]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/unit.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
man: remove notes about limitations of unpriv containers that don't apply anymore
[thirdparty/systemd.git] / src / core / unit.c
CommitLineData
db9ecf05 1/* SPDX-License-Identifier: LGPL-2.1-or-later */
a7334b09 2
6553db60 3#include <fnmatch.h>
836e4e7e 4#include <linux/capability.h>
4f5dd394 5#include <unistd.h>
87f0e418 6
836e4e7e 7#include "sd-bus.h"
718db961
LP		 8#include "sd-id128.h"
9#include "sd-messages.h"
4f5dd394 10
57b7a260 11#include "all-units.h"
d68c645b 12#include "alloc-util.h"
b7120388 13#include "ansi-color.h"
836e4e7e 14#include "bpf-restrict-fs.h"
4f5dd394 15#include "bus-common-errors.h"
8df433d7 16#include "bus-internal.h"
4f5dd394 17#include "bus-util.h"
fdb3deca 18#include "cgroup-setup.h"
c6c18be3 19#include "cgroup-util.h"
f461a28d 20#include "chase.h"
a89afe19 21#include "chattr-util.h"
836e4e7e 22#include "condition.h"
1cf40697 23#include "dbus-unit.h"
4f5dd394 24#include "dropin.h"
4ea4abb6 25#include "dynamic-user.h"
88e4bfa6 26#include "env-util.h"
4f5dd394 27#include "escape.h"
43962c30 28#include "exec-credential.h"
4f5dd394 29#include "execute.h"
6a48d82f 30#include "fd-util.h"
ee228be1 31#include "fileio.h"
f97b34a6 32#include "format-util.h"
836e4e7e 33#include "fs-util.h"
4b58153d 34#include "id128-util.h"
5cfa33e0 35#include "install.h"
bd1ae178 36#include "iovec-util.h"
4f5dd394
LP		 37#include "load-dropin.h"
38#include "load-fragment.h"
39#include "log.h"
8c41640a 40#include "logarithm.h"
35cd0ba5 41#include "mkdir-label.h"
836e4e7e
DDM		 42#include "manager.h"
43#include "mount-util.h"
276bd392 44#include "mountpoint-util.h"
7184f836 45#include "netlink-internal.h"
4f5dd394 46#include "path-util.h"
0b452006 47#include "process-util.h"
a89afe19 48#include "quota-util.h"
810ef318 49#include "rm-rf.h"
48b92b37 50#include "serialize.h"
4f5dd394 51#include "set.h"
6eb7c172 52#include "signal-util.h"
836e4e7e 53#include "siphash24.h"
d3070fbd 54#include "sparse-endian.h"
e9db43d5 55#include "special.h"
2e59b241 56#include "specifier.h"
8fcde012 57#include "stat-util.h"
5afe510c 58#include "string-table.h"
07630cea 59#include "string-util.h"
4f5dd394 60#include "strv.h"
e4de7287 61#include "tmpfile-util.h"
4f4afc88 62#include "umask-util.h"
e9db43d5 63#include "unit.h"
1cf40697 64#include "unit-name.h"
b1d4f8e1 65#include "user-util.h"
bad578b1 66#include "varlink.h"
87f0e418 67
37109b85 68/* Thresholds for logging at INFO level about resource consumption */
b1b84bc5
MY		 69#define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
70#define MENTIONWORTHY_MEMORY_BYTES (64 * U64_MB)
71#define MENTIONWORTHY_IO_BYTES (1 * U64_MB)
72#define MENTIONWORTHY_IP_BYTES UINT64_C(0)
37109b85 73
b1b84bc5
MY		 74/* Thresholds for logging at NOTICE level about resource consumption */
75#define NOTICEWORTHY_CPU_NSEC (10 * NSEC_PER_MINUTE)
76#define NOTICEWORTHY_MEMORY_BYTES (512 * U64_MB)
77#define NOTICEWORTHY_IO_BYTES (10 * U64_MB)
78#define NOTICEWORTHY_IP_BYTES (128 * U64_MB)
37109b85 79
87f0e418 80const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
17f6b640
YW		 81 [UNIT_SERVICE] = &service_vtable,
82 [UNIT_SOCKET] = &socket_vtable,
83 [UNIT_TARGET] = &target_vtable,
84 [UNIT_DEVICE] = &device_vtable,
85 [UNIT_MOUNT] = &mount_vtable,
87f0e418 86 [UNIT_AUTOMOUNT] = &automount_vtable,
17f6b640
YW		 87 [UNIT_SWAP] = &swap_vtable,
88 [UNIT_TIMER] = &timer_vtable,
89 [UNIT_PATH] = &path_vtable,
90 [UNIT_SLICE] = &slice_vtable,
91 [UNIT_SCOPE] = &scope_vtable,
87f0e418
LP		 92};
93
75db809a 94Unit* unit_new(Manager *m, size_t size) {
87f0e418
LP		 95 Unit *u;
96
97 assert(m);
ac155bb8 98 assert(size >= sizeof(Unit));
87f0e418 99
7d17cfbc
MS		 100 u = malloc0(size);
101 if (!u)
87f0e418
LP		 102 return NULL;
103
ac155bb8
MS		 104 u->manager = m;
105 u->type = _UNIT_TYPE_INVALID;
ac155bb8
MS		 106 u->default_dependencies = true;
107 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
7cb7f8b8 108 u->unit_file_preset = _PRESET_ACTION_INVALID;
d420282b 109 u->on_failure_job_mode = JOB_REPLACE;
294446dc 110 u->on_success_job_mode = JOB_FAIL;
36c16a7c 111 u->job_timeout = USEC_INFINITY;
a2df3ea4 112 u->job_running_timeout = USEC_INFINITY;
00d9ef85
LP		 113 u->ref_uid = UID_INVALID;
114 u->ref_gid = GID_INVALID;
9824ab1f 115
7af67e9a 116 u->failure_action_exit_status = u->success_action_exit_status = -1;
87f0e418 117
2e59b241
LP		 118 u->last_section_private = -1;
119
14702b9c 120 u->start_ratelimit = m->defaults.start_limit;
c9e120e0 121
9cc54544
LP		 122 u->auto_start_stop_ratelimit = (const RateLimit) {
123 .interval = 10 * USEC_PER_SEC,
124 .burst = 16
125 };
126
87f0e418
LP		 127 return u;
128}
129
a581e45a 130int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
dc409696 131 _cleanup_(unit_freep) Unit *u = NULL;
a581e45a
LP		 132 int r;
133
134 u = unit_new(m, size);
135 if (!u)
136 return -ENOMEM;
137
138 r = unit_add_name(u, name);
dc409696 139 if (r < 0)
a581e45a 140 return r;
a581e45a 141
1cc6c93a
YW		 142 *ret = TAKE_PTR(u);
143
a581e45a
LP		 144 return r;
145}
146
303ee601 147bool unit_has_name(const Unit *u, const char *name) {
f278026d
LP		 148 assert(u);
149 assert(name);
150
4562c355
ZJS		 151 return streq_ptr(name, u->id) ||
152 set_contains(u->aliases, name);
f278026d
LP		 153}
154
598459ce
LP		 155static void unit_init(Unit *u) {
156 CGroupContext *cc;
157 ExecContext *ec;
158 KillContext *kc;
159
160 assert(u);
161 assert(u->manager);
162 assert(u->type >= 0);
163
164 cc = unit_get_cgroup_context(u);
165 if (cc) {
166 cgroup_context_init(cc);
167
168 /* Copy in the manager defaults into the cgroup
169 * context, _before_ the rest of the settings have
170 * been initialized */
171
c9e120e0 172 cc->io_accounting = u->manager->defaults.io_accounting;
c9e120e0
LP		 173 cc->memory_accounting = u->manager->defaults.memory_accounting;
174 cc->tasks_accounting = u->manager->defaults.tasks_accounting;
175 cc->ip_accounting = u->manager->defaults.ip_accounting;
0af20ea2
LP		 176
177 if (u->type != UNIT_SLICE)
c9e120e0 178 cc->tasks_max = u->manager->defaults.tasks_max;
6bb00842 179
c9e120e0
LP		 180 cc->memory_pressure_watch = u->manager->defaults.memory_pressure_watch;
181 cc->memory_pressure_threshold_usec = u->manager->defaults.memory_pressure_threshold_usec;
598459ce
LP		 182 }
183
184 ec = unit_get_exec_context(u);
b1edf445 185 if (ec) {
598459ce
LP		 186 exec_context_init(ec);
187
c9e120e0
LP		 188 if (u->manager->defaults.oom_score_adjust_set) {
189 ec->oom_score_adjust = u->manager->defaults.oom_score_adjust;
d4a402e4
LP		 190 ec->oom_score_adjust_set = true;
191 }
192
30bbdf07
G		 193 ec->restrict_suid_sgid = u->manager->defaults.restrict_suid_sgid;
194
5e37d193
FB		 195 if (MANAGER_IS_SYSTEM(u->manager))
196 ec->keyring_mode = EXEC_KEYRING_SHARED;
197 else {
198 ec->keyring_mode = EXEC_KEYRING_INHERIT;
199
200 /* User manager might have its umask redefined by PAM or UMask=. In this
201 * case let the units it manages inherit this value by default. They can
202 * still tune this value through their own unit file */
41beeb3e 203 (void) get_process_umask(0, &ec->umask);
5e37d193 204 }
b1edf445
LP		 205 }
206
598459ce
LP		 207 kc = unit_get_kill_context(u);
208 if (kc)
209 kill_context_init(kc);
210
211 if (UNIT_VTABLE(u)->init)
212 UNIT_VTABLE(u)->init(u);
213}
214
4562c355
ZJS		 215static int unit_add_alias(Unit *u, char *donated_name) {
216 int r;
217
218 /* Make sure that u->names is allocated. We may leave u->names
219 * empty if we fail later, but this is not a problem. */
5c6ea302 220 r = set_ensure_put(&u->aliases, &string_hash_ops_free, donated_name);
4562c355
ZJS		 221 if (r < 0)
222 return r;
223 assert(r > 0);
224
225 return 0;
226}
227
87f0e418 228int unit_add_name(Unit *u, const char *text) {
4562c355 229 _cleanup_free_ char *name = NULL, *instance = NULL;
87f0e418 230 UnitType t;
87f0e418
LP		 231 int r;
232
233 assert(u);
234 assert(text);
235
7410616c 236 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
ac155bb8 237 if (!u->instance)
acd1987a 238 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
4e494e6a 239 "Instance is not set when adding name '%s'.", text);
87f0e418 240
4562c355 241 r = unit_name_replace_instance(text, u->instance, &name);
7410616c 242 if (r < 0)
acd1987a 243 return log_unit_debug_errno(u, r,
4e494e6a 244 "Failed to build instance name from '%s': %m", text);
7410616c 245 } else {
4562c355
ZJS		 246 name = strdup(text);
247 if (!name)
7410616c
LP		 248 return -ENOMEM;
249 }
87f0e418 250
4562c355 251 if (unit_has_name(u, name))
7410616c 252 return 0;
4562c355
ZJS		 253
254 if (hashmap_contains(u->manager->units, name))
acd1987a 255 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
4e494e6a 256 "Unit already exist when adding name '%s'.", name);
7410616c 257
4562c355 258 if (!unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
acd1987a 259 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
4e494e6a 260 "Name '%s' is invalid.", name);
e537352b 261
4562c355 262 t = unit_name_to_type(name);
7410616c 263 if (t < 0)
acd1987a 264 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
4e494e6a 265 "failed to derive unit type from name '%s'.", name);
87f0e418 266
598459ce 267 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
acd1987a 268 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
4e494e6a 269 "Unit type is illegal: u->type(%d) and t(%d) for name '%s'.",
4562c355 270 u->type, t, name);
87f0e418 271
4562c355 272 r = unit_name_to_instance(name, &instance);
e48614c4 273 if (r < 0)
4e494e6a 274 return log_unit_debug_errno(u, r, "Failed to extract instance from name '%s': %m", name);
87f0e418 275
4562c355 276 if (instance && !unit_type_may_template(t))
4e494e6a 277 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), "Templates are not allowed for name '%s'.", name);
9e2f7c11 278
d383acad
ZJS		 279 /* Ensure that this unit either has no instance, or that the instance matches. */
280 if (u->type != _UNIT_TYPE_INVALID && !streq_ptr(u->instance, instance))
acd1987a 281 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
4e494e6a 282 "Cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
ada4b34e 283 name, instance, u->instance);
9e2f7c11 284
4562c355 285 if (u->id && !unit_type_may_alias(t))
ada4b34e 286 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
4e494e6a 287 "Cannot add name %s, aliases are not allowed for %s units.",
ada4b34e 288 name, unit_type_to_string(t));
9e2f7c11 289
598459ce 290 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
4e494e6a 291 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(E2BIG), "Cannot add name, manager has too many units.");
4f0f902f 292
4562c355
ZJS		 293 /* Add name to the global hashmap first, because that's easier to undo */
294 r = hashmap_put(u->manager->units, name, u);
7410616c 295 if (r < 0)
4e494e6a 296 return log_unit_debug_errno(u, r, "Add unit to hashmap failed for name '%s': %m", text);
87f0e418 297
4562c355
ZJS		 298 if (u->id) {
299 r = unit_add_alias(u, name); /* unit_add_alias() takes ownership of the name on success */
300 if (r < 0) {
301 hashmap_remove(u->manager->units, name);
302 return r;
303 }
304 TAKE_PTR(name);
305
306 } else {
307 /* A new name, we don't need the set yet. */
308 assert(u->type == _UNIT_TYPE_INVALID);
309 assert(!u->instance);
310
ac155bb8 311 u->type = t;
4562c355
ZJS		 312 u->id = TAKE_PTR(name);
313 u->instance = TAKE_PTR(instance);
9e2f7c11 314
71fda00f 315 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
598459ce 316 unit_init(u);
598459ce 317 }
9e2f7c11 318
598459ce
LP		 319 unit_add_to_dbus_queue(u);
320 return 0;
87f0e418
LP		 321}
322
0ae97ec1 323int unit_choose_id(Unit *u, const char *name) {
68eda4bd 324 _cleanup_free_ char *t = NULL;
4562c355 325 char *s;
276c3e78 326 int r;
0ae97ec1
LP		 327
328 assert(u);
329 assert(name);
330
7410616c 331 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 332 if (!u->instance)
9e2f7c11
LP		 333 return -EINVAL;
334
7410616c
LP		 335 r = unit_name_replace_instance(name, u->instance, &t);
336 if (r < 0)
337 return r;
9e2f7c11
LP		 338
339 name = t;
340 }
341
4562c355
ZJS		 342 if (streq_ptr(u->id, name))
343 return 0; /* Nothing to do. */
344
345 /* Selects one of the aliases of this unit as the id */
346 s = set_get(u->aliases, (char*) name);
9e2f7c11 347 if (!s)
0ae97ec1
LP		 348 return -ENOENT;
349
4562c355
ZJS		 350 if (u->id) {
351 r = set_remove_and_put(u->aliases, name, u->id);
352 if (r < 0)
353 return r;
354 } else
355 assert_se(set_remove(u->aliases, name)); /* see set_get() above… */
276c3e78 356
4562c355 357 u->id = s; /* Old u->id is now stored in the set, and s is not stored anywhere */
c1e1601e 358 unit_add_to_dbus_queue(u);
9e2f7c11 359
0ae97ec1
LP		 360 return 0;
361}
362
f50e0a01 363int unit_set_description(Unit *u, const char *description) {
84b26d51 364 int r;
f50e0a01
LP		 365
366 assert(u);
367
84b26d51
LP		 368 r = free_and_strdup(&u->description, empty_to_null(description));
369 if (r < 0)
370 return r;
371 if (r > 0)
372 unit_add_to_dbus_queue(u);
c1e1601e 373
f50e0a01
LP		 374 return 0;
375}
376
02de9614
ZJS		 377static bool unit_success_failure_handler_has_jobs(Unit *unit) {
378 Unit *other;
379
380 UNIT_FOREACH_DEPENDENCY(other, unit, UNIT_ATOM_ON_SUCCESS)
381 if (other->job || other->nop_job)
382 return true;
383
384 UNIT_FOREACH_DEPENDENCY(other, unit, UNIT_ATOM_ON_FAILURE)
385 if (other->job || other->nop_job)
386 return true;
387
388 return false;
389}
390
6ac62d61
LP		 391void unit_release_resources(Unit *u) {
392 UnitActiveState state;
1ba84fef 393 ExecContext *ec;
6ac62d61
LP		 394
395 assert(u);
396
397 if (u->job || u->nop_job)
398 return;
399
400 if (u->perpetual)
401 return;
402
403 state = unit_active_state(u);
468e8726 404 if (!UNIT_IS_INACTIVE_OR_FAILED(state))
6ac62d61
LP		 405 return;
406
407 if (unit_will_restart(u))
408 return;
409
1ba84fef
LP		 410 ec = unit_get_exec_context(u);
411 if (ec && ec->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART)
412 exec_context_destroy_runtime_directory(ec, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
413
6ac62d61
LP		 414 if (UNIT_VTABLE(u)->release_resources)
415 UNIT_VTABLE(u)->release_resources(u);
416}
417
f2f725e5 418bool unit_may_gc(Unit *u) {
a354329f 419 UnitActiveState state;
e98b2fbb 420 int r;
5afe510c 421
701cc384
LP		 422 assert(u);
423
6ac62d61
LP		 424 /* Checks whether the unit is ready to be unloaded for garbage collection. Returns true when the
425 * unit may be collected, and false if there's some reason to keep it loaded.
2641f02e 426 *
6ac62d61
LP		 427 * References from other units are *not* checked here. Instead, this is done in unit_gc_sweep(), but
428 * using markers to properly collect dependency loops.
2641f02e 429 */
5afe510c 430
02de9614 431 if (u->job || u->nop_job)
f2f725e5 432 return false;
6c073082 433
f5869324 434 if (u->perpetual)
f2f725e5 435 return false;
9d576438 436
935f8042
LP		 437 /* if we saw a cgroup empty event for this unit, stay around until we processed it so that we remove
438 * the empty cgroup if possible. Similar, process any pending OOM events if they are already queued
439 * before we release the unit. */
440 if (u->in_cgroup_empty_queue || u->in_cgroup_oom_queue)
8db99898
RP		 441 return false;
442
af05bb97
LP		 443 /* Make sure to send out D-Bus events before we unload the unit */
444 if (u->in_dbus_queue)
445 return false;
446
05a98afd 447 if (sd_bus_track_count(u->bus_track) > 0)
f2f725e5 448 return false;
05a98afd 449
6ac62d61
LP		 450 state = unit_active_state(u);
451
452 /* But we keep the unit object around for longer when it is referenced or configured to not be
453 * gc'ed */
5afe510c
LP		 454 switch (u->collect_mode) {
455
456 case COLLECT_INACTIVE:
457 if (state != UNIT_INACTIVE)
f2f725e5 458 return false;
5afe510c
LP		 459
460 break;
461
462 case COLLECT_INACTIVE_OR_FAILED:
fcd7aef7 463 if (!UNIT_IS_INACTIVE_OR_FAILED(state))
f2f725e5 464 return false;
5afe510c
LP		 465
466 break;
467
468 default:
04499a70 469 assert_not_reached();
5afe510c
LP		 470 }
471
02de9614
ZJS		 472 /* Check if any OnFailure= or on Success= jobs may be pending */
473 if (unit_success_failure_handler_has_jobs(u))
474 return false;
475
9cc54544
LP		 476 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
477 * around. Units with active processes should never be collected. */
478 r = unit_cgroup_is_empty(u);
4918f14a
MY		 479 if (r <= 0 && !IN_SET(r, -ENXIO, -EOWNERDEAD))
480 return false; /* ENXIO/EOWNERDEAD means: currently not realized */
e98b2fbb 481
6ac62d61
LP		 482 if (!UNIT_VTABLE(u)->may_gc)
483 return true;
701cc384 484
6ac62d61 485 return UNIT_VTABLE(u)->may_gc(u);
701cc384
LP		 486}
487
87f0e418
LP		 488void unit_add_to_load_queue(Unit *u) {
489 assert(u);
ac155bb8 490 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 491
ac155bb8 492 if (u->load_state != UNIT_STUB || u->in_load_queue)
87f0e418
LP		 493 return;
494
71fda00f 495 LIST_PREPEND(load_queue, u->manager->load_queue, u);
ac155bb8 496 u->in_load_queue = true;
87f0e418
LP		 497}
498
23a177ef
LP		 499void unit_add_to_cleanup_queue(Unit *u) {
500 assert(u);
501
ac155bb8 502 if (u->in_cleanup_queue)
23a177ef
LP		 503 return;
504
71fda00f 505 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
ac155bb8 506 u->in_cleanup_queue = true;
23a177ef
LP		 507}
508
701cc384
LP		 509void unit_add_to_gc_queue(Unit *u) {
510 assert(u);
511
ac155bb8 512 if (u->in_gc_queue || u->in_cleanup_queue)
701cc384
LP		 513 return;
514
f2f725e5 515 if (!unit_may_gc(u))
701cc384
LP		 516 return;
517
c5a97ed1 518 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
ac155bb8 519 u->in_gc_queue = true;
701cc384
LP		 520}
521
c1e1601e
LP		 522void unit_add_to_dbus_queue(Unit *u) {
523 assert(u);
ac155bb8 524 assert(u->type != _UNIT_TYPE_INVALID);
c1e1601e 525
ac155bb8 526 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
c1e1601e
LP		 527 return;
528
a567261a 529 /* Shortcut things if nobody cares */
8f8f05a9 530 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
ae572acd 531 sd_bus_track_count(u->bus_track) <= 0 &&
8f8f05a9 532 set_isempty(u->manager->private_buses)) {
ac155bb8 533 u->sent_dbus_new_signal = true;
94b6dfa2
LP		 534 return;
535 }
536
71fda00f 537 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
ac155bb8 538 u->in_dbus_queue = true;
c1e1601e
LP		 539}
540
fda09318 541void unit_submit_to_stop_when_unneeded_queue(Unit *u) {
a3c1168a
LP		 542 assert(u);
543
544 if (u->in_stop_when_unneeded_queue)
545 return;
546
547 if (!u->stop_when_unneeded)
548 return;
549
550 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
551 return;
552
553 LIST_PREPEND(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
554 u->in_stop_when_unneeded_queue = true;
555}
556
0bc488c9
LP		 557void unit_submit_to_start_when_upheld_queue(Unit *u) {
558 assert(u);
559
560 if (u->in_start_when_upheld_queue)
561 return;
562
563 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)))
564 return;
565
566 if (!unit_has_dependency(u, UNIT_ATOM_START_STEADILY, NULL))
567 return;
568
569 LIST_PREPEND(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
570 u->in_start_when_upheld_queue = true;
571}
572
56c59592
LP		 573void unit_submit_to_stop_when_bound_queue(Unit *u) {
574 assert(u);
575
576 if (u->in_stop_when_bound_queue)
577 return;
578
579 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
580 return;
581
582 if (!unit_has_dependency(u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT, NULL))
583 return;
584
585 LIST_PREPEND(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
586 u->in_stop_when_bound_queue = true;
587}
588
1ba84fef
LP		 589static bool unit_can_release_resources(Unit *u) {
590 ExecContext *ec;
591
592 assert(u);
593
594 if (UNIT_VTABLE(u)->release_resources)
595 return true;
596
597 ec = unit_get_exec_context(u);
598 if (ec && ec->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART)
599 return true;
600
601 return false;
602}
603
6ac62d61
LP		 604void unit_submit_to_release_resources_queue(Unit *u) {
605 assert(u);
606
607 if (u->in_release_resources_queue)
608 return;
609
610 if (u->job || u->nop_job)
611 return;
612
613 if (u->perpetual)
614 return;
615
1ba84fef 616 if (!unit_can_release_resources(u))
6ac62d61
LP		 617 return;
618
619 LIST_PREPEND(release_resources_queue, u->manager->release_resources_queue, u);
620 u->in_release_resources_queue = true;
621}
622
1b4ab5a2
MY		 623void unit_add_to_stop_notify_queue(Unit *u) {
624 assert(u);
625
626 if (u->in_stop_notify_queue)
627 return;
628
629 assert(UNIT_VTABLE(u)->stop_notify);
630
631 LIST_PREPEND(stop_notify_queue, u->manager->stop_notify_queue, u);
632 u->in_stop_notify_queue = true;
633}
634
635void unit_remove_from_stop_notify_queue(Unit *u) {
636 assert(u);
637
638 if (!u->in_stop_notify_queue)
639 return;
640
641 LIST_REMOVE(stop_notify_queue, u->manager->stop_notify_queue, u);
642 u->in_stop_notify_queue = false;
643}
644
15ed3c3a 645static void unit_clear_dependencies(Unit *u) {
87f0e418
LP		 646 assert(u);
647
15ed3c3a
LP		 648 /* Removes all dependencies configured on u and their reverse dependencies. */
649
650 for (Hashmap *deps; (deps = hashmap_steal_first(u->dependencies));) {
87f0e418 651
15ed3c3a
LP		 652 for (Unit *other; (other = hashmap_steal_first_key(deps));) {
653 Hashmap *other_deps;
701cc384 654
15ed3c3a
LP		 655 HASHMAP_FOREACH(other_deps, other->dependencies)
656 hashmap_remove(other_deps, u);
657
658 unit_add_to_gc_queue(other);
b7777d08 659 other->dependency_generation++;
15ed3c3a
LP		 660 }
661
662 hashmap_free(deps);
87f0e418
LP		 663 }
664
15ed3c3a 665 u->dependencies = hashmap_free(u->dependencies);
b7777d08 666 u->dependency_generation++;
87f0e418
LP		 667}
668
c2756a68 669static void unit_remove_transient(Unit *u) {
c2756a68 670 assert(u);
fce94c5c 671 assert(u->manager);
c2756a68
LP		 672
673 if (!u->transient)
674 return;
675
c2756a68 676 STRV_FOREACH(i, u->dropin_paths) {
39591351 677 _cleanup_free_ char *p = NULL, *pp = NULL;
c2756a68 678
45519d13 679 if (path_extract_directory(*i, &p) < 0) /* Get the drop-in directory from the drop-in file */
39591351
LP		 680 continue;
681
45519d13 682 if (path_extract_directory(p, &pp) < 0) /* Get the config directory from the drop-in directory */
39591351
LP		 683 continue;
684
685 /* Only drop transient drop-ins */
686 if (!path_equal(u->manager->lookup_paths.transient, pp))
687 continue;
c2756a68 688
39591351
LP		 689 (void) unlink(*i);
690 (void) rmdir(p);
c2756a68 691 }
fce94c5c
YW		 692
693 if (u->fragment_path) {
694 (void) unlink(u->fragment_path);
695 (void) unit_file_remove_from_name_map(
696 &u->manager->lookup_paths,
697 &u->manager->unit_cache_timestamp_hash,
698 &u->manager->unit_id_map,
699 &u->manager->unit_name_map,
700 &u->manager->unit_path_cache,
701 u->fragment_path);
702 }
c2756a68
LP		 703}
704
9e615fa3 705static void unit_free_mounts_for(Unit *u) {
eef85c4a 706 assert(u);
a57f7e2c 707
9e615fa3
LB		 708 for (UnitMountDependencyType t = 0; t < _UNIT_MOUNT_DEPENDENCY_TYPE_MAX; ++t) {
709 for (;;) {
710 _cleanup_free_ char *path = NULL;
711
712 path = hashmap_steal_first_key(u->mounts_for[t]);
713 if (!path)
714 break;
a57f7e2c 715
eef85c4a 716 char s[strlen(path) + 1];
a57f7e2c 717
eef85c4a
LP		 718 PATH_FOREACH_PREFIX_MORE(s, path) {
719 char *y;
720 Set *x;
721
9e615fa3 722 x = hashmap_get2(u->manager->units_needing_mounts_for[t], s, (void**) &y);
eef85c4a
LP		 723 if (!x)
724 continue;
a57f7e2c 725
eef85c4a 726 (void) set_remove(x, u);
a57f7e2c 727
eef85c4a 728 if (set_isempty(x)) {
9e615fa3 729 assert_se(hashmap_remove(u->manager->units_needing_mounts_for[t], y));
eef85c4a
LP		 730 free(y);
731 set_free(x);
732 }
a57f7e2c
LP		 733 }
734 }
a57f7e2c 735
9e615fa3
LB		 736 u->mounts_for[t] = hashmap_free(u->mounts_for[t]);
737 }
a57f7e2c
LP		 738}
739
598459ce
LP		 740static void unit_done(Unit *u) {
741 ExecContext *ec;
742 CGroupContext *cc;
743
744 assert(u);
745
746 if (u->type < 0)
747 return;
748
749 if (UNIT_VTABLE(u)->done)
750 UNIT_VTABLE(u)->done(u);
751
752 ec = unit_get_exec_context(u);
753 if (ec)
754 exec_context_done(ec);
755
756 cc = unit_get_cgroup_context(u);
757 if (cc)
758 cgroup_context_done(cc);
759}
760
75db809a 761Unit* unit_free(Unit *u) {
12f64221 762 Unit *slice;
87f0e418
LP		 763 char *t;
764
c9d5c9c0 765 if (!u)
75db809a 766 return NULL;
87f0e418 767
7223d500
LB		 768 sd_event_source_disable_unref(u->auto_start_stop_event_source);
769
50fb00b7 770 u->transient_file = safe_fclose(u->transient_file);
4f4afc88 771
2c289ea8 772 if (!MANAGER_IS_RELOADING(u->manager))
c2756a68
LP		 773 unit_remove_transient(u);
774
c1e1601e
LP		 775 bus_unit_send_removed_signal(u);
776
598459ce 777 unit_done(u);
a013b84b 778
73458283
YW		 779 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
780 u->bus_track = sd_bus_track_unref(u->bus_track);
05a98afd 781 u->deserialized_refs = strv_free(u->deserialized_refs);
af1e3365 782 u->pending_freezer_invocation = sd_bus_message_unref(u->pending_freezer_invocation);
05a98afd 783
9e615fa3 784 unit_free_mounts_for(u);
a57f7e2c 785
90e74a66 786 SET_FOREACH(t, u->aliases)
ac155bb8 787 hashmap_remove_value(u->manager->units, t, u);
4562c355
ZJS		 788 if (u->id)
789 hashmap_remove_value(u->manager->units, u->id, u);
87f0e418 790
4b58153d
LP		 791 if (!sd_id128_is_null(u->invocation_id))
792 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
793
97e7d748
MS		 794 if (u->job) {
795 Job *j = u->job;
796 job_uninstall(j);
797 job_free(j);
798 }
964e0949 799
e0209d83
MS		 800 if (u->nop_job) {
801 Job *j = u->nop_job;
802 job_uninstall(j);
803 job_free(j);
804 }
805
4c591f39
MK		 806 /* A unit is being dropped from the tree, make sure our family is realized properly. Do this after we
807 * detach the unit from slice tree in order to eliminate its effect on controller masks. */
12f64221 808 slice = UNIT_GET_SLICE(u);
d219a2b0 809 unit_clear_dependencies(u);
12f64221
LP		 810 if (slice)
811 unit_add_family_to_cgroup_realize_queue(slice);
fb46fca7 812
adefcf28
LP		 813 if (u->on_console)
814 manager_unref_console(u->manager);
815
4918f14a 816 unit_release_cgroup(u, /* drop_cgroup_runtime = */ true);
72673e86 817
d3070fbd
LP		 818 if (!MANAGER_IS_RELOADING(u->manager))
819 unit_unlink_state_files(u);
820
00d9ef85
LP		 821 unit_unref_uid_gid(u, false);
822
5269eb6b 823 (void) manager_update_failed_units(u->manager, u, false);
db785129 824 set_remove(u->manager->startup_units, u);
f755e3b7 825
a911bb9a
LP		 826 unit_unwatch_all_pids(u);
827
7f7d01ed
ZJS		 828 while (u->refs_by_target)
829 unit_ref_unset(u->refs_by_target);
57020a3a 830
ac155bb8 831 if (u->type != _UNIT_TYPE_INVALID)
71fda00f 832 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
ef734fd6 833
ac155bb8 834 if (u->in_load_queue)
71fda00f 835 LIST_REMOVE(load_queue, u->manager->load_queue, u);
87f0e418 836
ac155bb8 837 if (u->in_dbus_queue)
71fda00f 838 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
c1e1601e 839
13e72103
MK		 840 if (u->in_cleanup_queue)
841 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
842
a2d72e26 843 if (u->in_gc_queue)
c5a97ed1 844 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
701cc384 845
91a6073e
LP		 846 if (u->in_cgroup_realize_queue)
847 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
87f0e418 848
09e24654
LP		 849 if (u->in_cgroup_empty_queue)
850 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
851
13e72103
MK		 852 if (u->in_cgroup_oom_queue)
853 LIST_REMOVE(cgroup_oom_queue, u->manager->cgroup_oom_queue, u);
adefcf28 854
19496554
MS		 855 if (u->in_target_deps_queue)
856 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
857
a3c1168a
LP		 858 if (u->in_stop_when_unneeded_queue)
859 LIST_REMOVE(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
860
0bc488c9
LP		 861 if (u->in_start_when_upheld_queue)
862 LIST_REMOVE(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
863
56c59592
LP		 864 if (u->in_stop_when_bound_queue)
865 LIST_REMOVE(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
866
6ac62d61
LP		 867 if (u->in_release_resources_queue)
868 LIST_REMOVE(release_resources_queue, u->manager->release_resources_queue, u);
869
1b4ab5a2
MY		 870 unit_remove_from_stop_notify_queue(u);
871
a946fa9b
ZJS		 872 condition_free_list(u->conditions);
873 condition_free_list(u->asserts);
f755e3b7 874
ac155bb8 875 free(u->description);
49dbfa7b 876 strv_free(u->documentation);
ac155bb8 877 free(u->fragment_path);
1b64d026 878 free(u->source_path);
ae7a7182 879 strv_free(u->dropin_paths);
ac155bb8 880 free(u->instance);
87f0e418 881
f189ab18 882 free(u->job_timeout_reboot_arg);
6bf0f408
LP		 883 free(u->reboot_arg);
884
23e9a7dd
LP		 885 free(u->access_selinux_context);
886
5c6ea302 887 set_free(u->aliases);
4562c355
ZJS		 888 free(u->id);
889
48b92b37
LB		 890 activation_details_unref(u->activation_details);
891
75db809a 892 return mfree(u);
87f0e418
LP		 893}
894
895UnitActiveState unit_active_state(Unit *u) {
896 assert(u);
897
ac155bb8 898 if (u->load_state == UNIT_MERGED)
6124958c
LP		 899 return unit_active_state(unit_follow_merge(u));
900
901 /* After a reload it might happen that a unit is not correctly
902 * loaded but still has a process around. That's why we won't
fdf20a31 903 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
87f0e418
LP		 904
905 return UNIT_VTABLE(u)->active_state(u);
906}
907
10a94420
LP		 908const char* unit_sub_state_to_string(Unit *u) {
909 assert(u);
910
911 return UNIT_VTABLE(u)->sub_state_to_string(u);
912}
913
15ed3c3a 914static int unit_merge_names(Unit *u, Unit *other) {
4562c355 915 char *name;
7c0b05e5 916 int r;
87f0e418 917
23a177ef
LP		 918 assert(u);
919 assert(other);
920
4562c355 921 r = unit_add_alias(u, other->id);
7c0b05e5
MS		 922 if (r < 0)
923 return r;
23a177ef 924
4562c355
ZJS		 925 r = set_move(u->aliases, other->aliases);
926 if (r < 0) {
927 set_remove(u->aliases, other->id);
928 return r;
929 }
23a177ef 930
4562c355 931 TAKE_PTR(other->id);
5c6ea302 932 other->aliases = set_free(other->aliases);
23a177ef 933
90e74a66 934 SET_FOREACH(name, u->aliases)
4562c355 935 assert_se(hashmap_replace(u->manager->units, name, u) == 0);
7c0b05e5
MS		 936
937 return 0;
87f0e418
LP		 938}
939
15ed3c3a
LP		 940static int unit_reserve_dependencies(Unit *u, Unit *other) {
941 size_t n_reserve;
942 Hashmap* deps;
943 void *d;
944 int r;
09a65f92
MS		 945
946 assert(u);
947 assert(other);
09a65f92 948
15ed3c3a
LP		 949 /* Let's reserve some space in the dependency hashmaps so that later on merging the units cannot
950 * fail.
