1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
3 Copyright © 2012 Holger Hans Peter Freyther
14 #include <sys/resource.h>
16 #include "sd-messages.h"
19 #include "all-units.h"
20 #include "alloc-util.h"
21 #include "bpf-firewall.h"
23 #include "bpf-program.h"
24 #include "bpf-socket-bind.h"
25 #include "bus-error.h"
26 #include "bus-internal.h"
29 #include "capability-util.h"
30 #include "cgroup-setup.h"
31 #include "conf-parser.h"
32 #include "core-varlink.h"
33 #include "cpu-set-util.h"
34 #include "creds-util.h"
36 #include "errno-list.h"
41 #include "hexdecoct.h"
43 #include "ip-protocol-list.h"
44 #include "journal-file.h"
45 #include "limits-util.h"
46 #include "load-fragment.h"
48 #include "missing_ioprio.h"
49 #include "mountpoint-util.h"
50 #include "nulstr-util.h"
51 #include "parse-socket-bind-item.h"
52 #include "parse-util.h"
53 #include "path-util.h"
54 #include "percent-util.h"
55 #include "process-util.h"
57 #include "seccomp-util.h"
59 #include "securebits-util.h"
60 #include "signal-util.h"
61 #include "socket-netlink.h"
62 #include "specifier.h"
63 #include "stat-util.h"
64 #include "string-util.h"
66 #include "syslog-util.h"
67 #include "time-util.h"
68 #include "unit-name.h"
69 #include "unit-printf.h"
70 #include "user-util.h"
74 static int parse_socket_protocol(const char *s
) {
77 r
= parse_ip_protocol(s
);
80 if (!IN_SET(r
, IPPROTO_UDPLITE
, IPPROTO_SCTP
))
81 return -EPROTONOSUPPORT
;
86 int parse_crash_chvt(const char *value
, int *data
) {
89 if (safe_atoi(value
, data
) >= 0)
92 b
= parse_boolean(value
);
97 *data
= 0; /* switch to where kmsg goes */
99 *data
= -1; /* turn off switching */
104 int parse_confirm_spawn(const char *value
, char **console
) {
108 r
= value
? parse_boolean(value
) : 1;
112 } else if (r
> 0) /* on with default tty */
113 s
= strdup("/dev/console");
114 else if (is_path(value
)) /* on with fully qualified path */
116 else /* on with only a tty file name, not a fully qualified path */
117 s
= path_join("/dev/", value
);
125 DEFINE_CONFIG_PARSE(config_parse_socket_protocol
, parse_socket_protocol
, "Failed to parse socket protocol");
126 DEFINE_CONFIG_PARSE(config_parse_exec_secure_bits
, secure_bits_from_string
, "Failed to parse secure bits");
127 DEFINE_CONFIG_PARSE_ENUM(config_parse_collect_mode
, collect_mode
, CollectMode
, "Failed to parse garbage collection mode");
128 DEFINE_CONFIG_PARSE_ENUM(config_parse_device_policy
, cgroup_device_policy
, CGroupDevicePolicy
, "Failed to parse device policy");
129 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_keyring_mode
, exec_keyring_mode
, ExecKeyringMode
, "Failed to parse keyring mode");
130 DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_proc
, protect_proc
, ProtectProc
, "Failed to parse /proc/ protection mode");
131 DEFINE_CONFIG_PARSE_ENUM(config_parse_proc_subset
, proc_subset
, ProcSubset
, "Failed to parse /proc/ subset mode");
132 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_utmp_mode
, exec_utmp_mode
, ExecUtmpMode
, "Failed to parse utmp mode");
133 DEFINE_CONFIG_PARSE_ENUM(config_parse_job_mode
, job_mode
, JobMode
, "Failed to parse job mode");
134 DEFINE_CONFIG_PARSE_ENUM(config_parse_notify_access
, notify_access
, NotifyAccess
, "Failed to parse notify access specifier");
135 DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_home
, protect_home
, ProtectHome
, "Failed to parse protect home value");
136 DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_system
, protect_system
, ProtectSystem
, "Failed to parse protect system value");
137 DEFINE_CONFIG_PARSE_ENUM(config_parse_runtime_preserve_mode
, exec_preserve_mode
, ExecPreserveMode
, "Failed to parse runtime directory preserve mode");
138 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_type
, service_type
, ServiceType
, "Failed to parse service type");
139 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_restart
, service_restart
, ServiceRestart
, "Failed to parse service restart specifier");
140 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_timeout_failure_mode
, service_timeout_failure_mode
, ServiceTimeoutFailureMode
, "Failed to parse timeout failure mode");
141 DEFINE_CONFIG_PARSE_ENUM(config_parse_socket_bind
, socket_address_bind_ipv6_only_or_bool
, SocketAddressBindIPv6Only
, "Failed to parse bind IPv6 only value");
142 DEFINE_CONFIG_PARSE_ENUM(config_parse_oom_policy
, oom_policy
, OOMPolicy
, "Failed to parse OOM policy");
143 DEFINE_CONFIG_PARSE_ENUM(config_parse_managed_oom_preference
, managed_oom_preference
, ManagedOOMPreference
, "Failed to parse ManagedOOMPreference=");
144 DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_ip_tos
, ip_tos
, int, -1, "Failed to parse IP TOS value");
145 DEFINE_CONFIG_PARSE_PTR(config_parse_blockio_weight
, cg_blkio_weight_parse
, uint64_t, "Invalid block IO weight");
146 DEFINE_CONFIG_PARSE_PTR(config_parse_cg_weight
, cg_weight_parse
, uint64_t, "Invalid weight");
147 DEFINE_CONFIG_PARSE_PTR(config_parse_cpu_shares
, cg_cpu_shares_parse
, uint64_t, "Invalid CPU shares");
148 DEFINE_CONFIG_PARSE_PTR(config_parse_exec_mount_flags
, mount_propagation_flags_from_string
, unsigned long, "Failed to parse mount flag");
149 DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_numa_policy
, mpol
, int, -1, "Invalid NUMA policy type");
150 DEFINE_CONFIG_PARSE_ENUM(config_parse_status_unit_format
, status_unit_format
, StatusUnitFormat
, "Failed to parse status unit format");
151 DEFINE_CONFIG_PARSE_ENUM_FULL(config_parse_socket_timestamping
, socket_timestamping_from_string_harder
, SocketTimestamping
, "Failed to parse timestamping precision");
153 int config_parse_unit_deps(
155 const char *filename
,
158 unsigned section_line
,
165 UnitDependency d
= ltype
;
172 for (const char *p
= rvalue
;;) {
173 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
176 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_RETAIN_ESCAPE
);
182 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid syntax, ignoring: %s", rvalue
);
186 r
= unit_name_printf(u
, word
, &k
);
188 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", word
);
192 r
= unit_add_dependency_by_name(u
, d
, k
, true, UNIT_DEPENDENCY_FILE
);
194 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to add dependency on %s, ignoring: %m", k
);
198 int config_parse_obsolete_unit_deps(
200 const char *filename
,
203 unsigned section_line
,
210 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
211 "Unit dependency type %s= is obsolete, replacing by %s=, please update your unit file", lvalue
, unit_dependency_to_string(ltype
));
213 return config_parse_unit_deps(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, rvalue
, data
, userdata
);
216 int config_parse_unit_string_printf(
218 const char *filename
,
221 unsigned section_line
,
228 _cleanup_free_
char *k
= NULL
;
229 const Unit
*u
= userdata
;
237 r
= unit_full_printf(u
, rvalue
, &k
);
239 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
243 return config_parse_string(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, k
, data
, userdata
);
246 int config_parse_unit_strv_printf(
248 const char *filename
,
251 unsigned section_line
,
258 const Unit
*u
= userdata
;
259 _cleanup_free_
char *k
= NULL
;
267 r
= unit_full_printf(u
, rvalue
, &k
);
269 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
273 return config_parse_strv(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, k
, data
, userdata
);
276 int config_parse_unit_path_printf(
278 const char *filename
,
281 unsigned section_line
,
288 _cleanup_free_
char *k
= NULL
;
289 const Unit
*u
= userdata
;
298 r
= unit_path_printf(u
, rvalue
, &k
);
300 log_syntax(unit
, fatal
? LOG_ERR
: LOG_WARNING
, filename
, line
, r
,
301 "Failed to resolve unit specifiers in '%s'%s: %m",
302 rvalue
, fatal
? "" : ", ignoring");
303 return fatal
? -ENOEXEC
: 0;
306 return config_parse_path(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, k
, data
, userdata
);
309 int config_parse_colon_separated_paths(
311 const char *filename
,
314 unsigned section_line
,
321 const Unit
*u
= userdata
;
329 if (isempty(rvalue
)) {
330 /* Empty assignment resets the list */
331 *sv
= strv_free(*sv
);
335 for (const char *p
= rvalue
;;) {
336 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
338 r
= extract_first_word(&p
, &word
, ":", EXTRACT_DONT_COALESCE_SEPARATORS
);
342 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to extract first word, ignoring: %s", rvalue
);
348 r
= unit_path_printf(u
, word
, &k
);
350 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
351 "Failed to resolve unit specifiers in '%s', ignoring: %m", word
);
355 r
= path_simplify_and_warn(k
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
359 r
= strv_consume(sv
, TAKE_PTR(k
));
367 int config_parse_unit_path_strv_printf(
369 const char *filename
,
372 unsigned section_line
,
380 const Unit
*u
= userdata
;
388 if (isempty(rvalue
)) {
393 for (const char *p
= rvalue
;;) {
394 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
396 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
402 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
403 "Invalid syntax, ignoring: %s", rvalue
);
407 r
= unit_path_printf(u
, word
, &k
);
409 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
410 "Failed to resolve unit specifiers in '%s', ignoring: %m", word
);
414 r
= path_simplify_and_warn(k
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
418 r
= strv_consume(x
, TAKE_PTR(k
));
424 static int patch_var_run(
426 const char *filename
,
434 e
= path_startswith(*path
, "/var/run/");
438 z
= path_join("/run/", e
);
442 log_syntax(unit
, LOG_NOTICE
, filename
, line
, 0,
443 "%s= references a path below legacy directory /var/run/, updating %s → %s; "
444 "please update the unit file accordingly.", lvalue
, *path
, z
);
446 free_and_replace(*path
, z
);
451 int config_parse_socket_listen(
453 const char *filename
,
456 unsigned section_line
,
463 _cleanup_free_ SocketPort
*p
= NULL
;
475 if (isempty(rvalue
)) {
476 /* An empty assignment removes all ports */
477 socket_free_ports(s
);
481 p
= new0(SocketPort
, 1);
485 if (ltype
!= SOCKET_SOCKET
) {
486 _cleanup_free_
char *k
= NULL
;
488 r
= unit_path_printf(UNIT(s
), rvalue
, &k
);
490 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
494 r
= path_simplify_and_warn(k
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
498 if (ltype
== SOCKET_FIFO
) {
499 r
= patch_var_run(unit
, filename
, line
, lvalue
, &k
);
504 free_and_replace(p
->path
, k
);
507 } else if (streq(lvalue
, "ListenNetlink")) {
508 _cleanup_free_
char *k
= NULL
;
510 r
= unit_path_printf(UNIT(s
), rvalue
, &k
);
512 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
516 r
= socket_address_parse_netlink(&p
->address
, k
);
518 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse address value in '%s', ignoring: %m", k
);
522 p
->type
= SOCKET_SOCKET
;
525 _cleanup_free_
char *k
= NULL
;
527 r
= unit_path_printf(UNIT(s
), rvalue
, &k
);
529 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
533 if (k
[0] == '/') { /* Only for AF_UNIX file system sockets… */
534 r
= patch_var_run(unit
, filename
, line
, lvalue
, &k
);
539 r
= socket_address_parse_and_warn(&p
->address
, k
);
541 if (r
!= -EAFNOSUPPORT
)
542 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse address value in '%s', ignoring: %m", k
);
546 if (streq(lvalue
, "ListenStream"))
547 p
->address
.type
= SOCK_STREAM
;
548 else if (streq(lvalue
, "ListenDatagram"))
549 p
->address
.type
= SOCK_DGRAM
;
551 assert(streq(lvalue
, "ListenSequentialPacket"));
552 p
->address
.type
= SOCK_SEQPACKET
;
555 if (socket_address_family(&p
->address
) != AF_LOCAL
&& p
->address
.type
== SOCK_SEQPACKET
) {
556 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Address family not supported, ignoring: %s", rvalue
);
560 p
->type
= SOCKET_SOCKET
;
564 p
->auxiliary_fds
= NULL
;
565 p
->n_auxiliary_fds
= 0;
568 LIST_FIND_TAIL(port
, s
->ports
, tail
);
569 LIST_INSERT_AFTER(port
, s
->ports
, tail
, p
);
576 int config_parse_exec_nice(
578 const char *filename
,
581 unsigned section_line
,
588 ExecContext
*c
= data
;
596 if (isempty(rvalue
)) {
601 r
= parse_nice(rvalue
, &priority
);
604 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Nice priority out of range, ignoring: %s", rvalue
);
606 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse nice priority '%s', ignoring: %m", rvalue
);
616 int config_parse_exec_oom_score_adjust(
618 const char *filename
,
621 unsigned section_line
,
628 ExecContext
*c
= data
;
636 if (isempty(rvalue
)) {
637 c
->oom_score_adjust_set
= false;
641 r
= parse_oom_score_adjust(rvalue
, &oa
);
644 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "OOM score adjust value out of range, ignoring: %s", rvalue
);
646 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse the OOM score adjust value '%s', ignoring: %m", rvalue
);
650 c
->oom_score_adjust
= oa
;
651 c
->oom_score_adjust_set
= true;
656 int config_parse_exec_coredump_filter(
658 const char *filename
,
661 unsigned section_line
,
668 ExecContext
*c
= data
;
676 if (isempty(rvalue
)) {
677 c
->coredump_filter
= 0;
678 c
->coredump_filter_set
= false;
683 r
= coredump_filter_mask_from_string(rvalue
, &f
);
685 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
686 "Failed to parse the CoredumpFilter=%s, ignoring: %m", rvalue
);
690 c
->coredump_filter
|= f
;
691 c
->oom_score_adjust_set
= true;
695 int config_parse_kill_mode(
697 const char *filename
,
700 unsigned section_line
,
707 KillMode
*k
= data
, m
;
714 if (isempty(rvalue
)) {
715 *k
= KILL_CONTROL_GROUP
;
719 m
= kill_mode_from_string(rvalue
);
721 log_syntax(unit
, LOG_WARNING
, filename
, line
, m
,
722 "Failed to parse kill mode specification, ignoring: %s", rvalue
);
727 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
728 "Unit configured to use KillMode=none. "
729 "This is unsafe, as it disables systemd's process lifecycle management for the service. "
730 "Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'. "
731 "Support for KillMode=none is deprecated and will eventually be removed.");
737 int config_parse_exec(
739 const char *filename
,
742 unsigned section_line
,
749 ExecCommand
**e
= data
;
750 const Unit
*u
= userdata
;
762 if (isempty(rvalue
)) {
763 /* An empty assignment resets the list */
764 *e
= exec_command_free_list(*e
);
770 _cleanup_free_
char *path
= NULL
, *firstword
= NULL
;
771 ExecCommandFlags flags
= 0;
772 bool ignore
= false, separate_argv0
= false;
773 _cleanup_free_ ExecCommand
*nce
= NULL
;
774 _cleanup_strv_free_
char **n
= NULL
;
780 r
= extract_first_word_and_warn(&p
, &firstword
, NULL
, EXTRACT_UNQUOTE
|EXTRACT_CUNESCAPE
, unit
, filename
, line
, rvalue
);
784 /* A lone ";" is a separator. Let's make sure we don't treat it as an executable name. */
785 if (streq(firstword
, ";")) {
792 /* We accept an absolute path as first argument. If it's prefixed with - and the path doesn't
793 * exist, we ignore it instead of erroring out; if it's prefixed with @, we allow overriding of
794 * argv[0]; if it's prefixed with :, we will not do environment variable substitution;
795 * if it's prefixed with +, it will be run with full privileges and no sandboxing; if
796 * it's prefixed with '!' we apply sandboxing, but do not change user/group credentials; if
797 * it's prefixed with '!!', then we apply user/group credentials if the kernel supports ambient
798 * capabilities -- if it doesn't we don't apply the credentials themselves, but do apply most
799 * other sandboxing, with some special exceptions for changing UID.
