]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/load-fragment.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #9026 from yuwata/followup-9021
[thirdparty/systemd.git] / src / core / load-fragment.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6 Copyright 2012 Holger Hans Peter Freyther
7 ***/
8
9 #include <errno.h>
10 #include <fcntl.h>
11 #include <linux/fs.h>
12 #include <linux/oom.h>
13 #if HAVE_SECCOMP
14 #include <seccomp.h>
15 #endif
16 #include <sched.h>
17 #include <string.h>
18 #include <sys/resource.h>
19 #include <sys/stat.h>
20
21 #include "af-list.h"
22 #include "alloc-util.h"
23 #include "all-units.h"
24 #include "bus-error.h"
25 #include "bus-internal.h"
26 #include "bus-util.h"
27 #include "cap-list.h"
28 #include "capability-util.h"
29 #include "cgroup.h"
30 #include "conf-parser.h"
31 #include "cpu-set-util.h"
32 #include "env-util.h"
33 #include "errno-list.h"
34 #include "escape.h"
35 #include "fd-util.h"
36 #include "fs-util.h"
37 #include "hexdecoct.h"
38 #include "io-util.h"
39 #include "ioprio.h"
40 #include "journal-util.h"
41 #include "load-fragment.h"
42 #include "log.h"
43 #include "missing.h"
44 #include "mount-util.h"
45 #include "parse-util.h"
46 #include "path-util.h"
47 #include "process-util.h"
48 #if HAVE_SECCOMP
49 #include "seccomp-util.h"
50 #endif
51 #include "securebits.h"
52 #include "securebits-util.h"
53 #include "signal-util.h"
54 #include "socket-protocol-list.h"
55 #include "stat-util.h"
56 #include "string-util.h"
57 #include "strv.h"
58 #include "unit-name.h"
59 #include "unit-printf.h"
60 #include "user-util.h"
61 #include "utf8.h"
62 #include "web-util.h"
63
64 DEFINE_CONFIG_PARSE_ENUM(config_parse_collect_mode, collect_mode, CollectMode, "Failed to parse garbage collection mode");
65
66 int config_parse_unit_deps(
67 const char *unit,
68 const char *filename,
69 unsigned line,
70 const char *section,
71 unsigned section_line,
72 const char *lvalue,
73 int ltype,
74 const char *rvalue,
75 void *data,
76 void *userdata) {
77
78 UnitDependency d = ltype;
79 Unit *u = userdata;
80 const char *p;
81
82 assert(filename);
83 assert(lvalue);
84 assert(rvalue);
85
86 p = rvalue;
87 for (;;) {
88 _cleanup_free_ char *word = NULL, *k = NULL;
89 int r;
90
91 r = extract_first_word(&p, &word, NULL, EXTRACT_RETAIN_ESCAPE);
92 if (r == 0)
93 break;
94 if (r == -ENOMEM)
95 return log_oom();
96 if (r < 0) {
97 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
98 break;
99 }
100
101 r = unit_name_printf(u, word, &k);
102 if (r < 0) {
103 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %m");
104 continue;
105 }
106
107 r = unit_add_dependency_by_name(u, d, k, NULL, true, UNIT_DEPENDENCY_FILE);
108 if (r < 0)
109 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
110 }
111
112 return 0;
113 }
114
115 int config_parse_obsolete_unit_deps(
116 const char *unit,
117 const char *filename,
118 unsigned line,
119 const char *section,
120 unsigned section_line,
121 const char *lvalue,
122 int ltype,
123 const char *rvalue,
124 void *data,
125 void *userdata) {
126
127 log_syntax(unit, LOG_WARNING, filename, line, 0,
128 "Unit dependency type %s= is obsolete, replacing by %s=, please update your unit file", lvalue, unit_dependency_to_string(ltype));
129
130 return config_parse_unit_deps(unit, filename, line, section, section_line, lvalue, ltype, rvalue, data, userdata);
131 }
132
133 int config_parse_unit_string_printf(
134 const char *unit,
135 const char *filename,
136 unsigned line,
137 const char *section,
138 unsigned section_line,
139 const char *lvalue,
140 int ltype,
141 const char *rvalue,
142 void *data,
143 void *userdata) {
144
145 _cleanup_free_ char *k = NULL;
146 Unit *u = userdata;
147 int r;
148
149 assert(filename);
150 assert(lvalue);
151 assert(rvalue);
152 assert(u);
153
154 r = unit_full_printf(u, rvalue, &k);
155 if (r < 0) {
156 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s, ignoring: %m", rvalue);
157 return 0;
158 }
159
160 return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
161 }
162
163 int config_parse_unit_strv_printf(
164 const char *unit,
165 const char *filename,
166 unsigned line,
167 const char *section,
168 unsigned section_line,
169 const char *lvalue,
170 int ltype,
171 const char *rvalue,
172 void *data,
173 void *userdata) {
174
175 Unit *u = userdata;
176 _cleanup_free_ char *k = NULL;
177 int r;
178
179 assert(filename);
180 assert(lvalue);
181 assert(rvalue);
182 assert(u);
183
184 r = unit_full_printf(u, rvalue, &k);
185 if (r < 0) {
186 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s, ignoring: %m", rvalue);
187 return 0;
188 }
189
190 return config_parse_strv(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
191 }
192
193 int config_parse_unit_path_printf(
194 const char *unit,
195 const char *filename,
196 unsigned line,
197 const char *section,
198 unsigned section_line,
199 const char *lvalue,
200 int ltype,
201 const char *rvalue,
202 void *data,
203 void *userdata) {
204
205 _cleanup_free_ char *k = NULL;
206 Unit *u = userdata;
207 int r;
208 bool fatal = ltype;
209
210 assert(filename);
211 assert(lvalue);
212 assert(rvalue);
213 assert(u);
214
215 /* Let's not bother with anything that is too long */
216 if (strlen(rvalue) >= PATH_MAX) {
217 log_syntax(unit, LOG_ERR, filename, line, 0,
218 "%s value too long%s.",
219 lvalue, fatal ? "" : ", ignoring");
220 return fatal ? -ENAMETOOLONG : 0;
221 }
222
223 r = unit_full_printf(u, rvalue, &k);
224 if (r < 0) {
225 log_syntax(unit, LOG_ERR, filename, line, r,
226 "Failed to resolve unit specifiers in \"%s\"%s: %m",
227 rvalue, fatal ? "" : ", ignoring");
228 return fatal ? -ENOEXEC : 0;
229 }
230
231 return config_parse_path(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
232 }
233
234 int config_parse_unit_path_strv_printf(
235 const char *unit,
236 const char *filename,
237 unsigned line,
238 const char *section,
239 unsigned section_line,
240 const char *lvalue,
241 int ltype,
242 const char *rvalue,
243 void *data,
244 void *userdata) {
245
246 char ***x = data;
247 Unit *u = userdata;
248 int r;
249 const char *p;
250
251 assert(filename);
252 assert(lvalue);
253 assert(rvalue);
254 assert(u);
255
256 if (isempty(rvalue)) {
257 *x = strv_free(*x);
258 return 0;
259 }
260
261 for (p = rvalue;;) {
262 _cleanup_free_ char *word = NULL, *k = NULL;
263
264 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
265 if (r == 0)
266 return 0;
267 if (r == -ENOMEM)
268 return log_oom();
269 if (r < 0) {
270 log_syntax(unit, LOG_WARNING, filename, line, r,
271 "Invalid syntax, ignoring: %s", rvalue);
272 return 0;
273 }
274
275 r = unit_full_printf(u, word, &k);
276 if (r < 0) {
277 log_syntax(unit, LOG_ERR, filename, line, r,
278 "Failed to resolve unit specifiers on \"%s\", ignoring: %m", word);
279 return 0;
280 }
281
282 if (!utf8_is_valid(k)) {
283 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
284 return 0;
285 }
286
287 if (!path_is_absolute(k)) {
288 log_syntax(unit, LOG_ERR, filename, line, 0,
289 "Symlink path is not absolute: %s", k);
290 return 0;
291 }
292
293 path_kill_slashes(k);
294
295 r = strv_push(x, k);
296 if (r < 0)
297 return log_oom();
298 k = NULL;
299 }
300 }
301
302 int config_parse_socket_listen(const char *unit,
303 const char *filename,
304 unsigned line,
305 const char *section,
306 unsigned section_line,
307 const char *lvalue,
308 int ltype,
309 const char *rvalue,
310 void *data,
311 void *userdata) {
312
313 _cleanup_free_ SocketPort *p = NULL;
314 SocketPort *tail;
315 Socket *s;
316 int r;
317
318 assert(filename);
319 assert(lvalue);
320 assert(rvalue);
321 assert(data);
322
323 s = SOCKET(data);
324
325 if (isempty(rvalue)) {
326 /* An empty assignment removes all ports */
327 socket_free_ports(s);
328 return 0;
329 }
330
331 p = new0(SocketPort, 1);
332 if (!p)
333 return log_oom();
334
335 if (ltype != SOCKET_SOCKET) {
336
337 p->type = ltype;
338 r = unit_full_printf(UNIT(s), rvalue, &p->path);
339 if (r < 0) {
340 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s, ignoring: %m", rvalue);
341 return 0;
342 }
343
344 path_kill_slashes(p->path);
345
346 } else if (streq(lvalue, "ListenNetlink")) {
347 _cleanup_free_ char *k = NULL;
348
349 p->type = SOCKET_SOCKET;
350 r = unit_full_printf(UNIT(s), rvalue, &k);
351 if (r < 0) {
352 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s, ignoring: %m", rvalue);
353 return 0;
354 }
355
356 r = socket_address_parse_netlink(&p->address, k);
357 if (r < 0) {
358 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value, ignoring: %s", rvalue);
359 return 0;
360 }
361
362 } else {
363 _cleanup_free_ char *k = NULL;
364
365 p->type = SOCKET_SOCKET;
366 r = unit_full_printf(UNIT(s), rvalue, &k);
367 if (r < 0) {
368 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s, ignoring: %m", rvalue);
369 return 0;
370 }
371
372 r = socket_address_parse_and_warn(&p->address, k);
373 if (r < 0) {
374 if (r != -EAFNOSUPPORT)
375 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value, ignoring: %s", rvalue);
376 return 0;
377 }
378
379 if (streq(lvalue, "ListenStream"))
380 p->address.type = SOCK_STREAM;
381 else if (streq(lvalue, "ListenDatagram"))
382 p->address.type = SOCK_DGRAM;
383 else {
384 assert(streq(lvalue, "ListenSequentialPacket"));
385 p->address.type = SOCK_SEQPACKET;
386 }
387
388 if (socket_address_family(&p->address) != AF_LOCAL && p->address.type == SOCK_SEQPACKET) {
389 log_syntax(unit, LOG_ERR, filename, line, 0, "Address family not supported, ignoring: %s", rvalue);
390 return 0;
391 }
392 }
393
394 p->fd = -1;
395 p->auxiliary_fds = NULL;
396 p->n_auxiliary_fds = 0;
397 p->socket = s;
398
399 LIST_FIND_TAIL(port, s->ports, tail);
400 LIST_INSERT_AFTER(port, s->ports, tail, p);
401
402 p = NULL;
403
404 return 0;
405 }
406
407 int config_parse_socket_protocol(const char *unit,
408 const char *filename,
409 unsigned line,
410 const char *section,
411 unsigned section_line,
412 const char *lvalue,
413 int ltype,
414 const char *rvalue,
415 void *data,
416 void *userdata) {
417 Socket *s;
418 int r;
419
420 assert(filename);
421 assert(lvalue);
422 assert(rvalue);
423 assert(data);
424
425 s = SOCKET(data);
426
427 r = socket_protocol_from_name(rvalue);
428 if (r < 0) {
429 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid socket protocol, ignoring: %s", rvalue);
430 return 0;
431 } else if (!IN_SET(r, IPPROTO_UDPLITE, IPPROTO_SCTP)) {
432 log_syntax(unit, LOG_ERR, filename, line, 0, "Socket protocol not supported, ignoring: %s", rvalue);
433 return 0;
434 }
435
436 s->socket_protocol = r;
437
438 return 0;
439 }
440
441 int config_parse_socket_bind(const char *unit,
442 const char *filename,
443 unsigned line,
444 const char *section,
445 unsigned section_line,
446 const char *lvalue,
447 int ltype,
448 const char *rvalue,
449 void *data,
450 void *userdata) {
451
452 Socket *s;
453 SocketAddressBindIPv6Only b;
454
455 assert(filename);
456 assert(lvalue);
457 assert(rvalue);
458 assert(data);
459
460 s = SOCKET(data);
461
462 b = parse_socket_address_bind_ipv6_only_or_bool(rvalue);
463 if (b < 0) {
464 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse bind IPv6 only value, ignoring: %s", rvalue);
465 return 0;
466 }
467
468 s->bind_ipv6_only = b;
469
470 return 0;
471 }
472
473 int config_parse_exec_nice(
474 const char *unit,
475 const char *filename,
476 unsigned line,
477 const char *section,
478 unsigned section_line,
479 const char *lvalue,
480 int ltype,
481 const char *rvalue,
482 void *data,
483 void *userdata) {
484
485 ExecContext *c = data;
486 int priority, r;
487
488 assert(filename);
489 assert(lvalue);
490 assert(rvalue);
491 assert(data);
492
493 r = parse_nice(rvalue, &priority);
494 if (r < 0) {
495 if (r == -ERANGE)
496 log_syntax(unit, LOG_ERR, filename, line, r, "Nice priority out of range, ignoring: %s", rvalue);
497 else
498 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse nice priority, ignoring: %s", rvalue);
499
500 return 0;
501 }
502
503 c->nice = priority;
504 c->nice_set = true;
505
506 return 0;
507 }
508
509 int config_parse_exec_oom_score_adjust(
510 const char* unit,
511 const char *filename,
512 unsigned line,
513 const char *section,
514 unsigned section_line,
515 const char *lvalue,
516 int ltype,
517 const char *rvalue,
518 void *data,
519 void *userdata) {
520
521 ExecContext *c = data;
522 int oa, r;
523
524 assert(filename);
525 assert(lvalue);
526 assert(rvalue);
527 assert(data);
528
529 if (isempty(rvalue)) {
530 c->oom_score_adjust_set = false;
531 return 0;
532 }
533
534 r = parse_oom_score_adjust(rvalue, &oa);
535 if (r == -ERANGE) {
536 log_syntax(unit, LOG_ERR, filename, line, r, "OOM score adjust value out of range, ignoring: %s", rvalue);
537 return 0;
538 }
539 if (r < 0) {
540 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse the OOM score adjust value, ignoring: %s", rvalue);
541 return 0;
542 }
543
544 c->oom_score_adjust = oa;
545 c->oom_score_adjust_set = true;
546
547 return 0;
548 }
549
550 int config_parse_exec(
551 const char *unit,
552 const char *filename,
553 unsigned line,
554 const char *section,
555 unsigned section_line,
556 const char *lvalue,
557 int ltype,
558 const char *rvalue,
559 void *data,
560 void *userdata) {
561
562 ExecCommand **e = data;
563 Unit *u = userdata;
564 const char *p;
565 bool semicolon;
566 int r;
567
568 assert(filename);
569 assert(lvalue);
570 assert(rvalue);
571 assert(e);
572
573 e += ltype;
574 rvalue += strspn(rvalue, WHITESPACE);
575
576 if (isempty(rvalue)) {
577 /* An empty assignment resets the list */
578 *e = exec_command_free_list(*e);
579 return 0;
580 }
581
582 p = rvalue;
583 do {
584 _cleanup_free_ char *path = NULL, *firstword = NULL;
585 ExecCommandFlags flags = 0;
586 bool ignore = false, separate_argv0 = false;
587 _cleanup_free_ ExecCommand *nce = NULL;
588 _cleanup_strv_free_ char **n = NULL;
589 size_t nlen = 0, nbufsize = 0;
590 const char *f;
591
592 semicolon = false;
593
594 r = extract_first_word_and_warn(&p, &firstword, NULL, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
595 if (r <= 0)
596 return 0;
597
598 f = firstword;
599 for (;;) {
600 /* We accept an absolute path as first argument. If it's prefixed with - and the path doesn't
601 * exist, we ignore it instead of erroring out; if it's prefixed with @, we allow overriding of
602 * argv[0]; if it's prefixed with +, it will be run with full privileges and no sandboxing; if
603 * it's prefixed with '!' we apply sandboxing, but do not change user/group credentials; if
604 * it's prefixed with '!!', then we apply user/group credentials if the kernel supports ambient
605 * capabilities -- if it doesn't we don't apply the credentials themselves, but do apply most
606 * other sandboxing, with some special exceptions for changing UID.
