]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/load-fragment.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
load-fragment: make WorkingDirectory= accept the empty string
[thirdparty/systemd.git] / src / core / load-fragment.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6 Copyright 2012 Holger Hans Peter Freyther
7 ***/
8
9 #include <errno.h>
10 #include <fcntl.h>
11 #include <linux/fs.h>
12 #include <linux/oom.h>
13 #if HAVE_SECCOMP
14 #include <seccomp.h>
15 #endif
16 #include <sched.h>
17 #include <string.h>
18 #include <sys/resource.h>
19 #include <sys/stat.h>
20
21 #include "af-list.h"
22 #include "alloc-util.h"
23 #include "all-units.h"
24 #include "bus-error.h"
25 #include "bus-internal.h"
26 #include "bus-util.h"
27 #include "cap-list.h"
28 #include "capability-util.h"
29 #include "cgroup.h"
30 #include "conf-parser.h"
31 #include "cpu-set-util.h"
32 #include "env-util.h"
33 #include "errno-list.h"
34 #include "escape.h"
35 #include "fd-util.h"
36 #include "fs-util.h"
37 #include "hexdecoct.h"
38 #include "io-util.h"
39 #include "ioprio.h"
40 #include "journal-util.h"
41 #include "load-fragment.h"
42 #include "log.h"
43 #include "missing.h"
44 #include "mount-util.h"
45 #include "parse-util.h"
46 #include "path-util.h"
47 #include "process-util.h"
48 #if HAVE_SECCOMP
49 #include "seccomp-util.h"
50 #endif
51 #include "securebits.h"
52 #include "securebits-util.h"
53 #include "signal-util.h"
54 #include "socket-protocol-list.h"
55 #include "stat-util.h"
56 #include "string-util.h"
57 #include "strv.h"
58 #include "unit-name.h"
59 #include "unit-printf.h"
60 #include "user-util.h"
61 #include "utf8.h"
62 #include "web-util.h"
63
64 DEFINE_CONFIG_PARSE_ENUM(config_parse_collect_mode, collect_mode, CollectMode, "Failed to parse garbage collection mode");
65
66 int config_parse_unit_deps(
67 const char *unit,
68 const char *filename,
69 unsigned line,
70 const char *section,
71 unsigned section_line,
72 const char *lvalue,
73 int ltype,
74 const char *rvalue,
75 void *data,
76 void *userdata) {
77
78 UnitDependency d = ltype;
79 Unit *u = userdata;
80 const char *p;
81
82 assert(filename);
83 assert(lvalue);
84 assert(rvalue);
85
86 p = rvalue;
87 for (;;) {
88 _cleanup_free_ char *word = NULL, *k = NULL;
89 int r;
90
91 r = extract_first_word(&p, &word, NULL, EXTRACT_RETAIN_ESCAPE);
92 if (r == 0)
93 break;
94 if (r == -ENOMEM)
95 return log_oom();
96 if (r < 0) {
97 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
98 break;
99 }
100
101 r = unit_name_printf(u, word, &k);
102 if (r < 0) {
103 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
104 continue;
105 }
106
107 r = unit_add_dependency_by_name(u, d, k, NULL, true, UNIT_DEPENDENCY_FILE);
108 if (r < 0)
109 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
110 }
111
112 return 0;
113 }
114
115 int config_parse_obsolete_unit_deps(
116 const char *unit,
117 const char *filename,
118 unsigned line,
119 const char *section,
120 unsigned section_line,
121 const char *lvalue,
122 int ltype,
123 const char *rvalue,
124 void *data,
125 void *userdata) {
126
127 log_syntax(unit, LOG_WARNING, filename, line, 0,
128 "Unit dependency type %s= is obsolete, replacing by %s=, please update your unit file", lvalue, unit_dependency_to_string(ltype));
129
130 return config_parse_unit_deps(unit, filename, line, section, section_line, lvalue, ltype, rvalue, data, userdata);
131 }
132
133 int config_parse_unit_string_printf(
134 const char *unit,
135 const char *filename,
136 unsigned line,
137 const char *section,
138 unsigned section_line,
139 const char *lvalue,
140 int ltype,
141 const char *rvalue,
142 void *data,
143 void *userdata) {
144
145 _cleanup_free_ char *k = NULL;
146 Unit *u = userdata;
147 int r;
148
149 assert(filename);
150 assert(lvalue);
151 assert(rvalue);
152 assert(u);
153
154 r = unit_full_printf(u, rvalue, &k);
155 if (r < 0) {
156 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
157 return 0;
158 }
159
160 return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
161 }
162
163 int config_parse_unit_strv_printf(
164 const char *unit,
165 const char *filename,
166 unsigned line,
167 const char *section,
168 unsigned section_line,
169 const char *lvalue,
170 int ltype,
171 const char *rvalue,
172 void *data,
173 void *userdata) {
174
175 Unit *u = userdata;
176 _cleanup_free_ char *k = NULL;
177 int r;
178
179 assert(filename);
180 assert(lvalue);
181 assert(rvalue);
182 assert(u);
183
184 r = unit_full_printf(u, rvalue, &k);
185 if (r < 0) {
186 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
187 return 0;
188 }
189
190 return config_parse_strv(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
191 }
192
193 int config_parse_unit_path_printf(
194 const char *unit,
195 const char *filename,
196 unsigned line,
197 const char *section,
198 unsigned section_line,
199 const char *lvalue,
200 int ltype,
201 const char *rvalue,
202 void *data,
203 void *userdata) {
204
205 _cleanup_free_ char *k = NULL;
206 Unit *u = userdata;
207 int r;
208 bool fatal = ltype;
209
210 assert(filename);
211 assert(lvalue);
212 assert(rvalue);
213 assert(u);
214
215 /* Let's not bother with anything that is too long */
216 if (strlen(rvalue) >= PATH_MAX) {
217 log_syntax(unit, LOG_ERR, filename, line, 0,
218 "%s value too long%s.",
219 lvalue, fatal ? "" : ", ignoring");
220 return fatal ? -ENAMETOOLONG : 0;
221 }
222
223 r = unit_full_printf(u, rvalue, &k);
224 if (r < 0) {
225 log_syntax(unit, LOG_ERR, filename, line, r,
226 "Failed to resolve unit specifiers in '%s'%s: %m",
227 rvalue, fatal ? "" : ", ignoring");
228 return fatal ? -ENOEXEC : 0;
229 }
230
231 return config_parse_path(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
232 }
233
234 int config_parse_unit_path_strv_printf(
235 const char *unit,
236 const char *filename,
237 unsigned line,
238 const char *section,
239 unsigned section_line,
240 const char *lvalue,
241 int ltype,
242 const char *rvalue,
243 void *data,
244 void *userdata) {
245
246 char ***x = data;
247 Unit *u = userdata;
248 int r;
249 const char *p;
250
251 assert(filename);
252 assert(lvalue);
253 assert(rvalue);
254 assert(u);
255
256 if (isempty(rvalue)) {
257 *x = strv_free(*x);
258 return 0;
259 }
260
261 for (p = rvalue;;) {
262 _cleanup_free_ char *word = NULL, *k = NULL;
263
264 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
265 if (r == 0)
266 return 0;
267 if (r == -ENOMEM)
268 return log_oom();
269 if (r < 0) {
270 log_syntax(unit, LOG_WARNING, filename, line, r,
271 "Invalid syntax, ignoring: %s", rvalue);
272 return 0;
273 }
274
275 r = unit_full_printf(u, word, &k);
276 if (r < 0) {
277 log_syntax(unit, LOG_ERR, filename, line, r,
278 "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
279 return 0;
280 }
281
282 if (!utf8_is_valid(k)) {
283 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
284 return 0;
285 }
286
287 if (!path_is_absolute(k)) {
288 log_syntax(unit, LOG_ERR, filename, line, 0,
289 "Symlink path is not absolute: %s", k);
290 return 0;
291 }
292
293 path_kill_slashes(k);
294
295 r = strv_push(x, k);
296 if (r < 0)
297 return log_oom();
298 k = NULL;
299 }
300 }
301
302 int config_parse_socket_listen(const char *unit,
303 const char *filename,
304 unsigned line,
305 const char *section,
306 unsigned section_line,
307 const char *lvalue,
308 int ltype,
309 const char *rvalue,
310 void *data,
311 void *userdata) {
312
313 _cleanup_free_ SocketPort *p = NULL;
314 SocketPort *tail;
315 Socket *s;
316 int r;
317
318 assert(filename);
319 assert(lvalue);
320 assert(rvalue);
321 assert(data);
322
323 s = SOCKET(data);
324
325 if (isempty(rvalue)) {
326 /* An empty assignment removes all ports */
327 socket_free_ports(s);
328 return 0;
329 }
330
331 p = new0(SocketPort, 1);
332 if (!p)
333 return log_oom();
334
335 if (ltype != SOCKET_SOCKET) {
336
337 p->type = ltype;
338 r = unit_full_printf(UNIT(s), rvalue, &p->path);
339 if (r < 0) {
340 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
341 return 0;
342 }
343
344 path_kill_slashes(p->path);
345
346 } else if (streq(lvalue, "ListenNetlink")) {
347 _cleanup_free_ char *k = NULL;
348
349 p->type = SOCKET_SOCKET;
350 r = unit_full_printf(UNIT(s), rvalue, &k);
351 if (r < 0) {
352 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
353 return 0;
354 }
355
356 r = socket_address_parse_netlink(&p->address, k);
357 if (r < 0) {
358 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k);
359 return 0;
360 }
361
362 } else {
363 _cleanup_free_ char *k = NULL;
364
365 p->type = SOCKET_SOCKET;
366 r = unit_full_printf(UNIT(s), rvalue, &k);
367 if (r < 0) {
368 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
369 return 0;
370 }
371
372 r = socket_address_parse_and_warn(&p->address, k);
373 if (r < 0) {
374 if (r != -EAFNOSUPPORT)
375 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k);
376 return 0;
377 }
378
379 if (streq(lvalue, "ListenStream"))
380 p->address.type = SOCK_STREAM;
381 else if (streq(lvalue, "ListenDatagram"))
382 p->address.type = SOCK_DGRAM;
383 else {
384 assert(streq(lvalue, "ListenSequentialPacket"));
385 p->address.type = SOCK_SEQPACKET;
386 }
387
388 if (socket_address_family(&p->address) != AF_LOCAL && p->address.type == SOCK_SEQPACKET) {
389 log_syntax(unit, LOG_ERR, filename, line, 0, "Address family not supported, ignoring: %s", rvalue);
390 return 0;
391 }
392 }
393
394 p->fd = -1;
395 p->auxiliary_fds = NULL;
396 p->n_auxiliary_fds = 0;
397 p->socket = s;
398
399 LIST_FIND_TAIL(port, s->ports, tail);
400 LIST_INSERT_AFTER(port, s->ports, tail, p);
401
402 p = NULL;
403
404 return 0;
405 }
406
407 int config_parse_socket_protocol(const char *unit,
408 const char *filename,
409 unsigned line,
410 const char *section,
411 unsigned section_line,
412 const char *lvalue,
413 int ltype,
414 const char *rvalue,
415 void *data,
416 void *userdata) {
417 Socket *s;
418 int r;
419
420 assert(filename);
421 assert(lvalue);
422 assert(rvalue);
423 assert(data);
424
425 s = SOCKET(data);
426
427 r = socket_protocol_from_name(rvalue);
428 if (r < 0) {
429 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid socket protocol '%s', ignoring: %m", rvalue);
430 return 0;
431 } else if (!IN_SET(r, IPPROTO_UDPLITE, IPPROTO_SCTP)) {
432 log_syntax(unit, LOG_ERR, filename, line, 0, "Socket protocol not supported, ignoring: %s", rvalue);
433 return 0;
434 }
435
436 s->socket_protocol = r;
437
438 return 0;
439 }
440
441 int config_parse_socket_bind(const char *unit,
442 const char *filename,
443 unsigned line,
444 const char *section,
445 unsigned section_line,
446 const char *lvalue,
447 int ltype,
448 const char *rvalue,
449 void *data,
450 void *userdata) {
451
452 Socket *s;
453 SocketAddressBindIPv6Only b;
454
455 assert(filename);
456 assert(lvalue);
457 assert(rvalue);
458 assert(data);
459
460 s = SOCKET(data);
461
462 b = parse_socket_address_bind_ipv6_only_or_bool(rvalue);
463 if (b < 0) {
464 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse bind IPv6 only value, ignoring: %s", rvalue);
465 return 0;
466 }
467
468 s->bind_ipv6_only = b;
469
470 return 0;
471 }
472
473 int config_parse_exec_nice(
474 const char *unit,
475 const char *filename,
476 unsigned line,
477 const char *section,
478 unsigned section_line,
479 const char *lvalue,
480 int ltype,
481 const char *rvalue,
482 void *data,
483 void *userdata) {
484
485 ExecContext *c = data;
486 int priority, r;
487
488 assert(filename);
489 assert(lvalue);
490 assert(rvalue);
491 assert(data);
492
493 if (isempty(rvalue)) {
494 c->nice_set = false;
495 return 0;
496 }
497
498 r = parse_nice(rvalue, &priority);
499 if (r < 0) {
500 if (r == -ERANGE)
501 log_syntax(unit, LOG_ERR, filename, line, r, "Nice priority out of range, ignoring: %s", rvalue);
502 else
503 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse nice priority '%s', ignoring: %m", rvalue);
504 return 0;
505 }
506
507 c->nice = priority;
508 c->nice_set = true;
509
510 return 0;
511 }
512
513 int config_parse_exec_oom_score_adjust(
514 const char* unit,
515 const char *filename,
516 unsigned line,
517 const char *section,
518 unsigned section_line,
519 const char *lvalue,
520 int ltype,
521 const char *rvalue,
522 void *data,
523 void *userdata) {
524
525 ExecContext *c = data;
526 int oa, r;
527
528 assert(filename);
529 assert(lvalue);
530 assert(rvalue);
531 assert(data);
532
533 if (isempty(rvalue)) {
534 c->oom_score_adjust_set = false;
535 return 0;
536 }
537
538 r = parse_oom_score_adjust(rvalue, &oa);
539 if (r < 0) {
540 if (r == -ERANGE)
541 log_syntax(unit, LOG_ERR, filename, line, r, "OOM score adjust value out of range, ignoring: %s", rvalue);
542 else
543 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse the OOM score adjust value '%s', ignoring: %m", rvalue);
544 return 0;
545 }
546
547 c->oom_score_adjust = oa;
548 c->oom_score_adjust_set = true;
549
550 return 0;
551 }
552
553 int config_parse_exec(
554 const char *unit,
555 const char *filename,
556 unsigned line,
557 const char *section,
558 unsigned section_line,
559 const char *lvalue,
560 int ltype,
561 const char *rvalue,
562 void *data,
563 void *userdata) {
564
565 ExecCommand **e = data;
566 Unit *u = userdata;
567 const char *p;
568 bool semicolon;
569 int r;
570
571 assert(filename);
572 assert(lvalue);
573 assert(rvalue);
574 assert(e);
575
576 e += ltype;
577 rvalue += strspn(rvalue, WHITESPACE);
578
579 if (isempty(rvalue)) {
580 /* An empty assignment resets the list */
581 *e = exec_command_free_list(*e);
582 return 0;
583 }
584
585 p = rvalue;
586 do {
587 _cleanup_free_ char *path = NULL, *firstword = NULL;
588 ExecCommandFlags flags = 0;
589 bool ignore = false, separate_argv0 = false;
590 _cleanup_free_ ExecCommand *nce = NULL;
591 _cleanup_strv_free_ char **n = NULL;
592 size_t nlen = 0, nbufsize = 0;
593 const char *f;
594
595 semicolon = false;
596
597 r = extract_first_word_and_warn(&p, &firstword, NULL, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
598 if (r <= 0)
599 return 0;
600
601 f = firstword;
602 for (;;) {
603 /* We accept an absolute path as first argument. If it's prefixed with - and the path doesn't
604 * exist, we ignore it instead of erroring out; if it's prefixed with @, we allow overriding of
605 * argv[0]; if it's prefixed with +, it will be run with full privileges and no sandboxing; if
606 * it's prefixed with '!' we apply sandboxing, but do not change user/group credentials; if
607 * it's prefixed with '!!', then we apply user/group credentials if the kernel supports ambient
608 * capabilities -- if it doesn't we don't apply the credentials themselves, but do apply most
609 * other sandboxing, with some special exceptions for changing UID.
