]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/load-fragment.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
load-fragment: use config_parse_sec_fix_0() for TimeoutStopSec=
[thirdparty/systemd.git] / src / core / load-fragment.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6 Copyright 2012 Holger Hans Peter Freyther
7 ***/
8
9 #include <errno.h>
10 #include <fcntl.h>
11 #include <linux/fs.h>
12 #include <linux/oom.h>
13 #if HAVE_SECCOMP
14 #include <seccomp.h>
15 #endif
16 #include <sched.h>
17 #include <string.h>
18 #include <sys/resource.h>
19 #include <sys/stat.h>
20
21 #include "af-list.h"
22 #include "alloc-util.h"
23 #include "all-units.h"
24 #include "bus-error.h"
25 #include "bus-internal.h"
26 #include "bus-util.h"
27 #include "cap-list.h"
28 #include "capability-util.h"
29 #include "cgroup.h"
30 #include "conf-parser.h"
31 #include "cpu-set-util.h"
32 #include "env-util.h"
33 #include "errno-list.h"
34 #include "escape.h"
35 #include "fd-util.h"
36 #include "fs-util.h"
37 #include "hexdecoct.h"
38 #include "io-util.h"
39 #include "ioprio.h"
40 #include "journal-util.h"
41 #include "load-fragment.h"
42 #include "log.h"
43 #include "missing.h"
44 #include "mount-util.h"
45 #include "parse-util.h"
46 #include "path-util.h"
47 #include "process-util.h"
48 #if HAVE_SECCOMP
49 #include "seccomp-util.h"
50 #endif
51 #include "securebits.h"
52 #include "securebits-util.h"
53 #include "signal-util.h"
54 #include "socket-protocol-list.h"
55 #include "stat-util.h"
56 #include "string-util.h"
57 #include "strv.h"
58 #include "unit-name.h"
59 #include "unit-printf.h"
60 #include "user-util.h"
61 #include "utf8.h"
62 #include "web-util.h"
63
64 DEFINE_CONFIG_PARSE_ENUM(config_parse_collect_mode, collect_mode, CollectMode, "Failed to parse garbage collection mode");
65
66 int config_parse_unit_deps(
67 const char *unit,
68 const char *filename,
69 unsigned line,
70 const char *section,
71 unsigned section_line,
72 const char *lvalue,
73 int ltype,
74 const char *rvalue,
75 void *data,
76 void *userdata) {
77
78 UnitDependency d = ltype;
79 Unit *u = userdata;
80 const char *p;
81
82 assert(filename);
83 assert(lvalue);
84 assert(rvalue);
85
86 p = rvalue;
87 for (;;) {
88 _cleanup_free_ char *word = NULL, *k = NULL;
89 int r;
90
91 r = extract_first_word(&p, &word, NULL, EXTRACT_RETAIN_ESCAPE);
92 if (r == 0)
93 break;
94 if (r == -ENOMEM)
95 return log_oom();
96 if (r < 0) {
97 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
98 break;
99 }
100
101 r = unit_name_printf(u, word, &k);
102 if (r < 0) {
103 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
104 continue;
105 }
106
107 r = unit_add_dependency_by_name(u, d, k, NULL, true, UNIT_DEPENDENCY_FILE);
108 if (r < 0)
109 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
110 }
111
112 return 0;
113 }
114
115 int config_parse_obsolete_unit_deps(
116 const char *unit,
117 const char *filename,
118 unsigned line,
119 const char *section,
120 unsigned section_line,
121 const char *lvalue,
122 int ltype,
123 const char *rvalue,
124 void *data,
125 void *userdata) {
126
127 log_syntax(unit, LOG_WARNING, filename, line, 0,
128 "Unit dependency type %s= is obsolete, replacing by %s=, please update your unit file", lvalue, unit_dependency_to_string(ltype));
129
130 return config_parse_unit_deps(unit, filename, line, section, section_line, lvalue, ltype, rvalue, data, userdata);
131 }
132
133 int config_parse_unit_string_printf(
134 const char *unit,
135 const char *filename,
136 unsigned line,
137 const char *section,
138 unsigned section_line,
139 const char *lvalue,
140 int ltype,
141 const char *rvalue,
142 void *data,
143 void *userdata) {
144
145 _cleanup_free_ char *k = NULL;
146 Unit *u = userdata;
147 int r;
148
149 assert(filename);
150 assert(lvalue);
151 assert(rvalue);
152 assert(u);
153
154 r = unit_full_printf(u, rvalue, &k);
155 if (r < 0) {
156 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
157 return 0;
158 }
159
160 return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
161 }
162
163 int config_parse_unit_strv_printf(
164 const char *unit,
165 const char *filename,
166 unsigned line,
167 const char *section,
168 unsigned section_line,
169 const char *lvalue,
170 int ltype,
171 const char *rvalue,
172 void *data,
173 void *userdata) {
174
175 Unit *u = userdata;
176 _cleanup_free_ char *k = NULL;
177 int r;
178
179 assert(filename);
180 assert(lvalue);
181 assert(rvalue);
182 assert(u);
183
184 r = unit_full_printf(u, rvalue, &k);
185 if (r < 0) {
186 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
187 return 0;
188 }
189
190 return config_parse_strv(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
191 }
192
193 int config_parse_unit_path_printf(
194 const char *unit,
195 const char *filename,
196 unsigned line,
197 const char *section,
198 unsigned section_line,
199 const char *lvalue,
200 int ltype,
201 const char *rvalue,
202 void *data,
203 void *userdata) {
204
205 _cleanup_free_ char *k = NULL;
206 Unit *u = userdata;
207 int r;
208 bool fatal = ltype;
209
210 assert(filename);
211 assert(lvalue);
212 assert(rvalue);
213 assert(u);
214
215 /* Let's not bother with anything that is too long */
216 if (strlen(rvalue) >= PATH_MAX) {
217 log_syntax(unit, LOG_ERR, filename, line, 0,
218 "%s value too long%s.",
219 lvalue, fatal ? "" : ", ignoring");
220 return fatal ? -ENAMETOOLONG : 0;
221 }
222
223 r = unit_full_printf(u, rvalue, &k);
224 if (r < 0) {
225 log_syntax(unit, LOG_ERR, filename, line, r,
226 "Failed to resolve unit specifiers in '%s'%s: %m",
227 rvalue, fatal ? "" : ", ignoring");
228 return fatal ? -ENOEXEC : 0;
229 }
230
231 return config_parse_path(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
232 }
233
234 int config_parse_unit_path_strv_printf(
235 const char *unit,
236 const char *filename,
237 unsigned line,
238 const char *section,
239 unsigned section_line,
240 const char *lvalue,
241 int ltype,
242 const char *rvalue,
243 void *data,
244 void *userdata) {
245
246 char ***x = data;
247 Unit *u = userdata;
248 int r;
249 const char *p;
250
251 assert(filename);
252 assert(lvalue);
253 assert(rvalue);
254 assert(u);
255
256 if (isempty(rvalue)) {
257 *x = strv_free(*x);
258 return 0;
259 }
260
261 for (p = rvalue;;) {
262 _cleanup_free_ char *word = NULL, *k = NULL;
263
264 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
265 if (r == 0)
266 return 0;
267 if (r == -ENOMEM)
268 return log_oom();
269 if (r < 0) {
270 log_syntax(unit, LOG_WARNING, filename, line, r,
271 "Invalid syntax, ignoring: %s", rvalue);
272 return 0;
273 }
274
275 r = unit_full_printf(u, word, &k);
276 if (r < 0) {
277 log_syntax(unit, LOG_ERR, filename, line, r,
278 "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
279 return 0;
280 }
281
282 if (!utf8_is_valid(k)) {
283 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
284 return 0;
285 }
286
287 if (!path_is_absolute(k)) {
288 log_syntax(unit, LOG_ERR, filename, line, 0,
289 "Symlink path is not absolute: %s", k);
290 return 0;
291 }
292
293 path_kill_slashes(k);
294
295 r = strv_push(x, k);
296 if (r < 0)
297 return log_oom();
298 k = NULL;
299 }
300 }
301
302 int config_parse_socket_listen(const char *unit,
303 const char *filename,
304 unsigned line,
305 const char *section,
306 unsigned section_line,
307 const char *lvalue,
308 int ltype,
309 const char *rvalue,
310 void *data,
311 void *userdata) {
312
313 _cleanup_free_ SocketPort *p = NULL;
314 SocketPort *tail;
315 Socket *s;
316 int r;
317
318 assert(filename);
319 assert(lvalue);
320 assert(rvalue);
321 assert(data);
322
323 s = SOCKET(data);
324
325 if (isempty(rvalue)) {
326 /* An empty assignment removes all ports */
327 socket_free_ports(s);
328 return 0;
329 }
330
331 p = new0(SocketPort, 1);
332 if (!p)
333 return log_oom();
334
335 if (ltype != SOCKET_SOCKET) {
336
337 p->type = ltype;
338 r = unit_full_printf(UNIT(s), rvalue, &p->path);
339 if (r < 0) {
340 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
341 return 0;
342 }
343
344 path_kill_slashes(p->path);
345
346 } else if (streq(lvalue, "ListenNetlink")) {
347 _cleanup_free_ char *k = NULL;
348
349 p->type = SOCKET_SOCKET;
350 r = unit_full_printf(UNIT(s), rvalue, &k);
351 if (r < 0) {
352 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
353 return 0;
354 }
355
356 r = socket_address_parse_netlink(&p->address, k);
357 if (r < 0) {
358 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k);
359 return 0;
360 }
361
362 } else {
363 _cleanup_free_ char *k = NULL;
364
365 p->type = SOCKET_SOCKET;
366 r = unit_full_printf(UNIT(s), rvalue, &k);
367 if (r < 0) {
368 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
369 return 0;
370 }
371
372 r = socket_address_parse_and_warn(&p->address, k);
373 if (r < 0) {
374 if (r != -EAFNOSUPPORT)
375 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k);
376 return 0;
377 }
378
379 if (streq(lvalue, "ListenStream"))
380 p->address.type = SOCK_STREAM;
381 else if (streq(lvalue, "ListenDatagram"))
382 p->address.type = SOCK_DGRAM;
383 else {
384 assert(streq(lvalue, "ListenSequentialPacket"));
385 p->address.type = SOCK_SEQPACKET;
386 }
387
388 if (socket_address_family(&p->address) != AF_LOCAL && p->address.type == SOCK_SEQPACKET) {
389 log_syntax(unit, LOG_ERR, filename, line, 0, "Address family not supported, ignoring: %s", rvalue);
390 return 0;
391 }
392 }
393
394 p->fd = -1;
395 p->auxiliary_fds = NULL;
396 p->n_auxiliary_fds = 0;
397 p->socket = s;
398
399 LIST_FIND_TAIL(port, s->ports, tail);
400 LIST_INSERT_AFTER(port, s->ports, tail, p);
401
402 p = NULL;
403
404 return 0;
405 }
406
407 int config_parse_socket_protocol(const char *unit,
408 const char *filename,
409 unsigned line,
410 const char *section,
411 unsigned section_line,
412 const char *lvalue,
413 int ltype,
414 const char *rvalue,
415 void *data,
416 void *userdata) {
417 Socket *s;
418 int r;
419
420 assert(filename);
421 assert(lvalue);
422 assert(rvalue);
423 assert(data);
424
425 s = SOCKET(data);
426
427 r = socket_protocol_from_name(rvalue);
428 if (r < 0) {
429 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid socket protocol '%s', ignoring: %m", rvalue);
430 return 0;
431 } else if (!IN_SET(r, IPPROTO_UDPLITE, IPPROTO_SCTP)) {
432 log_syntax(unit, LOG_ERR, filename, line, 0, "Socket protocol not supported, ignoring: %s", rvalue);
433 return 0;
434 }
435
436 s->socket_protocol = r;
437
438 return 0;
439 }
440
441 int config_parse_socket_bind(const char *unit,
442 const char *filename,
443 unsigned line,
444 const char *section,
445 unsigned section_line,
446 const char *lvalue,
447 int ltype,
448 const char *rvalue,
449 void *data,
450 void *userdata) {
451
452 Socket *s;
453 SocketAddressBindIPv6Only b;
454
455 assert(filename);
456 assert(lvalue);
457 assert(rvalue);
458 assert(data);
459
460 s = SOCKET(data);
461
462 b = parse_socket_address_bind_ipv6_only_or_bool(rvalue);
463 if (b < 0) {
464 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse bind IPv6 only value, ignoring: %s", rvalue);
465 return 0;
466 }
467
468 s->bind_ipv6_only = b;
469
470 return 0;
471 }
472
473 int config_parse_exec_nice(
474 const char *unit,
475 const char *filename,
476 unsigned line,
477 const char *section,
478 unsigned section_line,
479 const char *lvalue,
480 int ltype,
481 const char *rvalue,
482 void *data,
483 void *userdata) {
484
485 ExecContext *c = data;
486 int priority, r;
487
488 assert(filename);
489 assert(lvalue);
490 assert(rvalue);
491 assert(data);
492
493 if (isempty(rvalue)) {
494 c->nice_set = false;
495 return 0;
496 }
497
498 r = parse_nice(rvalue, &priority);
499 if (r < 0) {
500 if (r == -ERANGE)
501 log_syntax(unit, LOG_ERR, filename, line, r, "Nice priority out of range, ignoring: %s", rvalue);
502 else
503 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse nice priority '%s', ignoring: %m", rvalue);
504 return 0;
505 }
506
507 c->nice = priority;
508 c->nice_set = true;
509
510 return 0;
511 }
512
513 int config_parse_exec_oom_score_adjust(
514 const char* unit,
515 const char *filename,
516 unsigned line,
517 const char *section,
518 unsigned section_line,
519 const char *lvalue,
520 int ltype,
521 const char *rvalue,
522 void *data,
523 void *userdata) {
524
525 ExecContext *c = data;
526 int oa, r;
527
528 assert(filename);
529 assert(lvalue);
530 assert(rvalue);
531 assert(data);
532
533 if (isempty(rvalue)) {
534 c->oom_score_adjust_set = false;
535 return 0;
536 }
537
538 r = parse_oom_score_adjust(rvalue, &oa);
539 if (r < 0) {
540 if (r == -ERANGE)
541 log_syntax(unit, LOG_ERR, filename, line, r, "OOM score adjust value out of range, ignoring: %s", rvalue);
542 else
543 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse the OOM score adjust value '%s', ignoring: %m", rvalue);
544 return 0;
545 }
546
547 c->oom_score_adjust = oa;
548 c->oom_score_adjust_set = true;
549
550 return 0;
551 }
552
553 int config_parse_exec(
554 const char *unit,
555 const char *filename,
556 unsigned line,
557 const char *section,
558 unsigned section_line,
559 const char *lvalue,
560 int ltype,
561 const char *rvalue,
562 void *data,
563 void *userdata) {
564
565 ExecCommand **e = data;
566 Unit *u = userdata;
567 const char *p;
568 bool semicolon;
569 int r;
570
571 assert(filename);
572 assert(lvalue);
573 assert(rvalue);
574 assert(e);
575
576 e += ltype;
577 rvalue += strspn(rvalue, WHITESPACE);
578
579 if (isempty(rvalue)) {
580 /* An empty assignment resets the list */
581 *e = exec_command_free_list(*e);
582 return 0;
583 }
584
585 p = rvalue;
586 do {
587 _cleanup_free_ char *path = NULL, *firstword = NULL;
588 ExecCommandFlags flags = 0;
589 bool ignore = false, separate_argv0 = false;
590 _cleanup_free_ ExecCommand *nce = NULL;
591 _cleanup_strv_free_ char **n = NULL;
592 size_t nlen = 0, nbufsize = 0;
593 const char *f;
594
595 semicolon = false;
596
597 r = extract_first_word_and_warn(&p, &firstword, NULL, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
598 if (r <= 0)
599 return 0;
600
601 f = firstword;
602 for (;;) {
603 /* We accept an absolute path as first argument. If it's prefixed with - and the path doesn't
604 * exist, we ignore it instead of erroring out; if it's prefixed with @, we allow overriding of
605 * argv[0]; if it's prefixed with +, it will be run with full privileges and no sandboxing; if
606 * it's prefixed with '!' we apply sandboxing, but do not change user/group credentials; if
607 * it's prefixed with '!!', then we apply user/group credentials if the kernel supports ambient
608 * capabilities -- if it doesn't we don't apply the credentials themselves, but do apply most
609 * other sandboxing, with some special exceptions for changing UID.