801 * The idea is that '!!' may be used to write services that can take benefit of systemd's
802 * UID/GID dropping if the kernel supports ambient creds, but provide an automatic fallback to
803 * privilege dropping within the daemon if the kernel does not offer that. */
805 if (*f
== '-' && !(flags
& EXEC_COMMAND_IGNORE_FAILURE
)) {
806 flags
|= EXEC_COMMAND_IGNORE_FAILURE
;
808 } else if (*f
== '@' && !separate_argv0
)
809 separate_argv0
= true;
810 else if (*f
== ':' && !(flags
& EXEC_COMMAND_NO_ENV_EXPAND
))
811 flags
|= EXEC_COMMAND_NO_ENV_EXPAND
;
812 else if (*f
== '+' && !(flags
& (EXEC_COMMAND_FULLY_PRIVILEGED
|EXEC_COMMAND_NO_SETUID
|EXEC_COMMAND_AMBIENT_MAGIC
)))
813 flags
|= EXEC_COMMAND_FULLY_PRIVILEGED
;
814 else if (*f
== '!' && !(flags
& (EXEC_COMMAND_FULLY_PRIVILEGED
|EXEC_COMMAND_NO_SETUID
|EXEC_COMMAND_AMBIENT_MAGIC
)))
815 flags
|= EXEC_COMMAND_NO_SETUID
;
816 else if (*f
== '!' && !(flags
& (EXEC_COMMAND_FULLY_PRIVILEGED
|EXEC_COMMAND_AMBIENT_MAGIC
))) {
817 flags
&= ~EXEC_COMMAND_NO_SETUID
;
818 flags
|= EXEC_COMMAND_AMBIENT_MAGIC
;
824 r
= unit_path_printf(u
, f
, &path
);
826 log_syntax(unit
, ignore
? LOG_WARNING
: LOG_ERR
, filename
, line
, r
,
827 "Failed to resolve unit specifiers in '%s'%s: %m",
828 f
, ignore
? ", ignoring" : "");
829 return ignore
? 0 : -ENOEXEC
;
833 /* First word is either "-" or "@" with no command. */
834 log_syntax(unit
, ignore
? LOG_WARNING
: LOG_ERR
, filename
, line
, 0,
835 "Empty path in command line%s: '%s'",
836 ignore
? ", ignoring" : "", rvalue
);
837 return ignore
? 0 : -ENOEXEC
;
839 if (!string_is_safe(path
)) {
840 log_syntax(unit
, ignore
? LOG_WARNING
: LOG_ERR
, filename
, line
, 0,
841 "Executable name contains special characters%s: %s",
842 ignore
? ", ignoring" : "", path
);
843 return ignore
? 0 : -ENOEXEC
;
845 if (endswith(path
, "/")) {
846 log_syntax(unit
, ignore
? LOG_WARNING
: LOG_ERR
, filename
, line
, 0,
847 "Executable path specifies a directory%s: %s",
848 ignore
? ", ignoring" : "", path
);
849 return ignore
? 0 : -ENOEXEC
;
852 if (!(path_is_absolute(path
) ? path_is_valid(path
) : filename_is_valid(path
))) {
853 log_syntax(unit
, ignore
? LOG_WARNING
: LOG_ERR
, filename
, line
, 0,
854 "Neither a valid executable name nor an absolute path%s: %s",
855 ignore
? ", ignoring" : "", path
);
856 return ignore
? 0 : -ENOEXEC
;
859 if (!separate_argv0
) {
862 if (!GREEDY_REALLOC0(n
, nlen
+ 2))
874 while (!isempty(p
)) {
875 _cleanup_free_
char *word
= NULL
, *resolved
= NULL
;
877 /* Check explicitly for an unquoted semicolon as
878 * command separator token. */
879 if (p
[0] == ';' && (!p
[1] || strchr(WHITESPACE
, p
[1]))) {
881 p
+= strspn(p
, WHITESPACE
);
886 /* Check for \; explicitly, to not confuse it with \\; or "\;" or "\\;" etc.
887 * extract_first_word() would return the same for all of those. */
888 if (p
[0] == '\\' && p
[1] == ';' && (!p
[2] || strchr(WHITESPACE
, p
[2]))) {
892 p
+= strspn(p
, WHITESPACE
);
894 if (!GREEDY_REALLOC0(n
, nlen
+ 2))
905 r
= extract_first_word_and_warn(&p
, &word
, NULL
, EXTRACT_UNQUOTE
|EXTRACT_CUNESCAPE
, unit
, filename
, line
, rvalue
);
909 return ignore
? 0 : -ENOEXEC
;
911 r
= unit_path_printf(u
, word
, &resolved
);
913 log_syntax(unit
, ignore
? LOG_WARNING
: LOG_ERR
, filename
, line
, r
,
914 "Failed to resolve unit specifiers in %s%s: %m",
915 word
, ignore
? ", ignoring" : "");
916 return ignore
? 0 : -ENOEXEC
;
919 if (!GREEDY_REALLOC(n
, nlen
+ 2))
922 n
[nlen
++] = TAKE_PTR(resolved
);
927 log_syntax(unit
, ignore
? LOG_WARNING
: LOG_ERR
, filename
, line
, 0,
928 "Empty executable name or zeroeth argument%s: %s",
929 ignore
? ", ignoring" : "", rvalue
);
930 return ignore
? 0 : -ENOEXEC
;
933 nce
= new0(ExecCommand
, 1);
937 nce
->argv
= TAKE_PTR(n
);
938 nce
->path
= TAKE_PTR(path
);
941 exec_command_append_list(e
, nce
);
943 /* Do not _cleanup_free_ these. */
952 int config_parse_socket_bindtodevice(
954 const char *filename
,
957 unsigned section_line
,
971 if (isempty(rvalue
) || streq(rvalue
, "*")) {
972 s
->bind_to_device
= mfree(s
->bind_to_device
);
976 if (!ifname_valid(rvalue
)) {
977 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Invalid interface name, ignoring: %s", rvalue
);
981 return free_and_strdup_warn(&s
->bind_to_device
, rvalue
);
984 int config_parse_exec_input(
986 const char *filename
,
989 unsigned section_line
,
996 ExecContext
*c
= data
;
997 const Unit
*u
= userdata
;
1007 n
= startswith(rvalue
, "fd:");
1009 _cleanup_free_
char *resolved
= NULL
;
1011 r
= unit_fd_printf(u
, n
, &resolved
);
1013 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", n
);
1017 if (isempty(resolved
))
1018 resolved
= mfree(resolved
);
1019 else if (!fdname_is_valid(resolved
)) {
1020 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Invalid file descriptor name, ignoring: %s", resolved
);
1024 free_and_replace(c
->stdio_fdname
[STDIN_FILENO
], resolved
);
1026 ei
= EXEC_INPUT_NAMED_FD
;
1028 } else if ((n
= startswith(rvalue
, "file:"))) {
1029 _cleanup_free_
char *resolved
= NULL
;
1031 r
= unit_path_printf(u
, n
, &resolved
);
1033 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", n
);
1037 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
| PATH_CHECK_FATAL
, unit
, filename
, line
, lvalue
);
1041 free_and_replace(c
->stdio_file
[STDIN_FILENO
], resolved
);
1043 ei
= EXEC_INPUT_FILE
;
1046 ei
= exec_input_from_string(rvalue
);
1048 log_syntax(unit
, LOG_WARNING
, filename
, line
, ei
, "Failed to parse input specifier, ignoring: %s", rvalue
);
1057 int config_parse_exec_input_text(
1059 const char *filename
,
1061 const char *section
,
1062 unsigned section_line
,
1069 _cleanup_free_
char *unescaped
= NULL
, *resolved
= NULL
;
1070 ExecContext
*c
= data
;
1071 const Unit
*u
= userdata
;
1079 if (isempty(rvalue
)) {
1080 /* Reset if the empty string is assigned */
1081 c
->stdin_data
= mfree(c
->stdin_data
);
1082 c
->stdin_data_size
= 0;
1086 ssize_t l
= cunescape(rvalue
, 0, &unescaped
);
1088 log_syntax(unit
, LOG_WARNING
, filename
, line
, l
,
1089 "Failed to decode C escaped text '%s', ignoring: %m", rvalue
);
1093 r
= unit_full_printf_full(u
, unescaped
, EXEC_STDIN_DATA_MAX
, &resolved
);
1095 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
1096 "Failed to resolve unit specifiers in '%s', ignoring: %m", unescaped
);
1100 size_t sz
= strlen(resolved
);
1101 if (c
->stdin_data_size
+ sz
+ 1 < c
->stdin_data_size
|| /* check for overflow */
1102 c
->stdin_data_size
+ sz
+ 1 > EXEC_STDIN_DATA_MAX
) {
1103 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
1104 "Standard input data too large (%zu), maximum of %zu permitted, ignoring.",
1105 c
->stdin_data_size
+ sz
, (size_t) EXEC_STDIN_DATA_MAX
);
1109 void *p
= realloc(c
->stdin_data
, c
->stdin_data_size
+ sz
+ 1);
1113 *((char*) mempcpy((char*) p
+ c
->stdin_data_size
, resolved
, sz
)) = '\n';
1116 c
->stdin_data_size
+= sz
+ 1;
1121 int config_parse_exec_input_data(
1123 const char *filename
,
1125 const char *section
,
1126 unsigned section_line
,
1133 _cleanup_free_
void *p
= NULL
;
1134 ExecContext
*c
= data
;
1144 if (isempty(rvalue
)) {
1145 /* Reset if the empty string is assigned */
1146 c
->stdin_data
= mfree(c
->stdin_data
);
1147 c
->stdin_data_size
= 0;
1151 r
= unbase64mem(rvalue
, SIZE_MAX
, &p
, &sz
);
1153 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
1154 "Failed to decode base64 data, ignoring: %s", rvalue
);
1160 if (c
->stdin_data_size
+ sz
< c
->stdin_data_size
|| /* check for overflow */
1161 c
->stdin_data_size
+ sz
> EXEC_STDIN_DATA_MAX
) {
1162 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
1163 "Standard input data too large (%zu), maximum of %zu permitted, ignoring.",
1164 c
->stdin_data_size
+ sz
, (size_t) EXEC_STDIN_DATA_MAX
);
1168 q
= realloc(c
->stdin_data
, c
->stdin_data_size
+ sz
);
1172 memcpy((uint8_t*) q
+ c
->stdin_data_size
, p
, sz
);
1175 c
->stdin_data_size
+= sz
;
1180 int config_parse_exec_output(
1182 const char *filename
,
1184 const char *section
,
1185 unsigned section_line
,
1192 _cleanup_free_
char *resolved
= NULL
;
1194 ExecContext
*c
= data
;
1195 const Unit
*u
= userdata
;
1196 bool obsolete
= false;
1206 n
= startswith(rvalue
, "fd:");
1208 r
= unit_fd_printf(u
, n
, &resolved
);
1210 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", n
);
1214 if (isempty(resolved
))
1215 resolved
= mfree(resolved
);
1216 else if (!fdname_is_valid(resolved
)) {
1217 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Invalid file descriptor name, ignoring: %s", resolved
);
1221 eo
= EXEC_OUTPUT_NAMED_FD
;
1223 } else if (streq(rvalue
, "syslog")) {
1224 eo
= EXEC_OUTPUT_JOURNAL
;
1227 } else if (streq(rvalue
, "syslog+console")) {
1228 eo
= EXEC_OUTPUT_JOURNAL_AND_CONSOLE
;
1231 } else if ((n
= startswith(rvalue
, "file:"))) {
1233 r
= unit_path_printf(u
, n
, &resolved
);
1235 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", n
);
1239 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
| PATH_CHECK_FATAL
, unit
, filename
, line
, lvalue
);
1243 eo
= EXEC_OUTPUT_FILE
;
1245 } else if ((n
= startswith(rvalue
, "append:"))) {
1247 r
= unit_path_printf(u
, n
, &resolved
);
1249 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", n
);
1253 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
| PATH_CHECK_FATAL
, unit
, filename
, line
, lvalue
);
1257 eo
= EXEC_OUTPUT_FILE_APPEND
;
1259 } else if ((n
= startswith(rvalue
, "truncate:"))) {
1261 r
= unit_path_printf(u
, n
, &resolved
);
1263 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", n
);
1267 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
| PATH_CHECK_FATAL
, unit
, filename
, line
, lvalue
);
1271 eo
= EXEC_OUTPUT_FILE_TRUNCATE
;
1273 eo
= exec_output_from_string(rvalue
);
1275 log_syntax(unit
, LOG_WARNING
, filename
, line
, eo
, "Failed to parse output specifier, ignoring: %s", rvalue
);
1281 log_syntax(unit
, LOG_NOTICE
, filename
, line
, 0,
1282 "Standard output type %s is obsolete, automatically updating to %s. Please update your unit file, and consider removing the setting altogether.",
1283 rvalue
, exec_output_to_string(eo
));
1285 if (streq(lvalue
, "StandardOutput")) {
1286 if (eo
== EXEC_OUTPUT_NAMED_FD
)
1287 free_and_replace(c
->stdio_fdname
[STDOUT_FILENO
], resolved
);
1289 free_and_replace(c
->stdio_file
[STDOUT_FILENO
], resolved
);
1294 assert(streq(lvalue
, "StandardError"));
1296 if (eo
== EXEC_OUTPUT_NAMED_FD
)
1297 free_and_replace(c
->stdio_fdname
[STDERR_FILENO
], resolved
);
1299 free_and_replace(c
->stdio_file
[STDERR_FILENO
], resolved
);
1307 int config_parse_exec_io_class(const char *unit
,
1308 const char *filename
,
1310 const char *section
,
1311 unsigned section_line
,
1318 ExecContext
*c
= data
;
1326 if (isempty(rvalue
)) {
1327 c
->ioprio_set
= false;
1328 c
->ioprio
= ioprio_prio_value(IOPRIO_CLASS_BE
, 0);
1332 x
= ioprio_class_from_string(rvalue
);
1334 log_syntax(unit
, LOG_WARNING
, filename
, line
, x
, "Failed to parse IO scheduling class, ignoring: %s", rvalue
);
1338 c
->ioprio
= ioprio_prio_value(x
, ioprio_prio_data(c
->ioprio
));
1339 c
->ioprio_set
= true;
1344 int config_parse_exec_io_priority(const char *unit
,
1345 const char *filename
,
1347 const char *section
,
1348 unsigned section_line
,
1355 ExecContext
*c
= data
;
1363 if (isempty(rvalue
)) {
1364 c
->ioprio_set
= false;
1365 c
->ioprio
= ioprio_prio_value(IOPRIO_CLASS_BE
, 0);
1369 r
= ioprio_parse_priority(rvalue
, &i
);
1371 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse IO priority, ignoring: %s", rvalue
);
1375 c
->ioprio
= ioprio_prio_value(ioprio_prio_class(c
->ioprio
), i
);
1376 c
->ioprio_set
= true;
1381 int config_parse_exec_cpu_sched_policy(const char *unit
,
1382 const char *filename
,
1384 const char *section
,
1385 unsigned section_line
,
1392 ExecContext
*c
= data
;
1400 if (isempty(rvalue
)) {
1401 c
->cpu_sched_set
= false;
1402 c
->cpu_sched_policy
= SCHED_OTHER
;
1403 c
->cpu_sched_priority
= 0;
1407 x
= sched_policy_from_string(rvalue
);
1409 log_syntax(unit
, LOG_WARNING
, filename
, line
, x
, "Failed to parse CPU scheduling policy, ignoring: %s", rvalue
);
1413 c
->cpu_sched_policy
= x
;
1414 /* Moving to or from real-time policy? We need to adjust the priority */
1415 c
->cpu_sched_priority
= CLAMP(c
->cpu_sched_priority
, sched_get_priority_min(x
), sched_get_priority_max(x
));
1416 c
->cpu_sched_set
= true;
1421 int config_parse_exec_mount_apivfs(const char *unit
,
1422 const char *filename
,
1424 const char *section
,
1425 unsigned section_line
,
1432 ExecContext
*c
= data
;
1440 if (isempty(rvalue
)) {
1441 c
->mount_apivfs_set
= false;
1442 c
->mount_apivfs
= false;
1446 k
= parse_boolean(rvalue
);
1448 log_syntax(unit
, LOG_WARNING
, filename
, line
, k
,
1449 "Failed to parse boolean value, ignoring: %s",
1454 c
->mount_apivfs_set
= true;
1455 c
->mount_apivfs
= k
;
1459 int config_parse_numa_mask(const char *unit
,
1460 const char *filename
,
1462 const char *section
,
1463 unsigned section_line
,
1470 NUMAPolicy
*p
= data
;
1477 if (streq(rvalue
, "all")) {
1478 r
= numa_mask_add_all(&p
->nodes
);
1480 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
1481 "Failed to create NUMA mask representing \"all\" NUMA nodes, ignoring: %m");
1483 r
= parse_cpu_set_extend(rvalue
, &p
->nodes
, true, unit
, filename
, line
, lvalue
);
1485 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse NUMA node mask, ignoring: %s", rvalue
);
1491 int config_parse_exec_cpu_sched_prio(const char *unit
,
1492 const char *filename
,
1494 const char *section
,
1495 unsigned section_line
,
1502 ExecContext
*c
= data
;
1510 r
= safe_atoi(rvalue
, &i
);
1512 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse CPU scheduling priority, ignoring: %s", rvalue
);
1516 /* On Linux RR/FIFO range from 1 to 99 and OTHER/BATCH may only be 0 */
1517 min
= sched_get_priority_min(c
->cpu_sched_policy
);
1518 max
= sched_get_priority_max(c
->cpu_sched_policy
);
1520 if (i
< min
|| i
> max
) {
1521 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "CPU scheduling priority is out of range, ignoring: %s", rvalue
);
1525 c
->cpu_sched_priority
