]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/load-fragment.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
core: parse '@default' seccomp group permissively
[thirdparty/systemd.git] / src / core / load-fragment.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 Copyright © 2012 Holger Hans Peter Freyther
4 ***/
5
6 #include <errno.h>
7 #include <fcntl.h>
8 #include <linux/fs.h>
9 #include <linux/oom.h>
10 #if HAVE_SECCOMP
11 #include <seccomp.h>
12 #endif
13 #include <sched.h>
14 #include <string.h>
15 #include <sys/resource.h>
16 #include <sys/stat.h>
17
18 #include "af-list.h"
19 #include "alloc-util.h"
20 #include "all-units.h"
21 #include "bus-error.h"
22 #include "bus-internal.h"
23 #include "bus-util.h"
24 #include "cap-list.h"
25 #include "capability-util.h"
26 #include "cgroup.h"
27 #include "conf-parser.h"
28 #include "cpu-set-util.h"
29 #include "env-util.h"
30 #include "errno-list.h"
31 #include "escape.h"
32 #include "fd-util.h"
33 #include "fs-util.h"
34 #include "hexdecoct.h"
35 #include "io-util.h"
36 #include "ioprio.h"
37 #include "ip-protocol-list.h"
38 #include "journal-util.h"
39 #include "limits-util.h"
40 #include "load-fragment.h"
41 #include "log.h"
42 #include "missing.h"
43 #include "mountpoint-util.h"
44 #include "nulstr-util.h"
45 #include "parse-util.h"
46 #include "path-util.h"
47 #include "process-util.h"
48 #if HAVE_SECCOMP
49 #include "seccomp-util.h"
50 #endif
51 #include "securebits-util.h"
52 #include "signal-util.h"
53 #include "stat-util.h"
54 #include "string-util.h"
55 #include "strv.h"
56 #include "unit-name.h"
57 #include "unit-printf.h"
58 #include "user-util.h"
59 #include "time-util.h"
60 #include "web-util.h"
61
62 static int parse_socket_protocol(const char *s) {
63 int r;
64
65 r = parse_ip_protocol(s);
66 if (r < 0)
67 return r;
68 if (!IN_SET(r, IPPROTO_UDPLITE, IPPROTO_SCTP))
69 return -EPROTONOSUPPORT;
70
71 return r;
72 }
73
74 DEFINE_CONFIG_PARSE(config_parse_socket_protocol, parse_socket_protocol, "Failed to parse socket protocol");
75 DEFINE_CONFIG_PARSE(config_parse_exec_secure_bits, secure_bits_from_string, "Failed to parse secure bits");
76 DEFINE_CONFIG_PARSE_ENUM(config_parse_collect_mode, collect_mode, CollectMode, "Failed to parse garbage collection mode");
77 DEFINE_CONFIG_PARSE_ENUM(config_parse_device_policy, cgroup_device_policy, CGroupDevicePolicy, "Failed to parse device policy");
78 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_keyring_mode, exec_keyring_mode, ExecKeyringMode, "Failed to parse keyring mode");
79 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_utmp_mode, exec_utmp_mode, ExecUtmpMode, "Failed to parse utmp mode");
80 DEFINE_CONFIG_PARSE_ENUM(config_parse_job_mode, job_mode, JobMode, "Failed to parse job mode");
81 DEFINE_CONFIG_PARSE_ENUM(config_parse_kill_mode, kill_mode, KillMode, "Failed to parse kill mode");
82 DEFINE_CONFIG_PARSE_ENUM(config_parse_notify_access, notify_access, NotifyAccess, "Failed to parse notify access specifier");
83 DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_home, protect_home, ProtectHome, "Failed to parse protect home value");
84 DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_system, protect_system, ProtectSystem, "Failed to parse protect system value");
85 DEFINE_CONFIG_PARSE_ENUM(config_parse_runtime_preserve_mode, exec_preserve_mode, ExecPreserveMode, "Failed to parse runtime directory preserve mode");
86 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_type, service_type, ServiceType, "Failed to parse service type");
87 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_restart, service_restart, ServiceRestart, "Failed to parse service restart specifier");
88 DEFINE_CONFIG_PARSE_ENUM(config_parse_socket_bind, socket_address_bind_ipv6_only_or_bool, SocketAddressBindIPv6Only, "Failed to parse bind IPv6 only value");
89 DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_ip_tos, ip_tos, int, -1, "Failed to parse IP TOS value");
90 DEFINE_CONFIG_PARSE_PTR(config_parse_blockio_weight, cg_blkio_weight_parse, uint64_t, "Invalid block IO weight");
91 DEFINE_CONFIG_PARSE_PTR(config_parse_cg_weight, cg_weight_parse, uint64_t, "Invalid weight");
92 DEFINE_CONFIG_PARSE_PTR(config_parse_cpu_shares, cg_cpu_shares_parse, uint64_t, "Invalid CPU shares");
93 DEFINE_CONFIG_PARSE_PTR(config_parse_exec_mount_flags, mount_propagation_flags_from_string, unsigned long, "Failed to parse mount flag");
94
95 int config_parse_unit_deps(
96 const char *unit,
97 const char *filename,
98 unsigned line,
99 const char *section,
100 unsigned section_line,
101 const char *lvalue,
102 int ltype,
103 const char *rvalue,
104 void *data,
105 void *userdata) {
106
107 UnitDependency d = ltype;
108 Unit *u = userdata;
109 const char *p;
110
111 assert(filename);
112 assert(lvalue);
113 assert(rvalue);
114
115 p = rvalue;
116 for (;;) {
117 _cleanup_free_ char *word = NULL, *k = NULL;
118 int r;
119
120 r = extract_first_word(&p, &word, NULL, EXTRACT_RETAIN_ESCAPE);
121 if (r == 0)
122 break;
123 if (r == -ENOMEM)
124 return log_oom();
125 if (r < 0) {
126 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
127 break;
128 }
129
130 r = unit_name_printf(u, word, &k);
131 if (r < 0) {
132 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
133 continue;
134 }
135
136 r = unit_add_dependency_by_name(u, d, k, true, UNIT_DEPENDENCY_FILE);
137 if (r < 0)
138 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
139 }
140
141 return 0;
142 }
143
144 int config_parse_obsolete_unit_deps(
145 const char *unit,
146 const char *filename,
147 unsigned line,
148 const char *section,
149 unsigned section_line,
150 const char *lvalue,
151 int ltype,
152 const char *rvalue,
153 void *data,
154 void *userdata) {
155
156 log_syntax(unit, LOG_WARNING, filename, line, 0,
157 "Unit dependency type %s= is obsolete, replacing by %s=, please update your unit file", lvalue, unit_dependency_to_string(ltype));
158
159 return config_parse_unit_deps(unit, filename, line, section, section_line, lvalue, ltype, rvalue, data, userdata);
160 }
161
162 int config_parse_unit_string_printf(
163 const char *unit,
164 const char *filename,
165 unsigned line,
166 const char *section,
167 unsigned section_line,
168 const char *lvalue,
169 int ltype,
170 const char *rvalue,
171 void *data,
172 void *userdata) {
173
174 _cleanup_free_ char *k = NULL;
175 Unit *u = userdata;
176 int r;
177
178 assert(filename);
179 assert(lvalue);
180 assert(rvalue);
181 assert(u);
182
183 r = unit_full_printf(u, rvalue, &k);
184 if (r < 0) {
185 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
186 return 0;
187 }
188
189 return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
190 }
191
192 int config_parse_unit_strv_printf(
193 const char *unit,
194 const char *filename,
195 unsigned line,
196 const char *section,
197 unsigned section_line,
198 const char *lvalue,
199 int ltype,
200 const char *rvalue,
201 void *data,
202 void *userdata) {
203
204 Unit *u = userdata;
205 _cleanup_free_ char *k = NULL;
206 int r;
207
208 assert(filename);
209 assert(lvalue);
210 assert(rvalue);
211 assert(u);
212
213 r = unit_full_printf(u, rvalue, &k);
214 if (r < 0) {
215 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
216 return 0;
217 }
218
219 return config_parse_strv(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
220 }
221
222 int config_parse_unit_path_printf(
223 const char *unit,
224 const char *filename,
225 unsigned line,
226 const char *section,
227 unsigned section_line,
228 const char *lvalue,
229 int ltype,
230 const char *rvalue,
231 void *data,
232 void *userdata) {
233
234 _cleanup_free_ char *k = NULL;
235 Unit *u = userdata;
236 int r;
237 bool fatal = ltype;
238
239 assert(filename);
240 assert(lvalue);
241 assert(rvalue);
242 assert(u);
243
244 /* Let's not bother with anything that is too long */
245 if (strlen(rvalue) >= PATH_MAX) {
246 log_syntax(unit, LOG_ERR, filename, line, 0,
247 "%s value too long%s.",
248 lvalue, fatal ? "" : ", ignoring");
249 return fatal ? -ENAMETOOLONG : 0;
250 }
251
252 r = unit_full_printf(u, rvalue, &k);
253 if (r < 0) {
254 log_syntax(unit, LOG_ERR, filename, line, r,
255 "Failed to resolve unit specifiers in '%s'%s: %m",
256 rvalue, fatal ? "" : ", ignoring");
257 return fatal ? -ENOEXEC : 0;
258 }
259
260 return config_parse_path(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
261 }
262
263 int config_parse_unit_path_strv_printf(
264 const char *unit,
265 const char *filename,
266 unsigned line,
267 const char *section,
268 unsigned section_line,
269 const char *lvalue,
270 int ltype,
271 const char *rvalue,
272 void *data,
273 void *userdata) {
274
275 char ***x = data;
276 Unit *u = userdata;
277 int r;
278 const char *p;
279
280 assert(filename);
281 assert(lvalue);
282 assert(rvalue);
283 assert(u);
284
285 if (isempty(rvalue)) {
286 *x = strv_free(*x);
287 return 0;
288 }
289
290 for (p = rvalue;;) {
291 _cleanup_free_ char *word = NULL, *k = NULL;
292
293 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
294 if (r == 0)
295 return 0;
296 if (r == -ENOMEM)
297 return log_oom();
298 if (r < 0) {
299 log_syntax(unit, LOG_WARNING, filename, line, r,
300 "Invalid syntax, ignoring: %s", rvalue);
301 return 0;
302 }
303
304 r = unit_full_printf(u, word, &k);
305 if (r < 0) {
306 log_syntax(unit, LOG_ERR, filename, line, r,
307 "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
308 return 0;
309 }
310
311 r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
312 if (r < 0)
313 return 0;
314
315 r = strv_push(x, k);
316 if (r < 0)
317 return log_oom();
318 k = NULL;
319 }
320 }
321
322 int config_parse_socket_listen(const char *unit,
323 const char *filename,
324 unsigned line,
325 const char *section,
326 unsigned section_line,
327 const char *lvalue,
328 int ltype,
329 const char *rvalue,
330 void *data,
331 void *userdata) {
332
333 _cleanup_free_ SocketPort *p = NULL;
334 SocketPort *tail;
335 Socket *s;
336 int r;
337
338 assert(filename);
339 assert(lvalue);
340 assert(rvalue);
341 assert(data);
342
343 s = SOCKET(data);
344
345 if (isempty(rvalue)) {
346 /* An empty assignment removes all ports */
347 socket_free_ports(s);
348 return 0;
349 }
350
351 p = new0(SocketPort, 1);
352 if (!p)
353 return log_oom();
354
355 if (ltype != SOCKET_SOCKET) {
356 _cleanup_free_ char *k = NULL;
357
358 r = unit_full_printf(UNIT(s), rvalue, &k);
359 if (r < 0) {
360 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
361 return 0;
362 }
363
364 r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
365 if (r < 0)
366 return 0;
367
368 free_and_replace(p->path, k);
369 p->type = ltype;
370
371 } else if (streq(lvalue, "ListenNetlink")) {
372 _cleanup_free_ char *k = NULL;
373
374 r = unit_full_printf(UNIT(s), rvalue, &k);
375 if (r < 0) {
376 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
377 return 0;
378 }
379
380 r = socket_address_parse_netlink(&p->address, k);
381 if (r < 0) {
382 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k);
383 return 0;
384 }
385
386 p->type = SOCKET_SOCKET;
387
388 } else {
389 _cleanup_free_ char *k = NULL;
390
391 r = unit_full_printf(UNIT(s), rvalue, &k);
392 if (r < 0) {
393 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
394 return 0;
395 }
396
397 r = socket_address_parse_and_warn(&p->address, k);
398 if (r < 0) {
399 if (r != -EAFNOSUPPORT)
400 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k);
401 return 0;
402 }
403
404 if (streq(lvalue, "ListenStream"))
405 p->address.type = SOCK_STREAM;
406 else if (streq(lvalue, "ListenDatagram"))
407 p->address.type = SOCK_DGRAM;
408 else {
409 assert(streq(lvalue, "ListenSequentialPacket"));
410 p->address.type = SOCK_SEQPACKET;
411 }
412
413 if (socket_address_family(&p->address) != AF_LOCAL && p->address.type == SOCK_SEQPACKET) {
414 log_syntax(unit, LOG_ERR, filename, line, 0, "Address family not supported, ignoring: %s", rvalue);
415 return 0;
416 }
417
418 p->type = SOCKET_SOCKET;
419 }
420
421 p->fd = -1;
422 p->auxiliary_fds = NULL;
423 p->n_auxiliary_fds = 0;
424 p->socket = s;
425
426 LIST_FIND_TAIL(port, s->ports, tail);
427 LIST_INSERT_AFTER(port, s->ports, tail, p);
428
429 p = NULL;
430
431 return 0;
432 }
433
434 int config_parse_exec_nice(
435 const char *unit,
436 const char *filename,
437 unsigned line,
438 const char *section,
439 unsigned section_line,
440 const char *lvalue,
441 int ltype,
442 const char *rvalue,
443 void *data,
444 void *userdata) {
445
446 ExecContext *c = data;
447 int priority, r;
448
449 assert(filename);
450 assert(lvalue);
451 assert(rvalue);
452 assert(data);
453
454 if (isempty(rvalue)) {
455 c->nice_set = false;
456 return 0;
457 }
458
459 r = parse_nice(rvalue, &priority);
460 if (r < 0) {
461 if (r == -ERANGE)
462 log_syntax(unit, LOG_ERR, filename, line, r, "Nice priority out of range, ignoring: %s", rvalue);
463 else
464 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse nice priority '%s', ignoring: %m", rvalue);
465 return 0;
466 }
467
468 c->nice = priority;
469 c->nice_set = true;
470
471 return 0;
472 }
473
474 int config_parse_exec_oom_score_adjust(
475 const char* unit,
476 const char *filename,
477 unsigned line,
478 const char *section,
479 unsigned section_line,
480 const char *lvalue,
481 int ltype,
482 const char *rvalue,
483 void *data,
484 void *userdata) {
485
486 ExecContext *c = data;
487 int oa, r;
488
489 assert(filename);
490 assert(lvalue);
491 assert(rvalue);
492 assert(data);
493
494 if (isempty(rvalue)) {
495 c->oom_score_adjust_set = false;
496 return 0;
497 }
498
499 r = parse_oom_score_adjust(rvalue, &oa);
500 if (r < 0) {
501 if (r == -ERANGE)
502 log_syntax(unit, LOG_ERR, filename, line, r, "OOM score adjust value out of range, ignoring: %s", rvalue);
503 else
504 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse the OOM score adjust value '%s', ignoring: %m", rvalue);
505 return 0;
506 }
507
508 c->oom_score_adjust = oa;
509 c->oom_score_adjust_set = true;
510
511 return 0;
512 }
513
514 int config_parse_exec(
515 const char *unit,
516 const char *filename,
517 unsigned line,
518 const char *section,
519 unsigned section_line,
520 const char *lvalue,
521 int ltype,
522 const char *rvalue,
523 void *data,
524 void *userdata) {
525
526 ExecCommand **e = data;
527 Unit *u = userdata;
528 const char *p;
529 bool semicolon;
530 int r;
531
532 assert(filename);
533 assert(lvalue);
534 assert(rvalue);
535 assert(e);
536
537 e += ltype;
538 rvalue += strspn(rvalue, WHITESPACE);
539
540 if (isempty(rvalue)) {
541 /* An empty assignment resets the list */
542 *e = exec_command_free_list(*e);
543 return 0;
544 }
545
546 p = rvalue;
547 do {
548 _cleanup_free_ char *path = NULL, *firstword = NULL;
549 ExecCommandFlags flags = 0;
550 bool ignore = false, separate_argv0 = false;
551 _cleanup_free_ ExecCommand *nce = NULL;
552 _cleanup_strv_free_ char **n = NULL;
553 size_t nlen = 0, nbufsize = 0;
554 const char *f;
555
556 semicolon = false;
557
558 r = extract_first_word_and_warn(&p, &firstword, NULL, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
559 if (r <= 0)
560 return 0;
561
562 f = firstword;
563 for (;;) {
564 /* We accept an absolute path as first argument. If it's prefixed with - and the path doesn't
565 * exist, we ignore it instead of erroring out; if it's prefixed with @, we allow overriding of
566 * argv[0]; if it's prefixed with :, we will not do environment variable substitution;
567 * if it's prefixed with +, it will be run with full privileges and no sandboxing; if
568 * it's prefixed with '!' we apply sandboxing, but do not change user/group credentials; if
569 * it's prefixed with '!!', then we apply user/group credentials if the kernel supports ambient
570 * capabilities -- if it doesn't we don't apply the credentials themselves, but do apply most
571 * other sandboxing, with some special exceptions for changing UID.