610 *
611 * The idea is that '!!' may be used to write services that can take benefit of systemd's
612 * UID/GID dropping if the kernel supports ambient creds, but provide an automatic fallback to
613 * privilege dropping within the daemon if the kernel does not offer that. */
614
615 if (*f == '-' && !(flags & EXEC_COMMAND_IGNORE_FAILURE)) {
616 flags |= EXEC_COMMAND_IGNORE_FAILURE;
617 ignore = true;
618 } else if (*f == '@' && !separate_argv0)
619 separate_argv0 = true;
620 else if (*f == '+' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC)))
621 flags |= EXEC_COMMAND_FULLY_PRIVILEGED;
622 else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC)))
623 flags |= EXEC_COMMAND_NO_SETUID;
624 else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_AMBIENT_MAGIC))) {
625 flags &= ~EXEC_COMMAND_NO_SETUID;
626 flags |= EXEC_COMMAND_AMBIENT_MAGIC;
627 } else
628 break;
629 f++;
630 }
631
632 r = unit_full_printf(u, f, &path);
633 if (r < 0) {
634 log_syntax(unit, LOG_ERR, filename, line, r,
635 "Failed to resolve unit specifiers in '%s'%s: %m",
636 f, ignore ? ", ignoring" : "");
637 return ignore ? 0 : -ENOEXEC;
638 }
639
640 if (isempty(path)) {
641 /* First word is either "-" or "@" with no command. */
642 log_syntax(unit, LOG_ERR, filename, line, 0,
643 "Empty path in command line%s: '%s'",
644 ignore ? ", ignoring" : "", rvalue);
645 return ignore ? 0 : -ENOEXEC;
646 }
647 if (!string_is_safe(path)) {
648 log_syntax(unit, LOG_ERR, filename, line, 0,
649 "Executable name contains special characters%s: %s",
650 ignore ? ", ignoring" : "", path);
651 return ignore ? 0 : -ENOEXEC;
652 }
653 if (endswith(path, "/")) {
654 log_syntax(unit, LOG_ERR, filename, line, 0,
655 "Executable path specifies a directory%s: %s",
656 ignore ? ", ignoring" : "", path);
657 return ignore ? 0 : -ENOEXEC;
658 }
659
660 if (!path_is_absolute(path)) {
661 const char *prefix;
662 bool found = false;
663
664 if (!filename_is_valid(path)) {
665 log_syntax(unit, LOG_ERR, filename, line, 0,
666 "Neither a valid executable name nor an absolute path%s: %s",
667 ignore ? ", ignoring" : "", path);
668 return ignore ? 0 : -ENOEXEC;
669 }
670
671 /* Resolve a single-component name to a full path */
672 NULSTR_FOREACH(prefix, DEFAULT_PATH_NULSTR) {
673 _cleanup_free_ char *fullpath = NULL;
674
675 fullpath = strjoin(prefix, "/", path);
676 if (!fullpath)
677 return log_oom();
678
679 if (access(fullpath, F_OK) >= 0) {
680 free_and_replace(path, fullpath);
681 found = true;
682 break;
683 }
684 }
685
686 if (!found) {
687 log_syntax(unit, LOG_ERR, filename, line, 0,
688 "Executable \"%s\" not found in path \"%s\"%s",
689 path, DEFAULT_PATH, ignore ? ", ignoring" : "");
690 return ignore ? 0 : -ENOEXEC;
691 }
692 }
693
694 if (!separate_argv0) {
695 char *w = NULL;
696
697 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
698 return log_oom();
699
700 w = strdup(path);
701 if (!w)
702 return log_oom();
703 n[nlen++] = w;
704 n[nlen] = NULL;
705 }
706
707 path_kill_slashes(path);
708
709 while (!isempty(p)) {
710 _cleanup_free_ char *word = NULL, *resolved = NULL;
711
712 /* Check explicitly for an unquoted semicolon as
713 * command separator token. */
714 if (p[0] == ';' && (!p[1] || strchr(WHITESPACE, p[1]))) {
715 p++;
716 p += strspn(p, WHITESPACE);
717 semicolon = true;
718 break;
719 }
720
721 /* Check for \; explicitly, to not confuse it with \\; or "\;" or "\\;" etc.
722 * extract_first_word() would return the same for all of those. */
723 if (p[0] == '\\' && p[1] == ';' && (!p[2] || strchr(WHITESPACE, p[2]))) {
724 char *w;
725
726 p += 2;
727 p += strspn(p, WHITESPACE);
728
729 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
730 return log_oom();
731
732 w = strdup(";");
733 if (!w)
734 return log_oom();
735 n[nlen++] = w;
736 n[nlen] = NULL;
737 continue;
738 }
739
740 r = extract_first_word_and_warn(&p, &word, NULL, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
741 if (r == 0)
742 break;
743 if (r < 0)
744 return ignore ? 0 : -ENOEXEC;
745
746 r = unit_full_printf(u, word, &resolved);
747 if (r < 0) {
748 log_syntax(unit, LOG_ERR, filename, line, r,
749 "Failed to resolve unit specifiers in %s%s: %m",
750 word, ignore ? ", ignoring" : "");
751 return ignore ? 0 : -ENOEXEC;
752 }
753
754 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
755 return log_oom();
756
757 n[nlen++] = TAKE_PTR(resolved);
758 n[nlen] = NULL;
759 }
760
761 if (!n || !n[0]) {
762 log_syntax(unit, LOG_ERR, filename, line, 0,
763 "Empty executable name or zeroeth argument%s: %s",
764 ignore ? ", ignoring" : "", rvalue);
765 return ignore ? 0 : -ENOEXEC;
766 }
767
768 nce = new0(ExecCommand, 1);
769 if (!nce)
770 return log_oom();
771
772 nce->argv = TAKE_PTR(n);
773 nce->path = TAKE_PTR(path);
774 nce->flags = flags;
775
776 exec_command_append_list(e, nce);
777
778 /* Do not _cleanup_free_ these. */
779 nce = NULL;
780
781 rvalue = p;
782 } while (semicolon);
783
784 return 0;
785 }
786
787 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_type, service_type, ServiceType, "Failed to parse service type");
788 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_restart, service_restart, ServiceRestart, "Failed to parse service restart specifier");
789
790 int config_parse_socket_bindtodevice(
791 const char* unit,
792 const char *filename,
793 unsigned line,
794 const char *section,
795 unsigned section_line,
796 const char *lvalue,
797 int ltype,
798 const char *rvalue,
799 void *data,
800 void *userdata) {
801
802 Socket *s = data;
803
804 assert(filename);
805 assert(lvalue);
806 assert(rvalue);
807 assert(data);
808
809 if (isempty(rvalue) || streq(rvalue, "*")) {
810 s->bind_to_device = mfree(s->bind_to_device);
811 return 0;
812 }
813
814 if (!ifname_valid(rvalue)) {
815 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid interface name, ignoring: %s", rvalue);
816 return 0;
817 }
818
819 free_and_strdup(&s->bind_to_device, rvalue);
820
821 return 0;
822 }
823
824 int config_parse_exec_input(
825 const char *unit,
826 const char *filename,
827 unsigned line,
828 const char *section,
829 unsigned section_line,
830 const char *lvalue,
831 int ltype,
832 const char *rvalue,
833 void *data,
834 void *userdata) {
835
836 ExecContext *c = data;
837 Unit *u = userdata;
838 const char *n;
839 ExecInput ei;
840 int r;
841
842 assert(data);
843 assert(filename);
844 assert(line);
845 assert(rvalue);
846
847 n = startswith(rvalue, "fd:");
848 if (n) {
849 _cleanup_free_ char *resolved = NULL;
850
851 r = unit_full_printf(u, n, &resolved);
852 if (r < 0)
853 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", n);
854
855 if (isempty(resolved))
856 resolved = mfree(resolved);
857 else if (!fdname_is_valid(resolved)) {
858 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name: %s", resolved);
859 return -EINVAL;
860 }
861
862 free_and_replace(c->stdio_fdname[STDIN_FILENO], resolved);
863
864 ei = EXEC_INPUT_NAMED_FD;
865
866 } else if ((n = startswith(rvalue, "file:"))) {
867 _cleanup_free_ char *resolved = NULL;
868
869 r = unit_full_printf(u, n, &resolved);
870 if (r < 0)
871 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", n);
872
873 if (!path_is_absolute(resolved)) {
874 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires an absolute path name: %s", resolved);
875 return -EINVAL;
876 }
877
878 if (!path_is_normalized(resolved)) {
879 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires a normalized path name: %s", resolved);
880 return -EINVAL;
881 }
882
883 free_and_replace(c->stdio_file[STDIN_FILENO], resolved);
884
885 ei = EXEC_INPUT_FILE;
886
887 } else {
888 ei = exec_input_from_string(rvalue);
889 if (ei < 0) {
890 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse input specifier, ignoring: %s", rvalue);
891 return 0;
892 }
893 }
894
895 c->std_input = ei;
896 return 0;
897 }
898
899 int config_parse_exec_input_text(
900 const char *unit,
901 const char *filename,
902 unsigned line,
903 const char *section,
904 unsigned section_line,
905 const char *lvalue,
906 int ltype,
907 const char *rvalue,
908 void *data,
909 void *userdata) {
910
911 _cleanup_free_ char *unescaped = NULL, *resolved = NULL;
912 ExecContext *c = data;
913 Unit *u = userdata;
914 size_t sz;
915 void *p;
916 int r;
917
918 assert(data);
919 assert(filename);
920 assert(line);
921 assert(rvalue);
922
923 if (isempty(rvalue)) {
924 /* Reset if the empty string is assigned */
925 c->stdin_data = mfree(c->stdin_data);
926 c->stdin_data_size = 0;
927 return 0;
928 }
929
930 r = cunescape(rvalue, 0, &unescaped);
931 if (r < 0)
932 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode C escaped text '%s': %m", rvalue);
933
934 r = unit_full_printf(u, unescaped, &resolved);
935 if (r < 0)
936 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", unescaped);
937
938 sz = strlen(resolved);
939 if (c->stdin_data_size + sz + 1 < c->stdin_data_size || /* check for overflow */
940 c->stdin_data_size + sz + 1 > EXEC_STDIN_DATA_MAX) {
941 log_syntax(unit, LOG_ERR, filename, line, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX);
942 return -E2BIG;
943 }
944
945 p = realloc(c->stdin_data, c->stdin_data_size + sz + 1);
946 if (!p)
947 return log_oom();
948
949 *((char*) mempcpy((char*) p + c->stdin_data_size, resolved, sz)) = '\n';
950
951 c->stdin_data = p;
952 c->stdin_data_size += sz + 1;
953
954 return 0;
955 }
956
957 int config_parse_exec_input_data(
958 const char *unit,
959 const char *filename,
960 unsigned line,
961 const char *section,
962 unsigned section_line,
963 const char *lvalue,
964 int ltype,
965 const char *rvalue,
966 void *data,
967 void *userdata) {
968
969 _cleanup_free_ void *p = NULL;
970 ExecContext *c = data;
971 size_t sz;
972 void *q;
973 int r;
974
975 assert(data);
976 assert(filename);
977 assert(line);
978 assert(rvalue);
979
980 if (isempty(rvalue)) {
981 /* Reset if the empty string is assigned */
982 c->stdin_data = mfree(c->stdin_data);
983 c->stdin_data_size = 0;
984 return 0;
985 }
986
987 r = unbase64mem(rvalue, (size_t) -1, &p, &sz);
988 if (r < 0)
989 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode base64 data, ignoring: %s", rvalue);
990
991 assert(sz > 0);
992
993 if (c->stdin_data_size + sz < c->stdin_data_size || /* check for overflow */
994 c->stdin_data_size + sz > EXEC_STDIN_DATA_MAX) {
995 log_syntax(unit, LOG_ERR, filename, line, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX);
996 return -E2BIG;
997 }
998
999 q = realloc(c->stdin_data, c->stdin_data_size + sz);
1000 if (!q)
1001 return log_oom();
1002
1003 memcpy((uint8_t*) q + c->stdin_data_size, p, sz);
1004
1005 c->stdin_data = q;
1006 c->stdin_data_size += sz;
1007
1008 return 0;
1009 }
1010
1011 int config_parse_exec_output(
1012 const char *unit,
1013 const char *filename,
1014 unsigned line,
1015 const char *section,
1016 unsigned section_line,
1017 const char *lvalue,
1018 int ltype,
1019 const char *rvalue,
1020 void *data,
1021 void *userdata) {
1022
1023 _cleanup_free_ char *resolved = NULL;
1024 const char *n;
1025 ExecContext *c = data;
1026 Unit *u = userdata;
1027 ExecOutput eo;
1028 int r;
1029
1030 assert(data);
1031 assert(filename);
1032 assert(line);
1033 assert(lvalue);
1034 assert(rvalue);
1035
1036 n = startswith(rvalue, "fd:");
1037 if (n) {
1038 r = unit_full_printf(u, n, &resolved);
1039 if (r < 0)
1040 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n);
1041
1042 if (isempty(resolved))
1043 resolved = mfree(resolved);
1044 else if (!fdname_is_valid(resolved)) {
1045 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name: %s", resolved);
1046 return -EINVAL;
1047 }
1048
1049 eo = EXEC_OUTPUT_NAMED_FD;
1050
1051 } else if ((n = startswith(rvalue, "file:"))) {
1052
1053 r = unit_full_printf(u, n, &resolved);
1054 if (r < 0)
1055 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n);
1056
1057 if (!path_is_absolute(resolved)) {
1058 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires an absolute path name: %s", resolved);
1059 return -EINVAL;
1060 }
1061
1062 if (!path_is_normalized(resolved)) {
1063 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires a normalized path name, ignoring: %s", resolved);
1064 return -EINVAL;
1065 }
1066
1067 eo = EXEC_OUTPUT_FILE;
1068
1069 } else {
1070 eo = exec_output_from_string(rvalue);
1071 if (eo < 0) {
1072 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse output specifier, ignoring: %s", rvalue);
1073 return 0;
1074 }
1075 }
1076
1077 if (streq(lvalue, "StandardOutput")) {
1078 if (eo == EXEC_OUTPUT_NAMED_FD)
1079 free_and_replace(c->stdio_fdname[STDOUT_FILENO], resolved);
1080 else
1081 free_and_replace(c->stdio_file[STDOUT_FILENO], resolved);
1082
1083 c->std_output = eo;
1084
1085 } else {
1086 assert(streq(lvalue, "StandardError"));
1087
1088 if (eo == EXEC_OUTPUT_NAMED_FD)
1089 free_and_replace(c->stdio_fdname[STDERR_FILENO], resolved);
1090 else
1091 free_and_replace(c->stdio_file[STDERR_FILENO], resolved);
1092
1093 c->std_error = eo;
1094 }
1095
1096 return 0;
1097 }
1098
1099 int config_parse_exec_io_class(const char *unit,
1100 const char *filename,
1101 unsigned line,
1102 const char *section,
1103 unsigned section_line,
1104 const char *lvalue,
1105 int ltype,
1106 const char *rvalue,
1107 void *data,
1108 void *userdata) {
1109
1110 ExecContext *c = data;
1111 int x;
1112
1113 assert(filename);
1114 assert(lvalue);
1115 assert(rvalue);
1116 assert(data);
1117
1118 if (isempty(rvalue)) {
1119 c->ioprio_set = false;
1120 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
1121 return 0;
1122 }
1123
1124 x = ioprio_class_from_string(rvalue);
1125 if (x < 0) {
1126 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IO scheduling class, ignoring: %s", rvalue);
1127 return 0;
1128 }
1129
1130 c->ioprio = IOPRIO_PRIO_VALUE(x, IOPRIO_PRIO_DATA(c->ioprio));
1131 c->ioprio_set = true;
1132
1133 return 0;
1134 }
1135
1136 int config_parse_exec_io_priority(const char *unit,
1137 const char *filename,
1138 unsigned line,
1139 const char *section,
1140 unsigned section_line,
1141 const char *lvalue,
1142 int ltype,
1143 const char *rvalue,
1144 void *data,
1145 void *userdata) {
1146
1147 ExecContext *c = data;
1148 int i, r;
1149
1150 assert(filename);
1151 assert(lvalue);
1152 assert(rvalue);
1153 assert(data);
1154
1155 if (isempty(rvalue)) {
1156 c->ioprio_set = false;
1157 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
1158 return 0;
1159 }
1160
1161 r = ioprio_parse_priority(rvalue, &i);
1162 if (r < 0) {
1163 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse IO priority, ignoring: %s", rvalue);
1164 return 0;
1165 }
1166
1167 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_PRIO_CLASS(c->ioprio), i);
1168 c->ioprio_set = true;
