 0)
7358dc02 3577 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
814cc562
MS		 3578 }
3579
ac5e3a50
JS		 3580 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
3581 if (control_pid > 0) {
d9911002
LP		 3582 _cleanup_free_ char *comm = NULL;
3583 (void) get_process_comm(control_pid, &comm);
3584
3585 if (kill(control_pid, signo) < 0) {
3586 /* Report this failure both to the logs and to the client */
3587 sd_bus_error_set_errnof(
3588 error, errno,
3589 "Failed to send signal SIG%s to control process " PID_FMT " (%s): %m",
3590 signal_to_string(signo), control_pid, strna(comm));
3591 r = log_unit_warning_errno(
3592 u, errno,
3593 "Failed to send signal SIG%s to control process " PID_FMT " (%s) on client request: %m",
3594 signal_to_string(signo), control_pid, strna(comm));
3595 } else {
3596 log_unit_info(u, "Sent signal SIG%s to control process " PID_FMT " (%s) on client request.",
3597 signal_to_string(signo), control_pid, strna(comm));
ac5e3a50 3598 killed = true;
d9911002 3599 }
ac5e3a50 3600 }
814cc562 3601
ac5e3a50
JS		 3602 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
3603 if (main_pid > 0) {
d9911002
LP		 3604 _cleanup_free_ char *comm = NULL;
3605 (void) get_process_comm(main_pid, &comm);
3606
3607 if (kill(main_pid, signo) < 0) {
3608 if (r == 0)
3609 sd_bus_error_set_errnof(
3610 error, errno,
3611 "Failed to send signal SIG%s to main process " PID_FMT " (%s): %m",
3612 signal_to_string(signo), main_pid, strna(comm));
3613
3614 r = log_unit_warning_errno(
3615 u, errno,
3616 "Failed to send signal SIG%s to main process " PID_FMT " (%s) on client request: %m",
3617 signal_to_string(signo), main_pid, strna(comm));
3618 } else {
3619 log_unit_info(u, "Sent signal SIG%s to main process " PID_FMT " (%s) on client request.",
3620 signal_to_string(signo), main_pid, strna(comm));
ac5e3a50 3621 killed = true;
d9911002 3622 }
ac5e3a50 3623 }
814cc562 3624
ac5e3a50 3625 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
814cc562
MS		 3626 _cleanup_set_free_ Set *pid_set = NULL;
3627 int q;
3628
82659fd7
LP		 3629 /* Exclude the main/control pids from being killed via the cgroup */
3630 pid_set = unit_pid_set(main_pid, control_pid);
814cc562 3631 if (!pid_set)
d9911002
LP		 3632 return log_oom();
3633
3634 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, kill_common_log, u);
3635 if (q < 0) {
3636 if (!IN_SET(q, -ESRCH, -ENOENT)) {
3637 if (r == 0)
3638 sd_bus_error_set_errnof(
3639 error, q,
3640 "Failed to send signal SIG%s to auxiliary processes: %m",
3641 signal_to_string(signo));
3642
3643 r = log_unit_warning_errno(
3644 u, q,
3645 "Failed to send signal SIG%s to auxiliary processes on client request: %m",
3646 signal_to_string(signo));
3647 }
3648 } else
ac5e3a50 3649 killed = true;
814cc562
MS		 3650 }
3651
2ae0508e
LP		 3652 /* If the "fail" versions of the operation are requested, then complain if the set of processes we killed is empty */
3653 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL, KILL_MAIN_FAIL))
3654 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No matching processes to kill");
ac5e3a50 3655
814cc562
MS		 3656 return r;
3657}
3658
6210e7fc
LP		 3659int unit_following_set(Unit *u, Set **s) {
3660 assert(u);
3661 assert(s);
3662
3663 if (UNIT_VTABLE(u)->following_set)
3664 return UNIT_VTABLE(u)->following_set(u, s);
3665
3666 *s = NULL;
3667 return 0;
3668}
3669
a4375746 3670UnitFileState unit_get_unit_file_state(Unit *u) {
0ec0deaa
LP		 3671 int r;
3672
a4375746
LP		 3673 assert(u);
3674
0ec0deaa
LP		 3675 if (u->unit_file_state < 0 && u->fragment_path) {
3676 r = unit_file_get_state(
463d0d15 3677 u->manager->unit_file_scope,
0ec0deaa 3678 NULL,
9ea3a0e7 3679 u->id,
0ec0deaa
LP		 3680 &u->unit_file_state);
3681 if (r < 0)
3682 u->unit_file_state = UNIT_FILE_BAD;
3683 }
a4375746 3684
ac155bb8 3685 return u->unit_file_state;
a4375746
LP		 3686}
3687
d2dc52db
LP		 3688int unit_get_unit_file_preset(Unit *u) {
3689 assert(u);
3690
3691 if (u->unit_file_preset < 0 && u->fragment_path)
3692 u->unit_file_preset = unit_file_query_preset(
463d0d15 3693 u->manager->unit_file_scope,
0ec0deaa 3694 NULL,
8f7b2566
ZJS		 3695 basename(u->fragment_path),
3696 NULL);
d2dc52db
LP		 3697
3698 return u->unit_file_preset;
3699}
3700
7f7d01ed 3701Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
57020a3a 3702 assert(ref);
7f7d01ed
ZJS		 3703 assert(source);
3704 assert(target);
57020a3a 3705
7f7d01ed 3706 if (ref->target)
57020a3a
LP		 3707 unit_ref_unset(ref);
3708
7f7d01ed
ZJS		 3709 ref->source = source;
3710 ref->target = target;
3711 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
3712 return target;
57020a3a
LP		 3713}
3714
3715void unit_ref_unset(UnitRef *ref) {
3716 assert(ref);
3717
7f7d01ed 3718 if (!ref->target)
57020a3a
LP		 3719 return;
3720
b75102e5
LP		 3721 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
3722 * be unreferenced now. */
7f7d01ed 3723 unit_add_to_gc_queue(ref->target);
b75102e5 3724
7f7d01ed
ZJS		 3725 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
3726 ref->source = ref->target = NULL;
57020a3a
LP		 3727}
3728
29206d46
LP		 3729static int user_from_unit_name(Unit *u, char **ret) {
3730
3731 static const uint8_t hash_key[] = {
3732 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
3733 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
3734 };
3735
3736 _cleanup_free_ char *n = NULL;
3737 int r;
3738
3739 r = unit_name_to_prefix(u->id, &n);
3740 if (r < 0)
3741 return r;
3742
7a8867ab 3743 if (valid_user_group_name(n, 0)) {
ae2a15bc 3744 *ret = TAKE_PTR(n);
29206d46
LP		 3745 return 0;
3746 }
3747
3748 /* If we can't use the unit name as a user name, then let's hash it and use that */
3749 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
3750 return -ENOMEM;
3751
3752 return 0;
3753}
3754
598459ce
LP		 3755int unit_patch_contexts(Unit *u) {
3756 CGroupContext *cc;
3757 ExecContext *ec;
cba6e062
LP		 3758 int r;
3759
e06c73cc 3760 assert(u);
e06c73cc 3761
598459ce
LP		 3762 /* Patch in the manager defaults into the exec and cgroup
3763 * contexts, _after_ the rest of the settings have been
3764 * initialized */
085afe36 3765
598459ce
LP		 3766 ec = unit_get_exec_context(u);
3767 if (ec) {
3768 /* This only copies in the ones that need memory */
12375b95 3769 for (unsigned i = 0; i < _RLIMIT_MAX; i++)
598459ce
LP		 3770 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
3771 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
3772 if (!ec->rlimit[i])
3773 return -ENOMEM;
3774 }
3775
463d0d15 3776 if (MANAGER_IS_USER(u->manager) &&
598459ce
LP		 3777 !ec->working_directory) {
3778
3779 r = get_home_dir(&ec->working_directory);
3780 if (r < 0)
3781 return r;
4c08c824
LP		 3782
3783 /* Allow user services to run, even if the
3784 * home directory is missing */
3785 ec->working_directory_missing_ok = true;
cba6e062
LP		 3786 }
3787
598459ce 3788 if (ec->private_devices)
2cd0a735 3789 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
502d704e
DH		 3790
3791 if (ec->protect_kernel_modules)
3792 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
29206d46 3793
84703040
KK		 3794 if (ec->protect_kernel_logs)
3795 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYSLOG);
3796
fc64760d
KK		 3797 if (ec->protect_clock)
3798 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_SYS_TIME) | (UINT64_C(1) << CAP_WAKE_ALARM));
3799
29206d46
LP		 3800 if (ec->dynamic_user) {
3801 if (!ec->user) {
3802 r = user_from_unit_name(u, &ec->user);
3803 if (r < 0)
3804 return r;
3805 }
3806
3807 if (!ec->group) {