951 *
18fe76eb 952 * First make some room in the per dependency type hashmaps. Using the summed size of both units'
15ed3c3a
LP		 953 * hashmaps is an estimate that is likely too high since they probably use some of the same
954 * types. But it's never too low, and that's all we need. */
955
956 n_reserve = MIN(hashmap_size(other->dependencies), LESS_BY((size_t) _UNIT_DEPENDENCY_MAX, hashmap_size(u->dependencies)));
957 if (n_reserve > 0) {
958 r = hashmap_ensure_allocated(&u->dependencies, NULL);
959 if (r < 0)
960 return r;
961
962 r = hashmap_reserve(u->dependencies, n_reserve);
963 if (r < 0)
964 return r;
965 }
966
967 /* Now, enlarge our per dependency type hashmaps by the number of entries in the same hashmap of the
968 * other unit's dependencies.
969 *
970 * NB: If u does not have a dependency set allocated for some dependency type, there is no need to
971 * reserve anything for. In that case other's set will be transferred as a whole to u by
972 * complete_move(). */
973
974 HASHMAP_FOREACH_KEY(deps, d, u->dependencies) {
975 Hashmap *other_deps;
976
977 other_deps = hashmap_get(other->dependencies, d);
978
979 r = hashmap_reserve(deps, hashmap_size(other_deps));
980 if (r < 0)
981 return r;
982 }
983
984 return 0;
985}
986
ed991163 987static bool unit_should_warn_about_dependency(UnitDependency dependency) {
15ed3c3a 988 /* Only warn about some unit types */
ed991163
YW		 989 return IN_SET(dependency,
990 UNIT_CONFLICTS,
991 UNIT_CONFLICTED_BY,
992 UNIT_BEFORE,
993 UNIT_AFTER,
994 UNIT_ON_SUCCESS,
995 UNIT_ON_FAILURE,
996 UNIT_TRIGGERS,
997 UNIT_TRIGGERED_BY);
15ed3c3a
LP		 998}
999
1000static int unit_per_dependency_type_hashmap_update(
1001 Hashmap *per_type,
1002 Unit *other,
1003 UnitDependencyMask origin_mask,
1004 UnitDependencyMask destination_mask) {
1005
1006 UnitDependencyInfo info;
1007 int r;
1008
1009 assert(other);
1010 assert_cc(sizeof(void*) == sizeof(info));
1011
1012 /* Acquire the UnitDependencyInfo entry for the Unit* we are interested in, and update it if it
1013 * exists, or insert it anew if not. */
09a65f92 1014
15ed3c3a
LP		 1015 info.data = hashmap_get(per_type, other);
1016 if (info.data) {
1017 /* Entry already exists. Add in our mask. */
1018
1019 if (FLAGS_SET(origin_mask, info.origin_mask) &&
1020 FLAGS_SET(destination_mask, info.destination_mask))
1021 return 0; /* NOP */
1022
1023 info.origin_mask |= origin_mask;
1024 info.destination_mask |= destination_mask;
1025
1026 r = hashmap_update(per_type, other, info.data);
1027 } else {
1028 info = (UnitDependencyInfo) {
1029 .origin_mask = origin_mask,
1030 .destination_mask = destination_mask,
1031 };
09a65f92 1032
15ed3c3a
LP		 1033 r = hashmap_put(per_type, other, info.data);
1034 }
1035 if (r < 0)
1036 return r;
1037
15ed3c3a 1038 return 1;
09a65f92
MS		 1039}
1040
c8b3b524
YW		 1041static void unit_merge_dependencies(Unit *u, Unit *other) {
1042 Hashmap *deps;
1043 void *dt; /* Actually of type UnitDependency, except that we don't bother casting it here,
1044 * since the hashmaps all want it as void pointer. */
eef85c4a 1045
23a177ef
LP		 1046 assert(u);
1047 assert(other);
23a177ef 1048
15ed3c3a
LP		 1049 if (u == other)
1050 return;
1051
c8b3b524
YW		 1052 /* First, remove dependency to other. */
1053 HASHMAP_FOREACH_KEY(deps, dt, u->dependencies) {
ed991163
YW		 1054 if (hashmap_remove(deps, other) && unit_should_warn_about_dependency(UNIT_DEPENDENCY_FROM_PTR(dt)))
1055 log_unit_warning(u, "Dependency %s=%s is dropped, as %s is merged into %s.",
1056 unit_dependency_to_string(UNIT_DEPENDENCY_FROM_PTR(dt)),
1057 other->id, other->id, u->id);
c8b3b524
YW		 1058
1059 if (hashmap_isempty(deps))
1060 hashmap_free(hashmap_remove(u->dependencies, dt));
1061 }
1062
15ed3c3a 1063 for (;;) {
5d2a48da 1064 _cleanup_hashmap_free_ Hashmap *other_deps = NULL;
15ed3c3a
LP		 1065 UnitDependencyInfo di_back;
1066 Unit *back;
15ed3c3a
LP		 1067
1068 /* Let's focus on one dependency type at a time, that 'other' has defined. */
1069 other_deps = hashmap_steal_first_key_and_value(other->dependencies, &dt);
1070 if (!other_deps)
1071 break; /* done! */
1072
4b7918a6
YW		 1073 deps = hashmap_get(u->dependencies, dt);
1074
15ed3c3a
LP		 1075 /* Now iterate through all dependencies of this dependency type, of 'other'. We refer to the
1076 * referenced units as 'back'. */
1077 HASHMAP_FOREACH_KEY(di_back.data, back, other_deps) {
1078 Hashmap *back_deps;
1079 void *back_dt;
eef85c4a 1080
e66047ff 1081 if (back == u) {
15ed3c3a
LP		 1082 /* This is a dependency pointing back to the unit we want to merge with?
1083 * Suppress it (but warn) */
ed991163
YW		 1084 if (unit_should_warn_about_dependency(UNIT_DEPENDENCY_FROM_PTR(dt)))
1085 log_unit_warning(u, "Dependency %s=%s in %s is dropped, as %s is merged into %s.",
1086 unit_dependency_to_string(UNIT_DEPENDENCY_FROM_PTR(dt)),
1087 u->id, other->id, other->id, u->id);
1088
4b7918a6 1089 hashmap_remove(other_deps, back);
15ed3c3a
LP		 1090 continue;
1091 }
eef85c4a 1092
15ed3c3a
LP		 1093 /* Now iterate through all deps of 'back', and fix the ones pointing to 'other' to
1094 * point to 'u' instead. */
1095 HASHMAP_FOREACH_KEY(back_deps, back_dt, back->dependencies) {
1096 UnitDependencyInfo di_move;
eef85c4a 1097
15ed3c3a
LP		 1098 di_move.data = hashmap_remove(back_deps, other);
1099 if (!di_move.data)
1100 continue;
eef85c4a 1101
15ed3c3a
LP		 1102 assert_se(unit_per_dependency_type_hashmap_update(
1103 back_deps,
1104 u,
1105 di_move.origin_mask,
1106 di_move.destination_mask) >= 0);
1107 }
eef85c4a 1108
15ed3c3a 1109 /* The target unit already has dependencies of this type, let's then merge this individually. */
4b7918a6
YW		 1110 if (deps)
1111 assert_se(unit_per_dependency_type_hashmap_update(
1112 deps,
1113 back,
1114 di_back.origin_mask,
1115 di_back.destination_mask) >= 0);
15ed3c3a 1116 }
4b7918a6
YW		 1117
1118 /* Now all references towards 'other' of the current type 'dt' are corrected to point to 'u'.
1119 * Lets's now move the deps of type 'dt' from 'other' to 'u'. If the unit does not have
1120 * dependencies of this type, let's move them per type wholesale. */
1121 if (!deps)
1122 assert_se(hashmap_put(u->dependencies, dt, TAKE_PTR(other_deps)) >= 0);
15ed3c3a 1123 }
23a177ef 1124
15ed3c3a 1125 other->dependencies = hashmap_free(other->dependencies);
b7777d08
YW		 1126
1127 u->dependency_generation++;
1128 other->dependency_generation++;
23a177ef
LP		 1129}
1130
1131int unit_merge(Unit *u, Unit *other) {
09a65f92 1132 int r;
87f0e418
LP		 1133
1134 assert(u);
1135 assert(other);
ac155bb8
MS		 1136 assert(u->manager == other->manager);
1137 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 1138
cc916967
LP		 1139 other = unit_follow_merge(other);
1140
23a177ef
LP		 1141 if (other == u)
1142 return 0;
1143
ac155bb8 1144 if (u->type != other->type)
9e2f7c11
LP		 1145 return -EINVAL;
1146
8a993b61 1147 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
934e749e
LP		 1148 return -EEXIST;
1149
ec2ce0c5 1150 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
23a177ef 1151 return -EEXIST;
87f0e418 1152
d383acad
ZJS		 1153 if (!streq_ptr(u->instance, other->instance))
1154 return -EINVAL;
1155
ac155bb8 1156 if (other->job)
819e213f
LP		 1157 return -EEXIST;
1158
e0209d83
MS		 1159 if (other->nop_job)
1160 return -EEXIST;
1161
fdf20a31 1162 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
819e213f
LP		 1163 return -EEXIST;
1164
15ed3c3a
LP		 1165 /* Make reservations to ensure merge_dependencies() won't fail. We don't rollback reservations if we
1166 * fail. We don't have a way to undo reservations. A reservation is not a leak. */
1167 r = unit_reserve_dependencies(u, other);
1168 if (r < 0)
1169 return r;
09a65f92 1170
57020a3a 1171 /* Redirect all references */
7f7d01ed
ZJS		 1172 while (other->refs_by_target)
1173 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
57020a3a 1174
87f0e418 1175 /* Merge dependencies */
15ed3c3a 1176 unit_merge_dependencies(u, other);
87f0e418 1177
1d0c81a0
YW		 1178 /* Merge names. It is better to do that after merging deps, otherwise the log message contains n/a. */
1179 r = unit_merge_names(u, other);
1180 if (r < 0)
1181 return r;
1182
ac155bb8
MS		 1183 other->load_state = UNIT_MERGED;
1184 other->merged_into = u;
23a177ef 1185
48b92b37
LB		 1186 if (!u->activation_details)
1187 u->activation_details = activation_details_ref(other->activation_details);
1188
3616a49c
LP		 1189 /* If there is still some data attached to the other node, we
1190 * don't need it anymore, and can free it. */
ac155bb8 1191 if (other->load_state != UNIT_STUB)
3616a49c
LP		 1192 if (UNIT_VTABLE(other)->done)
1193 UNIT_VTABLE(other)->done(other);
1194
1195 unit_add_to_dbus_queue(u);
23a177ef
LP		 1196 unit_add_to_cleanup_queue(other);
1197
1198 return 0;
1199}
1200
1201int unit_merge_by_name(Unit *u, const char *name) {
934e749e 1202 _cleanup_free_ char *s = NULL;
23a177ef 1203 Unit *other;
9e2f7c11 1204 int r;
23a177ef 1205
e8630e69
ZJS		 1206 /* Either add name to u, or if a unit with name already exists, merge it with u.
1207 * If name is a template, do the same for name@instance, where instance is u's instance. */
1208
23a177ef
LP		 1209 assert(u);
1210 assert(name);
1211
7410616c 1212 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 1213 if (!u->instance)
9e2f7c11
LP		 1214 return -EINVAL;
1215
7410616c
LP		 1216 r = unit_name_replace_instance(name, u->instance, &s);
1217 if (r < 0)
1218 return r;
9e2f7c11
LP		 1219
1220 name = s;
1221 }
1222
c2756a68 1223 other = manager_get_unit(u->manager, name);
7410616c
LP		 1224 if (other)
1225 return unit_merge(u, other);
23a177ef 1226
7410616c 1227 return unit_add_name(u, name);
23a177ef
LP		 1228}
1229
1230Unit* unit_follow_merge(Unit *u) {
1231 assert(u);
1232
ac155bb8
MS		 1233 while (u->load_state == UNIT_MERGED)
1234 assert_se(u = u->merged_into);
23a177ef
LP		 1235
1236 return u;
1237}
1238
1239int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
1240 int r;
1241
1242 assert(u);
1243 assert(c);
1244
a8c5a4c6
YW		 1245 /* Unlike unit_add_dependency() or friends, this always returns 0 on success. */
1246
61aa5f70
LB		 1247 if (c->working_directory) {
1248 r = unit_add_mounts_for(
1249 u,
1250 c->working_directory,
1251 UNIT_DEPENDENCY_FILE,
1252 c->working_directory_missing_ok ? UNIT_MOUNT_WANTS : UNIT_MOUNT_REQUIRES);
36be24c8
ZJS		 1253 if (r < 0)
1254 return r;
1255 }
1256
1257 if (c->root_directory) {
ebc75103 1258 r = unit_add_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE, UNIT_MOUNT_WANTS);
36be24c8
ZJS		 1259 if (r < 0)
1260 return r;
1261 }
1262
915e6d16 1263 if (c->root_image) {
ebc75103 1264 r = unit_add_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE, UNIT_MOUNT_WANTS);
915e6d16
LP		 1265 if (r < 0)
1266 return r;
1267 }
1268
12375b95 1269 for (ExecDirectoryType dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
ada5e276
YW		 1270 if (!u->manager->prefix[dt])
1271 continue;
1272
5e702203 1273 FOREACH_ARRAY(i, c->directories[dt].items, c->directories[dt].n_items) {
c2b2df60 1274 _cleanup_free_ char *p = NULL;
ada5e276 1275
5e702203 1276 p = path_join(u->manager->prefix[dt], i->path);
ada5e276
YW		 1277 if (!p)
1278 return -ENOMEM;
1279
9e615fa3 1280 r = unit_add_mounts_for(u, p, UNIT_DEPENDENCY_FILE, UNIT_MOUNT_REQUIRES);
ada5e276
YW		 1281 if (r < 0)
1282 return r;
1283 }
1284 }
1285
463d0d15 1286 if (!MANAGER_IS_SYSTEM(u->manager))
b46a529c
LP		 1287 return 0;
1288
f3b7a79b
LP		 1289 /* For the following three directory types we need write access, and /var/ is possibly on the root
1290 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
211a3d87
LB		 1291 if (c->directories[EXEC_DIRECTORY_STATE].n_items > 0 ||
1292 c->directories[EXEC_DIRECTORY_CACHE].n_items > 0 ||
1293 c->directories[EXEC_DIRECTORY_LOGS].n_items > 0) {
f3b7a79b
LP		 1294 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_REMOUNT_FS_SERVICE, true, UNIT_DEPENDENCY_FILE);
1295 if (r < 0)
1296 return r;
1297 }
1298
6156bec7
YW		 1299 /* This must be already set in unit_patch_contexts(). */
1300 assert(c->private_var_tmp >= 0 && c->private_var_tmp < _PRIVATE_TMP_MAX);
1301
0e551b04 1302 if (c->private_tmp == PRIVATE_TMP_CONNECTED) {
6156bec7
YW		 1303 assert(c->private_var_tmp == PRIVATE_TMP_CONNECTED);
1304
a4b1232d 1305 r = unit_add_mounts_for(u, "/tmp/", UNIT_DEPENDENCY_FILE, UNIT_MOUNT_WANTS);
b2c7d1bb
FB		 1306 if (r < 0)
1307 return r;
1308
a4b1232d 1309 r = unit_add_mounts_for(u, "/var/tmp/", UNIT_DEPENDENCY_FILE, UNIT_MOUNT_WANTS);
b2c7d1bb
FB		 1310 if (r < 0)
1311 return r;
b46a529c 1312
35d8c19a 1313 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, true, UNIT_DEPENDENCY_FILE);
b46a529c
LP		 1314 if (r < 0)
1315 return r;
6156bec7
YW		 1316
1317 } else if (c->private_var_tmp == PRIVATE_TMP_DISCONNECTED && !exec_context_with_rootfs(c)) {
1318 /* Even if PrivateTmp=disconnected, we still require /var/tmp/ mountpoint to be present,
1319 * i.e. /var/ needs to be mounted. See comments in unit_patch_contexts(). */
1320 r = unit_add_mounts_for(u, "/var/", UNIT_DEPENDENCY_FILE, UNIT_MOUNT_WANTS);
1321 if (r < 0)
1322 return r;
b46a529c
LP		 1323 }
1324
33b58dfb
LP		 1325 if (c->root_image) {
1326 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1327 * implicit dependency on udev */
1328
1329 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_UDEVD_SERVICE, true, UNIT_DEPENDENCY_FILE);
1330 if (r < 0)
1331 return r;
1332 }
1333
91dd5f7c
LP		 1334 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1335 * is run first. */
91dd5f7c 1336 if (c->log_namespace) {
2b699c23
YW		 1337 static const struct {
1338 const char *template;
1339 UnitType type;
1340 } deps[] = {
1341 { "systemd-journald", UNIT_SOCKET, },
1342 { "systemd-journald-varlink", UNIT_SOCKET, },
1343 { "systemd-journald-sync", UNIT_SERVICE, },
1344 };
1345
1346 FOREACH_ELEMENT(i, deps) {
1347 _cleanup_free_ char *unit = NULL;
23a177ef 1348
2b699c23 1349 r = unit_name_build_from_type(i->template, c->log_namespace, i->type, &unit);
06c0f569
MY		 1350 if (r < 0)
1351 return r;
61628287 1352
2b699c23 1353 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, unit, true, UNIT_DEPENDENCY_FILE);
06c0f569
MY		 1354 if (r < 0)
1355 return r;
1356 }
813c96c0
MY		 1357 } else if (IN_SET(c->std_output, EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1358 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) ||
1359 IN_SET(c->std_error, EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1360 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE)) {
1361
91dd5f7c 1362 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, true, UNIT_DEPENDENCY_FILE);
ce18c396
LP		 1363 if (r < 0)
1364 return r;
1365 }
1366
87f0e418
LP		 1367 return 0;
1368}
1369
04d232d8 1370const char* unit_description(Unit *u) {
87f0e418
LP		 1371 assert(u);
1372
ac155bb8
MS		 1373 if (u->description)
1374 return u->description;
87f0e418 1375
ac155bb8 1376 return strna(u->id);
87f0e418
LP		 1377}
1378
e6a16a82 1379const char* unit_status_string(Unit *u, char **ret_combined_buffer) {
2a8f53c6 1380 assert(u);
04d232d8 1381 assert(u->id);
2a8f53c6 1382
04d232d8
ZJS		 1383 /* Return u->id, u->description, or "{u->id} - {u->description}".
1384 * Versions with u->description are only used if it is set.
e6a16a82
ZJS		 1385 * The last option is used if configured and the caller provided the 'ret_combined_buffer'
1386 * pointer.
1387 *
1388 * Note that *ret_combined_buffer may be set to NULL. */
04d232d8
ZJS		 1389
1390 if (!u->description ||
1391 u->manager->status_unit_format == STATUS_UNIT_FORMAT_NAME ||
e6a16a82
ZJS		 1392 (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && !ret_combined_buffer) ||
1393 streq(u->description, u->id)) {
1394
1395 if (ret_combined_buffer)
1396 *ret_combined_buffer = NULL;
2a8f53c6 1397 return u->id;
e6a16a82 1398 }
2a8f53c6 1399
e6a16a82
ZJS		 1400 if (ret_combined_buffer) {
1401 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED) {
1402 *ret_combined_buffer = strjoin(u->id, " - ", u->description);
1403 if (*ret_combined_buffer)
1404 return *ret_combined_buffer;
1405 log_oom(); /* Fall back to ->description */
04d232d8 1406 } else
e6a16a82 1407 *ret_combined_buffer = NULL;
04d232d8
ZJS		 1408 }
1409
1410 return u->description;
2a8f53c6
ZJS		 1411}
1412
87f0e418 1413/* Common implementation for multiple backends */
c3620770 1414int unit_load_fragment_and_dropin(Unit *u, bool fragment_required) {
23a177ef
LP		 1415 int r;
1416
1417 assert(u);
23a177ef 1418
e48614c4 1419 /* Load a .{service,socket,...} file */
4ad49000
LP		 1420 r = unit_load_fragment(u);
1421 if (r < 0)
23a177ef
LP		 1422 return r;
1423
2ba0eacc
YW		 1424 if (u->load_state == UNIT_MASKED)
1425 return 0;
1426
c3620770
ZJS		 1427 if (u->load_state == UNIT_STUB) {
1428 if (fragment_required)
1429 return -ENOENT;
1430
1431 u->load_state = UNIT_LOADED;
1432 }
23a177ef 1433
740cd1e0
MY		 1434 u = unit_follow_merge(u);
1435
9e4ea9cc
ZJS		 1436 /* Load drop-in directory data. If u is an alias, we might be reloading the
1437 * target unit needlessly. But we cannot be sure which drops-ins have already
1438 * been loaded and which not, at least without doing complicated book-keeping,
1439 * so let's always reread all drop-ins. */
740cd1e0 1440 r = unit_load_dropin(u);
c9e06956
ZJS		 1441 if (r < 0)
1442 return r;
1443
1444 if (u->source_path) {
1445 struct stat st;
1446
1447 if (stat(u->source_path, &st) >= 0)
1448 u->source_mtime = timespec_load(&st.st_mtim);
1449 else
1450 u->source_mtime = 0;
1451 }
1452
1453 return 0;
23a177ef
LP		 1454}
1455
19496554 1456void unit_add_to_target_deps_queue(Unit *u) {
fbd747a4 1457 Manager *m = ASSERT_PTR(ASSERT_PTR(u)->manager);
c9958c4f 1458
19496554
MS		 1459 if (u->in_target_deps_queue)
1460 return;
1461
1462 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1463 u->in_target_deps_queue = true;
1464}
1465
bba34eed 1466int unit_add_default_target_dependency(Unit *u, Unit *target) {
98bc2000
LP		 1467 assert(u);
1468 assert(target);
1469
ac155bb8 1470 if (target->type != UNIT_TARGET)
98bc2000
LP		 1471 return 0;
1472
35b8ca3a 1473 /* Only add the dependency if both units are loaded, so that
bba34eed 1474 * that loop check below is reliable */
ac155bb8
MS		 1475 if (u->load_state != UNIT_LOADED ||
1476 target->load_state != UNIT_LOADED)
bba34eed
LP		 1477 return 0;
1478
21256a2b
LP		 1479 /* If either side wants no automatic dependencies, then let's
1480 * skip this */
ac155bb8
MS		 1481 if (!u->default_dependencies ||
1482 !target->default_dependencies)
21256a2b
LP		 1483 return 0;
1484
98bc2000 1485 /* Don't create loops */
15ed3c3a 1486 if (unit_has_dependency(target, UNIT_ATOM_BEFORE, u))
98bc2000
LP		 1487 return 0;
1488
eef85c4a 1489 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
98bc2000
LP		 1490}
1491
e954c9cf 1492static int unit_add_slice_dependencies(Unit *u) {
12f64221 1493 Unit *slice;
3b23501a 1494
e954c9cf 1495 assert(u);
b81884e7 1496
35b7ff80 1497 if (!UNIT_HAS_CGROUP_CONTEXT(u))
e954c9cf
LP		 1498 return 0;
1499
eef85c4a
LP		 1500 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1501 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1502 relationship). */
f6173cb9 1503 UnitDependencyMask mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
eef85c4a 1504
12f64221 1505 slice = UNIT_GET_SLICE(u);
3b23501a
MY		 1506 if (slice) {
1507 if (!IN_SET(slice->freezer_state, FREEZER_RUNNING, FREEZER_THAWING))
1508 u->freezer_state = FREEZER_FROZEN_BY_PARENT;
1509
12f64221 1510 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, slice, true, mask);
3b23501a 1511 }
e954c9cf 1512
8c8da0e0 1513 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
d1fab3fe
ZJS		 1514 return 0;
1515
5a724170 1516 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, true, mask);
98bc2000
LP		 1517}
1518
e954c9cf 1519static int unit_add_mount_dependencies(Unit *u) {
a8c5a4c6 1520 bool changed = false;
9588bc32
LP		 1521 int r;
1522
1523 assert(u);
1524
9e615fa3
LB		 1525 for (UnitMountDependencyType t = 0; t < _UNIT_MOUNT_DEPENDENCY_TYPE_MAX; ++t) {
1526 UnitDependencyInfo di;
1527 const char *path;
9588bc32 1528
9e615fa3 1529 HASHMAP_FOREACH_KEY(di.data, path, u->mounts_for[t]) {
9588bc32 1530
9e615fa3 1531 char prefix[strlen(ASSERT_PTR(path)) + 1];
c7c89abb 1532
9e615fa3
LB		 1533 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1534 _cleanup_free_ char *p = NULL;
1535 Unit *m;
9588bc32 1536
9e615fa3
LB		 1537 r = unit_name_from_path(prefix, ".mount", &p);
1538 if (r == -EINVAL)
1539 continue; /* If the path cannot be converted to a mount unit name,
1540 * then it's not manageable as a unit by systemd, and
1541 * hence we don't need a dependency on it. Let's thus
1542 * silently ignore the issue. */
1543 if (r < 0)
1544 return r;
9588bc32 1545
9e615fa3
LB		 1546 m = manager_get_unit(u->manager, p);
1547 if (!m) {
1548 /* Make sure to load the mount unit if it exists. If so the
1549 * dependencies on this unit will be added later during the loading
1550 * of the mount unit. */
1551 (void) manager_load_unit_prepare(
1552 u->manager,
1553 p,
1554 /* path= */NULL,
1555 /* e= */NULL,
1556 &m);
1557 continue;
1558 }
1559 if (m == u)
1560 continue;
1561
1562 if (m->load_state != UNIT_LOADED)
1563 continue;
9588bc32 1564
9e615fa3
LB		 1565 r = unit_add_dependency(
1566 u,
1567 UNIT_AFTER,
1568 m,
1569 /* add_reference= */ true,
1570 di.origin_mask);
9588bc32
LP		 1571 if (r < 0)
1572 return r;
a8c5a4c6 1573 changed = changed || r > 0;
9e615fa3
LB		 1574
1575 if (m->fragment_path) {
1576 r = unit_add_dependency(
1577 u,
1578 unit_mount_dependency_type_to_dependency_type(t),
1579 m,
1580 /* add_reference= */ true,
1581 di.origin_mask);
1582 if (r < 0)
1583 return r;
1584 changed = changed || r > 0;
1585 }
9588bc32
LP		 1586 }
1587 }
1588 }
1589
a8c5a4c6 1590 return changed;
9588bc32
LP		 1591}
1592
a2db0225
AZ		 1593static int unit_add_oomd_dependencies(Unit *u) {
1594 CGroupContext *c;
2a4efebb
ZJS		 1595 CGroupMask mask;
1596 int r;
a2db0225
AZ		 1597
1598 assert(u);
1599
1600 if (!u->default_dependencies)
1601 return 0;
1602
1603 c = unit_get_cgroup_context(u);
1604 if (!c)
1605 return 0;
1606
2a4efebb 1607 bool wants_oomd = c->moom_swap == MANAGED_OOM_KILL || c->moom_mem_pressure == MANAGED_OOM_KILL;
a2db0225
AZ		 1608 if (!wants_oomd)
1609 return 0;
1610
2a4efebb
ZJS		 1611 r = cg_mask_supported(&mask);
1612 if (r < 0)
1613 return log_debug_errno(r, "Failed to determine supported controllers: %m");
1614
1615 if (!FLAGS_SET(mask, CGROUP_MASK_MEMORY))
1616 return 0;
1617
a8c5a4c6 1618 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "systemd-oomd.service", true, UNIT_DEPENDENCY_FILE);
a2db0225
AZ		 1619}
1620
95ae05c0 1621static int unit_add_startup_units(Unit *u) {
9dfb6a3a 1622 if (!unit_has_startup_cgroup_constraints(u))
db785129
LP		 1623 return 0;
1624
de7fef4b 1625 return set_ensure_put(&u->manager->startup_units, NULL, u);
95ae05c0
WC		 1626}
1627
9faeb2d0
MY		 1628static const struct {
1629 UnitDependencyAtom atom;
1630 size_t job_mode_offset;
1631 const char *dependency_name;
1632 const char *job_mode_setting_name;
1633} on_termination_settings[] = {
1634 { UNIT_ATOM_ON_SUCCESS, offsetof(Unit, on_success_job_mode), "OnSuccess=", "OnSuccessJobMode=" },
1635 { UNIT_ATOM_ON_FAILURE, offsetof(Unit, on_failure_job_mode), "OnFailure=", "OnFailureJobMode=" },
1636};
294446dc 1637
9faeb2d0
MY		 1638static int unit_validate_on_termination_job_modes(Unit *u) {
1639 assert(u);
294446dc 1640
9faeb2d0 1641 /* Verify that if On{Success,Failure}JobMode=isolate, only one unit gets specified. */
294446dc 1642
9faeb2d0
MY		 1643 FOREACH_ELEMENT(setting, on_termination_settings) {
1644 JobMode job_mode = *(JobMode*) ((uint8_t*) u + setting->job_mode_offset);
1645
1646 if (job_mode != JOB_ISOLATE)
1647 continue;
1648
1649 Unit *other, *found = NULL;
1650 UNIT_FOREACH_DEPENDENCY(other, u, setting->atom) {
1651 if (!found)
1652 found = other;
1653 else if (found != other)
1654 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOEXEC),
1655 "More than one %s dependencies specified but %sisolate set. Refusing.",
1656 setting->dependency_name, setting->job_mode_setting_name);
1657 }
294446dc
LP		 1658 }
1659
1660 return 0;
1661}
1662
87f0e418
LP		 1663int unit_load(Unit *u) {
1664 int r;
1665
1666 assert(u);
1667
ac155bb8 1668 if (u->in_load_queue) {
71fda00f 1669 LIST_REMOVE(load_queue, u->manager->load_queue, u);
ac155bb8 1670 u->in_load_queue = false;
87f0e418
LP		 1671 }
1672
ac155bb8 1673 if (u->type == _UNIT_TYPE_INVALID)
e537352b
LP		 1674 return -EINVAL;
1675
ac155bb8 1676 if (u->load_state != UNIT_STUB)
87f0e418
LP		 1677 return 0;
1678
4f4afc88 1679 if (u->transient_file) {
66fa4bdd
LP		 1680 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1681 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1682
4f4afc88
LP		 1683 r = fflush_and_check(u->transient_file);
1684 if (r < 0)
1685 goto fail;
1686
50fb00b7 1687 u->transient_file = safe_fclose(u->transient_file);
f76707da 1688 u->fragment_mtime = now(CLOCK_REALTIME);
4f4afc88
LP		 1689 }
1690
c3784a7d
ZJS		 1691 r = UNIT_VTABLE(u)->load(u);
1692 if (r < 0)
23a177ef 1693 goto fail;
c3784a7d
ZJS		 1694
1695 assert(u->load_state != UNIT_STUB);
23a177ef 1696
7c8fa05c 1697 if (u->load_state == UNIT_LOADED) {
19496554 1698 unit_add_to_target_deps_queue(u);
e954c9cf
LP		 1699
1700 r = unit_add_slice_dependencies(u);
1701 if (r < 0)
1702 goto fail;
c2756a68 1703
e954c9cf 1704 r = unit_add_mount_dependencies(u);
7c8fa05c 1705 if (r < 0)
c2756a68 1706 goto fail;
7c8fa05c 1707
a2db0225
AZ		 1708 r = unit_add_oomd_dependencies(u);
1709 if (r < 0)
1710 goto fail;
1711
95ae05c0
WC		 1712 r = unit_add_startup_units(u);
1713 if (r < 0)
1714 goto fail;
1715
9faeb2d0 1716 r = unit_validate_on_termination_job_modes(u);
294446dc
LP		 1717 if (r < 0)
1718 goto fail;
bc432dc7 1719
a2df3ea4
MK		 1720 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1721 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1722
5af88058
LP		 1723 /* We finished loading, let's ensure our parents recalculate the members mask */
1724 unit_invalidate_cgroup_members_masks(u);
f68319bb
LP		 1725 }
1726
ac155bb8 1727 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
23a177ef
LP		 1728
1729 unit_add_to_dbus_queue(unit_follow_merge(u));
701cc384 1730 unit_add_to_gc_queue(u);
f561e8c6 1731 (void) manager_varlink_send_managed_oom_update(u);
87f0e418 1732
87f0e418
LP		 1733 return 0;
1734
1735fail:
81be2388
ZJS		 1736 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code
1737 * should hence return ENOEXEC to ensure units are placed in this state after loading. */
c4555ad8
LP		 1738
1739 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1740 r == -ENOEXEC ? UNIT_BAD_SETTING :
1741 UNIT_ERROR;
ac155bb8 1742 u->load_error = r;
c4555ad8 1743
c149d2b4
ZJS		 1744 /* Record the timestamp on the cache, so that if the cache gets updated between now and the next time
1745 * an attempt is made to load this unit, we know we need to check again. */
7233e91a 1746 if (u->load_state == UNIT_NOT_FOUND)
c2911d48 1747 u->fragment_not_found_timestamp_hash = u->manager->unit_cache_timestamp_hash;
7233e91a 1748
c1e1601e 1749 unit_add_to_dbus_queue(u);
9a46fc3b 1750 unit_add_to_gc_queue(u);
23a177ef 1751
c4555ad8 1752 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
87f0e418
LP		 1753}
1754
f9f88198
YW		 1755_printf_(7, 8)
1756static int log_unit_internal(void *userdata, int level, int error, const char *file, int line, const char *func, const char *format, ...) {
1757 Unit *u = userdata;
1758 va_list ap;
1759 int r;
49365733 1760
c2503e35
RH		 1761 if (u && !unit_log_level_test(u, level))
1762 return -ERRNO_VALUE(error);
1763
f9f88198
YW		 1764 va_start(ap, format);
1765 if (u)
1766 r = log_object_internalv(level, error, file, line, func,
64fd6ba9 1767 unit_log_field(u),
f9f88198 1768 u->id,
64fd6ba9 1769 unit_invocation_log_field(u),
f9f88198
YW		 1770 u->invocation_id_string,
1771 format, ap);
1772 else
1773 r = log_internalv(level, error, file, line, func, format, ap);
1774 va_end(ap);
49365733 1775
f9f88198 1776 return r;
49365733
LP		 1777}
1778
97a3f4ee 1779static bool unit_test_condition(Unit *u) {
a0b191b7
LP		 1780 _cleanup_strv_free_ char **env = NULL;
1781 int r;
1782
90bbc946
LP		 1783 assert(u);
1784
fa5a0251 1785 dual_timestamp_now(&u->condition_timestamp);
90bbc946 1786
a0b191b7
LP		 1787 r = manager_get_effective_environment(u->manager, &env);
1788 if (r < 0) {
1789 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
d52cc0a5 1790 u->condition_result = true;
a0b191b7
LP		 1791 } else
1792 u->condition_result = condition_test_list(
1793 u->conditions,
1794 env,
1795 condition_type_to_string,
1796 log_unit_internal,
1797 u);
e18f8852 1798
a0b191b7 1799 unit_add_to_dbus_queue(u);
ac155bb8 1800 return u->condition_result;
90bbc946
LP		 1801}
1802
97a3f4ee 1803static bool unit_test_assert(Unit *u) {
a0b191b7
LP		 1804 _cleanup_strv_free_ char **env = NULL;
1805 int r;
1806
59fccdc5
LP		 1807 assert(u);
1808
fa5a0251 1809 dual_timestamp_now(&u->assert_timestamp);
59fccdc5 1810
a0b191b7
LP		 1811 r = manager_get_effective_environment(u->manager, &env);
1812 if (r < 0) {
1813 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1814 u->assert_result = CONDITION_ERROR;
1815 } else
1816 u->assert_result = condition_test_list(
1817 u->asserts,
1818 env,
1819 assert_type_to_string,
1820 log_unit_internal,
1821 u);
e18f8852 1822
a0b191b7 1823 unit_add_to_dbus_queue(u);
59fccdc5
LP		 1824 return u->assert_result;
1825}
1826
8e9b722b
LP		 1827void unit_status_printf(
1828 Unit *u,
1829 StatusType status_type,
1830 const char *status,
1831 const char *format,
1832 const char *ident) {
1833
1834 assert(u);
1835
04d232d8
ZJS		 1836 if (log_get_show_color()) {
1837 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && strchr(ident, ' '))
1838 ident = strjoina(ANSI_HIGHLIGHT, u->id, ANSI_NORMAL, " - ", u->description);
1839 else
1840 ident = strjoina(ANSI_HIGHLIGHT, ident, ANSI_NORMAL);
1841 }
5b262f74 1842
df446f96 1843 DISABLE_WARNING_FORMAT_NONLITERAL;
04d232d8 1844 manager_status_printf(u->manager, status_type, status, format, ident);
df446f96
LP		 1845 REENABLE_WARNING;
1846}
1847
97a3f4ee 1848int unit_test_start_limit(Unit *u) {
429926e9
TR		 1849 const char *reason;
1850
6bf0f408
LP		 1851 assert(u);
1852
7bf081a1 1853 if (ratelimit_below(&u->start_ratelimit)) {
6bf0f408
LP		 1854 u->start_limit_hit = false;
1855 return 0;
1856 }
1857
1858 log_unit_warning(u, "Start request repeated too quickly.");
1859 u->start_limit_hit = true;
1860
429926e9
TR		 1861 reason = strjoina("unit ", u->id, " failed");
1862
96a0cfbf
LP		 1863 emergency_action(
1864 u->manager,
1865 u->start_limit_action,
1866 EMERGENCY_ACTION_IS_WATCHDOG|EMERGENCY_ACTION_WARN|EMERGENCY_ACTION_SLEEP_5S,
1867 u->reboot_arg,
1868 /* exit_status= */ -1,
1869 reason);
36c4dc08
LP		 1870
1871 return -ECANCELED;
6bf0f408
LP		 1872}
1873
631b676b
LP		 1874static bool unit_verify_deps(Unit *u) {
1875 Unit *other;
631b676b
LP		 1876
1877 assert(u);
1878
defe63b0
LP		 1879 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined
1880 * with After=. We do not check Requires= or Requisite= here as they only should have an effect on
1881 * the job processing, but do not have any effect afterwards. We don't check BindsTo= dependencies
1882 * that are not used in conjunction with After= as for them any such check would make things entirely
1883 * racy. */
631b676b 1884
15ed3c3a 1885 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
631b676b 1886
15ed3c3a 1887 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other))
631b676b
LP		 1888 continue;
1889
1890 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1891 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1892 return false;
1893 }
1894 }
1895
1896 return true;
1897}
1898
9adb6959 1899/* Errors that aren't really errors:
9ca16f6f
LP		 1900 * -EALREADY: Unit is already started.
