]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/manager.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #8144 from poettering/journal-inotify-fixes
[thirdparty/systemd.git] / src / core / manager.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
11
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
16
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
19 ***/
20
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <linux/kd.h>
24 #include <signal.h>
25 #include <stdio_ext.h>
26 #include <string.h>
27 #include <sys/epoll.h>
28 #include <sys/inotify.h>
29 #include <sys/ioctl.h>
30 #include <sys/reboot.h>
31 #include <sys/timerfd.h>
32 #include <sys/wait.h>
33 #include <unistd.h>
34
35 #if HAVE_AUDIT
36 #include <libaudit.h>
37 #endif
38
39 #include "sd-daemon.h"
40 #include "sd-messages.h"
41 #include "sd-path.h"
42
43 #include "alloc-util.h"
44 #include "audit-fd.h"
45 #include "boot-timestamps.h"
46 #include "bus-common-errors.h"
47 #include "bus-error.h"
48 #include "bus-kernel.h"
49 #include "bus-util.h"
50 #include "clean-ipc.h"
51 #include "clock-util.h"
52 #include "dbus-job.h"
53 #include "dbus-manager.h"
54 #include "dbus-unit.h"
55 #include "dbus.h"
56 #include "dirent-util.h"
57 #include "env-util.h"
58 #include "escape.h"
59 #include "exec-util.h"
60 #include "execute.h"
61 #include "exit-status.h"
62 #include "fd-util.h"
63 #include "fileio.h"
64 #include "fs-util.h"
65 #include "hashmap.h"
66 #include "io-util.h"
67 #include "label.h"
68 #include "locale-setup.h"
69 #include "log.h"
70 #include "macro.h"
71 #include "manager.h"
72 #include "missing.h"
73 #include "mkdir.h"
74 #include "parse-util.h"
75 #include "path-lookup.h"
76 #include "path-util.h"
77 #include "process-util.h"
78 #include "ratelimit.h"
79 #include "rm-rf.h"
80 #include "signal-util.h"
81 #include "special.h"
82 #include "stat-util.h"
83 #include "string-table.h"
84 #include "string-util.h"
85 #include "strv.h"
86 #include "strxcpyx.h"
87 #include "terminal-util.h"
88 #include "time-util.h"
89 #include "transaction.h"
90 #include "umask-util.h"
91 #include "unit-name.h"
92 #include "user-util.h"
93 #include "util.h"
94 #include "virt.h"
95 #include "watchdog.h"
96
97 #define NOTIFY_RCVBUF_SIZE (8*1024*1024)
98 #define CGROUPS_AGENT_RCVBUF_SIZE (8*1024*1024)
99
100 /* Initial delay and the interval for printing status messages about running jobs */
101 #define JOBS_IN_PROGRESS_WAIT_USEC (5*USEC_PER_SEC)
102 #define JOBS_IN_PROGRESS_PERIOD_USEC (USEC_PER_SEC / 3)
103 #define JOBS_IN_PROGRESS_PERIOD_DIVISOR 3
104
105 static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
106 static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
107 static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
108 static int manager_dispatch_time_change_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
109 static int manager_dispatch_idle_pipe_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
110 static int manager_dispatch_user_lookup_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
111 static int manager_dispatch_jobs_in_progress(sd_event_source *source, usec_t usec, void *userdata);
112 static int manager_dispatch_run_queue(sd_event_source *source, void *userdata);
113 static int manager_dispatch_sigchld(sd_event_source *source, void *userdata);
114 static int manager_run_environment_generators(Manager *m);
115 static int manager_run_generators(Manager *m);
116
117 static void manager_watch_jobs_in_progress(Manager *m) {
118 usec_t next;
119 int r;
120
121 assert(m);
122
123 /* We do not want to show the cylon animation if the user
124 * needs to confirm service executions otherwise confirmation
125 * messages will be screwed by the cylon animation. */