607 *
608 * The idea is that '!!' may be used to write services that can take benefit of systemd's
609 * UID/GID dropping if the kernel supports ambient creds, but provide an automatic fallback to
610 * privilege dropping within the daemon if the kernel does not offer that. */
611
612 if (*f == '-' && !(flags & EXEC_COMMAND_IGNORE_FAILURE)) {
613 flags |= EXEC_COMMAND_IGNORE_FAILURE;
614 ignore = true;
615 } else if (*f == '@' && !separate_argv0)
616 separate_argv0 = true;
617 else if (*f == '+' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC)))
618 flags |= EXEC_COMMAND_FULLY_PRIVILEGED;
619 else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC)))
620 flags |= EXEC_COMMAND_NO_SETUID;
621 else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_AMBIENT_MAGIC))) {
622 flags &= ~EXEC_COMMAND_NO_SETUID;
623 flags |= EXEC_COMMAND_AMBIENT_MAGIC;
624 } else
625 break;
626 f++;
627 }
628
629 r = unit_full_printf(u, f, &path);
630 if (r < 0) {
631 log_syntax(unit, LOG_ERR, filename, line, r,
632 "Failed to resolve unit specifiers on %s%s: %m",
633 f, ignore ? ", ignoring" : "");
634 return ignore ? 0 : -ENOEXEC;
635 }
636
637 if (isempty(path)) {
638 /* First word is either "-" or "@" with no command. */
639 log_syntax(unit, LOG_ERR, filename, line, 0,
640 "Empty path in command line%s: \"%s\"",
641 ignore ? ", ignoring" : "", rvalue);
642 return ignore ? 0 : -ENOEXEC;
643 }
644 if (!string_is_safe(path)) {
645 log_syntax(unit, LOG_ERR, filename, line, 0,
646 "Executable name contains special characters%s: %s",
647 ignore ? ", ignoring" : "", path);
648 return ignore ? 0 : -ENOEXEC;
649 }
650 if (endswith(path, "/")) {
651 log_syntax(unit, LOG_ERR, filename, line, 0,
652 "Executable path specifies a directory%s: %s",
653 ignore ? ", ignoring" : "", path);
654 return ignore ? 0 : -ENOEXEC;
655 }
656
657 if (!path_is_absolute(path)) {
658 const char *prefix;
659 bool found = false;
660
661 if (!filename_is_valid(path)) {
662 log_syntax(unit, LOG_ERR, filename, line, 0,
663 "Neither a valid executable name nor an absolute path%s: %s",
664 ignore ? ", ignoring" : "", path);
665 return ignore ? 0 : -ENOEXEC;
666 }
667
668 /* Resolve a single-component name to a full path */
669 NULSTR_FOREACH(prefix, DEFAULT_PATH_NULSTR) {
670 _cleanup_free_ char *fullpath = NULL;
671
672 fullpath = strjoin(prefix, "/", path);
673 if (!fullpath)
674 return log_oom();
675
676 if (access(fullpath, F_OK) >= 0) {
677 free_and_replace(path, fullpath);
678 found = true;
679 break;
680 }
681 }
682
683 if (!found) {
684 log_syntax(unit, LOG_ERR, filename, line, 0,
685 "Executable \"%s\" not found in path \"%s\"%s",
686 path, DEFAULT_PATH, ignore ? ", ignoring" : "");
687 return ignore ? 0 : -ENOEXEC;
688 }
689 }
690
691 if (!separate_argv0) {
692 char *w = NULL;
693
694 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
695 return log_oom();
696
697 w = strdup(path);
698 if (!w)
699 return log_oom();
700 n[nlen++] = w;
701 n[nlen] = NULL;
702 }
703
704 path_kill_slashes(path);
705
706 while (!isempty(p)) {
707 _cleanup_free_ char *word = NULL, *resolved = NULL;
708
709 /* Check explicitly for an unquoted semicolon as
710 * command separator token. */
711 if (p[0] == ';' && (!p[1] || strchr(WHITESPACE, p[1]))) {
712 p++;
713 p += strspn(p, WHITESPACE);
714 semicolon = true;
715 break;
716 }
717
718 /* Check for \; explicitly, to not confuse it with \\; or "\;" or "\\;" etc.
719 * extract_first_word() would return the same for all of those. */
720 if (p[0] == '\\' && p[1] == ';' && (!p[2] || strchr(WHITESPACE, p[2]))) {
721 char *w;
722
723 p += 2;
724 p += strspn(p, WHITESPACE);
725
726 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
727 return log_oom();
728
729 w = strdup(";");
730 if (!w)
731 return log_oom();
732 n[nlen++] = w;
733 n[nlen] = NULL;
734 continue;
735 }
736
737 r = extract_first_word_and_warn(&p, &word, NULL, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
738 if (r == 0)
739 break;
740 if (r < 0)
741 return ignore ? 0 : -ENOEXEC;
742
743 r = unit_full_printf(u, word, &resolved);
744 if (r < 0) {
745 log_syntax(unit, LOG_ERR, filename, line, r,
746 "Failed to resolve unit specifiers on %s%s: %m",
747 word, ignore ? ", ignoring" : "");
748 return ignore ? 0 : -ENOEXEC;
749 }
750
751 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
752 return log_oom();
753
754 n[nlen++] = TAKE_PTR(resolved);
755 n[nlen] = NULL;
756 }
757
758 if (!n || !n[0]) {
759 log_syntax(unit, LOG_ERR, filename, line, 0,
760 "Empty executable name or zeroeth argument%s: %s",
761 ignore ? ", ignoring" : "", rvalue);
762 return ignore ? 0 : -ENOEXEC;
763 }
764
765 nce = new0(ExecCommand, 1);
766 if (!nce)
767 return log_oom();
768
769 nce->argv = TAKE_PTR(n);
770 nce->path = TAKE_PTR(path);
771 nce->flags = flags;
772
773 exec_command_append_list(e, nce);
774
775 /* Do not _cleanup_free_ these. */
776 nce = NULL;
777
778 rvalue = p;
779 } while (semicolon);
780
781 return 0;
782 }
783
784 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_type, service_type, ServiceType, "Failed to parse service type");
785 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_restart, service_restart, ServiceRestart, "Failed to parse service restart specifier");
786
787 int config_parse_socket_bindtodevice(
788 const char* unit,
789 const char *filename,
790 unsigned line,
791 const char *section,
792 unsigned section_line,
793 const char *lvalue,
794 int ltype,
795 const char *rvalue,
796 void *data,
797 void *userdata) {
798
799 Socket *s = data;
800 char *n;
801
802 assert(filename);
803 assert(lvalue);
804 assert(rvalue);
805 assert(data);
806
807 if (rvalue[0] && !streq(rvalue, "*")) {
808 if (!ifname_valid(rvalue)) {
809 log_syntax(unit, LOG_ERR, filename, line, 0, "Interface name is invalid, ignoring: %s", rvalue);
810 return 0;
811 }
812
813 n = strdup(rvalue);
814 if (!n)
815 return log_oom();
816 } else
817 n = NULL;
818
819 free_and_replace(s->bind_to_device, n);
820
821 return 0;
822 }
823
824 int config_parse_exec_input(
825 const char *unit,
826 const char *filename,
827 unsigned line,
828 const char *section,
829 unsigned section_line,
830 const char *lvalue,
831 int ltype,
832 const char *rvalue,
833 void *data,
834 void *userdata) {
835
836 ExecContext *c = data;
837 Unit *u = userdata;
838 const char *n;
839 ExecInput ei;
840 int r;
841
842 assert(data);
843 assert(filename);
844 assert(line);
845 assert(rvalue);
846
847 n = startswith(rvalue, "fd:");
848 if (n) {
849 _cleanup_free_ char *resolved = NULL;
850
851 r = unit_full_printf(u, n, &resolved);
852 if (r < 0)
853 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s: %m", n);
854
855 if (isempty(resolved))
856 resolved = mfree(resolved);
857 else if (!fdname_is_valid(resolved)) {
858 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name: %s", resolved);
859 return -EINVAL;
860 }
861
862 free_and_replace(c->stdio_fdname[STDIN_FILENO], resolved);
863
864 ei = EXEC_INPUT_NAMED_FD;
865
866 } else if ((n = startswith(rvalue, "file:"))) {
867 _cleanup_free_ char *resolved = NULL;
868
869 r = unit_full_printf(u, n, &resolved);
870 if (r < 0)
871 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s: %m", n);
872
873 if (!path_is_absolute(resolved)) {
874 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires an absolute path name: %s", resolved);
875 return -EINVAL;
876 }
877
878 if (!path_is_normalized(resolved)) {
879 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires a normalized path name: %s", resolved);
880 return -EINVAL;
881 }
882
883 free_and_replace(c->stdio_file[STDIN_FILENO], resolved);
884
885 ei = EXEC_INPUT_FILE;
886
887 } else {
888 ei = exec_input_from_string(rvalue);
889 if (ei < 0) {
890 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse input specifier, ignoring: %s", rvalue);
891 return 0;
892 }
893 }
894
895 c->std_input = ei;
896 return 0;
897 }
898
899 int config_parse_exec_input_text(
900 const char *unit,
901 const char *filename,
902 unsigned line,
903 const char *section,
904 unsigned section_line,
905 const char *lvalue,
906 int ltype,
907 const char *rvalue,
908 void *data,
909 void *userdata) {
910
911 _cleanup_free_ char *unescaped = NULL, *resolved = NULL;
912 ExecContext *c = data;
913 Unit *u = userdata;
914 size_t sz;
915 void *p;
916 int r;
917
918 assert(data);
919 assert(filename);
920 assert(line);
921 assert(rvalue);
922
923 if (isempty(rvalue)) {
924 /* Reset if the empty string is assigned */
925 c->stdin_data = mfree(c->stdin_data);
926 c->stdin_data_size = 0;
927 return 0;
928 }
929
930 r = cunescape(rvalue, 0, &unescaped);
931 if (r < 0)
932 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode C escaped text: %s", rvalue);
933
934 r = unit_full_printf(u, unescaped, &resolved);
935 if (r < 0)
936 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers: %s", unescaped);
937
938 sz = strlen(resolved);
939 if (c->stdin_data_size + sz + 1 < c->stdin_data_size || /* check for overflow */
940 c->stdin_data_size + sz + 1 > EXEC_STDIN_DATA_MAX) {
941 log_syntax(unit, LOG_ERR, filename, line, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX);
942 return -E2BIG;
943 }
944
945 p = realloc(c->stdin_data, c->stdin_data_size + sz + 1);
946 if (!p)
947 return log_oom();
948
949 *((char*) mempcpy((char*) p + c->stdin_data_size, resolved, sz)) = '\n';
950
951 c->stdin_data = p;
952 c->stdin_data_size += sz + 1;
953
954 return 0;
955 }
956
957 int config_parse_exec_input_data(
958 const char *unit,
959 const char *filename,
960 unsigned line,
961 const char *section,
962 unsigned section_line,
963 const char *lvalue,
964 int ltype,
965 const char *rvalue,
966 void *data,
967 void *userdata) {
968
969 _cleanup_free_ void *p = NULL;
970 ExecContext *c = data;
971 size_t sz;
972 void *q;
973 int r;
974
975 assert(data);
976 assert(filename);
977 assert(line);
978 assert(rvalue);
979
980 if (isempty(rvalue)) {
981 /* Reset if the empty string is assigned */
982 c->stdin_data = mfree(c->stdin_data);
983 c->stdin_data_size = 0;
984 return 0;
985 }
986
987 r = unbase64mem(rvalue, (size_t) -1, &p, &sz);
988 if (r < 0)
989 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode base64 data, ignoring: %s", rvalue);
990
991 assert(sz > 0);
992
993 if (c->stdin_data_size + sz < c->stdin_data_size || /* check for overflow */
994 c->stdin_data_size + sz > EXEC_STDIN_DATA_MAX) {
995 log_syntax(unit, LOG_ERR, filename, line, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX);
996 return -E2BIG;
997 }
998
999 q = realloc(c->stdin_data, c->stdin_data_size + sz);
1000 if (!q)
1001 return log_oom();
1002
1003 memcpy((uint8_t*) q + c->stdin_data_size, p, sz);
1004
1005 c->stdin_data = q;
1006 c->stdin_data_size += sz;
1007
1008 return 0;
1009 }
1010
1011 int config_parse_exec_output(
1012 const char *unit,
1013 const char *filename,
1014 unsigned line,
1015 const char *section,
1016 unsigned section_line,
1017 const char *lvalue,
1018 int ltype,
1019 const char *rvalue,
1020 void *data,
1021 void *userdata) {
1022
1023 _cleanup_free_ char *resolved = NULL;
1024 const char *n;
1025 ExecContext *c = data;
1026 Unit *u = userdata;
1027 ExecOutput eo;
1028 int r;
1029
1030 assert(data);
1031 assert(filename);
1032 assert(line);
1033 assert(lvalue);
1034 assert(rvalue);
1035
1036 n = startswith(rvalue, "fd:");
1037 if (n) {
1038 r = unit_full_printf(u, n, &resolved);
1039 if (r < 0)
1040 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s: %m", n);
1041
1042 if (isempty(resolved))
1043 resolved = mfree(resolved);
1044 else if (!fdname_is_valid(resolved)) {
1045 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name: %s", resolved);
1046 return -EINVAL;
1047 }
1048
1049 eo = EXEC_OUTPUT_NAMED_FD;
1050
1051 } else if ((n = startswith(rvalue, "file:"))) {
1052
1053 r = unit_full_printf(u, n, &resolved);
1054 if (r < 0)
1055 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s: %m", n);
1056
1057 if (!path_is_absolute(resolved)) {
1058 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires an absolute path name: %s", resolved);
1059 return -EINVAL;
1060 }
1061
1062 if (!path_is_normalized(resolved)) {
1063 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires a normalized path name, ignoring: %s", resolved);
1064 return -EINVAL;
1065 }
1066
1067 eo = EXEC_OUTPUT_FILE;
1068
1069 } else {
1070 eo = exec_output_from_string(rvalue);
1071 if (eo < 0) {
1072 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse output specifier, ignoring: %s", rvalue);
1073 return 0;
1074 }
1075 }
1076
1077 if (streq(lvalue, "StandardOutput")) {
1078 if (eo == EXEC_OUTPUT_NAMED_FD)
1079 free_and_replace(c->stdio_fdname[STDOUT_FILENO], resolved);
1080 else
1081 free_and_replace(c->stdio_file[STDOUT_FILENO], resolved);
1082
1083 c->std_output = eo;
1084
1085 } else {
1086 assert(streq(lvalue, "StandardError"));
1087
1088 if (eo == EXEC_OUTPUT_NAMED_FD)
1089 free_and_replace(c->stdio_fdname[STDERR_FILENO], resolved);
1090 else
1091 free_and_replace(c->stdio_file[STDERR_FILENO], resolved);
1092
1093 c->std_error = eo;
1094 }
1095
1096 return 0;
1097 }
1098
1099 int config_parse_exec_io_class(const char *unit,
1100 const char *filename,
1101 unsigned line,
1102 const char *section,
1103 unsigned section_line,
1104 const char *lvalue,
1105 int ltype,
1106 const char *rvalue,
1107 void *data,
1108 void *userdata) {
1109
1110 ExecContext *c = data;
1111 int x;
1112
1113 assert(filename);
1114 assert(lvalue);
1115 assert(rvalue);
1116 assert(data);
1117
1118 x = ioprio_class_from_string(rvalue);
1119 if (x < 0) {
1120 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IO scheduling class, ignoring: %s", rvalue);
1121 return 0;
1122 }
1123
1124 c->ioprio = IOPRIO_PRIO_VALUE(x, IOPRIO_PRIO_DATA(c->ioprio));
1125 c->ioprio_set = true;
1126
1127 return 0;
1128 }
1129
1130 int config_parse_exec_io_priority(const char *unit,
1131 const char *filename,
1132 unsigned line,
1133 const char *section,
1134 unsigned section_line,
1135 const char *lvalue,
1136 int ltype,
1137 const char *rvalue,
1138 void *data,
1139 void *userdata) {
1140
1141 ExecContext *c = data;
1142 int i, r;
1143
1144 assert(filename);
1145 assert(lvalue);
1146 assert(rvalue);
1147 assert(data);
1148
1149 r = ioprio_parse_priority(rvalue, &i);
1150 if (r < 0) {
1151 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse IO priority, ignoring: %s", rvalue);
1152 return 0;
1153 }
1154
1155 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_PRIO_CLASS(c->ioprio), i);
1156 c->ioprio_set = true;
1157
1158 return 0;
1159 }
1160
1161 int config_parse_exec_cpu_sched_policy(const char *unit,
1162 const char *filename,
1163 unsigned line,
1164 const char *section,
1165 unsigned section_line,
1166 const char *lvalue,
1167 int ltype,
1168 const char *rvalue,
1169 void *data,
1170 void *userdata) {
1171
1172 ExecContext *c = data;
1173 int x;
1174
1175 assert(filename);
1176 assert(lvalue);
1177 assert(rvalue);