1901 * -ECOMM: Condition failed
1902 * -EAGAIN: An operation is already in progress. Retry later.
9adb6959
LP		 1903 *
1904 * Errors that are real errors:
9ca16f6f
LP		 1905 * -EBADR: This unit type does not support starting.
1906 * -ECANCELED: Start limit hit, too many requests for now
1907 * -EPROTO: Assert failed
1908 * -EINVAL: Unit not loaded
1909 * -EOPNOTSUPP: Unit type not supported
1910 * -ENOLINK: The necessary dependencies are not fulfilled.
1911 * -ESTALE: This unit has been started before and can't be started a second time
1912 * -EDEADLK: This unit is frozen
1913 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
1914 * -ETOOMANYREFS: The hard concurrency limit of at least one of the slices the unit is contained in has been reached
87f0e418 1915 */
48b92b37 1916int unit_start(Unit *u, ActivationDetails *details) {
87f0e418 1917 UnitActiveState state;
92ab323c 1918 Unit *following;
5f37c1a9 1919 int r;
87f0e418
LP		 1920
1921 assert(u);
1922
47261967
LP		 1923 /* Let's hold off running start jobs for mount units when /proc/self/mountinfo monitor is ratelimited. */
1924 if (UNIT_VTABLE(u)->subsystem_ratelimited) {
1925 r = UNIT_VTABLE(u)->subsystem_ratelimited(u->manager);
1926 if (r < 0)
1927 return r;
1928 if (r > 0)
1929 return -EAGAIN;
1930 }
b161bc39 1931
5766aca8
LP		 1932 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1933 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1934 * waiting is finished. */
87f0e418
LP		 1935 state = unit_active_state(u);
1936 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1937 return -EALREADY;
8eefd0f4 1938 if (IN_SET(state, UNIT_DEACTIVATING, UNIT_MAINTENANCE))
380dc8b0 1939 return -EAGAIN;
87f0e418 1940
6bf0f408
LP		 1941 /* Units that aren't loaded cannot be started */
1942 if (u->load_state != UNIT_LOADED)
1943 return -EINVAL;
1944
d4fd1cf2
LP		 1945 /* Refuse starting scope units more than once */
1946 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1947 return -ESTALE;
1948
4e1ac54e 1949 /* If the conditions were unmet, don't do anything at all. If we already are activating this call might
5766aca8
LP		 1950 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1951 * recheck the condition in that case. */
a82e5507 1952 if (state != UNIT_ACTIVATING &&
5af6aa58 1953 !unit_test_condition(u))
4e1ac54e 1954 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(ECOMM), "Starting requested but condition not met. Not starting unit.");
52661efd 1955
59fccdc5
LP		 1956 /* If the asserts failed, fail the entire job */
1957 if (state != UNIT_ACTIVATING &&
5766aca8
LP		 1958 !unit_test_assert(u))
1959 return log_unit_notice_errno(u, SYNTHETIC_ERRNO(EPROTO), "Starting requested but asserts failed.");
59fccdc5 1960
5766aca8
LP		 1961 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1962 * condition checks, so that we rather return condition check errors (which are usually not
1963 * considered a true failure) than "not supported" errors (which are considered a failure).
d11a7645 1964 */
96cf3ec9 1965 if (!unit_type_supported(u->type))
d11a7645
LP		 1966 return -EOPNOTSUPP;
1967
5766aca8
LP		 1968 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1969 * should have taken care of this already, but let's check this here again. After all, our
413e8650 1970 * dependencies might not be in effect anymore, due to a reload or due to an unmet condition. */
631b676b
LP		 1971 if (!unit_verify_deps(u))
1972 return -ENOLINK;
1973
92ab323c 1974 /* Forward to the main object, if we aren't it. */
52990c2e
ZJS		 1975 following = unit_following(u);
1976 if (following) {
f2341e0a 1977 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
48b92b37 1978 return unit_start(following, details);
92ab323c
LP		 1979 }
1980
4cb2e6af
AV		 1981 /* Check to make sure the unit isn't frozen */
1982 if (u->freezer_state != FREEZER_RUNNING)
1983 return -EDEADLK;
1984
8eefd0f4
YW		 1985 /* Check our ability to start early so that ratelimited or already starting/started units don't
1986 * cause us to enter a busy loop. */
1987 if (UNIT_VTABLE(u)->test_startable) {
1988 r = UNIT_VTABLE(u)->test_startable(u);
1989 if (r <= 0)
ce2146f5
DDM		 1990 return r;
1991 }
1992
92ab323c
LP		 1993 /* If it is stopped, but we cannot start it, then fail */
1994 if (!UNIT_VTABLE(u)->start)
1995 return -EBADR;
1996
9ca16f6f
LP		 1997 if (UNIT_IS_INACTIVE_OR_FAILED(state)) {
1998 Slice *slice = SLICE(UNIT_GET_SLICE(u));
1999
2000 if (slice) {
2001 /* Check hard concurrency limit. Note this is partially redundant, we already checked
2002 * this when enqueuing jobs. However, between the time when we enqueued this and the
2003 * time we are dispatching the queue the configuration might have changed, hence
2004 * check here again */
2005 if (slice_concurrency_hard_max_reached(slice, u))
2006 return -ETOOMANYREFS;
2007
2008 /* Also check soft concurrenty limit, and return EAGAIN so that the job is kept in
2009 * the queue */
2010 if (slice_concurrency_soft_max_reached(slice, u))
2011 return -EAGAIN; /* Try again, keep in queue */
2012 }
2013 }
2014
5766aca8
LP		 2015 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
2016 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
2017 * waits for a holdoff timer to elapse before it will start again. */
87f0e418 2018
c1e1601e 2019 unit_add_to_dbus_queue(u);
9e58ff9c 2020
48b92b37
LB		 2021 if (!u->activation_details) /* Older details object wins */
2022 u->activation_details = activation_details_ref(details);
2023
d1a34ae9 2024 return UNIT_VTABLE(u)->start(u);
87f0e418
LP		 2025}
2026
2027bool unit_can_start(Unit *u) {
2028 assert(u);
2029
8ff4d2ab
LP		 2030 if (u->load_state != UNIT_LOADED)
2031 return false;
2032
96cf3ec9 2033 if (!unit_type_supported(u->type))
8ff4d2ab
LP		 2034 return false;
2035
d4fd1cf2
LP		 2036 /* Scope units may be started only once */
2037 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
2038 return false;
2039
87f0e418
LP		 2040 return !!UNIT_VTABLE(u)->start;
2041}
2042
2528a7a6
LP		 2043bool unit_can_isolate(Unit *u) {
2044 assert(u);
2045
2046 return unit_can_start(u) &&
ac155bb8 2047 u->allow_isolate;
2528a7a6
LP		 2048}
2049
87f0e418
LP		 2050/* Errors:
2051 * -EBADR: This unit type does not support stopping.
2052 * -EALREADY: Unit is already stopped.
2053 * -EAGAIN: An operation is already in progress. Retry later.
4cb2e6af 2054 * -EDEADLK: Unit is frozen
87f0e418
LP		 2055 */
2056int unit_stop(Unit *u) {
2057 UnitActiveState state;
92ab323c 2058 Unit *following;
87f0e418
LP		 2059
2060 assert(u);
2061
87f0e418 2062 state = unit_active_state(u);
fdf20a31 2063 if (UNIT_IS_INACTIVE_OR_FAILED(state))
87f0e418
LP		 2064 return -EALREADY;
2065
0faacd47
LP		 2066 following = unit_following(u);
2067 if (following) {
f2341e0a 2068 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
92ab323c
LP		 2069 return unit_stop(following);
2070 }
2071
4cb2e6af
AV		 2072 /* Check to make sure the unit isn't frozen */
2073 if (u->freezer_state != FREEZER_RUNNING)
2074 return -EDEADLK;
2075
7898b0cf
LP		 2076 if (!UNIT_VTABLE(u)->stop)
2077 return -EBADR;
2078
c1e1601e 2079 unit_add_to_dbus_queue(u);
9e58ff9c 2080
d1a34ae9 2081 return UNIT_VTABLE(u)->stop(u);
87f0e418
LP		 2082}
2083
f5869324
LP		 2084bool unit_can_stop(Unit *u) {
2085 assert(u);
2086
39c79477
ZJS		 2087 /* Note: if we return true here, it does not mean that the unit may be successfully stopped.
2088 * Extrinsic units follow external state and they may stop following external state changes
2089 * (hence we return true here), but an attempt to do this through the manager will fail. */
2090
96cf3ec9 2091 if (!unit_type_supported(u->type))
f5869324
LP		 2092 return false;
2093
2094 if (u->perpetual)
2095 return false;
2096
2097 return !!UNIT_VTABLE(u)->stop;
2098}
2099
87f0e418
LP		 2100/* Errors:
2101 * -EBADR: This unit type does not support reloading.
2102 * -ENOEXEC: Unit is not started.
2103 * -EAGAIN: An operation is already in progress. Retry later.
4cb2e6af 2104 * -EDEADLK: Unit is frozen.
87f0e418
LP		 2105 */
2106int unit_reload(Unit *u) {
2107 UnitActiveState state;
92ab323c 2108 Unit *following;
87f0e418
LP		 2109
2110 assert(u);
2111
ac155bb8 2112 if (u->load_state != UNIT_LOADED)
6124958c
LP		 2113 return -EINVAL;
2114
87f0e418
LP		 2115 if (!unit_can_reload(u))
2116 return -EBADR;
2117
2118 state = unit_active_state(u);
b8fa2305
MY		 2119 if (IN_SET(state, UNIT_RELOADING, UNIT_REFRESHING))
2120 /* "refreshing" means some resources in the unit namespace is being updated. Unlike reload,
2121 * the unit processes aren't made aware of refresh. Let's put the job back to queue
2122 * in both cases, as refresh typically takes place before reload and it's better to wait
2123 * for it rather than failing. */
6255af75 2124 return -EAGAIN;
87f0e418 2125
d85ff944
YW		 2126 if (state != UNIT_ACTIVE)
2127 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "Unit cannot be reloaded because it is inactive.");
87f0e418 2128
e48614c4
ZJS		 2129 following = unit_following(u);
2130 if (following) {
f2341e0a 2131 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
92ab323c
LP		 2132 return unit_reload(following);
2133 }
2134
4cb2e6af
AV		 2135 /* Check to make sure the unit isn't frozen */
2136 if (u->freezer_state != FREEZER_RUNNING)
2137 return -EDEADLK;
2138
c1e1601e 2139 unit_add_to_dbus_queue(u);
82a2b6bb 2140
f54bcca5
JR		 2141 if (!UNIT_VTABLE(u)->reload) {
2142 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
96b09de5 2143 unit_notify(u, unit_active_state(u), unit_active_state(u), /* reload_success = */ true);
f54bcca5
JR		 2144 return 0;
2145 }
2146
d1a34ae9 2147 return UNIT_VTABLE(u)->reload(u);
87f0e418
LP		 2148}
2149
2150bool unit_can_reload(Unit *u) {
2151 assert(u);
2152
f54bcca5
JR		 2153 if (UNIT_VTABLE(u)->can_reload)
2154 return UNIT_VTABLE(u)->can_reload(u);
87f0e418 2155
15ed3c3a 2156 if (unit_has_dependency(u, UNIT_ATOM_PROPAGATES_RELOAD_TO, NULL))
87f0e418
LP		 2157 return true;
2158
f54bcca5 2159 return UNIT_VTABLE(u)->reload;
87f0e418
LP		 2160}
2161
a3c1168a 2162bool unit_is_unneeded(Unit *u) {
15ed3c3a 2163 Unit *other;
f3bff0eb
LP		 2164 assert(u);
2165
ac155bb8 2166 if (!u->stop_when_unneeded)
a3c1168a 2167 return false;
f3bff0eb 2168
a3c1168a 2169 /* Don't clean up while the unit is transitioning or is even inactive. */
116654d2 2170 if (unit_active_state(u) != UNIT_ACTIVE)
a3c1168a
LP		 2171 return false;
2172 if (u->job)
2173 return false;
f3bff0eb 2174
15ed3c3a 2175 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_PINS_STOP_WHEN_UNNEEDED) {
fda09318 2176 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
a3c1168a 2177 * restart, then don't clean this one up. */
b81884e7 2178
15ed3c3a
LP		 2179 if (other->job)
2180 return false;
a3c1168a 2181
15ed3c3a
LP		 2182 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2183 return false;
a3c1168a 2184
15ed3c3a
LP		 2185 if (unit_will_restart(other))
2186 return false;
bea355da
LP		 2187 }
2188
a3c1168a
LP		 2189 return true;
2190}
f3bff0eb 2191
0bc488c9
LP		 2192bool unit_is_upheld_by_active(Unit *u, Unit **ret_culprit) {
2193 Unit *other;
2194
2195 assert(u);
2196
2197 /* Checks if the unit needs to be started because it currently is not running, but some other unit
2198 * that is active declared an Uphold= dependencies on it */
2199
2200 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)) || u->job) {
2201 if (ret_culprit)
2202 *ret_culprit = NULL;
2203 return false;
2204 }
2205
2206 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_START_STEADILY) {
2207 if (other->job)
2208 continue;
2209
2210 if (UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
2211 if (ret_culprit)
2212 *ret_culprit = other;
2213 return true;
2214 }
2215 }
2216
2217 if (ret_culprit)
2218 *ret_culprit = NULL;
2219 return false;
2220}
2221
56c59592
LP		 2222bool unit_is_bound_by_inactive(Unit *u, Unit **ret_culprit) {
2223 Unit *other;
2224
2225 assert(u);
2226
2227 /* Checks whether this unit is bound to another unit that is inactive, i.e. whether we should stop
7802194a 2228 * because the other unit is down. */
56c59592
LP		 2229
2230 if (unit_active_state(u) != UNIT_ACTIVE || u->job) {
2231 /* Don't clean up while the unit is transitioning or is even inactive. */
2232 if (ret_culprit)
2233 *ret_culprit = NULL;
2234 return false;
2235 }
2236
2237 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
2238 if (other->job)
2239 continue;
2240
2241 if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other))) {
3da36106 2242 if (ret_culprit)
56c59592
LP		 2243 *ret_culprit = other;
2244
2245 return true;
2246 }
2247 }
2248
2249 if (ret_culprit)
2250 *ret_culprit = NULL;
2251 return false;
2252}
2253
a3c1168a 2254static void check_unneeded_dependencies(Unit *u) {
15ed3c3a 2255 Unit *other;
a3c1168a
LP		 2256 assert(u);
2257
2258 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2259
15ed3c3a
LP		 2260 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_STOP_WHEN_UNNEEDED_QUEUE)
2261 unit_submit_to_stop_when_unneeded_queue(other);
f3bff0eb
LP		 2262}
2263
0bc488c9
LP		 2264static void check_uphold_dependencies(Unit *u) {
2265 Unit *other;
2266 assert(u);
2267
2268 /* Add all units this unit depends on to the queue that processes Uphold= behaviour. */
2269
2270 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_START_WHEN_UPHELD_QUEUE)
2271 unit_submit_to_start_when_upheld_queue(other);
2272}
2273
56c59592 2274static void check_bound_by_dependencies(Unit *u) {
ff502445 2275 Unit *other;
ff502445
LP		 2276 assert(u);
2277
56c59592 2278 /* Add all units this unit depends on to the queue that processes BindsTo= stop behaviour. */
ff502445 2279
56c59592
LP		 2280 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_CANNOT_BE_ACTIVE_WITHOUT_QUEUE)
2281 unit_submit_to_stop_when_bound_queue(other);
ff502445
LP		 2282}
2283
87f0e418 2284static void retroactively_start_dependencies(Unit *u) {
87f0e418
LP		 2285 Unit *other;
2286
2287 assert(u);
2288 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2289
64fc4917 2290 UNIT_FOREACH_DEPENDENCY_SAFE(other, u, UNIT_ATOM_RETROACTIVE_START_REPLACE) /* Requires= + BindsTo= */
15ed3c3a 2291 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
b81884e7 2292 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
27217200 2293 (void) manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, /* reterr_error = */ NULL, /* ret = */ NULL);
b81884e7 2294
64fc4917 2295 UNIT_FOREACH_DEPENDENCY_SAFE(other, u, UNIT_ATOM_RETROACTIVE_START_FAIL) /* Wants= */
15ed3c3a 2296 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
b81884e7 2297 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
27217200 2298 (void) manager_add_job(u->manager, JOB_START, other, JOB_FAIL, /* reterr_error = */ NULL, /* ret = */ NULL);
87f0e418 2299
64fc4917 2300 UNIT_FOREACH_DEPENDENCY_SAFE(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_START) /* Conflicts= (and inverse) */
b81884e7 2301 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
27217200 2302 (void) manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, /* reterr_error = */ NULL, /* ret = */ NULL);
87f0e418
LP		 2303}
2304
2305static void retroactively_stop_dependencies(Unit *u) {
87f0e418
LP		 2306 Unit *other;
2307
2308 assert(u);
2309 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2310
b81884e7 2311 /* Pull down units which are bound to us recursively if enabled */
64fc4917 2312 UNIT_FOREACH_DEPENDENCY_SAFE(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_STOP) /* BoundBy= */
b81884e7 2313 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
27217200 2314 (void) manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, /* reterr_error = */ NULL, /* ret = */ NULL);
cd0504d0
MS		 2315}
2316
9faeb2d0
MY		 2317void unit_start_on_termination_deps(Unit *u, UnitDependencyAtom atom) {
2318 const char *dependency_name = NULL;
2319 JobMode job_mode;
2320 unsigned n_jobs = 0;
7f66b026 2321 int r;
c0daa706 2322
9faeb2d0
MY		 2323 /* Act on OnFailure= and OnSuccess= dependencies */
2324
c0daa706 2325 assert(u);
9faeb2d0 2326 assert(u->manager);
294446dc
LP		 2327 assert(IN_SET(atom, UNIT_ATOM_ON_SUCCESS, UNIT_ATOM_ON_FAILURE));
2328
9faeb2d0
MY		 2329 FOREACH_ELEMENT(setting, on_termination_settings)
2330 if (atom == setting->atom) {
2331 job_mode = *(JobMode*) ((uint8_t*) u + setting->job_mode_offset);
2332 dependency_name = setting->dependency_name;
2333 break;
2334 }
2335
2336 assert(dependency_name);
c0daa706 2337
9faeb2d0 2338 Unit *other;
64fc4917 2339 UNIT_FOREACH_DEPENDENCY_SAFE(other, u, atom) {
7f66b026 2340 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
222ae6a8 2341
9faeb2d0 2342 if (n_jobs == 0)
294446dc 2343 log_unit_info(u, "Triggering %s dependencies.", dependency_name);
15ed3c3a 2344
d993ad6c 2345 r = manager_add_job(u->manager, JOB_START, other, job_mode, &error, /* ret = */ NULL);
c1b6628d 2346 if (r < 0)
9faeb2d0
MY		 2347 log_unit_warning_errno(u, r, "Failed to enqueue %s%s job, ignoring: %s",
2348 dependency_name, other->id, bus_error_message(&error, r));
b3a9d980 2349 n_jobs++;
222ae6a8 2350 }
294446dc 2351
9faeb2d0
MY		 2352 if (n_jobs > 0)
2353 log_unit_debug(u, "Triggering %s dependencies done (%u %s).",
82acee14 2354 dependency_name, n_jobs, n_jobs == 1 ? "job" : "jobs");
c0daa706
LP		 2355}
2356
3ecaa09b
LP		 2357void unit_trigger_notify(Unit *u) {
2358 Unit *other;
3ecaa09b
LP		 2359
2360 assert(u);
2361
64fc4917 2362 UNIT_FOREACH_DEPENDENCY_SAFE(other, u, UNIT_ATOM_TRIGGERED_BY)
3ecaa09b
LP		 2363 if (UNIT_VTABLE(other)->trigger_notify)
2364 UNIT_VTABLE(other)->trigger_notify(other, u);
2365}
2366
37109b85
ZJS		 2367static int raise_level(int log_level, bool condition_info, bool condition_notice) {
2368 if (condition_notice && log_level > LOG_NOTICE)
2369 return LOG_NOTICE;
2370 if (condition_info && log_level > LOG_INFO)
2371 return LOG_INFO;
2372 return log_level;
2373}
2374
915b1d01 2375static int unit_log_resources(Unit *u) {
3e5b96ee
MY		 2376
2377 static const struct {
2378 const char *journal_field;
2379 const char *message_suffix;
2380 } memory_fields[_CGROUP_MEMORY_ACCOUNTING_METRIC_CACHED_LAST + 1] = {
2381 [CGROUP_MEMORY_PEAK] = { "MEMORY_PEAK", "memory peak" },
2382 [CGROUP_MEMORY_SWAP_PEAK] = { "MEMORY_SWAP_PEAK", "memory swap peak" },
2383 }, ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2384 [CGROUP_IP_INGRESS_BYTES] = { "IP_METRIC_INGRESS_BYTES", "incoming IP traffic" },
2385 [CGROUP_IP_EGRESS_BYTES] = { "IP_METRIC_EGRESS_BYTES", "outgoing IP traffic" },
2386 [CGROUP_IP_INGRESS_PACKETS] = { "IP_METRIC_INGRESS_PACKETS", NULL },
2387 [CGROUP_IP_EGRESS_PACKETS] = { "IP_METRIC_EGRESS_PACKETS", NULL },
2388 }, io_fields[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
2389 [CGROUP_IO_READ_BYTES] = { "IO_METRIC_READ_BYTES", "read from disk" },
2390 [CGROUP_IO_WRITE_BYTES] = { "IO_METRIC_WRITE_BYTES", "written to disk" },
2391 [CGROUP_IO_READ_OPERATIONS] = { "IO_METRIC_READ_OPERATIONS", NULL },
2392 [CGROUP_IO_WRITE_OPERATIONS] = { "IO_METRIC_WRITE_OPERATIONS", NULL },
bc40a20e 2393 };
915b1d01 2394
3e5b96ee
MY		 2395 struct iovec *iovec = NULL;
2396 size_t n_iovec = 0;
2397 _cleanup_free_ char *message = NULL, *t = NULL;
2398 nsec_t cpu_nsec = NSEC_INFINITY;
2399 int log_level = LOG_DEBUG; /* May be raised if resources consumed over a threshold */
2400
915b1d01
LP		 2401 assert(u);
2402
3e5b96ee
MY		 2403 CLEANUP_ARRAY(iovec, n_iovec, iovec_array_free);
2404
2405 iovec = new(struct iovec, 1 + (_CGROUP_MEMORY_ACCOUNTING_METRIC_CACHED_LAST + 1) +
2406 _CGROUP_IP_ACCOUNTING_METRIC_MAX + _CGROUP_IO_ACCOUNTING_METRIC_MAX + 4);
2407 if (!iovec)
2408 return log_oom();
2409
915b1d01 2410 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
d03714e4 2411 * accounting was enabled for a unit. It does this in two ways: a friendly human-readable string with reduced
915b1d01
LP		 2412 * information and the complete data in structured fields. */
2413
3e5b96ee
MY		 2414 (void) unit_get_cpu_usage(u, &cpu_nsec);
2415 if (cpu_nsec != NSEC_INFINITY) {
915b1d01 2416 /* Format the CPU time for inclusion in the structured log message */
3e5b96ee
MY		 2417 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, cpu_nsec) < 0)
2418 return log_oom();
2419 iovec[n_iovec++] = IOVEC_MAKE_STRING(TAKE_PTR(t));
915b1d01
LP		 2420
2421 /* Format the CPU time for inclusion in the human language message string */
df6ccb04 2422 if (dual_timestamp_is_set(&u->inactive_exit_timestamp) &&
2423 dual_timestamp_is_set(&u->inactive_enter_timestamp)) {
2424 usec_t wall_clock_usec = usec_sub_unsigned(u->inactive_enter_timestamp.monotonic, u->inactive_exit_timestamp.monotonic);
2425 if (strextendf_with_separator(&message, ", ",
2426 "Consumed %s CPU time over %s wall clock time",
2427 FORMAT_TIMESPAN(cpu_nsec / NSEC_PER_USEC, USEC_PER_MSEC),
2428 FORMAT_TIMESPAN(wall_clock_usec, USEC_PER_MSEC)) < 0)
2429 return log_oom();
2430 } else {
2431 if (strextendf_with_separator(&message, ", ",
2432 "Consumed %s CPU time",
2433 FORMAT_TIMESPAN(cpu_nsec / NSEC_PER_USEC, USEC_PER_MSEC)) < 0)
2434 return log_oom();
2435 }
37109b85
ZJS		 2436
2437 log_level = raise_level(log_level,
3e5b96ee
MY		 2438 cpu_nsec > MENTIONWORTHY_CPU_NSEC,
2439 cpu_nsec > NOTICEWORTHY_CPU_NSEC);
915b1d01
LP		 2440 }
2441
3e5b96ee 2442 for (CGroupMemoryAccountingMetric metric = 0; metric <= _CGROUP_MEMORY_ACCOUNTING_METRIC_CACHED_LAST; metric++) {
245841a8 2443 uint64_t value = UINT64_MAX;
0531bded 2444
3e5b96ee
MY		 2445 assert(memory_fields[metric].journal_field);
2446 assert(memory_fields[metric].message_suffix);
b1b84bc5 2447
245841a8
MY		 2448 (void) unit_get_memory_accounting(u, metric, &value);
2449 if (value == UINT64_MAX)
3e5b96ee 2450 continue;
0531bded 2451
245841a8 2452 if (asprintf(&t, "%s=%" PRIu64, memory_fields[metric].journal_field, value) < 0)
3e5b96ee
MY		 2453 return log_oom();
2454 iovec[n_iovec++] = IOVEC_MAKE_STRING(TAKE_PTR(t));
aac3384e 2455
245841a8
MY		 2456 /* If value is 0, we don't log it in the MESSAGE= field. */
2457 if (value == 0)
2458 continue;
2459
3e5b96ee 2460 if (strextendf_with_separator(&message, ", ", "%s %s",
245841a8 2461 FORMAT_BYTES(value), memory_fields[metric].message_suffix) < 0)
3e5b96ee 2462 return log_oom();
b1b84bc5
MY		 2463
2464 log_level = raise_level(log_level,
245841a8
MY		 2465 value > MENTIONWORTHY_MEMORY_BYTES,
2466 value > NOTICEWORTHY_MEMORY_BYTES);
aac3384e
FS		 2467 }
2468
bc40a20e 2469 for (CGroupIOAccountingMetric k = 0; k < _CGROUP_IO_ACCOUNTING_METRIC_MAX; k++) {
bc40a20e
LP		 2470 uint64_t value = UINT64_MAX;
2471
3e5b96ee 2472 assert(io_fields[k].journal_field);
bc40a20e 2473
a0020ad8 2474 (void) unit_get_io_accounting(u, k, &value);
bc40a20e
LP		 2475 if (value == UINT64_MAX)
2476 continue;
2477
bc40a20e 2478 /* Format IO accounting data for inclusion in the structured log message */
3e5b96ee
MY		 2479 if (asprintf(&t, "%s=%" PRIu64, io_fields[k].journal_field, value) < 0)
2480 return log_oom();
2481 iovec[n_iovec++] = IOVEC_MAKE_STRING(TAKE_PTR(t));
bc40a20e 2482
245841a8
MY		 2483 /* If value is 0, we don't log it in the MESSAGE= field. */
2484 if (value == 0)
2485 continue;
2486
bc40a20e
LP		 2487 /* Format the IO accounting data for inclusion in the human language message string, but only
2488 * for the bytes counters (and not for the operations counters) */
3e5b96ee
MY		 2489 if (io_fields[k].message_suffix) {
2490 if (strextendf_with_separator(&message, ", ", "%s %s",
2491 FORMAT_BYTES(value), io_fields[k].message_suffix) < 0)
2492 return log_oom();
37109b85 2493
37109b85
ZJS		 2494 log_level = raise_level(log_level,
2495 value > MENTIONWORTHY_IO_BYTES,
2496 value > NOTICEWORTHY_IO_BYTES);
bc40a20e
LP		 2497 }
2498 }
2499
12375b95 2500 for (CGroupIPAccountingMetric m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
915b1d01
LP		 2501 uint64_t value = UINT64_MAX;
2502
3e5b96ee 2503 assert(ip_fields[m].journal_field);
915b1d01
LP		 2504
2505 (void) unit_get_ip_accounting(u, m, &value);
2506 if (value == UINT64_MAX)
2507 continue;
82044702 2508
915b1d01 2509 /* Format IP accounting data for inclusion in the structured log message */
3e5b96ee
MY		 2510 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m].journal_field, value) < 0)
2511 return log_oom();
2512 iovec[n_iovec++] = IOVEC_MAKE_STRING(TAKE_PTR(t));
2513
245841a8
MY		 2514 /* If value is 0, we don't log it in the MESSAGE= field. */
2515 if (value == 0)
2516 continue;
2517
3e5b96ee
MY		 2518 /* Format the IP accounting data for inclusion in the human language message string, but only
2519 * for the bytes counters (and not for the packets counters) */
2520 if (ip_fields[m].message_suffix) {
2521 if (strextendf_with_separator(&message, ", ", "%s %s",
2522 FORMAT_BYTES(value), ip_fields[m].message_suffix) < 0)
2523 return log_oom();
37109b85 2524
37109b85
ZJS		 2525 log_level = raise_level(log_level,
2526 value > MENTIONWORTHY_IP_BYTES,
2527 value > NOTICEWORTHY_IP_BYTES);
82044702 2528 }
915b1d01
LP		 2529 }
2530
3e5b96ee
MY		 2531 /* This check is here because it is the earliest point following all possible log_level assignments.