572 *
573 * The idea is that '!!' may be used to write services that can take benefit of systemd's
574 * UID/GID dropping if the kernel supports ambient creds, but provide an automatic fallback to
575 * privilege dropping within the daemon if the kernel does not offer that. */
576
577 if (*f == '-' && !(flags & EXEC_COMMAND_IGNORE_FAILURE)) {
578 flags |= EXEC_COMMAND_IGNORE_FAILURE;
579 ignore = true;
580 } else if (*f == '@' && !separate_argv0)
581 separate_argv0 = true;
582 else if (*f == ':' && !(flags & EXEC_COMMAND_NO_ENV_EXPAND))
583 flags |= EXEC_COMMAND_NO_ENV_EXPAND;
584 else if (*f == '+' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC)))
585 flags |= EXEC_COMMAND_FULLY_PRIVILEGED;
586 else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC)))
587 flags |= EXEC_COMMAND_NO_SETUID;
588 else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_AMBIENT_MAGIC))) {
589 flags &= ~EXEC_COMMAND_NO_SETUID;
590 flags |= EXEC_COMMAND_AMBIENT_MAGIC;
591 } else
592 break;
593 f++;
594 }
595
596 r = unit_full_printf(u, f, &path);
597 if (r < 0) {
598 log_syntax(unit, LOG_ERR, filename, line, r,
599 "Failed to resolve unit specifiers in '%s'%s: %m",
600 f, ignore ? ", ignoring" : "");
601 return ignore ? 0 : -ENOEXEC;
602 }
603
604 if (isempty(path)) {
605 /* First word is either "-" or "@" with no command. */
606 log_syntax(unit, LOG_ERR, filename, line, 0,
607 "Empty path in command line%s: '%s'",
608 ignore ? ", ignoring" : "", rvalue);
609 return ignore ? 0 : -ENOEXEC;
610 }
611 if (!string_is_safe(path)) {
612 log_syntax(unit, LOG_ERR, filename, line, 0,
613 "Executable name contains special characters%s: %s",
614 ignore ? ", ignoring" : "", path);
615 return ignore ? 0 : -ENOEXEC;
616 }
617 if (endswith(path, "/")) {
618 log_syntax(unit, LOG_ERR, filename, line, 0,
619 "Executable path specifies a directory%s: %s",
620 ignore ? ", ignoring" : "", path);
621 return ignore ? 0 : -ENOEXEC;
622 }
623
624 if (!path_is_absolute(path)) {
625 const char *prefix;
626 bool found = false;
627
628 if (!filename_is_valid(path)) {
629 log_syntax(unit, LOG_ERR, filename, line, 0,
630 "Neither a valid executable name nor an absolute path%s: %s",
631 ignore ? ", ignoring" : "", path);
632 return ignore ? 0 : -ENOEXEC;
633 }
634
635 /* Resolve a single-component name to a full path */
636 NULSTR_FOREACH(prefix, DEFAULT_PATH_NULSTR) {
637 _cleanup_free_ char *fullpath = NULL;
638
639 fullpath = strjoin(prefix, "/", path);
640 if (!fullpath)
641 return log_oom();
642
643 if (access(fullpath, F_OK) >= 0) {
644 free_and_replace(path, fullpath);
645 found = true;
646 break;
647 }
648 }
649
650 if (!found) {
651 log_syntax(unit, LOG_ERR, filename, line, 0,
652 "Executable \"%s\" not found in path \"%s\"%s",
653 path, DEFAULT_PATH, ignore ? ", ignoring" : "");
654 return ignore ? 0 : -ENOEXEC;
655 }
656 }
657
658 if (!separate_argv0) {
659 char *w = NULL;
660
661 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
662 return log_oom();
663
664 w = strdup(path);
665 if (!w)
666 return log_oom();
667 n[nlen++] = w;
668 n[nlen] = NULL;
669 }
670
671 path_simplify(path, false);
672
673 while (!isempty(p)) {
674 _cleanup_free_ char *word = NULL, *resolved = NULL;
675
676 /* Check explicitly for an unquoted semicolon as
677 * command separator token. */
678 if (p[0] == ';' && (!p[1] || strchr(WHITESPACE, p[1]))) {
679 p++;
680 p += strspn(p, WHITESPACE);
681 semicolon = true;
682 break;
683 }
684
685 /* Check for \; explicitly, to not confuse it with \\; or "\;" or "\\;" etc.
686 * extract_first_word() would return the same for all of those. */
687 if (p[0] == '\\' && p[1] == ';' && (!p[2] || strchr(WHITESPACE, p[2]))) {
688 char *w;
689
690 p += 2;
691 p += strspn(p, WHITESPACE);
692
693 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
694 return log_oom();
695
696 w = strdup(";");
697 if (!w)
698 return log_oom();
699 n[nlen++] = w;
700 n[nlen] = NULL;
701 continue;
702 }
703
704 r = extract_first_word_and_warn(&p, &word, NULL, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
705 if (r == 0)
706 break;
707 if (r < 0)
708 return ignore ? 0 : -ENOEXEC;
709
710 r = unit_full_printf(u, word, &resolved);
711 if (r < 0) {
712 log_syntax(unit, LOG_ERR, filename, line, r,
713 "Failed to resolve unit specifiers in %s%s: %m",
714 word, ignore ? ", ignoring" : "");
715 return ignore ? 0 : -ENOEXEC;
716 }
717
718 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
719 return log_oom();
720
721 n[nlen++] = TAKE_PTR(resolved);
722 n[nlen] = NULL;
723 }
724
725 if (!n || !n[0]) {
726 log_syntax(unit, LOG_ERR, filename, line, 0,
727 "Empty executable name or zeroeth argument%s: %s",
728 ignore ? ", ignoring" : "", rvalue);
729 return ignore ? 0 : -ENOEXEC;
730 }
731
732 nce = new0(ExecCommand, 1);
733 if (!nce)
734 return log_oom();
735
736 nce->argv = TAKE_PTR(n);
737 nce->path = TAKE_PTR(path);
738 nce->flags = flags;
739
740 exec_command_append_list(e, nce);
741
742 /* Do not _cleanup_free_ these. */
743 nce = NULL;
744
745 rvalue = p;
746 } while (semicolon);
747
748 return 0;
749 }
750
751 int config_parse_socket_bindtodevice(
752 const char* unit,
753 const char *filename,
754 unsigned line,
755 const char *section,
756 unsigned section_line,
757 const char *lvalue,
758 int ltype,
759 const char *rvalue,
760 void *data,
761 void *userdata) {
762
763 Socket *s = data;
764
765 assert(filename);
766 assert(lvalue);
767 assert(rvalue);
768 assert(data);
769
770 if (isempty(rvalue) || streq(rvalue, "*")) {
771 s->bind_to_device = mfree(s->bind_to_device);
772 return 0;
773 }
774
775 if (!ifname_valid(rvalue)) {
776 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid interface name, ignoring: %s", rvalue);
777 return 0;
778 }
779
780 if (free_and_strdup(&s->bind_to_device, rvalue) < 0)
781 return log_oom();
782
783 return 0;
784 }
785
786 int config_parse_exec_input(
787 const char *unit,
788 const char *filename,
789 unsigned line,
790 const char *section,
791 unsigned section_line,
792 const char *lvalue,
793 int ltype,
794 const char *rvalue,
795 void *data,
796 void *userdata) {
797
798 ExecContext *c = data;
799 Unit *u = userdata;
800 const char *n;
801 ExecInput ei;
802 int r;
803
804 assert(data);
805 assert(filename);
806 assert(line);
807 assert(rvalue);
808
809 n = startswith(rvalue, "fd:");
810 if (n) {
811 _cleanup_free_ char *resolved = NULL;
812
813 r = unit_full_printf(u, n, &resolved);
814 if (r < 0)
815 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", n);
816
817 if (isempty(resolved))
818 resolved = mfree(resolved);
819 else if (!fdname_is_valid(resolved)) {
820 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name: %s", resolved);
821 return -ENOEXEC;
822 }
823
824 free_and_replace(c->stdio_fdname[STDIN_FILENO], resolved);
825
826 ei = EXEC_INPUT_NAMED_FD;
827
828 } else if ((n = startswith(rvalue, "file:"))) {
829 _cleanup_free_ char *resolved = NULL;
830
831 r = unit_full_printf(u, n, &resolved);
832 if (r < 0)
833 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", n);
834
835 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE | PATH_CHECK_FATAL, unit, filename, line, lvalue);
836 if (r < 0)
837 return -ENOEXEC;
838
839 free_and_replace(c->stdio_file[STDIN_FILENO], resolved);
840
841 ei = EXEC_INPUT_FILE;
842
843 } else {
844 ei = exec_input_from_string(rvalue);
845 if (ei < 0) {
846 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse input specifier, ignoring: %s", rvalue);
847 return 0;
848 }
849 }
850
851 c->std_input = ei;
852 return 0;
853 }
854
855 int config_parse_exec_input_text(
856 const char *unit,
857 const char *filename,
858 unsigned line,
859 const char *section,
860 unsigned section_line,
861 const char *lvalue,
862 int ltype,
863 const char *rvalue,
864 void *data,
865 void *userdata) {
866
867 _cleanup_free_ char *unescaped = NULL, *resolved = NULL;
868 ExecContext *c = data;
869 Unit *u = userdata;
870 size_t sz;
871 void *p;
872 int r;
873
874 assert(data);
875 assert(filename);
876 assert(line);
877 assert(rvalue);
878
879 if (isempty(rvalue)) {
880 /* Reset if the empty string is assigned */
881 c->stdin_data = mfree(c->stdin_data);
882 c->stdin_data_size = 0;
883 return 0;
884 }
885
886 r = cunescape(rvalue, 0, &unescaped);
887 if (r < 0)
888 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode C escaped text '%s': %m", rvalue);
889
890 r = unit_full_printf(u, unescaped, &resolved);
891 if (r < 0)
892 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", unescaped);
893
894 sz = strlen(resolved);
895 if (c->stdin_data_size + sz + 1 < c->stdin_data_size || /* check for overflow */
896 c->stdin_data_size + sz + 1 > EXEC_STDIN_DATA_MAX) {
897 log_syntax(unit, LOG_ERR, filename, line, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX);
898 return -E2BIG;
899 }
900
901 p = realloc(c->stdin_data, c->stdin_data_size + sz + 1);
902 if (!p)
903 return log_oom();
904
905 *((char*) mempcpy((char*) p + c->stdin_data_size, resolved, sz)) = '\n';
906
907 c->stdin_data = p;
908 c->stdin_data_size += sz + 1;
909
910 return 0;
911 }
912
913 int config_parse_exec_input_data(
914 const char *unit,
915 const char *filename,
916 unsigned line,
917 const char *section,
918 unsigned section_line,
919 const char *lvalue,
920 int ltype,
921 const char *rvalue,
922 void *data,
923 void *userdata) {
924
925 _cleanup_free_ void *p = NULL;
926 ExecContext *c = data;
927 size_t sz;
928 void *q;
929 int r;
930
931 assert(data);
932 assert(filename);
933 assert(line);
934 assert(rvalue);
935
936 if (isempty(rvalue)) {
937 /* Reset if the empty string is assigned */
938 c->stdin_data = mfree(c->stdin_data);
939 c->stdin_data_size = 0;
940 return 0;
941 }
942
943 r = unbase64mem(rvalue, (size_t) -1, &p, &sz);
944 if (r < 0)
945 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode base64 data, ignoring: %s", rvalue);
946
947 assert(sz > 0);
948
949 if (c->stdin_data_size + sz < c->stdin_data_size || /* check for overflow */
950 c->stdin_data_size + sz > EXEC_STDIN_DATA_MAX) {
951 log_syntax(unit, LOG_ERR, filename, line, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX);
952 return -E2BIG;
953 }
954
955 q = realloc(c->stdin_data, c->stdin_data_size + sz);
956 if (!q)
957 return log_oom();
958
959 memcpy((uint8_t*) q + c->stdin_data_size, p, sz);
960
961 c->stdin_data = q;
962 c->stdin_data_size += sz;
963
964 return 0;
965 }
966
967 int config_parse_exec_output(
968 const char *unit,
969 const char *filename,
970 unsigned line,
971 const char *section,
972 unsigned section_line,
973 const char *lvalue,
974 int ltype,
975 const char *rvalue,
976 void *data,
977 void *userdata) {
978
979 _cleanup_free_ char *resolved = NULL;
980 const char *n;
981 ExecContext *c = data;
982 Unit *u = userdata;
983 ExecOutput eo;
984 int r;
985
986 assert(data);
987 assert(filename);
988 assert(line);
989 assert(lvalue);
990 assert(rvalue);
991
992 n = startswith(rvalue, "fd:");
993 if (n) {
994 r = unit_full_printf(u, n, &resolved);
995 if (r < 0)
996 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n);
997
998 if (isempty(resolved))
999 resolved = mfree(resolved);
1000 else if (!fdname_is_valid(resolved)) {
1001 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name: %s", resolved);
1002 return -ENOEXEC;
1003 }
1004
1005 eo = EXEC_OUTPUT_NAMED_FD;
1006
1007 } else if ((n = startswith(rvalue, "file:"))) {
1008
1009 r = unit_full_printf(u, n, &resolved);
1010 if (r < 0)
1011 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n);
1012
1013 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE | PATH_CHECK_FATAL, unit, filename, line, lvalue);
1014 if (r < 0)
1015 return -ENOEXEC;
1016
1017 eo = EXEC_OUTPUT_FILE;
1018
1019 } else if ((n = startswith(rvalue, "append:"))) {
1020
1021 r = unit_full_printf(u, n, &resolved);
1022 if (r < 0)
1023 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n);
1024
1025 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE | PATH_CHECK_FATAL, unit, filename, line, lvalue);
1026 if (r < 0)
1027 return -ENOEXEC;
1028
1029 eo = EXEC_OUTPUT_FILE_APPEND;
1030 } else {
1031 eo = exec_output_from_string(rvalue);
1032 if (eo < 0) {
1033 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse output specifier, ignoring: %s", rvalue);
1034 return 0;
1035 }
1036 }
1037
1038 if (streq(lvalue, "StandardOutput")) {
1039 if (eo == EXEC_OUTPUT_NAMED_FD)
1040 free_and_replace(c->stdio_fdname[STDOUT_FILENO], resolved);
1041 else
1042 free_and_replace(c->stdio_file[STDOUT_FILENO], resolved);
1043
1044 c->std_output = eo;
1045
1046 } else {
1047 assert(streq(lvalue, "StandardError"));
1048
1049 if (eo == EXEC_OUTPUT_NAMED_FD)
1050 free_and_replace(c->stdio_fdname[STDERR_FILENO], resolved);
1051 else
1052 free_and_replace(c->stdio_file[STDERR_FILENO], resolved);
1053
1054 c->std_error = eo;
1055 }
1056
1057 return 0;
1058 }
1059
1060 int config_parse_exec_io_class(const char *unit,
1061 const char *filename,
1062 unsigned line,
1063 const char *section,
1064 unsigned section_line,
1065 const char *lvalue,
1066 int ltype,
1067 const char *rvalue,
1068 void *data,
1069 void *userdata) {
1070
1071 ExecContext *c = data;
1072 int x;
1073
1074 assert(filename);
1075 assert(lvalue);
1076 assert(rvalue);
1077 assert(data);
1078
1079 if (isempty(rvalue)) {
1080 c->ioprio_set = false;
1081 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
1082 return 0;
1083 }
1084
1085 x = ioprio_class_from_string(rvalue);
1086 if (x < 0) {
1087 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IO scheduling class, ignoring: %s", rvalue);
1088 return 0;
1089 }
1090
1091 c->ioprio = IOPRIO_PRIO_VALUE(x, IOPRIO_PRIO_DATA(c->ioprio));
1092 c->ioprio_set = true;
1093
1094 return 0;
1095 }
1096
1097 int config_parse_exec_io_priority(const char *unit,
1098 const char *filename,
1099 unsigned line,
1100 const char *section,
1101 unsigned section_line,
1102 const char *lvalue,
1103 int ltype,
1104 const char *rvalue,
1105 void *data,
1106 void *userdata) {
1107
1108 ExecContext *c = data;
1109 int i, r;
1110
1111 assert(filename);
1112 assert(lvalue);
1113 assert(rvalue);
1114 assert(data);
1115
1116 if (isempty(rvalue)) {
1117 c->ioprio_set = false;
1118 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
1119 return 0;
1120 }
1121
1122 r = ioprio_parse_priority(rvalue, &i);
1123 if (r < 0) {
1124 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse IO priority, ignoring: %s", rvalue);
1125 return 0;
1126 }
1127
1128 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_PRIO_CLASS(c->ioprio), i);
1129 c->ioprio_set = true;
1130
1131 return 0;
1132 }
1133
1134 int config_parse_exec_cpu_sched_policy(const char *unit,
1135 const char *filename,
1136 unsigned line,
1137 const char *section,
1138 unsigned section_line,
1139 const char *lvalue,
1140 int ltype,
1141 const char *rvalue,
1142 void *data,
1143 void *userdata) {
1144
1145 ExecContext *c = data;
1146 int x;
1147
1148 assert(filename);
1149 assert(lvalue);
1150 assert(rvalue);
1151 assert(data);
1152
1153 if (isempty(rvalue)) {
1154 c->cpu_sched_set = false;
1155 c->cpu_sched_policy = SCHED_OTHER;
1156 c->cpu_sched_priority = 0;
1157 return 0;
1158 }
1159
1160 x = sched_policy_from_string(rvalue);
1161 if (x < 0) {
1162 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse CPU scheduling policy, ignoring: %s", rvalue);
1163 return 0;
1164 }
1165
1166 c->cpu_sched_policy = x;
1167 /* Moving to or from real-time policy? We need to adjust the priority */