1178 assert(data);
1179
1180 x = sched_policy_from_string(rvalue);
1181 if (x < 0) {
1182 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse CPU scheduling policy, ignoring: %s", rvalue);
1183 return 0;
1184 }
1185
1186 c->cpu_sched_policy = x;
1187 /* Moving to or from real-time policy? We need to adjust the priority */
1188 c->cpu_sched_priority = CLAMP(c->cpu_sched_priority, sched_get_priority_min(x), sched_get_priority_max(x));
1189 c->cpu_sched_set = true;
1190
1191 return 0;
1192 }
1193
1194 int config_parse_exec_cpu_sched_prio(const char *unit,
1195 const char *filename,
1196 unsigned line,
1197 const char *section,
1198 unsigned section_line,
1199 const char *lvalue,
1200 int ltype,
1201 const char *rvalue,
1202 void *data,
1203 void *userdata) {
1204
1205 ExecContext *c = data;
1206 int i, min, max, r;
1207
1208 assert(filename);
1209 assert(lvalue);
1210 assert(rvalue);
1211 assert(data);
1212
1213 r = safe_atoi(rvalue, &i);
1214 if (r < 0) {
1215 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CPU scheduling policy, ignoring: %s", rvalue);
1216 return 0;
1217 }
1218
1219 /* On Linux RR/FIFO range from 1 to 99 and OTHER/BATCH may only be 0 */
1220 min = sched_get_priority_min(c->cpu_sched_policy);
1221 max = sched_get_priority_max(c->cpu_sched_policy);
1222
1223 if (i < min || i > max) {
1224 log_syntax(unit, LOG_ERR, filename, line, 0, "CPU scheduling priority is out of range, ignoring: %s", rvalue);
1225 return 0;
1226 }
1227
1228 c->cpu_sched_priority = i;
1229 c->cpu_sched_set = true;
1230
1231 return 0;
1232 }
1233
1234 int config_parse_exec_cpu_affinity(const char *unit,
1235 const char *filename,
1236 unsigned line,
1237 const char *section,
1238 unsigned section_line,
1239 const char *lvalue,
1240 int ltype,
1241 const char *rvalue,
1242 void *data,
1243 void *userdata) {
1244
1245 ExecContext *c = data;
1246 _cleanup_cpu_free_ cpu_set_t *cpuset = NULL;
1247 int ncpus;
1248
1249 assert(filename);
1250 assert(lvalue);
1251 assert(rvalue);
1252 assert(data);
1253
1254 ncpus = parse_cpu_set_and_warn(rvalue, &cpuset, unit, filename, line, lvalue);
1255 if (ncpus < 0)
1256 return ncpus;
1257
1258 if (ncpus == 0) {
1259 /* An empty assignment resets the CPU list */
1260 c->cpuset = cpu_set_mfree(c->cpuset);
1261 c->cpuset_ncpus = 0;
1262 return 0;
1263 }
1264
1265 if (!c->cpuset) {
1266 c->cpuset = TAKE_PTR(cpuset);
1267 c->cpuset_ncpus = (unsigned) ncpus;
1268 return 0;
1269 }
1270
1271 if (c->cpuset_ncpus < (unsigned) ncpus) {
1272 CPU_OR_S(CPU_ALLOC_SIZE(c->cpuset_ncpus), cpuset, c->cpuset, cpuset);
1273 CPU_FREE(c->cpuset);
1274 c->cpuset = TAKE_PTR(cpuset);
1275 c->cpuset_ncpus = (unsigned) ncpus;
1276 return 0;
1277 }
1278
1279 CPU_OR_S(CPU_ALLOC_SIZE((unsigned) ncpus), c->cpuset, c->cpuset, cpuset);
1280
1281 return 0;
1282 }
1283
1284 int config_parse_exec_secure_bits(const char *unit,
1285 const char *filename,
1286 unsigned line,
1287 const char *section,
1288 unsigned section_line,
1289 const char *lvalue,
1290 int ltype,
1291 const char *rvalue,
1292 void *data,
1293 void *userdata) {
1294
1295 ExecContext *c = data;
1296 int r;
1297
1298 assert(filename);
1299 assert(lvalue);
1300 assert(rvalue);
1301 assert(data);
1302
1303 if (isempty(rvalue)) {
1304 /* An empty assignment resets the field */
1305 c->secure_bits = 0;
1306 return 0;
1307 }
1308
1309 r = secure_bits_from_string(rvalue);
1310 if (r == -ENOMEM)
1311 return log_oom();
1312 if (r < 0) {
1313 log_syntax(unit, LOG_WARNING, filename, line, r,
1314 "Invalid syntax, ignoring: %s", rvalue);
1315 return 0;
1316 }
1317
1318 c->secure_bits = r;
1319
1320 return 0;
1321 }
1322
1323 int config_parse_capability_set(
1324 const char *unit,
1325 const char *filename,
1326 unsigned line,
1327 const char *section,
1328 unsigned section_line,
1329 const char *lvalue,
1330 int ltype,
1331 const char *rvalue,
1332 void *data,
1333 void *userdata) {
1334
1335 uint64_t *capability_set = data;
1336 uint64_t sum = 0, initial = 0;
1337 bool invert = false;
1338 int r;
1339
1340 assert(filename);
1341 assert(lvalue);
1342 assert(rvalue);
1343 assert(data);
1344
1345 if (rvalue[0] == '~') {
1346 invert = true;
1347 rvalue++;
1348 }
1349
1350 if (streq(lvalue, "CapabilityBoundingSet"))
1351 initial = CAP_ALL; /* initialized to all bits on */
1352 /* else "AmbientCapabilities" initialized to all bits off */
1353
1354 r = capability_set_from_string(rvalue, &sum);
1355 if (r == -ENOMEM)
1356 return log_oom();
1357 if (r < 0) {
1358 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse word: %s", rvalue);
1359 return 0;
1360 }
1361
1362 if (sum == 0 || *capability_set == initial)
1363 /* "", "~" or uninitialized data -> replace */
1364 *capability_set = invert ? ~sum : sum;
1365 else {
1366 /* previous data -> merge */
1367 if (invert)
1368 *capability_set &= ~sum;
1369 else
1370 *capability_set |= sum;
1371 }
1372
1373 return 0;
1374 }
1375
1376 #if HAVE_SYSV_COMPAT
1377 int config_parse_sysv_priority(const char *unit,
1378 const char *filename,
1379 unsigned line,
1380 const char *section,
1381 unsigned section_line,
1382 const char *lvalue,
1383 int ltype,
1384 const char *rvalue,
1385 void *data,
1386 void *userdata) {
1387
1388 int *priority = data;
1389 int i, r;
1390
1391 assert(filename);
1392 assert(lvalue);
1393 assert(rvalue);
1394 assert(data);
1395
1396 r = safe_atoi(rvalue, &i);
1397 if (r < 0 || i < 0) {
1398 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse SysV start priority, ignoring: %s", rvalue);
1399 return 0;
1400 }
1401
1402 *priority = (int) i;
1403 return 0;
1404 }
1405 #endif
1406
1407 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_utmp_mode, exec_utmp_mode, ExecUtmpMode, "Failed to parse utmp mode");
1408 DEFINE_CONFIG_PARSE_ENUM(config_parse_kill_mode, kill_mode, KillMode, "Failed to parse kill mode");
1409
1410 int config_parse_exec_mount_flags(
1411 const char *unit,
1412 const char *filename,
1413 unsigned line,
1414 const char *section,
1415 unsigned section_line,
1416 const char *lvalue,
1417 int ltype,
1418 const char *rvalue,
1419 void *data,
1420 void *userdata) {
1421
1422 ExecContext *c = data;
1423 int r;
1424
1425 assert(filename);
1426 assert(lvalue);
1427 assert(rvalue);
1428 assert(data);
1429
1430 r = mount_propagation_flags_from_string(rvalue, &c->mount_flags);
1431 if (r < 0)
1432 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse mount flag %s, ignoring.", rvalue);
1433
1434 return 0;
1435 }
1436
1437 int config_parse_exec_selinux_context(
1438 const char *unit,
1439 const char *filename,
1440 unsigned line,
1441 const char *section,
1442 unsigned section_line,
1443 const char *lvalue,
1444 int ltype,
1445 const char *rvalue,
1446 void *data,
1447 void *userdata) {
1448
1449 ExecContext *c = data;
1450 Unit *u = userdata;
1451 bool ignore;
1452 char *k;
1453 int r;
1454
1455 assert(filename);
1456 assert(lvalue);
1457 assert(rvalue);
1458 assert(data);
1459
1460 if (isempty(rvalue)) {
1461 c->selinux_context = mfree(c->selinux_context);
1462 c->selinux_context_ignore = false;
1463 return 0;
1464 }
1465
1466 if (rvalue[0] == '-') {
1467 ignore = true;
1468 rvalue++;
1469 } else
1470 ignore = false;
1471
1472 r = unit_full_printf(u, rvalue, &k);
1473 if (r < 0) {
1474 log_syntax(unit, LOG_ERR, filename, line, r,
1475 "Failed to resolve specifiers%s: %m",
1476 ignore ? ", ignoring" : "");
1477 return ignore ? 0 : -ENOEXEC;
1478 }
1479
1480 free(c->selinux_context);
1481 c->selinux_context = k;
1482 c->selinux_context_ignore = ignore;
1483
1484 return 0;
1485 }
1486
1487 int config_parse_exec_apparmor_profile(
1488 const char *unit,
1489 const char *filename,
1490 unsigned line,
1491 const char *section,
1492 unsigned section_line,
1493 const char *lvalue,
1494 int ltype,
1495 const char *rvalue,
1496 void *data,
1497 void *userdata) {
1498
1499 ExecContext *c = data;
1500 Unit *u = userdata;
1501 bool ignore;
1502 char *k;
1503 int r;
1504
1505 assert(filename);
1506 assert(lvalue);
1507 assert(rvalue);
1508 assert(data);
1509
1510 if (isempty(rvalue)) {
1511 c->apparmor_profile = mfree(c->apparmor_profile);
1512 c->apparmor_profile_ignore = false;
1513 return 0;
1514 }
1515
1516 if (rvalue[0] == '-') {
1517 ignore = true;
1518 rvalue++;
1519 } else
1520 ignore = false;
1521
1522 r = unit_full_printf(u, rvalue, &k);
1523 if (r < 0) {
1524 log_syntax(unit, LOG_ERR, filename, line, r,
1525 "Failed to resolve specifiers%s: %m",
1526 ignore ? ", ignoring" : "");
1527 return ignore ? 0 : -ENOEXEC;
1528 }
1529
1530 free(c->apparmor_profile);
1531 c->apparmor_profile = k;
1532 c->apparmor_profile_ignore = ignore;
1533
1534 return 0;
1535 }
1536
1537 int config_parse_exec_smack_process_label(
1538 const char *unit,
1539 const char *filename,
1540 unsigned line,
1541 const char *section,
1542 unsigned section_line,
1543 const char *lvalue,
1544 int ltype,
1545 const char *rvalue,
1546 void *data,
1547 void *userdata) {
1548
1549 ExecContext *c = data;
1550 Unit *u = userdata;
1551 bool ignore;
1552 char *k;
1553 int r;
1554
1555 assert(filename);
1556 assert(lvalue);
1557 assert(rvalue);
1558 assert(data);
1559
1560 if (isempty(rvalue)) {
1561 c->smack_process_label = mfree(c->smack_process_label);
1562 c->smack_process_label_ignore = false;
1563 return 0;
1564 }
1565
1566 if (rvalue[0] == '-') {
1567 ignore = true;
1568 rvalue++;
1569 } else
1570 ignore = false;
1571
1572 r = unit_full_printf(u, rvalue, &k);
1573 if (r < 0) {
1574 log_syntax(unit, LOG_ERR, filename, line, r,
1575 "Failed to resolve specifiers%s: %m",
1576 ignore ? ", ignoring" : "");
1577 return ignore ? 0 : -ENOEXEC;
1578 }
1579
1580 free(c->smack_process_label);
1581 c->smack_process_label = k;
1582 c->smack_process_label_ignore = ignore;
1583
1584 return 0;
1585 }
1586
1587 int config_parse_timer(const char *unit,
1588 const char *filename,
1589 unsigned line,
1590 const char *section,
1591 unsigned section_line,
1592 const char *lvalue,
1593 int ltype,
1594 const char *rvalue,
1595 void *data,
1596 void *userdata) {
1597
1598 Timer *t = data;
1599 usec_t usec = 0;
1600 TimerValue *v;
1601 TimerBase b;
1602 _cleanup_(calendar_spec_freep) CalendarSpec *c = NULL;
1603 Unit *u = userdata;
1604 _cleanup_free_ char *k = NULL;
1605 int r;
1606
1607 assert(filename);
1608 assert(lvalue);
1609 assert(rvalue);
1610 assert(data);
1611
1612 if (isempty(rvalue)) {
1613 /* Empty assignment resets list */
1614 timer_free_values(t);
1615 return 0;
1616 }
1617
1618 b = timer_base_from_string(lvalue);
1619 if (b < 0) {
1620 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse timer base, ignoring: %s", lvalue);
1621 return 0;
1622 }
1623
1624 r = unit_full_printf(u, rvalue, &k);
1625 if (r < 0) {
1626 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1627 return 0;
1628 }
1629
1630 if (b == TIMER_CALENDAR) {
1631 if (calendar_spec_from_string(k, &c) < 0) {
1632 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse calendar specification, ignoring: %s", k);
1633 return 0;
1634 }
1635 } else {
1636 if (parse_sec(k, &usec) < 0) {
1637 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse timer value, ignoring: %s", k);
1638 return 0;
1639 }
1640 }
1641
1642 v = new0(TimerValue, 1);
1643 if (!v)
1644 return log_oom();
1645
1646 v->base = b;
1647 v->value = usec;
1648 v->calendar_spec = TAKE_PTR(c);
1649
1650 LIST_PREPEND(value, t->values, v);
1651
1652 return 0;
1653 }
1654
1655 int config_parse_trigger_unit(
1656 const char *unit,
1657 const char *filename,
1658 unsigned line,
1659 const char *section,
1660 unsigned section_line,
1661 const char *lvalue,
1662 int ltype,
1663 const char *rvalue,
1664 void *data,
1665 void *userdata) {
1666
1667 _cleanup_free_ char *p = NULL;
1668 Unit *u = data;
1669 UnitType type;
1670 int r;
1671
1672 assert(filename);
1673 assert(lvalue);
1674 assert(rvalue);
1675 assert(data);
1676
1677 if (!hashmap_isempty(u->dependencies[UNIT_TRIGGERS])) {
1678 log_syntax(unit, LOG_ERR, filename, line, 0, "Multiple units to trigger specified, ignoring: %s", rvalue);
1679 return 0;
1680 }
1681
1682 r = unit_name_printf(u, rvalue, &p);
1683 if (r < 0) {
1684 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %m");
1685 return 0;
1686 }
1687
1688 type = unit_name_to_type(p);
1689 if (type < 0) {
1690 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit type not valid, ignoring: %s", rvalue);
1691 return 0;
1692 }
1693 if (unit_has_name(u, p)) {
1694 log_syntax(unit, LOG_ERR, filename, line, 0, "Units cannot trigger themselves, ignoring: %s", rvalue);
1695 return 0;
1696 }
1697
1698 r = unit_add_two_dependencies_by_name(u, UNIT_BEFORE, UNIT_TRIGGERS, p, NULL, true, UNIT_DEPENDENCY_FILE);
1699 if (r < 0) {
1700 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add trigger on %s, ignoring: %m", p);
1701 return 0;
1702 }
1703
1704 return 0;
1705 }
1706
1707 int config_parse_path_spec(const char *unit,
1708 const char *filename,
1709 unsigned line,
1710 const char *section,
1711 unsigned section_line,
1712 const char *lvalue,
1713 int ltype,
1714 const char *rvalue,
1715 void *data,
1716 void *userdata) {
1717
1718 Path *p = data;
1719 PathSpec *s;
1720 PathType b;
1721 _cleanup_free_ char *k = NULL;
1722 int r;
1723
1724 assert(filename);
1725 assert(lvalue);
1726 assert(rvalue);
1727 assert(data);
1728
1729 if (isempty(rvalue)) {
1730 /* Empty assignment clears list */
1731 path_free_specs(p);
1732 return 0;
1733 }
1734
1735 b = path_type_from_string(lvalue);
1736 if (b < 0) {
1737 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse path type, ignoring: %s", lvalue);
1738 return 0;
1739 }
1740
1741 r = unit_full_printf(UNIT(p), rvalue, &k);
1742 if (r < 0) {
1743 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s. Ignoring.", rvalue);
1744 return 0;
1745 }
1746
1747 if (!path_is_absolute(k)) {
1748 log_syntax(unit, LOG_ERR, filename, line, 0, "Path is not absolute, ignoring: %s", k);
1749 return 0;
1750 }
1751
1752 s = new0(PathSpec, 1);
1753 if (!s)
1754 return log_oom();
1755
1756 s->unit = UNIT(p);
1757 s->path = path_kill_slashes(k);
1758 k = NULL;
1759 s->type = b;
1760 s->inotify_fd = -1;
1761
1762 LIST_PREPEND(spec, p->specs, s);
1763
1764 return 0;
1765 }
1766
1767 int config_parse_socket_service(
1768 const char *unit,
1769 const char *filename,
1770 unsigned line,
1771 const char *section,
1772 unsigned section_line,
1773 const char *lvalue,
1774 int ltype,
1775 const char *rvalue,
1776 void *data,
1777 void *userdata) {
1778
1779 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1780 _cleanup_free_ char *p = NULL;
1781 Socket *s = data;
1782 Unit *x;
1783 int r;
1784
1785 assert(filename);
1786 assert(lvalue);
1787 assert(rvalue);
1788 assert(data);
1789
1790 r = unit_name_printf(UNIT(s), rvalue, &p);
1791 if (r < 0) {
1792 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers: %s", rvalue);
1793 return -ENOEXEC;
1794 }
1795
1796 if (!endswith(p, ".service")) {