1169
1170 return 0;
1171 }
1172
1173 int config_parse_exec_cpu_sched_policy(const char *unit,
1174 const char *filename,
1175 unsigned line,
1176 const char *section,
1177 unsigned section_line,
1178 const char *lvalue,
1179 int ltype,
1180 const char *rvalue,
1181 void *data,
1182 void *userdata) {
1183
1184 ExecContext *c = data;
1185 int x;
1186
1187 assert(filename);
1188 assert(lvalue);
1189 assert(rvalue);
1190 assert(data);
1191
1192 if (isempty(rvalue)) {
1193 c->cpu_sched_set = false;
1194 c->cpu_sched_policy = SCHED_OTHER;
1195 c->cpu_sched_priority = 0;
1196 return 0;
1197 }
1198
1199 x = sched_policy_from_string(rvalue);
1200 if (x < 0) {
1201 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse CPU scheduling policy, ignoring: %s", rvalue);
1202 return 0;
1203 }
1204
1205 c->cpu_sched_policy = x;
1206 /* Moving to or from real-time policy? We need to adjust the priority */
1207 c->cpu_sched_priority = CLAMP(c->cpu_sched_priority, sched_get_priority_min(x), sched_get_priority_max(x));
1208 c->cpu_sched_set = true;
1209
1210 return 0;
1211 }
1212
1213 int config_parse_exec_cpu_sched_prio(const char *unit,
1214 const char *filename,
1215 unsigned line,
1216 const char *section,
1217 unsigned section_line,
1218 const char *lvalue,
1219 int ltype,
1220 const char *rvalue,
1221 void *data,
1222 void *userdata) {
1223
1224 ExecContext *c = data;
1225 int i, min, max, r;
1226
1227 assert(filename);
1228 assert(lvalue);
1229 assert(rvalue);
1230 assert(data);
1231
1232 r = safe_atoi(rvalue, &i);
1233 if (r < 0) {
1234 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CPU scheduling priority, ignoring: %s", rvalue);
1235 return 0;
1236 }
1237
1238 /* On Linux RR/FIFO range from 1 to 99 and OTHER/BATCH may only be 0 */
1239 min = sched_get_priority_min(c->cpu_sched_policy);
1240 max = sched_get_priority_max(c->cpu_sched_policy);
1241
1242 if (i < min || i > max) {
1243 log_syntax(unit, LOG_ERR, filename, line, 0, "CPU scheduling priority is out of range, ignoring: %s", rvalue);
1244 return 0;
1245 }
1246
1247 c->cpu_sched_priority = i;
1248 c->cpu_sched_set = true;
1249
1250 return 0;
1251 }
1252
1253 int config_parse_exec_cpu_affinity(const char *unit,
1254 const char *filename,
1255 unsigned line,
1256 const char *section,
1257 unsigned section_line,
1258 const char *lvalue,
1259 int ltype,
1260 const char *rvalue,
1261 void *data,
1262 void *userdata) {
1263
1264 ExecContext *c = data;
1265 _cleanup_cpu_free_ cpu_set_t *cpuset = NULL;
1266 int ncpus;
1267
1268 assert(filename);
1269 assert(lvalue);
1270 assert(rvalue);
1271 assert(data);
1272
1273 ncpus = parse_cpu_set_and_warn(rvalue, &cpuset, unit, filename, line, lvalue);
1274 if (ncpus < 0)
1275 return ncpus;
1276
1277 if (ncpus == 0) {
1278 /* An empty assignment resets the CPU list */
1279 c->cpuset = cpu_set_mfree(c->cpuset);
1280 c->cpuset_ncpus = 0;
1281 return 0;
1282 }
1283
1284 if (!c->cpuset) {
1285 c->cpuset = TAKE_PTR(cpuset);
1286 c->cpuset_ncpus = (unsigned) ncpus;
1287 return 0;
1288 }
1289
1290 if (c->cpuset_ncpus < (unsigned) ncpus) {
1291 CPU_OR_S(CPU_ALLOC_SIZE(c->cpuset_ncpus), cpuset, c->cpuset, cpuset);
1292 CPU_FREE(c->cpuset);
1293 c->cpuset = TAKE_PTR(cpuset);
1294 c->cpuset_ncpus = (unsigned) ncpus;
1295 return 0;
1296 }
1297
1298 CPU_OR_S(CPU_ALLOC_SIZE((unsigned) ncpus), c->cpuset, c->cpuset, cpuset);
1299
1300 return 0;
1301 }
1302
1303 int config_parse_exec_secure_bits(const char *unit,
1304 const char *filename,
1305 unsigned line,
1306 const char *section,
1307 unsigned section_line,
1308 const char *lvalue,
1309 int ltype,
1310 const char *rvalue,
1311 void *data,
1312 void *userdata) {
1313
1314 ExecContext *c = data;
1315 int r;
1316
1317 assert(filename);
1318 assert(lvalue);
1319 assert(rvalue);
1320 assert(data);
1321
1322 if (isempty(rvalue)) {
1323 /* An empty assignment resets the field */
1324 c->secure_bits = 0;
1325 return 0;
1326 }
1327
1328 r = secure_bits_from_string(rvalue);
1329 if (r < 0) {
1330 log_syntax(unit, LOG_WARNING, filename, line, r,
1331 "Failed to parse secure bits, ignoring: %s", rvalue);
1332 return 0;
1333 }
1334
1335 c->secure_bits = r;
1336
1337 return 0;
1338 }
1339
1340 int config_parse_capability_set(
1341 const char *unit,
1342 const char *filename,
1343 unsigned line,
1344 const char *section,
1345 unsigned section_line,
1346 const char *lvalue,
1347 int ltype,
1348 const char *rvalue,
1349 void *data,
1350 void *userdata) {
1351
1352 uint64_t *capability_set = data;
1353 uint64_t sum = 0, initial = 0;
1354 bool invert = false;
1355 int r;
1356
1357 assert(filename);
1358 assert(lvalue);
1359 assert(rvalue);
1360 assert(data);
1361
1362 if (rvalue[0] == '~') {
1363 invert = true;
1364 rvalue++;
1365 }
1366
1367 if (streq(lvalue, "CapabilityBoundingSet"))
1368 initial = CAP_ALL; /* initialized to all bits on */
1369 /* else "AmbientCapabilities" initialized to all bits off */
1370
1371 r = capability_set_from_string(rvalue, &sum);
1372 if (r < 0) {
1373 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= specifier '%s', ignoring: %m", lvalue, rvalue);
1374 return 0;
1375 }
1376
1377 if (sum == 0 || *capability_set == initial)
1378 /* "", "~" or uninitialized data -> replace */
1379 *capability_set = invert ? ~sum : sum;
1380 else {
1381 /* previous data -> merge */
1382 if (invert)
1383 *capability_set &= ~sum;
1384 else
1385 *capability_set |= sum;
1386 }
1387
1388 return 0;
1389 }
1390
1391 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_utmp_mode, exec_utmp_mode, ExecUtmpMode, "Failed to parse utmp mode");
1392 DEFINE_CONFIG_PARSE_ENUM(config_parse_kill_mode, kill_mode, KillMode, "Failed to parse kill mode");
1393
1394 int config_parse_exec_mount_flags(
1395 const char *unit,
1396 const char *filename,
1397 unsigned line,
1398 const char *section,
1399 unsigned section_line,
1400 const char *lvalue,
1401 int ltype,
1402 const char *rvalue,
1403 void *data,
1404 void *userdata) {
1405
1406 ExecContext *c = data;
1407 int r;
1408
1409 assert(filename);
1410 assert(lvalue);
1411 assert(rvalue);
1412 assert(data);
1413
1414 r = mount_propagation_flags_from_string(rvalue, &c->mount_flags);
1415 if (r < 0)
1416 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse mount flag %s, ignoring: %m", rvalue);
1417
1418 return 0;
1419 }
1420
1421 int config_parse_exec_selinux_context(
1422 const char *unit,
1423 const char *filename,
1424 unsigned line,
1425 const char *section,
1426 unsigned section_line,
1427 const char *lvalue,
1428 int ltype,
1429 const char *rvalue,
1430 void *data,
1431 void *userdata) {
1432
1433 ExecContext *c = data;
1434 Unit *u = userdata;
1435 bool ignore;
1436 char *k;
1437 int r;
1438
1439 assert(filename);
1440 assert(lvalue);
1441 assert(rvalue);
1442 assert(data);
1443
1444 if (isempty(rvalue)) {
1445 c->selinux_context = mfree(c->selinux_context);
1446 c->selinux_context_ignore = false;
1447 return 0;
1448 }
1449
1450 if (rvalue[0] == '-') {
1451 ignore = true;
1452 rvalue++;
1453 } else
1454 ignore = false;
1455
1456 r = unit_full_printf(u, rvalue, &k);
1457 if (r < 0) {
1458 log_syntax(unit, LOG_ERR, filename, line, r,
1459 "Failed to resolve unit specifiers in '%s'%s: %m",
1460 rvalue, ignore ? ", ignoring" : "");
1461 return ignore ? 0 : -ENOEXEC;
1462 }
1463
1464 free_and_replace(c->selinux_context, k);
1465 c->selinux_context_ignore = ignore;
1466
1467 return 0;
1468 }
1469
1470 int config_parse_exec_apparmor_profile(
1471 const char *unit,
1472 const char *filename,
1473 unsigned line,
1474 const char *section,
1475 unsigned section_line,
1476 const char *lvalue,
1477 int ltype,
1478 const char *rvalue,
1479 void *data,
1480 void *userdata) {
1481
1482 ExecContext *c = data;
1483 Unit *u = userdata;
1484 bool ignore;
1485 char *k;
1486 int r;
1487
1488 assert(filename);
1489 assert(lvalue);
1490 assert(rvalue);
1491 assert(data);
1492
1493 if (isempty(rvalue)) {
1494 c->apparmor_profile = mfree(c->apparmor_profile);
1495 c->apparmor_profile_ignore = false;
1496 return 0;
1497 }
1498
1499 if (rvalue[0] == '-') {
1500 ignore = true;
1501 rvalue++;
1502 } else
1503 ignore = false;
1504
1505 r = unit_full_printf(u, rvalue, &k);
1506 if (r < 0) {
1507 log_syntax(unit, LOG_ERR, filename, line, r,
1508 "Failed to resolve unit specifiers in '%s'%s: %m",
1509 rvalue, ignore ? ", ignoring" : "");
1510 return ignore ? 0 : -ENOEXEC;
1511 }
1512
1513 free_and_replace(c->apparmor_profile, k);
1514 c->apparmor_profile_ignore = ignore;
1515
1516 return 0;
1517 }
1518
1519 int config_parse_exec_smack_process_label(
1520 const char *unit,
1521 const char *filename,
1522 unsigned line,
1523 const char *section,
1524 unsigned section_line,
1525 const char *lvalue,
1526 int ltype,
1527 const char *rvalue,
1528 void *data,
1529 void *userdata) {
1530
1531 ExecContext *c = data;
1532 Unit *u = userdata;
1533 bool ignore;
1534 char *k;
1535 int r;
1536
1537 assert(filename);
1538 assert(lvalue);
1539 assert(rvalue);
1540 assert(data);
1541
1542 if (isempty(rvalue)) {
1543 c->smack_process_label = mfree(c->smack_process_label);
1544 c->smack_process_label_ignore = false;
1545 return 0;
1546 }
1547
1548 if (rvalue[0] == '-') {
1549 ignore = true;
1550 rvalue++;
1551 } else
1552 ignore = false;
1553
1554 r = unit_full_printf(u, rvalue, &k);
1555 if (r < 0) {
1556 log_syntax(unit, LOG_ERR, filename, line, r,
1557 "Failed to resolve unit specifiers in '%s'%s: %m",
1558 rvalue, ignore ? ", ignoring" : "");
1559 return ignore ? 0 : -ENOEXEC;
1560 }
1561
1562 free_and_replace(c->smack_process_label, k);
1563 c->smack_process_label_ignore = ignore;
1564
1565 return 0;
1566 }
1567
1568 int config_parse_timer(const char *unit,
1569 const char *filename,
1570 unsigned line,
1571 const char *section,
1572 unsigned section_line,
1573 const char *lvalue,
1574 int ltype,
1575 const char *rvalue,
1576 void *data,
1577 void *userdata) {
1578
1579 Timer *t = data;
1580 usec_t usec = 0;
1581 TimerValue *v;
1582 TimerBase b;
1583 _cleanup_(calendar_spec_freep) CalendarSpec *c = NULL;
1584 Unit *u = userdata;
1585 _cleanup_free_ char *k = NULL;
1586 int r;
1587
1588 assert(filename);
1589 assert(lvalue);
1590 assert(rvalue);
1591 assert(data);
1592
1593 if (isempty(rvalue)) {
1594 /* Empty assignment resets list */
1595 timer_free_values(t);
1596 return 0;
1597 }
1598
1599 b = timer_base_from_string(lvalue);
1600 if (b < 0) {
1601 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse timer base, ignoring: %s", lvalue);
1602 return 0;
1603 }
1604
1605 r = unit_full_printf(u, rvalue, &k);
1606 if (r < 0) {
1607 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
1608 return 0;
1609 }
1610
1611 if (b == TIMER_CALENDAR) {
1612 if (calendar_spec_from_string(k, &c) < 0) {
1613 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse calendar specification, ignoring: %s", k);
1614 return 0;
1615 }
1616 } else
1617 if (parse_sec(k, &usec) < 0) {
1618 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse timer value, ignoring: %s", k);
1619 return 0;
1620 }
1621
1622 v = new0(TimerValue, 1);
1623 if (!v)
1624 return log_oom();
1625
1626 v->base = b;
1627 v->value = usec;
1628 v->calendar_spec = TAKE_PTR(c);
1629
1630 LIST_PREPEND(value, t->values, v);
1631
1632 return 0;
1633 }
1634
1635 int config_parse_trigger_unit(
1636 const char *unit,
1637 const char *filename,
1638 unsigned line,
1639 const char *section,
1640 unsigned section_line,
1641 const char *lvalue,
1642 int ltype,
1643 const char *rvalue,
1644 void *data,
1645 void *userdata) {
1646
1647 _cleanup_free_ char *p = NULL;
1648 Unit *u = data;
1649 UnitType type;
1650 int r;
1651
1652 assert(filename);
1653 assert(lvalue);
1654 assert(rvalue);
1655 assert(data);
1656
1657 if (!hashmap_isempty(u->dependencies[UNIT_TRIGGERS])) {
1658 log_syntax(unit, LOG_ERR, filename, line, 0, "Multiple units to trigger specified, ignoring: %s", rvalue);
1659 return 0;
1660 }
1661
1662 r = unit_name_printf(u, rvalue, &p);
1663 if (r < 0) {
1664 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1665 return 0;
1666 }
1667
1668 type = unit_name_to_type(p);
1669 if (type < 0) {
1670 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit type not valid, ignoring: %s", rvalue);
1671 return 0;
1672 }
1673 if (unit_has_name(u, p)) {
1674 log_syntax(unit, LOG_ERR, filename, line, 0, "Units cannot trigger themselves, ignoring: %s", rvalue);
1675 return 0;
1676 }
1677
1678 r = unit_add_two_dependencies_by_name(u, UNIT_BEFORE, UNIT_TRIGGERS, p, NULL, true, UNIT_DEPENDENCY_FILE);
1679 if (r < 0) {
1680 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add trigger on %s, ignoring: %m", p);
1681 return 0;
1682 }
1683
1684 return 0;
1685 }
1686
1687 int config_parse_path_spec(const char *unit,
1688 const char *filename,
1689 unsigned line,
1690 const char *section,
1691 unsigned section_line,
1692 const char *lvalue,
1693 int ltype,
1694 const char *rvalue,
1695 void *data,
1696 void *userdata) {
1697
1698 Path *p = data;
1699 PathSpec *s;
1700 PathType b;
1701 _cleanup_free_ char *k = NULL;
1702 int r;
1703
1704 assert(filename);
1705 assert(lvalue);
1706 assert(rvalue);
1707 assert(data);
1708
1709 if (isempty(rvalue)) {
1710 /* Empty assignment clears list */
1711 path_free_specs(p);
1712 return 0;
1713 }
1714
1715 b = path_type_from_string(lvalue);
1716 if (b < 0) {
1717 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse path type, ignoring: %s", lvalue);
1718 return 0;
1719 }
1720
1721 r = unit_full_printf(UNIT(p), rvalue, &k);
1722 if (r < 0) {
1723 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1724 return 0;
1725 }
1726
1727 path_kill_slashes(k);
1728
1729 if (!path_is_absolute(k)) {
1730 log_syntax(unit, LOG_ERR, filename, line, 0, "Path is not absolute, ignoring: %s", k);
1731 return 0;
1732 }
1733
1734 s = new0(PathSpec, 1);
1735 if (!s)
1736 return log_oom();
1737
1738 s->unit = UNIT(p);
1739 s->path = TAKE_PTR(k);
1740 s->type = b;
1741 s->inotify_fd = -1;
1742
1743 LIST_PREPEND(spec, p->specs, s);
1744
1745 return 0;
1746 }
1747
1748 int config_parse_socket_service(
1749 const char *unit,
1750 const char *filename,
1751 unsigned line,
1752 const char *section,
1753 unsigned section_line,
1754 const char *lvalue,
1755 int ltype,
1756 const char *rvalue,
1757 void *data,
1758 void *userdata) {
1759
1760 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1761 _cleanup_free_ char *p = NULL;
1762 Socket *s = data;
1763 Unit *x;
1764 int r;
1765
1766 assert(filename);
1767 assert(lvalue);
1768 assert(rvalue);
1769 assert(data);
1770
1771 r = unit_name_printf(UNIT(s), rvalue, &p);
1772 if (r < 0) {
1773 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", rvalue);
1774 return -ENOEXEC;
1775 }
1776
1777 if (!endswith(p, ".service")) {