1168 c->cpu_sched_priority = CLAMP(c->cpu_sched_priority, sched_get_priority_min(x), sched_get_priority_max(x));
1169 c->cpu_sched_set = true;
1170
1171 return 0;
1172 }
1173
1174 int config_parse_exec_cpu_sched_prio(const char *unit,
1175 const char *filename,
1176 unsigned line,
1177 const char *section,
1178 unsigned section_line,
1179 const char *lvalue,
1180 int ltype,
1181 const char *rvalue,
1182 void *data,
1183 void *userdata) {
1184
1185 ExecContext *c = data;
1186 int i, min, max, r;
1187
1188 assert(filename);
1189 assert(lvalue);
1190 assert(rvalue);
1191 assert(data);
1192
1193 r = safe_atoi(rvalue, &i);
1194 if (r < 0) {
1195 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CPU scheduling priority, ignoring: %s", rvalue);
1196 return 0;
1197 }
1198
1199 /* On Linux RR/FIFO range from 1 to 99 and OTHER/BATCH may only be 0 */
1200 min = sched_get_priority_min(c->cpu_sched_policy);
1201 max = sched_get_priority_max(c->cpu_sched_policy);
1202
1203 if (i < min || i > max) {
1204 log_syntax(unit, LOG_ERR, filename, line, 0, "CPU scheduling priority is out of range, ignoring: %s", rvalue);
1205 return 0;
1206 }
1207
1208 c->cpu_sched_priority = i;
1209 c->cpu_sched_set = true;
1210
1211 return 0;
1212 }
1213
1214 int config_parse_exec_cpu_affinity(const char *unit,
1215 const char *filename,
1216 unsigned line,
1217 const char *section,
1218 unsigned section_line,
1219 const char *lvalue,
1220 int ltype,
1221 const char *rvalue,
1222 void *data,
1223 void *userdata) {
1224
1225 ExecContext *c = data;
1226 _cleanup_cpu_free_ cpu_set_t *cpuset = NULL;
1227 int ncpus;
1228
1229 assert(filename);
1230 assert(lvalue);
1231 assert(rvalue);
1232 assert(data);
1233
1234 ncpus = parse_cpu_set_and_warn(rvalue, &cpuset, unit, filename, line, lvalue);
1235 if (ncpus < 0)
1236 return ncpus;
1237
1238 if (ncpus == 0) {
1239 /* An empty assignment resets the CPU list */
1240 c->cpuset = cpu_set_mfree(c->cpuset);
1241 c->cpuset_ncpus = 0;
1242 return 0;
1243 }
1244
1245 if (!c->cpuset) {
1246 c->cpuset = TAKE_PTR(cpuset);
1247 c->cpuset_ncpus = (unsigned) ncpus;
1248 return 0;
1249 }
1250
1251 if (c->cpuset_ncpus < (unsigned) ncpus) {
1252 CPU_OR_S(CPU_ALLOC_SIZE(c->cpuset_ncpus), cpuset, c->cpuset, cpuset);
1253 CPU_FREE(c->cpuset);
1254 c->cpuset = TAKE_PTR(cpuset);
1255 c->cpuset_ncpus = (unsigned) ncpus;
1256 return 0;
1257 }
1258
1259 CPU_OR_S(CPU_ALLOC_SIZE((unsigned) ncpus), c->cpuset, c->cpuset, cpuset);
1260
1261 return 0;
1262 }
1263
1264 int config_parse_capability_set(
1265 const char *unit,
1266 const char *filename,
1267 unsigned line,
1268 const char *section,
1269 unsigned section_line,
1270 const char *lvalue,
1271 int ltype,
1272 const char *rvalue,
1273 void *data,
1274 void *userdata) {
1275
1276 uint64_t *capability_set = data;
1277 uint64_t sum = 0, initial = 0;
1278 bool invert = false;
1279 int r;
1280
1281 assert(filename);
1282 assert(lvalue);
1283 assert(rvalue);
1284 assert(data);
1285
1286 if (rvalue[0] == '~') {
1287 invert = true;
1288 rvalue++;
1289 }
1290
1291 if (streq(lvalue, "CapabilityBoundingSet"))
1292 initial = CAP_ALL; /* initialized to all bits on */
1293 /* else "AmbientCapabilities" initialized to all bits off */
1294
1295 r = capability_set_from_string(rvalue, &sum);
1296 if (r < 0) {
1297 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= specifier '%s', ignoring: %m", lvalue, rvalue);
1298 return 0;
1299 }
1300
1301 if (sum == 0 || *capability_set == initial)
1302 /* "", "~" or uninitialized data -> replace */
1303 *capability_set = invert ? ~sum : sum;
1304 else {
1305 /* previous data -> merge */
1306 if (invert)
1307 *capability_set &= ~sum;
1308 else
1309 *capability_set |= sum;
1310 }
1311
1312 return 0;
1313 }
1314
1315 int config_parse_exec_selinux_context(
1316 const char *unit,
1317 const char *filename,
1318 unsigned line,
1319 const char *section,
1320 unsigned section_line,
1321 const char *lvalue,
1322 int ltype,
1323 const char *rvalue,
1324 void *data,
1325 void *userdata) {
1326
1327 ExecContext *c = data;
1328 Unit *u = userdata;
1329 bool ignore;
1330 char *k;
1331 int r;
1332
1333 assert(filename);
1334 assert(lvalue);
1335 assert(rvalue);
1336 assert(data);
1337
1338 if (isempty(rvalue)) {
1339 c->selinux_context = mfree(c->selinux_context);
1340 c->selinux_context_ignore = false;
1341 return 0;
1342 }
1343
1344 if (rvalue[0] == '-') {
1345 ignore = true;
1346 rvalue++;
1347 } else
1348 ignore = false;
1349
1350 r = unit_full_printf(u, rvalue, &k);
1351 if (r < 0) {
1352 log_syntax(unit, LOG_ERR, filename, line, r,
1353 "Failed to resolve unit specifiers in '%s'%s: %m",
1354 rvalue, ignore ? ", ignoring" : "");
1355 return ignore ? 0 : -ENOEXEC;
1356 }
1357
1358 free_and_replace(c->selinux_context, k);
1359 c->selinux_context_ignore = ignore;
1360
1361 return 0;
1362 }
1363
1364 int config_parse_exec_apparmor_profile(
1365 const char *unit,
1366 const char *filename,
1367 unsigned line,
1368 const char *section,
1369 unsigned section_line,
1370 const char *lvalue,
1371 int ltype,
1372 const char *rvalue,
1373 void *data,
1374 void *userdata) {
1375
1376 ExecContext *c = data;
1377 Unit *u = userdata;
1378 bool ignore;
1379 char *k;
1380 int r;
1381
1382 assert(filename);
1383 assert(lvalue);
1384 assert(rvalue);
1385 assert(data);
1386
1387 if (isempty(rvalue)) {
1388 c->apparmor_profile = mfree(c->apparmor_profile);
1389 c->apparmor_profile_ignore = false;
1390 return 0;
1391 }
1392
1393 if (rvalue[0] == '-') {
1394 ignore = true;
1395 rvalue++;
1396 } else
1397 ignore = false;
1398
1399 r = unit_full_printf(u, rvalue, &k);
1400 if (r < 0) {
1401 log_syntax(unit, LOG_ERR, filename, line, r,
1402 "Failed to resolve unit specifiers in '%s'%s: %m",
1403 rvalue, ignore ? ", ignoring" : "");
1404 return ignore ? 0 : -ENOEXEC;
1405 }
1406
1407 free_and_replace(c->apparmor_profile, k);
1408 c->apparmor_profile_ignore = ignore;
1409
1410 return 0;
1411 }
1412
1413 int config_parse_exec_smack_process_label(
1414 const char *unit,
1415 const char *filename,
1416 unsigned line,
1417 const char *section,
1418 unsigned section_line,
1419 const char *lvalue,
1420 int ltype,
1421 const char *rvalue,
1422 void *data,
1423 void *userdata) {
1424
1425 ExecContext *c = data;
1426 Unit *u = userdata;
1427 bool ignore;
1428 char *k;
1429 int r;
1430
1431 assert(filename);
1432 assert(lvalue);
1433 assert(rvalue);
1434 assert(data);
1435
1436 if (isempty(rvalue)) {
1437 c->smack_process_label = mfree(c->smack_process_label);
1438 c->smack_process_label_ignore = false;
1439 return 0;
1440 }
1441
1442 if (rvalue[0] == '-') {
1443 ignore = true;
1444 rvalue++;
1445 } else
1446 ignore = false;
1447
1448 r = unit_full_printf(u, rvalue, &k);
1449 if (r < 0) {
1450 log_syntax(unit, LOG_ERR, filename, line, r,
1451 "Failed to resolve unit specifiers in '%s'%s: %m",
1452 rvalue, ignore ? ", ignoring" : "");
1453 return ignore ? 0 : -ENOEXEC;
1454 }
1455
1456 free_and_replace(c->smack_process_label, k);
1457 c->smack_process_label_ignore = ignore;
1458
1459 return 0;
1460 }
1461
1462 int config_parse_timer(const char *unit,
1463 const char *filename,
1464 unsigned line,
1465 const char *section,
1466 unsigned section_line,
1467 const char *lvalue,
1468 int ltype,
1469 const char *rvalue,
1470 void *data,
1471 void *userdata) {
1472
1473 Timer *t = data;
1474 usec_t usec = 0;
1475 TimerValue *v;
1476 TimerBase b;
1477 _cleanup_(calendar_spec_freep) CalendarSpec *c = NULL;
1478 Unit *u = userdata;
1479 _cleanup_free_ char *k = NULL;
1480 int r;
1481
1482 assert(filename);
1483 assert(lvalue);
1484 assert(rvalue);
1485 assert(data);
1486
1487 if (isempty(rvalue)) {
1488 /* Empty assignment resets list */
1489 timer_free_values(t);
1490 return 0;
1491 }
1492
1493 b = timer_base_from_string(lvalue);
1494 if (b < 0) {
1495 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse timer base, ignoring: %s", lvalue);
1496 return 0;
1497 }
1498
1499 r = unit_full_printf(u, rvalue, &k);
1500 if (r < 0) {
1501 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
1502 return 0;
1503 }
1504
1505 if (b == TIMER_CALENDAR) {
1506 if (calendar_spec_from_string(k, &c) < 0) {
1507 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse calendar specification, ignoring: %s", k);
1508 return 0;
1509 }
1510 } else
1511 if (parse_sec(k, &usec) < 0) {
1512 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse timer value, ignoring: %s", k);
1513 return 0;
1514 }
1515
1516 v = new0(TimerValue, 1);
1517 if (!v)
1518 return log_oom();
1519
1520 v->base = b;
1521 v->value = usec;
1522 v->calendar_spec = TAKE_PTR(c);
1523
1524 LIST_PREPEND(value, t->values, v);
1525
1526 return 0;
1527 }
1528
1529 int config_parse_trigger_unit(
1530 const char *unit,
1531 const char *filename,
1532 unsigned line,
1533 const char *section,
1534 unsigned section_line,
1535 const char *lvalue,
1536 int ltype,
1537 const char *rvalue,
1538 void *data,
1539 void *userdata) {
1540
1541 _cleanup_free_ char *p = NULL;
1542 Unit *u = data;
1543 UnitType type;
1544 int r;
1545
1546 assert(filename);
1547 assert(lvalue);
1548 assert(rvalue);
1549 assert(data);
1550
1551 if (!hashmap_isempty(u->dependencies[UNIT_TRIGGERS])) {
1552 log_syntax(unit, LOG_ERR, filename, line, 0, "Multiple units to trigger specified, ignoring: %s", rvalue);
1553 return 0;
1554 }
1555
1556 r = unit_name_printf(u, rvalue, &p);
1557 if (r < 0) {
1558 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1559 return 0;
1560 }
1561
1562 type = unit_name_to_type(p);
1563 if (type < 0) {
1564 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit type not valid, ignoring: %s", rvalue);
1565 return 0;
1566 }
1567 if (unit_has_name(u, p)) {
1568 log_syntax(unit, LOG_ERR, filename, line, 0, "Units cannot trigger themselves, ignoring: %s", rvalue);
1569 return 0;
1570 }
1571
1572 r = unit_add_two_dependencies_by_name(u, UNIT_BEFORE, UNIT_TRIGGERS, p, true, UNIT_DEPENDENCY_FILE);
1573 if (r < 0) {
1574 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add trigger on %s, ignoring: %m", p);
1575 return 0;
1576 }
1577
1578 return 0;
1579 }
1580
1581 int config_parse_path_spec(const char *unit,
1582 const char *filename,
1583 unsigned line,
1584 const char *section,
1585 unsigned section_line,
1586 const char *lvalue,
1587 int ltype,
1588 const char *rvalue,
1589 void *data,
1590 void *userdata) {
1591
1592 Path *p = data;
1593 PathSpec *s;
1594 PathType b;
1595 _cleanup_free_ char *k = NULL;
1596 int r;
1597
1598 assert(filename);
1599 assert(lvalue);
1600 assert(rvalue);
1601 assert(data);
1602
1603 if (isempty(rvalue)) {
1604 /* Empty assignment clears list */
1605 path_free_specs(p);
1606 return 0;
1607 }
1608
1609 b = path_type_from_string(lvalue);
1610 if (b < 0) {
1611 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse path type, ignoring: %s", lvalue);
1612 return 0;
1613 }
1614
1615 r = unit_full_printf(UNIT(p), rvalue, &k);
1616 if (r < 0) {
1617 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1618 return 0;
1619 }
1620
1621 r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
1622 if (r < 0)
1623 return 0;
1624
1625 s = new0(PathSpec, 1);
1626 if (!s)
1627 return log_oom();
1628
1629 s->unit = UNIT(p);
1630 s->path = TAKE_PTR(k);
1631 s->type = b;
1632 s->inotify_fd = -1;
1633
1634 LIST_PREPEND(spec, p->specs, s);
1635
1636 return 0;
1637 }
1638
1639 int config_parse_socket_service(
1640 const char *unit,
1641 const char *filename,
1642 unsigned line,
1643 const char *section,
1644 unsigned section_line,
1645 const char *lvalue,
1646 int ltype,
1647 const char *rvalue,
1648 void *data,
1649 void *userdata) {
1650
1651 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1652 _cleanup_free_ char *p = NULL;
1653 Socket *s = data;
1654 Unit *x;
1655 int r;
1656
1657 assert(filename);
1658 assert(lvalue);
1659 assert(rvalue);
1660 assert(data);
1661
1662 r = unit_name_printf(UNIT(s), rvalue, &p);
1663 if (r < 0) {
1664 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", rvalue);
1665 return -ENOEXEC;
1666 }
1667
1668 if (!endswith(p, ".service")) {
1669 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type service: %s", rvalue);
1670 return -ENOEXEC;
1671 }
1672
1673 r = manager_load_unit(UNIT(s)->manager, p, NULL, &error, &x);
1674 if (r < 0) {
1675 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load unit %s: %s", rvalue, bus_error_message(&error, r));
1676 return -ENOEXEC;
1677 }
1678
1679 unit_ref_set(&s->service, UNIT(s), x);
1680
1681 return 0;
1682 }
1683
1684 int config_parse_fdname(
1685 const char *unit,
1686 const char *filename,
1687 unsigned line,
1688 const char *section,
1689 unsigned section_line,
1690 const char *lvalue,
1691 int ltype,
1692 const char *rvalue,
1693 void *data,
1694 void *userdata) {
1695
1696 _cleanup_free_ char *p = NULL;
1697 Socket *s = data;
1698 int r;
1699
1700 assert(filename);
1701 assert(lvalue);
1702 assert(rvalue);
1703 assert(data);
1704
1705 if (isempty(rvalue)) {
1706 s->fdname = mfree(s->fdname);
1707 return 0;
1708 }
1709
1710 r = unit_full_printf(UNIT(s), rvalue, &p);
1711 if (r < 0) {
1712 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
1713 return 0;
1714 }
1715
1716 if (!fdname_is_valid(p)) {
1717 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name, ignoring: %s", p);
1718 return 0;
1719 }
1720
1721 return free_and_replace(s->fdname, p);
1722 }
1723
1724 int config_parse_service_sockets(
1725 const char *unit,
1726 const char *filename,
1727 unsigned line,
1728 const char *section,
1729 unsigned section_line,
1730 const char *lvalue,
1731 int ltype,
1732 const char *rvalue,
1733 void *data,
1734 void *userdata) {
1735
1736 Service *s = data;
1737 const char *p;
1738 int r;
1739
1740 assert(filename);
1741 assert(lvalue);
1742 assert(rvalue);
1743 assert(data);
1744
1745 p = rvalue;
1746 for (;;) {
1747 _cleanup_free_ char *word = NULL, *k = NULL;
1748
1749 r = extract_first_word(&p, &word, NULL, 0);
1750 if (r == 0)
1751 break;
1752 if (r == -ENOMEM)
1753 return log_oom();
1754 if (r < 0) {
1755 log_syntax(unit, LOG_ERR, filename, line, r, "Trailing garbage in sockets, ignoring: %s", rvalue);
1756 break;
1757 }
1758
1759 r = unit_name_printf(UNIT(s), word, &k);
1760 if (r < 0) {
1761 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
1762 continue;
1763 }
1764
1765 if (!endswith(k, ".socket")) {
1766 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type socket, ignoring: %s", k);
1767 continue;
1768 }
1769
1770 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_WANTS, UNIT_AFTER, k, true, UNIT_DEPENDENCY_FILE);
1771 if (r < 0)
1772 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
1773
1774 r = unit_add_dependency_by_name(UNIT(s), UNIT_TRIGGERED_BY, k, true, UNIT_DEPENDENCY_FILE);
1775 if (r < 0)
1776 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
1777 }
1778
1779 return 0;
1780 }
1781
1782 int config_parse_bus_name(
1783 const char *unit,
1784 const char *filename,
1785 unsigned line,
1786 const char *section,
1787 unsigned section_line,
1788 const char *lvalue,
1789 int ltype,
1790 const char *rvalue,
1791 void *data,
1792 void *userdata) {
1793
1794 _cleanup_free_ char *k = NULL;
1795 Unit *u = userdata;
1796 int r;
1797
1798 assert(filename);
1799 assert(lvalue);
1800 assert(rvalue);
1801 assert(u);
1802
1803 r = unit_full_printf(u, rvalue, &k);
1804 if (r < 0) {
1805 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1806 return 0;
1807 }
1808
1809 if (!service_name_is_valid(k)) {
1810 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid bus name, ignoring: %s", k);