1797 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type service: %s", rvalue);
1798 return -ENOEXEC;
1799 }
1800
1801 r = manager_load_unit(UNIT(s)->manager, p, NULL, &error, &x);
1802 if (r < 0) {
1803 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load unit %s: %s", rvalue, bus_error_message(&error, r));
1804 return -ENOEXEC;
1805 }
1806
1807 unit_ref_set(&s->service, UNIT(s), x);
1808
1809 return 0;
1810 }
1811
1812 int config_parse_fdname(
1813 const char *unit,
1814 const char *filename,
1815 unsigned line,
1816 const char *section,
1817 unsigned section_line,
1818 const char *lvalue,
1819 int ltype,
1820 const char *rvalue,
1821 void *data,
1822 void *userdata) {
1823
1824 _cleanup_free_ char *p = NULL;
1825 Socket *s = data;
1826 int r;
1827
1828 assert(filename);
1829 assert(lvalue);
1830 assert(rvalue);
1831 assert(data);
1832
1833 if (isempty(rvalue)) {
1834 s->fdname = mfree(s->fdname);
1835 return 0;
1836 }
1837
1838 r = unit_full_printf(UNIT(s), rvalue, &p);
1839 if (r < 0) {
1840 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %s", rvalue);
1841 return 0;
1842 }
1843
1844 if (!fdname_is_valid(p)) {
1845 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name, ignoring: %s", p);
1846 return 0;
1847 }
1848
1849 return free_and_replace(s->fdname, p);
1850 }
1851
1852 int config_parse_service_sockets(
1853 const char *unit,
1854 const char *filename,
1855 unsigned line,
1856 const char *section,
1857 unsigned section_line,
1858 const char *lvalue,
1859 int ltype,
1860 const char *rvalue,
1861 void *data,
1862 void *userdata) {
1863
1864 Service *s = data;
1865 const char *p;
1866 int r;
1867
1868 assert(filename);
1869 assert(lvalue);
1870 assert(rvalue);
1871 assert(data);
1872
1873 p = rvalue;
1874 for (;;) {
1875 _cleanup_free_ char *word = NULL, *k = NULL;
1876
1877 r = extract_first_word(&p, &word, NULL, 0);
1878 if (r == 0)
1879 break;
1880 if (r == -ENOMEM)
1881 return log_oom();
1882 if (r < 0) {
1883 log_syntax(unit, LOG_ERR, filename, line, r, "Trailing garbage in sockets, ignoring: %s", rvalue);
1884 break;
1885 }
1886
1887 r = unit_name_printf(UNIT(s), word, &k);
1888 if (r < 0) {
1889 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %m");
1890 continue;
1891 }
1892
1893 if (!endswith(k, ".socket")) {
1894 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type socket, ignoring: %s", k);
1895 continue;
1896 }
1897
1898 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_WANTS, UNIT_AFTER, k, NULL, true, UNIT_DEPENDENCY_FILE);
1899 if (r < 0)
1900 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
1901
1902 r = unit_add_dependency_by_name(UNIT(s), UNIT_TRIGGERED_BY, k, NULL, true, UNIT_DEPENDENCY_FILE);
1903 if (r < 0)
1904 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
1905 }
1906
1907 return 0;
1908 }
1909
1910 int config_parse_bus_name(
1911 const char *unit,
1912 const char *filename,
1913 unsigned line,
1914 const char *section,
1915 unsigned section_line,
1916 const char *lvalue,
1917 int ltype,
1918 const char *rvalue,
1919 void *data,
1920 void *userdata) {
1921
1922 _cleanup_free_ char *k = NULL;
1923 Unit *u = userdata;
1924 int r;
1925
1926 assert(filename);
1927 assert(lvalue);
1928 assert(rvalue);
1929 assert(u);
1930
1931 r = unit_full_printf(u, rvalue, &k);
1932 if (r < 0) {
1933 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s, ignoring: %m", rvalue);
1934 return 0;
1935 }
1936
1937 if (!service_name_is_valid(k)) {
1938 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid bus name %s, ignoring.", k);
1939 return 0;
1940 }
1941
1942 return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
1943 }
1944
1945 int config_parse_service_timeout(
1946 const char *unit,
1947 const char *filename,
1948 unsigned line,
1949 const char *section,
1950 unsigned section_line,
1951 const char *lvalue,
1952 int ltype,
1953 const char *rvalue,
1954 void *data,
1955 void *userdata) {
1956
1957 Service *s = userdata;
1958 usec_t usec;
1959 int r;
1960
1961 assert(filename);
1962 assert(lvalue);
1963 assert(rvalue);
1964 assert(s);
1965
1966 /* This is called for three cases: TimeoutSec=, TimeoutStopSec= and TimeoutStartSec=. */
1967
1968 r = parse_sec(rvalue, &usec);
1969 if (r < 0) {
1970 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
1971 return 0;
1972 }
1973
1974 /* Traditionally, these options accepted 0 to disable the timeouts. However, a timeout of 0 suggests it happens
1975 * immediately, hence fix this to become USEC_INFINITY instead. This is in-line with how we internally handle
1976 * all other timeouts. */
1977 if (usec <= 0)
1978 usec = USEC_INFINITY;
1979
1980 if (!streq(lvalue, "TimeoutStopSec")) {
1981 s->start_timeout_defined = true;
1982 s->timeout_start_usec = usec;
1983 }
1984
1985 if (!streq(lvalue, "TimeoutStartSec"))
1986 s->timeout_stop_usec = usec;
1987
1988 return 0;
1989 }
1990
1991 int config_parse_sec_fix_0(
1992 const char *unit,
1993 const char *filename,
1994 unsigned line,
1995 const char *section,
1996 unsigned section_line,
1997 const char *lvalue,
1998 int ltype,
1999 const char *rvalue,
2000 void *data,
2001 void *userdata) {
2002
2003 usec_t *usec = data;
2004 int r;
2005
2006 assert(filename);
2007 assert(lvalue);
2008 assert(rvalue);
2009 assert(usec);
2010
2011 /* This is pretty much like config_parse_sec(), except that this treats a time of 0 as infinity, for
2012 * compatibility with older versions of systemd where 0 instead of infinity was used as indicator to turn off a
2013 * timeout. */
2014
2015 r = parse_sec_fix_0(rvalue, usec);
2016 if (r < 0) {
2017 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
2018 return 0;
2019 }
2020
2021 return 0;
2022 }
2023
2024 int config_parse_user_group(
2025 const char *unit,
2026 const char *filename,
2027 unsigned line,
2028 const char *section,
2029 unsigned section_line,
2030 const char *lvalue,
2031 int ltype,
2032 const char *rvalue,
2033 void *data,
2034 void *userdata) {
2035
2036 char **user = data, *n;
2037 Unit *u = userdata;
2038 int r;
2039
2040 assert(filename);
2041 assert(lvalue);
2042 assert(rvalue);
2043 assert(u);
2044
2045 if (isempty(rvalue))
2046 n = NULL;
2047 else {
2048 _cleanup_free_ char *k = NULL;
2049
2050 r = unit_full_printf(u, rvalue, &k);
2051 if (r < 0) {
2052 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", rvalue);
2053 return -ENOEXEC;
2054 }
2055
2056 if (!valid_user_group_name_or_id(k)) {
2057 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
2058 return -ENOEXEC;
2059 }
2060
2061 n = TAKE_PTR(k);
2062 }
2063
2064 free(*user);
2065 *user = n;
2066
2067 return 0;
2068 }
2069
2070 int config_parse_user_group_strv(
2071 const char *unit,
2072 const char *filename,
2073 unsigned line,
2074 const char *section,
2075 unsigned section_line,
2076 const char *lvalue,
2077 int ltype,
2078 const char *rvalue,
2079 void *data,
2080 void *userdata) {
2081
2082 char ***users = data;
2083 Unit *u = userdata;
2084 const char *p;
2085 int r;
2086
2087 assert(filename);
2088 assert(lvalue);
2089 assert(rvalue);
2090 assert(u);
2091
2092 if (isempty(rvalue)) {
2093 *users = strv_free(*users);
2094 return 0;
2095 }
2096
2097 p = rvalue;
2098 for (;;) {
2099 _cleanup_free_ char *word = NULL, *k = NULL;
2100
2101 r = extract_first_word(&p, &word, NULL, 0);
2102 if (r == 0)
2103 break;
2104 if (r == -ENOMEM)
2105 return log_oom();
2106 if (r < 0) {
2107 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax: %s", rvalue);
2108 return -ENOEXEC;
2109 }
2110
2111 r = unit_full_printf(u, word, &k);
2112 if (r < 0) {
2113 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", word);
2114 return -ENOEXEC;
2115 }
2116
2117 if (!valid_user_group_name_or_id(k)) {
2118 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
2119 return -ENOEXEC;
2120 }
2121
2122 r = strv_push(users, k);
2123 if (r < 0)
2124 return log_oom();
2125
2126 k = NULL;
2127 }
2128
2129 return 0;
2130 }
2131
2132 int config_parse_working_directory(
2133 const char *unit,
2134 const char *filename,
2135 unsigned line,
2136 const char *section,
2137 unsigned section_line,
2138 const char *lvalue,
2139 int ltype,
2140 const char *rvalue,
2141 void *data,
2142 void *userdata) {
2143
2144 ExecContext *c = data;
2145 Unit *u = userdata;
2146 bool missing_ok;
2147 int r;
2148
2149 assert(filename);
2150 assert(lvalue);
2151 assert(rvalue);
2152 assert(c);
2153 assert(u);
2154
2155 if (rvalue[0] == '-') {
2156 missing_ok = true;
2157 rvalue++;
2158 } else
2159 missing_ok = false;
2160
2161 if (streq(rvalue, "~")) {
2162 c->working_directory_home = true;
2163 c->working_directory = mfree(c->working_directory);
2164 } else {
2165 _cleanup_free_ char *k = NULL;
2166
2167 r = unit_full_printf(u, rvalue, &k);
2168 if (r < 0) {
2169 log_syntax(unit, LOG_ERR, filename, line, r,
2170 "Failed to resolve unit specifiers in working directory path '%s'%s: %m",
2171 rvalue, missing_ok ? ", ignoring" : "");
2172 return missing_ok ? 0 : -ENOEXEC;
2173 }
2174
2175 path_kill_slashes(k);
2176
2177 if (!utf8_is_valid(k)) {
2178 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
2179 return missing_ok ? 0 : -ENOEXEC;
2180 }
2181
2182 if (!path_is_absolute(k)) {
2183 log_syntax(unit, LOG_ERR, filename, line, 0,
2184 "Working directory path '%s' is not absolute%s.",
2185 rvalue, missing_ok ? ", ignoring" : "");
2186 return missing_ok ? 0 : -ENOEXEC;
2187 }
2188
2189 c->working_directory_home = false;
2190 free_and_replace(c->working_directory, k);
2191 }
2192
2193 c->working_directory_missing_ok = missing_ok;
2194 return 0;
2195 }
2196
2197 int config_parse_unit_env_file(const char *unit,
2198 const char *filename,
2199 unsigned line,
2200 const char *section,
2201 unsigned section_line,
2202 const char *lvalue,
2203 int ltype,
2204 const char *rvalue,
2205 void *data,
2206 void *userdata) {
2207
2208 char ***env = data;
2209 Unit *u = userdata;
2210 _cleanup_free_ char *n = NULL;
2211 int r;
2212
2213 assert(filename);
2214 assert(lvalue);
2215 assert(rvalue);
2216 assert(data);
2217
2218 if (isempty(rvalue)) {
2219 /* Empty assignment frees the list */
2220 *env = strv_free(*env);
2221 return 0;
2222 }
2223
2224 r = unit_full_printf(u, rvalue, &n);
2225 if (r < 0) {
2226 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %s", rvalue);
2227 return 0;
2228 }
2229
2230 if (!path_is_absolute(n[0] == '-' ? n + 1 : n)) {
2231 log_syntax(unit, LOG_ERR, filename, line, 0, "Path '%s' is not absolute, ignoring.", n);
2232 return 0;
2233 }
2234
2235 r = strv_extend(env, n);
2236 if (r < 0)
2237 return log_oom();
2238
2239 return 0;
2240 }
2241
2242 int config_parse_environ(
2243 const char *unit,
2244 const char *filename,
2245 unsigned line,
2246 const char *section,
2247 unsigned section_line,
2248 const char *lvalue,
2249 int ltype,
2250 const char *rvalue,
2251 void *data,
2252 void *userdata) {
2253
2254 Unit *u = userdata;
2255 char ***env = data;
2256 const char *p;
2257 int r;
2258
2259 assert(filename);
2260 assert(lvalue);
2261 assert(rvalue);
2262 assert(data);
2263
2264 if (isempty(rvalue)) {
2265 /* Empty assignment resets the list */
2266 *env = strv_free(*env);
2267 return 0;
2268 }
2269
2270 for (p = rvalue;; ) {
2271 _cleanup_free_ char *word = NULL, *k = NULL;
2272
2273 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2274 if (r == 0)
2275 return 0;
2276 if (r == -ENOMEM)
2277 return log_oom();
2278 if (r < 0) {
2279 log_syntax(unit, LOG_WARNING, filename, line, r,
2280 "Invalid syntax, ignoring: %s", rvalue);
2281 return 0;
2282 }
2283
2284 if (u) {
2285 r = unit_full_printf(u, word, &k);
2286 if (r < 0) {
2287 log_syntax(unit, LOG_ERR, filename, line, r,
2288 "Failed to resolve specifiers, ignoring: %s", word);
2289 continue;
2290 }
2291 } else
2292 k = TAKE_PTR(word);
2293
2294 if (!env_assignment_is_valid(k)) {
2295 log_syntax(unit, LOG_ERR, filename, line, 0,
2296 "Invalid environment assignment, ignoring: %s", k);
2297 continue;
2298 }
2299
2300 r = strv_env_replace(env, k);
2301 if (r < 0)
2302 return log_oom();
2303
2304 k = NULL;
2305 }
2306 }
2307
2308 int config_parse_pass_environ(
2309 const char *unit,
2310 const char *filename,
2311 unsigned line,
2312 const char *section,
2313 unsigned section_line,
2314 const char *lvalue,
2315 int ltype,
2316 const char *rvalue,
2317 void *data,
2318 void *userdata) {
2319
2320 const char *whole_rvalue = rvalue;
2321 _cleanup_strv_free_ char **n = NULL;
2322 size_t nlen = 0, nbufsize = 0;
2323 char*** passenv = data;
2324 Unit *u = userdata;
2325 int r;
2326
2327 assert(filename);
2328 assert(lvalue);
2329 assert(rvalue);
2330 assert(data);
2331
2332 if (isempty(rvalue)) {
2333 /* Empty assignment resets the list */
2334 *passenv = strv_free(*passenv);
2335 return 0;
2336 }
2337
2338 for (;;) {
2339 _cleanup_free_ char *word = NULL, *k = NULL;
2340
2341 r = extract_first_word(&rvalue, &word, NULL, EXTRACT_QUOTES);
2342 if (r == 0)
2343 break;
2344 if (r == -ENOMEM)
2345 return log_oom();
2346 if (r < 0) {
2347 log_syntax(unit, LOG_ERR, filename, line, r,
2348 "Trailing garbage in %s, ignoring: %s", lvalue, whole_rvalue);
2349 break;
2350 }
2351
2352 if (u) {
2353 r = unit_full_printf(u, word, &k);
2354 if (r < 0) {
2355 log_syntax(unit, LOG_ERR, filename, line, r,
2356 "Failed to resolve specifiers, ignoring: %s", word);
2357 continue;
2358 }
2359 } else
2360 k = TAKE_PTR(word);
2361
2362 if (!env_name_is_valid(k)) {
2363 log_syntax(unit, LOG_ERR, filename, line, 0,
2364 "Invalid environment name for %s, ignoring: %s", lvalue, k);
2365 continue;
2366 }
2367
2368 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
2369 return log_oom();
2370
2371 n[nlen++] = TAKE_PTR(k);
2372 n[nlen] = NULL;
2373 }
2374
2375 if (n) {
2376 r = strv_extend_strv(passenv, n, true);
2377 if (r < 0)
2378 return r;
2379 }
2380
2381 return 0;
2382 }
2383
2384 int config_parse_unset_environ(
2385 const char *unit,
2386 const char *filename,
2387 unsigned line,
2388 const char *section,
2389 unsigned section_line,
2390 const char *lvalue,
2391 int ltype,
2392 const char *rvalue,
2393 void *data,
2394 void *userdata) {
2395
2396 _cleanup_strv_free_ char **n = NULL;
2397 const char *whole_rvalue = rvalue;
2398 size_t nlen = 0, nbufsize = 0;
2399 char*** unsetenv = data;
2400 Unit *u = userdata;
2401 int r;
2402
2403 assert(filename);
2404 assert(lvalue);
2405 assert(rvalue);
2406 assert(data);
2407
2408 if (isempty(rvalue)) {
2409 /* Empty assignment resets the list */
2410 *unsetenv = strv_free(*unsetenv);
2411 return 0;
2412 }
2413
2414 for (;;) {
2415 _cleanup_free_ char *word = NULL, *k = NULL;
2416
2417 r = extract_first_word(&rvalue, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2418 if (r == 0)
2419 break;
2420 if (r == -ENOMEM)
2421 return log_oom();
2422 if (r < 0) {
2423 log_syntax(unit, LOG_ERR, filename, line, r,
2424 "Trailing garbage in %s, ignoring: %s", lvalue, whole_rvalue);
2425 break;
2426 }
2427
2428 if (u) {
2429 r = unit_full_printf(u, word, &k);
2430 if (r < 0) {