3808 ec->group = strdup(ec->user);
3809 if (!ec->group)
3810 return -ENOMEM;
3811 }
3812
bf65b7e0
LP		 3813 /* If the dynamic user option is on, let's make sure that the unit can't leave its
3814 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
3815 * sandbox. */
63bb64a0 3816
29206d46 3817 ec->private_tmp = true;
00d9ef85 3818 ec->remove_ipc = true;
63bb64a0
LP		 3819 ec->protect_system = PROTECT_SYSTEM_STRICT;
3820 if (ec->protect_home == PROTECT_HOME_NO)
3821 ec->protect_home = PROTECT_HOME_READ_ONLY;
bf65b7e0
LP		 3822
3823 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
3824 * them. */
3825 ec->no_new_privileges = true;
3826 ec->restrict_suid_sgid = true;
29206d46 3827 }
cba6e062
LP		 3828 }
3829
598459ce 3830 cc = unit_get_cgroup_context(u);
fe65e88b 3831 if (cc && ec) {
f513e420 3832
fe65e88b 3833 if (ec->private_devices &&
084870f9
ZJS		 3834 cc->device_policy == CGROUP_DEVICE_POLICY_AUTO)
3835 cc->device_policy = CGROUP_DEVICE_POLICY_CLOSED;
fe65e88b 3836
b3d13314 3837 if ((ec->root_image || !LIST_IS_EMPTY(ec->mount_images)) &&
084870f9 3838 (cc->device_policy != CGROUP_DEVICE_POLICY_AUTO || cc->device_allow)) {
0cffae95 3839 const char *p;
fe65e88b 3840
b3d13314 3841 /* When RootImage= or MountImages= is specified, the following devices are touched. */
0cffae95
LB		 3842 FOREACH_STRING(p, "/dev/loop-control", "/dev/mapper/control") {
3843 r = cgroup_add_device_allow(cc, p, "rw");
3844 if (r < 0)
3845 return r;
3846 }
3847 FOREACH_STRING(p, "block-loop", "block-blkext", "block-device-mapper") {
3848 r = cgroup_add_device_allow(cc, p, "rwm");
3849 if (r < 0)
3850 return r;
3851 }
867af728 3852
0cffae95
LB		 3853 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices.
3854 * Same for mapper and verity. */
3855 FOREACH_STRING(p, "modprobe@loop.service", "modprobe@dm_mod.service", "modprobe@dm_verity.service") {
3856 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, p, true, UNIT_DEPENDENCY_FILE);
3857 if (r < 0)
3858 return r;
3859 }
fe65e88b 3860 }
fc64760d
KK		 3861
3862 if (ec->protect_clock) {
3863 r = cgroup_add_device_allow(cc, "char-rtc", "r");
3864 if (r < 0)
3865 return r;
3866 }
598459ce 3867 }
f1660f96 3868
cba6e062 3869 return 0;
e06c73cc
LP		 3870}
3871
3ef63c31
LP		 3872ExecContext *unit_get_exec_context(Unit *u) {
3873 size_t offset;
3874 assert(u);
3875
598459ce
LP		 3876 if (u->type < 0)
3877 return NULL;
3878
3ef63c31
LP		 3879 offset = UNIT_VTABLE(u)->exec_context_offset;
3880 if (offset <= 0)
3881 return NULL;
3882
3883 return (ExecContext*) ((uint8_t*) u + offset);
3884}
3885
718db961
LP		 3886KillContext *unit_get_kill_context(Unit *u) {
3887 size_t offset;
3888 assert(u);
3889
598459ce
LP		 3890 if (u->type < 0)
3891 return NULL;
3892
718db961
LP		 3893 offset = UNIT_VTABLE(u)->kill_context_offset;
3894 if (offset <= 0)
3895 return NULL;
3896
3897 return (KillContext*) ((uint8_t*) u + offset);
3898}
3899
4ad49000
LP		 3900CGroupContext *unit_get_cgroup_context(Unit *u) {
3901 size_t offset;
3902
598459ce
LP		 3903 if (u->type < 0)
3904 return NULL;
3905
4ad49000
LP		 3906 offset = UNIT_VTABLE(u)->cgroup_context_offset;
3907 if (offset <= 0)
3908 return NULL;
3909
3910 return (CGroupContext*) ((uint8_t*) u + offset);
3911}
3912
613b411c
LP		 3913ExecRuntime *unit_get_exec_runtime(Unit *u) {
3914 size_t offset;
3915
598459ce
LP		 3916 if (u->type < 0)
3917 return NULL;
3918
613b411c
LP		 3919 offset = UNIT_VTABLE(u)->exec_runtime_offset;
3920 if (offset <= 0)
3921 return NULL;
3922
3923 return *(ExecRuntime**) ((uint8_t*) u + offset);
3924}
3925
2e59b241 3926static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
3f5e8115
LP		 3927 assert(u);
3928
2e59b241 3929 if (UNIT_WRITE_FLAGS_NOOP(flags))
4f4afc88
LP		 3930 return NULL;
3931
39591351
LP		 3932 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
3933 return u->manager->lookup_paths.transient;
26d04f86 3934
2e59b241 3935 if (flags & UNIT_PERSISTENT)
4f4afc88 3936 return u->manager->lookup_paths.persistent_control;
26d04f86 3937
2e59b241
LP		 3938 if (flags & UNIT_RUNTIME)
3939 return u->manager->lookup_paths.runtime_control;
3940
39591351 3941 return NULL;
71645aca
LP		 3942}
3943
2e59b241
LP		 3944char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
3945 char *ret = NULL;
3946
3947 if (!s)
3948 return NULL;
3949
3950 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
3951 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
3952 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
3953 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
3954 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
3955 * allocations. */
3956
3957 if (flags & UNIT_ESCAPE_SPECIFIERS) {
3958 ret = specifier_escape(s);
3959 if (!ret)
3960 return NULL;
3961
3962 s = ret;
3963 }
3964
3965 if (flags & UNIT_ESCAPE_C) {
3966 char *a;
3967
3968 a = cescape(s);
3969 free(ret);
3970 if (!a)
3971 return NULL;
3972
3973 ret = a;
3974 }
3975
3976 if (buf) {
3977 *buf = ret;
3978 return ret ?: (char*) s;
3979 }
3980
3981 return ret ?: strdup(s);
3982}
3983
3984char* unit_concat_strv(char **l, UnitWriteFlags flags) {
3985 _cleanup_free_ char *result = NULL;
3986 size_t n = 0, allocated = 0;
ae2a15bc 3987 char **i;
2e59b241
LP		 3988
3989 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
3990 * way suitable for ExecStart= stanzas */
3991
3992 STRV_FOREACH(i, l) {
3993 _cleanup_free_ char *buf = NULL;
3994 const char *p;
3995 size_t a;
3996 char *q;
3997
3998 p = unit_escape_setting(*i, flags, &buf);
3999 if (!p)
4000 return NULL;
4001
4002 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
4003 if (!GREEDY_REALLOC(result, allocated, n + a + 1))
4004 return NULL;
4005
4006 q = result + n;
4007 if (n > 0)
4008 *(q++) = ' ';
4009
4010 *(q++) = '"';
4011 q = stpcpy(q, p);
4012 *(q++) = '"';
4013
4014 n += a;
4015 }
4016
4017 if (!GREEDY_REALLOC(result, allocated, n + 1))
4018 return NULL;
4019
4020 result[n] = 0;
4021
ae2a15bc 4022 return TAKE_PTR(result);
2e59b241
LP		 4023}
4024
4025int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4026 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
2a9a6f8a 4027 const char *dir, *wrapped;
26d04f86 4028 int r;
71645aca
LP		 4029
4030 assert(u);
2e59b241
LP		 4031 assert(name);
4032 assert(data);
4033
4034 if (UNIT_WRITE_FLAGS_NOOP(flags))
4035 return 0;
4036
4037 data = unit_escape_setting(data, flags, &escaped);
4038 if (!data)
4039 return -ENOMEM;
4040
4041 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4042 * previous section header is the same */
4043
4044 if (flags & UNIT_PRIVATE) {
4045 if (!UNIT_VTABLE(u)->private_section)
4046 return -EINVAL;
4047
4048 if (!u->transient_file || u->last_section_private < 0)
4049 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4050 else if (u->last_section_private == 0)
4051 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4052 } else {
4053 if (!u->transient_file || u->last_section_private < 0)
4054 data = strjoina("[Unit]\n", data);
4055 else if (u->last_section_private > 0)
4056 data = strjoina("\n[Unit]\n", data);
4057 }
71645aca 4058
4f4afc88
LP		 4059 if (u->transient_file) {
4060 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4061 * write to the transient unit file. */
4062 fputs(data, u->transient_file);
4f4afc88 4063
2e59b241
LP		 4064 if (!endswith(data, "\n"))
4065 fputc('\n', u->transient_file);
4066
4067 /* Remember which section we wrote this entry to */
4068 u->last_section_private = !!(flags & UNIT_PRIVATE);
8e2af478 4069 return 0;
2e59b241 4070 }
8e2af478 4071
2e59b241 4072 dir = unit_drop_in_dir(u, flags);
39591351