2532 * (If log_level is assigned anywhere after this point, move this check.) */
2533 if (!unit_log_level_test(u, log_level))
2534 return 0;
2535
915b1d01
LP		 2536 /* Is there any accounting data available at all? */
2537 if (n_iovec == 0) {
3e5b96ee
MY		 2538 assert(!message);
2539 return 0;
915b1d01
LP		 2540 }
2541
3e5b96ee
MY		 2542 t = strjoin("MESSAGE=", u->id, ": ", message ?: "Completed", ".");
2543 if (!t)
2544 return log_oom();
2545 iovec[n_iovec++] = IOVEC_MAKE_STRING(TAKE_PTR(t));
915b1d01 2546
3e5b96ee
MY		 2547 if (!set_iovec_string_field(iovec, &n_iovec, "MESSAGE_ID=", SD_MESSAGE_UNIT_RESOURCES_STR))
2548 return log_oom();
915b1d01 2549
64fd6ba9 2550 if (!set_iovec_string_field(iovec, &n_iovec, unit_log_field(u), u->id))
3e5b96ee 2551 return log_oom();
915b1d01 2552
64fd6ba9 2553 if (!set_iovec_string_field(iovec, &n_iovec, unit_invocation_log_field(u), u->invocation_id_string))
3e5b96ee 2554 return log_oom();
915b1d01 2555
3e5b96ee 2556 log_unit_struct_iovec(u, log_level, iovec, n_iovec);
915b1d01 2557
3e5b96ee 2558 return 0;
915b1d01
LP		 2559}
2560
adefcf28
LP		 2561static void unit_update_on_console(Unit *u) {
2562 bool b;
2563
2564 assert(u);
2565
2566 b = unit_needs_console(u);
2567 if (u->on_console == b)
2568 return;
2569
2570 u->on_console = b;
2571 if (b)
2572 manager_ref_console(u->manager);
2573 else
2574 manager_unref_console(u->manager);
adefcf28
LP		 2575}
2576
6eb65e7c
LP		 2577static void unit_emit_audit_start(Unit *u) {
2578 assert(u);
2579
d52b8493 2580 if (UNIT_VTABLE(u)->audit_start_message_type <= 0)
6eb65e7c
LP		 2581 return;
2582
2583 /* Write audit record if we have just finished starting up */
d52b8493 2584 manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_start_message_type, /* success= */ true);
6eb65e7c
LP		 2585 u->in_audit = true;
2586}
2587
2588static void unit_emit_audit_stop(Unit *u, UnitActiveState state) {
2589 assert(u);
2590
d52b8493 2591 if (UNIT_VTABLE(u)->audit_start_message_type <= 0)
6eb65e7c
LP		 2592 return;
2593
2594 if (u->in_audit) {
2595 /* Write audit record if we have just finished shutting down */
d52b8493 2596 manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_stop_message_type, /* success= */ state == UNIT_INACTIVE);
6eb65e7c
LP		 2597 u->in_audit = false;
2598 } else {
2599 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
d52b8493 2600 manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_start_message_type, /* success= */ state == UNIT_INACTIVE);
6eb65e7c
LP		 2601
2602 if (state == UNIT_INACTIVE)
d52b8493 2603 manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_stop_message_type, /* success= */ true);
6eb65e7c
LP		 2604 }
2605}
2606
96b09de5 2607static bool unit_process_job(Job *j, UnitActiveState ns, bool reload_success) {
16c74914
LP		 2608 bool unexpected = false;
2609
2610 assert(j);
7cb0030f 2611 assert(j->installed);
16c74914
LP		 2612
2613 if (j->state == JOB_WAITING)
16c74914
LP		 2614 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2615 * due to EAGAIN. */
2616 job_add_to_run_queue(j);
2617
2618 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2619 * hence needs to invalidate jobs. */
2620
2621 switch (j->type) {
2622
2623 case JOB_START:
2624 case JOB_VERIFY_ACTIVE:
2625
2626 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
aea6c4b5 2627 job_finish_and_invalidate(j, JOB_DONE, /* recursive = */ true, /* already = */ false);
16c74914
LP		 2628 else if (j->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2629 unexpected = true;
2630
aea6c4b5
MY		 2631 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2632 job_finish_and_invalidate(j, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, /* recursive = */ true, /* already = */ false);
16c74914
LP		 2633 }
2634
2635 break;
2636
2637 case JOB_RELOAD:
16c74914
LP		 2638
2639 if (j->state == JOB_RUNNING) {
2640 if (ns == UNIT_ACTIVE)
aea6c4b5 2641 job_finish_and_invalidate(j, reload_success ? JOB_DONE : JOB_FAILED, /* recursive = */ true, /* already = */ false);
5162829e 2642 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING, UNIT_REFRESHING)) {
16c74914 2643 unexpected = true;
aea6c4b5 2644 job_finish_and_invalidate(j, reload_success ? JOB_CANCELED : JOB_FAILED, /* recursive = */ true, /* already = */ false);
16c74914
LP		 2645 }
2646 }
2647
2648 break;
2649
2650 case JOB_STOP:
2651 case JOB_RESTART:
16c74914
LP		 2652
2653 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
aea6c4b5 2654 job_finish_and_invalidate(j, JOB_DONE, /* recursive = */ true, /* already = */ false);
16c74914
LP		 2655 else if (j->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2656 unexpected = true;
aea6c4b5 2657 job_finish_and_invalidate(j, JOB_FAILED, /* recursive = */ true, /* already = */ false);
16c74914
LP		 2658 }
2659
2660 break;
2661
2662 default:
04499a70 2663 assert_not_reached();
16c74914
LP		 2664 }
2665
2666 return unexpected;
2667}
2668
9ca16f6f
LP		 2669static void unit_recursive_add_to_run_queue(Unit *u) {
2670 assert(u);
2671
2672 if (u->job)
2673 job_add_to_run_queue(u->job);
2674
2675 Unit *child;
2676 UNIT_FOREACH_DEPENDENCY(child, u, UNIT_ATOM_SLICE_OF) {
2677
2678 if (!child->job)
2679 continue;
2680
2681 unit_recursive_add_to_run_queue(child);
2682 }
2683}
2684
2685static void unit_check_concurrency_limit(Unit *u) {
2686 assert(u);
2687
2688 Unit *slice = UNIT_GET_SLICE(u);
2689 if (!slice)
2690 return;
2691
2692 /* If a unit was stopped, maybe it has pending siblings (or children thereof) that can be started now */
2693
2694 if (SLICE(slice)->concurrency_soft_max != UINT_MAX) {
2695 Unit *sibling;
2696 UNIT_FOREACH_DEPENDENCY(sibling, slice, UNIT_ATOM_SLICE_OF) {
2697 if (sibling == u)
2698 continue;
2699
2700 unit_recursive_add_to_run_queue(sibling);
2701 }
2702 }
2703
2704 /* Also go up the tree. */
2705 unit_check_concurrency_limit(slice);
2706}
2707
96b09de5 2708void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_success) {
87f0e418
LP		 2709 assert(u);
2710 assert(os < _UNIT_ACTIVE_STATE_MAX);
2711 assert(ns < _UNIT_ACTIVE_STATE_MAX);
87f0e418 2712
8559b3b7
LP		 2713 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2714 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2715 * remounted this function will be called too! */
87f0e418 2716
f6f271f0 2717 Manager *m = ASSERT_PTR(u->manager);
546ac4f0 2718
3c4832ad
LP		 2719 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2720 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2721 unit_add_to_dbus_queue(u);
2722
b984151e
MY		 2723 /* Update systemd-oomd on the property/state change.
2724 *
2725 * Always send an update if the unit is going into an inactive state so systemd-oomd knows to
2726 * stop monitoring.
2727 * Also send an update whenever the unit goes active; this is to handle a case where an override file
2728 * sets one of the ManagedOOM*= properties to "kill", then later removes it. systemd-oomd needs to
2729 * know to stop monitoring when the unit changes from "kill" -> "auto" on daemon-reload, but we don't
2730 * have the information on the property. Thus, indiscriminately send an update. */
2731 if (os != ns && (UNIT_IS_INACTIVE_OR_FAILED(ns) || UNIT_IS_ACTIVE_OR_RELOADING(ns)))
2732 (void) manager_varlink_send_managed_oom_update(u);
e30bbc90 2733
f755e3b7 2734 /* Update timestamps for state changes */
2c289ea8 2735 if (!MANAGER_IS_RELOADING(m)) {
fa5a0251 2736 dual_timestamp_now(&u->state_change_timestamp);
173e3821 2737
bdbf9951 2738 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2739 u->inactive_exit_timestamp = u->state_change_timestamp;
bdbf9951 2740 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2741 u->inactive_enter_timestamp = u->state_change_timestamp;
bdbf9951
LP		 2742
2743 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2744 u->active_enter_timestamp = u->state_change_timestamp;
bdbf9951 2745 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2746 u->active_exit_timestamp = u->state_change_timestamp;
bdbf9951 2747 }
87f0e418 2748
865cc19a 2749 /* Keep track of failed units */
8724defe 2750 (void) manager_update_failed_units(m, u, ns == UNIT_FAILED);
f755e3b7 2751
d3070fbd
LP		 2752 /* Make sure the cgroup and state files are always removed when we become inactive */
2753 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
ff68472a
ZJS		 2754 SET_FLAG(u->markers,
2755 (1u << UNIT_MARKER_NEEDS_RELOAD)|(1u << UNIT_MARKER_NEEDS_RESTART),
2756 false);
efdb0237 2757 unit_prune_cgroup(u);
d3070fbd 2758 unit_unlink_state_files(u);
ff68472a
ZJS		 2759 } else if (ns != os && ns == UNIT_RELOADING)
2760 SET_FLAG(u->markers, 1u << UNIT_MARKER_NEEDS_RELOAD, false);
fb385181 2761
adefcf28 2762 unit_update_on_console(u);
7ed9f6cd 2763
2c289ea8 2764 if (!MANAGER_IS_RELOADING(m)) {
a1c7334b
LP		 2765 bool unexpected;
2766
2767 /* Let's propagate state changes to the job */
2768 if (u->job)
96b09de5 2769 unexpected = unit_process_job(u->job, ns, reload_success);
a1c7334b
LP		 2770 else
2771 unexpected = true;
f3bff0eb 2772
a1c7334b
LP		 2773 /* If this state change happened without being requested by a job, then let's retroactively start or
2774 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2775 * additional jobs just because something is already activated. */
bdbf9951
LP		 2776
2777 if (unexpected) {
2778 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2779 retroactively_start_dependencies(u);
2780 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2781 retroactively_stop_dependencies(u);
2782 }
5de9682c 2783
256f65d0
LP		 2784 if (UNIT_IS_ACTIVE_OR_RELOADING(ns) && !UNIT_IS_ACTIVE_OR_RELOADING(os)) {
2785 /* This unit just finished starting up */
3b2775c5 2786
6eb65e7c 2787 unit_emit_audit_start(u);
546ac4f0 2788 manager_send_unit_plymouth(m, u);
b2d6bb5b 2789 manager_send_unit_supervisor(m, u, /* active= */ true);
bdbf9951 2790
8c4514b2 2791 } else if (UNIT_IS_INACTIVE_OR_FAILED(ns) && !UNIT_IS_INACTIVE_OR_FAILED(os)) {
915b1d01 2792 /* This unit just stopped/failed. */
256f65d0 2793
6eb65e7c 2794 unit_emit_audit_stop(u, ns);
b2d6bb5b 2795 manager_send_unit_supervisor(m, u, /* active= */ false);
915b1d01 2796 unit_log_resources(u);
cd6d0a45 2797 }
294446dc 2798
49b34f75 2799 if (ns == UNIT_INACTIVE && !IN_SET(os, UNIT_FAILED, UNIT_INACTIVE, UNIT_MAINTENANCE))
9faeb2d0 2800 unit_start_on_termination_deps(u, UNIT_ATOM_ON_SUCCESS);
8c4514b2 2801 else if (ns != os && ns == UNIT_FAILED)
9faeb2d0 2802 unit_start_on_termination_deps(u, UNIT_ATOM_ON_FAILURE);
f278026d
LP		 2803 }
2804
31dc1ca3
LP		 2805 manager_recheck_journal(m);
2806 manager_recheck_dbus(m);
e63ebf71 2807
3ecaa09b 2808 unit_trigger_notify(u);
3b2775c5 2809
8724defe 2810 if (!MANAGER_IS_RELOADING(m)) {
f6f271f0
MY		 2811 const char *reason;
2812
429926e9
TR		 2813 if (os != UNIT_FAILED && ns == UNIT_FAILED) {
2814 reason = strjoina("unit ", u->id, " failed");
96a0cfbf 2815 emergency_action(m, u->failure_action, EMERGENCY_ACTION_WARN|EMERGENCY_ACTION_SLEEP_5S, u->reboot_arg, unit_failure_action_exit_status(u), reason);
429926e9
TR		 2816 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE) {
2817 reason = strjoina("unit ", u->id, " succeeded");
96a0cfbf 2818 emergency_action(m, u->success_action, /* flags= */ 0, u->reboot_arg, unit_success_action_exit_status(u), reason);
429926e9 2819 }
ff502445
LP		 2820 }
2821
99e9af25 2822 /* And now, add the unit or depending units to various queues that will act on the new situation if
48008c1c 2823 * needed. These queues generally check for continuous state changes rather than events (like most of
99e9af25
LP		 2824 * the state propagation above), and do work deferred instead of instantly, since they typically
2825 * don't want to run during reloading, and usually involve checking combined state of multiple units
2826 * at once. */
2827
2828 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2829 /* Stop unneeded units and bound-by units regardless if going down was expected or not */
2830 check_unneeded_dependencies(u);
2831 check_bound_by_dependencies(u);
2832
2833 /* Maybe someone wants us to remain up? */
2834 unit_submit_to_start_when_upheld_queue(u);
2835
2836 /* Maybe the unit should be GC'ed now? */
2837 unit_add_to_gc_queue(u);
6ac62d61
LP		 2838
2839 /* Maybe we can release some resources now? */
2840 unit_submit_to_release_resources_queue(u);
99e9af25 2841
9ca16f6f
LP		 2842 /* Maybe the concurrency limits now allow dispatching of another start job in this slice? */
2843 unit_check_concurrency_limit(u);
2844
1b4ab5a2
MY		 2845 /* Maybe someone else has been waiting for us to stop? */
2846 m->may_dispatch_stop_notify_queue = true;
2847
b984151e 2848 } else if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
99e9af25
LP		 2849 /* Start uphold units regardless if going up was expected or not */
2850 check_uphold_dependencies(u);
2851
2852 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2853 unit_submit_to_stop_when_unneeded_queue(u);
2854
2855 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens
2856 * when something BindsTo= to a Type=oneshot unit, as these units go directly from starting to
2857 * inactive, without ever entering started.) */
2858 unit_submit_to_stop_when_bound_queue(u);
2859 }
87f0e418
LP		 2860}
2861
d70dfe1b 2862int unit_watch_pidref(Unit *u, const PidRef *pid, bool exclusive) {
495e75ed 2863 _cleanup_(pidref_freep) PidRef *pid_dup = NULL;
62a76913 2864 int r;
a911bb9a 2865
495e75ed 2866 /* Adds a specific PID to the set of PIDs this unit watches. */
87f0e418 2867
495e75ed
LP		 2868 assert(u);
2869 assert(pidref_is_set(pid));
5ba6985b 2870
f75f613d
FB		 2871 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2872 * opportunity to remove any stalled references to this PID as they can be created
2873 * easily (when watching a process which is not our direct child). */
2874 if (exclusive)
495e75ed
LP		 2875 manager_unwatch_pidref(u->manager, pid);
2876
c06b8d96
MY		 2877 if (set_contains(u->pids, pid)) { /* early exit if already being watched */
2878 assert(!exclusive);
495e75ed 2879 return 0;
c06b8d96 2880 }
f75f613d 2881
495e75ed 2882 r = pidref_dup(pid, &pid_dup);
5ba6985b
LP		 2883 if (r < 0)
2884 return r;
2885
495e75ed 2886 /* First, insert into the set of PIDs maintained by the unit */
4c8d5f02 2887 r = set_ensure_put(&u->pids, &pidref_hash_ops_free, pid_dup);
a911bb9a
LP		 2888 if (r < 0)
2889 return r;
2890
495e75ed 2891 pid = TAKE_PTR(pid_dup); /* continue with our copy now that we have installed it properly in our set */
05e343b7 2892
495e75ed 2893 /* Second, insert it into the simple global table, see if that works */
c06b8d96 2894 r = hashmap_ensure_put(&u->manager->watch_pids, &pidref_hash_ops, pid, u);
495e75ed
LP		 2895 if (r != -EEXIST)
2896 return r;
a911bb9a 2897
495e75ed
LP		 2898 /* OK, the key is already assigned to a different unit. That's fine, then add us via the second
2899 * hashmap that points to an array. */
a911bb9a 2900
495e75ed
LP		 2901 PidRef *old_pid = NULL;
2902 Unit **array = hashmap_get2(u->manager->watch_pids_more, pid, (void**) &old_pid);
62a76913 2903
495e75ed
LP		 2904 /* Count entries in array */
2905 size_t n = 0;
2906 for (; array && array[n]; n++)
2907 ;
62a76913 2908
495e75ed
LP		 2909 /* Allocate a new array */
2910 _cleanup_free_ Unit **new_array = new(Unit*, n + 2);
2911 if (!new_array)
2912 return -ENOMEM;
62a76913 2913
495e75ed
LP		 2914 /* Append us to the end */
2915 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2916 new_array[n] = u;
2917 new_array[n+1] = NULL;
62a76913 2918
495e75ed 2919 /* Add or replace the old array */
c06b8d96 2920 r = hashmap_ensure_replace(&u->manager->watch_pids_more, &pidref_hash_ops, old_pid ?: pid, new_array);
62a76913
LP		 2921 if (r < 0)
2922 return r;
2923
495e75ed
LP		 2924 TAKE_PTR(new_array); /* Now part of the hash table */
2925 free(array); /* Which means we can now delete the old version */
62a76913 2926 return 0;
87f0e418
LP		 2927}
2928
d70dfe1b 2929void unit_unwatch_pidref(Unit *u, const PidRef *pid) {
495e75ed
LP		 2930 assert(u);
2931 assert(pidref_is_set(pid));
2932
2933 /* Remove from the set we maintain for this unit. (And destroy the returned pid eventually) */
2934 _cleanup_(pidref_freep) PidRef *pid1 = set_remove(u->pids, pid);
2935 if (!pid1)
2936 return; /* Early exit if this PID was never watched by us */
2937
2938 /* First let's drop the unit from the simple hash table, if it is included there */
2939 PidRef *pid2 = NULL;
2940 Unit *uu = hashmap_get2(u->manager->watch_pids, pid, (void**) &pid2);
2941
2942 /* Quick validation: iff we are in the watch_pids table then the PidRef object must be the same as in our local pids set */
2943 assert((uu == u) == (pid1 == pid2));
2944
2945 if (uu == u)
2946 /* OK, we are in the first table. Let's remove it there then, and we are done already. */
1c2beeb0 2947 assert_se(hashmap_remove_value(u->manager->watch_pids, pid2, uu));
495e75ed
LP		 2948 else {
2949 /* We weren't in the first table, then let's consult the 2nd table that points to an array */
2950 PidRef *pid3 = NULL;
2951 Unit **array = hashmap_get2(u->manager->watch_pids_more, pid, (void**) &pid3);
2952
2953 /* Let's iterate through the array, dropping our own entry */
2954 size_t m = 0, n = 0;
2955 for (; array && array[n]; n++)
62a76913
LP		 2956 if (array[n] != u)
2957 array[m++] = array[n];
495e75ed
LP		 2958 if (n == m)
2959 return; /* Not there */
2960
2961 array[m] = NULL; /* set trailing NULL marker on the new end */
62a76913
LP		 2962
2963 if (m == 0) {
2964 /* The array is now empty, remove the entire entry */
1c2beeb0 2965 assert_se(hashmap_remove_value(u->manager->watch_pids_more, pid3, array));
62a76913 2966 free(array);
495e75ed
LP		 2967 } else {
2968 /* The array is not empty, but let's make sure the entry is not keyed by the PidRef
2969 * we will delete, but by the PidRef object of the Unit that is now first in the
2970 * array. */
2971
2972 PidRef *new_pid3 = ASSERT_PTR(set_get(array[0]->pids, pid));
2973 assert_se(hashmap_replace(u->manager->watch_pids_more, new_pid3, array) >= 0);
62a76913
LP		 2974 }
2975 }
495e75ed 2976}
87f0e418 2977
bd44e61b
LP		 2978void unit_unwatch_all_pids(Unit *u) {
2979 assert(u);
2980
2981 while (!set_isempty(u->pids))
495e75ed 2982 unit_unwatch_pidref(u, set_first(u->pids));
bd44e61b 2983
efdb0237 2984 u->pids = set_free(u->pids);
a911bb9a
LP		 2985}
2986
ea1e0bf1
YW		 2987void unit_unwatch_pidref_done(Unit *u, PidRef *pidref) {
2988 assert(u);
2989
2990 if (!pidref_is_set(pidref))
2991 return;
2992
2993 unit_unwatch_pidref(u, pidref);
2994 pidref_done(pidref);
2995}
2996
87f0e418
LP		 2997bool unit_job_is_applicable(Unit *u, JobType j) {
2998 assert(u);
2999 assert(j >= 0 && j < _JOB_TYPE_MAX);
3000
3001 switch (j) {
3002
3003 case JOB_VERIFY_ACTIVE:
3004 case JOB_START:
e0209d83 3005 case JOB_NOP:
f5869324 3006 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
86b52a39 3007 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
f5869324 3008 * jobs for it. */
87f0e418
LP		 3009 return true;
3010
f5869324
LP		 3011 case JOB_STOP:
3012 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
86b52a39 3013 * external events), hence it makes no sense to permit enqueuing such a request either. */
f5869324
LP		 3014 return !u->perpetual;
3015
87f0e418
LP		 3016 case JOB_RESTART:
3017 case JOB_TRY_RESTART:
f5869324 3018 return unit_can_stop(u) && unit_can_start(u);
87f0e418
LP		 3019
3020 case JOB_RELOAD:
3282591d 3021 case JOB_TRY_RELOAD:
87f0e418
LP		 3022 return unit_can_reload(u);
3023
3024 case JOB_RELOAD_OR_START:
3025 return unit_can_reload(u) && unit_can_start(u);
3026
3027 default:
04499a70 3028 assert_not_reached();
87f0e418
LP		 3029 }
3030}
3031
83110824
YW		 3032static Hashmap *unit_get_dependency_hashmap_per_type(Unit *u, UnitDependency d) {
3033 Hashmap *deps;
3034
3035 assert(u);
3036 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
3037
3038 deps = hashmap_get(u->dependencies, UNIT_DEPENDENCY_TO_PTR(d));
3039 if (!deps) {
3040 _cleanup_hashmap_free_ Hashmap *h = NULL;
3041
3042 h = hashmap_new(NULL);
3043 if (!h)
3044 return NULL;
3045
3046 if (hashmap_ensure_put(&u->dependencies, NULL, UNIT_DEPENDENCY_TO_PTR(d), h) < 0)
3047 return NULL;
3048
3049 deps = TAKE_PTR(h);
3050 }
3051
3052 return deps;
3053}
3054
3055typedef enum NotifyDependencyFlags {
3056 NOTIFY_DEPENDENCY_UPDATE_FROM = 1 << 0,
3057 NOTIFY_DEPENDENCY_UPDATE_TO = 1 << 1,
3058} NotifyDependencyFlags;
3059
3060static int unit_add_dependency_impl(
eef85c4a
LP		 3061 Unit *u,
3062 UnitDependency d,
3063 Unit *other,
eef85c4a 3064 UnitDependencyMask mask) {
87f0e418
LP		 3065
3066 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
fb138166
ZJS		 3067 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
3068 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
3069 [UNIT_WANTS] = UNIT_WANTED_BY,
3070 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
3071 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
3072 [UNIT_UPHOLDS] = UNIT_UPHELD_BY,
3073 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
3074 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
3075 [UNIT_WANTED_BY] = UNIT_WANTS,
3076 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
3077 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
3078 [UNIT_UPHELD_BY] = UNIT_UPHOLDS,
3079 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
3080 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
3081 [UNIT_BEFORE] = UNIT_AFTER,
3082 [UNIT_AFTER] = UNIT_BEFORE,
3083 [UNIT_ON_SUCCESS] = UNIT_ON_SUCCESS_OF,
3084 [UNIT_ON_SUCCESS_OF] = UNIT_ON_SUCCESS,
3085 [UNIT_ON_FAILURE] = UNIT_ON_FAILURE_OF,
3086 [UNIT_ON_FAILURE_OF] = UNIT_ON_FAILURE,
3087 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
3088 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
3089 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
85e9a101 3090 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
fb138166
ZJS		 3091 [UNIT_PROPAGATES_STOP_TO] = UNIT_STOP_PROPAGATED_FROM,
3092 [UNIT_STOP_PROPAGATED_FROM] = UNIT_PROPAGATES_STOP_TO,
3093 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF, /* symmetric! 👓 */
3094 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
3095 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
3096 [UNIT_IN_SLICE] = UNIT_SLICE_OF,
3097 [UNIT_SLICE_OF] = UNIT_IN_SLICE,
87f0e418 3098 };
83110824
YW		 3099
3100 Hashmap *u_deps, *other_deps;
3101 UnitDependencyInfo u_info, u_info_old, other_info, other_info_old;
3102 NotifyDependencyFlags flags = 0;
3103 int r;
3104
3105 assert(u);
3106 assert(other);
3107 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
3108 assert(inverse_table[d] >= 0 && inverse_table[d] < _UNIT_DEPENDENCY_MAX);
3109 assert(mask > 0 && mask < _UNIT_DEPENDENCY_MASK_FULL);
3110
3111 /* Ensure the following two hashmaps for each unit exist:
3112 * - the top-level dependency hashmap that maps UnitDependency → Hashmap(Unit* → UnitDependencyInfo),
3113 * - the inner hashmap, that maps Unit* → UnitDependencyInfo, for the specified dependency type. */
3114 u_deps = unit_get_dependency_hashmap_per_type(u, d);
3115 if (!u_deps)
3116 return -ENOMEM;
3117
3118 other_deps = unit_get_dependency_hashmap_per_type(other, inverse_table[d]);
3119 if (!other_deps)
3120 return -ENOMEM;
3121
3122 /* Save the original dependency info. */
3123 u_info.data = u_info_old.data = hashmap_get(u_deps, other);
3124 other_info.data = other_info_old.data = hashmap_get(other_deps, u);
3125
3126 /* Update dependency info. */
3127 u_info.origin_mask |= mask;
3128 other_info.destination_mask |= mask;
3129
3130 /* Save updated dependency info. */
3131 if (u_info.data != u_info_old.data) {
3132 r = hashmap_replace(u_deps, other, u_info.data);
3133 if (r < 0)
3134 return r;
3135
3136 flags = NOTIFY_DEPENDENCY_UPDATE_FROM;
b7777d08 3137 u->dependency_generation++;
83110824
YW		 3138 }
3139
3140 if (other_info.data != other_info_old.data) {
3141 r = hashmap_replace(other_deps, u, other_info.data);
3142 if (r < 0) {
3143 if (u_info.data != u_info_old.data) {
3144 /* Restore the old dependency. */
3145 if (u_info_old.data)
3146 (void) hashmap_update(u_deps, other, u_info_old.data);
3147 else
3148 hashmap_remove(u_deps, other);
3149 }
3150 return r;
3151 }
3152
3153 flags |= NOTIFY_DEPENDENCY_UPDATE_TO;
b7777d08 3154 other->dependency_generation++;
83110824
YW		 3155 }
3156
3157 return flags;
3158}
3159
3160int unit_add_dependency(
3161 Unit *u,
3162 UnitDependency d,
3163 Unit *other,
3164 bool add_reference,
3165 UnitDependencyMask mask) {
3166
15ed3c3a 3167 UnitDependencyAtom a;
eef85c4a 3168 int r;
15ed3c3a
LP		 3169
3170 /* Helper to know whether sending a notification is necessary or not: if the dependency is already
3171 * there, no need to notify! */
83110824 3172 NotifyDependencyFlags notify_flags;
87f0e418
LP		 3173
3174 assert(u);
3175 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
87f0e418
LP		 3176 assert(other);
3177
9f151f29
LP		 3178 u = unit_follow_merge(u);
3179 other = unit_follow_merge(other);
15ed3c3a
LP		 3180 a = unit_dependency_to_atom(d);
3181 assert(a >= 0);
9f151f29 3182
15ed3c3a 3183 /* We won't allow dependencies on ourselves. We will not consider them an error however. */
d1fab3fe 3184 if (u == other) {
ed991163
YW		 3185 if (unit_should_warn_about_dependency(d))
3186 log_unit_warning(u, "Dependency %s=%s is dropped.",
3187 unit_dependency_to_string(d), u->id);
87f0e418 3188 return 0;
d1fab3fe 3189 }
87f0e418 3190
f14d6810
MG		 3191 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3192 return 0;
3193
93df5217
LB		 3194 /* Note that ordering a device unit after a unit is permitted since it allows its job running
3195 * timeout to be started at a specific time. */
15ed3c3a 3196 if (FLAGS_SET(a, UNIT_ATOM_BEFORE) && other->type == UNIT_DEVICE) {
b862c257 3197 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
c80a9a33
LP		 3198 return 0;
3199 }
3200
15ed3c3a 3201 if (FLAGS_SET(a, UNIT_ATOM_ON_FAILURE) && !UNIT_VTABLE(u)->can_fail) {
c80a9a33
LP		 3202 log_unit_warning(u, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other->id, unit_type_to_string(u->type));
3203 return 0;
3204 }
3205
15ed3c3a 3206 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERS) && !UNIT_VTABLE(u)->can_trigger)
c80a9a33
LP		 3207 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3208 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(u->type));
15ed3c3a 3209 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERED_BY) && !UNIT_VTABLE(other)->can_trigger)
c80a9a33
LP		 3210 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3211 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(other->type));
3212
d219a2b0
LP		 3213 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && other->type != UNIT_SLICE)
3214 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3215 "Requested dependency Slice=%s refused (%s is not a slice unit).", other->id, other->id);
3216 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && u->type != UNIT_SLICE)
3217 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3218 "Requested dependency SliceOf=%s refused (%s is not a slice unit).", other->id, u->id);
3219
3220 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && !UNIT_HAS_CGROUP_CONTEXT(u))
3221 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3222 "Requested dependency Slice=%s refused (%s is not a cgroup unit).", other->id, u->id);
3223
3224 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && !UNIT_HAS_CGROUP_CONTEXT(other))
3225 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3226 "Requested dependency SliceOf=%s refused (%s is not a cgroup unit).", other->id, other->id);
3227
83110824 3228 r = unit_add_dependency_impl(u, d, other, mask);
613b411c 3229 if (r < 0)
87f0e418 3230 return r;
83110824 3231 notify_flags = r;
613b411c
LP		 3232
3233 if (add_reference) {
83110824 3234 r = unit_add_dependency_impl(u, UNIT_REFERENCES, other, mask);
613b411c 3235 if (r < 0)
701cc384 3236 return r;
83110824 3237 notify_flags |= r;
613b411c 3238 }
87f0e418 3239
83110824 3240 if (FLAGS_SET(notify_flags, NOTIFY_DEPENDENCY_UPDATE_FROM))
5177cb0a 3241 unit_add_to_dbus_queue(u);
83110824 3242 if (FLAGS_SET(notify_flags, NOTIFY_DEPENDENCY_UPDATE_TO))
ac17080c 3243 unit_add_to_dbus_queue(other);
15ed3c3a 3244
83110824 3245 return notify_flags != 0;
87f0e418 3246}
0301abf4 3247
eef85c4a 3248int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
5ee8e988 3249 int r = 0, s = 0;
2c966c03
LP		 3250
3251 assert(u);
5ee8e988 3252 assert(d >= 0 || e >= 0);
2c966c03 3253
5ee8e988
LB		 3254 if (d >= 0) {
3255 r = unit_add_dependency(u, d, other, add_reference, mask);
3256 if (r < 0)
3257 return r;
3258 }
2c966c03 3259
5ee8e988
LB		 3260 if (e >= 0) {
3261 s = unit_add_dependency(u, e, other, add_reference, mask);
3262 if (s < 0)
3263 return s;
3264 }
a8c5a4c6
YW		 3265
3266 return r > 0 || s > 0;
2c966c03
LP		 3267}
3268
23e8c796 3269static int resolve_template(Unit *u, const char *name, char **buf, const char **ret) {
7410616c 3270 int r;
9e2f7c11
LP		 3271
3272 assert(u);
23e8c796 3273 assert(name);
7410616c
LP		 3274 assert(buf);
3275 assert(ret);
9e2f7c11 3276
7410616c
LP		 3277 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
3278 *buf = NULL;
3279 *ret = name;
3280 return 0;
9e2f7c11
LP		 3281 }
3282
ac155bb8 3283 if (u->instance)
7410616c 3284 r = unit_name_replace_instance(name, u->instance, buf);
9e2f7c11 3285 else {
ae018d9b 3286 _cleanup_free_ char *i = NULL;
9e2f7c11 3287
7410616c
LP		 3288 r = unit_name_to_prefix(u->id, &i);
3289 if (r < 0)
3290 return r;
9e2f7c11 3291
7410616c 3292 r = unit_name_replace_instance(name, i, buf);
9e2f7c11 3293 }
7410616c
LP		 3294 if (r < 0)
3295 return r;
9e2f7c11 3296
7410616c
LP		 3297 *ret = *buf;
3298 return 0;
9e2f7c11
LP		 3299}
3300
35d8c19a 3301int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 3302 _cleanup_free_ char *buf = NULL;
09b6b09f
LP		 3303 Unit *other;
3304 int r;
3305
9e2f7c11 3306 assert(u);
35d8c19a 3307 assert(name);
09b6b09f 3308
23e8c796 3309 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 3310 if (r < 0)
3311 return r;
09b6b09f 3312
f14d6810
MG		 3313 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3314 return 0;
3315
35d8c19a 3316 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
8afbb8e1
LP		 3317 if (r < 0)
3318 return r;
9e2f7c11 3319
eef85c4a 3320 return unit_add_dependency(u, d, other, add_reference, mask);
09b6b09f
LP		 3321}
3322
5a724170 3323int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 3324 _cleanup_free_ char *buf = NULL;
2c966c03
LP		 3325 Unit *other;
3326 int r;
2c966c03
LP		 3327
3328 assert(u);
5a724170 3329 assert(name);
2c966c03 3330
23e8c796 3331 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 3332 if (r < 0)
3333 return r;
2c966c03 3334
f14d6810
MG		 3335 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3336 return 0;
3337
5a724170 3338 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3f3cc397 3339 if (r < 0)
68eda4bd 3340 return r;
2c966c03 3341
eef85c4a 3342 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2c966c03
LP		 3343}
3344
6c8ade30
MY		 3345int setenv_unit_path(const char *p) {
3346 assert(p);
3347
0301abf4 3348 /* This is mostly for debug purposes */
6c8ade30 3349 return RET_NERRNO(setenv("SYSTEMD_UNIT_PATH", p, /* overwrite = */ true));
0301abf4 3350}
88066b3a 3351
ff3f2953 3352char* unit_dbus_path(Unit *u) {
ea430986
LP		 3353 assert(u);
3354
ac155bb8 3355 if (!u->id)
04ade7d2
LP		 3356 return NULL;
3357
48899192 3358 return unit_dbus_path_from_name(u->id);
ea430986
LP		 3359}
3360
ff3f2953 3361char* unit_dbus_path_invocation_id(Unit *u) {
4b58153d
LP		 3362 assert(u);
3363
3364 if (sd_id128_is_null(u->invocation_id))
3365 return NULL;
3366
3367 return unit_dbus_path_from_name(u->invocation_id_string);
3368}
3369
2d3b784d 3370int unit_set_invocation_id(Unit *u, sd_id128_t id) {
db868d45
ZJS		 3371 int r;
3372
3373 assert(u);
3374
3375 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
3376
3377 if (sd_id128_equal(u->invocation_id, id))
3378 return 0;
3379
3380 if (!sd_id128_is_null(u->invocation_id))
3381 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
3382
3383 if (sd_id128_is_null(id)) {
3384 r = 0;
3385 goto reset;
3386 }
3387
3388 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
3389 if (r < 0)
3390 goto reset;
3391
3392 u->invocation_id = id;
3393 sd_id128_to_string(id, u->invocation_id_string);
3394
3395 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
3396 if (r < 0)
3397 goto reset;
3398
3399 return 0;
3400
3401reset:
3402 u->invocation_id = SD_ID128_NULL;
3403 u->invocation_id_string[0] = 0;
3404 return r;
3405}
3406
899acf5c 3407int unit_set_slice(Unit *u, Unit *slice) {
d219a2b0
LP		 3408 int r;
3409
d79200e2
LP		 3410 assert(u);
3411 assert(slice);
3412
d219a2b0
LP		 3413 /* Sets the unit slice if it has not been set before. Is extra careful, to only allow this for units
3414 * that actually have a cgroup context. Also, we don't allow to set this for slices (since the parent
3415 * slice is derived from the name). Make sure the unit we set is actually a slice. */
d79200e2
LP		 3416
3417 if (!UNIT_HAS_CGROUP_CONTEXT(u))
3418 return -EOPNOTSUPP;
3419
3420 if (u->type == UNIT_SLICE)
3421 return -EINVAL;
3422
102ef982
LP		 3423 if (unit_active_state(u) != UNIT_INACTIVE)
3424 return -EBUSY;
3425
d79200e2
LP		 3426 if (slice->type != UNIT_SLICE)
3427 return -EINVAL;
3428
efdb0237
LP		 3429 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3430 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3431 return -EPERM;
3432
12f64221 3433 if (UNIT_GET_SLICE(u) == slice)
d79200e2
LP		 3434 return 0;
3435
99e66921 3436 /* Disallow slice changes if @u is already bound to cgroups */
9cc54544
LP		 3437 if (UNIT_GET_SLICE(u)) {
3438 CGroupRuntime *crt = unit_get_cgroup_runtime(u);
23ac0811 3439 if (crt && crt->cgroup_path)
9cc54544
LP		 3440 return -EBUSY;
3441 }
d79200e2 3442
899acf5c
AZ		 3443 /* Remove any slices assigned prior; we should only have one UNIT_IN_SLICE dependency */
3444 if (UNIT_GET_SLICE(u))
3445 unit_remove_dependencies(u, UNIT_DEPENDENCY_SLICE_PROPERTY);
3446
3447 r = unit_add_dependency(u, UNIT_IN_SLICE, slice, true, UNIT_DEPENDENCY_SLICE_PROPERTY);
d219a2b0
LP		 3448 if (r < 0)
3449 return r;
3450
d79200e2
LP		 3451 return 1;
3452}
3453
3454int unit_set_default_slice(Unit *u) {
a8833944 3455 const char *slice_name;
a016b922
LP		 3456 Unit *slice;
3457 int r;
3458
3459 assert(u);
3460
f14d6810
MG		 3461 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3462 return 0;
3463
12f64221 3464 if (UNIT_GET_SLICE(u))
a016b922
LP		 3465 return 0;
3466
a8833944
LP		 3467 if (u->instance) {
3468 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
68eda4bd 3469
a8833944
LP		 3470 /* Implicitly place all instantiated units in their
3471 * own per-template slice */
3472
7410616c
LP		 3473 r = unit_name_to_prefix(u->id, &prefix);
3474 if (r < 0)
3475 return r;
a8833944
LP		 3476
3477 /* The prefix is already escaped, but it might include
3478 * "-" which has a special meaning for slice units,
3479 * hence escape it here extra. */
7410616c 3480 escaped = unit_name_escape(prefix);
a8833944
LP		 3481 if (!escaped)
3482 return -ENOMEM;
3483
463d0d15 3484 if (MANAGER_IS_SYSTEM(u->manager))
00e7b3c8 3485 slice_name = strjoina("system-", escaped, ".slice");
a8833944 3486 else
7f3b86a4 3487 slice_name = strjoina("app-", escaped, ".slice");
5ee24fa0
ZJS		 3488
3489 } else if (unit_is_extrinsic(u))
3490 /* Keep all extrinsic units (e.g. perpetual units and swap and mount units in user mode) in
3491 * the root slice. They don't really belong in one of the subslices. */
3492 slice_name = SPECIAL_ROOT_SLICE;
3493
3494 else if (MANAGER_IS_SYSTEM(u->manager))
3495 slice_name = SPECIAL_SYSTEM_SLICE;
3496 else
3497 slice_name = SPECIAL_APP_SLICE;
a8833944
LP		 3498
3499 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
a016b922
LP		 3500 if (r < 0)
3501 return r;
3502
899acf5c 3503 return unit_set_slice(u, slice);
a016b922
LP		 3504}
3505
bfd5a068 3506const char* unit_slice_name(Unit *u) {
12f64221 3507 Unit *slice;
9444b1f2
LP		 3508 assert(u);
3509
12f64221
LP		 3510 slice = UNIT_GET_SLICE(u);
3511 if (!slice)
9444b1f2
LP		 3512 return NULL;
3513
12f64221 3514 return slice->id;
9444b1f2
LP		 3515}
3516
f6ff8c29 3517int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
78edb35a 3518 _cleanup_free_ char *t = NULL;
f6ff8c29
LP		 3519 int r;
3520
3521 assert(u);
3522 assert(type);
3523 assert(_found);
3524
7410616c
LP		 3525 r = unit_name_change_suffix(u->id, type, &t);
3526 if (r < 0)
3527 return r;
3528 if (unit_has_name(u, t))
3529 return -EINVAL;
f6ff8c29 3530
ac155bb8 3531 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
9e2f7c11 3532 assert(r < 0 || *_found != u);
f6ff8c29
LP		 3533 return r;
3534}
3535
27217200 3536static int signal_name_owner_changed_install_handler(sd_bus_message *message, void *userdata, sd_bus_error *reterr_error) {
db6b214f
YW		 3537 Unit *u = ASSERT_PTR(userdata);
3538 const sd_bus_error *e;
3539 int r;
3540
3541 e = sd_bus_message_get_error(message);
3542 if (!e) {
3543 log_unit_trace(u, "Successfully installed NameOwnerChanged signal match.");
3544 return 0;
3545 }
3546
3547 r = sd_bus_error_get_errno(e);
3548 log_unit_error_errno(u, r,
3549 "Unexpected error response on installing NameOwnerChanged signal match: %s",
3550 bus_error_message(e, r));
3551
3552 /* If we failed to install NameOwnerChanged signal, also unref the bus slot of GetNameOwner(). */
3553 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3554 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3555
3556 if (UNIT_VTABLE(u)->bus_name_owner_change)
3557 UNIT_VTABLE(u)->bus_name_owner_change(u, NULL);
3558
3559 return 0;
3560}
3561
27217200 3562static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *reterr_error) {
fc67a943 3563 const char *new_owner;
99534007 3564 Unit *u = ASSERT_PTR(userdata);
bbc29086
DM		 3565 int r;
3566
3567 assert(message);
bbc29086 3568
fc67a943 3569 r = sd_bus_message_read(message, "sss", NULL, NULL, &new_owner);
bbc29086
DM		 3570 if (r < 0) {
3571 bus_log_parse_error(r);
3572 return 0;
3573 }
3574
3575 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3576 UNIT_VTABLE(u)->bus_name_owner_change(u, empty_to_null(new_owner));
a5a8776a
MJ		 3577
3578 return 0;
3579}
3580
27217200 3581static int get_name_owner_handler(sd_bus_message *message, void *userdata, sd_bus_error *reterr_error) {
a5a8776a
MJ		 3582 const sd_bus_error *e;
3583 const char *new_owner;
99534007 3584 Unit *u = ASSERT_PTR(userdata);
a5a8776a
MJ		 3585 int r;
3586
3587 assert(message);
a5a8776a
MJ		 3588
3589 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3590
a5a8776a 3591 e = sd_bus_message_get_error(message);
a5a8776a 3592 if (e) {
91053fc9 3593 if (!sd_bus_error_has_name(e, SD_BUS_ERROR_NAME_HAS_NO_OWNER)) {
33322185
YW		 3594 r = sd_bus_error_get_errno(e);
3595 log_unit_error_errno(u, r,
3596 "Unexpected error response from GetNameOwner(): %s",
3597 bus_error_message(e, r));
3598 }
a5a8776a 3599
fc67a943
LP		 3600 new_owner = NULL;
3601 } else {
3602 r = sd_bus_message_read(message, "s", &new_owner);
3603 if (r < 0)
3604 return bus_log_parse_error(r);
a5a8776a 3605
fc67a943
LP		 3606 assert(!isempty(new_owner));
3607 }
a5a8776a
MJ		 3608
3609 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3610 UNIT_VTABLE(u)->bus_name_owner_change(u, new_owner);
bbc29086
DM		 3611
3612 return 0;
3613}
3614
9806e87d 3615int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
8df433d7 3616 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
9806e87d 3617 const char *match;
8df433d7 3618 usec_t timeout_usec = 0;
a5b07847 3619 int r;
bbc29086 3620
9806e87d
LP		 3621 assert(u);
3622 assert(bus);
3623 assert(name);
bbc29086 3624
a5b07847 3625 if (u->match_bus_slot || u->get_name_owner_slot)
bbc29086
DM		 3626 return -EBUSY;
3627
8df433d7 3628 /* NameOwnerChanged and GetNameOwner is used to detect when a service finished starting up. The dbus
3629 * call timeout shouldn't be earlier than that. If we couldn't get the start timeout, use the default
3630 * value defined above. */
3631 if (UNIT_VTABLE(u)->get_timeout_start_usec)
3632 timeout_usec = UNIT_VTABLE(u)->get_timeout_start_usec(u);
3633
9806e87d 3634 match = strjoina("type='signal',"
81d62103
ZJS		 3635 "sender='org.freedesktop.DBus',"
3636 "path='/org/freedesktop/DBus',"
3637 "interface='org.freedesktop.DBus',"
3638 "member='NameOwnerChanged',"
3639 "arg0='", name, "'");
bbc29086 3640
8df433d7 3641 r = bus_add_match_full(
3642 bus,
3643 &u->match_bus_slot,
db6b214f 3644 /* asynchronous = */ true,
8df433d7 3645 match,
3646 signal_name_owner_changed,
db6b214f 3647 signal_name_owner_changed_install_handler,
8df433d7 3648 u,
3649 timeout_usec);
a5a8776a
MJ		 3650 if (r < 0)
3651 return r;
3652
8df433d7 3653 r = sd_bus_message_new_method_call(
a5b07847 3654 bus,
8df433d7 3655 &m,
a5b07847
LP		 3656 "org.freedesktop.DBus",
3657 "/org/freedesktop/DBus",
3658 "org.freedesktop.DBus",
8df433d7 3659 "GetNameOwner");
3660 if (r < 0)
3661 return r;
3662
3663 r = sd_bus_message_append(m, "s", name);
3664 if (r < 0)
3665 return r;
3666
3667 r = sd_bus_call_async(
3668 bus,
3669 &u->get_name_owner_slot,
3670 m,
a5b07847
LP		 3671 get_name_owner_handler,
3672 u,
8df433d7 3673 timeout_usec);
a5b07847
LP		 3674 if (r < 0) {
3675 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3676 return r;
3677 }
3678
3679 log_unit_debug(u, "Watching D-Bus name '%s'.", name);
3680 return 0;
bbc29086
DM		 3681}
3682
05e343b7 3683int unit_watch_bus_name(Unit *u, const char *name) {
bbc29086
DM		 3684 int r;
3685
05e343b7
LP		 3686 assert(u);
3687 assert(name);
3688
3689 /* Watch a specific name on the bus. We only support one unit
3690 * watching each name for now. */
3691
bbc29086
DM		 3692 if (u->manager->api_bus) {
3693 /* If the bus is already available, install the match directly.
