]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/load-fragment.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
load-fragment: use parse_sec_fix_0() instead of updating the value later
[thirdparty/systemd.git] / src / core / load-fragment.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6 Copyright 2012 Holger Hans Peter Freyther
7 ***/
8
9 #include <errno.h>
10 #include <fcntl.h>
11 #include <linux/fs.h>
12 #include <linux/oom.h>
13 #if HAVE_SECCOMP
14 #include <seccomp.h>
15 #endif
16 #include <sched.h>
17 #include <string.h>
18 #include <sys/resource.h>
19 #include <sys/stat.h>
20
21 #include "af-list.h"
22 #include "alloc-util.h"
23 #include "all-units.h"
24 #include "bus-error.h"
25 #include "bus-internal.h"
26 #include "bus-util.h"
27 #include "cap-list.h"
28 #include "capability-util.h"
29 #include "cgroup.h"
30 #include "conf-parser.h"
31 #include "cpu-set-util.h"
32 #include "env-util.h"
33 #include "errno-list.h"
34 #include "escape.h"
35 #include "fd-util.h"
36 #include "fs-util.h"
37 #include "hexdecoct.h"
38 #include "io-util.h"
39 #include "ioprio.h"
40 #include "journal-util.h"
41 #include "load-fragment.h"
42 #include "log.h"
43 #include "missing.h"
44 #include "mount-util.h"
45 #include "parse-util.h"
46 #include "path-util.h"
47 #include "process-util.h"
48 #if HAVE_SECCOMP
49 #include "seccomp-util.h"
50 #endif
51 #include "securebits.h"
52 #include "securebits-util.h"
53 #include "signal-util.h"
54 #include "socket-protocol-list.h"
55 #include "stat-util.h"
56 #include "string-util.h"
57 #include "strv.h"
58 #include "unit-name.h"
59 #include "unit-printf.h"
60 #include "user-util.h"
61 #include "utf8.h"
62 #include "web-util.h"
63
64 DEFINE_CONFIG_PARSE_ENUM(config_parse_collect_mode, collect_mode, CollectMode, "Failed to parse garbage collection mode");
65
66 int config_parse_unit_deps(
67 const char *unit,
68 const char *filename,
69 unsigned line,
70 const char *section,
71 unsigned section_line,
72 const char *lvalue,
73 int ltype,
74 const char *rvalue,
75 void *data,
76 void *userdata) {
77
78 UnitDependency d = ltype;
79 Unit *u = userdata;
80 const char *p;
81
82 assert(filename);
83 assert(lvalue);
84 assert(rvalue);
85
86 p = rvalue;
87 for (;;) {
88 _cleanup_free_ char *word = NULL, *k = NULL;
89 int r;
90
91 r = extract_first_word(&p, &word, NULL, EXTRACT_RETAIN_ESCAPE);
92 if (r == 0)
93 break;
94 if (r == -ENOMEM)
95 return log_oom();
96 if (r < 0) {
97 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
98 break;
99 }
100
101 r = unit_name_printf(u, word, &k);
102 if (r < 0) {
103 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
104 continue;
105 }
106
107 r = unit_add_dependency_by_name(u, d, k, NULL, true, UNIT_DEPENDENCY_FILE);
108 if (r < 0)
109 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
110 }
111
112 return 0;
113 }
114
115 int config_parse_obsolete_unit_deps(
116 const char *unit,
117 const char *filename,
118 unsigned line,
119 const char *section,
120 unsigned section_line,
121 const char *lvalue,
122 int ltype,
123 const char *rvalue,
124 void *data,
125 void *userdata) {
126
127 log_syntax(unit, LOG_WARNING, filename, line, 0,
128 "Unit dependency type %s= is obsolete, replacing by %s=, please update your unit file", lvalue, unit_dependency_to_string(ltype));
129
130 return config_parse_unit_deps(unit, filename, line, section, section_line, lvalue, ltype, rvalue, data, userdata);
131 }
132
133 int config_parse_unit_string_printf(
134 const char *unit,
135 const char *filename,
136 unsigned line,
137 const char *section,
138 unsigned section_line,
139 const char *lvalue,
140 int ltype,
141 const char *rvalue,
142 void *data,
143 void *userdata) {
144
145 _cleanup_free_ char *k = NULL;
146 Unit *u = userdata;
147 int r;
148
149 assert(filename);
150 assert(lvalue);
151 assert(rvalue);
152 assert(u);
153
154 r = unit_full_printf(u, rvalue, &k);
155 if (r < 0) {
156 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
157 return 0;
158 }
159
160 return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
161 }
162
163 int config_parse_unit_strv_printf(
164 const char *unit,
165 const char *filename,
166 unsigned line,
167 const char *section,
168 unsigned section_line,
169 const char *lvalue,
170 int ltype,
171 const char *rvalue,
172 void *data,
173 void *userdata) {
174
175 Unit *u = userdata;
176 _cleanup_free_ char *k = NULL;
177 int r;
178
179 assert(filename);
180 assert(lvalue);
181 assert(rvalue);
182 assert(u);
183
184 r = unit_full_printf(u, rvalue, &k);
185 if (r < 0) {
186 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
187 return 0;
188 }
189
190 return config_parse_strv(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
191 }
192
193 int config_parse_unit_path_printf(
194 const char *unit,
195 const char *filename,
196 unsigned line,
197 const char *section,
198 unsigned section_line,
199 const char *lvalue,
200 int ltype,
201 const char *rvalue,
202 void *data,
203 void *userdata) {
204
205 _cleanup_free_ char *k = NULL;
206 Unit *u = userdata;
207 int r;
208 bool fatal = ltype;
209
210 assert(filename);
211 assert(lvalue);
212 assert(rvalue);
213 assert(u);
214
215 /* Let's not bother with anything that is too long */
216 if (strlen(rvalue) >= PATH_MAX) {
217 log_syntax(unit, LOG_ERR, filename, line, 0,
218 "%s value too long%s.",
219 lvalue, fatal ? "" : ", ignoring");
220 return fatal ? -ENAMETOOLONG : 0;
221 }
222
223 r = unit_full_printf(u, rvalue, &k);
224 if (r < 0) {
225 log_syntax(unit, LOG_ERR, filename, line, r,
226 "Failed to resolve unit specifiers in '%s'%s: %m",
227 rvalue, fatal ? "" : ", ignoring");
228 return fatal ? -ENOEXEC : 0;
229 }
230
231 return config_parse_path(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
232 }
233
234 int config_parse_unit_path_strv_printf(
235 const char *unit,
236 const char *filename,
237 unsigned line,
238 const char *section,
239 unsigned section_line,
240 const char *lvalue,
241 int ltype,
242 const char *rvalue,
243 void *data,
244 void *userdata) {
245
246 char ***x = data;
247 Unit *u = userdata;
248 int r;
249 const char *p;
250
251 assert(filename);
252 assert(lvalue);
253 assert(rvalue);
254 assert(u);
255
256 if (isempty(rvalue)) {
257 *x = strv_free(*x);
258 return 0;
259 }
260
261 for (p = rvalue;;) {
262 _cleanup_free_ char *word = NULL, *k = NULL;
263
264 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
265 if (r == 0)
266 return 0;
267 if (r == -ENOMEM)
268 return log_oom();
269 if (r < 0) {
270 log_syntax(unit, LOG_WARNING, filename, line, r,
271 "Invalid syntax, ignoring: %s", rvalue);
272 return 0;
273 }
274
275 r = unit_full_printf(u, word, &k);
276 if (r < 0) {
277 log_syntax(unit, LOG_ERR, filename, line, r,
278 "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
279 return 0;
280 }
281
282 if (!utf8_is_valid(k)) {
283 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
284 return 0;
285 }
286
287 if (!path_is_absolute(k)) {
288 log_syntax(unit, LOG_ERR, filename, line, 0,
289 "Symlink path is not absolute: %s", k);
290 return 0;
291 }
292
293 path_kill_slashes(k);
294
295 r = strv_push(x, k);
296 if (r < 0)
297 return log_oom();
298 k = NULL;
299 }
300 }
301
302 int config_parse_socket_listen(const char *unit,
303 const char *filename,
304 unsigned line,
305 const char *section,
306 unsigned section_line,
307 const char *lvalue,
308 int ltype,
309 const char *rvalue,
310 void *data,
311 void *userdata) {
312
313 _cleanup_free_ SocketPort *p = NULL;
314 SocketPort *tail;
315 Socket *s;
316 int r;
317
318 assert(filename);
319 assert(lvalue);
320 assert(rvalue);
321 assert(data);
322
323 s = SOCKET(data);
324
325 if (isempty(rvalue)) {
326 /* An empty assignment removes all ports */
327 socket_free_ports(s);
328 return 0;
329 }
330
331 p = new0(SocketPort, 1);
332 if (!p)
333 return log_oom();
334
335 if (ltype != SOCKET_SOCKET) {
336
337 p->type = ltype;
338 r = unit_full_printf(UNIT(s), rvalue, &p->path);
339 if (r < 0) {
340 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
341 return 0;
342 }
343
344 path_kill_slashes(p->path);
345
346 } else if (streq(lvalue, "ListenNetlink")) {
347 _cleanup_free_ char *k = NULL;
348
349 p->type = SOCKET_SOCKET;
350 r = unit_full_printf(UNIT(s), rvalue, &k);
351 if (r < 0) {
352 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
353 return 0;
354 }
355
356 r = socket_address_parse_netlink(&p->address, k);
357 if (r < 0) {
358 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k);
359 return 0;
360 }
361
362 } else {
363 _cleanup_free_ char *k = NULL;
364
365 p->type = SOCKET_SOCKET;
366 r = unit_full_printf(UNIT(s), rvalue, &k);
367 if (r < 0) {
368 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
369 return 0;
370 }
371
372 r = socket_address_parse_and_warn(&p->address, k);
373 if (r < 0) {
374 if (r != -EAFNOSUPPORT)
375 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k);
376 return 0;
377 }
378
379 if (streq(lvalue, "ListenStream"))
380 p->address.type = SOCK_STREAM;
381 else if (streq(lvalue, "ListenDatagram"))
382 p->address.type = SOCK_DGRAM;
383 else {
384 assert(streq(lvalue, "ListenSequentialPacket"));
385 p->address.type = SOCK_SEQPACKET;
386 }
387
388 if (socket_address_family(&p->address) != AF_LOCAL && p->address.type == SOCK_SEQPACKET) {
389 log_syntax(unit, LOG_ERR, filename, line, 0, "Address family not supported, ignoring: %s", rvalue);
390 return 0;
391 }
392 }
393
394 p->fd = -1;
395 p->auxiliary_fds = NULL;
396 p->n_auxiliary_fds = 0;
397 p->socket = s;
398
399 LIST_FIND_TAIL(port, s->ports, tail);
400 LIST_INSERT_AFTER(port, s->ports, tail, p);
401
402 p = NULL;
403
404 return 0;
405 }
406
407 int config_parse_socket_protocol(const char *unit,
408 const char *filename,
409 unsigned line,
410 const char *section,
411 unsigned section_line,
412 const char *lvalue,
413 int ltype,
414 const char *rvalue,
415 void *data,
416 void *userdata) {
417 Socket *s;
418 int r;
419
420 assert(filename);
421 assert(lvalue);
422 assert(rvalue);
423 assert(data);
424
425 s = SOCKET(data);
426
427 r = socket_protocol_from_name(rvalue);
428 if (r < 0) {
429 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid socket protocol '%s', ignoring: %m", rvalue);
430 return 0;
431 } else if (!IN_SET(r, IPPROTO_UDPLITE, IPPROTO_SCTP)) {
432 log_syntax(unit, LOG_ERR, filename, line, 0, "Socket protocol not supported, ignoring: %s", rvalue);
433 return 0;
434 }
435
436 s->socket_protocol = r;
437
438 return 0;
439 }
440
441 int config_parse_socket_bind(const char *unit,
442 const char *filename,
443 unsigned line,
444 const char *section,
445 unsigned section_line,
446 const char *lvalue,
447 int ltype,
448 const char *rvalue,
449 void *data,
450 void *userdata) {
451
452 Socket *s;
453 SocketAddressBindIPv6Only b;
454
455 assert(filename);
456 assert(lvalue);
457 assert(rvalue);
458 assert(data);
459
460 s = SOCKET(data);
461
462 b = parse_socket_address_bind_ipv6_only_or_bool(rvalue);
463 if (b < 0) {
464 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse bind IPv6 only value, ignoring: %s", rvalue);
465 return 0;
466 }
467
468 s->bind_ipv6_only = b;
469
470 return 0;
471 }
472
473 int config_parse_exec_nice(
474 const char *unit,
475 const char *filename,
476 unsigned line,
477 const char *section,
478 unsigned section_line,
479 const char *lvalue,
480 int ltype,
481 const char *rvalue,
482 void *data,
483 void *userdata) {
484
485 ExecContext *c = data;
486 int priority, r;
487
488 assert(filename);
489 assert(lvalue);
490 assert(rvalue);
491 assert(data);
492
493 if (isempty(rvalue)) {
494 c->nice_set = false;
495 return 0;
496 }
497
498 r = parse_nice(rvalue, &priority);
499 if (r < 0) {
500 if (r == -ERANGE)
501 log_syntax(unit, LOG_ERR, filename, line, r, "Nice priority out of range, ignoring: %s", rvalue);
502 else
503 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse nice priority '%s', ignoring: %m", rvalue);
504 return 0;
505 }
506
507 c->nice = priority;
508 c->nice_set = true;
509
510 return 0;
511 }
512
513 int config_parse_exec_oom_score_adjust(
514 const char* unit,
515 const char *filename,
516 unsigned line,
517 const char *section,
518 unsigned section_line,
519 const char *lvalue,
520 int ltype,
521 const char *rvalue,
522 void *data,
523 void *userdata) {
524
525 ExecContext *c = data;
526 int oa, r;
527
528 assert(filename);
529 assert(lvalue);
530 assert(rvalue);
531 assert(data);
532
533 if (isempty(rvalue)) {
534 c->oom_score_adjust_set = false;
535 return 0;
536 }
537
538 r = parse_oom_score_adjust(rvalue, &oa);
539 if (r < 0) {
540 if (r == -ERANGE)
541 log_syntax(unit, LOG_ERR, filename, line, r, "OOM score adjust value out of range, ignoring: %s", rvalue);
542 else
543 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse the OOM score adjust value '%s', ignoring: %m", rvalue);
544 return 0;
545 }
546
547 c->oom_score_adjust = oa;
548 c->oom_score_adjust_set = true;
549
550 return 0;
551 }
552
553 int config_parse_exec(
554 const char *unit,
555 const char *filename,
556 unsigned line,
557 const char *section,
558 unsigned section_line,
559 const char *lvalue,
560 int ltype,
561 const char *rvalue,
562 void *data,
563 void *userdata) {
564
565 ExecCommand **e = data;
566 Unit *u = userdata;
567 const char *p;
568 bool semicolon;
569 int r;
570
571 assert(filename);
572 assert(lvalue);
573 assert(rvalue);
574 assert(e);
575
576 e += ltype;
577 rvalue += strspn(rvalue, WHITESPACE);
578
579 if (isempty(rvalue)) {
580 /* An empty assignment resets the list */
581 *e = exec_command_free_list(*e);
582 return 0;
583 }
584
585 p = rvalue;
586 do {
587 _cleanup_free_ char *path = NULL, *firstword = NULL;
588 ExecCommandFlags flags = 0;
589 bool ignore = false, separate_argv0 = false;
590 _cleanup_free_ ExecCommand *nce = NULL;
591 _cleanup_strv_free_ char **n = NULL;
592 size_t nlen = 0, nbufsize = 0;
593 const char *f;
594
595 semicolon = false;
596
597 r = extract_first_word_and_warn(&p, &firstword, NULL, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
598 if (r <= 0)
599 return 0;
600
601 f = firstword;
602 for (;;) {
603 /* We accept an absolute path as first argument. If it's prefixed with - and the path doesn't
604 * exist, we ignore it instead of erroring out; if it's prefixed with @, we allow overriding of
605 * argv[0]; if it's prefixed with +, it will be run with full privileges and no sandboxing; if
606 * it's prefixed with '!' we apply sandboxing, but do not change user/group credentials; if
607 * it's prefixed with '!!', then we apply user/group credentials if the kernel supports ambient
608 * capabilities -- if it doesn't we don't apply the credentials themselves, but do apply most
609 * other sandboxing, with some special exceptions for changing UID.