LP		 4073 if (!dir)
4074 return -EINVAL;
71645aca 4075
2a9a6f8a 4076 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
3f71dec5 4077 "# or an equivalent operation. Do not edit.\n",
2a9a6f8a
ZJS		 4078 data,
4079 "\n");
e20b2a86 4080
815b09d3 4081 r = drop_in_file(dir, u->id, 50, name, &p, &q);
adb76a70
WC		 4082 if (r < 0)
4083 return r;
4084
45639f1b 4085 (void) mkdir_p_label(p, 0755);
4dba44a5
ZJS		 4086
4087 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4088 * recreate the cache after every drop-in we write. */
4089 if (u->manager->unit_path_cache) {
be327321 4090 r = set_put_strdup(&u->manager->unit_path_cache, p);
4dba44a5
ZJS		 4091 if (r < 0)
4092 return r;
4093 }
4094
2a9a6f8a 4095 r = write_string_file_atomic_label(q, wrapped);
adb76a70
WC		 4096 if (r < 0)
4097 return r;
4098
815b09d3 4099 r = strv_push(&u->dropin_paths, q);
adb76a70
WC		 4100 if (r < 0)
4101 return r;
815b09d3 4102 q = NULL;
adb76a70 4103
adb76a70
WC		 4104 strv_uniq(u->dropin_paths);
4105
4106 u->dropin_mtime = now(CLOCK_REALTIME);
4107
4108 return 0;
26d04f86 4109}
71645aca 4110
2e59b241 4111int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
b9ec9359
LP		 4112 _cleanup_free_ char *p = NULL;
4113 va_list ap;
4114 int r;
4115
4116 assert(u);
4117 assert(name);
4118 assert(format);
4119
2e59b241 4120 if (UNIT_WRITE_FLAGS_NOOP(flags))
b9ec9359
LP		 4121 return 0;
4122
4123 va_start(ap, format);
4124 r = vasprintf(&p, format, ap);
4125 va_end(ap);
4126
4127 if (r < 0)
4128 return -ENOMEM;
4129
2e59b241 4130 return unit_write_setting(u, flags, name, p);
b9ec9359 4131}
71645aca 4132
c2756a68 4133int unit_make_transient(Unit *u) {
0126c8f3 4134 _cleanup_free_ char *path = NULL;
4f4afc88 4135 FILE *f;
4f4afc88 4136
c2756a68
LP		 4137 assert(u);
4138
3f5e8115
LP		 4139 if (!UNIT_VTABLE(u)->can_transient)
4140 return -EOPNOTSUPP;
4141
45639f1b
LP		 4142 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4143
657ee2d8 4144 path = path_join(u->manager->lookup_paths.transient, u->id);
4f4afc88
LP		 4145 if (!path)
4146 return -ENOMEM;
4147
4148 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4149 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4150
78e334b5 4151 RUN_WITH_UMASK(0022) {
4f4afc88 4152 f = fopen(path, "we");
0126c8f3 4153 if (!f)
78e334b5 4154 return -errno;
4f4afc88
LP		 4155 }
4156
0126c8f3 4157 safe_fclose(u->transient_file);
4f4afc88
LP		 4158 u->transient_file = f;
4159
0126c8f3 4160 free_and_replace(u->fragment_path, path);
7c65093a 4161
7c65093a
LP		 4162 u->source_path = mfree(u->source_path);
4163 u->dropin_paths = strv_free(u->dropin_paths);
4164 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4165
4f4afc88
LP		 4166 u->load_state = UNIT_STUB;
4167 u->load_error = 0;
4168 u->transient = true;
4169
7c65093a
LP		 4170 unit_add_to_dbus_queue(u);
4171 unit_add_to_gc_queue(u);
c2756a68 4172
4f4afc88
LP		 4173 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4174 u->transient_file);
4175
3f5e8115 4176 return 0;
c2756a68
LP		 4177}
4178
c53d2d54 4179static int log_kill(pid_t pid, int sig, void *userdata) {
1d98fef1
LP		 4180 _cleanup_free_ char *comm = NULL;
4181
4182 (void) get_process_comm(pid, &comm);
4183
4184 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4185 only, like for example systemd's own PAM stub process. */
4186 if (comm && comm[0] == '(')
c53d2d54 4187 return 0;
1d98fef1
LP		 4188
4189 log_unit_notice(userdata,
4190 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4191 pid,
4192 strna(comm),
4193 signal_to_string(sig));
c53d2d54
DB		 4194
4195 return 1;
1d98fef1
LP		 4196}
4197
4ab1670f 4198static int operation_to_signal(const KillContext *c, KillOperation k, bool *noteworthy) {
1d98fef1
LP		 4199 assert(c);
4200
4201 switch (k) {
4202
4203 case KILL_TERMINATE:
4204 case KILL_TERMINATE_AND_LOG:
4ab1670f 4205 *noteworthy = false;
1d98fef1
LP		 4206 return c->kill_signal;
4207
a232ebcc 4208 case KILL_RESTART:
4ab1670f 4209 *noteworthy = false;
a232ebcc
ZJS		 4210 return restart_kill_signal(c);
4211
1d98fef1 4212 case KILL_KILL:
4ab1670f 4213 *noteworthy = true;
fbb48d4c 4214 return c->final_kill_signal;
1d98fef1 4215
c87700a1 4216 case KILL_WATCHDOG:
4ab1670f 4217 *noteworthy = true;
c87700a1 4218 return c->watchdog_signal;
1d98fef1
LP		 4219
4220 default:
4221 assert_not_reached("KillOperation unknown");
4222 }
4223}
4224
cd2086fe
LP		 4225int unit_kill_context(
4226 Unit *u,
4227 KillContext *c,
db2cb23b 4228 KillOperation k,
cd2086fe
LP		 4229 pid_t main_pid,
4230 pid_t control_pid,
4231 bool main_pid_alien) {
4232
1d98fef1 4233 bool wait_for_exit = false, send_sighup;
59ec09a8 4234 cg_kill_log_func_t log_func = NULL;
b821a397 4235 int sig, r;
cd2086fe
LP		 4236
4237 assert(u);
4238 assert(c);
4239
8aff7ac4
LP		 4240 /* Kill the processes belonging to this unit, in preparation for shutting the unit down. Returns > 0
4241 * if we killed something worth waiting for, 0 otherwise. Do not confuse with unit_kill_common()
4242 * which is used for user-requested killing of unit processes. */
1d98fef1 4243
cd2086fe
LP		 4244 if (c->kill_mode == KILL_NONE)
4245 return 0;
4246
4ab1670f
ZJS		 4247 bool noteworthy;
4248 sig = operation_to_signal(c, k, &noteworthy);
4249 if (noteworthy)
4250 log_func = log_kill;
1d98fef1
LP		 4251
4252 send_sighup =
4253 c->send_sighup &&
4254 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4255 sig != SIGHUP;
4256
cd2086fe 4257 if (main_pid > 0) {
1d98fef1
LP		 4258 if (log_func)
4259 log_func(main_pid, sig, u);
cd2086fe 4260
1d98fef1 4261 r = kill_and_sigcont(main_pid, sig);
cd2086fe
LP		 4262 if (r < 0 && r != -ESRCH) {
4263 _cleanup_free_ char *comm = NULL;
1d98fef1 4264 (void) get_process_comm(main_pid, &comm);
cd2086fe 4265
b821a397 4266 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
82659fd7 4267 } else {
bc6aed7b
LP		 4268 if (!main_pid_alien)
4269 wait_for_exit = true;
82659fd7 4270
1d98fef1 4271 if (r != -ESRCH && send_sighup)
d0667321 4272 (void) kill(main_pid, SIGHUP);
82659fd7 4273 }
cd2086fe
LP		 4274 }
4275
4276 if (control_pid > 0) {
1d98fef1
LP		 4277 if (log_func)
4278 log_func(control_pid, sig, u);
cd2086fe 4279
1d98fef1 4280 r = kill_and_sigcont(control_pid, sig);
cd2086fe
LP		 4281 if (r < 0 && r != -ESRCH) {
4282 _cleanup_free_ char *comm = NULL;
1d98fef1 4283 (void) get_process_comm(control_pid, &comm);
cd2086fe 4284
b821a397 4285 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
82659fd7 4286 } else {
cd2086fe 4287 wait_for_exit = true;
82659fd7 4288
1d98fef1 4289 if (r != -ESRCH && send_sighup)
d0667321 4290 (void) kill(control_pid, SIGHUP);
82659fd7 4291 }
cd2086fe
LP		 4292 }
4293
b821a397
LP		 4294 if (u->cgroup_path &&
4295 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
cd2086fe
LP		 4296 _cleanup_set_free_ Set *pid_set = NULL;
4297
82659fd7
LP		 4298 /* Exclude the main/control pids from being killed via the cgroup */
4299 pid_set = unit_pid_set(main_pid, control_pid);
cd2086fe
LP		 4300 if (!pid_set)
4301 return -ENOMEM;
4302
1d98fef1
LP		 4303 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4304 sig,
4305 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4306 pid_set,
4307 log_func, u);
cd2086fe 4308 if (r < 0) {
4c701096 4309 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
b821a397
LP		 4310 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", u->cgroup_path);
4311
82659fd7 4312 } else if (r > 0) {
bc6aed7b 4313
1d9cc876
LP		 4314 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4315 * we are running in a container or if this is a delegation unit, simply because cgroup