= i
;
1526 c
->cpu_sched_set
= true;
1531 int config_parse_root_image_options(
1533 const char *filename
,
1535 const char *section
,
1536 unsigned section_line
,
1543 _cleanup_(mount_options_free_allp
) MountOptions
*options
= NULL
;
1544 _cleanup_strv_free_
char **l
= NULL
;
1545 char **first
= NULL
, **second
= NULL
;
1546 ExecContext
*c
= data
;
1547 const Unit
*u
= userdata
;
1555 if (isempty(rvalue
)) {
1556 c
->root_image_options
= mount_options_free_all(c
->root_image_options
);
1560 r
= strv_split_colon_pairs(&l
, rvalue
);
1564 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse %s, ignoring: %s", lvalue
, rvalue
);
1568 STRV_FOREACH_PAIR(first
, second
, l
) {
1569 MountOptions
*o
= NULL
;
1570 _cleanup_free_
char *mount_options_resolved
= NULL
;
1571 const char *mount_options
= NULL
, *partition
= "root";
1572 PartitionDesignator partition_designator
;
1574 /* Format is either 'root:foo' or 'foo' (root is implied) */
1575 if (!isempty(*second
)) {
1577 mount_options
= *second
;
1579 mount_options
= *first
;
1581 partition_designator
= partition_designator_from_string(partition
);
1582 if (partition_designator
< 0) {
1583 log_syntax(unit
, LOG_WARNING
, filename
, line
, partition_designator
,
1584 "Invalid partition name %s, ignoring", partition
);
1587 r
= unit_full_printf(u
, mount_options
, &mount_options_resolved
);
1589 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", mount_options
);
1593 o
= new(MountOptions
, 1);
1596 *o
= (MountOptions
) {
1597 .partition_designator
= partition_designator
,
1598 .options
= TAKE_PTR(mount_options_resolved
),
1600 LIST_APPEND(mount_options
, options
, TAKE_PTR(o
));
1603 /* empty spaces/separators only */
1604 if (LIST_IS_EMPTY(options
))
1605 c
->root_image_options
= mount_options_free_all(c
->root_image_options
);
1607 LIST_JOIN(mount_options
, c
->root_image_options
, options
);
1612 int config_parse_exec_root_hash(
1614 const char *filename
,
1616 const char *section
,
1617 unsigned section_line
,
1624 _cleanup_free_
void *roothash_decoded
= NULL
;
1625 ExecContext
*c
= data
;
1626 size_t roothash_decoded_size
= 0;
1634 if (isempty(rvalue
)) {
1635 /* Reset if the empty string is assigned */
1636 c
->root_hash_path
= mfree(c
->root_hash_path
);
1637 c
->root_hash
= mfree(c
->root_hash
);
1638 c
->root_hash_size
= 0;
1642 if (path_is_absolute(rvalue
)) {
1643 /* We have the path to a roothash to load and decode, eg: RootHash=/foo/bar.roothash */
1644 _cleanup_free_
char *p
= NULL
;
1650 free_and_replace(c
->root_hash_path
, p
);
1651 c
->root_hash
= mfree(c
->root_hash
);
1652 c
->root_hash_size
= 0;
1656 /* We have a roothash to decode, eg: RootHash=012345789abcdef */
1657 r
= unhexmem(rvalue
, strlen(rvalue
), &roothash_decoded
, &roothash_decoded_size
);
1659 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to decode RootHash=, ignoring: %s", rvalue
);
1662 if (roothash_decoded_size
< sizeof(sd_id128_t
)) {
1663 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "RootHash= is too short, ignoring: %s", rvalue
);
1667 free_and_replace(c
->root_hash
, roothash_decoded
);
1668 c
->root_hash_size
= roothash_decoded_size
;
1669 c
->root_hash_path
= mfree(c
->root_hash_path
);
1674 int config_parse_exec_root_hash_sig(
1676 const char *filename
,
1678 const char *section
,
1679 unsigned section_line
,
1686 _cleanup_free_
void *roothash_sig_decoded
= NULL
;
1688 ExecContext
*c
= data
;
1689 size_t roothash_sig_decoded_size
= 0;
1697 if (isempty(rvalue
)) {
1698 /* Reset if the empty string is assigned */
1699 c
->root_hash_sig_path
= mfree(c
->root_hash_sig_path
);
1700 c
->root_hash_sig
= mfree(c
->root_hash_sig
);
1701 c
->root_hash_sig_size
= 0;
1705 if (path_is_absolute(rvalue
)) {
1706 /* We have the path to a roothash signature to load and decode, eg: RootHashSignature=/foo/bar.roothash.p7s */
1707 _cleanup_free_
char *p
= NULL
;
1713 free_and_replace(c
->root_hash_sig_path
, p
);
1714 c
->root_hash_sig
= mfree(c
->root_hash_sig
);
1715 c
->root_hash_sig_size
= 0;
1719 if (!(value
= startswith(rvalue
, "base64:"))) {
1720 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
1721 "Failed to decode RootHashSignature=, not a path but doesn't start with 'base64:', ignoring: %s", rvalue
);
1725 /* We have a roothash signature to decode, eg: RootHashSignature=base64:012345789abcdef */
1726 r
= unbase64mem(value
, strlen(value
), &roothash_sig_decoded
, &roothash_sig_decoded_size
);
1728 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to decode RootHashSignature=, ignoring: %s", rvalue
);
1732 free_and_replace(c
->root_hash_sig
, roothash_sig_decoded
);
1733 c
->root_hash_sig_size
= roothash_sig_decoded_size
;
1734 c
->root_hash_sig_path
= mfree(c
->root_hash_sig_path
);
1739 int config_parse_exec_cpu_affinity(
1741 const char *filename
,
1743 const char *section
,
1744 unsigned section_line
,
1751 ExecContext
*c
= data
;
1752 const Unit
*u
= userdata
;
1753 _cleanup_free_
char *k
= NULL
;
1761 if (streq(rvalue
, "numa")) {
1762 c
->cpu_affinity_from_numa
= true;
1763 cpu_set_reset(&c
->cpu_set
);
1768 r
= unit_full_printf(u
, rvalue
, &k
);
1770 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
1771 "Failed to resolve unit specifiers in '%s', ignoring: %m",
1776 r
= parse_cpu_set_extend(k
, &c
->cpu_set
, true, unit
, filename
, line
, lvalue
);
1778 c
->cpu_affinity_from_numa
= false;
1783 int config_parse_capability_set(
1785 const char *filename
,
1787 const char *section
,
1788 unsigned section_line
,
1795 uint64_t *capability_set
= data
;
1796 uint64_t sum
= 0, initial
= 0;
1797 bool invert
= false;
1805 if (rvalue
[0] == '~') {
1810 if (streq(lvalue
, "CapabilityBoundingSet"))
1811 initial
= CAP_ALL
; /* initialized to all bits on */
1812 /* else "AmbientCapabilities" initialized to all bits off */
1814 r
= capability_set_from_string(rvalue
, &sum
);
1816 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse %s= specifier '%s', ignoring: %m", lvalue
, rvalue
);
1820 if (sum
== 0 || *capability_set
== initial
)
1821 /* "", "~" or uninitialized data -> replace */
1822 *capability_set
= invert
? ~sum
: sum
;
1824 /* previous data -> merge */
1826 *capability_set
&= ~sum
;
1828 *capability_set
|= sum
;
1834 int config_parse_exec_selinux_context(
1836 const char *filename
,
1838 const char *section
,
1839 unsigned section_line
,
1846 ExecContext
*c
= data
;
1847 const Unit
*u
= userdata
;
1857 if (isempty(rvalue
)) {
1858 c
->selinux_context
= mfree(c
->selinux_context
);
1859 c
->selinux_context_ignore
= false;
1863 if (rvalue
[0] == '-') {
1869 r
= unit_full_printf(u
, rvalue
, &k
);
1871 log_syntax(unit
, ignore
? LOG_WARNING
: LOG_ERR
, filename
, line
, r
,
1872 "Failed to resolve unit specifiers in '%s'%s: %m",
1873 rvalue
, ignore
? ", ignoring" : "");
1874 return ignore
? 0 : -ENOEXEC
;
1877 free_and_replace(c
->selinux_context
, k
);
1878 c
->selinux_context_ignore
= ignore
;
1883 int config_parse_exec_apparmor_profile(
1885 const char *filename
,
1887 const char *section
,
1888 unsigned section_line
,
1895 ExecContext
*c
= data
;
1896 const Unit
*u
= userdata
;
1906 if (isempty(rvalue
)) {
1907 c
->apparmor_profile
= mfree(c
->apparmor_profile
);
1908 c
->apparmor_profile_ignore
= false;
1912 if (rvalue
[0] == '-') {
1918 r
= unit_full_printf(u
, rvalue
, &k
);
1920 log_syntax(unit
, ignore
? LOG_WARNING
: LOG_ERR
, filename
, line
, r
,
1921 "Failed to resolve unit specifiers in '%s'%s: %m",
1922 rvalue
, ignore
? ", ignoring" : "");
1923 return ignore
? 0 : -ENOEXEC
;
1926 free_and_replace(c
->apparmor_profile
, k
);
1927 c
->apparmor_profile_ignore
= ignore
;
1932 int config_parse_exec_smack_process_label(
1934 const char *filename
,
1936 const char *section
,
1937 unsigned section_line
,
1944 ExecContext
*c
= data
;
1945 const Unit
*u
= userdata
;
1955 if (isempty(rvalue
)) {
1956 c
->smack_process_label
= mfree(c
->smack_process_label
);
1957 c
->smack_process_label_ignore
= false;
1961 if (rvalue
[0] == '-') {
1967 r
= unit_full_printf(u
, rvalue
, &k
);
1969 log_syntax(unit
, ignore
? LOG_WARNING
: LOG_ERR
, filename
, line
, r
,
1970 "Failed to resolve unit specifiers in '%s'%s: %m",
1971 rvalue
, ignore
? ", ignoring" : "");
1972 return ignore
? 0 : -ENOEXEC
;
1975 free_and_replace(c
->smack_process_label
, k
);
1976 c
->smack_process_label_ignore
= ignore
;
1981 int config_parse_timer(
1983 const char *filename
,
1985 const char *section
,
1986 unsigned section_line
,
1993 _cleanup_(calendar_spec_freep
) CalendarSpec
*c
= NULL
;
1994 _cleanup_free_
char *k
= NULL
;
1995 const Unit
*u
= userdata
;
2006 if (isempty(rvalue
)) {
2007 /* Empty assignment resets list */
2008 timer_free_values(t
);
2012 r
= unit_full_printf(u
, rvalue
, &k
);
2014 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
2018 if (ltype
== TIMER_CALENDAR
) {
2019 r
= calendar_spec_from_string(k
, &c
);
2021 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse calendar specification, ignoring: %s", k
);
2025 r
= parse_sec(k
, &usec
);
2027 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse timer value, ignoring: %s", k
);
2032 v
= new(TimerValue
, 1);
2039 .calendar_spec
= TAKE_PTR(c
),
2042 LIST_PREPEND(value
, t
->values
, v
);
2047 int config_parse_trigger_unit(
2049 const char *filename
,
2051 const char *section
,
2052 unsigned section_line
,
2059 _cleanup_free_
char *p
= NULL
;
2069 if (UNIT_TRIGGER(u
)) {
2070 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Multiple units to trigger specified, ignoring: %s", rvalue
);
2074 r
= unit_name_printf(u
, rvalue
, &p
);
2076 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
2080 type
= unit_name_to_type(p
);
2082 log_syntax(unit
, LOG_WARNING
, filename
, line
, type
, "Unit type not valid, ignoring: %s", rvalue
);
2085 if (unit_has_name(u
, p
)) {
2086 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Units cannot trigger themselves, ignoring: %s", rvalue
);
2090 r
= unit_add_two_dependencies_by_name(u
, UNIT_BEFORE
, UNIT_TRIGGERS
, p
, true, UNIT_DEPENDENCY_FILE
);
2092 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to add trigger on %s, ignoring: %m", p
);
2099 int config_parse_path_spec(const char *unit
,
2100 const char *filename
,
2102 const char *section
,
2103 unsigned section_line
,
2113 _cleanup_free_
char *k
= NULL
;
2121 if (isempty(rvalue
)) {
2122 /* Empty assignment clears list */
2127 b
= path_type_from_string(lvalue
);
2129 log_syntax(unit
, LOG_WARNING
, filename
, line
, b
, "Failed to parse path type, ignoring: %s", lvalue
);
2133 r
= unit_path_printf(UNIT(p
), rvalue
, &k
);
2135 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
2139 r
= path_simplify_and_warn(k
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
2143 s
= new0(PathSpec
, 1);
2148 s
->path
= TAKE_PTR(k
);
2152 LIST_PREPEND(spec
, p
->specs
, s
);
2157 int config_parse_socket_service(
2159 const char *filename
,
2161 const char *section
,
2162 unsigned section_line
,
2169 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
2170 _cleanup_free_
char *p
= NULL
;
2180 r
= unit_name_printf(UNIT(s
), rvalue
, &p
);
2182 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
2186 if (!endswith(p
, ".service")) {
2187 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Unit must be of type service, ignoring: %s", rvalue
);
2191 r
= manager_load_unit(UNIT(s
)->manager
, p
, NULL
, &error
, &x
);
2193 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to load unit %s, ignoring: %s", rvalue
, bus_error_message(&error
, r
));
2197 unit_ref_set(&s
->service
, UNIT(s
), x
);
2202 int config_parse_fdname(
2204 const char *filename
,
2206 const char *section
,
2207 unsigned section_line
,
2214 _cleanup_free_
char *p
= NULL
;
2223 if (isempty(rvalue
)) {
2224 s
->fdname
= mfree(s
->fdname
);
2228 r
= unit_fd_printf(UNIT(s
), rvalue
, &p
);
2230 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
2234 if (!fdname_is_valid(p
)) {
2235 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Invalid file descriptor name, ignoring: %s", p
);
2239 return free_and_replace(s
->fdname
, p
);
2242 int config_parse_service_sockets(
2244 const char *filename
,
2246 const char *section
,
2247 unsigned section_line
,
2262 for (const char *p
= rvalue
;;) {
2263 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2265 r
= extract_first_word(&p
, &word
, NULL
, 0);
2269 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Trailing garbage in sockets, ignoring: %s", rvalue
);
2275 r
= unit_name_printf(UNIT(s
), word
, &k
);
2277 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", word
);
2281 if (!endswith(k
, ".socket")) {
2282 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Unit must be of type socket, ignoring: %s", k
);
2286 r
= unit_add_two_dependencies_by_name(UNIT(s
), UNIT_WANTS
, UNIT_AFTER
, k
, true, UNIT_DEPENDENCY_FILE
);
2288 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to add dependency on %s, ignoring: %m", k
);
2290 r
= unit_add_dependency_by_name(UNIT(s
), UNIT_TRIGGERED_BY
, k
, true, UNIT_DEPENDENCY_FILE
);
2292 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to add dependency on %s, ignoring: %m", k
);
2296 int config_parse_bus_name(
2298 const char *filename
,
2300 const char *section
,
2301 unsigned section_line
,
2308 _cleanup_free_
char *k
= NULL
;
2309 const Unit
*u
= userdata
;
2317 r
= unit_full_printf_full(u
, rvalue
, SD_BUS_MAXIMUM_NAME_LENGTH
, &k
);
2319 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
2323 if (!sd_bus_service_name_is_valid(k
)) {
2324 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Invalid bus name, ignoring: %s", k
);
2328 return config_parse_string(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, k
, data
, userdata
);
2331 int config_parse_service_timeout(
2333 const char *filename
,
2335 const char *section
,
2336 unsigned section_line
,
2343 Service
*s
= userdata
;
2352 /* This is called for two cases: TimeoutSec= and TimeoutStartSec=. */
2354 /* Traditionally, these options accepted 0 to disable the timeouts. However, a timeout of 0 suggests it happens
2355 * immediately, hence fix this to become USEC_INFINITY instead. This is in-line with how we internally handle