126 if (!manager_is_confirm_spawn_disabled(m))
127 return;
128
129 if (m->jobs_in_progress_event_source)
130 return;
131
132 next = now(CLOCK_MONOTONIC) + JOBS_IN_PROGRESS_WAIT_USEC;
133 r = sd_event_add_time(
134 m->event,
135 &m->jobs_in_progress_event_source,
136 CLOCK_MONOTONIC,
137 next, 0,
138 manager_dispatch_jobs_in_progress, m);
139 if (r < 0)
140 return;
141
142 (void) sd_event_source_set_description(m->jobs_in_progress_event_source, "manager-jobs-in-progress");
143 }
144
145 #define CYLON_BUFFER_EXTRA (2*STRLEN(ANSI_RED) + STRLEN(ANSI_HIGHLIGHT_RED) + 2*STRLEN(ANSI_NORMAL))
146
147 static void draw_cylon(char buffer[], size_t buflen, unsigned width, unsigned pos) {
148 char *p = buffer;
149
150 assert(buflen >= CYLON_BUFFER_EXTRA + width + 1);
151 assert(pos <= width+1); /* 0 or width+1 mean that the center light is behind the corner */
152
153 if (pos > 1) {
154 if (pos > 2)
155 p = mempset(p, ' ', pos-2);
156 if (log_get_show_color())
157 p = stpcpy(p, ANSI_RED);
158 *p++ = '*';
159 }
160
161 if (pos > 0 && pos <= width) {
162 if (log_get_show_color())
163 p = stpcpy(p, ANSI_HIGHLIGHT_RED);
164 *p++ = '*';
165 }
166
167 if (log_get_show_color())
168 p = stpcpy(p, ANSI_NORMAL);
169
170 if (pos < width) {
171 if (log_get_show_color())
172 p = stpcpy(p, ANSI_RED);
173 *p++ = '*';
174 if (pos < width-1)
175 p = mempset(p, ' ', width-1-pos);
176 if (log_get_show_color())
177 strcpy(p, ANSI_NORMAL);
178 }
179 }
180
181 void manager_flip_auto_status(Manager *m, bool enable) {
182 assert(m);
183
184 if (enable) {
185 if (m->show_status == SHOW_STATUS_AUTO)
186 manager_set_show_status(m, SHOW_STATUS_TEMPORARY);
187 } else {
188 if (m->show_status == SHOW_STATUS_TEMPORARY)
189 manager_set_show_status(m, SHOW_STATUS_AUTO);
190 }
191 }
192
193 static void manager_print_jobs_in_progress(Manager *m) {
194 _cleanup_free_ char *job_of_n = NULL;
195 Iterator i;
196 Job *j;
197 unsigned counter = 0, print_nr;
198 char cylon[6 + CYLON_BUFFER_EXTRA + 1];
199 unsigned cylon_pos;
200 char time[FORMAT_TIMESPAN_MAX], limit[FORMAT_TIMESPAN_MAX] = "no limit";
201 uint64_t x;
202
203 assert(m);
204 assert(m->n_running_jobs > 0);
205
206 manager_flip_auto_status(m, true);
207
208 print_nr = (m->jobs_in_progress_iteration / JOBS_IN_PROGRESS_PERIOD_DIVISOR) % m->n_running_jobs;
209
210 HASHMAP_FOREACH(j, m->jobs, i)
211 if (j->state == JOB_RUNNING && counter++ == print_nr)
212 break;
213
214 /* m->n_running_jobs must be consistent with the contents of m->jobs,
215 * so the above loop must have succeeded in finding j. */
216 assert(counter == print_nr + 1);
217 assert(j);
218
219 cylon_pos = m->jobs_in_progress_iteration % 14;
220 if (cylon_pos >= 8)
221 cylon_pos = 14 - cylon_pos;
222 draw_cylon(cylon, sizeof(cylon), 6, cylon_pos);
223
224 m->jobs_in_progress_iteration++;
225
226 if (m->n_running_jobs > 1) {
227 if (asprintf(&job_of_n, "(%u of %u) ", counter, m->n_running_jobs) < 0)
228 job_of_n = NULL;
229 }
230
231 format_timespan(time, sizeof(time), now(CLOCK_MONOTONIC) - j->begin_usec, 1*USEC_PER_SEC);
232 if (job_get_timeout(j, &x) > 0)
233 format_timespan(limit, sizeof(limit), x - j->begin_usec, 1*USEC_PER_SEC);
234
235 manager_status_printf(m, STATUS_TYPE_EPHEMERAL, cylon,
236 "%sA %s job is running for %s (%s / %s)",
237 strempty(job_of_n),
238 job_type_to_string(j->type),
239 unit_description(j->unit),
240 time, limit);
241 }
242
243 static int have_ask_password(void) {
244 _cleanup_closedir_ DIR *dir;
245 struct dirent *de;
246
247 dir = opendir("/run/systemd/ask-password");
248 if (!dir) {
249 if (errno == ENOENT)
250 return false;
251 else
252 return -errno;
253 }
254
255 FOREACH_DIRENT_ALL(de, dir, return -errno) {
256 if (startswith(de->d_name, "ask."))