2431 log_syntax(unit, LOG_ERR, filename, line, r,
2432 "Failed to resolve specifiers, ignoring: %s", word);
2433 continue;
2434 }
2435 } else
2436 k = TAKE_PTR(word);
2437
2438 if (!env_assignment_is_valid(k) && !env_name_is_valid(k)) {
2439 log_syntax(unit, LOG_ERR, filename, line, 0,
2440 "Invalid environment name or assignment %s, ignoring: %s", lvalue, k);
2441 continue;
2442 }
2443
2444 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
2445 return log_oom();
2446
2447 n[nlen++] = TAKE_PTR(k);
2448 n[nlen] = NULL;
2449 }
2450
2451 if (n) {
2452 r = strv_extend_strv(unsetenv, n, true);
2453 if (r < 0)
2454 return r;
2455 }
2456
2457 return 0;
2458 }
2459
2460 int config_parse_log_extra_fields(
2461 const char *unit,
2462 const char *filename,
2463 unsigned line,
2464 const char *section,
2465 unsigned section_line,
2466 const char *lvalue,
2467 int ltype,
2468 const char *rvalue,
2469 void *data,
2470 void *userdata) {
2471
2472 ExecContext *c = data;
2473 Unit *u = userdata;
2474 const char *p;
2475 int r;
2476
2477 assert(filename);
2478 assert(lvalue);
2479 assert(rvalue);
2480 assert(c);
2481
2482 if (isempty(rvalue)) {
2483 exec_context_free_log_extra_fields(c);
2484 return 0;
2485 }
2486
2487 for (p = rvalue;; ) {
2488 _cleanup_free_ char *word = NULL, *k = NULL;
2489 struct iovec *t;
2490 const char *eq;
2491
2492 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2493 if (r == 0)
2494 break;
2495 if (r == -ENOMEM)
2496 return log_oom();
2497 if (r < 0) {
2498 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
2499 return 0;
2500 }
2501
2502 r = unit_full_printf(u, word, &k);
2503 if (r < 0) {
2504 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s, ignoring field: %m", word);
2505 continue;
2506 }
2507
2508 eq = strchr(k, '=');
2509 if (!eq) {
2510 log_syntax(unit, LOG_ERR, filename, line, 0, "Log field lacks '=' character, ignoring field: %s", k);
2511 continue;
2512 }
2513
2514 if (!journal_field_valid(k, eq-k, false)) {
2515 log_syntax(unit, LOG_ERR, filename, line, 0, "Log field name is invalid, ignoring field: %s", k);
2516 continue;
2517 }
2518
2519 t = reallocarray(c->log_extra_fields, c->n_log_extra_fields+1, sizeof(struct iovec));
2520 if (!t)
2521 return log_oom();
2522
2523 c->log_extra_fields = t;
2524 c->log_extra_fields[c->n_log_extra_fields++] = IOVEC_MAKE_STRING(k);
2525
2526 k = NULL;
2527 }
2528
2529 return 0;
2530 }
2531
2532 int config_parse_ip_tos(const char *unit,
2533 const char *filename,
2534 unsigned line,
2535 const char *section,
2536 unsigned section_line,
2537 const char *lvalue,
2538 int ltype,
2539 const char *rvalue,
2540 void *data,
2541 void *userdata) {
2542
2543 int *ip_tos = data, x;
2544
2545 assert(filename);
2546 assert(lvalue);
2547 assert(rvalue);
2548 assert(data);
2549
2550 x = ip_tos_from_string(rvalue);
2551 if (x < 0) {
2552 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IP TOS value, ignoring: %s", rvalue);
2553 return 0;
2554 }
2555
2556 *ip_tos = x;
2557 return 0;
2558 }
2559
2560 int config_parse_unit_condition_path(
2561 const char *unit,
2562 const char *filename,
2563 unsigned line,
2564 const char *section,
2565 unsigned section_line,
2566 const char *lvalue,
2567 int ltype,
2568 const char *rvalue,
2569 void *data,
2570 void *userdata) {
2571
2572 _cleanup_free_ char *p = NULL;
2573 Condition **list = data, *c;
2574 ConditionType t = ltype;
2575 bool trigger, negate;
2576 Unit *u = userdata;
2577 int r;
2578
2579 assert(filename);
2580 assert(lvalue);
2581 assert(rvalue);
2582 assert(data);
2583
2584 if (isempty(rvalue)) {
2585 /* Empty assignment resets the list */
2586 *list = condition_free_list(*list);
2587 return 0;
2588 }
2589
2590 trigger = rvalue[0] == '|';
2591 if (trigger)
2592 rvalue++;
2593
2594 negate = rvalue[0] == '!';
2595 if (negate)
2596 rvalue++;
2597
2598 r = unit_full_printf(u, rvalue, &p);
2599 if (r < 0) {
2600 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %s", rvalue);
2601 return 0;
2602 }
2603
2604 if (!path_is_absolute(p)) {
2605 log_syntax(unit, LOG_ERR, filename, line, 0, "Path in condition not absolute, ignoring: %s", p);
2606 return 0;
2607 }
2608
2609 c = condition_new(t, p, trigger, negate);
2610 if (!c)
2611 return log_oom();
2612
2613 LIST_PREPEND(conditions, *list, c);
2614 return 0;
2615 }
2616
2617 int config_parse_unit_condition_string(
2618 const char *unit,
2619 const char *filename,
2620 unsigned line,
2621 const char *section,
2622 unsigned section_line,
2623 const char *lvalue,
2624 int ltype,
2625 const char *rvalue,
2626 void *data,
2627 void *userdata) {
2628
2629 _cleanup_free_ char *s = NULL;
2630 Condition **list = data, *c;
2631 ConditionType t = ltype;
2632 bool trigger, negate;
2633 Unit *u = userdata;
2634 int r;
2635
2636 assert(filename);
2637 assert(lvalue);
2638 assert(rvalue);
2639 assert(data);
2640
2641 if (isempty(rvalue)) {
2642 /* Empty assignment resets the list */
2643 *list = condition_free_list(*list);
2644 return 0;
2645 }
2646
2647 trigger = rvalue[0] == '|';
2648 if (trigger)
2649 rvalue++;
2650
2651 negate = rvalue[0] == '!';
2652 if (negate)
2653 rvalue++;
2654
2655 r = unit_full_printf(u, rvalue, &s);
2656 if (r < 0) {
2657 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %s", rvalue);
2658 return 0;
2659 }
2660
2661 c = condition_new(t, s, trigger, negate);
2662 if (!c)
2663 return log_oom();
2664
2665 LIST_PREPEND(conditions, *list, c);
2666 return 0;
2667 }
2668
2669 int config_parse_unit_condition_null(
2670 const char *unit,
2671 const char *filename,
2672 unsigned line,
2673 const char *section,
2674 unsigned section_line,
2675 const char *lvalue,
2676 int ltype,
2677 const char *rvalue,
2678 void *data,
2679 void *userdata) {
2680
2681 Condition **list = data, *c;
2682 bool trigger, negate;
2683 int b;
2684
2685 assert(filename);
2686 assert(lvalue);
2687 assert(rvalue);
2688 assert(data);
2689
2690 if (isempty(rvalue)) {
2691 /* Empty assignment resets the list */
2692 *list = condition_free_list(*list);
2693 return 0;
2694 }
2695
2696 trigger = rvalue[0] == '|';
2697 if (trigger)
2698 rvalue++;
2699
2700 negate = rvalue[0] == '!';
2701 if (negate)
2702 rvalue++;
2703
2704 b = parse_boolean(rvalue);
2705 if (b < 0) {
2706 log_syntax(unit, LOG_ERR, filename, line, b, "Failed to parse boolean value in condition, ignoring: %s", rvalue);
2707 return 0;
2708 }
2709
2710 if (!b)
2711 negate = !negate;
2712
2713 c = condition_new(CONDITION_NULL, NULL, trigger, negate);
2714 if (!c)
2715 return log_oom();
2716
2717 LIST_PREPEND(conditions, *list, c);
2718 return 0;
2719 }
2720
2721 DEFINE_CONFIG_PARSE_ENUM(config_parse_notify_access, notify_access, NotifyAccess, "Failed to parse notify access specifier");
2722 DEFINE_CONFIG_PARSE_ENUM(config_parse_emergency_action, emergency_action, EmergencyAction, "Failed to parse failure action specifier");
2723
2724 int config_parse_unit_requires_mounts_for(
2725 const char *unit,
2726 const char *filename,
2727 unsigned line,
2728 const char *section,
2729 unsigned section_line,
2730 const char *lvalue,
2731 int ltype,
2732 const char *rvalue,
2733 void *data,
2734 void *userdata) {
2735
2736 Unit *u = userdata;
2737 const char *p;
2738 int r;
2739
2740 assert(filename);
2741 assert(lvalue);
2742 assert(rvalue);
2743 assert(data);
2744
2745 for (p = rvalue;; ) {
2746 _cleanup_free_ char *word = NULL, *resolved = NULL;
2747
2748 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2749 if (r == 0)
2750 return 0;
2751 if (r == -ENOMEM)
2752 return log_oom();
2753 if (r < 0) {
2754 log_syntax(unit, LOG_WARNING, filename, line, r,
2755 "Invalid syntax, ignoring: %s", rvalue);
2756 return 0;
2757 }
2758
2759 if (!utf8_is_valid(word)) {
2760 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
2761 continue;
2762 }
2763
2764 r = unit_full_printf(u, word, &resolved);
2765 if (r < 0) {
2766 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit name \"%s\", ignoring: %m", word);
2767 continue;
2768 }
2769
2770 r = unit_require_mounts_for(u, resolved, UNIT_DEPENDENCY_FILE);
2771 if (r < 0) {
2772 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add required mount \"%s\", ignoring: %m", resolved);
2773 continue;
2774 }
2775 }
2776 }
2777
2778 int config_parse_documentation(const char *unit,
2779 const char *filename,
2780 unsigned line,
2781 const char *section,
2782 unsigned section_line,
2783 const char *lvalue,
2784 int ltype,
2785 const char *rvalue,
2786 void *data,
2787 void *userdata) {
2788
2789 Unit *u = userdata;
2790 int r;
2791 char **a, **b;
2792
2793 assert(filename);
2794 assert(lvalue);
2795 assert(rvalue);
2796 assert(u);
2797
2798 if (isempty(rvalue)) {
2799 /* Empty assignment resets the list */
2800 u->documentation = strv_free(u->documentation);
2801 return 0;
2802 }
2803
2804 r = config_parse_unit_strv_printf(unit, filename, line, section, section_line, lvalue, ltype,
2805 rvalue, data, userdata);
2806 if (r < 0)
2807 return r;
2808
2809 for (a = b = u->documentation; a && *a; a++) {
2810
2811 if (documentation_url_is_valid(*a))
2812 *(b++) = *a;
2813 else {
2814 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid URL, ignoring: %s", *a);
2815 free(*a);
2816 }
2817 }
2818 if (b)
2819 *b = NULL;
2820
2821 return r;
2822 }
2823
2824 #if HAVE_SECCOMP
2825 int config_parse_syscall_filter(
2826 const char *unit,
2827 const char *filename,
2828 unsigned line,
2829 const char *section,
2830 unsigned section_line,
2831 const char *lvalue,
2832 int ltype,
2833 const char *rvalue,
2834 void *data,
2835 void *userdata) {
2836
2837 ExecContext *c = data;
2838 Unit *u = userdata;
2839 bool invert = false;
2840 const char *p;
2841 int r;
2842
2843 assert(filename);
2844 assert(lvalue);
2845 assert(rvalue);
2846 assert(u);
2847
2848 if (isempty(rvalue)) {
2849 /* Empty assignment resets the list */
2850 c->syscall_filter = hashmap_free(c->syscall_filter);
2851 c->syscall_whitelist = false;
2852 return 0;
2853 }
2854
2855 if (rvalue[0] == '~') {
2856 invert = true;
2857 rvalue++;
2858 }
2859
2860 if (!c->syscall_filter) {
2861 c->syscall_filter = hashmap_new(NULL);
2862 if (!c->syscall_filter)
2863 return log_oom();
2864
2865 if (invert)
2866 /* Allow everything but the ones listed */
2867 c->syscall_whitelist = false;
2868 else {
2869 /* Allow nothing but the ones listed */
2870 c->syscall_whitelist = true;
2871
2872 /* Accept default syscalls if we are on a whitelist */
2873 r = seccomp_parse_syscall_filter("@default", -1, c->syscall_filter, SECCOMP_PARSE_WHITELIST);
2874 if (r < 0)
2875 return r;
2876 }
2877 }
2878
2879 p = rvalue;
2880 for (;;) {
2881 _cleanup_free_ char *word = NULL, *name = NULL;
2882 int num;
2883
2884 r = extract_first_word(&p, &word, NULL, 0);
2885 if (r == 0)
2886 break;
2887 if (r == -ENOMEM)
2888 return log_oom();
2889 if (r < 0) {
2890 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
2891 break;
2892 }
2893
2894 r = parse_syscall_and_errno(word, &name, &num);
2895 if (r < 0) {
2896 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse syscall:errno, ignoring: %s", word);
2897 continue;
2898 }
2899
2900 r = seccomp_parse_syscall_filter_full(name, num, c->syscall_filter,
2901 SECCOMP_PARSE_LOG|SECCOMP_PARSE_PERMISSIVE|(invert ? SECCOMP_PARSE_INVERT : 0)|(c->syscall_whitelist ? SECCOMP_PARSE_WHITELIST : 0),
2902 unit, filename, line);
2903 if (r < 0)
2904 return r;
2905 }
2906
2907 return 0;
2908 }
2909
2910 int config_parse_syscall_archs(
2911 const char *unit,
2912 const char *filename,
2913 unsigned line,
2914 const char *section,
2915 unsigned section_line,
2916 const char *lvalue,
2917 int ltype,
2918 const char *rvalue,
2919 void *data,
2920 void *userdata) {
2921
2922 Set **archs = data;
2923 const char *p;
2924 int r;
2925
2926 if (isempty(rvalue)) {
2927 *archs = set_free(*archs);
2928 return 0;
2929 }
2930
2931 r = set_ensure_allocated(archs, NULL);
2932 if (r < 0)
2933 return log_oom();
2934
2935 for (p = rvalue;;) {
2936 _cleanup_free_ char *word = NULL;
2937 uint32_t a;
2938
2939 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2940 if (r == 0)
2941 return 0;
2942 if (r == -ENOMEM)
2943 return log_oom();
2944 if (r < 0) {
2945 log_syntax(unit, LOG_WARNING, filename, line, r,
2946 "Invalid syntax, ignoring: %s", rvalue);
2947 return 0;
2948 }
2949
2950 r = seccomp_arch_from_string(word, &a);
2951 if (r < 0) {
2952 log_syntax(unit, LOG_ERR, filename, line, r,
2953 "Failed to parse system call architecture \"%s\", ignoring: %m", word);
2954 continue;
2955 }
2956
2957 r = set_put(*archs, UINT32_TO_PTR(a + 1));
2958 if (r < 0)
2959 return log_oom();
2960 }
2961 }
2962
2963 int config_parse_syscall_errno(
2964 const char *unit,
2965 const char *filename,
2966 unsigned line,
2967 const char *section,
2968 unsigned section_line,
2969 const char *lvalue,
2970 int ltype,
2971 const char *rvalue,
2972 void *data,
2973 void *userdata) {
2974
2975 ExecContext *c = data;
2976 int e;
2977
2978 assert(filename);
2979 assert(lvalue);
2980 assert(rvalue);
2981
2982 if (isempty(rvalue)) {
2983 /* Empty assignment resets to KILL */
2984 c->syscall_errno = 0;
2985 return 0;
2986 }
2987
2988 e = parse_errno(rvalue);
2989 if (e <= 0) {
2990 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse error number, ignoring: %s", rvalue);
2991 return 0;
2992 }
2993
2994 c->syscall_errno = e;
2995 return 0;
2996 }
2997
2998 int config_parse_address_families(
2999 const char *unit,
3000 const char *filename,
3001 unsigned line,
3002 const char *section,
3003 unsigned section_line,
3004 const char *lvalue,
3005 int ltype,
3006 const char *rvalue,
3007 void *data,
3008 void *userdata) {
3009
3010 ExecContext *c = data;
3011 bool invert = false;
3012 const char *p;
3013 int r;
3014
3015 assert(filename);
3016 assert(lvalue);
3017 assert(rvalue);
3018
3019 if (isempty(rvalue)) {
3020 /* Empty assignment resets the list */
3021 c->address_families = set_free(c->address_families);
3022 c->address_families_whitelist = false;
3023 return 0;
3024 }
3025
3026 if (rvalue[0] == '~') {
3027 invert = true;
3028 rvalue++;
3029 }
3030
3031 if (!c->address_families) {
3032 c->address_families = set_new(NULL);
3033 if (!c->address_families)
3034 return log_oom();
3035
3036 c->address_families_whitelist = !invert;
3037 }
3038
3039 for (p = rvalue;;) {
3040 _cleanup_free_ char *word = NULL;
3041 int af;
3042
3043 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3044 if (r == 0)
3045 return 0;
3046 if (r == -ENOMEM)
3047 return log_oom();
3048 if (r < 0) {
3049 log_syntax(unit, LOG_WARNING, filename, line, r,
3050 "Invalid syntax, ignoring: %s", rvalue);
3051 return 0;
3052 }
3053
3054 af = af_from_name(word);
3055 if (af <= 0) {
3056 log_syntax(unit, LOG_ERR, filename, line, 0,
3057 "Failed to parse address family \"%s\", ignoring: %m", word);
3058 continue;
3059 }
3060
3061 /* If we previously wanted to forbid an address family and now
3062 * we want to allow it, then just remove it from the list.