2356 * all other timeouts. */
2357 r
= parse_sec_fix_0(rvalue
, &usec
);
2359 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse %s= parameter, ignoring: %s", lvalue
, rvalue
);
2363 s
->start_timeout_defined
= true;
2364 s
->timeout_start_usec
= usec
;
2366 if (streq(lvalue
, "TimeoutSec"))
2367 s
->timeout_stop_usec
= usec
;
2372 int config_parse_timeout_abort(
2374 const char *filename
,
2376 const char *section
,
2377 unsigned section_line
,
2392 /* Note: apart from setting the arg, this returns an extra bit of information in the return value. */
2394 if (isempty(rvalue
)) {
2396 return 0; /* "not set" */
2399 r
= parse_sec(rvalue
, ret
);
2401 return log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse %s= setting, ignoring: %s", lvalue
, rvalue
);
2403 return 1; /* "set" */
2406 int config_parse_service_timeout_abort(
2408 const char *filename
,
2410 const char *section
,
2411 unsigned section_line
,
2418 Service
*s
= userdata
;
2423 r
= config_parse_timeout_abort(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, rvalue
,
2424 &s
->timeout_abort_usec
, s
);
2426 s
->timeout_abort_set
= r
;
2430 int config_parse_sec_fix_0(
2432 const char *filename
,
2434 const char *section
,
2435 unsigned section_line
,
2442 usec_t
*usec
= data
;
2450 /* This is pretty much like config_parse_sec(), except that this treats a time of 0 as infinity, for
2451 * compatibility with older versions of systemd where 0 instead of infinity was used as indicator to turn off a
2454 r
= parse_sec_fix_0(rvalue
, usec
);
2456 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse %s= parameter, ignoring: %s", lvalue
, rvalue
);
2461 int config_parse_user_group_compat(
2463 const char *filename
,
2465 const char *section
,
2466 unsigned section_line
,
2473 _cleanup_free_
char *k
= NULL
;
2475 const Unit
*u
= userdata
;
2483 if (isempty(rvalue
)) {
2484 *user
= mfree(*user
);
2488 r
= unit_full_printf(u
, rvalue
, &k
);
2490 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", rvalue
);
2494 if (!valid_user_group_name(k
, VALID_USER_ALLOW_NUMERIC
|VALID_USER_RELAX
|VALID_USER_WARN
)) {
2495 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid user/group name or numeric ID: %s", k
);
2499 if (strstr(lvalue
, "User") && streq(k
, NOBODY_USER_NAME
))
2500 log_struct(LOG_NOTICE
,
2501 "MESSAGE=%s:%u: Special user %s configured, this is not safe!", filename
, line
, k
,
2503 "MESSAGE_ID=" SD_MESSAGE_NOBODY_USER_UNSUITABLE_STR
,
2504 "OFFENDING_USER=%s", k
,
2505 "CONFIG_FILE=%s", filename
,
2506 "CONFIG_LINE=%u", line
);
2508 return free_and_replace(*user
, k
);
2511 int config_parse_user_group_strv_compat(
2513 const char *filename
,
2515 const char *section
,
2516 unsigned section_line
,
2523 char ***users
= data
;
2524 const Unit
*u
= userdata
;
2532 if (isempty(rvalue
)) {
2533 *users
= strv_free(*users
);
2537 for (const char *p
= rvalue
;;) {
2538 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2540 r
= extract_first_word(&p
, &word
, NULL
, 0);
2544 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid syntax: %s", rvalue
);
2550 r
= unit_full_printf(u
, word
, &k
);
2552 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", word
);
2556 if (!valid_user_group_name(k
, VALID_USER_ALLOW_NUMERIC
|VALID_USER_RELAX
|VALID_USER_WARN
)) {
2557 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid user/group name or numeric ID: %s", k
);
2561 r
= strv_push(users
, k
);
2569 int config_parse_working_directory(
2571 const char *filename
,
2573 const char *section
,
2574 unsigned section_line
,
2581 ExecContext
*c
= data
;
2582 const Unit
*u
= userdata
;
2592 if (isempty(rvalue
)) {
2593 c
->working_directory_home
= false;
2594 c
->working_directory
= mfree(c
->working_directory
);
2598 if (rvalue
[0] == '-') {
2604 if (streq(rvalue
, "~")) {
2605 c
->working_directory_home
= true;
2606 c
->working_directory
= mfree(c
->working_directory
);
2608 _cleanup_free_
char *k
= NULL
;
2610 r
= unit_path_printf(u
, rvalue
, &k
);
2612 log_syntax(unit
, missing_ok
? LOG_WARNING
: LOG_ERR
, filename
, line
, r
,
2613 "Failed to resolve unit specifiers in working directory path '%s'%s: %m",
2614 rvalue
, missing_ok
? ", ignoring" : "");
2615 return missing_ok
? 0 : -ENOEXEC
;
2618 r
= path_simplify_and_warn(k
, PATH_CHECK_ABSOLUTE
| (missing_ok
? 0 : PATH_CHECK_FATAL
), unit
, filename
, line
, lvalue
);
2620 return missing_ok
? 0 : -ENOEXEC
;
2622 c
->working_directory_home
= false;
2623 free_and_replace(c
->working_directory
, k
);
2626 c
->working_directory_missing_ok
= missing_ok
;
2630 int config_parse_unit_env_file(const char *unit
,
2631 const char *filename
,
2633 const char *section
,
2634 unsigned section_line
,
2642 const Unit
*u
= userdata
;
2643 _cleanup_free_
char *n
= NULL
;
2651 if (isempty(rvalue
)) {
2652 /* Empty assignment frees the list */
2653 *env
= strv_free(*env
);
2657 r
= unit_full_printf_full(u
, rvalue
, PATH_MAX
, &n
);
2659 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
2663 r
= path_simplify_and_warn(n
[0] == '-' ? n
+ 1 : n
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
2667 r
= strv_push(env
, n
);
2676 int config_parse_environ(
2678 const char *filename
,
2680 const char *section
,
2681 unsigned section_line
,
2688 const Unit
*u
= userdata
;
2697 if (isempty(rvalue
)) {
2698 /* Empty assignment resets the list */
2699 *env
= strv_free(*env
);
2703 for (const char *p
= rvalue
;; ) {
2704 _cleanup_free_
char *word
= NULL
, *resolved
= NULL
;
2706 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_CUNESCAPE
|EXTRACT_UNQUOTE
);
2710 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
2711 "Invalid syntax, ignoring: %s", rvalue
);
2718 r
= unit_env_printf(u
, word
, &resolved
);
2720 r
= specifier_printf(word
, sc_arg_max(), system_and_tmp_specifier_table
, NULL
, NULL
, &resolved
);
2722 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
2723 "Failed to resolve specifiers in %s, ignoring: %m", word
);
2727 if (!env_assignment_is_valid(resolved
)) {
2728 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
2729 "Invalid environment assignment, ignoring: %s", resolved
);
2733 r
= strv_env_replace_consume(env
, TAKE_PTR(resolved
));
2735 return log_error_errno(r
, "Failed to update environment: %m");
2739 int config_parse_pass_environ(
2741 const char *filename
,
2743 const char *section
,
2744 unsigned section_line
,
2751 _cleanup_strv_free_
char **n
= NULL
;
2752 const Unit
*u
= userdata
;
2753 char*** passenv
= data
;
2762 if (isempty(rvalue
)) {
2763 /* Empty assignment resets the list */
2764 *passenv
= strv_free(*passenv
);
2768 for (const char *p
= rvalue
;;) {
2769 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2771 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
2775 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
2776 "Trailing garbage in %s, ignoring: %s", lvalue
, rvalue
);
2783 r
= unit_env_printf(u
, word
, &k
);
2785 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
2786 "Failed to resolve specifiers in %s, ignoring: %m", word
);
2792 if (!env_name_is_valid(k
)) {
2793 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
2794 "Invalid environment name for %s, ignoring: %s", lvalue
, k
);
2798 if (!GREEDY_REALLOC(n
, nlen
+ 2))
2801 n
[nlen
++] = TAKE_PTR(k
);
2806 r
= strv_extend_strv(passenv
, n
, true);
2814 int config_parse_unset_environ(
2816 const char *filename
,
2818 const char *section
,
2819 unsigned section_line
,
2826 _cleanup_strv_free_
char **n
= NULL
;
2827 char*** unsetenv
= data
;
2828 const Unit
*u
= userdata
;
2837 if (isempty(rvalue
)) {
2838 /* Empty assignment resets the list */
2839 *unsetenv
= strv_free(*unsetenv
);
2843 for (const char *p
= rvalue
;;) {
2844 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2846 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_CUNESCAPE
|EXTRACT_UNQUOTE
);
2850 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
2851 "Trailing garbage in %s, ignoring: %s", lvalue
, rvalue
);
2858 r
= unit_env_printf(u
, word
, &k
);
2860 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
2861 "Failed to resolve unit specifiers in %s, ignoring: %m", word
);
2867 if (!env_assignment_is_valid(k
) && !env_name_is_valid(k
)) {
2868 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
2869 "Invalid environment name or assignment %s, ignoring: %s", lvalue
, k
);
2873 if (!GREEDY_REALLOC(n
, nlen
+ 2))
2876 n
[nlen
++] = TAKE_PTR(k
);
2881 r
= strv_extend_strv(unsetenv
, n
, true);
2889 int config_parse_log_extra_fields(
2891 const char *filename
,
2893 const char *section
,
2894 unsigned section_line
,
2901 ExecContext
*c
= data
;
2902 const Unit
*u
= userdata
;
2910 if (isempty(rvalue
)) {
2911 exec_context_free_log_extra_fields(c
);
2915 for (const char *p
= rvalue
;;) {
2916 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2920 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_CUNESCAPE
|EXTRACT_UNQUOTE
);
2924 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid syntax, ignoring: %s", rvalue
);
2930 r
= unit_full_printf(u
, word
, &k
);
2932 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", word
);
2936 eq
= strchr(k
, '=');
2938 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Log field lacks '=' character, ignoring: %s", k
);
2942 if (!journal_field_valid(k
, eq
-k
, false)) {
2943 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Log field name is invalid, ignoring: %s", k
);
2947 t
= reallocarray(c
->log_extra_fields
, c
->n_log_extra_fields
+1, sizeof(struct iovec
));
2951 c
->log_extra_fields
= t
;
2952 c
->log_extra_fields
[c
->n_log_extra_fields
++] = IOVEC_MAKE_STRING(k
);
2958 int config_parse_log_namespace(
2960 const char *filename
,
2962 const char *section
,
2963 unsigned section_line
,
2970 _cleanup_free_
char *k
= NULL
;
2971 ExecContext
*c
= data
;
2972 const Unit
*u
= userdata
;
2980 if (isempty(rvalue
)) {
2981 c
->log_namespace
= mfree(c
->log_namespace
);
2985 r
= unit_full_printf_full(u
, rvalue
, NAME_MAX
, &k
);
2987 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
2991 if (!log_namespace_name_valid(k
)) {
2992 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Specified log namespace name is not valid, ignoring: %s", k
);
2996 free_and_replace(c
->log_namespace
, k
);
3000 int config_parse_unit_condition_path(
3002 const char *filename
,
3004 const char *section
,
3005 unsigned section_line
,
3012 _cleanup_free_
char *p
= NULL
;
3013 Condition
**list
= data
, *c
;
3014 ConditionType t
= ltype
;
3015 bool trigger
, negate
;
3016 const Unit
*u
= userdata
;
3024 if (isempty(rvalue
)) {
3025 /* Empty assignment resets the list */
3026 *list
= condition_free_list(*list
);
3030 trigger
= rvalue
[0] == '|';
3034 negate
= rvalue
[0] == '!';
3038 r
= unit_path_printf(u
, rvalue
, &p
);
3040 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
3044 r
= path_simplify_and_warn(p
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
3048 c
= condition_new(t
, p
, trigger
, negate
);
3052 LIST_PREPEND(conditions
, *list
, c
);
3056 int config_parse_unit_condition_string(
3058 const char *filename
,
3060 const char *section
,
3061 unsigned section_line
,
3068 _cleanup_free_
char *s
= NULL
;
3069 Condition
**list
= data
, *c
;
3070 ConditionType t
= ltype
;
3071 bool trigger
, negate
;
3072 const Unit
*u
= userdata
;
3080 if (isempty(rvalue
)) {
3081 /* Empty assignment resets the list */
3082 *list
= condition_free_list(*list
);
3086 trigger
= *rvalue
== '|';
3088 rvalue
+= 1 + strspn(rvalue
+ 1, WHITESPACE
);
3090 negate
= *rvalue
== '!';
3092 rvalue
+= 1 + strspn(rvalue
+ 1, WHITESPACE
);
3094 r
= unit_full_printf(u
, rvalue
, &s
);
3096 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3097 "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
3101 c
= condition_new(t
, s
, trigger
, negate
);
3105 LIST_PREPEND(conditions
, *list
, c
);
3109 int config_parse_unit_requires_mounts_for(
3111 const char *filename
,
3113 const char *section
,
3114 unsigned section_line
,
3129 for (const char *p
= rvalue
;;) {
3130 _cleanup_free_
char *word
= NULL
, *resolved
= NULL
;
3132 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
3136 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3137 "Invalid syntax, ignoring: %s", rvalue
);
3143 r
= unit_path_printf(u
, word
, &resolved
);
3145 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", word
);
3149 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
3153 r
= unit_require_mounts_for(u
, resolved
, UNIT_DEPENDENCY_FILE
);
3155 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to add required mount '%s', ignoring: %m", resolved
);
3161 int config_parse_documentation(
3163 const char *filename
,
3165 const char *section
,
3166 unsigned section_line
,
3182 if (isempty(rvalue
)) {
3183 /* Empty assignment resets the list */
3184 u
->documentation
= strv_free(u
->documentation
);
3188 r
= config_parse_unit_strv_printf(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
,
3189 rvalue
, data
, userdata
);
3193 for (a
= b
= u
->documentation
; a
&& *a
; a
++) {
3195 if (documentation_url_is_valid(*a
))
3198 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Invalid URL, ignoring: %s", *a
);
3209 int config_parse_syscall_filter(
3211 const char *filename
,
3213 const char *section
,
3214 unsigned section_line
,
3221 ExecContext
*c
= data
;
3222 _unused_
const Unit
*u
= userdata
;
3223 bool invert
= false;
3231 if (isempty(rvalue
)) {
3232 /* Empty assignment resets the list */
3233 c
->syscall_filter
= hashmap_free(c
->syscall_filter
);
3234 c
->syscall_allow_list
= false;
3238 if (rvalue
[0] == '~') {
3243 if (!c
->syscall_filter
) {
3244 c
->syscall_filter
= hashmap_new(NULL
);
3245 if (!c
->syscall_filter
)
3249 /* Allow everything but the ones listed */
3250 c
->syscall_allow_list
= false;
3252 /* Allow nothing but the ones listed */
3253 c
->syscall_allow_list
= true;
3255 /* Accept default syscalls if we are on an allow_list */
3256 r
= seccomp_parse_syscall_filter(
3257 "@default", -1, c
->syscall_filter
,
3258 SECCOMP_PARSE_PERMISSIVE
|SECCOMP_PARSE_ALLOW_LIST
,
3266 for (const char *p
