]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/load-fragment.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #18018 from bluca/mount_images_overlay
[thirdparty/systemd.git] / src / core / load-fragment.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2 /***
3 Copyright © 2012 Holger Hans Peter Freyther
4 ***/
5
6 #include <errno.h>
7 #include <fcntl.h>
8 #include <linux/fs.h>
9 #include <linux/oom.h>
10 #if HAVE_SECCOMP
11 #include <seccomp.h>
12 #endif
13 #include <sched.h>
14 #include <sys/resource.h>
15
16 #include "sd-messages.h"
17
18 #include "af-list.h"
19 #include "alloc-util.h"
20 #include "all-units.h"
21 #include "bpf-firewall.h"
22 #include "bus-error.h"
23 #include "bus-internal.h"
24 #include "bus-util.h"
25 #include "cap-list.h"
26 #include "capability-util.h"
27 #include "cgroup-setup.h"
28 #include "conf-parser.h"
29 #include "core-varlink.h"
30 #include "cpu-set-util.h"
31 #include "env-util.h"
32 #include "errno-list.h"
33 #include "escape.h"
34 #include "fd-util.h"
35 #include "fileio.h"
36 #include "fs-util.h"
37 #include "hexdecoct.h"
38 #include "io-util.h"
39 #include "ioprio.h"
40 #include "ip-protocol-list.h"
41 #include "journal-file.h"
42 #include "limits-util.h"
43 #include "load-fragment.h"
44 #include "log.h"
45 #include "mountpoint-util.h"
46 #include "nulstr-util.h"
47 #include "parse-util.h"
48 #include "path-util.h"
49 #include "percent-util.h"
50 #include "process-util.h"
51 #if HAVE_SECCOMP
52 #include "seccomp-util.h"
53 #endif
54 #include "securebits-util.h"
55 #include "signal-util.h"
56 #include "socket-netlink.h"
57 #include "stat-util.h"
58 #include "string-util.h"
59 #include "strv.h"
60 #include "syslog-util.h"
61 #include "time-util.h"
62 #include "unit-name.h"
63 #include "unit-printf.h"
64 #include "user-util.h"
65 #include "utf8.h"
66 #include "web-util.h"
67
68 static int parse_socket_protocol(const char *s) {
69 int r;
70
71 r = parse_ip_protocol(s);
72 if (r < 0)
73 return r;
74 if (!IN_SET(r, IPPROTO_UDPLITE, IPPROTO_SCTP))
75 return -EPROTONOSUPPORT;
76
77 return r;
78 }
79
80 int parse_crash_chvt(const char *value, int *data) {
81 int b;
82
83 if (safe_atoi(value, data) >= 0)
84 return 0;
85
86 b = parse_boolean(value);
87 if (b < 0)
88 return b;
89
90 if (b > 0)
91 *data = 0; /* switch to where kmsg goes */
92 else
93 *data = -1; /* turn off switching */
94
95 return 0;
96 }
97
98 int parse_confirm_spawn(const char *value, char **console) {
99 char *s;
100 int r;
101
102 r = value ? parse_boolean(value) : 1;
103 if (r == 0) {
104 *console = NULL;
105 return 0;
106 } else if (r > 0) /* on with default tty */
107 s = strdup("/dev/console");
108 else if (is_path(value)) /* on with fully qualified path */
109 s = strdup(value);
110 else /* on with only a tty file name, not a fully qualified path */
111 s = path_join("/dev/", value);
112 if (!s)
113 return -ENOMEM;
114
115 *console = s;
116 return 0;
117 }
118
119 DEFINE_CONFIG_PARSE(config_parse_socket_protocol, parse_socket_protocol, "Failed to parse socket protocol");
120 DEFINE_CONFIG_PARSE(config_parse_exec_secure_bits, secure_bits_from_string, "Failed to parse secure bits");
121 DEFINE_CONFIG_PARSE_ENUM(config_parse_collect_mode, collect_mode, CollectMode, "Failed to parse garbage collection mode");
122 DEFINE_CONFIG_PARSE_ENUM(config_parse_device_policy, cgroup_device_policy, CGroupDevicePolicy, "Failed to parse device policy");
123 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_keyring_mode, exec_keyring_mode, ExecKeyringMode, "Failed to parse keyring mode");
124 DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_proc, protect_proc, ProtectProc, "Failed to parse /proc/ protection mode");
125 DEFINE_CONFIG_PARSE_ENUM(config_parse_proc_subset, proc_subset, ProcSubset, "Failed to parse /proc/ subset mode");
126 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_utmp_mode, exec_utmp_mode, ExecUtmpMode, "Failed to parse utmp mode");
127 DEFINE_CONFIG_PARSE_ENUM(config_parse_job_mode, job_mode, JobMode, "Failed to parse job mode");
128 DEFINE_CONFIG_PARSE_ENUM(config_parse_notify_access, notify_access, NotifyAccess, "Failed to parse notify access specifier");
129 DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_home, protect_home, ProtectHome, "Failed to parse protect home value");
130 DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_system, protect_system, ProtectSystem, "Failed to parse protect system value");
131 DEFINE_CONFIG_PARSE_ENUM(config_parse_runtime_preserve_mode, exec_preserve_mode, ExecPreserveMode, "Failed to parse runtime directory preserve mode");
132 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_type, service_type, ServiceType, "Failed to parse service type");
133 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_restart, service_restart, ServiceRestart, "Failed to parse service restart specifier");
134 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_timeout_failure_mode, service_timeout_failure_mode, ServiceTimeoutFailureMode, "Failed to parse timeout failure mode");
135 DEFINE_CONFIG_PARSE_ENUM(config_parse_socket_bind, socket_address_bind_ipv6_only_or_bool, SocketAddressBindIPv6Only, "Failed to parse bind IPv6 only value");
136 DEFINE_CONFIG_PARSE_ENUM(config_parse_oom_policy, oom_policy, OOMPolicy, "Failed to parse OOM policy");
137 DEFINE_CONFIG_PARSE_ENUM(config_parse_managed_oom_preference, managed_oom_preference, ManagedOOMPreference, "Failed to parse ManagedOOMPreference=");
138 DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_ip_tos, ip_tos, int, -1, "Failed to parse IP TOS value");
139 DEFINE_CONFIG_PARSE_PTR(config_parse_blockio_weight, cg_blkio_weight_parse, uint64_t, "Invalid block IO weight");
140 DEFINE_CONFIG_PARSE_PTR(config_parse_cg_weight, cg_weight_parse, uint64_t, "Invalid weight");
141 DEFINE_CONFIG_PARSE_PTR(config_parse_cpu_shares, cg_cpu_shares_parse, uint64_t, "Invalid CPU shares");
142 DEFINE_CONFIG_PARSE_PTR(config_parse_exec_mount_flags, mount_propagation_flags_from_string, unsigned long, "Failed to parse mount flag");
143 DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_numa_policy, mpol, int, -1, "Invalid NUMA policy type");
144 DEFINE_CONFIG_PARSE_ENUM(config_parse_status_unit_format, status_unit_format, StatusUnitFormat, "Failed to parse status unit format");
145 DEFINE_CONFIG_PARSE_ENUM_FULL(config_parse_socket_timestamping, socket_timestamping_from_string_harder, SocketTimestamping, "Failed to parse timestamping precision");
146
147 int config_parse_unit_deps(
148 const char *unit,
149 const char *filename,
150 unsigned line,
151 const char *section,
152 unsigned section_line,
153 const char *lvalue,
154 int ltype,
155 const char *rvalue,
156 void *data,
157 void *userdata) {
158
159 UnitDependency d = ltype;
160 Unit *u = userdata;
161
162 assert(filename);
163 assert(lvalue);
164 assert(rvalue);
165
166 for (const char *p = rvalue;;) {
167 _cleanup_free_ char *word = NULL, *k = NULL;
168 int r;
169
170 r = extract_first_word(&p, &word, NULL, EXTRACT_RETAIN_ESCAPE);
171 if (r == 0)
172 return 0;
173 if (r == -ENOMEM)
174 return log_oom();
175 if (r < 0) {
176 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
177 return 0;
178 }
179
180 r = unit_name_printf(u, word, &k);
181 if (r < 0) {
182 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
183 continue;
184 }
185
186 r = unit_add_dependency_by_name(u, d, k, true, UNIT_DEPENDENCY_FILE);
187 if (r < 0)
188 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
189 }
190 }
191
192 int config_parse_obsolete_unit_deps(
193 const char *unit,
194 const char *filename,
195 unsigned line,
196 const char *section,
197 unsigned section_line,
198 const char *lvalue,
199 int ltype,
200 const char *rvalue,
201 void *data,
202 void *userdata) {
203
204 log_syntax(unit, LOG_WARNING, filename, line, 0,
205 "Unit dependency type %s= is obsolete, replacing by %s=, please update your unit file", lvalue, unit_dependency_to_string(ltype));
206
207 return config_parse_unit_deps(unit, filename, line, section, section_line, lvalue, ltype, rvalue, data, userdata);
208 }
209
210 int config_parse_unit_string_printf(
211 const char *unit,
212 const char *filename,
213 unsigned line,
214 const char *section,
215 unsigned section_line,
216 const char *lvalue,
217 int ltype,
218 const char *rvalue,
219 void *data,
220 void *userdata) {
221
222 _cleanup_free_ char *k = NULL;
223 const Unit *u = userdata;
224 int r;
225
226 assert(filename);
227 assert(lvalue);
228 assert(rvalue);
229 assert(u);
230
231 r = unit_full_printf(u, rvalue, &k);
232 if (r < 0) {
233 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
234 return 0;
235 }
236
237 return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
238 }
239
240 int config_parse_unit_strv_printf(
241 const char *unit,
242 const char *filename,
243 unsigned line,
244 const char *section,
245 unsigned section_line,
246 const char *lvalue,
247 int ltype,
248 const char *rvalue,
249 void *data,
250 void *userdata) {
251
252 const Unit *u = userdata;
253 _cleanup_free_ char *k = NULL;
254 int r;
255
256 assert(filename);
257 assert(lvalue);
258 assert(rvalue);
259 assert(u);
260
261 r = unit_full_printf(u, rvalue, &k);
262 if (r < 0) {
263 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
264 return 0;
265 }
266
267 return config_parse_strv(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
268 }
269
270 int config_parse_unit_path_printf(
271 const char *unit,
272 const char *filename,
273 unsigned line,
274 const char *section,
275 unsigned section_line,
276 const char *lvalue,
277 int ltype,
278 const char *rvalue,
279 void *data,
280 void *userdata) {
281
282 _cleanup_free_ char *k = NULL;
283 const Unit *u = userdata;
284 int r;
285 bool fatal = ltype;
286
287 assert(filename);
288 assert(lvalue);
289 assert(rvalue);
290 assert(u);
291
292 /* Let's not bother with anything that is too long */
293 if (strlen(rvalue) >= PATH_MAX) {
294 log_syntax(unit, fatal ? LOG_ERR : LOG_WARNING, filename, line, 0,
295 "%s value too long%s.",
296 lvalue, fatal ? "" : ", ignoring");
297 return fatal ? -ENAMETOOLONG : 0;
298 }
299
300 r = unit_full_printf(u, rvalue, &k);
301 if (r < 0) {
302 log_syntax(unit, fatal ? LOG_ERR : LOG_WARNING, filename, line, r,
303 "Failed to resolve unit specifiers in '%s'%s: %m",
304 rvalue, fatal ? "" : ", ignoring");
305 return fatal ? -ENOEXEC : 0;
306 }
307
308 return config_parse_path(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
309 }
310
311 int config_parse_unit_path_strv_printf(
312 const char *unit,
313 const char *filename,
314 unsigned line,
315 const char *section,
316 unsigned section_line,
317 const char *lvalue,
318 int ltype,
319 const char *rvalue,
320 void *data,
321 void *userdata) {
322
323 char ***x = data;
324 const Unit *u = userdata;
325 int r;
326
327 assert(filename);
328 assert(lvalue);
329 assert(rvalue);
330 assert(u);
331
332 if (isempty(rvalue)) {
333 *x = strv_free(*x);
334 return 0;
335 }
336
337 for (const char *p = rvalue;;) {
338 _cleanup_free_ char *word = NULL, *k = NULL;
339
340 r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE);
341 if (r == 0)
342 return 0;
343 if (r == -ENOMEM)
344 return log_oom();
345 if (r < 0) {
346 log_syntax(unit, LOG_WARNING, filename, line, r,
347 "Invalid syntax, ignoring: %s", rvalue);
348 return 0;
349 }
350
351 r = unit_full_printf(u, word, &k);
352 if (r < 0) {
353 log_syntax(unit, LOG_WARNING, filename, line, r,
354 "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
355 return 0;
356 }
357
358 r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
359 if (r < 0)
360 return 0;
361
362 r = strv_consume(x, TAKE_PTR(k));
363 if (r < 0)
364 return log_oom();
365 }
366 }
367
368 static int patch_var_run(
369 const char *unit,
370 const char *filename,
371 unsigned line,
372 const char *lvalue,
373 char **path) {
374
375 const char *e;
376 char *z;
377
378 e = path_startswith(*path, "/var/run/");
379 if (!e)
380 return 0;
381
382 z = path_join("/run/", e);
383 if (!z)
384 return log_oom();
385
386 log_syntax(unit, LOG_NOTICE, filename, line, 0,
387 "%s= references a path below legacy directory /var/run/, updating %s → %s; "
388 "please update the unit file accordingly.", lvalue, *path, z);
389
390 free_and_replace(*path, z);
391
392 return 1;
393 }
394
395 int config_parse_socket_listen(
396 const char *unit,
397 const char *filename,
398 unsigned line,
399 const char *section,
400 unsigned section_line,
401 const char *lvalue,
402 int ltype,
403 const char *rvalue,
404 void *data,
405 void *userdata) {
406
407 _cleanup_free_ SocketPort *p = NULL;
408 SocketPort *tail;
409 Socket *s;
410 int r;
411
412 assert(filename);
413 assert(lvalue);
414 assert(rvalue);
415 assert(data);
416
417 s = SOCKET(data);
418
419 if (isempty(rvalue)) {
420 /* An empty assignment removes all ports */
421 socket_free_ports(s);
422 return 0;
423 }
424
425 p = new0(SocketPort, 1);
426 if (!p)
427 return log_oom();
428
429 if (ltype != SOCKET_SOCKET) {
430 _cleanup_free_ char *k = NULL;
431
432 r = unit_full_printf(UNIT(s), rvalue, &k);
433 if (r < 0) {
434 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
435 return 0;
436 }
437
438 r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
439 if (r < 0)
440 return 0;
441
442 if (ltype == SOCKET_FIFO) {
443 r = patch_var_run(unit, filename, line, lvalue, &k);
444 if (r < 0)
445 return r;
446 }
447
448 free_and_replace(p->path, k);
449 p->type = ltype;
450
451 } else if (streq(lvalue, "ListenNetlink")) {
452 _cleanup_free_ char *k = NULL;
453
454 r = unit_full_printf(UNIT(s), rvalue, &k);
455 if (r < 0) {
456 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
457 return 0;
458 }
459
460 r = socket_address_parse_netlink(&p->address, k);
461 if (r < 0) {
462 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k);
463 return 0;
464 }
465
466 p->type = SOCKET_SOCKET;
467
468 } else {
469 _cleanup_free_ char *k = NULL;
470
471 r = unit_full_printf(UNIT(s), rvalue, &k);
472 if (r < 0) {
473 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
474 return 0;
475 }
476
477 if (k[0] == '/') { /* Only for AF_UNIX file system sockets… */
478 r = patch_var_run(unit, filename, line, lvalue, &k);
479 if (r < 0)
480 return r;
481 }
482
483 r = socket_address_parse_and_warn(&p->address, k);
484 if (r < 0) {
485 if (r != -EAFNOSUPPORT)
486 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k);
487 return 0;
488 }
489
490 if (streq(lvalue, "ListenStream"))
491 p->address.type = SOCK_STREAM;
492 else if (streq(lvalue, "ListenDatagram"))
493 p->address.type = SOCK_DGRAM;
494 else {
495 assert(streq(lvalue, "ListenSequentialPacket"));
496 p->address.type = SOCK_SEQPACKET;
497 }
498
499 if (socket_address_family(&p->address) != AF_LOCAL && p->address.type == SOCK_SEQPACKET) {
500 log_syntax(unit, LOG_WARNING, filename, line, 0, "Address family not supported, ignoring: %s", rvalue);
501 return 0;
502 }
503
504 p->type = SOCKET_SOCKET;
505 }
506
507 p->fd = -1;
508 p->auxiliary_fds = NULL;
509 p->n_auxiliary_fds = 0;
510 p->socket = s;
511
512 LIST_FIND_TAIL(port, s->ports, tail);
513 LIST_INSERT_AFTER(port, s->ports, tail, p);
514
515 p = NULL;
516
517 return 0;
518 }
519
520 int config_parse_exec_nice(
521 const char *unit,
522 const char *filename,
523 unsigned line,
524 const char *section,
525 unsigned section_line,
526 const char *lvalue,
527 int ltype,
528 const char *rvalue,
529 void *data,
530 void *userdata) {
531
532 ExecContext *c = data;
533 int priority, r;
534
535 assert(filename);
536 assert(lvalue);
537 assert(rvalue);
538 assert(data);
539
540 if (isempty(rvalue)) {
541 c->nice_set = false;
542 return 0;
543 }
544
545 r = parse_nice(rvalue, &priority);
546 if (r < 0) {
547 if (r == -ERANGE)
548 log_syntax(unit, LOG_WARNING, filename, line, r, "Nice priority out of range, ignoring: %s", rvalue);
549 else
550 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse nice priority '%s', ignoring: %m", rvalue);
551 return 0;
552 }
553
554 c->nice = priority;
555 c->nice_set = true;
556
557 return 0;
558 }
559
560 int config_parse_exec_oom_score_adjust(
561 const char* unit,
562 const char *filename,
563 unsigned line,
564 const char *section,
565 unsigned section_line,
566 const char *lvalue,
567 int ltype,
568 const char *rvalue,
569 void *data,
570 void *userdata) {
571
572 ExecContext *c = data;
573 int oa, r;
574
575 assert(filename);
576 assert(lvalue);
577 assert(rvalue);
578 assert(data);
579
580 if (isempty(rvalue)) {
581 c->oom_score_adjust_set = false;
582 return 0;
583 }
584
585 r = parse_oom_score_adjust(rvalue, &oa);
586 if (r < 0) {
587 if (r == -ERANGE)
588 log_syntax(unit, LOG_WARNING, filename, line, r, "OOM score adjust value out of range, ignoring: %s", rvalue);
589 else
590 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse the OOM score adjust value '%s', ignoring: %m", rvalue);
591 return 0;
592 }
593
594 c->oom_score_adjust = oa;
595 c->oom_score_adjust_set = true;
596
597 return 0;
598 }
599
600 int config_parse_exec_coredump_filter(
601 const char* unit,
602 const char *filename,
603 unsigned line,
604 const char *section,
605 unsigned section_line,
606 const char *lvalue,
607 int ltype,
608 const char *rvalue,
609 void *data,
610 void *userdata) {
611
612 ExecContext *c = data;
613 int r;
614
615 assert(filename);
616 assert(lvalue);
617 assert(rvalue);
618 assert(data);
619
620 if (isempty(rvalue)) {
621 c->coredump_filter = 0;
622 c->coredump_filter_set = false;
623 return 0;
624 }
625
626 uint64_t f;
627 r = coredump_filter_mask_from_string(rvalue, &f);
628 if (r < 0) {
629 log_syntax(unit, LOG_WARNING, filename, line, r,
630 "Failed to parse the CoredumpFilter=%s, ignoring: %m", rvalue);
631 return 0;
632 }
633
634 c->coredump_filter |= f;
635 c->oom_score_adjust_set = true;
636 return 0;
637 }
638
639 int config_parse_kill_mode(
640 const char* unit,
641 const char *filename,
642 unsigned line,
643 const char *section,
644 unsigned section_line,
645 const char *lvalue,
646 int ltype,
647 const char *rvalue,
648 void *data,
649 void *userdata) {
650
651 KillMode *k = data, m;
652
653 assert(filename);
654 assert(lvalue);
655 assert(rvalue);
656 assert(data);
657
658 if (isempty(rvalue)) {
659 *k = KILL_CONTROL_GROUP;
660 return 0;
661 }
662
663 m = kill_mode_from_string(rvalue);
664 if (m < 0) {
665 log_syntax(unit, LOG_WARNING, filename, line, m,
666 "Failed to parse kill mode specification, ignoring: %s", rvalue);
667 return 0;
668 }
669
670 if (m == KILL_NONE)
671 log_syntax(unit, LOG_WARNING, filename, line, 0,
672 "Unit configured to use KillMode=none. "
673 "This is unsafe, as it disables systemd's process lifecycle management for the service. "
674 "Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'. "
675 "Support for KillMode=none is deprecated and will eventually be removed.");
676
677 *k = m;
678 return 0;
679 }
680
681 int config_parse_exec(
682 const char *unit,
683 const char *filename,
684 unsigned line,
685 const char *section,
686 unsigned section_line,
687 const char *lvalue,
688 int ltype,
689 const char *rvalue,
690 void *data,
691 void *userdata) {
692
693 ExecCommand **e = data;
694 const Unit *u = userdata;
695 const char *p;
696 bool semicolon;
697 int r;
698
699 assert(filename);
700 assert(lvalue);
701 assert(rvalue);
702 assert(e);
703
704 e += ltype;
705
706 if (isempty(rvalue)) {
707 /* An empty assignment resets the list */
708 *e = exec_command_free_list(*e);
709 return 0;
710 }
711
712 p = rvalue;
713 do {
714 _cleanup_free_ char *path = NULL, *firstword = NULL;
715 ExecCommandFlags flags = 0;
716 bool ignore = false, separate_argv0 = false;
717 _cleanup_free_ ExecCommand *nce = NULL;
718 _cleanup_strv_free_ char **n = NULL;
719 size_t nlen = 0, nbufsize = 0;
720 const char *f;
721
722 semicolon = false;
723
724 r = extract_first_word_and_warn(&p, &firstword, NULL, EXTRACT_UNQUOTE|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
725 if (r <= 0)
726 return 0;
727
728 /* A lone ";" is a separator. Let's make sure we don't treat it as an executable name. */
729 if (streq(firstword, ";")) {
730 semicolon = true;
731 continue;
732 }
733
734 f = firstword;
735 for (;;) {
736 /* We accept an absolute path as first argument. If it's prefixed with - and the path doesn't
737 * exist, we ignore it instead of erroring out; if it's prefixed with @, we allow overriding of
738 * argv[0]; if it's prefixed with :, we will not do environment variable substitution;
739 * if it's prefixed with +, it will be run with full privileges and no sandboxing; if
740 * it's prefixed with '!' we apply sandboxing, but do not change user/group credentials; if
741 * it's prefixed with '!!', then we apply user/group credentials if the kernel supports ambient
742 * capabilities -- if it doesn't we don't apply the credentials themselves, but do apply most
743 * other sandboxing, with some special exceptions for changing UID.