257 return true;
258 }
259 return false;
260 }
261
262 static int manager_dispatch_ask_password_fd(sd_event_source *source,
263 int fd, uint32_t revents, void *userdata) {
264 Manager *m = userdata;
265
266 assert(m);
267
268 (void) flush_fd(fd);
269
270 m->have_ask_password = have_ask_password();
271 if (m->have_ask_password < 0)
272 /* Log error but continue. Negative have_ask_password
273 * is treated as unknown status. */
274 log_error_errno(m->have_ask_password, "Failed to list /run/systemd/ask-password: %m");
275
276 return 0;
277 }
278
279 static void manager_close_ask_password(Manager *m) {
280 assert(m);
281
282 m->ask_password_event_source = sd_event_source_unref(m->ask_password_event_source);
283 m->ask_password_inotify_fd = safe_close(m->ask_password_inotify_fd);
284 m->have_ask_password = -EINVAL;
285 }
286
287 static int manager_check_ask_password(Manager *m) {
288 int r;
289
290 assert(m);
291
292 if (!m->ask_password_event_source) {
293 assert(m->ask_password_inotify_fd < 0);
294
295 mkdir_p_label("/run/systemd/ask-password", 0755);
296
297 m->ask_password_inotify_fd = inotify_init1(IN_NONBLOCK|IN_CLOEXEC);
298 if (m->ask_password_inotify_fd < 0)
299 return log_error_errno(errno, "inotify_init1() failed: %m");
300
301 if (inotify_add_watch(m->ask_password_inotify_fd, "/run/systemd/ask-password", IN_CREATE|IN_DELETE|IN_MOVE) < 0) {
302 log_error_errno(errno, "Failed to add watch on /run/systemd/ask-password: %m");
303 manager_close_ask_password(m);
304 return -errno;
305 }
306
307 r = sd_event_add_io(m->event, &m->ask_password_event_source,
308 m->ask_password_inotify_fd, EPOLLIN,
309 manager_dispatch_ask_password_fd, m);
310 if (r < 0) {
311 log_error_errno(errno, "Failed to add event source for /run/systemd/ask-password: %m");
312 manager_close_ask_password(m);
313 return -errno;
314 }
315
316 (void) sd_event_source_set_description(m->ask_password_event_source, "manager-ask-password");
317
318 /* Queries might have been added meanwhile... */
319 manager_dispatch_ask_password_fd(m->ask_password_event_source,
320 m->ask_password_inotify_fd, EPOLLIN, m);
321 }
322
323 return m->have_ask_password;
324 }
325
326 static int manager_watch_idle_pipe(Manager *m) {
327 int r;
328
329 assert(m);
330
331 if (m->idle_pipe_event_source)
332 return 0;
333
334 if (m->idle_pipe[2] < 0)
335 return 0;
336
337 r = sd_event_add_io(m->event, &m->idle_pipe_event_source, m->idle_pipe[2], EPOLLIN, manager_dispatch_idle_pipe_fd, m);
338 if (r < 0)
339 return log_error_errno(r, "Failed to watch idle pipe: %m");
340
341 (void) sd_event_source_set_description(m->idle_pipe_event_source, "manager-idle-pipe");
342
343 return 0;
344 }
345
346 static void manager_close_idle_pipe(Manager *m) {
347 assert(m);
348
349 m->idle_pipe_event_source = sd_event_source_unref(m->idle_pipe_event_source);
350
351 safe_close_pair(m->idle_pipe);
352 safe_close_pair(m->idle_pipe + 2);
353 }
354
355 static int manager_setup_time_change(Manager *m) {
356 int r;
357
358 /* We only care for the cancellation event, hence we set the
359 * timeout to the latest possible value. */
360 struct itimerspec its = {
361 .it_value.tv_sec = TIME_T_MAX,
362 };
363
364 assert(m);
365 assert_cc(sizeof(time_t) == sizeof(TIME_T_MAX));
366
367 if (m->test_run_flags)
368 return 0;
369
370 /* Uses TFD_TIMER_CANCEL_ON_SET to get notifications whenever
371 * CLOCK_REALTIME makes a jump relative to CLOCK_MONOTONIC */
372
373 m->time_change_fd = timerfd_create(CLOCK_REALTIME, TFD_NONBLOCK|TFD_CLOEXEC);
374 if (m->time_change_fd < 0)
375 return log_error_errno(errno, "Failed to create timerfd: %m");
376
377 if (timerfd_settime(m->time_change_fd, TFD_TIMER_ABSTIME|TFD_TIMER_CANCEL_ON_SET, &its, NULL) < 0) {
378 log_debug_errno(errno, "Failed to set up TFD_TIMER_CANCEL_ON_SET, ignoring: %m");
379 m->time_change_fd = safe_close(m->time_change_fd);
380 return 0;
381 }
382
383 r = sd_event_add_io(m->event, &m->time_change_event_source, m->time_change_fd, EPOLLIN, manager_dispatch_time_change_fd, m);
384 if (r < 0)
385 return log_error_errno(r, "Failed to create time change event source: %m");
386
387 (void) sd_event_source_set_description(m->time_change_event_source, "manager-time-change");
388
389 log_debug("Set up TFD_TIMER_CANCEL_ON_SET timerfd.");
390
391 return 0;
392 }
393
394 static int enable_special_signals(Manager *m) {
395 _cleanup_close_ int fd = -1;
396
397 assert(m);
398
399 if (m->test_run_flags)
400 return 0;
401
402 /* Enable that we get SIGINT on control-alt-del. In containers
403 * this will fail with EPERM (older) or EINVAL (newer), so
404 * ignore that. */
405 if (reboot(RB_DISABLE_CAD) < 0 && !IN_SET(errno, EPERM, EINVAL))
406 log_warning_errno(errno, "Failed to enable ctrl-alt-del handling: %m");
407
408 fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
409 if (fd < 0) {
410 /* Support systems without virtual console */
411 if (fd != -ENOENT)