= rvalue
;;) {
3267 _cleanup_free_
char *word
= NULL
, *name
= NULL
;
3270 r
= extract_first_word(&p
, &word
, NULL
, 0);
3274 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3275 "Invalid syntax, ignoring: %s", rvalue
);
3281 r
= parse_syscall_and_errno(word
, &name
, &num
);
3283 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3284 "Failed to parse syscall:errno, ignoring: %s", word
);
3287 if (!invert
&& num
>= 0) {
3288 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
3289 "Allow-listed system calls cannot take error number, ignoring: %s", word
);
3293 r
= seccomp_parse_syscall_filter(
3294 name
, num
, c
->syscall_filter
,
3295 SECCOMP_PARSE_LOG
|SECCOMP_PARSE_PERMISSIVE
|
3296 (invert
? SECCOMP_PARSE_INVERT
: 0)|
3297 (c
->syscall_allow_list
? SECCOMP_PARSE_ALLOW_LIST
: 0),
3298 unit
, filename
, line
);
3304 int config_parse_syscall_log(
3306 const char *filename
,
3308 const char *section
,
3309 unsigned section_line
,
3316 ExecContext
*c
= data
;
3317 _unused_
const Unit
*u
= userdata
;
3318 bool invert
= false;
3327 if (isempty(rvalue
)) {
3328 /* Empty assignment resets the list */
3329 c
->syscall_log
= hashmap_free(c
->syscall_log
);
3330 c
->syscall_log_allow_list
= false;
3334 if (rvalue
[0] == '~') {
3339 if (!c
->syscall_log
) {
3340 c
->syscall_log
= hashmap_new(NULL
);
3341 if (!c
->syscall_log
)
3345 /* Log everything but the ones listed */
3346 c
->syscall_log_allow_list
= false;
3348 /* Log nothing but the ones listed */
3349 c
->syscall_log_allow_list
= true;
3354 _cleanup_free_
char *word
= NULL
;
3356 r
= extract_first_word(&p
, &word
, NULL
, 0);
3360 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid syntax, ignoring: %s", rvalue
);
3366 r
= seccomp_parse_syscall_filter(
3367 word
, -1, c
->syscall_log
,
3368 SECCOMP_PARSE_LOG
|SECCOMP_PARSE_PERMISSIVE
|
3369 (invert
? SECCOMP_PARSE_INVERT
: 0)|
3370 (c
->syscall_log_allow_list
? SECCOMP_PARSE_ALLOW_LIST
: 0),
3371 unit
, filename
, line
);
3377 int config_parse_syscall_archs(
3379 const char *filename
,
3381 const char *section
,
3382 unsigned section_line
,
3392 if (isempty(rvalue
)) {
3393 *archs
= set_free(*archs
);
3397 for (const char *p
= rvalue
;;) {
3398 _cleanup_free_
char *word
= NULL
;
3401 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
3405 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3406 "Invalid syntax, ignoring: %s", rvalue
);
3412 r
= seccomp_arch_from_string(word
, &a
);
3414 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3415 "Failed to parse system call architecture \"%s\", ignoring: %m", word
);
3419 r
= set_ensure_put(archs
, NULL
, UINT32_TO_PTR(a
+ 1));
3425 int config_parse_syscall_errno(
3427 const char *filename
,
3429 const char *section
,
3430 unsigned section_line
,
3437 ExecContext
*c
= data
;
3444 if (isempty(rvalue
) || streq(rvalue
, "kill")) {
3445 /* Empty assignment resets to KILL */
3446 c
->syscall_errno
= SECCOMP_ERROR_NUMBER_KILL
;
3450 e
= parse_errno(rvalue
);
3452 log_syntax(unit
, LOG_WARNING
, filename
, line
, e
, "Failed to parse error number, ignoring: %s", rvalue
);
3456 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Invalid error number, ignoring: %s", rvalue
);
3460 c
->syscall_errno
= e
;
3464 int config_parse_address_families(
3466 const char *filename
,
3468 const char *section
,
3469 unsigned section_line
,
3476 ExecContext
*c
= data
;
3477 bool invert
= false;
3484 if (isempty(rvalue
)) {
3485 /* Empty assignment resets the list */
3486 c
->address_families
= set_free(c
->address_families
);
3487 c
->address_families_allow_list
= false;
3491 if (streq(rvalue
, "none")) {
3492 /* Forbid all address families. */
3493 c
->address_families
= set_free(c
->address_families
);
3494 c
->address_families_allow_list
= true;
3498 if (rvalue
[0] == '~') {
3503 if (!c
->address_families
) {
3504 c
->address_families
= set_new(NULL
);
3505 if (!c
->address_families
)
3508 c
->address_families_allow_list
= !invert
;
3511 for (const char *p
= rvalue
;;) {
3512 _cleanup_free_
char *word
= NULL
;
3515 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
3519 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3520 "Invalid syntax, ignoring: %s", rvalue
);
3526 af
= af_from_name(word
);
3528 log_syntax(unit
, LOG_WARNING
, filename
, line
, af
,
3529 "Failed to parse address family, ignoring: %s", word
);
3533 /* If we previously wanted to forbid an address family and now
3534 * we want to allow it, then just remove it from the list.
3536 if (!invert
== c
->address_families_allow_list
) {
3537 r
= set_put(c
->address_families
, INT_TO_PTR(af
));
3541 set_remove(c
->address_families
, INT_TO_PTR(af
));
3545 int config_parse_restrict_namespaces(
3547 const char *filename
,
3549 const char *section
,
3550 unsigned section_line
,
3557 ExecContext
*c
= data
;
3558 unsigned long flags
;
3559 bool invert
= false;
3562 if (isempty(rvalue
)) {
3563 /* Reset to the default. */
3564 c
->restrict_namespaces
= NAMESPACE_FLAGS_INITIAL
;
3568 /* Boolean parameter ignores the previous settings */
3569 r
= parse_boolean(rvalue
);
3571 c
->restrict_namespaces
= 0;
3573 } else if (r
== 0) {
3574 c
->restrict_namespaces
= NAMESPACE_FLAGS_ALL
;
3578 if (rvalue
[0] == '~') {
3583 /* Not a boolean argument, in this case it's a list of namespace types. */
3584 r
= namespace_flags_from_string(rvalue
, &flags
);
3586 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse namespace type string, ignoring: %s", rvalue
);
3590 if (c
->restrict_namespaces
== NAMESPACE_FLAGS_INITIAL
)
3591 /* Initial assignment. Just set the value. */
3592 c
->restrict_namespaces
= invert
? (~flags
) & NAMESPACE_FLAGS_ALL
: flags
;
3594 /* Merge the value with the previous one. */
3595 SET_FLAG(c
->restrict_namespaces
, flags
, !invert
);
3601 int config_parse_restrict_filesystems(
3603 const char *filename
,
3605 const char *section
,
3606 unsigned section_line
,
3612 ExecContext
*c
= data
;
3613 bool invert
= false;
3621 if (isempty(rvalue
)) {
3622 /* Empty assignment resets the list */
3623 c
->restrict_filesystems
= set_free(c
->restrict_filesystems
);
3624 c
->restrict_filesystems_allow_list
= false;
3628 if (rvalue
[0] == '~') {
3633 if (!c
->restrict_filesystems
) {
3635 /* Allow everything but the ones listed */
3636 c
->restrict_filesystems_allow_list
= false;
3638 /* Allow nothing but the ones listed */
3639 c
->restrict_filesystems_allow_list
= true;
3642 for (const char *p
= rvalue
;;) {
3643 _cleanup_free_
char *word
= NULL
;
3645 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
3651 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3652 "Trailing garbage in %s, ignoring: %s", lvalue
, rvalue
);
3656 r
= lsm_bpf_parse_filesystem(
3658 &c
->restrict_filesystems
,
3659 FILESYSTEM_PARSE_LOG
|
3660 (invert
? FILESYSTEM_PARSE_INVERT
: 0)|
3661 (c
->restrict_filesystems_allow_list
? FILESYSTEM_PARSE_ALLOW_LIST
: 0),
3662 unit
, filename
, line
);
3671 int config_parse_unit_slice(
3673 const char *filename
,
3675 const char *section
,
3676 unsigned section_line
,
3683 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
3684 _cleanup_free_
char *k
= NULL
;
3685 Unit
*u
= userdata
, *slice
;
3693 r
= unit_name_printf(u
, rvalue
, &k
);
3695 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
3699 r
= manager_load_unit(u
->manager
, k
, NULL
, &error
, &slice
);
3701 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to load slice unit %s, ignoring: %s", k
, bus_error_message(&error
, r
));
3705 r
= unit_set_slice(u
, slice
, UNIT_DEPENDENCY_FILE
);
3707 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to assign slice %s to unit %s, ignoring: %m", slice
->id
, u
->id
);
3714 int config_parse_cpu_quota(
3716 const char *filename
,
3718 const char *section
,
3719 unsigned section_line
,
3726 CGroupContext
*c
= data
;
3733 if (isempty(rvalue
)) {
3734 c
->cpu_quota_per_sec_usec
= USEC_INFINITY
;
3738 r
= parse_permyriad_unbounded(rvalue
);
3740 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid CPU quota '%s', ignoring.", rvalue
);
3744 c
->cpu_quota_per_sec_usec
= ((usec_t
) r
* USEC_PER_SEC
) / 10000U;
3748 int config_parse_allowed_cpuset(
3750 const char *filename
,
3752 const char *section
,
3753 unsigned section_line
,
3762 (void) parse_cpu_set_extend(rvalue
, c
, true, unit
, filename
, line
, lvalue
);
3766 int config_parse_memory_limit(
3768 const char *filename
,
3770 const char *section
,
3771 unsigned section_line
,
3778 CGroupContext
*c
= data
;
3779 uint64_t bytes
= CGROUP_LIMIT_MAX
;
3782 if (isempty(rvalue
) && STR_IN_SET(lvalue
, "DefaultMemoryLow",
3786 bytes
= CGROUP_LIMIT_MIN
;
3787 else if (!isempty(rvalue
) && !streq(rvalue
, "infinity")) {
3789 r
= parse_permyriad(rvalue
);
3791 r
= parse_size(rvalue
, 1024, &bytes
);
3793 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid memory limit '%s', ignoring: %m", rvalue
);
3797 bytes
= physical_memory_scale(r
, 10000U);
3799 if (bytes
>= UINT64_MAX
||
3800 (bytes
<= 0 && !STR_IN_SET(lvalue
, "MemorySwapMax", "MemoryLow", "MemoryMin", "DefaultMemoryLow", "DefaultMemoryMin"))) {
3801 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Memory limit '%s' out of range, ignoring.", rvalue
);
3806 if (streq(lvalue
, "DefaultMemoryLow")) {
3807 c
->default_memory_low
= bytes
;
3808 c
->default_memory_low_set
= true;
3809 } else if (streq(lvalue
, "DefaultMemoryMin")) {
3810 c
->default_memory_min
= bytes
;
3811 c
->default_memory_min_set
= true;
3812 } else if (streq(lvalue
, "MemoryMin")) {
3813 c
->memory_min
= bytes
;
3814 c
->memory_min_set
= true;
3815 } else if (streq(lvalue
, "MemoryLow")) {
3816 c
->memory_low
= bytes
;
3817 c
->memory_low_set
= true;
3818 } else if (streq(lvalue
, "MemoryHigh"))
3819 c
->memory_high
= bytes
;
3820 else if (streq(lvalue
, "MemoryMax"))
3821 c
->memory_max
= bytes
;
3822 else if (streq(lvalue
, "MemorySwapMax"))
3823 c
->memory_swap_max
= bytes
;
3824 else if (streq(lvalue
, "MemoryLimit"))
3825 c
->memory_limit
= bytes
;
3832 int config_parse_tasks_max(
3834 const char *filename
,
3836 const char *section
,
3837 unsigned section_line
,
3844 const Unit
*u
= userdata
;
3845 TasksMax
*tasks_max
= data
;
3849 if (isempty(rvalue
)) {
3850 *tasks_max
= u
? u
->manager
->default_tasks_max
: TASKS_MAX_UNSET
;
3854 if (streq(rvalue
, "infinity")) {
3855 *tasks_max
= TASKS_MAX_UNSET
;
3859 r
= parse_permyriad(rvalue
);
3861 *tasks_max
= (TasksMax
) { r
, 10000U }; /* r‱ */
3863 r
= safe_atou64(rvalue
, &v
);
3865 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid maximum tasks value '%s', ignoring: %m", rvalue
);
3869 if (v
<= 0 || v
>= UINT64_MAX
) {
3870 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Maximum tasks value '%s' out of range, ignoring.", rvalue
);
3874 *tasks_max
= (TasksMax
) { v
};
3880 int config_parse_delegate(
3882 const char *filename
,
3884 const char *section
,
3885 unsigned section_line
,
3892 CGroupContext
*c
= data
;
3896 t
= unit_name_to_type(unit
);
3897 assert(t
!= _UNIT_TYPE_INVALID
);
3899 if (!unit_vtable
[t
]->can_delegate
) {
3900 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Delegate= setting not supported for this unit type, ignoring.");
3904 /* We either accept a boolean value, which may be used to turn on delegation for all controllers, or turn it
3905 * off for all. Or it takes a list of controller names, in which case we add the specified controllers to the
3906 * mask to delegate. */
3908 if (isempty(rvalue
)) {
3909 /* An empty string resets controllers and set Delegate=yes. */
3911 c
->delegate_controllers
= 0;
3915 r
= parse_boolean(rvalue
);
3917 CGroupMask mask
= 0;
3919 for (const char *p
= rvalue
;;) {
3920 _cleanup_free_
char *word
= NULL
;
3921 CGroupController cc
;
3923 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
3927 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid syntax, ignoring: %s", rvalue
);
3933 cc
= cgroup_controller_from_string(word
);
3935 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid controller name '%s', ignoring", word
);
3939 mask
|= CGROUP_CONTROLLER_TO_MASK(cc
);
3943 c
->delegate_controllers
|= mask
;
3947 c
->delegate_controllers
= _CGROUP_MASK_ALL
;
3949 c
->delegate
= false;
3950 c
->delegate_controllers
= 0;
3956 int config_parse_managed_oom_mode(
3958 const char *filename
,
3960 const char *section
,
3961 unsigned section_line
,
3968 ManagedOOMMode
*mode
= data
, m
;
3971 t
= unit_name_to_type(unit
);
3972 assert(t
!= _UNIT_TYPE_INVALID
);
3974 if (!unit_vtable
[t
]->can_set_managed_oom
)
3975 return log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "%s= is not supported for this unit type, ignoring.", lvalue
);
3977 if (isempty(rvalue
)) {
3978 *mode
= MANAGED_OOM_AUTO
;
3982 m
= managed_oom_mode_from_string(rvalue
);
3984 log_syntax(unit
, LOG_WARNING
, filename
, line
, m
, "Invalid syntax, ignoring: %s", rvalue
);
3992 int config_parse_managed_oom_mem_pressure_limit(
3994 const char *filename
,
3996 const char *section
,
3997 unsigned section_line
,
4004 uint32_t *limit
= data
;
4008 t
= unit_name_to_type(unit
);
4009 assert(t
!= _UNIT_TYPE_INVALID
);
4011 if (!unit_vtable
[t
]->can_set_managed_oom
)
4012 return log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "%s= is not supported for this unit type, ignoring.", lvalue
);
4014 if (isempty(rvalue
)) {
4019 r
= parse_permyriad(rvalue
);
4021 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse memory pressure limit value, ignoring: %s", rvalue
);
4025 /* Normalize to 2^32-1 == 100% */
4026 *limit
= UINT32_SCALE_FROM_PERMYRIAD(r
);
4030 int config_parse_device_allow(
4032 const char *filename
,
4034 const char *section
,
4035 unsigned section_line
,
4042 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
4043 CGroupContext
*c
= data
;
4044 const char *p
= rvalue
;
4047 if (isempty(rvalue
)) {
4048 while (c
->device_allow
)
4049 cgroup_context_free_device_allow(c
, c
->device_allow
);
4054 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_UNQUOTE
);
4058 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4059 "Failed to extract device path and rights from '%s', ignoring.", rvalue
);
4063 r
= unit_path_printf(userdata