4316 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4317 * of containers it can be confused easily by left-over directories in the cgroup — which
4318 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4319 * there we get proper events. Hence rely on them. */
efdb0237 4320
c22800e4 4321 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
1d9cc876 4322 (detect_container() == 0 && !unit_cgroup_delegate(u)))
e9db43d5 4323 wait_for_exit = true;
58ea275a 4324
1d98fef1 4325 if (send_sighup) {
82659fd7
LP		 4326 set_free(pid_set);
4327
4328 pid_set = unit_pid_set(main_pid, control_pid);
4329 if (!pid_set)
4330 return -ENOMEM;
4331
c8aa4b5b
LP		 4332 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4333 SIGHUP,
4334 CGROUP_IGNORE_SELF,
4335 pid_set,
4336 NULL, NULL);
82659fd7
LP		 4337 }
4338 }
cd2086fe
LP		 4339 }
4340
4341 return wait_for_exit;
4342}
4343
eef85c4a 4344int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
ca8700e9 4345 _cleanup_free_ char *p = NULL;
eef85c4a 4346 UnitDependencyInfo di;
a57f7e2c
LP		 4347 int r;
4348
4349 assert(u);
4350 assert(path);
4351
eef85c4a
LP		 4352 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
4353 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
4354 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
4355 * determine which units to make themselves a dependency of. */
a57f7e2c 4356
70b64bd3
ZJS		 4357 if (!path_is_absolute(path))
4358 return -EINVAL;
4359
548f6937 4360 r = hashmap_ensure_allocated(&u->requires_mounts_for, &path_hash_ops);
eef85c4a
LP		 4361 if (r < 0)
4362 return r;
4363
a57f7e2c
LP		 4364 p = strdup(path);
4365 if (!p)
4366 return -ENOMEM;
4367
106bf8e4 4368 path = path_simplify(p, true);
a57f7e2c 4369
ca8700e9 4370 if (!path_is_normalized(path))
a57f7e2c 4371 return -EPERM;
a57f7e2c 4372
ca8700e9 4373 if (hashmap_contains(u->requires_mounts_for, path))
a57f7e2c 4374 return 0;
a57f7e2c 4375
eef85c4a
LP		 4376 di = (UnitDependencyInfo) {
4377 .origin_mask = mask
4378 };
4379
ca8700e9
ZJS		 4380 r = hashmap_put(u->requires_mounts_for, path, di.data);
4381 if (r < 0)
a57f7e2c 4382 return r;
ca8700e9 4383 p = NULL;
a57f7e2c 4384
4cb06c59 4385 char prefix[strlen(path) + 1];
ca8700e9 4386 PATH_FOREACH_PREFIX_MORE(prefix, path) {
a57f7e2c
LP		 4387 Set *x;
4388
4389 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4390 if (!x) {
ca8700e9 4391 _cleanup_free_ char *q = NULL;
a57f7e2c 4392
548f6937 4393 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
742f41ad
LP		 4394 if (r < 0)
4395 return r;
a57f7e2c
LP		 4396
4397 q = strdup(prefix);
4398 if (!q)
4399 return -ENOMEM;
4400
d5099efc 4401 x = set_new(NULL);
ca8700e9 4402 if (!x)
a57f7e2c 4403 return -ENOMEM;
a57f7e2c
LP		 4404
4405 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4406 if (r < 0) {
a57f7e2c
LP		 4407 set_free(x);
4408 return r;
4409 }
ca8700e9 4410 q = NULL;
a57f7e2c
LP		 4411 }
4412
4413 r = set_put(x, u);
4414 if (r < 0)
4415 return r;
4416 }
4417
4418 return 0;
4419}
4420
613b411c
LP		 4421int unit_setup_exec_runtime(Unit *u) {
4422 ExecRuntime **rt;
4423 size_t offset;
613b411c 4424 Unit *other;
eef85c4a 4425 void *v;
e8a565cb 4426 int r;
613b411c
LP		 4427
4428 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4429 assert(offset > 0);
4430
06b643e7 4431 /* Check if there already is an ExecRuntime for this unit? */
613b411c
LP		 4432 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4433 if (*rt)
4434 return 0;
4435
4436 /* Try to get it from somebody else */
90e74a66 4437 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_JOINS_NAMESPACE_OF]) {
e8a565cb
YW		 4438 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
4439 if (r == 1)
4440 return 1;
613b411c
LP		 4441 }
4442
e8a565cb 4443 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
613b411c
LP		 4444}
4445
29206d46
LP		 4446int unit_setup_dynamic_creds(Unit *u) {
4447 ExecContext *ec;
4448 DynamicCreds *dcreds;
4449 size_t offset;
4450
4451 assert(u);
4452
4453 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4454 assert(offset > 0);
4455 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4456
4457 ec = unit_get_exec_context(u);
4458 assert(ec);
4459
4460 if (!ec->dynamic_user)
4461 return 0;
4462
4463 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4464}
4465
1c2e9646
LP		 4466bool unit_type_supported(UnitType t) {
4467 if (_unlikely_(t < 0))
4468 return false;
4469 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4470 return false;
4471
4472 if (!unit_vtable[t]->supported)
4473 return true;
4474
4475 return unit_vtable[t]->supported();
4476}
4477
8b4305c7
LP		 4478void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4479 int r;
4480
4481 assert(u);
4482 assert(where);
4483
4484 r = dir_is_empty(where);
3f602115 4485 if (r > 0 || r == -ENOTDIR)
8b4305c7
LP		 4486 return;
4487 if (r < 0) {
4488 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4489 return;
4490 }
4491
4492 log_struct(LOG_NOTICE,
2b044526 4493 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
8b4305c7 4494 LOG_UNIT_ID(u),
f1c50bec 4495 LOG_UNIT_INVOCATION_ID(u),
8b4305c7 4496 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
a1230ff9 4497 "WHERE=%s", where);
8b4305c7
LP		 4498}
4499
25cd4964 4500int unit_fail_if_noncanonical(Unit *u, const char* where) {
58d9d89b 4501 _cleanup_free_ char *canonical_where = NULL;
8b4305c7
LP		 4502 int r;
4503
4504 assert(u);
4505 assert(where);
4506
a5648b80 4507 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where, NULL);
8b4305c7 4508 if (r < 0) {
25cd4964 4509 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
8b4305c7
LP		 4510 return 0;
4511 }
25cd4964
AJ		 4512
4513 /* We will happily ignore a trailing slash (or any redundant slashes) */
4514 if (path_equal(where, canonical_where))
8b4305c7
LP		 4515 return 0;
4516
25cd4964 4517 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
8b4305c7 4518 log_struct(LOG_ERR,
2b044526 4519 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
8b4305c7 4520 LOG_UNIT_ID(u),
f1c50bec 4521 LOG_UNIT_INVOCATION_ID(u),
25cd4964 4522 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
a1230ff9 4523 "WHERE=%s", where);
8b4305c7
LP		 4524
4525 return -ELOOP;
4526}
0f13f3bd
LP		 4527
4528bool unit_is_pristine(Unit *u) {
4529 assert(u);
4530
7c65093a 4531 /* Check if the unit already exists or is already around,
0f13f3bd
LP		 4532 * in a number of different ways. Note that to cater for unit
4533 * types such as slice, we are generally fine with units that
e9e8cbc8
ZJS		 4534 * are marked UNIT_LOADED even though nothing was actually
4535 * loaded, as those unit types don't require a file on disk. */
0f13f3bd
LP		 4536
4537 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
4538 u->fragment_path ||
4539 u->source_path ||
4540 !strv_isempty(u->dropin_paths) ||
0f13f3bd
LP		 4541 u->job ||
4542 u->merged_into);
4543}
291d565a
LP		 4544
4545pid_t unit_control_pid(Unit *u) {
4546 assert(u);
4547
4548 if (UNIT_VTABLE(u)->control_pid)
4549 return UNIT_VTABLE(u)->control_pid(u);
4550
4551 return 0;
4552}
4553
4554pid_t unit_main_pid(Unit *u) {
4555 assert(u);
4556
4557 if (UNIT_VTABLE(u)->main_pid)
4558 return UNIT_VTABLE(u)->main_pid(u);
4559
4560 return 0;
4561}
00d9ef85
LP		 4562
4563static void unit_unref_uid_internal(
4564 Unit *u,
4565 uid_t *ref_uid,
4566 bool destroy_now,
4567 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4568
4569 assert(u);
4570 assert(ref_uid);
4571 assert(_manager_unref_uid);
4572
4573 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4574 * gid_t are actually the same time, with the same validity rules.