610 *
611 * The idea is that '!!' may be used to write services that can take benefit of systemd's
612 * UID/GID dropping if the kernel supports ambient creds, but provide an automatic fallback to
613 * privilege dropping within the daemon if the kernel does not offer that. */
614
615 if (*f == '-' && !(flags & EXEC_COMMAND_IGNORE_FAILURE)) {
616 flags |= EXEC_COMMAND_IGNORE_FAILURE;
617 ignore = true;
618 } else if (*f == '@' && !separate_argv0)
619 separate_argv0 = true;
620 else if (*f == '+' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC)))
621 flags |= EXEC_COMMAND_FULLY_PRIVILEGED;
622 else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC)))
623 flags |= EXEC_COMMAND_NO_SETUID;
624 else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_AMBIENT_MAGIC))) {
625 flags &= ~EXEC_COMMAND_NO_SETUID;
626 flags |= EXEC_COMMAND_AMBIENT_MAGIC;
627 } else
628 break;
629 f++;
630 }
631
632 r = unit_full_printf(u, f, &path);
633 if (r < 0) {
634 log_syntax(unit, LOG_ERR, filename, line, r,
635 "Failed to resolve unit specifiers in '%s'%s: %m",
636 f, ignore ? ", ignoring" : "");
637 return ignore ? 0 : -ENOEXEC;
638 }
639
640 if (isempty(path)) {
641 /* First word is either "-" or "@" with no command. */
642 log_syntax(unit, LOG_ERR, filename, line, 0,
643 "Empty path in command line%s: '%s'",
644 ignore ? ", ignoring" : "", rvalue);
645 return ignore ? 0 : -ENOEXEC;
646 }
647 if (!string_is_safe(path)) {
648 log_syntax(unit, LOG_ERR, filename, line, 0,
649 "Executable name contains special characters%s: %s",
650 ignore ? ", ignoring" : "", path);
651 return ignore ? 0 : -ENOEXEC;
652 }
653 if (endswith(path, "/")) {
654 log_syntax(unit, LOG_ERR, filename, line, 0,
655 "Executable path specifies a directory%s: %s",
656 ignore ? ", ignoring" : "", path);
657 return ignore ? 0 : -ENOEXEC;
658 }
659
660 if (!path_is_absolute(path)) {
661 const char *prefix;
662 bool found = false;
663
664 if (!filename_is_valid(path)) {
665 log_syntax(unit, LOG_ERR, filename, line, 0,
666 "Neither a valid executable name nor an absolute path%s: %s",
667 ignore ? ", ignoring" : "", path);
668 return ignore ? 0 : -ENOEXEC;
669 }
670
671 /* Resolve a single-component name to a full path */
672 NULSTR_FOREACH(prefix, DEFAULT_PATH_NULSTR) {
673 _cleanup_free_ char *fullpath = NULL;
674
675 fullpath = strjoin(prefix, "/", path);
676 if (!fullpath)
677 return log_oom();
678
679 if (access(fullpath, F_OK) >= 0) {
680 free_and_replace(path, fullpath);
681 found = true;
682 break;
683 }
684 }
685
686 if (!found) {
687 log_syntax(unit, LOG_ERR, filename, line, 0,
688 "Executable \"%s\" not found in path \"%s\"%s",
689 path, DEFAULT_PATH, ignore ? ", ignoring" : "");
690 return ignore ? 0 : -ENOEXEC;
691 }
692 }
693
694 if (!separate_argv0) {
695 char *w = NULL;
696
697 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
698 return log_oom();
699
700 w = strdup(path);
701 if (!w)
702 return log_oom();
703 n[nlen++] = w;
704 n[nlen] = NULL;
705 }
706
707 path_kill_slashes(path);
708
709 while (!isempty(p)) {
710 _cleanup_free_ char *word = NULL, *resolved = NULL;
711
712 /* Check explicitly for an unquoted semicolon as
713 * command separator token. */
714 if (p[0] == ';' && (!p[1] || strchr(WHITESPACE, p[1]))) {
715 p++;
716 p += strspn(p, WHITESPACE);
717 semicolon = true;
718 break;
719 }
720
721 /* Check for \; explicitly, to not confuse it with \\; or "\;" or "\\;" etc.
722 * extract_first_word() would return the same for all of those. */
723 if (p[0] == '\\' && p[1] == ';' && (!p[2] || strchr(WHITESPACE, p[2]))) {
724 char *w;
725
726 p += 2;
727 p += strspn(p, WHITESPACE);
728
729 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
730 return log_oom();
731
732 w = strdup(";");
733 if (!w)
734 return log_oom();
735 n[nlen++] = w;
736 n[nlen] = NULL;
737 continue;
738 }
739
740 r = extract_first_word_and_warn(&p, &word, NULL, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
741 if (r == 0)
742 break;
743 if (r < 0)
744 return ignore ? 0 : -ENOEXEC;
745
746 r = unit_full_printf(u, word, &resolved);
747 if (r < 0) {
748 log_syntax(unit, LOG_ERR, filename, line, r,
749 "Failed to resolve unit specifiers in %s%s: %m",
750 word, ignore ? ", ignoring" : "");
751 return ignore ? 0 : -ENOEXEC;
752 }
753
754 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
755 return log_oom();
756
757 n[nlen++] = TAKE_PTR(resolved);
758 n[nlen] = NULL;
759 }
760
761 if (!n || !n[0]) {
762 log_syntax(unit, LOG_ERR, filename, line, 0,
763 "Empty executable name or zeroeth argument%s: %s",
764 ignore ? ", ignoring" : "", rvalue);
765 return ignore ? 0 : -ENOEXEC;
766 }
767
768 nce = new0(ExecCommand, 1);
769 if (!nce)
770 return log_oom();
771
772 nce->argv = TAKE_PTR(n);
773 nce->path = TAKE_PTR(path);
774 nce->flags = flags;
775
776 exec_command_append_list(e, nce);
777
778 /* Do not _cleanup_free_ these. */
779 nce = NULL;
780
781 rvalue = p;
782 } while (semicolon);
783
784 return 0;
785 }
786
787 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_type, service_type, ServiceType, "Failed to parse service type");
788 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_restart, service_restart, ServiceRestart, "Failed to parse service restart specifier");
789
790 int config_parse_socket_bindtodevice(
791 const char* unit,
792 const char *filename,
793 unsigned line,
794 const char *section,
795 unsigned section_line,
796 const char *lvalue,
797 int ltype,
798 const char *rvalue,
799 void *data,
800 void *userdata) {
801
802 Socket *s = data;
803
804 assert(filename);
805 assert(lvalue);
806 assert(rvalue);
807 assert(data);
808
809 if (isempty(rvalue) || streq(rvalue, "*")) {
810 s->bind_to_device = mfree(s->bind_to_device);
811 return 0;
812 }
813
814 if (!ifname_valid(rvalue)) {
815 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid interface name, ignoring: %s", rvalue);
816 return 0;
817 }
818
819 free_and_strdup(&s->bind_to_device, rvalue);
820
821 return 0;
822 }
823
824 int config_parse_exec_input(
825 const char *unit,
826 const char *filename,
827 unsigned line,
828 const char *section,
829 unsigned section_line,
830 const char *lvalue,
831 int ltype,
832 const char *rvalue,
833 void *data,
834 void *userdata) {
835
836 ExecContext *c = data;
837 Unit *u = userdata;
838 const char *n;
839 ExecInput ei;
840 int r;
841
842 assert(data);
843 assert(filename);
844 assert(line);
845 assert(rvalue);
846
847 n = startswith(rvalue, "fd:");
848 if (n) {
849 _cleanup_free_ char *resolved = NULL;
850
851 r = unit_full_printf(u, n, &resolved);
852 if (r < 0)
853 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", n);
854
855 if (isempty(resolved))
856 resolved = mfree(resolved);
857 else if (!fdname_is_valid(resolved)) {
858 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name: %s", resolved);
859 return -EINVAL;
860 }
861
862 free_and_replace(c->stdio_fdname[STDIN_FILENO], resolved);
863
864 ei = EXEC_INPUT_NAMED_FD;
865
866 } else if ((n = startswith(rvalue, "file:"))) {
867 _cleanup_free_ char *resolved = NULL;
868
869 r = unit_full_printf(u, n, &resolved);
870 if (r < 0)
871 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", n);
872
873 if (!path_is_absolute(resolved)) {
874 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires an absolute path name: %s", resolved);
875 return -EINVAL;
876 }
877
878 if (!path_is_normalized(resolved)) {
879 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires a normalized path name: %s", resolved);
880 return -EINVAL;
881 }
882
883 free_and_replace(c->stdio_file[STDIN_FILENO], resolved);
884
885 ei = EXEC_INPUT_FILE;
886
887 } else {
888 ei = exec_input_from_string(rvalue);
889 if (ei < 0) {
890 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse input specifier, ignoring: %s", rvalue);
891 return 0;
892 }
893 }
894
895 c->std_input = ei;
896 return 0;
897 }
898
899 int config_parse_exec_input_text(
900 const char *unit,
901 const char *filename,
902 unsigned line,
903 const char *section,
904 unsigned section_line,
905 const char *lvalue,
906 int ltype,
907 const char *rvalue,
908 void *data,
909 void *userdata) {
910
911 _cleanup_free_ char *unescaped = NULL, *resolved = NULL;
912 ExecContext *c = data;
913 Unit *u = userdata;
914 size_t sz;
915 void *p;
916 int r;
917
918 assert(data);
919 assert(filename);
920 assert(line);
921 assert(rvalue);
922
923 if (isempty(rvalue)) {
924 /* Reset if the empty string is assigned */
925 c->stdin_data = mfree(c->stdin_data);
926 c->stdin_data_size = 0;
927 return 0;
928 }
929
930 r = cunescape(rvalue, 0, &unescaped);
931 if (r < 0)
932 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode C escaped text '%s': %m", rvalue);
933
934 r = unit_full_printf(u, unescaped, &resolved);
935 if (r < 0)
936 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", unescaped);
937
938 sz = strlen(resolved);
939 if (c->stdin_data_size + sz + 1 < c->stdin_data_size || /* check for overflow */
940 c->stdin_data_size + sz + 1 > EXEC_STDIN_DATA_MAX) {
941 log_syntax(unit, LOG_ERR, filename, line, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX);
942 return -E2BIG;
943 }
944
945 p = realloc(c->stdin_data, c->stdin_data_size + sz + 1);
946 if (!p)
947 return log_oom();
948
949 *((char*) mempcpy((char*) p + c->stdin_data_size, resolved, sz)) = '\n';
950
951 c->stdin_data = p;
952 c->stdin_data_size += sz + 1;
953
954 return 0;
955 }
956
957 int config_parse_exec_input_data(
958 const char *unit,
959 const char *filename,
960 unsigned line,
961 const char *section,
962 unsigned section_line,
963 const char *lvalue,
964 int ltype,
965 const char *rvalue,
966 void *data,
967 void *userdata) {
968
969 _cleanup_free_ void *p = NULL;
970 ExecContext *c = data;
971 size_t sz;
972 void *q;
973 int r;
974
975 assert(data);
976 assert(filename);
977 assert(line);
978 assert(rvalue);
979
980 if (isempty(rvalue)) {
981 /* Reset if the empty string is assigned */
982 c->stdin_data = mfree(c->stdin_data);
983 c->stdin_data_size = 0;
984 return 0;
985 }
986
987 r = unbase64mem(rvalue, (size_t) -1, &p, &sz);
988 if (r < 0)
989 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode base64 data, ignoring: %s", rvalue);
990
991 assert(sz > 0);
992
993 if (c->stdin_data_size + sz < c->stdin_data_size || /* check for overflow */
994 c->stdin_data_size + sz > EXEC_STDIN_DATA_MAX) {
995 log_syntax(unit, LOG_ERR, filename, line, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX);
996 return -E2BIG;
997 }
998
999 q = realloc(c->stdin_data, c->stdin_data_size + sz);
1000 if (!q)
1001 return log_oom();
1002
1003 memcpy((uint8_t*) q + c->stdin_data_size, p, sz);
1004
1005 c->stdin_data = q;
1006 c->stdin_data_size += sz;
1007
1008 return 0;
1009 }
1010
1011 int config_parse_exec_output(
1012 const char *unit,
1013 const char *filename,
1014 unsigned line,
1015 const char *section,
1016 unsigned section_line,
1017 const char *lvalue,
1018 int ltype,
1019 const char *rvalue,
1020 void *data,
1021 void *userdata) {
1022
1023 _cleanup_free_ char *resolved = NULL;
1024 const char *n;
1025 ExecContext *c = data;
1026 Unit *u = userdata;
1027 ExecOutput eo;
1028 int r;
1029
1030 assert(data);
1031 assert(filename);
1032 assert(line);
1033 assert(lvalue);
1034 assert(rvalue);
1035
1036 n = startswith(rvalue, "fd:");
1037 if (n) {
1038 r = unit_full_printf(u, n, &resolved);
1039 if (r < 0)
1040 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n);
1041
1042 if (isempty(resolved))
1043 resolved = mfree(resolved);
1044 else if (!fdname_is_valid(resolved)) {
1045 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name: %s", resolved);
1046 return -EINVAL;
1047 }
1048
1049 eo = EXEC_OUTPUT_NAMED_FD;
1050
1051 } else if ((n = startswith(rvalue, "file:"))) {
1052
1053 r = unit_full_printf(u, n, &resolved);
1054 if (r < 0)
1055 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n);
1056
1057 if (!path_is_absolute(resolved)) {
1058 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires an absolute path name: %s", resolved);
1059 return -EINVAL;
1060 }
1061
1062 if (!path_is_normalized(resolved)) {
1063 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires a normalized path name, ignoring: %s", resolved);
1064 return -EINVAL;
1065 }
1066
1067 eo = EXEC_OUTPUT_FILE;
1068
1069 } else {
1070 eo = exec_output_from_string(rvalue);
1071 if (eo < 0) {
1072 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse output specifier, ignoring: %s", rvalue);
1073 return 0;
1074 }
1075 }
1076
1077 if (streq(lvalue, "StandardOutput")) {
1078 if (eo == EXEC_OUTPUT_NAMED_FD)
1079 free_and_replace(c->stdio_fdname[STDOUT_FILENO], resolved);
1080 else
1081 free_and_replace(c->stdio_file[STDOUT_FILENO], resolved);
1082
1083 c->std_output = eo;
1084
1085 } else {
1086 assert(streq(lvalue, "StandardError"));
1087
1088 if (eo == EXEC_OUTPUT_NAMED_FD)
1089 free_and_replace(c->stdio_fdname[STDERR_FILENO], resolved);
1090 else
1091 free_and_replace(c->stdio_file[STDERR_FILENO], resolved);
1092
1093 c->std_error = eo;
1094 }
1095
1096 return 0;
1097 }
1098
1099 int config_parse_exec_io_class(const char *unit,
1100 const char *filename,
1101 unsigned line,
1102 const char *section,
1103 unsigned section_line,
1104 const char *lvalue,
1105 int ltype,
1106 const char *rvalue,
1107 void *data,
1108 void *userdata) {
1109
1110 ExecContext *c = data;
1111 int x;
1112
1113 assert(filename);
1114 assert(lvalue);
1115 assert(rvalue);
1116 assert(data);
1117
1118 if (isempty(rvalue)) {
1119 c->ioprio_set = false;
1120 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
1121 return 0;
1122 }
1123
1124 x = ioprio_class_from_string(rvalue);
1125 if (x < 0) {
1126 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IO scheduling class, ignoring: %s", rvalue);
1127 return 0;
1128 }
1129
1130 c->ioprio = IOPRIO_PRIO_VALUE(x, IOPRIO_PRIO_DATA(c->ioprio));
1131 c->ioprio_set = true;
1132
1133 return 0;
1134 }
1135
1136 int config_parse_exec_io_priority(const char *unit,
1137 const char *filename,
1138 unsigned line,
1139 const char *section,
1140 unsigned section_line,
1141 const char *lvalue,
1142 int ltype,
1143 const char *rvalue,
1144 void *data,
1145 void *userdata) {
1146
1147 ExecContext *c = data;
1148 int i, r;
1149
1150 assert(filename);
1151 assert(lvalue);
1152 assert(rvalue);
1153 assert(data);
1154
1155 if (isempty(rvalue)) {
1156 c->ioprio_set = false;
1157 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
1158 return 0;
1159 }
1160
1161 r = ioprio_parse_priority(rvalue, &i);
1162 if (r < 0) {
1163 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse IO priority, ignoring: %s", rvalue);
1164 return 0;
1165 }
1166
1167 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_PRIO_CLASS(c->ioprio), i);
1168 c->ioprio_set = true;
1169
1170 return 0;