, path
, &resolved
);
4065 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4066 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
4070 if (!STARTSWITH_SET(resolved
, "block-", "char-")) {
4072 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
4076 if (!valid_device_node_path(resolved
)) {
4077 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Invalid device node path '%s', ignoring.", resolved
);
4082 if (!isempty(p
) && !in_charset(p
, "rwm")) {
4083 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Invalid device rights '%s', ignoring.", p
);
4087 return cgroup_add_device_allow(c
, resolved
, p
);
4090 int config_parse_io_device_weight(
4092 const char *filename
,
4094 const char *section
,
4095 unsigned section_line
,
4102 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
4103 CGroupIODeviceWeight
*w
;
4104 CGroupContext
*c
= data
;
4105 const char *p
= rvalue
;
4113 if (isempty(rvalue
)) {
4114 while (c
->io_device_weights
)
4115 cgroup_context_free_io_device_weight(c
, c
->io_device_weights
);
4120 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_UNQUOTE
);
4123 if (r
<= 0 || isempty(p
)) {
4124 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4125 "Failed to extract device path and weight from '%s', ignoring.", rvalue
);
4129 r
= unit_path_printf(userdata
, path
, &resolved
);
4131 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4132 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
4136 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
4140 r
= cg_weight_parse(p
, &u
);
4142 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "IO weight '%s' invalid, ignoring: %m", p
);
4146 assert(u
!= CGROUP_WEIGHT_INVALID
);
4148 w
= new0(CGroupIODeviceWeight
, 1);
4152 w
->path
= TAKE_PTR(resolved
);
4155 LIST_PREPEND(device_weights
, c
->io_device_weights
, w
);
4159 int config_parse_io_device_latency(
4161 const char *filename
,
4163 const char *section
,
4164 unsigned section_line
,
4171 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
4172 CGroupIODeviceLatency
*l
;
4173 CGroupContext
*c
= data
;
4174 const char *p
= rvalue
;
4182 if (isempty(rvalue
)) {
4183 while (c
->io_device_latencies
)
4184 cgroup_context_free_io_device_latency(c
, c
->io_device_latencies
);
4189 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_UNQUOTE
);
4192 if (r
<= 0 || isempty(p
)) {
4193 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4194 "Failed to extract device path and latency from '%s', ignoring.", rvalue
);
4198 r
= unit_path_printf(userdata
, path
, &resolved
);
4200 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4201 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
4205 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
4209 r
= parse_sec(p
, &usec
);
4211 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse timer value, ignoring: %s", p
);
4215 l
= new0(CGroupIODeviceLatency
, 1);
4219 l
->path
= TAKE_PTR(resolved
);
4220 l
->target_usec
= usec
;
4222 LIST_PREPEND(device_latencies
, c
->io_device_latencies
, l
);
4226 int config_parse_io_limit(
4228 const char *filename
,
4230 const char *section
,
4231 unsigned section_line
,
4238 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
4239 CGroupIODeviceLimit
*l
= NULL
, *t
;
4240 CGroupContext
*c
= data
;
4241 CGroupIOLimitType type
;
4242 const char *p
= rvalue
;
4250 type
= cgroup_io_limit_type_from_string(lvalue
);
4253 if (isempty(rvalue
)) {
4254 LIST_FOREACH(device_limits
, l
, c
->io_device_limits
)
4255 l
->limits
[type
] = cgroup_io_limit_defaults
[type
];
4259 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_UNQUOTE
);
4262 if (r
<= 0 || isempty(p
)) {
4263 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4264 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue
);
4268 r
= unit_path_printf(userdata
, path
, &resolved
);
4270 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4271 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
4275 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
4279 if (streq("infinity", p
))
4280 num
= CGROUP_LIMIT_MAX
;
4282 r
= parse_size(p
, 1000, &num
);
4283 if (r
< 0 || num
<= 0) {
4284 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Invalid IO limit '%s', ignoring.", p
);
4289 LIST_FOREACH(device_limits
, t
, c
->io_device_limits
) {
4290 if (path_equal(resolved
, t
->path
)) {
4297 CGroupIOLimitType ttype
;
4299 l
= new0(CGroupIODeviceLimit
, 1);
4303 l
->path
= TAKE_PTR(resolved
);
4304 for (ttype
= 0; ttype
< _CGROUP_IO_LIMIT_TYPE_MAX
; ttype
++)
4305 l
->limits
[ttype
] = cgroup_io_limit_defaults
[ttype
];
4307 LIST_PREPEND(device_limits
, c
->io_device_limits
, l
);
4310 l
->limits
[type
] = num
;
4315 int config_parse_blockio_device_weight(
4317 const char *filename
,
4319 const char *section
,
4320 unsigned section_line
,
4327 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
4328 CGroupBlockIODeviceWeight
*w
;
4329 CGroupContext
*c
= data
;
4330 const char *p
= rvalue
;
4338 if (isempty(rvalue
)) {
4339 while (c
->blockio_device_weights
)
4340 cgroup_context_free_blockio_device_weight(c
, c
->blockio_device_weights
);
4345 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_UNQUOTE
);
4348 if (r
<= 0 || isempty(p
)) {
4349 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4350 "Failed to extract device node and weight from '%s', ignoring.", rvalue
);
4354 r
= unit_path_printf(userdata
, path
, &resolved
);
4356 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4357 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
4361 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
4365 r
= cg_blkio_weight_parse(p
, &u
);
4367 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid block IO weight '%s', ignoring: %m", p
);
4371 assert(u
!= CGROUP_BLKIO_WEIGHT_INVALID
);
4373 w
= new0(CGroupBlockIODeviceWeight
, 1);
4377 w
->path
= TAKE_PTR(resolved
);
4380 LIST_PREPEND(device_weights
, c
->blockio_device_weights
, w
);
4384 int config_parse_blockio_bandwidth(
4386 const char *filename
,
4388 const char *section
,
4389 unsigned section_line
,
4396 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
4397 CGroupBlockIODeviceBandwidth
*b
= NULL
, *t
;
4398 CGroupContext
*c
= data
;
4399 const char *p
= rvalue
;
4408 read
= streq("BlockIOReadBandwidth", lvalue
);
4410 if (isempty(rvalue
)) {
4411 LIST_FOREACH(device_bandwidths
, b
, c
->blockio_device_bandwidths
) {
4412 b
->rbps
= CGROUP_LIMIT_MAX
;
4413 b
->wbps
= CGROUP_LIMIT_MAX
;
4418 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_UNQUOTE
);
4421 if (r
<= 0 || isempty(p
)) {
4422 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4423 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue
);
4427 r
= unit_path_printf(userdata
, path
, &resolved
);
4429 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4430 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
4434 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
4438 r
= parse_size(p
, 1000, &bytes
);
4439 if (r
< 0 || bytes
<= 0) {
4440 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid Block IO Bandwidth '%s', ignoring.", p
);
4444 LIST_FOREACH(device_bandwidths
, t
, c
->blockio_device_bandwidths
) {
4445 if (path_equal(resolved
, t
->path
)) {
4452 b
= new0(CGroupBlockIODeviceBandwidth
, 1);
4456 b
->path
= TAKE_PTR(resolved
);
4457 b
->rbps
= CGROUP_LIMIT_MAX
;
4458 b
->wbps
= CGROUP_LIMIT_MAX
;
4460 LIST_PREPEND(device_bandwidths
, c
->blockio_device_bandwidths
, b
);
4471 int config_parse_job_mode_isolate(
4473 const char *filename
,
4475 const char *section
,
4476 unsigned section_line
,
4490 r
= parse_boolean(rvalue
);
4492 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse boolean, ignoring: %s", rvalue
);
4496 log_notice("%s is deprecated. Please use OnFailureJobMode= instead", lvalue
);
4498 *m
= r
? JOB_ISOLATE
: JOB_REPLACE
;
4502 int config_parse_exec_directories(
4504 const char *filename
,
4506 const char *section
,
4507 unsigned section_line
,
4515 const Unit
*u
= userdata
;
4523 if (isempty(rvalue
)) {
4524 /* Empty assignment resets the list */
4525 *rt
= strv_free(*rt
);
4529 for (const char *p
= rvalue
;;) {
4530 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
4532 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
4536 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4537 "Invalid syntax, ignoring: %s", rvalue
);
4543 r
= unit_path_printf(u
, word
, &k
);
4545 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4546 "Failed to resolve unit specifiers in \"%s\", ignoring: %m", word
);
4550 r
= path_simplify_and_warn(k
, PATH_CHECK_RELATIVE
, unit
, filename
, line
, lvalue
);
4554 if (path_startswith(k
, "private")) {
4555 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
4556 "%s= path can't be 'private', ignoring assignment: %s", lvalue
, word
);
4560 r
= strv_push(rt
, k
);
4567 int config_parse_set_credential(
4569 const char *filename
,
4571 const char *section
,
4572 unsigned section_line
,
4579 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
4580 _cleanup_free_
void *d
= NULL
;
4581 ExecContext
*context
= data
;
4582 ExecSetCredential
*old
;
4584 bool encrypted
= ltype
;
4585 const char *p
= rvalue
;
4594 if (isempty(rvalue
)) {
4595 /* Empty assignment resets the list */
4596 context
->set_credentials
= hashmap_free(context
->set_credentials
);
4600 r
= extract_first_word(&p
, &word
, ":", EXTRACT_DONT_COALESCE_SEPARATORS
);
4604 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid syntax, ignoring: %s", rvalue
);
4608 r
= unit_cred_printf(u
, word
, &k
);
4610 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in \"%s\", ignoring: %m", word
);
4613 if (!credential_name_valid(k
)) {
4614 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Credential name \"%s\" not valid, ignoring.", k
);
4619 r
= unbase64mem_full(p
, SIZE_MAX
, true, &d
, &size
);
4621 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Encrypted credential data not valid Base64 data, ignoring.");
4628 /* We support escape codes here, so that users can insert trailing \n if they like */
4629 l
= cunescape(p
, UNESCAPE_ACCEPT_NUL
, &unescaped
);
4631 log_syntax(unit
, LOG_WARNING
, filename
, line
, l
, "Can't unescape \"%s\", ignoring: %m", p
);
4639 old
= hashmap_get(context
->set_credentials
, k
);
4641 free_and_replace(old
->data
, d
);
4643 old
->encrypted
= encrypted
;
4645 _cleanup_(exec_set_credential_freep
) ExecSetCredential
*sc
= NULL
;
4647 sc
= new(ExecSetCredential
, 1);
4651 *sc
= (ExecSetCredential
) {
4653 .data
= TAKE_PTR(d
),
4655 .encrypted
= encrypted
,
4658 r
= hashmap_ensure_put(&context
->set_credentials
, &exec_set_credential_hash_ops
, sc
->id
, sc
);
4662 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4663 "Duplicated credential value '%s', ignoring assignment: %s", sc
->id
, rvalue
);
4673 int config_parse_load_credential(
4675 const char *filename
,
4677 const char *section
,
4678 unsigned section_line
,
4685 _cleanup_free_
char *word
= NULL
, *k
= NULL
, *q
= NULL
;
4686 ExecContext
*context
= data
;
4687 ExecLoadCredential
*old
;
4688 bool encrypted
= ltype
;
4698 if (isempty(rvalue
)) {
4699 /* Empty assignment resets the list */
4700 context
->load_credentials
= hashmap_free(context
->load_credentials
);
4705 r
= extract_first_word(&p
, &word
, ":", EXTRACT_DONT_COALESCE_SEPARATORS
);
4709 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid syntax, ignoring: %s", rvalue
);
4713 r
= unit_cred_printf(u
, word
, &k
);
4715 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in \"%s\", ignoring: %m", word
);
4718 if (!credential_name_valid(k
)) {
4719 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Credential name \"%s\" not valid, ignoring.", k
);
4724 /* If only one field field is specified take it as shortcut for inheriting a credential named
4725 * the same way from our parent */
4730 r
= unit_path_printf(u
, p
, &q
);
4732 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in \"%s\", ignoring: %m", p
);
4735 if (path_is_absolute(q
) ? !path_is_normalized(q
) : !credential_name_valid(q
)) {
4736 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Credential source \"%s\" not valid, ignoring.", q
);
4741 old
= hashmap_get(context
->load_credentials
, k
);
4743 free_and_replace(old
->path
, q
);
4744 old
->encrypted
= encrypted
;
4746 _cleanup_(exec_load_credential_freep
) ExecLoadCredential
*lc
= NULL
;
4748 lc
= new(ExecLoadCredential
, 1);
4752 *lc
= (ExecLoadCredential
) {
4754 .path
= TAKE_PTR(q
),
4755 .encrypted
= encrypted
,
4758 r
= hashmap_ensure_put(&context
->load_credentials
, &exec_load_credential_hash_ops
, lc
->id
, lc
);
4762 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4763 "Duplicated credential value '%s', ignoring assignment: %s", lc
->id
, rvalue
);
4773 int config_parse_set_status(
4775 const char *filename
,
4777 const char *section
,
4778 unsigned section_line
,
4785 ExitStatusSet
*status_set
= data
;
4793 /* Empty assignment resets the list */
4794 if (isempty(rvalue
)) {
4795 exit_status_set_free(status_set
);
4799 for (const char *p
= rvalue
;;) {
4800 _cleanup_free_
char *word
= NULL
;
4803 r
= extract_first_word(&p
, &word
, NULL
, 0);
4807 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4808 "Failed to parse %s=%s, ignoring: %m", lvalue
, rvalue
);
4814 /* We need to call exit_status_from_string() first, because we want
4815 * to parse numbers as exit statuses, not signals. */
4817 r
= exit_status_from_string(word
);
4819 assert(r
>= 0 && r
< 256);
4820 bitmap
= &status_set
->status
;
4822 r
= signal_from_string(word
);
4824 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4825 "Failed to parse value, ignoring: %s", word
);
4828 bitmap
= &status_set
->signal
;
4831 r
= bitmap_set(bitmap
, r
);
4833 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4834 "Failed to set signal or status %s, ignoring: %m", word
);
4838 int config_parse_namespace_path_strv(
4840 const char *filename
,
4842 const char *section
,
4843 unsigned section_line
,
4850 const Unit
*u
= userdata
;
4859 if (isempty(rvalue
)) {
4860 /* Empty assignment resets the list */
4861 *sv
= strv_free(*sv
);
4865 for (const char *p
= rvalue