744 *
745 * The idea is that '!!' may be used to write services that can take benefit of systemd's
746 * UID/GID dropping if the kernel supports ambient creds, but provide an automatic fallback to
747 * privilege dropping within the daemon if the kernel does not offer that. */
748
749 if (*f == '-' && !(flags & EXEC_COMMAND_IGNORE_FAILURE)) {
750 flags |= EXEC_COMMAND_IGNORE_FAILURE;
751 ignore = true;
752 } else if (*f == '@' && !separate_argv0)
753 separate_argv0 = true;
754 else if (*f == ':' && !(flags & EXEC_COMMAND_NO_ENV_EXPAND))
755 flags |= EXEC_COMMAND_NO_ENV_EXPAND;
756 else if (*f == '+' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC)))
757 flags |= EXEC_COMMAND_FULLY_PRIVILEGED;
758 else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC)))
759 flags |= EXEC_COMMAND_NO_SETUID;
760 else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_AMBIENT_MAGIC))) {
761 flags &= ~EXEC_COMMAND_NO_SETUID;
762 flags |= EXEC_COMMAND_AMBIENT_MAGIC;
763 } else
764 break;
765 f++;
766 }
767
768 r = unit_full_printf(u, f, &path);
769 if (r < 0) {
770 log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, r,
771 "Failed to resolve unit specifiers in '%s'%s: %m",
772 f, ignore ? ", ignoring" : "");
773 return ignore ? 0 : -ENOEXEC;
774 }
775
776 if (isempty(path)) {
777 /* First word is either "-" or "@" with no command. */
778 log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, 0,
779 "Empty path in command line%s: '%s'",
780 ignore ? ", ignoring" : "", rvalue);
781 return ignore ? 0 : -ENOEXEC;
782 }
783 if (!string_is_safe(path)) {
784 log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, 0,
785 "Executable name contains special characters%s: %s",
786 ignore ? ", ignoring" : "", path);
787 return ignore ? 0 : -ENOEXEC;
788 }
789 if (endswith(path, "/")) {
790 log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, 0,
791 "Executable path specifies a directory%s: %s",
792 ignore ? ", ignoring" : "", path);
793 return ignore ? 0 : -ENOEXEC;
794 }
795
796 if (!path_is_absolute(path) && !filename_is_valid(path)) {
797 log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, 0,
798 "Neither a valid executable name nor an absolute path%s: %s",
799 ignore ? ", ignoring" : "", path);
800 return ignore ? 0 : -ENOEXEC;
801 }
802
803 if (!separate_argv0) {
804 char *w = NULL;
805
806 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
807 return log_oom();
808
809 w = strdup(path);
810 if (!w)
811 return log_oom();
812 n[nlen++] = w;
813 n[nlen] = NULL;
814 }
815
816 path_simplify(path, false);
817
818 while (!isempty(p)) {
819 _cleanup_free_ char *word = NULL, *resolved = NULL;
820
821 /* Check explicitly for an unquoted semicolon as
822 * command separator token. */
823 if (p[0] == ';' && (!p[1] || strchr(WHITESPACE, p[1]))) {
824 p++;
825 p += strspn(p, WHITESPACE);
826 semicolon = true;
827 break;
828 }
829
830 /* Check for \; explicitly, to not confuse it with \\; or "\;" or "\\;" etc.
831 * extract_first_word() would return the same for all of those. */
832 if (p[0] == '\\' && p[1] == ';' && (!p[2] || strchr(WHITESPACE, p[2]))) {
833 char *w;
834
835 p += 2;
836 p += strspn(p, WHITESPACE);
837
838 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
839 return log_oom();
840
841 w = strdup(";");
842 if (!w)
843 return log_oom();
844 n[nlen++] = w;
845 n[nlen] = NULL;
846 continue;
847 }
848
849 r = extract_first_word_and_warn(&p, &word, NULL, EXTRACT_UNQUOTE|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
850 if (r == 0)
851 break;
852 if (r < 0)
853 return ignore ? 0 : -ENOEXEC;
854
855 r = unit_full_printf(u, word, &resolved);
856 if (r < 0) {
857 log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, r,
858 "Failed to resolve unit specifiers in %s%s: %m",
859 word, ignore ? ", ignoring" : "");
860 return ignore ? 0 : -ENOEXEC;
861 }
862
863 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
864 return log_oom();
865
866 n[nlen++] = TAKE_PTR(resolved);
867 n[nlen] = NULL;
868 }
869
870 if (!n || !n[0]) {
871 log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, 0,
872 "Empty executable name or zeroeth argument%s: %s",
873 ignore ? ", ignoring" : "", rvalue);
874 return ignore ? 0 : -ENOEXEC;
875 }
876
877 nce = new0(ExecCommand, 1);
878 if (!nce)
879 return log_oom();
880
881 nce->argv = TAKE_PTR(n);
882 nce->path = TAKE_PTR(path);
883 nce->flags = flags;
884
885 exec_command_append_list(e, nce);
886
887 /* Do not _cleanup_free_ these. */
888 nce = NULL;
889
890 rvalue = p;
891 } while (semicolon);
892
893 return 0;
894 }
895
896 int config_parse_socket_bindtodevice(
897 const char* unit,
898 const char *filename,
899 unsigned line,
900 const char *section,
901 unsigned section_line,
902 const char *lvalue,
903 int ltype,
904 const char *rvalue,
905 void *data,
906 void *userdata) {
907
908 Socket *s = data;
909
910 assert(filename);
911 assert(lvalue);
912 assert(rvalue);
913 assert(data);
914
915 if (isempty(rvalue) || streq(rvalue, "*")) {
916 s->bind_to_device = mfree(s->bind_to_device);
917 return 0;
918 }
919
920 if (!ifname_valid(rvalue)) {
921 log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid interface name, ignoring: %s", rvalue);
922 return 0;
923 }
924
925 return free_and_strdup_warn(&s->bind_to_device, rvalue);
926 }
927
928 int config_parse_exec_input(
929 const char *unit,
930 const char *filename,
931 unsigned line,
932 const char *section,
933 unsigned section_line,
934 const char *lvalue,
935 int ltype,
936 const char *rvalue,
937 void *data,
938 void *userdata) {
939
940 ExecContext *c = data;
941 const Unit *u = userdata;
942 const char *n;
943 ExecInput ei;
944 int r;
945
946 assert(data);
947 assert(filename);
948 assert(line);
949 assert(rvalue);
950
951 n = startswith(rvalue, "fd:");
952 if (n) {
953 _cleanup_free_ char *resolved = NULL;
954
955 r = unit_full_printf(u, n, &resolved);
956 if (r < 0) {
957 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", n);
958 return 0;
959 }
960
961 if (isempty(resolved))
962 resolved = mfree(resolved);
963 else if (!fdname_is_valid(resolved)) {
964 log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid file descriptor name, ignoring: %s", resolved);
965 return 0;
966 }
967
968 free_and_replace(c->stdio_fdname[STDIN_FILENO], resolved);
969
970 ei = EXEC_INPUT_NAMED_FD;
971
972 } else if ((n = startswith(rvalue, "file:"))) {
973 _cleanup_free_ char *resolved = NULL;
974
975 r = unit_full_printf(u, n, &resolved);
976 if (r < 0) {
977 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", n);
978 return 0;
979 }
980
981 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE | PATH_CHECK_FATAL, unit, filename, line, lvalue);
982 if (r < 0)
983 return 0;
984
985 free_and_replace(c->stdio_file[STDIN_FILENO], resolved);
986
987 ei = EXEC_INPUT_FILE;
988
989 } else {
990 ei = exec_input_from_string(rvalue);
991 if (ei < 0) {
992 log_syntax(unit, LOG_WARNING, filename, line, ei, "Failed to parse input specifier, ignoring: %s", rvalue);
993 return 0;
994 }
995 }
996
997 c->std_input = ei;
998 return 0;
999 }
1000
1001 int config_parse_exec_input_text(
1002 const char *unit,
1003 const char *filename,
1004 unsigned line,
1005 const char *section,
1006 unsigned section_line,
1007 const char *lvalue,
1008 int ltype,
1009 const char *rvalue,
1010 void *data,
1011 void *userdata) {
1012
1013 _cleanup_free_ char *unescaped = NULL, *resolved = NULL;
1014 ExecContext *c = data;
1015 const Unit *u = userdata;
1016 size_t sz;
1017 void *p;
1018 int r;
1019
1020 assert(data);
1021 assert(filename);
1022 assert(line);
1023 assert(rvalue);
1024
1025 if (isempty(rvalue)) {
1026 /* Reset if the empty string is assigned */
1027 c->stdin_data = mfree(c->stdin_data);
1028 c->stdin_data_size = 0;
1029 return 0;
1030 }
1031
1032 r = cunescape(rvalue, 0, &unescaped);
1033 if (r < 0) {
1034 log_syntax(unit, LOG_WARNING, filename, line, r,
1035 "Failed to decode C escaped text '%s', ignoring: %m", rvalue);
1036 return 0;
1037 }
1038
1039 r = unit_full_printf(u, unescaped, &resolved);
1040 if (r < 0) {
1041 log_syntax(unit, LOG_WARNING, filename, line, r,
1042 "Failed to resolve unit specifiers in '%s', ignoring: %m", unescaped);
1043 return 0;
1044 }
1045
1046 sz = strlen(resolved);
1047 if (c->stdin_data_size + sz + 1 < c->stdin_data_size || /* check for overflow */
1048 c->stdin_data_size + sz + 1 > EXEC_STDIN_DATA_MAX) {
1049 log_syntax(unit, LOG_WARNING, filename, line, 0,
1050 "Standard input data too large (%zu), maximum of %zu permitted, ignoring.",
1051 c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX);
1052 return 0;
1053 }
1054
1055 p = realloc(c->stdin_data, c->stdin_data_size + sz + 1);
1056 if (!p)
1057 return log_oom();
1058
1059 *((char*) mempcpy((char*) p + c->stdin_data_size, resolved, sz)) = '\n';
1060
1061 c->stdin_data = p;
1062 c->stdin_data_size += sz + 1;
1063
1064 return 0;
1065 }
1066
1067 int config_parse_exec_input_data(
1068 const char *unit,
1069 const char *filename,
1070 unsigned line,
1071 const char *section,
1072 unsigned section_line,
1073 const char *lvalue,
1074 int ltype,
1075 const char *rvalue,
1076 void *data,
1077 void *userdata) {
1078
1079 _cleanup_free_ void *p = NULL;
1080 ExecContext *c = data;
1081 size_t sz;
1082 void *q;
1083 int r;
1084
1085 assert(data);
1086 assert(filename);
1087 assert(line);
1088 assert(rvalue);
1089
1090 if (isempty(rvalue)) {
1091 /* Reset if the empty string is assigned */
1092 c->stdin_data = mfree(c->stdin_data);
1093 c->stdin_data_size = 0;
1094 return 0;
1095 }
1096
1097 r = unbase64mem(rvalue, (size_t) -1, &p, &sz);
1098 if (r < 0) {
1099 log_syntax(unit, LOG_WARNING, filename, line, r,
1100 "Failed to decode base64 data, ignoring: %s", rvalue);
1101 return 0;
1102 }
1103
1104 assert(sz > 0);
1105
1106 if (c->stdin_data_size + sz < c->stdin_data_size || /* check for overflow */
1107 c->stdin_data_size + sz > EXEC_STDIN_DATA_MAX) {
1108 log_syntax(unit, LOG_WARNING, filename, line, 0,
1109 "Standard input data too large (%zu), maximum of %zu permitted, ignoring.",
1110 c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX);
1111 return 0;
1112 }
1113
1114 q = realloc(c->stdin_data, c->stdin_data_size + sz);
1115 if (!q)
1116 return log_oom();
1117
1118 memcpy((uint8_t*) q + c->stdin_data_size, p, sz);
1119
1120 c->stdin_data = q;
1121 c->stdin_data_size += sz;
1122
1123 return 0;
1124 }
1125
1126 int config_parse_exec_output(
1127 const char *unit,
1128 const char *filename,
1129 unsigned line,
1130 const char *section,
1131 unsigned section_line,
1132 const char *lvalue,
1133 int ltype,
1134 const char *rvalue,
1135 void *data,
1136 void *userdata) {
1137
1138 _cleanup_free_ char *resolved = NULL;
1139 const char *n;
1140 ExecContext *c = data;
1141 const Unit *u = userdata;
1142 bool obsolete = false;
1143 ExecOutput eo;
1144 int r;
1145
1146 assert(data);
1147 assert(filename);
1148 assert(line);
1149 assert(lvalue);
1150 assert(rvalue);
1151
1152 n = startswith(rvalue, "fd:");
1153 if (n) {
1154 r = unit_full_printf(u, n, &resolved);
1155 if (r < 0) {
1156 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n);
1157 return 0;
1158 }
1159
1160 if (isempty(resolved))
1161 resolved = mfree(resolved);
1162 else if (!fdname_is_valid(resolved)) {
1163 log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid file descriptor name, ignoring: %s", resolved);
1164 return 0;
1165 }
1166
1167 eo = EXEC_OUTPUT_NAMED_FD;
1168
1169 } else if (streq(rvalue, "syslog")) {
1170 eo = EXEC_OUTPUT_JOURNAL;
1171 obsolete = true;
1172
1173 } else if (streq(rvalue, "syslog+console")) {
1174 eo = EXEC_OUTPUT_JOURNAL_AND_CONSOLE;
1175 obsolete = true;
1176
1177 } else if ((n = startswith(rvalue, "file:"))) {
1178
1179 r = unit_full_printf(u, n, &resolved);
1180 if (r < 0) {
1181 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", n);
1182 return 0;
1183 }
1184
1185 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE | PATH_CHECK_FATAL, unit, filename, line, lvalue);
1186 if (r < 0)
1187 return 0;
1188
1189 eo = EXEC_OUTPUT_FILE;
1190
1191 } else if ((n = startswith(rvalue, "append:"))) {
1192
1193 r = unit_full_printf(u, n, &resolved);
1194 if (r < 0) {
1195 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", n);
1196 return 0;
1197 }
1198
1199 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE | PATH_CHECK_FATAL, unit, filename, line, lvalue);
1200 if (r < 0)
1201 return 0;
1202
1203 eo = EXEC_OUTPUT_FILE_APPEND;
1204
1205 } else if ((n = startswith(rvalue, "truncate:"))) {
1206
1207 r = unit_full_printf(u, n, &resolved);
1208 if (r < 0) {
1209 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", n);
1210 return 0;
1211 }
1212
1213 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE | PATH_CHECK_FATAL, unit, filename, line, lvalue);
1214 if (r < 0)
1215 return 0;
1216
1217 eo = EXEC_OUTPUT_FILE_TRUNCATE;
1218 } else {
1219 eo = exec_output_from_string(rvalue);
1220 if (eo < 0) {
1221 log_syntax(unit, LOG_WARNING, filename, line, eo, "Failed to parse output specifier, ignoring: %s", rvalue);
1222 return 0;
1223 }
1224 }
1225
1226 if (obsolete)
1227 log_syntax(unit, LOG_NOTICE, filename, line, 0,
1228 "Standard output type %s is obsolete, automatically updating to %s. Please update your unit file, and consider removing the setting altogether.",
1229 rvalue, exec_output_to_string(eo));
1230
1231 if (streq(lvalue, "StandardOutput")) {
1232 if (eo == EXEC_OUTPUT_NAMED_FD)
1233 free_and_replace(c->stdio_fdname[STDOUT_FILENO], resolved);
1234 else
1235 free_and_replace(c->stdio_file[STDOUT_FILENO], resolved);
1236
1237 c->std_output = eo;
1238
1239 } else {
1240 assert(streq(lvalue, "StandardError"));
1241
1242 if (eo == EXEC_OUTPUT_NAMED_FD)
1243 free_and_replace(c->stdio_fdname[STDERR_FILENO], resolved);
1244 else
1245 free_and_replace(c->stdio_file[STDERR_FILENO], resolved);
1246
1247 c->std_error = eo;
1248 }
1249
1250 return 0;
1251 }
1252
1253 int config_parse_exec_io_class(const char *unit,
1254 const char *filename,
1255 unsigned line,
1256 const char *section,
1257 unsigned section_line,
1258 const char *lvalue,
1259 int ltype,
1260 const char *rvalue,
1261 void *data,
1262 void *userdata) {
1263
1264 ExecContext *c = data;
1265 int x;
1266
1267 assert(filename);
1268 assert(lvalue);
1269 assert(rvalue);
1270 assert(data);
1271
1272 if (isempty(rvalue)) {
1273 c->ioprio_set = false;
1274 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
1275 return 0;
1276 }
1277
1278 x = ioprio_class_from_string(rvalue);
1279 if (x < 0) {
1280 log_syntax(unit, LOG_WARNING, filename, line, x, "Failed to parse IO scheduling class, ignoring: %s", rvalue);
1281 return 0;
1282 }
1283
1284 c->ioprio = IOPRIO_PRIO_VALUE(x, IOPRIO_PRIO_DATA(c->ioprio));
1285 c->ioprio_set = true;
1286
1287 return 0;
1288 }
1289
1290 int config_parse_exec_io_priority(const char *unit,
1291 const char *filename,
1292 unsigned line,
1293 const char *section,
1294 unsigned section_line,
1295 const char *lvalue,
1296 int ltype,
1297 const char *rvalue,
1298 void *data,
1299 void *userdata) {
1300
1301 ExecContext *c = data;
1302 int i, r;
1303
1304 assert(filename);
1305 assert(lvalue);
1306 assert(rvalue);
1307 assert(data);
1308
1309 if (isempty(rvalue)) {
1310 c->ioprio_set = false;
1311 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
1312 return 0;
1313 }
1314
1315 r = ioprio_parse_priority(rvalue, &i);
1316 if (r < 0) {
1317 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse IO priority, ignoring: %s", rvalue);
1318 return 0;
1319 }
1320
1321 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_PRIO_CLASS(c->ioprio), i);
1322 c->ioprio_set = true;
1323
1324 return 0;
1325 }
1326
1327 int config_parse_exec_cpu_sched_policy(const char *unit,
1328 const char *filename,
1329 unsigned line,
1330 const char *section,
1331 unsigned section_line,
1332 const char *lvalue,
1333 int ltype,
1334 const char *rvalue,
1335 void *data,
1336 void *userdata) {
1337
1338 ExecContext *c = data;
1339 int x;
1340
1341 assert(filename);
1342 assert(lvalue);
1343 assert(rvalue);
1344 assert(data);
1345
1346 if (isempty(rvalue)) {
1347 c->cpu_sched_set = false;
1348 c->cpu_sched_policy = SCHED_OTHER;
1349 c->cpu_sched_priority = 0;
1350 return 0;
1351 }
1352
1353 x = sched_policy_from_string(rvalue);
1354 if (x < 0) {
1355 log_syntax(unit, LOG_WARNING, filename, line, x, "Failed to parse CPU scheduling policy, ignoring: %s", rvalue);
1356 return 0;
1357 }
1358
1359 c->cpu_sched_policy = x;
1360 /* Moving to or from real-time policy? We need to adjust the priority */
1361 c->cpu_sched_priority = CLAMP(c->cpu_sched_priority, sched_get_priority_min(x), sched_get_priority_max(x));
1362 c->cpu_sched_set = true;
1363
1364 return 0;
1365 }
1366
1367 int config_parse_exec_mount_apivfs(const char *unit,
1368 const char *filename,
1369 unsigned line,
1370 const char *section,
1371 unsigned section_line,
1372 const char *lvalue,
1373 int ltype,
1374 const char *rvalue,
1375 void *data,
1376 void *userdata) {
1377
1378 ExecContext *c = data;
1379 int k;
1380
1381 assert(filename);
1382 assert(lvalue);
1383 assert(rvalue);
1384 assert(data);
1385
1386 if (isempty(rvalue)) {
1387 c->mount_apivfs_set = false;
1388 c->mount_apivfs = false;
1389 return 0;
1390 }
1391
1392 k = parse_boolean(rvalue);
1393 if (k < 0) {
1394 log_syntax(unit, LOG_WARNING, filename, line, k,
1395 "Failed to parse boolean value, ignoring: %s",
1396 rvalue);
1397 return 0;
1398 }
1399
1400 c->mount_apivfs_set = true;
1401 c->mount_apivfs = k;
1402 return 0;
1403 }
1404
1405 int config_parse_numa_mask(const char *unit,
1406 const char *filename,
1407 unsigned line,
1408 const char *section,
1409 unsigned section_line,
1410 const char *lvalue,
1411 int ltype,
1412 const char *rvalue,
1413 void *data,
1414 void *userdata) {
1415 int r;
1416 NUMAPolicy *p = data;
1417
1418 assert(filename);
1419 assert(lvalue);
1420 assert(rvalue);
1421 assert(data);
1422
1423 if (streq(rvalue, "all")) {
1424 r = numa_mask_add_all(&p->nodes);
1425 if (r < 0)
1426 log_syntax(unit, LOG_WARNING, filename, line, r,
1427 "Failed to create NUMA mask representing \"all\" NUMA nodes, ignoring: %m");
1428 } else {
1429 r = parse_cpu_set_extend(rvalue, &p->nodes, true, unit, filename, line, lvalue);
1430 if (r < 0)
1431 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse NUMA node mask, ignoring: %s", rvalue);
1432 }
1433
1434 return 0;
1435 }
1436
1437 int config_parse_exec_cpu_sched_prio(const char *unit,
1438 const char *filename,
1439 unsigned line,
1440 const char *section,
1441 unsigned section_line,
1442 const char *lvalue,
1443 int ltype,
1444 const char *rvalue,
1445 void *data,
1446 void *userdata) {
1447
1448 ExecContext *c = data;
1449 int i, min, max, r;
1450
1451 assert(filename);
1452 assert(lvalue);
1453 assert(rvalue);
1454 assert(data);
1455
1456 r = safe_atoi(rvalue, &i);
1457 if (r < 0) {
1458 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse CPU scheduling priority, ignoring: %s", rvalue);
1459 return 0;
1460 }
1461
1462 /* On Linux RR/FIFO range from 1 to 99 and OTHER/BATCH may only be 0 */
1463 min = sched_get_priority_min(c->cpu_sched_policy);
1464 max = sched_get_priority_max(c->cpu_sched_policy);
1465
1466 if (i < min || i > max) {
1467 log_syntax(unit, LOG_WARNING, filename, line, 0, "CPU scheduling priority is out of range, ignoring: %s", rvalue);
1468 return 0;
1469 }
1470
1471 c->cpu_sched_priority = i;
1472 c->cpu_sched_set = true;
1473
1474 return 0;
1475 }
1476
1477 int config_parse_root_image_options(
1478 const char *unit,
1479 const char *filename,
1480 unsigned line,
1481 const char *section,
1482 unsigned section_line,
1483 const char *lvalue,
1484 int ltype,
1485 const char *rvalue,
1486 void *data,
1487 void *userdata) {
1488
1489 _cleanup_(mount_options_free_allp) MountOptions *options = NULL;
1490 _cleanup_strv_free_ char **l = NULL;
1491 char **first = NULL, **second = NULL;
1492 ExecContext *c = data;
1493 const Unit *u = userdata;
1494 int r;
1495
1496 assert(filename);
1497 assert(lvalue);
1498 assert(rvalue);
1499 assert(data);
1500
1501 if (isempty(rvalue)) {
1502 c->root_image_options = mount_options_free_all(c->root_image_options);
1503 return 0;
1504 }
1505
1506 r = strv_split_colon_pairs(&l, rvalue);
1507 if (r == -ENOMEM)
1508 return log_oom();