4575 *
4576 * Drops a reference to UID/GID from a unit. */
4577
4578 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4579 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4580
4581 if (!uid_is_valid(*ref_uid))
4582 return;
4583
4584 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4585 *ref_uid = UID_INVALID;
4586}
4587
b90cf102 4588static void unit_unref_uid(Unit *u, bool destroy_now) {
00d9ef85
LP		 4589 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4590}
4591
b90cf102 4592static void unit_unref_gid(Unit *u, bool destroy_now) {
00d9ef85
LP		 4593 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4594}
4595
b90cf102
LP		 4596void unit_unref_uid_gid(Unit *u, bool destroy_now) {
4597 assert(u);
4598
4599 unit_unref_uid(u, destroy_now);
4600 unit_unref_gid(u, destroy_now);
4601}
4602
00d9ef85
LP		 4603static int unit_ref_uid_internal(
4604 Unit *u,
4605 uid_t *ref_uid,
4606 uid_t uid,
4607 bool clean_ipc,
4608 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
4609
4610 int r;
4611
4612 assert(u);
4613 assert(ref_uid);
4614 assert(uid_is_valid(uid));
4615 assert(_manager_ref_uid);
4616
4617 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4618 * are actually the same type, and have the same validity rules.
4619 *
4620 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4621 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4622 * drops to zero. */
4623
4624 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4625 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4626
4627 if (*ref_uid == uid)
4628 return 0;
4629
4630 if (uid_is_valid(*ref_uid)) /* Already set? */
4631 return -EBUSY;
4632
4633 r = _manager_ref_uid(u->manager, uid, clean_ipc);
4634 if (r < 0)
4635 return r;
4636
4637 *ref_uid = uid;
4638 return 1;
4639}
4640
b90cf102 4641static int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
00d9ef85
LP		 4642 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
4643}
4644
b90cf102 4645static int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
00d9ef85
LP		 4646 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
4647}
4648
4649static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
4650 int r = 0, q = 0;
4651
4652 assert(u);
4653
4654 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4655
4656 if (uid_is_valid(uid)) {
4657 r = unit_ref_uid(u, uid, clean_ipc);
4658 if (r < 0)
4659 return r;
4660 }
4661
4662 if (gid_is_valid(gid)) {
4663 q = unit_ref_gid(u, gid, clean_ipc);
4664 if (q < 0) {
4665 if (r > 0)
4666 unit_unref_uid(u, false);
4667
4668 return q;
4669 }
4670 }
4671
4672 return r > 0 || q > 0;
4673}
4674
4675int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
4676 ExecContext *c;
4677 int r;
4678
4679 assert(u);
4680
4681 c = unit_get_exec_context(u);
4682
4683 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
4684 if (r < 0)
4685 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
4686
4687 return r;
4688}
4689
00d9ef85
LP		 4690void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
4691 int r;
4692
4693 assert(u);
4694
4695 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
4696 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
4697 * objects when no service references the UID/GID anymore. */
4698
4699 r = unit_ref_uid_gid(u, uid, gid);
4700 if (r > 0)
37d0b962 4701 unit_add_to_dbus_queue(u);
00d9ef85 4702}
4b58153d 4703
4b58153d
LP		 4704int unit_acquire_invocation_id(Unit *u) {
4705 sd_id128_t id;
4706 int r;
4707
4708 assert(u);
4709
4710 r = sd_id128_randomize(&id);
4711 if (r < 0)
4712 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
4713
4714 r = unit_set_invocation_id(u, id);
4715 if (r < 0)
4716 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
4717
af92c603 4718 unit_add_to_dbus_queue(u);
4b58153d
LP		 4719 return 0;
4720}
f0d47797 4721
1ad6e8b3
LP		 4722int unit_set_exec_params(Unit *u, ExecParameters *p) {
4723 int r;
4724
7960b0c7
LP		 4725 assert(u);
4726 assert(p);
f0d47797 4727
004c7f16 4728 /* Copy parameters from manager */
1ad6e8b3
LP		 4729 r = manager_get_effective_environment(u->manager, &p->environment);
4730 if (r < 0)
4731 return r;
4732
004c7f16
LP		 4733 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
4734 p->cgroup_supported = u->manager->cgroup_supported;
4735 p->prefix = u->manager->prefix;
4736 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
4737
5238e957 4738 /* Copy parameters from unit */
7960b0c7 4739 p->cgroup_path = u->cgroup_path;
1d9cc876 4740 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
1ad6e8b3 4741
bb0c0d6f
LP		 4742 p->received_credentials = u->manager->received_credentials;
4743
1ad6e8b3 4744 return 0;
f0d47797 4745}
a79279c7 4746
4c253ed1 4747int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
a79279c7
LP		 4748 int r;
4749
4750 assert(u);
4751 assert(ret);
4752
4753 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
4754 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
4755
4756 (void) unit_realize_cgroup(u);
4757
4c253ed1
LP		 4758 r = safe_fork(name, FORK_REOPEN_LOG, ret);
4759 if (r != 0)
4760 return r;
a79279c7 4761
9c274488
LP		 4762 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE);
4763 (void) ignore_signals(SIGPIPE);
a79279c7 4764
4c253ed1 4765 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
a79279c7 4766
4c253ed1
LP		 4767 if (u->cgroup_path) {
4768 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
4769 if (r < 0) {
4770 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", u->cgroup_path);
4771 _exit(EXIT_CGROUP);
a79279c7 4772 }
a79279c7
LP		 4773 }
4774
4c253ed1 4775 return 0;
a79279c7 4776}
c999cf38 4777
810ef318
YW		 4778int unit_fork_and_watch_rm_rf(Unit *u, char **paths, pid_t *ret_pid) {
4779 pid_t pid;
4780 int r;
4781
4782 assert(u);
4783 assert(ret_pid);
4784
4785 r = unit_fork_helper_process(u, "(sd-rmrf)", &pid);
4786 if (r < 0)
4787 return r;
4788 if (r == 0) {
4789 int ret = EXIT_SUCCESS;
4790 char **i;
4791
4792 STRV_FOREACH(i, paths) {
4793 r = rm_rf(*i, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_MISSING_OK);
4794 if (r < 0) {
4795 log_error_errno(r, "Failed to remove '%s': %m", *i);
4796 ret = EXIT_FAILURE;
4797 }
4798 }
4799
4800 _exit(ret);
4801 }
4802
4803 r = unit_watch_pid(u, pid, true);
4804 if (r < 0)
4805 return r;
4806
4807 *ret_pid = pid;
4808 return 0;
4809}
4810
c999cf38
LP		 4811static void unit_update_dependency_mask(Unit *u, UnitDependency d, Unit *other, UnitDependencyInfo di) {
4812 assert(u);
4813 assert(d >= 0);
4814 assert(d < _UNIT_DEPENDENCY_MAX);
4815 assert(other);
4816
4817 if (di.origin_mask == 0 && di.destination_mask == 0) {
4818 /* No bit set anymore, let's drop the whole entry */
4819 assert_se(hashmap_remove(u->dependencies[d], other));
29a743f9 4820 log_unit_debug(u, "lost dependency %s=%s", unit_dependency_to_string(d), other->id);
c999cf38