;;) {
4866 _cleanup_free_
char *word
= NULL
, *resolved
= NULL
, *joined
= NULL
;
4868 bool ignore_enoent
= false, shall_prefix
= false;
4870 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
4874 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to extract first word, ignoring: %s", rvalue
);
4881 if (startswith(w
, "-")) {
4882 ignore_enoent
= true;
4885 if (startswith(w
, "+")) {
4886 shall_prefix
= true;
4890 r
= unit_path_printf(u
, w
, &resolved
);
4892 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", w
);
4896 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
4900 joined
= strjoin(ignore_enoent
? "-" : "",
4901 shall_prefix
? "+" : "",
4904 r
= strv_push(sv
, joined
);
4914 int config_parse_temporary_filesystems(
4916 const char *filename
,
4918 const char *section
,
4919 unsigned section_line
,
4926 const Unit
*u
= userdata
;
4927 ExecContext
*c
= data
;
4935 if (isempty(rvalue
)) {
4936 /* Empty assignment resets the list */
4937 temporary_filesystem_free_many(c
->temporary_filesystems
, c
->n_temporary_filesystems
);
4938 c
->temporary_filesystems
= NULL
;
4939 c
->n_temporary_filesystems
= 0;
4943 for (const char *p
= rvalue
;;) {
4944 _cleanup_free_
char *word
= NULL
, *path
= NULL
, *resolved
= NULL
;
4947 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
4951 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to extract first word, ignoring: %s", rvalue
);
4958 r
= extract_first_word(&w
, &path
, ":", EXTRACT_DONT_COALESCE_SEPARATORS
);
4962 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to extract first word, ignoring: %s", word
);
4966 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Invalid syntax, ignoring: %s", word
);
4970 r
= unit_path_printf(u
, path
, &resolved
);
4972 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", path
);
4976 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
4980 r
= temporary_filesystem_add(&c
->temporary_filesystems
, &c
->n_temporary_filesystems
, resolved
, w
);
4986 int config_parse_bind_paths(
4988 const char *filename
,
4990 const char *section
,
4991 unsigned section_line
,
4998 ExecContext
*c
= data
;
4999 const Unit
*u
= userdata
;
5007 if (isempty(rvalue
)) {
5008 /* Empty assignment resets the list */
5009 bind_mount_free_many(c
->bind_mounts
, c
->n_bind_mounts
);
5010 c
->bind_mounts
= NULL
;
5011 c
->n_bind_mounts
= 0;
5015 for (const char *p
= rvalue
;;) {
5016 _cleanup_free_
char *source
= NULL
, *destination
= NULL
;
5017 _cleanup_free_
char *sresolved
= NULL
, *dresolved
= NULL
;
5018 char *s
= NULL
, *d
= NULL
;
5019 bool rbind
= true, ignore_enoent
= false;
5021 r
= extract_first_word(&p
, &source
, ":" WHITESPACE
, EXTRACT_UNQUOTE
|EXTRACT_DONT_COALESCE_SEPARATORS
);
5025 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse %s, ignoring: %s", lvalue
, rvalue
);
5031 r
= unit_full_printf_full(u
, source
, PATH_MAX
, &sresolved
);
5033 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
5034 "Failed to resolve unit specifiers in \"%s\", ignoring: %m", source
);
5040 ignore_enoent
= true;
5044 r
= path_simplify_and_warn(s
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
5048 /* Optionally, the destination is specified. */
5049 if (p
&& p
[-1] == ':') {
5050 r
= extract_first_word(&p
, &destination
, ":" WHITESPACE
, EXTRACT_UNQUOTE
|EXTRACT_DONT_COALESCE_SEPARATORS
);
5054 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse %s, ignoring: %s", lvalue
, rvalue
);
5058 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Missing argument after ':', ignoring: %s", s
);
5062 r
= unit_path_printf(u
, destination
, &dresolved
);
5064 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
5065 "Failed to resolve specifiers in \"%s\", ignoring: %m", destination
);
5069 r
= path_simplify_and_warn(dresolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
5075 /* Optionally, there's also a short option string specified */
5076 if (p
&& p
[-1] == ':') {
5077 _cleanup_free_
char *options
= NULL
;
5079 r
= extract_first_word(&p
, &options
, NULL
, EXTRACT_UNQUOTE
);
5083 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse %s: %s", lvalue
, rvalue
);
5087 if (isempty(options
) || streq(options
, "rbind"))
5089 else if (streq(options
, "norbind"))
5092 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Invalid option string, ignoring setting: %s", options
);
5099 r
= bind_mount_add(&c
->bind_mounts
, &c
->n_bind_mounts
,
5103 .read_only
= !!strstr(lvalue
, "ReadOnly"),
5105 .ignore_enoent
= ignore_enoent
,
5114 int config_parse_mount_images(
5116 const char *filename
,
5118 const char *section
,
5119 unsigned section_line
,
5126 ExecContext
*c
= data
;
5127 const Unit
*u
= userdata
;
5135 if (isempty(rvalue
)) {
5136 /* Empty assignment resets the list */
5137 c
->mount_images
= mount_image_free_many(c
->mount_images
, &c
->n_mount_images
);
5141 for (const char *p
= rvalue
;;) {
5142 _cleanup_(mount_options_free_allp
) MountOptions
*options
= NULL
;
5143 _cleanup_free_
char *first
= NULL
, *second
= NULL
, *tuple
= NULL
;
5144 _cleanup_free_
char *sresolved
= NULL
, *dresolved
= NULL
;
5145 const char *q
= NULL
;
5147 bool permissive
= false;
5149 r
= extract_first_word(&p
, &tuple
, NULL
, EXTRACT_UNQUOTE
|EXTRACT_RETAIN_ESCAPE
);
5153 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
5154 "Invalid syntax %s=%s, ignoring: %m", lvalue
, rvalue
);
5161 r
= extract_many_words(&q
, ":", EXTRACT_CUNESCAPE
|EXTRACT_UNESCAPE_SEPARATORS
, &first
, &second
, NULL
);
5165 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
5166 "Invalid syntax in %s=, ignoring: %s", lvalue
, tuple
);
5178 r
= unit_path_printf(u
, s
, &sresolved
);
5180 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
5181 "Failed to resolve unit specifiers in \"%s\", ignoring: %m", s
);
5185 r
= path_simplify_and_warn(sresolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
5189 if (isempty(second
)) {
5190 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Missing destination in %s, ignoring: %s", lvalue
, rvalue
);
5194 r
= unit_path_printf(u
, second
, &dresolved
);
5196 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
5197 "Failed to resolve specifiers in \"%s\", ignoring: %m", second
);
5201 r
= path_simplify_and_warn(dresolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
5206 _cleanup_free_
char *partition
= NULL
, *mount_options
= NULL
, *mount_options_resolved
= NULL
;
5207 MountOptions
*o
= NULL
;
5208 PartitionDesignator partition_designator
;
5210 r
= extract_many_words(&q
, ":", EXTRACT_CUNESCAPE
|EXTRACT_UNESCAPE_SEPARATORS
, &partition
, &mount_options
, NULL
);
5214 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid syntax, ignoring: %s", q
);
5219 /* Single set of options, applying to the root partition/single filesystem */
5221 r
= unit_full_printf(u
, partition
, &mount_options_resolved
);
5223 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", first
);
5227 o
= new(MountOptions
, 1);
5230 *o
= (MountOptions
) {
5231 .partition_designator
= PARTITION_ROOT
,
5232 .options
= TAKE_PTR(mount_options_resolved
),
5234 LIST_APPEND(mount_options
, options
, o
);
5239 partition_designator
= partition_designator_from_string(partition
);
5240 if (partition_designator
< 0) {
5241 log_syntax(unit
, LOG_WARNING
, filename
, line
, partition_designator
,
5242 "Invalid partition name %s, ignoring", partition
);
5245 r
= unit_full_printf(u
, mount_options
, &mount_options_resolved
);
5247 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", mount_options
);
5251 o
= new(MountOptions
, 1);
5254 *o
= (MountOptions
) {
5255 .partition_designator
= partition_designator
,
5256 .options
= TAKE_PTR(mount_options_resolved
),
5258 LIST_APPEND(mount_options
, options
, o
);
5261 r
= mount_image_add(&c
->mount_images
, &c
->n_mount_images
,
5263 .source
= sresolved
,
5264 .destination
= dresolved
,
5265 .mount_options
= options
,
5266 .ignore_enoent
= permissive
,
5267 .type
= MOUNT_IMAGE_DISCRETE
,
5274 int config_parse_extension_images(
5276 const char *filename
,
5278 const char *section
,
5279 unsigned section_line
,
5286 ExecContext
*c
= data
;
5287 const Unit
*u
= userdata
;
5295 if (isempty(rvalue
)) {
5296 /* Empty assignment resets the list */
5297 c
->extension_images
= mount_image_free_many(c
->extension_images
, &c
->n_extension_images
);
5301 for (const char *p
= rvalue
;;) {
5302 _cleanup_free_
char *source
= NULL
, *tuple
= NULL
, *sresolved
= NULL
;
5303 _cleanup_(mount_options_free_allp
) MountOptions
*options
= NULL
;
5304 bool permissive
= false;
5305 const char *q
= NULL
;
5308 r
= extract_first_word(&p
, &tuple
, NULL
, EXTRACT_UNQUOTE
|EXTRACT_RETAIN_ESCAPE
);
5312 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
5313 "Invalid syntax %s=%s, ignoring: %m", lvalue
, rvalue
);
5320 r
= extract_first_word(&q
, &source
, ":", EXTRACT_CUNESCAPE
|EXTRACT_UNESCAPE_SEPARATORS
);
5324 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
5325 "Invalid syntax in %s=, ignoring: %s", lvalue
, tuple
);
5337 r
= unit_path_printf(u
, s
, &sresolved
);
5339 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
5340 "Failed to resolve unit specifiers in \"%s\", ignoring: %m", s
);
5344 r
= path_simplify_and_warn(sresolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
5349 _cleanup_free_
char *partition
= NULL
, *mount_options
= NULL
, *mount_options_resolved
= NULL
;
5350 MountOptions
*o
= NULL
;
5351 PartitionDesignator partition_designator
;
5353 r
= extract_many_words(&q
, ":", EXTRACT_CUNESCAPE
|EXTRACT_UNESCAPE_SEPARATORS
, &partition
, &mount_options
, NULL
);
5357 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid syntax, ignoring: %s", q
);
5362 /* Single set of options, applying to the root partition/single filesystem */
5364 r
= unit_full_printf(u
, partition
, &mount_options_resolved
);
5366 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", partition
);
5370 o
= new(MountOptions
, 1);
5373 *o
= (MountOptions
) {
5374 .partition_designator
= PARTITION_ROOT
,
5375 .options
= TAKE_PTR(mount_options_resolved
),
5377 LIST_APPEND(mount_options
, options
, o
);
5382 partition_designator
= partition_designator_from_string(partition
);
5383 if (partition_designator
< 0) {
5384 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Invalid partition name %s, ignoring", partition
);
5387 r
= unit_full_printf(u
, mount_options
, &mount_options_resolved
);
5389 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", mount_options
);
5393 o
= new(MountOptions
, 1);
5396 *o
= (MountOptions
) {
5397 .partition_designator
= partition_designator
,
5398 .options
= TAKE_PTR(mount_options_resolved
),
5400 LIST_APPEND(mount_options
, options
, o
);
5403 r
= mount_image_add(&c
->extension_images
, &c
->n_extension_images
,
5405 .source
= sresolved
,
5406 .mount_options
= options
,
5407 .ignore_enoent
= permissive
,
5408 .type
= MOUNT_IMAGE_EXTENSION
,
5415 int config_parse_job_timeout_sec(
5417 const char *filename
,
5419 const char *section
,
5420 unsigned section_line
,
5436 r
= parse_sec_fix_0(rvalue
, &usec
);
5438 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse JobTimeoutSec= parameter, ignoring: %s", rvalue
);
5442 /* If the user explicitly changed JobTimeoutSec= also change JobRunningTimeoutSec=, for compatibility with old
5443 * versions. If JobRunningTimeoutSec= was explicitly set, avoid this however as whatever the user picked should
5446 if (!u
->job_running_timeout_set
)
5447 u
->job_running_timeout
= usec
;
5449 u
->job_timeout
= usec
;
5454 int config_parse_job_running_timeout_sec(
5456 const char *filename
,
5458 const char *section
,
5459 unsigned section_line
,
5475 r
= parse_sec_fix_0(rvalue
, &usec
);
5477 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse JobRunningTimeoutSec= parameter, ignoring: %s", rvalue
);
5481 u
->job_running_timeout
= usec
;
5482 u
->job_running_timeout_set
= true;
5487 int config_parse_emergency_action(
5489 const char *filename
,
5491 const char *section
,
5492 unsigned section_line
,
5500 EmergencyAction
*x
= data
;
5509 m
= ((Unit
*) userdata
)->manager
;
5513 r
= parse_emergency_action(rvalue
, MANAGER_IS_SYSTEM(m
), x
);
5515 if (r
== -EOPNOTSUPP
&& MANAGER_IS_USER(m
)) {
5516 /* Compat mode: remove for systemd 241. */
5518 log_syntax(unit
, LOG_INFO
, filename
, line
, r
,
5519 "%s= in user mode specified as \"%s\", using \"exit-force\" instead.",
5521 *x
= EMERGENCY_ACTION_EXIT_FORCE
;
5525 if (r
== -EOPNOTSUPP
)
5526 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
5527 "%s= specified as %s mode action, ignoring: %s",
5528 lvalue
, MANAGER_IS_SYSTEM(m
) ? "user" : "system", rvalue
);
5530 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
5531 "Failed to parse %s=, ignoring: %s", lvalue
, rvalue
);
5538 int config_parse_pid_file(
5540 const char *filename
,
5542 const char *section
,
5543 unsigned section_line
,
5550 _cleanup_free_
char *k
= NULL
, *n
= NULL
;
5551 const Unit
*u
= userdata
;
5560 if (isempty(rvalue
)) {
5561 /* An empty assignment removes already set value. */
5566 r
= unit_path_printf(u
, rvalue
, &k
);
5568 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
5572 /* If this is a relative path make it absolute by prefixing the /run */
5573 n
= path_make_absolute(k
, u
->manager
->prefix
[EXEC_DIRECTORY_RUNTIME
]);
5577 /* Check that the result is a sensible path */
5578 r
= path_simplify_and_warn(n
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
5582 r
= patch_var_run(unit
, filename
, line
, lvalue
, &n
);
5586 free_and_replace(*s
, n
);
5590 int config_parse_exit_status(
5592 const char *filename
,
5594 const char *section
,
5595 unsigned section_line
,
5602 int *exit_status
= data
, r
;
5608 assert(exit_status
);
5610 if (isempty(rvalue
)) {
5615 r
= safe_atou8(rvalue
, &u
);
5617 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse exit status '%s', ignoring: %m", rvalue
);
5625 int config_parse_disable_controllers(
5627 const char *filename
,
5629 const char *section
,
5630 unsigned section_line
,
5638 CGroupContext
*c
= data
;
5639 CGroupMask disabled_mask
;
5641 /* 1. If empty, make all controllers eligible for use again.