1509 if (r < 0) {
1510 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s, ignoring: %s", lvalue, rvalue);
1511 return 0;
1512 }
1513
1514 STRV_FOREACH_PAIR(first, second, l) {
1515 MountOptions *o = NULL;
1516 _cleanup_free_ char *mount_options_resolved = NULL;
1517 const char *mount_options = NULL, *partition = "root";
1518 PartitionDesignator partition_designator;
1519
1520 /* Format is either 'root:foo' or 'foo' (root is implied) */
1521 if (!isempty(*second)) {
1522 partition = *first;
1523 mount_options = *second;
1524 } else
1525 mount_options = *first;
1526
1527 partition_designator = partition_designator_from_string(partition);
1528 if (partition_designator < 0) {
1529 log_syntax(unit, LOG_WARNING, filename, line, partition_designator,
1530 "Invalid partition name %s, ignoring", partition);
1531 continue;
1532 }
1533 r = unit_full_printf(u, mount_options, &mount_options_resolved);
1534 if (r < 0) {
1535 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", mount_options);
1536 continue;
1537 }
1538
1539 o = new(MountOptions, 1);
1540 if (!o)
1541 return log_oom();
1542 *o = (MountOptions) {
1543 .partition_designator = partition_designator,
1544 .options = TAKE_PTR(mount_options_resolved),
1545 };
1546 LIST_APPEND(mount_options, options, TAKE_PTR(o));
1547 }
1548
1549 /* empty spaces/separators only */
1550 if (LIST_IS_EMPTY(options))
1551 c->root_image_options = mount_options_free_all(c->root_image_options);
1552 else
1553 LIST_JOIN(mount_options, c->root_image_options, options);
1554
1555 return 0;
1556 }
1557
1558 int config_parse_exec_root_hash(
1559 const char *unit,
1560 const char *filename,
1561 unsigned line,
1562 const char *section,
1563 unsigned section_line,
1564 const char *lvalue,
1565 int ltype,
1566 const char *rvalue,
1567 void *data,
1568 void *userdata) {
1569
1570 _cleanup_free_ void *roothash_decoded = NULL;
1571 ExecContext *c = data;
1572 size_t roothash_decoded_size = 0;
1573 int r;
1574
1575 assert(data);
1576 assert(filename);
1577 assert(line);
1578 assert(rvalue);
1579
1580 if (isempty(rvalue)) {
1581 /* Reset if the empty string is assigned */
1582 c->root_hash_path = mfree(c->root_hash_path);
1583 c->root_hash = mfree(c->root_hash);
1584 c->root_hash_size = 0;
1585 return 0;
1586 }
1587
1588 if (path_is_absolute(rvalue)) {
1589 /* We have the path to a roothash to load and decode, eg: RootHash=/foo/bar.roothash */
1590 _cleanup_free_ char *p = NULL;
1591
1592 p = strdup(rvalue);
1593 if (!p)
1594 return -ENOMEM;
1595
1596 free_and_replace(c->root_hash_path, p);
1597 c->root_hash = mfree(c->root_hash);
1598 c->root_hash_size = 0;
1599 return 0;
1600 }
1601
1602 /* We have a roothash to decode, eg: RootHash=012345789abcdef */
1603 r = unhexmem(rvalue, strlen(rvalue), &roothash_decoded, &roothash_decoded_size);
1604 if (r < 0) {
1605 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to decode RootHash=, ignoring: %s", rvalue);
1606 return 0;
1607 }
1608 if (roothash_decoded_size < sizeof(sd_id128_t)) {
1609 log_syntax(unit, LOG_WARNING, filename, line, 0, "RootHash= is too short, ignoring: %s", rvalue);
1610 return 0;
1611 }
1612
1613 free_and_replace(c->root_hash, roothash_decoded);
1614 c->root_hash_size = roothash_decoded_size;
1615 c->root_hash_path = mfree(c->root_hash_path);
1616
1617 return 0;
1618 }
1619
1620 int config_parse_exec_root_hash_sig(
1621 const char *unit,
1622 const char *filename,
1623 unsigned line,
1624 const char *section,
1625 unsigned section_line,
1626 const char *lvalue,
1627 int ltype,
1628 const char *rvalue,
1629 void *data,
1630 void *userdata) {
1631
1632 _cleanup_free_ void *roothash_sig_decoded = NULL;
1633 char *value;
1634 ExecContext *c = data;
1635 size_t roothash_sig_decoded_size = 0;
1636 int r;
1637
1638 assert(data);
1639 assert(filename);
1640 assert(line);
1641 assert(rvalue);
1642
1643 if (isempty(rvalue)) {
1644 /* Reset if the empty string is assigned */
1645 c->root_hash_sig_path = mfree(c->root_hash_sig_path);
1646 c->root_hash_sig = mfree(c->root_hash_sig);
1647 c->root_hash_sig_size = 0;
1648 return 0;
1649 }
1650
1651 if (path_is_absolute(rvalue)) {
1652 /* We have the path to a roothash signature to load and decode, eg: RootHashSignature=/foo/bar.roothash.p7s */
1653 _cleanup_free_ char *p = NULL;
1654
1655 p = strdup(rvalue);
1656 if (!p)
1657 return log_oom();
1658
1659 free_and_replace(c->root_hash_sig_path, p);
1660 c->root_hash_sig = mfree(c->root_hash_sig);
1661 c->root_hash_sig_size = 0;
1662 return 0;
1663 }
1664
1665 if (!(value = startswith(rvalue, "base64:"))) {
1666 log_syntax(unit, LOG_WARNING, filename, line, 0,
1667 "Failed to decode RootHashSignature=, not a path but doesn't start with 'base64:', ignoring: %s", rvalue);
1668 return 0;
1669 }
1670
1671 /* We have a roothash signature to decode, eg: RootHashSignature=base64:012345789abcdef */
1672 r = unbase64mem(value, strlen(value), &roothash_sig_decoded, &roothash_sig_decoded_size);
1673 if (r < 0) {
1674 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to decode RootHashSignature=, ignoring: %s", rvalue);
1675 return 0;
1676 }
1677
1678 free_and_replace(c->root_hash_sig, roothash_sig_decoded);
1679 c->root_hash_sig_size = roothash_sig_decoded_size;
1680 c->root_hash_sig_path = mfree(c->root_hash_sig_path);
1681
1682 return 0;
1683 }
1684
1685 int config_parse_exec_cpu_affinity(
1686 const char *unit,
1687 const char *filename,
1688 unsigned line,
1689 const char *section,
1690 unsigned section_line,
1691 const char *lvalue,
1692 int ltype,
1693 const char *rvalue,
1694 void *data,
1695 void *userdata) {
1696
1697 ExecContext *c = data;
1698 int r;
1699
1700 assert(filename);
1701 assert(lvalue);
1702 assert(rvalue);
1703 assert(data);
1704
1705 if (streq(rvalue, "numa")) {
1706 c->cpu_affinity_from_numa = true;
1707 cpu_set_reset(&c->cpu_set);
1708
1709 return 0;
1710 }
1711
1712 r = parse_cpu_set_extend(rvalue, &c->cpu_set, true, unit, filename, line, lvalue);
1713 if (r >= 0)
1714 c->cpu_affinity_from_numa = false;
1715
1716 return 0;
1717 }
1718
1719 int config_parse_capability_set(
1720 const char *unit,
1721 const char *filename,
1722 unsigned line,
1723 const char *section,
1724 unsigned section_line,
1725 const char *lvalue,
1726 int ltype,
1727 const char *rvalue,
1728 void *data,
1729 void *userdata) {
1730
1731 uint64_t *capability_set = data;
1732 uint64_t sum = 0, initial = 0;
1733 bool invert = false;
1734 int r;
1735
1736 assert(filename);
1737 assert(lvalue);
1738 assert(rvalue);
1739 assert(data);
1740
1741 if (rvalue[0] == '~') {
1742 invert = true;
1743 rvalue++;
1744 }
1745
1746 if (streq(lvalue, "CapabilityBoundingSet"))
1747 initial = CAP_ALL; /* initialized to all bits on */
1748 /* else "AmbientCapabilities" initialized to all bits off */
1749
1750 r = capability_set_from_string(rvalue, &sum);
1751 if (r < 0) {
1752 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s= specifier '%s', ignoring: %m", lvalue, rvalue);
1753 return 0;
1754 }
1755
1756 if (sum == 0 || *capability_set == initial)
1757 /* "", "~" or uninitialized data -> replace */
1758 *capability_set = invert ? ~sum : sum;
1759 else {
1760 /* previous data -> merge */
1761 if (invert)
1762 *capability_set &= ~sum;
1763 else
1764 *capability_set |= sum;
1765 }
1766
1767 return 0;
1768 }
1769
1770 int config_parse_exec_selinux_context(
1771 const char *unit,
1772 const char *filename,
1773 unsigned line,
1774 const char *section,
1775 unsigned section_line,
1776 const char *lvalue,
1777 int ltype,
1778 const char *rvalue,
1779 void *data,
1780 void *userdata) {
1781
1782 ExecContext *c = data;
1783 const Unit *u = userdata;
1784 bool ignore;
1785 char *k;
1786 int r;
1787
1788 assert(filename);
1789 assert(lvalue);
1790 assert(rvalue);
1791 assert(data);
1792
1793 if (isempty(rvalue)) {
1794 c->selinux_context = mfree(c->selinux_context);
1795 c->selinux_context_ignore = false;
1796 return 0;
1797 }
1798
1799 if (rvalue[0] == '-') {
1800 ignore = true;
1801 rvalue++;
1802 } else
1803 ignore = false;
1804
1805 r = unit_full_printf(u, rvalue, &k);
1806 if (r < 0) {
1807 log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, r,
1808 "Failed to resolve unit specifiers in '%s'%s: %m",
1809 rvalue, ignore ? ", ignoring" : "");
1810 return ignore ? 0 : -ENOEXEC;
1811 }
1812
1813 free_and_replace(c->selinux_context, k);
1814 c->selinux_context_ignore = ignore;
1815
1816 return 0;
1817 }
1818
1819 int config_parse_exec_apparmor_profile(
1820 const char *unit,
1821 const char *filename,
1822 unsigned line,
1823 const char *section,
1824 unsigned section_line,
1825 const char *lvalue,
1826 int ltype,
1827 const char *rvalue,
1828 void *data,
1829 void *userdata) {
1830
1831 ExecContext *c = data;
1832 const Unit *u = userdata;
1833 bool ignore;
1834 char *k;
1835 int r;
1836
1837 assert(filename);
1838 assert(lvalue);
1839 assert(rvalue);
1840 assert(data);
1841
1842 if (isempty(rvalue)) {
1843 c->apparmor_profile = mfree(c->apparmor_profile);
1844 c->apparmor_profile_ignore = false;
1845 return 0;
1846 }
1847
1848 if (rvalue[0] == '-') {
1849 ignore = true;
1850 rvalue++;
1851 } else
1852 ignore = false;
1853
1854 r = unit_full_printf(u, rvalue, &k);
1855 if (r < 0) {
1856 log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, r,
1857 "Failed to resolve unit specifiers in '%s'%s: %m",
1858 rvalue, ignore ? ", ignoring" : "");
1859 return ignore ? 0 : -ENOEXEC;
1860 }
1861
1862 free_and_replace(c->apparmor_profile, k);
1863 c->apparmor_profile_ignore = ignore;
1864
1865 return 0;
1866 }
1867
1868 int config_parse_exec_smack_process_label(
1869 const char *unit,
1870 const char *filename,
1871 unsigned line,
1872 const char *section,
1873 unsigned section_line,
1874 const char *lvalue,
1875 int ltype,
1876 const char *rvalue,
1877 void *data,
1878 void *userdata) {
1879
1880 ExecContext *c = data;
1881 const Unit *u = userdata;
1882 bool ignore;
1883 char *k;
1884 int r;
1885
1886 assert(filename);
1887 assert(lvalue);
1888 assert(rvalue);
1889 assert(data);
1890
1891 if (isempty(rvalue)) {
1892 c->smack_process_label = mfree(c->smack_process_label);
1893 c->smack_process_label_ignore = false;
1894 return 0;
1895 }
1896
1897 if (rvalue[0] == '-') {
1898 ignore = true;
1899 rvalue++;
1900 } else
1901 ignore = false;
1902
1903 r = unit_full_printf(u, rvalue, &k);
1904 if (r < 0) {
1905 log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, r,
1906 "Failed to resolve unit specifiers in '%s'%s: %m",
1907 rvalue, ignore ? ", ignoring" : "");
1908 return ignore ? 0 : -ENOEXEC;
1909 }
1910
1911 free_and_replace(c->smack_process_label, k);
1912 c->smack_process_label_ignore = ignore;
1913
1914 return 0;
1915 }
1916
1917 int config_parse_timer(
1918 const char *unit,
1919 const char *filename,
1920 unsigned line,
1921 const char *section,
1922 unsigned section_line,
1923 const char *lvalue,
1924 int ltype,
1925 const char *rvalue,
1926 void *data,
1927 void *userdata) {
1928
1929 _cleanup_(calendar_spec_freep) CalendarSpec *c = NULL;
1930 _cleanup_free_ char *k = NULL;
1931 const Unit *u = userdata;
1932 Timer *t = data;
1933 usec_t usec = 0;
1934 TimerValue *v;
1935 int r;
1936
1937 assert(filename);
1938 assert(lvalue);
1939 assert(rvalue);
1940 assert(data);
1941
1942 if (isempty(rvalue)) {
1943 /* Empty assignment resets list */
1944 timer_free_values(t);
1945 return 0;
1946 }
1947
1948 r = unit_full_printf(u, rvalue, &k);
1949 if (r < 0) {
1950 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
1951 return 0;
1952 }
1953
1954 if (ltype == TIMER_CALENDAR) {
1955 r = calendar_spec_from_string(k, &c);
1956 if (r < 0) {
1957 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse calendar specification, ignoring: %s", k);
1958 return 0;
1959 }
1960 } else {
1961 r = parse_sec(k, &usec);
1962 if (r < 0) {
1963 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse timer value, ignoring: %s", k);
1964 return 0;
1965 }
1966 }
1967
1968 v = new(TimerValue, 1);
1969 if (!v)
1970 return log_oom();
1971
1972 *v = (TimerValue) {
1973 .base = ltype,
1974 .value = usec,
1975 .calendar_spec = TAKE_PTR(c),
1976 };
1977
1978 LIST_PREPEND(value, t->values, v);
1979
1980 return 0;
1981 }
1982
1983 int config_parse_trigger_unit(
1984 const char *unit,
1985 const char *filename,
1986 unsigned line,
1987 const char *section,
1988 unsigned section_line,
1989 const char *lvalue,
1990 int ltype,
1991 const char *rvalue,
1992 void *data,
1993 void *userdata) {
1994
1995 _cleanup_free_ char *p = NULL;
1996 Unit *u = data;
1997 UnitType type;
1998 int r;
1999
2000 assert(filename);
2001 assert(lvalue);
2002 assert(rvalue);
2003 assert(data);
2004
2005 if (!hashmap_isempty(u->dependencies[UNIT_TRIGGERS])) {
2006 log_syntax(unit, LOG_WARNING, filename, line, 0, "Multiple units to trigger specified, ignoring: %s", rvalue);
2007 return 0;
2008 }
2009
2010 r = unit_name_printf(u, rvalue, &p);
2011 if (r < 0) {
2012 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
2013 return 0;
2014 }
2015
2016 type = unit_name_to_type(p);
2017 if (type < 0) {
2018 log_syntax(unit, LOG_WARNING, filename, line, type, "Unit type not valid, ignoring: %s", rvalue);
2019 return 0;
2020 }
2021 if (unit_has_name(u, p)) {
2022 log_syntax(unit, LOG_WARNING, filename, line, 0, "Units cannot trigger themselves, ignoring: %s", rvalue);
2023 return 0;
2024 }
2025
2026 r = unit_add_two_dependencies_by_name(u, UNIT_BEFORE, UNIT_TRIGGERS, p, true, UNIT_DEPENDENCY_FILE);
2027 if (r < 0) {
2028 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to add trigger on %s, ignoring: %m", p);
2029 return 0;
2030 }
2031
2032 return 0;
2033 }
2034
2035 int config_parse_path_spec(const char *unit,
2036 const char *filename,
2037 unsigned line,
2038 const char *section,
2039 unsigned section_line,
2040 const char *lvalue,
2041 int ltype,
2042 const char *rvalue,
2043 void *data,
2044 void *userdata) {
2045
2046 Path *p = data;
2047 PathSpec *s;
2048 PathType b;
2049 _cleanup_free_ char *k = NULL;
2050 int r;
2051
2052 assert(filename);
2053 assert(lvalue);
2054 assert(rvalue);
2055 assert(data);
2056
2057 if (isempty(rvalue)) {
2058 /* Empty assignment clears list */
2059 path_free_specs(p);
2060 return 0;
2061 }
2062
2063 b = path_type_from_string(lvalue);
2064 if (b < 0) {
2065 log_syntax(unit, LOG_WARNING, filename, line, b, "Failed to parse path type, ignoring: %s", lvalue);
2066 return 0;
2067 }
2068
2069 r = unit_full_printf(UNIT(p), rvalue, &k);
2070 if (r < 0) {
2071 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
2072 return 0;
2073 }
2074
2075 r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
2076 if (r < 0)
2077 return 0;
2078
2079 s = new0(PathSpec, 1);
2080 if (!s)
2081 return log_oom();
2082
2083 s->unit = UNIT(p);
2084 s->path = TAKE_PTR(k);
2085 s->type = b;
2086 s->inotify_fd = -1;
2087
2088 LIST_PREPEND(spec, p->specs, s);
2089
2090 return 0;
2091 }
2092
2093 int config_parse_socket_service(
2094 const char *unit,
2095 const char *filename,
2096 unsigned line,
2097 const char *section,
2098 unsigned section_line,
2099 const char *lvalue,
2100 int ltype,
2101 const char *rvalue,
2102 void *data,
2103 void *userdata) {
2104
2105 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2106 _cleanup_free_ char *p = NULL;
2107 Socket *s = data;
2108 Unit *x;
2109 int r;
2110
2111 assert(filename);
2112 assert(lvalue);
2113 assert(rvalue);
2114 assert(data);
2115
2116 r = unit_name_printf(UNIT(s), rvalue, &p);
2117 if (r < 0) {
2118 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
2119 return 0;
2120 }
2121
2122 if (!endswith(p, ".service")) {
2123 log_syntax(unit, LOG_WARNING, filename, line, 0, "Unit must be of type service, ignoring: %s", rvalue);
2124 return 0;
2125 }
2126
2127 r = manager_load_unit(UNIT(s)->manager, p, NULL, &error, &x);
2128 if (r < 0) {
2129 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to load unit %s, ignoring: %s", rvalue, bus_error_message(&error, r));
2130 return 0;
2131 }
2132
2133 unit_ref_set(&s->service, UNIT(s), x);
2134
2135 return 0;
2136 }
2137
2138 int config_parse_fdname(
2139 const char *unit,
2140 const char *filename,
2141 unsigned line,
2142 const char *section,
2143 unsigned section_line,
2144 const char *lvalue,
2145 int ltype,
2146 const char *rvalue,
2147 void *data,
2148 void *userdata) {
2149
2150 _cleanup_free_ char *p = NULL;
2151 Socket *s = data;
2152 int r;
2153
2154 assert(filename);
2155 assert(lvalue);
2156 assert(rvalue);
2157 assert(data);
2158
2159 if (isempty(rvalue)) {
2160 s->fdname = mfree(s->fdname);
2161 return 0;
2162 }
2163
2164 r = unit_full_printf(UNIT(s), rvalue, &p);
2165 if (r < 0) {
2166 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
2167 return 0;
2168 }
2169
2170 if (!fdname_is_valid(p)) {
2171 log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid file descriptor name, ignoring: %s", p);
2172 return 0;
2173 }
2174
2175 return free_and_replace(s->fdname, p);
2176 }
2177
2178 int config_parse_service_sockets(
2179 const char *unit,
2180 const char *filename,
2181 unsigned line,
2182 const char *section,
2183 unsigned section_line,
2184 const char *lvalue,
2185 int ltype,
2186 const char *rvalue,
2187 void *data,
2188 void *userdata) {
2189
2190 Service *s = data;
2191 int r;
2192
2193 assert(filename);
2194 assert(lvalue);
2195 assert(rvalue);
2196 assert(data);
2197
2198 for (const char *p = rvalue;;) {
2199 _cleanup_free_ char *word = NULL, *k = NULL;
2200
2201 r = extract_first_word(&p, &word, NULL, 0);
2202 if (r == 0)
2203 return 0;
2204 if (r == -ENOMEM)
2205 return log_oom();
2206 if (r < 0) {
2207 log_syntax(unit, LOG_WARNING, filename, line, r, "Trailing garbage in sockets, ignoring: %s", rvalue);
2208 return 0;
2209 }
2210
2211 r = unit_name_printf(UNIT(s), word, &k);
2212 if (r < 0) {
2213 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
2214 continue;
2215 }
2216
2217 if (!endswith(k, ".socket")) {
2218 log_syntax(unit, LOG_WARNING, filename, line, 0, "Unit must be of type socket, ignoring: %s", k);
2219 continue;
2220 }
2221
2222 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_WANTS, UNIT_AFTER, k, true, UNIT_DEPENDENCY_FILE);
2223 if (r < 0)
2224 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
2225
2226 r = unit_add_dependency_by_name(UNIT(s), UNIT_TRIGGERED_BY, k, true, UNIT_DEPENDENCY_FILE);
2227 if (r < 0)
2228 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
2229 }
2230 }
2231
2232 int config_parse_bus_name(
2233 const char *unit,
2234 const char *filename,
2235 unsigned line,
2236 const char *section,
2237 unsigned section_line,
2238 const char *lvalue,
2239 int ltype,
2240 const char *rvalue,
2241 void *data,
2242 void *userdata) {
2243
2244 _cleanup_free_ char *k = NULL;
2245 const Unit *u = userdata;
2246 int r;
2247
2248 assert(filename);
2249 assert(lvalue);
2250 assert(rvalue);
2251 assert(u);
2252
2253 r = unit_full_printf(u, rvalue, &k);
2254 if (r < 0) {
2255 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
2256 return 0;
2257 }
2258
2259 if (!sd_bus_service_name_is_valid(k)) {
2260 log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid bus name, ignoring: %s", k);
2261 return 0;
2262 }
2263
2264 return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
2265 }
2266
2267 int config_parse_service_timeout(
2268 const char *unit,
2269 const char *filename,
2270 unsigned line,
2271 const char *section,
2272 unsigned section_line,
2273 const char *lvalue,
2274 int ltype,
2275 const char *rvalue,
2276 void *data,
2277 void *userdata) {
2278
2279 Service *s = userdata;
2280 usec_t usec;
2281 int r;
2282
2283 assert(filename);
2284 assert(lvalue);
2285 assert(rvalue);
2286 assert(s);
2287
2288 /* This is called for two cases: TimeoutSec= and TimeoutStartSec=. */
2289
2290 /* Traditionally, these options accepted 0 to disable the timeouts. However, a timeout of 0 suggests it happens
2291 * immediately, hence fix this to become USEC_INFINITY instead. This is in-line with how we internally handle
2292 * all other timeouts. */
2293 r = parse_sec_fix_0(rvalue, &usec);
2294 if (r < 0) {
2295 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
2296 return 0;
2297 }
2298
2299 s->start_timeout_defined = true;
2300 s->timeout_start_usec = usec;
2301
2302 if (streq(lvalue, "TimeoutSec"))
2303 s->timeout_stop_usec = usec;