1811 return 0;
1812 }
1813
1814 return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
1815 }
1816
1817 int config_parse_service_timeout(
1818 const char *unit,
1819 const char *filename,
1820 unsigned line,
1821 const char *section,
1822 unsigned section_line,
1823 const char *lvalue,
1824 int ltype,
1825 const char *rvalue,
1826 void *data,
1827 void *userdata) {
1828
1829 Service *s = userdata;
1830 usec_t usec;
1831 int r;
1832
1833 assert(filename);
1834 assert(lvalue);
1835 assert(rvalue);
1836 assert(s);
1837
1838 /* This is called for two cases: TimeoutSec= and TimeoutStartSec=. */
1839
1840 /* Traditionally, these options accepted 0 to disable the timeouts. However, a timeout of 0 suggests it happens
1841 * immediately, hence fix this to become USEC_INFINITY instead. This is in-line with how we internally handle
1842 * all other timeouts. */
1843 r = parse_sec_fix_0(rvalue, &usec);
1844 if (r < 0) {
1845 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
1846 return 0;
1847 }
1848
1849 s->start_timeout_defined = true;
1850 s->timeout_start_usec = usec;
1851
1852 if (streq(lvalue, "TimeoutSec"))
1853 s->timeout_stop_usec = usec;
1854
1855 return 0;
1856 }
1857
1858 int config_parse_sec_fix_0(
1859 const char *unit,
1860 const char *filename,
1861 unsigned line,
1862 const char *section,
1863 unsigned section_line,
1864 const char *lvalue,
1865 int ltype,
1866 const char *rvalue,
1867 void *data,
1868 void *userdata) {
1869
1870 usec_t *usec = data;
1871 int r;
1872
1873 assert(filename);
1874 assert(lvalue);
1875 assert(rvalue);
1876 assert(usec);
1877
1878 /* This is pretty much like config_parse_sec(), except that this treats a time of 0 as infinity, for
1879 * compatibility with older versions of systemd where 0 instead of infinity was used as indicator to turn off a
1880 * timeout. */
1881
1882 r = parse_sec_fix_0(rvalue, usec);
1883 if (r < 0) {
1884 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
1885 return 0;
1886 }
1887
1888 return 0;
1889 }
1890
1891 int config_parse_user_group(
1892 const char *unit,
1893 const char *filename,
1894 unsigned line,
1895 const char *section,
1896 unsigned section_line,
1897 const char *lvalue,
1898 int ltype,
1899 const char *rvalue,
1900 void *data,
1901 void *userdata) {
1902
1903 _cleanup_free_ char *k = NULL;
1904 char **user = data;
1905 Unit *u = userdata;
1906 int r;
1907
1908 assert(filename);
1909 assert(lvalue);
1910 assert(rvalue);
1911 assert(u);
1912
1913 if (isempty(rvalue)) {
1914 *user = mfree(*user);
1915 return 0;
1916 }
1917
1918 r = unit_full_printf(u, rvalue, &k);
1919 if (r < 0) {
1920 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", rvalue);
1921 return -ENOEXEC;
1922 }
1923
1924 if (!valid_user_group_name_or_id(k)) {
1925 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
1926 return -ENOEXEC;
1927 }
1928
1929 return free_and_replace(*user, k);
1930 }
1931
1932 int config_parse_user_group_strv(
1933 const char *unit,
1934 const char *filename,
1935 unsigned line,
1936 const char *section,
1937 unsigned section_line,
1938 const char *lvalue,
1939 int ltype,
1940 const char *rvalue,
1941 void *data,
1942 void *userdata) {
1943
1944 char ***users = data;
1945 Unit *u = userdata;
1946 const char *p = rvalue;
1947 int r;
1948
1949 assert(filename);
1950 assert(lvalue);
1951 assert(rvalue);
1952 assert(u);
1953
1954 if (isempty(rvalue)) {
1955 *users = strv_free(*users);
1956 return 0;
1957 }
1958
1959 for (;;) {
1960 _cleanup_free_ char *word = NULL, *k = NULL;
1961
1962 r = extract_first_word(&p, &word, NULL, 0);
1963 if (r == 0)
1964 break;
1965 if (r == -ENOMEM)
1966 return log_oom();
1967 if (r < 0) {
1968 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax: %s", rvalue);
1969 return -ENOEXEC;
1970 }
1971
1972 r = unit_full_printf(u, word, &k);
1973 if (r < 0) {
1974 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", word);
1975 return -ENOEXEC;
1976 }
1977
1978 if (!valid_user_group_name_or_id(k)) {
1979 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
1980 return -ENOEXEC;
1981 }
1982
1983 r = strv_push(users, k);
1984 if (r < 0)
1985 return log_oom();
1986
1987 k = NULL;
1988 }
1989
1990 return 0;
1991 }
1992
1993 int config_parse_working_directory(
1994 const char *unit,
1995 const char *filename,
1996 unsigned line,
1997 const char *section,
1998 unsigned section_line,
1999 const char *lvalue,
2000 int ltype,
2001 const char *rvalue,
2002 void *data,
2003 void *userdata) {
2004
2005 ExecContext *c = data;
2006 Unit *u = userdata;
2007 bool missing_ok;
2008 int r;
2009
2010 assert(filename);
2011 assert(lvalue);
2012 assert(rvalue);
2013 assert(c);
2014 assert(u);
2015
2016 if (isempty(rvalue)) {
2017 c->working_directory_home = false;
2018 c->working_directory = mfree(c->working_directory);
2019 return 0;
2020 }
2021
2022 if (rvalue[0] == '-') {
2023 missing_ok = true;
2024 rvalue++;
2025 } else
2026 missing_ok = false;
2027
2028 if (streq(rvalue, "~")) {
2029 c->working_directory_home = true;
2030 c->working_directory = mfree(c->working_directory);
2031 } else {
2032 _cleanup_free_ char *k = NULL;
2033
2034 r = unit_full_printf(u, rvalue, &k);
2035 if (r < 0) {
2036 log_syntax(unit, LOG_ERR, filename, line, r,
2037 "Failed to resolve unit specifiers in working directory path '%s'%s: %m",
2038 rvalue, missing_ok ? ", ignoring" : "");
2039 return missing_ok ? 0 : -ENOEXEC;
2040 }
2041
2042 r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE | (missing_ok ? 0 : PATH_CHECK_FATAL), unit, filename, line, lvalue);
2043 if (r < 0)
2044 return missing_ok ? 0 : -ENOEXEC;
2045
2046 c->working_directory_home = false;
2047 free_and_replace(c->working_directory, k);
2048 }
2049
2050 c->working_directory_missing_ok = missing_ok;
2051 return 0;
2052 }
2053
2054 int config_parse_unit_env_file(const char *unit,
2055 const char *filename,
2056 unsigned line,
2057 const char *section,
2058 unsigned section_line,
2059 const char *lvalue,
2060 int ltype,
2061 const char *rvalue,
2062 void *data,
2063 void *userdata) {
2064
2065 char ***env = data;
2066 Unit *u = userdata;
2067 _cleanup_free_ char *n = NULL;
2068 int r;
2069
2070 assert(filename);
2071 assert(lvalue);
2072 assert(rvalue);
2073 assert(data);
2074
2075 if (isempty(rvalue)) {
2076 /* Empty assignment frees the list */
2077 *env = strv_free(*env);
2078 return 0;
2079 }
2080
2081 r = unit_full_printf(u, rvalue, &n);
2082 if (r < 0) {
2083 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
2084 return 0;
2085 }
2086
2087 r = path_simplify_and_warn(n[0] == '-' ? n + 1 : n, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
2088 if (r < 0)
2089 return 0;
2090
2091 r = strv_push(env, n);
2092 if (r < 0)
2093 return log_oom();
2094
2095 n = NULL;
2096
2097 return 0;
2098 }
2099
2100 int config_parse_environ(
2101 const char *unit,
2102 const char *filename,
2103 unsigned line,
2104 const char *section,
2105 unsigned section_line,
2106 const char *lvalue,
2107 int ltype,
2108 const char *rvalue,
2109 void *data,
2110 void *userdata) {
2111
2112 Unit *u = userdata;
2113 char ***env = data;
2114 const char *p;
2115 int r;
2116
2117 assert(filename);
2118 assert(lvalue);
2119 assert(rvalue);
2120 assert(data);
2121
2122 if (isempty(rvalue)) {
2123 /* Empty assignment resets the list */
2124 *env = strv_free(*env);
2125 return 0;
2126 }
2127
2128 for (p = rvalue;; ) {
2129 _cleanup_free_ char *word = NULL, *k = NULL;
2130
2131 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2132 if (r == 0)
2133 return 0;
2134 if (r == -ENOMEM)
2135 return log_oom();
2136 if (r < 0) {
2137 log_syntax(unit, LOG_WARNING, filename, line, r,
2138 "Invalid syntax, ignoring: %s", rvalue);
2139 return 0;
2140 }
2141
2142 if (u) {
2143 r = unit_full_printf(u, word, &k);
2144 if (r < 0) {
2145 log_syntax(unit, LOG_ERR, filename, line, r,
2146 "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2147 continue;
2148 }
2149 } else
2150 k = TAKE_PTR(word);
2151
2152 if (!env_assignment_is_valid(k)) {
2153 log_syntax(unit, LOG_ERR, filename, line, 0,
2154 "Invalid environment assignment, ignoring: %s", k);
2155 continue;
2156 }
2157
2158 r = strv_env_replace(env, k);
2159 if (r < 0)
2160 return log_oom();
2161
2162 k = NULL;
2163 }
2164 }
2165
2166 int config_parse_pass_environ(
2167 const char *unit,
2168 const char *filename,
2169 unsigned line,
2170 const char *section,
2171 unsigned section_line,
2172 const char *lvalue,
2173 int ltype,
2174 const char *rvalue,
2175 void *data,
2176 void *userdata) {
2177
2178 _cleanup_strv_free_ char **n = NULL;
2179 size_t nlen = 0, nbufsize = 0;
2180 char*** passenv = data;
2181 const char *p = rvalue;
2182 Unit *u = userdata;
2183 int r;
2184
2185 assert(filename);
2186 assert(lvalue);
2187 assert(rvalue);
2188 assert(data);
2189
2190 if (isempty(rvalue)) {
2191 /* Empty assignment resets the list */
2192 *passenv = strv_free(*passenv);
2193 return 0;
2194 }
2195
2196 for (;;) {
2197 _cleanup_free_ char *word = NULL, *k = NULL;
2198
2199 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2200 if (r == 0)
2201 break;
2202 if (r == -ENOMEM)
2203 return log_oom();
2204 if (r < 0) {
2205 log_syntax(unit, LOG_ERR, filename, line, r,
2206 "Trailing garbage in %s, ignoring: %s", lvalue, rvalue);
2207 break;
2208 }
2209
2210 if (u) {
2211 r = unit_full_printf(u, word, &k);
2212 if (r < 0) {
2213 log_syntax(unit, LOG_ERR, filename, line, r,
2214 "Failed to resolve specifiers in %s, ignoring: %m", word);
2215 continue;
2216 }
2217 } else
2218 k = TAKE_PTR(word);
2219
2220 if (!env_name_is_valid(k)) {
2221 log_syntax(unit, LOG_ERR, filename, line, 0,
2222 "Invalid environment name for %s, ignoring: %s", lvalue, k);
2223 continue;
2224 }
2225
2226 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
2227 return log_oom();
2228
2229 n[nlen++] = TAKE_PTR(k);
2230 n[nlen] = NULL;
2231 }
2232
2233 if (n) {
2234 r = strv_extend_strv(passenv, n, true);
2235 if (r < 0)
2236 return r;
2237 }
2238
2239 return 0;
2240 }
2241
2242 int config_parse_unset_environ(
2243 const char *unit,
2244 const char *filename,
2245 unsigned line,
2246 const char *section,
2247 unsigned section_line,
2248 const char *lvalue,
2249 int ltype,
2250 const char *rvalue,
2251 void *data,
2252 void *userdata) {
2253
2254 _cleanup_strv_free_ char **n = NULL;
2255 size_t nlen = 0, nbufsize = 0;
2256 char*** unsetenv = data;
2257 const char *p = rvalue;
2258 Unit *u = userdata;
2259 int r;
2260
2261 assert(filename);
2262 assert(lvalue);
2263 assert(rvalue);
2264 assert(data);
2265
2266 if (isempty(rvalue)) {
2267 /* Empty assignment resets the list */
2268 *unsetenv = strv_free(*unsetenv);
2269 return 0;
2270 }
2271
2272 for (;;) {
2273 _cleanup_free_ char *word = NULL, *k = NULL;
2274
2275 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2276 if (r == 0)
2277 break;
2278 if (r == -ENOMEM)
2279 return log_oom();
2280 if (r < 0) {
2281 log_syntax(unit, LOG_ERR, filename, line, r,
2282 "Trailing garbage in %s, ignoring: %s", lvalue, rvalue);
2283 break;
2284 }
2285
2286 if (u) {
2287 r = unit_full_printf(u, word, &k);
2288 if (r < 0) {
2289 log_syntax(unit, LOG_ERR, filename, line, r,
2290 "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2291 continue;
2292 }
2293 } else
2294 k = TAKE_PTR(word);
2295
2296 if (!env_assignment_is_valid(k) && !env_name_is_valid(k)) {
2297 log_syntax(unit, LOG_ERR, filename, line, 0,
2298 "Invalid environment name or assignment %s, ignoring: %s", lvalue, k);
2299 continue;
2300 }
2301
2302 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
2303 return log_oom();
2304
2305 n[nlen++] = TAKE_PTR(k);
2306 n[nlen] = NULL;
2307 }
2308
2309 if (n) {
2310 r = strv_extend_strv(unsetenv, n, true);
2311 if (r < 0)
2312 return r;
2313 }
2314
2315 return 0;
2316 }
2317
2318 int config_parse_log_extra_fields(
2319 const char *unit,
2320 const char *filename,
2321 unsigned line,
2322 const char *section,
2323 unsigned section_line,
2324 const char *lvalue,
2325 int ltype,
2326 const char *rvalue,
2327 void *data,
2328 void *userdata) {
2329
2330 ExecContext *c = data;
2331 Unit *u = userdata;
2332 const char *p = rvalue;
2333 int r;
2334
2335 assert(filename);
2336 assert(lvalue);
2337 assert(rvalue);
2338 assert(c);
2339
2340 if (isempty(rvalue)) {
2341 exec_context_free_log_extra_fields(c);
2342 return 0;
2343 }
2344
2345 for (;;) {
2346 _cleanup_free_ char *word = NULL, *k = NULL;
2347 struct iovec *t;
2348 const char *eq;
2349
2350 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2351 if (r == 0)
2352 return 0;
2353 if (r == -ENOMEM)
2354 return log_oom();
2355 if (r < 0) {
2356 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
2357 return 0;
2358 }
2359
2360 r = unit_full_printf(u, word, &k);
2361 if (r < 0) {
2362 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2363 continue;
2364 }
2365
2366 eq = strchr(k, '=');
2367 if (!eq) {
2368 log_syntax(unit, LOG_ERR, filename, line, 0, "Log field lacks '=' character, ignoring: %s", k);
2369 continue;
2370 }
2371
2372 if (!journal_field_valid(k, eq-k, false)) {
2373 log_syntax(unit, LOG_ERR, filename, line, 0, "Log field name is invalid, ignoring: %s", k);
2374 continue;
2375 }
2376
2377 t = reallocarray(c->log_extra_fields, c->n_log_extra_fields+1, sizeof(struct iovec));
2378 if (!t)
2379 return log_oom();
2380
2381 c->log_extra_fields = t;
2382 c->log_extra_fields[c->n_log_extra_fields++] = IOVEC_MAKE_STRING(k);
2383
2384 k = NULL;
2385 }
2386 }
2387
2388 int config_parse_unit_condition_path(
2389 const char *unit,
2390 const char *filename,
2391 unsigned line,
2392 const char *section,
2393 unsigned section_line,
2394 const char *lvalue,
2395 int ltype,
2396 const char *rvalue,
2397 void *data,
2398 void *userdata) {
2399
2400 _cleanup_free_ char *p = NULL;
2401 Condition **list = data, *c;
2402 ConditionType t = ltype;
2403 bool trigger, negate;
2404 Unit *u = userdata;
2405 int r;
2406
2407 assert(filename);
2408 assert(lvalue);
2409 assert(rvalue);
2410 assert(data);
2411
2412 if (isempty(rvalue)) {
2413 /* Empty assignment resets the list */
2414 *list = condition_free_list(*list);
2415 return 0;
2416 }
2417
2418 trigger = rvalue[0] == '|';
2419 if (trigger)
2420 rvalue++;
2421
2422 negate = rvalue[0] == '!';
2423 if (negate)
2424 rvalue++;
2425
2426 r = unit_full_printf(u, rvalue, &p);
2427 if (r < 0) {
2428 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
2429 return 0;
2430 }
2431
2432 r = path_simplify_and_warn(p, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
2433 if (r < 0)
2434 return 0;
2435
2436 c = condition_new(t, p, trigger, negate);
2437 if (!c)
2438 return log_oom();
2439
2440 LIST_PREPEND(conditions, *list, c);
2441 return 0;
2442 }
2443
2444 int config_parse_unit_condition_string(
2445 const char *unit,
2446 const char *filename,
2447 unsigned line,
2448 const char *section,
2449 unsigned section_line,
2450 const char *lvalue,
2451 int ltype,
2452 const char *rvalue,
2453 void *data,
2454 void *userdata) {
2455
2456 _cleanup_free_ char *s = NULL;
2457 Condition **list = data, *c;
2458 ConditionType t = ltype;
2459 bool trigger, negate;
2460 Unit *u = userdata;
2461 int r;
2462
2463 assert(filename);
2464 assert(lvalue);
2465 assert(rvalue);
2466 assert(data);
2467
2468 if (isempty(rvalue)) {
2469 /* Empty assignment resets the list */
2470 *list = condition_free_list(*list);
2471 return 0;
2472 }
2473
2474 trigger = rvalue[0] == '|';
2475 if (trigger)
2476 rvalue++;
2477
2478 negate = rvalue[0] == '!';
2479 if (negate)