5642 * 2. If non-empty, merge all listed controllers, space separated. */
5644 if (isempty(rvalue
)) {
5645 c
->disable_controllers
= 0;
5649 r
= cg_mask_from_string(rvalue
, &disabled_mask
);
5650 if (r
< 0 || disabled_mask
<= 0) {
5651 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid cgroup string: %s, ignoring", rvalue
);
5655 c
->disable_controllers
|= disabled_mask
;
5660 int config_parse_ip_filter_bpf_progs(
5662 const char *filename
,
5664 const char *section
,
5665 unsigned section_line
,
5672 _cleanup_free_
char *resolved
= NULL
;
5673 const Unit
*u
= userdata
;
5674 char ***paths
= data
;
5682 if (isempty(rvalue
)) {
5683 *paths
= strv_free(*paths
);
5687 r
= unit_path_printf(u
, rvalue
, &resolved
);
5689 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
5693 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
5697 if (strv_contains(*paths
, resolved
))
5700 r
= strv_extend(paths
, resolved
);
5704 r
= bpf_firewall_supported();
5707 if (r
!= BPF_FIREWALL_SUPPORTED_WITH_MULTI
) {
5708 static bool warned
= false;
5710 log_full(warned
? LOG_DEBUG
: LOG_WARNING
,
5711 "File %s:%u configures an IP firewall with BPF programs (%s=%s), but the local system does not support BPF/cgroup based firewalling with multiple filters.\n"
5712 "Starting this unit will fail! (This warning is only shown for the first loaded unit using IP firewalling.)", filename
, line
, lvalue
, rvalue
);
5720 int config_parse_bpf_foreign_program(
5722 const char *filename
,
5724 const char *section
,
5725 unsigned section_line
,
5731 _cleanup_free_
char *resolved
= NULL
, *word
= NULL
;
5732 CGroupContext
*c
= data
;
5740 if (isempty(rvalue
)) {
5741 while (c
->bpf_foreign_programs
)
5742 cgroup_context_remove_bpf_foreign_program(c
, c
->bpf_foreign_programs
);
5747 r
= extract_first_word(&rvalue
, &word
, ":", 0);
5750 if (r
<= 0 || isempty(rvalue
)) {
5751 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse foreign BPF program, ignoring: %s", rvalue
);
5755 attach_type
= bpf_cgroup_attach_type_from_string(word
);
5756 if (attach_type
< 0) {
5757 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Unknown BPF attach type=%s, ignoring: %s", word
, rvalue
);
5761 r
= unit_path_printf(u
, rvalue
, &resolved
);
5763 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
5767 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
5771 r
= cgroup_add_bpf_foreign_program(c
, attach_type
, resolved
);
5773 return log_error_errno(r
, "Failed to add foreign BPF program to cgroup context: %m");
5778 int config_parse_cgroup_socket_bind(
5780 const char *filename
,
5782 const char *section
,
5783 unsigned section_line
,
5789 _cleanup_free_ CGroupSocketBindItem
*item
= NULL
;
5790 CGroupSocketBindItem
**head
= data
;
5791 uint16_t nr_ports
, port_min
;
5792 int af
, ip_protocol
, r
;
5794 if (isempty(rvalue
)) {
5795 cgroup_context_remove_socket_bind(head
);
5799 r
= parse_socket_bind_item(rvalue
, &af
, &ip_protocol
, &nr_ports
, &port_min
);
5803 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
5804 "Unable to parse %s= assignment, ignoring: %s", lvalue
, rvalue
);
5808 item
= new(CGroupSocketBindItem
, 1);
5811 *item
= (CGroupSocketBindItem
) {
5812 .address_family
= af
,
5813 .ip_protocol
= ip_protocol
,
5814 .nr_ports
= nr_ports
,
5815 .port_min
= port_min
,
5818 LIST_PREPEND(socket_bind_items
, *head
, TAKE_PTR(item
));
5823 int config_parse_restrict_network_interfaces(
5825 const char *filename
,
5827 const char *section
,
5828 unsigned section_line
,
5834 CGroupContext
*c
= data
;
5835 bool is_allow_rule
= true;
5843 if (isempty(rvalue
)) {
5844 /* Empty assignment resets the list */
5845 c
->restrict_network_interfaces
= set_free(c
->restrict_network_interfaces
);
5849 if (rvalue
[0] == '~') {
5850 is_allow_rule
= false;
5854 if (set_isempty(c
->restrict_network_interfaces
))
5855 /* Only initialize this when creating the set */
5856 c
->restrict_network_interfaces_is_allow_list
= is_allow_rule
;
5858 for (const char *p
= rvalue
;;) {
5859 _cleanup_free_
char *word
= NULL
;
5861 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
5867 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
5868 "Trailing garbage in %s, ignoring: %s", lvalue
, rvalue
);
5872 if (!ifname_valid(word
)) {
5873 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Invalid interface name, ignoring: %s", word
);
5877 if (c
->restrict_network_interfaces_is_allow_list
!= is_allow_rule
)
5878 free(set_remove(c
->restrict_network_interfaces
, word
));
5880 r
= set_put_strdup(&c
->restrict_network_interfaces
, word
);
5889 static int merge_by_names(Unit
**u
, Set
*names
, const char *id
) {
5896 /* Let's try to add in all names that are aliases of this unit */
5897 while ((k
= set_steal_first(names
))) {
5898 _cleanup_free_ _unused_
char *free_k
= k
;
5900 /* First try to merge in the other name into our unit */
5901 r
= unit_merge_by_name(*u
, k
);
5905 /* Hmm, we couldn't merge the other unit into ours? Then let's try it the other way
5908 other
= manager_get_unit((*u
)->manager
, k
);
5910 return r
; /* return previous failure */
5912 r
= unit_merge(other
, *u
);
5917 return merge_by_names(u
, names
, NULL
);
5920 if (streq_ptr(id
, k
))
5921 unit_choose_id(*u
, id
);
5927 int unit_load_fragment(Unit
*u
) {
5928 const char *fragment
;
5929 _cleanup_set_free_free_ Set
*names
= NULL
;
5933 assert(u
->load_state
== UNIT_STUB
);
5937 u
->load_state
= UNIT_LOADED
;
5941 /* Possibly rebuild the fragment map to catch new units */
5942 r
= unit_file_build_name_map(&u
->manager
->lookup_paths
,
5943 &u
->manager
->unit_cache_timestamp_hash
,
5944 &u
->manager
->unit_id_map
,
5945 &u
->manager
->unit_name_map
,
5946 &u
->manager
->unit_path_cache
);
5948 return log_error_errno(r
, "Failed to rebuild name map: %m");
5950 r
= unit_file_find_fragment(u
->manager
->unit_id_map
,
5951 u
->manager
->unit_name_map
,
5955 if (r
< 0 && r
!= -ENOENT
)
5959 /* Open the file, check if this is a mask, otherwise read. */
5960 _cleanup_fclose_
FILE *f
= NULL
;
5963 /* Try to open the file name. A symlink is OK, for example for linked files or masks. We
5964 * expect that all symlinks within the lookup paths have been already resolved, but we don't
5965 * verify this here. */
5966 f
= fopen(fragment
, "re");
5968 return log_unit_notice_errno(u
, errno
, "Failed to open %s: %m", fragment
);
5970 if (fstat(fileno(f
), &st
) < 0)
5973 r
= free_and_strdup(&u
->fragment_path
, fragment
);
5977 if (null_or_empty(&st
)) {
5978 /* Unit file is masked */
5980 u
->load_state
= u
->perpetual
? UNIT_LOADED
: UNIT_MASKED
; /* don't allow perpetual units to ever be masked */
5981 u
->fragment_mtime
= 0;
5983 u
->load_state
= UNIT_LOADED
;
5984 u
->fragment_mtime
= timespec_load(&st
.st_mtim
);
5986 /* Now, parse the file contents */
5987 r
= config_parse(u
->id
, fragment
, f
,
5988 UNIT_VTABLE(u
)->sections
,
5989 config_item_perf_lookup
, load_fragment_gperf_lookup
,
5994 log_unit_notice_errno(u
, r
, "Unit configuration has fatal error, unit will not be started.");
6000 /* Call merge_by_names with the name derived from the fragment path as the preferred name.
6002 * We do the merge dance here because for some unit types, the unit might have aliases which are not
6003 * declared in the file system. In particular, this is true (and frequent) for device and swap units.
6005 const char *id
= u
->id
;
6006 _cleanup_free_
char *free_id
= NULL
;
6009 id
= basename(fragment
);
6010 if (unit_name_is_valid(id
, UNIT_NAME_TEMPLATE
)) {
6011 assert(u
->instance
); /* If we're not trying to use a template for non-instanced unit,
6012 * this must be set. */
6014 r
= unit_name_replace_instance(id
, u
->instance
, &free_id
);
6016 return log_debug_errno(r
, "Failed to build id (%s + %s): %m", id
, u
->instance
);
6022 r
= merge_by_names(&merged
, names
, id
);
6027 u
->load_state
= UNIT_MERGED
;
6032 void unit_dump_config_items(FILE *f
) {
6033 static const struct {
6034 const ConfigParserCallback callback
;
6037 { config_parse_warn_compat
, "NOTSUPPORTED" },
6038 { config_parse_int
, "INTEGER" },
6039 { config_parse_unsigned
, "UNSIGNED" },
6040 { config_parse_iec_size
, "SIZE" },
6041 { config_parse_iec_uint64
, "SIZE" },
6042 { config_parse_si_uint64
, "SIZE" },
6043 { config_parse_bool
, "BOOLEAN" },
6044 { config_parse_string
, "STRING" },
6045 { config_parse_path
, "PATH" },
6046 { config_parse_unit_path_printf
, "PATH" },
6047 { config_parse_colon_separated_paths
, "PATH" },
6048 { config_parse_strv
, "STRING [...]" },
6049 { config_parse_exec_nice
, "NICE" },
6050 { config_parse_exec_oom_score_adjust
, "OOMSCOREADJUST" },
6051 { config_parse_exec_io_class
, "IOCLASS" },
6052 { config_parse_exec_io_priority
, "IOPRIORITY" },
6053 { config_parse_exec_cpu_sched_policy
, "CPUSCHEDPOLICY" },
6054 { config_parse_exec_cpu_sched_prio
, "CPUSCHEDPRIO" },
6055 { config_parse_exec_cpu_affinity
, "CPUAFFINITY" },
6056 { config_parse_mode
, "MODE" },
6057 { config_parse_unit_env_file
, "FILE" },
6058 { config_parse_exec_output
, "OUTPUT" },
6059 { config_parse_exec_input
, "INPUT" },
6060 { config_parse_log_facility
, "FACILITY" },
6061 { config_parse_log_level
, "LEVEL" },
6062 { config_parse_exec_secure_bits
, "SECUREBITS" },
6063 { config_parse_capability_set
, "BOUNDINGSET" },
6064 { config_parse_rlimit
, "LIMIT" },
6065 { config_parse_unit_deps
, "UNIT [...]" },
6066 { config_parse_exec
, "PATH [ARGUMENT [...]]" },
6067 { config_parse_service_type
, "SERVICETYPE" },
6068 { config_parse_service_restart
, "SERVICERESTART" },
6069 { config_parse_service_timeout_failure_mode
, "TIMEOUTMODE" },
6070 { config_parse_kill_mode
, "KILLMODE" },
6071 { config_parse_signal
, "SIGNAL" },
6072 { config_parse_socket_listen
, "SOCKET [...]" },
6073 { config_parse_socket_bind
, "SOCKETBIND" },
6074 { config_parse_socket_bindtodevice
, "NETWORKINTERFACE" },
6075 { config_parse_sec
, "SECONDS" },
6076 { config_parse_nsec
, "NANOSECONDS" },
6077 { config_parse_namespace_path_strv
, "PATH [...]" },
6078 { config_parse_bind_paths
, "PATH[:PATH[:OPTIONS]] [...]" },
6079 { config_parse_unit_requires_mounts_for
, "PATH [...]" },
6080 { config_parse_exec_mount_flags
, "MOUNTFLAG [...]" },
6081 { config_parse_unit_string_printf
, "STRING" },
6082 { config_parse_trigger_unit
, "UNIT" },
6083 { config_parse_timer
, "TIMER" },
6084 { config_parse_path_spec
, "PATH" },
6085 { config_parse_notify_access
, "ACCESS" },
6086 { config_parse_ip_tos
, "TOS" },
6087 { config_parse_unit_condition_path
, "CONDITION" },
6088 { config_parse_unit_condition_string
, "CONDITION" },
6089 { config_parse_unit_slice
, "SLICE" },
6090 { config_parse_documentation
, "URL" },
6091 { config_parse_service_timeout
, "SECONDS" },
6092 { config_parse_emergency_action
, "ACTION" },
6093 { config_parse_set_status
, "STATUS" },
6094 { config_parse_service_sockets
, "SOCKETS" },
6095 { config_parse_environ
, "ENVIRON" },
6097 { config_parse_syscall_filter
, "SYSCALLS" },
6098 { config_parse_syscall_archs
, "ARCHS" },
6099 { config_parse_syscall_errno
, "ERRNO" },
6100 { config_parse_syscall_log
, "SYSCALLS" },
6101 { config_parse_address_families
, "FAMILIES" },
6102 { config_parse_restrict_namespaces
, "NAMESPACES" },
6104 { config_parse_restrict_filesystems
, "FILESYSTEMS" },
6105 { config_parse_cpu_shares
, "SHARES" },
6106 { config_parse_cg_weight
, "WEIGHT" },
6107 { config_parse_memory_limit
, "LIMIT" },
6108 { config_parse_device_allow
, "DEVICE" },
6109 { config_parse_device_policy
, "POLICY" },
6110 { config_parse_io_limit
, "LIMIT" },
6111 { config_parse_io_device_weight
, "DEVICEWEIGHT" },
6112 { config_parse_io_device_latency
, "DEVICELATENCY" },
6113 { config_parse_blockio_bandwidth
, "BANDWIDTH" },
6114 { config_parse_blockio_weight
, "WEIGHT" },
6115 { config_parse_blockio_device_weight
, "DEVICEWEIGHT" },
6116 { config_parse_long
, "LONG" },
6117 { config_parse_socket_service
, "SERVICE" },
6119 { config_parse_exec_selinux_context
, "LABEL" },
6121 { config_parse_job_mode
, "MODE" },
6122 { config_parse_job_mode_isolate
, "BOOLEAN" },
6123 { config_parse_personality
, "PERSONALITY" },
6126 const char *prev
= NULL
;
6131 NULSTR_FOREACH(i
, load_fragment_gperf_nulstr
) {
6132 const char *rvalue
= "OTHER", *lvalue
;
6133 const ConfigPerfItem
*p
;
6136 assert_se(p
= load_fragment_gperf_lookup(i
, strlen(i
)));
6138 /* Hide legacy settings */
6139 if (p
->parse
== config_parse_warn_compat
&&
6140 p
->ltype
== DISABLED_LEGACY
)
6143 for (size_t j
= 0; j
< ELEMENTSOF(table
); j
++)
6144 if (p
->parse
== table
[j
].callback
) {
6145 rvalue
= table
[j
].rvalue
;
6149 dot
= strchr(i
, '.');
6150 lvalue
= dot
? dot
+ 1 : i
;
6153 size_t prefix_len
= dot
- i
;
6155 if (!prev
|| !strneq(prev
, i
, prefix_len
+1)) {
6159 fprintf(f
, "[%.*s]\n", (int) prefix_len
, i
);
6163 fprintf(f
, "%s=%s\n", lvalue
, rvalue
);
6168 int config_parse_cpu_affinity2(
6170 const char *filename
,
6172 const char *section
,
6173 unsigned section_line
,
6180 CPUSet
*affinity
= data
;
6184 (void) parse_cpu_set_extend(rvalue
, affinity
, true, unit
, filename
, line
, lvalue
);
6189 int config_parse_show_status(
6191 const char *filename
,
6193 const char *section
,
6194 unsigned section_line
,
6202 ShowStatus
*b
= data
;
6209 k
= parse_show_status(rvalue
, b
);
6211 log_syntax(unit
, LOG_WARNING
, filename
, line
, k
, "Failed to parse show status setting, ignoring: %s", rvalue
);
6216 int config_parse_output_restricted(
6218 const char *filename
,
6220 const char *section
,
6221 unsigned section_line
,
6228 ExecOutput t
, *eo
= data
;
6229 bool obsolete
= false;
6236 if (streq(rvalue
, "syslog")) {
6237 t
= EXEC_OUTPUT_JOURNAL
;
6239 } else if (streq(rvalue
, "syslog+console")) {
6240 t
= EXEC_OUTPUT_JOURNAL_AND_CONSOLE
;
6243 t
= exec_output_from_string(rvalue
);
6245 log_syntax(unit
, LOG_WARNING
, filename
, line
, t
, "Failed to parse output type, ignoring: %s", rvalue
);
6249 if (IN_SET(t
, EXEC_OUTPUT_SOCKET
, EXEC_OUTPUT_NAMED_FD
, EXEC_OUTPUT_FILE
, EXEC_OUTPUT_FILE_APPEND
, EXEC_OUTPUT_FILE_TRUNCATE
)) {
6250 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Standard output types socket, fd:, file:, append:, truncate: are not supported as defaults, ignoring: %s", rvalue
);
6256 log_syntax(unit
, LOG_NOTICE
, filename
, line
, 0,
6257 "Standard output type %s is obsolete, automatically updating to %s. Please update your configuration.",
6258 rvalue
, exec_output_to_string(t
));
6264 int config_parse_crash_chvt(
6266 const char *filename
,
6268 const char *section
,
6269 unsigned section_line
,
6283 r
= parse_crash_chvt(rvalue
, data
);
6285 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse CrashChangeVT= setting, ignoring: %s", rvalue
);
6290 int config_parse_swap_priority(
6292 const char *filename
,
6294 const char *section
,
6295 unsigned section_line
,
6311 if (isempty(rvalue
)) {
6312 s
->parameters_fragment
.priority
= -1;
6313 s
->parameters_fragment
.priority_set
= false;
6317 r
= safe_atoi(rvalue
, &priority
);
6319 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid swap priority '%s', ignoring.", rvalue
);
6323 if (priority
< -1) {
6324 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Sorry, swap priorities smaller than -1 may only be assigned by the kernel itself, ignoring: %s", rvalue
);
6328 if (priority
> 32767) {
6329 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "Swap priority out of range, ignoring: %s", rvalue
);
6333 s
->parameters_fragment
.priority
= priority
;
6334 s
->parameters_fragment
.priority_set
= true;
6338 int config_parse_watchdog_sec(
6340 const char *filename
,
6342 const char *section
,
6343 unsigned section_line
,
6350 usec_t
*usec
= data
;
6356 /* This is called for {Runtime,Reboot,KExec}WatchdogSec= where "default" maps to
6357 * USEC_INFINITY internally. */
6359 if (streq(rvalue
, "default"))
6360 *usec
= USEC_INFINITY
;
6361 else if (streq(rvalue
, "off"))
6364 return config_parse_sec(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, rvalue
, data
, userdata
);