610 *
611 * The idea is that '!!' may be used to write services that can take benefit of systemd's
612 * UID/GID dropping if the kernel supports ambient creds, but provide an automatic fallback to
613 * privilege dropping within the daemon if the kernel does not offer that. */
614
615 if (*f == '-' && !(flags & EXEC_COMMAND_IGNORE_FAILURE)) {
616 flags |= EXEC_COMMAND_IGNORE_FAILURE;
617 ignore = true;
618 } else if (*f == '@' && !separate_argv0)
619 separate_argv0 = true;
620 else if (*f == '+' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC)))
621 flags |= EXEC_COMMAND_FULLY_PRIVILEGED;
622 else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC)))
623 flags |= EXEC_COMMAND_NO_SETUID;
624 else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_AMBIENT_MAGIC))) {
625 flags &= ~EXEC_COMMAND_NO_SETUID;
626 flags |= EXEC_COMMAND_AMBIENT_MAGIC;
627 } else
628 break;
629 f++;
630 }
631
632 r = unit_full_printf(u, f, &path);
633 if (r < 0) {
634 log_syntax(unit, LOG_ERR, filename, line, r,
635 "Failed to resolve unit specifiers in '%s'%s: %m",
636 f, ignore ? ", ignoring" : "");
637 return ignore ? 0 : -ENOEXEC;
638 }
639
640 if (isempty(path)) {
641 /* First word is either "-" or "@" with no command. */
642 log_syntax(unit, LOG_ERR, filename, line, 0,
643 "Empty path in command line%s: '%s'",
644 ignore ? ", ignoring" : "", rvalue);
645 return ignore ? 0 : -ENOEXEC;
646 }
647 if (!string_is_safe(path)) {
648 log_syntax(unit, LOG_ERR, filename, line, 0,
649 "Executable name contains special characters%s: %s",
650 ignore ? ", ignoring" : "", path);
651 return ignore ? 0 : -ENOEXEC;
652 }
653 if (endswith(path, "/")) {
654 log_syntax(unit, LOG_ERR, filename, line, 0,
655 "Executable path specifies a directory%s: %s",
656 ignore ? ", ignoring" : "", path);
657 return ignore ? 0 : -ENOEXEC;
658 }
659
660 if (!path_is_absolute(path)) {
661 const char *prefix;
662 bool found = false;
663
664 if (!filename_is_valid(path)) {
665 log_syntax(unit, LOG_ERR, filename, line, 0,
666 "Neither a valid executable name nor an absolute path%s: %s",
667 ignore ? ", ignoring" : "", path);
668 return ignore ? 0 : -ENOEXEC;
669 }
670
671 /* Resolve a single-component name to a full path */
672 NULSTR_FOREACH(prefix, DEFAULT_PATH_NULSTR) {
673 _cleanup_free_ char *fullpath = NULL;
674
675 fullpath = strjoin(prefix, "/", path);
676 if (!fullpath)
677 return log_oom();
678
679 if (access(fullpath, F_OK) >= 0) {
680 free_and_replace(path, fullpath);
681 found = true;
682 break;
683 }
684 }
685
686 if (!found) {
687 log_syntax(unit, LOG_ERR, filename, line, 0,
688 "Executable \"%s\" not found in path \"%s\"%s",
689 path, DEFAULT_PATH, ignore ? ", ignoring" : "");
690 return ignore ? 0 : -ENOEXEC;
691 }
692 }
693
694 if (!separate_argv0) {
695 char *w = NULL;
696
697 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
698 return log_oom();
699
700 w = strdup(path);
701 if (!w)
702 return log_oom();
703 n[nlen++] = w;
704 n[nlen] = NULL;
705 }
706
707 path_kill_slashes(path);
708
709 while (!isempty(p)) {
710 _cleanup_free_ char *word = NULL, *resolved = NULL;
711
712 /* Check explicitly for an unquoted semicolon as
713 * command separator token. */
714 if (p[0] == ';' && (!p[1] || strchr(WHITESPACE, p[1]))) {
715 p++;
716 p += strspn(p, WHITESPACE);
717 semicolon = true;
718 break;
719 }
720
721 /* Check for \; explicitly, to not confuse it with \\; or "\;" or "\\;" etc.
722 * extract_first_word() would return the same for all of those. */
723 if (p[0] == '\\' && p[1] == ';' && (!p[2] || strchr(WHITESPACE, p[2]))) {
724 char *w;
725
726 p += 2;
727 p += strspn(p, WHITESPACE);
728
729 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
730 return log_oom();
731
732 w = strdup(";");
733 if (!w)
734 return log_oom();
735 n[nlen++] = w;
736 n[nlen] = NULL;
737 continue;
738 }
739
740 r = extract_first_word_and_warn(&p, &word, NULL, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
741 if (r == 0)
742 break;
743 if (r < 0)
744 return ignore ? 0 : -ENOEXEC;
745
746 r = unit_full_printf(u, word, &resolved);
747 if (r < 0) {
748 log_syntax(unit, LOG_ERR, filename, line, r,
749 "Failed to resolve unit specifiers in %s%s: %m",
750 word, ignore ? ", ignoring" : "");
751 return ignore ? 0 : -ENOEXEC;
752 }
753
754 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
755 return log_oom();
756
757 n[nlen++] = TAKE_PTR(resolved);
758 n[nlen] = NULL;
759 }
760
761 if (!n || !n[0]) {
762 log_syntax(unit, LOG_ERR, filename, line, 0,
763 "Empty executable name or zeroeth argument%s: %s",
764 ignore ? ", ignoring" : "", rvalue);
765 return ignore ? 0 : -ENOEXEC;
766 }
767
768 nce = new0(ExecCommand, 1);
769 if (!nce)
770 return log_oom();
771
772 nce->argv = TAKE_PTR(n);
773 nce->path = TAKE_PTR(path);
774 nce->flags = flags;
775
776 exec_command_append_list(e, nce);
777
778 /* Do not _cleanup_free_ these. */
779 nce = NULL;
780
781 rvalue = p;
782 } while (semicolon);
783
784 return 0;
785 }
786
787 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_type, service_type, ServiceType, "Failed to parse service type");
788 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_restart, service_restart, ServiceRestart, "Failed to parse service restart specifier");
789
790 int config_parse_socket_bindtodevice(
791 const char* unit,
792 const char *filename,
793 unsigned line,
794 const char *section,
795 unsigned section_line,
796 const char *lvalue,
797 int ltype,
798 const char *rvalue,
799 void *data,
800 void *userdata) {
801
802 Socket *s = data;
803
804 assert(filename);
805 assert(lvalue);
806 assert(rvalue);
807 assert(data);
808
809 if (isempty(rvalue) || streq(rvalue, "*")) {
810 s->bind_to_device = mfree(s->bind_to_device);
811 return 0;
812 }
813
814 if (!ifname_valid(rvalue)) {
815 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid interface name, ignoring: %s", rvalue);
816 return 0;
817 }
818
819 free_and_strdup(&s->bind_to_device, rvalue);
820
821 return 0;
822 }
823
824 int config_parse_exec_input(
825 const char *unit,
826 const char *filename,
827 unsigned line,
828 const char *section,
829 unsigned section_line,
830 const char *lvalue,
831 int ltype,
832 const char *rvalue,
833 void *data,
834 void *userdata) {
835
836 ExecContext *c = data;
837 Unit *u = userdata;
838 const char *n;
839 ExecInput ei;
840 int r;
841
842 assert(data);
843 assert(filename);
844 assert(line);
845 assert(rvalue);
846
847 n = startswith(rvalue, "fd:");
848 if (n) {
849 _cleanup_free_ char *resolved = NULL;
850
851 r = unit_full_printf(u, n, &resolved);
852 if (r < 0)
853 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", n);
854
855 if (isempty(resolved))
856 resolved = mfree(resolved);
857 else if (!fdname_is_valid(resolved)) {
858 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name: %s", resolved);
859 return -EINVAL;
860 }
861
862 free_and_replace(c->stdio_fdname[STDIN_FILENO], resolved);
863
864 ei = EXEC_INPUT_NAMED_FD;
865
866 } else if ((n = startswith(rvalue, "file:"))) {
867 _cleanup_free_ char *resolved = NULL;
868
869 r = unit_full_printf(u, n, &resolved);
870 if (r < 0)
871 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", n);
872
873 if (!path_is_absolute(resolved)) {
874 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires an absolute path name: %s", resolved);
875 return -EINVAL;
876 }
877
878 if (!path_is_normalized(resolved)) {
879 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires a normalized path name: %s", resolved);
880 return -EINVAL;
881 }
882
883 free_and_replace(c->stdio_file[STDIN_FILENO], resolved);
884
885 ei = EXEC_INPUT_FILE;
886
887 } else {
888 ei = exec_input_from_string(rvalue);
889 if (ei < 0) {
890 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse input specifier, ignoring: %s", rvalue);
891 return 0;
892 }
893 }
894
895 c->std_input = ei;
896 return 0;
897 }
898
899 int config_parse_exec_input_text(
900 const char *unit,
901 const char *filename,
902 unsigned line,
903 const char *section,
904 unsigned section_line,
905 const char *lvalue,
906 int ltype,
907 const char *rvalue,
908 void *data,
909 void *userdata) {
910
911 _cleanup_free_ char *unescaped = NULL, *resolved = NULL;
912 ExecContext *c = data;
913 Unit *u = userdata;
914 size_t sz;
915 void *p;
916 int r;
917
918 assert(data);
919 assert(filename);
920 assert(line);
921 assert(rvalue);
922
923 if (isempty(rvalue)) {
924 /* Reset if the empty string is assigned */
925 c->stdin_data = mfree(c->stdin_data);
926 c->stdin_data_size = 0;
927 return 0;
928 }
929
930 r = cunescape(rvalue, 0, &unescaped);
931 if (r < 0)
932 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode C escaped text '%s': %m", rvalue);
933
934 r = unit_full_printf(u, unescaped, &resolved);
935 if (r < 0)
936 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", unescaped);
937
938 sz = strlen(resolved);
939 if (c->stdin_data_size + sz + 1 < c->stdin_data_size || /* check for overflow */
940 c->stdin_data_size + sz + 1 > EXEC_STDIN_DATA_MAX) {
941 log_syntax(unit, LOG_ERR, filename, line, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX);
942 return -E2BIG;
943 }
944
945 p = realloc(c->stdin_data, c->stdin_data_size + sz + 1);
946 if (!p)
947 return log_oom();
948
949 *((char*) mempcpy((char*) p + c->stdin_data_size, resolved, sz)) = '\n';
950
951 c->stdin_data = p;
952 c->stdin_data_size += sz + 1;
953
954 return 0;
955 }
956
957 int config_parse_exec_input_data(
958 const char *unit,
959 const char *filename,
960 unsigned line,
961 const char *section,
962 unsigned section_line,
963 const char *lvalue,
964 int ltype,
965 const char *rvalue,
966 void *data,
967 void *userdata) {
968
969 _cleanup_free_ void *p = NULL;
970 ExecContext *c = data;
971 size_t sz;
972 void *q;
973 int r;
974
975 assert(data);
976 assert(filename);
977 assert(line);
978 assert(rvalue);
979
980 if (isempty(rvalue)) {
981 /* Reset if the empty string is assigned */
982 c->stdin_data = mfree(c->stdin_data);
983 c->stdin_data_size = 0;
984 return 0;
985 }
986
987 r = unbase64mem(rvalue, (size_t) -1, &p, &sz);
988 if (r < 0)
989 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode base64 data, ignoring: %s", rvalue);
990
991 assert(sz > 0);
992
993 if (c->stdin_data_size + sz < c->stdin_data_size || /* check for overflow */
994 c->stdin_data_size + sz > EXEC_STDIN_DATA_MAX) {
995 log_syntax(unit, LOG_ERR, filename, line, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX);
996 return -E2BIG;
997 }
998
999 q = realloc(c->stdin_data, c->stdin_data_size + sz);
1000 if (!q)
1001 return log_oom();
1002
1003 memcpy((uint8_t*) q + c->stdin_data_size, p, sz);
1004
1005 c->stdin_data = q;
1006 c->stdin_data_size += sz;
1007
1008 return 0;
1009 }
1010
1011 int config_parse_exec_output(
1012 const char *unit,
1013 const char *filename,
1014 unsigned line,
1015 const char *section,
1016 unsigned section_line,
1017 const char *lvalue,
1018 int ltype,
1019 const char *rvalue,
1020 void *data,
1021 void *userdata) {
1022
1023 _cleanup_free_ char *resolved = NULL;
1024 const char *n;
1025 ExecContext *c = data;
1026 Unit *u = userdata;
1027 ExecOutput eo;
1028 int r;
1029
1030 assert(data);
1031 assert(filename);
1032 assert(line);
1033 assert(lvalue);
1034 assert(rvalue);
1035
1036 n = startswith(rvalue, "fd:");
1037 if (n) {
1038 r = unit_full_printf(u, n, &resolved);
1039 if (r < 0)
1040 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n);
1041
1042 if (isempty(resolved))
1043 resolved = mfree(resolved);
1044 else if (!fdname_is_valid(resolved)) {
1045 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name: %s", resolved);
1046 return -EINVAL;
1047 }
1048
1049 eo = EXEC_OUTPUT_NAMED_FD;
1050
1051 } else if ((n = startswith(rvalue, "file:"))) {
1052
1053 r = unit_full_printf(u, n, &resolved);
1054 if (r < 0)
1055 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n);
1056
1057 if (!path_is_absolute(resolved)) {
1058 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires an absolute path name: %s", resolved);
1059 return -EINVAL;
1060 }
1061
1062 if (!path_is_normalized(resolved)) {
1063 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires a normalized path name, ignoring: %s", resolved);
1064 return -EINVAL;
1065 }
1066
1067 eo = EXEC_OUTPUT_FILE;
1068
1069 } else {
1070 eo = exec_output_from_string(rvalue);
1071 if (eo < 0) {
1072 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse output specifier, ignoring: %s", rvalue);
1073 return 0;
1074 }
1075 }
1076
1077 if (streq(lvalue, "StandardOutput")) {
1078 if (eo == EXEC_OUTPUT_NAMED_FD)
1079 free_and_replace(c->stdio_fdname[STDOUT_FILENO], resolved);
1080 else
1081 free_and_replace(c->stdio_file[STDOUT_FILENO], resolved);
1082
1083 c->std_output = eo;
1084
1085 } else {
1086 assert(streq(lvalue, "StandardError"));
1087
1088 if (eo == EXEC_OUTPUT_NAMED_FD)
1089 free_and_replace(c->stdio_fdname[STDERR_FILENO], resolved);
1090 else
1091 free_and_replace(c->stdio_file[STDERR_FILENO], resolved);
1092
1093 c->std_error = eo;
1094 }
1095
1096 return 0;
1097 }
1098
1099 int config_parse_exec_io_class(const char *unit,
1100 const char *filename,
1101 unsigned line,
1102 const char *section,
1103 unsigned section_line,
1104 const char *lvalue,
1105 int ltype,
1106 const char *rvalue,
1107 void *data,
1108 void *userdata) {
1109
1110 ExecContext *c = data;
1111 int x;
1112
1113 assert(filename);
1114 assert(lvalue);
1115 assert(rvalue);
1116 assert(data);
1117
1118 if (isempty(rvalue)) {
1119 c->ioprio_set = false;
1120 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
1121 return 0;
1122 }
1123
1124 x = ioprio_class_from_string(rvalue);
1125 if (x < 0) {
1126 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IO scheduling class, ignoring: %s", rvalue);
1127 return 0;
1128 }
1129
1130 c->ioprio = IOPRIO_PRIO_VALUE(x, IOPRIO_PRIO_DATA(c->ioprio));
1131 c->ioprio_set = true;
1132
1133 return 0;
1134 }
1135
1136 int config_parse_exec_io_priority(const char *unit,
1137 const char *filename,
1138 unsigned line,
1139 const char *section,
1140 unsigned section_line,
1141 const char *lvalue,
1142 int ltype,
1143 const char *rvalue,
1144 void *data,
1145 void *userdata) {
1146
1147 ExecContext *c = data;
1148 int i, r;
1149
1150 assert(filename);
1151 assert(lvalue);
1152 assert(rvalue);
1153 assert(data);
1154
1155 if (isempty(rvalue)) {
1156 c->ioprio_set = false;
1157 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
1158 return 0;
1159 }
1160
1161 r = ioprio_parse_priority(rvalue, &i);
1162 if (r < 0) {
1163 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse IO priority, ignoring: %s", rvalue);
1164 return 0;
1165 }
1166
1167 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_PRIO_CLASS(c->ioprio), i);