3063 */
3064 if (!invert == c->address_families_whitelist) {
3065 r = set_put(c->address_families, INT_TO_PTR(af));
3066 if (r < 0)
3067 return log_oom();
3068 } else
3069 set_remove(c->address_families, INT_TO_PTR(af));
3070 }
3071 }
3072
3073 int config_parse_restrict_namespaces(
3074 const char *unit,
3075 const char *filename,
3076 unsigned line,
3077 const char *section,
3078 unsigned section_line,
3079 const char *lvalue,
3080 int ltype,
3081 const char *rvalue,
3082 void *data,
3083 void *userdata) {
3084
3085 ExecContext *c = data;
3086 bool invert = false;
3087 int r;
3088
3089 if (isempty(rvalue)) {
3090 /* Reset to the default. */
3091 c->restrict_namespaces = NAMESPACE_FLAGS_ALL;
3092 return 0;
3093 }
3094
3095 if (rvalue[0] == '~') {
3096 invert = true;
3097 rvalue++;
3098 }
3099
3100 r = parse_boolean(rvalue);
3101 if (r > 0)
3102 c->restrict_namespaces = 0;
3103 else if (r == 0)
3104 c->restrict_namespaces = NAMESPACE_FLAGS_ALL;
3105 else {
3106 /* Not a boolean argument, in this case it's a list of namespace types. */
3107
3108 r = namespace_flag_from_string_many(rvalue, &c->restrict_namespaces);
3109 if (r < 0) {
3110 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse namespace type string, ignoring: %s", rvalue);
3111 return 0;
3112 }
3113 }
3114
3115 if (invert)
3116 c->restrict_namespaces = (~c->restrict_namespaces) & NAMESPACE_FLAGS_ALL;
3117
3118 return 0;
3119 }
3120 #endif
3121
3122 int config_parse_unit_slice(
3123 const char *unit,
3124 const char *filename,
3125 unsigned line,
3126 const char *section,
3127 unsigned section_line,
3128 const char *lvalue,
3129 int ltype,
3130 const char *rvalue,
3131 void *data,
3132 void *userdata) {
3133
3134 _cleanup_free_ char *k = NULL;
3135 Unit *u = userdata, *slice = NULL;
3136 int r;
3137
3138 assert(filename);
3139 assert(lvalue);
3140 assert(rvalue);
3141 assert(u);
3142
3143 r = unit_name_printf(u, rvalue, &k);
3144 if (r < 0) {
3145 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s. Ignoring.", rvalue);
3146 return 0;
3147 }
3148
3149 r = manager_load_unit(u->manager, k, NULL, NULL, &slice);
3150 if (r < 0) {
3151 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load slice unit %s. Ignoring.", k);
3152 return 0;
3153 }
3154
3155 r = unit_set_slice(u, slice);
3156 if (r < 0) {
3157 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to assign slice %s to unit %s. Ignoring.", slice->id, u->id);
3158 return 0;
3159 }
3160
3161 return 0;
3162 }
3163
3164 DEFINE_CONFIG_PARSE_ENUM(config_parse_device_policy, cgroup_device_policy, CGroupDevicePolicy, "Failed to parse device policy");
3165
3166 int config_parse_cpu_weight(
3167 const char *unit,
3168 const char *filename,
3169 unsigned line,
3170 const char *section,
3171 unsigned section_line,
3172 const char *lvalue,
3173 int ltype,
3174 const char *rvalue,
3175 void *data,
3176 void *userdata) {
3177
3178 uint64_t *weight = data;
3179 int r;
3180
3181 assert(filename);
3182 assert(lvalue);
3183 assert(rvalue);
3184
3185 r = cg_weight_parse(rvalue, weight);
3186 if (r < 0) {
3187 log_syntax(unit, LOG_ERR, filename, line, r, "CPU weight '%s' invalid. Ignoring.", rvalue);
3188 return 0;
3189 }
3190
3191 return 0;
3192 }
3193
3194 int config_parse_cpu_shares(
3195 const char *unit,
3196 const char *filename,
3197 unsigned line,
3198 const char *section,
3199 unsigned section_line,
3200 const char *lvalue,
3201 int ltype,
3202 const char *rvalue,
3203 void *data,
3204 void *userdata) {
3205
3206 uint64_t *shares = data;
3207 int r;
3208
3209 assert(filename);
3210 assert(lvalue);
3211 assert(rvalue);
3212
3213 r = cg_cpu_shares_parse(rvalue, shares);
3214 if (r < 0) {
3215 log_syntax(unit, LOG_ERR, filename, line, r, "CPU shares '%s' invalid. Ignoring.", rvalue);
3216 return 0;
3217 }
3218
3219 return 0;
3220 }
3221
3222 int config_parse_cpu_quota(
3223 const char *unit,
3224 const char *filename,
3225 unsigned line,
3226 const char *section,
3227 unsigned section_line,
3228 const char *lvalue,
3229 int ltype,
3230 const char *rvalue,
3231 void *data,
3232 void *userdata) {
3233
3234 CGroupContext *c = data;
3235 int r;
3236
3237 assert(filename);
3238 assert(lvalue);
3239 assert(rvalue);
3240
3241 if (isempty(rvalue)) {
3242 c->cpu_quota_per_sec_usec = USEC_INFINITY;
3243 return 0;
3244 }
3245
3246 r = parse_percent_unbounded(rvalue);
3247 if (r <= 0) {
3248 log_syntax(unit, LOG_ERR, filename, line, r, "CPU quota '%s' invalid. Ignoring.", rvalue);
3249 return 0;
3250 }
3251
3252 c->cpu_quota_per_sec_usec = ((usec_t) r * USEC_PER_SEC) / 100U;
3253 return 0;
3254 }
3255
3256 int config_parse_memory_limit(
3257 const char *unit,
3258 const char *filename,
3259 unsigned line,
3260 const char *section,
3261 unsigned section_line,
3262 const char *lvalue,
3263 int ltype,
3264 const char *rvalue,
3265 void *data,
3266 void *userdata) {
3267
3268 CGroupContext *c = data;
3269 uint64_t bytes = CGROUP_LIMIT_MAX;
3270 int r;
3271
3272 if (!isempty(rvalue) && !streq(rvalue, "infinity")) {
3273
3274 r = parse_percent(rvalue);
3275 if (r < 0) {
3276 r = parse_size(rvalue, 1024, &bytes);
3277 if (r < 0) {
3278 log_syntax(unit, LOG_ERR, filename, line, r, "Memory limit '%s' invalid. Ignoring.", rvalue);
3279 return 0;
3280 }
3281 } else
3282 bytes = physical_memory_scale(r, 100U);
3283
3284 if (bytes >= UINT64_MAX ||
3285 (bytes <= 0 && !streq(lvalue, "MemorySwapMax"))) {
3286 log_syntax(unit, LOG_ERR, filename, line, 0, "Memory limit '%s' out of range. Ignoring.", rvalue);
3287 return 0;
3288 }
3289 }
3290
3291 if (streq(lvalue, "MemoryLow"))
3292 c->memory_low = bytes;
3293 else if (streq(lvalue, "MemoryHigh"))
3294 c->memory_high = bytes;
3295 else if (streq(lvalue, "MemoryMax"))
3296 c->memory_max = bytes;
3297 else if (streq(lvalue, "MemorySwapMax"))
3298 c->memory_swap_max = bytes;
3299 else if (streq(lvalue, "MemoryLimit"))
3300 c->memory_limit = bytes;
3301 else
3302 return -EINVAL;
3303
3304 return 0;
3305 }
3306
3307 int config_parse_tasks_max(
3308 const char *unit,
3309 const char *filename,
3310 unsigned line,
3311 const char *section,
3312 unsigned section_line,
3313 const char *lvalue,
3314 int ltype,
3315 const char *rvalue,
3316 void *data,
3317 void *userdata) {
3318
3319 uint64_t *tasks_max = data, v;
3320 Unit *u = userdata;
3321 int r;
3322
3323 if (isempty(rvalue)) {
3324 *tasks_max = u->manager->default_tasks_max;
3325 return 0;
3326 }
3327
3328 if (streq(rvalue, "infinity")) {
3329 *tasks_max = CGROUP_LIMIT_MAX;
3330 return 0;
3331 }
3332
3333 r = parse_percent(rvalue);
3334 if (r < 0) {
3335 r = safe_atou64(rvalue, &v);
3336 if (r < 0) {
3337 log_syntax(unit, LOG_ERR, filename, line, r, "Maximum tasks value '%s' invalid. Ignoring.", rvalue);
3338 return 0;
3339 }
3340 } else
3341 v = system_tasks_max_scale(r, 100U);
3342
3343 if (v <= 0 || v >= UINT64_MAX) {
3344 log_syntax(unit, LOG_ERR, filename, line, 0, "Maximum tasks value '%s' out of range. Ignoring.", rvalue);
3345 return 0;
3346 }
3347
3348 *tasks_max = v;
3349 return 0;
3350 }
3351
3352 int config_parse_delegate(
3353 const char *unit,
3354 const char *filename,
3355 unsigned line,
3356 const char *section,
3357 unsigned section_line,
3358 const char *lvalue,
3359 int ltype,
3360 const char *rvalue,
3361 void *data,
3362 void *userdata) {
3363
3364 CGroupContext *c = data;
3365 UnitType t;
3366 int r;
3367
3368 t = unit_name_to_type(unit);
3369 assert(t != _UNIT_TYPE_INVALID);
3370
3371 if (!unit_vtable[t]->can_delegate) {
3372 log_syntax(unit, LOG_ERR, filename, line, 0, "Delegate= setting not supported for this unit type, ignoring.");
3373 return 0;
3374 }
3375
3376 /* We either accept a boolean value, which may be used to turn on delegation for all controllers, or turn it
3377 * off for all. Or it takes a list of controller names, in which case we add the specified controllers to the
3378 * mask to delegate. */
3379
3380 if (isempty(rvalue)) {
3381 /* An empty string resets controllers and set Delegate=yes. */
3382 c->delegate = true;
3383 c->delegate_controllers = 0;
3384 return 0;
3385 }
3386
3387 r = parse_boolean(rvalue);
3388 if (r < 0) {
3389 const char *p = rvalue;
3390 CGroupMask mask = 0;
3391
3392 for (;;) {
3393 _cleanup_free_ char *word = NULL;
3394 CGroupController cc;
3395
3396 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3397 if (r == 0)
3398 break;
3399 if (r == -ENOMEM)
3400 return log_oom();
3401 if (r < 0) {
3402 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
3403 return 0;
3404 }
3405
3406 cc = cgroup_controller_from_string(word);
3407 if (cc < 0) {
3408 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid controller name '%s', ignoring", rvalue);
3409 continue;
3410 }
3411
3412 mask |= CGROUP_CONTROLLER_TO_MASK(cc);
3413 }
3414
3415 c->delegate = true;
3416 c->delegate_controllers |= mask;
3417
3418 } else if (r > 0) {
3419 c->delegate = true;
3420 c->delegate_controllers = _CGROUP_MASK_ALL;
3421 } else {
3422 c->delegate = false;
3423 c->delegate_controllers = 0;
3424 }
3425
3426 return 0;
3427 }
3428
3429 int config_parse_device_allow(
3430 const char *unit,
3431 const char *filename,
3432 unsigned line,
3433 const char *section,
3434 unsigned section_line,
3435 const char *lvalue,
3436 int ltype,
3437 const char *rvalue,
3438 void *data,
3439 void *userdata) {
3440
3441 _cleanup_free_ char *path = NULL, *t = NULL;
3442 CGroupContext *c = data;
3443 CGroupDeviceAllow *a;
3444 const char *m = NULL;
3445 size_t n;
3446 int r;
3447
3448 if (isempty(rvalue)) {
3449 while (c->device_allow)
3450 cgroup_context_free_device_allow(c, c->device_allow);
3451
3452 return 0;
3453 }
3454
3455 r = unit_full_printf(userdata, rvalue, &t);
3456 if (r < 0) {
3457 log_syntax(unit, LOG_WARNING, filename, line, r,
3458 "Failed to resolve specifiers in %s, ignoring: %m",
3459 rvalue);
3460 return 0;
3461 }
3462
3463 n = strcspn(t, WHITESPACE);
3464
3465 path = strndup(t, n);
3466 if (!path)
3467 return log_oom();
3468
3469 if (!is_deviceallow_pattern(path) &&
3470 !path_startswith(path, "/run/systemd/inaccessible/")) {
3471 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s'. Ignoring.", path);
3472 return 0;
3473 }
3474
3475 m = t + n + strspn(t + n, WHITESPACE);
3476 if (isempty(m))
3477 m = "rwm";
3478
3479 if (!in_charset(m, "rwm")) {
3480 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device rights '%s'. Ignoring.", m);
3481 return 0;
3482 }
3483
3484 a = new0(CGroupDeviceAllow, 1);
3485 if (!a)
3486 return log_oom();
3487
3488 a->path = TAKE_PTR(path);
3489 a->r = !!strchr(m, 'r');
3490 a->w = !!strchr(m, 'w');
3491 a->m = !!strchr(m, 'm');
3492
3493 LIST_PREPEND(device_allow, c->device_allow, a);
3494 return 0;
3495 }
3496
3497 int config_parse_io_weight(
3498 const char *unit,
3499 const char *filename,
3500 unsigned line,
3501 const char *section,
3502 unsigned section_line,
3503 const char *lvalue,
3504 int ltype,
3505 const char *rvalue,
3506 void *data,
3507 void *userdata) {
3508
3509 uint64_t *weight = data;
3510 int r;
3511
3512 assert(filename);
3513 assert(lvalue);
3514 assert(rvalue);
3515
3516 r = cg_weight_parse(rvalue, weight);
3517 if (r < 0) {
3518 log_syntax(unit, LOG_ERR, filename, line, r, "IO weight '%s' invalid. Ignoring.", rvalue);
3519 return 0;
3520 }
3521
3522 return 0;
3523 }
3524
3525 int config_parse_io_device_weight(
3526 const char *unit,
3527 const char *filename,
3528 unsigned line,
3529 const char *section,
3530 unsigned section_line,
3531 const char *lvalue,
3532 int ltype,
3533 const char *rvalue,
3534 void *data,
3535 void *userdata) {
3536
3537 _cleanup_free_ char *path = NULL;
3538 CGroupIODeviceWeight *w;
3539 CGroupContext *c = data;
3540 const char *weight;
3541 uint64_t u;
3542 size_t n;
3543 int r;
3544
3545 assert(filename);
3546 assert(lvalue);
3547 assert(rvalue);
3548
3549 if (isempty(rvalue)) {
3550 while (c->io_device_weights)
3551 cgroup_context_free_io_device_weight(c, c->io_device_weights);
3552
3553 return 0;
3554 }
3555
3556 n = strcspn(rvalue, WHITESPACE);
3557 weight = rvalue + n;
3558 weight += strspn(weight, WHITESPACE);
3559
3560 if (isempty(weight)) {
3561 log_syntax(unit, LOG_ERR, filename, line, 0, "Expected block device and device weight. Ignoring.");
3562 return 0;
3563 }
3564
3565 path = strndup(rvalue, n);
3566 if (!path)
3567 return log_oom();
3568
3569 if (!path_startswith(path, "/dev") &&
3570 !path_startswith(path, "/run/systemd/inaccessible/")) {
3571 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s'. Ignoring.", path);
3572 return 0;
3573 }
3574
3575 r = cg_weight_parse(weight, &u);
3576 if (r < 0) {
3577 log_syntax(unit, LOG_ERR, filename, line, r, "IO weight '%s' invalid. Ignoring.", weight);
3578 return 0;
3579 }
3580
3581 assert(u != CGROUP_WEIGHT_INVALID);
3582
3583 w = new0(CGroupIODeviceWeight, 1);
3584 if (!w)
3585 return log_oom();
3586
3587 w->path = TAKE_PTR(path);
3588
3589 w->weight = u;
3590
3591 LIST_PREPEND(device_weights, c->io_device_weights, w);
3592 return 0;
3593 }
3594
3595 int config_parse_io_limit(
3596 const char *unit,
3597 const char *filename,
3598 unsigned line,
3599 const char *section,
3600 unsigned section_line,
3601 const char *lvalue,
3602 int ltype,
3603 const char *rvalue,
3604 void *data,
3605 void *userdata) {
3606
3607 _cleanup_free_ char *path = NULL;
3608 CGroupIODeviceLimit *l = NULL, *t;
3609 CGroupContext *c = data;
3610 CGroupIOLimitType type;
3611 const char *limit;
3612 uint64_t num;
3613 size_t n;
3614 int r;
3615
3616 assert(filename);
3617 assert(lvalue);
3618 assert(rvalue);
3619
3620 type = cgroup_io_limit_type_from_string(lvalue);
3621 assert(type >= 0);
3622
3623 if (isempty(rvalue)) {
3624 LIST_FOREACH(device_limits, l, c->io_device_limits)
3625 l->limits[type] = cgroup_io_limit_defaults[type];
3626 return 0;
3627 }
3628
3629 n = strcspn(rvalue, WHITESPACE);
3630 limit = rvalue + n;
3631 limit += strspn(limit, WHITESPACE);
3632
3633 if (!*limit) {
3634 log_syntax(unit, LOG_ERR, filename, line, 0, "Expected space separated pair of device node and bandwidth. Ignoring.");
3635 return 0;
3636 }
3637
3638 path = strndup(rvalue, n);
3639 if (!path)
3640 return log_oom();
3641
3642 if (!path_startswith(path, "/dev") &&
3643 !path_startswith(path, "/run/systemd/inaccessible/")) {
3644 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s'. Ignoring.", path);
3645 return 0;
3646 }
3647
3648 if (streq("infinity", limit)) {
3649 num = CGROUP_LIMIT_MAX;
3650 } else {
3651 r = parse_size(limit, 1000, &num);
3652 if (r < 0 || num <= 0) {
3653 log_syntax(unit, LOG_ERR, filename, line, r, "IO Limit '%s' invalid. Ignoring.", rvalue);
3654 return 0;
3655 }
3656 }
3657
3658 LIST_FOREACH(device_limits, t, c->io_device_limits) {
3659 if (path_equal(path, t->path)) {
3660 l = t;
3661 break;
3662 }
3663 }
3664
3665 if (!l) {
3666 CGroupIOLimitType ttype;
3667
3668 l = new0(CGroupIODeviceLimit, 1);
3669 if (!l)
3670 return log_oom();
3671
3672 l->path = TAKE_PTR(path);
3673 for (ttype = 0; ttype < _CGROUP_IO_LIMIT_TYPE_MAX; ttype++)
3674 l->limits[ttype] = cgroup_io_limit_defaults[ttype];
3675
3676 LIST_PREPEND(device_limits, c->io_device_limits, l);
3677 }
3678
3679 l->limits[type] = num;
3680
3681 return 0;
3682 }
3683
3684 int config_parse_blockio_weight(
3685 const char *unit,
3686 const char *filename,
3687 unsigned line,
3688 const char *section,
3689 unsigned section_line,
3690 const char *lvalue,
3691 int ltype,
3692 const char *rvalue,
3693 void *data,
3694 void *userdata) {
3695
3696 uint64_t *weight = data;
3697 int r;
3698
3699 assert(filename);
3700 assert(lvalue);
3701 assert(rvalue);
3702
3703 r = cg_blkio_weight_parse(rvalue, weight);
3704 if (r < 0) {
3705 log_syntax(unit, LOG_ERR, filename, line, r, "Block IO weight '%s' invalid. Ignoring.", rvalue);
3706 return 0;
3707 }
3708
3709 return 0;
3710 }
3711
3712 int config_parse_blockio_device_weight(
3713 const char *unit,
3714 const char *filename,
3715 unsigned line,
3716 const char *section,
3717 unsigned section_line,
3718 const char *lvalue,
3719 int ltype,
3720 const char *rvalue,
3721 void *data,
3722 void *userdata) {
3723
3724 _cleanup_free_ char *path = NULL;
3725 CGroupBlockIODeviceWeight *w;
3726 CGroupContext *c = data;
3727 const char *weight;
3728 uint64_t u;
3729 size_t n;
3730 int r;
3731
3732 assert(filename);
3733 assert(lvalue);
3734 assert(rvalue);
3735
3736 if (isempty(rvalue)) {
3737 while (c->blockio_device_weights)