3694 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
9806e87d 3695 r = unit_install_bus_match(u, u->manager->api_bus, name);
bbc29086 3696 if (r < 0)
8ea823b6 3697 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
bbc29086
DM		 3698 }
3699
3700 r = hashmap_put(u->manager->watch_bus, name, u);
3701 if (r < 0) {
3702 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5b07847 3703 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
bbc29086
DM		 3704 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3705 }
3706
3707 return 0;
05e343b7
LP		 3708}
3709
3710void unit_unwatch_bus_name(Unit *u, const char *name) {
3711 assert(u);
3712 assert(name);
3713
8367fea5 3714 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
bbc29086 3715 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5a8776a 3716 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
05e343b7
LP		 3717}
3718
d336ba9f 3719int unit_add_node_dependency(Unit *u, const char *what, UnitDependency dep, UnitDependencyMask mask) {
68eda4bd 3720 _cleanup_free_ char *e = NULL;
44b0d1fd 3721 Unit *device;
6e2ef85b
LP		 3722 int r;
3723
3724 assert(u);
3725
6e2ef85b 3726 /* Adds in links to the device node that this unit is based on */
47bc12e1
LP		 3727 if (isempty(what))
3728 return 0;
6e2ef85b 3729
8407a5d0 3730 if (!is_device_path(what))
6e2ef85b
LP		 3731 return 0;
3732
44b0d1fd 3733 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
1c2e9646 3734 if (!unit_type_supported(UNIT_DEVICE))
47bc12e1
LP		 3735 return 0;
3736
7410616c
LP		 3737 r = unit_name_from_path(what, ".device", &e);
3738 if (r < 0)
3739 return r;
6e2ef85b 3740
ac155bb8 3741 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
6e2ef85b
LP		 3742 if (r < 0)
3743 return r;
3744
ebc8968b
FB		 3745 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3746 dep = UNIT_BINDS_TO;
3747
d336ba9f
FB		 3748 return unit_add_two_dependencies(u, UNIT_AFTER,
3749 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3750 device, true, mask);
6e2ef85b 3751}
a16e1123 3752
44b0d1fd
LP		 3753int unit_add_blockdev_dependency(Unit *u, const char *what, UnitDependencyMask mask) {
3754 _cleanup_free_ char *escaped = NULL, *target = NULL;
3755 int r;
3756
3757 assert(u);
3758
3759 if (isempty(what))
3760 return 0;
3761
3762 if (!path_startswith(what, "/dev/"))
3763 return 0;
3764
3765 /* If we don't support devices, then also don't bother with blockdev@.target */
3766 if (!unit_type_supported(UNIT_DEVICE))
3767 return 0;
3768
3769 r = unit_name_path_escape(what, &escaped);
3770 if (r < 0)
3771 return r;
3772
3773 r = unit_name_build("blockdev", escaped, ".target", &target);
3774 if (r < 0)
3775 return r;
3776
3777 return unit_add_dependency_by_name(u, UNIT_AFTER, target, true, mask);
3778}
3779
be847e82 3780int unit_coldplug(Unit *u) {
95f74928 3781 int r = 0;
cca098b0
LP		 3782
3783 assert(u);
3784
f0831ed2 3785 /* Make sure we don't enter a loop, when coldplugging recursively. */
f78f265f
LP		 3786 if (u->coldplugged)
3787 return 0;
3788
3789 u->coldplugged = true;
3790
95f74928
MY		 3791 STRV_FOREACH(i, u->deserialized_refs)
3792 RET_GATHER(r, bus_unit_track_add_name(u, *i));
3793
05a98afd 3794 u->deserialized_refs = strv_free(u->deserialized_refs);
cca098b0 3795
95f74928
MY		 3796 if (UNIT_VTABLE(u)->coldplug)
3797 RET_GATHER(r, UNIT_VTABLE(u)->coldplug(u));
5a6158b6 3798
95f74928
MY		 3799 if (u->job)
3800 RET_GATHER(r, job_coldplug(u->job));
3801 if (u->nop_job)
3802 RET_GATHER(r, job_coldplug(u->nop_job));
cca098b0 3803
49b6babb 3804 unit_modify_nft_set(u, /* add = */ true);
05a98afd 3805 return r;
cca098b0
LP		 3806}
3807
f0831ed2
LP		 3808void unit_catchup(Unit *u) {
3809 assert(u);
3810
3811 if (UNIT_VTABLE(u)->catchup)
3812 UNIT_VTABLE(u)->catchup(u);
869f52f2
DS		 3813
3814 unit_cgroup_catchup(u);
f0831ed2
LP		 3815}
3816
ba25d39e 3817static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
21b95806
ZJS		 3818 struct stat st;
3819
3820 if (!path)
3821 return false;
3822
77969722
LP		 3823 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3824 * are never out-of-date. */
3825 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3826 return false;
3827
21b95806
ZJS		 3828 if (stat(path, &st) < 0)
3829 /* What, cannot access this anymore? */
3830 return true;
3831
ba25d39e
ZJS		 3832 if (path_masked)
3833 /* For masked files check if they are still so */
3834 return !null_or_empty(&st);
3835 else
3a8db9fe 3836 /* For non-empty files check the mtime */
87ec20ef 3837 return timespec_load(&st.st_mtim) > mtime;
21b95806
ZJS		 3838
3839 return false;
3840}
3841
45fb0699 3842bool unit_need_daemon_reload(Unit *u) {
45fb0699 3843 assert(u);
a82b8b3d
MY		 3844 assert(u->manager);
3845
3846 if (u->manager->unit_file_state_outdated)
3847 return true;
45fb0699 3848
ba25d39e
ZJS		 3849 /* For unit files, we allow masking… */
3850 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3851 u->load_state == UNIT_MASKED))
21b95806 3852 return true;
5f4b19f4 3853
ba25d39e
ZJS		 3854 /* Source paths should not be masked… */
3855 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
ab932a62 3856 return true;
ae7a7182 3857
11b3775f
MY		 3858 if (u->load_state == UNIT_LOADED) {
3859 _cleanup_strv_free_ char **dropins = NULL;
3860
82c482d5 3861 (void) unit_find_dropin_paths(u, /* use_unit_path_cache = */ false, &dropins);
6d10d308 3862
11b3775f 3863 if (!strv_equal(u->dropin_paths, dropins))
ab932a62 3864 return true;
21b95806 3865
11b3775f
MY		 3866 /* … any drop-ins that are masked are simply omitted from the list. */
3867 STRV_FOREACH(path, u->dropin_paths)
3868 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
3869 return true;
3870 }
3871
ab932a62 3872 return false;
45fb0699
LP		 3873}
3874
fdf20a31 3875void unit_reset_failed(Unit *u) {
5632e374
LP		 3876 assert(u);
3877
fdf20a31
MM		 3878 if (UNIT_VTABLE(u)->reset_failed)
3879 UNIT_VTABLE(u)->reset_failed(u);
6bf0f408 3880
7bf081a1 3881 ratelimit_reset(&u->start_ratelimit);
6bf0f408 3882 u->start_limit_hit = false;
a364ebd4
MY		 3883
3884 (void) unit_set_debug_invocation(u, /* enable= */ false);
5632e374
LP		 3885}
3886
a7f241db
LP		 3887Unit *unit_following(Unit *u) {
3888 assert(u);
3889
3890 if (UNIT_VTABLE(u)->following)
3891 return UNIT_VTABLE(u)->following(u);
3892
3893 return NULL;
3894}
3895
31afa0a4 3896bool unit_stop_pending(Unit *u) {
18ffdfda
LP		 3897 assert(u);
3898
31afa0a4
LP		 3899 /* This call does check the current state of the unit. It's
3900 * hence useful to be called from state change calls of the
3901 * unit itself, where the state isn't updated yet. This is
3902 * different from unit_inactive_or_pending() which checks both
3903 * the current state and for a queued job. */
18ffdfda 3904
28a2dfe8 3905 return unit_has_job_type(u, JOB_STOP);
31afa0a4
LP		 3906}
3907
3908bool unit_inactive_or_pending(Unit *u) {
3909 assert(u);
3910
3911 /* Returns true if the unit is inactive or going down */
18ffdfda 3912
d956ac29
LP		 3913 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3914 return true;
3915
31afa0a4 3916 if (unit_stop_pending(u))
18ffdfda
LP		 3917 return true;
3918
3919 return false;
3920}
3921
31afa0a4 3922bool unit_active_or_pending(Unit *u) {
f976f3f6
LP		 3923 assert(u);
3924
f60c2665 3925 /* Returns true if the unit is active or going up */
f976f3f6
LP		 3926
3927 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3928 return true;
3929
ac155bb8 3930 if (u->job &&
3742095b 3931 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
f976f3f6
LP		 3932 return true;
3933
3934 return false;
3935}
3936
52a12341
YW		 3937bool unit_will_restart_default(Unit *u) {
3938 assert(u);
3939
28a2dfe8 3940 return unit_has_job_type(u, JOB_START);
52a12341
YW		 3941}
3942
deb4e708
MK		 3943bool unit_will_restart(Unit *u) {
3944 assert(u);
3945
3946 if (!UNIT_VTABLE(u)->will_restart)
3947 return false;
3948
3949 return UNIT_VTABLE(u)->will_restart(u);
3950}
3951
38c41427
NK		 3952void unit_notify_cgroup_oom(Unit *u, bool managed_oom) {
3953 assert(u);
3954
3955 if (UNIT_VTABLE(u)->notify_cgroup_oom)
3956 UNIT_VTABLE(u)->notify_cgroup_oom(u, managed_oom);
3957}
3958
ae6a9e65 3959static int unit_pid_set(Unit *u, Set **pid_set) {
82659fd7
LP		 3960 int r;
3961
ae6a9e65
YW		 3962 assert(u);
3963 assert(pid_set);
3964
3965 set_clear(*pid_set); /* This updates input. */
82659fd7
LP		 3966
3967 /* Exclude the main/control pids from being killed via the cgroup */
82659fd7 3968
ae6a9e65 3969 PidRef *pid;
2d708781 3970 FOREACH_ARGUMENT(pid, unit_main_pid(u), unit_control_pid(u))
ae6a9e65
YW		 3971 if (pidref_is_set(pid)) {
3972 r = set_ensure_put(pid_set, NULL, PID_TO_PTR(pid->pid));
3973 if (r < 0)
3974 return r;
3975 }
82659fd7 3976
ae6a9e65 3977 return 0;
82659fd7
LP		 3978}
3979
4d1b2df1 3980static int kill_common_log(const PidRef *pid, int signo, void *userdata) {
d9911002 3981 _cleanup_free_ char *comm = NULL;
99534007 3982 Unit *u = ASSERT_PTR(userdata);
d9911002 3983
4d1b2df1
LP		 3984 (void) pidref_get_comm(pid, &comm);
3985
d9911002 3986 log_unit_info(u, "Sending signal SIG%s to process " PID_FMT " (%s) on client request.",
4d1b2df1 3987 signal_to_string(signo), pid->pid, strna(comm));
d9911002
LP		 3988
3989 return 1;
3990}
3991
ba16a93d 3992static int kill_or_sigqueue(PidRef *pidref, int signo, int code, int value) {
37eb258e 3993 assert(pidref_is_set(pidref));
a721cd00
LP		 3994 assert(SIGNAL_VALID(signo));
3995
3996 switch (code) {
3997
3998 case SI_USER:
37eb258e
LP		 3999 log_debug("Killing " PID_FMT " with signal SIG%s.", pidref->pid, signal_to_string(signo));
4000 return pidref_kill(pidref, signo);
a721cd00
LP		 4001
4002 case SI_QUEUE:
37eb258e
LP		 4003 log_debug("Enqueuing value %i to " PID_FMT " on signal SIG%s.", value, pidref->pid, signal_to_string(signo));
4004 return pidref_sigqueue(pidref, signo, value);
a721cd00
LP		 4005
4006 default:
4007 assert_not_reached();
4008 }
4009}
4010
ec5e2a13
YW		 4011static int unit_kill_one(
4012 Unit *u,
4013 PidRef *pidref,
4014 const char *type,
4015 int signo,
4016 int code,
4017 int value,
4018 sd_bus_error *ret_error) {
4019
4020 int r;
4021
4022 assert(u);
4023 assert(type);
4024
4025 if (!pidref_is_set(pidref))
4026 return 0;
4027
4028 _cleanup_free_ char *comm = NULL;
4029 (void) pidref_get_comm(pidref, &comm);
4030
4031 r = kill_or_sigqueue(pidref, signo, code, value);
4032 if (r == -ESRCH)
4033 return 0;
4034 if (r < 0) {
4035 /* Report this failure both to the logs and to the client */
4036 if (ret_error)
4037 sd_bus_error_set_errnof(
4038 ret_error, r,
4039 "Failed to send signal SIG%s to %s process " PID_FMT " (%s): %m",
4040 signal_to_string(signo), type, pidref->pid, strna(comm));
4041
4042 return log_unit_warning_errno(
4043 u, r,
4044 "Failed to send signal SIG%s to %s process " PID_FMT " (%s) on client request: %m",
4045 signal_to_string(signo), type, pidref->pid, strna(comm));
4046 }
4047
4048 log_unit_info(u, "Sent signal SIG%s to %s process " PID_FMT " (%s) on client request.",
4049 signal_to_string(signo), type, pidref->pid, strna(comm));
4050 return 1; /* killed */
4051}
4052
37eb258e 4053int unit_kill(
d91c34f2 4054 Unit *u,
cd2fb049 4055 KillWhom whom,
0f23564a 4056 const char *subgroup,
d91c34f2 4057 int signo,
a721cd00
LP		 4058 int code,
4059 int value,
ec5e2a13 4060 sd_bus_error *ret_error) {
d91c34f2 4061
37eb258e 4062 PidRef *main_pid, *control_pid;
ac5e3a50 4063 bool killed = false;
a721cd00 4064 int ret = 0, r;
814cc562 4065
8aff7ac4
LP		 4066 /* This is the common implementation for explicit user-requested killing of unit processes, shared by
4067 * various unit types. Do not confuse with unit_kill_context(), which is what we use when we want to
4068 * stop a service ourselves. */
4069
a721cd00 4070 assert(u);
cd2fb049
ZJS		 4071 assert(whom >= 0);
4072 assert(whom < _KILL_WHOM_MAX);
a721cd00
LP		 4073 assert(SIGNAL_VALID(signo));
4074 assert(IN_SET(code, SI_USER, SI_QUEUE));
4075
0f23564a
LP		 4076 if (subgroup) {
4077 if (!IN_SET(whom, KILL_CGROUP, KILL_CGROUP_FAIL))
03b4a607
LP		 4078 return sd_bus_error_set(ret_error, SD_BUS_ERROR_NOT_SUPPORTED,
4079 "Killing by subgroup is only supported for 'cgroup' or 'cgroup-kill' modes.");
0f23564a
LP		 4080
4081 if (!unit_cgroup_delegate(u))
03b4a607
LP		 4082 return sd_bus_error_set(ret_error, SD_BUS_ERROR_NOT_SUPPORTED,
4083 "Killing by subgroup is only available for units with control group delegation enabled.");
0f23564a
LP		 4084 }
4085
37eb258e
LP		 4086 main_pid = unit_main_pid(u);
4087 control_pid = unit_control_pid(u);
4088
4089 if (!UNIT_HAS_CGROUP_CONTEXT(u) && !main_pid && !control_pid)
0f23564a 4090 return sd_bus_error_set(ret_error, SD_BUS_ERROR_NOT_SUPPORTED, "Unit type does not support process killing.");
37eb258e 4091
cd2fb049 4092 if (IN_SET(whom, KILL_MAIN, KILL_MAIN_FAIL)) {
37eb258e 4093 if (!main_pid)
ec5e2a13 4094 return sd_bus_error_setf(ret_error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
37eb258e 4095 if (!pidref_is_set(main_pid))
ec5e2a13 4096 return sd_bus_error_set_const(ret_error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
814cc562
MS		 4097 }
4098
cd2fb049 4099 if (IN_SET(whom, KILL_CONTROL, KILL_CONTROL_FAIL)) {
37eb258e 4100 if (!control_pid)
ec5e2a13 4101 return sd_bus_error_setf(ret_error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
37eb258e 4102 if (!pidref_is_set(control_pid))
ec5e2a13 4103 return sd_bus_error_set_const(ret_error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
814cc562
MS		 4104 }
4105
cd2fb049 4106 if (IN_SET(whom, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL)) {
ec5e2a13
YW		 4107 r = unit_kill_one(u, control_pid, "control", signo, code, value, ret_error);
4108 RET_GATHER(ret, r);
4109 killed = killed || r > 0;
a721cd00 4110 }
814cc562 4111
cd2fb049 4112 if (IN_SET(whom, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL)) {
ec5e2a13
YW		 4113 r = unit_kill_one(u, main_pid, "main", signo, code, value, ret >= 0 ? ret_error : NULL);
4114 RET_GATHER(ret, r);
4115 killed = killed || r > 0;
a721cd00 4116 }
814cc562 4117
a721cd00
LP		 4118 /* Note: if we shall enqueue rather than kill we won't do this via the cgroup mechanism, since it
4119 * doesn't really make much sense (and given that enqueued values are a relatively expensive
4120 * resource, and we shouldn't allow us to be subjects for such allocation sprees) */
0f23564a 4121 if (IN_SET(whom, KILL_ALL, KILL_ALL_FAIL, KILL_CGROUP, KILL_CGROUP_FAIL) && code == SI_USER) {
9cc54544 4122 CGroupRuntime *crt = unit_get_cgroup_runtime(u);
9cc54544
LP		 4123 if (crt && crt->cgroup_path) {
4124 _cleanup_set_free_ Set *pid_set = NULL;
0f23564a
LP		 4125 _cleanup_free_ char *joined = NULL;
4126 const char *p;
4127
4128 if (empty_or_root(subgroup))
4129 p = crt->cgroup_path;
4130 else {
4131 joined = path_join(crt->cgroup_path, subgroup);
4132 if (!joined)
4133 return -ENOMEM;
4134
4135 p = joined;
4136 }
d9911002 4137
ba16a93d 4138 if (signo == SIGKILL) {
0f23564a 4139 r = cg_kill_kernel_sigkill(p);
ba16a93d
MY		 4140 if (r >= 0) {
4141 killed = true;
0f23564a 4142 log_unit_info(u, "Killed unit cgroup '%s' with SIGKILL on client request.", p);
ba16a93d
MY		 4143 goto finish;
4144 }
4145 if (r != -EOPNOTSUPP) {
4146 if (ret >= 0)
4147 sd_bus_error_set_errnof(ret_error, r,
4148 "Failed to kill unit cgroup: %m");
0f23564a 4149 RET_GATHER(ret, log_unit_warning_errno(u, r, "Failed to kill unit cgroup '%s': %m", p));
ba16a93d
MY		 4150 goto finish;
4151 }
4152 /* Fall back to manual enumeration */
0f23564a
LP		 4153 } else if (IN_SET(whom, KILL_ALL, KILL_ALL_FAIL)) {
4154 /* Exclude the main/control pids from being killed via the cgroup if not
4155 * SIGKILL */
ba16a93d
MY		 4156 r = unit_pid_set(u, &pid_set);
4157 if (r < 0)
4158 return log_oom();
4159 }
9cc54544 4160
0f23564a 4161 r = cg_kill_recursive(p, signo, /* flags= */ 0, pid_set, kill_common_log, u);
9cc54544
LP		 4162 if (r < 0 && !IN_SET(r, -ESRCH, -ENOENT)) {
4163 if (ret >= 0)
4164 sd_bus_error_set_errnof(
4165 ret_error, r,
0f23564a
LP		 4166 "Failed to send signal SIG%s to processes in unit cgroup '%s': %m",
4167 signal_to_string(signo), p);
9cc54544 4168
ba16a93d
MY		 4169 RET_GATHER(ret, log_unit_warning_errno(
4170 u, r,
0f23564a
LP		 4171 "Failed to send signal SIG%s to processes in unit cgroup '%s' on client request: %m",
4172 signal_to_string(signo), p));
9cc54544 4173 }
9afe65d9 4174 killed = killed || r > 0;
ec5e2a13 4175 }
814cc562
MS		 4176 }
4177
ba16a93d 4178finish:
2ae0508e 4179 /* If the "fail" versions of the operation are requested, then complain if the set of processes we killed is empty */
0f23564a 4180 if (ret >= 0 && !killed && IN_SET(whom, KILL_ALL_FAIL, KILL_CONTROL_FAIL, KILL_MAIN_FAIL, KILL_CGROUP_FAIL))
ec5e2a13 4181 return sd_bus_error_set_const(ret_error, BUS_ERROR_NO_SUCH_PROCESS, "No matching processes to kill");
ac5e3a50 4182
a721cd00 4183 return ret;
814cc562
MS		 4184}
4185
6210e7fc
LP		 4186int unit_following_set(Unit *u, Set **s) {
4187 assert(u);
4188 assert(s);
4189
4190 if (UNIT_VTABLE(u)->following_set)
4191 return UNIT_VTABLE(u)->following_set(u, s);
4192
4193 *s = NULL;
4194 return 0;
4195}
4196
a4375746 4197UnitFileState unit_get_unit_file_state(Unit *u) {
0ec0deaa
LP		 4198 int r;
4199
a4375746
LP		 4200 assert(u);
4201
e735bc49
LP		 4202 if (u->unit_file_state >= 0 || !u->fragment_path)
4203 return u->unit_file_state;
4204
4205 /* If we know this is a transient unit no need to ask the unit file state for details. Let's bypass
4206 * the more expensive on-disk check. */
4207 if (u->transient)
4208 return (u->unit_file_state = UNIT_FILE_TRANSIENT);
4209
4210 r = unit_file_get_state(
4211 u->manager->runtime_scope,
4212 /* root_dir= */ NULL,
4213 u->id,
4214 &u->unit_file_state);
4215 if (r < 0)
4216 u->unit_file_state = UNIT_FILE_BAD;
a4375746 4217
ac155bb8 4218 return u->unit_file_state;
a4375746
LP		 4219}
4220
e77e07f6 4221PresetAction unit_get_unit_file_preset(Unit *u) {
a99626c1
LP		 4222 int r;
4223
d2dc52db
LP		 4224 assert(u);
4225
cb16d391 4226 if (u->unit_file_preset >= 0)
e735bc49 4227 return u->unit_file_preset;
a99626c1 4228
e735bc49
LP		 4229 /* If this is a transient or perpetual unit file it doesn't make much sense to ask the preset
4230 * database about this, because enabling/disabling makes no sense for either. Hence don't. */
cb16d391 4231 if (!u->fragment_path || u->transient || u->perpetual)
e735bc49 4232 return (u->unit_file_preset = -ENOEXEC);
a99626c1 4233
e735bc49
LP		 4234 _cleanup_free_ char *bn = NULL;
4235 r = path_extract_filename(u->fragment_path, &bn);
4236 if (r < 0)
4237 return (u->unit_file_preset = r);
4238 if (r == O_DIRECTORY)
4239 return (u->unit_file_preset = -EISDIR);
a99626c1 4240
e735bc49 4241 return (u->unit_file_preset = unit_file_query_preset(
4870133b 4242 u->manager->runtime_scope,
e735bc49 4243 /* root_dir= */ NULL,
a99626c1 4244 bn,
396b3a1e 4245 /* cached= */ NULL));
d2dc52db
LP		 4246}
4247
7f7d01ed 4248Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
57020a3a 4249 assert(ref);
7f7d01ed
ZJS		 4250 assert(source);
4251 assert(target);
57020a3a 4252
7f7d01ed 4253 if (ref->target)
57020a3a
LP		 4254 unit_ref_unset(ref);
4255
7f7d01ed
ZJS		 4256 ref->source = source;
4257 ref->target = target;
4258 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
4259 return target;
57020a3a
LP		 4260}
4261
4262void unit_ref_unset(UnitRef *ref) {
4263 assert(ref);
4264
7f7d01ed 4265 if (!ref->target)
57020a3a
LP		 4266 return;
4267
b75102e5
LP		 4268 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4269 * be unreferenced now. */
7f7d01ed 4270 unit_add_to_gc_queue(ref->target);
b75102e5 4271
7f7d01ed
ZJS		 4272 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
4273 ref->source = ref->target = NULL;
57020a3a
LP		 4274}
4275
29206d46
LP		 4276static int user_from_unit_name(Unit *u, char **ret) {
4277
4278 static const uint8_t hash_key[] = {
4279 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4280 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4281 };
4282
4283 _cleanup_free_ char *n = NULL;
4284 int r;
4285
4286 r = unit_name_to_prefix(u->id, &n);
4287 if (r < 0)
4288 return r;
4289
7a8867ab 4290 if (valid_user_group_name(n, 0)) {
ae2a15bc 4291 *ret = TAKE_PTR(n);
29206d46
LP		 4292 return 0;
4293 }
4294
4295 /* If we can't use the unit name as a user name, then let's hash it and use that */
4296 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4297 return -ENOMEM;
4298
4299 return 0;
4300}
4301
2234032c 4302static int unit_verify_contexts(const Unit *u) {
52d8ba71
MY		 4303 assert(u);
4304
2234032c 4305 const ExecContext *ec = unit_get_exec_context(u);
52d8ba71
MY		 4306 if (!ec)
4307 return 0;
4308
4309 if (MANAGER_IS_USER(u->manager) && ec->dynamic_user)
4310 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "DynamicUser= enabled for user unit, which is not supported. Refusing.");
4311
4312 if (ec->dynamic_user && ec->working_directory_home)
4313 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "WorkingDirectory=~ is not allowed under DynamicUser=yes. Refusing.");
4314
276bd392
MY		 4315 if (ec->working_directory && path_below_api_vfs(ec->working_directory) &&
4316 exec_needs_mount_namespace(ec, /* params = */ NULL, /* runtime = */ NULL))
4317 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "WorkingDirectory= may not be below /proc/, /sys/ or /dev/ when using mount namespacing. Refusing.");
4318
2d8191f4 4319 if (exec_needs_pid_namespace(ec, /* params= */ NULL) && !UNIT_VTABLE(u)->notify_pidref)
406f1775
DDM		 4320 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "PrivatePIDs= setting is only supported for service units. Refusing.");
4321
2234032c
MY		 4322 const KillContext *kc = unit_get_kill_context(u);
4323
4324 if (ec->pam_name && kc && !IN_SET(kc->kill_mode, KILL_CONTROL_GROUP, KILL_MIXED))
4325 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "Unit has PAM enabled. Kill mode must be set to 'control-group' or 'mixed'. Refusing.");
4326
52d8ba71
MY		 4327 return 0;
4328}
4329
6156bec7
YW		 4330static PrivateTmp unit_get_private_var_tmp(const Unit *u, const ExecContext *c) {
4331 assert(u);
4332 assert(c);
4333 assert(c->private_tmp >= 0 && c->private_tmp < _PRIVATE_TMP_MAX);
4334
4335 /* Disable disconnected private tmpfs on /var/tmp/ when DefaultDependencies=no and
4336 * RootImage=/RootDirectory= are not set, as /var/ may be a separated partition.