1171 }
1172
1173 int config_parse_exec_cpu_sched_policy(const char *unit,
1174 const char *filename,
1175 unsigned line,
1176 const char *section,
1177 unsigned section_line,
1178 const char *lvalue,
1179 int ltype,
1180 const char *rvalue,
1181 void *data,
1182 void *userdata) {
1183
1184 ExecContext *c = data;
1185 int x;
1186
1187 assert(filename);
1188 assert(lvalue);
1189 assert(rvalue);
1190 assert(data);
1191
1192 if (isempty(rvalue)) {
1193 c->cpu_sched_set = false;
1194 c->cpu_sched_policy = SCHED_OTHER;
1195 c->cpu_sched_priority = 0;
1196 return 0;
1197 }
1198
1199 x = sched_policy_from_string(rvalue);
1200 if (x < 0) {
1201 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse CPU scheduling policy, ignoring: %s", rvalue);
1202 return 0;
1203 }
1204
1205 c->cpu_sched_policy = x;
1206 /* Moving to or from real-time policy? We need to adjust the priority */
1207 c->cpu_sched_priority = CLAMP(c->cpu_sched_priority, sched_get_priority_min(x), sched_get_priority_max(x));
1208 c->cpu_sched_set = true;
1209
1210 return 0;
1211 }
1212
1213 int config_parse_exec_cpu_sched_prio(const char *unit,
1214 const char *filename,
1215 unsigned line,
1216 const char *section,
1217 unsigned section_line,
1218 const char *lvalue,
1219 int ltype,
1220 const char *rvalue,
1221 void *data,
1222 void *userdata) {
1223
1224 ExecContext *c = data;
1225 int i, min, max, r;
1226
1227 assert(filename);
1228 assert(lvalue);
1229 assert(rvalue);
1230 assert(data);
1231
1232 r = safe_atoi(rvalue, &i);
1233 if (r < 0) {
1234 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CPU scheduling priority, ignoring: %s", rvalue);
1235 return 0;
1236 }
1237
1238 /* On Linux RR/FIFO range from 1 to 99 and OTHER/BATCH may only be 0 */
1239 min = sched_get_priority_min(c->cpu_sched_policy);
1240 max = sched_get_priority_max(c->cpu_sched_policy);
1241
1242 if (i < min || i > max) {
1243 log_syntax(unit, LOG_ERR, filename, line, 0, "CPU scheduling priority is out of range, ignoring: %s", rvalue);
1244 return 0;
1245 }
1246
1247 c->cpu_sched_priority = i;
1248 c->cpu_sched_set = true;
1249
1250 return 0;
1251 }
1252
1253 int config_parse_exec_cpu_affinity(const char *unit,
1254 const char *filename,
1255 unsigned line,
1256 const char *section,
1257 unsigned section_line,
1258 const char *lvalue,
1259 int ltype,
1260 const char *rvalue,
1261 void *data,
1262 void *userdata) {
1263
1264 ExecContext *c = data;
1265 _cleanup_cpu_free_ cpu_set_t *cpuset = NULL;
1266 int ncpus;
1267
1268 assert(filename);
1269 assert(lvalue);
1270 assert(rvalue);
1271 assert(data);
1272
1273 ncpus = parse_cpu_set_and_warn(rvalue, &cpuset, unit, filename, line, lvalue);
1274 if (ncpus < 0)
1275 return ncpus;
1276
1277 if (ncpus == 0) {
1278 /* An empty assignment resets the CPU list */
1279 c->cpuset = cpu_set_mfree(c->cpuset);
1280 c->cpuset_ncpus = 0;
1281 return 0;
1282 }
1283
1284 if (!c->cpuset) {
1285 c->cpuset = TAKE_PTR(cpuset);
1286 c->cpuset_ncpus = (unsigned) ncpus;
1287 return 0;
1288 }
1289
1290 if (c->cpuset_ncpus < (unsigned) ncpus) {
1291 CPU_OR_S(CPU_ALLOC_SIZE(c->cpuset_ncpus), cpuset, c->cpuset, cpuset);
1292 CPU_FREE(c->cpuset);
1293 c->cpuset = TAKE_PTR(cpuset);
1294 c->cpuset_ncpus = (unsigned) ncpus;
1295 return 0;
1296 }
1297
1298 CPU_OR_S(CPU_ALLOC_SIZE((unsigned) ncpus), c->cpuset, c->cpuset, cpuset);
1299
1300 return 0;
1301 }
1302
1303 int config_parse_exec_secure_bits(const char *unit,
1304 const char *filename,
1305 unsigned line,
1306 const char *section,
1307 unsigned section_line,
1308 const char *lvalue,
1309 int ltype,
1310 const char *rvalue,
1311 void *data,
1312 void *userdata) {
1313
1314 ExecContext *c = data;
1315 int r;
1316
1317 assert(filename);
1318 assert(lvalue);
1319 assert(rvalue);
1320 assert(data);
1321
1322 if (isempty(rvalue)) {
1323 /* An empty assignment resets the field */
1324 c->secure_bits = 0;
1325 return 0;
1326 }
1327
1328 r = secure_bits_from_string(rvalue);
1329 if (r < 0) {
1330 log_syntax(unit, LOG_WARNING, filename, line, r,
1331 "Failed to parse secure bits, ignoring: %s", rvalue);
1332 return 0;
1333 }
1334
1335 c->secure_bits = r;
1336
1337 return 0;
1338 }
1339
1340 int config_parse_capability_set(
1341 const char *unit,
1342 const char *filename,
1343 unsigned line,
1344 const char *section,
1345 unsigned section_line,
1346 const char *lvalue,
1347 int ltype,
1348 const char *rvalue,
1349 void *data,
1350 void *userdata) {
1351
1352 uint64_t *capability_set = data;
1353 uint64_t sum = 0, initial = 0;
1354 bool invert = false;
1355 int r;
1356
1357 assert(filename);
1358 assert(lvalue);
1359 assert(rvalue);
1360 assert(data);
1361
1362 if (rvalue[0] == '~') {
1363 invert = true;
1364 rvalue++;
1365 }
1366
1367 if (streq(lvalue, "CapabilityBoundingSet"))
1368 initial = CAP_ALL; /* initialized to all bits on */
1369 /* else "AmbientCapabilities" initialized to all bits off */
1370
1371 r = capability_set_from_string(rvalue, &sum);
1372 if (r < 0) {
1373 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= specifier '%s', ignoring: %m", lvalue, rvalue);
1374 return 0;
1375 }
1376
1377 if (sum == 0 || *capability_set == initial)
1378 /* "", "~" or uninitialized data -> replace */
1379 *capability_set = invert ? ~sum : sum;
1380 else {
1381 /* previous data -> merge */
1382 if (invert)
1383 *capability_set &= ~sum;
1384 else
1385 *capability_set |= sum;
1386 }
1387
1388 return 0;
1389 }
1390
1391 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_utmp_mode, exec_utmp_mode, ExecUtmpMode, "Failed to parse utmp mode");
1392 DEFINE_CONFIG_PARSE_ENUM(config_parse_kill_mode, kill_mode, KillMode, "Failed to parse kill mode");
1393
1394 int config_parse_exec_mount_flags(
1395 const char *unit,
1396 const char *filename,
1397 unsigned line,
1398 const char *section,
1399 unsigned section_line,
1400 const char *lvalue,
1401 int ltype,
1402 const char *rvalue,
1403 void *data,
1404 void *userdata) {
1405
1406 ExecContext *c = data;
1407 int r;
1408
1409 assert(filename);
1410 assert(lvalue);
1411 assert(rvalue);
1412 assert(data);
1413
1414 r = mount_propagation_flags_from_string(rvalue, &c->mount_flags);
1415 if (r < 0)
1416 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse mount flag %s, ignoring: %m", rvalue);
1417
1418 return 0;
1419 }
1420
1421 int config_parse_exec_selinux_context(
1422 const char *unit,
1423 const char *filename,
1424 unsigned line,
1425 const char *section,
1426 unsigned section_line,
1427 const char *lvalue,
1428 int ltype,
1429 const char *rvalue,
1430 void *data,
1431 void *userdata) {
1432
1433 ExecContext *c = data;
1434 Unit *u = userdata;
1435 bool ignore;
1436 char *k;
1437 int r;
1438
1439 assert(filename);
1440 assert(lvalue);
1441 assert(rvalue);
1442 assert(data);
1443
1444 if (isempty(rvalue)) {
1445 c->selinux_context = mfree(c->selinux_context);
1446 c->selinux_context_ignore = false;
1447 return 0;
1448 }
1449
1450 if (rvalue[0] == '-') {
1451 ignore = true;
1452 rvalue++;
1453 } else
1454 ignore = false;
1455
1456 r = unit_full_printf(u, rvalue, &k);
1457 if (r < 0) {
1458 log_syntax(unit, LOG_ERR, filename, line, r,
1459 "Failed to resolve unit specifiers in '%s'%s: %m",
1460 rvalue, ignore ? ", ignoring" : "");
1461 return ignore ? 0 : -ENOEXEC;
1462 }
1463
1464 free_and_replace(c->selinux_context, k);
1465 c->selinux_context_ignore = ignore;
1466
1467 return 0;
1468 }
1469
1470 int config_parse_exec_apparmor_profile(
1471 const char *unit,
1472 const char *filename,
1473 unsigned line,
1474 const char *section,
1475 unsigned section_line,
1476 const char *lvalue,
1477 int ltype,
1478 const char *rvalue,
1479 void *data,
1480 void *userdata) {
1481
1482 ExecContext *c = data;
1483 Unit *u = userdata;
1484 bool ignore;
1485 char *k;
1486 int r;
1487
1488 assert(filename);
1489 assert(lvalue);
1490 assert(rvalue);
1491 assert(data);
1492
1493 if (isempty(rvalue)) {
1494 c->apparmor_profile = mfree(c->apparmor_profile);
1495 c->apparmor_profile_ignore = false;
1496 return 0;
1497 }
1498
1499 if (rvalue[0] == '-') {
1500 ignore = true;
1501 rvalue++;
1502 } else
1503 ignore = false;
1504
1505 r = unit_full_printf(u, rvalue, &k);
1506 if (r < 0) {
1507 log_syntax(unit, LOG_ERR, filename, line, r,
1508 "Failed to resolve unit specifiers in '%s'%s: %m",
1509 rvalue, ignore ? ", ignoring" : "");
1510 return ignore ? 0 : -ENOEXEC;
1511 }
1512
1513 free_and_replace(c->apparmor_profile, k);
1514 c->apparmor_profile_ignore = ignore;
1515
1516 return 0;
1517 }
1518
1519 int config_parse_exec_smack_process_label(
1520 const char *unit,
1521 const char *filename,
1522 unsigned line,
1523 const char *section,
1524 unsigned section_line,
1525 const char *lvalue,
1526 int ltype,
1527 const char *rvalue,
1528 void *data,
1529 void *userdata) {
1530
1531 ExecContext *c = data;
1532 Unit *u = userdata;
1533 bool ignore;
1534 char *k;
1535 int r;
1536
1537 assert(filename);
1538 assert(lvalue);
1539 assert(rvalue);
1540 assert(data);
1541
1542 if (isempty(rvalue)) {
1543 c->smack_process_label = mfree(c->smack_process_label);
1544 c->smack_process_label_ignore = false;
1545 return 0;
1546 }
1547
1548 if (rvalue[0] == '-') {
1549 ignore = true;
1550 rvalue++;
1551 } else
1552 ignore = false;
1553
1554 r = unit_full_printf(u, rvalue, &k);
1555 if (r < 0) {
1556 log_syntax(unit, LOG_ERR, filename, line, r,
1557 "Failed to resolve unit specifiers in '%s'%s: %m",
1558 rvalue, ignore ? ", ignoring" : "");
1559 return ignore ? 0 : -ENOEXEC;
1560 }
1561
1562 free_and_replace(c->smack_process_label, k);
1563 c->smack_process_label_ignore = ignore;
1564
1565 return 0;
1566 }
1567
1568 int config_parse_timer(const char *unit,
1569 const char *filename,
1570 unsigned line,
1571 const char *section,
1572 unsigned section_line,
1573 const char *lvalue,
1574 int ltype,
1575 const char *rvalue,
1576 void *data,
1577 void *userdata) {
1578
1579 Timer *t = data;
1580 usec_t usec = 0;
1581 TimerValue *v;
1582 TimerBase b;
1583 _cleanup_(calendar_spec_freep) CalendarSpec *c = NULL;
1584 Unit *u = userdata;
1585 _cleanup_free_ char *k = NULL;
1586 int r;
1587
1588 assert(filename);
1589 assert(lvalue);
1590 assert(rvalue);
1591 assert(data);
1592
1593 if (isempty(rvalue)) {
1594 /* Empty assignment resets list */
1595 timer_free_values(t);
1596 return 0;
1597 }
1598
1599 b = timer_base_from_string(lvalue);
1600 if (b < 0) {
1601 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse timer base, ignoring: %s", lvalue);
1602 return 0;
1603 }
1604
1605 r = unit_full_printf(u, rvalue, &k);
1606 if (r < 0) {
1607 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
1608 return 0;
1609 }
1610
1611 if (b == TIMER_CALENDAR) {
1612 if (calendar_spec_from_string(k, &c) < 0) {
1613 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse calendar specification, ignoring: %s", k);
1614 return 0;
1615 }
1616 } else
1617 if (parse_sec(k, &usec) < 0) {
1618 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse timer value, ignoring: %s", k);
1619 return 0;
1620 }
1621
1622 v = new0(TimerValue, 1);
1623 if (!v)
1624 return log_oom();
1625
1626 v->base = b;
1627 v->value = usec;
1628 v->calendar_spec = TAKE_PTR(c);
1629
1630 LIST_PREPEND(value, t->values, v);
1631
1632 return 0;
1633 }
1634
1635 int config_parse_trigger_unit(
1636 const char *unit,
1637 const char *filename,
1638 unsigned line,
1639 const char *section,
1640 unsigned section_line,
1641 const char *lvalue,
1642 int ltype,
1643 const char *rvalue,
1644 void *data,
1645 void *userdata) {
1646
1647 _cleanup_free_ char *p = NULL;
1648 Unit *u = data;
1649 UnitType type;
1650 int r;
1651
1652 assert(filename);
1653 assert(lvalue);
1654 assert(rvalue);
1655 assert(data);
1656
1657 if (!hashmap_isempty(u->dependencies[UNIT_TRIGGERS])) {
1658 log_syntax(unit, LOG_ERR, filename, line, 0, "Multiple units to trigger specified, ignoring: %s", rvalue);
1659 return 0;
1660 }
1661
1662 r = unit_name_printf(u, rvalue, &p);
1663 if (r < 0) {
1664 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1665 return 0;
1666 }
1667
1668 type = unit_name_to_type(p);
1669 if (type < 0) {
1670 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit type not valid, ignoring: %s", rvalue);
1671 return 0;
1672 }
1673 if (unit_has_name(u, p)) {
1674 log_syntax(unit, LOG_ERR, filename, line, 0, "Units cannot trigger themselves, ignoring: %s", rvalue);
1675 return 0;
1676 }
1677
1678 r = unit_add_two_dependencies_by_name(u, UNIT_BEFORE, UNIT_TRIGGERS, p, NULL, true, UNIT_DEPENDENCY_FILE);
1679 if (r < 0) {
1680 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add trigger on %s, ignoring: %m", p);
1681 return 0;
1682 }
1683
1684 return 0;
1685 }
1686
1687 int config_parse_path_spec(const char *unit,
1688 const char *filename,
1689 unsigned line,
1690 const char *section,
1691 unsigned section_line,
1692 const char *lvalue,
1693 int ltype,
1694 const char *rvalue,
1695 void *data,
1696 void *userdata) {
1697
1698 Path *p = data;
1699 PathSpec *s;
1700 PathType b;
1701 _cleanup_free_ char *k = NULL;
1702 int r;
1703
1704 assert(filename);
1705 assert(lvalue);
1706 assert(rvalue);
1707 assert(data);
1708
1709 if (isempty(rvalue)) {
1710 /* Empty assignment clears list */
1711 path_free_specs(p);
1712 return 0;
1713 }
1714
1715 b = path_type_from_string(lvalue);
1716 if (b < 0) {
1717 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse path type, ignoring: %s", lvalue);
1718 return 0;
1719 }
1720
1721 r = unit_full_printf(UNIT(p), rvalue, &k);
1722 if (r < 0) {
1723 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1724 return 0;
1725 }
1726
1727 path_kill_slashes(k);
1728
1729 if (!path_is_absolute(k)) {
1730 log_syntax(unit, LOG_ERR, filename, line, 0, "Path is not absolute, ignoring: %s", k);
1731 return 0;
1732 }
1733
1734 s = new0(PathSpec, 1);
1735 if (!s)
1736 return log_oom();
1737
1738 s->unit = UNIT(p);
1739 s->path = TAKE_PTR(k);
1740 s->type = b;
1741 s->inotify_fd = -1;
1742
1743 LIST_PREPEND(spec, p->specs, s);
1744
1745 return 0;
1746 }
1747
1748 int config_parse_socket_service(
1749 const char *unit,
1750 const char *filename,
1751 unsigned line,
1752 const char *section,
1753 unsigned section_line,
1754 const char *lvalue,
1755 int ltype,
1756 const char *rvalue,
1757 void *data,
1758 void *userdata) {
1759
1760 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1761 _cleanup_free_ char *p = NULL;
1762 Socket *s = data;
1763 Unit *x;
1764 int r;
1765
1766 assert(filename);
1767 assert(lvalue);
1768 assert(rvalue);
1769 assert(data);
1770
1771 r = unit_name_printf(UNIT(s), rvalue, &p);
1772 if (r < 0) {
1773 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", rvalue);
1774 return -ENOEXEC;
1775 }
1776
1777 if (!endswith(p, ".service")) {
1778 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type service: %s", rvalue);
