]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/socket.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
udev: move man pages to udev section
[thirdparty/systemd.git] / src / socket.c
CommitLineData
d6c9574f 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
5cb5a6ff 2
a7334b09
LP		 3/***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20***/
21
83c60c9f
LP		 22#include <sys/types.h>
23#include <sys/stat.h>
24#include <unistd.h>
25#include <errno.h>
26#include <fcntl.h>
f94ea366 27#include <sys/epoll.h>
034c6ed7 28#include <signal.h>
4f2d528d 29#include <arpa/inet.h>
916abb21 30#include <mqueue.h>
83c60c9f 31
87f0e418 32#include "unit.h"
5cb5a6ff 33#include "socket.h"
cebf8b20 34#include "netinet/tcp.h"
83c60c9f 35#include "log.h"
23a177ef
LP		 36#include "load-dropin.h"
37#include "load-fragment.h"
9e2f7c11 38#include "strv.h"
4f2d528d 39#include "unit-name.h"
4139c1b2 40#include "dbus-socket.h"
4fd5948e 41#include "missing.h"
a40eb732 42#include "special.h"
398ef8ba 43#include "bus-errors.h"
e51bc1a2 44#include "label.h"
9a57c629 45#include "exit-status.h"
f6a6225e 46#include "def.h"
83c60c9f 47
acbb0225 48static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
87f0e418
LP		 49 [SOCKET_DEAD] = UNIT_INACTIVE,
50 [SOCKET_START_PRE] = UNIT_ACTIVATING,
51 [SOCKET_START_POST] = UNIT_ACTIVATING,
52 [SOCKET_LISTENING] = UNIT_ACTIVE,
53 [SOCKET_RUNNING] = UNIT_ACTIVE,
54 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
55 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
56 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
57 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
80876c20
LP		 58 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
59 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
fdf20a31 60 [SOCKET_FAILED] = UNIT_FAILED
83c60c9f 61};
5cb5a6ff 62
a16e1123
LP		 63static void socket_init(Unit *u) {
64 Socket *s = SOCKET(u);
65
66 assert(u);
ac155bb8 67 assert(u->load_state == UNIT_STUB);
a16e1123 68
a16e1123
LP		 69 s->backlog = SOMAXCONN;
70 s->timeout_usec = DEFAULT_TIMEOUT_USEC;
71 s->directory_mode = 0755;
9131f660 72 s->socket_mode = 0666;
a16e1123 73
6cf6bbc2
LP		 74 s->max_connections = 64;
75
4fd5948e 76 s->priority = -1;
4fd5948e
LP		 77 s->ip_tos = -1;
78 s->ip_ttl = -1;
4fd5948e 79 s->mark = -1;
4fd5948e 80
a16e1123 81 exec_context_init(&s->exec_context);
ac155bb8
MS		 82 s->exec_context.std_output = u->manager->default_std_output;
83 s->exec_context.std_error = u->manager->default_std_error;
a16e1123
LP		 84
85 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
86}
acbb0225 87
5e94833f
LP		 88static void socket_unwatch_control_pid(Socket *s) {
89 assert(s);
90
91 if (s->control_pid <= 0)
92 return;
93
94 unit_unwatch_pid(UNIT(s), s->control_pid);
95 s->control_pid = 0;
96}
97
87f0e418
LP		 98static void socket_done(Unit *u) {
99 Socket *s = SOCKET(u);
034c6ed7
LP		 100 SocketPort *p;
101
102 assert(s);
103
104 while ((p = s->ports)) {
105 LIST_REMOVE(SocketPort, port, s->ports, p);
106
a16e1123
LP		 107 if (p->fd >= 0) {
108 unit_unwatch_fd(UNIT(s), &p->fd_watch);
109 close_nointr_nofail(p->fd);
110 }
111
034c6ed7
LP		 112 free(p->path);
113 free(p);
114 }
115
116 exec_context_done(&s->exec_context);
e537352b 117 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
034c6ed7
LP		 118 s->control_command = NULL;
119
5e94833f 120 socket_unwatch_control_pid(s);
034c6ed7 121
57020a3a 122 unit_ref_unset(&s->service);
034c6ed7 123
cebf8b20
TT		 124 free(s->tcp_congestion);
125 s->tcp_congestion = NULL;
126
acbb0225 127 free(s->bind_to_device);
e537352b 128 s->bind_to_device = NULL;
acbb0225
LP		 129
130 unit_unwatch_timer(u, &s->timer_watch);
5cb5a6ff
LP		 131}
132
b15bdda8
LP		 133static int socket_instantiate_service(Socket *s) {
134 char *prefix, *name;
135 int r;
136 Unit *u;
137
138 assert(s);
139
140 /* This fills in s->service if it isn't filled in yet. For
141 * Accept=yes sockets we create the next connection service
142 * here. For Accept=no this is mostly a NOP since the service
143 * is figured out at load time anyway. */
144
57020a3a 145 if (UNIT_DEREF(s->service))
b15bdda8
LP		 146 return 0;
147
148 assert(s->accept);
149
1124fe6f 150 if (!(prefix = unit_name_to_prefix(UNIT(s)->id)))
b15bdda8
LP		 151 return -ENOMEM;
152
153 r = asprintf(&name, "%s@%u.service", prefix, s->n_accepted);
154 free(prefix);
155
156 if (r < 0)
157 return -ENOMEM;
158
1124fe6f 159 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
b15bdda8
LP		 160 free(name);
161
162 if (r < 0)
163 return r;
164
7b4bf06b
LP		 165#ifdef HAVE_SYSV_COMPAT
166 if (SERVICE(u)->sysv_path) {
167 log_error("Using SysV services for socket activation is not supported. Refusing.");
168 return -ENOENT;
169 }
170#endif
171
ac155bb8 172 u->no_gc = true;
57020a3a
LP		 173 unit_ref_set(&s->service, u);
174
175 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
b15bdda8
LP		 176}
177
4f2d528d
LP		 178static bool have_non_accept_socket(Socket *s) {
179 SocketPort *p;
180
181 assert(s);
182
183 if (!s->accept)
184 return true;
185
dd5ad9d4
LP		 186 LIST_FOREACH(port, p, s->ports) {
187
188 if (p->type != SOCKET_SOCKET)
189 return true;
190
4f2d528d
LP		 191 if (!socket_address_can_accept(&p->address))
192 return true;
dd5ad9d4 193 }
4f2d528d
LP		 194
195 return false;
196}
197
198static int socket_verify(Socket *s) {
199 assert(s);
200
1124fe6f 201 if (UNIT(s)->load_state != UNIT_LOADED)
4f2d528d
LP		 202 return 0;
203
204 if (!s->ports) {
1124fe6f 205 log_error("%s lacks Listen setting. Refusing.", UNIT(s)->id);
4f2d528d
LP		 206 return -EINVAL;
207 }
208
0009d2a6 209 if (s->accept && have_non_accept_socket(s)) {
1124fe6f 210 log_error("%s configured for accepting sockets, but sockets are non-accepting. Refusing.", UNIT(s)->id);
0009d2a6
LP		 211 return -EINVAL;
212 }
213
6cf6bbc2 214 if (s->accept && s->max_connections <= 0) {
1124fe6f 215 log_error("%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
4d0e5dbd
LP		 216 return -EINVAL;
217 }
218
57020a3a 219 if (s->accept && UNIT_DEREF(s->service)) {
1124fe6f 220 log_error("Explicit service configuration for accepting sockets not supported on %s. Refusing.", UNIT(s)->id);
d9ff321a
LP		 221 return -EINVAL;
222 }
223
2e22afe9 224 if (s->exec_context.pam_name && s->exec_context.kill_mode != KILL_CONTROL_GROUP) {
1124fe6f 225 log_error("%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", UNIT(s)->id);
6cf6bbc2
LP		 226 return -EINVAL;
227 }
228
4f2d528d
LP		 229 return 0;
230}
231
6e2ef85b
LP		 232static bool socket_needs_mount(Socket *s, const char *prefix) {
233 SocketPort *p;
234
235 assert(s);
236
237 LIST_FOREACH(port, p, s->ports) {
238
239 if (p->type == SOCKET_SOCKET) {
240 if (socket_address_needs_mount(&p->address, prefix))
241 return true;
916abb21 242 } else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL) {
6e2ef85b
LP		 243 if (path_startswith(p->path, prefix))
244 return true;
245 }
246 }
247
248 return false;
249}
250
251int socket_add_one_mount_link(Socket *s, Mount *m) {
252 int r;
253
254 assert(s);
255 assert(m);
256
1124fe6f
MS		 257 if (UNIT(s)->load_state != UNIT_LOADED ||
258 UNIT(m)->load_state != UNIT_LOADED)
6e2ef85b
LP		 259 return 0;
260
261 if (!socket_needs_mount(s, m->where))
262 return 0;
263
2c966c03 264 if ((r = unit_add_two_dependencies(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, UNIT(m), true)) < 0)
6e2ef85b
LP		 265 return r;
266
267 return 0;
268}
269
270static int socket_add_mount_links(Socket *s) {
ac155bb8 271 Unit *other;
6e2ef85b
LP		 272 int r;
273
274 assert(s);
275
1124fe6f 276 LIST_FOREACH(units_by_type, other, UNIT(s)->manager->units_by_type[UNIT_MOUNT])
595ed347 277 if ((r = socket_add_one_mount_link(s, MOUNT(other))) < 0)
6e2ef85b
LP		 278 return r;
279
280 return 0;
281}
282
283static int socket_add_device_link(Socket *s) {
284 char *t;
285 int r;
286
287 assert(s);
288
289 if (!s->bind_to_device)
290 return 0;
291