2304
2305 return 0;
2306 }
2307
2308 int config_parse_timeout_abort(
2309 const char *unit,
2310 const char *filename,
2311 unsigned line,
2312 const char *section,
2313 unsigned section_line,
2314 const char *lvalue,
2315 int ltype,
2316 const char *rvalue,
2317 void *data,
2318 void *userdata) {
2319
2320 usec_t *ret = data;
2321 int r;
2322
2323 assert(filename);
2324 assert(lvalue);
2325 assert(rvalue);
2326 assert(ret);
2327
2328 /* Note: apart from setting the arg, this returns an extra bit of information in the return value. */
2329
2330 if (isempty(rvalue)) {
2331 *ret = 0;
2332 return 0; /* "not set" */
2333 }
2334
2335 r = parse_sec(rvalue, ret);
2336 if (r < 0)
2337 return log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s= setting, ignoring: %s", lvalue, rvalue);
2338
2339 return 1; /* "set" */
2340 }
2341
2342 int config_parse_service_timeout_abort(
2343 const char *unit,
2344 const char *filename,
2345 unsigned line,
2346 const char *section,
2347 unsigned section_line,
2348 const char *lvalue,
2349 int ltype,
2350 const char *rvalue,
2351 void *data,
2352 void *userdata) {
2353
2354 Service *s = userdata;
2355 int r;
2356
2357 assert(s);
2358
2359 r = config_parse_timeout_abort(unit, filename, line, section, section_line, lvalue, ltype, rvalue,
2360 &s->timeout_abort_usec, s);
2361 if (r >= 0)
2362 s->timeout_abort_set = r;
2363 return 0;
2364 }
2365
2366 int config_parse_sec_fix_0(
2367 const char *unit,
2368 const char *filename,
2369 unsigned line,
2370 const char *section,
2371 unsigned section_line,
2372 const char *lvalue,
2373 int ltype,
2374 const char *rvalue,
2375 void *data,
2376 void *userdata) {
2377
2378 usec_t *usec = data;
2379 int r;
2380
2381 assert(filename);
2382 assert(lvalue);
2383 assert(rvalue);
2384 assert(usec);
2385
2386 /* This is pretty much like config_parse_sec(), except that this treats a time of 0 as infinity, for
2387 * compatibility with older versions of systemd where 0 instead of infinity was used as indicator to turn off a
2388 * timeout. */
2389
2390 r = parse_sec_fix_0(rvalue, usec);
2391 if (r < 0)
2392 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
2393
2394 return 0;
2395 }
2396
2397 int config_parse_user_group_compat(
2398 const char *unit,
2399 const char *filename,
2400 unsigned line,
2401 const char *section,
2402 unsigned section_line,
2403 const char *lvalue,
2404 int ltype,
2405 const char *rvalue,
2406 void *data,
2407 void *userdata) {
2408
2409 _cleanup_free_ char *k = NULL;
2410 char **user = data;
2411 const Unit *u = userdata;
2412 int r;
2413
2414 assert(filename);
2415 assert(lvalue);
2416 assert(rvalue);
2417 assert(u);
2418
2419 if (isempty(rvalue)) {
2420 *user = mfree(*user);
2421 return 0;
2422 }
2423
2424 r = unit_full_printf(u, rvalue, &k);
2425 if (r < 0) {
2426 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", rvalue);
2427 return -ENOEXEC;
2428 }
2429
2430 if (!valid_user_group_name(k, VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX|VALID_USER_WARN)) {
2431 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
2432 return -ENOEXEC;
2433 }
2434
2435 if (strstr(lvalue, "User") && streq(k, NOBODY_USER_NAME))
2436 log_struct(LOG_NOTICE,
2437 "MESSAGE=%s:%u: Special user %s configured, this is not safe!", filename, line, k,
2438 "UNIT=%s", unit,
2439 "MESSAGE_ID=" SD_MESSAGE_NOBODY_USER_UNSUITABLE_STR,
2440 "OFFENDING_USER=%s", k,
2441 "CONFIG_FILE=%s", filename,
2442 "CONFIG_LINE=%u", line);
2443
2444 return free_and_replace(*user, k);
2445 }
2446
2447 int config_parse_user_group_strv_compat(
2448 const char *unit,
2449 const char *filename,
2450 unsigned line,
2451 const char *section,
2452 unsigned section_line,
2453 const char *lvalue,
2454 int ltype,
2455 const char *rvalue,
2456 void *data,
2457 void *userdata) {
2458
2459 char ***users = data;
2460 const Unit *u = userdata;
2461 int r;
2462
2463 assert(filename);
2464 assert(lvalue);
2465 assert(rvalue);
2466 assert(u);
2467
2468 if (isempty(rvalue)) {
2469 *users = strv_free(*users);
2470 return 0;
2471 }
2472
2473 for (const char *p = rvalue;;) {
2474 _cleanup_free_ char *word = NULL, *k = NULL;
2475
2476 r = extract_first_word(&p, &word, NULL, 0);
2477 if (r == 0)
2478 return 0;
2479 if (r == -ENOMEM)
2480 return log_oom();
2481 if (r < 0) {
2482 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax: %s", rvalue);
2483 return -ENOEXEC;
2484 }
2485
2486 r = unit_full_printf(u, word, &k);
2487 if (r < 0) {
2488 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", word);
2489 return -ENOEXEC;
2490 }
2491
2492 if (!valid_user_group_name(k, VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX|VALID_USER_WARN)) {
2493 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
2494 return -ENOEXEC;
2495 }
2496
2497 r = strv_push(users, k);
2498 if (r < 0)
2499 return log_oom();
2500
2501 k = NULL;
2502 }
2503 }
2504
2505 int config_parse_working_directory(
2506 const char *unit,
2507 const char *filename,
2508 unsigned line,
2509 const char *section,
2510 unsigned section_line,
2511 const char *lvalue,
2512 int ltype,
2513 const char *rvalue,
2514 void *data,
2515 void *userdata) {
2516
2517 ExecContext *c = data;
2518 const Unit *u = userdata;
2519 bool missing_ok;
2520 int r;
2521
2522 assert(filename);
2523 assert(lvalue);
2524 assert(rvalue);
2525 assert(c);
2526 assert(u);
2527
2528 if (isempty(rvalue)) {
2529 c->working_directory_home = false;
2530 c->working_directory = mfree(c->working_directory);
2531 return 0;
2532 }
2533
2534 if (rvalue[0] == '-') {
2535 missing_ok = true;
2536 rvalue++;
2537 } else
2538 missing_ok = false;
2539
2540 if (streq(rvalue, "~")) {
2541 c->working_directory_home = true;
2542 c->working_directory = mfree(c->working_directory);
2543 } else {
2544 _cleanup_free_ char *k = NULL;
2545
2546 r = unit_full_printf(u, rvalue, &k);
2547 if (r < 0) {
2548 log_syntax(unit, missing_ok ? LOG_WARNING : LOG_ERR, filename, line, r,
2549 "Failed to resolve unit specifiers in working directory path '%s'%s: %m",
2550 rvalue, missing_ok ? ", ignoring" : "");
2551 return missing_ok ? 0 : -ENOEXEC;
2552 }
2553
2554 r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE | (missing_ok ? 0 : PATH_CHECK_FATAL), unit, filename, line, lvalue);
2555 if (r < 0)
2556 return missing_ok ? 0 : -ENOEXEC;
2557
2558 c->working_directory_home = false;
2559 free_and_replace(c->working_directory, k);
2560 }
2561
2562 c->working_directory_missing_ok = missing_ok;
2563 return 0;
2564 }
2565
2566 int config_parse_unit_env_file(const char *unit,
2567 const char *filename,
2568 unsigned line,
2569 const char *section,
2570 unsigned section_line,
2571 const char *lvalue,
2572 int ltype,
2573 const char *rvalue,
2574 void *data,
2575 void *userdata) {
2576
2577 char ***env = data;
2578 const Unit *u = userdata;
2579 _cleanup_free_ char *n = NULL;
2580 int r;
2581
2582 assert(filename);
2583 assert(lvalue);
2584 assert(rvalue);
2585 assert(data);
2586
2587 if (isempty(rvalue)) {
2588 /* Empty assignment frees the list */
2589 *env = strv_free(*env);
2590 return 0;
2591 }
2592
2593 r = unit_full_printf(u, rvalue, &n);
2594 if (r < 0) {
2595 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
2596 return 0;
2597 }
2598
2599 r = path_simplify_and_warn(n[0] == '-' ? n + 1 : n, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
2600 if (r < 0)
2601 return 0;
2602
2603 r = strv_push(env, n);
2604 if (r < 0)
2605 return log_oom();
2606
2607 n = NULL;
2608
2609 return 0;
2610 }
2611
2612 int config_parse_environ(
2613 const char *unit,
2614 const char *filename,
2615 unsigned line,
2616 const char *section,
2617 unsigned section_line,
2618 const char *lvalue,
2619 int ltype,
2620 const char *rvalue,
2621 void *data,
2622 void *userdata) {
2623
2624 const Unit *u = userdata;
2625 char ***env = data;
2626 int r;
2627
2628 assert(filename);
2629 assert(lvalue);
2630 assert(rvalue);
2631 assert(data);
2632
2633 if (isempty(rvalue)) {
2634 /* Empty assignment resets the list */
2635 *env = strv_free(*env);
2636 return 0;
2637 }
2638
2639 for (const char *p = rvalue;; ) {
2640 _cleanup_free_ char *word = NULL, *resolved = NULL;
2641
2642 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_UNQUOTE);
2643 if (r == 0)
2644 return 0;
2645 if (r == -ENOMEM)
2646 return log_oom();
2647 if (r < 0) {
2648 log_syntax(unit, LOG_WARNING, filename, line, r,
2649 "Invalid syntax, ignoring: %s", rvalue);
2650 return 0;
2651 }
2652
2653 if (u) {
2654 r = unit_full_printf(u, word, &resolved);
2655 if (r < 0) {
2656 log_syntax(unit, LOG_WARNING, filename, line, r,
2657 "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2658 continue;
2659 }
2660 } else
2661 resolved = TAKE_PTR(word);
2662
2663 if (!env_assignment_is_valid(resolved)) {
2664 log_syntax(unit, LOG_WARNING, filename, line, 0,
2665 "Invalid environment assignment, ignoring: %s", resolved);
2666 continue;
2667 }
2668
2669 r = strv_env_replace_consume(env, TAKE_PTR(resolved));
2670 if (r < 0)
2671 return log_error_errno(r, "Failed to update environment: %m");
2672 }
2673 }
2674
2675 int config_parse_pass_environ(
2676 const char *unit,
2677 const char *filename,
2678 unsigned line,
2679 const char *section,
2680 unsigned section_line,
2681 const char *lvalue,
2682 int ltype,
2683 const char *rvalue,
2684 void *data,
2685 void *userdata) {
2686
2687 _cleanup_strv_free_ char **n = NULL;
2688 size_t nlen = 0, nbufsize = 0;
2689 char*** passenv = data;
2690 const Unit *u = userdata;
2691 int r;
2692
2693 assert(filename);
2694 assert(lvalue);
2695 assert(rvalue);
2696 assert(data);
2697
2698 if (isempty(rvalue)) {
2699 /* Empty assignment resets the list */
2700 *passenv = strv_free(*passenv);
2701 return 0;
2702 }
2703
2704 for (const char *p = rvalue;;) {
2705 _cleanup_free_ char *word = NULL, *k = NULL;
2706
2707 r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE);
2708 if (r == 0)
2709 break;
2710 if (r == -ENOMEM)
2711 return log_oom();
2712 if (r < 0) {
2713 log_syntax(unit, LOG_WARNING, filename, line, r,
2714 "Trailing garbage in %s, ignoring: %s", lvalue, rvalue);
2715 break;
2716 }
2717
2718 if (u) {
2719 r = unit_full_printf(u, word, &k);
2720 if (r < 0) {
2721 log_syntax(unit, LOG_WARNING, filename, line, r,
2722 "Failed to resolve specifiers in %s, ignoring: %m", word);
2723 continue;
2724 }
2725 } else
2726 k = TAKE_PTR(word);
2727
2728 if (!env_name_is_valid(k)) {
2729 log_syntax(unit, LOG_WARNING, filename, line, 0,
2730 "Invalid environment name for %s, ignoring: %s", lvalue, k);
2731 continue;
2732 }
2733
2734 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
2735 return log_oom();
2736
2737 n[nlen++] = TAKE_PTR(k);
2738 n[nlen] = NULL;
2739 }
2740
2741 if (n) {
2742 r = strv_extend_strv(passenv, n, true);
2743 if (r < 0)
2744 return log_oom();
2745 }
2746
2747 return 0;
2748 }
2749
2750 int config_parse_unset_environ(
2751 const char *unit,
2752 const char *filename,
2753 unsigned line,
2754 const char *section,
2755 unsigned section_line,
2756 const char *lvalue,
2757 int ltype,
2758 const char *rvalue,
2759 void *data,
2760 void *userdata) {
2761
2762 _cleanup_strv_free_ char **n = NULL;
2763 size_t nlen = 0, nbufsize = 0;
2764 char*** unsetenv = data;
2765 const Unit *u = userdata;
2766 int r;
2767
2768 assert(filename);
2769 assert(lvalue);
2770 assert(rvalue);
2771 assert(data);
2772
2773 if (isempty(rvalue)) {
2774 /* Empty assignment resets the list */
2775 *unsetenv = strv_free(*unsetenv);
2776 return 0;
2777 }
2778
2779 for (const char *p = rvalue;;) {
2780 _cleanup_free_ char *word = NULL, *k = NULL;
2781
2782 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_UNQUOTE);
2783 if (r == 0)
2784 break;
2785 if (r == -ENOMEM)
2786 return log_oom();
2787 if (r < 0) {
2788 log_syntax(unit, LOG_WARNING, filename, line, r,
2789 "Trailing garbage in %s, ignoring: %s", lvalue, rvalue);
2790 break;
2791 }
2792
2793 if (u) {
2794 r = unit_full_printf(u, word, &k);
2795 if (r < 0) {
2796 log_syntax(unit, LOG_WARNING, filename, line, r,
2797 "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2798 continue;
2799 }
2800 } else
2801 k = TAKE_PTR(word);
2802
2803 if (!env_assignment_is_valid(k) && !env_name_is_valid(k)) {
2804 log_syntax(unit, LOG_WARNING, filename, line, 0,
2805 "Invalid environment name or assignment %s, ignoring: %s", lvalue, k);
2806 continue;
2807 }
2808
2809 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
2810 return log_oom();
2811
2812 n[nlen++] = TAKE_PTR(k);
2813 n[nlen] = NULL;
2814 }
2815
2816 if (n) {
2817 r = strv_extend_strv(unsetenv, n, true);
2818 if (r < 0)
2819 return log_oom();
2820 }
2821
2822 return 0;
2823 }
2824
2825 int config_parse_log_extra_fields(
2826 const char *unit,
2827 const char *filename,
2828 unsigned line,
2829 const char *section,
2830 unsigned section_line,
2831 const char *lvalue,
2832 int ltype,
2833 const char *rvalue,
2834 void *data,
2835 void *userdata) {
2836
2837 ExecContext *c = data;
2838 const Unit *u = userdata;
2839 int r;
2840
2841 assert(filename);
2842 assert(lvalue);
2843 assert(rvalue);
2844 assert(c);
2845
2846 if (isempty(rvalue)) {
2847 exec_context_free_log_extra_fields(c);
2848 return 0;
2849 }
2850
2851 for (const char *p = rvalue;;) {
2852 _cleanup_free_ char *word = NULL, *k = NULL;
2853 struct iovec *t;
2854 const char *eq;
2855
2856 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_UNQUOTE);
2857 if (r == 0)
2858 return 0;
2859 if (r == -ENOMEM)
2860 return log_oom();
2861 if (r < 0) {
2862 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
2863 return 0;
2864 }
2865
2866 r = unit_full_printf(u, word, &k);
2867 if (r < 0) {
2868 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2869 continue;
2870 }
2871
2872 eq = strchr(k, '=');
2873 if (!eq) {
2874 log_syntax(unit, LOG_WARNING, filename, line, 0, "Log field lacks '=' character, ignoring: %s", k);
2875 continue;
2876 }
2877
2878 if (!journal_field_valid(k, eq-k, false)) {
2879 log_syntax(unit, LOG_WARNING, filename, line, 0, "Log field name is invalid, ignoring: %s", k);
2880 continue;
2881 }
2882
2883 t = reallocarray(c->log_extra_fields, c->n_log_extra_fields+1, sizeof(struct iovec));
2884 if (!t)
2885 return log_oom();
2886
2887 c->log_extra_fields = t;
2888 c->log_extra_fields[c->n_log_extra_fields++] = IOVEC_MAKE_STRING(k);
2889
2890 k = NULL;
2891 }
2892 }
2893
2894 int config_parse_log_namespace(
2895 const char *unit,
2896 const char *filename,
2897 unsigned line,
2898 const char *section,
2899 unsigned section_line,
2900 const char *lvalue,
2901 int ltype,
2902 const char *rvalue,
2903 void *data,
2904 void *userdata) {
2905
2906 _cleanup_free_ char *k = NULL;
2907 ExecContext *c = data;
2908 const Unit *u = userdata;
2909 int r;
2910
2911 assert(filename);
2912 assert(lvalue);
2913 assert(rvalue);
2914 assert(c);
2915
2916 if (isempty(rvalue)) {
2917 c->log_namespace = mfree(c->log_namespace);
2918 return 0;
2919 }
2920
2921 r = unit_full_printf(u, rvalue, &k);
2922 if (r < 0) {
2923 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
2924 return 0;
2925 }
2926
2927 if (!log_namespace_name_valid(k)) {
2928 log_syntax(unit, LOG_WARNING, filename, line, 0, "Specified log namespace name is not valid, ignoring: %s", k);
2929 return 0;
2930 }
2931
2932 free_and_replace(c->log_namespace, k);
2933 return 0;
2934 }
2935
2936 int config_parse_unit_condition_path(
2937 const char *unit,
2938 const char *filename,
2939 unsigned line,
2940 const char *section,
2941 unsigned section_line,
2942 const char *lvalue,
2943 int ltype,
2944 const char *rvalue,
2945 void *data,
2946 void *userdata) {
2947
2948 _cleanup_free_ char *p = NULL;
2949 Condition **list = data, *c;
2950 ConditionType t = ltype;
2951 bool trigger, negate;
2952 const Unit *u = userdata;
2953 int r;
2954
2955 assert(filename);
2956 assert(lvalue);
2957 assert(rvalue);
2958 assert(data);
2959
2960 if (isempty(rvalue)) {
2961 /* Empty assignment resets the list */
2962 *list = condition_free_list(*list);
2963 return 0;
2964 }
2965
2966 trigger = rvalue[0] == '|';
2967 if (trigger)
2968 rvalue++;
2969
2970 negate = rvalue[0] == '!';
2971 if (negate)
2972 rvalue++;
2973
2974 r = unit_full_printf(u, rvalue, &p);
2975 if (r < 0) {
2976 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
2977 return 0;
2978 }
2979
2980 r = path_simplify_and_warn(p, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
2981 if (r < 0)
2982 return 0;
2983
2984 c = condition_new(t, p, trigger, negate);
2985 if (!c)
2986 return log_oom();
2987
2988 LIST_PREPEND(conditions, *list, c);
2989 return 0;
2990 }
2991
2992 int config_parse_unit_condition_string(
2993 const char *unit,
2994 const char *filename,
2995 unsigned line,
2996 const char *section,
2997 unsigned section_line,
2998 const char *lvalue,
2999 int ltype,
3000 const char *rvalue,
3001 void *data,
3002 void *userdata) {
3003
3004 _cleanup_free_ char *s = NULL;
3005 Condition **list = data, *c;
3006 ConditionType t = ltype;
3007 bool trigger, negate;
3008 const Unit *u = userdata;
3009 int r;
3010
3011 assert(filename);
3012 assert(lvalue);
3013 assert(rvalue);
3014 assert(data);
3015
3016 if (isempty(rvalue)) {
3017 /* Empty assignment resets the list */
3018 *list = condition_free_list(*list);
3019 return 0;
3020 }
3021
3022 trigger = *rvalue == '|';
3023 if (trigger)
3024 rvalue += 1 + strspn(rvalue + 1, WHITESPACE);
3025
3026 negate = *rvalue == '!';
3027 if (negate)
3028 rvalue += 1 + strspn(rvalue + 1, WHITESPACE);
3029
3030 r = unit_full_printf(u, rvalue, &s);
3031 if (r < 0) {
3032 log_syntax(unit, LOG_WARNING, filename, line, r,
3033 "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
3034 return 0;
3035 }
3036
3037 c = condition_new(t, s, trigger, negate);
3038 if (!c)
3039 return log_oom();
3040
3041 LIST_PREPEND(conditions, *list, c);
3042 return 0;
3043 }
3044
3045 int config_parse_unit_requires_mounts_for(
3046 const char *unit,
3047 const char *filename,
3048 unsigned line,
3049 const char *section,
3050 unsigned section_line,
3051 const char *lvalue,
3052 int ltype,
3053 const char *rvalue,
3054 void *data,
3055 void *userdata) {
3056
3057 Unit *u = userdata;
3058 int r;
3059
3060 assert(filename);
3061 assert(lvalue);
3062 assert(rvalue);
3063 assert(data);
3064
3065 for (const char *p = rvalue;;) {
3066 _cleanup_free_ char *word = NULL, *resolved = NULL;
3067
3068 r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE);
3069 if (r == 0)
3070 return 0;
3071 if (r == -ENOMEM)
3072 return log_oom();
3073 if (r < 0) {
3074 log_syntax(unit, LOG_WARNING, filename, line, r,
3075 "Invalid syntax, ignoring: %s", rvalue);
3076 return 0;
3077 }
3078
3079 r = unit_full_printf(u, word, &resolved);
3080 if (r < 0) {
3081 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
3082 continue;
3083 }
3084
3085 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
3086 if (r < 0)
3087 continue;
3088
3089 r = unit_require_mounts_for(u, resolved, UNIT_DEPENDENCY_FILE);
3090 if (r < 0) {
3091 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to add required mount '%s', ignoring: %m", resolved);
3092 continue;
3093 }
3094 }
3095 }
3096
3097 int config_parse_documentation(
3098 const char *unit,
3099 const char *filename,
3100 unsigned line,
3101 const char *section,
3102 unsigned section_line,
3103 const char *lvalue,
3104 int ltype,
3105 const char *rvalue,
3106 void *data,
3107 void *userdata) {
3108
3109 Unit *u = userdata;
3110 int r;
3111 char **a, **b;
3112
3113 assert(filename);
3114 assert(lvalue);
3115 assert(rvalue);
3116 assert(u);
3117
3118 if (isempty(rvalue)) {
3119 /* Empty assignment resets the list */
3120 u->documentation = strv_free(u->documentation);
3121 return 0;
3122 }
3123
3124 r = config_parse_unit_strv_printf(unit, filename, line, section, section_line, lvalue, ltype,
3125 rvalue, data, userdata);
3126 if (r < 0)
3127 return r;
3128
3129 for (a = b = u->documentation; a && *a; a++) {
3130
3131 if (documentation_url_is_valid(*a))
3132 *(b++) = *a;
3133 else {
3134 log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid URL, ignoring: %s", *a);
3135 free(*a);
3136 }
3137 }
3138 if (b)
3139 *b = NULL;
3140
3141 return 0;
3142 }
3143
3144 #if HAVE_SECCOMP
3145 int config_parse_syscall_filter(
3146 const char *unit,
3147 const char *filename,
3148 unsigned line,