1779 return -ENOEXEC;
1780 }
1781
1782 r = manager_load_unit(UNIT(s)->manager, p, NULL, &error, &x);
1783 if (r < 0) {
1784 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load unit %s: %s", rvalue, bus_error_message(&error, r));
1785 return -ENOEXEC;
1786 }
1787
1788 unit_ref_set(&s->service, UNIT(s), x);
1789
1790 return 0;
1791 }
1792
1793 int config_parse_fdname(
1794 const char *unit,
1795 const char *filename,
1796 unsigned line,
1797 const char *section,
1798 unsigned section_line,
1799 const char *lvalue,
1800 int ltype,
1801 const char *rvalue,
1802 void *data,
1803 void *userdata) {
1804
1805 _cleanup_free_ char *p = NULL;
1806 Socket *s = data;
1807 int r;
1808
1809 assert(filename);
1810 assert(lvalue);
1811 assert(rvalue);
1812 assert(data);
1813
1814 if (isempty(rvalue)) {
1815 s->fdname = mfree(s->fdname);
1816 return 0;
1817 }
1818
1819 r = unit_full_printf(UNIT(s), rvalue, &p);
1820 if (r < 0) {
1821 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
1822 return 0;
1823 }
1824
1825 if (!fdname_is_valid(p)) {
1826 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name, ignoring: %s", p);
1827 return 0;
1828 }
1829
1830 return free_and_replace(s->fdname, p);
1831 }
1832
1833 int config_parse_service_sockets(
1834 const char *unit,
1835 const char *filename,
1836 unsigned line,
1837 const char *section,
1838 unsigned section_line,
1839 const char *lvalue,
1840 int ltype,
1841 const char *rvalue,
1842 void *data,
1843 void *userdata) {
1844
1845 Service *s = data;
1846 const char *p;
1847 int r;
1848
1849 assert(filename);
1850 assert(lvalue);
1851 assert(rvalue);
1852 assert(data);
1853
1854 p = rvalue;
1855 for (;;) {
1856 _cleanup_free_ char *word = NULL, *k = NULL;
1857
1858 r = extract_first_word(&p, &word, NULL, 0);
1859 if (r == 0)
1860 break;
1861 if (r == -ENOMEM)
1862 return log_oom();
1863 if (r < 0) {
1864 log_syntax(unit, LOG_ERR, filename, line, r, "Trailing garbage in sockets, ignoring: %s", rvalue);
1865 break;
1866 }
1867
1868 r = unit_name_printf(UNIT(s), word, &k);
1869 if (r < 0) {
1870 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
1871 continue;
1872 }
1873
1874 if (!endswith(k, ".socket")) {
1875 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type socket, ignoring: %s", k);
1876 continue;
1877 }
1878
1879 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_WANTS, UNIT_AFTER, k, NULL, true, UNIT_DEPENDENCY_FILE);
1880 if (r < 0)
1881 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
1882
1883 r = unit_add_dependency_by_name(UNIT(s), UNIT_TRIGGERED_BY, k, NULL, true, UNIT_DEPENDENCY_FILE);
1884 if (r < 0)
1885 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
1886 }
1887
1888 return 0;
1889 }
1890
1891 int config_parse_bus_name(
1892 const char *unit,
1893 const char *filename,
1894 unsigned line,
1895 const char *section,
1896 unsigned section_line,
1897 const char *lvalue,
1898 int ltype,
1899 const char *rvalue,
1900 void *data,
1901 void *userdata) {
1902
1903 _cleanup_free_ char *k = NULL;
1904 Unit *u = userdata;
1905 int r;
1906
1907 assert(filename);
1908 assert(lvalue);
1909 assert(rvalue);
1910 assert(u);
1911
1912 r = unit_full_printf(u, rvalue, &k);
1913 if (r < 0) {
1914 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1915 return 0;
1916 }
1917
1918 if (!service_name_is_valid(k)) {
1919 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid bus name, ignoring: %s", k);
1920 return 0;
1921 }
1922
1923 return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
1924 }
1925
1926 int config_parse_service_timeout(
1927 const char *unit,
1928 const char *filename,
1929 unsigned line,
1930 const char *section,
1931 unsigned section_line,
1932 const char *lvalue,
1933 int ltype,
1934 const char *rvalue,
1935 void *data,
1936 void *userdata) {
1937
1938 Service *s = userdata;
1939 usec_t usec;
1940 int r;
1941
1942 assert(filename);
1943 assert(lvalue);
1944 assert(rvalue);
1945 assert(s);
1946
1947 /* This is called for two cases: TimeoutSec= and TimeoutStartSec=. */
1948
1949 /* Traditionally, these options accepted 0 to disable the timeouts. However, a timeout of 0 suggests it happens
1950 * immediately, hence fix this to become USEC_INFINITY instead. This is in-line with how we internally handle
1951 * all other timeouts. */
1952 r = parse_sec_fix_0(rvalue, &usec);
1953 if (r < 0) {
1954 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
1955 return 0;
1956 }
1957
1958 s->start_timeout_defined = true;
1959 s->timeout_start_usec = usec;
1960
1961 if (streq(lvalue, "TimeoutSec"))
1962 s->timeout_stop_usec = usec;
1963
1964 return 0;
1965 }
1966
1967 int config_parse_sec_fix_0(
1968 const char *unit,
1969 const char *filename,
1970 unsigned line,
1971 const char *section,
1972 unsigned section_line,
1973 const char *lvalue,
1974 int ltype,
1975 const char *rvalue,
1976 void *data,
1977 void *userdata) {
1978
1979 usec_t *usec = data;
1980 int r;
1981
1982 assert(filename);
1983 assert(lvalue);
1984 assert(rvalue);
1985 assert(usec);
1986
1987 /* This is pretty much like config_parse_sec(), except that this treats a time of 0 as infinity, for
1988 * compatibility with older versions of systemd where 0 instead of infinity was used as indicator to turn off a
1989 * timeout. */
1990
1991 r = parse_sec_fix_0(rvalue, usec);
1992 if (r < 0) {
1993 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
1994 return 0;
1995 }
1996
1997 return 0;
1998 }
1999
2000 int config_parse_user_group(
2001 const char *unit,
2002 const char *filename,
2003 unsigned line,
2004 const char *section,
2005 unsigned section_line,
2006 const char *lvalue,
2007 int ltype,
2008 const char *rvalue,
2009 void *data,
2010 void *userdata) {
2011
2012 _cleanup_free_ char *k = NULL;
2013 char **user = data;
2014 Unit *u = userdata;
2015 int r;
2016
2017 assert(filename);
2018 assert(lvalue);
2019 assert(rvalue);
2020 assert(u);
2021
2022 if (isempty(rvalue)) {
2023 *user = mfree(*user);
2024 return 0;
2025 }
2026
2027 r = unit_full_printf(u, rvalue, &k);
2028 if (r < 0) {
2029 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", rvalue);
2030 return -ENOEXEC;
2031 }
2032
2033 if (!valid_user_group_name_or_id(k)) {
2034 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
2035 return -ENOEXEC;
2036 }
2037
2038 return free_and_replace(*user, k);
2039 }
2040
2041 int config_parse_user_group_strv(
2042 const char *unit,
2043 const char *filename,
2044 unsigned line,
2045 const char *section,
2046 unsigned section_line,
2047 const char *lvalue,
2048 int ltype,
2049 const char *rvalue,
2050 void *data,
2051 void *userdata) {
2052
2053 char ***users = data;
2054 Unit *u = userdata;
2055 const char *p = rvalue;
2056 int r;
2057
2058 assert(filename);
2059 assert(lvalue);
2060 assert(rvalue);
2061 assert(u);
2062
2063 if (isempty(rvalue)) {
2064 *users = strv_free(*users);
2065 return 0;
2066 }
2067
2068 for (;;) {
2069 _cleanup_free_ char *word = NULL, *k = NULL;
2070
2071 r = extract_first_word(&p, &word, NULL, 0);
2072 if (r == 0)
2073 break;
2074 if (r == -ENOMEM)
2075 return log_oom();
2076 if (r < 0) {
2077 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax: %s", rvalue);
2078 return -ENOEXEC;
2079 }
2080
2081 r = unit_full_printf(u, word, &k);
2082 if (r < 0) {
2083 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", word);
2084 return -ENOEXEC;
2085 }
2086
2087 if (!valid_user_group_name_or_id(k)) {
2088 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
2089 return -ENOEXEC;
2090 }
2091
2092 r = strv_push(users, k);
2093 if (r < 0)
2094 return log_oom();
2095
2096 k = NULL;
2097 }
2098
2099 return 0;
2100 }
2101
2102 int config_parse_working_directory(
2103 const char *unit,
2104 const char *filename,
2105 unsigned line,
2106 const char *section,
2107 unsigned section_line,
2108 const char *lvalue,
2109 int ltype,
2110 const char *rvalue,
2111 void *data,
2112 void *userdata) {
2113
2114 ExecContext *c = data;
2115 Unit *u = userdata;
2116 bool missing_ok;
2117 int r;
2118
2119 assert(filename);
2120 assert(lvalue);
2121 assert(rvalue);
2122 assert(c);
2123 assert(u);
2124
2125 if (isempty(rvalue)) {
2126 c->working_directory_home = false;
2127 c->working_directory = mfree(c->working_directory);
2128 return 0;
2129 }
2130
2131 if (rvalue[0] == '-') {
2132 missing_ok = true;
2133 rvalue++;
2134 } else
2135 missing_ok = false;
2136
2137 if (streq(rvalue, "~")) {
2138 c->working_directory_home = true;
2139 c->working_directory = mfree(c->working_directory);
2140 } else {
2141 _cleanup_free_ char *k = NULL;
2142
2143 r = unit_full_printf(u, rvalue, &k);
2144 if (r < 0) {
2145 log_syntax(unit, LOG_ERR, filename, line, r,
2146 "Failed to resolve unit specifiers in working directory path '%s'%s: %m",
2147 rvalue, missing_ok ? ", ignoring" : "");
2148 return missing_ok ? 0 : -ENOEXEC;
2149 }
2150
2151 path_kill_slashes(k);
2152
2153 if (!utf8_is_valid(k)) {
2154 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
2155 return missing_ok ? 0 : -ENOEXEC;
2156 }
2157
2158 if (!path_is_absolute(k)) {
2159 log_syntax(unit, LOG_ERR, filename, line, 0,
2160 "Working directory path '%s' is not absolute%s.",
2161 rvalue, missing_ok ? ", ignoring" : "");
2162 return missing_ok ? 0 : -ENOEXEC;
2163 }
2164
2165 c->working_directory_home = false;
2166 free_and_replace(c->working_directory, k);
2167 }
2168
2169 c->working_directory_missing_ok = missing_ok;
2170 return 0;
2171 }
2172
2173 int config_parse_unit_env_file(const char *unit,
2174 const char *filename,
2175 unsigned line,
2176 const char *section,
2177 unsigned section_line,
2178 const char *lvalue,
2179 int ltype,
2180 const char *rvalue,
2181 void *data,
2182 void *userdata) {
2183
2184 char ***env = data;
2185 Unit *u = userdata;
2186 _cleanup_free_ char *n = NULL;
2187 int r;
2188
2189 assert(filename);
2190 assert(lvalue);
2191 assert(rvalue);
2192 assert(data);
2193
2194 if (isempty(rvalue)) {
2195 /* Empty assignment frees the list */
2196 *env = strv_free(*env);
2197 return 0;
2198 }
2199
2200 r = unit_full_printf(u, rvalue, &n);
2201 if (r < 0) {
2202 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
2203 return 0;
2204 }
2205
2206 if (!path_is_absolute(n[0] == '-' ? n + 1 : n)) {
2207 log_syntax(unit, LOG_ERR, filename, line, 0, "Path '%s' is not absolute, ignoring.", n);
2208 return 0;
2209 }
2210
2211 r = strv_extend(env, n);
2212 if (r < 0)
2213 return log_oom();
2214
2215 return 0;
2216 }
2217
2218 int config_parse_environ(
2219 const char *unit,
2220 const char *filename,
2221 unsigned line,
2222 const char *section,
2223 unsigned section_line,
2224 const char *lvalue,
2225 int ltype,
2226 const char *rvalue,
2227 void *data,
2228 void *userdata) {
2229
2230 Unit *u = userdata;
2231 char ***env = data;
2232 const char *p;
2233 int r;
2234
2235 assert(filename);
2236 assert(lvalue);
2237 assert(rvalue);
2238 assert(data);
2239
2240 if (isempty(rvalue)) {
2241 /* Empty assignment resets the list */
2242 *env = strv_free(*env);
2243 return 0;
2244 }
2245
2246 for (p = rvalue;; ) {
2247 _cleanup_free_ char *word = NULL, *k = NULL;
2248
2249 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2250 if (r == 0)
2251 return 0;
2252 if (r == -ENOMEM)
2253 return log_oom();
2254 if (r < 0) {
2255 log_syntax(unit, LOG_WARNING, filename, line, r,
2256 "Invalid syntax, ignoring: %s", rvalue);
2257 return 0;
2258 }
2259
2260 if (u) {
2261 r = unit_full_printf(u, word, &k);
2262 if (r < 0) {
2263 log_syntax(unit, LOG_ERR, filename, line, r,
2264 "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2265 continue;
2266 }
2267 } else
2268 k = TAKE_PTR(word);
2269
2270 if (!env_assignment_is_valid(k)) {
2271 log_syntax(unit, LOG_ERR, filename, line, 0,
2272 "Invalid environment assignment, ignoring: %s", k);
2273 continue;
2274 }
2275
2276 r = strv_env_replace(env, k);
2277 if (r < 0)
2278 return log_oom();
2279
2280 k = NULL;
2281 }
2282 }
2283
2284 int config_parse_pass_environ(
2285 const char *unit,
2286 const char *filename,
2287 unsigned line,
2288 const char *section,
2289 unsigned section_line,
2290 const char *lvalue,
2291 int ltype,
2292 const char *rvalue,
2293 void *data,
2294 void *userdata) {
2295
2296 _cleanup_strv_free_ char **n = NULL;
2297 size_t nlen = 0, nbufsize = 0;
2298 char*** passenv = data;
2299 const char *p = rvalue;
2300 Unit *u = userdata;
2301 int r;
2302
2303 assert(filename);
2304 assert(lvalue);
2305 assert(rvalue);
2306 assert(data);
2307
2308 if (isempty(rvalue)) {
2309 /* Empty assignment resets the list */
2310 *passenv = strv_free(*passenv);
2311 return 0;
2312 }
2313
2314 for (;;) {
2315 _cleanup_free_ char *word = NULL, *k = NULL;
2316
2317 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2318 if (r == 0)
2319 break;
2320 if (r == -ENOMEM)
2321 return log_oom();
2322 if (r < 0) {
2323 log_syntax(unit, LOG_ERR, filename, line, r,
2324 "Trailing garbage in %s, ignoring: %s", lvalue, rvalue);
2325 break;
2326 }
2327
2328 if (u) {
2329 r = unit_full_printf(u, word, &k);
2330 if (r < 0) {
2331 log_syntax(unit, LOG_ERR, filename, line, r,
2332 "Failed to resolve specifiers in %s, ignoring: %m", word);
2333 continue;
2334 }
2335 } else
2336 k = TAKE_PTR(word);
2337
2338 if (!env_name_is_valid(k)) {
2339 log_syntax(unit, LOG_ERR, filename, line, 0,
2340 "Invalid environment name for %s, ignoring: %s", lvalue, k);
2341 continue;
2342 }
2343
2344 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
2345 return log_oom();
2346
2347 n[nlen++] = TAKE_PTR(k);
2348 n[nlen] = NULL;
2349 }
2350
2351 if (n) {
2352 r = strv_extend_strv(passenv, n, true);
2353 if (r < 0)
2354 return r;
2355 }
2356
2357 return 0;
2358 }
2359
2360 int config_parse_unset_environ(
2361 const char *unit,
2362 const char *filename,
2363 unsigned line,
2364 const char *section,
2365 unsigned section_line,
2366 const char *lvalue,
2367 int ltype,
2368 const char *rvalue,
2369 void *data,
2370 void *userdata) {
2371
2372 _cleanup_strv_free_ char **n = NULL;
2373 size_t nlen = 0, nbufsize = 0;
2374 char*** unsetenv = data;
2375 const char *p = rvalue;
2376 Unit *u = userdata;
2377 int r;
2378
2379 assert(filename);
2380 assert(lvalue);
2381 assert(rvalue);
2382 assert(data);
2383
2384 if (isempty(rvalue)) {
2385 /* Empty assignment resets the list */
2386 *unsetenv = strv_free(*unsetenv);
2387 return 0;
2388 }
2389
2390 for (;;) {
2391 _cleanup_free_ char *word = NULL, *k = NULL;
2392
2393 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2394 if (r == 0)
2395 break;
2396 if (r == -ENOMEM)
2397 return log_oom();
2398 if (r < 0) {
2399 log_syntax(unit, LOG_ERR, filename, line, r,
2400 "Trailing garbage in %s, ignoring: %s", lvalue, rvalue);
2401 break;
2402 }
2403
2404 if (u) {
2405 r = unit_full_printf(u, word, &k);
2406 if (r < 0) {