292 if (asprintf(&t, "/sys/subsystem/net/devices/%s", s->bind_to_device) < 0)
293 return -ENOMEM;
294
295 r = unit_add_node_link(UNIT(s), t, false);
296 free(t);
297
298 return r;
299}
300
a40eb732
LP		 301static int socket_add_default_dependencies(Socket *s) {
302 int r;
303 assert(s);
304
1124fe6f 305 if (UNIT(s)->manager->running_as == MANAGER_SYSTEM) {
2a77d31d
LP		 306 if ((r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true)) < 0)
307 return r;
308
a40eb732
LP		 309 if ((r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true)) < 0)
310 return r;
2a77d31d 311 }
a40eb732 312
ead8e478 313 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
a40eb732
LP		 314}
315
4cfc6dbe
LP		 316static bool socket_has_exec(Socket *s) {
317 unsigned i;
318 assert(s);
319
320 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
321 if (s->exec_command[i])
322 return true;
323
324 return false;
325}
326
e537352b
LP		 327static int socket_load(Unit *u) {
328 Socket *s = SOCKET(u);
329 int r;
44d8db9e 330
e537352b 331 assert(u);
ac155bb8 332 assert(u->load_state == UNIT_STUB);
44d8db9e 333
e537352b 334 if ((r = unit_load_fragment_and_dropin(u)) < 0)
23a177ef 335 return r;
44d8db9e 336
23a177ef 337 /* This is a new unit? Then let's add in some extras */
ac155bb8 338 if (u->load_state == UNIT_LOADED) {
44d8db9e 339
4f2d528d 340 if (have_non_accept_socket(s)) {
d9ff321a 341
57020a3a
LP		 342 if (!UNIT_DEREF(s->service)) {
343 Unit *x;
344
345 r = unit_load_related_unit(u, ".service", &x);
346 if (r < 0)
d9ff321a 347 return r;
23a177ef 348
57020a3a
LP		 349 unit_ref_set(&s->service, x);
350 }
351
352 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
353 if (r < 0)
4f2d528d
LP		 354 return r;
355 }
44d8db9e 356
6e2ef85b
LP		 357 if ((r = socket_add_mount_links(s)) < 0)
358 return r;
359
360 if ((r = socket_add_device_link(s)) < 0)
361 return r;
362
4cfc6dbe
LP		 363 if (socket_has_exec(s))
364 if ((r = unit_add_exec_dependencies(u, &s->exec_context)) < 0)
365 return r;
23a177ef 366
d686d8a9 367 if ((r = unit_add_default_cgroups(u)) < 0)
23a177ef 368 return r;
a40eb732 369
1124fe6f 370 if (UNIT(s)->default_dependencies)
a40eb732
LP		 371 if ((r = socket_add_default_dependencies(s)) < 0)
372 return r;
23a177ef
LP		 373 }
374
4f2d528d 375 return socket_verify(s);
44d8db9e
LP		 376}
377
7a22745a
LP		 378static const char* listen_lookup(int family, int type) {
379
380 if (family == AF_NETLINK)
381 return "ListenNetlink";
542563ba
LP		 382
383 if (type == SOCK_STREAM)
384 return "ListenStream";
385 else if (type == SOCK_DGRAM)
386 return "ListenDatagram";
387 else if (type == SOCK_SEQPACKET)
388 return "ListenSequentialPacket";
389
034c6ed7 390 assert_not_reached("Unknown socket type");
542563ba
LP		 391 return NULL;
392}
393
87f0e418 394static void socket_dump(Unit *u, FILE *f, const char *prefix) {
5cb5a6ff 395
5cb5a6ff 396 SocketExecCommand c;
87f0e418 397 Socket *s = SOCKET(u);
542563ba 398 SocketPort *p;
82ba9f08
LP		 399 const char *prefix2;
400 char *p2;
5cb5a6ff
LP		 401
402 assert(s);
fa068367 403 assert(f);
5cb5a6ff 404
82ba9f08
LP		 405 p2 = strappend(prefix, "\t");
406 prefix2 = p2 ? p2 : prefix;
c43d20a0 407
5cb5a6ff
LP		 408 fprintf(f,
409 "%sSocket State: %s\n"
81a5c6d0 410 "%sResult: %s\n"
542563ba 411 "%sBindIPv6Only: %s\n"
b5a0699f
LP		 412 "%sBacklog: %u\n"
413 "%sSocketMode: %04o\n"
4fd5948e
LP		 414 "%sDirectoryMode: %04o\n"
415 "%sKeepAlive: %s\n"
cebf8b20 416 "%sFreeBind: %s\n"
6b6d2dee 417 "%sTransparent: %s\n"
ec6370a2 418 "%sBroadcast: %s\n"
ede3deb4 419 "%sPassCredentials: %s\n"
54ecda32 420 "%sPassSecurity: %s\n"
cebf8b20 421 "%sTCPCongestion: %s\n",
a16e1123 422 prefix, socket_state_to_string(s->state),
81a5c6d0 423 prefix, socket_result_to_string(s->result),
c0120d99 424 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
b5a0699f
LP		 425 prefix, s->backlog,
426 prefix, s->socket_mode,
4fd5948e
LP		 427 prefix, s->directory_mode,
428 prefix, yes_no(s->keep_alive),
cebf8b20 429 prefix, yes_no(s->free_bind),
6b6d2dee 430 prefix, yes_no(s->transparent),
ec6370a2 431 prefix, yes_no(s->broadcast),
d68af586 432 prefix, yes_no(s->pass_cred),
54ecda32 433 prefix, yes_no(s->pass_sec),
83a95334 434 prefix, strna(s->tcp_congestion));
542563ba 435
70123e68
LP		 436 if (s->control_pid > 0)
437 fprintf(f,
bb00e604
LP		 438 "%sControl PID: %lu\n",
439 prefix, (unsigned long) s->control_pid);
70123e68 440
acbb0225
LP		 441 if (s->bind_to_device)
442 fprintf(f,
443 "%sBindToDevice: %s\n",
444 prefix, s->bind_to_device);
445
4f2d528d
LP		 446 if (s->accept)
447 fprintf(f,
6cf6bbc2
LP		 448 "%sAccepted: %u\n"
449 "%sNConnections: %u\n"
450 "%sMaxConnections: %u\n",
451 prefix, s->n_accepted,
452 prefix, s->n_connections,
453 prefix, s->max_connections);
4f2d528d 454
4fd5948e
LP		 455 if (s->priority >= 0)
456 fprintf(f,
457 "%sPriority: %i\n",
458 prefix, s->priority);
459
460 if (s->receive_buffer > 0)
461 fprintf(f,
462 "%sReceiveBuffer: %zu\n",
463 prefix, s->receive_buffer);
464
465 if (s->send_buffer > 0)
466 fprintf(f,
467 "%sSendBuffer: %zu\n",
468 prefix, s->send_buffer);
469
470 if (s->ip_tos >= 0)
471 fprintf(f,
472 "%sIPTOS: %i\n",
473 prefix, s->ip_tos);
474
475 if (s->ip_ttl >= 0)
476 fprintf(f,
477 "%sIPTTL: %i\n",
478 prefix, s->ip_ttl);
479
480 if (s->pipe_size > 0)
481 fprintf(f,
482 "%sPipeSize: %zu\n",
483 prefix, s->pipe_size);
484
485 if (s->mark >= 0)
486 fprintf(f,
487 "%sMark: %i\n",
488 prefix, s->mark);
489
916abb21
LP		 490 if (s->mq_maxmsg > 0)
491 fprintf(f,
492 "%sMessageQueueMaxMessages: %li\n",
493 prefix, s->mq_maxmsg);
494
495 if (s->mq_msgsize > 0)
496 fprintf(f,
497 "%sMessageQueueMessageSize: %li\n",
498 prefix, s->mq_msgsize);
499
034c6ed7 500 LIST_FOREACH(port, p, s->ports) {
5cb5a6ff 501
542563ba
LP		 502 if (p->type == SOCKET_SOCKET) {
503 const char *t;
504 int r;
e364ad06 505 char *k = NULL;
542563ba
LP		 506
507 if ((r = socket_address_print(&p->address, &k)) < 0)
508 t = strerror(-r);
509 else
510 t = k;
511
7a22745a 512 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
542563ba 513 free(k);
b0a3f2bc
LP		 514 } else if (p->type == SOCKET_SPECIAL)
515 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
916abb21
LP		 516 else if (p->type == SOCKET_MQUEUE)
517 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
b0a3f2bc 518 else
542563ba
LP		 519 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
520 }
5cb5a6ff
LP		 521
522 exec_context_dump(&s->exec_context, f, prefix);
523
e537352b 524 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
c43d20a0
LP		 525 if (!s->exec_command[c])
526 continue;
5cb5a6ff 527
40d50879 528 fprintf(f, "%s-> %s:\n",
a16e1123 529 prefix, socket_exec_command_to_string(c));
c43d20a0
LP		 530
531 exec_command_dump_list(s->exec_command[c], f, prefix2);
5cb5a6ff 532 }
c43d20a0 533
82ba9f08 534 free(p2);
5cb5a6ff
LP		 535}
536
4f2d528d
LP		 537static int instance_from_socket(int fd, unsigned nr, char **instance) {
538 socklen_t l;
539 char *r;
540 union {
541 struct sockaddr sa;
542 struct sockaddr_un un;
543 struct sockaddr_in in;
544 struct sockaddr_in6 in6;
545 struct sockaddr_storage storage;
546 } local, remote;
547
548 assert(fd >= 0);
549 assert(instance);
550
551 l = sizeof(local);
552 if (getsockname(fd, &local.sa, &l) < 0)
553 return -errno;
554
555 l = sizeof(remote);
556 if (getpeername(fd, &remote.sa, &l) < 0)
557 return -errno;
558
559 switch (local.sa.sa_family) {
560
561 case AF_INET: {
562 uint32_t
563 a = ntohl(local.in.sin_addr.s_addr),
564 b = ntohl(remote.in.sin_addr.s_addr);
565
566 if (asprintf(&r,
77b088c2
LP		 567 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
568 nr,
4f2d528d
LP		 569 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
570 ntohs(local.in.sin_port),
571 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
572 ntohs(remote.in.sin_port)) < 0)
573 return -ENOMEM;
574
575 break;
576 }
577
578 case AF_INET6: {
2b061f5a
LP		 579 static const char ipv4_prefix[] = {