412 log_warning_errno(errno, "Failed to open /dev/tty0: %m");
413 } else {
414 /* Enable that we get SIGWINCH on kbrequest */
415 if (ioctl(fd, KDSIGACCEPT, SIGWINCH) < 0)
416 log_warning_errno(errno, "Failed to enable kbrequest handling: %m");
417 }
418
419 return 0;
420 }
421
422 static int manager_setup_signals(Manager *m) {
423 struct sigaction sa = {
424 .sa_handler = SIG_DFL,
425 .sa_flags = SA_NOCLDSTOP|SA_RESTART,
426 };
427 sigset_t mask;
428 int r;
429
430 assert(m);
431
432 assert_se(sigaction(SIGCHLD, &sa, NULL) == 0);
433
434 /* We make liberal use of realtime signals here. On
435 * Linux/glibc we have 30 of them (with the exception of Linux
436 * on hppa, see below), between SIGRTMIN+0 ... SIGRTMIN+30
437 * (aka SIGRTMAX). */
438
439 assert_se(sigemptyset(&mask) == 0);
440 sigset_add_many(&mask,
441 SIGCHLD, /* Child died */
442 SIGTERM, /* Reexecute daemon */
443 SIGHUP, /* Reload configuration */
444 SIGUSR1, /* systemd/upstart: reconnect to D-Bus */
445 SIGUSR2, /* systemd: dump status */
446 SIGINT, /* Kernel sends us this on control-alt-del */
447 SIGWINCH, /* Kernel sends us this on kbrequest (alt-arrowup) */
448 SIGPWR, /* Some kernel drivers and upsd send us this on power failure */
449
450 SIGRTMIN+0, /* systemd: start default.target */
451 SIGRTMIN+1, /* systemd: isolate rescue.target */
452 SIGRTMIN+2, /* systemd: isolate emergency.target */
453 SIGRTMIN+3, /* systemd: start halt.target */
454 SIGRTMIN+4, /* systemd: start poweroff.target */
455 SIGRTMIN+5, /* systemd: start reboot.target */
456 SIGRTMIN+6, /* systemd: start kexec.target */
457
458 /* ... space for more special targets ... */
459
460 SIGRTMIN+13, /* systemd: Immediate halt */
461 SIGRTMIN+14, /* systemd: Immediate poweroff */
462 SIGRTMIN+15, /* systemd: Immediate reboot */
463 SIGRTMIN+16, /* systemd: Immediate kexec */
464
465 /* ... space for more immediate system state changes ... */
466
467 SIGRTMIN+20, /* systemd: enable status messages */
468 SIGRTMIN+21, /* systemd: disable status messages */
469 SIGRTMIN+22, /* systemd: set log level to LOG_DEBUG */
470 SIGRTMIN+23, /* systemd: set log level to LOG_INFO */
471 SIGRTMIN+24, /* systemd: Immediate exit (--user only) */
472
473 /* .. one free signal here ... */
474
475 #if !defined(__hppa64__) && !defined(__hppa__)
476 /* Apparently Linux on hppa has fewer RT
477 * signals (SIGRTMAX is SIGRTMIN+25 there),
478 * hence let's not try to make use of them
479 * here. Since these commands are accessible
480 * by different means and only really a safety
481 * net, the missing functionality on hppa
482 * shouldn't matter. */
483
484 SIGRTMIN+26, /* systemd: set log target to journal-or-kmsg */
485 SIGRTMIN+27, /* systemd: set log target to console */
486 SIGRTMIN+28, /* systemd: set log target to kmsg */
487 SIGRTMIN+29, /* systemd: set log target to syslog-or-kmsg (obsolete) */
488
489 /* ... one free signal here SIGRTMIN+30 ... */
490 #endif
491 -1);
492 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
493
494 m->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
495 if (m->signal_fd < 0)
496 return -errno;
497
498 r = sd_event_add_io(m->event, &m->signal_event_source, m->signal_fd, EPOLLIN, manager_dispatch_signal_fd, m);
499 if (r < 0)
500 return r;
501
502 (void) sd_event_source_set_description(m->signal_event_source, "manager-signal");
503
504 /* Process signals a bit earlier than the rest of things, but later than notify_fd processing, so that the
505 * notify processing can still figure out to which process/service a message belongs, before we reap the
506 * process. Also, process this before handling cgroup notifications, so that we always collect child exit
507 * status information before detecting that there's no process in a cgroup. */
508 r = sd_event_source_set_priority(m->signal_event_source, SD_EVENT_PRIORITY_NORMAL-6);
509 if (r < 0)
510 return r;
511
512 if (MANAGER_IS_SYSTEM(m))
513 return enable_special_signals(m);
514
515 return 0;
516 }
517
518 static void manager_sanitize_environment(Manager *m) {
519 assert(m);
520
521 /* Let's remove some environment variables that we need ourselves to communicate with our clients */
522 strv_env_unset_many(
523 m->environment,
524 "EXIT_CODE",
525 "EXIT_STATUS",
526 "INVOCATION_ID",
527 "JOURNAL_STREAM",
528 "LISTEN_FDNAMES",
529 "LISTEN_FDS",
530 "LISTEN_PID",
531 "MAINPID",
532 "MANAGERPID",
533 "NOTIFY_SOCKET",
534 "REMOTE_ADDR",
535 "REMOTE_PORT",
536 "SERVICE_RESULT",
537 "WATCHDOG_PID",
538 "WATCHDOG_USEC",
539 NULL);
540
541 /* Let's order the environment alphabetically, just to make it pretty */
542 strv_sort(m->environment);
543 }
544
545 static int manager_default_environment(Manager *m) {
546 assert(m);
547
548 if (MANAGER_IS_SYSTEM(m)) {
549 /* The system manager always starts with a clean
550 * environment for its children. It does not import
551 * the kernel's or the parents' exported variables.