1778 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type service: %s", rvalue);
1779 return -ENOEXEC;
1780 }
1781
1782 r = manager_load_unit(UNIT(s)->manager, p, NULL, &error, &x);
1783 if (r < 0) {
1784 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load unit %s: %s", rvalue, bus_error_message(&error, r));
1785 return -ENOEXEC;
1786 }
1787
1788 unit_ref_set(&s->service, UNIT(s), x);
1789
1790 return 0;
1791 }
1792
1793 int config_parse_fdname(
1794 const char *unit,
1795 const char *filename,
1796 unsigned line,
1797 const char *section,
1798 unsigned section_line,
1799 const char *lvalue,
1800 int ltype,
1801 const char *rvalue,
1802 void *data,
1803 void *userdata) {
1804
1805 _cleanup_free_ char *p = NULL;
1806 Socket *s = data;
1807 int r;
1808
1809 assert(filename);
1810 assert(lvalue);
1811 assert(rvalue);
1812 assert(data);
1813
1814 if (isempty(rvalue)) {
1815 s->fdname = mfree(s->fdname);
1816 return 0;
1817 }
1818
1819 r = unit_full_printf(UNIT(s), rvalue, &p);
1820 if (r < 0) {
1821 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
1822 return 0;
1823 }
1824
1825 if (!fdname_is_valid(p)) {
1826 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name, ignoring: %s", p);
1827 return 0;
1828 }
1829
1830 return free_and_replace(s->fdname, p);
1831 }
1832
1833 int config_parse_service_sockets(
1834 const char *unit,
1835 const char *filename,
1836 unsigned line,
1837 const char *section,
1838 unsigned section_line,
1839 const char *lvalue,
1840 int ltype,
1841 const char *rvalue,
1842 void *data,
1843 void *userdata) {
1844
1845 Service *s = data;
1846 const char *p;
1847 int r;
1848
1849 assert(filename);
1850 assert(lvalue);
1851 assert(rvalue);
1852 assert(data);
1853
1854 p = rvalue;
1855 for (;;) {
1856 _cleanup_free_ char *word = NULL, *k = NULL;
1857
1858 r = extract_first_word(&p, &word, NULL, 0);
1859 if (r == 0)
1860 break;
1861 if (r == -ENOMEM)
1862 return log_oom();
1863 if (r < 0) {
1864 log_syntax(unit, LOG_ERR, filename, line, r, "Trailing garbage in sockets, ignoring: %s", rvalue);
1865 break;
1866 }
1867
1868 r = unit_name_printf(UNIT(s), word, &k);
1869 if (r < 0) {
1870 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
1871 continue;
1872 }
1873
1874 if (!endswith(k, ".socket")) {
1875 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type socket, ignoring: %s", k);
1876 continue;
1877 }
1878
1879 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_WANTS, UNIT_AFTER, k, NULL, true, UNIT_DEPENDENCY_FILE);
1880 if (r < 0)
1881 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
1882
1883 r = unit_add_dependency_by_name(UNIT(s), UNIT_TRIGGERED_BY, k, NULL, true, UNIT_DEPENDENCY_FILE);
1884 if (r < 0)
1885 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
1886 }
1887
1888 return 0;
1889 }
1890
1891 int config_parse_bus_name(
1892 const char *unit,
1893 const char *filename,
1894 unsigned line,
1895 const char *section,
1896 unsigned section_line,
1897 const char *lvalue,
1898 int ltype,
1899 const char *rvalue,
1900 void *data,
1901 void *userdata) {
1902
1903 _cleanup_free_ char *k = NULL;
1904 Unit *u = userdata;
1905 int r;
1906
1907 assert(filename);
1908 assert(lvalue);
1909 assert(rvalue);
1910 assert(u);
1911
1912 r = unit_full_printf(u, rvalue, &k);
1913 if (r < 0) {
1914 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1915 return 0;
1916 }
1917
1918 if (!service_name_is_valid(k)) {
1919 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid bus name, ignoring: %s", k);
1920 return 0;
1921 }
1922
1923 return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
1924 }
1925
1926 int config_parse_service_timeout(
1927 const char *unit,
1928 const char *filename,
1929 unsigned line,
1930 const char *section,
1931 unsigned section_line,
1932 const char *lvalue,
1933 int ltype,
1934 const char *rvalue,
1935 void *data,
1936 void *userdata) {
1937
1938 Service *s = userdata;
1939 usec_t usec;
1940 int r;
1941
1942 assert(filename);
1943 assert(lvalue);
1944 assert(rvalue);
1945 assert(s);
1946
1947 /* This is called for two cases: TimeoutSec= and TimeoutStartSec=. */
1948
1949 r = parse_sec(rvalue, &usec);
1950 if (r < 0) {
1951 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
1952 return 0;
1953 }
1954
1955 /* Traditionally, these options accepted 0 to disable the timeouts. However, a timeout of 0 suggests it happens
1956 * immediately, hence fix this to become USEC_INFINITY instead. This is in-line with how we internally handle
1957 * all other timeouts. */
1958 if (usec <= 0)
1959 usec = USEC_INFINITY;
1960
1961
1962 s->start_timeout_defined = true;
1963 s->timeout_start_usec = usec;
1964
1965 if (streq(lvalue, "TimeoutSec"))
1966 s->timeout_stop_usec = usec;
1967
1968 return 0;
1969 }
1970
1971 int config_parse_sec_fix_0(
1972 const char *unit,
1973 const char *filename,
1974 unsigned line,
1975 const char *section,
1976 unsigned section_line,
1977 const char *lvalue,
1978 int ltype,
1979 const char *rvalue,
1980 void *data,
1981 void *userdata) {
1982
1983 usec_t *usec = data;
1984 int r;
1985
1986 assert(filename);
1987 assert(lvalue);
1988 assert(rvalue);
1989 assert(usec);
1990
1991 /* This is pretty much like config_parse_sec(), except that this treats a time of 0 as infinity, for
1992 * compatibility with older versions of systemd where 0 instead of infinity was used as indicator to turn off a
1993 * timeout. */
1994
1995 r = parse_sec_fix_0(rvalue, usec);
1996 if (r < 0) {
1997 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
1998 return 0;
1999 }
2000
2001 return 0;
2002 }
2003
2004 int config_parse_user_group(
2005 const char *unit,
2006 const char *filename,
2007 unsigned line,
2008 const char *section,
2009 unsigned section_line,
2010 const char *lvalue,
2011 int ltype,
2012 const char *rvalue,
2013 void *data,
2014 void *userdata) {
2015
2016 _cleanup_free_ char *k = NULL;
2017 char **user = data;
2018 Unit *u = userdata;
2019 int r;
2020
2021 assert(filename);
2022 assert(lvalue);
2023 assert(rvalue);
2024 assert(u);
2025
2026 if (isempty(rvalue)) {
2027 *user = mfree(*user);
2028 return 0;
2029 }
2030
2031 r = unit_full_printf(u, rvalue, &k);
2032 if (r < 0) {
2033 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", rvalue);
2034 return -ENOEXEC;
2035 }
2036
2037 if (!valid_user_group_name_or_id(k)) {
2038 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
2039 return -ENOEXEC;
2040 }
2041
2042 return free_and_replace(*user, k);
2043 }
2044
2045 int config_parse_user_group_strv(
2046 const char *unit,
2047 const char *filename,
2048 unsigned line,
2049 const char *section,
2050 unsigned section_line,
2051 const char *lvalue,
2052 int ltype,
2053 const char *rvalue,
2054 void *data,
2055 void *userdata) {
2056
2057 char ***users = data;
2058 Unit *u = userdata;
2059 const char *p = rvalue;
2060 int r;
2061
2062 assert(filename);
2063 assert(lvalue);
2064 assert(rvalue);
2065 assert(u);
2066
2067 if (isempty(rvalue)) {
2068 *users = strv_free(*users);
2069 return 0;
2070 }
2071
2072 for (;;) {
2073 _cleanup_free_ char *word = NULL, *k = NULL;
2074
2075 r = extract_first_word(&p, &word, NULL, 0);
2076 if (r == 0)
2077 break;
2078 if (r == -ENOMEM)
2079 return log_oom();
2080 if (r < 0) {
2081 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax: %s", rvalue);
2082 return -ENOEXEC;
2083 }
2084
2085 r = unit_full_printf(u, word, &k);
2086 if (r < 0) {
2087 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", word);
2088 return -ENOEXEC;
2089 }
2090
2091 if (!valid_user_group_name_or_id(k)) {
2092 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
2093 return -ENOEXEC;
2094 }
2095
2096 r = strv_push(users, k);
2097 if (r < 0)
2098 return log_oom();
2099
2100 k = NULL;
2101 }
2102
2103 return 0;
2104 }
2105
2106 int config_parse_working_directory(
2107 const char *unit,
2108 const char *filename,
2109 unsigned line,
2110 const char *section,
2111 unsigned section_line,
2112 const char *lvalue,
2113 int ltype,
2114 const char *rvalue,
2115 void *data,
2116 void *userdata) {
2117
2118 ExecContext *c = data;
2119 Unit *u = userdata;
2120 bool missing_ok;
2121 int r;
2122
2123 assert(filename);
2124 assert(lvalue);
2125 assert(rvalue);
2126 assert(c);
2127 assert(u);
2128
2129 if (rvalue[0] == '-') {
2130 missing_ok = true;
2131 rvalue++;
2132 } else
2133 missing_ok = false;
2134
2135 if (streq(rvalue, "~")) {
2136 c->working_directory_home = true;
2137 c->working_directory = mfree(c->working_directory);
2138 } else {
2139 _cleanup_free_ char *k = NULL;
2140
2141 r = unit_full_printf(u, rvalue, &k);
2142 if (r < 0) {
2143 log_syntax(unit, LOG_ERR, filename, line, r,
2144 "Failed to resolve unit specifiers in working directory path '%s'%s: %m",
2145 rvalue, missing_ok ? ", ignoring" : "");
2146 return missing_ok ? 0 : -ENOEXEC;
2147 }
2148
2149 path_kill_slashes(k);
2150
2151 if (!utf8_is_valid(k)) {
2152 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
2153 return missing_ok ? 0 : -ENOEXEC;
2154 }
2155
2156 if (!path_is_absolute(k)) {
2157 log_syntax(unit, LOG_ERR, filename, line, 0,
2158 "Working directory path '%s' is not absolute%s.",
2159 rvalue, missing_ok ? ", ignoring" : "");
2160 return missing_ok ? 0 : -ENOEXEC;
2161 }
2162
2163 c->working_directory_home = false;
2164 free_and_replace(c->working_directory, k);
2165 }
2166
2167 c->working_directory_missing_ok = missing_ok;
2168 return 0;
2169 }
2170
2171 int config_parse_unit_env_file(const char *unit,
2172 const char *filename,
2173 unsigned line,
2174 const char *section,
2175 unsigned section_line,
2176 const char *lvalue,
2177 int ltype,
2178 const char *rvalue,
2179 void *data,
2180 void *userdata) {
2181
2182 char ***env = data;
2183 Unit *u = userdata;
2184 _cleanup_free_ char *n = NULL;
2185 int r;
2186
2187 assert(filename);
2188 assert(lvalue);
2189 assert(rvalue);
2190 assert(data);
2191
2192 if (isempty(rvalue)) {
2193 /* Empty assignment frees the list */
2194 *env = strv_free(*env);
2195 return 0;
2196 }
2197
2198 r = unit_full_printf(u, rvalue, &n);
2199 if (r < 0) {
2200 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
2201 return 0;
2202 }
2203
2204 if (!path_is_absolute(n[0] == '-' ? n + 1 : n)) {
2205 log_syntax(unit, LOG_ERR, filename, line, 0, "Path '%s' is not absolute, ignoring.", n);
2206 return 0;
2207 }
2208
2209 r = strv_extend(env, n);
2210 if (r < 0)
2211 return log_oom();
2212
2213 return 0;
2214 }
2215
2216 int config_parse_environ(
2217 const char *unit,
2218 const char *filename,
2219 unsigned line,
2220 const char *section,
2221 unsigned section_line,
2222 const char *lvalue,
2223 int ltype,
2224 const char *rvalue,
2225 void *data,
2226 void *userdata) {
2227
2228 Unit *u = userdata;
2229 char ***env = data;
2230 const char *p;
2231 int r;
2232
2233 assert(filename);
2234 assert(lvalue);
2235 assert(rvalue);
2236 assert(data);
2237
2238 if (isempty(rvalue)) {
2239 /* Empty assignment resets the list */
2240 *env = strv_free(*env);
2241 return 0;
2242 }
2243
2244 for (p = rvalue;; ) {
2245 _cleanup_free_ char *word = NULL, *k = NULL;
2246
2247 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2248 if (r == 0)
2249 return 0;
2250 if (r == -ENOMEM)
2251 return log_oom();
2252 if (r < 0) {
2253 log_syntax(unit, LOG_WARNING, filename, line, r,
2254 "Invalid syntax, ignoring: %s", rvalue);
2255 return 0;
2256 }
2257
2258 if (u) {
2259 r = unit_full_printf(u, word, &k);
2260 if (r < 0) {
2261 log_syntax(unit, LOG_ERR, filename, line, r,
2262 "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2263 continue;
2264 }
2265 } else
2266 k = TAKE_PTR(word);
2267
2268 if (!env_assignment_is_valid(k)) {
2269 log_syntax(unit, LOG_ERR, filename, line, 0,
2270 "Invalid environment assignment, ignoring: %s", k);
2271 continue;
2272 }
2273
2274 r = strv_env_replace(env, k);
2275 if (r < 0)
2276 return log_oom();
2277
2278 k = NULL;
2279 }
2280 }
2281
2282 int config_parse_pass_environ(
2283 const char *unit,
2284 const char *filename,
2285 unsigned line,
2286 const char *section,
2287 unsigned section_line,
2288 const char *lvalue,
2289 int ltype,
2290 const char *rvalue,
2291 void *data,
2292 void *userdata) {
2293
2294 _cleanup_strv_free_ char **n = NULL;
2295 size_t nlen = 0, nbufsize = 0;
2296 char*** passenv = data;
2297 const char *p = rvalue;
2298 Unit *u = userdata;
2299 int r;
2300
2301 assert(filename);
2302 assert(lvalue);
2303 assert(rvalue);
2304 assert(data);
2305
2306 if (isempty(rvalue)) {
2307 /* Empty assignment resets the list */
2308 *passenv = strv_free(*passenv);
2309 return 0;
2310 }
2311
2312 for (;;) {
2313 _cleanup_free_ char *word = NULL, *k = NULL;
2314
2315 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2316 if (r == 0)
2317 break;
2318 if (r == -ENOMEM)
2319 return log_oom();
2320 if (r < 0) {
2321 log_syntax(unit, LOG_ERR, filename, line, r,
2322 "Trailing garbage in %s, ignoring: %s", lvalue, rvalue);
2323 break;
2324 }
2325
2326 if (u) {
2327 r = unit_full_printf(u, word, &k);
2328 if (r < 0) {
2329 log_syntax(unit, LOG_ERR, filename, line, r,
2330 "Failed to resolve specifiers in %s, ignoring: %m", word);
2331 continue;
2332 }
2333 } else
2334 k = TAKE_PTR(word);
2335
2336 if (!env_name_is_valid(k)) {
2337 log_syntax(unit, LOG_ERR, filename, line, 0,
2338 "Invalid environment name for %s, ignoring: %s", lvalue, k);
2339 continue;
2340 }
2341
2342 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
2343 return log_oom();
2344
2345 n[nlen++] = TAKE_PTR(k);
2346 n[nlen] = NULL;
2347 }
2348
2349 if (n) {
2350 r = strv_extend_strv(passenv, n, true);
2351 if (r < 0)
2352 return r;
2353 }
2354
2355 return 0;
2356 }
2357
2358 int config_parse_unset_environ(
2359 const char *unit,
2360 const char *filename,
2361 unsigned line,
2362 const char *section,
2363 unsigned section_line,
2364 const char *lvalue,
2365 int ltype,
2366 const char *rvalue,
2367 void *data,
2368 void *userdata) {
2369
2370 _cleanup_strv_free_ char **n = NULL;
2371 size_t nlen = 0, nbufsize = 0;
2372 char*** unsetenv = data;
2373 const char *p = rvalue;
2374 Unit *u = userdata;
2375 int r;
2376
2377 assert(filename);
2378 assert(lvalue);
2379 assert(rvalue);
2380 assert(data);
2381
2382 if (isempty(rvalue)) {
2383 /* Empty assignment resets the list */
2384 *unsetenv = strv_free(*unsetenv);
2385 return 0;
2386 }
2387
2388 for (;;) {
2389 _cleanup_free_ char *word = NULL, *k = NULL;
2390
2391 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2392 if (r == 0)
2393 break;
2394 if (r == -ENOMEM)
2395 return log_oom();
2396 if (r < 0) {
2397 log_syntax(unit, LOG_ERR, filename, line, r,
2398 "Trailing garbage in %s, ignoring: %s", lvalue, rvalue);
2399 break;
2400 }
2401
2402 if (u) {
2403 r = unit_full_printf(u, word, &k);
2404 if (r < 0) {
2405 log_syntax(unit, LOG_ERR, filename, line, r,