580 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
581 };
582
583 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
584 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
585 const uint8_t
586 *a = local.in6.sin6_addr.s6_addr+12,
587 *b = remote.in6.sin6_addr.s6_addr+12;
588
589 if (asprintf(&r,
77b088c2
LP		 590 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
591 nr,
2b061f5a
LP		 592 a[0], a[1], a[2], a[3],
593 ntohs(local.in6.sin6_port),
594 b[0], b[1], b[2], b[3],
595 ntohs(remote.in6.sin6_port)) < 0)
596 return -ENOMEM;
597 } else {
598 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
599
600 if (asprintf(&r,
77b088c2
LP		 601 "%u-%s:%u-%s:%u",
602 nr,
2b061f5a
LP		 603 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
604 ntohs(local.in6.sin6_port),
605 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
606 ntohs(remote.in6.sin6_port)) < 0)
607 return -ENOMEM;
608 }
4f2d528d
LP		 609
610 break;
611 }
612
613 case AF_UNIX: {
614 struct ucred ucred;
615
616 l = sizeof(ucred);
617 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &ucred, &l) < 0)
618 return -errno;
619
620 if (asprintf(&r,
bb00e604 621 "%u-%lu-%lu",
4f2d528d 622 nr,
bb00e604
LP		 623 (unsigned long) ucred.pid,
624 (unsigned long) ucred.uid) < 0)
4f2d528d
LP		 625 return -ENOMEM;
626
627 break;
628 }
629
630 default:
631 assert_not_reached("Unhandled socket type.");
632 }
633
634 *instance = r;
635 return 0;
636}
637
034c6ed7 638static void socket_close_fds(Socket *s) {
83c60c9f
LP		 639 SocketPort *p;
640
641 assert(s);
642
034c6ed7 643 LIST_FOREACH(port, p, s->ports) {
83c60c9f
LP		 644 if (p->fd < 0)
645 continue;
646
acbb0225 647 unit_unwatch_fd(UNIT(s), &p->fd_watch);
a16e1123
LP		 648 close_nointr_nofail(p->fd);
649
650 /* One little note: we should never delete any sockets
651 * in the file system here! After all some other
652 * process we spawned might still have a reference of
653 * this fd and wants to continue to use it. Therefore
654 * we delete sockets in the file system before we
655 * create a new one, not after we stopped using
656 * one! */
9152c765 657
83c60c9f
LP		 658 p->fd = -1;
659 }
660}
661
4fd5948e
LP		 662static void socket_apply_socket_options(Socket *s, int fd) {
663 assert(s);
664 assert(fd >= 0);
665
666 if (s->keep_alive) {
667 int b = s->keep_alive;
668 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
669 log_warning("SO_KEEPALIVE failed: %m");
670 }
671
ec6370a2
LP		 672 if (s->broadcast) {
673 int one = 1;
674 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
675 log_warning("SO_BROADCAST failed: %m");
676 }
677
d68af586
MS		 678 if (s->pass_cred) {
679 int one = 1;
680 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
681 log_warning("SO_PASSCRED failed: %m");
682 }
683
54ecda32
LP		 684 if (s->pass_sec) {
685 int one = 1;
686 if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
687 log_warning("SO_PASSSEC failed: %m");
688 }
689
4fd5948e
LP		 690 if (s->priority >= 0)
691 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
692 log_warning("SO_PRIORITY failed: %m");
693
694 if (s->receive_buffer > 0) {
695 int value = (int) s->receive_buffer;
7d9eaa84
LP		 696
697 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
698
b8cef44e 699 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
7d9eaa84
LP		 700 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
701 log_warning("SO_RCVBUF failed: %m");
4fd5948e
LP		 702 }
703
704 if (s->send_buffer > 0) {
705 int value = (int) s->send_buffer;
b8cef44e 706 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
7d9eaa84
LP		 707 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
708 log_warning("SO_SNDBUF failed: %m");
4fd5948e
LP		 709 }
710
711 if (s->mark >= 0)
712 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
713 log_warning("SO_MARK failed: %m");
714
715 if (s->ip_tos >= 0)
716 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
717 log_warning("IP_TOS failed: %m");
718
46925ac5
LP		 719 if (s->ip_ttl >= 0) {
720 int r, x;
721
722 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
5bfcc1c6
FF		 723
724 if (socket_ipv6_is_supported())
725 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
726 else {
727 x = -1;
728 errno = EAFNOSUPPORT;
729 }
46925ac5
LP		 730
731 if (r < 0 && x < 0)
732 log_warning("IP_TTL/IPV6_UNICAST_HOPS failed: %m");
733 }
cebf8b20
TT		 734
735 if (s->tcp_congestion)
736 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
737 log_warning("TCP_CONGESTION failed: %m");
4fd5948e
LP		 738}
739
b15bdda8 740static void socket_apply_fifo_options(Socket *s, int fd) {
4fd5948e
LP		 741 assert(s);
742 assert(fd >= 0);
743
744 if (s->pipe_size > 0)
745 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
746 log_warning("F_SETPIPE_SZ: %m");
747}
748
b15bdda8
LP		 749static int fifo_address_create(
750 const char *path,
751 mode_t directory_mode,
752 mode_t socket_mode,
b15bdda8
LP		 753 int *_fd) {
754
7a58bfa4 755 int fd = -1, r = 0;
b15bdda8
LP		 756 struct stat st;
757 mode_t old_mask;
758
759 assert(path);
760 assert(_fd);
761
762 mkdir_parents(path, directory_mode);
763
c4e2ceae 764 if ((r = label_fifofile_set(path)) < 0)
56cf987f 765 goto fail;
b15bdda8
LP		 766
767 /* Enforce the right access mode for the fifo */
768 old_mask = umask(~ socket_mode);
769
770 /* Include the original umask in our mask */
771 umask(~socket_mode | old_mask);
772
773 r = mkfifo(path, socket_mode);
774 umask(old_mask);
775
94bc2731 776 if (r < 0 && errno != EEXIST) {
b15bdda8
LP		 777 r = -errno;
778 goto fail;
779 }
780
781 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
782 r = -errno;
783 goto fail;
784 }
785
56cf987f 786 label_file_clear();
7a58bfa4 787
b15bdda8
LP		 788 if (fstat(fd, &st) < 0) {
789 r = -errno;
790 goto fail;
791 }
792
793 if (!S_ISFIFO(st.st_mode) ||
de0200fc 794 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
b15bdda8
LP		 795 st.st_uid != getuid() ||
796 st.st_gid != getgid()) {
797
798 r = -EEXIST;
799 goto fail;
800 }
801
802 *_fd = fd;
803 return 0;
804
805fail:
56cf987f
DW		 806 label_file_clear();
807
b15bdda8
LP		 808 if (fd >= 0)
809 close_nointr_nofail(fd);
810
811 return r;
812}
813
b0a3f2bc
LP		 814static int special_address_create(
815 const char *path,
816 int *_fd) {
817
818 int fd = -1, r = 0;
819 struct stat st;
820
821 assert(path);
822 assert(_fd);
823
824 if ((fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
825 r = -errno;
826 goto fail;
827 }
828
829 if (fstat(fd, &st) < 0) {
830 r = -errno;
831 goto fail;
832 }
833
834 /* Check whether this is a /proc, /sys or /dev file or char device */
835 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
836 r = -EEXIST;
837 goto fail;
838 }
839
840 *_fd = fd;
841 return 0;
842
843fail:
844 if (fd >= 0)
845 close_nointr_nofail(fd);
846
847 return r;
848}
849
916abb21
LP		 850static int mq_address_create(
851 const char *path,
852 mode_t mq_mode,
853 long maxmsg,
854 long msgsize,
855 int *_fd) {
856
857 int fd = -1, r = 0;
858 struct stat st;
859 mode_t old_mask;
860 struct mq_attr _attr, *attr = NULL;
861
862 assert(path);
863 assert(_fd);
864
865 if (maxmsg > 0 && msgsize > 0) {
866 zero(_attr);
867 _attr.mq_flags = O_NONBLOCK;
868 _attr.mq_maxmsg = maxmsg;
869 _attr.mq_msgsize = msgsize;
870 attr = &_attr;
871 }
872
873 /* Enforce the right access mode for the mq */
874 old_mask = umask(~ mq_mode);
875
876 /* Include the original umask in our mask */
877 umask(~mq_mode | old_mask);
878
879 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
880 umask(old_mask);
881
8ea913b2 882 if (fd < 0) {
916abb21
LP		 883 r = -errno;
884 goto fail;
885 }
886
887 if (fstat(fd, &st) < 0) {
888 r = -errno;
889 goto fail;
890 }
891
892 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
893 st.st_uid != getuid() ||
894 st.st_gid != getgid()) {
895
896 r = -EEXIST;
897 goto fail;
898 }
899
900 *_fd = fd;
901 return 0;
902
903fail:
904 if (fd >= 0)
905 close_nointr_nofail(fd);