1168 c->ioprio_set = true;
1169
1170 return 0;
1171 }
1172
1173 int config_parse_exec_cpu_sched_policy(const char *unit,
1174 const char *filename,
1175 unsigned line,
1176 const char *section,
1177 unsigned section_line,
1178 const char *lvalue,
1179 int ltype,
1180 const char *rvalue,
1181 void *data,
1182 void *userdata) {
1183
1184 ExecContext *c = data;
1185 int x;
1186
1187 assert(filename);
1188 assert(lvalue);
1189 assert(rvalue);
1190 assert(data);
1191
1192 if (isempty(rvalue)) {
1193 c->cpu_sched_set = false;
1194 c->cpu_sched_policy = SCHED_OTHER;
1195 c->cpu_sched_priority = 0;
1196 return 0;
1197 }
1198
1199 x = sched_policy_from_string(rvalue);
1200 if (x < 0) {
1201 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse CPU scheduling policy, ignoring: %s", rvalue);
1202 return 0;
1203 }
1204
1205 c->cpu_sched_policy = x;
1206 /* Moving to or from real-time policy? We need to adjust the priority */
1207 c->cpu_sched_priority = CLAMP(c->cpu_sched_priority, sched_get_priority_min(x), sched_get_priority_max(x));
1208 c->cpu_sched_set = true;
1209
1210 return 0;
1211 }
1212
1213 int config_parse_exec_cpu_sched_prio(const char *unit,
1214 const char *filename,
1215 unsigned line,
1216 const char *section,
1217 unsigned section_line,
1218 const char *lvalue,
1219 int ltype,
1220 const char *rvalue,
1221 void *data,
1222 void *userdata) {
1223
1224 ExecContext *c = data;
1225 int i, min, max, r;
1226
1227 assert(filename);
1228 assert(lvalue);
1229 assert(rvalue);
1230 assert(data);
1231
1232 r = safe_atoi(rvalue, &i);
1233 if (r < 0) {
1234 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CPU scheduling priority, ignoring: %s", rvalue);
1235 return 0;
1236 }
1237
1238 /* On Linux RR/FIFO range from 1 to 99 and OTHER/BATCH may only be 0 */
1239 min = sched_get_priority_min(c->cpu_sched_policy);
1240 max = sched_get_priority_max(c->cpu_sched_policy);
1241
1242 if (i < min || i > max) {
1243 log_syntax(unit, LOG_ERR, filename, line, 0, "CPU scheduling priority is out of range, ignoring: %s", rvalue);
1244 return 0;
1245 }
1246
1247 c->cpu_sched_priority = i;
1248 c->cpu_sched_set = true;
1249
1250 return 0;
1251 }
1252
1253 int config_parse_exec_cpu_affinity(const char *unit,
1254 const char *filename,
1255 unsigned line,
1256 const char *section,
1257 unsigned section_line,
1258 const char *lvalue,
1259 int ltype,
1260 const char *rvalue,
1261 void *data,
1262 void *userdata) {
1263
1264 ExecContext *c = data;
1265 _cleanup_cpu_free_ cpu_set_t *cpuset = NULL;
1266 int ncpus;
1267
1268 assert(filename);
1269 assert(lvalue);
1270 assert(rvalue);
1271 assert(data);
1272
1273 ncpus = parse_cpu_set_and_warn(rvalue, &cpuset, unit, filename, line, lvalue);
1274 if (ncpus < 0)
1275 return ncpus;
1276
1277 if (ncpus == 0) {
1278 /* An empty assignment resets the CPU list */
1279 c->cpuset = cpu_set_mfree(c->cpuset);
1280 c->cpuset_ncpus = 0;
1281 return 0;
1282 }
1283
1284 if (!c->cpuset) {
1285 c->cpuset = TAKE_PTR(cpuset);
1286 c->cpuset_ncpus = (unsigned) ncpus;
1287 return 0;
1288 }
1289
1290 if (c->cpuset_ncpus < (unsigned) ncpus) {
1291 CPU_OR_S(CPU_ALLOC_SIZE(c->cpuset_ncpus), cpuset, c->cpuset, cpuset);
1292 CPU_FREE(c->cpuset);
1293 c->cpuset = TAKE_PTR(cpuset);
1294 c->cpuset_ncpus = (unsigned) ncpus;
1295 return 0;
1296 }
1297
1298 CPU_OR_S(CPU_ALLOC_SIZE((unsigned) ncpus), c->cpuset, c->cpuset, cpuset);
1299
1300 return 0;
1301 }
1302
1303 int config_parse_exec_secure_bits(const char *unit,
1304 const char *filename,
1305 unsigned line,
1306 const char *section,
1307 unsigned section_line,
1308 const char *lvalue,
1309 int ltype,
1310 const char *rvalue,
1311 void *data,
1312 void *userdata) {
1313
1314 ExecContext *c = data;
1315 int r;
1316
1317 assert(filename);
1318 assert(lvalue);
1319 assert(rvalue);
1320 assert(data);
1321
1322 if (isempty(rvalue)) {
1323 /* An empty assignment resets the field */
1324 c->secure_bits = 0;
1325 return 0;
1326 }
1327
1328 r = secure_bits_from_string(rvalue);
1329 if (r < 0) {
1330 log_syntax(unit, LOG_WARNING, filename, line, r,
1331 "Failed to parse secure bits, ignoring: %s", rvalue);
1332 return 0;
1333 }
1334
1335 c->secure_bits = r;
1336
1337 return 0;
1338 }
1339
1340 int config_parse_capability_set(
1341 const char *unit,
1342 const char *filename,
1343 unsigned line,
1344 const char *section,
1345 unsigned section_line,
1346 const char *lvalue,
1347 int ltype,
1348 const char *rvalue,
1349 void *data,
1350 void *userdata) {
1351
1352 uint64_t *capability_set = data;
1353 uint64_t sum = 0, initial = 0;
1354 bool invert = false;
1355 int r;
1356
1357 assert(filename);
1358 assert(lvalue);
1359 assert(rvalue);
1360 assert(data);
1361
1362 if (rvalue[0] == '~') {
1363 invert = true;
1364 rvalue++;
1365 }
1366
1367 if (streq(lvalue, "CapabilityBoundingSet"))
1368 initial = CAP_ALL; /* initialized to all bits on */
1369 /* else "AmbientCapabilities" initialized to all bits off */
1370
1371 r = capability_set_from_string(rvalue, &sum);
1372 if (r < 0) {
1373 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= specifier '%s', ignoring: %m", lvalue, rvalue);
1374 return 0;
1375 }
1376
1377 if (sum == 0 || *capability_set == initial)
1378 /* "", "~" or uninitialized data -> replace */
1379 *capability_set = invert ? ~sum : sum;
1380 else {
1381 /* previous data -> merge */
1382 if (invert)
1383 *capability_set &= ~sum;
1384 else
1385 *capability_set |= sum;
1386 }
1387
1388 return 0;
1389 }
1390
1391 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_utmp_mode, exec_utmp_mode, ExecUtmpMode, "Failed to parse utmp mode");
1392 DEFINE_CONFIG_PARSE_ENUM(config_parse_kill_mode, kill_mode, KillMode, "Failed to parse kill mode");
1393
1394 int config_parse_exec_mount_flags(
1395 const char *unit,
1396 const char *filename,
1397 unsigned line,
1398 const char *section,
1399 unsigned section_line,
1400 const char *lvalue,
1401 int ltype,
1402 const char *rvalue,
1403 void *data,
1404 void *userdata) {
1405
1406 ExecContext *c = data;
1407 int r;
1408
1409 assert(filename);
1410 assert(lvalue);
1411 assert(rvalue);
1412 assert(data);
1413
1414 r = mount_propagation_flags_from_string(rvalue, &c->mount_flags);
1415 if (r < 0)
1416 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse mount flag %s, ignoring: %m", rvalue);
1417
1418 return 0;
1419 }
1420
1421 int config_parse_exec_selinux_context(
1422 const char *unit,
1423 const char *filename,
1424 unsigned line,
1425 const char *section,
1426 unsigned section_line,
1427 const char *lvalue,
1428 int ltype,
1429 const char *rvalue,
1430 void *data,
1431 void *userdata) {
1432
1433 ExecContext *c = data;
1434 Unit *u = userdata;
1435 bool ignore;
1436 char *k;
1437 int r;
1438
1439 assert(filename);
1440 assert(lvalue);
1441 assert(rvalue);
1442 assert(data);
1443
1444 if (isempty(rvalue)) {
1445 c->selinux_context = mfree(c->selinux_context);
1446 c->selinux_context_ignore = false;
1447 return 0;
1448 }
1449
1450 if (rvalue[0] == '-') {
1451 ignore = true;
1452 rvalue++;
1453 } else
1454 ignore = false;
1455
1456 r = unit_full_printf(u, rvalue, &k);
1457 if (r < 0) {
1458 log_syntax(unit, LOG_ERR, filename, line, r,
1459 "Failed to resolve unit specifiers in '%s'%s: %m",
1460 rvalue, ignore ? ", ignoring" : "");
1461 return ignore ? 0 : -ENOEXEC;
1462 }
1463
1464 free_and_replace(c->selinux_context, k);
1465 c->selinux_context_ignore = ignore;
1466
1467 return 0;
1468 }
1469
1470 int config_parse_exec_apparmor_profile(
1471 const char *unit,
1472 const char *filename,
1473 unsigned line,
1474 const char *section,
1475 unsigned section_line,
1476 const char *lvalue,
1477 int ltype,
1478 const char *rvalue,
1479 void *data,
1480 void *userdata) {
1481
1482 ExecContext *c = data;
1483 Unit *u = userdata;
1484 bool ignore;
1485 char *k;
1486 int r;
1487
1488 assert(filename);
1489 assert(lvalue);
1490 assert(rvalue);
1491 assert(data);
1492
1493 if (isempty(rvalue)) {
1494 c->apparmor_profile = mfree(c->apparmor_profile);
1495 c->apparmor_profile_ignore = false;
1496 return 0;
1497 }
1498
1499 if (rvalue[0] == '-') {
1500 ignore = true;
1501 rvalue++;
1502 } else
1503 ignore = false;
1504
1505 r = unit_full_printf(u, rvalue, &k);
1506 if (r < 0) {
1507 log_syntax(unit, LOG_ERR, filename, line, r,
1508 "Failed to resolve unit specifiers in '%s'%s: %m",
1509 rvalue, ignore ? ", ignoring" : "");
1510 return ignore ? 0 : -ENOEXEC;
1511 }
1512
1513 free_and_replace(c->apparmor_profile, k);
1514 c->apparmor_profile_ignore = ignore;
1515
1516 return 0;
1517 }
1518
1519 int config_parse_exec_smack_process_label(
1520 const char *unit,
1521 const char *filename,
1522 unsigned line,
1523 const char *section,
1524 unsigned section_line,
1525 const char *lvalue,
1526 int ltype,
1527 const char *rvalue,
1528 void *data,
1529 void *userdata) {
1530
1531 ExecContext *c = data;
1532 Unit *u = userdata;
1533 bool ignore;
1534 char *k;
1535 int r;
1536
1537 assert(filename);
1538 assert(lvalue);
1539 assert(rvalue);
1540 assert(data);
1541
1542 if (isempty(rvalue)) {
1543 c->smack_process_label = mfree(c->smack_process_label);
1544 c->smack_process_label_ignore = false;
1545 return 0;
1546 }
1547
1548 if (rvalue[0] == '-') {
1549 ignore = true;
1550 rvalue++;
1551 } else
1552 ignore = false;
1553
1554 r = unit_full_printf(u, rvalue, &k);
1555 if (r < 0) {
1556 log_syntax(unit, LOG_ERR, filename, line, r,
1557 "Failed to resolve unit specifiers in '%s'%s: %m",
1558 rvalue, ignore ? ", ignoring" : "");
1559 return ignore ? 0 : -ENOEXEC;
1560 }
1561
1562 free_and_replace(c->smack_process_label, k);
1563 c->smack_process_label_ignore = ignore;
1564
1565 return 0;
1566 }
1567
1568 int config_parse_timer(const char *unit,
1569 const char *filename,
1570 unsigned line,
1571 const char *section,
1572 unsigned section_line,
1573 const char *lvalue,
1574 int ltype,
1575 const char *rvalue,
1576 void *data,
1577 void *userdata) {
1578
1579 Timer *t = data;
1580 usec_t usec = 0;
1581 TimerValue *v;
1582 TimerBase b;
1583 _cleanup_(calendar_spec_freep) CalendarSpec *c = NULL;
1584 Unit *u = userdata;
1585 _cleanup_free_ char *k = NULL;
1586 int r;
1587
1588 assert(filename);
1589 assert(lvalue);
1590 assert(rvalue);
1591 assert(data);
1592
1593 if (isempty(rvalue)) {
1594 /* Empty assignment resets list */
1595 timer_free_values(t);
1596 return 0;
1597 }
1598
1599 b = timer_base_from_string(lvalue);
1600 if (b < 0) {
1601 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse timer base, ignoring: %s", lvalue);
1602 return 0;
1603 }
1604
1605 r = unit_full_printf(u, rvalue, &k);
1606 if (r < 0) {
1607 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
1608 return 0;
1609 }
1610
1611 if (b == TIMER_CALENDAR) {
1612 if (calendar_spec_from_string(k, &c) < 0) {
1613 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse calendar specification, ignoring: %s", k);
1614 return 0;
1615 }
1616 } else
1617 if (parse_sec(k, &usec) < 0) {
1618 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse timer value, ignoring: %s", k);
1619 return 0;
1620 }
1621
1622 v = new0(TimerValue, 1);
1623 if (!v)
1624 return log_oom();
1625
1626 v->base = b;
1627 v->value = usec;
1628 v->calendar_spec = TAKE_PTR(c);
1629
1630 LIST_PREPEND(value, t->values, v);
1631
1632 return 0;
1633 }
1634
1635 int config_parse_trigger_unit(
1636 const char *unit,
1637 const char *filename,
1638 unsigned line,
1639 const char *section,
1640 unsigned section_line,
1641 const char *lvalue,
1642 int ltype,
1643 const char *rvalue,
1644 void *data,
1645 void *userdata) {
1646
1647 _cleanup_free_ char *p = NULL;
1648 Unit *u = data;
1649 UnitType type;
1650 int r;
1651
1652 assert(filename);
1653 assert(lvalue);
1654 assert(rvalue);
1655 assert(data);
1656
1657 if (!hashmap_isempty(u->dependencies[UNIT_TRIGGERS])) {
1658 log_syntax(unit, LOG_ERR, filename, line, 0, "Multiple units to trigger specified, ignoring: %s", rvalue);
1659 return 0;
1660 }
1661
1662 r = unit_name_printf(u, rvalue, &p);
1663 if (r < 0) {
1664 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1665 return 0;
1666 }
1667
1668 type = unit_name_to_type(p);
1669 if (type < 0) {
1670 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit type not valid, ignoring: %s", rvalue);
1671 return 0;
1672 }
1673 if (unit_has_name(u, p)) {
1674 log_syntax(unit, LOG_ERR, filename, line, 0, "Units cannot trigger themselves, ignoring: %s", rvalue);
1675 return 0;
1676 }
1677
1678 r = unit_add_two_dependencies_by_name(u, UNIT_BEFORE, UNIT_TRIGGERS, p, NULL, true, UNIT_DEPENDENCY_FILE);
1679 if (r < 0) {
1680 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add trigger on %s, ignoring: %m", p);
1681 return 0;
1682 }
1683
1684 return 0;
1685 }
1686
1687 int config_parse_path_spec(const char *unit,
1688 const char *filename,
1689 unsigned line,
1690 const char *section,
1691 unsigned section_line,
1692 const char *lvalue,
1693 int ltype,
1694 const char *rvalue,
1695 void *data,
1696 void *userdata) {
1697
1698 Path *p = data;
1699 PathSpec *s;
1700 PathType b;
1701 _cleanup_free_ char *k = NULL;
1702 int r;
1703
1704 assert(filename);
1705 assert(lvalue);
1706 assert(rvalue);
1707 assert(data);
1708
1709 if (isempty(rvalue)) {
1710 /* Empty assignment clears list */
1711 path_free_specs(p);
1712 return 0;
1713 }
1714
1715 b = path_type_from_string(lvalue);
1716 if (b < 0) {
1717 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse path type, ignoring: %s", lvalue);
1718 return 0;
1719 }
1720
1721 r = unit_full_printf(UNIT(p), rvalue, &k);
1722 if (r < 0) {
1723 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1724 return 0;
1725 }
1726
1727 path_kill_slashes(k);
1728
1729 if (!path_is_absolute(k)) {
1730 log_syntax(unit, LOG_ERR, filename, line, 0, "Path is not absolute, ignoring: %s", k);
1731 return 0;
1732 }
1733
1734 s = new0(PathSpec, 1);
1735 if (!s)
1736 return log_oom();
1737
1738 s->unit = UNIT(p);
1739 s->path = TAKE_PTR(k);
1740 s->type = b;
1741 s->inotify_fd = -1;
1742
1743 LIST_PREPEND(spec, p->specs, s);
1744
1745 return 0;
1746 }
1747
1748 int config_parse_socket_service(
1749 const char *unit,
1750 const char *filename,
1751 unsigned line,
1752 const char *section,
1753 unsigned section_line,
1754 const char *lvalue,
1755 int ltype,
1756 const char *rvalue,
1757 void *data,
1758 void *userdata) {
1759
1760 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1761 _cleanup_free_ char *p = NULL;
1762 Socket *s = data;
1763 Unit *x;
1764 int r;
1765
1766 assert(filename);
1767 assert(lvalue);
1768 assert(rvalue);
1769 assert(data);
1770
1771 r = unit_name_printf(UNIT(s), rvalue, &p);
1772 if (r < 0) {
1773 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", rvalue);
1774 return -ENOEXEC;
1775 }
1776
1777 if (!endswith(p, ".service")) {