552 *
553 * The initial passed environment is untouched to keep
554 * /proc/self/environ valid; it is used for tagging
555 * the init process inside containers. */
556 m->environment = strv_new("PATH=" DEFAULT_PATH,
557 NULL);
558
559 /* Import locale variables LC_*= from configuration */
560 locale_setup(&m->environment);
561 } else
562 /* The user manager passes its own environment
563 * along to its children. */
564 m->environment = strv_copy(environ);
565
566 if (!m->environment)
567 return -ENOMEM;
568
569 manager_sanitize_environment(m);
570
571 return 0;
572 }
573
574 static int manager_setup_prefix(Manager *m) {
575 struct table_entry {
576 uint64_t type;
577 const char *suffix;
578 };
579
580 static const struct table_entry paths_system[_EXEC_DIRECTORY_TYPE_MAX] = {
581 [EXEC_DIRECTORY_RUNTIME] = { SD_PATH_SYSTEM_RUNTIME, NULL },
582 [EXEC_DIRECTORY_STATE] = { SD_PATH_SYSTEM_STATE_PRIVATE, NULL },
583 [EXEC_DIRECTORY_CACHE] = { SD_PATH_SYSTEM_STATE_CACHE, NULL },
584 [EXEC_DIRECTORY_LOGS] = { SD_PATH_SYSTEM_STATE_LOGS, NULL },
585 [EXEC_DIRECTORY_CONFIGURATION] = { SD_PATH_SYSTEM_CONFIGURATION, NULL },
586 };
587
588 static const struct table_entry paths_user[_EXEC_DIRECTORY_TYPE_MAX] = {
589 [EXEC_DIRECTORY_RUNTIME] = { SD_PATH_USER_RUNTIME, NULL },
590 [EXEC_DIRECTORY_STATE] = { SD_PATH_USER_CONFIGURATION, NULL },
591 [EXEC_DIRECTORY_CACHE] = { SD_PATH_USER_STATE_CACHE, NULL },
592 [EXEC_DIRECTORY_LOGS] = { SD_PATH_USER_CONFIGURATION, "log" },
593 [EXEC_DIRECTORY_CONFIGURATION] = { SD_PATH_USER_CONFIGURATION, NULL },
594 };
595
596 const struct table_entry *p;
597 ExecDirectoryType i;
598 int r;
599
600 assert(m);
601
602 if (MANAGER_IS_SYSTEM(m))
603 p = paths_system;
604 else
605 p = paths_user;
606
607 for (i = 0; i < _EXEC_DIRECTORY_TYPE_MAX; i++) {
608 r = sd_path_home(p[i].type, p[i].suffix, &m->prefix[i]);
609 if (r < 0)
610 return r;
611 }
612
613 return 0;
614 }
615
616 static int manager_setup_run_queue(Manager *m) {
617 int r;
618
619 assert(m);
620 assert(!m->run_queue_event_source);
621
622 r = sd_event_add_defer(m->event, &m->run_queue_event_source, manager_dispatch_run_queue, m);
623 if (r < 0)
624 return r;
625
626 r = sd_event_source_set_priority(m->run_queue_event_source, SD_EVENT_PRIORITY_IDLE);
627 if (r < 0)
628 return r;
629
630 r = sd_event_source_set_enabled(m->run_queue_event_source, SD_EVENT_OFF);
631 if (r < 0)
632 return r;
633
634 (void) sd_event_source_set_description(m->run_queue_event_source, "manager-run-queue");
635
636 return 0;
637 }
638
639 static int manager_setup_sigchld_event_source(Manager *m) {
640 int r;
641
642 assert(m);
643 assert(!m->sigchld_event_source);
644
645 r = sd_event_add_defer(m->event, &m->sigchld_event_source, manager_dispatch_sigchld, m);
646 if (r < 0)
647 return r;
648
649 r = sd_event_source_set_priority(m->sigchld_event_source, SD_EVENT_PRIORITY_NORMAL-7);
650 if (r < 0)
651 return r;
652
653 r = sd_event_source_set_enabled(m->sigchld_event_source, SD_EVENT_OFF);
654 if (r < 0)
655 return r;
656
657 (void) sd_event_source_set_description(m->sigchld_event_source, "manager-sigchld");
658
659 return 0;
660 }
661
662 int manager_new(UnitFileScope scope, unsigned test_run_flags, Manager **_m) {
663 Manager *m;
664 int r;
665
666 assert(_m);
667 assert(IN_SET(scope, UNIT_FILE_SYSTEM, UNIT_FILE_USER));
668
669 m = new0(Manager, 1);
670 if (!m)
671 return -ENOMEM;
672
673 m->unit_file_scope = scope;
674 m->exit_code = _MANAGER_EXIT_CODE_INVALID;
675 m->default_timer_accuracy_usec = USEC_PER_MINUTE;
676 m->default_tasks_accounting = true;
677 m->default_tasks_max = UINT64_MAX;
678 m->default_timeout_start_usec = DEFAULT_TIMEOUT_USEC;
679 m->default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC;
680 m->default_restart_usec = DEFAULT_RESTART_USEC;
681
682 #if ENABLE_EFI
683 if (MANAGER_IS_SYSTEM(m) && detect_container() <= 0)
684 boot_timestamps(m->timestamps + MANAGER_TIMESTAMP_USERSPACE,
685 m->timestamps + MANAGER_TIMESTAMP_FIRMWARE,
686 m->timestamps + MANAGER_TIMESTAMP_LOADER);
687 #endif
688
689 /* Prepare log fields we can use for structured logging */
690 if (MANAGER_IS_SYSTEM(m)) {
691 m->unit_log_field = "UNIT=";
692 m->unit_log_format_string = "UNIT=%s";
693
694 m->invocation_log_field = "INVOCATION_ID=";
695 m->invocation_log_format_string = "INVOCATION_ID=%s";
696 } else {
697 m->unit_log_field = "USER_UNIT=";
698 m->unit_log_format_string = "USER_UNIT=%s";