906
907 return r;
908}
909
034c6ed7 910static int socket_open_fds(Socket *s) {
83c60c9f
LP		 911 SocketPort *p;
912 int r;
56cf987f 913 char *label = NULL;
049f8642 914 bool know_label = false;
83c60c9f
LP		 915
916 assert(s);
917
034c6ed7 918 LIST_FOREACH(port, p, s->ports) {
83c60c9f 919
034c6ed7
LP		 920 if (p->fd >= 0)
921 continue;
83c60c9f
LP		 922
923 if (p->type == SOCKET_SOCKET) {
924
049f8642
LP		 925 if (!know_label) {
926
927 if ((r = socket_instantiate_service(s)) < 0)
928 return r;
929
57020a3a
LP		 930 if (UNIT_DEREF(s->service) &&
931 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
932 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
189583d7
LP		 933
934 if (r < 0) {
a7444eda
LP		 935 if (r != -EPERM)
936 return r;
937 }
189583d7 938 }
049f8642
LP		 939
940 know_label = true;
941 }
942
b5a0699f
LP		 943 if ((r = socket_address_listen(
944 &p->address,
945 s->backlog,
946 s->bind_ipv6_only,
947 s->bind_to_device,
4fd5948e 948 s->free_bind,
6b6d2dee 949 s->transparent,
b5a0699f
LP		 950 s->directory_mode,
951 s->socket_mode,
56cf987f 952 label,
b5a0699f 953 &p->fd)) < 0)
83c60c9f
LP		 954 goto rollback;
955
4fd5948e
LP		 956 socket_apply_socket_options(s, p->fd);
957
b0a3f2bc
LP		 958 } else if (p->type == SOCKET_SPECIAL) {
959
960 if ((r = special_address_create(
961 p->path,
962 &p->fd)) < 0)
963 goto rollback;
964
b15bdda8 965 } else if (p->type == SOCKET_FIFO) {
83c60c9f 966
b15bdda8
LP		 967 if ((r = fifo_address_create(
968 p->path,
969 s->directory_mode,
970 s->socket_mode,
b15bdda8 971 &p->fd)) < 0)
83c60c9f 972 goto rollback;
83c60c9f 973
b15bdda8 974 socket_apply_fifo_options(s, p->fd);
916abb21 975 } else if (p->type == SOCKET_MQUEUE) {
83c60c9f 976
916abb21
LP		 977 if ((r = mq_address_create(
978 p->path,
979 s->socket_mode,
980 s->mq_maxmsg,
981 s->mq_msgsize,
982 &p->fd)) < 0)
983 goto rollback;
b15bdda8
LP		 984 } else
985 assert_not_reached("Unknown port type");
034c6ed7
LP		 986 }
987
56cf987f 988 label_free(label);
034c6ed7
LP		 989 return 0;
990
991rollback:
992 socket_close_fds(s);
56cf987f 993 label_free(label);
034c6ed7
LP		 994 return r;
995}
996
997static void socket_unwatch_fds(Socket *s) {
998 SocketPort *p;
9152c765 999
034c6ed7
LP		 1000 assert(s);
1001
1002 LIST_FOREACH(port, p, s->ports) {
1003 if (p->fd < 0)
1004 continue;
1005
acbb0225 1006 unit_unwatch_fd(UNIT(s), &p->fd_watch);
83c60c9f 1007 }
034c6ed7
LP		 1008}
1009
1010static int socket_watch_fds(Socket *s) {
1011 SocketPort *p;
1012 int r;
1013
1014 assert(s);
83c60c9f 1015
034c6ed7
LP		 1016 LIST_FOREACH(port, p, s->ports) {
1017 if (p->fd < 0)
1018 continue;
1019
cabab516 1020 p->fd_watch.socket_accept =
4f2d528d 1021 s->accept &&
dd5ad9d4 1022 p->type == SOCKET_SOCKET &&
4f2d528d
LP		 1023 socket_address_can_accept(&p->address);
1024
f94ea366 1025 if ((r = unit_watch_fd(UNIT(s), p->fd, EPOLLIN, &p->fd_watch)) < 0)
034c6ed7
LP		 1026 goto fail;
1027 }
83c60c9f 1028
542563ba 1029 return 0;
83c60c9f 1030
034c6ed7
LP		 1031fail:
1032 socket_unwatch_fds(s);
1033 return r;
1034}
1035
1036static void socket_set_state(Socket *s, SocketState state) {
1037 SocketState old_state;
1038 assert(s);
1039
1040 old_state = s->state;
1041 s->state = state;
1042
1043 if (state != SOCKET_START_PRE &&
1044 state != SOCKET_START_POST &&
1045 state != SOCKET_STOP_PRE &&
1046 state != SOCKET_STOP_PRE_SIGTERM &&
1047 state != SOCKET_STOP_PRE_SIGKILL &&
1048 state != SOCKET_STOP_POST &&
80876c20
LP		 1049 state != SOCKET_FINAL_SIGTERM &&
1050 state != SOCKET_FINAL_SIGKILL) {
acbb0225 1051 unit_unwatch_timer(UNIT(s), &s->timer_watch);
5e94833f 1052 socket_unwatch_control_pid(s);
034c6ed7 1053 s->control_command = NULL;
a16e1123 1054 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
e537352b 1055 }
034c6ed7 1056
a16e1123
LP		 1057 if (state != SOCKET_LISTENING)
1058 socket_unwatch_fds(s);
1059
034c6ed7
LP		 1060 if (state != SOCKET_START_POST &&
1061 state != SOCKET_LISTENING &&
1062 state != SOCKET_RUNNING &&
1063 state != SOCKET_STOP_PRE &&
1064 state != SOCKET_STOP_PRE_SIGTERM &&
1065 state != SOCKET_STOP_PRE_SIGKILL)
1066 socket_close_fds(s);
1067
e537352b 1068 if (state != old_state)
40d50879 1069 log_debug("%s changed %s -> %s",
1124fe6f 1070 UNIT(s)->id,
a16e1123
LP		 1071 socket_state_to_string(old_state),
1072 socket_state_to_string(state));
acbb0225 1073
e2f3b44c 1074 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
034c6ed7
LP		 1075}
1076
a16e1123
LP		 1077static int socket_coldplug(Unit *u) {
1078 Socket *s = SOCKET(u);
1079 int r;
1080
1081 assert(s);
1082 assert(s->state == SOCKET_DEAD);
1083
1084 if (s->deserialized_state != s->state) {
1085
1086 if (s->deserialized_state == SOCKET_START_PRE ||
1087 s->deserialized_state == SOCKET_START_POST ||
1088 s->deserialized_state == SOCKET_STOP_PRE ||
1089 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1090 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL ||
1091 s->deserialized_state == SOCKET_STOP_POST ||
1092 s->deserialized_state == SOCKET_FINAL_SIGTERM ||
1093 s->deserialized_state == SOCKET_FINAL_SIGKILL) {
1094
1095 if (s->control_pid <= 0)
1096 return -EBADMSG;
1097
1098 if ((r = unit_watch_pid(UNIT(s), s->control_pid)) < 0)
1099 return r;
1100
1101 if ((r = unit_watch_timer(UNIT(s), s->timeout_usec, &s->timer_watch)) < 0)
1102 return r;
1103 }
1104
1105 if (s->deserialized_state == SOCKET_START_POST ||
1106 s->deserialized_state == SOCKET_LISTENING ||
1107 s->deserialized_state == SOCKET_RUNNING ||
1108 s->deserialized_state == SOCKET_STOP_PRE ||
1109 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1110 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL)
1111 if ((r = socket_open_fds(s)) < 0)
1112 return r;
1113
1114 if (s->deserialized_state == SOCKET_LISTENING)
1115 if ((r = socket_watch_fds(s)) < 0)
1116 return r;
1117
1118 socket_set_state(s, s->deserialized_state);
1119 }
1120
1121 return 0;
1122}
1123
e537352b 1124static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
034c6ed7
LP		 1125 pid_t pid;
1126 int r;
9e2f7c11 1127 char **argv;
034c6ed7
LP		 1128
1129 assert(s);
1130 assert(c);
1131 assert(_pid);
1132
e537352b
LP		 1133 if ((r = unit_watch_timer(UNIT(s), s->timeout_usec, &s->timer_watch)) < 0)
1134 goto fail;
034c6ed7 1135
9e2f7c11
LP		 1136 if (!(argv = unit_full_printf_strv(UNIT(s), c->argv))) {
1137 r = -ENOMEM;
1138 goto fail;
1139 }
1140
1141 r = exec_spawn(c,
1142 argv,
1143 &s->exec_context,
1144 NULL, 0,
1124fe6f 1145 UNIT(s)->manager->environment,
9e2f7c11
LP		 1146 true,
1147 true,
1e3ad081 1148 true,
1124fe6f
MS		 1149 UNIT(s)->manager->confirm_spawn,
1150 UNIT(s)->cgroup_bondings,
1151 UNIT(s)->cgroup_attributes,
9e2f7c11
LP		 1152 &pid);
1153
1154 strv_free(argv);
1155 if (r < 0)
034c6ed7
LP		 1156 goto fail;
1157
87f0e418 1158 if ((r = unit_watch_pid(UNIT(s), pid)) < 0)
034c6ed7
LP		 1159 /* FIXME: we need to do something here */
1160 goto fail;
83c60c9f 1161
034c6ed7
LP		 1162 *_pid = pid;
1163
1164 return 0;
1165
1166fail:
e537352b 1167 unit_unwatch_timer(UNIT(s), &s->timer_watch);
83c60c9f
LP		 1168
1169 return r;
542563ba
LP		 1170}
1171
cfc4eb4c 1172static void socket_enter_dead(Socket *s, SocketResult f) {
034c6ed7
LP		 1173 assert(s);
1174
cfc4eb4c
LP		 1175 if (f != SOCKET_SUCCESS)
1176 s->result = f;
034c6ed7 1177
cfc4eb4c 1178 socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
034c6ed7
LP		 1179}
1180
cfc4eb4c 1181static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
80876c20 1182
cfc4eb4c 1183static void socket_enter_stop_post(Socket *s, SocketResult f) {
034c6ed7
LP		 1184 int r;
1185 assert(s);
1186
cfc4eb4c
LP		 1187 if (f != SOCKET_SUCCESS)
1188 s->result = f;
034c6ed7 1189
5e94833f
LP		 1190 socket_unwatch_control_pid(s);
1191
a16e1123
LP		 1192 s->control_command_id = SOCKET_EXEC_STOP_POST;
1193
80876c20 1194 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST])) {
e537352b 1195 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1196 goto fail;