1778 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type service: %s", rvalue);
1779 return -ENOEXEC;
1780 }
1781
1782 r = manager_load_unit(UNIT(s)->manager, p, NULL, &error, &x);
1783 if (r < 0) {
1784 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load unit %s: %s", rvalue, bus_error_message(&error, r));
1785 return -ENOEXEC;
1786 }
1787
1788 unit_ref_set(&s->service, UNIT(s), x);
1789
1790 return 0;
1791 }
1792
1793 int config_parse_fdname(
1794 const char *unit,
1795 const char *filename,
1796 unsigned line,
1797 const char *section,
1798 unsigned section_line,
1799 const char *lvalue,
1800 int ltype,
1801 const char *rvalue,
1802 void *data,
1803 void *userdata) {
1804
1805 _cleanup_free_ char *p = NULL;
1806 Socket *s = data;
1807 int r;
1808
1809 assert(filename);
1810 assert(lvalue);
1811 assert(rvalue);
1812 assert(data);
1813
1814 if (isempty(rvalue)) {
1815 s->fdname = mfree(s->fdname);
1816 return 0;
1817 }
1818
1819 r = unit_full_printf(UNIT(s), rvalue, &p);
1820 if (r < 0) {
1821 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
1822 return 0;
1823 }
1824
1825 if (!fdname_is_valid(p)) {
1826 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name, ignoring: %s", p);
1827 return 0;
1828 }
1829
1830 return free_and_replace(s->fdname, p);
1831 }
1832
1833 int config_parse_service_sockets(
1834 const char *unit,
1835 const char *filename,
1836 unsigned line,
1837 const char *section,
1838 unsigned section_line,
1839 const char *lvalue,
1840 int ltype,
1841 const char *rvalue,
1842 void *data,
1843 void *userdata) {
1844
1845 Service *s = data;
1846 const char *p;
1847 int r;
1848
1849 assert(filename);
1850 assert(lvalue);
1851 assert(rvalue);
1852 assert(data);
1853
1854 p = rvalue;
1855 for (;;) {
1856 _cleanup_free_ char *word = NULL, *k = NULL;
1857
1858 r = extract_first_word(&p, &word, NULL, 0);
1859 if (r == 0)
1860 break;
1861 if (r == -ENOMEM)
1862 return log_oom();
1863 if (r < 0) {
1864 log_syntax(unit, LOG_ERR, filename, line, r, "Trailing garbage in sockets, ignoring: %s", rvalue);
1865 break;
1866 }
1867
1868 r = unit_name_printf(UNIT(s), word, &k);
1869 if (r < 0) {
1870 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
1871 continue;
1872 }
1873
1874 if (!endswith(k, ".socket")) {
1875 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type socket, ignoring: %s", k);
1876 continue;
1877 }
1878
1879 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_WANTS, UNIT_AFTER, k, NULL, true, UNIT_DEPENDENCY_FILE);
1880 if (r < 0)
1881 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
1882
1883 r = unit_add_dependency_by_name(UNIT(s), UNIT_TRIGGERED_BY, k, NULL, true, UNIT_DEPENDENCY_FILE);
1884 if (r < 0)
1885 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
1886 }
1887
1888 return 0;
1889 }
1890
1891 int config_parse_bus_name(
1892 const char *unit,
1893 const char *filename,
1894 unsigned line,
1895 const char *section,
1896 unsigned section_line,
1897 const char *lvalue,
1898 int ltype,
1899 const char *rvalue,
1900 void *data,
1901 void *userdata) {
1902
1903 _cleanup_free_ char *k = NULL;
1904 Unit *u = userdata;
1905 int r;
1906
1907 assert(filename);
1908 assert(lvalue);
1909 assert(rvalue);
1910 assert(u);
1911
1912 r = unit_full_printf(u, rvalue, &k);
1913 if (r < 0) {
1914 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1915 return 0;
1916 }
1917
1918 if (!service_name_is_valid(k)) {
1919 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid bus name, ignoring: %s", k);
1920 return 0;
1921 }
1922
1923 return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
1924 }
1925
1926 int config_parse_service_timeout(
1927 const char *unit,
1928 const char *filename,
1929 unsigned line,
1930 const char *section,
1931 unsigned section_line,
1932 const char *lvalue,
1933 int ltype,
1934 const char *rvalue,
1935 void *data,
1936 void *userdata) {
1937
1938 Service *s = userdata;
1939 usec_t usec;
1940 int r;
1941
1942 assert(filename);
1943 assert(lvalue);
1944 assert(rvalue);
1945 assert(s);
1946
1947 /* This is called for two cases: TimeoutSec= and TimeoutStartSec=. */
1948
1949 /* Traditionally, these options accepted 0 to disable the timeouts. However, a timeout of 0 suggests it happens
1950 * immediately, hence fix this to become USEC_INFINITY instead. This is in-line with how we internally handle
1951 * all other timeouts. */
1952 r = parse_sec_fix_0(rvalue, &usec);
1953 if (r < 0) {
1954 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
1955 return 0;
1956 }
1957
1958 s->start_timeout_defined = true;
1959 s->timeout_start_usec = usec;
1960
1961 if (streq(lvalue, "TimeoutSec"))
1962 s->timeout_stop_usec = usec;
1963
1964 return 0;
1965 }
1966
1967 int config_parse_sec_fix_0(
1968 const char *unit,
1969 const char *filename,
1970 unsigned line,
1971 const char *section,
1972 unsigned section_line,
1973 const char *lvalue,
1974 int ltype,
1975 const char *rvalue,
1976 void *data,
1977 void *userdata) {
1978
1979 usec_t *usec = data;
1980 int r;
1981
1982 assert(filename);
1983 assert(lvalue);
1984 assert(rvalue);
1985 assert(usec);
1986
1987 /* This is pretty much like config_parse_sec(), except that this treats a time of 0 as infinity, for
1988 * compatibility with older versions of systemd where 0 instead of infinity was used as indicator to turn off a
1989 * timeout. */
1990
1991 r = parse_sec_fix_0(rvalue, usec);
1992 if (r < 0) {
1993 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
1994 return 0;
1995 }
1996
1997 return 0;
1998 }
1999
2000 int config_parse_user_group(
2001 const char *unit,
2002 const char *filename,
2003 unsigned line,
2004 const char *section,
2005 unsigned section_line,
2006 const char *lvalue,
2007 int ltype,
2008 const char *rvalue,
2009 void *data,
2010 void *userdata) {
2011
2012 _cleanup_free_ char *k = NULL;
2013 char **user = data;
2014 Unit *u = userdata;
2015 int r;
2016
2017 assert(filename);
2018 assert(lvalue);
2019 assert(rvalue);
2020 assert(u);
2021
2022 if (isempty(rvalue)) {
2023 *user = mfree(*user);
2024 return 0;
2025 }
2026
2027 r = unit_full_printf(u, rvalue, &k);
2028 if (r < 0) {
2029 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", rvalue);
2030 return -ENOEXEC;
2031 }
2032
2033 if (!valid_user_group_name_or_id(k)) {
2034 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
2035 return -ENOEXEC;
2036 }
2037
2038 return free_and_replace(*user, k);
2039 }
2040
2041 int config_parse_user_group_strv(
2042 const char *unit,
2043 const char *filename,
2044 unsigned line,
2045 const char *section,
2046 unsigned section_line,
2047 const char *lvalue,
2048 int ltype,
2049 const char *rvalue,
2050 void *data,
2051 void *userdata) {
2052
2053 char ***users = data;
2054 Unit *u = userdata;
2055 const char *p = rvalue;
2056 int r;
2057
2058 assert(filename);
2059 assert(lvalue);
2060 assert(rvalue);
2061 assert(u);
2062
2063 if (isempty(rvalue)) {
2064 *users = strv_free(*users);
2065 return 0;
2066 }
2067
2068 for (;;) {
2069 _cleanup_free_ char *word = NULL, *k = NULL;
2070
2071 r = extract_first_word(&p, &word, NULL, 0);
2072 if (r == 0)
2073 break;
2074 if (r == -ENOMEM)
2075 return log_oom();
2076 if (r < 0) {
2077 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax: %s", rvalue);
2078 return -ENOEXEC;
2079 }
2080
2081 r = unit_full_printf(u, word, &k);
2082 if (r < 0) {
2083 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", word);
2084 return -ENOEXEC;
2085 }
2086
2087 if (!valid_user_group_name_or_id(k)) {
2088 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
2089 return -ENOEXEC;
2090 }
2091
2092 r = strv_push(users, k);
2093 if (r < 0)
2094 return log_oom();
2095
2096 k = NULL;
2097 }
2098
2099 return 0;
2100 }
2101
2102 int config_parse_working_directory(
2103 const char *unit,
2104 const char *filename,
2105 unsigned line,
2106 const char *section,
2107 unsigned section_line,
2108 const char *lvalue,
2109 int ltype,
2110 const char *rvalue,
2111 void *data,
2112 void *userdata) {
2113
2114 ExecContext *c = data;
2115 Unit *u = userdata;
2116 bool missing_ok;
2117 int r;
2118
2119 assert(filename);
2120 assert(lvalue);
2121 assert(rvalue);
2122 assert(c);
2123 assert(u);
2124
2125 if (rvalue[0] == '-') {
2126 missing_ok = true;
2127 rvalue++;
2128 } else
2129 missing_ok = false;
2130
2131 if (streq(rvalue, "~")) {
2132 c->working_directory_home = true;
2133 c->working_directory = mfree(c->working_directory);
2134 } else {
2135 _cleanup_free_ char *k = NULL;
2136
2137 r = unit_full_printf(u, rvalue, &k);
2138 if (r < 0) {
2139 log_syntax(unit, LOG_ERR, filename, line, r,
2140 "Failed to resolve unit specifiers in working directory path '%s'%s: %m",
2141 rvalue, missing_ok ? ", ignoring" : "");
2142 return missing_ok ? 0 : -ENOEXEC;
2143 }
2144
2145 path_kill_slashes(k);
2146
2147 if (!utf8_is_valid(k)) {
2148 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
2149 return missing_ok ? 0 : -ENOEXEC;
2150 }
2151
2152 if (!path_is_absolute(k)) {
2153 log_syntax(unit, LOG_ERR, filename, line, 0,
2154 "Working directory path '%s' is not absolute%s.",
2155 rvalue, missing_ok ? ", ignoring" : "");
2156 return missing_ok ? 0 : -ENOEXEC;
2157 }
2158
2159 c->working_directory_home = false;
2160 free_and_replace(c->working_directory, k);
2161 }
2162
2163 c->working_directory_missing_ok = missing_ok;
2164 return 0;
2165 }
2166
2167 int config_parse_unit_env_file(const char *unit,
2168 const char *filename,
2169 unsigned line,
2170 const char *section,
2171 unsigned section_line,
2172 const char *lvalue,
2173 int ltype,
2174 const char *rvalue,
2175 void *data,
2176 void *userdata) {
2177
2178 char ***env = data;
2179 Unit *u = userdata;
2180 _cleanup_free_ char *n = NULL;
2181 int r;
2182
2183 assert(filename);
2184 assert(lvalue);
2185 assert(rvalue);
2186 assert(data);
2187
2188 if (isempty(rvalue)) {
2189 /* Empty assignment frees the list */
2190 *env = strv_free(*env);
2191 return 0;
2192 }
2193
2194 r = unit_full_printf(u, rvalue, &n);
2195 if (r < 0) {
2196 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
2197 return 0;
2198 }
2199
2200 if (!path_is_absolute(n[0] == '-' ? n + 1 : n)) {
2201 log_syntax(unit, LOG_ERR, filename, line, 0, "Path '%s' is not absolute, ignoring.", n);
2202 return 0;
2203 }
2204
2205 r = strv_extend(env, n);
2206 if (r < 0)
2207 return log_oom();
2208
2209 return 0;
2210 }
2211
2212 int config_parse_environ(
2213 const char *unit,
2214 const char *filename,
2215 unsigned line,
2216 const char *section,
2217 unsigned section_line,
2218 const char *lvalue,
2219 int ltype,
2220 const char *rvalue,
2221 void *data,
2222 void *userdata) {
2223
2224 Unit *u = userdata;
2225 char ***env = data;
2226 const char *p;
2227 int r;
2228
2229 assert(filename);
2230 assert(lvalue);
2231 assert(rvalue);
2232 assert(data);
2233
2234 if (isempty(rvalue)) {
2235 /* Empty assignment resets the list */
2236 *env = strv_free(*env);
2237 return 0;
2238 }
2239
2240 for (p = rvalue;; ) {
2241 _cleanup_free_ char *word = NULL, *k = NULL;
2242
2243 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2244 if (r == 0)
2245 return 0;
2246 if (r == -ENOMEM)
2247 return log_oom();
2248 if (r < 0) {
2249 log_syntax(unit, LOG_WARNING, filename, line, r,
2250 "Invalid syntax, ignoring: %s", rvalue);
2251 return 0;
2252 }
2253
2254 if (u) {
2255 r = unit_full_printf(u, word, &k);
2256 if (r < 0) {
2257 log_syntax(unit, LOG_ERR, filename, line, r,
2258 "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2259 continue;
2260 }
2261 } else
2262 k = TAKE_PTR(word);
2263
2264 if (!env_assignment_is_valid(k)) {
2265 log_syntax(unit, LOG_ERR, filename, line, 0,
2266 "Invalid environment assignment, ignoring: %s", k);
2267 continue;
2268 }
2269
2270 r = strv_env_replace(env, k);
2271 if (r < 0)
2272 return log_oom();
2273
2274 k = NULL;
2275 }
2276 }
2277
2278 int config_parse_pass_environ(
2279 const char *unit,
2280 const char *filename,
2281 unsigned line,
2282 const char *section,
2283 unsigned section_line,
2284 const char *lvalue,
2285 int ltype,
2286 const char *rvalue,
2287 void *data,
2288 void *userdata) {
2289
2290 _cleanup_strv_free_ char **n = NULL;
2291 size_t nlen = 0, nbufsize = 0;
2292 char*** passenv = data;
2293 const char *p = rvalue;
2294 Unit *u = userdata;
2295 int r;
2296
2297 assert(filename);
2298 assert(lvalue);
2299 assert(rvalue);
2300 assert(data);
2301
2302 if (isempty(rvalue)) {
2303 /* Empty assignment resets the list */
2304 *passenv = strv_free(*passenv);
2305 return 0;
2306 }
2307
2308 for (;;) {
2309 _cleanup_free_ char *word = NULL, *k = NULL;
2310
2311 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2312 if (r == 0)
2313 break;
2314 if (r == -ENOMEM)
2315 return log_oom();
2316 if (r < 0) {
2317 log_syntax(unit, LOG_ERR, filename, line, r,
2318 "Trailing garbage in %s, ignoring: %s", lvalue, rvalue);
2319 break;
2320 }
2321
2322 if (u) {
2323 r = unit_full_printf(u, word, &k);
2324 if (r < 0) {
2325 log_syntax(unit, LOG_ERR, filename, line, r,
2326 "Failed to resolve specifiers in %s, ignoring: %m", word);
2327 continue;
2328 }
2329 } else
2330 k = TAKE_PTR(word);
2331
2332 if (!env_name_is_valid(k)) {
2333 log_syntax(unit, LOG_ERR, filename, line, 0,
2334 "Invalid environment name for %s, ignoring: %s", lvalue, k);
2335 continue;
2336 }
2337
2338 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
2339 return log_oom();
2340
2341 n[nlen++] = TAKE_PTR(k);
2342 n[nlen] = NULL;
2343 }
2344
2345 if (n) {
2346 r = strv_extend_strv(passenv, n, true);
2347 if (r < 0)
2348 return r;
2349 }
2350
2351 return 0;
2352 }
2353
2354 int config_parse_unset_environ(
2355 const char *unit,
2356 const char *filename,
2357 unsigned line,
2358 const char *section,
2359 unsigned section_line,
2360 const char *lvalue,
2361 int ltype,
2362 const char *rvalue,
2363 void *data,
2364 void *userdata) {
2365
2366 _cleanup_strv_free_ char **n = NULL;
2367 size_t nlen = 0, nbufsize = 0;
2368 char*** unsetenv = data;
2369 const char *p = rvalue;
2370 Unit *u = userdata;
2371 int r;
2372
2373 assert(filename);
2374 assert(lvalue);
2375 assert(rvalue);
2376 assert(data);
2377
2378 if (isempty(rvalue)) {
2379 /* Empty assignment resets the list */
2380 *unsetenv = strv_free(*unsetenv);
2381 return 0;
2382 }
2383
2384 for (;;) {
2385 _cleanup_free_ char *word = NULL, *k = NULL;
2386
2387 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2388 if (r == 0)
2389 break;
2390 if (r == -ENOMEM)
2391 return log_oom();
2392 if (r < 0) {
2393 log_syntax(unit, LOG_ERR, filename, line, r,
2394 "Trailing garbage in %s, ignoring: %s", lvalue, rvalue);
2395 break;
2396 }
2397
2398 if (u) {
2399 r = unit_full_printf(u, word, &k);
2400 if (r < 0) {
2401 log_syntax(unit, LOG_ERR, filename, line, r,