2407 log_syntax(unit, LOG_ERR, filename, line, r,
2408 "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2409 continue;
2410 }
2411 } else
2412 k = TAKE_PTR(word);
2413
2414 if (!env_assignment_is_valid(k) && !env_name_is_valid(k)) {
2415 log_syntax(unit, LOG_ERR, filename, line, 0,
2416 "Invalid environment name or assignment %s, ignoring: %s", lvalue, k);
2417 continue;
2418 }
2419
2420 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
2421 return log_oom();
2422
2423 n[nlen++] = TAKE_PTR(k);
2424 n[nlen] = NULL;
2425 }
2426
2427 if (n) {
2428 r = strv_extend_strv(unsetenv, n, true);
2429 if (r < 0)
2430 return r;
2431 }
2432
2433 return 0;
2434 }
2435
2436 int config_parse_log_extra_fields(
2437 const char *unit,
2438 const char *filename,
2439 unsigned line,
2440 const char *section,
2441 unsigned section_line,
2442 const char *lvalue,
2443 int ltype,
2444 const char *rvalue,
2445 void *data,
2446 void *userdata) {
2447
2448 ExecContext *c = data;
2449 Unit *u = userdata;
2450 const char *p = rvalue;
2451 int r;
2452
2453 assert(filename);
2454 assert(lvalue);
2455 assert(rvalue);
2456 assert(c);
2457
2458 if (isempty(rvalue)) {
2459 exec_context_free_log_extra_fields(c);
2460 return 0;
2461 }
2462
2463 for (;;) {
2464 _cleanup_free_ char *word = NULL, *k = NULL;
2465 struct iovec *t;
2466 const char *eq;
2467
2468 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2469 if (r == 0)
2470 return 0;
2471 if (r == -ENOMEM)
2472 return log_oom();
2473 if (r < 0) {
2474 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
2475 return 0;
2476 }
2477
2478 r = unit_full_printf(u, word, &k);
2479 if (r < 0) {
2480 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2481 continue;
2482 }
2483
2484 eq = strchr(k, '=');
2485 if (!eq) {
2486 log_syntax(unit, LOG_ERR, filename, line, 0, "Log field lacks '=' character, ignoring: %s", k);
2487 continue;
2488 }
2489
2490 if (!journal_field_valid(k, eq-k, false)) {
2491 log_syntax(unit, LOG_ERR, filename, line, 0, "Log field name is invalid, ignoring: %s", k);
2492 continue;
2493 }
2494
2495 t = reallocarray(c->log_extra_fields, c->n_log_extra_fields+1, sizeof(struct iovec));
2496 if (!t)
2497 return log_oom();
2498
2499 c->log_extra_fields = t;
2500 c->log_extra_fields[c->n_log_extra_fields++] = IOVEC_MAKE_STRING(k);
2501
2502 k = NULL;
2503 }
2504 }
2505
2506 int config_parse_ip_tos(const char *unit,
2507 const char *filename,
2508 unsigned line,
2509 const char *section,
2510 unsigned section_line,
2511 const char *lvalue,
2512 int ltype,
2513 const char *rvalue,
2514 void *data,
2515 void *userdata) {
2516
2517 int *ip_tos = data, x;
2518
2519 assert(filename);
2520 assert(lvalue);
2521 assert(rvalue);
2522 assert(data);
2523
2524 x = ip_tos_from_string(rvalue);
2525 if (x < 0) {
2526 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IP TOS value, ignoring: %s", rvalue);
2527 return 0;
2528 }
2529
2530 *ip_tos = x;
2531 return 0;
2532 }
2533
2534 int config_parse_unit_condition_path(
2535 const char *unit,
2536 const char *filename,
2537 unsigned line,
2538 const char *section,
2539 unsigned section_line,
2540 const char *lvalue,
2541 int ltype,
2542 const char *rvalue,
2543 void *data,
2544 void *userdata) {
2545
2546 _cleanup_free_ char *p = NULL;
2547 Condition **list = data, *c;
2548 ConditionType t = ltype;
2549 bool trigger, negate;
2550 Unit *u = userdata;
2551 int r;
2552
2553 assert(filename);
2554 assert(lvalue);
2555 assert(rvalue);
2556 assert(data);
2557
2558 if (isempty(rvalue)) {
2559 /* Empty assignment resets the list */
2560 *list = condition_free_list(*list);
2561 return 0;
2562 }
2563
2564 trigger = rvalue[0] == '|';
2565 if (trigger)
2566 rvalue++;
2567
2568 negate = rvalue[0] == '!';
2569 if (negate)
2570 rvalue++;
2571
2572 r = unit_full_printf(u, rvalue, &p);
2573 if (r < 0) {
2574 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
2575 return 0;
2576 }
2577
2578 if (!path_is_absolute(p)) {
2579 log_syntax(unit, LOG_ERR, filename, line, 0, "Path in condition not absolute, ignoring: %s", p);
2580 return 0;
2581 }
2582
2583 c = condition_new(t, p, trigger, negate);
2584 if (!c)
2585 return log_oom();
2586
2587 LIST_PREPEND(conditions, *list, c);
2588 return 0;
2589 }
2590
2591 int config_parse_unit_condition_string(
2592 const char *unit,
2593 const char *filename,
2594 unsigned line,
2595 const char *section,
2596 unsigned section_line,
2597 const char *lvalue,
2598 int ltype,
2599 const char *rvalue,
2600 void *data,
2601 void *userdata) {
2602
2603 _cleanup_free_ char *s = NULL;
2604 Condition **list = data, *c;
2605 ConditionType t = ltype;
2606 bool trigger, negate;
2607 Unit *u = userdata;
2608 int r;
2609
2610 assert(filename);
2611 assert(lvalue);
2612 assert(rvalue);
2613 assert(data);
2614
2615 if (isempty(rvalue)) {
2616 /* Empty assignment resets the list */
2617 *list = condition_free_list(*list);
2618 return 0;
2619 }
2620
2621 trigger = rvalue[0] == '|';
2622 if (trigger)
2623 rvalue++;
2624
2625 negate = rvalue[0] == '!';
2626 if (negate)
2627 rvalue++;
2628
2629 r = unit_full_printf(u, rvalue, &s);
2630 if (r < 0) {
2631 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
2632 return 0;
2633 }
2634
2635 c = condition_new(t, s, trigger, negate);
2636 if (!c)
2637 return log_oom();
2638
2639 LIST_PREPEND(conditions, *list, c);
2640 return 0;
2641 }
2642
2643 int config_parse_unit_condition_null(
2644 const char *unit,
2645 const char *filename,
2646 unsigned line,
2647 const char *section,
2648 unsigned section_line,
2649 const char *lvalue,
2650 int ltype,
2651 const char *rvalue,
2652 void *data,
2653 void *userdata) {
2654
2655 Condition **list = data, *c;
2656 bool trigger, negate;
2657 int b;
2658
2659 assert(filename);
2660 assert(lvalue);
2661 assert(rvalue);
2662 assert(data);
2663
2664 if (isempty(rvalue)) {
2665 /* Empty assignment resets the list */
2666 *list = condition_free_list(*list);
2667 return 0;
2668 }
2669
2670 trigger = rvalue[0] == '|';
2671 if (trigger)
2672 rvalue++;
2673
2674 negate = rvalue[0] == '!';
2675 if (negate)
2676 rvalue++;
2677
2678 b = parse_boolean(rvalue);
2679 if (b < 0) {
2680 log_syntax(unit, LOG_ERR, filename, line, b, "Failed to parse boolean value in condition, ignoring: %s", rvalue);
2681 return 0;
2682 }
2683
2684 if (!b)
2685 negate = !negate;
2686
2687 c = condition_new(CONDITION_NULL, NULL, trigger, negate);
2688 if (!c)
2689 return log_oom();
2690
2691 LIST_PREPEND(conditions, *list, c);
2692 return 0;
2693 }
2694
2695 DEFINE_CONFIG_PARSE_ENUM(config_parse_notify_access, notify_access, NotifyAccess, "Failed to parse notify access specifier");
2696 DEFINE_CONFIG_PARSE_ENUM(config_parse_emergency_action, emergency_action, EmergencyAction, "Failed to parse failure action specifier");
2697
2698 int config_parse_unit_requires_mounts_for(
2699 const char *unit,
2700 const char *filename,
2701 unsigned line,
2702 const char *section,
2703 unsigned section_line,
2704 const char *lvalue,
2705 int ltype,
2706 const char *rvalue,
2707 void *data,
2708 void *userdata) {
2709
2710 const char *p = rvalue;
2711 Unit *u = userdata;
2712 int r;
2713
2714 assert(filename);
2715 assert(lvalue);
2716 assert(rvalue);
2717 assert(data);
2718
2719 for (;;) {
2720 _cleanup_free_ char *word = NULL, *resolved = NULL;
2721
2722 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2723 if (r == 0)
2724 return 0;
2725 if (r == -ENOMEM)
2726 return log_oom();
2727 if (r < 0) {
2728 log_syntax(unit, LOG_WARNING, filename, line, r,
2729 "Invalid syntax, ignoring: %s", rvalue);
2730 return 0;
2731 }
2732
2733 if (!utf8_is_valid(word)) {
2734 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
2735 continue;
2736 }
2737
2738 r = unit_full_printf(u, word, &resolved);
2739 if (r < 0) {
2740 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
2741 continue;
2742 }
2743
2744 r = unit_require_mounts_for(u, resolved, UNIT_DEPENDENCY_FILE);
2745 if (r < 0) {
2746 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add required mount '%s', ignoring: %m", resolved);
2747 continue;
2748 }
2749 }
2750 }
2751
2752 int config_parse_documentation(const char *unit,
2753 const char *filename,
2754 unsigned line,
2755 const char *section,
2756 unsigned section_line,
2757 const char *lvalue,
2758 int ltype,
2759 const char *rvalue,
2760 void *data,
2761 void *userdata) {
2762
2763 Unit *u = userdata;
2764 int r;
2765 char **a, **b;
2766
2767 assert(filename);
2768 assert(lvalue);
2769 assert(rvalue);
2770 assert(u);
2771
2772 if (isempty(rvalue)) {
2773 /* Empty assignment resets the list */
2774 u->documentation = strv_free(u->documentation);
2775 return 0;
2776 }
2777
2778 r = config_parse_unit_strv_printf(unit, filename, line, section, section_line, lvalue, ltype,
2779 rvalue, data, userdata);
2780 if (r < 0)
2781 return r;
2782
2783 for (a = b = u->documentation; a && *a; a++) {
2784
2785 if (documentation_url_is_valid(*a))
2786 *(b++) = *a;
2787 else {
2788 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid URL, ignoring: %s", *a);
2789 free(*a);
2790 }
2791 }
2792 if (b)
2793 *b = NULL;
2794
2795 return r;
2796 }
2797
2798 #if HAVE_SECCOMP
2799 int config_parse_syscall_filter(
2800 const char *unit,
2801 const char *filename,
2802 unsigned line,
2803 const char *section,
2804 unsigned section_line,
2805 const char *lvalue,
2806 int ltype,
2807 const char *rvalue,
2808 void *data,
2809 void *userdata) {
2810
2811 ExecContext *c = data;
2812 Unit *u = userdata;
2813 bool invert = false;
2814 const char *p;
2815 int r;
2816
2817 assert(filename);
2818 assert(lvalue);
2819 assert(rvalue);
2820 assert(u);
2821
2822 if (isempty(rvalue)) {
2823 /* Empty assignment resets the list */
2824 c->syscall_filter = hashmap_free(c->syscall_filter);
2825 c->syscall_whitelist = false;
2826 return 0;
2827 }
2828
2829 if (rvalue[0] == '~') {
2830 invert = true;
2831 rvalue++;
2832 }
2833
2834 if (!c->syscall_filter) {
2835 c->syscall_filter = hashmap_new(NULL);
2836 if (!c->syscall_filter)
2837 return log_oom();
2838
2839 if (invert)
2840 /* Allow everything but the ones listed */
2841 c->syscall_whitelist = false;
2842 else {
2843 /* Allow nothing but the ones listed */
2844 c->syscall_whitelist = true;
2845
2846 /* Accept default syscalls if we are on a whitelist */
2847 r = seccomp_parse_syscall_filter("@default", -1, c->syscall_filter, SECCOMP_PARSE_WHITELIST);
2848 if (r < 0)
2849 return r;
2850 }
2851 }
2852
2853 p = rvalue;
2854 for (;;) {
2855 _cleanup_free_ char *word = NULL, *name = NULL;
2856 int num;
2857
2858 r = extract_first_word(&p, &word, NULL, 0);
2859 if (r == 0)
2860 return 0;
2861 if (r == -ENOMEM)
2862 return log_oom();
2863 if (r < 0) {
2864 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
2865 return 0;
2866 }
2867
2868 r = parse_syscall_and_errno(word, &name, &num);
2869 if (r < 0) {
2870 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse syscall:errno, ignoring: %s", word);
2871 continue;
2872 }
2873
2874 r = seccomp_parse_syscall_filter_full(name, num, c->syscall_filter,
2875 SECCOMP_PARSE_LOG|SECCOMP_PARSE_PERMISSIVE|(invert ? SECCOMP_PARSE_INVERT : 0)|(c->syscall_whitelist ? SECCOMP_PARSE_WHITELIST : 0),
2876 unit, filename, line);
2877 if (r < 0)
2878 return r;
2879 }
2880 }
2881
2882 int config_parse_syscall_archs(
2883 const char *unit,
2884 const char *filename,
2885 unsigned line,
2886 const char *section,
2887 unsigned section_line,
2888 const char *lvalue,
2889 int ltype,
2890 const char *rvalue,
2891 void *data,
2892 void *userdata) {
2893
2894 const char *p = rvalue;
2895 Set **archs = data;
2896 int r;
2897
2898 if (isempty(rvalue)) {
2899 *archs = set_free(*archs);
2900 return 0;
2901 }
2902
2903 r = set_ensure_allocated(archs, NULL);
2904 if (r < 0)
2905 return log_oom();
2906
2907 for (;;) {
2908 _cleanup_free_ char *word = NULL;
2909 uint32_t a;
2910
2911 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2912 if (r == 0)
2913 return 0;
2914 if (r == -ENOMEM)
2915 return log_oom();
2916 if (r < 0) {
2917 log_syntax(unit, LOG_WARNING, filename, line, r,
2918 "Invalid syntax, ignoring: %s", rvalue);
2919 return 0;
2920 }
2921
2922 r = seccomp_arch_from_string(word, &a);
2923 if (r < 0) {
2924 log_syntax(unit, LOG_ERR, filename, line, r,
2925 "Failed to parse system call architecture \"%s\", ignoring: %m", word);
2926 continue;
2927 }
2928
2929 r = set_put(*archs, UINT32_TO_PTR(a + 1));
2930 if (r < 0)
2931 return log_oom();
2932 }
2933 }
2934
2935 int config_parse_syscall_errno(
2936 const char *unit,
2937 const char *filename,
2938 unsigned line,
2939 const char *section,
2940 unsigned section_line,
2941 const char *lvalue,
2942 int ltype,
2943 const char *rvalue,
2944 void *data,
2945 void *userdata) {
2946
2947 ExecContext *c = data;
2948 int e;
2949
2950 assert(filename);
2951 assert(lvalue);
2952 assert(rvalue);
2953
2954 if (isempty(rvalue)) {
2955 /* Empty assignment resets to KILL */
2956 c->syscall_errno = 0;
2957 return 0;
2958 }
2959
2960 e = parse_errno(rvalue);
2961 if (e <= 0) {
2962 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse error number, ignoring: %s", rvalue);
2963 return 0;
2964 }
2965
2966 c->syscall_errno = e;
2967 return 0;
2968 }
2969
2970 int config_parse_address_families(
2971 const char *unit,
2972 const char *filename,
2973 unsigned line,
2974 const char *section,
2975 unsigned section_line,
2976 const char *lvalue,
2977 int ltype,
2978 const char *rvalue,
2979 void *data,
2980 void *userdata) {
2981
2982 ExecContext *c = data;
2983 bool invert = false;
2984 const char *p;
2985 int r;
2986
2987 assert(filename);
2988 assert(lvalue);
2989 assert(rvalue);
2990
2991 if (isempty(rvalue)) {
2992 /* Empty assignment resets the list */
2993 c->address_families = set_free(c->address_families);
2994 c->address_families_whitelist = false;
2995 return 0;
2996 }
2997
2998 if (rvalue[0] == '~') {
2999 invert = true;
3000 rvalue++;
3001 }
3002
3003 if (!c->address_families) {
3004 c->address_families = set_new(NULL);
3005 if (!c->address_families)
3006 return log_oom();
3007
3008 c->address_families_whitelist = !invert;
3009 }
3010
3011 for (p = rvalue;;) {
3012 _cleanup_free_ char *word = NULL;
3013 int af;
3014
3015 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3016 if (r == 0)
3017 return 0;
3018 if (r == -ENOMEM)
3019 return log_oom();
3020 if (r < 0) {
3021 log_syntax(unit, LOG_WARNING, filename, line, r,
3022 "Invalid syntax, ignoring: %s", rvalue);
3023 return 0;
3024 }
3025
3026 af = af_from_name(word);
3027 if (af <= 0) {
3028 log_syntax(unit, LOG_ERR, filename, line, 0,
3029 "Failed to parse address family, ignoring: %s", word);
3030 continue;
3031 }
3032
3033 /* If we previously wanted to forbid an address family and now
3034 * we want to allow it, then just remove it from the list.