2406 "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2407 continue;
2408 }
2409 } else
2410 k = TAKE_PTR(word);
2411
2412 if (!env_assignment_is_valid(k) && !env_name_is_valid(k)) {
2413 log_syntax(unit, LOG_ERR, filename, line, 0,
2414 "Invalid environment name or assignment %s, ignoring: %s", lvalue, k);
2415 continue;
2416 }
2417
2418 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
2419 return log_oom();
2420
2421 n[nlen++] = TAKE_PTR(k);
2422 n[nlen] = NULL;
2423 }
2424
2425 if (n) {
2426 r = strv_extend_strv(unsetenv, n, true);
2427 if (r < 0)
2428 return r;
2429 }
2430
2431 return 0;
2432 }
2433
2434 int config_parse_log_extra_fields(
2435 const char *unit,
2436 const char *filename,
2437 unsigned line,
2438 const char *section,
2439 unsigned section_line,
2440 const char *lvalue,
2441 int ltype,
2442 const char *rvalue,
2443 void *data,
2444 void *userdata) {
2445
2446 ExecContext *c = data;
2447 Unit *u = userdata;
2448 const char *p = rvalue;
2449 int r;
2450
2451 assert(filename);
2452 assert(lvalue);
2453 assert(rvalue);
2454 assert(c);
2455
2456 if (isempty(rvalue)) {
2457 exec_context_free_log_extra_fields(c);
2458 return 0;
2459 }
2460
2461 for (;;) {
2462 _cleanup_free_ char *word = NULL, *k = NULL;
2463 struct iovec *t;
2464 const char *eq;
2465
2466 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2467 if (r == 0)
2468 return 0;
2469 if (r == -ENOMEM)
2470 return log_oom();
2471 if (r < 0) {
2472 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
2473 return 0;
2474 }
2475
2476 r = unit_full_printf(u, word, &k);
2477 if (r < 0) {
2478 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2479 continue;
2480 }
2481
2482 eq = strchr(k, '=');
2483 if (!eq) {
2484 log_syntax(unit, LOG_ERR, filename, line, 0, "Log field lacks '=' character, ignoring: %s", k);
2485 continue;
2486 }
2487
2488 if (!journal_field_valid(k, eq-k, false)) {
2489 log_syntax(unit, LOG_ERR, filename, line, 0, "Log field name is invalid, ignoring: %s", k);
2490 continue;
2491 }
2492
2493 t = reallocarray(c->log_extra_fields, c->n_log_extra_fields+1, sizeof(struct iovec));
2494 if (!t)
2495 return log_oom();
2496
2497 c->log_extra_fields = t;
2498 c->log_extra_fields[c->n_log_extra_fields++] = IOVEC_MAKE_STRING(k);
2499
2500 k = NULL;
2501 }
2502 }
2503
2504 int config_parse_ip_tos(const char *unit,
2505 const char *filename,
2506 unsigned line,
2507 const char *section,
2508 unsigned section_line,
2509 const char *lvalue,
2510 int ltype,
2511 const char *rvalue,
2512 void *data,
2513 void *userdata) {
2514
2515 int *ip_tos = data, x;
2516
2517 assert(filename);
2518 assert(lvalue);
2519 assert(rvalue);
2520 assert(data);
2521
2522 x = ip_tos_from_string(rvalue);
2523 if (x < 0) {
2524 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IP TOS value, ignoring: %s", rvalue);
2525 return 0;
2526 }
2527
2528 *ip_tos = x;
2529 return 0;
2530 }
2531
2532 int config_parse_unit_condition_path(
2533 const char *unit,
2534 const char *filename,
2535 unsigned line,
2536 const char *section,
2537 unsigned section_line,
2538 const char *lvalue,
2539 int ltype,
2540 const char *rvalue,
2541 void *data,
2542 void *userdata) {
2543
2544 _cleanup_free_ char *p = NULL;
2545 Condition **list = data, *c;
2546 ConditionType t = ltype;
2547 bool trigger, negate;
2548 Unit *u = userdata;
2549 int r;
2550
2551 assert(filename);
2552 assert(lvalue);
2553 assert(rvalue);
2554 assert(data);
2555
2556 if (isempty(rvalue)) {
2557 /* Empty assignment resets the list */
2558 *list = condition_free_list(*list);
2559 return 0;
2560 }
2561
2562 trigger = rvalue[0] == '|';
2563 if (trigger)
2564 rvalue++;
2565
2566 negate = rvalue[0] == '!';
2567 if (negate)
2568 rvalue++;
2569
2570 r = unit_full_printf(u, rvalue, &p);
2571 if (r < 0) {
2572 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
2573 return 0;
2574 }
2575
2576 if (!path_is_absolute(p)) {
2577 log_syntax(unit, LOG_ERR, filename, line, 0, "Path in condition not absolute, ignoring: %s", p);
2578 return 0;
2579 }
2580
2581 c = condition_new(t, p, trigger, negate);
2582 if (!c)
2583 return log_oom();
2584
2585 LIST_PREPEND(conditions, *list, c);
2586 return 0;
2587 }
2588
2589 int config_parse_unit_condition_string(
2590 const char *unit,
2591 const char *filename,
2592 unsigned line,
2593 const char *section,
2594 unsigned section_line,
2595 const char *lvalue,
2596 int ltype,
2597 const char *rvalue,
2598 void *data,
2599 void *userdata) {
2600
2601 _cleanup_free_ char *s = NULL;
2602 Condition **list = data, *c;
2603 ConditionType t = ltype;
2604 bool trigger, negate;
2605 Unit *u = userdata;
2606 int r;
2607
2608 assert(filename);
2609 assert(lvalue);
2610 assert(rvalue);
2611 assert(data);
2612
2613 if (isempty(rvalue)) {
2614 /* Empty assignment resets the list */
2615 *list = condition_free_list(*list);
2616 return 0;
2617 }
2618
2619 trigger = rvalue[0] == '|';
2620 if (trigger)
2621 rvalue++;
2622
2623 negate = rvalue[0] == '!';
2624 if (negate)
2625 rvalue++;
2626
2627 r = unit_full_printf(u, rvalue, &s);
2628 if (r < 0) {
2629 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
2630 return 0;
2631 }
2632
2633 c = condition_new(t, s, trigger, negate);
2634 if (!c)
2635 return log_oom();
2636
2637 LIST_PREPEND(conditions, *list, c);
2638 return 0;
2639 }
2640
2641 int config_parse_unit_condition_null(
2642 const char *unit,
2643 const char *filename,
2644 unsigned line,
2645 const char *section,
2646 unsigned section_line,
2647 const char *lvalue,
2648 int ltype,
2649 const char *rvalue,
2650 void *data,
2651 void *userdata) {
2652
2653 Condition **list = data, *c;
2654 bool trigger, negate;
2655 int b;
2656
2657 assert(filename);
2658 assert(lvalue);
2659 assert(rvalue);
2660 assert(data);
2661
2662 if (isempty(rvalue)) {
2663 /* Empty assignment resets the list */
2664 *list = condition_free_list(*list);
2665 return 0;
2666 }
2667
2668 trigger = rvalue[0] == '|';
2669 if (trigger)
2670 rvalue++;
2671
2672 negate = rvalue[0] == '!';
2673 if (negate)
2674 rvalue++;
2675
2676 b = parse_boolean(rvalue);
2677 if (b < 0) {
2678 log_syntax(unit, LOG_ERR, filename, line, b, "Failed to parse boolean value in condition, ignoring: %s", rvalue);
2679 return 0;
2680 }
2681
2682 if (!b)
2683 negate = !negate;
2684
2685 c = condition_new(CONDITION_NULL, NULL, trigger, negate);
2686 if (!c)
2687 return log_oom();
2688
2689 LIST_PREPEND(conditions, *list, c);
2690 return 0;
2691 }
2692
2693 DEFINE_CONFIG_PARSE_ENUM(config_parse_notify_access, notify_access, NotifyAccess, "Failed to parse notify access specifier");
2694 DEFINE_CONFIG_PARSE_ENUM(config_parse_emergency_action, emergency_action, EmergencyAction, "Failed to parse failure action specifier");
2695
2696 int config_parse_unit_requires_mounts_for(
2697 const char *unit,
2698 const char *filename,
2699 unsigned line,
2700 const char *section,
2701 unsigned section_line,
2702 const char *lvalue,
2703 int ltype,
2704 const char *rvalue,
2705 void *data,
2706 void *userdata) {
2707
2708 const char *p = rvalue;
2709 Unit *u = userdata;
2710 int r;
2711
2712 assert(filename);
2713 assert(lvalue);
2714 assert(rvalue);
2715 assert(data);
2716
2717 for (;;) {
2718 _cleanup_free_ char *word = NULL, *resolved = NULL;
2719
2720 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2721 if (r == 0)
2722 return 0;
2723 if (r == -ENOMEM)
2724 return log_oom();
2725 if (r < 0) {
2726 log_syntax(unit, LOG_WARNING, filename, line, r,
2727 "Invalid syntax, ignoring: %s", rvalue);
2728 return 0;
2729 }
2730
2731 if (!utf8_is_valid(word)) {
2732 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
2733 continue;
2734 }
2735
2736 r = unit_full_printf(u, word, &resolved);
2737 if (r < 0) {
2738 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
2739 continue;
2740 }
2741
2742 r = unit_require_mounts_for(u, resolved, UNIT_DEPENDENCY_FILE);
2743 if (r < 0) {
2744 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add required mount '%s', ignoring: %m", resolved);
2745 continue;
2746 }
2747 }
2748 }
2749
2750 int config_parse_documentation(const char *unit,
2751 const char *filename,
2752 unsigned line,
2753 const char *section,
2754 unsigned section_line,
2755 const char *lvalue,
2756 int ltype,
2757 const char *rvalue,
2758 void *data,
2759 void *userdata) {
2760
2761 Unit *u = userdata;
2762 int r;
2763 char **a, **b;
2764
2765 assert(filename);
2766 assert(lvalue);
2767 assert(rvalue);
2768 assert(u);
2769
2770 if (isempty(rvalue)) {
2771 /* Empty assignment resets the list */
2772 u->documentation = strv_free(u->documentation);
2773 return 0;
2774 }
2775
2776 r = config_parse_unit_strv_printf(unit, filename, line, section, section_line, lvalue, ltype,
2777 rvalue, data, userdata);
2778 if (r < 0)
2779 return r;
2780
2781 for (a = b = u->documentation; a && *a; a++) {
2782
2783 if (documentation_url_is_valid(*a))
2784 *(b++) = *a;
2785 else {
2786 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid URL, ignoring: %s", *a);
2787 free(*a);
2788 }
2789 }
2790 if (b)
2791 *b = NULL;
2792
2793 return r;
2794 }
2795
2796 #if HAVE_SECCOMP
2797 int config_parse_syscall_filter(
2798 const char *unit,
2799 const char *filename,
2800 unsigned line,
2801 const char *section,
2802 unsigned section_line,
2803 const char *lvalue,
2804 int ltype,
2805 const char *rvalue,
2806 void *data,
2807 void *userdata) {
2808
2809 ExecContext *c = data;
2810 Unit *u = userdata;
2811 bool invert = false;
2812 const char *p;
2813 int r;
2814
2815 assert(filename);
2816 assert(lvalue);
2817 assert(rvalue);
2818 assert(u);
2819
2820 if (isempty(rvalue)) {
2821 /* Empty assignment resets the list */
2822 c->syscall_filter = hashmap_free(c->syscall_filter);
2823 c->syscall_whitelist = false;
2824 return 0;
2825 }
2826
2827 if (rvalue[0] == '~') {
2828 invert = true;
2829 rvalue++;
2830 }
2831
2832 if (!c->syscall_filter) {
2833 c->syscall_filter = hashmap_new(NULL);
2834 if (!c->syscall_filter)
2835 return log_oom();
2836
2837 if (invert)
2838 /* Allow everything but the ones listed */
2839 c->syscall_whitelist = false;
2840 else {
2841 /* Allow nothing but the ones listed */
2842 c->syscall_whitelist = true;
2843
2844 /* Accept default syscalls if we are on a whitelist */
2845 r = seccomp_parse_syscall_filter("@default", -1, c->syscall_filter, SECCOMP_PARSE_WHITELIST);
2846 if (r < 0)
2847 return r;
2848 }
2849 }
2850
2851 p = rvalue;
2852 for (;;) {
2853 _cleanup_free_ char *word = NULL, *name = NULL;
2854 int num;
2855
2856 r = extract_first_word(&p, &word, NULL, 0);
2857 if (r == 0)
2858 return 0;
2859 if (r == -ENOMEM)
2860 return log_oom();
2861 if (r < 0) {
2862 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
2863 return 0;
2864 }
2865
2866 r = parse_syscall_and_errno(word, &name, &num);
2867 if (r < 0) {
2868 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse syscall:errno, ignoring: %s", word);
2869 continue;
2870 }
2871
2872 r = seccomp_parse_syscall_filter_full(name, num, c->syscall_filter,
2873 SECCOMP_PARSE_LOG|SECCOMP_PARSE_PERMISSIVE|(invert ? SECCOMP_PARSE_INVERT : 0)|(c->syscall_whitelist ? SECCOMP_PARSE_WHITELIST : 0),
2874 unit, filename, line);
2875 if (r < 0)
2876 return r;
2877 }
2878 }
2879
2880 int config_parse_syscall_archs(
2881 const char *unit,
2882 const char *filename,
2883 unsigned line,
2884 const char *section,
2885 unsigned section_line,
2886 const char *lvalue,
2887 int ltype,
2888 const char *rvalue,
2889 void *data,
2890 void *userdata) {
2891
2892 const char *p = rvalue;
2893 Set **archs = data;
2894 int r;
2895
2896 if (isempty(rvalue)) {
2897 *archs = set_free(*archs);
2898 return 0;
2899 }
2900
2901 r = set_ensure_allocated(archs, NULL);
2902 if (r < 0)
2903 return log_oom();
2904
2905 for (;;) {
2906 _cleanup_free_ char *word = NULL;
2907 uint32_t a;
2908
2909 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2910 if (r == 0)
2911 return 0;
2912 if (r == -ENOMEM)
2913 return log_oom();
2914 if (r < 0) {
2915 log_syntax(unit, LOG_WARNING, filename, line, r,
2916 "Invalid syntax, ignoring: %s", rvalue);
2917 return 0;
2918 }
2919
2920 r = seccomp_arch_from_string(word, &a);
2921 if (r < 0) {
2922 log_syntax(unit, LOG_ERR, filename, line, r,
2923 "Failed to parse system call architecture \"%s\", ignoring: %m", word);
2924 continue;
2925 }
2926
2927 r = set_put(*archs, UINT32_TO_PTR(a + 1));
2928 if (r < 0)
2929 return log_oom();
2930 }
2931 }
2932
2933 int config_parse_syscall_errno(
2934 const char *unit,
2935 const char *filename,
2936 unsigned line,
2937 const char *section,
2938 unsigned section_line,
2939 const char *lvalue,
2940 int ltype,
2941 const char *rvalue,
2942 void *data,
2943 void *userdata) {
2944
2945 ExecContext *c = data;
2946 int e;
2947
2948 assert(filename);
2949 assert(lvalue);
2950 assert(rvalue);
2951
2952 if (isempty(rvalue)) {
2953 /* Empty assignment resets to KILL */
2954 c->syscall_errno = 0;
2955 return 0;
2956 }
2957
2958 e = parse_errno(rvalue);
2959 if (e <= 0) {
2960 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse error number, ignoring: %s", rvalue);
2961 return 0;
2962 }
2963
2964 c->syscall_errno = e;
2965 return 0;
2966 }
2967
2968 int config_parse_address_families(
2969 const char *unit,
2970 const char *filename,
2971 unsigned line,
2972 const char *section,
2973 unsigned section_line,
2974 const char *lvalue,
2975 int ltype,
2976 const char *rvalue,
2977 void *data,
2978 void *userdata) {
2979
2980 ExecContext *c = data;
2981 bool invert = false;
2982 const char *p;
2983 int r;
2984
2985 assert(filename);
2986 assert(lvalue);
2987 assert(rvalue);
2988
2989 if (isempty(rvalue)) {
2990 /* Empty assignment resets the list */
2991 c->address_families = set_free(c->address_families);
2992 c->address_families_whitelist = false;
2993 return 0;
2994 }
2995
2996 if (rvalue[0] == '~') {
2997 invert = true;
2998 rvalue++;
2999 }
3000
3001 if (!c->address_families) {
3002 c->address_families = set_new(NULL);
3003 if (!c->address_families)
3004 return log_oom();
3005
3006 c->address_families_whitelist = !invert;
3007 }
3008
3009 for (p = rvalue;;) {
3010 _cleanup_free_ char *word = NULL;
3011 int af;
3012
3013 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3014 if (r == 0)
3015 return 0;
3016 if (r == -ENOMEM)
3017 return log_oom();
3018 if (r < 0) {
3019 log_syntax(unit, LOG_WARNING, filename, line, r,
3020 "Invalid syntax, ignoring: %s", rvalue);
3021 return 0;
3022 }
3023
3024 af = af_from_name(word);
3025 if (af <= 0) {
3026 log_syntax(unit, LOG_ERR, filename, line, 0,
3027 "Failed to parse address family, ignoring: %s", word);
3028 continue;
3029 }
3030
3031 /* If we previously wanted to forbid an address family and now
3032 * we want to allow it, then just remove it from the list.