3149 const char *section,
3150 unsigned section_line,
3151 const char *lvalue,
3152 int ltype,
3153 const char *rvalue,
3154 void *data,
3155 void *userdata) {
3156
3157 ExecContext *c = data;
3158 _unused_ const Unit *u = userdata;
3159 bool invert = false;
3160 int r;
3161
3162 assert(filename);
3163 assert(lvalue);
3164 assert(rvalue);
3165 assert(u);
3166
3167 if (isempty(rvalue)) {
3168 /* Empty assignment resets the list */
3169 c->syscall_filter = hashmap_free(c->syscall_filter);
3170 c->syscall_allow_list = false;
3171 return 0;
3172 }
3173
3174 if (rvalue[0] == '~') {
3175 invert = true;
3176 rvalue++;
3177 }
3178
3179 if (!c->syscall_filter) {
3180 c->syscall_filter = hashmap_new(NULL);
3181 if (!c->syscall_filter)
3182 return log_oom();
3183
3184 if (invert)
3185 /* Allow everything but the ones listed */
3186 c->syscall_allow_list = false;
3187 else {
3188 /* Allow nothing but the ones listed */
3189 c->syscall_allow_list = true;
3190
3191 /* Accept default syscalls if we are on a allow_list */
3192 r = seccomp_parse_syscall_filter(
3193 "@default", -1, c->syscall_filter,
3194 SECCOMP_PARSE_PERMISSIVE|SECCOMP_PARSE_ALLOW_LIST,
3195 unit,
3196 NULL, 0);
3197 if (r < 0)
3198 return r;
3199 }
3200 }
3201
3202 for (const char *p = rvalue;;) {
3203 _cleanup_free_ char *word = NULL, *name = NULL;
3204 int num;
3205
3206 r = extract_first_word(&p, &word, NULL, 0);
3207 if (r == 0)
3208 return 0;
3209 if (r == -ENOMEM)
3210 return log_oom();
3211 if (r < 0) {
3212 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
3213 return 0;
3214 }
3215
3216 r = parse_syscall_and_errno(word, &name, &num);
3217 if (r < 0) {
3218 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse syscall:errno, ignoring: %s", word);
3219 continue;
3220 }
3221
3222 r = seccomp_parse_syscall_filter(
3223 name, num, c->syscall_filter,
3224 SECCOMP_PARSE_LOG|SECCOMP_PARSE_PERMISSIVE|
3225 (invert ? SECCOMP_PARSE_INVERT : 0)|
3226 (c->syscall_allow_list ? SECCOMP_PARSE_ALLOW_LIST : 0),
3227 unit, filename, line);
3228 if (r < 0)
3229 return r;
3230 }
3231 }
3232
3233 int config_parse_syscall_log(
3234 const char *unit,
3235 const char *filename,
3236 unsigned line,
3237 const char *section,
3238 unsigned section_line,
3239 const char *lvalue,
3240 int ltype,
3241 const char *rvalue,
3242 void *data,
3243 void *userdata) {
3244
3245 ExecContext *c = data;
3246 _unused_ const Unit *u = userdata;
3247 bool invert = false;
3248 const char *p;
3249 int r;
3250
3251 assert(filename);
3252 assert(lvalue);
3253 assert(rvalue);
3254 assert(u);
3255
3256 if (isempty(rvalue)) {
3257 /* Empty assignment resets the list */
3258 c->syscall_log = hashmap_free(c->syscall_log);
3259 c->syscall_log_allow_list = false;
3260 return 0;
3261 }
3262
3263 if (rvalue[0] == '~') {
3264 invert = true;
3265 rvalue++;
3266 }
3267
3268 if (!c->syscall_log) {
3269 c->syscall_log = hashmap_new(NULL);
3270 if (!c->syscall_log)
3271 return log_oom();
3272
3273 if (invert)
3274 /* Log everything but the ones listed */
3275 c->syscall_log_allow_list = false;
3276 else
3277 /* Log nothing but the ones listed */
3278 c->syscall_log_allow_list = true;
3279 }
3280
3281 p = rvalue;
3282 for (;;) {
3283 _cleanup_free_ char *word = NULL, *name = NULL;
3284 int num;
3285
3286 r = extract_first_word(&p, &word, NULL, 0);
3287 if (r == 0)
3288 return 0;
3289 if (r == -ENOMEM)
3290 return log_oom();
3291 if (r < 0) {
3292 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
3293 return 0;
3294 }
3295
3296 r = parse_syscall_and_errno(word, &name, &num);
3297 if (r < 0 || num >= 0) { /* errno code not allowed */
3298 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse syscall, ignoring: %s", word);
3299 continue;
3300 }
3301
3302 r = seccomp_parse_syscall_filter(
3303 name, 0, c->syscall_log,
3304 SECCOMP_PARSE_LOG|SECCOMP_PARSE_PERMISSIVE|
3305 (invert ? SECCOMP_PARSE_INVERT : 0)|
3306 (c->syscall_log_allow_list ? SECCOMP_PARSE_ALLOW_LIST : 0),
3307 unit, filename, line);
3308 if (r < 0)
3309 return r;
3310 }
3311 }
3312
3313 int config_parse_syscall_archs(
3314 const char *unit,
3315 const char *filename,
3316 unsigned line,
3317 const char *section,
3318 unsigned section_line,
3319 const char *lvalue,
3320 int ltype,
3321 const char *rvalue,
3322 void *data,
3323 void *userdata) {
3324
3325 Set **archs = data;
3326 int r;
3327
3328 if (isempty(rvalue)) {
3329 *archs = set_free(*archs);
3330 return 0;
3331 }
3332
3333 for (const char *p = rvalue;;) {
3334 _cleanup_free_ char *word = NULL;
3335 uint32_t a;
3336
3337 r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE);
3338 if (r == 0)
3339 return 0;
3340 if (r == -ENOMEM)
3341 return log_oom();
3342 if (r < 0) {
3343 log_syntax(unit, LOG_WARNING, filename, line, r,
3344 "Invalid syntax, ignoring: %s", rvalue);
3345 return 0;
3346 }
3347
3348 r = seccomp_arch_from_string(word, &a);
3349 if (r < 0) {
3350 log_syntax(unit, LOG_WARNING, filename, line, r,
3351 "Failed to parse system call architecture \"%s\", ignoring: %m", word);
3352 continue;
3353 }
3354
3355 r = set_ensure_put(archs, NULL, UINT32_TO_PTR(a + 1));
3356 if (r < 0)
3357 return log_oom();
3358 }
3359 }
3360
3361 int config_parse_syscall_errno(
3362 const char *unit,
3363 const char *filename,
3364 unsigned line,
3365 const char *section,
3366 unsigned section_line,
3367 const char *lvalue,
3368 int ltype,
3369 const char *rvalue,
3370 void *data,
3371 void *userdata) {
3372
3373 ExecContext *c = data;
3374 int e;
3375
3376 assert(filename);
3377 assert(lvalue);
3378 assert(rvalue);
3379
3380 if (isempty(rvalue) || streq(rvalue, "kill")) {
3381 /* Empty assignment resets to KILL */
3382 c->syscall_errno = SECCOMP_ERROR_NUMBER_KILL;
3383 return 0;
3384 }
3385
3386 e = parse_errno(rvalue);
3387 if (e < 0) {
3388 log_syntax(unit, LOG_WARNING, filename, line, e, "Failed to parse error number, ignoring: %s", rvalue);
3389 return 0;
3390 }
3391 if (e == 0) {
3392 log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid error number, ignoring: %s", rvalue);
3393 return 0;
3394 }
3395
3396 c->syscall_errno = e;
3397 return 0;
3398 }
3399
3400 int config_parse_address_families(
3401 const char *unit,
3402 const char *filename,
3403 unsigned line,
3404 const char *section,
3405 unsigned section_line,
3406 const char *lvalue,
3407 int ltype,
3408 const char *rvalue,
3409 void *data,
3410 void *userdata) {
3411
3412 ExecContext *c = data;
3413 bool invert = false;
3414 int r;
3415
3416 assert(filename);
3417 assert(lvalue);
3418 assert(rvalue);
3419
3420 if (isempty(rvalue)) {
3421 /* Empty assignment resets the list */
3422 c->address_families = set_free(c->address_families);
3423 c->address_families_allow_list = false;
3424 return 0;
3425 }
3426
3427 if (rvalue[0] == '~') {
3428 invert = true;
3429 rvalue++;
3430 }
3431
3432 if (!c->address_families) {
3433 c->address_families = set_new(NULL);
3434 if (!c->address_families)
3435 return log_oom();
3436
3437 c->address_families_allow_list = !invert;
3438 }
3439
3440 for (const char *p = rvalue;;) {
3441 _cleanup_free_ char *word = NULL;
3442 int af;
3443
3444 r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE);
3445 if (r == 0)
3446 return 0;
3447 if (r == -ENOMEM)
3448 return log_oom();
3449 if (r < 0) {
3450 log_syntax(unit, LOG_WARNING, filename, line, r,
3451 "Invalid syntax, ignoring: %s", rvalue);
3452 return 0;
3453 }
3454
3455 af = af_from_name(word);
3456 if (af < 0) {
3457 log_syntax(unit, LOG_WARNING, filename, line, af,
3458 "Failed to parse address family, ignoring: %s", word);
3459 continue;
3460 }
3461
3462 /* If we previously wanted to forbid an address family and now
3463 * we want to allow it, then just remove it from the list.
3464 */
3465 if (!invert == c->address_families_allow_list) {
3466 r = set_put(c->address_families, INT_TO_PTR(af));
3467 if (r < 0)
3468 return log_oom();
3469 } else
3470 set_remove(c->address_families, INT_TO_PTR(af));
3471 }
3472 }
3473
3474 int config_parse_restrict_namespaces(
3475 const char *unit,
3476 const char *filename,
3477 unsigned line,
3478 const char *section,
3479 unsigned section_line,
3480 const char *lvalue,
3481 int ltype,
3482 const char *rvalue,
3483 void *data,
3484 void *userdata) {
3485
3486 ExecContext *c = data;
3487 unsigned long flags;
3488 bool invert = false;
3489 int r;
3490
3491 if (isempty(rvalue)) {
3492 /* Reset to the default. */
3493 c->restrict_namespaces = NAMESPACE_FLAGS_INITIAL;
3494 return 0;
3495 }
3496
3497 /* Boolean parameter ignores the previous settings */
3498 r = parse_boolean(rvalue);
3499 if (r > 0) {
3500 c->restrict_namespaces = 0;
3501 return 0;
3502 } else if (r == 0) {
3503 c->restrict_namespaces = NAMESPACE_FLAGS_ALL;
3504 return 0;
3505 }
3506
3507 if (rvalue[0] == '~') {
3508 invert = true;
3509 rvalue++;
3510 }
3511
3512 /* Not a boolean argument, in this case it's a list of namespace types. */
3513 r = namespace_flags_from_string(rvalue, &flags);
3514 if (r < 0) {
3515 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse namespace type string, ignoring: %s", rvalue);
3516 return 0;
3517 }
3518
3519 if (c->restrict_namespaces == NAMESPACE_FLAGS_INITIAL)
3520 /* Initial assignment. Just set the value. */
3521 c->restrict_namespaces = invert ? (~flags) & NAMESPACE_FLAGS_ALL : flags;
3522 else
3523 /* Merge the value with the previous one. */
3524 SET_FLAG(c->restrict_namespaces, flags, !invert);
3525
3526 return 0;
3527 }
3528 #endif
3529
3530 int config_parse_unit_slice(
3531 const char *unit,
3532 const char *filename,
3533 unsigned line,
3534 const char *section,
3535 unsigned section_line,
3536 const char *lvalue,
3537 int ltype,
3538 const char *rvalue,
3539 void *data,
3540 void *userdata) {
3541
3542 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
3543 _cleanup_free_ char *k = NULL;
3544 Unit *u = userdata, *slice;
3545 int r;
3546
3547 assert(filename);
3548 assert(lvalue);
3549 assert(rvalue);
3550 assert(u);
3551
3552 r = unit_name_printf(u, rvalue, &k);
3553 if (r < 0) {
3554 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
3555 return 0;
3556 }
3557
3558 r = manager_load_unit(u->manager, k, NULL, &error, &slice);
3559 if (r < 0) {
3560 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to load slice unit %s, ignoring: %s", k, bus_error_message(&error, r));
3561 return 0;
3562 }
3563
3564 r = unit_set_slice(u, slice);
3565 if (r < 0) {
3566 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to assign slice %s to unit %s, ignoring: %m", slice->id, u->id);
3567 return 0;
3568 }
3569
3570 return 0;
3571 }
3572
3573 int config_parse_cpu_quota(
3574 const char *unit,
3575 const char *filename,
3576 unsigned line,
3577 const char *section,
3578 unsigned section_line,
3579 const char *lvalue,
3580 int ltype,
3581 const char *rvalue,
3582 void *data,
3583 void *userdata) {
3584
3585 CGroupContext *c = data;
3586 int r;
3587
3588 assert(filename);
3589 assert(lvalue);
3590 assert(rvalue);
3591
3592 if (isempty(rvalue)) {
3593 c->cpu_quota_per_sec_usec = USEC_INFINITY;
3594 return 0;
3595 }
3596
3597 r = parse_permyriad_unbounded(rvalue);
3598 if (r <= 0) {
3599 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid CPU quota '%s', ignoring.", rvalue);
3600 return 0;
3601 }
3602
3603 c->cpu_quota_per_sec_usec = ((usec_t) r * USEC_PER_SEC) / 10000U;
3604 return 0;
3605 }
3606
3607 int config_parse_allowed_cpus(
3608 const char *unit,
3609 const char *filename,
3610 unsigned line,
3611 const char *section,
3612 unsigned section_line,
3613 const char *lvalue,
3614 int ltype,
3615 const char *rvalue,
3616 void *data,
3617 void *userdata) {
3618
3619 CGroupContext *c = data;
3620
3621 (void) parse_cpu_set_extend(rvalue, &c->cpuset_cpus, true, unit, filename, line, lvalue);
3622
3623 return 0;
3624 }
3625
3626 int config_parse_allowed_mems(
3627 const char *unit,
3628 const char *filename,
3629 unsigned line,
3630 const char *section,
3631 unsigned section_line,
3632 const char *lvalue,
3633 int ltype,
3634 const char *rvalue,
3635 void *data,
3636 void *userdata) {
3637
3638 CGroupContext *c = data;
3639
3640 (void) parse_cpu_set_extend(rvalue, &c->cpuset_mems, true, unit, filename, line, lvalue);
3641
3642 return 0;
3643 }
3644
3645 int config_parse_memory_limit(
3646 const char *unit,
3647 const char *filename,
3648 unsigned line,
3649 const char *section,
3650 unsigned section_line,
3651 const char *lvalue,
3652 int ltype,
3653 const char *rvalue,
3654 void *data,
3655 void *userdata) {
3656
3657 CGroupContext *c = data;
3658 uint64_t bytes = CGROUP_LIMIT_MAX;
3659 int r;
3660
3661 if (isempty(rvalue) && STR_IN_SET(lvalue, "DefaultMemoryLow",
3662 "DefaultMemoryMin",
3663 "MemoryLow",
3664 "MemoryMin"))
3665 bytes = CGROUP_LIMIT_MIN;
3666 else if (!isempty(rvalue) && !streq(rvalue, "infinity")) {
3667
3668 r = parse_permyriad(rvalue);
3669 if (r < 0) {
3670 r = parse_size(rvalue, 1024, &bytes);
3671 if (r < 0) {
3672 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid memory limit '%s', ignoring: %m", rvalue);
3673 return 0;
3674 }
3675 } else
3676 bytes = physical_memory_scale(r, 10000U);
3677
3678 if (bytes >= UINT64_MAX ||
3679 (bytes <= 0 && !STR_IN_SET(lvalue, "MemorySwapMax", "MemoryLow", "MemoryMin", "DefaultMemoryLow", "DefaultMemoryMin"))) {
3680 log_syntax(unit, LOG_WARNING, filename, line, 0, "Memory limit '%s' out of range, ignoring.", rvalue);
3681 return 0;
3682 }
3683 }
3684
3685 if (streq(lvalue, "DefaultMemoryLow")) {
3686 c->default_memory_low = bytes;
3687 c->default_memory_low_set = true;
3688 } else if (streq(lvalue, "DefaultMemoryMin")) {
3689 c->default_memory_min = bytes;
3690 c->default_memory_min_set = true;
3691 } else if (streq(lvalue, "MemoryMin")) {
3692 c->memory_min = bytes;
3693 c->memory_min_set = true;
3694 } else if (streq(lvalue, "MemoryLow")) {
3695 c->memory_low = bytes;
3696 c->memory_low_set = true;
3697 } else if (streq(lvalue, "MemoryHigh"))
3698 c->memory_high = bytes;
3699 else if (streq(lvalue, "MemoryMax"))
3700 c->memory_max = bytes;
3701 else if (streq(lvalue, "MemorySwapMax"))
3702 c->memory_swap_max = bytes;
3703 else if (streq(lvalue, "MemoryLimit"))
3704 c->memory_limit = bytes;
3705 else
3706 return -EINVAL;
3707
3708 return 0;
3709 }
3710
3711 int config_parse_tasks_max(
3712 const char *unit,
3713 const char *filename,
3714 unsigned line,
3715 const char *section,
3716 unsigned section_line,
3717 const char *lvalue,
3718 int ltype,
3719 const char *rvalue,
3720 void *data,
3721 void *userdata) {
3722
3723 const Unit *u = userdata;
3724 TasksMax *tasks_max = data;
3725 uint64_t v;
3726 int r;
3727
3728 if (isempty(rvalue)) {
3729 *tasks_max = u ? u->manager->default_tasks_max : TASKS_MAX_UNSET;
3730 return 0;
3731 }
3732
3733 if (streq(rvalue, "infinity")) {
3734 *tasks_max = TASKS_MAX_UNSET;
3735 return 0;
3736 }
3737
3738 r = parse_permyriad(rvalue);
3739 if (r >= 0)
3740 *tasks_max = (TasksMax) { r, 10000U }; /* r‱ */
3741 else {
3742 r = safe_atou64(rvalue, &v);
3743 if (r < 0) {
3744 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid maximum tasks value '%s', ignoring: %m", rvalue);
3745 return 0;
3746 }
3747
3748 if (v <= 0 || v >= UINT64_MAX) {
3749 log_syntax(unit, LOG_WARNING, filename, line, 0, "Maximum tasks value '%s' out of range, ignoring.", rvalue);
3750 return 0;
3751 }
3752
3753 *tasks_max = (TasksMax) { v };
3754 }
3755
3756 return 0;
3757 }
3758
3759 int config_parse_delegate(
3760 const char *unit,
3761 const char *filename,
3762 unsigned line,
3763 const char *section,
3764 unsigned section_line,
3765 const char *lvalue,
3766 int ltype,
3767 const char *rvalue,
3768 void *data,
3769 void *userdata) {
3770
3771 CGroupContext *c = data;
3772 UnitType t;
3773 int r;
3774
3775 t = unit_name_to_type(unit);
3776 assert(t != _UNIT_TYPE_INVALID);
3777
3778 if (!unit_vtable[t]->can_delegate) {
3779 log_syntax(unit, LOG_WARNING, filename, line, 0, "Delegate= setting not supported for this unit type, ignoring.");
3780 return 0;
3781 }
3782
3783 /* We either accept a boolean value, which may be used to turn on delegation for all controllers, or turn it
3784 * off for all. Or it takes a list of controller names, in which case we add the specified controllers to the
3785 * mask to delegate. */
3786
3787 if (isempty(rvalue)) {
3788 /* An empty string resets controllers and set Delegate=yes. */
3789 c->delegate = true;
3790 c->delegate_controllers = 0;
3791 return 0;
3792 }
3793
3794 r = parse_boolean(rvalue);
3795 if (r < 0) {
3796 CGroupMask mask = 0;
3797
3798 for (const char *p = rvalue;;) {
3799 _cleanup_free_ char *word = NULL;
3800 CGroupController cc;
3801
3802 r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE);
3803 if (r == 0)
3804 break;
3805 if (r == -ENOMEM)
3806 return log_oom();
3807 if (r < 0) {
3808 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
3809 return 0;
3810 }
3811
3812 cc = cgroup_controller_from_string(word);
3813 if (cc < 0) {
3814 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid controller name '%s', ignoring", word);
3815 continue;
3816 }
3817
3818 mask |= CGROUP_CONTROLLER_TO_MASK(cc);
3819 }
3820
3821 c->delegate = true;
3822 c->delegate_controllers |= mask;
3823
3824 } else if (r > 0) {
3825 c->delegate = true;
3826 c->delegate_controllers = _CGROUP_MASK_ALL;
3827 } else {
3828 c->delegate = false;
3829 c->delegate_controllers = 0;
3830 }
3831
3832 return 0;
3833 }
3834
3835 int config_parse_managed_oom_mode(
3836 const char *unit,
3837 const char *filename,
3838 unsigned line,
3839 const char *section,
3840 unsigned section_line,
3841 const char *lvalue,
3842 int ltype,
3843 const char *rvalue,
3844 void *data,
3845 void *userdata) {
3846
3847 ManagedOOMMode *mode = data, m;
3848 UnitType t;
3849
3850 t = unit_name_to_type(unit);
3851 assert(t != _UNIT_TYPE_INVALID);
3852
3853 if (!unit_vtable[t]->can_set_managed_oom)
3854 return log_syntax(unit, LOG_WARNING, filename, line, 0, "%s= is not supported for this unit type, ignoring.", lvalue);
3855
3856 if (isempty(rvalue)) {
3857 *mode = MANAGED_OOM_AUTO;
3858 return 0;
3859 }
3860
3861 m = managed_oom_mode_from_string(rvalue);
3862 if (m < 0) {
3863 log_syntax(unit, LOG_WARNING, filename, line, m, "Invalid syntax, ignoring: %s", rvalue);
3864 return 0;
3865 }
3866
3867 *mode = m;
3868 return 0;
3869 }
3870
3871 int config_parse_managed_oom_mem_pressure_limit(
3872 const char *unit,
3873 const char *filename,
3874 unsigned line,
3875 const char *section,
3876 unsigned section_line,
3877 const char *lvalue,
3878 int ltype,
3879 const char *rvalue,
3880 void *data,
3881 void *userdata) {
3882
3883 uint32_t *limit = data;
3884 UnitType t;
3885 int r;
3886
3887 t = unit_name_to_type(unit);
3888 assert(t != _UNIT_TYPE_INVALID);
3889
3890 if (!unit_vtable[t]->can_set_managed_oom)
3891 return log_syntax(unit, LOG_WARNING, filename, line, 0, "%s= is not supported for this unit type, ignoring.", lvalue);
3892
3893 if (isempty(rvalue)) {
3894 *limit = 0;
3895 return 0;
3896 }
3897
3898 r = parse_permyriad(rvalue);
3899 if (r < 0) {
3900 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse memory pressure limit value, ignoring: %s", rvalue);
3901 return 0;
3902 }
3903
3904 /* Normalize to 2^32-1 == 100% */
3905 *limit = UINT32_SCALE_FROM_PERMYRIAD(r);
3906 return 0;
3907 }
3908
3909 int config_parse_device_allow(
3910 const char *unit,
3911 const char *filename,
3912 unsigned line,
3913 const char *section,
3914 unsigned section_line,
3915 const char *lvalue,
3916 int ltype,
3917 const char *rvalue,
3918 void *data,
3919 void *userdata) {
3920
3921 _cleanup_free_ char *path = NULL, *resolved = NULL;
3922 CGroupContext *c = data;
3923 const char *p = rvalue;
3924 int r;
3925
3926 if (isempty(rvalue)) {
3927 while (c->device_allow)
3928 cgroup_context_free_device_allow(c, c->device_allow);
3929
3930 return 0;
3931 }
3932
3933 r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
3934 if (r == -ENOMEM)
3935 return log_oom();
3936 if (r < 0) {
3937 log_syntax(unit, LOG_WARNING, filename, line, r,
3938 "Invalid syntax, ignoring: %s", rvalue);
3939 return 0;
3940 }
3941 if (r == 0) {
3942 log_syntax(unit, LOG_WARNING, filename, line, 0,
3943 "Failed to extract device path and rights from '%s', ignoring.", rvalue);
3944 return 0;
3945 }
3946
3947 r = unit_full_printf(userdata, path, &resolved);