3738 cgroup_context_free_blockio_device_weight(c, c->blockio_device_weights);
3739
3740 return 0;
3741 }
3742
3743 n = strcspn(rvalue, WHITESPACE);
3744 weight = rvalue + n;
3745 weight += strspn(weight, WHITESPACE);
3746
3747 if (isempty(weight)) {
3748 log_syntax(unit, LOG_ERR, filename, line, 0, "Expected block device and device weight. Ignoring.");
3749 return 0;
3750 }
3751
3752 path = strndup(rvalue, n);
3753 if (!path)
3754 return log_oom();
3755
3756 if (!path_startswith(path, "/dev") &&
3757 !path_startswith(path, "/run/systemd/inaccessible/")) {
3758 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s'. Ignoring.", path);
3759 return 0;
3760 }
3761
3762 r = cg_blkio_weight_parse(weight, &u);
3763 if (r < 0) {
3764 log_syntax(unit, LOG_ERR, filename, line, r, "Block IO weight '%s' invalid. Ignoring.", weight);
3765 return 0;
3766 }
3767
3768 assert(u != CGROUP_BLKIO_WEIGHT_INVALID);
3769
3770 w = new0(CGroupBlockIODeviceWeight, 1);
3771 if (!w)
3772 return log_oom();
3773
3774 w->path = TAKE_PTR(path);
3775
3776 w->weight = u;
3777
3778 LIST_PREPEND(device_weights, c->blockio_device_weights, w);
3779 return 0;
3780 }
3781
3782 int config_parse_blockio_bandwidth(
3783 const char *unit,
3784 const char *filename,
3785 unsigned line,
3786 const char *section,
3787 unsigned section_line,
3788 const char *lvalue,
3789 int ltype,
3790 const char *rvalue,
3791 void *data,
3792 void *userdata) {
3793
3794 _cleanup_free_ char *path = NULL;
3795 CGroupBlockIODeviceBandwidth *b = NULL, *t;
3796 CGroupContext *c = data;
3797 const char *bandwidth;
3798 uint64_t bytes;
3799 bool read;
3800 size_t n;
3801 int r;
3802
3803 assert(filename);
3804 assert(lvalue);
3805 assert(rvalue);
3806
3807 read = streq("BlockIOReadBandwidth", lvalue);
3808
3809 if (isempty(rvalue)) {
3810 LIST_FOREACH(device_bandwidths, b, c->blockio_device_bandwidths) {
3811 b->rbps = CGROUP_LIMIT_MAX;
3812 b->wbps = CGROUP_LIMIT_MAX;
3813 }
3814 return 0;
3815 }
3816
3817 n = strcspn(rvalue, WHITESPACE);
3818 bandwidth = rvalue + n;
3819 bandwidth += strspn(bandwidth, WHITESPACE);
3820
3821 if (!*bandwidth) {
3822 log_syntax(unit, LOG_ERR, filename, line, 0, "Expected space separated pair of device node and bandwidth. Ignoring.");
3823 return 0;
3824 }
3825
3826 path = strndup(rvalue, n);
3827 if (!path)
3828 return log_oom();
3829
3830 if (!path_startswith(path, "/dev") &&
3831 !path_startswith(path, "/run/systemd/inaccessible/")) {
3832 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s'. Ignoring.", path);
3833 return 0;
3834 }
3835
3836 r = parse_size(bandwidth, 1000, &bytes);
3837 if (r < 0 || bytes <= 0) {
3838 log_syntax(unit, LOG_ERR, filename, line, r, "Block IO Bandwidth '%s' invalid. Ignoring.", rvalue);
3839 return 0;
3840 }
3841
3842 LIST_FOREACH(device_bandwidths, t, c->blockio_device_bandwidths) {
3843 if (path_equal(path, t->path)) {
3844 b = t;
3845 break;
3846 }
3847 }
3848
3849 if (!t) {
3850 b = new0(CGroupBlockIODeviceBandwidth, 1);
3851 if (!b)
3852 return log_oom();
3853
3854 b->path = TAKE_PTR(path);
3855 b->rbps = CGROUP_LIMIT_MAX;
3856 b->wbps = CGROUP_LIMIT_MAX;
3857
3858 LIST_PREPEND(device_bandwidths, c->blockio_device_bandwidths, b);
3859 }
3860
3861 if (read)
3862 b->rbps = bytes;
3863 else
3864 b->wbps = bytes;
3865
3866 return 0;
3867 }
3868
3869 DEFINE_CONFIG_PARSE_ENUM(config_parse_job_mode, job_mode, JobMode, "Failed to parse job mode");
3870
3871 int config_parse_job_mode_isolate(
3872 const char *unit,
3873 const char *filename,
3874 unsigned line,
3875 const char *section,
3876 unsigned section_line,
3877 const char *lvalue,
3878 int ltype,
3879 const char *rvalue,
3880 void *data,
3881 void *userdata) {
3882
3883 JobMode *m = data;
3884 int r;
3885
3886 assert(filename);
3887 assert(lvalue);
3888 assert(rvalue);
3889
3890 r = parse_boolean(rvalue);
3891 if (r < 0) {
3892 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse boolean, ignoring: %s", rvalue);
3893 return 0;
3894 }
3895
3896 log_notice("%s is deprecated. Please use OnFailureJobMode= instead", lvalue);
3897
3898 *m = r ? JOB_ISOLATE : JOB_REPLACE;
3899 return 0;
3900 }
3901
3902 DEFINE_CONFIG_PARSE_ENUM(config_parse_runtime_preserve_mode, exec_preserve_mode, ExecPreserveMode, "Failed to parse runtime directory preserve mode");
3903
3904 int config_parse_exec_directories(
3905 const char *unit,
3906 const char *filename,
3907 unsigned line,
3908 const char *section,
3909 unsigned section_line,
3910 const char *lvalue,
3911 int ltype,
3912 const char *rvalue,
3913 void *data,
3914 void *userdata) {
3915
3916 char***rt = data;
3917 Unit *u = userdata;
3918 const char *p;
3919 int r;
3920
3921 assert(filename);
3922 assert(lvalue);
3923 assert(rvalue);
3924 assert(data);
3925
3926 if (isempty(rvalue)) {
3927 /* Empty assignment resets the list */
3928 *rt = strv_free(*rt);
3929 return 0;
3930 }
3931
3932 for (p = rvalue;;) {
3933 _cleanup_free_ char *word = NULL, *k = NULL;
3934
3935 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3936 if (r == -ENOMEM)
3937 return log_oom();
3938 if (r < 0) {
3939 log_syntax(unit, LOG_WARNING, filename, line, r,
3940 "Invalid syntax, ignoring: %s", rvalue);
3941 return 0;
3942 }
3943 if (r == 0)
3944 return 0;
3945
3946 r = unit_full_printf(u, word, &k);
3947 if (r < 0) {
3948 log_syntax(unit, LOG_ERR, filename, line, r,
3949 "Failed to resolve specifiers in \"%s\", ignoring: %m", word);
3950 continue;
3951 }
3952
3953 if (!path_is_normalized(k)) {
3954 log_syntax(unit, LOG_ERR, filename, line, 0,
3955 "%s= path is not normalized, ignoring assignment: %s", lvalue, rvalue);
3956 continue;
3957 }
3958
3959 if (path_is_absolute(k)) {
3960 log_syntax(unit, LOG_ERR, filename, line, 0,
3961 "%s= path is absolute, ignoring assignment: %s", lvalue, rvalue);
3962 continue;
3963 }
3964
3965 if (path_startswith(k, "private")) {
3966 log_syntax(unit, LOG_ERR, filename, line, 0,
3967 "%s= path can't be 'private', ingoring assignment: %s", lvalue, rvalue);
3968 continue;
3969 }
3970
3971 r = strv_push(rt, k);
3972 if (r < 0)
3973 return log_oom();
3974 k = NULL;
3975 }
3976 }
3977
3978 int config_parse_set_status(
3979 const char *unit,
3980 const char *filename,
3981 unsigned line,
3982 const char *section,
3983 unsigned section_line,
3984 const char *lvalue,
3985 int ltype,
3986 const char *rvalue,
3987 void *data,
3988 void *userdata) {
3989
3990 size_t l;
3991 const char *word, *state;
3992 int r;
3993 ExitStatusSet *status_set = data;
3994
3995 assert(filename);
3996 assert(lvalue);
3997 assert(rvalue);
3998 assert(data);
3999
4000 /* Empty assignment resets the list */
4001 if (isempty(rvalue)) {
4002 exit_status_set_free(status_set);
4003 return 0;
4004 }
4005
4006 FOREACH_WORD(word, l, rvalue, state) {
4007 _cleanup_free_ char *temp;
4008 int val;
4009 Set **set;
4010
4011 temp = strndup(word, l);
4012 if (!temp)
4013 return log_oom();
4014
4015 r = safe_atoi(temp, &val);
4016 if (r < 0) {
4017 val = signal_from_string(temp);
4018
4019 if (val <= 0) {
4020 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse value, ignoring: %s", word);
4021 continue;
4022 }
4023 set = &status_set->signal;
4024 } else {
4025 if (val < 0 || val > 255) {
4026 log_syntax(unit, LOG_ERR, filename, line, 0, "Value %d is outside range 0-255, ignoring", val);
4027 continue;
4028 }
4029 set = &status_set->status;
4030 }
4031
4032 r = set_ensure_allocated(set, NULL);
4033 if (r < 0)
4034 return log_oom();
4035
4036 r = set_put(*set, INT_TO_PTR(val));
4037 if (r < 0) {
4038 log_syntax(unit, LOG_ERR, filename, line, r, "Unable to store: %s", word);
4039 return r;
4040 }
4041 }
4042 if (!isempty(state))
4043 log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
4044
4045 return 0;
4046 }
4047
4048 int config_parse_namespace_path_strv(
4049 const char *unit,
4050 const char *filename,
4051 unsigned line,
4052 const char *section,
4053 unsigned section_line,
4054 const char *lvalue,
4055 int ltype,
4056 const char *rvalue,
4057 void *data,
4058 void *userdata) {
4059
4060 Unit *u = userdata;
4061 char*** sv = data;
4062 const char *cur;
4063 int r;
4064
4065 assert(filename);
4066 assert(lvalue);
4067 assert(rvalue);
4068 assert(data);
4069
4070 if (isempty(rvalue)) {
4071 /* Empty assignment resets the list */
4072 *sv = strv_free(*sv);
4073 return 0;
4074 }
4075
4076 cur = rvalue;
4077 for (;;) {
4078 _cleanup_free_ char *word = NULL, *resolved = NULL, *joined = NULL;
4079 const char *w;
4080 bool ignore_enoent = false, shall_prefix = false;
4081
4082 r = extract_first_word(&cur, &word, NULL, EXTRACT_QUOTES);
4083 if (r == 0)
4084 break;
4085 if (r == -ENOMEM)
4086 return log_oom();
4087 if (r < 0) {
4088 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue);
4089 return 0;
4090 }
4091
4092 if (!utf8_is_valid(word)) {
4093 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, word);
4094 continue;
4095 }
4096
4097 w = word;
4098 if (startswith(w, "-")) {
4099 ignore_enoent = true;
4100 w++;
4101 }
4102 if (startswith(w, "+")) {
4103 shall_prefix = true;
4104 w++;
4105 }
4106
4107 r = unit_full_printf(u, w, &resolved);
4108 if (r < 0) {
4109 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers in %s: %m", word);
4110 continue;
4111 }
4112
4113 if (!path_is_absolute(resolved)) {
4114 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute path, ignoring: %s", resolved);
4115 continue;
4116 }
4117
4118 path_kill_slashes(resolved);
4119
4120 joined = strjoin(ignore_enoent ? "-" : "",
4121 shall_prefix ? "+" : "",
4122 resolved);
4123
4124 r = strv_push(sv, joined);
4125 if (r < 0)
4126 return log_oom();
4127
4128 joined = NULL;
4129 }
4130
4131 return 0;
4132 }
4133
4134 int config_parse_temporary_filesystems(
4135 const char *unit,
4136 const char *filename,
4137 unsigned line,
4138 const char *section,
4139 unsigned section_line,
4140 const char *lvalue,
4141 int ltype,
4142 const char *rvalue,
4143 void *data,
4144 void *userdata) {
4145
4146 Unit *u = userdata;
4147 ExecContext *c = data;
4148 const char *cur;
4149 int r;
4150
4151 assert(filename);
4152 assert(lvalue);
4153 assert(rvalue);
4154 assert(data);
4155
4156 if (isempty(rvalue)) {
4157 /* Empty assignment resets the list */
4158 temporary_filesystem_free_many(c->temporary_filesystems, c->n_temporary_filesystems);
4159 c->temporary_filesystems = NULL;
4160 c->n_temporary_filesystems = 0;
4161 return 0;
4162 }
4163
4164 cur = rvalue;
4165 for (;;) {
4166 _cleanup_free_ char *word = NULL, *path = NULL, *resolved = NULL;
4167 const char *w;
4168
4169 r = extract_first_word(&cur, &word, NULL, EXTRACT_QUOTES);
4170 if (r == 0)
4171 break;
4172 if (r == -ENOMEM)
4173 return log_oom();
4174 if (r < 0) {
4175 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue);
4176 return 0;
4177 }
4178
4179 w = word;
4180 r = extract_first_word(&w, &path, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
4181 if (r < 0)
4182 return r;
4183 if (r == 0)
4184 return -EINVAL;
4185
4186 r = unit_full_printf(u, path, &resolved);
4187 if (r < 0) {
4188 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers in %s, ignoring: %m", word);
4189 continue;
4190 }
4191
4192 if (!path_is_absolute(resolved)) {
4193 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute path, ignoring: %s", resolved);
4194 continue;
4195 }
4196
4197 path_kill_slashes(resolved);
4198
4199 r = temporary_filesystem_add(&c->temporary_filesystems, &c->n_temporary_filesystems, path, w);
4200 if (r == -ENOMEM)
4201 return log_oom();
4202 if (r < 0) {
4203 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse mount options, ignoring: %s", word);
4204 continue;
4205 }
4206 }
4207
4208 return 0;
4209 }
4210
4211 int config_parse_bind_paths(
4212 const char *unit,
4213 const char *filename,
4214 unsigned line,
4215 const char *section,
4216 unsigned section_line,
4217 const char *lvalue,
4218 int ltype,
4219 const char *rvalue,
4220 void *data,
4221 void *userdata) {
4222
4223 ExecContext *c = data;
4224 Unit *u = userdata;
4225 const char *p;
4226 int r;
4227
4228 assert(filename);
4229 assert(lvalue);
4230 assert(rvalue);
4231 assert(data);
4232
4233 if (isempty(rvalue)) {
4234 /* Empty assignment resets the list */
4235 bind_mount_free_many(c->bind_mounts, c->n_bind_mounts);
4236 c->bind_mounts = NULL;
4237 c->n_bind_mounts = 0;
4238 return 0;
4239 }
4240
4241 p = rvalue;
4242 for (;;) {
4243 _cleanup_free_ char *source = NULL, *destination = NULL;
4244 _cleanup_free_ char *sresolved = NULL, *dresolved = NULL;
4245 char *s = NULL, *d = NULL;
4246 bool rbind = true, ignore_enoent = false;
4247
4248 r = extract_first_word(&p, &source, ":" WHITESPACE, EXTRACT_QUOTES|EXTRACT_DONT_COALESCE_SEPARATORS);
4249 if (r == 0)
4250 break;
4251 if (r == -ENOMEM)
4252 return log_oom();
4253 if (r < 0) {
4254 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4255 return 0;
4256 }
4257
4258 r = unit_full_printf(u, source, &sresolved);
4259 if (r < 0) {
4260 log_syntax(unit, LOG_ERR, filename, line, r,
4261 "Failed to resolved specifiers in \"%s\", ignoring: %m", source);
4262 return 0;
4263 }
4264
4265 s = sresolved;
4266 if (s[0] == '-') {
4267 ignore_enoent = true;
4268 s++;
4269 }
4270
4271 if (!utf8_is_valid(s)) {
4272 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, s);
4273 return 0;
4274 }
4275 if (!path_is_absolute(s)) {
4276 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute source path, ignoring: %s", s);
4277 return 0;
4278 }
4279
4280 path_kill_slashes(s);
4281
4282 /* Optionally, the destination is specified. */
4283 if (p && p[-1] == ':') {
4284 r = extract_first_word(&p, &destination, ":" WHITESPACE, EXTRACT_QUOTES|EXTRACT_DONT_COALESCE_SEPARATORS);
4285 if (r == -ENOMEM)
4286 return log_oom();
4287 if (r < 0) {
4288 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4289 return 0;
4290 }
4291 if (r == 0) {
4292 log_syntax(unit, LOG_ERR, filename, line, 0, "Missing argument after ':': %s", rvalue);
4293 return 0;
4294 }
4295
4296 r = unit_full_printf(u, destination, &dresolved);
4297 if (r < 0) {
4298 log_syntax(unit, LOG_ERR, filename, line, r,
4299 "Failed to resolved specifiers in \"%s\", ignoring: %m", destination);
4300 return 0;
4301 }
4302
4303 if (!utf8_is_valid(dresolved)) {
4304 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, dresolved);
4305 return 0;
4306 }
4307 if (!path_is_absolute(dresolved)) {
4308 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute destination path, ignoring: %s", dresolved);
4309 return 0;
4310 }
4311
4312 d = path_kill_slashes(dresolved);
4313
4314 /* Optionally, there's also a short option string specified */
4315 if (p && p[-1] == ':') {
4316 _cleanup_free_ char *options = NULL;
4317
4318 r = extract_first_word(&p, &options, NULL, EXTRACT_QUOTES);
4319 if (r == -ENOMEM)
4320 return log_oom();
4321 if (r < 0) {
4322 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4323 return 0;
4324 }
4325
4326 if (isempty(options) || streq(options, "rbind"))
4327 rbind = true;
4328 else if (streq(options, "norbind"))
4329 rbind = false;
4330 else {
4331 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid option string, ignoring setting: %s", options);
4332 return 0;
4333 }
4334 }
4335 } else
4336 d = s;
4337
4338 r = bind_mount_add(&c->bind_mounts, &c->n_bind_mounts,
4339 &(BindMount) {
4340 .source = s,
4341 .destination = d,
4342 .read_only = !!strstr(lvalue, "ReadOnly"),
4343 .recursive = rbind,
4344 .ignore_enoent = ignore_enoent,
4345 });
4346 if (r < 0)
4347 return log_oom();
4348 }
4349
4350 return 0;
4351 }
4352
4353 int config_parse_no_new_privileges(
4354 const char* unit,
4355 const char *filename,
4356 unsigned line,
4357 const char *section,
4358 unsigned section_line,
4359 const char *lvalue,
4360 int ltype,
4361 const char *rvalue,
4362 void *data,
4363 void *userdata) {
4364
4365 ExecContext *c = data;
4366 int k;
4367
4368 assert(filename);
4369 assert(lvalue);
4370 assert(rvalue);
4371 assert(data);
4372
4373 k = parse_boolean(rvalue);
4374 if (k < 0) {
4375 log_syntax(unit, LOG_ERR, filename, line, k, "Failed to parse boolean value, ignoring: %s", rvalue);
4376 return 0;
4377 }
4378
4379 c->no_new_privileges = k;
4380
4381 return 0;
4382 }
4383
4384 int config_parse_protect_home(
4385 const char* unit,
4386 const char *filename,
4387 unsigned line,
4388 const char *section,
4389 unsigned section_line,
4390 const char *lvalue,
4391 int ltype,
4392 const char *rvalue,
4393 void *data,
4394 void *userdata) {
4395
4396 ExecContext *c = data;
4397 ProtectHome h;