3033 */
3034 if (!invert == c->address_families_whitelist) {
3035 r = set_put(c->address_families, INT_TO_PTR(af));
3036 if (r < 0)
3037 return log_oom();
3038 } else
3039 set_remove(c->address_families, INT_TO_PTR(af));
3040 }
3041 }
3042
3043 int config_parse_restrict_namespaces(
3044 const char *unit,
3045 const char *filename,
3046 unsigned line,
3047 const char *section,
3048 unsigned section_line,
3049 const char *lvalue,
3050 int ltype,
3051 const char *rvalue,
3052 void *data,
3053 void *userdata) {
3054
3055 ExecContext *c = data;
3056 unsigned long flags;
3057 bool invert = false;
3058 int r;
3059
3060 if (isempty(rvalue)) {
3061 /* Reset to the default. */
3062 c->restrict_namespaces = NAMESPACE_FLAGS_INITIAL;
3063 return 0;
3064 }
3065
3066 /* Boolean parameter ignores the previous settings */
3067 r = parse_boolean(rvalue);
3068 if (r > 0) {
3069 c->restrict_namespaces = 0;
3070 return 0;
3071 } else if (r == 0) {
3072 c->restrict_namespaces = NAMESPACE_FLAGS_ALL;
3073 return 0;
3074 }
3075
3076 if (rvalue[0] == '~') {
3077 invert = true;
3078 rvalue++;
3079 }
3080
3081 /* Not a boolean argument, in this case it's a list of namespace types. */
3082 r = namespace_flags_from_string(rvalue, &flags);
3083 if (r < 0) {
3084 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse namespace type string, ignoring: %s", rvalue);
3085 return 0;
3086 }
3087
3088 if (c->restrict_namespaces == NAMESPACE_FLAGS_INITIAL)
3089 /* Initial assignment. Just set the value. */
3090 c->restrict_namespaces = invert ? (~flags) & NAMESPACE_FLAGS_ALL : flags;
3091 else
3092 /* Merge the value with the previous one. */
3093 SET_FLAG(c->restrict_namespaces, flags, !invert);
3094
3095 return 0;
3096 }
3097 #endif
3098
3099 int config_parse_unit_slice(
3100 const char *unit,
3101 const char *filename,
3102 unsigned line,
3103 const char *section,
3104 unsigned section_line,
3105 const char *lvalue,
3106 int ltype,
3107 const char *rvalue,
3108 void *data,
3109 void *userdata) {
3110
3111 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
3112 _cleanup_free_ char *k = NULL;
3113 Unit *u = userdata, *slice = NULL;
3114 int r;
3115
3116 assert(filename);
3117 assert(lvalue);
3118 assert(rvalue);
3119 assert(u);
3120
3121 r = unit_name_printf(u, rvalue, &k);
3122 if (r < 0) {
3123 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
3124 return 0;
3125 }
3126
3127 r = manager_load_unit(u->manager, k, NULL, &error, &slice);
3128 if (r < 0) {
3129 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load slice unit %s, ignoring: %s", k, bus_error_message(&error, r));
3130 return 0;
3131 }
3132
3133 r = unit_set_slice(u, slice);
3134 if (r < 0) {
3135 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to assign slice %s to unit %s, ignoring: %m", slice->id, u->id);
3136 return 0;
3137 }
3138
3139 return 0;
3140 }
3141
3142 DEFINE_CONFIG_PARSE_ENUM(config_parse_device_policy, cgroup_device_policy, CGroupDevicePolicy, "Failed to parse device policy");
3143
3144 int config_parse_cpu_weight(
3145 const char *unit,
3146 const char *filename,
3147 unsigned line,
3148 const char *section,
3149 unsigned section_line,
3150 const char *lvalue,
3151 int ltype,
3152 const char *rvalue,
3153 void *data,
3154 void *userdata) {
3155
3156 uint64_t *weight = data;
3157 int r;
3158
3159 assert(filename);
3160 assert(lvalue);
3161 assert(rvalue);
3162
3163 r = cg_weight_parse(rvalue, weight);
3164 if (r < 0) {
3165 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid CPU weight '%s', ignoring: %m", rvalue);
3166 return 0;
3167 }
3168
3169 return 0;
3170 }
3171
3172 int config_parse_cpu_shares(
3173 const char *unit,
3174 const char *filename,
3175 unsigned line,
3176 const char *section,
3177 unsigned section_line,
3178 const char *lvalue,
3179 int ltype,
3180 const char *rvalue,
3181 void *data,
3182 void *userdata) {
3183
3184 uint64_t *shares = data;
3185 int r;
3186
3187 assert(filename);
3188 assert(lvalue);
3189 assert(rvalue);
3190
3191 r = cg_cpu_shares_parse(rvalue, shares);
3192 if (r < 0) {
3193 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid CPU shares '%s', ignoring: %m", rvalue);
3194 return 0;
3195 }
3196
3197 return 0;
3198 }
3199
3200 int config_parse_cpu_quota(
3201 const char *unit,
3202 const char *filename,
3203 unsigned line,
3204 const char *section,
3205 unsigned section_line,
3206 const char *lvalue,
3207 int ltype,
3208 const char *rvalue,
3209 void *data,
3210 void *userdata) {
3211
3212 CGroupContext *c = data;
3213 int r;
3214
3215 assert(filename);
3216 assert(lvalue);
3217 assert(rvalue);
3218
3219 if (isempty(rvalue)) {
3220 c->cpu_quota_per_sec_usec = USEC_INFINITY;
3221 return 0;
3222 }
3223
3224 r = parse_percent_unbounded(rvalue);
3225 if (r <= 0) {
3226 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid CPU quota '%s', ignoring.", rvalue);
3227 return 0;
3228 }
3229
3230 c->cpu_quota_per_sec_usec = ((usec_t) r * USEC_PER_SEC) / 100U;
3231 return 0;
3232 }
3233
3234 int config_parse_memory_limit(
3235 const char *unit,
3236 const char *filename,
3237 unsigned line,
3238 const char *section,
3239 unsigned section_line,
3240 const char *lvalue,
3241 int ltype,
3242 const char *rvalue,
3243 void *data,
3244 void *userdata) {
3245
3246 CGroupContext *c = data;
3247 uint64_t bytes = CGROUP_LIMIT_MAX;
3248 int r;
3249
3250 if (!isempty(rvalue) && !streq(rvalue, "infinity")) {
3251
3252 r = parse_percent(rvalue);
3253 if (r < 0) {
3254 r = parse_size(rvalue, 1024, &bytes);
3255 if (r < 0) {
3256 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid memory limit '%s', ignoring: %m", rvalue);
3257 return 0;
3258 }
3259 } else
3260 bytes = physical_memory_scale(r, 100U);
3261
3262 if (bytes >= UINT64_MAX ||
3263 (bytes <= 0 && !streq(lvalue, "MemorySwapMax"))) {
3264 log_syntax(unit, LOG_ERR, filename, line, 0, "Memory limit '%s' out of range, ignoring.", rvalue);
3265 return 0;
3266 }
3267 }
3268
3269 if (streq(lvalue, "MemoryLow"))
3270 c->memory_low = bytes;
3271 else if (streq(lvalue, "MemoryHigh"))
3272 c->memory_high = bytes;
3273 else if (streq(lvalue, "MemoryMax"))
3274 c->memory_max = bytes;
3275 else if (streq(lvalue, "MemorySwapMax"))
3276 c->memory_swap_max = bytes;
3277 else if (streq(lvalue, "MemoryLimit"))
3278 c->memory_limit = bytes;
3279 else
3280 return -EINVAL;
3281
3282 return 0;
3283 }
3284
3285 int config_parse_tasks_max(
3286 const char *unit,
3287 const char *filename,
3288 unsigned line,
3289 const char *section,
3290 unsigned section_line,
3291 const char *lvalue,
3292 int ltype,
3293 const char *rvalue,
3294 void *data,
3295 void *userdata) {
3296
3297 uint64_t *tasks_max = data, v;
3298 Unit *u = userdata;
3299 int r;
3300
3301 if (isempty(rvalue)) {
3302 *tasks_max = u->manager->default_tasks_max;
3303 return 0;
3304 }
3305
3306 if (streq(rvalue, "infinity")) {
3307 *tasks_max = CGROUP_LIMIT_MAX;
3308 return 0;
3309 }
3310
3311 r = parse_percent(rvalue);
3312 if (r < 0) {
3313 r = safe_atou64(rvalue, &v);
3314 if (r < 0) {
3315 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid maximum tasks value '%s', ignoring: %m", rvalue);
3316 return 0;
3317 }
3318 } else
3319 v = system_tasks_max_scale(r, 100U);
3320
3321 if (v <= 0 || v >= UINT64_MAX) {
3322 log_syntax(unit, LOG_ERR, filename, line, 0, "Maximum tasks value '%s' out of range, ignoring.", rvalue);
3323 return 0;
3324 }
3325
3326 *tasks_max = v;
3327 return 0;
3328 }
3329
3330 int config_parse_delegate(
3331 const char *unit,
3332 const char *filename,
3333 unsigned line,
3334 const char *section,
3335 unsigned section_line,
3336 const char *lvalue,
3337 int ltype,
3338 const char *rvalue,
3339 void *data,
3340 void *userdata) {
3341
3342 CGroupContext *c = data;
3343 UnitType t;
3344 int r;
3345
3346 t = unit_name_to_type(unit);
3347 assert(t != _UNIT_TYPE_INVALID);
3348
3349 if (!unit_vtable[t]->can_delegate) {
3350 log_syntax(unit, LOG_ERR, filename, line, 0, "Delegate= setting not supported for this unit type, ignoring.");
3351 return 0;
3352 }
3353
3354 /* We either accept a boolean value, which may be used to turn on delegation for all controllers, or turn it
3355 * off for all. Or it takes a list of controller names, in which case we add the specified controllers to the
3356 * mask to delegate. */
3357
3358 if (isempty(rvalue)) {
3359 /* An empty string resets controllers and set Delegate=yes. */
3360 c->delegate = true;
3361 c->delegate_controllers = 0;
3362 return 0;
3363 }
3364
3365 r = parse_boolean(rvalue);
3366 if (r < 0) {
3367 const char *p = rvalue;
3368 CGroupMask mask = 0;
3369
3370 for (;;) {
3371 _cleanup_free_ char *word = NULL;
3372 CGroupController cc;
3373
3374 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3375 if (r == 0)
3376 break;
3377 if (r == -ENOMEM)
3378 return log_oom();
3379 if (r < 0) {
3380 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
3381 return 0;
3382 }
3383
3384 cc = cgroup_controller_from_string(word);
3385 if (cc < 0) {
3386 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid controller name '%s', ignoring", word);
3387 continue;
3388 }
3389
3390 mask |= CGROUP_CONTROLLER_TO_MASK(cc);
3391 }
3392
3393 c->delegate = true;
3394 c->delegate_controllers |= mask;
3395
3396 } else if (r > 0) {
3397 c->delegate = true;
3398 c->delegate_controllers = _CGROUP_MASK_ALL;
3399 } else {
3400 c->delegate = false;
3401 c->delegate_controllers = 0;
3402 }
3403
3404 return 0;
3405 }
3406
3407 int config_parse_device_allow(
3408 const char *unit,
3409 const char *filename,
3410 unsigned line,
3411 const char *section,
3412 unsigned section_line,
3413 const char *lvalue,
3414 int ltype,
3415 const char *rvalue,
3416 void *data,
3417 void *userdata) {
3418
3419 _cleanup_free_ char *path = NULL, *resolved = NULL;
3420 CGroupContext *c = data;
3421 CGroupDeviceAllow *a;
3422 const char *p = rvalue;
3423 int r;
3424
3425 if (isempty(rvalue)) {
3426 while (c->device_allow)
3427 cgroup_context_free_device_allow(c, c->device_allow);
3428
3429 return 0;
3430 }
3431
3432 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3433 if (r == -ENOMEM)
3434 return log_oom();
3435 if (r < 0) {
3436 log_syntax(unit, LOG_WARNING, filename, line, r,
3437 "Invalid syntax, ignoring: %s", rvalue);
3438 return 0;
3439 }
3440 if (r == 0) {
3441 log_syntax(unit, LOG_WARNING, filename, line, 0,
3442 "Failed to extract device path and rights from '%s', ignoring.", rvalue);
3443 return 0;
3444 }
3445
3446 r = unit_full_printf(userdata, path, &resolved);
3447 if (r < 0) {
3448 log_syntax(unit, LOG_WARNING, filename, line, r,
3449 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3450 return 0;
3451 }
3452
3453 if (!is_deviceallow_pattern(resolved) &&
3454 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3455 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3456 return 0;
3457 }
3458
3459 if (!isempty(p) && !in_charset(p, "rwm")) {
3460 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device rights '%s', ignoring.", p);
3461 return 0;
3462 }
3463
3464 a = new0(CGroupDeviceAllow, 1);
3465 if (!a)
3466 return log_oom();
3467
3468 a->path = TAKE_PTR(resolved);
3469 a->r = isempty(p) || !!strchr(p, 'r');
3470 a->w = isempty(p) || !!strchr(p, 'w');
3471 a->m = isempty(p) || !!strchr(p, 'm');
3472
3473 LIST_PREPEND(device_allow, c->device_allow, a);
3474 return 0;
3475 }
3476
3477 int config_parse_io_weight(
3478 const char *unit,
3479 const char *filename,
3480 unsigned line,
3481 const char *section,
3482 unsigned section_line,
3483 const char *lvalue,
3484 int ltype,
3485 const char *rvalue,
3486 void *data,
3487 void *userdata) {
3488
3489 uint64_t *weight = data;
3490 int r;
3491
3492 assert(filename);
3493 assert(lvalue);
3494 assert(rvalue);
3495
3496 r = cg_weight_parse(rvalue, weight);
3497 if (r < 0) {
3498 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid IO weight '%s', ignoring.", rvalue);
3499 return 0;
3500 }
3501
3502 return 0;
3503 }
3504
3505 int config_parse_io_device_weight(
3506 const char *unit,
3507 const char *filename,
3508 unsigned line,
3509 const char *section,
3510 unsigned section_line,
3511 const char *lvalue,
3512 int ltype,
3513 const char *rvalue,
3514 void *data,
3515 void *userdata) {
3516
3517 _cleanup_free_ char *path = NULL, *resolved = NULL;
3518 CGroupIODeviceWeight *w;
3519 CGroupContext *c = data;
3520 const char *p = rvalue;
3521 uint64_t u;
3522 int r;
3523
3524 assert(filename);
3525 assert(lvalue);
3526 assert(rvalue);
3527
3528 if (isempty(rvalue)) {
3529 while (c->io_device_weights)
3530 cgroup_context_free_io_device_weight(c, c->io_device_weights);
3531
3532 return 0;
3533 }
3534
3535 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3536 if (r == -ENOMEM)
3537 return log_oom();
3538 if (r < 0) {
3539 log_syntax(unit, LOG_WARNING, filename, line, r,
3540 "Invalid syntax, ignoring: %s", rvalue);
3541 return 0;
3542 }
3543 if (r == 0 || isempty(p)) {
3544 log_syntax(unit, LOG_WARNING, filename, line, 0,
3545 "Failed to extract device path and weight from '%s', ignoring.", rvalue);
3546 return 0;
3547 }
3548
3549 r = unit_full_printf(userdata, path, &resolved);
3550 if (r < 0) {
3551 log_syntax(unit, LOG_WARNING, filename, line, r,
3552 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3553 return 0;
3554 }
3555
3556 if (!path_startswith(resolved, "/dev") &&
3557 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3558 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3559 return 0;
3560 }
3561
3562 r = cg_weight_parse(p, &u);
3563 if (r < 0) {
3564 log_syntax(unit, LOG_ERR, filename, line, r, "IO weight '%s' invalid, ignoring: %m", p);
3565 return 0;
3566 }
3567
3568 assert(u != CGROUP_WEIGHT_INVALID);
3569
3570 w = new0(CGroupIODeviceWeight, 1);
3571 if (!w)
3572 return log_oom();
3573
3574 w->path = TAKE_PTR(resolved);
3575 w->weight = u;
3576
3577 LIST_PREPEND(device_weights, c->io_device_weights, w);
3578 return 0;
3579 }
3580
3581 int config_parse_io_limit(
3582 const char *unit,
3583 const char *filename,
3584 unsigned line,
3585 const char *section,
3586 unsigned section_line,
3587 const char *lvalue,
3588 int ltype,
3589 const char *rvalue,
3590 void *data,
3591 void *userdata) {
3592
3593 _cleanup_free_ char *path = NULL, *resolved = NULL;
3594 CGroupIODeviceLimit *l = NULL, *t;
3595 CGroupContext *c = data;
3596 CGroupIOLimitType type;
3597 const char *p = rvalue;
3598 uint64_t num;
3599 int r;
3600
3601 assert(filename);
3602 assert(lvalue);
3603 assert(rvalue);
3604
3605 type = cgroup_io_limit_type_from_string(lvalue);
3606 assert(type >= 0);
3607
3608 if (isempty(rvalue)) {
3609 LIST_FOREACH(device_limits, l, c->io_device_limits)
3610 l->limits[type] = cgroup_io_limit_defaults[type];
3611 return 0;
3612 }
3613
3614 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3615 if (r == -ENOMEM)
3616 return log_oom();
3617 if (r < 0) {
3618 log_syntax(unit, LOG_WARNING, filename, line, r,
3619 "Invalid syntax, ignoring: %s", rvalue);
3620 return 0;
3621 }
3622 if (r == 0 || isempty(p)) {
3623 log_syntax(unit, LOG_WARNING, filename, line, 0,
3624 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
3625 return 0;
3626 }
3627
3628 r = unit_full_printf(userdata, path, &resolved);
3629 if (r < 0) {
3630 log_syntax(unit, LOG_WARNING, filename, line, r,
3631 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3632 return 0;
3633 }
3634
3635 if (!path_startswith(resolved, "/dev") &&
3636 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3637 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3638 return 0;
3639 }
3640
3641 if (streq("infinity", p)) {
3642 num = CGROUP_LIMIT_MAX;
3643 } else {
3644 r = parse_size(p, 1000, &num);
3645 if (r < 0 || num <= 0) {
3646 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid IO limit '%s', ignoring.", p);
3647 return 0;
3648 }
3649 }
3650
3651 LIST_FOREACH(device_limits, t, c->io_device_limits) {
3652 if (path_equal(resolved, t->path)) {
3653 l = t;
3654 break;
3655 }
3656 }
3657
3658 if (!l) {
3659 CGroupIOLimitType ttype;
3660
3661 l = new0(CGroupIODeviceLimit, 1);
3662 if (!l)
3663 return log_oom();
3664
3665 l->path = TAKE_PTR(resolved);
3666 for (ttype = 0; ttype < _CGROUP_IO_LIMIT_TYPE_MAX; ttype++)
3667 l->limits[ttype] = cgroup_io_limit_defaults[ttype];
3668
3669 LIST_PREPEND(device_limits, c->io_device_limits, l);
3670 }
3671
3672 l->limits[type] = num;
3673
3674 return 0;
3675 }
3676
3677 int config_parse_blockio_weight(
3678 const char *unit,
3679 const char *filename,
3680 unsigned line,
3681 const char *section,
3682 unsigned section_line,
3683 const char *lvalue,
3684 int ltype,
3685 const char *rvalue,
3686 void *data,
3687 void *userdata) {
3688
3689 uint64_t *weight = data;
3690 int r;
3691
3692 assert(filename);
3693 assert(lvalue);
3694 assert(rvalue);
3695
3696 r = cg_blkio_weight_parse(rvalue, weight);
3697 if (r < 0) {
3698 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid block IO weight '%s', ignoring: %m", rvalue);
3699 return 0;
3700 }
3701