1197
80876c20
LP		 1198 socket_set_state(s, SOCKET_STOP_POST);
1199 } else
cfc4eb4c 1200 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
034c6ed7
LP		 1201
1202 return;
1203
1204fail:
1124fe6f 1205 log_warning("%s failed to run 'stop-post' task: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1206 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1207}
1208
cfc4eb4c 1209static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
034c6ed7 1210 int r;
ca949c9d
LP		 1211 Set *pid_set = NULL;
1212 bool wait_for_exit = false;
034c6ed7
LP		 1213
1214 assert(s);
1215
cfc4eb4c
LP		 1216 if (f != SOCKET_SUCCESS)
1217 s->result = f;
034c6ed7 1218
2e22afe9
LP		 1219 if (s->exec_context.kill_mode != KILL_NONE) {
1220 int sig = (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_FINAL_SIGTERM) ? s->exec_context.kill_signal : SIGKILL;
034c6ed7 1221
ca949c9d 1222 if (s->control_pid > 0) {
cd25cce9 1223 if (kill_and_sigcont(s->control_pid, sig) < 0 && errno != ESRCH)
50159e6a 1224
ca949c9d
LP		 1225 log_warning("Failed to kill control process %li: %m", (long) s->control_pid);
1226 else
1227 wait_for_exit = true;
034c6ed7 1228 }
50159e6a 1229
ca949c9d
LP		 1230 if (s->exec_context.kill_mode == KILL_CONTROL_GROUP) {
1231
1232 if (!(pid_set = set_new(trivial_hash_func, trivial_compare_func))) {
1233 r = -ENOMEM;
50159e6a
LP		 1234 goto fail;
1235 }
ca949c9d
LP		 1236
1237 /* Exclude the control pid from being killed via the cgroup */
1238 if (s->control_pid > 0)
1239 if ((r = set_put(pid_set, LONG_TO_PTR(s->control_pid))) < 0)
1240 goto fail;
1241
1124fe6f 1242 if ((r = cgroup_bonding_kill_list(UNIT(s)->cgroup_bondings, sig, true, pid_set)) < 0) {
ca949c9d
LP		 1243 if (r != -EAGAIN && r != -ESRCH && r != -ENOENT)
1244 log_warning("Failed to kill control group: %s", strerror(-r));
1245 } else if (r > 0)
1246 wait_for_exit = true;
1247
1248 set_free(pid_set);
da19d5c1 1249 pid_set = NULL;
ca949c9d 1250 }
d6ea93e3 1251 }
034c6ed7 1252
ca949c9d 1253 if (wait_for_exit) {
80876c20
LP		 1254 if ((r = unit_watch_timer(UNIT(s), s->timeout_usec, &s->timer_watch)) < 0)
1255 goto fail;
d6ea93e3 1256
80876c20
LP		 1257 socket_set_state(s, state);
1258 } else if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
cfc4eb4c 1259 socket_enter_stop_post(s, SOCKET_SUCCESS);
80876c20 1260 else
cfc4eb4c 1261 socket_enter_dead(s, SOCKET_SUCCESS);
034c6ed7
LP		 1262
1263 return;
1264
1265fail:
1124fe6f 1266 log_warning("%s failed to kill processes: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1267
1268 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
cfc4eb4c 1269 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1270 else
cfc4eb4c 1271 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
ca949c9d
LP		 1272
1273 if (pid_set)
1274 set_free(pid_set);
034c6ed7
LP		 1275}
1276
cfc4eb4c 1277static void socket_enter_stop_pre(Socket *s, SocketResult f) {
034c6ed7
LP		 1278 int r;
1279 assert(s);
1280
cfc4eb4c
LP		 1281 if (f != SOCKET_SUCCESS)
1282 s->result = f;
034c6ed7 1283
5e94833f
LP		 1284 socket_unwatch_control_pid(s);
1285
a16e1123
LP		 1286 s->control_command_id = SOCKET_EXEC_STOP_PRE;
1287
80876c20 1288 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE])) {
e537352b 1289 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1290 goto fail;
1291
80876c20
LP		 1292 socket_set_state(s, SOCKET_STOP_PRE);
1293 } else
cfc4eb4c 1294 socket_enter_stop_post(s, SOCKET_SUCCESS);
034c6ed7
LP		 1295
1296 return;
1297
1298fail:
1124fe6f 1299 log_warning("%s failed to run 'stop-pre' task: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1300 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1301}
1302
e9af15c3
LP		 1303static void socket_enter_listening(Socket *s) {
1304 int r;
1305 assert(s);
1306
cfc4eb4c
LP		 1307 r = socket_watch_fds(s);
1308 if (r < 0) {
1124fe6f 1309 log_warning("%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
e9af15c3
LP		 1310 goto fail;
1311 }
1312
1313 socket_set_state(s, SOCKET_LISTENING);
1314 return;
1315
1316fail:
cfc4eb4c 1317 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
e9af15c3
LP		 1318}
1319
034c6ed7
LP		 1320static void socket_enter_start_post(Socket *s) {
1321 int r;
1322 assert(s);
1323
cfc4eb4c
LP		 1324 r = socket_open_fds(s);
1325 if (r < 0) {
1124fe6f 1326 log_warning("%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1327 goto fail;
1328 }
1329
5e94833f
LP		 1330 socket_unwatch_control_pid(s);
1331
a16e1123
LP		 1332 s->control_command_id = SOCKET_EXEC_START_POST;
1333
80876c20 1334 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_POST])) {
cfc4eb4c
LP		 1335 r = socket_spawn(s, s->control_command, &s->control_pid);
1336 if (r < 0) {
1124fe6f 1337 log_warning("%s failed to run 'start-post' task: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1338 goto fail;
1339 }
1340
80876c20
LP		 1341 socket_set_state(s, SOCKET_START_POST);
1342 } else
e9af15c3 1343 socket_enter_listening(s);
034c6ed7
LP		 1344
1345 return;
1346
1347fail:
cfc4eb4c 1348 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1349}
1350
1351static void socket_enter_start_pre(Socket *s) {
1352 int r;
1353 assert(s);
1354
5e94833f
LP		 1355 socket_unwatch_control_pid(s);
1356
a16e1123
LP		 1357 s->control_command_id = SOCKET_EXEC_START_PRE;
1358
80876c20 1359 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_PRE])) {
e537352b 1360 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1361 goto fail;
1362
80876c20
LP		 1363 socket_set_state(s, SOCKET_START_PRE);
1364 } else
034c6ed7
LP		 1365 socket_enter_start_post(s);
1366
1367 return;
1368
1369fail:
1124fe6f 1370 log_warning("%s failed to run 'start-pre' task: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1371 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1372}
1373
4f2d528d 1374static void socket_enter_running(Socket *s, int cfd) {
034c6ed7 1375 int r;
398ef8ba 1376 DBusError error;
034c6ed7
LP		 1377
1378 assert(s);
398ef8ba 1379 dbus_error_init(&error);
034c6ed7 1380
ba3e67a7
LP		 1381 /* We don't take connections anymore if we are supposed to
1382 * shut down anyway */
18ffdfda 1383 if (unit_pending_inactive(UNIT(s))) {
1124fe6f 1384 log_debug("Suppressing connection request on %s since unit stop is scheduled.", UNIT(s)->id);
5d909e3e 1385
7c610628
LP		 1386 if (cfd >= 0)
1387 close_nointr_nofail(cfd);
1388 else {
1389 /* Flush all sockets by closing and reopening them */
1390 socket_close_fds(s);
1391
1a710b43
MS		 1392 r = socket_watch_fds(s);
1393 if (r < 0) {
1124fe6f 1394 log_warning("%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1395 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
7c610628
LP		 1396 }
1397 }
1398
ba3e67a7
LP		 1399 return;
1400 }
1401
4f2d528d 1402 if (cfd < 0) {
57020a3a
LP		 1403 Iterator i;
1404 Unit *u;
f976f3f6 1405 bool pending = false;
f976f3f6
LP		 1406
1407 /* If there's already a start pending don't bother to
1408 * do anything */
1124fe6f 1409 SET_FOREACH(u, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
57020a3a
LP		 1410 if (unit_pending_active(u)) {
1411 pending = true;
1412 break;
1413 }
f976f3f6 1414
1a710b43
MS		 1415 if (!pending) {
1416 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1417 if (r < 0)
f976f3f6 1418 goto fail;
1a710b43 1419 }
4f2d528d
LP		 1420
1421 socket_set_state(s, SOCKET_RUNNING);
1422 } else {
b4f10a5e 1423 char *prefix, *instance = NULL, *name;
b15bdda8 1424 Service *service;
4f2d528d 1425
6cf6bbc2
LP		 1426 if (s->n_connections >= s->max_connections) {
1427 log_warning("Too many incoming connections (%u)", s->n_connections);
1428 close_nointr_nofail(cfd);
1429 return;
1430 }
1431
1a710b43
MS		 1432 r = socket_instantiate_service(s);
1433 if (r < 0)
b15bdda8
LP		 1434 goto fail;
1435
1a710b43
MS		 1436 r = instance_from_socket(cfd, s->n_accepted, &instance);
1437 if (r < 0) {
1438 if (r != -ENOTCONN)
1439 goto fail;
1440
1441 /* ENOTCONN is legitimate if TCP RST was received.