3948 if (r < 0) {
3949 log_syntax(unit, LOG_WARNING, filename, line, r,
3950 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3951 return 0;
3952 }
3953
3954 if (!STARTSWITH_SET(resolved, "block-", "char-")) {
3955
3956 r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
3957 if (r < 0)
3958 return 0;
3959
3960 if (!valid_device_node_path(resolved)) {
3961 log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3962 return 0;
3963 }
3964 }
3965
3966 if (!isempty(p) && !in_charset(p, "rwm")) {
3967 log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid device rights '%s', ignoring.", p);
3968 return 0;
3969 }
3970
3971 return cgroup_add_device_allow(c, resolved, p);
3972 }
3973
3974 int config_parse_io_device_weight(
3975 const char *unit,
3976 const char *filename,
3977 unsigned line,
3978 const char *section,
3979 unsigned section_line,
3980 const char *lvalue,
3981 int ltype,
3982 const char *rvalue,
3983 void *data,
3984 void *userdata) {
3985
3986 _cleanup_free_ char *path = NULL, *resolved = NULL;
3987 CGroupIODeviceWeight *w;
3988 CGroupContext *c = data;
3989 const char *p = rvalue;
3990 uint64_t u;
3991 int r;
3992
3993 assert(filename);
3994 assert(lvalue);
3995 assert(rvalue);
3996
3997 if (isempty(rvalue)) {
3998 while (c->io_device_weights)
3999 cgroup_context_free_io_device_weight(c, c->io_device_weights);
4000
4001 return 0;
4002 }
4003
4004 r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
4005 if (r == -ENOMEM)
4006 return log_oom();
4007 if (r < 0) {
4008 log_syntax(unit, LOG_WARNING, filename, line, r,
4009 "Invalid syntax, ignoring: %s", rvalue);
4010 return 0;
4011 }
4012 if (r == 0 || isempty(p)) {
4013 log_syntax(unit, LOG_WARNING, filename, line, 0,
4014 "Failed to extract device path and weight from '%s', ignoring.", rvalue);
4015 return 0;
4016 }
4017
4018 r = unit_full_printf(userdata, path, &resolved);
4019 if (r < 0) {
4020 log_syntax(unit, LOG_WARNING, filename, line, r,
4021 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
4022 return 0;
4023 }
4024
4025 r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
4026 if (r < 0)
4027 return 0;
4028
4029 r = cg_weight_parse(p, &u);
4030 if (r < 0) {
4031 log_syntax(unit, LOG_WARNING, filename, line, r, "IO weight '%s' invalid, ignoring: %m", p);
4032 return 0;
4033 }
4034
4035 assert(u != CGROUP_WEIGHT_INVALID);
4036
4037 w = new0(CGroupIODeviceWeight, 1);
4038 if (!w)
4039 return log_oom();
4040
4041 w->path = TAKE_PTR(resolved);
4042 w->weight = u;
4043
4044 LIST_PREPEND(device_weights, c->io_device_weights, w);
4045 return 0;
4046 }
4047
4048 int config_parse_io_device_latency(
4049 const char *unit,
4050 const char *filename,
4051 unsigned line,
4052 const char *section,
4053 unsigned section_line,
4054 const char *lvalue,
4055 int ltype,
4056 const char *rvalue,
4057 void *data,
4058 void *userdata) {
4059
4060 _cleanup_free_ char *path = NULL, *resolved = NULL;
4061 CGroupIODeviceLatency *l;
4062 CGroupContext *c = data;
4063 const char *p = rvalue;
4064 usec_t usec;
4065 int r;
4066
4067 assert(filename);
4068 assert(lvalue);
4069 assert(rvalue);
4070
4071 if (isempty(rvalue)) {
4072 while (c->io_device_latencies)
4073 cgroup_context_free_io_device_latency(c, c->io_device_latencies);
4074
4075 return 0;
4076 }
4077
4078 r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
4079 if (r == -ENOMEM)
4080 return log_oom();
4081 if (r < 0) {
4082 log_syntax(unit, LOG_WARNING, filename, line, r,
4083 "Invalid syntax, ignoring: %s", rvalue);
4084 return 0;
4085 }
4086 if (r == 0 || isempty(p)) {
4087 log_syntax(unit, LOG_WARNING, filename, line, 0,
4088 "Failed to extract device path and latency from '%s', ignoring.", rvalue);
4089 return 0;
4090 }
4091
4092 r = unit_full_printf(userdata, path, &resolved);
4093 if (r < 0) {
4094 log_syntax(unit, LOG_WARNING, filename, line, r,
4095 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
4096 return 0;
4097 }
4098
4099 r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
4100 if (r < 0)
4101 return 0;
4102
4103 r = parse_sec(p, &usec);
4104 if (r < 0) {
4105 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse timer value, ignoring: %s", p);
4106 return 0;
4107 }
4108
4109 l = new0(CGroupIODeviceLatency, 1);
4110 if (!l)
4111 return log_oom();
4112
4113 l->path = TAKE_PTR(resolved);
4114 l->target_usec = usec;
4115
4116 LIST_PREPEND(device_latencies, c->io_device_latencies, l);
4117 return 0;
4118 }
4119
4120 int config_parse_io_limit(
4121 const char *unit,
4122 const char *filename,
4123 unsigned line,
4124 const char *section,
4125 unsigned section_line,
4126 const char *lvalue,
4127 int ltype,
4128 const char *rvalue,
4129 void *data,
4130 void *userdata) {
4131
4132 _cleanup_free_ char *path = NULL, *resolved = NULL;
4133 CGroupIODeviceLimit *l = NULL, *t;
4134 CGroupContext *c = data;
4135 CGroupIOLimitType type;
4136 const char *p = rvalue;
4137 uint64_t num;
4138 int r;
4139
4140 assert(filename);
4141 assert(lvalue);
4142 assert(rvalue);
4143
4144 type = cgroup_io_limit_type_from_string(lvalue);
4145 assert(type >= 0);
4146
4147 if (isempty(rvalue)) {
4148 LIST_FOREACH(device_limits, l, c->io_device_limits)
4149 l->limits[type] = cgroup_io_limit_defaults[type];
4150 return 0;
4151 }
4152
4153 r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
4154 if (r == -ENOMEM)
4155 return log_oom();
4156 if (r < 0) {
4157 log_syntax(unit, LOG_WARNING, filename, line, r,
4158 "Invalid syntax, ignoring: %s", rvalue);
4159 return 0;
4160 }
4161 if (r == 0 || isempty(p)) {
4162 log_syntax(unit, LOG_WARNING, filename, line, 0,
4163 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
4164 return 0;
4165 }
4166
4167 r = unit_full_printf(userdata, path, &resolved);
4168 if (r < 0) {
4169 log_syntax(unit, LOG_WARNING, filename, line, r,
4170 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
4171 return 0;
4172 }
4173
4174 r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
4175 if (r < 0)
4176 return 0;
4177
4178 if (streq("infinity", p))
4179 num = CGROUP_LIMIT_MAX;
4180 else {
4181 r = parse_size(p, 1000, &num);
4182 if (r < 0 || num <= 0) {
4183 log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid IO limit '%s', ignoring.", p);
4184 return 0;
4185 }
4186 }
4187
4188 LIST_FOREACH(device_limits, t, c->io_device_limits) {
4189 if (path_equal(resolved, t->path)) {
4190 l = t;
4191 break;
4192 }
4193 }
4194
4195 if (!l) {
4196 CGroupIOLimitType ttype;
4197
4198 l = new0(CGroupIODeviceLimit, 1);
4199 if (!l)
4200 return log_oom();
4201
4202 l->path = TAKE_PTR(resolved);
4203 for (ttype = 0; ttype < _CGROUP_IO_LIMIT_TYPE_MAX; ttype++)
4204 l->limits[ttype] = cgroup_io_limit_defaults[ttype];
4205
4206 LIST_PREPEND(device_limits, c->io_device_limits, l);
4207 }
4208
4209 l->limits[type] = num;
4210
4211 return 0;
4212 }
4213
4214 int config_parse_blockio_device_weight(
4215 const char *unit,
4216 const char *filename,
4217 unsigned line,
4218 const char *section,
4219 unsigned section_line,
4220 const char *lvalue,
4221 int ltype,
4222 const char *rvalue,
4223 void *data,
4224 void *userdata) {
4225
4226 _cleanup_free_ char *path = NULL, *resolved = NULL;
4227 CGroupBlockIODeviceWeight *w;
4228 CGroupContext *c = data;
4229 const char *p = rvalue;
4230 uint64_t u;
4231 int r;
4232
4233 assert(filename);
4234 assert(lvalue);
4235 assert(rvalue);
4236
4237 if (isempty(rvalue)) {
4238 while (c->blockio_device_weights)
4239 cgroup_context_free_blockio_device_weight(c, c->blockio_device_weights);
4240
4241 return 0;
4242 }
4243
4244 r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
4245 if (r == -ENOMEM)
4246 return log_oom();
4247 if (r < 0) {
4248 log_syntax(unit, LOG_WARNING, filename, line, r,
4249 "Invalid syntax, ignoring: %s", rvalue);
4250 return 0;
4251 }
4252 if (r == 0 || isempty(p)) {
4253 log_syntax(unit, LOG_WARNING, filename, line, 0,
4254 "Failed to extract device node and weight from '%s', ignoring.", rvalue);
4255 return 0;
4256 }
4257
4258 r = unit_full_printf(userdata, path, &resolved);
4259 if (r < 0) {
4260 log_syntax(unit, LOG_WARNING, filename, line, r,
4261 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
4262 return 0;
4263 }
4264
4265 r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
4266 if (r < 0)
4267 return 0;
4268
4269 r = cg_blkio_weight_parse(p, &u);
4270 if (r < 0) {
4271 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid block IO weight '%s', ignoring: %m", p);
4272 return 0;
4273 }
4274
4275 assert(u != CGROUP_BLKIO_WEIGHT_INVALID);
4276
4277 w = new0(CGroupBlockIODeviceWeight, 1);
4278 if (!w)
4279 return log_oom();
4280
4281 w->path = TAKE_PTR(resolved);
4282 w->weight = u;
4283
4284 LIST_PREPEND(device_weights, c->blockio_device_weights, w);
4285 return 0;
4286 }
4287
4288 int config_parse_blockio_bandwidth(
4289 const char *unit,
4290 const char *filename,
4291 unsigned line,
4292 const char *section,
4293 unsigned section_line,
4294 const char *lvalue,
4295 int ltype,
4296 const char *rvalue,
4297 void *data,
4298 void *userdata) {
4299
4300 _cleanup_free_ char *path = NULL, *resolved = NULL;
4301 CGroupBlockIODeviceBandwidth *b = NULL, *t;
4302 CGroupContext *c = data;
4303 const char *p = rvalue;
4304 uint64_t bytes;
4305 bool read;
4306 int r;
4307
4308 assert(filename);
4309 assert(lvalue);
4310 assert(rvalue);
4311
4312 read = streq("BlockIOReadBandwidth", lvalue);
4313
4314 if (isempty(rvalue)) {
4315 LIST_FOREACH(device_bandwidths, b, c->blockio_device_bandwidths) {
4316 b->rbps = CGROUP_LIMIT_MAX;
4317 b->wbps = CGROUP_LIMIT_MAX;
4318 }
4319 return 0;
4320 }
4321
4322 r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
4323 if (r == -ENOMEM)
4324 return log_oom();
4325 if (r < 0) {
4326 log_syntax(unit, LOG_WARNING, filename, line, r,
4327 "Invalid syntax, ignoring: %s", rvalue);
4328 return 0;
4329 }
4330 if (r == 0 || isempty(p)) {
4331 log_syntax(unit, LOG_WARNING, filename, line, 0,
4332 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
4333 return 0;
4334 }
4335
4336 r = unit_full_printf(userdata, path, &resolved);
4337 if (r < 0) {
4338 log_syntax(unit, LOG_WARNING, filename, line, r,
4339 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
4340 return 0;
4341 }
4342
4343 r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
4344 if (r < 0)
4345 return 0;
4346
4347 r = parse_size(p, 1000, &bytes);
4348 if (r < 0 || bytes <= 0) {
4349 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid Block IO Bandwidth '%s', ignoring.", p);
4350 return 0;
4351 }
4352
4353 LIST_FOREACH(device_bandwidths, t, c->blockio_device_bandwidths) {
4354 if (path_equal(resolved, t->path)) {
4355 b = t;
4356 break;
4357 }
4358 }
4359
4360 if (!t) {
4361 b = new0(CGroupBlockIODeviceBandwidth, 1);
4362 if (!b)
4363 return log_oom();
4364
4365 b->path = TAKE_PTR(resolved);
4366 b->rbps = CGROUP_LIMIT_MAX;
4367 b->wbps = CGROUP_LIMIT_MAX;
4368
4369 LIST_PREPEND(device_bandwidths, c->blockio_device_bandwidths, b);
4370 }
4371
4372 if (read)
4373 b->rbps = bytes;
4374 else
4375 b->wbps = bytes;
4376
4377 return 0;
4378 }
4379
4380 int config_parse_job_mode_isolate(
4381 const char *unit,
4382 const char *filename,
4383 unsigned line,
4384 const char *section,
4385 unsigned section_line,
4386 const char *lvalue,
4387 int ltype,
4388 const char *rvalue,
4389 void *data,
4390 void *userdata) {
4391
4392 JobMode *m = data;
4393 int r;
4394
4395 assert(filename);
4396 assert(lvalue);
4397 assert(rvalue);
4398
4399 r = parse_boolean(rvalue);
4400 if (r < 0) {
4401 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse boolean, ignoring: %s", rvalue);
4402 return 0;
4403 }
4404
4405 log_notice("%s is deprecated. Please use OnFailureJobMode= instead", lvalue);
4406
4407 *m = r ? JOB_ISOLATE : JOB_REPLACE;
4408 return 0;
4409 }
4410
4411 int config_parse_exec_directories(
4412 const char *unit,
4413 const char *filename,
4414 unsigned line,
4415 const char *section,
4416 unsigned section_line,
4417 const char *lvalue,
4418 int ltype,
4419 const char *rvalue,
4420 void *data,
4421 void *userdata) {
4422
4423 char***rt = data;
4424 const Unit *u = userdata;
4425 int r;
4426
4427 assert(filename);
4428 assert(lvalue);
4429 assert(rvalue);
4430 assert(data);
4431
4432 if (isempty(rvalue)) {
4433 /* Empty assignment resets the list */
4434 *rt = strv_free(*rt);
4435 return 0;
4436 }
4437
4438 for (const char *p = rvalue;;) {
4439 _cleanup_free_ char *word = NULL, *k = NULL;
4440
4441 r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE);
4442 if (r == -ENOMEM)
4443 return log_oom();
4444 if (r < 0) {
4445 log_syntax(unit, LOG_WARNING, filename, line, r,
4446 "Invalid syntax, ignoring: %s", rvalue);
4447 return 0;
4448 }
4449 if (r == 0)
4450 return 0;
4451
4452 r = unit_full_printf(u, word, &k);
4453 if (r < 0) {
4454 log_syntax(unit, LOG_WARNING, filename, line, r,
4455 "Failed to resolve unit specifiers in \"%s\", ignoring: %m", word);
4456 continue;
4457 }
4458
4459 r = path_simplify_and_warn(k, PATH_CHECK_RELATIVE, unit, filename, line, lvalue);
4460 if (r < 0)
4461 continue;
4462
4463 if (path_startswith(k, "private")) {
4464 log_syntax(unit, LOG_WARNING, filename, line, 0,
4465 "%s= path can't be 'private', ignoring assignment: %s", lvalue, word);
4466 continue;
4467 }
4468
4469 r = strv_push(rt, k);
4470 if (r < 0)
4471 return log_oom();
4472 k = NULL;
4473 }
4474 }
4475
4476 int config_parse_set_credential(
4477 const char *unit,
4478 const char *filename,
4479 unsigned line,
4480 const char *section,
4481 unsigned section_line,
4482 const char *lvalue,
4483 int ltype,
4484 const char *rvalue,
4485 void *data,
4486 void *userdata) {
4487
4488 _cleanup_free_ char *word = NULL, *k = NULL, *unescaped = NULL;
4489 ExecContext *context = data;
4490 ExecSetCredential *old;
4491 Unit *u = userdata;
4492 const char *p;
4493 int r, l;
4494
4495 assert(filename);
4496 assert(lvalue);
4497 assert(rvalue);
4498 assert(context);
4499
4500 if (isempty(rvalue)) {
4501 /* Empty assignment resets the list */
4502 context->set_credentials = hashmap_free(context->set_credentials);
4503 return 0;
4504 }
4505
4506 p = rvalue;
4507 r = extract_first_word(&p, &word, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
4508 if (r == -ENOMEM)
4509 return log_oom();
4510 if (r <= 0 || !p) {
4511 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
4512 return 0;
4513 }
4514
4515 r = unit_full_printf(u, word, &k);
4516 if (r < 0) {
4517 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in \"%s\", ignoring: %m", word);
4518 return 0;
4519 }
4520 if (!credential_name_valid(k)) {
4521 log_syntax(unit, LOG_WARNING, filename, line, 0, "Credential name \"%s\" not valid, ignoring.", k);
4522 return 0;
4523 }
4524
4525 /* We support escape codes here, so that users can insert trailing \n if they like */
4526 l = cunescape(p, UNESCAPE_ACCEPT_NUL, &unescaped);
4527 if (l < 0) {
4528 log_syntax(unit, LOG_WARNING, filename, line, l, "Can't unescape \"%s\", ignoring: %m", p);
4529 return 0;
4530 }
4531
4532 old = hashmap_get(context->set_credentials, k);
4533 if (old) {
4534 free_and_replace(old->data, unescaped);
4535 old->size = l;
4536 } else {
4537 _cleanup_(exec_set_credential_freep) ExecSetCredential *sc = NULL;
4538
4539 sc = new0(ExecSetCredential, 1);
4540 if (!sc)
4541 return log_oom();
4542
4543 sc->id = TAKE_PTR(k);
4544 sc->data = TAKE_PTR(unescaped);
4545 sc->size = l;
4546
4547 r = hashmap_ensure_put(&context->set_credentials, &exec_set_credential_hash_ops, sc->id, sc);
4548 if (r == -ENOMEM)
4549 return log_oom();
4550 if (r < 0) {
4551 log_syntax(unit, LOG_WARNING, filename, line, l,
4552 "Duplicated credential value '%s', ignoring assignment: %s", sc->id, rvalue);
4553 return 0;
4554 }
4555
4556 TAKE_PTR(sc);
4557 }
4558
4559 return 0;
4560 }
4561
4562 int config_parse_load_credential(
4563 const char *unit,
4564 const char *filename,
4565 unsigned line,
4566 const char *section,
4567 unsigned section_line,
4568 const char *lvalue,
4569 int ltype,
4570 const char *rvalue,
4571 void *data,
4572 void *userdata) {
4573
4574 _cleanup_free_ char *word = NULL, *k = NULL, *q = NULL;
4575 ExecContext *context = data;
4576 Unit *u = userdata;
4577 const char *p;
4578 int r;
4579
4580 assert(filename);
4581 assert(lvalue);
4582 assert(rvalue);
4583 assert(context);
4584
4585 if (isempty(rvalue)) {
4586 /* Empty assignment resets the list */
4587 context->load_credentials = strv_free(context->load_credentials);
4588 return 0;
4589 }
4590
4591 p = rvalue;
4592 r = extract_first_word(&p, &word, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
4593 if (r == -ENOMEM)
4594 return log_oom();
4595 if (r <= 0) {
4596 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
4597 return 0;
4598 }
4599
4600 r = unit_full_printf(u, word, &k);
4601 if (r < 0) {
4602 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in \"%s\", ignoring: %m", word);
4603 return 0;
4604 }
4605 if (!credential_name_valid(k)) {
4606 log_syntax(unit, LOG_WARNING, filename, line, 0, "Credential name \"%s\" not valid, ignoring.", k);
4607 return 0;
4608 }
4609 r = unit_full_printf(u, p, &q);
4610 if (r < 0) {
4611 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in \"%s\", ignoring: %m", p);
4612 return 0;
4613 }
4614 if (path_is_absolute(q) ? !path_is_normalized(q) : !credential_name_valid(q)) {
4615 log_syntax(unit, LOG_WARNING, filename, line, r, "Credential source \"%s\" not valid, ignoring.", q);
4616 return 0;
4617 }
4618
4619 r = strv_consume_pair(&context->load_credentials, TAKE_PTR(k), TAKE_PTR(q));
4620 if (r < 0)
4621 return log_oom();
4622
4623 return 0;
4624 }
4625
4626 int config_parse_set_status(
4627 const char *unit,
4628 const char *filename,
4629 unsigned line,
4630 const char *section,
4631 unsigned section_line,
4632 const char *lvalue,
4633 int ltype,
4634 const char *rvalue,
4635 void *data,
4636 void *userdata) {
4637
4638 ExitStatusSet *status_set = data;
4639 int r;
4640
4641 assert(filename);
4642 assert(lvalue);
4643 assert(rvalue);
4644 assert(status_set);
4645
4646 /* Empty assignment resets the list */
4647 if (isempty(rvalue)) {
4648 exit_status_set_free(status_set);
4649 return 0;
4650 }
4651
4652 for (const char *p = rvalue;;) {
4653 _cleanup_free_ char *word = NULL;
4654 Bitmap *bitmap;
4655
4656 r = extract_first_word(&p, &word, NULL, 0);
4657 if (r == -ENOMEM)
4658 return log_oom();
4659 if (r < 0) {
4660 log_syntax(unit, LOG_WARNING, filename, line, r,
4661 "Failed to parse %s=%s, ignoring: %m", lvalue, rvalue);
4662 return 0;
4663 }
4664 if (r == 0)
4665 return 0;
4666
4667 /* We need to call exit_status_from_string() first, because we want
4668 * to parse numbers as exit statuses, not signals. */
4669
4670 r = exit_status_from_string(word);
4671 if (r >= 0) {
4672 assert(r >= 0 && r < 256);
4673 bitmap = &status_set->status;
4674 } else {
4675 r = signal_from_string(word);
4676 if (r < 0) {
4677 log_syntax(unit, LOG_WARNING, filename, line, r,
4678 "Failed to parse value, ignoring: %s", word);
4679 continue;
4680 }
4681 bitmap = &status_set->signal;
4682 }
4683
4684 r = bitmap_set(bitmap, r);
4685 if (r < 0)
4686 log_syntax(unit, LOG_WARNING, filename, line, r,
4687 "Failed to set signal or status %s, ignoring: %m", word);
4688 }
4689 }
4690
4691 int config_parse_namespace_path_strv(
4692 const char *unit,
4693 const char *filename,
4694 unsigned line,
4695 const char *section,
4696 unsigned section_line,
4697 const char *lvalue,
4698 int ltype,
4699 const char *rvalue,
4700 void *data,
4701 void *userdata) {
4702
4703 const Unit *u = userdata;
4704 char*** sv = data;
4705 int r;
4706
4707 assert(filename);
4708 assert(lvalue);
4709 assert(rvalue);
4710 assert(data);
4711
4712 if (isempty(rvalue)) {
4713 /* Empty assignment resets the list */
4714 *sv = strv_free(*sv);
4715 return 0;
4716 }
4717
4718 for (const char *p = rvalue;;) {
4719 _cleanup_free_ char *word = NULL, *resolved = NULL, *joined = NULL;
4720 const char *w;
4721 bool ignore_enoent = false, shall_prefix = false;
4722
4723 r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE);
4724 if (r == 0)
4725 break;
4726 if (r == -ENOMEM)
4727 return log_oom();
4728 if (r < 0) {
4729 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue);
4730 return 0;
4731 }
4732
4733 w = word;
4734 if (startswith(w, "-")) {