LP		 4821 } else
4822 /* Mask was reduced, let's update the entry */
4823 assert_se(hashmap_update(u->dependencies[d], other, di.data) == 0);
4824}
4825
4826void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
c999cf38
LP		 4827 assert(u);
4828
4829 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
4830
4831 if (mask == 0)
4832 return;
4833
f6173cb9 4834 for (UnitDependency d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
c999cf38
LP		 4835 bool done;
4836
4837 do {
4838 UnitDependencyInfo di;
4839 Unit *other;
c999cf38
LP		 4840
4841 done = true;
4842
90e74a66 4843 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d]) {
1d6cc5d0 4844 if (FLAGS_SET(~mask, di.origin_mask))
c999cf38
LP		 4845 continue;
4846 di.origin_mask &= ~mask;
4847 unit_update_dependency_mask(u, d, other, di);
4848
4849 /* We updated the dependency from our unit to the other unit now. But most dependencies
4850 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
4851 * all dependency types on the other unit and delete all those which point to us and
4852 * have the right mask set. */
4853
f6173cb9 4854 for (UnitDependency q = 0; q < _UNIT_DEPENDENCY_MAX; q++) {
c999cf38
LP		 4855 UnitDependencyInfo dj;
4856
4857 dj.data = hashmap_get(other->dependencies[q], u);
1d6cc5d0 4858 if (FLAGS_SET(~mask, dj.destination_mask))
c999cf38
LP		 4859 continue;
4860 dj.destination_mask &= ~mask;
4861
4862 unit_update_dependency_mask(other, q, u, dj);
4863 }
4864
4865 unit_add_to_gc_queue(other);
4866
4867 done = false;
4868 break;
4869 }
4870
4871 } while (!done);
4872 }
4873}
d3070fbd 4874
2f8c48b6
AZ		 4875static int unit_get_invocation_path(Unit *u, char **ret) {
4876 char *p;
4877 int r;
4878
4879 assert(u);
4880 assert(ret);
4881
4882 if (MANAGER_IS_SYSTEM(u->manager))
4883 p = strjoin("/run/systemd/units/invocation:", u->id);
4884 else {
4885 _cleanup_free_ char *user_path = NULL;
4886 r = xdg_user_runtime_dir(&user_path, "/systemd/units/invocation:");
4887 if (r < 0)
4888 return r;
4889 p = strjoin(user_path, u->id);
4890 }
4891
4892 if (!p)
4893 return -ENOMEM;
4894
4895 *ret = p;
4896 return 0;
4897}
4898
d3070fbd 4899static int unit_export_invocation_id(Unit *u) {
2f8c48b6 4900 _cleanup_free_ char *p = NULL;
d3070fbd
LP		 4901 int r;
4902
4903 assert(u);
4904
4905 if (u->exported_invocation_id)
4906 return 0;
4907
4908 if (sd_id128_is_null(u->invocation_id))
4909 return 0;
4910
2f8c48b6
AZ		 4911 r = unit_get_invocation_path(u, &p);
4912 if (r < 0)
4913 return log_unit_debug_errno(u, r, "Failed to get invocation path: %m");
4914
a3f5fd96 4915 r = symlink_atomic_label(u->invocation_id_string, p);
d3070fbd
LP		 4916 if (r < 0)
4917 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
4918
4919 u->exported_invocation_id = true;
4920 return 0;
4921}
4922
4923static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
4924 const char *p;
4925 char buf[2];
4926 int r;
4927
4928 assert(u);
4929 assert(c);
4930
4931 if (u->exported_log_level_max)
4932 return 0;
4933
4934 if (c->log_level_max < 0)
4935 return 0;
4936
4937 assert(c->log_level_max <= 7);
4938
4939 buf[0] = '0' + c->log_level_max;
4940 buf[1] = 0;
4941
4942 p = strjoina("/run/systemd/units/log-level-max:", u->id);
4943 r = symlink_atomic(buf, p);
4944 if (r < 0)
4945 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
4946
4947 u->exported_log_level_max = true;
4948 return 0;
4949}
4950
4951static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
4952 _cleanup_close_ int fd = -1;
4953 struct iovec *iovec;
4954 const char *p;
4955 char *pattern;
4956 le64_t *sizes;
4957 ssize_t n;
d3070fbd
LP		 4958 int r;
4959
4960 if (u->exported_log_extra_fields)
4961 return 0;
4962
4963 if (c->n_log_extra_fields <= 0)
4964 return 0;
4965
4966 sizes = newa(le64_t, c->n_log_extra_fields);
4967 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
4968
12375b95 4969 for (size_t i = 0; i < c->n_log_extra_fields; i++) {
d3070fbd
LP		 4970 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
4971
4972 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
4973 iovec[i*2+1] = c->log_extra_fields[i];
4974 }
4975
4976 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
4977 pattern = strjoina(p, ".XXXXXX");
4978
4979 fd = mkostemp_safe(pattern);
4980 if (fd < 0)
4981 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
4982
4983 n = writev(fd, iovec, c->n_log_extra_fields*2);
4984 if (n < 0) {
4985 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
4986 goto fail;
4987 }
4988
4989 (void) fchmod(fd, 0644);
4990
4991 if (rename(pattern, p) < 0) {
4992 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
4993 goto fail;
4994 }
4995
4996 u->exported_log_extra_fields = true;
4997 return 0;
4998
4999fail:
5000 (void) unlink(pattern);
5001 return r;
5002}
5003
5ac1530e 5004static int unit_export_log_ratelimit_interval(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5005 _cleanup_free_ char *buf = NULL;
5006 const char *p;
5007 int r;
5008
5009 assert(u);
5010 assert(c);
5011
5ac1530e 5012 if (u->exported_log_ratelimit_interval)
90fc172e
AZ		 5013 return 0;
5014
5ac1530e 5015 if (c->log_ratelimit_interval_usec == 0)
90fc172e
AZ		 5016 return 0;
5017
5018 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5019
5ac1530e 5020 if (asprintf(&buf, "%" PRIu64, c->log_ratelimit_interval_usec) < 0)
90fc172e
AZ		 5021 return log_oom();
5022
5023 r = symlink_atomic(buf, p);
5024 if (r < 0)
5025 return log_unit_debug_errno(u, r, "Failed to create log rate limit interval symlink %s: %m", p);
5026
5ac1530e 5027 u->exported_log_ratelimit_interval = true;
90fc172e
AZ		 5028 return 0;
5029}
5030
5ac1530e 5031static int unit_export_log_ratelimit_burst(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5032 _cleanup_free_ char *buf = NULL;
5033 const char *p;
5034 int r;
5035
5036 assert(u);
5037 assert(c);
5038
5ac1530e 5039 if (u->exported_log_ratelimit_burst)
90fc172e
AZ		 5040 return 0;
5041
5ac1530e 5042 if (c->log_ratelimit_burst == 0)
90fc172e
AZ		 5043 return 0;
5044
5045 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5046
5ac1530e 5047 if (asprintf(&buf, "%u", c->log_ratelimit_burst) < 0)
90fc172e
AZ		 5048 return log_oom();
5049
5050 r = symlink_atomic(buf, p);
5051 if (r < 0)
5052 return log_unit_debug_errno(u, r, "Failed to create log rate limit burst symlink %s: %m", p);
5053
5ac1530e 5054 u->exported_log_ratelimit_burst = true;
90fc172e
AZ		 5055 return 0;
5056}
5057
d3070fbd
LP		 5058void unit_export_state_files(Unit *u) {
5059 const ExecContext *c;
5060
5061 assert(u);
5062
5063 if (!u->id)
5064 return;
5065
638cece4 5066 if (MANAGER_IS_TEST_RUN(u->manager))
8f632531
LP		 5067 return;
5068
d3070fbd
LP		 5069 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5070 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5071 * the IPC system itself and PID 1 also log to the journal.