3702 return 0;
3703 }
3704
3705 int config_parse_blockio_device_weight(
3706 const char *unit,
3707 const char *filename,
3708 unsigned line,
3709 const char *section,
3710 unsigned section_line,
3711 const char *lvalue,
3712 int ltype,
3713 const char *rvalue,
3714 void *data,
3715 void *userdata) {
3716
3717 _cleanup_free_ char *path = NULL, *resolved = NULL;
3718 CGroupBlockIODeviceWeight *w;
3719 CGroupContext *c = data;
3720 const char *p = rvalue;
3721 uint64_t u;
3722 int r;
3723
3724 assert(filename);
3725 assert(lvalue);
3726 assert(rvalue);
3727
3728 if (isempty(rvalue)) {
3729 while (c->blockio_device_weights)
3730 cgroup_context_free_blockio_device_weight(c, c->blockio_device_weights);
3731
3732 return 0;
3733 }
3734
3735 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3736 if (r == -ENOMEM)
3737 return log_oom();
3738 if (r < 0) {
3739 log_syntax(unit, LOG_WARNING, filename, line, r,
3740 "Invalid syntax, ignoring: %s", rvalue);
3741 return 0;
3742 }
3743 if (r == 0 || isempty(p)) {
3744 log_syntax(unit, LOG_WARNING, filename, line, 0,
3745 "Failed to extract device node and weight from '%s', ignoring.", rvalue);
3746 return 0;
3747 }
3748
3749 r = unit_full_printf(userdata, path, &resolved);
3750 if (r < 0) {
3751 log_syntax(unit, LOG_WARNING, filename, line, r,
3752 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3753 return 0;
3754 }
3755
3756 if (!path_startswith(resolved, "/dev") &&
3757 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3758 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s'. Ignoring.", resolved);
3759 return 0;
3760 }
3761
3762 r = cg_blkio_weight_parse(p, &u);
3763 if (r < 0) {
3764 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid block IO weight '%s', ignoring: %m", p);
3765 return 0;
3766 }
3767
3768 assert(u != CGROUP_BLKIO_WEIGHT_INVALID);
3769
3770 w = new0(CGroupBlockIODeviceWeight, 1);
3771 if (!w)
3772 return log_oom();
3773
3774 w->path = TAKE_PTR(resolved);
3775 w->weight = u;
3776
3777 LIST_PREPEND(device_weights, c->blockio_device_weights, w);
3778 return 0;
3779 }
3780
3781 int config_parse_blockio_bandwidth(
3782 const char *unit,
3783 const char *filename,
3784 unsigned line,
3785 const char *section,
3786 unsigned section_line,
3787 const char *lvalue,
3788 int ltype,
3789 const char *rvalue,
3790 void *data,
3791 void *userdata) {
3792
3793 _cleanup_free_ char *path = NULL, *resolved = NULL;
3794 CGroupBlockIODeviceBandwidth *b = NULL, *t;
3795 CGroupContext *c = data;
3796 const char *p = rvalue;
3797 uint64_t bytes;
3798 bool read;
3799 int r;
3800
3801 assert(filename);
3802 assert(lvalue);
3803 assert(rvalue);
3804
3805 read = streq("BlockIOReadBandwidth", lvalue);
3806
3807 if (isempty(rvalue)) {
3808 LIST_FOREACH(device_bandwidths, b, c->blockio_device_bandwidths) {
3809 b->rbps = CGROUP_LIMIT_MAX;
3810 b->wbps = CGROUP_LIMIT_MAX;
3811 }
3812 return 0;
3813 }
3814
3815 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3816 if (r == -ENOMEM)
3817 return log_oom();
3818 if (r < 0) {
3819 log_syntax(unit, LOG_WARNING, filename, line, r,
3820 "Invalid syntax, ignoring: %s", rvalue);
3821 return 0;
3822 }
3823 if (r == 0 || isempty(p)) {
3824 log_syntax(unit, LOG_WARNING, filename, line, 0,
3825 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
3826 return 0;
3827 }
3828
3829 r = unit_full_printf(userdata, path, &resolved);
3830 if (r < 0) {
3831 log_syntax(unit, LOG_WARNING, filename, line, r,
3832 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3833 return 0;
3834 }
3835
3836 if (!path_startswith(resolved, "/dev") &&
3837 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3838 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3839 return 0;
3840 }
3841
3842 r = parse_size(p, 1000, &bytes);
3843 if (r < 0 || bytes <= 0) {
3844 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid Block IO Bandwidth '%s', ignoring.", p);
3845 return 0;
3846 }
3847
3848 LIST_FOREACH(device_bandwidths, t, c->blockio_device_bandwidths) {
3849 if (path_equal(resolved, t->path)) {
3850 b = t;
3851 break;
3852 }
3853 }
3854
3855 if (!t) {
3856 b = new0(CGroupBlockIODeviceBandwidth, 1);
3857 if (!b)
3858 return log_oom();
3859
3860 b->path = TAKE_PTR(resolved);
3861 b->rbps = CGROUP_LIMIT_MAX;
3862 b->wbps = CGROUP_LIMIT_MAX;
3863
3864 LIST_PREPEND(device_bandwidths, c->blockio_device_bandwidths, b);
3865 }
3866
3867 if (read)
3868 b->rbps = bytes;
3869 else
3870 b->wbps = bytes;
3871
3872 return 0;
3873 }
3874
3875 DEFINE_CONFIG_PARSE_ENUM(config_parse_job_mode, job_mode, JobMode, "Failed to parse job mode");
3876
3877 int config_parse_job_mode_isolate(
3878 const char *unit,
3879 const char *filename,
3880 unsigned line,
3881 const char *section,
3882 unsigned section_line,
3883 const char *lvalue,
3884 int ltype,
3885 const char *rvalue,
3886 void *data,
3887 void *userdata) {
3888
3889 JobMode *m = data;
3890 int r;
3891
3892 assert(filename);
3893 assert(lvalue);
3894 assert(rvalue);
3895
3896 r = parse_boolean(rvalue);
3897 if (r < 0) {
3898 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse boolean, ignoring: %s", rvalue);
3899 return 0;
3900 }
3901
3902 log_notice("%s is deprecated. Please use OnFailureJobMode= instead", lvalue);
3903
3904 *m = r ? JOB_ISOLATE : JOB_REPLACE;
3905 return 0;
3906 }
3907
3908 DEFINE_CONFIG_PARSE_ENUM(config_parse_runtime_preserve_mode, exec_preserve_mode, ExecPreserveMode, "Failed to parse runtime directory preserve mode");
3909
3910 int config_parse_exec_directories(
3911 const char *unit,
3912 const char *filename,
3913 unsigned line,
3914 const char *section,
3915 unsigned section_line,
3916 const char *lvalue,
3917 int ltype,
3918 const char *rvalue,
3919 void *data,
3920 void *userdata) {
3921
3922 char***rt = data;
3923 Unit *u = userdata;
3924 const char *p;
3925 int r;
3926
3927 assert(filename);
3928 assert(lvalue);
3929 assert(rvalue);
3930 assert(data);
3931
3932 if (isempty(rvalue)) {
3933 /* Empty assignment resets the list */
3934 *rt = strv_free(*rt);
3935 return 0;
3936 }
3937
3938 for (p = rvalue;;) {
3939 _cleanup_free_ char *word = NULL, *k = NULL;
3940
3941 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3942 if (r == -ENOMEM)
3943 return log_oom();
3944 if (r < 0) {
3945 log_syntax(unit, LOG_WARNING, filename, line, r,
3946 "Invalid syntax, ignoring: %s", rvalue);
3947 return 0;
3948 }
3949 if (r == 0)
3950 return 0;
3951
3952 r = unit_full_printf(u, word, &k);
3953 if (r < 0) {
3954 log_syntax(unit, LOG_ERR, filename, line, r,
3955 "Failed to resolve unit specifiers in \"%s\", ignoring: %m", word);
3956 continue;
3957 }
3958
3959 if (!path_is_normalized(k)) {
3960 log_syntax(unit, LOG_ERR, filename, line, 0,
3961 "%s= path is not normalized, ignoring assignment: %s", lvalue, rvalue);
3962 continue;
3963 }
3964
3965 if (path_is_absolute(k)) {
3966 log_syntax(unit, LOG_ERR, filename, line, 0,
3967 "%s= path is absolute, ignoring assignment: %s", lvalue, rvalue);
3968 continue;
3969 }
3970
3971 if (path_startswith(k, "private")) {
3972 log_syntax(unit, LOG_ERR, filename, line, 0,
3973 "%s= path can't be 'private', ingoring assignment: %s", lvalue, rvalue);
3974 continue;
3975 }
3976
3977 r = strv_push(rt, k);
3978 if (r < 0)
3979 return log_oom();
3980 k = NULL;
3981 }
3982 }
3983
3984 int config_parse_set_status(
3985 const char *unit,
3986 const char *filename,
3987 unsigned line,
3988 const char *section,
3989 unsigned section_line,
3990 const char *lvalue,
3991 int ltype,
3992 const char *rvalue,
3993 void *data,
3994 void *userdata) {
3995
3996 size_t l;
3997 const char *word, *state;
3998 int r;
3999 ExitStatusSet *status_set = data;
4000
4001 assert(filename);
4002 assert(lvalue);
4003 assert(rvalue);
4004 assert(data);
4005
4006 /* Empty assignment resets the list */
4007 if (isempty(rvalue)) {
4008 exit_status_set_free(status_set);
4009 return 0;
4010 }
4011
4012 FOREACH_WORD(word, l, rvalue, state) {
4013 _cleanup_free_ char *temp;
4014 int val;
4015 Set **set;
4016
4017 temp = strndup(word, l);
4018 if (!temp)
4019 return log_oom();
4020
4021 r = safe_atoi(temp, &val);
4022 if (r < 0) {
4023 val = signal_from_string(temp);
4024
4025 if (val <= 0) {
4026 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse value, ignoring: %s", word);
4027 continue;
4028 }
4029 set = &status_set->signal;
4030 } else {
4031 if (val < 0 || val > 255) {
4032 log_syntax(unit, LOG_ERR, filename, line, 0, "Value %d is outside range 0-255, ignoring", val);
4033 continue;
4034 }
4035 set = &status_set->status;
4036 }
4037
4038 r = set_ensure_allocated(set, NULL);
4039 if (r < 0)
4040 return log_oom();
4041
4042 r = set_put(*set, INT_TO_PTR(val));
4043 if (r < 0)
4044 return log_oom();
4045 }
4046 if (!isempty(state))
4047 log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
4048
4049 return 0;
4050 }
4051
4052 int config_parse_namespace_path_strv(
4053 const char *unit,
4054 const char *filename,
4055 unsigned line,
4056 const char *section,
4057 unsigned section_line,
4058 const char *lvalue,
4059 int ltype,
4060 const char *rvalue,
4061 void *data,
4062 void *userdata) {
4063
4064 Unit *u = userdata;
4065 char*** sv = data;
4066 const char *p = rvalue;
4067 int r;
4068
4069 assert(filename);
4070 assert(lvalue);
4071 assert(rvalue);
4072 assert(data);
4073
4074 if (isempty(rvalue)) {
4075 /* Empty assignment resets the list */
4076 *sv = strv_free(*sv);
4077 return 0;
4078 }
4079
4080 for (;;) {
4081 _cleanup_free_ char *word = NULL, *resolved = NULL, *joined = NULL;
4082 const char *w;
4083 bool ignore_enoent = false, shall_prefix = false;
4084
4085 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
4086 if (r == 0)
4087 break;
4088 if (r == -ENOMEM)
4089 return log_oom();
4090 if (r < 0) {
4091 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue);
4092 return 0;
4093 }
4094
4095 if (!utf8_is_valid(word)) {
4096 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, word);
4097 continue;
4098 }
4099
4100 w = word;
4101 if (startswith(w, "-")) {
4102 ignore_enoent = true;
4103 w++;
4104 }
4105 if (startswith(w, "+")) {
4106 shall_prefix = true;
4107 w++;
4108 }
4109
4110 r = unit_full_printf(u, w, &resolved);
4111 if (r < 0) {
4112 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", w);
4113 continue;
4114 }
4115
4116 if (!path_is_absolute(resolved)) {
4117 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute path, ignoring: %s", resolved);
4118 continue;
4119 }
4120
4121 path_kill_slashes(resolved);
4122
4123 joined = strjoin(ignore_enoent ? "-" : "",
4124 shall_prefix ? "+" : "",
4125 resolved);
4126
4127 r = strv_push(sv, joined);
4128 if (r < 0)
4129 return log_oom();
4130
4131 joined = NULL;
4132 }
4133
4134 return 0;
4135 }
4136
4137 int config_parse_temporary_filesystems(
4138 const char *unit,
4139 const char *filename,
4140 unsigned line,
4141 const char *section,
4142 unsigned section_line,
4143 const char *lvalue,
4144 int ltype,
4145 const char *rvalue,
4146 void *data,
4147 void *userdata) {
4148
4149 Unit *u = userdata;
4150 ExecContext *c = data;
4151 const char *p = rvalue;
4152 int r;
4153
4154 assert(filename);
4155 assert(lvalue);
4156 assert(rvalue);
4157 assert(data);
4158
4159 if (isempty(rvalue)) {
4160 /* Empty assignment resets the list */
4161 temporary_filesystem_free_many(c->temporary_filesystems, c->n_temporary_filesystems);
4162 c->temporary_filesystems = NULL;
4163 c->n_temporary_filesystems = 0;
4164 return 0;
4165 }
4166
4167 for (;;) {
4168 _cleanup_free_ char *word = NULL, *path = NULL, *resolved = NULL;
4169 const char *w;
4170
4171 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
4172 if (r == 0)
4173 return 0;
4174 if (r == -ENOMEM)
4175 return log_oom();
4176 if (r < 0) {
4177 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue);
4178 return 0;
4179 }
4180
4181 w = word;
4182 r = extract_first_word(&w, &path, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
4183 if (r == -ENOMEM)
4184 return log_oom();
4185 if (r < 0) {
4186 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", word);
4187 continue;
4188 }
4189 if (r == 0) {
4190 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid syntax, ignoring: %s", word);
4191 continue;
4192 }
4193
4194 r = unit_full_printf(u, path, &resolved);
4195 if (r < 0) {
4196 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", path);
4197 continue;
4198 }
4199
4200 if (!path_is_absolute(resolved)) {
4201 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute path, ignoring: %s", resolved);
4202 continue;
4203 }
4204
4205 path_kill_slashes(resolved);
4206
4207 r = temporary_filesystem_add(&c->temporary_filesystems, &c->n_temporary_filesystems, path, w);
4208 if (r == -ENOMEM)
4209 return log_oom();
4210 if (r < 0) {
4211 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse mount options, ignoring: %s", word);
4212 continue;
4213 }
4214 }
4215 }
4216
4217 int config_parse_bind_paths(
4218 const char *unit,
4219 const char *filename,
4220 unsigned line,
4221 const char *section,
4222 unsigned section_line,
4223 const char *lvalue,
4224 int ltype,
4225 const char *rvalue,
4226 void *data,
4227 void *userdata) {
4228
4229 ExecContext *c = data;
4230 Unit *u = userdata;
4231 const char *p;
4232 int r;
4233
4234 assert(filename);
4235 assert(lvalue);
4236 assert(rvalue);
4237 assert(data);
4238
4239 if (isempty(rvalue)) {
4240 /* Empty assignment resets the list */
4241 bind_mount_free_many(c->bind_mounts, c->n_bind_mounts);
4242 c->bind_mounts = NULL;
4243 c->n_bind_mounts = 0;
4244 return 0;
4245 }
4246
4247 p = rvalue;
4248 for (;;) {
4249 _cleanup_free_ char *source = NULL, *destination = NULL;
4250 _cleanup_free_ char *sresolved = NULL, *dresolved = NULL;
4251 char *s = NULL, *d = NULL;
4252 bool rbind = true, ignore_enoent = false;
4253
4254 r = extract_first_word(&p, &source, ":" WHITESPACE, EXTRACT_QUOTES|EXTRACT_DONT_COALESCE_SEPARATORS);
4255 if (r == 0)
4256 break;
4257 if (r == -ENOMEM)
4258 return log_oom();
4259 if (r < 0) {
4260 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4261 return 0;
4262 }
4263
4264 r = unit_full_printf(u, source, &sresolved);
4265 if (r < 0) {
4266 log_syntax(unit, LOG_ERR, filename, line, r,
4267 "Failed to resolved unit specifiers in \"%s\", ignoring: %m", source);
4268 return 0;
4269 }
4270
4271 s = sresolved;
4272 if (s[0] == '-') {
4273 ignore_enoent = true;
4274 s++;
4275 }
4276
4277 if (!utf8_is_valid(s)) {
4278 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, s);
4279 return 0;
4280 }
4281 if (!path_is_absolute(s)) {
4282 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute source path, ignoring: %s", s);
4283 return 0;
4284 }
4285
4286 path_kill_slashes(s);
4287
4288 /* Optionally, the destination is specified. */
4289 if (p && p[-1] == ':') {
4290 r = extract_first_word(&p, &destination, ":" WHITESPACE, EXTRACT_QUOTES|EXTRACT_DONT_COALESCE_SEPARATORS);
4291 if (r == -ENOMEM)
4292 return log_oom();
4293 if (r < 0) {
4294 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4295 return 0;
4296 }
4297 if (r == 0) {
4298 log_syntax(unit, LOG_ERR, filename, line, 0, "Missing argument after ':': %s", rvalue);
4299 return 0;
4300 }
4301
4302 r = unit_full_printf(u, destination, &dresolved);
4303 if (r < 0) {
4304 log_syntax(unit, LOG_ERR, filename, line, r,
4305 "Failed to resolved specifiers in \"%s\", ignoring: %m", destination);
4306 return 0;
4307 }
4308
4309 if (!utf8_is_valid(dresolved)) {
4310 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, dresolved);
4311 return 0;
4312 }
4313 if (!path_is_absolute(dresolved)) {
4314 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute destination path, ignoring: %s", dresolved);
4315 return 0;
4316 }
4317
4318 d = path_kill_slashes(dresolved);
4319
4320 /* Optionally, there's also a short option string specified */
4321 if (p && p[-1] == ':') {
4322 _cleanup_free_ char *options = NULL;
4323
4324 r = extract_first_word(&p, &options, NULL, EXTRACT_QUOTES);
4325 if (r == -ENOMEM)
4326 return log_oom();
4327 if (r < 0) {
4328 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4329 return 0;
4330 }
4331
4332 if (isempty(options) || streq(options, "rbind"))
4333 rbind = true;
4334 else if (streq(options, "norbind"))
4335 rbind = false;
4336 else {
4337 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid option string, ignoring setting: %s", options);
4338 return 0;
4339 }
4340 }
4341 } else
4342 d = s;
4343
4344 r = bind_mount_add(&c->bind_mounts, &c->n_bind_mounts,
4345 &(BindMount) {
4346 .source = s,
4347 .destination = d,
4348 .read_only = !!strstr(lvalue, "ReadOnly"),
4349 .recursive = rbind,
4350 .ignore_enoent = ignore_enoent,
4351 });
4352 if (r < 0)
4353 return log_oom();
4354 }
4355
4356 return 0;
4357 }
4358
4359 int config_parse_no_new_privileges(
4360 const char* unit,
4361 const char *filename,
4362 unsigned line,
4363 const char *section,
4364 unsigned section_line,
4365 const char *lvalue,
4366 int ltype,
4367 const char *rvalue,