4337 * See issue #37258. */
4338
4339 /* PrivateTmp=yes/no also enables/disables private tmpfs on /var/tmp/. */
4340 if (c->private_tmp != PRIVATE_TMP_DISCONNECTED)
4341 return c->private_tmp;
4342
4343 /* When DefaultDependencies=yes, disconnected tmpfs is also enabled on /var/tmp/, and an explicit
4344 * dependency to the mount on /var/ will be added in unit_add_exec_dependencies(). */
4345 if (u->default_dependencies)
4346 return PRIVATE_TMP_DISCONNECTED;
4347
4348 /* When RootImage=/RootDirectory= is enabled, /var/ should be prepared by the image or directory,
4349 * hence we can mount a disconnected tmpfs on /var/tmp/. */
4350 if (exec_context_with_rootfs(c))
4351 return PRIVATE_TMP_DISCONNECTED;
4352
4353 /* Even if DefaultDependencies=no, enable disconnected tmpfs when
4354 * RequiresMountsFor=/WantsMountsFor=/var/ is explicitly set. */
4355 for (UnitMountDependencyType t = 0; t < _UNIT_MOUNT_DEPENDENCY_TYPE_MAX; t++)
4356 if (hashmap_contains(u->mounts_for[t], "/var/"))
4357 return PRIVATE_TMP_DISCONNECTED;
4358
4359 /* Check the same but for After= with Requires=/Requisite=/Wants= or friends. */
4360 Unit *m = manager_get_unit(u->manager, "var.mount");
4361 if (!m)
4362 return PRIVATE_TMP_NO;
4363
4364 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, m))
4365 return PRIVATE_TMP_NO;
4366
4367 if (unit_has_dependency(u, UNIT_ATOM_PULL_IN_START, m) ||
4368 unit_has_dependency(u, UNIT_ATOM_PULL_IN_VERIFY, m) ||
4369 unit_has_dependency(u, UNIT_ATOM_PULL_IN_START_IGNORED, m))
4370 return PRIVATE_TMP_DISCONNECTED;
4371
4372 return PRIVATE_TMP_NO;
4373}
4374
598459ce
LP		 4375int unit_patch_contexts(Unit *u) {
4376 CGroupContext *cc;
4377 ExecContext *ec;
cba6e062
LP		 4378 int r;
4379
e06c73cc 4380 assert(u);
e06c73cc 4381
598459ce
LP		 4382 /* Patch in the manager defaults into the exec and cgroup
4383 * contexts, _after_ the rest of the settings have been
4384 * initialized */
085afe36 4385
598459ce
LP		 4386 ec = unit_get_exec_context(u);
4387 if (ec) {
4388 /* This only copies in the ones that need memory */
12375b95 4389 for (unsigned i = 0; i < _RLIMIT_MAX; i++)
c9e120e0
LP		 4390 if (u->manager->defaults.rlimit[i] && !ec->rlimit[i]) {
4391 ec->rlimit[i] = newdup(struct rlimit, u->manager->defaults.rlimit[i], 1);
598459ce
LP		 4392 if (!ec->rlimit[i])
4393 return -ENOMEM;
4394 }
4395
4dd884af 4396 if (MANAGER_IS_USER(u->manager) && !ec->working_directory) {
598459ce
LP		 4397 r = get_home_dir(&ec->working_directory);
4398 if (r < 0)
4399 return r;
4c08c824 4400
4dd884af
MY		 4401 if (!ec->working_directory_home)
4402 /* If home directory is implied by us, allow it to be missing. */
4403 ec->working_directory_missing_ok = true;
cba6e062
LP		 4404 }
4405
598459ce 4406 if (ec->private_devices)
2cd0a735 4407 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
502d704e
DH		 4408
4409 if (ec->protect_kernel_modules)
4410 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
29206d46 4411
84703040
KK		 4412 if (ec->protect_kernel_logs)
4413 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYSLOG);
4414
fc64760d
KK		 4415 if (ec->protect_clock)
4416 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_SYS_TIME) | (UINT64_C(1) << CAP_WAKE_ALARM));
4417
29206d46
LP		 4418 if (ec->dynamic_user) {
4419 if (!ec->user) {
4420 r = user_from_unit_name(u, &ec->user);
4421 if (r < 0)
4422 return r;
4423 }
4424
4425 if (!ec->group) {
4426 ec->group = strdup(ec->user);
4427 if (!ec->group)
4428 return -ENOMEM;
4429 }
4430
bf65b7e0
LP		 4431 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4432 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4433 * sandbox. */
63bb64a0 4434
0e551b04
LB		 4435 /* With DynamicUser= we want private directories, so if the user hasn't manually
4436 * selected PrivateTmp=, enable it, but to a fully private (disconnected) tmpfs
4437 * instance. */
2e8a581b 4438 if (ec->private_tmp == PRIVATE_TMP_NO)
0e551b04 4439 ec->private_tmp = PRIVATE_TMP_DISCONNECTED;
00d9ef85 4440 ec->remove_ipc = true;
63bb64a0
LP		 4441 ec->protect_system = PROTECT_SYSTEM_STRICT;
4442 if (ec->protect_home == PROTECT_HOME_NO)
4443 ec->protect_home = PROTECT_HOME_READ_ONLY;
bf65b7e0
LP		 4444
4445 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4446 * them. */
4447 ec->no_new_privileges = true;
4448 ec->restrict_suid_sgid = true;
29206d46 4449 }
a2ab603c 4450
6156bec7
YW		 4451 ec->private_var_tmp = unit_get_private_var_tmp(u, ec);
4452
7b89efda
MY		 4453 FOREACH_ARRAY(d, ec->directories, _EXEC_DIRECTORY_TYPE_MAX)
4454 exec_directory_sort(d);
cba6e062
LP		 4455 }
4456
598459ce 4457 cc = unit_get_cgroup_context(u);
fe65e88b 4458 if (cc && ec) {
f513e420 4459
fe65e88b 4460 if (ec->private_devices &&
084870f9
ZJS		 4461 cc->device_policy == CGROUP_DEVICE_POLICY_AUTO)
4462 cc->device_policy = CGROUP_DEVICE_POLICY_CLOSED;
fe65e88b 4463
63857bf4 4464 /* Only add these if needed, as they imply that everything else is blocked. */
f3393148 4465 if (cgroup_context_has_device_policy(cc)) {
63857bf4
LB		 4466 if (ec->root_image || ec->mount_images) {
4467
4468 /* When RootImage= or MountImages= is specified, the following devices are touched. */
4469 FOREACH_STRING(p, "/dev/loop-control", "/dev/mapper/control") {
a1044811 4470 r = cgroup_context_add_device_allow(cc, p, CGROUP_DEVICE_READ|CGROUP_DEVICE_WRITE);
63857bf4
LB		 4471 if (r < 0)
4472 return r;
4473 }
4474 FOREACH_STRING(p, "block-loop", "block-blkext", "block-device-mapper") {
a1044811 4475 r = cgroup_context_add_device_allow(cc, p, CGROUP_DEVICE_READ|CGROUP_DEVICE_WRITE|CGROUP_DEVICE_MKNOD);
63857bf4
LB		 4476 if (r < 0)
4477 return r;
4478 }
fe65e88b 4479
63857bf4
LB		 4480 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices.
4481 * Same for mapper and verity. */
4482 FOREACH_STRING(p, "modprobe@loop.service", "modprobe@dm_mod.service", "modprobe@dm_verity.service") {
4483 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, p, true, UNIT_DEPENDENCY_FILE);
4484 if (r < 0)
4485 return r;
4486 }
0cffae95 4487 }
867af728 4488
63857bf4 4489 if (ec->protect_clock) {
a1044811 4490 r = cgroup_context_add_device_allow(cc, "char-rtc", CGROUP_DEVICE_READ);
0cffae95
LB		 4491 if (r < 0)
4492 return r;
4493 }
fe65e88b 4494 }
598459ce 4495 }
f1660f96 4496
2234032c 4497 return unit_verify_contexts(u);
e06c73cc
LP		 4498}
4499
c2503e35 4500ExecContext *unit_get_exec_context(const Unit *u) {
3ef63c31
LP		 4501 size_t offset;
4502 assert(u);
4503
598459ce
LP		 4504 if (u->type < 0)
4505 return NULL;
4506
3ef63c31
LP		 4507 offset = UNIT_VTABLE(u)->exec_context_offset;
4508 if (offset <= 0)
4509 return NULL;
4510
4511 return (ExecContext*) ((uint8_t*) u + offset);
4512}
4513
9cc54544 4514KillContext *unit_get_kill_context(const Unit *u) {
718db961
LP		 4515 size_t offset;
4516 assert(u);
4517
598459ce
LP		 4518 if (u->type < 0)
4519 return NULL;
4520
718db961
LP		 4521 offset = UNIT_VTABLE(u)->kill_context_offset;
4522 if (offset <= 0)
4523 return NULL;
4524
4525 return (KillContext*) ((uint8_t*) u + offset);
4526}
4527
9cc54544 4528CGroupContext *unit_get_cgroup_context(const Unit *u) {
4ad49000
LP		 4529 size_t offset;
4530
598459ce
LP		 4531 if (u->type < 0)
4532 return NULL;
4533
4ad49000
LP		 4534 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4535 if (offset <= 0)
4536 return NULL;
4537
4538 return (CGroupContext*) ((uint8_t*) u + offset);
4539}
4540
9cc54544 4541ExecRuntime *unit_get_exec_runtime(const Unit *u) {
613b411c
LP		 4542 size_t offset;
4543
598459ce
LP		 4544 if (u->type < 0)
4545 return NULL;
4546
613b411c
LP		 4547 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4548 if (offset <= 0)
4549 return NULL;
4550
28135da3 4551 return *(ExecRuntime**) ((uint8_t*) u + offset);
613b411c
LP		 4552}
4553
9cc54544
LP		 4554CGroupRuntime *unit_get_cgroup_runtime(const Unit *u) {
4555 size_t offset;
4556
4557 if (u->type < 0)
4558 return NULL;
4559
4560 offset = UNIT_VTABLE(u)->cgroup_runtime_offset;
4561 if (offset <= 0)
4562 return NULL;
4563
4564 return *(CGroupRuntime**) ((uint8_t*) u + offset);
4565}
4566
2e59b241 4567static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
3f5e8115
LP		 4568 assert(u);
4569
2e59b241 4570 if (UNIT_WRITE_FLAGS_NOOP(flags))
4f4afc88
LP		 4571 return NULL;
4572
39591351
LP		 4573 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4574 return u->manager->lookup_paths.transient;
26d04f86 4575
2e59b241 4576 if (flags & UNIT_PERSISTENT)
4f4afc88 4577 return u->manager->lookup_paths.persistent_control;
26d04f86 4578
2e59b241
LP		 4579 if (flags & UNIT_RUNTIME)
4580 return u->manager->lookup_paths.runtime_control;
4581
39591351 4582 return NULL;
71645aca
LP		 4583}
4584
68ecb48b
ZJS		 4585const char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4586 assert(s);
8c41640a 4587 assert(popcount(flags & (UNIT_ESCAPE_EXEC_SYNTAX_ENV | UNIT_ESCAPE_EXEC_SYNTAX | UNIT_ESCAPE_C)) <= 1);
68ecb48b 4588 assert(buf);
24536beb
ZJS		 4589
4590 _cleanup_free_ char *t = NULL;
2e59b241 4591
68ecb48b
ZJS		 4592 /* Returns a string with any escaping done. If no escaping was necessary, *buf is set to NULL, and
4593 * the input pointer is returned as-is. If an allocation was needed, the return buffer pointer is
4594 * written to *buf. This means the return value always contains a properly escaped version, but *buf
4595 * only contains a pointer if an allocation was made. Callers can use this to optimize memory
4596 * allocations. */
2e59b241
LP		 4597
4598 if (flags & UNIT_ESCAPE_SPECIFIERS) {
24536beb
ZJS		 4599 t = specifier_escape(s);
4600 if (!t)
2e59b241
LP		 4601 return NULL;
4602
24536beb 4603 s = t;
2e59b241
LP		 4604 }
4605
4a055e5a 4606 /* We either do C-escaping or shell-escaping, to additionally escape characters that we parse for
e7416db1 4607 * ExecStart= and friends, i.e. '$' and quotes. */
24536beb 4608
8c41640a 4609 if (flags & (UNIT_ESCAPE_EXEC_SYNTAX_ENV | UNIT_ESCAPE_EXEC_SYNTAX)) {
e7416db1
ZJS		 4610 char *t2;
4611
8c41640a
ZJS		 4612 if (flags & UNIT_ESCAPE_EXEC_SYNTAX_ENV) {
4613 t2 = strreplace(s, "$", "$$");
4614 if (!t2)
4615 return NULL;
4616 free_and_replace(t, t2);
4617 }
e7416db1 4618
8c41640a 4619 t2 = shell_escape(t ?: s, "\"");
24536beb
ZJS		 4620 if (!t2)
4621 return NULL;
4622 free_and_replace(t, t2);
4623
4624 s = t;
2e59b241 4625
24536beb 4626 } else if (flags & UNIT_ESCAPE_C) {
e7416db1
ZJS		 4627 char *t2;
4628
4629 t2 = cescape(s);
24536beb 4630 if (!t2)
2e59b241 4631 return NULL;
24536beb 4632 free_and_replace(t, t2);
2e59b241 4633
24536beb 4634 s = t;
2e59b241
LP		 4635 }
4636
68ecb48b
ZJS		 4637 *buf = TAKE_PTR(t);
4638 return s;
2e59b241
LP		 4639}
4640
4641char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4642 _cleanup_free_ char *result = NULL;
319a4f4b 4643 size_t n = 0;
2e59b241 4644
24536beb
ZJS		 4645 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command
4646 * lines in a way suitable for ExecStart= stanzas. */
2e59b241
LP		 4647
4648 STRV_FOREACH(i, l) {
4649 _cleanup_free_ char *buf = NULL;
4650 const char *p;
4651 size_t a;
4652 char *q;
4653
4654 p = unit_escape_setting(*i, flags, &buf);
4655 if (!p)
4656 return NULL;
4657
4658 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
319a4f4b 4659 if (!GREEDY_REALLOC(result, n + a + 1))
2e59b241
LP		 4660 return NULL;
4661
4662 q = result + n;
4663 if (n > 0)
4664 *(q++) = ' ';
4665
4666 *(q++) = '"';
4667 q = stpcpy(q, p);
4668 *(q++) = '"';
4669
4670 n += a;
4671 }
4672
319a4f4b 4673 if (!GREEDY_REALLOC(result, n + 1))
2e59b241
LP		 4674 return NULL;
4675
4676 result[n] = 0;
4677
ae2a15bc 4678 return TAKE_PTR(result);
2e59b241
LP		 4679}
4680
4681int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4682 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
2a9a6f8a 4683 const char *dir, *wrapped;
26d04f86 4684 int r;
71645aca
LP		 4685
4686 assert(u);
2e59b241
LP		 4687 assert(name);
4688 assert(data);
4689
4690 if (UNIT_WRITE_FLAGS_NOOP(flags))
4691 return 0;
4692
4693 data = unit_escape_setting(data, flags, &escaped);
4694 if (!data)
4695 return -ENOMEM;
4696
4697 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4698 * previous section header is the same */
4699
4700 if (flags & UNIT_PRIVATE) {
4701 if (!UNIT_VTABLE(u)->private_section)
4702 return -EINVAL;
4703
4704 if (!u->transient_file || u->last_section_private < 0)
4705 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4706 else if (u->last_section_private == 0)
4707 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4708 } else {
4709 if (!u->transient_file || u->last_section_private < 0)
4710 data = strjoina("[Unit]\n", data);
4711 else if (u->last_section_private > 0)
4712 data = strjoina("\n[Unit]\n", data);
4713 }
71645aca 4714
4f4afc88 4715 if (u->transient_file) {
0160a1db
MY		 4716 /* When this is a transient unit file in creation, then let's not create a new drop-in,
4717 * but instead write to the transient unit file. */
4718 fputs_with_newline(u->transient_file, data);
2e59b241
LP		 4719
4720 /* Remember which section we wrote this entry to */
4721 u->last_section_private = !!(flags & UNIT_PRIVATE);
8e2af478 4722 return 0;
2e59b241 4723 }
8e2af478 4724
2e59b241 4725 dir = unit_drop_in_dir(u, flags);
39591351
LP		 4726 if (!dir)
4727 return -EINVAL;
71645aca 4728
2a9a6f8a 4729 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
3f71dec5 4730 "# or an equivalent operation. Do not edit.\n",
2a9a6f8a
ZJS		 4731 data,
4732 "\n");
e20b2a86 4733
815b09d3 4734 r = drop_in_file(dir, u->id, 50, name, &p, &q);
adb76a70
WC		 4735 if (r < 0)
4736 return r;
4737
45639f1b 4738 (void) mkdir_p_label(p, 0755);
4dba44a5
ZJS		 4739
4740 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4741 * recreate the cache after every drop-in we write. */
4742 if (u->manager->unit_path_cache) {
16c7555e 4743 r = set_put_strdup_full(&u->manager->unit_path_cache, &path_hash_ops_free, p);
4dba44a5
ZJS		 4744 if (r < 0)
4745 return r;
4746 }
4747
8eeb8709 4748 r = write_string_file(q, wrapped, WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC|WRITE_STRING_FILE_LABEL);
adb76a70
WC		 4749 if (r < 0)
4750 return r;
4751
815b09d3 4752 r = strv_push(&u->dropin_paths, q);
adb76a70
WC		 4753 if (r < 0)
4754 return r;
815b09d3 4755 q = NULL;
adb76a70 4756
adb76a70
WC		 4757 strv_uniq(u->dropin_paths);
4758
4759 u->dropin_mtime = now(CLOCK_REALTIME);
4760
4761 return 0;
26d04f86 4762}
71645aca 4763
2e59b241 4764int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
b9ec9359
LP		 4765 _cleanup_free_ char *p = NULL;
4766 va_list ap;
4767 int r;
4768
4769 assert(u);
4770 assert(name);
4771 assert(format);
4772
2e59b241 4773 if (UNIT_WRITE_FLAGS_NOOP(flags))
b9ec9359
LP		 4774 return 0;
4775
4776 va_start(ap, format);
4777 r = vasprintf(&p, format, ap);
4778 va_end(ap);
4779
4780 if (r < 0)
4781 return -ENOMEM;
4782
2e59b241 4783 return unit_write_setting(u, flags, name, p);
b9ec9359 4784}
71645aca 4785
c2756a68 4786int unit_make_transient(Unit *u) {
0126c8f3 4787 _cleanup_free_ char *path = NULL;
4f4afc88 4788 FILE *f;
4f4afc88 4789
c2756a68
LP		 4790 assert(u);
4791
3f5e8115
LP		 4792 if (!UNIT_VTABLE(u)->can_transient)
4793 return -EOPNOTSUPP;
4794
45639f1b
LP		 4795 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4796
657ee2d8 4797 path = path_join(u->manager->lookup_paths.transient, u->id);
4f4afc88
LP		 4798 if (!path)
4799 return -ENOMEM;
4800
4801 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4802 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4803
2053593f 4804 WITH_UMASK(0022) {
4f4afc88 4805 f = fopen(path, "we");
0126c8f3 4806 if (!f)
78e334b5 4807 return -errno;
4f4afc88
LP		 4808 }
4809
0126c8f3 4810 safe_fclose(u->transient_file);
4f4afc88
LP		 4811 u->transient_file = f;
4812
0126c8f3 4813 free_and_replace(u->fragment_path, path);
7c65093a 4814
7c65093a
LP		 4815 u->source_path = mfree(u->source_path);
4816 u->dropin_paths = strv_free(u->dropin_paths);
4817 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4818
4f4afc88
LP		 4819 u->load_state = UNIT_STUB;
4820 u->load_error = 0;
4821 u->transient = true;
4822
7c65093a
LP		 4823 unit_add_to_dbus_queue(u);
4824 unit_add_to_gc_queue(u);
c2756a68 4825
4f4afc88
LP		 4826 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4827 u->transient_file);
4828
3f5e8115 4829 return 0;
c2756a68
LP		 4830}
4831
5ffa9490
MY		 4832static bool ignore_leftover_process(const char *comm) {
4833 return comm && comm[0] == '('; /* Most likely our own helper process (PAM?), ignore */
4834}
4835
4d1b2df1 4836static int log_kill(const PidRef *pid, int sig, void *userdata) {
5ffa9490 4837 const Unit *u = ASSERT_PTR(userdata);
1d98fef1
LP		 4838 _cleanup_free_ char *comm = NULL;
4839
4d1b2df1
LP		 4840 assert(pidref_is_set(pid));
4841
4842 (void) pidref_get_comm(pid, &comm);
1d98fef1 4843
5ffa9490 4844 if (ignore_leftover_process(comm))
500cd2e8 4845 /* Although we didn't log anything, as this callback is used in unit_kill_context we must return 1
4846 * here to let the manager know that a process was killed. */
4847 return 1;
1d98fef1 4848
5ffa9490 4849 log_unit_notice(u,
1d98fef1 4850 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4d1b2df1 4851 pid->pid,
1d98fef1
LP		 4852 strna(comm),
4853 signal_to_string(sig));
c53d2d54
DB		 4854
4855 return 1;
1d98fef1
LP		 4856}
4857
efa75d70
LP		 4858static int operation_to_signal(
4859 const KillContext *c,
4860 KillOperation k,
4861 bool *ret_noteworthy) {
4862
1d98fef1 4863 assert(c);
5ffa9490 4864 assert(ret_noteworthy);
1d98fef1
LP		 4865
4866 switch (k) {
4867
4868 case KILL_TERMINATE:
4869 case KILL_TERMINATE_AND_LOG:
b98d6bff 4870 *ret_noteworthy = k == KILL_TERMINATE_AND_LOG;
1d98fef1
LP		 4871 return c->kill_signal;
4872
a232ebcc 4873 case KILL_RESTART:
efa75d70 4874 *ret_noteworthy = false;
a232ebcc
ZJS		 4875 return restart_kill_signal(c);
4876
1d98fef1 4877 case KILL_KILL:
efa75d70 4878 *ret_noteworthy = true;
fbb48d4c 4879 return c->final_kill_signal;
1d98fef1 4880
c87700a1 4881 case KILL_WATCHDOG:
efa75d70 4882 *ret_noteworthy = true;
c87700a1 4883 return c->watchdog_signal;
1d98fef1
LP		 4884
4885 default:
04499a70 4886 assert_not_reached();
1d98fef1
LP		 4887 }
4888}
4889
fe80d626
YW		 4890static int unit_kill_context_one(
4891 Unit *u,
4892 const PidRef *pidref,
4893 const char *type,
4894 bool is_alien,
4895 int sig,
4896 bool send_sighup,
4897 cg_kill_log_func_t log_func) {
4898
4899 int r;
4900
4901 assert(u);
4902 assert(type);
4903
4904 /* This returns > 0 if it makes sense to wait for SIGCHLD for the process, == 0 if not. */
4905
4906 if (!pidref_is_set(pidref))
4907 return 0;
4908
4909 if (log_func)
4910 log_func(pidref, sig, u);
4911
4912 r = pidref_kill_and_sigcont(pidref, sig);
4913 if (r == -ESRCH)
4914 return !is_alien;
4915 if (r < 0) {
4916 _cleanup_free_ char *comm = NULL;
4917
4918 (void) pidref_get_comm(pidref, &comm);
4919 return log_unit_warning_errno(u, r, "Failed to kill %s process " PID_FMT " (%s), ignoring: %m", type, pidref->pid, strna(comm));
4920 }
4921
4922 if (send_sighup)
4923 (void) pidref_kill(pidref, SIGHUP);
4924
4925 return !is_alien;
4926}
4927
b826e317 4928int unit_kill_context(Unit *u, KillOperation k) {
1d98fef1 4929 bool wait_for_exit = false, send_sighup;
59ec09a8 4930 cg_kill_log_func_t log_func = NULL;
b821a397 4931 int sig, r;
cd2086fe
LP		 4932
4933 assert(u);
cd2086fe 4934
8aff7ac4
LP		 4935 /* Kill the processes belonging to this unit, in preparation for shutting the unit down. Returns > 0
4936 * if we killed something worth waiting for, 0 otherwise. Do not confuse with unit_kill_common()
4937 * which is used for user-requested killing of unit processes. */
1d98fef1 4938
b826e317
YW		 4939 KillContext *c = unit_get_kill_context(u);
4940 if (!c || c->kill_mode == KILL_NONE)
cd2086fe
LP		 4941 return 0;
4942
4ab1670f
ZJS		 4943 bool noteworthy;
4944 sig = operation_to_signal(c, k, &noteworthy);
4945 if (noteworthy)
4946 log_func = log_kill;
1d98fef1
LP		 4947
4948 send_sighup =
4949 c->send_sighup &&
4950 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4951 sig != SIGHUP;
4952
b826e317
YW		 4953 bool is_alien;
4954 PidRef *main_pid = unit_main_pid_full(u, &is_alien);
fe80d626
YW		 4955 r = unit_kill_context_one(u, main_pid, "main", is_alien, sig, send_sighup, log_func);
4956 wait_for_exit = wait_for_exit || r > 0;
cd2086fe 4957
fe80d626
YW		 4958 r = unit_kill_context_one(u, unit_control_pid(u), "control", /* is_alien = */ false, sig, send_sighup, log_func);
4959 wait_for_exit = wait_for_exit || r > 0;
cd2086fe 4960
9cc54544
LP		 4961 CGroupRuntime *crt = unit_get_cgroup_runtime(u);
4962 if (crt && crt->cgroup_path &&
b821a397 4963 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
cd2086fe
LP		 4964 _cleanup_set_free_ Set *pid_set = NULL;
4965
82659fd7 4966 /* Exclude the main/control pids from being killed via the cgroup */
ae6a9e65
YW		 4967 r = unit_pid_set(u, &pid_set);
4968 if (r < 0)
4969 return r;
cd2086fe 4970
bd1791b5 4971 r = cg_kill_recursive(
9cc54544 4972 crt->cgroup_path,
bd1791b5
LP		 4973 sig,
4974 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4975 pid_set,
4976 log_func, u);
cd2086fe 4977 if (r < 0) {
4c701096 4978 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
9cc54544 4979 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", empty_to_root(crt->cgroup_path));
b821a397 4980
82659fd7 4981 } else if (r > 0) {
bc6aed7b 4982
3988e248 4983 wait_for_exit = true;
58ea275a 4984
1d98fef1 4985 if (send_sighup) {
ae6a9e65
YW		 4986 r = unit_pid_set(u, &pid_set);
4987 if (r < 0)
4988 return r;
82659fd7 4989
bd1791b5 4990 (void) cg_kill_recursive(
9cc54544 4991 crt->cgroup_path,
bd1791b5
LP		 4992 SIGHUP,
4993 CGROUP_IGNORE_SELF,
4994 pid_set,
3ce64b0f 4995 /* log_kill= */ NULL,
bd1791b5 4996 /* userdata= */ NULL);
82659fd7
LP		 4997 }
4998 }
cd2086fe
LP		 4999 }
5000
5001 return wait_for_exit;
5002}
5003
9e615fa3
LB		 5004int unit_add_mounts_for(Unit *u, const char *path, UnitDependencyMask mask, UnitMountDependencyType type) {
5005 Hashmap **unit_map, **manager_map;
a57f7e2c
LP		 5006 int r;
5007
5008 assert(u);
5009 assert(path);
9e615fa3
LB		 5010 assert(type >= 0 && type < _UNIT_MOUNT_DEPENDENCY_TYPE_MAX);
5011
5012 unit_map = &u->mounts_for[type];
5013 manager_map = &u->manager->units_needing_mounts_for[type];
a57f7e2c 5014
ac19bdd0
ZJS		 5015 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these
5016 * paths in the unit (from the path to the UnitDependencyInfo structure indicating how to the
5017 * dependency came to be). However, we build a prefix table for all possible prefixes so that new
5018 * appearing mount units can easily determine which units to make themselves a dependency of. */
a57f7e2c 5019
70b64bd3
ZJS		 5020 if (!path_is_absolute(path))
5021 return -EINVAL;
5022
9e615fa3 5023 if (hashmap_contains(*unit_map, path)) /* Exit quickly if the path is already covered. */
ac19bdd0 5024 return 0;
eef85c4a 5025
1bee93e6
MY		 5026 if (!unit_type_supported(UNIT_MOUNT)) {
5027 log_once(LOG_NOTICE, "Mount unit not supported, skipping *MountsFor= dependencies.");
5028 return 0;
5029 }
5030
ac19bdd0
ZJS		 5031 /* Use the canonical form of the path as the stored key. We call path_is_normalized()
5032 * only after simplification, since path_is_normalized() rejects paths with '.'.
5033 * path_is_normalized() also verifies that the path fits in PATH_MAX. */
cf3d95b2
YW		 5034 _cleanup_free_ char *p = NULL;
5035 r = path_simplify_alloc(path, &p);
5036 if (r < 0)
5037 return r;
5038 path = p;
a57f7e2c 5039
ca8700e9 5040 if (!path_is_normalized(path))
a57f7e2c 5041 return -EPERM;
a57f7e2c 5042
ac19bdd0 5043 UnitDependencyInfo di = {
eef85c4a
LP		 5044 .origin_mask = mask
5045 };
5046
9e615fa3 5047 r = hashmap_ensure_put(unit_map, &path_hash_ops, p, di.data);
ca8700e9 5048 if (r < 0)
a57f7e2c 5049 return r;
ac19bdd0
ZJS		 5050 assert(r > 0);
5051 TAKE_PTR(p); /* path remains a valid pointer to the string stored in the hashmap */
a57f7e2c 5052
4cb06c59 5053 char prefix[strlen(path) + 1];
ca8700e9 5054 PATH_FOREACH_PREFIX_MORE(prefix, path) {
a57f7e2c
LP		 5055 Set *x;
5056
9e615fa3 5057 x = hashmap_get(*manager_map, prefix);
a57f7e2c 5058 if (!x) {
ca8700e9 5059 _cleanup_free_ char *q = NULL;
a57f7e2c 5060
9e615fa3 5061 r = hashmap_ensure_allocated(manager_map, &path_hash_ops);
742f41ad
LP		 5062 if (r < 0)
5063 return r;
a57f7e2c
LP		 5064
5065 q = strdup(prefix);
5066 if (!q)
5067 return -ENOMEM;
5068
d5099efc 5069 x = set_new(NULL);
ca8700e9 5070 if (!x)
a57f7e2c 5071 return -ENOMEM;
a57f7e2c 5072
9e615fa3 5073 r = hashmap_put(*manager_map, q, x);
a57f7e2c 5074 if (r < 0) {
a57f7e2c
LP		 5075 set_free(x);
5076 return r;
5077 }
ca8700e9 5078 q = NULL;
a57f7e2c
LP		 5079 }
5080
5081 r = set_put(x, u);
5082 if (r < 0)
5083 return r;
5084 }
5085
5086 return 0;
5087}
5088
613b411c 5089int unit_setup_exec_runtime(Unit *u) {
28135da3 5090 _cleanup_(exec_shared_runtime_unrefp) ExecSharedRuntime *esr = NULL;
15220772 5091 _cleanup_(dynamic_creds_unrefp) DynamicCreds *dcreds = NULL;
83123a44 5092 _cleanup_set_free_ Set *units = NULL;
28135da3 5093 ExecRuntime **rt;
15220772 5094 ExecContext *ec;
613b411c 5095 size_t offset;
613b411c 5096 Unit *other;
e8a565cb 5097 int r;
613b411c
LP		 5098
5099 offset = UNIT_VTABLE(u)->exec_runtime_offset;
5100 assert(offset > 0);
5101
28135da3
DDM		 5102 /* Check if there already is an ExecRuntime for this unit? */
5103 rt = (ExecRuntime**) ((uint8_t*) u + offset);
613b411c
LP		 5104 if (*rt)
5105 return 0;
5106
a5801e97 5107 ec = ASSERT_PTR(unit_get_exec_context(u));
15220772 5108
83123a44
YW		 5109 r = unit_get_transitive_dependency_set(u, UNIT_ATOM_JOINS_NAMESPACE_OF, &units);
5110 if (r < 0)
5111 return r;
5112
613b411c 5113 /* Try to get it from somebody else */
83123a44 5114 SET_FOREACH(other, units) {
28135da3
DDM		 5115 r = exec_shared_runtime_acquire(u->manager, NULL, other->id, false, &esr);
5116 if (r < 0)
5117 return r;
5118 if (r > 0)
5119 break;
5120 }
5121
5122 if (!esr) {
15220772 5123 r = exec_shared_runtime_acquire(u->manager, ec, u->id, true, &esr);
28135da3
DDM		 5124 if (r < 0)
5125 return r;
613b411c
LP		 5126 }
5127
15220772
DDM		 5128 if (ec->dynamic_user) {
5129 r = dynamic_creds_make(u->manager, ec->user, ec->group, &dcreds);
5130 if (r < 0)
5131 return r;
5132 }
5133
9c0c6701 5134 r = exec_runtime_make(u, ec, esr, dcreds, rt);
28135da3
DDM		 5135 if (r < 0)
5136 return r;
5137
5138 TAKE_PTR(esr);
15220772 5139 TAKE_PTR(dcreds);
28135da3
DDM		 5140
5141 return r;
613b411c
LP		 5142}
5143
9cc54544
LP		 5144CGroupRuntime *unit_setup_cgroup_runtime(Unit *u) {
5145 size_t offset;
5146
5147 assert(u);
5148
5149 offset = UNIT_VTABLE(u)->cgroup_runtime_offset;
5150 assert(offset > 0);
5151
5152 CGroupRuntime **rt = (CGroupRuntime**) ((uint8_t*) u + offset);
5153 if (*rt)
5154 return *rt;
5155
5156 return (*rt = cgroup_runtime_new());
5157}
5158
1c2e9646 5159bool unit_type_supported(UnitType t) {
88e4bfa6
MS		 5160 static int8_t cache[_UNIT_TYPE_MAX] = {}; /* -1: disabled, 1: enabled: 0: don't know */
5161 int r;
5162
ffcf54d4 5163 assert(t >= 0 && t < _UNIT_TYPE_MAX);
1c2e9646 5164
88e4bfa6
MS		 5165 if (cache[t] == 0) {
5166 char *e;
5167
5168 e = strjoina("SYSTEMD_SUPPORT_", unit_type_to_string(t));
5169
5170 r = getenv_bool(ascii_strupper(e));
5171 if (r < 0 && r != -ENXIO)
5172 log_debug_errno(r, "Failed to parse $%s, ignoring: %m", e);
5173
5174 cache[t] = r == 0 ? -1 : 1;
5175 }
5176 if (cache[t] < 0)
5177 return false;
5178
1c2e9646
LP		 5179 if (!unit_vtable[t]->supported)
5180 return true;
5181
5182 return unit_vtable[t]->supported();
5183}
5184
8b4305c7
LP		 5185void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
5186 int r;
5187
5188 assert(u);
5189 assert(where);
5190
c2503e35
RH		 5191 if (!unit_log_level_test(u, LOG_NOTICE))
5192 return;
5193
db55bbf2 5194 r = dir_is_empty(where, /* ignore_hidden_or_backup= */ false);
3f602115 5195 if (r > 0 || r == -ENOTDIR)
8b4305c7
LP		 5196 return;
5197 if (r < 0) {
5198 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
5199 return;
5200 }
5201
c2503e35 5202 log_unit_struct(u, LOG_NOTICE,
3cf6a3a3 5203 LOG_MESSAGE_ID(SD_MESSAGE_OVERMOUNTING_STR),
c2503e35
RH		 5204 LOG_UNIT_INVOCATION_ID(u),
5205 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
3cf6a3a3 5206 LOG_ITEM("WHERE=%s", where));
8b4305c7
LP		 5207}
5208
38c35970
LP		 5209int unit_log_noncanonical_mount_path(Unit *u, const char *where) {
5210 assert(u);
5211 assert(where);
5212
5213 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
5214 log_unit_struct(u, LOG_ERR,
3cf6a3a3 5215 LOG_MESSAGE_ID(SD_MESSAGE_NON_CANONICAL_MOUNT_STR),
38c35970
LP		 5216 LOG_UNIT_INVOCATION_ID(u),
5217 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
3cf6a3a3 5218 LOG_ITEM("WHERE=%s", where));
38c35970
LP		 5219
5220 return -ELOOP;
5221}
5222
5223int unit_fail_if_noncanonical_mount_path(Unit *u, const char* where) {
8b4305c7
LP		 5224 int r;
5225
5226 assert(u);
5227 assert(where);
5228
38c35970
LP		 5229 _cleanup_free_ char *canonical_where = NULL;
5230 r = chase(where, /* root= */ NULL, CHASE_NONEXISTENT, &canonical_where, /* ret_fd= */ NULL);
8b4305c7 5231 if (r < 0) {
25cd4964 5232 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
8b4305c7
LP		 5233 return 0;
5234 }
25cd4964
AJ		 5235
5236 /* We will happily ignore a trailing slash (or any redundant slashes) */
5237 if (path_equal(where, canonical_where))
8b4305c7
LP		 5238 return 0;
5239
38c35970 5240 return unit_log_noncanonical_mount_path(u, where);
8b4305c7 5241}
0f13f3bd
LP		 5242
5243bool unit_is_pristine(Unit *u) {
5244 assert(u);
5245
1f832446
ZJS		 5246 /* Check if the unit already exists or is already around, in a number of different ways. Note that to
5247 * cater for unit types such as slice, we are generally fine with units that are marked UNIT_LOADED
5248 * even though nothing was actually loaded, as those unit types don't require a file on disk.