4398
4399 assert(filename);
4400 assert(lvalue);
4401 assert(rvalue);
4402 assert(data);
4403
4404 /* Our enum shall be a superset of booleans, hence first try
4405 * to parse as boolean, and then as enum */
4406
4407 h = parse_protect_home_or_bool(rvalue);
4408 if (h < 0) {
4409 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse protect home value, ignoring: %s", rvalue);
4410 return 0;
4411 }
4412
4413 c->protect_home = h;
4414
4415 return 0;
4416 }
4417
4418 int config_parse_protect_system(
4419 const char* unit,
4420 const char *filename,
4421 unsigned line,
4422 const char *section,
4423 unsigned section_line,
4424 const char *lvalue,
4425 int ltype,
4426 const char *rvalue,
4427 void *data,
4428 void *userdata) {
4429
4430 ExecContext *c = data;
4431 ProtectSystem s;
4432
4433 assert(filename);
4434 assert(lvalue);
4435 assert(rvalue);
4436 assert(data);
4437
4438 /* Our enum shall be a superset of booleans, hence first try
4439 * to parse as boolean, and then as enum */
4440
4441 s = parse_protect_system_or_bool(rvalue);
4442 if (s < 0) {
4443 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse protect system value, ignoring: %s", rvalue);
4444 return 0;
4445 }
4446
4447 c->protect_system = s;
4448
4449 return 0;
4450 }
4451
4452 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_keyring_mode, exec_keyring_mode, ExecKeyringMode, "Failed to parse keyring mode");
4453
4454 int config_parse_job_timeout_sec(
4455 const char* unit,
4456 const char *filename,
4457 unsigned line,
4458 const char *section,
4459 unsigned section_line,
4460 const char *lvalue,
4461 int ltype,
4462 const char *rvalue,
4463 void *data,
4464 void *userdata) {
4465
4466 Unit *u = data;
4467 usec_t usec;
4468 int r;
4469
4470 assert(filename);
4471 assert(lvalue);
4472 assert(rvalue);
4473 assert(u);
4474
4475 r = parse_sec_fix_0(rvalue, &usec);
4476 if (r < 0) {
4477 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobTimeoutSec= parameter, ignoring: %s", rvalue);
4478 return 0;
4479 }
4480
4481 /* If the user explicitly changed JobTimeoutSec= also change JobRunningTimeoutSec=, for compatibility with old
4482 * versions. If JobRunningTimeoutSec= was explicitly set, avoid this however as whatever the user picked should
4483 * count. */
4484
4485 if (!u->job_running_timeout_set)
4486 u->job_running_timeout = usec;
4487
4488 u->job_timeout = usec;
4489
4490 return 0;
4491 }
4492
4493 int config_parse_job_running_timeout_sec(
4494 const char* unit,
4495 const char *filename,
4496 unsigned line,
4497 const char *section,
4498 unsigned section_line,
4499 const char *lvalue,
4500 int ltype,
4501 const char *rvalue,
4502 void *data,
4503 void *userdata) {
4504
4505 Unit *u = data;
4506 usec_t usec;
4507 int r;
4508
4509 assert(filename);
4510 assert(lvalue);
4511 assert(rvalue);
4512 assert(u);
4513
4514 r = parse_sec_fix_0(rvalue, &usec);
4515 if (r < 0) {
4516 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobRunningTimeoutSec= parameter, ignoring: %s", rvalue);
4517 return 0;
4518 }
4519
4520 u->job_running_timeout = usec;
4521 u->job_running_timeout_set = true;
4522
4523 return 0;
4524 }
4525
4526 #define FOLLOW_MAX 8
4527
4528 static int open_follow(char **filename, FILE **_f, Set *names, char **_final) {
4529 char *id = NULL;
4530 unsigned c = 0;
4531 int fd, r;
4532 FILE *f;
4533
4534 assert(filename);
4535 assert(*filename);
4536 assert(_f);
4537 assert(names);
4538
4539 /* This will update the filename pointer if the loaded file is
4540 * reached by a symlink. The old string will be freed. */
4541
4542 for (;;) {
4543 char *target, *name;
4544
4545 if (c++ >= FOLLOW_MAX)
4546 return -ELOOP;
4547
4548 path_kill_slashes(*filename);
4549
4550 /* Add the file name we are currently looking at to
4551 * the names of this unit, but only if it is a valid
4552 * unit name. */
4553 name = basename(*filename);
4554 if (unit_name_is_valid(name, UNIT_NAME_ANY)) {
4555
4556 id = set_get(names, name);
4557 if (!id) {
4558 id = strdup(name);
4559 if (!id)
4560 return -ENOMEM;
4561
4562 r = set_consume(names, id);
4563 if (r < 0)
4564 return r;
4565 }
4566 }
4567
4568 /* Try to open the file name, but don't if its a symlink */
4569 fd = open(*filename, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW);
4570 if (fd >= 0)
4571 break;
4572
4573 if (errno != ELOOP)
4574 return -errno;
4575
4576 /* Hmm, so this is a symlink. Let's read the name, and follow it manually */
4577 r = readlink_and_make_absolute(*filename, &target);
4578 if (r < 0)
4579 return r;
4580
4581 free(*filename);
4582 *filename = target;
4583 }
4584
4585 f = fdopen(fd, "re");
4586 if (!f) {
4587 safe_close(fd);
4588 return -errno;
4589 }
4590
4591 *_f = f;
4592 *_final = id;
4593
4594 return 0;
4595 }
4596
4597 static int merge_by_names(Unit **u, Set *names, const char *id) {
4598 char *k;
4599 int r;
4600
4601 assert(u);
4602 assert(*u);
4603 assert(names);
4604
4605 /* Let's try to add in all symlink names we found */
4606 while ((k = set_steal_first(names))) {
4607
4608 /* First try to merge in the other name into our
4609 * unit */
4610 r = unit_merge_by_name(*u, k);
4611 if (r < 0) {
4612 Unit *other;
4613
4614 /* Hmm, we couldn't merge the other unit into
4615 * ours? Then let's try it the other way
4616 * round */
4617
4618 /* If the symlink name we are looking at is unit template, then
4619 we must search for instance of this template */
4620 if (unit_name_is_valid(k, UNIT_NAME_TEMPLATE) && (*u)->instance) {
4621 _cleanup_free_ char *instance = NULL;
4622
4623 r = unit_name_replace_instance(k, (*u)->instance, &instance);
4624 if (r < 0)
4625 return r;
4626
4627 other = manager_get_unit((*u)->manager, instance);
4628 } else
4629 other = manager_get_unit((*u)->manager, k);
4630
4631 free(k);
4632
4633 if (other) {
4634 r = unit_merge(other, *u);
4635 if (r >= 0) {
4636 *u = other;
4637 return merge_by_names(u, names, NULL);
4638 }
4639 }
4640
4641 return r;
4642 }
4643
4644 if (id == k)
4645 unit_choose_id(*u, id);
4646
4647 free(k);
4648 }
4649
4650 return 0;
4651 }
4652
4653 static int load_from_path(Unit *u, const char *path) {
4654 _cleanup_set_free_free_ Set *symlink_names = NULL;
4655 _cleanup_fclose_ FILE *f = NULL;
4656 _cleanup_free_ char *filename = NULL;
4657 char *id = NULL;
4658 Unit *merged;
4659 struct stat st;
4660 int r;
4661
4662 assert(u);
4663 assert(path);
4664
4665 symlink_names = set_new(&string_hash_ops);
4666 if (!symlink_names)
4667 return -ENOMEM;
4668
4669 if (path_is_absolute(path)) {
4670
4671 filename = strdup(path);
4672 if (!filename)
4673 return -ENOMEM;
4674
4675 r = open_follow(&filename, &f, symlink_names, &id);
4676 if (r < 0) {
4677 filename = mfree(filename);
4678 if (r != -ENOENT)
4679 return r;
4680 }
4681
4682 } else {
4683 char **p;
4684
4685 STRV_FOREACH(p, u->manager->lookup_paths.search_path) {
4686
4687 /* Instead of opening the path right away, we manually
4688 * follow all symlinks and add their name to our unit
4689 * name set while doing so */
4690 filename = path_make_absolute(path, *p);
4691 if (!filename)
4692 return -ENOMEM;
4693
4694 if (u->manager->unit_path_cache &&
4695 !set_get(u->manager->unit_path_cache, filename))
4696 r = -ENOENT;
4697 else
4698 r = open_follow(&filename, &f, symlink_names, &id);
4699 if (r >= 0)
4700 break;
4701 filename = mfree(filename);
4702
4703 /* ENOENT means that the file is missing or is a dangling symlink.
4704 * ENOTDIR means that one of paths we expect to be is a directory
4705 * is not a directory, we should just ignore that.
4706 * EACCES means that the directory or file permissions are wrong.
4707 */
4708 if (r == -EACCES)
4709 log_debug_errno(r, "Cannot access \"%s\": %m", filename);
4710 else if (!IN_SET(r, -ENOENT, -ENOTDIR))
4711 return r;
4712
4713 /* Empty the symlink names for the next run */
4714 set_clear_free(symlink_names);
4715 }
4716 }
4717
4718 if (!filename)
4719 /* Hmm, no suitable file found? */
4720 return 0;
4721
4722 if (!unit_type_may_alias(u->type) && set_size(symlink_names) > 1) {
4723 log_unit_warning(u, "Unit type of %s does not support alias names, refusing loading via symlink.", u->id);
4724 return -ELOOP;
4725 }
4726
4727 merged = u;
4728 r = merge_by_names(&merged, symlink_names, id);
4729 if (r < 0)
4730 return r;
4731
4732 if (merged != u) {
4733 u->load_state = UNIT_MERGED;
4734 return 0;
4735 }
4736
4737 if (fstat(fileno(f), &st) < 0)
4738 return -errno;
4739
4740 if (null_or_empty(&st)) {
4741 u->load_state = UNIT_MASKED;
4742 u->fragment_mtime = 0;
4743 } else {
4744 u->load_state = UNIT_LOADED;
4745 u->fragment_mtime = timespec_load(&st.st_mtim);
4746
4747 /* Now, parse the file contents */
4748 r = config_parse(u->id, filename, f,
4749 UNIT_VTABLE(u)->sections,
4750 config_item_perf_lookup, load_fragment_gperf_lookup,
4751 CONFIG_PARSE_ALLOW_INCLUDE, u);
4752 if (r < 0)
4753 return r;
4754 }
4755
4756 free_and_replace(u->fragment_path, filename);
4757
4758 if (u->source_path) {
4759 if (stat(u->source_path, &st) >= 0)
4760 u->source_mtime = timespec_load(&st.st_mtim);
4761 else
4762 u->source_mtime = 0;
4763 }
4764
4765 return 0;
4766 }
4767
4768 int unit_load_fragment(Unit *u) {
4769 int r;
4770 Iterator i;
4771 const char *t;
4772
4773 assert(u);
4774 assert(u->load_state == UNIT_STUB);
4775 assert(u->id);
4776
4777 if (u->transient) {
4778 u->load_state = UNIT_LOADED;
4779 return 0;
4780 }
4781
4782 /* First, try to find the unit under its id. We always look
4783 * for unit files in the default directories, to make it easy
4784 * to override things by placing things in /etc/systemd/system */
4785 r = load_from_path(u, u->id);
4786 if (r < 0)
4787 return r;
4788
4789 /* Try to find an alias we can load this with */
4790 if (u->load_state == UNIT_STUB) {
4791 SET_FOREACH(t, u->names, i) {
4792
4793 if (t == u->id)
4794 continue;
4795
4796 r = load_from_path(u, t);
4797 if (r < 0)
4798 return r;
4799
4800 if (u->load_state != UNIT_STUB)
4801 break;
4802 }
4803 }
4804
4805 /* And now, try looking for it under the suggested (originally linked) path */
4806 if (u->load_state == UNIT_STUB && u->fragment_path) {
4807
4808 r = load_from_path(u, u->fragment_path);
4809 if (r < 0)
4810 return r;
4811
4812 if (u->load_state == UNIT_STUB)
4813 /* Hmm, this didn't work? Then let's get rid
4814 * of the fragment path stored for us, so that
4815 * we don't point to an invalid location. */
4816 u->fragment_path = mfree(u->fragment_path);
4817 }
4818
4819 /* Look for a template */
4820 if (u->load_state == UNIT_STUB && u->instance) {
4821 _cleanup_free_ char *k = NULL;
4822
4823 r = unit_name_template(u->id, &k);
4824 if (r < 0)
4825 return r;
4826
4827 r = load_from_path(u, k);
4828 if (r < 0) {
4829 if (r == -ENOEXEC)
4830 log_unit_notice(u, "Unit configuration has fatal error, unit will not be started.");
4831 return r;
4832 }
4833
4834 if (u->load_state == UNIT_STUB) {
4835 SET_FOREACH(t, u->names, i) {
4836 _cleanup_free_ char *z = NULL;
4837
4838 if (t == u->id)
4839 continue;
4840
4841 r = unit_name_template(t, &z);
4842 if (r < 0)
4843 return r;
4844
4845 r = load_from_path(u, z);
4846 if (r < 0)
4847 return r;
4848
4849 if (u->load_state != UNIT_STUB)
4850 break;
4851 }
4852 }
4853 }
4854
4855 return 0;
4856 }
4857
4858 void unit_dump_config_items(FILE *f) {
4859 static const struct {
4860 const ConfigParserCallback callback;
4861 const char *rvalue;
4862 } table[] = {
4863 #if !HAVE_SYSV_COMPAT || !HAVE_SECCOMP || !HAVE_PAM || !HAVE_SELINUX || !ENABLE_SMACK || !HAVE_APPARMOR
4864 { config_parse_warn_compat, "NOTSUPPORTED" },
4865 #endif
4866 { config_parse_int, "INTEGER" },
4867 { config_parse_unsigned, "UNSIGNED" },
4868 { config_parse_iec_size, "SIZE" },
4869 { config_parse_iec_uint64, "SIZE" },
4870 { config_parse_si_size, "SIZE" },
4871 { config_parse_bool, "BOOLEAN" },
4872 { config_parse_string, "STRING" },
4873 { config_parse_path, "PATH" },
4874 { config_parse_unit_path_printf, "PATH" },
4875 { config_parse_strv, "STRING [...]" },
4876 { config_parse_exec_nice, "NICE" },
4877 { config_parse_exec_oom_score_adjust, "OOMSCOREADJUST" },
4878 { config_parse_exec_io_class, "IOCLASS" },
4879 { config_parse_exec_io_priority, "IOPRIORITY" },
4880 { config_parse_exec_cpu_sched_policy, "CPUSCHEDPOLICY" },
4881 { config_parse_exec_cpu_sched_prio, "CPUSCHEDPRIO" },
4882 { config_parse_exec_cpu_affinity, "CPUAFFINITY" },
4883 { config_parse_mode, "MODE" },
4884 { config_parse_unit_env_file, "FILE" },
4885 { config_parse_exec_output, "OUTPUT" },
4886 { config_parse_exec_input, "INPUT" },
4887 { config_parse_log_facility, "FACILITY" },
4888 { config_parse_log_level, "LEVEL" },
4889 { config_parse_exec_secure_bits, "SECUREBITS" },
4890 { config_parse_capability_set, "BOUNDINGSET" },
4891 { config_parse_rlimit, "LIMIT" },
4892 { config_parse_unit_deps, "UNIT [...]" },
4893 { config_parse_exec, "PATH [ARGUMENT [...]]" },
4894 { config_parse_service_type, "SERVICETYPE" },
4895 { config_parse_service_restart, "SERVICERESTART" },
4896 #if HAVE_SYSV_COMPAT
4897 { config_parse_sysv_priority, "SYSVPRIORITY" },
4898 #endif
4899 { config_parse_kill_mode, "KILLMODE" },
4900 { config_parse_signal, "SIGNAL" },
4901 { config_parse_socket_listen, "SOCKET [...]" },
4902 { config_parse_socket_bind, "SOCKETBIND" },
4903 { config_parse_socket_bindtodevice, "NETWORKINTERFACE" },
4904 { config_parse_sec, "SECONDS" },
4905 { config_parse_nsec, "NANOSECONDS" },
4906 { config_parse_namespace_path_strv, "PATH [...]" },
4907 { config_parse_bind_paths, "PATH[:PATH[:OPTIONS]] [...]" },
4908 { config_parse_unit_requires_mounts_for, "PATH [...]" },
4909 { config_parse_exec_mount_flags, "MOUNTFLAG [...]" },
4910 { config_parse_unit_string_printf, "STRING" },
4911 { config_parse_trigger_unit, "UNIT" },
4912 { config_parse_timer, "TIMER" },
4913 { config_parse_path_spec, "PATH" },
4914 { config_parse_notify_access, "ACCESS" },
4915 { config_parse_ip_tos, "TOS" },
4916 { config_parse_unit_condition_path, "CONDITION" },
4917 { config_parse_unit_condition_string, "CONDITION" },
4918 { config_parse_unit_condition_null, "CONDITION" },
4919 { config_parse_unit_slice, "SLICE" },
4920 { config_parse_documentation, "URL" },
4921 { config_parse_service_timeout, "SECONDS" },
4922 { config_parse_emergency_action, "ACTION" },
4923 { config_parse_set_status, "STATUS" },
4924 { config_parse_service_sockets, "SOCKETS" },
4925 { config_parse_environ, "ENVIRON" },
4926 #if HAVE_SECCOMP
4927 { config_parse_syscall_filter, "SYSCALLS" },
4928 { config_parse_syscall_archs, "ARCHS" },
4929 { config_parse_syscall_errno, "ERRNO" },
4930 { config_parse_address_families, "FAMILIES" },
4931 { config_parse_restrict_namespaces, "NAMESPACES" },
4932 #endif
4933 { config_parse_cpu_shares, "SHARES" },
4934 { config_parse_cpu_weight, "WEIGHT" },
4935 { config_parse_memory_limit, "LIMIT" },
4936 { config_parse_device_allow, "DEVICE" },
4937 { config_parse_device_policy, "POLICY" },
4938 { config_parse_io_limit, "LIMIT" },
4939 { config_parse_io_weight, "WEIGHT" },
4940 { config_parse_io_device_weight, "DEVICEWEIGHT" },
4941 { config_parse_blockio_bandwidth, "BANDWIDTH" },
4942 { config_parse_blockio_weight, "WEIGHT" },
4943 { config_parse_blockio_device_weight, "DEVICEWEIGHT" },
4944 { config_parse_long, "LONG" },
4945 { config_parse_socket_service, "SERVICE" },
4946 #if HAVE_SELINUX
4947 { config_parse_exec_selinux_context, "LABEL" },
4948 #endif
4949 { config_parse_job_mode, "MODE" },
4950 { config_parse_job_mode_isolate, "BOOLEAN" },
4951 { config_parse_personality, "PERSONALITY" },
4952 };
4953
4954 const char *prev = NULL;
4955 const char *i;
4956
4957 assert(f);
4958
4959 NULSTR_FOREACH(i, load_fragment_gperf_nulstr) {
4960 const char *rvalue = "OTHER", *lvalue;
4961 unsigned j;
4962 size_t prefix_len;
4963 const char *dot;
4964 const ConfigPerfItem *p;
4965
4966 assert_se(p = load_fragment_gperf_lookup(i, strlen(i)));
4967
4968 dot = strchr(i, '.');
4969 lvalue = dot ? dot + 1 : i;
4970 prefix_len = dot-i;
4971
4972 if (dot)
4973 if (!prev || !strneq(prev, i, prefix_len+1)) {
4974 if (prev)
4975 fputc('\n', f);
4976
4977 fprintf(f, "[%.*s]\n", (int) prefix_len, i);
4978 }
4979
4980 for (j = 0; j < ELEMENTSOF(table); j++)
4981 if (p->parse == table[j].callback) {
4982 rvalue = table[j].rvalue;
4983 break;
4984 }
4985
4986 fprintf(f, "%s=%s\n", lvalue, rvalue);
4987 prev = i;
4988 }
4989 }
Unnamed repository; edit this file 'description' to name the repository.