4368 void *data,
4369 void *userdata) {
4370
4371 ExecContext *c = data;
4372 int r;
4373
4374 assert(filename);
4375 assert(lvalue);
4376 assert(rvalue);
4377 assert(data);
4378
4379 r = parse_boolean(rvalue);
4380 if (r < 0) {
4381 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse boolean value, ignoring: %s", rvalue);
4382 return 0;
4383 }
4384
4385 c->no_new_privileges = r;
4386
4387 return 0;
4388 }
4389
4390 int config_parse_protect_home(
4391 const char* unit,
4392 const char *filename,
4393 unsigned line,
4394 const char *section,
4395 unsigned section_line,
4396 const char *lvalue,
4397 int ltype,
4398 const char *rvalue,
4399 void *data,
4400 void *userdata) {
4401
4402 ExecContext *c = data;
4403 ProtectHome h;
4404
4405 assert(filename);
4406 assert(lvalue);
4407 assert(rvalue);
4408 assert(data);
4409
4410 /* Our enum shall be a superset of booleans, hence first try
4411 * to parse as boolean, and then as enum */
4412
4413 h = parse_protect_home_or_bool(rvalue);
4414 if (h < 0) {
4415 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse protect home value, ignoring: %s", rvalue);
4416 return 0;
4417 }
4418
4419 c->protect_home = h;
4420
4421 return 0;
4422 }
4423
4424 int config_parse_protect_system(
4425 const char* unit,
4426 const char *filename,
4427 unsigned line,
4428 const char *section,
4429 unsigned section_line,
4430 const char *lvalue,
4431 int ltype,
4432 const char *rvalue,
4433 void *data,
4434 void *userdata) {
4435
4436 ExecContext *c = data;
4437 ProtectSystem s;
4438
4439 assert(filename);
4440 assert(lvalue);
4441 assert(rvalue);
4442 assert(data);
4443
4444 s = parse_protect_system_or_bool(rvalue);
4445 if (s < 0) {
4446 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse protect system value, ignoring: %s", rvalue);
4447 return 0;
4448 }
4449
4450 c->protect_system = s;
4451
4452 return 0;
4453 }
4454
4455 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_keyring_mode, exec_keyring_mode, ExecKeyringMode, "Failed to parse keyring mode");
4456
4457 int config_parse_job_timeout_sec(
4458 const char* unit,
4459 const char *filename,
4460 unsigned line,
4461 const char *section,
4462 unsigned section_line,
4463 const char *lvalue,
4464 int ltype,
4465 const char *rvalue,
4466 void *data,
4467 void *userdata) {
4468
4469 Unit *u = data;
4470 usec_t usec;
4471 int r;
4472
4473 assert(filename);
4474 assert(lvalue);
4475 assert(rvalue);
4476 assert(u);
4477
4478 r = parse_sec_fix_0(rvalue, &usec);
4479 if (r < 0) {
4480 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobTimeoutSec= parameter, ignoring: %s", rvalue);
4481 return 0;
4482 }
4483
4484 /* If the user explicitly changed JobTimeoutSec= also change JobRunningTimeoutSec=, for compatibility with old
4485 * versions. If JobRunningTimeoutSec= was explicitly set, avoid this however as whatever the user picked should
4486 * count. */
4487
4488 if (!u->job_running_timeout_set)
4489 u->job_running_timeout = usec;
4490
4491 u->job_timeout = usec;
4492
4493 return 0;
4494 }
4495
4496 int config_parse_job_running_timeout_sec(
4497 const char* unit,
4498 const char *filename,
4499 unsigned line,
4500 const char *section,
4501 unsigned section_line,
4502 const char *lvalue,
4503 int ltype,
4504 const char *rvalue,
4505 void *data,
4506 void *userdata) {
4507
4508 Unit *u = data;
4509 usec_t usec;
4510 int r;
4511
4512 assert(filename);
4513 assert(lvalue);
4514 assert(rvalue);
4515 assert(u);
4516
4517 r = parse_sec_fix_0(rvalue, &usec);
4518 if (r < 0) {
4519 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobRunningTimeoutSec= parameter, ignoring: %s", rvalue);
4520 return 0;
4521 }
4522
4523 u->job_running_timeout = usec;
4524 u->job_running_timeout_set = true;
4525
4526 return 0;
4527 }
4528
4529 #define FOLLOW_MAX 8
4530
4531 static int open_follow(char **filename, FILE **_f, Set *names, char **_final) {
4532 char *id = NULL;
4533 unsigned c = 0;
4534 int fd, r;
4535 FILE *f;
4536
4537 assert(filename);
4538 assert(*filename);
4539 assert(_f);
4540 assert(names);
4541
4542 /* This will update the filename pointer if the loaded file is
4543 * reached by a symlink. The old string will be freed. */
4544
4545 for (;;) {
4546 char *target, *name;
4547
4548 if (c++ >= FOLLOW_MAX)
4549 return -ELOOP;
4550
4551 path_kill_slashes(*filename);
4552
4553 /* Add the file name we are currently looking at to
4554 * the names of this unit, but only if it is a valid
4555 * unit name. */
4556 name = basename(*filename);
4557 if (unit_name_is_valid(name, UNIT_NAME_ANY)) {
4558
4559 id = set_get(names, name);
4560 if (!id) {
4561 id = strdup(name);
4562 if (!id)
4563 return -ENOMEM;
4564
4565 r = set_consume(names, id);
4566 if (r < 0)
4567 return r;
4568 }
4569 }
4570
4571 /* Try to open the file name, but don't if its a symlink */
4572 fd = open(*filename, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW);
4573 if (fd >= 0)
4574 break;
4575
4576 if (errno != ELOOP)
4577 return -errno;
4578
4579 /* Hmm, so this is a symlink. Let's read the name, and follow it manually */
4580 r = readlink_and_make_absolute(*filename, &target);
4581 if (r < 0)
4582 return r;
4583
4584 free(*filename);
4585 *filename = target;
4586 }
4587
4588 f = fdopen(fd, "re");
4589 if (!f) {
4590 safe_close(fd);
4591 return -errno;
4592 }
4593
4594 *_f = f;
4595 *_final = id;
4596
4597 return 0;
4598 }
4599
4600 static int merge_by_names(Unit **u, Set *names, const char *id) {
4601 char *k;
4602 int r;
4603
4604 assert(u);
4605 assert(*u);
4606 assert(names);
4607
4608 /* Let's try to add in all symlink names we found */
4609 while ((k = set_steal_first(names))) {
4610
4611 /* First try to merge in the other name into our
4612 * unit */
4613 r = unit_merge_by_name(*u, k);
4614 if (r < 0) {
4615 Unit *other;
4616
4617 /* Hmm, we couldn't merge the other unit into
4618 * ours? Then let's try it the other way
4619 * round */
4620
4621 /* If the symlink name we are looking at is unit template, then
4622 we must search for instance of this template */
4623 if (unit_name_is_valid(k, UNIT_NAME_TEMPLATE) && (*u)->instance) {
4624 _cleanup_free_ char *instance = NULL;
4625
4626 r = unit_name_replace_instance(k, (*u)->instance, &instance);
4627 if (r < 0)
4628 return r;
4629
4630 other = manager_get_unit((*u)->manager, instance);
4631 } else
4632 other = manager_get_unit((*u)->manager, k);
4633
4634 free(k);
4635
4636 if (other) {
4637 r = unit_merge(other, *u);
4638 if (r >= 0) {
4639 *u = other;
4640 return merge_by_names(u, names, NULL);
4641 }
4642 }
4643
4644 return r;
4645 }
4646
4647 if (id == k)
4648 unit_choose_id(*u, id);
4649
4650 free(k);
4651 }
4652
4653 return 0;
4654 }
4655
4656 static int load_from_path(Unit *u, const char *path) {
4657 _cleanup_set_free_free_ Set *symlink_names = NULL;
4658 _cleanup_fclose_ FILE *f = NULL;
4659 _cleanup_free_ char *filename = NULL;
4660 char *id = NULL;
4661 Unit *merged;
4662 struct stat st;
4663 int r;
4664
4665 assert(u);
4666 assert(path);
4667
4668 symlink_names = set_new(&string_hash_ops);
4669 if (!symlink_names)
4670 return -ENOMEM;
4671
4672 if (path_is_absolute(path)) {
4673
4674 filename = strdup(path);
4675 if (!filename)
4676 return -ENOMEM;
4677
4678 r = open_follow(&filename, &f, symlink_names, &id);
4679 if (r < 0) {
4680 filename = mfree(filename);
4681 if (r != -ENOENT)
4682 return r;
4683 }
4684
4685 } else {
4686 char **p;
4687
4688 STRV_FOREACH(p, u->manager->lookup_paths.search_path) {
4689
4690 /* Instead of opening the path right away, we manually
4691 * follow all symlinks and add their name to our unit
4692 * name set while doing so */
4693 filename = path_make_absolute(path, *p);
4694 if (!filename)
4695 return -ENOMEM;
4696
4697 if (u->manager->unit_path_cache &&
4698 !set_get(u->manager->unit_path_cache, filename))
4699 r = -ENOENT;
4700 else
4701 r = open_follow(&filename, &f, symlink_names, &id);
4702 if (r >= 0)
4703 break;
4704 filename = mfree(filename);
4705
4706 /* ENOENT means that the file is missing or is a dangling symlink.
4707 * ENOTDIR means that one of paths we expect to be is a directory
4708 * is not a directory, we should just ignore that.
4709 * EACCES means that the directory or file permissions are wrong.
4710 */
4711 if (r == -EACCES)
4712 log_debug_errno(r, "Cannot access \"%s\": %m", filename);
4713 else if (!IN_SET(r, -ENOENT, -ENOTDIR))
4714 return r;
4715
4716 /* Empty the symlink names for the next run */
4717 set_clear_free(symlink_names);
4718 }
4719 }
4720
4721 if (!filename)
4722 /* Hmm, no suitable file found? */
4723 return 0;
4724
4725 if (!unit_type_may_alias(u->type) && set_size(symlink_names) > 1) {
4726 log_unit_warning(u, "Unit type of %s does not support alias names, refusing loading via symlink.", u->id);
4727 return -ELOOP;
4728 }
4729
4730 merged = u;
4731 r = merge_by_names(&merged, symlink_names, id);
4732 if (r < 0)
4733 return r;
4734
4735 if (merged != u) {
4736 u->load_state = UNIT_MERGED;
4737 return 0;
4738 }
4739
4740 if (fstat(fileno(f), &st) < 0)
4741 return -errno;
4742
4743 if (null_or_empty(&st)) {
4744 u->load_state = UNIT_MASKED;
4745 u->fragment_mtime = 0;
4746 } else {
4747 u->load_state = UNIT_LOADED;
4748 u->fragment_mtime = timespec_load(&st.st_mtim);
4749
4750 /* Now, parse the file contents */
4751 r = config_parse(u->id, filename, f,
4752 UNIT_VTABLE(u)->sections,
4753 config_item_perf_lookup, load_fragment_gperf_lookup,
4754 CONFIG_PARSE_ALLOW_INCLUDE, u);
4755 if (r < 0)
4756 return r;
4757 }
4758
4759 free_and_replace(u->fragment_path, filename);
4760
4761 if (u->source_path) {
4762 if (stat(u->source_path, &st) >= 0)
4763 u->source_mtime = timespec_load(&st.st_mtim);
4764 else
4765 u->source_mtime = 0;
4766 }
4767
4768 return 0;
4769 }
4770
4771 int unit_load_fragment(Unit *u) {
4772 int r;
4773 Iterator i;
4774 const char *t;
4775
4776 assert(u);
4777 assert(u->load_state == UNIT_STUB);
4778 assert(u->id);
4779
4780 if (u->transient) {
4781 u->load_state = UNIT_LOADED;
4782 return 0;
4783 }
4784
4785 /* First, try to find the unit under its id. We always look
4786 * for unit files in the default directories, to make it easy
4787 * to override things by placing things in /etc/systemd/system */
4788 r = load_from_path(u, u->id);
4789 if (r < 0)
4790 return r;
4791
4792 /* Try to find an alias we can load this with */
4793 if (u->load_state == UNIT_STUB) {
4794 SET_FOREACH(t, u->names, i) {
4795
4796 if (t == u->id)
4797 continue;
4798
4799 r = load_from_path(u, t);
4800 if (r < 0)
4801 return r;
4802
4803 if (u->load_state != UNIT_STUB)
4804 break;
4805 }
4806 }
4807
4808 /* And now, try looking for it under the suggested (originally linked) path */
4809 if (u->load_state == UNIT_STUB && u->fragment_path) {
4810
4811 r = load_from_path(u, u->fragment_path);
4812 if (r < 0)
4813 return r;
4814
4815 if (u->load_state == UNIT_STUB)
4816 /* Hmm, this didn't work? Then let's get rid
4817 * of the fragment path stored for us, so that
4818 * we don't point to an invalid location. */
4819 u->fragment_path = mfree(u->fragment_path);
4820 }
4821
4822 /* Look for a template */
4823 if (u->load_state == UNIT_STUB && u->instance) {
4824 _cleanup_free_ char *k = NULL;
4825
4826 r = unit_name_template(u->id, &k);
4827 if (r < 0)
4828 return r;
4829
4830 r = load_from_path(u, k);
4831 if (r < 0) {
4832 if (r == -ENOEXEC)
4833 log_unit_notice(u, "Unit configuration has fatal error, unit will not be started.");
4834 return r;
4835 }
4836
4837 if (u->load_state == UNIT_STUB) {
4838 SET_FOREACH(t, u->names, i) {
4839 _cleanup_free_ char *z = NULL;
4840
4841 if (t == u->id)
4842 continue;
4843
4844 r = unit_name_template(t, &z);
4845 if (r < 0)
4846 return r;
4847
4848 r = load_from_path(u, z);
4849 if (r < 0)
4850 return r;
4851
4852 if (u->load_state != UNIT_STUB)
4853 break;
4854 }
4855 }
4856 }
4857
4858 return 0;
4859 }
4860
4861 void unit_dump_config_items(FILE *f) {
4862 static const struct {
4863 const ConfigParserCallback callback;
4864 const char *rvalue;
4865 } table[] = {
4866 { config_parse_warn_compat, "NOTSUPPORTED" },
4867 { config_parse_int, "INTEGER" },
4868 { config_parse_unsigned, "UNSIGNED" },
4869 { config_parse_iec_size, "SIZE" },
4870 { config_parse_iec_uint64, "SIZE" },
4871 { config_parse_si_size, "SIZE" },
4872 { config_parse_bool, "BOOLEAN" },
4873 { config_parse_string, "STRING" },
4874 { config_parse_path, "PATH" },
4875 { config_parse_unit_path_printf, "PATH" },
4876 { config_parse_strv, "STRING [...]" },
4877 { config_parse_exec_nice, "NICE" },
4878 { config_parse_exec_oom_score_adjust, "OOMSCOREADJUST" },
4879 { config_parse_exec_io_class, "IOCLASS" },
4880 { config_parse_exec_io_priority, "IOPRIORITY" },
4881 { config_parse_exec_cpu_sched_policy, "CPUSCHEDPOLICY" },
4882 { config_parse_exec_cpu_sched_prio, "CPUSCHEDPRIO" },
4883 { config_parse_exec_cpu_affinity, "CPUAFFINITY" },
4884 { config_parse_mode, "MODE" },
4885 { config_parse_unit_env_file, "FILE" },
4886 { config_parse_exec_output, "OUTPUT" },
4887 { config_parse_exec_input, "INPUT" },
4888 { config_parse_log_facility, "FACILITY" },
4889 { config_parse_log_level, "LEVEL" },
4890 { config_parse_exec_secure_bits, "SECUREBITS" },
4891 { config_parse_capability_set, "BOUNDINGSET" },
4892 { config_parse_rlimit, "LIMIT" },
4893 { config_parse_unit_deps, "UNIT [...]" },
4894 { config_parse_exec, "PATH [ARGUMENT [...]]" },
4895 { config_parse_service_type, "SERVICETYPE" },
4896 { config_parse_service_restart, "SERVICERESTART" },
4897 { config_parse_kill_mode, "KILLMODE" },
4898 { config_parse_signal, "SIGNAL" },
4899 { config_parse_socket_listen, "SOCKET [...]" },
4900 { config_parse_socket_bind, "SOCKETBIND" },
4901 { config_parse_socket_bindtodevice, "NETWORKINTERFACE" },
4902 { config_parse_sec, "SECONDS" },
4903 { config_parse_nsec, "NANOSECONDS" },
4904 { config_parse_namespace_path_strv, "PATH [...]" },
4905 { config_parse_bind_paths, "PATH[:PATH[:OPTIONS]] [...]" },
4906 { config_parse_unit_requires_mounts_for, "PATH [...]" },
4907 { config_parse_exec_mount_flags, "MOUNTFLAG [...]" },
4908 { config_parse_unit_string_printf, "STRING" },
4909 { config_parse_trigger_unit, "UNIT" },
4910 { config_parse_timer, "TIMER" },
4911 { config_parse_path_spec, "PATH" },
4912 { config_parse_notify_access, "ACCESS" },
4913 { config_parse_ip_tos, "TOS" },
4914 { config_parse_unit_condition_path, "CONDITION" },
4915 { config_parse_unit_condition_string, "CONDITION" },
4916 { config_parse_unit_condition_null, "CONDITION" },
4917 { config_parse_unit_slice, "SLICE" },
4918 { config_parse_documentation, "URL" },
4919 { config_parse_service_timeout, "SECONDS" },
4920 { config_parse_emergency_action, "ACTION" },
4921 { config_parse_set_status, "STATUS" },
4922 { config_parse_service_sockets, "SOCKETS" },
4923 { config_parse_environ, "ENVIRON" },
4924 #if HAVE_SECCOMP
4925 { config_parse_syscall_filter, "SYSCALLS" },
4926 { config_parse_syscall_archs, "ARCHS" },
4927 { config_parse_syscall_errno, "ERRNO" },
4928 { config_parse_address_families, "FAMILIES" },
4929 { config_parse_restrict_namespaces, "NAMESPACES" },
4930 #endif
4931 { config_parse_cpu_shares, "SHARES" },
4932 { config_parse_cpu_weight, "WEIGHT" },
4933 { config_parse_memory_limit, "LIMIT" },
4934 { config_parse_device_allow, "DEVICE" },
4935 { config_parse_device_policy, "POLICY" },
4936 { config_parse_io_limit, "LIMIT" },
4937 { config_parse_io_weight, "WEIGHT" },
4938 { config_parse_io_device_weight, "DEVICEWEIGHT" },
4939 { config_parse_blockio_bandwidth, "BANDWIDTH" },
4940 { config_parse_blockio_weight, "WEIGHT" },
4941 { config_parse_blockio_device_weight, "DEVICEWEIGHT" },
4942 { config_parse_long, "LONG" },
4943 { config_parse_socket_service, "SERVICE" },
4944 #if HAVE_SELINUX
4945 { config_parse_exec_selinux_context, "LABEL" },
4946 #endif
4947 { config_parse_job_mode, "MODE" },
4948 { config_parse_job_mode_isolate, "BOOLEAN" },
4949 { config_parse_personality, "PERSONALITY" },
4950 };
4951
4952 const char *prev = NULL;
4953 const char *i;
4954
4955 assert(f);
4956
4957 NULSTR_FOREACH(i, load_fragment_gperf_nulstr) {
4958 const char *rvalue = "OTHER", *lvalue;
4959 const ConfigPerfItem *p;
4960 size_t prefix_len;
4961 const char *dot;
4962 unsigned j;
4963
4964 assert_se(p = load_fragment_gperf_lookup(i, strlen(i)));
4965
4966 /* Hide legacy settings */
4967 if (p->parse == config_parse_warn_compat &&
4968 p->ltype == DISABLED_LEGACY)
4969 continue;
4970
4971 for (j = 0; j < ELEMENTSOF(table); j++)
4972 if (p->parse == table[j].callback) {
4973 rvalue = table[j].rvalue;
4974 break;
4975 }
4976
4977 dot = strchr(i, '.');
4978 lvalue = dot ? dot + 1 : i;
4979 prefix_len = dot-i;
4980
4981 if (dot)
4982 if (!prev || !strneq(prev, i, prefix_len+1)) {
4983 if (prev)
4984 fputc('\n', f);
4985
4986 fprintf(f, "[%.*s]\n", (int) prefix_len, i);
4987 }
4988
4989 fprintf(f, "%s=%s\n", lvalue, rvalue);
4990 prev = i;
4991 }
4992 }
Unnamed repository; edit this file 'description' to name the repository.