3035 */
3036 if (!invert == c->address_families_whitelist) {
3037 r = set_put(c->address_families, INT_TO_PTR(af));
3038 if (r < 0)
3039 return log_oom();
3040 } else
3041 set_remove(c->address_families, INT_TO_PTR(af));
3042 }
3043 }
3044
3045 int config_parse_restrict_namespaces(
3046 const char *unit,
3047 const char *filename,
3048 unsigned line,
3049 const char *section,
3050 unsigned section_line,
3051 const char *lvalue,
3052 int ltype,
3053 const char *rvalue,
3054 void *data,
3055 void *userdata) {
3056
3057 ExecContext *c = data;
3058 unsigned long flags;
3059 bool invert = false;
3060 int r;
3061
3062 if (isempty(rvalue)) {
3063 /* Reset to the default. */
3064 c->restrict_namespaces = NAMESPACE_FLAGS_INITIAL;
3065 return 0;
3066 }
3067
3068 /* Boolean parameter ignores the previous settings */
3069 r = parse_boolean(rvalue);
3070 if (r > 0) {
3071 c->restrict_namespaces = 0;
3072 return 0;
3073 } else if (r == 0) {
3074 c->restrict_namespaces = NAMESPACE_FLAGS_ALL;
3075 return 0;
3076 }
3077
3078 if (rvalue[0] == '~') {
3079 invert = true;
3080 rvalue++;
3081 }
3082
3083 /* Not a boolean argument, in this case it's a list of namespace types. */
3084 r = namespace_flags_from_string(rvalue, &flags);
3085 if (r < 0) {
3086 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse namespace type string, ignoring: %s", rvalue);
3087 return 0;
3088 }
3089
3090 if (c->restrict_namespaces == NAMESPACE_FLAGS_INITIAL)
3091 /* Initial assignment. Just set the value. */
3092 c->restrict_namespaces = invert ? (~flags) & NAMESPACE_FLAGS_ALL : flags;
3093 else
3094 /* Merge the value with the previous one. */
3095 SET_FLAG(c->restrict_namespaces, flags, !invert);
3096
3097 return 0;
3098 }
3099 #endif
3100
3101 int config_parse_unit_slice(
3102 const char *unit,
3103 const char *filename,
3104 unsigned line,
3105 const char *section,
3106 unsigned section_line,
3107 const char *lvalue,
3108 int ltype,
3109 const char *rvalue,
3110 void *data,
3111 void *userdata) {
3112
3113 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
3114 _cleanup_free_ char *k = NULL;
3115 Unit *u = userdata, *slice = NULL;
3116 int r;
3117
3118 assert(filename);
3119 assert(lvalue);
3120 assert(rvalue);
3121 assert(u);
3122
3123 r = unit_name_printf(u, rvalue, &k);
3124 if (r < 0) {
3125 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
3126 return 0;
3127 }
3128
3129 r = manager_load_unit(u->manager, k, NULL, &error, &slice);
3130 if (r < 0) {
3131 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load slice unit %s, ignoring: %s", k, bus_error_message(&error, r));
3132 return 0;
3133 }
3134
3135 r = unit_set_slice(u, slice);
3136 if (r < 0) {
3137 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to assign slice %s to unit %s, ignoring: %m", slice->id, u->id);
3138 return 0;
3139 }
3140
3141 return 0;
3142 }
3143
3144 DEFINE_CONFIG_PARSE_ENUM(config_parse_device_policy, cgroup_device_policy, CGroupDevicePolicy, "Failed to parse device policy");
3145
3146 int config_parse_cpu_weight(
3147 const char *unit,
3148 const char *filename,
3149 unsigned line,
3150 const char *section,
3151 unsigned section_line,
3152 const char *lvalue,
3153 int ltype,
3154 const char *rvalue,
3155 void *data,
3156 void *userdata) {
3157
3158 uint64_t *weight = data;
3159 int r;
3160
3161 assert(filename);
3162 assert(lvalue);
3163 assert(rvalue);
3164
3165 r = cg_weight_parse(rvalue, weight);
3166 if (r < 0) {
3167 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid CPU weight '%s', ignoring: %m", rvalue);
3168 return 0;
3169 }
3170
3171 return 0;
3172 }
3173
3174 int config_parse_cpu_shares(
3175 const char *unit,
3176 const char *filename,
3177 unsigned line,
3178 const char *section,
3179 unsigned section_line,
3180 const char *lvalue,
3181 int ltype,
3182 const char *rvalue,
3183 void *data,
3184 void *userdata) {
3185
3186 uint64_t *shares = data;
3187 int r;
3188
3189 assert(filename);
3190 assert(lvalue);
3191 assert(rvalue);
3192
3193 r = cg_cpu_shares_parse(rvalue, shares);
3194 if (r < 0) {
3195 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid CPU shares '%s', ignoring: %m", rvalue);
3196 return 0;
3197 }
3198
3199 return 0;
3200 }
3201
3202 int config_parse_cpu_quota(
3203 const char *unit,
3204 const char *filename,
3205 unsigned line,
3206 const char *section,
3207 unsigned section_line,
3208 const char *lvalue,
3209 int ltype,
3210 const char *rvalue,
3211 void *data,
3212 void *userdata) {
3213
3214 CGroupContext *c = data;
3215 int r;
3216
3217 assert(filename);
3218 assert(lvalue);
3219 assert(rvalue);
3220
3221 if (isempty(rvalue)) {
3222 c->cpu_quota_per_sec_usec = USEC_INFINITY;
3223 return 0;
3224 }
3225
3226 r = parse_percent_unbounded(rvalue);
3227 if (r <= 0) {
3228 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid CPU quota '%s', ignoring.", rvalue);
3229 return 0;
3230 }
3231
3232 c->cpu_quota_per_sec_usec = ((usec_t) r * USEC_PER_SEC) / 100U;
3233 return 0;
3234 }
3235
3236 int config_parse_memory_limit(
3237 const char *unit,
3238 const char *filename,
3239 unsigned line,
3240 const char *section,
3241 unsigned section_line,
3242 const char *lvalue,
3243 int ltype,
3244 const char *rvalue,
3245 void *data,
3246 void *userdata) {
3247
3248 CGroupContext *c = data;
3249 uint64_t bytes = CGROUP_LIMIT_MAX;
3250 int r;
3251
3252 if (!isempty(rvalue) && !streq(rvalue, "infinity")) {
3253
3254 r = parse_percent(rvalue);
3255 if (r < 0) {
3256 r = parse_size(rvalue, 1024, &bytes);
3257 if (r < 0) {
3258 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid memory limit '%s', ignoring: %m", rvalue);
3259 return 0;
3260 }
3261 } else
3262 bytes = physical_memory_scale(r, 100U);
3263
3264 if (bytes >= UINT64_MAX ||
3265 (bytes <= 0 && !streq(lvalue, "MemorySwapMax"))) {
3266 log_syntax(unit, LOG_ERR, filename, line, 0, "Memory limit '%s' out of range, ignoring.", rvalue);
3267 return 0;
3268 }
3269 }
3270
3271 if (streq(lvalue, "MemoryLow"))
3272 c->memory_low = bytes;
3273 else if (streq(lvalue, "MemoryHigh"))
3274 c->memory_high = bytes;
3275 else if (streq(lvalue, "MemoryMax"))
3276 c->memory_max = bytes;
3277 else if (streq(lvalue, "MemorySwapMax"))
3278 c->memory_swap_max = bytes;
3279 else if (streq(lvalue, "MemoryLimit"))
3280 c->memory_limit = bytes;
3281 else
3282 return -EINVAL;
3283
3284 return 0;
3285 }
3286
3287 int config_parse_tasks_max(
3288 const char *unit,
3289 const char *filename,
3290 unsigned line,
3291 const char *section,
3292 unsigned section_line,
3293 const char *lvalue,
3294 int ltype,
3295 const char *rvalue,
3296 void *data,
3297 void *userdata) {
3298
3299 uint64_t *tasks_max = data, v;
3300 Unit *u = userdata;
3301 int r;
3302
3303 if (isempty(rvalue)) {
3304 *tasks_max = u->manager->default_tasks_max;
3305 return 0;
3306 }
3307
3308 if (streq(rvalue, "infinity")) {
3309 *tasks_max = CGROUP_LIMIT_MAX;
3310 return 0;
3311 }
3312
3313 r = parse_percent(rvalue);
3314 if (r < 0) {
3315 r = safe_atou64(rvalue, &v);
3316 if (r < 0) {
3317 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid maximum tasks value '%s', ignoring: %m", rvalue);
3318 return 0;
3319 }
3320 } else
3321 v = system_tasks_max_scale(r, 100U);
3322
3323 if (v <= 0 || v >= UINT64_MAX) {
3324 log_syntax(unit, LOG_ERR, filename, line, 0, "Maximum tasks value '%s' out of range, ignoring.", rvalue);
3325 return 0;
3326 }
3327
3328 *tasks_max = v;
3329 return 0;
3330 }
3331
3332 int config_parse_delegate(
3333 const char *unit,
3334 const char *filename,
3335 unsigned line,
3336 const char *section,
3337 unsigned section_line,
3338 const char *lvalue,
3339 int ltype,
3340 const char *rvalue,
3341 void *data,
3342 void *userdata) {
3343
3344 CGroupContext *c = data;
3345 UnitType t;
3346 int r;
3347
3348 t = unit_name_to_type(unit);
3349 assert(t != _UNIT_TYPE_INVALID);
3350
3351 if (!unit_vtable[t]->can_delegate) {
3352 log_syntax(unit, LOG_ERR, filename, line, 0, "Delegate= setting not supported for this unit type, ignoring.");
3353 return 0;
3354 }
3355
3356 /* We either accept a boolean value, which may be used to turn on delegation for all controllers, or turn it
3357 * off for all. Or it takes a list of controller names, in which case we add the specified controllers to the
3358 * mask to delegate. */
3359
3360 if (isempty(rvalue)) {
3361 /* An empty string resets controllers and set Delegate=yes. */
3362 c->delegate = true;
3363 c->delegate_controllers = 0;
3364 return 0;
3365 }
3366
3367 r = parse_boolean(rvalue);
3368 if (r < 0) {
3369 const char *p = rvalue;
3370 CGroupMask mask = 0;
3371
3372 for (;;) {
3373 _cleanup_free_ char *word = NULL;
3374 CGroupController cc;
3375
3376 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3377 if (r == 0)
3378 break;
3379 if (r == -ENOMEM)
3380 return log_oom();
3381 if (r < 0) {
3382 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
3383 return 0;
3384 }
3385
3386 cc = cgroup_controller_from_string(word);
3387 if (cc < 0) {
3388 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid controller name '%s', ignoring", word);
3389 continue;
3390 }
3391
3392 mask |= CGROUP_CONTROLLER_TO_MASK(cc);
3393 }
3394
3395 c->delegate = true;
3396 c->delegate_controllers |= mask;
3397
3398 } else if (r > 0) {
3399 c->delegate = true;
3400 c->delegate_controllers = _CGROUP_MASK_ALL;
3401 } else {
3402 c->delegate = false;
3403 c->delegate_controllers = 0;
3404 }
3405
3406 return 0;
3407 }
3408
3409 int config_parse_device_allow(
3410 const char *unit,
3411 const char *filename,
3412 unsigned line,
3413 const char *section,
3414 unsigned section_line,
3415 const char *lvalue,
3416 int ltype,
3417 const char *rvalue,
3418 void *data,
3419 void *userdata) {
3420
3421 _cleanup_free_ char *path = NULL, *resolved = NULL;
3422 CGroupContext *c = data;
3423 CGroupDeviceAllow *a;
3424 const char *p = rvalue;
3425 int r;
3426
3427 if (isempty(rvalue)) {
3428 while (c->device_allow)
3429 cgroup_context_free_device_allow(c, c->device_allow);
3430
3431 return 0;
3432 }
3433
3434 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3435 if (r == -ENOMEM)
3436 return log_oom();
3437 if (r < 0) {
3438 log_syntax(unit, LOG_WARNING, filename, line, r,
3439 "Invalid syntax, ignoring: %s", rvalue);
3440 return 0;
3441 }
3442 if (r == 0) {
3443 log_syntax(unit, LOG_WARNING, filename, line, 0,
3444 "Failed to extract device path and rights from '%s', ignoring.", rvalue);
3445 return 0;
3446 }
3447
3448 r = unit_full_printf(userdata, path, &resolved);
3449 if (r < 0) {
3450 log_syntax(unit, LOG_WARNING, filename, line, r,
3451 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3452 return 0;
3453 }
3454
3455 if (!is_deviceallow_pattern(resolved) &&
3456 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3457 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3458 return 0;
3459 }
3460
3461 if (!isempty(p) && !in_charset(p, "rwm")) {
3462 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device rights '%s', ignoring.", p);
3463 return 0;
3464 }
3465
3466 a = new0(CGroupDeviceAllow, 1);
3467 if (!a)
3468 return log_oom();
3469
3470 a->path = TAKE_PTR(resolved);
3471 a->r = isempty(p) || !!strchr(p, 'r');
3472 a->w = isempty(p) || !!strchr(p, 'w');
3473 a->m = isempty(p) || !!strchr(p, 'm');
3474
3475 LIST_PREPEND(device_allow, c->device_allow, a);
3476 return 0;
3477 }
3478
3479 int config_parse_io_weight(
3480 const char *unit,
3481 const char *filename,
3482 unsigned line,
3483 const char *section,
3484 unsigned section_line,
3485 const char *lvalue,
3486 int ltype,
3487 const char *rvalue,
3488 void *data,
3489 void *userdata) {
3490
3491 uint64_t *weight = data;
3492 int r;
3493
3494 assert(filename);
3495 assert(lvalue);
3496 assert(rvalue);
3497
3498 r = cg_weight_parse(rvalue, weight);
3499 if (r < 0) {
3500 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid IO weight '%s', ignoring.", rvalue);
3501 return 0;
3502 }
3503
3504 return 0;
3505 }
3506
3507 int config_parse_io_device_weight(
3508 const char *unit,
3509 const char *filename,
3510 unsigned line,
3511 const char *section,
3512 unsigned section_line,
3513 const char *lvalue,
3514 int ltype,
3515 const char *rvalue,
3516 void *data,
3517 void *userdata) {
3518
3519 _cleanup_free_ char *path = NULL, *resolved = NULL;
3520 CGroupIODeviceWeight *w;
3521 CGroupContext *c = data;
3522 const char *p = rvalue;
3523 uint64_t u;
3524 int r;
3525
3526 assert(filename);
3527 assert(lvalue);
3528 assert(rvalue);
3529
3530 if (isempty(rvalue)) {
3531 while (c->io_device_weights)
3532 cgroup_context_free_io_device_weight(c, c->io_device_weights);
3533
3534 return 0;
3535 }
3536
3537 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3538 if (r == -ENOMEM)
3539 return log_oom();
3540 if (r < 0) {
3541 log_syntax(unit, LOG_WARNING, filename, line, r,
3542 "Invalid syntax, ignoring: %s", rvalue);
3543 return 0;
3544 }
3545 if (r == 0 || isempty(p)) {
3546 log_syntax(unit, LOG_WARNING, filename, line, 0,
3547 "Failed to extract device path and weight from '%s', ignoring.", rvalue);
3548 return 0;
3549 }
3550
3551 r = unit_full_printf(userdata, path, &resolved);
3552 if (r < 0) {
3553 log_syntax(unit, LOG_WARNING, filename, line, r,
3554 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3555 return 0;
3556 }
3557
3558 if (!path_startswith(resolved, "/dev") &&
3559 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3560 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3561 return 0;
3562 }
3563
3564 r = cg_weight_parse(p, &u);
3565 if (r < 0) {
3566 log_syntax(unit, LOG_ERR, filename, line, r, "IO weight '%s' invalid, ignoring: %m", p);
3567 return 0;
3568 }
3569
3570 assert(u != CGROUP_WEIGHT_INVALID);
3571
3572 w = new0(CGroupIODeviceWeight, 1);
3573 if (!w)
3574 return log_oom();
3575
3576 w->path = TAKE_PTR(resolved);
3577 w->weight = u;
3578
3579 LIST_PREPEND(device_weights, c->io_device_weights, w);
3580 return 0;
3581 }
3582
3583 int config_parse_io_limit(
3584 const char *unit,
3585 const char *filename,
3586 unsigned line,
3587 const char *section,
3588 unsigned section_line,
3589 const char *lvalue,
3590 int ltype,
3591 const char *rvalue,
3592 void *data,
3593 void *userdata) {
3594
3595 _cleanup_free_ char *path = NULL, *resolved = NULL;
3596 CGroupIODeviceLimit *l = NULL, *t;
3597 CGroupContext *c = data;
3598 CGroupIOLimitType type;
3599 const char *p = rvalue;
3600 uint64_t num;
3601 int r;
3602
3603 assert(filename);
3604 assert(lvalue);
3605 assert(rvalue);
3606
3607 type = cgroup_io_limit_type_from_string(lvalue);
3608 assert(type >= 0);
3609
3610 if (isempty(rvalue)) {
3611 LIST_FOREACH(device_limits, l, c->io_device_limits)
3612 l->limits[type] = cgroup_io_limit_defaults[type];
3613 return 0;
3614 }
3615
3616 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3617 if (r == -ENOMEM)
3618 return log_oom();
3619 if (r < 0) {
3620 log_syntax(unit, LOG_WARNING, filename, line, r,
3621 "Invalid syntax, ignoring: %s", rvalue);
3622 return 0;
3623 }
3624 if (r == 0 || isempty(p)) {
3625 log_syntax(unit, LOG_WARNING, filename, line, 0,
3626 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
3627 return 0;
3628 }
3629
3630 r = unit_full_printf(userdata, path, &resolved);
3631 if (r < 0) {
3632 log_syntax(unit, LOG_WARNING, filename, line, r,
3633 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3634 return 0;
3635 }
3636
3637 if (!path_startswith(resolved, "/dev") &&
3638 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3639 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3640 return 0;
3641 }
3642
3643 if (streq("infinity", p)) {
3644 num = CGROUP_LIMIT_MAX;
3645 } else {
3646 r = parse_size(p, 1000, &num);
3647 if (r < 0 || num <= 0) {
3648 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid IO limit '%s', ignoring.", p);
3649 return 0;
3650 }
3651 }
3652
3653 LIST_FOREACH(device_limits, t, c->io_device_limits) {
3654 if (path_equal(resolved, t->path)) {
3655 l = t;
3656 break;
3657 }
3658 }
3659
3660 if (!l) {
3661 CGroupIOLimitType ttype;
3662
3663 l = new0(CGroupIODeviceLimit, 1);
3664 if (!l)
3665 return log_oom();
3666
3667 l->path = TAKE_PTR(resolved);
3668 for (ttype = 0; ttype < _CGROUP_IO_LIMIT_TYPE_MAX; ttype++)
3669 l->limits[ttype] = cgroup_io_limit_defaults[ttype];
3670
3671 LIST_PREPEND(device_limits, c->io_device_limits, l);
3672 }
3673
3674 l->limits[type] = num;
3675
3676 return 0;
3677 }
3678
3679 int config_parse_blockio_weight(
3680 const char *unit,
3681 const char *filename,
3682 unsigned line,
3683 const char *section,
3684 unsigned section_line,
3685 const char *lvalue,
3686 int ltype,
3687 const char *rvalue,
3688 void *data,
3689 void *userdata) {
3690
3691 uint64_t *weight = data;
3692 int r;
3693
3694 assert(filename);
3695 assert(lvalue);
3696 assert(rvalue);
3697
3698 r = cg_blkio_weight_parse(rvalue, weight);
3699 if (r < 0) {
3700 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid block IO weight '%s', ignoring: %m", rvalue);
3701 return 0;
3702 }
3703