1442 * This connection is over, but the socket unit lives on. */
1443 close_nointr_nofail(cfd);
1444 return;
1445 }
4f2d528d 1446
1a710b43
MS		 1447 prefix = unit_name_to_prefix(UNIT(s)->id);
1448 if (!prefix) {
4f2d528d
LP		 1449 free(instance);
1450 r = -ENOMEM;
1451 goto fail;
1452 }
1453
1454 name = unit_name_build(prefix, instance, ".service");
1455 free(prefix);
1456 free(instance);
1457
b6dbbe1c 1458 if (!name) {
4f2d528d 1459 r = -ENOMEM;
b6dbbe1c
LP		 1460 goto fail;
1461 }
4f2d528d 1462
1a710b43
MS		 1463 r = unit_add_name(UNIT_DEREF(s->service), name);
1464 if (r < 0) {
b15bdda8 1465 free(name);
4f2d528d 1466 goto fail;
b15bdda8
LP		 1467 }
1468
57020a3a
LP		 1469 service = SERVICE(UNIT_DEREF(s->service));
1470 unit_ref_unset(&s->service);
b15bdda8 1471 s->n_accepted ++;
4f2d528d 1472
1124fe6f 1473 UNIT(service)->no_gc = false;
6c073082 1474
b15bdda8
LP		 1475 unit_choose_id(UNIT(service), name);
1476 free(name);
1477
1a710b43
MS		 1478 r = service_set_socket_fd(service, cfd, s);
1479 if (r < 0)
4f2d528d
LP		 1480 goto fail;
1481
1482 cfd = -1;
6cf6bbc2
LP		 1483 s->n_connections ++;
1484
1a710b43
MS		 1485 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1486 if (r < 0)
4f2d528d 1487 goto fail;
c4e2ceae
LP		 1488
1489 /* Notify clients about changed counters */
1490 unit_add_to_dbus_queue(UNIT(s));
4f2d528d 1491 }
034c6ed7 1492
034c6ed7
LP		 1493 return;
1494
1495fail:
1124fe6f 1496 log_warning("%s failed to queue socket startup job: %s", UNIT(s)->id, bus_error(&error, r));
60089004 1497 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
4f2d528d
LP		 1498
1499 if (cfd >= 0)
1500 close_nointr_nofail(cfd);
398ef8ba
LP		 1501
1502 dbus_error_free(&error);
034c6ed7
LP		 1503}
1504
cfc4eb4c 1505static void socket_run_next(Socket *s) {
034c6ed7
LP		 1506 int r;
1507
1508 assert(s);
1509 assert(s->control_command);
1510 assert(s->control_command->command_next);
1511
5e94833f
LP		 1512 socket_unwatch_control_pid(s);
1513
034c6ed7
LP		 1514 s->control_command = s->control_command->command_next;
1515
e537352b 1516 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1517 goto fail;
1518
1519 return;
1520
1521fail:
1124fe6f 1522 log_warning("%s failed to run next task: %s", UNIT(s)->id, strerror(-r));
80876c20
LP		 1523
1524 if (s->state == SOCKET_START_POST)
cfc4eb4c 1525 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1526 else if (s->state == SOCKET_STOP_POST)
cfc4eb4c 1527 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1528 else
cfc4eb4c 1529 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1530}
1531
87f0e418
LP		 1532static int socket_start(Unit *u) {
1533 Socket *s = SOCKET(u);
83c60c9f
LP		 1534
1535 assert(s);
1536
034c6ed7
LP		 1537 /* We cannot fulfill this request right now, try again later
1538 * please! */
1539 if (s->state == SOCKET_STOP_PRE ||
1540 s->state == SOCKET_STOP_PRE_SIGKILL ||
1541 s->state == SOCKET_STOP_PRE_SIGTERM ||
1542 s->state == SOCKET_STOP_POST ||
80876c20
LP		 1543 s->state == SOCKET_FINAL_SIGTERM ||
1544 s->state == SOCKET_FINAL_SIGKILL)
034c6ed7
LP		 1545 return -EAGAIN;
1546
83c60c9f
LP		 1547 if (s->state == SOCKET_START_PRE ||
1548 s->state == SOCKET_START_POST)
034c6ed7 1549 return 0;
83c60c9f 1550
034c6ed7 1551 /* Cannot run this without the service being around */
57020a3a
LP		 1552 if (UNIT_DEREF(s->service)) {
1553 Service *service;
1554
1555 service = SERVICE(UNIT_DEREF(s->service));
1556
1124fe6f
MS		 1557 if (UNIT(service)->load_state != UNIT_LOADED) {
1558 log_error("Socket service %s not loaded, refusing.", UNIT(service)->id);
4f2d528d 1559 return -ENOENT;
4ac9236f 1560 }
4f2d528d 1561
35b8ca3a 1562 /* If the service is already active we cannot start the
4f2d528d 1563 * socket */
57020a3a
LP		 1564 if (service->state != SERVICE_DEAD &&
1565 service->state != SERVICE_FAILED &&
1566 service->state != SERVICE_AUTO_RESTART) {
1124fe6f 1567 log_error("Socket service %s already active, refusing.", UNIT(service)->id);
4f2d528d 1568 return -EBUSY;
4ac9236f 1569 }
7b4bf06b
LP		 1570
1571#ifdef HAVE_SYSV_COMPAT
57020a3a 1572 if (service->sysv_path) {
7b4bf06b
LP		 1573 log_error("Using SysV services for socket activation is not supported. Refusing.");
1574 return -ENOENT;
1575 }
1576#endif
4f2d528d 1577 }
e537352b 1578
fdf20a31 1579 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
83c60c9f 1580
cfc4eb4c 1581 s->result = SOCKET_SUCCESS;
034c6ed7
LP		 1582 socket_enter_start_pre(s);
1583 return 0;
1584}
83c60c9f 1585
87f0e418
LP		 1586static int socket_stop(Unit *u) {
1587 Socket *s = SOCKET(u);
034c6ed7
LP		 1588
1589 assert(s);
1590
e537352b
LP		 1591 /* Already on it */
1592 if (s->state == SOCKET_STOP_PRE ||
1593 s->state == SOCKET_STOP_PRE_SIGTERM ||
1594 s->state == SOCKET_STOP_PRE_SIGKILL ||
1595 s->state == SOCKET_STOP_POST ||
80876c20 1596 s->state == SOCKET_FINAL_SIGTERM ||
3f6c78dc 1597 s->state == SOCKET_FINAL_SIGKILL)
e537352b
LP		 1598 return 0;
1599
3f6c78dc
LP		 1600 /* If there's already something running we go directly into
1601 * kill mode. */
1602 if (s->state == SOCKET_START_PRE ||
1603 s->state == SOCKET_START_POST) {
cfc4eb4c 1604 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
3f6c78dc
LP		 1605 return -EAGAIN;
1606 }
1607
034c6ed7 1608 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
83c60c9f 1609
cfc4eb4c 1610 socket_enter_stop_pre(s, SOCKET_SUCCESS);
542563ba
LP		 1611 return 0;
1612}
1613
a16e1123
LP		 1614static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1615 Socket *s = SOCKET(u);
1616 SocketPort *p;
1617 int r;
1618
1619 assert(u);
1620 assert(f);
1621 assert(fds);
1622
1623 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
cfc4eb4c 1624 unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
a16e1123
LP		 1625 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1626
1627 if (s->control_pid > 0)
5925dd3c 1628 unit_serialize_item_format(u, f, "control-pid", "%lu", (unsigned long) s->control_pid);
a16e1123
LP		 1629
1630 if (s->control_command_id >= 0)
1631 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1632
1633 LIST_FOREACH(port, p, s->ports) {
1634 int copy;
1635
1636 if (p->fd < 0)
1637 continue;
1638
1639 if ((copy = fdset_put_dup(fds, p->fd)) < 0)
1640 return copy;
1641
1642 if (p->type == SOCKET_SOCKET) {
1643 char *t;
1644
1645 if ((r = socket_address_print(&p->address, &t)) < 0)
1646 return r;
1647
7a22745a
LP		 1648 if (socket_address_family(&p->address) == AF_NETLINK)
1649 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
1650 else
1651 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
a16e1123 1652 free(t);
b0a3f2bc
LP		 1653 } else if (p->type == SOCKET_SPECIAL)
1654 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
1655 else {
a16e1123
LP		 1656 assert(p->type == SOCKET_FIFO);
1657 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
1658 }
1659 }
1660
1661 return 0;
1662}
1663
1664static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
1665 Socket *s = SOCKET(u);
a16e1123
LP		 1666
1667 assert(u);
1668 assert(key);
1669 assert(value);
1670 assert(fds);
1671
1672 if (streq(key, "state")) {
1673 SocketState state;
1674
1675 if ((state = socket_state_from_string(value)) < 0)
1676 log_debug("Failed to parse state value %s", value);
1677 else
1678 s->deserialized_state = state;
cfc4eb4c
LP		 1679 } else if (streq(key, "result")) {
1680 SocketResult f;
a16e1123 1681
cfc4eb4c
LP		 1682 f = socket_result_from_string(value);
1683 if (f < 0)
1684 log_debug("Failed to parse result value %s", value);
1685 else if (f != SOCKET_SUCCESS)
1686 s->result = f;
a16e1123
LP		 1687
1688 } else if (streq(key, "n-accepted")) {
1689 unsigned k;
1690
e364ad06 1691 if (safe_atou(value, &k) < 0)
a16e1123
LP		 1692 log_debug("Failed to parse n-accepted value %s", value);
1693 else
1694 s->n_accepted += k;
1695 } else if (streq(key, "control-pid")) {
5925dd3c 1696 pid_t pid;
a16e1123 1697
e364ad06 1698 if (parse_pid(value, &pid) < 0)
a16e1123
LP		 1699 log_debug("Failed to parse control-pid value %s", value);
1700 else