2480 rvalue++;
2481
2482 r = unit_full_printf(u, rvalue, &s);
2483 if (r < 0) {
2484 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
2485 return 0;
2486 }
2487
2488 c = condition_new(t, s, trigger, negate);
2489 if (!c)
2490 return log_oom();
2491
2492 LIST_PREPEND(conditions, *list, c);
2493 return 0;
2494 }
2495
2496 int config_parse_unit_condition_null(
2497 const char *unit,
2498 const char *filename,
2499 unsigned line,
2500 const char *section,
2501 unsigned section_line,
2502 const char *lvalue,
2503 int ltype,
2504 const char *rvalue,
2505 void *data,
2506 void *userdata) {
2507
2508 Condition **list = data, *c;
2509 bool trigger, negate;
2510 int b;
2511
2512 assert(filename);
2513 assert(lvalue);
2514 assert(rvalue);
2515 assert(data);
2516
2517 log_syntax(unit, LOG_WARNING, filename, line, 0, "%s= is deprecated, please do not use.", lvalue);
2518
2519 if (isempty(rvalue)) {
2520 /* Empty assignment resets the list */
2521 *list = condition_free_list(*list);
2522 return 0;
2523 }
2524
2525 trigger = rvalue[0] == '|';
2526 if (trigger)
2527 rvalue++;
2528
2529 negate = rvalue[0] == '!';
2530 if (negate)
2531 rvalue++;
2532
2533 b = parse_boolean(rvalue);
2534 if (b < 0) {
2535 log_syntax(unit, LOG_ERR, filename, line, b, "Failed to parse boolean value in condition, ignoring: %s", rvalue);
2536 return 0;
2537 }
2538
2539 if (!b)
2540 negate = !negate;
2541
2542 c = condition_new(CONDITION_NULL, NULL, trigger, negate);
2543 if (!c)
2544 return log_oom();
2545
2546 LIST_PREPEND(conditions, *list, c);
2547 return 0;
2548 }
2549
2550 int config_parse_unit_requires_mounts_for(
2551 const char *unit,
2552 const char *filename,
2553 unsigned line,
2554 const char *section,
2555 unsigned section_line,
2556 const char *lvalue,
2557 int ltype,
2558 const char *rvalue,
2559 void *data,
2560 void *userdata) {
2561
2562 const char *p = rvalue;
2563 Unit *u = userdata;
2564 int r;
2565
2566 assert(filename);
2567 assert(lvalue);
2568 assert(rvalue);
2569 assert(data);
2570
2571 for (;;) {
2572 _cleanup_free_ char *word = NULL, *resolved = NULL;
2573
2574 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2575 if (r == 0)
2576 return 0;
2577 if (r == -ENOMEM)
2578 return log_oom();
2579 if (r < 0) {
2580 log_syntax(unit, LOG_WARNING, filename, line, r,
2581 "Invalid syntax, ignoring: %s", rvalue);
2582 return 0;
2583 }
2584
2585 r = unit_full_printf(u, word, &resolved);
2586 if (r < 0) {
2587 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
2588 continue;
2589 }
2590
2591 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
2592 if (r < 0)
2593 continue;
2594
2595 r = unit_require_mounts_for(u, resolved, UNIT_DEPENDENCY_FILE);
2596 if (r < 0) {
2597 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add required mount '%s', ignoring: %m", resolved);
2598 continue;
2599 }
2600 }
2601 }
2602
2603 int config_parse_documentation(const char *unit,
2604 const char *filename,
2605 unsigned line,
2606 const char *section,
2607 unsigned section_line,
2608 const char *lvalue,
2609 int ltype,
2610 const char *rvalue,
2611 void *data,
2612 void *userdata) {
2613
2614 Unit *u = userdata;
2615 int r;
2616 char **a, **b;
2617
2618 assert(filename);
2619 assert(lvalue);
2620 assert(rvalue);
2621 assert(u);
2622
2623 if (isempty(rvalue)) {
2624 /* Empty assignment resets the list */
2625 u->documentation = strv_free(u->documentation);
2626 return 0;
2627 }
2628
2629 r = config_parse_unit_strv_printf(unit, filename, line, section, section_line, lvalue, ltype,
2630 rvalue, data, userdata);
2631 if (r < 0)
2632 return r;
2633
2634 for (a = b = u->documentation; a && *a; a++) {
2635
2636 if (documentation_url_is_valid(*a))
2637 *(b++) = *a;
2638 else {
2639 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid URL, ignoring: %s", *a);
2640 free(*a);
2641 }
2642 }
2643 if (b)
2644 *b = NULL;
2645
2646 return r;
2647 }
2648
2649 #if HAVE_SECCOMP
2650 int config_parse_syscall_filter(
2651 const char *unit,
2652 const char *filename,
2653 unsigned line,
2654 const char *section,
2655 unsigned section_line,
2656 const char *lvalue,
2657 int ltype,
2658 const char *rvalue,
2659 void *data,
2660 void *userdata) {
2661
2662 ExecContext *c = data;
2663 Unit *u = userdata;
2664 bool invert = false;
2665 const char *p;
2666 int r;
2667
2668 assert(filename);
2669 assert(lvalue);
2670 assert(rvalue);
2671 assert(u);
2672
2673 if (isempty(rvalue)) {
2674 /* Empty assignment resets the list */
2675 c->syscall_filter = hashmap_free(c->syscall_filter);
2676 c->syscall_whitelist = false;
2677 return 0;
2678 }
2679
2680 if (rvalue[0] == '~') {
2681 invert = true;
2682 rvalue++;
2683 }
2684
2685 if (!c->syscall_filter) {
2686 c->syscall_filter = hashmap_new(NULL);
2687 if (!c->syscall_filter)
2688 return log_oom();
2689
2690 if (invert)
2691 /* Allow everything but the ones listed */
2692 c->syscall_whitelist = false;
2693 else {
2694 /* Allow nothing but the ones listed */
2695 c->syscall_whitelist = true;
2696
2697 /* Accept default syscalls if we are on a whitelist */
2698 r = seccomp_parse_syscall_filter(
2699 "@default", -1, c->syscall_filter,
2700 SECCOMP_PARSE_PERMISSIVE|SECCOMP_PARSE_WHITELIST);
2701 if (r < 0)
2702 return r;
2703 }
2704 }
2705
2706 p = rvalue;
2707 for (;;) {
2708 _cleanup_free_ char *word = NULL, *name = NULL;
2709 int num;
2710
2711 r = extract_first_word(&p, &word, NULL, 0);
2712 if (r == 0)
2713 return 0;
2714 if (r == -ENOMEM)
2715 return log_oom();
2716 if (r < 0) {
2717 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
2718 return 0;
2719 }
2720
2721 r = parse_syscall_and_errno(word, &name, &num);
2722 if (r < 0) {
2723 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse syscall:errno, ignoring: %s", word);
2724 continue;
2725 }
2726
2727 r = seccomp_parse_syscall_filter_full(name, num, c->syscall_filter,
2728 SECCOMP_PARSE_LOG|SECCOMP_PARSE_PERMISSIVE|(invert ? SECCOMP_PARSE_INVERT : 0)|(c->syscall_whitelist ? SECCOMP_PARSE_WHITELIST : 0),
2729 unit, filename, line);
2730 if (r < 0)
2731 return r;
2732 }
2733 }
2734
2735 int config_parse_syscall_archs(
2736 const char *unit,
2737 const char *filename,
2738 unsigned line,
2739 const char *section,
2740 unsigned section_line,
2741 const char *lvalue,
2742 int ltype,
2743 const char *rvalue,
2744 void *data,
2745 void *userdata) {
2746
2747 const char *p = rvalue;
2748 Set **archs = data;
2749 int r;
2750
2751 if (isempty(rvalue)) {
2752 *archs = set_free(*archs);
2753 return 0;
2754 }
2755
2756 r = set_ensure_allocated(archs, NULL);
2757 if (r < 0)
2758 return log_oom();
2759
2760 for (;;) {
2761 _cleanup_free_ char *word = NULL;
2762 uint32_t a;
2763
2764 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2765 if (r == 0)
2766 return 0;
2767 if (r == -ENOMEM)
2768 return log_oom();
2769 if (r < 0) {
2770 log_syntax(unit, LOG_WARNING, filename, line, r,
2771 "Invalid syntax, ignoring: %s", rvalue);
2772 return 0;
2773 }
2774
2775 r = seccomp_arch_from_string(word, &a);
2776 if (r < 0) {
2777 log_syntax(unit, LOG_ERR, filename, line, r,
2778 "Failed to parse system call architecture \"%s\", ignoring: %m", word);
2779 continue;
2780 }
2781
2782 r = set_put(*archs, UINT32_TO_PTR(a + 1));
2783 if (r < 0)
2784 return log_oom();
2785 }
2786 }
2787
2788 int config_parse_syscall_errno(
2789 const char *unit,
2790 const char *filename,
2791 unsigned line,
2792 const char *section,
2793 unsigned section_line,
2794 const char *lvalue,
2795 int ltype,
2796 const char *rvalue,
2797 void *data,
2798 void *userdata) {
2799
2800 ExecContext *c = data;
2801 int e;
2802
2803 assert(filename);
2804 assert(lvalue);
2805 assert(rvalue);
2806
2807 if (isempty(rvalue)) {
2808 /* Empty assignment resets to KILL */
2809 c->syscall_errno = 0;
2810 return 0;
2811 }
2812
2813 e = parse_errno(rvalue);
2814 if (e <= 0) {
2815 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse error number, ignoring: %s", rvalue);
2816 return 0;
2817 }
2818
2819 c->syscall_errno = e;
2820 return 0;
2821 }
2822
2823 int config_parse_address_families(
2824 const char *unit,
2825 const char *filename,
2826 unsigned line,
2827 const char *section,
2828 unsigned section_line,
2829 const char *lvalue,
2830 int ltype,
2831 const char *rvalue,
2832 void *data,
2833 void *userdata) {
2834
2835 ExecContext *c = data;
2836 bool invert = false;
2837 const char *p;
2838 int r;
2839
2840 assert(filename);
2841 assert(lvalue);
2842 assert(rvalue);
2843
2844 if (isempty(rvalue)) {
2845 /* Empty assignment resets the list */
2846 c->address_families = set_free(c->address_families);
2847 c->address_families_whitelist = false;
2848 return 0;
2849 }
2850
2851 if (rvalue[0] == '~') {
2852 invert = true;
2853 rvalue++;
2854 }
2855
2856 if (!c->address_families) {
2857 c->address_families = set_new(NULL);
2858 if (!c->address_families)
2859 return log_oom();
2860
2861 c->address_families_whitelist = !invert;
2862 }
2863
2864 for (p = rvalue;;) {
2865 _cleanup_free_ char *word = NULL;
2866 int af;
2867
2868 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2869 if (r == 0)
2870 return 0;
2871 if (r == -ENOMEM)
2872 return log_oom();
2873 if (r < 0) {
2874 log_syntax(unit, LOG_WARNING, filename, line, r,
2875 "Invalid syntax, ignoring: %s", rvalue);
2876 return 0;
2877 }
2878
2879 af = af_from_name(word);
2880 if (af < 0) {
2881 log_syntax(unit, LOG_ERR, filename, line, af,
2882 "Failed to parse address family, ignoring: %s", word);
2883 continue;
2884 }
2885
2886 /* If we previously wanted to forbid an address family and now
2887 * we want to allow it, then just remove it from the list.
2888 */
2889 if (!invert == c->address_families_whitelist) {
2890 r = set_put(c->address_families, INT_TO_PTR(af));
2891 if (r < 0)
2892 return log_oom();
2893 } else
2894 set_remove(c->address_families, INT_TO_PTR(af));
2895 }
2896 }
2897
2898 int config_parse_restrict_namespaces(
2899 const char *unit,
2900 const char *filename,
2901 unsigned line,
2902 const char *section,
2903 unsigned section_line,
2904 const char *lvalue,
2905 int ltype,
2906 const char *rvalue,
2907 void *data,
2908 void *userdata) {
2909
2910 ExecContext *c = data;
2911 unsigned long flags;
2912 bool invert = false;
2913 int r;
2914
2915 if (isempty(rvalue)) {
2916 /* Reset to the default. */
2917 c->restrict_namespaces = NAMESPACE_FLAGS_INITIAL;
2918 return 0;
2919 }
2920
2921 /* Boolean parameter ignores the previous settings */
2922 r = parse_boolean(rvalue);
2923 if (r > 0) {
2924 c->restrict_namespaces = 0;
2925 return 0;
2926 } else if (r == 0) {
2927 c->restrict_namespaces = NAMESPACE_FLAGS_ALL;
2928 return 0;
2929 }
2930
2931 if (rvalue[0] == '~') {
2932 invert = true;
2933 rvalue++;
2934 }
2935
2936 /* Not a boolean argument, in this case it's a list of namespace types. */
2937 r = namespace_flags_from_string(rvalue, &flags);
2938 if (r < 0) {
2939 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse namespace type string, ignoring: %s", rvalue);
2940 return 0;
2941 }
2942
2943 if (c->restrict_namespaces == NAMESPACE_FLAGS_INITIAL)
2944 /* Initial assignment. Just set the value. */
2945 c->restrict_namespaces = invert ? (~flags) & NAMESPACE_FLAGS_ALL : flags;
2946 else
2947 /* Merge the value with the previous one. */
2948 SET_FLAG(c->restrict_namespaces, flags, !invert);
2949
2950 return 0;
2951 }
2952 #endif
2953
2954 int config_parse_unit_slice(
2955 const char *unit,
2956 const char *filename,
2957 unsigned line,
2958 const char *section,
2959 unsigned section_line,
2960 const char *lvalue,
2961 int ltype,
2962 const char *rvalue,
2963 void *data,
2964 void *userdata) {
2965
2966 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2967 _cleanup_free_ char *k = NULL;
2968 Unit *u = userdata, *slice = NULL;
2969 int r;
2970
2971 assert(filename);
2972 assert(lvalue);
2973 assert(rvalue);
2974 assert(u);
2975
2976 r = unit_name_printf(u, rvalue, &k);
2977 if (r < 0) {
2978 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
2979 return 0;
2980 }
2981
2982 r = manager_load_unit(u->manager, k, NULL, &error, &slice);
2983 if (r < 0) {
2984 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load slice unit %s, ignoring: %s", k, bus_error_message(&error, r));
2985 return 0;
2986 }
2987
2988 r = unit_set_slice(u, slice);
2989 if (r < 0) {
2990 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to assign slice %s to unit %s, ignoring: %m", slice->id, u->id);
2991 return 0;
2992 }
2993
2994 return 0;
2995 }
2996
2997 int config_parse_cpu_quota(
2998 const char *unit,
2999 const char *filename,
3000 unsigned line,
3001 const char *section,
3002 unsigned section_line,
3003 const char *lvalue,
3004 int ltype,
3005 const char *rvalue,
3006 void *data,
3007 void *userdata) {
3008
3009 CGroupContext *c = data;
3010 int r;
3011
3012 assert(filename);
3013 assert(lvalue);
3014 assert(rvalue);
3015
3016 if (isempty(rvalue)) {
3017 c->cpu_quota_per_sec_usec = USEC_INFINITY;
3018 return 0;
3019 }
3020
3021 r = parse_permille_unbounded(rvalue);
3022 if (r <= 0) {
3023 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid CPU quota '%s', ignoring.", rvalue);
3024 return 0;
3025 }
3026
3027 c->cpu_quota_per_sec_usec = ((usec_t) r * USEC_PER_SEC) / 1000U;
3028 return 0;
3029 }
3030
3031 int config_parse_memory_limit(
3032 const char *unit,
3033 const char *filename,
3034 unsigned line,
3035 const char *section,
3036 unsigned section_line,
3037 const char *lvalue,
3038 int ltype,
3039 const char *rvalue,
3040 void *data,
3041 void *userdata) {
3042
3043 CGroupContext *c = data;
3044 uint64_t bytes = CGROUP_LIMIT_MAX;
3045 int r;
3046
3047 if (!isempty(rvalue) && !streq(rvalue, "infinity")) {
3048
3049 r = parse_permille(rvalue);
3050 if (r < 0) {
3051 r = parse_size(rvalue, 1024, &bytes);
3052 if (r < 0) {
3053 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid memory limit '%s', ignoring: %m", rvalue);
3054 return 0;
3055 }
3056 } else
3057 bytes = physical_memory_scale(r, 1000U);
3058
3059 if (bytes >= UINT64_MAX ||
3060 (bytes <= 0 && !streq(lvalue, "MemorySwapMax"))) {
3061 log_syntax(unit, LOG_ERR, filename, line, 0, "Memory limit '%s' out of range, ignoring.", rvalue);
3062 return 0;
3063 }
3064 }
3065
3066 if (streq(lvalue, "MemoryMin"))
3067 c->memory_min = bytes;
3068 else if (streq(lvalue, "MemoryLow"))
3069 c->memory_low = bytes;
3070 else if (streq(lvalue, "MemoryHigh"))
3071 c->memory_high = bytes;
3072 else if (streq(lvalue, "MemoryMax"))
3073 c->memory_max = bytes;
3074 else if (streq(lvalue, "MemorySwapMax"))
3075 c->memory_swap_max = bytes;
3076 else if (streq(lvalue, "MemoryLimit"))
3077 c->memory_limit = bytes;
3078 else
3079 return -EINVAL;
3080
3081 return 0;
3082 }
3083
3084 int config_parse_tasks_max(
3085 const char *unit,
3086 const char *filename,
3087 unsigned line,
3088 const char *section,
3089 unsigned section_line,
3090 const char *lvalue,
3091 int ltype,
3092 const char *rvalue,
3093 void *data,
3094 void *userdata) {
3095
3096 uint64_t *tasks_max = data, v;
3097 Unit *u = userdata;
3098 int r;
3099
3100 if (isempty(rvalue)) {
3101 *tasks_max = u ? u->manager->default_tasks_max : UINT64_MAX;
3102 return 0;
3103 }
3104
3105 if (streq(rvalue, "infinity")) {
3106 *tasks_max = CGROUP_LIMIT_MAX;
3107 return 0;
3108 }
3109
3110 r = parse_permille(rvalue);
3111 if (r < 0) {
3112 r = safe_atou64(rvalue, &v);
3113 if (r < 0) {
3114 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid maximum tasks value '%s', ignoring: %m", rvalue);
3115 return 0;
3116 }
3117 } else
3118 v = system_tasks_max_scale(r, 1000U);