699
700 m->invocation_log_field = "USER_INVOCATION_ID=";
701 m->invocation_log_format_string = "USER_INVOCATION_ID=%s";
702 }
703
704 m->idle_pipe[0] = m->idle_pipe[1] = m->idle_pipe[2] = m->idle_pipe[3] = -1;
705
706 m->pin_cgroupfs_fd = m->notify_fd = m->cgroups_agent_fd = m->signal_fd = m->time_change_fd =
707 m->dev_autofs_fd = m->private_listen_fd = m->cgroup_inotify_fd =
708 m->ask_password_inotify_fd = -1;
709
710 m->user_lookup_fds[0] = m->user_lookup_fds[1] = -1;
711
712 m->current_job_id = 1; /* start as id #1, so that we can leave #0 around as "null-like" value */
713
714 m->have_ask_password = -EINVAL; /* we don't know */
715 m->first_boot = -1;
716
717 m->test_run_flags = test_run_flags;
718
719 /* Reboot immediately if the user hits C-A-D more often than 7x per 2s */
720 RATELIMIT_INIT(m->ctrl_alt_del_ratelimit, 2 * USEC_PER_SEC, 7);
721
722 r = manager_default_environment(m);
723 if (r < 0)
724 goto fail;
725
726 r = hashmap_ensure_allocated(&m->units, &string_hash_ops);
727 if (r < 0)
728 goto fail;
729
730 r = hashmap_ensure_allocated(&m->jobs, NULL);
731 if (r < 0)
732 goto fail;
733
734 r = hashmap_ensure_allocated(&m->cgroup_unit, &path_hash_ops);
735 if (r < 0)
736 goto fail;
737
738 r = hashmap_ensure_allocated(&m->watch_bus, &string_hash_ops);
739 if (r < 0)
740 goto fail;
741
742 r = sd_event_default(&m->event);
743 if (r < 0)
744 goto fail;
745
746 r = manager_setup_run_queue(m);
747 if (r < 0)
748 goto fail;
749
750 r = manager_setup_signals(m);
751 if (r < 0)
752 goto fail;
753
754 r = manager_setup_cgroup(m);
755 if (r < 0)
756 goto fail;
757
758 r = manager_setup_time_change(m);
759 if (r < 0)
760 goto fail;
761
762 r = manager_setup_sigchld_event_source(m);
763 if (r < 0)
764 goto fail;
765
766 m->udev = udev_new();
767 if (!m->udev) {
768 r = -ENOMEM;
769 goto fail;
770 }
771
772 r = manager_setup_prefix(m);
773 if (r < 0)
774 goto fail;
775
776 if (MANAGER_IS_SYSTEM(m) && test_run_flags == 0) {
777 r = mkdir_label("/run/systemd/units", 0755);
778 if (r < 0 && r != -EEXIST)
779 goto fail;
780 }
781
782 m->taint_usr =
783 !in_initrd() &&
784 dir_is_empty("/usr") > 0;
785
786 /* Note that we do not set up the notify fd here. We do that after deserialization,
787 * since they might have gotten serialized across the reexec. */
788
789 *_m = m;
790 return 0;
791
792 fail:
793 manager_free(m);
794 return r;
795 }
796
797 static int manager_setup_notify(Manager *m) {
798 int r;
799
800 if (m->test_run_flags)
801 return 0;
802
803 if (m->notify_fd < 0) {
804 _cleanup_close_ int fd = -1;
805 union sockaddr_union sa = {
806 .sa.sa_family = AF_UNIX,
807 };
808 static const int one = 1;
809
810 /* First free all secondary fields */
811 m->notify_socket = mfree(m->notify_socket);
812 m->notify_event_source = sd_event_source_unref(m->notify_event_source);
813
814 fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
815 if (fd < 0)
816 return log_error_errno(errno, "Failed to allocate notification socket: %m");
817
818 fd_inc_rcvbuf(fd, NOTIFY_RCVBUF_SIZE);
819
820 m->notify_socket = strappend(m->prefix[EXEC_DIRECTORY_RUNTIME], "/systemd/notify");
821 if (!m->notify_socket)
822 return log_oom();
823
824 (void) mkdir_parents_label(m->notify_socket, 0755);
825 (void) unlink(m->notify_socket);
826
827 strncpy(sa.un.sun_path, m->notify_socket, sizeof(sa.un.sun_path)-1);
828 r = bind(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
829 if (r < 0)
830 return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
831
832 r = setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
833 if (r < 0)
834 return log_error_errno(errno, "SO_PASSCRED failed: %m");
835
836 m->notify_fd = fd;
837 fd = -1;
838
839 log_debug("Using notification socket %s", m->notify_socket);
840 }
841
842 if (!m->notify_event_source) {
843 r = sd_event_add_io(m->event, &m->notify_event_source, m->notify_fd, EPOLLIN, manager_dispatch_notify_fd, m);
844 if (r < 0)
845 return log_error_errno(r, "Failed to allocate notify event source: %m");
846
847 /* Process notification messages a bit earlier than SIGCHLD, so that we can still identify to which
848 * service an exit message belongs. */
849 r = sd_event_source_set_priority(m->notify_event_source, SD_EVENT_PRIORITY_NORMAL-8);
850 if (r < 0)
851 return log_error_errno(r, "Failed to set priority of notify event source: %m");
852
853 (void) sd_event_source_set_description(m->notify_event_source, "manager-notify");