5925dd3c 1701 s->control_pid = pid;
a16e1123
LP		 1702 } else if (streq(key, "control-command")) {
1703 SocketExecCommand id;
1704
1705 if ((id = socket_exec_command_from_string(value)) < 0)
1706 log_debug("Failed to parse exec-command value %s", value);
1707 else {
1708 s->control_command_id = id;
1709 s->control_command = s->exec_command[id];
1710 }
1711 } else if (streq(key, "fifo")) {
1712 int fd, skip = 0;
1713 SocketPort *p;
1714
1715 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1716 log_debug("Failed to parse fifo value %s", value);
1717 else {
1718
1719 LIST_FOREACH(port, p, s->ports)
b0a3f2bc
LP		 1720 if (p->type == SOCKET_FIFO &&
1721 streq_ptr(p->path, value+skip))
1722 break;
1723
1724 if (p) {
1725 if (p->fd >= 0)
1726 close_nointr_nofail(p->fd);
1727 p->fd = fdset_remove(fds, fd);
1728 }
1729 }
1730
1731 } else if (streq(key, "special")) {
1732 int fd, skip = 0;
1733 SocketPort *p;
1734
1735 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1736 log_debug("Failed to parse special value %s", value);
1737 else {
1738
1739 LIST_FOREACH(port, p, s->ports)
1740 if (p->type == SOCKET_SPECIAL &&
1741 streq_ptr(p->path, value+skip))
a16e1123
LP		 1742 break;
1743
1744 if (p) {
1745 if (p->fd >= 0)
1746 close_nointr_nofail(p->fd);
1747 p->fd = fdset_remove(fds, fd);
1748 }
1749 }
1750
1751 } else if (streq(key, "socket")) {
27ca8d7a 1752 int fd, type, skip = 0;
a16e1123
LP		 1753 SocketPort *p;
1754
27ca8d7a 1755 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
a16e1123
LP		 1756 log_debug("Failed to parse socket value %s", value);
1757 else {
1758
1759 LIST_FOREACH(port, p, s->ports)
27ca8d7a 1760 if (socket_address_is(&p->address, value+skip, type))
a16e1123
LP		 1761 break;
1762
1763 if (p) {
1764 if (p->fd >= 0)
1765 close_nointr_nofail(p->fd);
1766 p->fd = fdset_remove(fds, fd);
1767 }
1768 }
1769
7a22745a
LP		 1770 } else if (streq(key, "netlink")) {
1771 int fd, skip = 0;
1772 SocketPort *p;
1773
1774 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1775 log_debug("Failed to parse socket value %s", value);
1776 else {
1777
1778 LIST_FOREACH(port, p, s->ports)
1779 if (socket_address_is_netlink(&p->address, value+skip))
1780 break;
1781
1782 if (p) {
1783 if (p->fd >= 0)
1784 close_nointr_nofail(p->fd);
1785 p->fd = fdset_remove(fds, fd);
1786 }
1787 }
1788
a16e1123
LP		 1789 } else
1790 log_debug("Unknown serialization key '%s'", key);
1791
1792 return 0;
1793}
1794
87f0e418
LP		 1795static UnitActiveState socket_active_state(Unit *u) {
1796 assert(u);
5cb5a6ff 1797
acbb0225 1798 return state_translation_table[SOCKET(u)->state];
5cb5a6ff
LP		 1799}
1800
10a94420
LP		 1801static const char *socket_sub_state_to_string(Unit *u) {
1802 assert(u);
1803
a16e1123 1804 return socket_state_to_string(SOCKET(u)->state);
10a94420
LP		 1805}
1806
6cf6bbc2
LP		 1807static bool socket_check_gc(Unit *u) {
1808 Socket *s = SOCKET(u);
1809
1810 assert(u);
1811
1812 return s->n_connections > 0;
1813}
1814
acbb0225 1815static void socket_fd_event(Unit *u, int fd, uint32_t events, Watch *w) {
87f0e418 1816 Socket *s = SOCKET(u);
4f2d528d 1817 int cfd = -1;
9152c765 1818
034c6ed7 1819 assert(s);
8d567588 1820 assert(fd >= 0);
9152c765 1821
871d7de4
LP		 1822 if (s->state != SOCKET_LISTENING)
1823 return;
1824
ac155bb8 1825 log_debug("Incoming traffic on %s", u->id);
9152c765 1826
4f2d528d 1827 if (events != EPOLLIN) {
641e01dc
LP		 1828
1829 if (events & EPOLLHUP)
ac155bb8 1830 log_error("%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.", u->id);
641e01dc 1831 else
ac155bb8 1832 log_error("%s: Got unexpected poll event (0x%x) on socket.", u->id, events);
641e01dc 1833
8d567588 1834 goto fail;
4f2d528d
LP		 1835 }
1836
cabab516 1837 if (w->socket_accept) {
4f2d528d
LP		 1838 for (;;) {
1839
1840 if ((cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK)) < 0) {
1841
1842 if (errno == EINTR)
1843 continue;
1844
1845 log_error("Failed to accept socket: %m");
8d567588 1846 goto fail;
4f2d528d
LP		 1847 }
1848
1849 break;
1850 }
4fd5948e
LP		 1851
1852 socket_apply_socket_options(s, cfd);
4f2d528d 1853 }
9152c765 1854
4f2d528d 1855 socket_enter_running(s, cfd);
8d567588
LP		 1856 return;
1857
1858fail:
cfc4eb4c 1859 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
9152c765
LP		 1860}
1861
87f0e418
LP		 1862static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
1863 Socket *s = SOCKET(u);
cfc4eb4c 1864 SocketResult f;
5cb5a6ff
LP		 1865
1866 assert(s);
034c6ed7 1867 assert(pid >= 0);
5cb5a6ff 1868
8c47c732
LP		 1869 if (pid != s->control_pid)
1870 return;
542563ba 1871
034c6ed7
LP		 1872 s->control_pid = 0;
1873
cfc4eb4c
LP		 1874 if (is_clean_exit(code, status))
1875 f = SOCKET_SUCCESS;
1876 else if (code == CLD_EXITED)
1877 f = SOCKET_FAILURE_EXIT_CODE;
1878 else if (code == CLD_KILLED)
1879 f = SOCKET_FAILURE_SIGNAL;
1880 else if (code == CLD_DUMPED)
1881 f = SOCKET_FAILURE_CORE_DUMP;
1882 else
1883 assert_not_reached("Unknown code");
8c47c732 1884
b708e7ce 1885 if (s->control_command) {
6ea832a2 1886 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
a16e1123 1887
b708e7ce 1888 if (s->control_command->ignore)
cfc4eb4c 1889 f = SOCKET_SUCCESS;
b708e7ce
LP		 1890 }
1891
cfc4eb4c 1892 log_full(f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE,
ac155bb8 1893 "%s control process exited, code=%s status=%i", u->id, sigchld_code_to_string(code), status);
034c6ed7 1894
cfc4eb4c
LP		 1895 if (f != SOCKET_SUCCESS)
1896 s->result = f;
1897
1898 if (s->control_command &&
1899 s->control_command->command_next &&
1900 f == SOCKET_SUCCESS) {
1901
ac155bb8 1902 log_debug("%s running next command for state %s", u->id, socket_state_to_string(s->state));
cfc4eb4c 1903 socket_run_next(s);
acbb0225 1904 } else {
a16e1123
LP		 1905 s->control_command = NULL;
1906 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
1907
034c6ed7
LP		 1908 /* No further commands for this step, so let's figure
1909 * out what to do next */
5cb5a6ff 1910
ac155bb8 1911 log_debug("%s got final SIGCHLD for state %s", u->id, socket_state_to_string(s->state));
acbb0225 1912
034c6ed7
LP		 1913 switch (s->state) {
1914
1915 case SOCKET_START_PRE:
cfc4eb4c 1916 if (f == SOCKET_SUCCESS)
acbb0225 1917 socket_enter_start_post(s);
034c6ed7 1918 else
cfc4eb4c 1919 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
034c6ed7
LP		 1920 break;
1921
1922 case SOCKET_START_POST:
cfc4eb4c 1923 if (f == SOCKET_SUCCESS)
e9af15c3 1924 socket_enter_listening(s);
034c6ed7 1925 else
cfc4eb4c 1926 socket_enter_stop_pre(s, f);
034c6ed7
LP		 1927 break;
1928
1929 case SOCKET_STOP_PRE:
1930 case SOCKET_STOP_PRE_SIGTERM:
1931 case SOCKET_STOP_PRE_SIGKILL:
cfc4eb4c 1932 socket_enter_stop_post(s, f);
034c6ed7
LP		 1933 break;
1934
1935 case SOCKET_STOP_POST:
80876c20
LP		 1936 case SOCKET_FINAL_SIGTERM:
1937 case SOCKET_FINAL_SIGKILL:
cfc4eb4c 1938 socket_enter_dead(s, f);
034c6ed7
LP		 1939 break;
1940
1941 default:
1942 assert_not_reached("Uh, control process died at wrong time.");
1943 }
1944 }
c4e2ceae
LP		 1945
1946 /* Notify clients about changed exit status */
1947 unit_add_to_dbus_queue(u);
034c6ed7 1948}
5cb5a6ff 1949
acbb0225 1950static void socket_timer_event(Unit *u, uint64_t elapsed, Watch *w) {
87f0e418 1951 Socket *s = SOCKET(u);
5cb5a6ff 1952
034c6ed7
LP		 1953 assert(s);
1954 assert(elapsed == 1);
acbb0225 1955 assert(w == &s->timer_watch);
034c6ed7
LP		 1956
1957 switch (s->state) {
1958
1959 case SOCKET_START_PRE:
ac155bb8 1960 log_warning("%s starting timed out. Terminating.", u->id);
cfc4eb4c 1961 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
da19d5c1 1962 break;
80876c20 1963
034c6ed7 1964 case SOCKET_START_POST:
ac155bb8 1965 log_warning("%s starting timed out. Stopping.", u->id);
cfc4eb4c 1966 socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 1967 break;
1968
1969 case SOCKET_STOP_PRE:
ac155bb8 1970 log_warning("%s stopping timed out. Terminating.", u->id);
cfc4eb4c 1971 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 1972 break;
1973
1974 case SOCKET_STOP_PRE_SIGTERM:
ba035df2 1975 if (s->exec_context.send_sigkill) {
ac155bb8 1976 log_warning("%s stopping timed out. Killing.", u->id);
cfc4eb4c 1977 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
ba035df2 1978 } else {
ac155bb8 1979 log_warning("%s stopping timed out. Skipping SIGKILL. Ignoring.", u->id);
cfc4eb4c 1980 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
ba035df2 1981 }
034c6ed7
LP		 1982 break;
1983
1984 case SOCKET_STOP_PRE_SIGKILL:
ac155bb8 1985 log_warning("%s still around after SIGKILL. Ignoring.", u->id);
cfc4eb4c 1986 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 1987 break;
1988
1989 case SOCKET_STOP_POST:
ac155bb8 1990 log_warning("%s stopping timed out (2). Terminating.", u->id);
cfc4eb4c 1991 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 1992 break;
1993
80876c20 1994 case SOCKET_FINAL_SIGTERM:
ba035df2 1995 if (s->exec_context.send_sigkill) {
ac155bb8 1996 log_warning("%s stopping timed out (2). Killing.", u->id);
cfc4eb4c 1997 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
ba035df2 1998 } else {
ac155bb8 1999 log_warning("%s stopping timed out (2). Skipping SIGKILL. Ignoring.", u->id);
cfc4eb4c 2000 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
ba035df2 2001 }
034c6ed7
LP		 2002 break;
2003
80876c20 2004 case SOCKET_FINAL_SIGKILL:
ac155bb8 2005 log_warning("%s still around after SIGKILL (2). Entering failed mode.", u->id);
cfc4eb4c 2006 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2007 break;
2008
2009 default:
2010 assert_not_reached("Timeout at wrong time.");
2011 }
5cb5a6ff
LP		 2012}
2013
44d8db9e
LP		 2014int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
2015 int *rfds;
2016 unsigned rn_fds, k;
2017 SocketPort *p;
2018
2019 assert(s);
2020 assert(fds);
2021 assert(n_fds);
2022
2023 /* Called from the service code for requesting our fds */
2024
2025 rn_fds = 0;
2026 LIST_FOREACH(port, p, s->ports)
2027 if (p->fd >= 0)
2028 rn_fds++;
2029
de3756ab
LP		 2030 if (rn_fds <= 0) {
2031 *fds = NULL;
2032 *n_fds = 0;
2033 return 0;
2034 }
2035
e364ad06 2036 if (!(rfds = new(int, rn_fds)))
44d8db9e
LP		 2037 return -ENOMEM;
2038
2039 k = 0;
2040 LIST_FOREACH(port, p, s->ports)
2041 if (p->fd >= 0)
2042 rfds[k++] = p->fd;
2043
2044 assert(k == rn_fds);
2045
2046 *fds = rfds;
2047 *n_fds = rn_fds;
2048
2049 return 0;
2050}
2051
6bda96a0 2052void socket_notify_service_dead(Socket *s, bool failed_permanent) {
ceee3d82
LP		 2053 assert(s);
2054
6cf6bbc2
LP		 2055 /* The service is dead. Dang!
2056 *
2057 * This is strictly for one-instance-for-all-connections
2058 * services. */
ceee3d82
LP		 2059
2060 if (s->state == SOCKET_RUNNING) {
6bda96a0
LP		 2061 log_debug("%s got notified about service death (failed permanently: %s)", UNIT(s)->id, yes_no(failed_permanent));
2062 if (failed_permanent)
2063 socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT);
c2f34808
MS		 2064 else
2065 socket_enter_listening(s);
ceee3d82
LP		 2066 }
2067}
2068
6cf6bbc2
LP		 2069void socket_connection_unref(Socket *s) {
2070 assert(s);
2071
2072 /* The service is dead. Yay!
2073 *
35b8ca3a 2074 * This is strictly for one-instance-per-connection
6cf6bbc2
LP		 2075 * services. */
2076
2077 assert(s->n_connections > 0);
2078 s->n_connections--;
2079
1124fe6f 2080 log_debug("%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
6cf6bbc2
LP		 2081}
2082
fdf20a31 2083static void socket_reset_failed(Unit *u) {
5632e374
LP		 2084 Socket *s = SOCKET(u);
2085
2086 assert(s);
2087
fdf20a31 2088 if (s->state == SOCKET_FAILED)
5632e374
LP		 2089 socket_set_state(s, SOCKET_DEAD);
2090
cfc4eb4c 2091 s->result = SOCKET_SUCCESS;
5632e374
LP		 2092}
2093
8a0867d6
LP		 2094static int socket_kill(Unit *u, KillWho who, KillMode mode, int signo, DBusError *error) {
2095 Socket *s = SOCKET(u);
2096 int r = 0;
2097 Set *pid_set = NULL;
2098
2099 assert(s);
2100
2101 if (who == KILL_MAIN) {
2102 dbus_set_error(error, BUS_ERROR_NO_SUCH_PROCESS, "Socket units have no main processes");
a17204af 2103 return -ESRCH;
8a0867d6
LP		 2104 }
2105
2106 if (s->control_pid <= 0 && who == KILL_CONTROL) {
2107 dbus_set_error(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
a17204af 2108 return -ESRCH;
8a0867d6
LP		 2109 }
2110
3611581e
LP		 2111 if (who == KILL_CONTROL || who == KILL_ALL)
2112 if (s->control_pid > 0)
2113 if (kill(s->control_pid, signo) < 0)
2114 r = -errno;
8a0867d6 2115
3611581e 2116 if (who == KILL_ALL && mode == KILL_CONTROL_GROUP) {
8a0867d6
LP		 2117 int q;
2118
2119 if (!(pid_set = set_new(trivial_hash_func, trivial_compare_func)))
2120 return -ENOMEM;
2121
2122 /* Exclude the control pid from being killed via the cgroup */
2123 if (s->control_pid > 0)
2124 if ((q = set_put(pid_set, LONG_TO_PTR(s->control_pid))) < 0) {
2125 r = q;
2126 goto finish;
2127 }
2128
1124fe6f 2129 if ((q = cgroup_bonding_kill_list(UNIT(s)->cgroup_bondings, signo, false, pid_set)) < 0)
3611581e 2130 if (q != -EAGAIN && q != -ESRCH && q != -ENOENT)
8a0867d6
LP		 2131 r = q;
2132 }
2133
2134finish:
2135 if (pid_set)
2136 set_free(pid_set);
2137
2138 return r;
2139}
2140
a16e1123
LP		 2141static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2142 [SOCKET_DEAD] = "dead",
2143 [SOCKET_START_PRE] = "start-pre",
2144 [SOCKET_START_POST] = "start-post",
2145 [SOCKET_LISTENING] = "listening",
2146 [SOCKET_RUNNING] = "running",
2147 [SOCKET_STOP_PRE] = "stop-pre",
2148 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2149 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2150 [SOCKET_STOP_POST] = "stop-post",
2151 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2152 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
fdf20a31 2153 [SOCKET_FAILED] = "failed"
a16e1123
LP		 2154};
2155
2156DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2157
2158static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2159 [SOCKET_EXEC_START_PRE] = "StartPre",
2160 [SOCKET_EXEC_START_POST] = "StartPost",
2161 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2162 [SOCKET_EXEC_STOP_POST] = "StopPost"
2163};
2164
2165DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2166
cfc4eb4c
LP		 2167static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
2168 [SOCKET_SUCCESS] = "success",
2169 [SOCKET_FAILURE_RESOURCES] = "resources",
2170 [SOCKET_FAILURE_TIMEOUT] = "timeout",
2171 [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
2172 [SOCKET_FAILURE_SIGNAL] = "signal",
c2f34808 2173 [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
6bda96a0 2174 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT] = "service-failed-permanent"
cfc4eb4c
LP		 2175};
2176
2177DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
2178
87f0e418 2179const UnitVTable socket_vtable = {
5cb5a6ff 2180 .suffix = ".socket",
7d17cfbc 2181 .object_size = sizeof(Socket),
f975e971
LP		 2182 .sections =
2183 "Unit\0"
2184 "Socket\0"
2185 "Install\0",
5cb5a6ff 2186
034c6ed7
LP		 2187 .init = socket_init,
2188 .done = socket_done,
a16e1123
LP		 2189 .load = socket_load,
2190
8a0867d6
LP		 2191 .kill = socket_kill,
2192
a16e1123 2193 .coldplug = socket_coldplug,
034c6ed7 2194
5cb5a6ff
LP		 2195 .dump = socket_dump,
2196
542563ba
LP		 2197 .start = socket_start,
2198 .stop = socket_stop,
5cb5a6ff 2199
a16e1123
LP		 2200 .serialize = socket_serialize,
2201 .deserialize_item = socket_deserialize_item,
2202
5cb5a6ff 2203 .active_state = socket_active_state,
10a94420 2204 .sub_state_to_string = socket_sub_state_to_string,
5cb5a6ff 2205
6cf6bbc2
LP		 2206 .check_gc = socket_check_gc,
2207
9152c765 2208 .fd_event = socket_fd_event,
034c6ed7 2209 .sigchld_event = socket_sigchld_event,
4139c1b2
LP		 2210 .timer_event = socket_timer_event,
2211
fdf20a31 2212 .reset_failed = socket_reset_failed,
5632e374 2213
c4e2ceae
LP		 2214 .bus_interface = "org.freedesktop.systemd1.Socket",
2215 .bus_message_handler = bus_socket_message_handler,
2216 .bus_invalidating_properties = bus_socket_invalidating_properties
5cb5a6ff 2217};
Unnamed repository; edit this file 'description' to name the repository.