3119
3120 if (v <= 0 || v >= UINT64_MAX) {
3121 log_syntax(unit, LOG_ERR, filename, line, 0, "Maximum tasks value '%s' out of range, ignoring.", rvalue);
3122 return 0;
3123 }
3124
3125 *tasks_max = v;
3126 return 0;
3127 }
3128
3129 int config_parse_delegate(
3130 const char *unit,
3131 const char *filename,
3132 unsigned line,
3133 const char *section,
3134 unsigned section_line,
3135 const char *lvalue,
3136 int ltype,
3137 const char *rvalue,
3138 void *data,
3139 void *userdata) {
3140
3141 CGroupContext *c = data;
3142 UnitType t;
3143 int r;
3144
3145 t = unit_name_to_type(unit);
3146 assert(t != _UNIT_TYPE_INVALID);
3147
3148 if (!unit_vtable[t]->can_delegate) {
3149 log_syntax(unit, LOG_ERR, filename, line, 0, "Delegate= setting not supported for this unit type, ignoring.");
3150 return 0;
3151 }
3152
3153 /* We either accept a boolean value, which may be used to turn on delegation for all controllers, or turn it
3154 * off for all. Or it takes a list of controller names, in which case we add the specified controllers to the
3155 * mask to delegate. */
3156
3157 if (isempty(rvalue)) {
3158 /* An empty string resets controllers and set Delegate=yes. */
3159 c->delegate = true;
3160 c->delegate_controllers = 0;
3161 return 0;
3162 }
3163
3164 r = parse_boolean(rvalue);
3165 if (r < 0) {
3166 const char *p = rvalue;
3167 CGroupMask mask = 0;
3168
3169 for (;;) {
3170 _cleanup_free_ char *word = NULL;
3171 CGroupController cc;
3172
3173 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3174 if (r == 0)
3175 break;
3176 if (r == -ENOMEM)
3177 return log_oom();
3178 if (r < 0) {
3179 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
3180 return 0;
3181 }
3182
3183 cc = cgroup_controller_from_string(word);
3184 if (cc < 0) {
3185 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid controller name '%s', ignoring", word);
3186 continue;
3187 }
3188
3189 mask |= CGROUP_CONTROLLER_TO_MASK(cc);
3190 }
3191
3192 c->delegate = true;
3193 c->delegate_controllers |= mask;
3194
3195 } else if (r > 0) {
3196 c->delegate = true;
3197 c->delegate_controllers = _CGROUP_MASK_ALL;
3198 } else {
3199 c->delegate = false;
3200 c->delegate_controllers = 0;
3201 }
3202
3203 return 0;
3204 }
3205
3206 int config_parse_device_allow(
3207 const char *unit,
3208 const char *filename,
3209 unsigned line,
3210 const char *section,
3211 unsigned section_line,
3212 const char *lvalue,
3213 int ltype,
3214 const char *rvalue,
3215 void *data,
3216 void *userdata) {
3217
3218 _cleanup_free_ char *path = NULL, *resolved = NULL;
3219 CGroupContext *c = data;
3220 const char *p = rvalue;
3221 int r;
3222
3223 if (isempty(rvalue)) {
3224 while (c->device_allow)
3225 cgroup_context_free_device_allow(c, c->device_allow);
3226
3227 return 0;
3228 }
3229
3230 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3231 if (r == -ENOMEM)
3232 return log_oom();
3233 if (r < 0) {
3234 log_syntax(unit, LOG_WARNING, filename, line, r,
3235 "Invalid syntax, ignoring: %s", rvalue);
3236 return 0;
3237 }
3238 if (r == 0) {
3239 log_syntax(unit, LOG_WARNING, filename, line, 0,
3240 "Failed to extract device path and rights from '%s', ignoring.", rvalue);
3241 return 0;
3242 }
3243
3244 r = unit_full_printf(userdata, path, &resolved);
3245 if (r < 0) {
3246 log_syntax(unit, LOG_WARNING, filename, line, r,
3247 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3248 return 0;
3249 }
3250
3251 if (!STARTSWITH_SET(resolved, "block-", "char-")) {
3252
3253 r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
3254 if (r < 0)
3255 return 0;
3256
3257 if (!valid_device_node_path(resolved)) {
3258 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3259 return 0;
3260 }
3261 }
3262
3263 if (!isempty(p) && !in_charset(p, "rwm")) {
3264 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device rights '%s', ignoring.", p);
3265 return 0;
3266 }
3267
3268 return cgroup_add_device_allow(c, resolved, p);
3269 }
3270
3271 int config_parse_io_device_weight(
3272 const char *unit,
3273 const char *filename,
3274 unsigned line,
3275 const char *section,
3276 unsigned section_line,
3277 const char *lvalue,
3278 int ltype,
3279 const char *rvalue,
3280 void *data,
3281 void *userdata) {
3282
3283 _cleanup_free_ char *path = NULL, *resolved = NULL;
3284 CGroupIODeviceWeight *w;
3285 CGroupContext *c = data;
3286 const char *p = rvalue;
3287 uint64_t u;
3288 int r;
3289
3290 assert(filename);
3291 assert(lvalue);
3292 assert(rvalue);
3293
3294 if (isempty(rvalue)) {
3295 while (c->io_device_weights)
3296 cgroup_context_free_io_device_weight(c, c->io_device_weights);
3297
3298 return 0;
3299 }
3300
3301 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3302 if (r == -ENOMEM)
3303 return log_oom();
3304 if (r < 0) {
3305 log_syntax(unit, LOG_WARNING, filename, line, r,
3306 "Invalid syntax, ignoring: %s", rvalue);
3307 return 0;
3308 }
3309 if (r == 0 || isempty(p)) {
3310 log_syntax(unit, LOG_WARNING, filename, line, 0,
3311 "Failed to extract device path and weight from '%s', ignoring.", rvalue);
3312 return 0;
3313 }
3314
3315 r = unit_full_printf(userdata, path, &resolved);
3316 if (r < 0) {
3317 log_syntax(unit, LOG_WARNING, filename, line, r,
3318 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3319 return 0;
3320 }
3321
3322 r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
3323 if (r < 0)
3324 return 0;
3325
3326 r = cg_weight_parse(p, &u);
3327 if (r < 0) {
3328 log_syntax(unit, LOG_ERR, filename, line, r, "IO weight '%s' invalid, ignoring: %m", p);
3329 return 0;
3330 }
3331
3332 assert(u != CGROUP_WEIGHT_INVALID);
3333
3334 w = new0(CGroupIODeviceWeight, 1);
3335 if (!w)
3336 return log_oom();
3337
3338 w->path = TAKE_PTR(resolved);
3339 w->weight = u;
3340
3341 LIST_PREPEND(device_weights, c->io_device_weights, w);
3342 return 0;
3343 }
3344
3345 int config_parse_io_device_latency(
3346 const char *unit,
3347 const char *filename,
3348 unsigned line,
3349 const char *section,
3350 unsigned section_line,
3351 const char *lvalue,
3352 int ltype,
3353 const char *rvalue,
3354 void *data,
3355 void *userdata) {
3356
3357 _cleanup_free_ char *path = NULL, *resolved = NULL;
3358 CGroupIODeviceLatency *l;
3359 CGroupContext *c = data;
3360 const char *p = rvalue;
3361 usec_t usec;
3362 int r;
3363
3364 assert(filename);
3365 assert(lvalue);
3366 assert(rvalue);
3367
3368 if (isempty(rvalue)) {
3369 while (c->io_device_latencies)
3370 cgroup_context_free_io_device_latency(c, c->io_device_latencies);
3371
3372 return 0;
3373 }
3374
3375 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3376 if (r == -ENOMEM)
3377 return log_oom();
3378 if (r < 0) {
3379 log_syntax(unit, LOG_WARNING, filename, line, r,
3380 "Invalid syntax, ignoring: %s", rvalue);
3381 return 0;
3382 }
3383 if (r == 0 || isempty(p)) {
3384 log_syntax(unit, LOG_WARNING, filename, line, 0,
3385 "Failed to extract device path and latency from '%s', ignoring.", rvalue);
3386 return 0;
3387 }
3388
3389 r = unit_full_printf(userdata, path, &resolved);
3390 if (r < 0) {
3391 log_syntax(unit, LOG_WARNING, filename, line, r,
3392 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3393 return 0;
3394 }
3395
3396 r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
3397 if (r < 0)
3398 return 0;
3399
3400 if (parse_sec(p, &usec) < 0) {
3401 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse timer value, ignoring: %s", p);
3402 return 0;
3403 }
3404
3405 l = new0(CGroupIODeviceLatency, 1);
3406 if (!l)
3407 return log_oom();
3408
3409 l->path = TAKE_PTR(resolved);
3410 l->target_usec = usec;
3411
3412 LIST_PREPEND(device_latencies, c->io_device_latencies, l);
3413 return 0;
3414 }
3415
3416 int config_parse_io_limit(
3417 const char *unit,
3418 const char *filename,
3419 unsigned line,
3420 const char *section,
3421 unsigned section_line,
3422 const char *lvalue,
3423 int ltype,
3424 const char *rvalue,
3425 void *data,
3426 void *userdata) {
3427
3428 _cleanup_free_ char *path = NULL, *resolved = NULL;
3429 CGroupIODeviceLimit *l = NULL, *t;
3430 CGroupContext *c = data;
3431 CGroupIOLimitType type;
3432 const char *p = rvalue;
3433 uint64_t num;
3434 int r;
3435
3436 assert(filename);
3437 assert(lvalue);
3438 assert(rvalue);
3439
3440 type = cgroup_io_limit_type_from_string(lvalue);
3441 assert(type >= 0);
3442
3443 if (isempty(rvalue)) {
3444 LIST_FOREACH(device_limits, l, c->io_device_limits)
3445 l->limits[type] = cgroup_io_limit_defaults[type];
3446 return 0;
3447 }
3448
3449 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3450 if (r == -ENOMEM)
3451 return log_oom();
3452 if (r < 0) {
3453 log_syntax(unit, LOG_WARNING, filename, line, r,
3454 "Invalid syntax, ignoring: %s", rvalue);
3455 return 0;
3456 }
3457 if (r == 0 || isempty(p)) {
3458 log_syntax(unit, LOG_WARNING, filename, line, 0,
3459 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
3460 return 0;
3461 }
3462
3463 r = unit_full_printf(userdata, path, &resolved);
3464 if (r < 0) {
3465 log_syntax(unit, LOG_WARNING, filename, line, r,
3466 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3467 return 0;
3468 }
3469
3470 r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
3471 if (r < 0)
3472 return 0;
3473
3474 if (streq("infinity", p))
3475 num = CGROUP_LIMIT_MAX;
3476 else {
3477 r = parse_size(p, 1000, &num);
3478 if (r < 0 || num <= 0) {
3479 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid IO limit '%s', ignoring.", p);
3480 return 0;
3481 }
3482 }
3483
3484 LIST_FOREACH(device_limits, t, c->io_device_limits) {
3485 if (path_equal(resolved, t->path)) {
3486 l = t;
3487 break;
3488 }
3489 }
3490
3491 if (!l) {
3492 CGroupIOLimitType ttype;
3493
3494 l = new0(CGroupIODeviceLimit, 1);
3495 if (!l)
3496 return log_oom();
3497
3498 l->path = TAKE_PTR(resolved);
3499 for (ttype = 0; ttype < _CGROUP_IO_LIMIT_TYPE_MAX; ttype++)
3500 l->limits[ttype] = cgroup_io_limit_defaults[ttype];
3501
3502 LIST_PREPEND(device_limits, c->io_device_limits, l);
3503 }
3504
3505 l->limits[type] = num;
3506
3507 return 0;
3508 }
3509
3510 int config_parse_blockio_device_weight(
3511 const char *unit,
3512 const char *filename,
3513 unsigned line,
3514 const char *section,
3515 unsigned section_line,
3516 const char *lvalue,
3517 int ltype,
3518 const char *rvalue,
3519 void *data,
3520 void *userdata) {
3521
3522 _cleanup_free_ char *path = NULL, *resolved = NULL;
3523 CGroupBlockIODeviceWeight *w;
3524 CGroupContext *c = data;
3525 const char *p = rvalue;
3526 uint64_t u;
3527 int r;
3528
3529 assert(filename);
3530 assert(lvalue);
3531 assert(rvalue);
3532
3533 if (isempty(rvalue)) {
3534 while (c->blockio_device_weights)
3535 cgroup_context_free_blockio_device_weight(c, c->blockio_device_weights);
3536
3537 return 0;
3538 }
3539
3540 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3541 if (r == -ENOMEM)
3542 return log_oom();
3543 if (r < 0) {
3544 log_syntax(unit, LOG_WARNING, filename, line, r,
3545 "Invalid syntax, ignoring: %s", rvalue);
3546 return 0;
3547 }
3548 if (r == 0 || isempty(p)) {
3549 log_syntax(unit, LOG_WARNING, filename, line, 0,
3550 "Failed to extract device node and weight from '%s', ignoring.", rvalue);
3551 return 0;
3552 }
3553
3554 r = unit_full_printf(userdata, path, &resolved);
3555 if (r < 0) {
3556 log_syntax(unit, LOG_WARNING, filename, line, r,
3557 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3558 return 0;
3559 }
3560
3561 r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
3562 if (r < 0)
3563 return 0;
3564
3565 r = cg_blkio_weight_parse(p, &u);
3566 if (r < 0) {
3567 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid block IO weight '%s', ignoring: %m", p);
3568 return 0;
3569 }
3570
3571 assert(u != CGROUP_BLKIO_WEIGHT_INVALID);
3572
3573 w = new0(CGroupBlockIODeviceWeight, 1);
3574 if (!w)
3575 return log_oom();
3576
3577 w->path = TAKE_PTR(resolved);
3578 w->weight = u;
3579
3580 LIST_PREPEND(device_weights, c->blockio_device_weights, w);
3581 return 0;
3582 }
3583
3584 int config_parse_blockio_bandwidth(
3585 const char *unit,
3586 const char *filename,
3587 unsigned line,
3588 const char *section,
3589 unsigned section_line,
3590 const char *lvalue,
3591 int ltype,
3592 const char *rvalue,
3593 void *data,
3594 void *userdata) {
3595
3596 _cleanup_free_ char *path = NULL, *resolved = NULL;
3597 CGroupBlockIODeviceBandwidth *b = NULL, *t;
3598 CGroupContext *c = data;
3599 const char *p = rvalue;
3600 uint64_t bytes;
3601 bool read;
3602 int r;
3603
3604 assert(filename);
3605 assert(lvalue);
3606 assert(rvalue);
3607
3608 read = streq("BlockIOReadBandwidth", lvalue);
3609
3610 if (isempty(rvalue)) {
3611 LIST_FOREACH(device_bandwidths, b, c->blockio_device_bandwidths) {
3612 b->rbps = CGROUP_LIMIT_MAX;
3613 b->wbps = CGROUP_LIMIT_MAX;
3614 }
3615 return 0;
3616 }
3617
3618 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3619 if (r == -ENOMEM)
3620 return log_oom();
3621 if (r < 0) {
3622 log_syntax(unit, LOG_WARNING, filename, line, r,
3623 "Invalid syntax, ignoring: %s", rvalue);
3624 return 0;
3625 }
3626 if (r == 0 || isempty(p)) {
3627 log_syntax(unit, LOG_WARNING, filename, line, 0,
3628 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
3629 return 0;
3630 }
3631
3632 r = unit_full_printf(userdata, path, &resolved);
3633 if (r < 0) {
3634 log_syntax(unit, LOG_WARNING, filename, line, r,
3635 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3636 return 0;
3637 }
3638
3639 r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
3640 if (r < 0)
3641 return 0;
3642
3643 r = parse_size(p, 1000, &bytes);
3644 if (r < 0 || bytes <= 0) {
3645 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid Block IO Bandwidth '%s', ignoring.", p);
3646 return 0;
3647 }
3648
3649 LIST_FOREACH(device_bandwidths, t, c->blockio_device_bandwidths) {
3650 if (path_equal(resolved, t->path)) {
3651 b = t;
3652 break;
3653 }
3654 }
3655
3656 if (!t) {
3657 b = new0(CGroupBlockIODeviceBandwidth, 1);
3658 if (!b)
3659 return log_oom();
3660
3661 b->path = TAKE_PTR(resolved);
3662 b->rbps = CGROUP_LIMIT_MAX;
3663 b->wbps = CGROUP_LIMIT_MAX;
3664
3665 LIST_PREPEND(device_bandwidths, c->blockio_device_bandwidths, b);
3666 }
3667
3668 if (read)
3669 b->rbps = bytes;
3670 else
3671 b->wbps = bytes;
3672
3673 return 0;
3674 }
3675
3676 int config_parse_job_mode_isolate(
3677 const char *unit,
3678 const char *filename,
3679 unsigned line,
3680 const char *section,
3681 unsigned section_line,
3682 const char *lvalue,
3683 int ltype,
3684 const char *rvalue,
3685 void *data,
3686 void *userdata) {
3687
3688 JobMode *m = data;
3689 int r;
3690
3691 assert(filename);
3692 assert(lvalue);
3693 assert(rvalue);
3694
3695 r = parse_boolean(rvalue);
3696 if (r < 0) {
3697 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse boolean, ignoring: %s", rvalue);
3698 return 0;
3699 }
3700
3701 log_notice("%s is deprecated. Please use OnFailureJobMode= instead", lvalue);
3702
3703 *m = r ? JOB_ISOLATE : JOB_REPLACE;
3704 return 0;
3705 }
3706
3707 int config_parse_exec_directories(
3708 const char *unit,
3709 const char *filename,
3710 unsigned line,
3711 const char *section,
3712 unsigned section_line,
3713 const char *lvalue,
3714 int ltype,
3715 const char *rvalue,
3716 void *data,
3717 void *userdata) {
3718
3719 char***rt = data;
3720 Unit *u = userdata;
3721 const char *p;
3722 int r;
3723
3724 assert(filename);
3725 assert(lvalue);
3726 assert(rvalue);
3727 assert(data);
3728
3729 if (isempty(rvalue)) {