2402 "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2403 continue;
2404 }
2405 } else
2406 k = TAKE_PTR(word);
2407
2408 if (!env_assignment_is_valid(k) && !env_name_is_valid(k)) {
2409 log_syntax(unit, LOG_ERR, filename, line, 0,
2410 "Invalid environment name or assignment %s, ignoring: %s", lvalue, k);
2411 continue;
2412 }
2413
2414 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
2415 return log_oom();
2416
2417 n[nlen++] = TAKE_PTR(k);
2418 n[nlen] = NULL;
2419 }
2420
2421 if (n) {
2422 r = strv_extend_strv(unsetenv, n, true);
2423 if (r < 0)
2424 return r;
2425 }
2426
2427 return 0;
2428 }
2429
2430 int config_parse_log_extra_fields(
2431 const char *unit,
2432 const char *filename,
2433 unsigned line,
2434 const char *section,
2435 unsigned section_line,
2436 const char *lvalue,
2437 int ltype,
2438 const char *rvalue,
2439 void *data,
2440 void *userdata) {
2441
2442 ExecContext *c = data;
2443 Unit *u = userdata;
2444 const char *p = rvalue;
2445 int r;
2446
2447 assert(filename);
2448 assert(lvalue);
2449 assert(rvalue);
2450 assert(c);
2451
2452 if (isempty(rvalue)) {
2453 exec_context_free_log_extra_fields(c);
2454 return 0;
2455 }
2456
2457 for (;;) {
2458 _cleanup_free_ char *word = NULL, *k = NULL;
2459 struct iovec *t;
2460 const char *eq;
2461
2462 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2463 if (r == 0)
2464 return 0;
2465 if (r == -ENOMEM)
2466 return log_oom();
2467 if (r < 0) {
2468 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
2469 return 0;
2470 }
2471
2472 r = unit_full_printf(u, word, &k);
2473 if (r < 0) {
2474 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2475 continue;
2476 }
2477
2478 eq = strchr(k, '=');
2479 if (!eq) {
2480 log_syntax(unit, LOG_ERR, filename, line, 0, "Log field lacks '=' character, ignoring: %s", k);
2481 continue;
2482 }
2483
2484 if (!journal_field_valid(k, eq-k, false)) {
2485 log_syntax(unit, LOG_ERR, filename, line, 0, "Log field name is invalid, ignoring: %s", k);
2486 continue;
2487 }
2488
2489 t = reallocarray(c->log_extra_fields, c->n_log_extra_fields+1, sizeof(struct iovec));
2490 if (!t)
2491 return log_oom();
2492
2493 c->log_extra_fields = t;
2494 c->log_extra_fields[c->n_log_extra_fields++] = IOVEC_MAKE_STRING(k);
2495
2496 k = NULL;
2497 }
2498 }
2499
2500 int config_parse_ip_tos(const char *unit,
2501 const char *filename,
2502 unsigned line,
2503 const char *section,
2504 unsigned section_line,
2505 const char *lvalue,
2506 int ltype,
2507 const char *rvalue,
2508 void *data,
2509 void *userdata) {
2510
2511 int *ip_tos = data, x;
2512
2513 assert(filename);
2514 assert(lvalue);
2515 assert(rvalue);
2516 assert(data);
2517
2518 x = ip_tos_from_string(rvalue);
2519 if (x < 0) {
2520 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IP TOS value, ignoring: %s", rvalue);
2521 return 0;
2522 }
2523
2524 *ip_tos = x;
2525 return 0;
2526 }
2527
2528 int config_parse_unit_condition_path(
2529 const char *unit,
2530 const char *filename,
2531 unsigned line,
2532 const char *section,
2533 unsigned section_line,
2534 const char *lvalue,
2535 int ltype,
2536 const char *rvalue,
2537 void *data,
2538 void *userdata) {
2539
2540 _cleanup_free_ char *p = NULL;
2541 Condition **list = data, *c;
2542 ConditionType t = ltype;
2543 bool trigger, negate;
2544 Unit *u = userdata;
2545 int r;
2546
2547 assert(filename);
2548 assert(lvalue);
2549 assert(rvalue);
2550 assert(data);
2551
2552 if (isempty(rvalue)) {
2553 /* Empty assignment resets the list */
2554 *list = condition_free_list(*list);
2555 return 0;
2556 }
2557
2558 trigger = rvalue[0] == '|';
2559 if (trigger)
2560 rvalue++;
2561
2562 negate = rvalue[0] == '!';
2563 if (negate)
2564 rvalue++;
2565
2566 r = unit_full_printf(u, rvalue, &p);
2567 if (r < 0) {
2568 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
2569 return 0;
2570 }
2571
2572 if (!path_is_absolute(p)) {
2573 log_syntax(unit, LOG_ERR, filename, line, 0, "Path in condition not absolute, ignoring: %s", p);
2574 return 0;
2575 }
2576
2577 c = condition_new(t, p, trigger, negate);
2578 if (!c)
2579 return log_oom();
2580
2581 LIST_PREPEND(conditions, *list, c);
2582 return 0;
2583 }
2584
2585 int config_parse_unit_condition_string(
2586 const char *unit,
2587 const char *filename,
2588 unsigned line,
2589 const char *section,
2590 unsigned section_line,
2591 const char *lvalue,
2592 int ltype,
2593 const char *rvalue,
2594 void *data,
2595 void *userdata) {
2596
2597 _cleanup_free_ char *s = NULL;
2598 Condition **list = data, *c;
2599 ConditionType t = ltype;
2600 bool trigger, negate;
2601 Unit *u = userdata;
2602 int r;
2603
2604 assert(filename);
2605 assert(lvalue);
2606 assert(rvalue);
2607 assert(data);
2608
2609 if (isempty(rvalue)) {
2610 /* Empty assignment resets the list */
2611 *list = condition_free_list(*list);
2612 return 0;
2613 }
2614
2615 trigger = rvalue[0] == '|';
2616 if (trigger)
2617 rvalue++;
2618
2619 negate = rvalue[0] == '!';
2620 if (negate)
2621 rvalue++;
2622
2623 r = unit_full_printf(u, rvalue, &s);
2624 if (r < 0) {
2625 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
2626 return 0;
2627 }
2628
2629 c = condition_new(t, s, trigger, negate);
2630 if (!c)
2631 return log_oom();
2632
2633 LIST_PREPEND(conditions, *list, c);
2634 return 0;
2635 }
2636
2637 int config_parse_unit_condition_null(
2638 const char *unit,
2639 const char *filename,
2640 unsigned line,
2641 const char *section,
2642 unsigned section_line,
2643 const char *lvalue,
2644 int ltype,
2645 const char *rvalue,
2646 void *data,
2647 void *userdata) {
2648
2649 Condition **list = data, *c;
2650 bool trigger, negate;
2651 int b;
2652
2653 assert(filename);
2654 assert(lvalue);
2655 assert(rvalue);
2656 assert(data);
2657
2658 if (isempty(rvalue)) {
2659 /* Empty assignment resets the list */
2660 *list = condition_free_list(*list);
2661 return 0;
2662 }
2663
2664 trigger = rvalue[0] == '|';
2665 if (trigger)
2666 rvalue++;
2667
2668 negate = rvalue[0] == '!';
2669 if (negate)
2670 rvalue++;
2671
2672 b = parse_boolean(rvalue);
2673 if (b < 0) {
2674 log_syntax(unit, LOG_ERR, filename, line, b, "Failed to parse boolean value in condition, ignoring: %s", rvalue);
2675 return 0;
2676 }
2677
2678 if (!b)
2679 negate = !negate;
2680
2681 c = condition_new(CONDITION_NULL, NULL, trigger, negate);
2682 if (!c)
2683 return log_oom();
2684
2685 LIST_PREPEND(conditions, *list, c);
2686 return 0;
2687 }
2688
2689 DEFINE_CONFIG_PARSE_ENUM(config_parse_notify_access, notify_access, NotifyAccess, "Failed to parse notify access specifier");
2690 DEFINE_CONFIG_PARSE_ENUM(config_parse_emergency_action, emergency_action, EmergencyAction, "Failed to parse failure action specifier");
2691
2692 int config_parse_unit_requires_mounts_for(
2693 const char *unit,
2694 const char *filename,
2695 unsigned line,
2696 const char *section,
2697 unsigned section_line,
2698 const char *lvalue,
2699 int ltype,
2700 const char *rvalue,
2701 void *data,
2702 void *userdata) {
2703
2704 const char *p = rvalue;
2705 Unit *u = userdata;
2706 int r;
2707
2708 assert(filename);
2709 assert(lvalue);
2710 assert(rvalue);
2711 assert(data);
2712
2713 for (;;) {
2714 _cleanup_free_ char *word = NULL, *resolved = NULL;
2715
2716 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2717 if (r == 0)
2718 return 0;
2719 if (r == -ENOMEM)
2720 return log_oom();
2721 if (r < 0) {
2722 log_syntax(unit, LOG_WARNING, filename, line, r,
2723 "Invalid syntax, ignoring: %s", rvalue);
2724 return 0;
2725 }
2726
2727 if (!utf8_is_valid(word)) {
2728 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
2729 continue;
2730 }
2731
2732 r = unit_full_printf(u, word, &resolved);
2733 if (r < 0) {
2734 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
2735 continue;
2736 }
2737
2738 r = unit_require_mounts_for(u, resolved, UNIT_DEPENDENCY_FILE);
2739 if (r < 0) {
2740 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add required mount '%s', ignoring: %m", resolved);
2741 continue;
2742 }
2743 }
2744 }
2745
2746 int config_parse_documentation(const char *unit,
2747 const char *filename,
2748 unsigned line,
2749 const char *section,
2750 unsigned section_line,
2751 const char *lvalue,
2752 int ltype,
2753 const char *rvalue,
2754 void *data,
2755 void *userdata) {
2756
2757 Unit *u = userdata;
2758 int r;
2759 char **a, **b;
2760
2761 assert(filename);
2762 assert(lvalue);
2763 assert(rvalue);
2764 assert(u);
2765
2766 if (isempty(rvalue)) {
2767 /* Empty assignment resets the list */
2768 u->documentation = strv_free(u->documentation);
2769 return 0;
2770 }
2771
2772 r = config_parse_unit_strv_printf(unit, filename, line, section, section_line, lvalue, ltype,
2773 rvalue, data, userdata);
2774 if (r < 0)
2775 return r;
2776
2777 for (a = b = u->documentation; a && *a; a++) {
2778
2779 if (documentation_url_is_valid(*a))
2780 *(b++) = *a;
2781 else {
2782 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid URL, ignoring: %s", *a);
2783 free(*a);
2784 }
2785 }
2786 if (b)
2787 *b = NULL;
2788
2789 return r;
2790 }
2791
2792 #if HAVE_SECCOMP
2793 int config_parse_syscall_filter(
2794 const char *unit,
2795 const char *filename,
2796 unsigned line,
2797 const char *section,
2798 unsigned section_line,
2799 const char *lvalue,
2800 int ltype,
2801 const char *rvalue,
2802 void *data,
2803 void *userdata) {
2804
2805 ExecContext *c = data;
2806 Unit *u = userdata;
2807 bool invert = false;
2808 const char *p;
2809 int r;
2810
2811 assert(filename);
2812 assert(lvalue);
2813 assert(rvalue);
2814 assert(u);
2815
2816 if (isempty(rvalue)) {
2817 /* Empty assignment resets the list */
2818 c->syscall_filter = hashmap_free(c->syscall_filter);
2819 c->syscall_whitelist = false;
2820 return 0;
2821 }
2822
2823 if (rvalue[0] == '~') {
2824 invert = true;
2825 rvalue++;
2826 }
2827
2828 if (!c->syscall_filter) {
2829 c->syscall_filter = hashmap_new(NULL);
2830 if (!c->syscall_filter)
2831 return log_oom();
2832
2833 if (invert)
2834 /* Allow everything but the ones listed */
2835 c->syscall_whitelist = false;
2836 else {
2837 /* Allow nothing but the ones listed */
2838 c->syscall_whitelist = true;
2839
2840 /* Accept default syscalls if we are on a whitelist */
2841 r = seccomp_parse_syscall_filter("@default", -1, c->syscall_filter, SECCOMP_PARSE_WHITELIST);
2842 if (r < 0)
2843 return r;
2844 }
2845 }
2846
2847 p = rvalue;
2848 for (;;) {
2849 _cleanup_free_ char *word = NULL, *name = NULL;
2850 int num;
2851
2852 r = extract_first_word(&p, &word, NULL, 0);
2853 if (r == 0)
2854 return 0;
2855 if (r == -ENOMEM)
2856 return log_oom();
2857 if (r < 0) {
2858 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
2859 return 0;
2860 }
2861
2862 r = parse_syscall_and_errno(word, &name, &num);
2863 if (r < 0) {
2864 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse syscall:errno, ignoring: %s", word);
2865 continue;
2866 }
2867
2868 r = seccomp_parse_syscall_filter_full(name, num, c->syscall_filter,
2869 SECCOMP_PARSE_LOG|SECCOMP_PARSE_PERMISSIVE|(invert ? SECCOMP_PARSE_INVERT : 0)|(c->syscall_whitelist ? SECCOMP_PARSE_WHITELIST : 0),
2870 unit, filename, line);
2871 if (r < 0)
2872 return r;
2873 }
2874 }
2875
2876 int config_parse_syscall_archs(
2877 const char *unit,
2878 const char *filename,
2879 unsigned line,
2880 const char *section,
2881 unsigned section_line,
2882 const char *lvalue,
2883 int ltype,
2884 const char *rvalue,
2885 void *data,
2886 void *userdata) {
2887
2888 const char *p = rvalue;
2889 Set **archs = data;
2890 int r;
2891
2892 if (isempty(rvalue)) {
2893 *archs = set_free(*archs);
2894 return 0;
2895 }
2896
2897 r = set_ensure_allocated(archs, NULL);
2898 if (r < 0)
2899 return log_oom();
2900
2901 for (;;) {
2902 _cleanup_free_ char *word = NULL;
2903 uint32_t a;
2904
2905 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2906 if (r == 0)
2907 return 0;
2908 if (r == -ENOMEM)
2909 return log_oom();
2910 if (r < 0) {
2911 log_syntax(unit, LOG_WARNING, filename, line, r,
2912 "Invalid syntax, ignoring: %s", rvalue);
2913 return 0;
2914 }
2915
2916 r = seccomp_arch_from_string(word, &a);
2917 if (r < 0) {
2918 log_syntax(unit, LOG_ERR, filename, line, r,
2919 "Failed to parse system call architecture \"%s\", ignoring: %m", word);
2920 continue;
2921 }
2922
2923 r = set_put(*archs, UINT32_TO_PTR(a + 1));
2924 if (r < 0)
2925 return log_oom();
2926 }
2927 }
2928
2929 int config_parse_syscall_errno(
2930 const char *unit,
2931 const char *filename,
2932 unsigned line,
2933 const char *section,
2934 unsigned section_line,
2935 const char *lvalue,
2936 int ltype,
2937 const char *rvalue,
2938 void *data,
2939 void *userdata) {
2940
2941 ExecContext *c = data;
2942 int e;
2943
2944 assert(filename);
2945 assert(lvalue);
2946 assert(rvalue);
2947
2948 if (isempty(rvalue)) {
2949 /* Empty assignment resets to KILL */
2950 c->syscall_errno = 0;
2951 return 0;
2952 }
2953
2954 e = parse_errno(rvalue);
2955 if (e <= 0) {
2956 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse error number, ignoring: %s", rvalue);
2957 return 0;
2958 }
2959
2960 c->syscall_errno = e;
2961 return 0;
2962 }
2963
2964 int config_parse_address_families(
2965 const char *unit,
2966 const char *filename,
2967 unsigned line,
2968 const char *section,
2969 unsigned section_line,
2970 const char *lvalue,
2971 int ltype,
2972 const char *rvalue,
2973 void *data,
2974 void *userdata) {
2975
2976 ExecContext *c = data;
2977 bool invert = false;
2978 const char *p;
2979 int r;
2980
2981 assert(filename);
2982 assert(lvalue);
2983 assert(rvalue);
2984
2985 if (isempty(rvalue)) {
2986 /* Empty assignment resets the list */
2987 c->address_families = set_free(c->address_families);
2988 c->address_families_whitelist = false;
2989 return 0;
2990 }
2991
2992 if (rvalue[0] == '~') {
2993 invert = true;
2994 rvalue++;
2995 }
2996
2997 if (!c->address_families) {
2998 c->address_families = set_new(NULL);
2999 if (!c->address_families)
3000 return log_oom();
3001
3002 c->address_families_whitelist = !invert;
3003 }
3004
3005 for (p = rvalue;;) {
3006 _cleanup_free_ char *word = NULL;
3007 int af;
3008
3009 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3010 if (r == 0)
3011 return 0;
3012 if (r == -ENOMEM)
3013 return log_oom();
3014 if (r < 0) {
3015 log_syntax(unit, LOG_WARNING, filename, line, r,
3016 "Invalid syntax, ignoring: %s", rvalue);
3017 return 0;
3018 }
3019
3020 af = af_from_name(word);
3021 if (af <= 0) {
3022 log_syntax(unit, LOG_ERR, filename, line, 0,
3023 "Failed to parse address family, ignoring: %s", word);
3024 continue;
3025 }
3026
3027 /* If we previously wanted to forbid an address family and now
3028 * we want to allow it, then just remove it from the list.