3704 return 0;
3705 }
3706
3707 int config_parse_blockio_device_weight(
3708 const char *unit,
3709 const char *filename,
3710 unsigned line,
3711 const char *section,
3712 unsigned section_line,
3713 const char *lvalue,
3714 int ltype,
3715 const char *rvalue,
3716 void *data,
3717 void *userdata) {
3718
3719 _cleanup_free_ char *path = NULL, *resolved = NULL;
3720 CGroupBlockIODeviceWeight *w;
3721 CGroupContext *c = data;
3722 const char *p = rvalue;
3723 uint64_t u;
3724 int r;
3725
3726 assert(filename);
3727 assert(lvalue);
3728 assert(rvalue);
3729
3730 if (isempty(rvalue)) {
3731 while (c->blockio_device_weights)
3732 cgroup_context_free_blockio_device_weight(c, c->blockio_device_weights);
3733
3734 return 0;
3735 }
3736
3737 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3738 if (r == -ENOMEM)
3739 return log_oom();
3740 if (r < 0) {
3741 log_syntax(unit, LOG_WARNING, filename, line, r,
3742 "Invalid syntax, ignoring: %s", rvalue);
3743 return 0;
3744 }
3745 if (r == 0 || isempty(p)) {
3746 log_syntax(unit, LOG_WARNING, filename, line, 0,
3747 "Failed to extract device node and weight from '%s', ignoring.", rvalue);
3748 return 0;
3749 }
3750
3751 r = unit_full_printf(userdata, path, &resolved);
3752 if (r < 0) {
3753 log_syntax(unit, LOG_WARNING, filename, line, r,
3754 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3755 return 0;
3756 }
3757
3758 if (!path_startswith(resolved, "/dev") &&
3759 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3760 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s'. Ignoring.", resolved);
3761 return 0;
3762 }
3763
3764 r = cg_blkio_weight_parse(p, &u);
3765 if (r < 0) {
3766 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid block IO weight '%s', ignoring: %m", p);
3767 return 0;
3768 }
3769
3770 assert(u != CGROUP_BLKIO_WEIGHT_INVALID);
3771
3772 w = new0(CGroupBlockIODeviceWeight, 1);
3773 if (!w)
3774 return log_oom();
3775
3776 w->path = TAKE_PTR(resolved);
3777 w->weight = u;
3778
3779 LIST_PREPEND(device_weights, c->blockio_device_weights, w);
3780 return 0;
3781 }
3782
3783 int config_parse_blockio_bandwidth(
3784 const char *unit,
3785 const char *filename,
3786 unsigned line,
3787 const char *section,
3788 unsigned section_line,
3789 const char *lvalue,
3790 int ltype,
3791 const char *rvalue,
3792 void *data,
3793 void *userdata) {
3794
3795 _cleanup_free_ char *path = NULL, *resolved = NULL;
3796 CGroupBlockIODeviceBandwidth *b = NULL, *t;
3797 CGroupContext *c = data;
3798 const char *p = rvalue;
3799 uint64_t bytes;
3800 bool read;
3801 int r;
3802
3803 assert(filename);
3804 assert(lvalue);
3805 assert(rvalue);
3806
3807 read = streq("BlockIOReadBandwidth", lvalue);
3808
3809 if (isempty(rvalue)) {
3810 LIST_FOREACH(device_bandwidths, b, c->blockio_device_bandwidths) {
3811 b->rbps = CGROUP_LIMIT_MAX;
3812 b->wbps = CGROUP_LIMIT_MAX;
3813 }
3814 return 0;
3815 }
3816
3817 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3818 if (r == -ENOMEM)
3819 return log_oom();
3820 if (r < 0) {
3821 log_syntax(unit, LOG_WARNING, filename, line, r,
3822 "Invalid syntax, ignoring: %s", rvalue);
3823 return 0;
3824 }
3825 if (r == 0 || isempty(p)) {
3826 log_syntax(unit, LOG_WARNING, filename, line, 0,
3827 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
3828 return 0;
3829 }
3830
3831 r = unit_full_printf(userdata, path, &resolved);
3832 if (r < 0) {
3833 log_syntax(unit, LOG_WARNING, filename, line, r,
3834 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3835 return 0;
3836 }
3837
3838 if (!path_startswith(resolved, "/dev") &&
3839 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3840 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3841 return 0;
3842 }
3843
3844 r = parse_size(p, 1000, &bytes);
3845 if (r < 0 || bytes <= 0) {
3846 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid Block IO Bandwidth '%s', ignoring.", p);
3847 return 0;
3848 }
3849
3850 LIST_FOREACH(device_bandwidths, t, c->blockio_device_bandwidths) {
3851 if (path_equal(resolved, t->path)) {
3852 b = t;
3853 break;
3854 }
3855 }
3856
3857 if (!t) {
3858 b = new0(CGroupBlockIODeviceBandwidth, 1);
3859 if (!b)
3860 return log_oom();
3861
3862 b->path = TAKE_PTR(resolved);
3863 b->rbps = CGROUP_LIMIT_MAX;
3864 b->wbps = CGROUP_LIMIT_MAX;
3865
3866 LIST_PREPEND(device_bandwidths, c->blockio_device_bandwidths, b);
3867 }
3868
3869 if (read)
3870 b->rbps = bytes;
3871 else
3872 b->wbps = bytes;
3873
3874 return 0;
3875 }
3876
3877 DEFINE_CONFIG_PARSE_ENUM(config_parse_job_mode, job_mode, JobMode, "Failed to parse job mode");
3878
3879 int config_parse_job_mode_isolate(
3880 const char *unit,
3881 const char *filename,
3882 unsigned line,
3883 const char *section,
3884 unsigned section_line,
3885 const char *lvalue,
3886 int ltype,
3887 const char *rvalue,
3888 void *data,
3889 void *userdata) {
3890
3891 JobMode *m = data;
3892 int r;
3893
3894 assert(filename);
3895 assert(lvalue);
3896 assert(rvalue);
3897
3898 r = parse_boolean(rvalue);
3899 if (r < 0) {
3900 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse boolean, ignoring: %s", rvalue);
3901 return 0;
3902 }
3903
3904 log_notice("%s is deprecated. Please use OnFailureJobMode= instead", lvalue);
3905
3906 *m = r ? JOB_ISOLATE : JOB_REPLACE;
3907 return 0;
3908 }
3909
3910 DEFINE_CONFIG_PARSE_ENUM(config_parse_runtime_preserve_mode, exec_preserve_mode, ExecPreserveMode, "Failed to parse runtime directory preserve mode");
3911
3912 int config_parse_exec_directories(
3913 const char *unit,
3914 const char *filename,
3915 unsigned line,
3916 const char *section,
3917 unsigned section_line,
3918 const char *lvalue,
3919 int ltype,
3920 const char *rvalue,
3921 void *data,
3922 void *userdata) {
3923
3924 char***rt = data;
3925 Unit *u = userdata;
3926 const char *p;
3927 int r;
3928
3929 assert(filename);
3930 assert(lvalue);
3931 assert(rvalue);
3932 assert(data);
3933
3934 if (isempty(rvalue)) {
3935 /* Empty assignment resets the list */
3936 *rt = strv_free(*rt);
3937 return 0;
3938 }
3939
3940 for (p = rvalue;;) {
3941 _cleanup_free_ char *word = NULL, *k = NULL;
3942
3943 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3944 if (r == -ENOMEM)
3945 return log_oom();
3946 if (r < 0) {
3947 log_syntax(unit, LOG_WARNING, filename, line, r,
3948 "Invalid syntax, ignoring: %s", rvalue);
3949 return 0;
3950 }
3951 if (r == 0)
3952 return 0;
3953
3954 r = unit_full_printf(u, word, &k);
3955 if (r < 0) {
3956 log_syntax(unit, LOG_ERR, filename, line, r,
3957 "Failed to resolve unit specifiers in \"%s\", ignoring: %m", word);
3958 continue;
3959 }
3960
3961 if (!path_is_normalized(k)) {
3962 log_syntax(unit, LOG_ERR, filename, line, 0,
3963 "%s= path is not normalized, ignoring assignment: %s", lvalue, rvalue);
3964 continue;
3965 }
3966
3967 if (path_is_absolute(k)) {
3968 log_syntax(unit, LOG_ERR, filename, line, 0,
3969 "%s= path is absolute, ignoring assignment: %s", lvalue, rvalue);
3970 continue;
3971 }
3972
3973 if (path_startswith(k, "private")) {
3974 log_syntax(unit, LOG_ERR, filename, line, 0,
3975 "%s= path can't be 'private', ingoring assignment: %s", lvalue, rvalue);
3976 continue;
3977 }
3978
3979 r = strv_push(rt, k);
3980 if (r < 0)
3981 return log_oom();
3982 k = NULL;
3983 }
3984 }
3985
3986 int config_parse_set_status(
3987 const char *unit,
3988 const char *filename,
3989 unsigned line,
3990 const char *section,
3991 unsigned section_line,
3992 const char *lvalue,
3993 int ltype,
3994 const char *rvalue,
3995 void *data,
3996 void *userdata) {
3997
3998 size_t l;
3999 const char *word, *state;
4000 int r;
4001 ExitStatusSet *status_set = data;
4002
4003 assert(filename);
4004 assert(lvalue);
4005 assert(rvalue);
4006 assert(data);
4007
4008 /* Empty assignment resets the list */
4009 if (isempty(rvalue)) {
4010 exit_status_set_free(status_set);
4011 return 0;
4012 }
4013
4014 FOREACH_WORD(word, l, rvalue, state) {
4015 _cleanup_free_ char *temp;
4016 int val;
4017 Set **set;
4018
4019 temp = strndup(word, l);
4020 if (!temp)
4021 return log_oom();
4022
4023 r = safe_atoi(temp, &val);
4024 if (r < 0) {
4025 val = signal_from_string(temp);
4026
4027 if (val <= 0) {
4028 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse value, ignoring: %s", word);
4029 continue;
4030 }
4031 set = &status_set->signal;
4032 } else {
4033 if (val < 0 || val > 255) {
4034 log_syntax(unit, LOG_ERR, filename, line, 0, "Value %d is outside range 0-255, ignoring", val);
4035 continue;
4036 }
4037 set = &status_set->status;
4038 }
4039
4040 r = set_ensure_allocated(set, NULL);
4041 if (r < 0)
4042 return log_oom();
4043
4044 r = set_put(*set, INT_TO_PTR(val));
4045 if (r < 0)
4046 return log_oom();
4047 }
4048 if (!isempty(state))
4049 log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
4050
4051 return 0;
4052 }
4053
4054 int config_parse_namespace_path_strv(
4055 const char *unit,
4056 const char *filename,
4057 unsigned line,
4058 const char *section,
4059 unsigned section_line,
4060 const char *lvalue,
4061 int ltype,
4062 const char *rvalue,
4063 void *data,
4064 void *userdata) {
4065
4066 Unit *u = userdata;
4067 char*** sv = data;
4068 const char *p = rvalue;
4069 int r;
4070
4071 assert(filename);
4072 assert(lvalue);
4073 assert(rvalue);
4074 assert(data);
4075
4076 if (isempty(rvalue)) {
4077 /* Empty assignment resets the list */
4078 *sv = strv_free(*sv);
4079 return 0;
4080 }
4081
4082 for (;;) {
4083 _cleanup_free_ char *word = NULL, *resolved = NULL, *joined = NULL;
4084 const char *w;
4085 bool ignore_enoent = false, shall_prefix = false;
4086
4087 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
4088 if (r == 0)
4089 break;
4090 if (r == -ENOMEM)
4091 return log_oom();
4092 if (r < 0) {
4093 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue);
4094 return 0;
4095 }
4096
4097 if (!utf8_is_valid(word)) {
4098 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, word);
4099 continue;
4100 }
4101
4102 w = word;
4103 if (startswith(w, "-")) {
4104 ignore_enoent = true;
4105 w++;
4106 }
4107 if (startswith(w, "+")) {
4108 shall_prefix = true;
4109 w++;
4110 }
4111
4112 r = unit_full_printf(u, w, &resolved);
4113 if (r < 0) {
4114 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", w);
4115 continue;
4116 }
4117
4118 if (!path_is_absolute(resolved)) {
4119 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute path, ignoring: %s", resolved);
4120 continue;
4121 }
4122
4123 path_kill_slashes(resolved);
4124
4125 joined = strjoin(ignore_enoent ? "-" : "",
4126 shall_prefix ? "+" : "",
4127 resolved);
4128
4129 r = strv_push(sv, joined);
4130 if (r < 0)
4131 return log_oom();
4132
4133 joined = NULL;
4134 }
4135
4136 return 0;
4137 }
4138
4139 int config_parse_temporary_filesystems(
4140 const char *unit,
4141 const char *filename,
4142 unsigned line,
4143 const char *section,
4144 unsigned section_line,
4145 const char *lvalue,
4146 int ltype,
4147 const char *rvalue,
4148 void *data,
4149 void *userdata) {
4150
4151 Unit *u = userdata;
4152 ExecContext *c = data;
4153 const char *p = rvalue;
4154 int r;
4155
4156 assert(filename);
4157 assert(lvalue);
4158 assert(rvalue);
4159 assert(data);
4160
4161 if (isempty(rvalue)) {
4162 /* Empty assignment resets the list */
4163 temporary_filesystem_free_many(c->temporary_filesystems, c->n_temporary_filesystems);
4164 c->temporary_filesystems = NULL;
4165 c->n_temporary_filesystems = 0;
4166 return 0;
4167 }
4168
4169 for (;;) {
4170 _cleanup_free_ char *word = NULL, *path = NULL, *resolved = NULL;
4171 const char *w;
4172
4173 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
4174 if (r == 0)
4175 return 0;
4176 if (r == -ENOMEM)
4177 return log_oom();
4178 if (r < 0) {
4179 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue);
4180 return 0;
4181 }
4182
4183 w = word;
4184 r = extract_first_word(&w, &path, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
4185 if (r == -ENOMEM)
4186 return log_oom();
4187 if (r < 0) {
4188 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", word);
4189 continue;
4190 }
4191 if (r == 0) {
4192 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid syntax, ignoring: %s", word);
4193 continue;
4194 }
4195
4196 r = unit_full_printf(u, path, &resolved);
4197 if (r < 0) {
4198 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", path);
4199 continue;
4200 }
4201
4202 if (!path_is_absolute(resolved)) {
4203 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute path, ignoring: %s", resolved);
4204 continue;
4205 }
4206
4207 path_kill_slashes(resolved);
4208
4209 r = temporary_filesystem_add(&c->temporary_filesystems, &c->n_temporary_filesystems, path, w);
4210 if (r == -ENOMEM)
4211 return log_oom();
4212 if (r < 0) {
4213 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse mount options, ignoring: %s", word);
4214 continue;
4215 }
4216 }
4217 }
4218
4219 int config_parse_bind_paths(
4220 const char *unit,
4221 const char *filename,
4222 unsigned line,
4223 const char *section,
4224 unsigned section_line,
4225 const char *lvalue,
4226 int ltype,
4227 const char *rvalue,
4228 void *data,
4229 void *userdata) {
4230
4231 ExecContext *c = data;
4232 Unit *u = userdata;
4233 const char *p;
4234 int r;
4235
4236 assert(filename);
4237 assert(lvalue);
4238 assert(rvalue);
4239 assert(data);
4240
4241 if (isempty(rvalue)) {
4242 /* Empty assignment resets the list */
4243 bind_mount_free_many(c->bind_mounts, c->n_bind_mounts);
4244 c->bind_mounts = NULL;
4245 c->n_bind_mounts = 0;
4246 return 0;
4247 }
4248
4249 p = rvalue;
4250 for (;;) {
4251 _cleanup_free_ char *source = NULL, *destination = NULL;
4252 _cleanup_free_ char *sresolved = NULL, *dresolved = NULL;
4253 char *s = NULL, *d = NULL;
4254 bool rbind = true, ignore_enoent = false;
4255
4256 r = extract_first_word(&p, &source, ":" WHITESPACE, EXTRACT_QUOTES|EXTRACT_DONT_COALESCE_SEPARATORS);
4257 if (r == 0)
4258 break;
4259 if (r == -ENOMEM)
4260 return log_oom();
4261 if (r < 0) {
4262 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4263 return 0;
4264 }
4265
4266 r = unit_full_printf(u, source, &sresolved);
4267 if (r < 0) {
4268 log_syntax(unit, LOG_ERR, filename, line, r,
4269 "Failed to resolved unit specifiers in \"%s\", ignoring: %m", source);
4270 return 0;
4271 }
4272
4273 s = sresolved;
4274 if (s[0] == '-') {
4275 ignore_enoent = true;
4276 s++;
4277 }
4278
4279 if (!utf8_is_valid(s)) {
4280 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, s);
4281 return 0;
4282 }
4283 if (!path_is_absolute(s)) {
4284 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute source path, ignoring: %s", s);
4285 return 0;
4286 }
4287
4288 path_kill_slashes(s);
4289
4290 /* Optionally, the destination is specified. */
4291 if (p && p[-1] == ':') {
4292 r = extract_first_word(&p, &destination, ":" WHITESPACE, EXTRACT_QUOTES|EXTRACT_DONT_COALESCE_SEPARATORS);
4293 if (r == -ENOMEM)
4294 return log_oom();
4295 if (r < 0) {
4296 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4297 return 0;
4298 }
4299 if (r == 0) {
4300 log_syntax(unit, LOG_ERR, filename, line, 0, "Missing argument after ':': %s", rvalue);
4301 return 0;
4302 }
4303
4304 r = unit_full_printf(u, destination, &dresolved);
4305 if (r < 0) {
4306 log_syntax(unit, LOG_ERR, filename, line, r,
4307 "Failed to resolved specifiers in \"%s\", ignoring: %m", destination);
4308 return 0;
4309 }
4310
4311 if (!utf8_is_valid(dresolved)) {
4312 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, dresolved);
4313 return 0;
4314 }
4315 if (!path_is_absolute(dresolved)) {
4316 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute destination path, ignoring: %s", dresolved);
4317 return 0;
4318 }
4319
4320 d = path_kill_slashes(dresolved);
4321
4322 /* Optionally, there's also a short option string specified */
4323 if (p && p[-1] == ':') {
4324 _cleanup_free_ char *options = NULL;
4325
4326 r = extract_first_word(&p, &options, NULL, EXTRACT_QUOTES);
4327 if (r == -ENOMEM)
4328 return log_oom();
4329 if (r < 0) {
4330 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4331 return 0;
4332 }
4333
4334 if (isempty(options) || streq(options, "rbind"))
4335 rbind = true;
4336 else if (streq(options, "norbind"))
4337 rbind = false;
4338 else {
4339 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid option string, ignoring setting: %s", options);
4340 return 0;
4341 }
4342 }
4343 } else
4344 d = s;
4345
4346 r = bind_mount_add(&c->bind_mounts, &c->n_bind_mounts,
4347 &(BindMount) {
4348 .source = s,
4349 .destination = d,
4350 .read_only = !!strstr(lvalue, "ReadOnly"),
4351 .recursive = rbind,
4352 .ignore_enoent = ignore_enoent,
4353 });
4354 if (r < 0)
4355 return log_oom();
4356 }
4357
4358 return 0;
4359 }
4360
4361 int config_parse_no_new_privileges(
4362 const char* unit,
4363 const char *filename,
4364 unsigned line,
4365 const char *section,
4366 unsigned section_line,
4367 const char *lvalue,
4368 int ltype,
4369 const char *rvalue,