3730 /* Empty assignment resets the list */
3731 *rt = strv_free(*rt);
3732 return 0;
3733 }
3734
3735 for (p = rvalue;;) {
3736 _cleanup_free_ char *word = NULL, *k = NULL;
3737
3738 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3739 if (r == -ENOMEM)
3740 return log_oom();
3741 if (r < 0) {
3742 log_syntax(unit, LOG_WARNING, filename, line, r,
3743 "Invalid syntax, ignoring: %s", rvalue);
3744 return 0;
3745 }
3746 if (r == 0)
3747 return 0;
3748
3749 r = unit_full_printf(u, word, &k);
3750 if (r < 0) {
3751 log_syntax(unit, LOG_ERR, filename, line, r,
3752 "Failed to resolve unit specifiers in \"%s\", ignoring: %m", word);
3753 continue;
3754 }
3755
3756 r = path_simplify_and_warn(k, PATH_CHECK_RELATIVE, unit, filename, line, lvalue);
3757 if (r < 0)
3758 continue;
3759
3760 if (path_startswith(k, "private")) {
3761 log_syntax(unit, LOG_ERR, filename, line, 0,
3762 "%s= path can't be 'private', ignoring assignment: %s", lvalue, word);
3763 continue;
3764 }
3765
3766 r = strv_push(rt, k);
3767 if (r < 0)
3768 return log_oom();
3769 k = NULL;
3770 }
3771 }
3772
3773 int config_parse_set_status(
3774 const char *unit,
3775 const char *filename,
3776 unsigned line,
3777 const char *section,
3778 unsigned section_line,
3779 const char *lvalue,
3780 int ltype,
3781 const char *rvalue,
3782 void *data,
3783 void *userdata) {
3784
3785 size_t l;
3786 const char *word, *state;
3787 int r;
3788 ExitStatusSet *status_set = data;
3789
3790 assert(filename);
3791 assert(lvalue);
3792 assert(rvalue);
3793 assert(data);
3794
3795 /* Empty assignment resets the list */
3796 if (isempty(rvalue)) {
3797 exit_status_set_free(status_set);
3798 return 0;
3799 }
3800
3801 FOREACH_WORD(word, l, rvalue, state) {
3802 _cleanup_free_ char *temp;
3803 int val;
3804 Set **set;
3805
3806 temp = strndup(word, l);
3807 if (!temp)
3808 return log_oom();
3809
3810 r = safe_atoi(temp, &val);
3811 if (r < 0) {
3812 val = signal_from_string(temp);
3813
3814 if (val <= 0) {
3815 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse value, ignoring: %s", word);
3816 continue;
3817 }
3818 set = &status_set->signal;
3819 } else {
3820 if (val < 0 || val > 255) {
3821 log_syntax(unit, LOG_ERR, filename, line, 0, "Value %d is outside range 0-255, ignoring", val);
3822 continue;
3823 }
3824 set = &status_set->status;
3825 }
3826
3827 r = set_ensure_allocated(set, NULL);
3828 if (r < 0)
3829 return log_oom();
3830
3831 r = set_put(*set, INT_TO_PTR(val));
3832 if (r < 0)
3833 return log_oom();
3834 }
3835 if (!isempty(state))
3836 log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
3837
3838 return 0;
3839 }
3840
3841 int config_parse_namespace_path_strv(
3842 const char *unit,
3843 const char *filename,
3844 unsigned line,
3845 const char *section,
3846 unsigned section_line,
3847 const char *lvalue,
3848 int ltype,
3849 const char *rvalue,
3850 void *data,
3851 void *userdata) {
3852
3853 Unit *u = userdata;
3854 char*** sv = data;
3855 const char *p = rvalue;
3856 int r;
3857
3858 assert(filename);
3859 assert(lvalue);
3860 assert(rvalue);
3861 assert(data);
3862
3863 if (isempty(rvalue)) {
3864 /* Empty assignment resets the list */
3865 *sv = strv_free(*sv);
3866 return 0;
3867 }
3868
3869 for (;;) {
3870 _cleanup_free_ char *word = NULL, *resolved = NULL, *joined = NULL;
3871 const char *w;
3872 bool ignore_enoent = false, shall_prefix = false;
3873
3874 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3875 if (r == 0)
3876 break;
3877 if (r == -ENOMEM)
3878 return log_oom();
3879 if (r < 0) {
3880 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue);
3881 return 0;
3882 }
3883
3884 w = word;
3885 if (startswith(w, "-")) {
3886 ignore_enoent = true;
3887 w++;
3888 }
3889 if (startswith(w, "+")) {
3890 shall_prefix = true;
3891 w++;
3892 }
3893
3894 r = unit_full_printf(u, w, &resolved);
3895 if (r < 0) {
3896 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", w);
3897 continue;
3898 }
3899
3900 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
3901 if (r < 0)
3902 continue;
3903
3904 joined = strjoin(ignore_enoent ? "-" : "",
3905 shall_prefix ? "+" : "",
3906 resolved);
3907
3908 r = strv_push(sv, joined);
3909 if (r < 0)
3910 return log_oom();
3911
3912 joined = NULL;
3913 }
3914
3915 return 0;
3916 }
3917
3918 int config_parse_temporary_filesystems(
3919 const char *unit,
3920 const char *filename,
3921 unsigned line,
3922 const char *section,
3923 unsigned section_line,
3924 const char *lvalue,
3925 int ltype,
3926 const char *rvalue,
3927 void *data,
3928 void *userdata) {
3929
3930 Unit *u = userdata;
3931 ExecContext *c = data;
3932 const char *p = rvalue;
3933 int r;
3934
3935 assert(filename);
3936 assert(lvalue);
3937 assert(rvalue);
3938 assert(data);
3939
3940 if (isempty(rvalue)) {
3941 /* Empty assignment resets the list */
3942 temporary_filesystem_free_many(c->temporary_filesystems, c->n_temporary_filesystems);
3943 c->temporary_filesystems = NULL;
3944 c->n_temporary_filesystems = 0;
3945 return 0;
3946 }
3947
3948 for (;;) {
3949 _cleanup_free_ char *word = NULL, *path = NULL, *resolved = NULL;
3950 const char *w;
3951
3952 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3953 if (r == 0)
3954 return 0;
3955 if (r == -ENOMEM)
3956 return log_oom();
3957 if (r < 0) {
3958 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue);
3959 return 0;
3960 }
3961
3962 w = word;
3963 r = extract_first_word(&w, &path, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
3964 if (r == -ENOMEM)
3965 return log_oom();
3966 if (r < 0) {
3967 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", word);
3968 continue;
3969 }
3970 if (r == 0) {
3971 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid syntax, ignoring: %s", word);
3972 continue;
3973 }
3974
3975 r = unit_full_printf(u, path, &resolved);
3976 if (r < 0) {
3977 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", path);
3978 continue;
3979 }
3980
3981 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
3982 if (r < 0)
3983 continue;
3984
3985 r = temporary_filesystem_add(&c->temporary_filesystems, &c->n_temporary_filesystems, resolved, w);
3986 if (r < 0)
3987 return log_oom();
3988 }
3989 }
3990
3991 int config_parse_bind_paths(
3992 const char *unit,
3993 const char *filename,
3994 unsigned line,
3995 const char *section,
3996 unsigned section_line,
3997 const char *lvalue,
3998 int ltype,
3999 const char *rvalue,
4000 void *data,
4001 void *userdata) {
4002
4003 ExecContext *c = data;
4004 Unit *u = userdata;
4005 const char *p;
4006 int r;
4007
4008 assert(filename);
4009 assert(lvalue);
4010 assert(rvalue);
4011 assert(data);
4012
4013 if (isempty(rvalue)) {
4014 /* Empty assignment resets the list */
4015 bind_mount_free_many(c->bind_mounts, c->n_bind_mounts);
4016 c->bind_mounts = NULL;
4017 c->n_bind_mounts = 0;
4018 return 0;
4019 }
4020
4021 p = rvalue;
4022 for (;;) {
4023 _cleanup_free_ char *source = NULL, *destination = NULL;
4024 _cleanup_free_ char *sresolved = NULL, *dresolved = NULL;
4025 char *s = NULL, *d = NULL;
4026 bool rbind = true, ignore_enoent = false;
4027
4028 r = extract_first_word(&p, &source, ":" WHITESPACE, EXTRACT_QUOTES|EXTRACT_DONT_COALESCE_SEPARATORS);
4029 if (r == 0)
4030 break;
4031 if (r == -ENOMEM)
4032 return log_oom();
4033 if (r < 0) {
4034 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s, ignoring: %s", lvalue, rvalue);
4035 return 0;
4036 }
4037
4038 r = unit_full_printf(u, source, &sresolved);
4039 if (r < 0) {
4040 log_syntax(unit, LOG_ERR, filename, line, r,
4041 "Failed to resolved unit specifiers in \"%s\", ignoring: %m", source);
4042 continue;
4043 }
4044
4045 s = sresolved;
4046 if (s[0] == '-') {
4047 ignore_enoent = true;
4048 s++;
4049 }
4050
4051 r = path_simplify_and_warn(s, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
4052 if (r < 0)
4053 continue;
4054
4055 /* Optionally, the destination is specified. */
4056 if (p && p[-1] == ':') {
4057 r = extract_first_word(&p, &destination, ":" WHITESPACE, EXTRACT_QUOTES|EXTRACT_DONT_COALESCE_SEPARATORS);
4058 if (r == -ENOMEM)
4059 return log_oom();
4060 if (r < 0) {
4061 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s, ignoring: %s", lvalue, rvalue);
4062 return 0;
4063 }
4064 if (r == 0) {
4065 log_syntax(unit, LOG_ERR, filename, line, 0, "Missing argument after ':', ignoring: %s", s);
4066 continue;
4067 }
4068
4069 r = unit_full_printf(u, destination, &dresolved);
4070 if (r < 0) {
4071 log_syntax(unit, LOG_ERR, filename, line, r,
4072 "Failed to resolved specifiers in \"%s\", ignoring: %m", destination);
4073 continue;
4074 }
4075
4076 r = path_simplify_and_warn(dresolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
4077 if (r < 0)
4078 continue;
4079
4080 d = dresolved;
4081
4082 /* Optionally, there's also a short option string specified */
4083 if (p && p[-1] == ':') {
4084 _cleanup_free_ char *options = NULL;
4085
4086 r = extract_first_word(&p, &options, NULL, EXTRACT_QUOTES);
4087 if (r == -ENOMEM)
4088 return log_oom();
4089 if (r < 0) {
4090 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4091 return 0;
4092 }
4093
4094 if (isempty(options) || streq(options, "rbind"))
4095 rbind = true;
4096 else if (streq(options, "norbind"))
4097 rbind = false;
4098 else {
4099 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid option string, ignoring setting: %s", options);
4100 continue;
4101 }
4102 }
4103 } else
4104 d = s;
4105
4106 r = bind_mount_add(&c->bind_mounts, &c->n_bind_mounts,
4107 &(BindMount) {
4108 .source = s,
4109 .destination = d,
4110 .read_only = !!strstr(lvalue, "ReadOnly"),
4111 .recursive = rbind,
4112 .ignore_enoent = ignore_enoent,
4113 });
4114 if (r < 0)
4115 return log_oom();
4116 }
4117
4118 return 0;
4119 }
4120
4121 int config_parse_job_timeout_sec(
4122 const char* unit,
4123 const char *filename,
4124 unsigned line,
4125 const char *section,
4126 unsigned section_line,
4127 const char *lvalue,
4128 int ltype,
4129 const char *rvalue,
4130 void *data,
4131 void *userdata) {
4132
4133 Unit *u = data;
4134 usec_t usec;
4135 int r;
4136
4137 assert(filename);
4138 assert(lvalue);
4139 assert(rvalue);
4140 assert(u);
4141
4142 r = parse_sec_fix_0(rvalue, &usec);
4143 if (r < 0) {
4144 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobTimeoutSec= parameter, ignoring: %s", rvalue);
4145 return 0;
4146 }
4147
4148 /* If the user explicitly changed JobTimeoutSec= also change JobRunningTimeoutSec=, for compatibility with old
4149 * versions. If JobRunningTimeoutSec= was explicitly set, avoid this however as whatever the user picked should
4150 * count. */
4151
4152 if (!u->job_running_timeout_set)
4153 u->job_running_timeout = usec;
4154
4155 u->job_timeout = usec;
4156
4157 return 0;
4158 }
4159
4160 int config_parse_job_running_timeout_sec(
4161 const char* unit,
4162 const char *filename,
4163 unsigned line,
4164 const char *section,
4165 unsigned section_line,
4166 const char *lvalue,
4167 int ltype,
4168 const char *rvalue,
4169 void *data,
4170 void *userdata) {
4171
4172 Unit *u = data;
4173 usec_t usec;
4174 int r;
4175
4176 assert(filename);
4177 assert(lvalue);
4178 assert(rvalue);
4179 assert(u);
4180
4181 r = parse_sec_fix_0(rvalue, &usec);
4182 if (r < 0) {
4183 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobRunningTimeoutSec= parameter, ignoring: %s", rvalue);
4184 return 0;
4185 }
4186
4187 u->job_running_timeout = usec;
4188 u->job_running_timeout_set = true;
4189
4190 return 0;
4191 }
4192
4193 int config_parse_emergency_action(
4194 const char* unit,
4195 const char *filename,
4196 unsigned line,
4197 const char *section,
4198 unsigned section_line,
4199 const char *lvalue,
4200 int ltype,
4201 const char *rvalue,
4202 void *data,
4203 void *userdata) {
4204
4205 Manager *m = NULL;
4206 EmergencyAction *x = data;
4207 int r;
4208
4209 assert(filename);
4210 assert(lvalue);
4211 assert(rvalue);
4212 assert(data);
4213
4214 if (unit)
4215 m = ((Unit*) userdata)->manager;
4216 else
4217 m = data;
4218
4219 r = parse_emergency_action(rvalue, MANAGER_IS_SYSTEM(m), x);
4220 if (r < 0) {
4221 if (r == -EOPNOTSUPP && MANAGER_IS_USER(m)) {
4222 /* Compat mode: remove for systemd 241. */
4223
4224 log_syntax(unit, LOG_INFO, filename, line, r,
4225 "%s= in user mode specified as \"%s\", using \"exit-force\" instead.",
4226 lvalue, rvalue);
4227 *x = EMERGENCY_ACTION_EXIT_FORCE;
4228 return 0;
4229 }
4230
4231 if (r == -EOPNOTSUPP)
4232 log_syntax(unit, LOG_ERR, filename, line, r,
4233 "%s= specified as %s mode action, ignoring: %s",
4234 lvalue, MANAGER_IS_SYSTEM(m) ? "user" : "system", rvalue);
4235 else
4236 log_syntax(unit, LOG_ERR, filename, line, r,
4237 "Failed to parse %s=, ignoring: %s", lvalue, rvalue);
4238 return 0;
4239 }
4240
4241 return 0;
4242 }
4243
4244 int config_parse_pid_file(
4245 const char *unit,
4246 const char *filename,
4247 unsigned line,
4248 const char *section,
4249 unsigned section_line,
4250 const char *lvalue,
4251 int ltype,
4252 const char *rvalue,
4253 void *data,
4254 void *userdata) {
4255
4256 _cleanup_free_ char *k = NULL, *n = NULL;
4257 Unit *u = userdata;
4258 char **s = data;
4259 const char *e;
4260 int r;
4261
4262 assert(filename);
4263 assert(lvalue);
4264 assert(rvalue);
4265 assert(u);
4266
4267 if (isempty(rvalue)) {
4268 /* An empty assignment removes already set value. */
4269 *s = mfree(*s);
4270 return 0;
4271 }
4272
4273 r = unit_full_printf(u, rvalue, &k);
4274 if (r < 0) {
4275 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
4276 return 0;
4277 }
4278
4279 /* If this is a relative path make it absolute by prefixing the /run */
4280 n = path_make_absolute(k, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
4281 if (!n)
4282 return log_oom();
4283
4284 /* Check that the result is a sensible path */
4285 r = path_simplify_and_warn(n, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
4286 if (r < 0)
4287 return r;
4288
4289 e = path_startswith(n, "/var/run/");
4290 if (e) {
4291 char *z;
4292
4293 z = strjoin("/run/", e);
4294 if (!z)
4295 return log_oom();
4296
4297 log_syntax(unit, LOG_NOTICE, filename, line, 0, "PIDFile= references path below legacy directory /var/run/, updating %s → %s; please update the unit file accordingly.", n, z);
4298
4299 free_and_replace(*s, z);
4300 } else
4301 free_and_replace(*s, n);
4302
4303 return 0;
4304 }
4305
4306 int config_parse_exit_status(
4307 const char *unit,
4308 const char *filename,
4309 unsigned line,
4310 const char *section,
4311 unsigned section_line,
4312 const char *lvalue,
4313 int ltype,
4314 const char *rvalue,
4315 void *data,
4316 void *userdata) {
4317
4318 int *exit_status = data, r;
4319 uint8_t u;
4320
4321 assert(filename);
4322 assert(lvalue);
4323 assert(rvalue);
4324 assert(exit_status);
4325
4326 if (isempty(rvalue)) {
4327 *exit_status = -1;
4328 return 0;
4329 }
4330
4331 r = safe_atou8(rvalue, &u);
4332 if (r < 0) {
4333 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse exit status '%s', ignoring: %m", rvalue);
4334 return 0;
4335 }
4336
4337 *exit_status = u;
4338 return 0;
4339 }
4340
4341 int config_parse_disable_controllers(
4342 const char *unit,
4343 const char *filename,
4344 unsigned line,
4345 const char *section,
4346 unsigned section_line,
4347 const char *lvalue,
4348 int ltype,
4349 const char *rvalue,
4350 void *data,
4351 void *userdata) {
4352
4353 int r;
4354 CGroupContext *c = data;
4355 CGroupMask disabled_mask;
4356
4357 /* 1. If empty, make all controllers eligible for use again.