5249 *
5250 * Note that we don't check for drop-ins here, because we allow drop-ins for transient units
5251 * identically to non-transient units, both unit-specific and hierarchical. E.g. for a-b-c.service:
5252 * service.d/….conf, a-.service.d/….conf, a-b-.service.d/….conf, a-b-c.service.d/….conf.
5253 */
0f13f3bd 5254
b146a734
ZJS		 5255 return IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) &&
5256 !u->fragment_path &&
5257 !u->source_path &&
b146a734
ZJS		 5258 !u->job &&
5259 !u->merged_into;
0f13f3bd 5260}
291d565a 5261
37eb258e 5262PidRef* unit_control_pid(Unit *u) {
291d565a
LP		 5263 assert(u);
5264
5265 if (UNIT_VTABLE(u)->control_pid)
5266 return UNIT_VTABLE(u)->control_pid(u);
5267
37eb258e 5268 return NULL;
291d565a
LP		 5269}
5270
3e22239d 5271PidRef* unit_main_pid_full(Unit *u, bool *ret_is_alien) {
291d565a
LP		 5272 assert(u);
5273
5274 if (UNIT_VTABLE(u)->main_pid)
3e22239d 5275 return UNIT_VTABLE(u)->main_pid(u, ret_is_alien);
291d565a 5276
3e22239d
YW		 5277 if (ret_is_alien)
5278 *ret_is_alien = false;
37eb258e 5279 return NULL;
291d565a 5280}
00d9ef85 5281
3bb48b19
TM		 5282static void unit_modify_user_nft_set(Unit *u, bool add, NFTSetSource source, uint32_t element) {
5283 int r;
5284
5285 assert(u);
5286
5287 if (!MANAGER_IS_SYSTEM(u->manager))
5288 return;
5289
5290 CGroupContext *c;
5291 c = unit_get_cgroup_context(u);
5292 if (!c)
5293 return;
5294
7184f836
YW		 5295 if (!u->manager->nfnl) {
5296 r = sd_nfnl_socket_open(&u->manager->nfnl);
3bb48b19
TM		 5297 if (r < 0)
5298 return;
3bb48b19
TM		 5299 }
5300
5301 FOREACH_ARRAY(nft_set, c->nft_set_context.sets, c->nft_set_context.n_sets) {
5302 if (nft_set->source != source)
5303 continue;
5304
7184f836 5305 r = nft_set_element_modify_any(u->manager->nfnl, add, nft_set->nfproto, nft_set->table, nft_set->set, &element, sizeof(element));
3bb48b19 5306 if (r < 0)
2fe2ee9a 5307 log_warning_errno(r, "Failed to %s NFT set entry: family %s, table %s, set %s, ID %u, ignoring: %m",
3bb48b19
TM		 5308 add? "add" : "delete", nfproto_to_string(nft_set->nfproto), nft_set->table, nft_set->set, element);
5309 else
2fe2ee9a 5310 log_debug("%s NFT set entry: family %s, table %s, set %s, ID %u",
3bb48b19
TM		 5311 add? "Added" : "Deleted", nfproto_to_string(nft_set->nfproto), nft_set->table, nft_set->set, element);
5312 }
5313}
5314
00d9ef85
LP		 5315static void unit_unref_uid_internal(
5316 Unit *u,
5317 uid_t *ref_uid,
5318 bool destroy_now,
5319 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
5320
5321 assert(u);
5322 assert(ref_uid);
5323 assert(_manager_unref_uid);
5324
5325 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
5326 * gid_t are actually the same time, with the same validity rules.
5327 *
5328 * Drops a reference to UID/GID from a unit. */
5329
5330 assert_cc(sizeof(uid_t) == sizeof(gid_t));
5331 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
5332
5333 if (!uid_is_valid(*ref_uid))
5334 return;
5335
5336 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
5337 *ref_uid = UID_INVALID;
5338}
5339
b90cf102 5340static void unit_unref_uid(Unit *u, bool destroy_now) {
3bb48b19
TM		 5341 assert(u);
5342
5343 unit_modify_user_nft_set(u, /* add = */ false, NFT_SET_SOURCE_USER, u->ref_uid);
5344
00d9ef85
LP		 5345 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
5346}
5347
b90cf102 5348static void unit_unref_gid(Unit *u, bool destroy_now) {
3bb48b19
TM		 5349 assert(u);
5350
5351 unit_modify_user_nft_set(u, /* add = */ false, NFT_SET_SOURCE_GROUP, u->ref_gid);
5352
00d9ef85
LP		 5353 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
5354}
5355
b90cf102
LP		 5356void unit_unref_uid_gid(Unit *u, bool destroy_now) {
5357 assert(u);
5358
5359 unit_unref_uid(u, destroy_now);
5360 unit_unref_gid(u, destroy_now);
5361}
5362
00d9ef85
LP		 5363static int unit_ref_uid_internal(
5364 Unit *u,
5365 uid_t *ref_uid,
5366 uid_t uid,
5367 bool clean_ipc,
5368 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
5369
5370 int r;
5371
5372 assert(u);
5373 assert(ref_uid);
5374 assert(uid_is_valid(uid));
5375 assert(_manager_ref_uid);
5376
5377 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
5378 * are actually the same type, and have the same validity rules.
5379 *
5380 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
5381 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
5382 * drops to zero. */
5383
5384 assert_cc(sizeof(uid_t) == sizeof(gid_t));
5385 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
5386
5387 if (*ref_uid == uid)
5388 return 0;
5389
5390 if (uid_is_valid(*ref_uid)) /* Already set? */
5391 return -EBUSY;
5392
5393 r = _manager_ref_uid(u->manager, uid, clean_ipc);
5394 if (r < 0)
5395 return r;
5396
5397 *ref_uid = uid;
5398 return 1;
5399}
5400
b90cf102 5401static int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
00d9ef85
LP		 5402 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
5403}
5404
b90cf102 5405static int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
00d9ef85
LP		 5406 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
5407}
5408
5409static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
5410 int r = 0, q = 0;
5411
5412 assert(u);
5413
5414 /* Reference both a UID and a GID in one go. Either references both, or neither. */
5415
5416 if (uid_is_valid(uid)) {
5417 r = unit_ref_uid(u, uid, clean_ipc);
5418 if (r < 0)
5419 return r;
5420 }
5421
5422 if (gid_is_valid(gid)) {
5423 q = unit_ref_gid(u, gid, clean_ipc);
5424 if (q < 0) {
5425 if (r > 0)
5426 unit_unref_uid(u, false);
5427
5428 return q;
5429 }
5430 }
5431
5432 return r > 0 || q > 0;
5433}
5434
5435int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
5436 ExecContext *c;
5437 int r;
5438
5439 assert(u);
5440
5441 c = unit_get_exec_context(u);
5442
5443 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
5444 if (r < 0)
5445 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
5446
3bb48b19
TM		 5447 unit_modify_user_nft_set(u, /* add = */ true, NFT_SET_SOURCE_USER, uid);
5448 unit_modify_user_nft_set(u, /* add = */ true, NFT_SET_SOURCE_GROUP, gid);
5449
00d9ef85
LP		 5450 return r;
5451}
5452
00d9ef85
LP		 5453void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
5454 int r;
5455
5456 assert(u);
5457
5458 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
5459 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
5460 * objects when no service references the UID/GID anymore. */
5461
5462 r = unit_ref_uid_gid(u, uid, gid);
5463 if (r > 0)
37d0b962 5464 unit_add_to_dbus_queue(u);
00d9ef85 5465}
4b58153d 5466
4b58153d
LP		 5467int unit_acquire_invocation_id(Unit *u) {
5468 sd_id128_t id;
5469 int r;
5470
5471 assert(u);
5472
5473 r = sd_id128_randomize(&id);
5474 if (r < 0)
5475 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
5476
5477 r = unit_set_invocation_id(u, id);
5478 if (r < 0)
5479 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
5480
af92c603 5481 unit_add_to_dbus_queue(u);
4b58153d
LP		 5482 return 0;
5483}
f0d47797 5484
1ad6e8b3
LP		 5485int unit_set_exec_params(Unit *u, ExecParameters *p) {
5486 int r;
5487
7960b0c7
LP		 5488 assert(u);
5489 assert(p);
f0d47797 5490
004c7f16 5491 /* Copy parameters from manager */
1ad6e8b3
LP		 5492 r = manager_get_effective_environment(u->manager, &p->environment);
5493 if (r < 0)
5494 return r;
5495
170d978b
LP		 5496 p->runtime_scope = u->manager->runtime_scope;
5497
6a705f12 5498 r = strdup_to(&p->confirm_spawn, manager_get_confirm_spawn(u->manager));
a5801e97
MY		 5499 if (r < 0)
5500 return r;
bb5232b6 5501
004c7f16
LP		 5502 p->prefix = u->manager->prefix;
5503 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5504
5238e957 5505 /* Copy parameters from unit */
9cc54544
LP		 5506 CGroupRuntime *crt = unit_get_cgroup_runtime(u);
5507 p->cgroup_path = crt ? crt->cgroup_path : NULL;
1d9cc876 5508 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
1ad6e8b3 5509
2ad591a3
LP		 5510 p->received_credentials_directory = u->manager->received_credentials_directory;
5511 p->received_encrypted_credentials_directory = u->manager->received_encrypted_credentials_directory;
bb0c0d6f 5512
c8ccd444 5513 p->shall_confirm_spawn = u->manager->confirm_spawn;
154eb43f
LB		 5514
5515 p->fallback_smack_process_label = u->manager->defaults.smack_process_label;
5516
352ec23c
LP		 5517 if (u->manager->restrict_fs && p->bpf_restrict_fs_map_fd < 0) {
5518 int fd = bpf_restrict_fs_map_fd(u);
154eb43f
LB		 5519 if (fd < 0)
5520 return fd;
5521
352ec23c 5522 p->bpf_restrict_fs_map_fd = fd;
154eb43f
LB		 5523 }
5524
b646fc32 5525 p->user_lookup_fd = u->manager->user_lookup_fds[1];
12001b1b 5526 p->handoff_timestamp_fd = u->manager->handoff_timestamp_fds[1];
406f1775
DDM		 5527 if (UNIT_VTABLE(u)->notify_pidref)
5528 p->pidref_transport_fd = u->manager->pidref_transport_fds[1];
b646fc32 5529
9cc54544 5530 p->cgroup_id = crt ? crt->cgroup_id : 0;
b646fc32
LB		 5531 p->invocation_id = u->invocation_id;
5532 sd_id128_to_string(p->invocation_id, p->invocation_id_string);
5533 p->unit_id = strdup(u->id);
5534 if (!p->unit_id)
5535 return -ENOMEM;
154eb43f 5536
7d8bbfbe
LB		 5537 p->debug_invocation = u->debug_invocation;
5538
1ad6e8b3 5539 return 0;
f0d47797 5540}
a79279c7 5541
5162829e
LB		 5542int unit_fork_helper_process(Unit *u, const char *name, bool into_cgroup, PidRef *ret) {
5543 CGroupRuntime *crt = NULL;
4775b55d 5544 pid_t pid;
a79279c7
LP		 5545 int r;
5546
5547 assert(u);
5548 assert(ret);
5549
5162829e
LB		 5550 /* Forks off a helper process and makes sure it is a member of the unit's cgroup, if configured to
5551 * do so. Returns == 0 in the child, and > 0 in the parent. The pid parameter is always filled in
5552 * with the child's PID. */
a79279c7 5553
5162829e 5554 if (into_cgroup) {
8b4ee3d6
YW		 5555 r = unit_realize_cgroup(u);
5556 if (r < 0)
5557 return r;
a79279c7 5558
8b4ee3d6 5559 crt = unit_get_cgroup_runtime(u);
5162829e 5560 }
9cc54544 5561
e9ccae31 5562 r = safe_fork(name, FORK_REOPEN_LOG|FORK_DEATHSIG_SIGTERM, &pid);
4775b55d
LP		 5563 if (r < 0)
5564 return r;
5565 if (r > 0) {
5566 _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
5567 int q;
5568
5569 /* Parent */
5570
5571 q = pidref_set_pid(&pidref, pid);
5572 if (q < 0)
5573 return q;
5574
5575 *ret = TAKE_PIDREF(pidref);
4c253ed1 5576 return r;
4775b55d
LP		 5577 }
5578
5579 /* Child */
a79279c7 5580
9c274488
LP		 5581 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE);
5582 (void) ignore_signals(SIGPIPE);
a79279c7 5583
5162829e 5584 if (crt && crt->cgroup_path) {
188286ee 5585 r = cg_attach(crt->cgroup_path, 0);
4c253ed1 5586 if (r < 0) {
9cc54544 5587 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", empty_to_root(crt->cgroup_path));
4c253ed1 5588 _exit(EXIT_CGROUP);
a79279c7 5589 }
a79279c7
LP		 5590 }
5591
4c253ed1 5592 return 0;
a79279c7 5593}
c999cf38 5594
4775b55d
LP		 5595int unit_fork_and_watch_rm_rf(Unit *u, char **paths, PidRef *ret_pid) {
5596 _cleanup_(pidref_done) PidRef pid = PIDREF_NULL;
810ef318
YW		 5597 int r;
5598
5599 assert(u);
5600 assert(ret_pid);
5601
5162829e 5602 r = unit_fork_helper_process(u, "(sd-rmrf)", /* into_cgroup= */ true, &pid);
810ef318
YW		 5603 if (r < 0)
5604 return r;
5605 if (r == 0) {
5606 int ret = EXIT_SUCCESS;
810ef318
YW		 5607
5608 STRV_FOREACH(i, paths) {
5609 r = rm_rf(*i, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_MISSING_OK);
5610 if (r < 0) {
5611 log_error_errno(r, "Failed to remove '%s': %m", *i);
5612 ret = EXIT_FAILURE;
5613 }
5614 }
5615
5616 _exit(ret);
5617 }
5618
495e75ed 5619 r = unit_watch_pidref(u, &pid, /* exclusive= */ true);
810ef318
YW		 5620 if (r < 0)
5621 return r;
5622
4775b55d 5623 *ret_pid = TAKE_PIDREF(pid);
810ef318
YW		 5624 return 0;
5625}
5626
15ed3c3a
LP		 5627static void unit_update_dependency_mask(Hashmap *deps, Unit *other, UnitDependencyInfo di) {
5628 assert(deps);
c999cf38
LP		 5629 assert(other);
5630
15ed3c3a 5631 if (di.origin_mask == 0 && di.destination_mask == 0)
c999cf38 5632 /* No bit set anymore, let's drop the whole entry */
15ed3c3a
LP		 5633 assert_se(hashmap_remove(deps, other));
5634 else
c999cf38 5635 /* Mask was reduced, let's update the entry */
15ed3c3a 5636 assert_se(hashmap_update(deps, other, di.data) == 0);
c999cf38
LP		 5637}
5638
5639void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
15ed3c3a 5640 Hashmap *deps;
c999cf38
LP		 5641 assert(u);
5642
5643 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5644
5645 if (mask == 0)
5646 return;
5647
15ed3c3a 5648 HASHMAP_FOREACH(deps, u->dependencies) {
c999cf38
LP		 5649 bool done;
5650
5651 do {
5652 UnitDependencyInfo di;
5653 Unit *other;
c999cf38
LP		 5654
5655 done = true;
5656
15ed3c3a
LP		 5657 HASHMAP_FOREACH_KEY(di.data, other, deps) {
5658 Hashmap *other_deps;
5659
1d6cc5d0 5660 if (FLAGS_SET(~mask, di.origin_mask))
c999cf38 5661 continue;
15ed3c3a 5662
c999cf38 5663 di.origin_mask &= ~mask;
15ed3c3a 5664 unit_update_dependency_mask(deps, other, di);
c999cf38 5665
defe63b0
LP		 5666 /* We updated the dependency from our unit to the other unit now. But most
5667 * dependencies imply a reverse dependency. Hence, let's delete that one
5668 * too. For that we go through all dependency types on the other unit and
5669 * delete all those which point to us and have the right mask set. */
c999cf38 5670
15ed3c3a 5671 HASHMAP_FOREACH(other_deps, other->dependencies) {
c999cf38
LP		 5672 UnitDependencyInfo dj;
5673
15ed3c3a 5674 dj.data = hashmap_get(other_deps, u);
1d6cc5d0 5675 if (FLAGS_SET(~mask, dj.destination_mask))
c999cf38 5676 continue;
c999cf38 5677
15ed3c3a
LP		 5678 dj.destination_mask &= ~mask;
5679 unit_update_dependency_mask(other_deps, u, dj);
c999cf38
LP		 5680 }
5681
5682 unit_add_to_gc_queue(other);
5683
156ba52b
YW		 5684 /* The unit 'other' may not be wanted by the unit 'u'. */
5685 unit_submit_to_stop_when_unneeded_queue(other);
5686
b7777d08
YW		 5687 u->dependency_generation++;
5688 other->dependency_generation++;
5689
c999cf38
LP		 5690 done = false;
5691 break;
5692 }
5693
5694 } while (!done);
5695 }
5696}
d3070fbd 5697
2f8c48b6
AZ		 5698static int unit_get_invocation_path(Unit *u, char **ret) {
5699 char *p;
5700 int r;
5701
5702 assert(u);
5703 assert(ret);
5704
5705 if (MANAGER_IS_SYSTEM(u->manager))
5706 p = strjoin("/run/systemd/units/invocation:", u->id);
5707 else {
5708 _cleanup_free_ char *user_path = NULL;
60cd6deb
MY		 5709
5710 r = xdg_user_runtime_dir("/systemd/units/invocation:", &user_path);
2f8c48b6
AZ		 5711 if (r < 0)
5712 return r;
60cd6deb 5713
2f8c48b6
AZ		 5714 p = strjoin(user_path, u->id);
5715 }
2f8c48b6
AZ		 5716 if (!p)
5717 return -ENOMEM;
5718
5719 *ret = p;
5720 return 0;
5721}
5722
d3070fbd 5723static int unit_export_invocation_id(Unit *u) {
2f8c48b6 5724 _cleanup_free_ char *p = NULL;
d3070fbd
LP		 5725 int r;
5726
5727 assert(u);
5728
5729 if (u->exported_invocation_id)
5730 return 0;
5731
5732 if (sd_id128_is_null(u->invocation_id))
5733 return 0;
5734
2f8c48b6
AZ		 5735 r = unit_get_invocation_path(u, &p);
5736 if (r < 0)
5737 return log_unit_debug_errno(u, r, "Failed to get invocation path: %m");
5738
9ea5a6e7 5739 r = symlinkat_atomic_full(u->invocation_id_string, AT_FDCWD, p, SYMLINK_LABEL);
d3070fbd
LP		 5740 if (r < 0)
5741 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5742
5743 u->exported_invocation_id = true;
5744 return 0;
5745}
5746
7d8bbfbe 5747static int unit_export_log_level_max(Unit *u, int log_level_max, bool overwrite) {
d3070fbd
LP		 5748 const char *p;
5749 char buf[2];
5750 int r;
5751
5752 assert(u);
d3070fbd 5753
7d8bbfbe
LB		 5754 /* When the debug_invocation logic runs, overwrite will be true as we always want to switch the max
5755 * log level that the journal applies, and we want to always restore the previous level once done */
5756
5757 if (!overwrite && u->exported_log_level_max)
d3070fbd
LP		 5758 return 0;
5759
7d8bbfbe 5760 if (log_level_max < 0)
d3070fbd
LP		 5761 return 0;
5762
7d8bbfbe 5763 assert(log_level_max <= 7);
d3070fbd 5764
7d8bbfbe 5765 buf[0] = '0' + log_level_max;
d3070fbd
LP		 5766 buf[1] = 0;
5767
5768 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5769 r = symlink_atomic(buf, p);
5770 if (r < 0)
5771 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5772
5773 u->exported_log_level_max = true;
5774 return 0;
5775}
5776
5777static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
254d1313 5778 _cleanup_close_ int fd = -EBADF;
d3070fbd
LP		 5779 struct iovec *iovec;
5780 const char *p;
5781 char *pattern;
5782 le64_t *sizes;
5783 ssize_t n;
d3070fbd
LP		 5784 int r;
5785
5786 if (u->exported_log_extra_fields)
5787 return 0;
5788
5789 if (c->n_log_extra_fields <= 0)
5790 return 0;
5791
5792 sizes = newa(le64_t, c->n_log_extra_fields);
5793 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5794
12375b95 5795 for (size_t i = 0; i < c->n_log_extra_fields; i++) {
d3070fbd
LP		 5796 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5797
5798 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5799 iovec[i*2+1] = c->log_extra_fields[i];
5800 }
5801
5802 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5803 pattern = strjoina(p, ".XXXXXX");
5804
5805 fd = mkostemp_safe(pattern);
5806 if (fd < 0)
5807 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5808
5809 n = writev(fd, iovec, c->n_log_extra_fields*2);
5810 if (n < 0) {
5811 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5812 goto fail;
5813 }
5814
5815 (void) fchmod(fd, 0644);
5816
5817 if (rename(pattern, p) < 0) {
5818 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5819 goto fail;
5820 }
5821
5822 u->exported_log_extra_fields = true;
5823 return 0;
5824
5825fail:
5826 (void) unlink(pattern);
5827 return r;
5828}
5829
5ac1530e 5830static int unit_export_log_ratelimit_interval(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5831 _cleanup_free_ char *buf = NULL;
5832 const char *p;
5833 int r;
5834
5835 assert(u);
5836 assert(c);
5837
5ac1530e 5838 if (u->exported_log_ratelimit_interval)
90fc172e
AZ		 5839 return 0;
5840
14702b9c 5841 if (c->log_ratelimit.interval == 0)
90fc172e
AZ		 5842 return 0;
5843
5844 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5845
14702b9c 5846 if (asprintf(&buf, "%" PRIu64, c->log_ratelimit.interval) < 0)
90fc172e
AZ		 5847 return log_oom();
5848
5849 r = symlink_atomic(buf, p);
5850 if (r < 0)
5851 return log_unit_debug_errno(u, r, "Failed to create log rate limit interval symlink %s: %m", p);
5852
5ac1530e 5853 u->exported_log_ratelimit_interval = true;
90fc172e
AZ		 5854 return 0;
5855}
5856
5ac1530e 5857static int unit_export_log_ratelimit_burst(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5858 _cleanup_free_ char *buf = NULL;
5859 const char *p;
5860 int r;
5861
5862 assert(u);
5863 assert(c);
5864
5ac1530e 5865 if (u->exported_log_ratelimit_burst)
90fc172e
AZ		 5866 return 0;
5867
14702b9c 5868 if (c->log_ratelimit.burst == 0)
90fc172e
AZ		 5869 return 0;
5870
5871 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5872
14702b9c 5873 if (asprintf(&buf, "%u", c->log_ratelimit.burst) < 0)
90fc172e
AZ		 5874 return log_oom();
5875
5876 r = symlink_atomic(buf, p);
5877 if (r < 0)
5878 return log_unit_debug_errno(u, r, "Failed to create log rate limit burst symlink %s: %m", p);
5879
5ac1530e 5880 u->exported_log_ratelimit_burst = true;
90fc172e
AZ		 5881 return 0;
5882}
5883
d3070fbd
LP		 5884void unit_export_state_files(Unit *u) {
5885 const ExecContext *c;
5886
5887 assert(u);
5888
5889 if (!u->id)
5890 return;
5891
638cece4 5892 if (MANAGER_IS_TEST_RUN(u->manager))
8f632531
LP		 5893 return;
5894
d3070fbd
LP		 5895 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5896 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5897 * the IPC system itself and PID 1 also log to the journal.
5898 *
5899 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5900 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5901 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5902 * namespace at least.
5903 *
5904 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5905 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5906 * them with one. */
5907
5908 (void) unit_export_invocation_id(u);
5909
2f8c48b6
AZ		 5910 if (!MANAGER_IS_SYSTEM(u->manager))
5911 return;
5912
d3070fbd
LP		 5913 c = unit_get_exec_context(u);
5914 if (c) {
7d8bbfbe 5915 (void) unit_export_log_level_max(u, c->log_level_max, /* overwrite= */ false);
d3070fbd 5916 (void) unit_export_log_extra_fields(u, c);
5ac1530e
ZJS		 5917 (void) unit_export_log_ratelimit_interval(u, c);
5918 (void) unit_export_log_ratelimit_burst(u, c);
d3070fbd
LP		 5919 }
5920}
5921
5922void unit_unlink_state_files(Unit *u) {
5923 const char *p;
5924
5925 assert(u);
5926
5927 if (!u->id)
5928 return;
5929
d3070fbd
LP		 5930 /* Undoes the effect of unit_export_state() */
5931
5932 if (u->exported_invocation_id) {
2f8c48b6
AZ		 5933 _cleanup_free_ char *invocation_path = NULL;
5934 int r = unit_get_invocation_path(u, &invocation_path);
5935 if (r >= 0) {
5936 (void) unlink(invocation_path);
5937 u->exported_invocation_id = false;
5938 }
d3070fbd
LP		 5939 }
5940
2f8c48b6
AZ		 5941 if (!MANAGER_IS_SYSTEM(u->manager))
5942 return;
5943
d3070fbd
LP		 5944 if (u->exported_log_level_max) {
5945 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5946 (void) unlink(p);
5947
5948 u->exported_log_level_max = false;
5949 }
5950
5951 if (u->exported_log_extra_fields) {
5952 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5953 (void) unlink(p);
5954
5955 u->exported_log_extra_fields = false;
5956 }
90fc172e 5957
5ac1530e 5958 if (u->exported_log_ratelimit_interval) {
90fc172e
AZ		 5959 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5960 (void) unlink(p);
5961
5ac1530e 5962 u->exported_log_ratelimit_interval = false;
90fc172e
AZ		 5963 }
5964
5ac1530e 5965 if (u->exported_log_ratelimit_burst) {
90fc172e
AZ		 5966 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5967 (void) unlink(p);
5968
5ac1530e 5969 u->exported_log_ratelimit_burst = false;
90fc172e 5970 }
d3070fbd 5971}
5afe510c 5972
7f2a7ccf
MY		 5973int unit_set_debug_invocation(Unit *u, bool enable) {
5974 int r;
5975
7d8bbfbe
LB		 5976 assert(u);
5977
7f2a7ccf 5978 if (u->debug_invocation == enable)
7d8bbfbe
LB		 5979 return 0; /* Nothing to do */
5980
7f2a7ccf
MY		 5981 u->debug_invocation = enable;
5982
7d8bbfbe 5983 /* Ensure that the new log level is exported for the journal, in place of the previous one */
7f2a7ccf
MY		 5984 if (u->exported_log_level_max) {
5985 const ExecContext *ec = unit_get_exec_context(u);
5986 if (ec) {
5987 r = unit_export_log_level_max(u, enable ? LOG_PRI(LOG_DEBUG) : ec->log_level_max, /* overwrite= */ true);
5988 if (r < 0)
5989 return r;
5990 }
5991 }
5992
5993 return 1;
7d8bbfbe
LB		 5994}
5995
3c7416b6
LP		 5996int unit_prepare_exec(Unit *u) {
5997 int r;
5998
5999 assert(u);
6000
6001 /* Prepares everything so that we can fork of a process for this unit */
6002
8b4ee3d6
YW		 6003 r = unit_realize_cgroup(u);
6004 if (r < 0)
6005 return r;
3c7416b6 6006
9cc54544 6007 CGroupRuntime *crt = unit_get_cgroup_runtime(u);
ad48cc6f 6008 if (crt && crt->reset_accounting) {
9b2559a1 6009 (void) unit_reset_accounting(u);
9cc54544 6010 crt->reset_accounting = false;
3c7416b6
LP		 6011 }
6012
6013 unit_export_state_files(u);
6014
6015 r = unit_setup_exec_runtime(u);
6016 if (r < 0)
6017 return r;
6018
3c7416b6
LP		 6019 return 0;
6020}
6021
95e631da
MY		 6022static int unit_log_leftover_process_start(const PidRef *pid, int sig, void *userdata) {
6023 const Unit *u = ASSERT_PTR(userdata);
a4634b21
LP		 6024 _cleanup_free_ char *comm = NULL;
6025
4d1b2df1
LP		 6026 assert(pidref_is_set(pid));
6027
6028 (void) pidref_get_comm(pid, &comm);
a4634b21 6029
4c425434 6030 if (ignore_leftover_process(comm))
c53d2d54 6031 return 0;
a4634b21 6032
4c425434
LP		 6033 /* During start we print a warning */
6034
95e631da 6035 log_unit_warning(u,
a4634b21
LP		 6036 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
6037 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
4d1b2df1 6038 pid->pid, strna(comm));
c53d2d54
DB		 6039
6040 return 1;
a4634b21
LP		 6041}
6042
95e631da
MY		 6043static int unit_log_leftover_process_stop(const PidRef *pid, int sig, void *userdata) {
6044 const Unit *u = ASSERT_PTR(userdata);
4c425434
LP		 6045 _cleanup_free_ char *comm = NULL;
6046
4d1b2df1
LP		 6047 assert(pidref_is_set(pid));
6048
6049 (void) pidref_get_comm(pid, &comm);
4c425434
LP		 6050
6051 if (ignore_leftover_process(comm))
6052 return 0;
6053
6054 /* During stop we only print an informational message */
6055
95e631da 6056 log_unit_info(u,
4c425434 6057 "Unit process " PID_FMT " (%s) remains running after unit stopped.",
4d1b2df1 6058 pid->pid, strna(comm));
4c425434
LP		 6059
6060 return 1;
6061}
6062
95e631da 6063int unit_warn_leftover_processes(Unit *u, bool start) {
23ac0811
MY		 6064 _cleanup_free_ char *cgroup = NULL;
6065 int r;
a4634b21 6066
23ac0811 6067 assert(u);
a4634b21 6068
23ac0811
MY		 6069 r = unit_get_cgroup_path_with_fallback(u, &cgroup);
6070 if (r < 0)
6071 return r;
a4634b21 6072
bd1791b5 6073 return cg_kill_recursive(
23ac0811 6074 cgroup,
bd1791b5
LP		 6075 /* sig= */ 0,
6076 /* flags= */ 0,
684cd01f 6077 /* killed_pids= */ NULL,
95e631da 6078 start ? unit_log_leftover_process_start : unit_log_leftover_process_stop,
bd1791b5 6079 u);
a4634b21
LP		 6080}
6081
bb2c7685
LP		 6082bool unit_needs_console(Unit *u) {
6083 ExecContext *ec;
6084 UnitActiveState state;
6085
6086 assert(u);
6087
6088 state = unit_active_state(u);
6089
6090 if (UNIT_IS_INACTIVE_OR_FAILED(state))
6091 return false;
6092
6093 if (UNIT_VTABLE(u)->needs_console)
6094 return UNIT_VTABLE(u)->needs_console(u);
6095
6096 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
6097 ec = unit_get_exec_context(u);
6098 if (!ec)
6099 return false;
6100
6101 return exec_context_may_touch_console(ec);
6102}
6103
27217200 6104int unit_pid_attachable(Unit *u, PidRef *pid, sd_bus_error *reterr_error) {
6592b975
LP		 6105 int r;
6106
6107 assert(u);
6108
6109 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
6110 * and not a kernel thread either */
6111
6112 /* First, a simple range check */
495e75ed 6113 if (!pidref_is_set(pid))
27217200 6114 return sd_bus_error_set(reterr_error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier is not valid.");
6592b975
LP		 6115
6116 /* Some extra safety check */
a7a87769 6117 if (pid->pid == 1 || pidref_is_self(pid))
27217200 6118 return sd_bus_error_setf(reterr_error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid->pid);
6592b975
LP		 6119
6120 /* Don't even begin to bother with kernel threads */
fc87713b 6121 r = pidref_is_kernel_thread(pid);
6592b975 6122 if (r == -ESRCH)
27217200 6123 return sd_bus_error_setf(reterr_error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid->pid);
6592b975 6124 if (r < 0)
27217200 6125 return sd_bus_error_set_errnof(reterr_error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid->pid);
6592b975 6126 if (r > 0)
27217200 6127 return sd_bus_error_setf(reterr_error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid->pid);
6592b975
LP		 6128
6129 return 0;
6130}
6131
836e4e7e
DDM		 6132int unit_get_log_level_max(const Unit *u) {
6133 if (u) {
6134 if (u->debug_invocation)
6135 return LOG_DEBUG;
6136
6137 ExecContext *ec = unit_get_exec_context(u);
6138 if (ec && ec->log_level_max >= 0)
6139 return ec->log_level_max;
6140 }
6141
6142 return log_get_max_level();
6143}
6144
6145bool unit_log_level_test(const Unit *u, int level) {
6146 assert(u);
6147 return LOG_PRI(level) <= unit_get_log_level_max(u);
6148}
6149
523ee2d4
LP		 6150void unit_log_success(Unit *u) {
6151 assert(u);
6152
edf2ee22
JM		 6153 /* Let's show message "Deactivated successfully" in debug mode (when manager is user) rather than in info mode.