4735 ignore_enoent = true;
4736 w++;
4737 }
4738 if (startswith(w, "+")) {
4739 shall_prefix = true;
4740 w++;
4741 }
4742
4743 r = unit_full_printf(u, w, &resolved);
4744 if (r < 0) {
4745 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s: %m", w);
4746 continue;
4747 }
4748
4749 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
4750 if (r < 0)
4751 continue;
4752
4753 joined = strjoin(ignore_enoent ? "-" : "",
4754 shall_prefix ? "+" : "",
4755 resolved);
4756
4757 r = strv_push(sv, joined);
4758 if (r < 0)
4759 return log_oom();
4760
4761 joined = NULL;
4762 }
4763
4764 return 0;
4765 }
4766
4767 int config_parse_temporary_filesystems(
4768 const char *unit,
4769 const char *filename,
4770 unsigned line,
4771 const char *section,
4772 unsigned section_line,
4773 const char *lvalue,
4774 int ltype,
4775 const char *rvalue,
4776 void *data,
4777 void *userdata) {
4778
4779 const Unit *u = userdata;
4780 ExecContext *c = data;
4781 int r;
4782
4783 assert(filename);
4784 assert(lvalue);
4785 assert(rvalue);
4786 assert(data);
4787
4788 if (isempty(rvalue)) {
4789 /* Empty assignment resets the list */
4790 temporary_filesystem_free_many(c->temporary_filesystems, c->n_temporary_filesystems);
4791 c->temporary_filesystems = NULL;
4792 c->n_temporary_filesystems = 0;
4793 return 0;
4794 }
4795
4796 for (const char *p = rvalue;;) {
4797 _cleanup_free_ char *word = NULL, *path = NULL, *resolved = NULL;
4798 const char *w;
4799
4800 r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE);
4801 if (r == 0)
4802 return 0;
4803 if (r == -ENOMEM)
4804 return log_oom();
4805 if (r < 0) {
4806 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue);
4807 return 0;
4808 }
4809
4810 w = word;
4811 r = extract_first_word(&w, &path, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
4812 if (r == -ENOMEM)
4813 return log_oom();
4814 if (r < 0) {
4815 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to extract first word, ignoring: %s", word);
4816 continue;
4817 }
4818 if (r == 0) {
4819 log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid syntax, ignoring: %s", word);
4820 continue;
4821 }
4822
4823 r = unit_full_printf(u, path, &resolved);
4824 if (r < 0) {
4825 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", path);
4826 continue;
4827 }
4828
4829 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
4830 if (r < 0)
4831 continue;
4832
4833 r = temporary_filesystem_add(&c->temporary_filesystems, &c->n_temporary_filesystems, resolved, w);
4834 if (r < 0)
4835 return log_oom();
4836 }
4837 }
4838
4839 int config_parse_bind_paths(
4840 const char *unit,
4841 const char *filename,
4842 unsigned line,
4843 const char *section,
4844 unsigned section_line,
4845 const char *lvalue,
4846 int ltype,
4847 const char *rvalue,
4848 void *data,
4849 void *userdata) {
4850
4851 ExecContext *c = data;
4852 const Unit *u = userdata;
4853 int r;
4854
4855 assert(filename);
4856 assert(lvalue);
4857 assert(rvalue);
4858 assert(data);
4859
4860 if (isempty(rvalue)) {
4861 /* Empty assignment resets the list */
4862 bind_mount_free_many(c->bind_mounts, c->n_bind_mounts);
4863 c->bind_mounts = NULL;
4864 c->n_bind_mounts = 0;
4865 return 0;
4866 }
4867
4868 for (const char *p = rvalue;;) {
4869 _cleanup_free_ char *source = NULL, *destination = NULL;
4870 _cleanup_free_ char *sresolved = NULL, *dresolved = NULL;
4871 char *s = NULL, *d = NULL;
4872 bool rbind = true, ignore_enoent = false;
4873
4874 r = extract_first_word(&p, &source, ":" WHITESPACE, EXTRACT_UNQUOTE|EXTRACT_DONT_COALESCE_SEPARATORS);
4875 if (r == 0)
4876 break;
4877 if (r == -ENOMEM)
4878 return log_oom();
4879 if (r < 0) {
4880 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s, ignoring: %s", lvalue, rvalue);
4881 return 0;
4882 }
4883
4884 r = unit_full_printf(u, source, &sresolved);
4885 if (r < 0) {
4886 log_syntax(unit, LOG_WARNING, filename, line, r,
4887 "Failed to resolve unit specifiers in \"%s\", ignoring: %m", source);
4888 continue;
4889 }
4890
4891 s = sresolved;
4892 if (s[0] == '-') {
4893 ignore_enoent = true;
4894 s++;
4895 }
4896
4897 r = path_simplify_and_warn(s, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
4898 if (r < 0)
4899 continue;
4900
4901 /* Optionally, the destination is specified. */
4902 if (p && p[-1] == ':') {
4903 r = extract_first_word(&p, &destination, ":" WHITESPACE, EXTRACT_UNQUOTE|EXTRACT_DONT_COALESCE_SEPARATORS);
4904 if (r == -ENOMEM)
4905 return log_oom();
4906 if (r < 0) {
4907 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s, ignoring: %s", lvalue, rvalue);
4908 return 0;
4909 }
4910 if (r == 0) {
4911 log_syntax(unit, LOG_WARNING, filename, line, 0, "Missing argument after ':', ignoring: %s", s);
4912 continue;
4913 }
4914
4915 r = unit_full_printf(u, destination, &dresolved);
4916 if (r < 0) {
4917 log_syntax(unit, LOG_WARNING, filename, line, r,
4918 "Failed to resolve specifiers in \"%s\", ignoring: %m", destination);
4919 continue;
4920 }
4921
4922 r = path_simplify_and_warn(dresolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
4923 if (r < 0)
4924 continue;
4925
4926 d = dresolved;
4927
4928 /* Optionally, there's also a short option string specified */
4929 if (p && p[-1] == ':') {
4930 _cleanup_free_ char *options = NULL;
4931
4932 r = extract_first_word(&p, &options, NULL, EXTRACT_UNQUOTE);
4933 if (r == -ENOMEM)
4934 return log_oom();
4935 if (r < 0) {
4936 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4937 return 0;
4938 }
4939
4940 if (isempty(options) || streq(options, "rbind"))
4941 rbind = true;
4942 else if (streq(options, "norbind"))
4943 rbind = false;
4944 else {
4945 log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid option string, ignoring setting: %s", options);
4946 continue;
4947 }
4948 }
4949 } else
4950 d = s;
4951
4952 r = bind_mount_add(&c->bind_mounts, &c->n_bind_mounts,
4953 &(BindMount) {
4954 .source = s,
4955 .destination = d,
4956 .read_only = !!strstr(lvalue, "ReadOnly"),
4957 .recursive = rbind,
4958 .ignore_enoent = ignore_enoent,
4959 });
4960 if (r < 0)
4961 return log_oom();
4962 }
4963
4964 return 0;
4965 }
4966
4967 int config_parse_mount_images(
4968 const char *unit,
4969 const char *filename,
4970 unsigned line,
4971 const char *section,
4972 unsigned section_line,
4973 const char *lvalue,
4974 int ltype,
4975 const char *rvalue,
4976 void *data,
4977 void *userdata) {
4978
4979 ExecContext *c = data;
4980 const Unit *u = userdata;
4981 int r;
4982
4983 assert(filename);
4984 assert(lvalue);
4985 assert(rvalue);
4986 assert(data);
4987
4988 if (isempty(rvalue)) {
4989 /* Empty assignment resets the list */
4990 c->mount_images = mount_image_free_many(c->mount_images, &c->n_mount_images);
4991 return 0;
4992 }
4993
4994 for (const char *p = rvalue;;) {
4995 _cleanup_(mount_options_free_allp) MountOptions *options = NULL;
4996 _cleanup_free_ char *first = NULL, *second = NULL, *tuple = NULL;
4997 _cleanup_free_ char *sresolved = NULL, *dresolved = NULL;
4998 const char *q = NULL;
4999 char *s = NULL;
5000 bool permissive = false;
5001
5002 r = extract_first_word(&p, &tuple, NULL, EXTRACT_UNQUOTE|EXTRACT_RETAIN_ESCAPE);
5003 if (r == -ENOMEM)
5004 return log_oom();
5005 if (r < 0) {
5006 log_syntax(unit, LOG_WARNING, filename, line, r,
5007 "Invalid syntax %s=%s, ignoring: %m", lvalue, rvalue);
5008 return 0;
5009 }
5010 if (r == 0)
5011 return 0;
5012
5013 q = tuple;
5014 r = extract_many_words(&q, ":", EXTRACT_CUNESCAPE|EXTRACT_UNESCAPE_SEPARATORS, &first, &second, NULL);
5015 if (r == -ENOMEM)
5016 return log_oom();
5017 if (r < 0) {
5018 log_syntax(unit, LOG_WARNING, filename, line, r,
5019 "Invalid syntax in %s=, ignoring: %s", lvalue, tuple);
5020 return 0;
5021 }
5022 if (r == 0)
5023 continue;
5024
5025 s = first;
5026 if (s[0] == '-') {
5027 permissive = true;
5028 s++;
5029 }
5030
5031 r = unit_full_printf(u, s, &sresolved);
5032 if (r < 0) {
5033 log_syntax(unit, LOG_WARNING, filename, line, r,
5034 "Failed to resolve unit specifiers in \"%s\", ignoring: %m", s);
5035 continue;
5036 }
5037
5038 r = path_simplify_and_warn(sresolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
5039 if (r < 0)
5040 continue;
5041
5042 if (isempty(second)) {
5043 log_syntax(unit, LOG_WARNING, filename, line, 0, "Missing destination in %s, ignoring: %s", lvalue, rvalue);
5044 continue;
5045 }
5046
5047 r = unit_full_printf(u, second, &dresolved);
5048 if (r < 0) {
5049 log_syntax(unit, LOG_WARNING, filename, line, r,
5050 "Failed to resolve specifiers in \"%s\", ignoring: %m", second);
5051 continue;
5052 }
5053
5054 r = path_simplify_and_warn(dresolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
5055 if (r < 0)
5056 continue;
5057
5058 for (;;) {
5059 _cleanup_free_ char *partition = NULL, *mount_options = NULL, *mount_options_resolved = NULL;
5060 MountOptions *o = NULL;
5061 PartitionDesignator partition_designator;
5062
5063 r = extract_many_words(&q, ":", EXTRACT_CUNESCAPE|EXTRACT_UNESCAPE_SEPARATORS, &partition, &mount_options, NULL);
5064 if (r == -ENOMEM)
5065 return log_oom();
5066 if (r < 0) {
5067 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", q);
5068 return 0;
5069 }
5070 if (r == 0)
5071 break;
5072 /* Single set of options, applying to the root partition/single filesystem */
5073 if (r == 1) {
5074 r = unit_full_printf(u, partition, &mount_options_resolved);
5075 if (r < 0) {
5076 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", first);
5077 continue;
5078 }
5079
5080 o = new(MountOptions, 1);
5081 if (!o)
5082 return log_oom();
5083 *o = (MountOptions) {
5084 .partition_designator = PARTITION_ROOT,
5085 .options = TAKE_PTR(mount_options_resolved),
5086 };
5087 LIST_APPEND(mount_options, options, o);
5088
5089 break;
5090 }
5091
5092 partition_designator = partition_designator_from_string(partition);
5093 if (partition_designator < 0) {
5094 log_syntax(unit, LOG_WARNING, filename, line, partition_designator,
5095 "Invalid partition name %s, ignoring", partition);
5096 continue;
5097 }
5098 r = unit_full_printf(u, mount_options, &mount_options_resolved);
5099 if (r < 0) {
5100 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", mount_options);
5101 continue;
5102 }
5103
5104 o = new(MountOptions, 1);
5105 if (!o)
5106 return log_oom();
5107 *o = (MountOptions) {
5108 .partition_designator = partition_designator,
5109 .options = TAKE_PTR(mount_options_resolved),
5110 };
5111 LIST_APPEND(mount_options, options, o);
5112 }
5113
5114 r = mount_image_add(&c->mount_images, &c->n_mount_images,
5115 &(MountImage) {
5116 .source = sresolved,
5117 .destination = dresolved,
5118 .mount_options = options,
5119 .ignore_enoent = permissive,
5120 .type = MOUNT_IMAGE_DISCRETE,
5121 });
5122 if (r < 0)
5123 return log_oom();
5124 }
5125 }
5126
5127 int config_parse_extension_images(
5128 const char *unit,
5129 const char *filename,
5130 unsigned line,
5131 const char *section,
5132 unsigned section_line,
5133 const char *lvalue,
5134 int ltype,
5135 const char *rvalue,
5136 void *data,
5137 void *userdata) {
5138
5139 ExecContext *c = data;
5140 const Unit *u = userdata;
5141 int r;
5142
5143 assert(filename);
5144 assert(lvalue);
5145 assert(rvalue);
5146 assert(data);
5147
5148 if (isempty(rvalue)) {
5149 /* Empty assignment resets the list */
5150 c->extension_images = mount_image_free_many(c->extension_images, &c->n_extension_images);
5151 return 0;
5152 }
5153
5154 for (const char *p = rvalue;;) {
5155 _cleanup_free_ char *source = NULL, *tuple = NULL, *sresolved = NULL;
5156 _cleanup_(mount_options_free_allp) MountOptions *options = NULL;
5157 bool permissive = false;
5158 const char *q = NULL;
5159 char *s = NULL;
5160
5161 r = extract_first_word(&p, &tuple, NULL, EXTRACT_UNQUOTE|EXTRACT_RETAIN_ESCAPE);
5162 if (r == -ENOMEM)
5163 return log_oom();
5164 if (r < 0) {
5165 log_syntax(unit, LOG_WARNING, filename, line, r,
5166 "Invalid syntax %s=%s, ignoring: %m", lvalue, rvalue);
5167 return 0;
5168 }
5169 if (r == 0)
5170 return 0;
5171
5172 q = tuple;
5173 r = extract_first_word(&q, &source, ":", EXTRACT_CUNESCAPE|EXTRACT_UNESCAPE_SEPARATORS);
5174 if (r == -ENOMEM)
5175 return log_oom();
5176 if (r < 0) {
5177 log_syntax(unit, LOG_WARNING, filename, line, r,
5178 "Invalid syntax in %s=, ignoring: %s", lvalue, tuple);
5179 return 0;
5180 }
5181 if (r == 0)
5182 continue;
5183
5184 s = source;
5185 if (s[0] == '-') {
5186 permissive = true;
5187 s++;
5188 }
5189
5190 r = unit_full_printf(u, s, &sresolved);
5191 if (r < 0) {
5192 log_syntax(unit, LOG_WARNING, filename, line, r,
5193 "Failed to resolve unit specifiers in \"%s\", ignoring: %m", s);
5194 continue;
5195 }
5196
5197 r = path_simplify_and_warn(sresolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
5198 if (r < 0)
5199 continue;
5200
5201 for (;;) {
5202 _cleanup_free_ char *partition = NULL, *mount_options = NULL, *mount_options_resolved = NULL;
5203 MountOptions *o = NULL;
5204 PartitionDesignator partition_designator;
5205
5206 r = extract_many_words(&q, ":", EXTRACT_CUNESCAPE|EXTRACT_UNESCAPE_SEPARATORS, &partition, &mount_options, NULL);
5207 if (r == -ENOMEM)
5208 return log_oom();
5209 if (r < 0) {
5210 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", q);
5211 return 0;
5212 }
5213 if (r == 0)
5214 break;
5215 /* Single set of options, applying to the root partition/single filesystem */
5216 if (r == 1) {
5217 r = unit_full_printf(u, partition, &mount_options_resolved);
5218 if (r < 0) {
5219 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", partition);
5220 continue;
5221 }
5222
5223 o = new(MountOptions, 1);
5224 if (!o)
5225 return log_oom();
5226 *o = (MountOptions) {
5227 .partition_designator = PARTITION_ROOT,
5228 .options = TAKE_PTR(mount_options_resolved),
5229 };
5230 LIST_APPEND(mount_options, options, o);
5231
5232 break;
5233 }
5234
5235 partition_designator = partition_designator_from_string(partition);
5236 if (partition_designator < 0) {
5237 log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid partition name %s, ignoring", partition);
5238 continue;
5239 }
5240 r = unit_full_printf(u, mount_options, &mount_options_resolved);
5241 if (r < 0) {
5242 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", mount_options);
5243 continue;
5244 }
5245
5246 o = new(MountOptions, 1);
5247 if (!o)
5248 return log_oom();
5249 *o = (MountOptions) {
5250 .partition_designator = partition_designator,
5251 .options = TAKE_PTR(mount_options_resolved),
5252 };
5253 LIST_APPEND(mount_options, options, o);
5254 }
5255
5256 r = mount_image_add(&c->extension_images, &c->n_extension_images,
5257 &(MountImage) {
5258 .source = sresolved,
5259 .mount_options = options,
5260 .ignore_enoent = permissive,
5261 .type = MOUNT_IMAGE_EXTENSION,
5262 });
5263 if (r < 0)
5264 return log_oom();
5265 }
5266 }
5267
5268 int config_parse_job_timeout_sec(
5269 const char* unit,
5270 const char *filename,
5271 unsigned line,
5272 const char *section,
5273 unsigned section_line,
5274 const char *lvalue,
5275 int ltype,
5276 const char *rvalue,
5277 void *data,
5278 void *userdata) {
5279
5280 Unit *u = data;
5281 usec_t usec;
5282 int r;
5283
5284 assert(filename);
5285 assert(lvalue);
5286 assert(rvalue);
5287 assert(u);
5288
5289 r = parse_sec_fix_0(rvalue, &usec);
5290 if (r < 0) {
5291 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse JobTimeoutSec= parameter, ignoring: %s", rvalue);
5292 return 0;
5293 }
5294
5295 /* If the user explicitly changed JobTimeoutSec= also change JobRunningTimeoutSec=, for compatibility with old
5296 * versions. If JobRunningTimeoutSec= was explicitly set, avoid this however as whatever the user picked should
5297 * count. */
5298
5299 if (!u->job_running_timeout_set)
5300 u->job_running_timeout = usec;
5301
5302 u->job_timeout = usec;
5303
5304 return 0;
5305 }
5306
5307 int config_parse_job_running_timeout_sec(
5308 const char* unit,
5309 const char *filename,
5310 unsigned line,
5311 const char *section,
5312 unsigned section_line,
5313 const char *lvalue,
5314 int ltype,
5315 const char *rvalue,
5316 void *data,
5317 void *userdata) {
5318
5319 Unit *u = data;
5320 usec_t usec;
5321 int r;
5322
5323 assert(filename);
5324 assert(lvalue);
5325 assert(rvalue);
5326 assert(u);
5327
5328 r = parse_sec_fix_0(rvalue, &usec);
5329 if (r < 0) {
5330 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse JobRunningTimeoutSec= parameter, ignoring: %s", rvalue);
5331 return 0;
5332 }
5333
5334 u->job_running_timeout = usec;
5335 u->job_running_timeout_set = true;
5336
5337 return 0;
5338 }
5339
5340 int config_parse_emergency_action(
5341 const char* unit,
5342 const char *filename,
5343 unsigned line,
5344 const char *section,
5345 unsigned section_line,
5346 const char *lvalue,
5347 int ltype,
5348 const char *rvalue,
5349 void *data,
5350 void *userdata) {
5351
5352 Manager *m = NULL;
5353 EmergencyAction *x = data;
5354 int r;
5355
5356 assert(filename);
5357 assert(lvalue);
5358 assert(rvalue);
5359 assert(data);
5360
5361 if (unit)
5362 m = ((Unit*) userdata)->manager;
5363 else
5364 m = data;
5365
5366 r = parse_emergency_action(rvalue, MANAGER_IS_SYSTEM(m), x);
5367 if (r < 0) {
5368 if (r == -EOPNOTSUPP && MANAGER_IS_USER(m)) {
5369 /* Compat mode: remove for systemd 241. */
5370
5371 log_syntax(unit, LOG_INFO, filename, line, r,
5372 "%s= in user mode specified as \"%s\", using \"exit-force\" instead.",
5373 lvalue, rvalue);
5374 *x = EMERGENCY_ACTION_EXIT_FORCE;
5375 return 0;
5376 }
5377
5378 if (r == -EOPNOTSUPP)
5379 log_syntax(unit, LOG_WARNING, filename, line, r,
5380 "%s= specified as %s mode action, ignoring: %s",
5381 lvalue, MANAGER_IS_SYSTEM(m) ? "user" : "system", rvalue);
5382 else
5383 log_syntax(unit, LOG_WARNING, filename, line, r,
5384 "Failed to parse %s=, ignoring: %s", lvalue, rvalue);
5385 return 0;
5386 }
5387
5388 return 0;
5389 }
5390
5391 int config_parse_pid_file(
5392 const char *unit,
5393 const char *filename,
5394 unsigned line,
5395 const char *section,
5396 unsigned section_line,
5397 const char *lvalue,
5398 int ltype,
5399 const char *rvalue,
5400 void *data,
5401 void *userdata) {
5402
5403 _cleanup_free_ char *k = NULL, *n = NULL;
5404 const Unit *u = userdata;
5405 char **s = data;
5406 int r;
5407
5408 assert(filename);
5409 assert(lvalue);
5410 assert(rvalue);
5411 assert(u);
5412
5413 if (isempty(rvalue)) {
5414 /* An empty assignment removes already set value. */
5415 *s = mfree(*s);
5416 return 0;
5417 }
5418
5419 r = unit_full_printf(u, rvalue, &k);
5420 if (r < 0) {
5421 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
5422 return 0;
5423 }
5424
5425 /* If this is a relative path make it absolute by prefixing the /run */
5426 n = path_make_absolute(k, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
5427 if (!n)
5428 return log_oom();
5429
5430 /* Check that the result is a sensible path */
5431 r = path_simplify_and_warn(n, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
5432 if (r < 0)
5433 return r;
5434
5435 r = patch_var_run(unit, filename, line, lvalue, &n);
5436 if (r < 0)
5437 return r;
5438
5439 free_and_replace(*s, n);
5440 return 0;
5441 }
5442
5443 int config_parse_exit_status(
5444 const char *unit,
5445 const char *filename,
5446 unsigned line,
5447 const char *section,
5448 unsigned section_line,
5449 const char *lvalue,
5450 int ltype,
5451 const char *rvalue,
5452 void *data,
5453 void *userdata) {
5454
5455 int *exit_status = data, r;
5456 uint8_t u;
5457
5458 assert(filename);
5459 assert(lvalue);
5460 assert(rvalue);
5461 assert(exit_status);
5462
5463 if (isempty(rvalue)) {
5464 *exit_status = -1;
5465 return 0;
5466 }
5467
5468 r = safe_atou8(rvalue, &u);
5469 if (r < 0) {
5470 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse exit status '%s', ignoring: %m", rvalue);
5471 return 0;
5472 }
5473
5474 *exit_status = u;
5475 return 0;
5476 }
5477
5478 int config_parse_disable_controllers(
5479 const char *unit,
5480 const char *filename,
5481 unsigned line,
5482 const char *section,
5483 unsigned section_line,
5484 const char *lvalue,
5485 int ltype,
5486 const char *rvalue,
5487 void *data,
5488 void *userdata) {
5489
5490 int r;
5491 CGroupContext *c = data;
5492 CGroupMask disabled_mask;
5493
5494 /* 1. If empty, make all controllers eligible for use again.