5072 *
5073 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5074 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5075 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5076 * namespace at least.
5077 *
5078 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5079 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5080 * them with one. */
5081
5082 (void) unit_export_invocation_id(u);
5083
2f8c48b6
AZ		 5084 if (!MANAGER_IS_SYSTEM(u->manager))
5085 return;
5086
d3070fbd
LP		 5087 c = unit_get_exec_context(u);
5088 if (c) {
5089 (void) unit_export_log_level_max(u, c);
5090 (void) unit_export_log_extra_fields(u, c);
5ac1530e
ZJS		 5091 (void) unit_export_log_ratelimit_interval(u, c);
5092 (void) unit_export_log_ratelimit_burst(u, c);
d3070fbd
LP		 5093 }
5094}
5095
5096void unit_unlink_state_files(Unit *u) {
5097 const char *p;
5098
5099 assert(u);
5100
5101 if (!u->id)
5102 return;
5103
d3070fbd
LP		 5104 /* Undoes the effect of unit_export_state() */
5105
5106 if (u->exported_invocation_id) {
2f8c48b6
AZ		 5107 _cleanup_free_ char *invocation_path = NULL;
5108 int r = unit_get_invocation_path(u, &invocation_path);
5109 if (r >= 0) {
5110 (void) unlink(invocation_path);
5111 u->exported_invocation_id = false;
5112 }
d3070fbd
LP		 5113 }
5114
2f8c48b6
AZ		 5115 if (!MANAGER_IS_SYSTEM(u->manager))
5116 return;
5117
d3070fbd
LP		 5118 if (u->exported_log_level_max) {
5119 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5120 (void) unlink(p);
5121
5122 u->exported_log_level_max = false;
5123 }
5124
5125 if (u->exported_log_extra_fields) {
5126 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5127 (void) unlink(p);
5128
5129 u->exported_log_extra_fields = false;
5130 }
90fc172e 5131
5ac1530e 5132 if (u->exported_log_ratelimit_interval) {
90fc172e
AZ		 5133 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5134 (void) unlink(p);
5135
5ac1530e 5136 u->exported_log_ratelimit_interval = false;
90fc172e
AZ		 5137 }
5138
5ac1530e 5139 if (u->exported_log_ratelimit_burst) {
90fc172e
AZ		 5140 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5141 (void) unlink(p);
5142
5ac1530e 5143 u->exported_log_ratelimit_burst = false;
90fc172e 5144 }
d3070fbd 5145}
5afe510c 5146
3c7416b6
LP		 5147int unit_prepare_exec(Unit *u) {
5148 int r;
5149
5150 assert(u);
5151
fab34748
KL		 5152 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5153 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5154 r = bpf_firewall_load_custom(u);
5155 if (r < 0)
5156 return r;
5157
3c7416b6
LP		 5158 /* Prepares everything so that we can fork of a process for this unit */
5159
5160 (void) unit_realize_cgroup(u);
5161
5162 if (u->reset_accounting) {
9b2559a1 5163 (void) unit_reset_accounting(u);
3c7416b6
LP		 5164 u->reset_accounting = false;
5165 }
5166
5167 unit_export_state_files(u);
5168
5169 r = unit_setup_exec_runtime(u);
5170 if (r < 0)
5171 return r;
5172
5173 r = unit_setup_dynamic_creds(u);
5174 if (r < 0)
5175 return r;
5176
5177 return 0;
5178}
5179
4c425434
LP		 5180static bool ignore_leftover_process(const char *comm) {
5181 return comm && comm[0] == '('; /* Most likely our own helper process (PAM?), ignore */
5182}
5183
5184int unit_log_leftover_process_start(pid_t pid, int sig, void *userdata) {
a4634b21
LP		 5185 _cleanup_free_ char *comm = NULL;
5186
5187 (void) get_process_comm(pid, &comm);
5188
4c425434 5189 if (ignore_leftover_process(comm))
c53d2d54 5190 return 0;
a4634b21 5191
4c425434
LP		 5192 /* During start we print a warning */
5193
a4634b21
LP		 5194 log_unit_warning(userdata,
5195 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5196 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5197 pid, strna(comm));
c53d2d54
DB		 5198
5199 return 1;
a4634b21
LP		 5200}
5201
4c425434
LP		 5202int unit_log_leftover_process_stop(pid_t pid, int sig, void *userdata) {
5203 _cleanup_free_ char *comm = NULL;
5204
5205 (void) get_process_comm(pid, &comm);
5206
5207 if (ignore_leftover_process(comm))
5208 return 0;
5209
5210 /* During stop we only print an informational message */
5211
5212 log_unit_info(userdata,
5213 "Unit process " PID_FMT " (%s) remains running after unit stopped.",
5214 pid, strna(comm));
5215
5216 return 1;
5217}
5218
5219int unit_warn_leftover_processes(Unit *u, cg_kill_log_func_t log_func) {
a4634b21
LP		 5220 assert(u);
5221
5222 (void) unit_pick_cgroup_path(u);
5223
5224 if (!u->cgroup_path)
c53d2d54 5225 return 0;
a4634b21 5226
4c425434 5227 return cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_func, u);
a4634b21
LP		 5228}
5229
bb2c7685
LP		 5230bool unit_needs_console(Unit *u) {
5231 ExecContext *ec;
5232 UnitActiveState state;
5233
5234 assert(u);
5235
5236 state = unit_active_state(u);
5237
5238 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5239 return false;
5240
5241 if (UNIT_VTABLE(u)->needs_console)
5242 return UNIT_VTABLE(u)->needs_console(u);
5243
5244 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5245 ec = unit_get_exec_context(u);
5246 if (!ec)
5247 return false;
5248
5249 return exec_context_may_touch_console(ec);
5250}
5251
f156e60c 5252const char *unit_label_path(const Unit *u) {
81e9871e
LP		 5253 const char *p;
5254
f156e60c
CG		 5255 assert(u);
5256
81e9871e
LP		 5257 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5258 * when validating access checks. */
5259
5260 p = u->source_path ?: u->fragment_path;
5261 if (!p)
5262 return NULL;
5263
5264 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
640f3b14 5265 if (null_or_empty_path(p) > 0)
81e9871e
LP		 5266 return NULL;
5267
5268 return p;
5269}
5270
6592b975
LP		 5271int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5272 int r;
5273
5274 assert(u);
5275
5276 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5277 * and not a kernel thread either */
5278
5279 /* First, a simple range check */
5280 if (!pid_is_valid(pid))
5281 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5282
5283 /* Some extra safety check */
5284 if (pid == 1 || pid == getpid_cached())
3fe91079 5285 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid);
6592b975
LP		 5286
5287 /* Don't even begin to bother with kernel threads */
5288 r = is_kernel_thread(pid);
5289 if (r == -ESRCH)
5290 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5291 if (r < 0)
5292 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5293 if (r > 0)
5294 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5295
5296 return 0;
5297}
5298
523ee2d4
LP		 5299void unit_log_success(Unit *u) {
5300 assert(u);
5301
5302 log_struct(LOG_INFO,
5303 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR,
5304 LOG_UNIT_ID(u),
5305 LOG_UNIT_INVOCATION_ID(u),
f5ec78e5 5306 LOG_UNIT_MESSAGE(u, "Deactivated successfully."));
523ee2d4
LP		 5307}
5308
7c047d74
LP		 5309void unit_log_failure(Unit *u, const char *result) {
5310 assert(u);
5311 assert(result);
5312
5313 log_struct(LOG_WARNING,
5314 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR,
5315 LOG_UNIT_ID(u),
5316 LOG_UNIT_INVOCATION_ID(u),
5317 LOG_UNIT_MESSAGE(u, "Failed with result '%s'.", result),