854 }
855
856 return 0;
857 }
858
859 static int manager_setup_cgroups_agent(Manager *m) {
860
861 static const union sockaddr_union sa = {
862 .un.sun_family = AF_UNIX,
863 .un.sun_path = "/run/systemd/cgroups-agent",
864 };
865 int r;
866
867 /* This creates a listening socket we receive cgroups agent messages on. We do not use D-Bus for delivering
868 * these messages from the cgroups agent binary to PID 1, as the cgroups agent binary is very short-living, and
869 * each instance of it needs a new D-Bus connection. Since D-Bus connections are SOCK_STREAM/AF_UNIX, on
870 * overloaded systems the backlog of the D-Bus socket becomes relevant, as not more than the configured number
871 * of D-Bus connections may be queued until the kernel will start dropping further incoming connections,
872 * possibly resulting in lost cgroups agent messages. To avoid this, we'll use a private SOCK_DGRAM/AF_UNIX
873 * socket, where no backlog is relevant as communication may take place without an actual connect() cycle, and
874 * we thus won't lose messages.
875 *
876 * Note that PID 1 will forward the agent message to system bus, so that the user systemd instance may listen
877 * to it. The system instance hence listens on this special socket, but the user instances listen on the system
878 * bus for these messages. */
879
880 if (m->test_run_flags)
881 return 0;
882
883 if (!MANAGER_IS_SYSTEM(m))
884 return 0;
885
886 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
887 if (r < 0)
888 return log_error_errno(r, "Failed to determine whether unified cgroups hierarchy is used: %m");
889 if (r > 0) /* We don't need this anymore on the unified hierarchy */
890 return 0;
891
892 if (m->cgroups_agent_fd < 0) {
893 _cleanup_close_ int fd = -1;
894
895 /* First free all secondary fields */
896 m->cgroups_agent_event_source = sd_event_source_unref(m->cgroups_agent_event_source);
897
898 fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
899 if (fd < 0)
900 return log_error_errno(errno, "Failed to allocate cgroups agent socket: %m");
901
902 fd_inc_rcvbuf(fd, CGROUPS_AGENT_RCVBUF_SIZE);
903
904 (void) unlink(sa.un.sun_path);
905
906 /* Only allow root to connect to this socket */
907 RUN_WITH_UMASK(0077)
908 r = bind(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
909 if (r < 0)
910 return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
911
912 m->cgroups_agent_fd = fd;
913 fd = -1;
914 }
915
916 if (!m->cgroups_agent_event_source) {
917 r = sd_event_add_io(m->event, &m->cgroups_agent_event_source, m->cgroups_agent_fd, EPOLLIN, manager_dispatch_cgroups_agent_fd, m);
918 if (r < 0)
919 return log_error_errno(r, "Failed to allocate cgroups agent event source: %m");
920
921 /* Process cgroups notifications early, but after having processed service notification messages or
922 * SIGCHLD signals, so that a cgroup running empty is always just the last safety net of notification,
923 * and we collected the metadata the notification and SIGCHLD stuff offers first. Also see handling of
924 * cgroup inotify for the unified cgroup stuff. */
925 r = sd_event_source_set_priority(m->cgroups_agent_event_source, SD_EVENT_PRIORITY_NORMAL-4);
926 if (r < 0)
927 return log_error_errno(r, "Failed to set priority of cgroups agent event source: %m");
928
929 (void) sd_event_source_set_description(m->cgroups_agent_event_source, "manager-cgroups-agent");
930 }
931
932 return 0;
933 }
934
935 static int manager_setup_user_lookup_fd(Manager *m) {
936 int r;
937
938 assert(m);
939
940 /* Set up the socket pair used for passing UID/GID resolution results from forked off processes to PID
941 * 1. Background: we can't do name lookups (NSS) from PID 1, since it might involve IPC and thus activation,
942 * and we might hence deadlock on ourselves. Hence we do all user/group lookups asynchronously from the forked
943 * off processes right before executing the binaries to start. In order to be able to clean up any IPC objects
944 * created by a unit (see RemoveIPC=) we need to know in PID 1 the used UID/GID of the executed processes,
945 * hence we establish this communication channel so that forked off processes can pass their UID/GID
946 * information back to PID 1. The forked off processes send their resolved UID/GID to PID 1 in a simple
947 * datagram, along with their unit name, so that we can share one communication socket pair among all units for
948 * this purpose.