6154 * This message has low information value for regular users and it might be a bit overwhelming on a system with
6155 * a lot of devices. */
6156 log_unit_struct(u,
6157 MANAGER_IS_USER(u->manager) ? LOG_DEBUG : LOG_INFO,
3cf6a3a3 6158 LOG_MESSAGE_ID(SD_MESSAGE_UNIT_SUCCESS_STR),
c2503e35
RH		 6159 LOG_UNIT_INVOCATION_ID(u),
6160 LOG_UNIT_MESSAGE(u, "Deactivated successfully."));
523ee2d4
LP		 6161}
6162
7c047d74
LP		 6163void unit_log_failure(Unit *u, const char *result) {
6164 assert(u);
6165 assert(result);
6166
c2503e35 6167 log_unit_struct(u, LOG_WARNING,
3cf6a3a3 6168 LOG_MESSAGE_ID(SD_MESSAGE_UNIT_FAILURE_RESULT_STR),
c2503e35
RH		 6169 LOG_UNIT_INVOCATION_ID(u),
6170 LOG_UNIT_MESSAGE(u, "Failed with result '%s'.", result),
3cf6a3a3 6171 LOG_ITEM("UNIT_RESULT=%s", result));
7c047d74
LP		 6172}
6173
31cd5f63
AZ		 6174void unit_log_skip(Unit *u, const char *result) {
6175 assert(u);
6176 assert(result);
6177
c2503e35 6178 log_unit_struct(u, LOG_INFO,
3cf6a3a3 6179 LOG_MESSAGE_ID(SD_MESSAGE_UNIT_SKIPPED_STR),
c2503e35
RH		 6180 LOG_UNIT_INVOCATION_ID(u),
6181 LOG_UNIT_MESSAGE(u, "Skipped due to '%s'.", result),
3cf6a3a3 6182 LOG_ITEM("UNIT_RESULT=%s", result));
31cd5f63
AZ		 6183}
6184
91bbd9b7
LP		 6185void unit_log_process_exit(
6186 Unit *u,
91bbd9b7
LP		 6187 const char *kind,
6188 const char *command,
5cc2cd1c 6189 bool success,
91bbd9b7
LP		 6190 int code,
6191 int status) {
6192
5cc2cd1c
ZJS		 6193 int level;
6194
91bbd9b7
LP		 6195 assert(u);
6196 assert(kind);
6197
5cc2cd1c
ZJS		 6198 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
6199 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
6200 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
6201 * WARNING. */
6202 if (success)
6203 level = LOG_DEBUG;
6204 else if (code == CLD_EXITED)
6205 level = LOG_NOTICE;
6206 else
91bbd9b7
LP		 6207 level = LOG_WARNING;
6208
c2503e35 6209 log_unit_struct(u, level,
3cf6a3a3 6210 LOG_MESSAGE_ID(SD_MESSAGE_UNIT_PROCESS_EXIT_STR),
58441bc1 6211 LOG_UNIT_MESSAGE(u, "%s exited, code=%s, status=%i/%s%s",
c2503e35
RH		 6212 kind,
6213 sigchld_code_to_string(code), status,
6214 strna(code == CLD_EXITED
6215 ? exit_status_to_string(status, EXIT_STATUS_FULL)
58441bc1
ZJS		 6216 : signal_to_string(status)),
6217 success ? " (success)" : ""),
3cf6a3a3
YW		 6218 LOG_ITEM("EXIT_CODE=%s", sigchld_code_to_string(code)),
6219 LOG_ITEM("EXIT_STATUS=%i", status),
6220 LOG_ITEM("COMMAND=%s", strna(command)),
c2503e35 6221 LOG_UNIT_INVOCATION_ID(u));
91bbd9b7
LP		 6222}
6223
7af67e9a
LP		 6224int unit_exit_status(Unit *u) {
6225 assert(u);
6226
6227 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
6228 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
6229 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
6230 * service process has exited abnormally (signal/coredump). */
6231
6232 if (!UNIT_VTABLE(u)->exit_status)
6233 return -EOPNOTSUPP;
6234
6235 return UNIT_VTABLE(u)->exit_status(u);
6236}
6237
6238int unit_failure_action_exit_status(Unit *u) {
6239 int r;
6240
6241 assert(u);
6242
6243 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
6244
6245 if (u->failure_action_exit_status >= 0)
6246 return u->failure_action_exit_status;
6247
6248 r = unit_exit_status(u);
6249 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
6250 return 255;
6251
6252 return r;
6253}
6254
6255int unit_success_action_exit_status(Unit *u) {
6256 int r;
6257
6258 assert(u);
6259
6260 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
6261
6262 if (u->success_action_exit_status >= 0)
6263 return u->success_action_exit_status;
6264
6265 r = unit_exit_status(u);
6266 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
6267 return 255;
6268
6269 return r;
6270}
6271
a4191c9f
LP		 6272int unit_test_trigger_loaded(Unit *u) {
6273 Unit *trigger;
6274
6275 /* Tests whether the unit to trigger is loaded */
6276
6277 trigger = UNIT_TRIGGER(u);
6278 if (!trigger)
e7b9f4d9
ZJS		 6279 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
6280 "Refusing to start, no unit to trigger.");
a4191c9f 6281 if (trigger->load_state != UNIT_LOADED)
e7b9f4d9
ZJS		 6282 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
6283 "Refusing to start, unit %s to trigger not loaded.", trigger->id);
a4191c9f
LP		 6284
6285 return 0;
6286}
6287
703b1b7f 6288void unit_destroy_runtime_data(Unit *u, const ExecContext *context, bool destroy_runtime_dir) {
bb0c0d6f 6289 assert(u);
8b17371b 6290 assert(u->manager);
bb0c0d6f
LP		 6291 assert(context);
6292
1ba84fef 6293 /* EXEC_PRESERVE_RESTART is handled via unit_release_resources()! */
703b1b7f 6294 if (destroy_runtime_dir && context->runtime_directory_preserve_mode == EXEC_PRESERVE_NO)
95939aed 6295 exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
bb0c0d6f 6296
c5087ef5 6297 exec_context_destroy_credentials(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME], u->id);
b9f976fb 6298 exec_context_destroy_mount_ns_dir(u);
95939aed
YW		 6299}
6300
380dc8b0
LP		 6301int unit_clean(Unit *u, ExecCleanMask mask) {
6302 UnitActiveState state;
6303
6304 assert(u);
6305
6306 /* Special return values:
6307 *
6308 * -EOPNOTSUPP → cleaning not supported for this unit type
6309 * -EUNATCH → cleaning not defined for this resource type
6310 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
6311 * a job queued or similar
6312 */
6313
6314 if (!UNIT_VTABLE(u)->clean)
6315 return -EOPNOTSUPP;
6316
6317 if (mask == 0)
6318 return -EUNATCH;
6319
6320 if (u->load_state != UNIT_LOADED)
6321 return -EBUSY;
6322
6323 if (u->job)
6324 return -EBUSY;
6325
6326 state = unit_active_state(u);
4f06325c 6327 if (state != UNIT_INACTIVE)
380dc8b0
LP		 6328 return -EBUSY;
6329
6330 return UNIT_VTABLE(u)->clean(u, mask);
6331}
6332
6333int unit_can_clean(Unit *u, ExecCleanMask *ret) {
6334 assert(u);
6335
6336 if (!UNIT_VTABLE(u)->clean ||
6337 u->load_state != UNIT_LOADED) {
6338 *ret = 0;
6339 return 0;
6340 }
6341
6342 /* When the clean() method is set, can_clean() really should be set too */
6343 assert(UNIT_VTABLE(u)->can_clean);
6344
6345 return UNIT_VTABLE(u)->can_clean(u, ret);
6346}
6347
f882c102
DDM		 6348bool unit_can_start_refuse_manual(Unit *u) {
6349 return unit_can_start(u) && !u->refuse_manual_start;
6350}
6351
6352bool unit_can_stop_refuse_manual(Unit *u) {
6353 return unit_can_stop(u) && !u->refuse_manual_stop;
6354}
6355
6356bool unit_can_isolate_refuse_manual(Unit *u) {
6357 return unit_can_isolate(u) && !u->refuse_manual_start;
6358}
6359
54e1f676
MY		 6360void unit_next_freezer_state(Unit *u, FreezerAction action, FreezerState *ret_next, FreezerState *ret_objective) {
6361 FreezerState current, parent, next, objective;
16b6af6a
AV		 6362
6363 assert(u);
21fed6ea
MY		 6364 assert(action >= 0);
6365 assert(action < _FREEZER_ACTION_MAX);
54e1f676 6366 assert(ret_next);
f27f461b 6367 assert(ret_objective);
16b6af6a 6368
197e77c5 6369 /* This function determines the correct freezer state transitions for a unit
f27f461b 6370 * given the action being requested. It returns the next state, and also the "objective",
16b6af6a
AV		 6371 * which is either FREEZER_FROZEN or FREEZER_RUNNING, depending on what actual state we
6372 * ultimately want to achieve. */
6373
54e1f676 6374 current = u->freezer_state;
f27f461b
MY		 6375
6376 Unit *slice = UNIT_GET_SLICE(u);
6377 if (slice)
16b6af6a 6378 parent = slice->freezer_state;
f27f461b 6379 else
16b6af6a
AV		 6380 parent = FREEZER_RUNNING;
6381
aba5e466
MY		 6382 switch (action) {
6383
6384 case FREEZER_FREEZE:
16b6af6a 6385 /* We always "promote" a freeze initiated by parent into a normal freeze */
54e1f676 6386 if (IN_SET(current, FREEZER_FROZEN, FREEZER_FROZEN_BY_PARENT))
16b6af6a
AV		 6387 next = FREEZER_FROZEN;
6388 else
6389 next = FREEZER_FREEZING;
aba5e466
MY		 6390 break;
6391
6392 case FREEZER_THAW:
16b6af6a
AV		 6393 /* Thawing is the most complicated operation here, because we can't thaw a unit
6394 * if its parent is frozen. So we instead "demote" a normal freeze into a freeze
6395 * initiated by parent if the parent is frozen */
54e1f676 6396 if (IN_SET(current, FREEZER_RUNNING, FREEZER_THAWING,
7732cecb 6397 FREEZER_FREEZING_BY_PARENT, FREEZER_FROZEN_BY_PARENT)) /* Should usually be refused by unit_freezer_action */
54e1f676
MY		 6398 next = current;
6399 else if (current == FREEZER_FREEZING) {
16b6af6a
AV		 6400 if (IN_SET(parent, FREEZER_RUNNING, FREEZER_THAWING))
6401 next = FREEZER_THAWING;
6402 else
6403 next = FREEZER_FREEZING_BY_PARENT;
54e1f676 6404 } else if (current == FREEZER_FROZEN) {
16b6af6a
AV		 6405 if (IN_SET(parent, FREEZER_RUNNING, FREEZER_THAWING))
6406 next = FREEZER_THAWING;
6407 else
6408 next = FREEZER_FROZEN_BY_PARENT;
aba5e466
MY		 6409 } else
6410 assert_not_reached();
6411 break;
6412
6413 case FREEZER_PARENT_FREEZE:
16b6af6a 6414 /* We need to avoid accidentally demoting units frozen manually */
54e1f676
MY		 6415 if (IN_SET(current, FREEZER_FREEZING, FREEZER_FROZEN, FREEZER_FROZEN_BY_PARENT))
6416 next = current;
16b6af6a
AV		 6417 else
6418 next = FREEZER_FREEZING_BY_PARENT;
aba5e466 6419 break;
16b6af6a 6420
aba5e466 6421 case FREEZER_PARENT_THAW:
16b6af6a
AV		 6422 /* We don't want to thaw units from a parent if they were frozen
6423 * manually, so for such units this action is a no-op */
54e1f676
MY		 6424 if (IN_SET(current, FREEZER_RUNNING, FREEZER_FREEZING, FREEZER_FROZEN))
6425 next = current;
16b6af6a
AV		 6426 else
6427 next = FREEZER_THAWING;
aba5e466
MY		 6428 break;
6429
6430 default:
6431 assert_not_reached();
16b6af6a
AV		 6432 }
6433
1cbbb05b 6434 objective = freezer_state_objective(next);
f27f461b 6435 assert(IN_SET(objective, FREEZER_RUNNING, FREEZER_FROZEN));
16b6af6a 6436
54e1f676 6437 *ret_next = next;
f27f461b 6438 *ret_objective = objective;
16b6af6a
AV		 6439}
6440
b21bebbe 6441bool unit_can_freeze(const Unit *u) {
d9e45bc3
MS		 6442 assert(u);
6443
16b6af6a
AV		 6444 if (unit_has_name(u, SPECIAL_ROOT_SLICE) || unit_has_name(u, SPECIAL_INIT_SCOPE))
6445 return false;
6446
d9e45bc3
MS		 6447 if (UNIT_VTABLE(u)->can_freeze)
6448 return UNIT_VTABLE(u)->can_freeze(u);
6449
16b6af6a 6450 return UNIT_VTABLE(u)->freezer_action;
d9e45bc3
MS		 6451}
6452
0064290a
MY		 6453void unit_set_freezer_state(Unit *u, FreezerState state) {
6454 assert(u);
6455 assert(state >= 0);
6456 assert(state < _FREEZER_STATE_MAX);
6457
6458 if (u->freezer_state == state)
6459 return;
6460
6461 log_unit_debug(u, "Freezer state changed %s -> %s",
6462 freezer_state_to_string(u->freezer_state), freezer_state_to_string(state));
6463
6464 u->freezer_state = state;
6465
6466 unit_add_to_dbus_queue(u);
6467}
6468
e1ac5259
MY		 6469void unit_freezer_complete(Unit *u, FreezerState kernel_state) {
6470 bool expected;
d9e45bc3 6471
d9e45bc3 6472 assert(u);
e1ac5259 6473 assert(IN_SET(kernel_state, FREEZER_RUNNING, FREEZER_FROZEN));
d9e45bc3 6474
e1ac5259 6475 expected = IN_SET(u->freezer_state, FREEZER_RUNNING, FREEZER_THAWING) == (kernel_state == FREEZER_RUNNING);
d9e45bc3 6476
e1ac5259
MY		 6477 unit_set_freezer_state(u, expected ? freezer_state_finish(u->freezer_state) : kernel_state);
6478 log_unit_info(u, "Unit now %s.", u->freezer_state == FREEZER_RUNNING ? "thawed" :
6479 freezer_state_to_string(u->freezer_state));
16b6af6a 6480
e1ac5259
MY		 6481 /* If the cgroup's final state is against what's requested by us, report as canceled. */
6482 bus_unit_send_pending_freezer_message(u, /* canceled = */ !expected);
d9e45bc3
MS		 6483}
6484
16b6af6a 6485int unit_freezer_action(Unit *u, FreezerAction action) {
d9e45bc3 6486 UnitActiveState s;
d9e45bc3
MS		 6487 int r;
6488
6489 assert(u);
6490 assert(IN_SET(action, FREEZER_FREEZE, FREEZER_THAW));
6491
3c86a935 6492 if (!unit_can_freeze(u))
d9e45bc3
MS		 6493 return -EOPNOTSUPP;
6494
6495 if (u->job)
6496 return -EBUSY;
6497
6498 if (u->load_state != UNIT_LOADED)
6499 return -EHOSTDOWN;
6500
6501 s = unit_active_state(u);
6502 if (s != UNIT_ACTIVE)
6503 return -EHOSTDOWN;
6504
16b6af6a
AV		 6505 if (action == FREEZER_FREEZE && IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_FREEZING_BY_PARENT))
6506 return -EALREADY;
6507 if (action == FREEZER_THAW && u->freezer_state == FREEZER_THAWING)
d9e45bc3 6508 return -EALREADY;
16b6af6a 6509 if (action == FREEZER_THAW && IN_SET(u->freezer_state, FREEZER_FREEZING_BY_PARENT, FREEZER_FROZEN_BY_PARENT))
6798fa11 6510 return -EDEADLK;
d9e45bc3 6511
16b6af6a 6512 r = UNIT_VTABLE(u)->freezer_action(u, action);
d9e45bc3
MS		 6513 if (r <= 0)
6514 return r;
6515
16b6af6a 6516 assert(IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_FREEZING_BY_PARENT, FREEZER_THAWING));
d9e45bc3
MS		 6517 return 1;
6518}
6519
6e548561 6520Condition *unit_find_failed_condition(Unit *u) {
03677889 6521 Condition *failed_trigger = NULL;
6e548561
DDM		 6522 bool has_succeeded_trigger = false;
6523
6524 if (u->condition_result)
6525 return NULL;
6526
6527 LIST_FOREACH(conditions, c, u->conditions)
6528 if (c->trigger) {
6529 if (c->result == CONDITION_SUCCEEDED)
6530 has_succeeded_trigger = true;
6531 else if (!failed_trigger)
6532 failed_trigger = c;
6533 } else if (c->result != CONDITION_SUCCEEDED)
6534 return c;
6535
6536 return failed_trigger && !has_succeeded_trigger ? failed_trigger : NULL;
6537}
6538
27217200 6539int unit_can_live_mount(Unit *u, sd_bus_error *reterr_error) {
5162829e
LB		 6540 assert(u);
6541
d24d546d 6542 if (!UNIT_VTABLE(u)->live_mount)
5162829e 6543 return sd_bus_error_setf(
27217200 6544 reterr_error,
f19afb21
MY		 6545 SD_BUS_ERROR_NOT_SUPPORTED,
6546 "Live mounting not supported by unit type '%s'",
6547 unit_type_to_string(u->type));
5162829e 6548
d24d546d 6549 if (u->load_state != UNIT_LOADED)
5162829e 6550 return sd_bus_error_setf(
27217200 6551 reterr_error,
5162829e 6552 BUS_ERROR_NO_SUCH_UNIT,
f19afb21 6553 "Unit '%s' not loaded, cannot live mount",
5162829e 6554 u->id);
5162829e
LB		 6555
6556 if (!UNIT_VTABLE(u)->can_live_mount)
6557 return 0;
6558
27217200 6559 return UNIT_VTABLE(u)->can_live_mount(u, reterr_error);
5162829e
LB		 6560}
6561
6562int unit_live_mount(
6563 Unit *u,
6564 const char *src,
6565 const char *dst,
6566 sd_bus_message *message,
6567 MountInNamespaceFlags flags,
6568 const MountOptions *options,
27217200 6569 sd_bus_error *reterr_error) {
5162829e
LB		 6570
6571 assert(u);
6572 assert(UNIT_VTABLE(u)->live_mount);
6573
6574 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u))) {
f19afb21 6575 log_unit_debug(u, "Unit not active, cannot perform live mount.");
5162829e 6576 return sd_bus_error_setf(
27217200 6577 reterr_error,
5162829e
LB		 6578 BUS_ERROR_UNIT_INACTIVE,
6579 "Live mounting '%s' on '%s' for unit '%s' cannot be scheduled: unit not active",
6580 src,
6581 dst,
6582 u->id);
6583 }
6584
6585 if (unit_active_state(u) == UNIT_REFRESHING) {
f19afb21 6586 log_unit_debug(u, "Unit already live mounting, refusing further requests.");
5162829e 6587 return sd_bus_error_setf(
27217200 6588 reterr_error,
5162829e
LB		 6589 BUS_ERROR_UNIT_BUSY,
6590 "Live mounting '%s' on '%s' for unit '%s' cannot be scheduled: another live mount in progress",
6591 src,
6592 dst,
6593 u->id);
6594 }
6595
6596 if (u->job) {
6597 log_unit_debug(u, "Unit already has a job in progress, cannot live mount");
6598 return sd_bus_error_setf(
27217200 6599 reterr_error,
5162829e
LB		 6600 BUS_ERROR_UNIT_BUSY,
6601 "Live mounting '%s' on '%s' for unit '%s' cannot be scheduled: another operation in progress",
6602 src,
6603 dst,
6604 u->id);
6605 }
6606
27217200 6607 return UNIT_VTABLE(u)->live_mount(u, src, dst, message, flags, options, reterr_error);
5162829e
LB		 6608}
6609
5afe510c 6610static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
17f6b640 6611 [COLLECT_INACTIVE] = "inactive",
5afe510c
LP		 6612 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
6613};
6614
6615DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
15ed3c3a
LP		 6616
6617Unit* unit_has_dependency(const Unit *u, UnitDependencyAtom atom, Unit *other) {
6618 Unit *i;
6619
6620 assert(u);
6621
6622 /* Checks if the unit has a dependency on 'other' with the specified dependency atom. If 'other' is
6623 * NULL checks if the unit has *any* dependency of that atom. Returns 'other' if found (or if 'other'
6624 * is NULL the first entry found), or NULL if not found. */
6625
6626 UNIT_FOREACH_DEPENDENCY(i, u, atom)
6627 if (!other || other == i)
6628 return i;
6629
6630 return NULL;
6631}
6632
6633int unit_get_dependency_array(const Unit *u, UnitDependencyAtom atom, Unit ***ret_array) {
6634 _cleanup_free_ Unit **array = NULL;
6635 size_t n = 0;
6636 Unit *other;
6637
6638 assert(u);
6639 assert(ret_array);
6640
6641 /* Gets a list of units matching a specific atom as array. This is useful when iterating through
6642 * dependencies while modifying them: the array is an "atomic snapshot" of sorts, that can be read
48008c1c 6643 * while the dependency table is continuously updated. */
15ed3c3a
LP		 6644
6645 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
6646 if (!GREEDY_REALLOC(array, n + 1))
6647 return -ENOMEM;
6648
6649 array[n++] = other;
6650 }
6651
6652 *ret_array = TAKE_PTR(array);
6653
6654 assert(n <= INT_MAX);
6655 return (int) n;
6656}
48b92b37 6657
83123a44
YW		 6658int unit_get_transitive_dependency_set(Unit *u, UnitDependencyAtom atom, Set **ret) {
6659 _cleanup_set_free_ Set *units = NULL, *queue = NULL;
6660 Unit *other;
6661 int r;
6662
6663 assert(u);
6664 assert(ret);
6665
6666 /* Similar to unit_get_dependency_array(), but also search the same dependency in other units. */
6667
6668 do {
6669 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
6670 r = set_ensure_put(&units, NULL, other);
6671 if (r < 0)
6672 return r;
6673 if (r == 0)
6674 continue;
6675 r = set_ensure_put(&queue, NULL, other);
6676 if (r < 0)
6677 return r;
6678 }
6679 } while ((u = set_steal_first(queue)));
6680
6681 *ret = TAKE_PTR(units);
6682 return 0;
6683}
6684
e9276800
LP		 6685int unit_arm_timer(
6686 Unit *u,
6687 sd_event_source **source,
6688 bool relative,
6689 usec_t usec,
6690 sd_event_time_handler_t handler) {
6691
6692 int r;
6693
6694 assert(u);
6695 assert(source);
6696 assert(handler);
6697
6698 if (*source) {
6699 if (usec == USEC_INFINITY)
6700 return sd_event_source_set_enabled(*source, SD_EVENT_OFF);
6701
6702 r = (relative ? sd_event_source_set_time_relative : sd_event_source_set_time)(*source, usec);
6703 if (r < 0)
6704 return r;
6705
6706 return sd_event_source_set_enabled(*source, SD_EVENT_ONESHOT);
6707 }
6708
6709 if (usec == USEC_INFINITY)
6710 return 0;
6711
6712 r = (relative ? sd_event_add_time_relative : sd_event_add_time)(
6713 u->manager->event,
6714 source,
6715 CLOCK_MONOTONIC,
6716 usec, 0,
6717 handler,
6718 u);
6719 if (r < 0)
6720 return r;
6721
6722 const char *d = strjoina(unit_type_to_string(u->type), "-timer");
6723 (void) sd_event_source_set_description(*source, d);
6724
6725 return 0;
6726}
6727
6e0f9593 6728bool unit_passes_filter(Unit *u, char * const *states, char * const *patterns) {
6d2984d2
DDM		 6729 assert(u);
6730
6731 if (!strv_isempty(states)) {
6e0f9593 6732 char * const *unit_states = STRV_MAKE(
6d2984d2
DDM		 6733 unit_load_state_to_string(u->load_state),
6734 unit_active_state_to_string(unit_active_state(u)),
6735 unit_sub_state_to_string(u));
6736
6737 if (!strv_overlap(states, unit_states))
6e0f9593 6738 return false;
6d2984d2
DDM		 6739 }
6740
6e0f9593 6741 return strv_fnmatch_or_empty(patterns, u->id, FNM_NOESCAPE);
6d2984d2
DDM		 6742}
6743
a8157796
LP		 6744static int unit_get_nice(Unit *u) {
6745 ExecContext *ec;
6746
6747 ec = unit_get_exec_context(u);
6748 return ec ? ec->nice : 0;
6749}
6750
6751static uint64_t unit_get_cpu_weight(Unit *u) {
6752 CGroupContext *cc;
6753
6754 cc = unit_get_cgroup_context(u);
6755 return cc ? cgroup_context_cpu_weight(cc, manager_state(u->manager)) : CGROUP_WEIGHT_DEFAULT;
6756}
6757
a89afe19
AB		 6758int unit_get_exec_quota_stats(Unit *u, ExecContext *c, ExecDirectoryType dt, uint64_t *ret_usage, uint64_t *ret_limit) {
6759 int r;
6760 _cleanup_close_ int fd = -EBADF;
6761 _cleanup_free_ char *p = NULL, *pp = NULL;
6762
6763 assert(u);
6764 assert(c);
6765
6766 if (c->directories[dt].n_items == 0) {
6767 *ret_usage = UINT64_MAX;
6768 *ret_limit = UINT64_MAX;
6769 return 0;
6770 }
6771
6772 ExecDirectoryItem *i = &c->directories[dt].items[0];
6773 p = path_join(u->manager->prefix[dt], i->path);
6774 if (!p)
6775 return log_oom_debug();
6776
6777 if (exec_directory_is_private(c, dt)) {
6778 pp = path_join(u->manager->prefix[dt], "private", i->path);
6779 if (!pp)
6780 return log_oom_debug();
6781 }
6782
6783 const char *target_dir = pp ?: p;
6784 fd = open(target_dir, O_PATH | O_CLOEXEC | O_DIRECTORY);
6785 if (fd < 0)
6786 return log_unit_debug_errno(u, errno, "Failed to get exec quota stats: %m");
6787
6788 uint32_t proj_id;
6789 r = read_fs_xattr_fd(fd, /* ret_xflags = */ NULL, &proj_id);
6790 if (r < 0)
6791 return log_unit_debug_errno(u, r, "Failed to get project ID for exec quota stats: %m");
6792
6793 struct dqblk req;
6794 r = quota_query_proj_id(fd, proj_id, &req);
6795 if (r <= 0)
6796 return log_unit_debug_errno(u, r, "Failed to query project ID for exec quota stats: %m");
6797
6798 *ret_usage = req.dqb_curspace;
6799 *ret_limit = req.dqb_bhardlimit * QIF_DQBLKSIZE;
6800
6801 return r;
6802}
6803
a8157796
LP		 6804int unit_compare_priority(Unit *a, Unit *b) {
6805 int ret;
6806
6807 ret = CMP(a->type, b->type);
6808 if (ret != 0)
6809 return -ret;
6810
6811 ret = CMP(unit_get_cpu_weight(a), unit_get_cpu_weight(b));
6812 if (ret != 0)
6813 return -ret;
6814
6815 ret = CMP(unit_get_nice(a), unit_get_nice(b));
6816 if (ret != 0)
6817 return ret;
6818
6819 return strcmp(a->id, b->id);
6820}
6821
64fd6ba9
DDM		 6822const char* unit_log_field(const Unit *u) {
6823 return MANAGER_IS_SYSTEM(ASSERT_PTR(u)->manager) ? "UNIT=" : "USER_UNIT=";
6824}
6825
6826const char* unit_invocation_log_field(const Unit *u) {
6827 return MANAGER_IS_SYSTEM(ASSERT_PTR(u)->manager) ? "INVOCATION_ID=" : "USER_INVOCATION_ID=";
6828}
6829
48b92b37 6830const ActivationDetailsVTable * const activation_details_vtable[_UNIT_TYPE_MAX] = {
17f6b640 6831 [UNIT_PATH] = &activation_details_path_vtable,
c8bc7519 6832 [UNIT_TIMER] = &activation_details_timer_vtable,
48b92b37
LB		 6833};
6834
6835ActivationDetails *activation_details_new(Unit *trigger_unit) {
6836 _cleanup_free_ ActivationDetails *details = NULL;
6837
6838 assert(trigger_unit);
6839 assert(trigger_unit->type != _UNIT_TYPE_INVALID);
6840 assert(trigger_unit->id);
6841
6842 details = malloc0(activation_details_vtable[trigger_unit->type]->object_size);
6843 if (!details)
6844 return NULL;
6845
6846 *details = (ActivationDetails) {
6847 .n_ref = 1,
6848 .trigger_unit_type = trigger_unit->type,
6849 };
6850
6851 details->trigger_unit_name = strdup(trigger_unit->id);
6852 if (!details->trigger_unit_name)
6853 return NULL;
6854
6855 if (ACTIVATION_DETAILS_VTABLE(details)->init)
6856 ACTIVATION_DETAILS_VTABLE(details)->init(details, trigger_unit);
6857
6858 return TAKE_PTR(details);
6859}
6860
6861static ActivationDetails *activation_details_free(ActivationDetails *details) {
6862 if (!details)
6863 return NULL;
6864
6865 if (ACTIVATION_DETAILS_VTABLE(details)->done)
6866 ACTIVATION_DETAILS_VTABLE(details)->done(details);
6867
6868 free(details->trigger_unit_name);
6869
6870 return mfree(details);
6871}
6872
acca52ab 6873void activation_details_serialize(const ActivationDetails *details, FILE *f) {
48b92b37
LB		 6874 if (!details || details->trigger_unit_type == _UNIT_TYPE_INVALID)
6875 return;
6876
6877 (void) serialize_item(f, "activation-details-unit-type", unit_type_to_string(details->trigger_unit_type));
6878 if (details->trigger_unit_name)
6879 (void) serialize_item(f, "activation-details-unit-name", details->trigger_unit_name);
6880 if (ACTIVATION_DETAILS_VTABLE(details)->serialize)
6881 ACTIVATION_DETAILS_VTABLE(details)->serialize(details, f);
6882}
6883
6884int activation_details_deserialize(const char *key, const char *value, ActivationDetails **details) {
e8dba806
FS		 6885 int r;
6886
48b92b37
LB		 6887 assert(key);
6888 assert(value);
6889 assert(details);
6890
6891 if (!*details) {
6892 UnitType t;
6893
6894 if (!streq(key, "activation-details-unit-type"))
6895 return -EINVAL;
6896
6897 t = unit_type_from_string(value);
210cb8d6
YW		 6898 if (t < 0)
6899 return t;
6900
6901 /* The activation details vtable has defined ops only for path and timer units */
6902 if (!activation_details_vtable[t])
48b92b37
LB		 6903 return -EINVAL;
6904
6905 *details = malloc0(activation_details_vtable[t]->object_size);
6906 if (!*details)
6907 return -ENOMEM;
6908
6909 **details = (ActivationDetails) {
6910 .n_ref = 1,
6911 .trigger_unit_type = t,
6912 };
6913
6914 return 0;
6915 }
6916
6917 if (streq(key, "activation-details-unit-name")) {
e8dba806
FS		 6918 r = free_and_strdup(&(*details)->trigger_unit_name, value);
6919 if (r < 0)
6920 return r;
48b92b37
LB		 6921
6922 return 0;
6923 }
6924
6925 if (ACTIVATION_DETAILS_VTABLE(*details)->deserialize)
6926 return ACTIVATION_DETAILS_VTABLE(*details)->deserialize(key, value, details);
6927
6928 return -EINVAL;
6929}
6930
acca52ab 6931int activation_details_append_env(const ActivationDetails *details, char ***strv) {
48b92b37
LB		 6932 int r = 0;
6933
6934 assert(strv);
6935
6936 if (!details)
6937 return 0;
6938
6939 if (!isempty(details->trigger_unit_name)) {
6940 char *s = strjoin("TRIGGER_UNIT=", details->trigger_unit_name);
6941 if (!s)
6942 return -ENOMEM;
6943
6944 r = strv_consume(strv, TAKE_PTR(s));
6945 if (r < 0)
6946 return r;
6947 }
6948
6949 if (ACTIVATION_DETAILS_VTABLE(details)->append_env) {
6950 r = ACTIVATION_DETAILS_VTABLE(details)->append_env(details, strv);
6951 if (r < 0)
6952 return r;
6953 }
6954
6955 return r + !isempty(details->trigger_unit_name); /* Return the number of variables added to the env block */
6956}
6957
acca52ab 6958int activation_details_append_pair(const ActivationDetails *details, char ***strv) {
48b92b37
LB		 6959 int r = 0;
6960
6961 assert(strv);
6962
6963 if (!details)
6964 return 0;
6965
6966 if (!isempty(details->trigger_unit_name)) {
69f3c619 6967 r = strv_extend_many(strv, "trigger_unit", details->trigger_unit_name);
48b92b37
LB		 6968 if (r < 0)
6969 return r;
6970 }
6971
18cf8411 6972 if (ACTIVATION_DETAILS_VTABLE(details)->append_pair) {
48b92b37
LB		 6973 r = ACTIVATION_DETAILS_VTABLE(details)->append_pair(details, strv);
6974 if (r < 0)
6975 return r;
6976 }
6977
6978 return r + !isempty(details->trigger_unit_name); /* Return the number of pairs added to the strv */
6979}
6980
6981DEFINE_TRIVIAL_REF_UNREF_FUNC(ActivationDetails, activation_details, activation_details_free);
9e615fa3
LB		 6982
6983static const char* const unit_mount_dependency_type_table[_UNIT_MOUNT_DEPENDENCY_TYPE_MAX] = {
6984 [UNIT_MOUNT_WANTS] = "WantsMountsFor",
6985 [UNIT_MOUNT_REQUIRES] = "RequiresMountsFor",
6986};
6987
6988DEFINE_STRING_TABLE_LOOKUP(unit_mount_dependency_type, UnitMountDependencyType);
6989
4ea4abb6
DDM		 6990static const char* const oom_policy_table[_OOM_POLICY_MAX] = {
6991 [OOM_CONTINUE] = "continue",
6992 [OOM_STOP] = "stop",
6993 [OOM_KILL] = "kill",
6994};
6995
6996DEFINE_STRING_TABLE_LOOKUP(oom_policy, OOMPolicy);
6997
9e615fa3
LB		 6998UnitDependency unit_mount_dependency_type_to_dependency_type(UnitMountDependencyType t) {
6999 switch (t) {
7000
7001 case UNIT_MOUNT_WANTS:
7002 return UNIT_WANTS;
7003
7004 case UNIT_MOUNT_REQUIRES:
7005 return UNIT_REQUIRES;
7006
7007 default:
7008 assert_not_reached();
7009 }
7010}
Unnamed repository; edit this file 'description' to name the repository.