5318 "UNIT_RESULT=%s", result);
5319}
5320
31cd5f63
AZ		 5321void unit_log_skip(Unit *u, const char *result) {
5322 assert(u);
5323 assert(result);
5324
5325 log_struct(LOG_INFO,
5326 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR,
5327 LOG_UNIT_ID(u),
5328 LOG_UNIT_INVOCATION_ID(u),
5329 LOG_UNIT_MESSAGE(u, "Skipped due to '%s'.", result),
5330 "UNIT_RESULT=%s", result);
5331}
5332
91bbd9b7
LP		 5333void unit_log_process_exit(
5334 Unit *u,
91bbd9b7
LP		 5335 const char *kind,
5336 const char *command,
5cc2cd1c 5337 bool success,
91bbd9b7
LP		 5338 int code,
5339 int status) {
5340
5cc2cd1c
ZJS		 5341 int level;
5342
91bbd9b7
LP		 5343 assert(u);
5344 assert(kind);
5345
5cc2cd1c
ZJS		 5346 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
5347 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
5348 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
5349 * WARNING. */
5350 if (success)
5351 level = LOG_DEBUG;
5352 else if (code == CLD_EXITED)
5353 level = LOG_NOTICE;
5354 else
91bbd9b7
LP		 5355 level = LOG_WARNING;
5356
5357 log_struct(level,
5358 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR,
5359 LOG_UNIT_MESSAGE(u, "%s exited, code=%s, status=%i/%s",
5360 kind,
5361 sigchld_code_to_string(code), status,
5362 strna(code == CLD_EXITED
5363 ? exit_status_to_string(status, EXIT_STATUS_FULL)
5364 : signal_to_string(status))),
5365 "EXIT_CODE=%s", sigchld_code_to_string(code),
5366 "EXIT_STATUS=%i", status,
5367 "COMMAND=%s", strna(command),
5368 LOG_UNIT_ID(u),
5369 LOG_UNIT_INVOCATION_ID(u));
5370}
5371
7af67e9a
LP		 5372int unit_exit_status(Unit *u) {
5373 assert(u);
5374
5375 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
5376 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
5377 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
5378 * service process has exited abnormally (signal/coredump). */
5379
5380 if (!UNIT_VTABLE(u)->exit_status)
5381 return -EOPNOTSUPP;
5382
5383 return UNIT_VTABLE(u)->exit_status(u);
5384}
5385
5386int unit_failure_action_exit_status(Unit *u) {
5387 int r;
5388
5389 assert(u);
5390
5391 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
5392
5393 if (u->failure_action_exit_status >= 0)
5394 return u->failure_action_exit_status;
5395
5396 r = unit_exit_status(u);
5397 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5398 return 255;
5399
5400 return r;
5401}
5402
5403int unit_success_action_exit_status(Unit *u) {
5404 int r;
5405
5406 assert(u);
5407
5408 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
5409
5410 if (u->success_action_exit_status >= 0)
5411 return u->success_action_exit_status;
5412
5413 r = unit_exit_status(u);
5414 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5415 return 255;
5416
5417 return r;
5418}
5419
a4191c9f
LP		 5420int unit_test_trigger_loaded(Unit *u) {
5421 Unit *trigger;
5422
5423 /* Tests whether the unit to trigger is loaded */
5424
5425 trigger = UNIT_TRIGGER(u);
5426 if (!trigger)
e7b9f4d9
ZJS		 5427 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
5428 "Refusing to start, no unit to trigger.");
a4191c9f 5429 if (trigger->load_state != UNIT_LOADED)
e7b9f4d9
ZJS		 5430 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
5431 "Refusing to start, unit %s to trigger not loaded.", trigger->id);
a4191c9f
LP		 5432
5433 return 0;
5434}
5435
bb0c0d6f
LP		 5436void unit_destroy_runtime_data(Unit *u, const ExecContext *context) {
5437 assert(u);
5438 assert(context);
5439
95939aed
YW		 5440 if (context->runtime_directory_preserve_mode == EXEC_PRESERVE_NO ||
5441 (context->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART && !unit_will_restart(u)))
5442 exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
bb0c0d6f
LP		 5443
5444 exec_context_destroy_credentials(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME], u->id);
95939aed
YW		 5445}
5446
380dc8b0
LP		 5447int unit_clean(Unit *u, ExecCleanMask mask) {
5448 UnitActiveState state;
5449
5450 assert(u);
5451
5452 /* Special return values:
5453 *
5454 * -EOPNOTSUPP → cleaning not supported for this unit type
5455 * -EUNATCH → cleaning not defined for this resource type
5456 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
5457 * a job queued or similar
5458 */
5459
5460 if (!UNIT_VTABLE(u)->clean)
5461 return -EOPNOTSUPP;
5462
5463 if (mask == 0)
5464 return -EUNATCH;
5465
5466 if (u->load_state != UNIT_LOADED)
5467 return -EBUSY;
5468
5469 if (u->job)
5470 return -EBUSY;
5471
5472 state = unit_active_state(u);
5473 if (!IN_SET(state, UNIT_INACTIVE))
5474 return -EBUSY;
5475
5476 return UNIT_VTABLE(u)->clean(u, mask);
5477}
5478
5479int unit_can_clean(Unit *u, ExecCleanMask *ret) {
5480 assert(u);
5481
5482 if (!UNIT_VTABLE(u)->clean ||
5483 u->load_state != UNIT_LOADED) {
5484 *ret = 0;
5485 return 0;
5486 }
5487
5488 /* When the clean() method is set, can_clean() really should be set too */
5489 assert(UNIT_VTABLE(u)->can_clean);
5490
5491 return UNIT_VTABLE(u)->can_clean(u, ret);
5492}
5493
d9e45bc3
MS		 5494bool unit_can_freeze(Unit *u) {
5495 assert(u);
5496
5497 if (UNIT_VTABLE(u)->can_freeze)
5498 return UNIT_VTABLE(u)->can_freeze(u);
5499
5500 return UNIT_VTABLE(u)->freeze;
5501}
5502
5503void unit_frozen(Unit *u) {
5504 assert(u);
5505
5506 u->freezer_state = FREEZER_FROZEN;
5507
5508 bus_unit_send_pending_freezer_message(u);
5509}
5510
5511void unit_thawed(Unit *u) {
5512 assert(u);
5513
5514 u->freezer_state = FREEZER_RUNNING;
5515
5516 bus_unit_send_pending_freezer_message(u);
5517}
5518
5519static int unit_freezer_action(Unit *u, FreezerAction action) {
5520 UnitActiveState s;
5521 int (*method)(Unit*);
5522 int r;
5523
5524 assert(u);
5525 assert(IN_SET(action, FREEZER_FREEZE, FREEZER_THAW));
5526
5527 method = action == FREEZER_FREEZE ? UNIT_VTABLE(u)->freeze : UNIT_VTABLE(u)->thaw;
5528 if (!method || !cg_freezer_supported())
5529 return -EOPNOTSUPP;
5530
5531 if (u->job)
5532 return -EBUSY;
5533
5534 if (u->load_state != UNIT_LOADED)
5535 return -EHOSTDOWN;
5536
5537 s = unit_active_state(u);
5538 if (s != UNIT_ACTIVE)
5539 return -EHOSTDOWN;
5540
5541 if (IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING))
5542 return -EALREADY;
5543
5544 r = method(u);
5545 if (r <= 0)
5546 return r;
5547
5548 return 1;
5549}
5550
5551int unit_freeze(Unit *u) {
5552 return unit_freezer_action(u, FREEZER_FREEZE);
5553}
5554
5555int unit_thaw(Unit *u) {
5556 return unit_freezer_action(u, FREEZER_THAW);
5557}
5558
5559/* Wrappers around low-level cgroup freezer operations common for service and scope units */
5560int unit_freeze_vtable_common(Unit *u) {
5561 return unit_cgroup_freezer_action(u, FREEZER_FREEZE);
5562}
5563
5564int unit_thaw_vtable_common(Unit *u) {
5565 return unit_cgroup_freezer_action(u, FREEZER_THAW);
5566}
5567
5afe510c
LP		 5568static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5569 [COLLECT_INACTIVE] = "inactive",
5570 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5571};
5572
5573DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
Unnamed repository; edit this file 'description' to name the repository.