5495 * 2. If non-empty, merge all listed controllers, space separated. */
5496
5497 if (isempty(rvalue)) {
5498 c->disable_controllers = 0;
5499 return 0;
5500 }
5501
5502 r = cg_mask_from_string(rvalue, &disabled_mask);
5503 if (r < 0 || disabled_mask <= 0) {
5504 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid cgroup string: %s, ignoring", rvalue);
5505 return 0;
5506 }
5507
5508 c->disable_controllers |= disabled_mask;
5509
5510 return 0;
5511 }
5512
5513 int config_parse_ip_filter_bpf_progs(
5514 const char *unit,
5515 const char *filename,
5516 unsigned line,
5517 const char *section,
5518 unsigned section_line,
5519 const char *lvalue,
5520 int ltype,
5521 const char *rvalue,
5522 void *data,
5523 void *userdata) {
5524
5525 _cleanup_free_ char *resolved = NULL;
5526 const Unit *u = userdata;
5527 char ***paths = data;
5528 int r;
5529
5530 assert(filename);
5531 assert(lvalue);
5532 assert(rvalue);
5533 assert(paths);
5534
5535 if (isempty(rvalue)) {
5536 *paths = strv_free(*paths);
5537 return 0;
5538 }
5539
5540 r = unit_full_printf(u, rvalue, &resolved);
5541 if (r < 0) {
5542 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
5543 return 0;
5544 }
5545
5546 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
5547 if (r < 0)
5548 return 0;
5549
5550 if (strv_contains(*paths, resolved))
5551 return 0;
5552
5553 r = strv_extend(paths, resolved);
5554 if (r < 0)
5555 return log_oom();
5556
5557 r = bpf_firewall_supported();
5558 if (r < 0)
5559 return r;
5560 if (r != BPF_FIREWALL_SUPPORTED_WITH_MULTI) {
5561 static bool warned = false;
5562
5563 log_full(warned ? LOG_DEBUG : LOG_WARNING,
5564 "File %s:%u configures an IP firewall with BPF programs (%s=%s), but the local system does not support BPF/cgroup based firewalling with multiple filters.\n"
5565 "Starting this unit will fail! (This warning is only shown for the first loaded unit using IP firewalling.)", filename, line, lvalue, rvalue);
5566
5567 warned = true;
5568 }
5569
5570 return 0;
5571 }
5572
5573 static int merge_by_names(Unit **u, Set *names, const char *id) {
5574 char *k;
5575 int r;
5576
5577 assert(u);
5578 assert(*u);
5579
5580 /* Let's try to add in all names that are aliases of this unit */
5581 while ((k = set_steal_first(names))) {
5582 _cleanup_free_ _unused_ char *free_k = k;
5583
5584 /* First try to merge in the other name into our unit */
5585 r = unit_merge_by_name(*u, k);
5586 if (r < 0) {
5587 Unit *other;
5588
5589 /* Hmm, we couldn't merge the other unit into ours? Then let's try it the other way
5590 * round. */
5591
5592 other = manager_get_unit((*u)->manager, k);
5593 if (!other)
5594 return r; /* return previous failure */
5595
5596 r = unit_merge(other, *u);
5597 if (r < 0)
5598 return r;
5599
5600 *u = other;
5601 return merge_by_names(u, names, NULL);
5602 }
5603
5604 if (streq_ptr(id, k))
5605 unit_choose_id(*u, id);
5606 }
5607
5608 return 0;
5609 }
5610
5611 int unit_load_fragment(Unit *u) {
5612 const char *fragment;
5613 _cleanup_set_free_free_ Set *names = NULL;
5614 int r;
5615
5616 assert(u);
5617 assert(u->load_state == UNIT_STUB);
5618 assert(u->id);
5619
5620 if (u->transient) {
5621 u->load_state = UNIT_LOADED;
5622 return 0;
5623 }
5624
5625 /* Possibly rebuild the fragment map to catch new units */
5626 r = unit_file_build_name_map(&u->manager->lookup_paths,
5627 &u->manager->unit_cache_timestamp_hash,
5628 &u->manager->unit_id_map,
5629 &u->manager->unit_name_map,
5630 &u->manager->unit_path_cache);
5631 if (r < 0)
5632 return log_error_errno(r, "Failed to rebuild name map: %m");
5633
5634 r = unit_file_find_fragment(u->manager->unit_id_map,
5635 u->manager->unit_name_map,
5636 u->id,
5637 &fragment,
5638 &names);
5639 if (r < 0 && r != -ENOENT)
5640 return r;
5641
5642 if (fragment) {
5643 /* Open the file, check if this is a mask, otherwise read. */
5644 _cleanup_fclose_ FILE *f = NULL;
5645 struct stat st;
5646
5647 /* Try to open the file name. A symlink is OK, for example for linked files or masks. We
5648 * expect that all symlinks within the lookup paths have been already resolved, but we don't
5649 * verify this here. */
5650 f = fopen(fragment, "re");
5651 if (!f)
5652 return log_unit_notice_errno(u, errno, "Failed to open %s: %m", fragment);
5653
5654 if (fstat(fileno(f), &st) < 0)
5655 return -errno;
5656
5657 r = free_and_strdup(&u->fragment_path, fragment);
5658 if (r < 0)
5659 return r;
5660
5661 if (null_or_empty(&st)) {
5662 /* Unit file is masked */
5663
5664 u->load_state = u->perpetual ? UNIT_LOADED : UNIT_MASKED; /* don't allow perpetual units to ever be masked */
5665 u->fragment_mtime = 0;
5666 } else {
5667 u->load_state = UNIT_LOADED;
5668 u->fragment_mtime = timespec_load(&st.st_mtim);
5669
5670 /* Now, parse the file contents */
5671 r = config_parse(u->id, fragment, f,
5672 UNIT_VTABLE(u)->sections,
5673 config_item_perf_lookup, load_fragment_gperf_lookup,
5674 0,
5675 u,
5676 NULL);
5677 if (r == -ENOEXEC)
5678 log_unit_notice_errno(u, r, "Unit configuration has fatal error, unit will not be started.");
5679 if (r < 0)
5680 return r;
5681 }
5682 }
5683
5684 /* Call merge_by_names with the name derived from the fragment path as the preferred name.
5685 *
5686 * We do the merge dance here because for some unit types, the unit might have aliases which are not
5687 * declared in the file system. In particular, this is true (and frequent) for device and swap units.
5688 */
5689 const char *id = u->id;
5690 _cleanup_free_ char *free_id = NULL;
5691
5692 if (fragment) {
5693 id = basename(fragment);
5694 if (unit_name_is_valid(id, UNIT_NAME_TEMPLATE)) {
5695 assert(u->instance); /* If we're not trying to use a template for non-instanced unit,
5696 * this must be set. */
5697
5698 r = unit_name_replace_instance(id, u->instance, &free_id);
5699 if (r < 0)
5700 return log_debug_errno(r, "Failed to build id (%s + %s): %m", id, u->instance);
5701 id = free_id;
5702 }
5703 }
5704
5705 Unit *merged = u;
5706 r = merge_by_names(&merged, names, id);
5707 if (r < 0)
5708 return r;
5709
5710 if (merged != u)
5711 u->load_state = UNIT_MERGED;
5712
5713 return 0;
5714 }
5715
5716 void unit_dump_config_items(FILE *f) {
5717 static const struct {
5718 const ConfigParserCallback callback;
5719 const char *rvalue;
5720 } table[] = {
5721 { config_parse_warn_compat, "NOTSUPPORTED" },
5722 { config_parse_int, "INTEGER" },
5723 { config_parse_unsigned, "UNSIGNED" },
5724 { config_parse_iec_size, "SIZE" },
5725 { config_parse_iec_uint64, "SIZE" },
5726 { config_parse_si_uint64, "SIZE" },
5727 { config_parse_bool, "BOOLEAN" },
5728 { config_parse_string, "STRING" },
5729 { config_parse_path, "PATH" },
5730 { config_parse_unit_path_printf, "PATH" },
5731 { config_parse_strv, "STRING [...]" },
5732 { config_parse_exec_nice, "NICE" },
5733 { config_parse_exec_oom_score_adjust, "OOMSCOREADJUST" },
5734 { config_parse_exec_io_class, "IOCLASS" },
5735 { config_parse_exec_io_priority, "IOPRIORITY" },
5736 { config_parse_exec_cpu_sched_policy, "CPUSCHEDPOLICY" },
5737 { config_parse_exec_cpu_sched_prio, "CPUSCHEDPRIO" },
5738 { config_parse_exec_cpu_affinity, "CPUAFFINITY" },
5739 { config_parse_mode, "MODE" },
5740 { config_parse_unit_env_file, "FILE" },
5741 { config_parse_exec_output, "OUTPUT" },
5742 { config_parse_exec_input, "INPUT" },
5743 { config_parse_log_facility, "FACILITY" },
5744 { config_parse_log_level, "LEVEL" },
5745 { config_parse_exec_secure_bits, "SECUREBITS" },
5746 { config_parse_capability_set, "BOUNDINGSET" },
5747 { config_parse_rlimit, "LIMIT" },
5748 { config_parse_unit_deps, "UNIT [...]" },
5749 { config_parse_exec, "PATH [ARGUMENT [...]]" },
5750 { config_parse_service_type, "SERVICETYPE" },
5751 { config_parse_service_restart, "SERVICERESTART" },
5752 { config_parse_service_timeout_failure_mode, "TIMEOUTMODE" },
5753 { config_parse_kill_mode, "KILLMODE" },
5754 { config_parse_signal, "SIGNAL" },
5755 { config_parse_socket_listen, "SOCKET [...]" },
5756 { config_parse_socket_bind, "SOCKETBIND" },
5757 { config_parse_socket_bindtodevice, "NETWORKINTERFACE" },
5758 { config_parse_sec, "SECONDS" },
5759 { config_parse_nsec, "NANOSECONDS" },
5760 { config_parse_namespace_path_strv, "PATH [...]" },
5761 { config_parse_bind_paths, "PATH[:PATH[:OPTIONS]] [...]" },
5762 { config_parse_unit_requires_mounts_for, "PATH [...]" },
5763 { config_parse_exec_mount_flags, "MOUNTFLAG [...]" },
5764 { config_parse_unit_string_printf, "STRING" },
5765 { config_parse_trigger_unit, "UNIT" },
5766 { config_parse_timer, "TIMER" },
5767 { config_parse_path_spec, "PATH" },
5768 { config_parse_notify_access, "ACCESS" },
5769 { config_parse_ip_tos, "TOS" },
5770 { config_parse_unit_condition_path, "CONDITION" },
5771 { config_parse_unit_condition_string, "CONDITION" },
5772 { config_parse_unit_slice, "SLICE" },
5773 { config_parse_documentation, "URL" },
5774 { config_parse_service_timeout, "SECONDS" },
5775 { config_parse_emergency_action, "ACTION" },
5776 { config_parse_set_status, "STATUS" },
5777 { config_parse_service_sockets, "SOCKETS" },
5778 { config_parse_environ, "ENVIRON" },
5779 #if HAVE_SECCOMP
5780 { config_parse_syscall_filter, "SYSCALLS" },
5781 { config_parse_syscall_archs, "ARCHS" },
5782 { config_parse_syscall_errno, "ERRNO" },
5783 { config_parse_syscall_log, "SYSCALLS" },
5784 { config_parse_address_families, "FAMILIES" },
5785 { config_parse_restrict_namespaces, "NAMESPACES" },
5786 #endif
5787 { config_parse_cpu_shares, "SHARES" },
5788 { config_parse_cg_weight, "WEIGHT" },
5789 { config_parse_memory_limit, "LIMIT" },
5790 { config_parse_device_allow, "DEVICE" },
5791 { config_parse_device_policy, "POLICY" },
5792 { config_parse_io_limit, "LIMIT" },
5793 { config_parse_io_device_weight, "DEVICEWEIGHT" },
5794 { config_parse_io_device_latency, "DEVICELATENCY" },
5795 { config_parse_blockio_bandwidth, "BANDWIDTH" },
5796 { config_parse_blockio_weight, "WEIGHT" },
5797 { config_parse_blockio_device_weight, "DEVICEWEIGHT" },
5798 { config_parse_long, "LONG" },
5799 { config_parse_socket_service, "SERVICE" },
5800 #if HAVE_SELINUX
5801 { config_parse_exec_selinux_context, "LABEL" },
5802 #endif
5803 { config_parse_job_mode, "MODE" },
5804 { config_parse_job_mode_isolate, "BOOLEAN" },
5805 { config_parse_personality, "PERSONALITY" },
5806 };
5807
5808 const char *prev = NULL;
5809 const char *i;
5810
5811 assert(f);
5812
5813 NULSTR_FOREACH(i, load_fragment_gperf_nulstr) {
5814 const char *rvalue = "OTHER", *lvalue;
5815 const ConfigPerfItem *p;
5816 const char *dot;
5817
5818 assert_se(p = load_fragment_gperf_lookup(i, strlen(i)));
5819
5820 /* Hide legacy settings */
5821 if (p->parse == config_parse_warn_compat &&
5822 p->ltype == DISABLED_LEGACY)
5823 continue;
5824
5825 for (size_t j = 0; j < ELEMENTSOF(table); j++)
5826 if (p->parse == table[j].callback) {
5827 rvalue = table[j].rvalue;
5828 break;
5829 }
5830
5831 dot = strchr(i, '.');
5832 lvalue = dot ? dot + 1 : i;
5833
5834 if (dot) {
5835 size_t prefix_len = dot - i;
5836
5837 if (!prev || !strneq(prev, i, prefix_len+1)) {
5838 if (prev)
5839 fputc('\n', f);
5840
5841 fprintf(f, "[%.*s]\n", (int) prefix_len, i);
5842 }
5843 }
5844
5845 fprintf(f, "%s=%s\n", lvalue, rvalue);
5846 prev = i;
5847 }
5848 }
5849
5850 int config_parse_cpu_affinity2(
5851 const char *unit,
5852 const char *filename,
5853 unsigned line,
5854 const char *section,
5855 unsigned section_line,
5856 const char *lvalue,
5857 int ltype,
5858 const char *rvalue,
5859 void *data,
5860 void *userdata) {
5861
5862 CPUSet *affinity = data;
5863
5864 assert(affinity);
5865
5866 (void) parse_cpu_set_extend(rvalue, affinity, true, unit, filename, line, lvalue);
5867
5868 return 0;
5869 }
5870
5871 int config_parse_show_status(
5872 const char* unit,
5873 const char *filename,
5874 unsigned line,
5875 const char *section,
5876 unsigned section_line,
5877 const char *lvalue,
5878 int ltype,
5879 const char *rvalue,
5880 void *data,
5881 void *userdata) {
5882
5883 int k;
5884 ShowStatus *b = data;
5885
5886 assert(filename);
5887 assert(lvalue);
5888 assert(rvalue);
5889 assert(data);
5890
5891 k = parse_show_status(rvalue, b);
5892 if (k < 0)
5893 log_syntax(unit, LOG_WARNING, filename, line, k, "Failed to parse show status setting, ignoring: %s", rvalue);
5894
5895 return 0;
5896 }
5897
5898 int config_parse_output_restricted(
5899 const char* unit,
5900 const char *filename,
5901 unsigned line,
5902 const char *section,
5903 unsigned section_line,
5904 const char *lvalue,
5905 int ltype,
5906 const char *rvalue,
5907 void *data,
5908 void *userdata) {
5909
5910 ExecOutput t, *eo = data;
5911 bool obsolete = false;
5912
5913 assert(filename);
5914 assert(lvalue);
5915 assert(rvalue);
5916 assert(data);
5917
5918 if (streq(rvalue, "syslog")) {
5919 t = EXEC_OUTPUT_JOURNAL;
5920 obsolete = true;
5921 } else if (streq(rvalue, "syslog+console")) {
5922 t = EXEC_OUTPUT_JOURNAL_AND_CONSOLE;
5923 obsolete = true;
5924 } else {
5925 t = exec_output_from_string(rvalue);
5926 if (t < 0) {
5927 log_syntax(unit, LOG_WARNING, filename, line, t, "Failed to parse output type, ignoring: %s", rvalue);
5928 return 0;
5929 }
5930
5931 if (IN_SET(t, EXEC_OUTPUT_SOCKET, EXEC_OUTPUT_NAMED_FD, EXEC_OUTPUT_FILE, EXEC_OUTPUT_FILE_APPEND, EXEC_OUTPUT_FILE_TRUNCATE)) {
5932 log_syntax(unit, LOG_WARNING, filename, line, 0, "Standard output types socket, fd:, file:, append:, truncate: are not supported as defaults, ignoring: %s", rvalue);
5933 return 0;
5934 }
5935 }
5936
5937 if (obsolete)
5938 log_syntax(unit, LOG_NOTICE, filename, line, 0,
5939 "Standard output type %s is obsolete, automatically updating to %s. Please update your configuration.",
5940 rvalue, exec_output_to_string(t));
5941
5942 *eo = t;
5943 return 0;
5944 }
5945
5946 int config_parse_crash_chvt(
5947 const char* unit,
5948 const char *filename,
5949 unsigned line,
5950 const char *section,
5951 unsigned section_line,
5952 const char *lvalue,
5953 int ltype,
5954 const char *rvalue,
5955 void *data,
5956 void *userdata) {
5957
5958 int r;
5959
5960 assert(filename);
5961 assert(lvalue);
5962 assert(rvalue);
5963 assert(data);
5964
5965 r = parse_crash_chvt(rvalue, data);
5966 if (r < 0)
5967 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse CrashChangeVT= setting, ignoring: %s", rvalue);
5968
5969 return 0;
5970 }
5971
5972 int config_parse_swap_priority(
5973 const char *unit,
5974 const char *filename,
5975 unsigned line,
5976 const char *section,
5977 unsigned section_line,
5978 const char *lvalue,
5979 int ltype,
5980 const char *rvalue,
5981 void *data,
5982 void *userdata) {
5983
5984 Swap *s = userdata;
5985 int r, priority;
5986
5987 assert(s);
5988 assert(filename);
5989 assert(lvalue);
5990 assert(rvalue);
5991 assert(data);
5992
5993 if (isempty(rvalue)) {
5994 s->parameters_fragment.priority = -1;
5995 s->parameters_fragment.priority_set = false;
5996 return 0;
5997 }
5998
5999 r = safe_atoi(rvalue, &priority);
6000 if (r < 0) {
6001 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid swap priority '%s', ignoring.", rvalue);
6002 return 0;
6003 }
6004
6005 if (priority < -1) {
6006 log_syntax(unit, LOG_WARNING, filename, line, 0, "Sorry, swap priorities smaller than -1 may only be assigned by the kernel itself, ignoring: %s", rvalue);
6007 return 0;
6008 }
6009
6010 if (priority > 32767) {
6011 log_syntax(unit, LOG_WARNING, filename, line, 0, "Swap priority out of range, ignoring: %s", rvalue);
6012 return 0;
6013 }
6014
6015 s->parameters_fragment.priority = priority;
6016 s->parameters_fragment.priority_set = true;
6017 return 0;
6018 }
Unnamed repository; edit this file 'description' to name the repository.