3029 */
3030 if (!invert == c->address_families_whitelist) {
3031 r = set_put(c->address_families, INT_TO_PTR(af));
3032 if (r < 0)
3033 return log_oom();
3034 } else
3035 set_remove(c->address_families, INT_TO_PTR(af));
3036 }
3037 }
3038
3039 int config_parse_restrict_namespaces(
3040 const char *unit,
3041 const char *filename,
3042 unsigned line,
3043 const char *section,
3044 unsigned section_line,
3045 const char *lvalue,
3046 int ltype,
3047 const char *rvalue,
3048 void *data,
3049 void *userdata) {
3050
3051 ExecContext *c = data;
3052 unsigned long flags;
3053 bool invert = false;
3054 int r;
3055
3056 if (isempty(rvalue)) {
3057 /* Reset to the default. */
3058 c->restrict_namespaces = NAMESPACE_FLAGS_INITIAL;
3059 return 0;
3060 }
3061
3062 /* Boolean parameter ignores the previous settings */
3063 r = parse_boolean(rvalue);
3064 if (r > 0) {
3065 c->restrict_namespaces = 0;
3066 return 0;
3067 } else if (r == 0) {
3068 c->restrict_namespaces = NAMESPACE_FLAGS_ALL;
3069 return 0;
3070 }
3071
3072 if (rvalue[0] == '~') {
3073 invert = true;
3074 rvalue++;
3075 }
3076
3077 /* Not a boolean argument, in this case it's a list of namespace types. */
3078 r = namespace_flags_from_string(rvalue, &flags);
3079 if (r < 0) {
3080 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse namespace type string, ignoring: %s", rvalue);
3081 return 0;
3082 }
3083
3084 if (c->restrict_namespaces == NAMESPACE_FLAGS_INITIAL)
3085 /* Initial assignment. Just set the value. */
3086 c->restrict_namespaces = invert ? (~flags) & NAMESPACE_FLAGS_ALL : flags;
3087 else
3088 /* Merge the value with the previous one. */
3089 SET_FLAG(c->restrict_namespaces, flags, !invert);
3090
3091 return 0;
3092 }
3093 #endif
3094
3095 int config_parse_unit_slice(
3096 const char *unit,
3097 const char *filename,
3098 unsigned line,
3099 const char *section,
3100 unsigned section_line,
3101 const char *lvalue,
3102 int ltype,
3103 const char *rvalue,
3104 void *data,
3105 void *userdata) {
3106
3107 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
3108 _cleanup_free_ char *k = NULL;
3109 Unit *u = userdata, *slice = NULL;
3110 int r;
3111
3112 assert(filename);
3113 assert(lvalue);
3114 assert(rvalue);
3115 assert(u);
3116
3117 r = unit_name_printf(u, rvalue, &k);
3118 if (r < 0) {
3119 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
3120 return 0;
3121 }
3122
3123 r = manager_load_unit(u->manager, k, NULL, &error, &slice);
3124 if (r < 0) {
3125 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load slice unit %s, ignoring: %s", k, bus_error_message(&error, r));
3126 return 0;
3127 }
3128
3129 r = unit_set_slice(u, slice);
3130 if (r < 0) {
3131 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to assign slice %s to unit %s, ignoring: %m", slice->id, u->id);
3132 return 0;
3133 }
3134
3135 return 0;
3136 }
3137
3138 DEFINE_CONFIG_PARSE_ENUM(config_parse_device_policy, cgroup_device_policy, CGroupDevicePolicy, "Failed to parse device policy");
3139
3140 int config_parse_cpu_weight(
3141 const char *unit,
3142 const char *filename,
3143 unsigned line,
3144 const char *section,
3145 unsigned section_line,
3146 const char *lvalue,
3147 int ltype,
3148 const char *rvalue,
3149 void *data,
3150 void *userdata) {
3151
3152 uint64_t *weight = data;
3153 int r;
3154
3155 assert(filename);
3156 assert(lvalue);
3157 assert(rvalue);
3158
3159 r = cg_weight_parse(rvalue, weight);
3160 if (r < 0) {
3161 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid CPU weight '%s', ignoring: %m", rvalue);
3162 return 0;
3163 }
3164
3165 return 0;
3166 }
3167
3168 int config_parse_cpu_shares(
3169 const char *unit,
3170 const char *filename,
3171 unsigned line,
3172 const char *section,
3173 unsigned section_line,
3174 const char *lvalue,
3175 int ltype,
3176 const char *rvalue,
3177 void *data,
3178 void *userdata) {
3179
3180 uint64_t *shares = data;
3181 int r;
3182
3183 assert(filename);
3184 assert(lvalue);
3185 assert(rvalue);
3186
3187 r = cg_cpu_shares_parse(rvalue, shares);
3188 if (r < 0) {
3189 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid CPU shares '%s', ignoring: %m", rvalue);
3190 return 0;
3191 }
3192
3193 return 0;
3194 }
3195
3196 int config_parse_cpu_quota(
3197 const char *unit,
3198 const char *filename,
3199 unsigned line,
3200 const char *section,
3201 unsigned section_line,
3202 const char *lvalue,
3203 int ltype,
3204 const char *rvalue,
3205 void *data,
3206 void *userdata) {
3207
3208 CGroupContext *c = data;
3209 int r;
3210
3211 assert(filename);
3212 assert(lvalue);
3213 assert(rvalue);
3214
3215 if (isempty(rvalue)) {
3216 c->cpu_quota_per_sec_usec = USEC_INFINITY;
3217 return 0;
3218 }
3219
3220 r = parse_percent_unbounded(rvalue);
3221 if (r <= 0) {
3222 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid CPU quota '%s', ignoring.", rvalue);
3223 return 0;
3224 }
3225
3226 c->cpu_quota_per_sec_usec = ((usec_t) r * USEC_PER_SEC) / 100U;
3227 return 0;
3228 }
3229
3230 int config_parse_memory_limit(
3231 const char *unit,
3232 const char *filename,
3233 unsigned line,
3234 const char *section,
3235 unsigned section_line,
3236 const char *lvalue,
3237 int ltype,
3238 const char *rvalue,
3239 void *data,
3240 void *userdata) {
3241
3242 CGroupContext *c = data;
3243 uint64_t bytes = CGROUP_LIMIT_MAX;
3244 int r;
3245
3246 if (!isempty(rvalue) && !streq(rvalue, "infinity")) {
3247
3248 r = parse_percent(rvalue);
3249 if (r < 0) {
3250 r = parse_size(rvalue, 1024, &bytes);
3251 if (r < 0) {
3252 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid memory limit '%s', ignoring: %m", rvalue);
3253 return 0;
3254 }
3255 } else
3256 bytes = physical_memory_scale(r, 100U);
3257
3258 if (bytes >= UINT64_MAX ||
3259 (bytes <= 0 && !streq(lvalue, "MemorySwapMax"))) {
3260 log_syntax(unit, LOG_ERR, filename, line, 0, "Memory limit '%s' out of range, ignoring.", rvalue);
3261 return 0;
3262 }
3263 }
3264
3265 if (streq(lvalue, "MemoryLow"))
3266 c->memory_low = bytes;
3267 else if (streq(lvalue, "MemoryHigh"))
3268 c->memory_high = bytes;
3269 else if (streq(lvalue, "MemoryMax"))
3270 c->memory_max = bytes;
3271 else if (streq(lvalue, "MemorySwapMax"))
3272 c->memory_swap_max = bytes;
3273 else if (streq(lvalue, "MemoryLimit"))
3274 c->memory_limit = bytes;
3275 else
3276 return -EINVAL;
3277
3278 return 0;
3279 }
3280
3281 int config_parse_tasks_max(
3282 const char *unit,
3283 const char *filename,
3284 unsigned line,
3285 const char *section,
3286 unsigned section_line,
3287 const char *lvalue,
3288 int ltype,
3289 const char *rvalue,
3290 void *data,
3291 void *userdata) {
3292
3293 uint64_t *tasks_max = data, v;
3294 Unit *u = userdata;
3295 int r;
3296
3297 if (isempty(rvalue)) {
3298 *tasks_max = u->manager->default_tasks_max;
3299 return 0;
3300 }
3301
3302 if (streq(rvalue, "infinity")) {
3303 *tasks_max = CGROUP_LIMIT_MAX;
3304 return 0;
3305 }
3306
3307 r = parse_percent(rvalue);
3308 if (r < 0) {
3309 r = safe_atou64(rvalue, &v);
3310 if (r < 0) {
3311 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid maximum tasks value '%s', ignoring: %m", rvalue);
3312 return 0;
3313 }
3314 } else
3315 v = system_tasks_max_scale(r, 100U);
3316
3317 if (v <= 0 || v >= UINT64_MAX) {
3318 log_syntax(unit, LOG_ERR, filename, line, 0, "Maximum tasks value '%s' out of range, ignoring.", rvalue);
3319 return 0;
3320 }
3321
3322 *tasks_max = v;
3323 return 0;
3324 }
3325
3326 int config_parse_delegate(
3327 const char *unit,
3328 const char *filename,
3329 unsigned line,
3330 const char *section,
3331 unsigned section_line,
3332 const char *lvalue,
3333 int ltype,
3334 const char *rvalue,
3335 void *data,
3336 void *userdata) {
3337
3338 CGroupContext *c = data;
3339 UnitType t;
3340 int r;
3341
3342 t = unit_name_to_type(unit);
3343 assert(t != _UNIT_TYPE_INVALID);
3344
3345 if (!unit_vtable[t]->can_delegate) {
3346 log_syntax(unit, LOG_ERR, filename, line, 0, "Delegate= setting not supported for this unit type, ignoring.");
3347 return 0;
3348 }
3349
3350 /* We either accept a boolean value, which may be used to turn on delegation for all controllers, or turn it
3351 * off for all. Or it takes a list of controller names, in which case we add the specified controllers to the
3352 * mask to delegate. */
3353
3354 if (isempty(rvalue)) {
3355 /* An empty string resets controllers and set Delegate=yes. */
3356 c->delegate = true;
3357 c->delegate_controllers = 0;
3358 return 0;
3359 }
3360
3361 r = parse_boolean(rvalue);
3362 if (r < 0) {
3363 const char *p = rvalue;
3364 CGroupMask mask = 0;
3365
3366 for (;;) {
3367 _cleanup_free_ char *word = NULL;
3368 CGroupController cc;
3369
3370 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3371 if (r == 0)
3372 break;
3373 if (r == -ENOMEM)
3374 return log_oom();
3375 if (r < 0) {
3376 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
3377 return 0;
3378 }
3379
3380 cc = cgroup_controller_from_string(word);
3381 if (cc < 0) {
3382 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid controller name '%s', ignoring", word);
3383 continue;
3384 }
3385
3386 mask |= CGROUP_CONTROLLER_TO_MASK(cc);
3387 }
3388
3389 c->delegate = true;
3390 c->delegate_controllers |= mask;
3391
3392 } else if (r > 0) {
3393 c->delegate = true;
3394 c->delegate_controllers = _CGROUP_MASK_ALL;
3395 } else {
3396 c->delegate = false;
3397 c->delegate_controllers = 0;
3398 }
3399
3400 return 0;
3401 }
3402
3403 int config_parse_device_allow(
3404 const char *unit,
3405 const char *filename,
3406 unsigned line,
3407 const char *section,
3408 unsigned section_line,
3409 const char *lvalue,
3410 int ltype,
3411 const char *rvalue,
3412 void *data,
3413 void *userdata) {
3414
3415 _cleanup_free_ char *path = NULL, *resolved = NULL;
3416 CGroupContext *c = data;
3417 CGroupDeviceAllow *a;
3418 const char *p = rvalue;
3419 int r;
3420
3421 if (isempty(rvalue)) {
3422 while (c->device_allow)
3423 cgroup_context_free_device_allow(c, c->device_allow);
3424
3425 return 0;
3426 }
3427
3428 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3429 if (r == -ENOMEM)
3430 return log_oom();
3431 if (r < 0) {
3432 log_syntax(unit, LOG_WARNING, filename, line, r,
3433 "Invalid syntax, ignoring: %s", rvalue);
3434 return 0;
3435 }
3436 if (r == 0) {
3437 log_syntax(unit, LOG_WARNING, filename, line, 0,
3438 "Failed to extract device path and rights from '%s', ignoring.", rvalue);
3439 return 0;
3440 }
3441
3442 r = unit_full_printf(userdata, path, &resolved);
3443 if (r < 0) {
3444 log_syntax(unit, LOG_WARNING, filename, line, r,
3445 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3446 return 0;
3447 }
3448
3449 if (!is_deviceallow_pattern(resolved) &&
3450 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3451 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3452 return 0;
3453 }
3454
3455 if (!isempty(p) && !in_charset(p, "rwm")) {
3456 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device rights '%s', ignoring.", p);
3457 return 0;
3458 }
3459
3460 a = new0(CGroupDeviceAllow, 1);
3461 if (!a)
3462 return log_oom();
3463
3464 a->path = TAKE_PTR(resolved);
3465 a->r = isempty(p) || !!strchr(p, 'r');
3466 a->w = isempty(p) || !!strchr(p, 'w');
3467 a->m = isempty(p) || !!strchr(p, 'm');
3468
3469 LIST_PREPEND(device_allow, c->device_allow, a);
3470 return 0;
3471 }
3472
3473 int config_parse_io_weight(
3474 const char *unit,
3475 const char *filename,
3476 unsigned line,
3477 const char *section,
3478 unsigned section_line,
3479 const char *lvalue,
3480 int ltype,
3481 const char *rvalue,
3482 void *data,
3483 void *userdata) {
3484
3485 uint64_t *weight = data;
3486 int r;
3487
3488 assert(filename);
3489 assert(lvalue);
3490 assert(rvalue);
3491
3492 r = cg_weight_parse(rvalue, weight);
3493 if (r < 0) {
3494 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid IO weight '%s', ignoring.", rvalue);
3495 return 0;
3496 }
3497
3498 return 0;
3499 }
3500
3501 int config_parse_io_device_weight(
3502 const char *unit,
3503 const char *filename,
3504 unsigned line,
3505 const char *section,
3506 unsigned section_line,
3507 const char *lvalue,
3508 int ltype,
3509 const char *rvalue,
3510 void *data,
3511 void *userdata) {
3512
3513 _cleanup_free_ char *path = NULL, *resolved = NULL;
3514 CGroupIODeviceWeight *w;
3515 CGroupContext *c = data;
3516 const char *p = rvalue;
3517 uint64_t u;
3518 int r;
3519
3520 assert(filename);
3521 assert(lvalue);
3522 assert(rvalue);
3523
3524 if (isempty(rvalue)) {
3525 while (c->io_device_weights)
3526 cgroup_context_free_io_device_weight(c, c->io_device_weights);
3527
3528 return 0;
3529 }
3530
3531 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3532 if (r == -ENOMEM)
3533 return log_oom();
3534 if (r < 0) {
3535 log_syntax(unit, LOG_WARNING, filename, line, r,
3536 "Invalid syntax, ignoring: %s", rvalue);
3537 return 0;
3538 }
3539 if (r == 0 || isempty(p)) {
3540 log_syntax(unit, LOG_WARNING, filename, line, 0,
3541 "Failed to extract device path and weight from '%s', ignoring.", rvalue);
3542 return 0;
3543 }
3544
3545 r = unit_full_printf(userdata, path, &resolved);
3546 if (r < 0) {
3547 log_syntax(unit, LOG_WARNING, filename, line, r,
3548 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3549 return 0;
3550 }
3551
3552 if (!path_startswith(resolved, "/dev") &&
3553 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3554 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3555 return 0;
3556 }
3557
3558 r = cg_weight_parse(p, &u);
3559 if (r < 0) {
3560 log_syntax(unit, LOG_ERR, filename, line, r, "IO weight '%s' invalid, ignoring: %m", p);
3561 return 0;
3562 }
3563
3564 assert(u != CGROUP_WEIGHT_INVALID);
3565
3566 w = new0(CGroupIODeviceWeight, 1);
3567 if (!w)
3568 return log_oom();
3569
3570 w->path = TAKE_PTR(resolved);
3571 w->weight = u;
3572
3573 LIST_PREPEND(device_weights, c->io_device_weights, w);
3574 return 0;
3575 }
3576
3577 int config_parse_io_limit(
3578 const char *unit,
3579 const char *filename,
3580 unsigned line,
3581 const char *section,
3582 unsigned section_line,
3583 const char *lvalue,
3584 int ltype,
3585 const char *rvalue,
3586 void *data,
3587 void *userdata) {
3588
3589 _cleanup_free_ char *path = NULL, *resolved = NULL;
3590 CGroupIODeviceLimit *l = NULL, *t;
3591 CGroupContext *c = data;
3592 CGroupIOLimitType type;
3593 const char *p = rvalue;
3594 uint64_t num;
3595 int r;
3596
3597 assert(filename);
3598 assert(lvalue);
3599 assert(rvalue);
3600
3601 type = cgroup_io_limit_type_from_string(lvalue);
3602 assert(type >= 0);
3603
3604 if (isempty(rvalue)) {
3605 LIST_FOREACH(device_limits, l, c->io_device_limits)
3606 l->limits[type] = cgroup_io_limit_defaults[type];
3607 return 0;
3608 }
3609
3610 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3611 if (r == -ENOMEM)
3612 return log_oom();
3613 if (r < 0) {
3614 log_syntax(unit, LOG_WARNING, filename, line, r,
3615 "Invalid syntax, ignoring: %s", rvalue);
3616 return 0;
3617 }
3618 if (r == 0 || isempty(p)) {
3619 log_syntax(unit, LOG_WARNING, filename, line, 0,
3620 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
3621 return 0;
3622 }
3623
3624 r = unit_full_printf(userdata, path, &resolved);
3625 if (r < 0) {
3626 log_syntax(unit, LOG_WARNING, filename, line, r,
3627 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3628 return 0;
3629 }
3630
3631 if (!path_startswith(resolved, "/dev") &&
3632 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3633 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3634 return 0;
3635 }
3636
3637 if (streq("infinity", p)) {
3638 num = CGROUP_LIMIT_MAX;
3639 } else {
3640 r = parse_size(p, 1000, &num);
3641 if (r < 0 || num <= 0) {
3642 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid IO limit '%s', ignoring.", p);
3643 return 0;
3644 }
3645 }
3646
3647 LIST_FOREACH(device_limits, t, c->io_device_limits) {
3648 if (path_equal(resolved, t->path)) {
3649 l = t;
3650 break;
3651 }
3652 }
3653
3654 if (!l) {
3655 CGroupIOLimitType ttype;
3656
3657 l = new0(CGroupIODeviceLimit, 1);
3658 if (!l)
3659 return log_oom();
3660
3661 l->path = TAKE_PTR(resolved);
3662 for (ttype = 0; ttype < _CGROUP_IO_LIMIT_TYPE_MAX; ttype++)
3663 l->limits[ttype] = cgroup_io_limit_defaults[ttype];
3664
3665 LIST_PREPEND(device_limits, c->io_device_limits, l);
3666 }
3667
3668 l->limits[type] = num;
3669
3670 return 0;
3671 }
3672
3673 int config_parse_blockio_weight(
3674 const char *unit,
3675 const char *filename,
3676 unsigned line,
3677 const char *section,
3678 unsigned section_line,
3679 const char *lvalue,
3680 int ltype,
3681 const char *rvalue,
3682 void *data,
3683 void *userdata) {
3684
3685 uint64_t *weight = data;
3686 int r;
3687
3688 assert(filename);
3689 assert(lvalue);
3690 assert(rvalue);
3691
3692 r = cg_blkio_weight_parse(rvalue, weight);
3693 if (r < 0) {
3694 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid block IO weight '%s', ignoring: %m", rvalue);
3695 return 0;
3696 }
3697