4370 void *data,
4371 void *userdata) {
4372
4373 ExecContext *c = data;
4374 int r;
4375
4376 assert(filename);
4377 assert(lvalue);
4378 assert(rvalue);
4379 assert(data);
4380
4381 r = parse_boolean(rvalue);
4382 if (r < 0) {
4383 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse boolean value, ignoring: %s", rvalue);
4384 return 0;
4385 }
4386
4387 c->no_new_privileges = r;
4388
4389 return 0;
4390 }
4391
4392 int config_parse_protect_home(
4393 const char* unit,
4394 const char *filename,
4395 unsigned line,
4396 const char *section,
4397 unsigned section_line,
4398 const char *lvalue,
4399 int ltype,
4400 const char *rvalue,
4401 void *data,
4402 void *userdata) {
4403
4404 ExecContext *c = data;
4405 ProtectHome h;
4406
4407 assert(filename);
4408 assert(lvalue);
4409 assert(rvalue);
4410 assert(data);
4411
4412 /* Our enum shall be a superset of booleans, hence first try
4413 * to parse as boolean, and then as enum */
4414
4415 h = parse_protect_home_or_bool(rvalue);
4416 if (h < 0) {
4417 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse protect home value, ignoring: %s", rvalue);
4418 return 0;
4419 }
4420
4421 c->protect_home = h;
4422
4423 return 0;
4424 }
4425
4426 int config_parse_protect_system(
4427 const char* unit,
4428 const char *filename,
4429 unsigned line,
4430 const char *section,
4431 unsigned section_line,
4432 const char *lvalue,
4433 int ltype,
4434 const char *rvalue,
4435 void *data,
4436 void *userdata) {
4437
4438 ExecContext *c = data;
4439 ProtectSystem s;
4440
4441 assert(filename);
4442 assert(lvalue);
4443 assert(rvalue);
4444 assert(data);
4445
4446 s = parse_protect_system_or_bool(rvalue);
4447 if (s < 0) {
4448 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse protect system value, ignoring: %s", rvalue);
4449 return 0;
4450 }
4451
4452 c->protect_system = s;
4453
4454 return 0;
4455 }
4456
4457 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_keyring_mode, exec_keyring_mode, ExecKeyringMode, "Failed to parse keyring mode");
4458
4459 int config_parse_job_timeout_sec(
4460 const char* unit,
4461 const char *filename,
4462 unsigned line,
4463 const char *section,
4464 unsigned section_line,
4465 const char *lvalue,
4466 int ltype,
4467 const char *rvalue,
4468 void *data,
4469 void *userdata) {
4470
4471 Unit *u = data;
4472 usec_t usec;
4473 int r;
4474
4475 assert(filename);
4476 assert(lvalue);
4477 assert(rvalue);
4478 assert(u);
4479
4480 r = parse_sec_fix_0(rvalue, &usec);
4481 if (r < 0) {
4482 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobTimeoutSec= parameter, ignoring: %s", rvalue);
4483 return 0;
4484 }
4485
4486 /* If the user explicitly changed JobTimeoutSec= also change JobRunningTimeoutSec=, for compatibility with old
4487 * versions. If JobRunningTimeoutSec= was explicitly set, avoid this however as whatever the user picked should
4488 * count. */
4489
4490 if (!u->job_running_timeout_set)
4491 u->job_running_timeout = usec;
4492
4493 u->job_timeout = usec;
4494
4495 return 0;
4496 }
4497
4498 int config_parse_job_running_timeout_sec(
4499 const char* unit,
4500 const char *filename,
4501 unsigned line,
4502 const char *section,
4503 unsigned section_line,
4504 const char *lvalue,
4505 int ltype,
4506 const char *rvalue,
4507 void *data,
4508 void *userdata) {
4509
4510 Unit *u = data;
4511 usec_t usec;
4512 int r;
4513
4514 assert(filename);
4515 assert(lvalue);
4516 assert(rvalue);
4517 assert(u);
4518
4519 r = parse_sec_fix_0(rvalue, &usec);
4520 if (r < 0) {
4521 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobRunningTimeoutSec= parameter, ignoring: %s", rvalue);
4522 return 0;
4523 }
4524
4525 u->job_running_timeout = usec;
4526 u->job_running_timeout_set = true;
4527
4528 return 0;
4529 }
4530
4531 #define FOLLOW_MAX 8
4532
4533 static int open_follow(char **filename, FILE **_f, Set *names, char **_final) {
4534 char *id = NULL;
4535 unsigned c = 0;
4536 int fd, r;
4537 FILE *f;
4538
4539 assert(filename);
4540 assert(*filename);
4541 assert(_f);
4542 assert(names);
4543
4544 /* This will update the filename pointer if the loaded file is
4545 * reached by a symlink. The old string will be freed. */
4546
4547 for (;;) {
4548 char *target, *name;
4549
4550 if (c++ >= FOLLOW_MAX)
4551 return -ELOOP;
4552
4553 path_kill_slashes(*filename);
4554
4555 /* Add the file name we are currently looking at to
4556 * the names of this unit, but only if it is a valid
4557 * unit name. */
4558 name = basename(*filename);
4559 if (unit_name_is_valid(name, UNIT_NAME_ANY)) {
4560
4561 id = set_get(names, name);
4562 if (!id) {
4563 id = strdup(name);
4564 if (!id)
4565 return -ENOMEM;
4566
4567 r = set_consume(names, id);
4568 if (r < 0)
4569 return r;
4570 }
4571 }
4572
4573 /* Try to open the file name, but don't if its a symlink */
4574 fd = open(*filename, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW);
4575 if (fd >= 0)
4576 break;
4577
4578 if (errno != ELOOP)
4579 return -errno;
4580
4581 /* Hmm, so this is a symlink. Let's read the name, and follow it manually */
4582 r = readlink_and_make_absolute(*filename, &target);
4583 if (r < 0)
4584 return r;
4585
4586 free(*filename);
4587 *filename = target;
4588 }
4589
4590 f = fdopen(fd, "re");
4591 if (!f) {
4592 safe_close(fd);
4593 return -errno;
4594 }
4595
4596 *_f = f;
4597 *_final = id;
4598
4599 return 0;
4600 }
4601
4602 static int merge_by_names(Unit **u, Set *names, const char *id) {
4603 char *k;
4604 int r;
4605
4606 assert(u);
4607 assert(*u);
4608 assert(names);
4609
4610 /* Let's try to add in all symlink names we found */
4611 while ((k = set_steal_first(names))) {
4612
4613 /* First try to merge in the other name into our
4614 * unit */
4615 r = unit_merge_by_name(*u, k);
4616 if (r < 0) {
4617 Unit *other;
4618
4619 /* Hmm, we couldn't merge the other unit into
4620 * ours? Then let's try it the other way
4621 * round */
4622
4623 /* If the symlink name we are looking at is unit template, then
4624 we must search for instance of this template */
4625 if (unit_name_is_valid(k, UNIT_NAME_TEMPLATE) && (*u)->instance) {
4626 _cleanup_free_ char *instance = NULL;
4627
4628 r = unit_name_replace_instance(k, (*u)->instance, &instance);
4629 if (r < 0)
4630 return r;
4631
4632 other = manager_get_unit((*u)->manager, instance);
4633 } else
4634 other = manager_get_unit((*u)->manager, k);
4635
4636 free(k);
4637
4638 if (other) {
4639 r = unit_merge(other, *u);
4640 if (r >= 0) {
4641 *u = other;
4642 return merge_by_names(u, names, NULL);
4643 }
4644 }
4645
4646 return r;
4647 }
4648
4649 if (id == k)
4650 unit_choose_id(*u, id);
4651
4652 free(k);
4653 }
4654
4655 return 0;
4656 }
4657
4658 static int load_from_path(Unit *u, const char *path) {
4659 _cleanup_set_free_free_ Set *symlink_names = NULL;
4660 _cleanup_fclose_ FILE *f = NULL;
4661 _cleanup_free_ char *filename = NULL;
4662 char *id = NULL;
4663 Unit *merged;
4664 struct stat st;
4665 int r;
4666
4667 assert(u);
4668 assert(path);
4669
4670 symlink_names = set_new(&string_hash_ops);
4671 if (!symlink_names)
4672 return -ENOMEM;
4673
4674 if (path_is_absolute(path)) {
4675
4676 filename = strdup(path);
4677 if (!filename)
4678 return -ENOMEM;
4679
4680 r = open_follow(&filename, &f, symlink_names, &id);
4681 if (r < 0) {
4682 filename = mfree(filename);
4683 if (r != -ENOENT)
4684 return r;
4685 }
4686
4687 } else {
4688 char **p;
4689
4690 STRV_FOREACH(p, u->manager->lookup_paths.search_path) {
4691
4692 /* Instead of opening the path right away, we manually
4693 * follow all symlinks and add their name to our unit
4694 * name set while doing so */
4695 filename = path_make_absolute(path, *p);
4696 if (!filename)
4697 return -ENOMEM;
4698
4699 if (u->manager->unit_path_cache &&
4700 !set_get(u->manager->unit_path_cache, filename))
4701 r = -ENOENT;
4702 else
4703 r = open_follow(&filename, &f, symlink_names, &id);
4704 if (r >= 0)
4705 break;
4706 filename = mfree(filename);
4707
4708 /* ENOENT means that the file is missing or is a dangling symlink.
4709 * ENOTDIR means that one of paths we expect to be is a directory
4710 * is not a directory, we should just ignore that.
4711 * EACCES means that the directory or file permissions are wrong.
4712 */
4713 if (r == -EACCES)
4714 log_debug_errno(r, "Cannot access \"%s\": %m", filename);
4715 else if (!IN_SET(r, -ENOENT, -ENOTDIR))
4716 return r;
4717
4718 /* Empty the symlink names for the next run */
4719 set_clear_free(symlink_names);
4720 }
4721 }
4722
4723 if (!filename)
4724 /* Hmm, no suitable file found? */
4725 return 0;
4726
4727 if (!unit_type_may_alias(u->type) && set_size(symlink_names) > 1) {
4728 log_unit_warning(u, "Unit type of %s does not support alias names, refusing loading via symlink.", u->id);
4729 return -ELOOP;
4730 }
4731
4732 merged = u;
4733 r = merge_by_names(&merged, symlink_names, id);
4734 if (r < 0)
4735 return r;
4736
4737 if (merged != u) {
4738 u->load_state = UNIT_MERGED;
4739 return 0;
4740 }
4741
4742 if (fstat(fileno(f), &st) < 0)
4743 return -errno;
4744
4745 if (null_or_empty(&st)) {
4746 u->load_state = UNIT_MASKED;
4747 u->fragment_mtime = 0;
4748 } else {
4749 u->load_state = UNIT_LOADED;
4750 u->fragment_mtime = timespec_load(&st.st_mtim);
4751
4752 /* Now, parse the file contents */
4753 r = config_parse(u->id, filename, f,
4754 UNIT_VTABLE(u)->sections,
4755 config_item_perf_lookup, load_fragment_gperf_lookup,
4756 CONFIG_PARSE_ALLOW_INCLUDE, u);
4757 if (r < 0)
4758 return r;
4759 }
4760
4761 free_and_replace(u->fragment_path, filename);
4762
4763 if (u->source_path) {
4764 if (stat(u->source_path, &st) >= 0)
4765 u->source_mtime = timespec_load(&st.st_mtim);
4766 else
4767 u->source_mtime = 0;
4768 }
4769
4770 return 0;
4771 }
4772
4773 int unit_load_fragment(Unit *u) {
4774 int r;
4775 Iterator i;
4776 const char *t;
4777
4778 assert(u);
4779 assert(u->load_state == UNIT_STUB);
4780 assert(u->id);
4781
4782 if (u->transient) {
4783 u->load_state = UNIT_LOADED;
4784 return 0;
4785 }
4786
4787 /* First, try to find the unit under its id. We always look
4788 * for unit files in the default directories, to make it easy
4789 * to override things by placing things in /etc/systemd/system */
4790 r = load_from_path(u, u->id);
4791 if (r < 0)
4792 return r;
4793
4794 /* Try to find an alias we can load this with */
4795 if (u->load_state == UNIT_STUB) {
4796 SET_FOREACH(t, u->names, i) {
4797
4798 if (t == u->id)
4799 continue;
4800
4801 r = load_from_path(u, t);
4802 if (r < 0)
4803 return r;
4804
4805 if (u->load_state != UNIT_STUB)
4806 break;
4807 }
4808 }
4809
4810 /* And now, try looking for it under the suggested (originally linked) path */
4811 if (u->load_state == UNIT_STUB && u->fragment_path) {
4812
4813 r = load_from_path(u, u->fragment_path);
4814 if (r < 0)
4815 return r;
4816
4817 if (u->load_state == UNIT_STUB)
4818 /* Hmm, this didn't work? Then let's get rid
4819 * of the fragment path stored for us, so that
4820 * we don't point to an invalid location. */
4821 u->fragment_path = mfree(u->fragment_path);
4822 }
4823
4824 /* Look for a template */
4825 if (u->load_state == UNIT_STUB && u->instance) {
4826 _cleanup_free_ char *k = NULL;
4827
4828 r = unit_name_template(u->id, &k);
4829 if (r < 0)
4830 return r;
4831
4832 r = load_from_path(u, k);
4833 if (r < 0) {
4834 if (r == -ENOEXEC)
4835 log_unit_notice(u, "Unit configuration has fatal error, unit will not be started.");
4836 return r;
4837 }
4838
4839 if (u->load_state == UNIT_STUB) {
4840 SET_FOREACH(t, u->names, i) {
4841 _cleanup_free_ char *z = NULL;
4842
4843 if (t == u->id)
4844 continue;
4845
4846 r = unit_name_template(t, &z);
4847 if (r < 0)
4848 return r;
4849
4850 r = load_from_path(u, z);
4851 if (r < 0)
4852 return r;
4853
4854 if (u->load_state != UNIT_STUB)
4855 break;
4856 }
4857 }
4858 }
4859
4860 return 0;
4861 }
4862
4863 void unit_dump_config_items(FILE *f) {
4864 static const struct {
4865 const ConfigParserCallback callback;
4866 const char *rvalue;
4867 } table[] = {
4868 { config_parse_warn_compat, "NOTSUPPORTED" },
4869 { config_parse_int, "INTEGER" },
4870 { config_parse_unsigned, "UNSIGNED" },
4871 { config_parse_iec_size, "SIZE" },
4872 { config_parse_iec_uint64, "SIZE" },
4873 { config_parse_si_size, "SIZE" },
4874 { config_parse_bool, "BOOLEAN" },
4875 { config_parse_string, "STRING" },
4876 { config_parse_path, "PATH" },
4877 { config_parse_unit_path_printf, "PATH" },
4878 { config_parse_strv, "STRING [...]" },
4879 { config_parse_exec_nice, "NICE" },
4880 { config_parse_exec_oom_score_adjust, "OOMSCOREADJUST" },
4881 { config_parse_exec_io_class, "IOCLASS" },
4882 { config_parse_exec_io_priority, "IOPRIORITY" },
4883 { config_parse_exec_cpu_sched_policy, "CPUSCHEDPOLICY" },
4884 { config_parse_exec_cpu_sched_prio, "CPUSCHEDPRIO" },
4885 { config_parse_exec_cpu_affinity, "CPUAFFINITY" },
4886 { config_parse_mode, "MODE" },
4887 { config_parse_unit_env_file, "FILE" },
4888 { config_parse_exec_output, "OUTPUT" },
4889 { config_parse_exec_input, "INPUT" },
4890 { config_parse_log_facility, "FACILITY" },
4891 { config_parse_log_level, "LEVEL" },
4892 { config_parse_exec_secure_bits, "SECUREBITS" },
4893 { config_parse_capability_set, "BOUNDINGSET" },
4894 { config_parse_rlimit, "LIMIT" },
4895 { config_parse_unit_deps, "UNIT [...]" },
4896 { config_parse_exec, "PATH [ARGUMENT [...]]" },
4897 { config_parse_service_type, "SERVICETYPE" },
4898 { config_parse_service_restart, "SERVICERESTART" },
4899 { config_parse_kill_mode, "KILLMODE" },
4900 { config_parse_signal, "SIGNAL" },
4901 { config_parse_socket_listen, "SOCKET [...]" },
4902 { config_parse_socket_bind, "SOCKETBIND" },
4903 { config_parse_socket_bindtodevice, "NETWORKINTERFACE" },
4904 { config_parse_sec, "SECONDS" },
4905 { config_parse_nsec, "NANOSECONDS" },
4906 { config_parse_namespace_path_strv, "PATH [...]" },
4907 { config_parse_bind_paths, "PATH[:PATH[:OPTIONS]] [...]" },
4908 { config_parse_unit_requires_mounts_for, "PATH [...]" },
4909 { config_parse_exec_mount_flags, "MOUNTFLAG [...]" },
4910 { config_parse_unit_string_printf, "STRING" },
4911 { config_parse_trigger_unit, "UNIT" },
4912 { config_parse_timer, "TIMER" },
4913 { config_parse_path_spec, "PATH" },
4914 { config_parse_notify_access, "ACCESS" },
4915 { config_parse_ip_tos, "TOS" },
4916 { config_parse_unit_condition_path, "CONDITION" },
4917 { config_parse_unit_condition_string, "CONDITION" },
4918 { config_parse_unit_condition_null, "CONDITION" },
4919 { config_parse_unit_slice, "SLICE" },
4920 { config_parse_documentation, "URL" },
4921 { config_parse_service_timeout, "SECONDS" },
4922 { config_parse_emergency_action, "ACTION" },
4923 { config_parse_set_status, "STATUS" },
4924 { config_parse_service_sockets, "SOCKETS" },
4925 { config_parse_environ, "ENVIRON" },
4926 #if HAVE_SECCOMP
4927 { config_parse_syscall_filter, "SYSCALLS" },
4928 { config_parse_syscall_archs, "ARCHS" },
4929 { config_parse_syscall_errno, "ERRNO" },
4930 { config_parse_address_families, "FAMILIES" },
4931 { config_parse_restrict_namespaces, "NAMESPACES" },
4932 #endif
4933 { config_parse_cpu_shares, "SHARES" },
4934 { config_parse_cpu_weight, "WEIGHT" },
4935 { config_parse_memory_limit, "LIMIT" },
4936 { config_parse_device_allow, "DEVICE" },
4937 { config_parse_device_policy, "POLICY" },
4938 { config_parse_io_limit, "LIMIT" },
4939 { config_parse_io_weight, "WEIGHT" },
4940 { config_parse_io_device_weight, "DEVICEWEIGHT" },
4941 { config_parse_blockio_bandwidth, "BANDWIDTH" },
4942 { config_parse_blockio_weight, "WEIGHT" },
4943 { config_parse_blockio_device_weight, "DEVICEWEIGHT" },
4944 { config_parse_long, "LONG" },
4945 { config_parse_socket_service, "SERVICE" },
4946 #if HAVE_SELINUX
4947 { config_parse_exec_selinux_context, "LABEL" },
4948 #endif
4949 { config_parse_job_mode, "MODE" },
4950 { config_parse_job_mode_isolate, "BOOLEAN" },
4951 { config_parse_personality, "PERSONALITY" },
4952 };
4953
4954 const char *prev = NULL;
4955 const char *i;
4956
4957 assert(f);
4958
4959 NULSTR_FOREACH(i, load_fragment_gperf_nulstr) {
4960 const char *rvalue = "OTHER", *lvalue;
4961 const ConfigPerfItem *p;
4962 size_t prefix_len;
4963 const char *dot;
4964 unsigned j;
4965
4966 assert_se(p = load_fragment_gperf_lookup(i, strlen(i)));
4967
4968 /* Hide legacy settings */
4969 if (p->parse == config_parse_warn_compat &&
4970 p->ltype == DISABLED_LEGACY)
4971 continue;
4972
4973 for (j = 0; j < ELEMENTSOF(table); j++)
4974 if (p->parse == table[j].callback) {
4975 rvalue = table[j].rvalue;
4976 break;
4977 }
4978
4979 dot = strchr(i, '.');
4980 lvalue = dot ? dot + 1 : i;
4981 prefix_len = dot-i;
4982
4983 if (dot)
4984 if (!prev || !strneq(prev, i, prefix_len+1)) {
4985 if (prev)
4986 fputc('\n', f);
4987
4988 fprintf(f, "[%.*s]\n", (int) prefix_len, i);
4989 }
4990
4991 fprintf(f, "%s=%s\n", lvalue, rvalue);
4992 prev = i;
4993 }
4994 }
Unnamed repository; edit this file 'description' to name the repository.