4358 * 2. If non-empty, merge all listed controllers, space separated. */
4359
4360 if (isempty(rvalue)) {
4361 c->disable_controllers = 0;
4362 return 0;
4363 }
4364
4365 r = cg_mask_from_string(rvalue, &disabled_mask);
4366 if (r < 0 || disabled_mask <= 0) {
4367 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid cgroup string: %s, ignoring", rvalue);
4368 return 0;
4369 }
4370
4371 c->disable_controllers |= disabled_mask;
4372
4373 return 0;
4374 }
4375
4376 #define FOLLOW_MAX 8
4377
4378 static int open_follow(char **filename, FILE **_f, Set *names, char **_final) {
4379 char *id = NULL;
4380 unsigned c = 0;
4381 int fd, r;
4382 FILE *f;
4383
4384 assert(filename);
4385 assert(*filename);
4386 assert(_f);
4387 assert(names);
4388
4389 /* This will update the filename pointer if the loaded file is
4390 * reached by a symlink. The old string will be freed. */
4391
4392 for (;;) {
4393 char *target, *name;
4394
4395 if (c++ >= FOLLOW_MAX)
4396 return -ELOOP;
4397
4398 path_simplify(*filename, false);
4399
4400 /* Add the file name we are currently looking at to
4401 * the names of this unit, but only if it is a valid
4402 * unit name. */
4403 name = basename(*filename);
4404 if (unit_name_is_valid(name, UNIT_NAME_ANY)) {
4405
4406 id = set_get(names, name);
4407 if (!id) {
4408 id = strdup(name);
4409 if (!id)
4410 return -ENOMEM;
4411
4412 r = set_consume(names, id);
4413 if (r < 0)
4414 return r;
4415 }
4416 }
4417
4418 /* Try to open the file name, but don't if its a symlink */
4419 fd = open(*filename, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW);
4420 if (fd >= 0)
4421 break;
4422
4423 if (errno != ELOOP)
4424 return -errno;
4425
4426 /* Hmm, so this is a symlink. Let's read the name, and follow it manually */
4427 r = readlink_and_make_absolute(*filename, &target);
4428 if (r < 0)
4429 return r;
4430
4431 free_and_replace(*filename, target);
4432 }
4433
4434 f = fdopen(fd, "r");
4435 if (!f) {
4436 safe_close(fd);
4437 return -errno;
4438 }
4439
4440 *_f = f;
4441 *_final = id;
4442
4443 return 0;
4444 }
4445
4446 static int merge_by_names(Unit **u, Set *names, const char *id) {
4447 char *k;
4448 int r;
4449
4450 assert(u);
4451 assert(*u);
4452 assert(names);
4453
4454 /* Let's try to add in all symlink names we found */
4455 while ((k = set_steal_first(names))) {
4456
4457 /* First try to merge in the other name into our
4458 * unit */
4459 r = unit_merge_by_name(*u, k);
4460 if (r < 0) {
4461 Unit *other;
4462
4463 /* Hmm, we couldn't merge the other unit into
4464 * ours? Then let's try it the other way
4465 * round */
4466
4467 /* If the symlink name we are looking at is unit template, then
4468 we must search for instance of this template */
4469 if (unit_name_is_valid(k, UNIT_NAME_TEMPLATE) && (*u)->instance) {
4470 _cleanup_free_ char *instance = NULL;
4471
4472 r = unit_name_replace_instance(k, (*u)->instance, &instance);
4473 if (r < 0)
4474 return r;
4475
4476 other = manager_get_unit((*u)->manager, instance);
4477 } else
4478 other = manager_get_unit((*u)->manager, k);
4479
4480 free(k);
4481
4482 if (other) {
4483 r = unit_merge(other, *u);
4484 if (r >= 0) {
4485 *u = other;
4486 return merge_by_names(u, names, NULL);
4487 }
4488 }
4489
4490 return r;
4491 }
4492
4493 if (id == k)
4494 unit_choose_id(*u, id);
4495
4496 free(k);
4497 }
4498
4499 return 0;
4500 }
4501
4502 static int load_from_path(Unit *u, const char *path) {
4503 _cleanup_set_free_free_ Set *symlink_names = NULL;
4504 _cleanup_fclose_ FILE *f = NULL;
4505 _cleanup_free_ char *filename = NULL;
4506 char *id = NULL;
4507 Unit *merged;
4508 struct stat st;
4509 int r;
4510
4511 assert(u);
4512 assert(path);
4513
4514 symlink_names = set_new(&string_hash_ops);
4515 if (!symlink_names)
4516 return -ENOMEM;
4517
4518 if (path_is_absolute(path)) {
4519
4520 filename = strdup(path);
4521 if (!filename)
4522 return -ENOMEM;
4523
4524 r = open_follow(&filename, &f, symlink_names, &id);
4525 if (r < 0) {
4526 filename = mfree(filename);
4527 if (r != -ENOENT)
4528 return r;
4529 }
4530
4531 } else {
4532 char **p;
4533
4534 STRV_FOREACH(p, u->manager->lookup_paths.search_path) {
4535
4536 /* Instead of opening the path right away, we manually
4537 * follow all symlinks and add their name to our unit
4538 * name set while doing so */
4539 filename = path_make_absolute(path, *p);
4540 if (!filename)
4541 return -ENOMEM;
4542
4543 if (u->manager->unit_path_cache &&
4544 !set_get(u->manager->unit_path_cache, filename))
4545 r = -ENOENT;
4546 else
4547 r = open_follow(&filename, &f, symlink_names, &id);
4548 if (r >= 0)
4549 break;
4550
4551 /* ENOENT means that the file is missing or is a dangling symlink.
4552 * ENOTDIR means that one of paths we expect to be is a directory
4553 * is not a directory, we should just ignore that.
4554 * EACCES means that the directory or file permissions are wrong.
4555 */
4556 if (r == -EACCES)
4557 log_debug_errno(r, "Cannot access \"%s\": %m", filename);
4558 else if (!IN_SET(r, -ENOENT, -ENOTDIR))
4559 return r;
4560
4561 filename = mfree(filename);
4562 /* Empty the symlink names for the next run */
4563 set_clear_free(symlink_names);
4564 }
4565 }
4566
4567 if (!filename)
4568 /* Hmm, no suitable file found? */
4569 return 0;
4570
4571 if (!unit_type_may_alias(u->type) && set_size(symlink_names) > 1) {
4572 log_unit_warning(u, "Unit type of %s does not support alias names, refusing loading via symlink.", u->id);
4573 return -ELOOP;
4574 }
4575
4576 merged = u;
4577 r = merge_by_names(&merged, symlink_names, id);
4578 if (r < 0)
4579 return r;
4580
4581 if (merged != u) {
4582 u->load_state = UNIT_MERGED;
4583 return 0;
4584 }
4585
4586 if (fstat(fileno(f), &st) < 0)
4587 return -errno;
4588
4589 if (null_or_empty(&st)) {
4590 u->load_state = UNIT_MASKED;
4591 u->fragment_mtime = 0;
4592 } else {
4593 u->load_state = UNIT_LOADED;
4594 u->fragment_mtime = timespec_load(&st.st_mtim);
4595
4596 /* Now, parse the file contents */
4597 r = config_parse(u->id, filename, f,
4598 UNIT_VTABLE(u)->sections,
4599 config_item_perf_lookup, load_fragment_gperf_lookup,
4600 CONFIG_PARSE_ALLOW_INCLUDE, u);
4601 if (r < 0)
4602 return r;
4603 }
4604
4605 free_and_replace(u->fragment_path, filename);
4606
4607 if (u->source_path) {
4608 if (stat(u->source_path, &st) >= 0)
4609 u->source_mtime = timespec_load(&st.st_mtim);
4610 else
4611 u->source_mtime = 0;
4612 }
4613
4614 return 0;
4615 }
4616
4617 int unit_load_fragment(Unit *u) {
4618 int r;
4619 Iterator i;
4620 const char *t;
4621
4622 assert(u);
4623 assert(u->load_state == UNIT_STUB);
4624 assert(u->id);
4625
4626 if (u->transient) {
4627 u->load_state = UNIT_LOADED;
4628 return 0;
4629 }
4630
4631 /* First, try to find the unit under its id. We always look
4632 * for unit files in the default directories, to make it easy
4633 * to override things by placing things in /etc/systemd/system */
4634 r = load_from_path(u, u->id);
4635 if (r < 0)
4636 return r;
4637
4638 /* Try to find an alias we can load this with */
4639 if (u->load_state == UNIT_STUB) {
4640 SET_FOREACH(t, u->names, i) {
4641
4642 if (t == u->id)
4643 continue;
4644
4645 r = load_from_path(u, t);
4646 if (r < 0)
4647 return r;
4648
4649 if (u->load_state != UNIT_STUB)
4650 break;
4651 }
4652 }
4653
4654 /* And now, try looking for it under the suggested (originally linked) path */
4655 if (u->load_state == UNIT_STUB && u->fragment_path) {
4656
4657 r = load_from_path(u, u->fragment_path);
4658 if (r < 0)
4659 return r;
4660
4661 if (u->load_state == UNIT_STUB)
4662 /* Hmm, this didn't work? Then let's get rid
4663 * of the fragment path stored for us, so that
4664 * we don't point to an invalid location. */
4665 u->fragment_path = mfree(u->fragment_path);
4666 }
4667
4668 /* Look for a template */
4669 if (u->load_state == UNIT_STUB && u->instance) {
4670 _cleanup_free_ char *k = NULL;
4671
4672 r = unit_name_template(u->id, &k);
4673 if (r < 0)
4674 return r;
4675
4676 r = load_from_path(u, k);
4677 if (r < 0) {
4678 if (r == -ENOEXEC)
4679 log_unit_notice(u, "Unit configuration has fatal error, unit will not be started.");
4680 return r;
4681 }
4682
4683 if (u->load_state == UNIT_STUB) {
4684 SET_FOREACH(t, u->names, i) {
4685 _cleanup_free_ char *z = NULL;
4686
4687 if (t == u->id)
4688 continue;
4689
4690 r = unit_name_template(t, &z);
4691 if (r < 0)
4692 return r;
4693
4694 r = load_from_path(u, z);
4695 if (r < 0)
4696 return r;
4697
4698 if (u->load_state != UNIT_STUB)
4699 break;
4700 }
4701 }
4702 }
4703
4704 return 0;
4705 }
4706
4707 void unit_dump_config_items(FILE *f) {
4708 static const struct {
4709 const ConfigParserCallback callback;
4710 const char *rvalue;
4711 } table[] = {
4712 { config_parse_warn_compat, "NOTSUPPORTED" },
4713 { config_parse_int, "INTEGER" },
4714 { config_parse_unsigned, "UNSIGNED" },
4715 { config_parse_iec_size, "SIZE" },
4716 { config_parse_iec_uint64, "SIZE" },
4717 { config_parse_si_size, "SIZE" },
4718 { config_parse_bool, "BOOLEAN" },
4719 { config_parse_string, "STRING" },
4720 { config_parse_path, "PATH" },
4721 { config_parse_unit_path_printf, "PATH" },
4722 { config_parse_strv, "STRING [...]" },
4723 { config_parse_exec_nice, "NICE" },
4724 { config_parse_exec_oom_score_adjust, "OOMSCOREADJUST" },
4725 { config_parse_exec_io_class, "IOCLASS" },
4726 { config_parse_exec_io_priority, "IOPRIORITY" },
4727 { config_parse_exec_cpu_sched_policy, "CPUSCHEDPOLICY" },
4728 { config_parse_exec_cpu_sched_prio, "CPUSCHEDPRIO" },
4729 { config_parse_exec_cpu_affinity, "CPUAFFINITY" },
4730 { config_parse_mode, "MODE" },
4731 { config_parse_unit_env_file, "FILE" },
4732 { config_parse_exec_output, "OUTPUT" },
4733 { config_parse_exec_input, "INPUT" },
4734 { config_parse_log_facility, "FACILITY" },
4735 { config_parse_log_level, "LEVEL" },
4736 { config_parse_exec_secure_bits, "SECUREBITS" },
4737 { config_parse_capability_set, "BOUNDINGSET" },
4738 { config_parse_rlimit, "LIMIT" },
4739 { config_parse_unit_deps, "UNIT [...]" },
4740 { config_parse_exec, "PATH [ARGUMENT [...]]" },
4741 { config_parse_service_type, "SERVICETYPE" },
4742 { config_parse_service_restart, "SERVICERESTART" },
4743 { config_parse_kill_mode, "KILLMODE" },
4744 { config_parse_signal, "SIGNAL" },
4745 { config_parse_socket_listen, "SOCKET [...]" },
4746 { config_parse_socket_bind, "SOCKETBIND" },
4747 { config_parse_socket_bindtodevice, "NETWORKINTERFACE" },
4748 { config_parse_sec, "SECONDS" },
4749 { config_parse_nsec, "NANOSECONDS" },
4750 { config_parse_namespace_path_strv, "PATH [...]" },
4751 { config_parse_bind_paths, "PATH[:PATH[:OPTIONS]] [...]" },
4752 { config_parse_unit_requires_mounts_for, "PATH [...]" },
4753 { config_parse_exec_mount_flags, "MOUNTFLAG [...]" },
4754 { config_parse_unit_string_printf, "STRING" },
4755 { config_parse_trigger_unit, "UNIT" },
4756 { config_parse_timer, "TIMER" },
4757 { config_parse_path_spec, "PATH" },
4758 { config_parse_notify_access, "ACCESS" },
4759 { config_parse_ip_tos, "TOS" },
4760 { config_parse_unit_condition_path, "CONDITION" },
4761 { config_parse_unit_condition_string, "CONDITION" },
4762 { config_parse_unit_condition_null, "CONDITION" },
4763 { config_parse_unit_slice, "SLICE" },
4764 { config_parse_documentation, "URL" },
4765 { config_parse_service_timeout, "SECONDS" },
4766 { config_parse_emergency_action, "ACTION" },
4767 { config_parse_set_status, "STATUS" },
4768 { config_parse_service_sockets, "SOCKETS" },
4769 { config_parse_environ, "ENVIRON" },
4770 #if HAVE_SECCOMP
4771 { config_parse_syscall_filter, "SYSCALLS" },
4772 { config_parse_syscall_archs, "ARCHS" },
4773 { config_parse_syscall_errno, "ERRNO" },
4774 { config_parse_address_families, "FAMILIES" },
4775 { config_parse_restrict_namespaces, "NAMESPACES" },
4776 #endif
4777 { config_parse_cpu_shares, "SHARES" },
4778 { config_parse_cg_weight, "WEIGHT" },
4779 { config_parse_memory_limit, "LIMIT" },
4780 { config_parse_device_allow, "DEVICE" },
4781 { config_parse_device_policy, "POLICY" },
4782 { config_parse_io_limit, "LIMIT" },
4783 { config_parse_io_device_weight, "DEVICEWEIGHT" },
4784 { config_parse_io_device_latency, "DEVICELATENCY" },
4785 { config_parse_blockio_bandwidth, "BANDWIDTH" },
4786 { config_parse_blockio_weight, "WEIGHT" },
4787 { config_parse_blockio_device_weight, "DEVICEWEIGHT" },
4788 { config_parse_long, "LONG" },
4789 { config_parse_socket_service, "SERVICE" },
4790 #if HAVE_SELINUX
4791 { config_parse_exec_selinux_context, "LABEL" },
4792 #endif
4793 { config_parse_job_mode, "MODE" },
4794 { config_parse_job_mode_isolate, "BOOLEAN" },
4795 { config_parse_personality, "PERSONALITY" },
4796 };
4797
4798 const char *prev = NULL;
4799 const char *i;
4800
4801 assert(f);
4802
4803 NULSTR_FOREACH(i, load_fragment_gperf_nulstr) {
4804 const char *rvalue = "OTHER", *lvalue;
4805 const ConfigPerfItem *p;
4806 size_t prefix_len;
4807 const char *dot;
4808 unsigned j;
4809
4810 assert_se(p = load_fragment_gperf_lookup(i, strlen(i)));
4811
4812 /* Hide legacy settings */
4813 if (p->parse == config_parse_warn_compat &&
4814 p->ltype == DISABLED_LEGACY)
4815 continue;
4816
4817 for (j = 0; j < ELEMENTSOF(table); j++)
4818 if (p->parse == table[j].callback) {
4819 rvalue = table[j].rvalue;
4820 break;
4821 }
4822
4823 dot = strchr(i, '.');
4824 lvalue = dot ? dot + 1 : i;
4825 prefix_len = dot-i;
4826
4827 if (dot)
4828 if (!prev || !strneq(prev, i, prefix_len+1)) {
4829 if (prev)
4830 fputc('\n', f);
4831
4832 fprintf(f, "[%.*s]\n", (int) prefix_len, i);
4833 }
4834
4835 fprintf(f, "%s=%s\n", lvalue, rvalue);
4836 prev = i;
4837 }
4838 }
Unnamed repository; edit this file 'description' to name the repository.