3698 return 0;
3699 }
3700
3701 int config_parse_blockio_device_weight(
3702 const char *unit,
3703 const char *filename,
3704 unsigned line,
3705 const char *section,
3706 unsigned section_line,
3707 const char *lvalue,
3708 int ltype,
3709 const char *rvalue,
3710 void *data,
3711 void *userdata) {
3712
3713 _cleanup_free_ char *path = NULL, *resolved = NULL;
3714 CGroupBlockIODeviceWeight *w;
3715 CGroupContext *c = data;
3716 const char *p = rvalue;
3717 uint64_t u;
3718 int r;
3719
3720 assert(filename);
3721 assert(lvalue);
3722 assert(rvalue);
3723
3724 if (isempty(rvalue)) {
3725 while (c->blockio_device_weights)
3726 cgroup_context_free_blockio_device_weight(c, c->blockio_device_weights);
3727
3728 return 0;
3729 }
3730
3731 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3732 if (r == -ENOMEM)
3733 return log_oom();
3734 if (r < 0) {
3735 log_syntax(unit, LOG_WARNING, filename, line, r,
3736 "Invalid syntax, ignoring: %s", rvalue);
3737 return 0;
3738 }
3739 if (r == 0 || isempty(p)) {
3740 log_syntax(unit, LOG_WARNING, filename, line, 0,
3741 "Failed to extract device node and weight from '%s', ignoring.", rvalue);
3742 return 0;
3743 }
3744
3745 r = unit_full_printf(userdata, path, &resolved);
3746 if (r < 0) {
3747 log_syntax(unit, LOG_WARNING, filename, line, r,
3748 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3749 return 0;
3750 }
3751
3752 if (!path_startswith(resolved, "/dev") &&
3753 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3754 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s'. Ignoring.", resolved);
3755 return 0;
3756 }
3757
3758 r = cg_blkio_weight_parse(p, &u);
3759 if (r < 0) {
3760 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid block IO weight '%s', ignoring: %m", p);
3761 return 0;
3762 }
3763
3764 assert(u != CGROUP_BLKIO_WEIGHT_INVALID);
3765
3766 w = new0(CGroupBlockIODeviceWeight, 1);
3767 if (!w)
3768 return log_oom();
3769
3770 w->path = TAKE_PTR(resolved);
3771 w->weight = u;
3772
3773 LIST_PREPEND(device_weights, c->blockio_device_weights, w);
3774 return 0;
3775 }
3776
3777 int config_parse_blockio_bandwidth(
3778 const char *unit,
3779 const char *filename,
3780 unsigned line,
3781 const char *section,
3782 unsigned section_line,
3783 const char *lvalue,
3784 int ltype,
3785 const char *rvalue,
3786 void *data,
3787 void *userdata) {
3788
3789 _cleanup_free_ char *path = NULL, *resolved = NULL;
3790 CGroupBlockIODeviceBandwidth *b = NULL, *t;
3791 CGroupContext *c = data;
3792 const char *p = rvalue;
3793 uint64_t bytes;
3794 bool read;
3795 int r;
3796
3797 assert(filename);
3798 assert(lvalue);
3799 assert(rvalue);
3800
3801 read = streq("BlockIOReadBandwidth", lvalue);
3802
3803 if (isempty(rvalue)) {
3804 LIST_FOREACH(device_bandwidths, b, c->blockio_device_bandwidths) {
3805 b->rbps = CGROUP_LIMIT_MAX;
3806 b->wbps = CGROUP_LIMIT_MAX;
3807 }
3808 return 0;
3809 }
3810
3811 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3812 if (r == -ENOMEM)
3813 return log_oom();
3814 if (r < 0) {
3815 log_syntax(unit, LOG_WARNING, filename, line, r,
3816 "Invalid syntax, ignoring: %s", rvalue);
3817 return 0;
3818 }
3819 if (r == 0 || isempty(p)) {
3820 log_syntax(unit, LOG_WARNING, filename, line, 0,
3821 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
3822 return 0;
3823 }
3824
3825 r = unit_full_printf(userdata, path, &resolved);
3826 if (r < 0) {
3827 log_syntax(unit, LOG_WARNING, filename, line, r,
3828 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3829 return 0;
3830 }
3831
3832 if (!path_startswith(resolved, "/dev") &&
3833 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3834 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3835 return 0;
3836 }
3837
3838 r = parse_size(p, 1000, &bytes);
3839 if (r < 0 || bytes <= 0) {
3840 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid Block IO Bandwidth '%s', ignoring.", p);
3841 return 0;
3842 }
3843
3844 LIST_FOREACH(device_bandwidths, t, c->blockio_device_bandwidths) {
3845 if (path_equal(resolved, t->path)) {
3846 b = t;
3847 break;
3848 }
3849 }
3850
3851 if (!t) {
3852 b = new0(CGroupBlockIODeviceBandwidth, 1);
3853 if (!b)
3854 return log_oom();
3855
3856 b->path = TAKE_PTR(resolved);
3857 b->rbps = CGROUP_LIMIT_MAX;
3858 b->wbps = CGROUP_LIMIT_MAX;
3859
3860 LIST_PREPEND(device_bandwidths, c->blockio_device_bandwidths, b);
3861 }
3862
3863 if (read)
3864 b->rbps = bytes;
3865 else
3866 b->wbps = bytes;
3867
3868 return 0;
3869 }
3870
3871 DEFINE_CONFIG_PARSE_ENUM(config_parse_job_mode, job_mode, JobMode, "Failed to parse job mode");
3872
3873 int config_parse_job_mode_isolate(
3874 const char *unit,
3875 const char *filename,
3876 unsigned line,
3877 const char *section,
3878 unsigned section_line,
3879 const char *lvalue,
3880 int ltype,
3881 const char *rvalue,
3882 void *data,
3883 void *userdata) {
3884
3885 JobMode *m = data;
3886 int r;
3887
3888 assert(filename);
3889 assert(lvalue);
3890 assert(rvalue);
3891
3892 r = parse_boolean(rvalue);
3893 if (r < 0) {
3894 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse boolean, ignoring: %s", rvalue);
3895 return 0;
3896 }
3897
3898 log_notice("%s is deprecated. Please use OnFailureJobMode= instead", lvalue);
3899
3900 *m = r ? JOB_ISOLATE : JOB_REPLACE;
3901 return 0;
3902 }
3903
3904 DEFINE_CONFIG_PARSE_ENUM(config_parse_runtime_preserve_mode, exec_preserve_mode, ExecPreserveMode, "Failed to parse runtime directory preserve mode");
3905
3906 int config_parse_exec_directories(
3907 const char *unit,
3908 const char *filename,
3909 unsigned line,
3910 const char *section,
3911 unsigned section_line,
3912 const char *lvalue,
3913 int ltype,
3914 const char *rvalue,
3915 void *data,
3916 void *userdata) {
3917
3918 char***rt = data;
3919 Unit *u = userdata;
3920 const char *p;
3921 int r;
3922
3923 assert(filename);
3924 assert(lvalue);
3925 assert(rvalue);
3926 assert(data);
3927
3928 if (isempty(rvalue)) {
3929 /* Empty assignment resets the list */
3930 *rt = strv_free(*rt);
3931 return 0;
3932 }
3933
3934 for (p = rvalue;;) {
3935 _cleanup_free_ char *word = NULL, *k = NULL;
3936
3937 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3938 if (r == -ENOMEM)
3939 return log_oom();
3940 if (r < 0) {
3941 log_syntax(unit, LOG_WARNING, filename, line, r,
3942 "Invalid syntax, ignoring: %s", rvalue);
3943 return 0;
3944 }
3945 if (r == 0)
3946 return 0;
3947
3948 r = unit_full_printf(u, word, &k);
3949 if (r < 0) {
3950 log_syntax(unit, LOG_ERR, filename, line, r,
3951 "Failed to resolve unit specifiers in \"%s\", ignoring: %m", word);
3952 continue;
3953 }
3954
3955 if (!path_is_normalized(k)) {
3956 log_syntax(unit, LOG_ERR, filename, line, 0,
3957 "%s= path is not normalized, ignoring assignment: %s", lvalue, rvalue);
3958 continue;
3959 }
3960
3961 if (path_is_absolute(k)) {
3962 log_syntax(unit, LOG_ERR, filename, line, 0,
3963 "%s= path is absolute, ignoring assignment: %s", lvalue, rvalue);
3964 continue;
3965 }
3966
3967 if (path_startswith(k, "private")) {
3968 log_syntax(unit, LOG_ERR, filename, line, 0,
3969 "%s= path can't be 'private', ingoring assignment: %s", lvalue, rvalue);
3970 continue;
3971 }
3972
3973 r = strv_push(rt, k);
3974 if (r < 0)
3975 return log_oom();
3976 k = NULL;
3977 }
3978 }
3979
3980 int config_parse_set_status(
3981 const char *unit,
3982 const char *filename,
3983 unsigned line,
3984 const char *section,
3985 unsigned section_line,
3986 const char *lvalue,
3987 int ltype,
3988 const char *rvalue,
3989 void *data,
3990 void *userdata) {
3991
3992 size_t l;
3993 const char *word, *state;
3994 int r;
3995 ExitStatusSet *status_set = data;
3996
3997 assert(filename);
3998 assert(lvalue);
3999 assert(rvalue);
4000 assert(data);
4001
4002 /* Empty assignment resets the list */
4003 if (isempty(rvalue)) {
4004 exit_status_set_free(status_set);
4005 return 0;
4006 }
4007
4008 FOREACH_WORD(word, l, rvalue, state) {
4009 _cleanup_free_ char *temp;
4010 int val;
4011 Set **set;
4012
4013 temp = strndup(word, l);
4014 if (!temp)
4015 return log_oom();
4016
4017 r = safe_atoi(temp, &val);
4018 if (r < 0) {
4019 val = signal_from_string(temp);
4020
4021 if (val <= 0) {
4022 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse value, ignoring: %s", word);
4023 continue;
4024 }
4025 set = &status_set->signal;
4026 } else {
4027 if (val < 0 || val > 255) {
4028 log_syntax(unit, LOG_ERR, filename, line, 0, "Value %d is outside range 0-255, ignoring", val);
4029 continue;
4030 }
4031 set = &status_set->status;
4032 }
4033
4034 r = set_ensure_allocated(set, NULL);
4035 if (r < 0)
4036 return log_oom();
4037
4038 r = set_put(*set, INT_TO_PTR(val));
4039 if (r < 0)
4040 return log_oom();
4041 }
4042 if (!isempty(state))
4043 log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
4044
4045 return 0;
4046 }
4047
4048 int config_parse_namespace_path_strv(
4049 const char *unit,
4050 const char *filename,
4051 unsigned line,
4052 const char *section,
4053 unsigned section_line,
4054 const char *lvalue,
4055 int ltype,
4056 const char *rvalue,
4057 void *data,
4058 void *userdata) {
4059
4060 Unit *u = userdata;
4061 char*** sv = data;
4062 const char *p = rvalue;
4063 int r;
4064
4065 assert(filename);
4066 assert(lvalue);
4067 assert(rvalue);
4068 assert(data);
4069
4070 if (isempty(rvalue)) {
4071 /* Empty assignment resets the list */
4072 *sv = strv_free(*sv);
4073 return 0;
4074 }
4075
4076 for (;;) {
4077 _cleanup_free_ char *word = NULL, *resolved = NULL, *joined = NULL;
4078 const char *w;
4079 bool ignore_enoent = false, shall_prefix = false;
4080
4081 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
4082 if (r == 0)
4083 break;
4084 if (r == -ENOMEM)
4085 return log_oom();
4086 if (r < 0) {
4087 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue);
4088 return 0;
4089 }
4090
4091 if (!utf8_is_valid(word)) {
4092 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, word);
4093 continue;
4094 }
4095
4096 w = word;
4097 if (startswith(w, "-")) {
4098 ignore_enoent = true;
4099 w++;
4100 }
4101 if (startswith(w, "+")) {
4102 shall_prefix = true;
4103 w++;
4104 }
4105
4106 r = unit_full_printf(u, w, &resolved);
4107 if (r < 0) {
4108 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", w);
4109 continue;
4110 }
4111
4112 if (!path_is_absolute(resolved)) {
4113 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute path, ignoring: %s", resolved);
4114 continue;
4115 }
4116
4117 path_kill_slashes(resolved);
4118
4119 joined = strjoin(ignore_enoent ? "-" : "",
4120 shall_prefix ? "+" : "",
4121 resolved);
4122
4123 r = strv_push(sv, joined);
4124 if (r < 0)
4125 return log_oom();
4126
4127 joined = NULL;
4128 }
4129
4130 return 0;
4131 }
4132
4133 int config_parse_temporary_filesystems(
4134 const char *unit,
4135 const char *filename,
4136 unsigned line,
4137 const char *section,
4138 unsigned section_line,
4139 const char *lvalue,
4140 int ltype,
4141 const char *rvalue,
4142 void *data,
4143 void *userdata) {
4144
4145 Unit *u = userdata;
4146 ExecContext *c = data;
4147 const char *p = rvalue;
4148 int r;
4149
4150 assert(filename);
4151 assert(lvalue);
4152 assert(rvalue);
4153 assert(data);
4154
4155 if (isempty(rvalue)) {
4156 /* Empty assignment resets the list */
4157 temporary_filesystem_free_many(c->temporary_filesystems, c->n_temporary_filesystems);
4158 c->temporary_filesystems = NULL;
4159 c->n_temporary_filesystems = 0;
4160 return 0;
4161 }
4162
4163 for (;;) {
4164 _cleanup_free_ char *word = NULL, *path = NULL, *resolved = NULL;
4165 const char *w;
4166
4167 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
4168 if (r == 0)
4169 return 0;
4170 if (r == -ENOMEM)
4171 return log_oom();
4172 if (r < 0) {
4173 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue);
4174 return 0;
4175 }
4176
4177 w = word;
4178 r = extract_first_word(&w, &path, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
4179 if (r == -ENOMEM)
4180 return log_oom();
4181 if (r < 0) {
4182 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", word);
4183 continue;
4184 }
4185 if (r == 0) {
4186 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid syntax, ignoring: %s", word);
4187 continue;
4188 }
4189
4190 r = unit_full_printf(u, path, &resolved);
4191 if (r < 0) {
4192 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", path);
4193 continue;
4194 }
4195
4196 if (!path_is_absolute(resolved)) {
4197 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute path, ignoring: %s", resolved);
4198 continue;
4199 }
4200
4201 path_kill_slashes(resolved);
4202
4203 r = temporary_filesystem_add(&c->temporary_filesystems, &c->n_temporary_filesystems, path, w);
4204 if (r == -ENOMEM)
4205 return log_oom();
4206 if (r < 0) {
4207 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse mount options, ignoring: %s", word);
4208 continue;
4209 }
4210 }
4211 }
4212
4213 int config_parse_bind_paths(
4214 const char *unit,
4215 const char *filename,
4216 unsigned line,
4217 const char *section,
4218 unsigned section_line,
4219 const char *lvalue,
4220 int ltype,
4221 const char *rvalue,
4222 void *data,
4223 void *userdata) {
4224
4225 ExecContext *c = data;
4226 Unit *u = userdata;
4227 const char *p;
4228 int r;
4229
4230 assert(filename);
4231 assert(lvalue);
4232 assert(rvalue);
4233 assert(data);
4234
4235 if (isempty(rvalue)) {
4236 /* Empty assignment resets the list */
4237 bind_mount_free_many(c->bind_mounts, c->n_bind_mounts);
4238 c->bind_mounts = NULL;
4239 c->n_bind_mounts = 0;
4240 return 0;
4241 }
4242
4243 p = rvalue;
4244 for (;;) {
4245 _cleanup_free_ char *source = NULL, *destination = NULL;
4246 _cleanup_free_ char *sresolved = NULL, *dresolved = NULL;
4247 char *s = NULL, *d = NULL;
4248 bool rbind = true, ignore_enoent = false;
4249
4250 r = extract_first_word(&p, &source, ":" WHITESPACE, EXTRACT_QUOTES|EXTRACT_DONT_COALESCE_SEPARATORS);
4251 if (r == 0)
4252 break;
4253 if (r == -ENOMEM)
4254 return log_oom();
4255 if (r < 0) {
4256 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4257 return 0;
4258 }
4259
4260 r = unit_full_printf(u, source, &sresolved);
4261 if (r < 0) {
4262 log_syntax(unit, LOG_ERR, filename, line, r,
4263 "Failed to resolved unit specifiers in \"%s\", ignoring: %m", source);
4264 return 0;
4265 }
4266
4267 s = sresolved;
4268 if (s[0] == '-') {
4269 ignore_enoent = true;
4270 s++;
4271 }
4272
4273 if (!utf8_is_valid(s)) {
4274 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, s);
4275 return 0;
4276 }
4277 if (!path_is_absolute(s)) {
4278 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute source path, ignoring: %s", s);
4279 return 0;
4280 }
4281
4282 path_kill_slashes(s);
4283
4284 /* Optionally, the destination is specified. */
4285 if (p && p[-1] == ':') {
4286 r = extract_first_word(&p, &destination, ":" WHITESPACE, EXTRACT_QUOTES|EXTRACT_DONT_COALESCE_SEPARATORS);
4287 if (r == -ENOMEM)
4288 return log_oom();
4289 if (r < 0) {
4290 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4291 return 0;
4292 }
4293 if (r == 0) {
4294 log_syntax(unit, LOG_ERR, filename, line, 0, "Missing argument after ':': %s", rvalue);
4295 return 0;
4296 }
4297
4298 r = unit_full_printf(u, destination, &dresolved);
4299 if (r < 0) {
4300 log_syntax(unit, LOG_ERR, filename, line, r,
4301 "Failed to resolved specifiers in \"%s\", ignoring: %m", destination);
4302 return 0;
4303 }
4304
4305 if (!utf8_is_valid(dresolved)) {
4306 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, dresolved);
4307 return 0;
4308 }
4309 if (!path_is_absolute(dresolved)) {
4310 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute destination path, ignoring: %s", dresolved);
4311 return 0;
4312 }
4313
4314 d = path_kill_slashes(dresolved);
4315
4316 /* Optionally, there's also a short option string specified */
4317 if (p && p[-1] == ':') {
4318 _cleanup_free_ char *options = NULL;
4319
4320 r = extract_first_word(&p, &options, NULL, EXTRACT_QUOTES);
4321 if (r == -ENOMEM)
4322 return log_oom();
4323 if (r < 0) {
4324 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4325 return 0;
4326 }
4327
4328 if (isempty(options) || streq(options, "rbind"))
4329 rbind = true;
4330 else if (streq(options, "norbind"))
4331 rbind = false;
4332 else {
4333 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid option string, ignoring setting: %s", options);
4334 return 0;
4335 }
4336 }
4337 } else
4338 d = s;
4339
4340 r = bind_mount_add(&c->bind_mounts, &c->n_bind_mounts,
4341 &(BindMount) {
4342 .source = s,
4343 .destination = d,
4344 .read_only = !!strstr(lvalue, "ReadOnly"),
4345 .recursive = rbind,
4346 .ignore_enoent = ignore_enoent,
4347 });
4348 if (r < 0)
4349 return log_oom();
4350 }
4351
4352 return 0;
4353 }
4354
4355 int config_parse_no_new_privileges(
4356 const char* unit,
4357 const char *filename,
4358 unsigned line,
4359 const char *section,
4360 unsigned section_line,
4361 const char *lvalue,
4362 int ltype,
4363 const char *rvalue,
4364 void *data,
4365 void *userdata) {
4366
4367 ExecContext *c = data;
4368 int r;
4369
4370 assert(filename);
4371 assert(lvalue);
4372 assert(rvalue);
4373 assert(data);
4374
4375 r = parse_boolean(rvalue);
4376 if (r < 0) {
4377 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse boolean value, ignoring: %s", rvalue);
4378 return 0;
4379 }
4380
4381 c->no_new_privileges = r;
4382
4383 return 0;
4384 }
4385
4386 int config_parse_protect_home(
4387 const char* unit,
4388 const char *filename,
4389 unsigned line,
4390 const char *section,
4391 unsigned section_line,
4392 const char *lvalue,
4393 int ltype,
4394 const char *rvalue,
4395 void *data,
4396 void *userdata) {
4397
4398 ExecContext *c = data;
4399 ProtectHome h;
4400
4401 assert(filename);
4402 assert(lvalue);
4403 assert(rvalue);
4404 assert(data);
4405
4406 /* Our enum shall be a superset of booleans, hence first try
4407 * to parse as boolean, and then as enum */
4408
4409 h = parse_protect_home_or_bool(rvalue);
4410 if (h < 0) {
4411 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse protect home value, ignoring: %s", rvalue);
4412 return 0;
4413 }
4414
4415 c->protect_home = h;
4416
4417 return 0;
4418 }
4419
4420 int config_parse_protect_system(
4421 const char* unit,
4422 const char *filename,
4423 unsigned line,
4424 const char *section,
4425 unsigned section_line,
4426 const char *lvalue,
4427 int ltype,
4428 const char *rvalue,
4429 void *data,
4430 void *userdata) {
4431
4432 ExecContext *c = data;
4433 ProtectSystem s;
4434
4435 assert(filename);
4436 assert(lvalue);
4437 assert(rvalue);
4438 assert(data);
4439
4440 s = parse_protect_system_or_bool(rvalue);
4441 if (s < 0) {
4442 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse protect system value, ignoring: %s", rvalue);
4443 return 0;
4444 }
4445
4446 c->protect_system = s;
4447
4448 return 0;
4449 }
4450
4451 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_keyring_mode, exec_keyring_mode, ExecKeyringMode, "Failed to parse keyring mode");
4452
4453 int config_parse_job_timeout_sec(
4454 const char* unit,
4455 const char *filename,
4456 unsigned line,
4457 const char *section,
4458 unsigned section_line,
4459 const char *lvalue,
4460 int ltype,
4461 const char *rvalue,
4462 void *data,
4463 void *userdata) {
4464
4465 Unit *u = data;
4466 usec_t usec;
4467 int r;
4468
4469 assert(filename);
4470 assert(lvalue);
4471 assert(rvalue);
4472 assert(u);
4473
4474 r = parse_sec_fix_0(rvalue, &usec);
4475 if (r < 0) {
4476 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobTimeoutSec= parameter, ignoring: %s", rvalue);
4477 return 0;
4478 }
4479
4480 /* If the user explicitly changed JobTimeoutSec= also change JobRunningTimeoutSec=, for compatibility with old
4481 * versions. If JobRunningTimeoutSec= was explicitly set, avoid this however as whatever the user picked should
4482 * count. */
4483
4484 if (!u->job_running_timeout_set)
4485 u->job_running_timeout = usec;
4486
4487 u->job_timeout = usec;
4488
4489 return 0;
4490 }
4491
4492 int config_parse_job_running_timeout_sec(
4493 const char* unit,
4494 const char *filename,
4495 unsigned line,
4496 const char *section,
4497 unsigned section_line,
4498 const char *lvalue,
4499 int ltype,
4500 const char *rvalue,
4501 void *data,
4502 void *userdata) {
4503
4504 Unit *u = data;
4505 usec_t usec;
4506 int r;
4507
4508 assert(filename);
4509 assert(lvalue);
4510 assert(rvalue);
4511 assert(u);
4512
4513 r = parse_sec_fix_0(rvalue, &usec);
4514 if (r < 0) {
4515 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobRunningTimeoutSec= parameter, ignoring: %s", rvalue);
4516 return 0;
4517 }
4518
4519 u->job_running_timeout = usec;
4520 u->job_running_timeout_set = true;
4521
4522 return 0;
4523 }
4524
4525 #define FOLLOW_MAX 8
4526
4527 static int open_follow(char **filename, FILE **_f, Set *names, char **_final) {
4528 char *id = NULL;
4529 unsigned c = 0;
4530 int fd, r;
4531 FILE *f;
4532
4533 assert(filename);
4534 assert(*filename);
4535 assert(_f);
4536 assert(names);
4537
4538 /* This will update the filename pointer if the loaded file is
4539 * reached by a symlink. The old string will be freed. */
4540
4541 for (;;) {
4542 char *target, *name;
4543
4544 if (c++ >= FOLLOW_MAX)
4545 return -ELOOP;
4546
4547 path_kill_slashes(*filename);
4548
4549 /* Add the file name we are currently looking at to
4550 * the names of this unit, but only if it is a valid
4551 * unit name. */
4552 name = basename(*filename);
4553 if (unit_name_is_valid(name, UNIT_NAME_ANY)) {
4554
4555 id = set_get(names, name);
4556 if (!id) {
4557 id = strdup(name);
4558 if (!id)
4559 return -ENOMEM;
4560
4561 r = set_consume(names, id);
4562 if (r < 0)
4563 return r;
4564 }
4565 }
4566
4567 /* Try to open the file name, but don't if its a symlink */
4568 fd = open(*filename, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW);
4569 if (fd >= 0)
4570 break;
4571
4572 if (errno != ELOOP)
4573 return -errno;
4574
4575 /* Hmm, so this is a symlink. Let's read the name, and follow it manually */
4576 r = readlink_and_make_absolute(*filename, &target);
4577 if (r < 0)
4578 return r;
4579
4580 free(*filename);
4581 *filename = target;
4582 }
4583
4584 f = fdopen(fd, "re");
4585 if (!f) {
4586 safe_close(fd);
4587 return -errno;
4588 }
4589
4590 *_f = f;
4591 *_final = id;
4592
4593 return 0;
4594 }
4595
4596 static int merge_by_names(Unit **u, Set *names, const char *id) {
4597 char *k;
4598 int r;
4599
4600 assert(u);
4601 assert(*u);
4602 assert(names);
4603
4604 /* Let's try to add in all symlink names we found */
4605 while ((k = set_steal_first(names))) {
4606
4607 /* First try to merge in the other name into our
4608 * unit */
4609 r = unit_merge_by_name(*u, k);
4610 if (r < 0) {
4611 Unit *other;
4612
4613 /* Hmm, we couldn't merge the other unit into
4614 * ours? Then let's try it the other way
4615 * round */
4616
4617 /* If the symlink name we are looking at is unit template, then
4618 we must search for instance of this template */
4619 if (unit_name_is_valid(k, UNIT_NAME_TEMPLATE) && (*u)->instance) {
4620 _cleanup_free_ char *instance = NULL;
4621
4622 r = unit_name_replace_instance(k, (*u)->instance, &instance);
4623 if (r < 0)
4624 return r;
4625
4626 other = manager_get_unit((*u)->manager, instance);
4627 } else
4628 other = manager_get_unit((*u)->manager, k);
4629
4630 free(k);
4631
4632 if (other) {
4633 r = unit_merge(other, *u);
4634 if (r >= 0) {
4635 *u = other;
4636 return merge_by_names(u, names, NULL);
4637 }
4638 }
4639
4640 return r;
4641 }
4642
4643 if (id == k)
4644 unit_choose_id(*u, id);
4645
4646 free(k);
4647 }
4648
4649 return 0;
4650 }
4651
4652 static int load_from_path(Unit *u, const char *path) {
4653 _cleanup_set_free_free_ Set *symlink_names = NULL;
4654 _cleanup_fclose_ FILE *f = NULL;
4655 _cleanup_free_ char *filename = NULL;
4656 char *id = NULL;
4657 Unit *merged;
4658 struct stat st;
4659 int r;
4660
4661 assert(u);
4662 assert(path);
4663
4664 symlink_names = set_new(&string_hash_ops);
4665 if (!symlink_names)
4666 return -ENOMEM;
4667
4668 if (path_is_absolute(path)) {
4669
4670 filename = strdup(path);
4671 if (!filename)
4672 return -ENOMEM;
4673
4674 r = open_follow(&filename, &f, symlink_names, &id);
4675 if (r < 0) {
4676 filename = mfree(filename);
4677 if (r != -ENOENT)
4678 return r;
4679 }
4680
4681 } else {
4682 char **p;
4683
4684 STRV_FOREACH(p, u->manager->lookup_paths.search_path) {
4685
4686 /* Instead of opening the path right away, we manually
4687 * follow all symlinks and add their name to our unit
4688 * name set while doing so */
4689 filename = path_make_absolute(path, *p);
4690 if (!filename)
4691 return -ENOMEM;
4692
4693 if (u->manager->unit_path_cache &&
4694 !set_get(u->manager->unit_path_cache, filename))
4695 r = -ENOENT;
4696 else
4697 r = open_follow(&filename, &f, symlink_names, &id);
4698 if (r >= 0)
4699 break;
4700 filename = mfree(filename);
4701
4702 /* ENOENT means that the file is missing or is a dangling symlink.
4703 * ENOTDIR means that one of paths we expect to be is a directory
4704 * is not a directory, we should just ignore that.
4705 * EACCES means that the directory or file permissions are wrong.
4706 */
4707 if (r == -EACCES)
4708 log_debug_errno(r, "Cannot access \"%s\": %m", filename);
4709 else if (!IN_SET(r, -ENOENT, -ENOTDIR))
4710 return r;
4711
4712 /* Empty the symlink names for the next run */
4713 set_clear_free(symlink_names);
4714 }
4715 }
4716
4717 if (!filename)
4718 /* Hmm, no suitable file found? */
4719 return 0;
4720
4721 if (!unit_type_may_alias(u->type) && set_size(symlink_names) > 1) {
4722 log_unit_warning(u, "Unit type of %s does not support alias names, refusing loading via symlink.", u->id);
4723 return -ELOOP;
4724 }
4725
4726 merged = u;
4727 r = merge_by_names(&merged, symlink_names, id);
4728 if (r < 0)
4729 return r;
4730
4731 if (merged != u) {
4732 u->load_state = UNIT_MERGED;
4733 return 0;
4734 }
4735
4736 if (fstat(fileno(f), &st) < 0)
4737 return -errno;
4738
4739 if (null_or_empty(&st)) {
4740 u->load_state = UNIT_MASKED;
4741 u->fragment_mtime = 0;
4742 } else {
4743 u->load_state = UNIT_LOADED;
4744 u->fragment_mtime = timespec_load(&st.st_mtim);
4745
4746 /* Now, parse the file contents */
4747 r = config_parse(u->id, filename, f,
4748 UNIT_VTABLE(u)->sections,
4749 config_item_perf_lookup, load_fragment_gperf_lookup,
4750 CONFIG_PARSE_ALLOW_INCLUDE, u);
4751 if (r < 0)
4752 return r;
4753 }
4754
4755 free_and_replace(u->fragment_path, filename);
4756
4757 if (u->source_path) {
4758 if (stat(u->source_path, &st) >= 0)
4759 u->source_mtime = timespec_load(&st.st_mtim);
4760 else
4761 u->source_mtime = 0;
4762 }
4763
4764 return 0;
4765 }
4766
4767 int unit_load_fragment(Unit *u) {
4768 int r;
4769 Iterator i;
4770 const char *t;
4771
4772 assert(u);
4773 assert(u->load_state == UNIT_STUB);
4774 assert(u->id);
4775
4776 if (u->transient) {
4777 u->load_state = UNIT_LOADED;
4778 return 0;
4779 }
4780
4781 /* First, try to find the unit under its id. We always look
4782 * for unit files in the default directories, to make it easy
4783 * to override things by placing things in /etc/systemd/system */
4784 r = load_from_path(u, u->id);
4785 if (r < 0)
4786 return r;
4787
4788 /* Try to find an alias we can load this with */
4789 if (u->load_state == UNIT_STUB) {
4790 SET_FOREACH(t, u->names, i) {
4791
4792 if (t == u->id)
4793 continue;
4794
4795 r = load_from_path(u, t);
4796 if (r < 0)
4797 return r;
4798
4799 if (u->load_state != UNIT_STUB)
4800 break;
4801 }
4802 }
4803
4804 /* And now, try looking for it under the suggested (originally linked) path */
4805 if (u->load_state == UNIT_STUB && u->fragment_path) {
4806
4807 r = load_from_path(u, u->fragment_path);
4808 if (r < 0)
4809 return r;
4810
4811 if (u->load_state == UNIT_STUB)
4812 /* Hmm, this didn't work? Then let's get rid
4813 * of the fragment path stored for us, so that
4814 * we don't point to an invalid location. */
4815 u->fragment_path = mfree(u->fragment_path);
4816 }
4817
4818 /* Look for a template */
4819 if (u->load_state == UNIT_STUB && u->instance) {
4820 _cleanup_free_ char *k = NULL;
4821
4822 r = unit_name_template(u->id, &k);
4823 if (r < 0)
4824 return r;
4825
4826 r = load_from_path(u, k);
4827 if (r < 0) {
4828 if (r == -ENOEXEC)
4829 log_unit_notice(u, "Unit configuration has fatal error, unit will not be started.");
4830 return r;
4831 }
4832
4833 if (u->load_state == UNIT_STUB) {
4834 SET_FOREACH(t, u->names, i) {
4835 _cleanup_free_ char *z = NULL;
4836
4837 if (t == u->id)
4838 continue;
4839
4840 r = unit_name_template(t, &z);
4841 if (r < 0)
4842 return r;
4843
4844 r = load_from_path(u, z);
4845 if (r < 0)
4846 return r;
4847
4848 if (u->load_state != UNIT_STUB)
4849 break;
4850 }
4851 }
4852 }
4853
4854 return 0;
4855 }
4856
4857 void unit_dump_config_items(FILE *f) {
4858 static const struct {
4859 const ConfigParserCallback callback;
4860 const char *rvalue;
4861 } table[] = {
4862 { config_parse_warn_compat, "NOTSUPPORTED" },
4863 { config_parse_int, "INTEGER" },
4864 { config_parse_unsigned, "UNSIGNED" },
4865 { config_parse_iec_size, "SIZE" },
4866 { config_parse_iec_uint64, "SIZE" },
4867 { config_parse_si_size, "SIZE" },
4868 { config_parse_bool, "BOOLEAN" },
4869 { config_parse_string, "STRING" },
4870 { config_parse_path, "PATH" },
4871 { config_parse_unit_path_printf, "PATH" },
4872 { config_parse_strv, "STRING [...]" },
4873 { config_parse_exec_nice, "NICE" },
4874 { config_parse_exec_oom_score_adjust, "OOMSCOREADJUST" },
4875 { config_parse_exec_io_class, "IOCLASS" },
4876 { config_parse_exec_io_priority, "IOPRIORITY" },
4877 { config_parse_exec_cpu_sched_policy, "CPUSCHEDPOLICY" },
4878 { config_parse_exec_cpu_sched_prio, "CPUSCHEDPRIO" },
4879 { config_parse_exec_cpu_affinity, "CPUAFFINITY" },
4880 { config_parse_mode, "MODE" },
4881 { config_parse_unit_env_file, "FILE" },
4882 { config_parse_exec_output, "OUTPUT" },
4883 { config_parse_exec_input, "INPUT" },
4884 { config_parse_log_facility, "FACILITY" },
4885 { config_parse_log_level, "LEVEL" },
4886 { config_parse_exec_secure_bits, "SECUREBITS" },
4887 { config_parse_capability_set, "BOUNDINGSET" },
4888 { config_parse_rlimit, "LIMIT" },
4889 { config_parse_unit_deps, "UNIT [...]" },
4890 { config_parse_exec, "PATH [ARGUMENT [...]]" },
4891 { config_parse_service_type, "SERVICETYPE" },
4892 { config_parse_service_restart, "SERVICERESTART" },
4893 { config_parse_kill_mode, "KILLMODE" },
4894 { config_parse_signal, "SIGNAL" },
4895 { config_parse_socket_listen, "SOCKET [...]" },
4896 { config_parse_socket_bind, "SOCKETBIND" },
4897 { config_parse_socket_bindtodevice, "NETWORKINTERFACE" },
4898 { config_parse_sec, "SECONDS" },
4899 { config_parse_nsec, "NANOSECONDS" },
4900 { config_parse_namespace_path_strv, "PATH [...]" },
4901 { config_parse_bind_paths, "PATH[:PATH[:OPTIONS]] [...]" },
4902 { config_parse_unit_requires_mounts_for, "PATH [...]" },
4903 { config_parse_exec_mount_flags, "MOUNTFLAG [...]" },
4904 { config_parse_unit_string_printf, "STRING" },
4905 { config_parse_trigger_unit, "UNIT" },
4906 { config_parse_timer, "TIMER" },
4907 { config_parse_path_spec, "PATH" },
4908 { config_parse_notify_access, "ACCESS" },
4909 { config_parse_ip_tos, "TOS" },
4910 { config_parse_unit_condition_path, "CONDITION" },
4911 { config_parse_unit_condition_string, "CONDITION" },
4912 { config_parse_unit_condition_null, "CONDITION" },
4913 { config_parse_unit_slice, "SLICE" },
4914 { config_parse_documentation, "URL" },
4915 { config_parse_service_timeout, "SECONDS" },
4916 { config_parse_emergency_action, "ACTION" },
4917 { config_parse_set_status, "STATUS" },
4918 { config_parse_service_sockets, "SOCKETS" },
4919 { config_parse_environ, "ENVIRON" },
4920 #if HAVE_SECCOMP
4921 { config_parse_syscall_filter, "SYSCALLS" },
4922 { config_parse_syscall_archs, "ARCHS" },
4923 { config_parse_syscall_errno, "ERRNO" },
4924 { config_parse_address_families, "FAMILIES" },
4925 { config_parse_restrict_namespaces, "NAMESPACES" },
4926 #endif
4927 { config_parse_cpu_shares, "SHARES" },
4928 { config_parse_cpu_weight, "WEIGHT" },
4929 { config_parse_memory_limit, "LIMIT" },
4930 { config_parse_device_allow, "DEVICE" },
4931 { config_parse_device_policy, "POLICY" },
4932 { config_parse_io_limit, "LIMIT" },
4933 { config_parse_io_weight, "WEIGHT" },
4934 { config_parse_io_device_weight, "DEVICEWEIGHT" },
4935 { config_parse_blockio_bandwidth, "BANDWIDTH" },
4936 { config_parse_blockio_weight, "WEIGHT" },
4937 { config_parse_blockio_device_weight, "DEVICEWEIGHT" },
4938 { config_parse_long, "LONG" },
4939 { config_parse_socket_service, "SERVICE" },
4940 #if HAVE_SELINUX
4941 { config_parse_exec_selinux_context, "LABEL" },
4942 #endif
4943 { config_parse_job_mode, "MODE" },
4944 { config_parse_job_mode_isolate, "BOOLEAN" },
4945 { config_parse_personality, "PERSONALITY" },
4946 };
4947
4948 const char *prev = NULL;
4949 const char *i;
4950
4951 assert(f);
4952
4953 NULSTR_FOREACH(i, load_fragment_gperf_nulstr) {
4954 const char *rvalue = "OTHER", *lvalue;
4955 const ConfigPerfItem *p;
4956 size_t prefix_len;
4957 const char *dot;
4958 unsigned j;
4959
4960 assert_se(p = load_fragment_gperf_lookup(i, strlen(i)));
4961
4962 /* Hide legacy settings */
4963 if (p->parse == config_parse_warn_compat &&
4964 p->ltype == DISABLED_LEGACY)
4965 continue;
4966
4967 for (j = 0; j < ELEMENTSOF(table); j++)
4968 if (p->parse == table[j].callback) {
4969 rvalue = table[j].rvalue;
4970 break;
4971 }
4972
4973 dot = strchr(i, '.');
4974 lvalue = dot ? dot + 1 : i;
4975 prefix_len = dot-i;
4976
4977 if (dot)
4978 if (!prev || !strneq(prev, i, prefix_len+1)) {
4979 if (prev)
4980 fputc('\n', f);
4981
4982 fprintf(f, "[%.*s]\n", (int) prefix_len, i);
4983 }
4984
4985 fprintf(f, "%s=%s\n", lvalue, rvalue);
4986 prev = i;
4987 }
4988 }
Unnamed repository; edit this file 'description' to name the repository.