949 *
950 * You might wonder why we need a communication channel for this that is independent of the usual notification
951 * socket scheme (i.e. $NOTIFY_SOCKET). The primary difference is about trust: data sent via the $NOTIFY_SOCKET
952 * channel is only accepted if it originates from the right unit and if reception was enabled for it. The user
953 * lookup socket OTOH is only accessible by PID 1 and its children until they exec(), and always available.
954 *
955 * Note that this function is called under two circumstances: when we first initialize (in which case we
956 * allocate both the socket pair and the event source to listen on it), and when we deserialize after a reload
957 * (in which case the socket pair already exists but we still need to allocate the event source for it). */
958
959 if (m->user_lookup_fds[0] < 0) {
960
961 /* Free all secondary fields */
962 safe_close_pair(m->user_lookup_fds);
963 m->user_lookup_event_source = sd_event_source_unref(m->user_lookup_event_source);
964
965 if (socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, m->user_lookup_fds) < 0)
966 return log_error_errno(errno, "Failed to allocate user lookup socket: %m");
967
968 (void) fd_inc_rcvbuf(m->user_lookup_fds[0], NOTIFY_RCVBUF_SIZE);
969 }
970
971 if (!m->user_lookup_event_source) {
972 r = sd_event_add_io(m->event, &m->user_lookup_event_source, m->user_lookup_fds[0], EPOLLIN, manager_dispatch_user_lookup_fd, m);
973 if (r < 0)
974 return log_error_errno(errno, "Failed to allocate user lookup event source: %m");
975
976 /* Process even earlier than the notify event source, so that we always know first about valid UID/GID
977 * resolutions */
978 r = sd_event_source_set_priority(m->user_lookup_event_source, SD_EVENT_PRIORITY_NORMAL-11);
979 if (r < 0)
980 return log_error_errno(errno, "Failed to set priority ot user lookup event source: %m");
981
982 (void) sd_event_source_set_description(m->user_lookup_event_source, "user-lookup");
983 }
984
985 return 0;
986 }
987
988 static int manager_connect_bus(Manager *m, bool reexecuting) {
989 bool try_bus_connect;
990 Unit *u = NULL;
991
992 assert(m);
993
994 if (m->test_run_flags)
995 return 0;
996
997 u = manager_get_unit(m, SPECIAL_DBUS_SERVICE);
998
999 try_bus_connect =
1000 (u && SERVICE(u)->deserialized_state == SERVICE_RUNNING) &&
1001 (reexecuting ||
1002 (MANAGER_IS_USER(m) && getenv("DBUS_SESSION_BUS_ADDRESS")));
1003
1004 /* Try to connect to the buses, if possible. */
1005 return bus_init(m, try_bus_connect);
1006 }
1007
1008 static unsigned manager_dispatch_cleanup_queue(Manager *m) {
1009 Unit *u;
1010 unsigned n = 0;
1011
1012 assert(m);
1013
1014 while ((u = m->cleanup_queue)) {
1015 assert(u->in_cleanup_queue);
1016
1017 unit_free(u);
1018 n++;
1019 }
1020
1021 return n;
1022 }
1023
1024 enum {
1025 GC_OFFSET_IN_PATH, /* This one is on the path we were traveling */
1026 GC_OFFSET_UNSURE, /* No clue */
1027 GC_OFFSET_GOOD, /* We still need this unit */
1028 GC_OFFSET_BAD, /* We don't need this unit anymore */
1029 _GC_OFFSET_MAX
1030 };
1031
1032 static void unit_gc_mark_good(Unit *u, unsigned gc_marker) {
1033 Unit *other;
1034 Iterator i;
1035 void *v;
1036
1037 u->gc_marker = gc_marker + GC_OFFSET_GOOD;
1038
1039 /* Recursively mark referenced units as GOOD as well */
1040 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REFERENCES], i)
1041 if (other->gc_marker == gc_marker + GC_OFFSET_UNSURE)
1042 unit_gc_mark_good(other, gc_marker);
1043 }
1044
1045 static void unit_gc_sweep(Unit *u, unsigned gc_marker) {
1046 Unit *other;
1047 bool is_bad;
1048 Iterator i;
1049 void *v;
1050
1051 assert(u);
1052
1053 if (IN_SET(u->gc_marker - gc_marker,
1054 GC_OFFSET_GOOD, GC_OFFSET_BAD, GC_OFFSET_UNSURE, GC_OFFSET_IN_PATH))
1055 return;
1056
1057 if (u->in_cleanup_queue)
1058 goto bad;
1059
1060 if (unit_check_gc(u))
1061 goto good;
1062
1063 u->gc_marker = gc_marker + GC_OFFSET_IN_PATH;
1064
1065 is_bad = true;
1066
1067 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REFERENCED_BY], i) {
1068 unit_gc_sweep(other, gc_marker);
1069
1070 if (other->gc_marker == gc_marker + GC_OFFSET_GOOD)
1071 goto good;
1072
1073 if (other->gc_marker != gc_marker + GC_OFFSET_BAD)
1074 is_bad = false;
1075 }
1076
1077 if (is_bad)
1078 goto bad;
1079
1080 /* We were unable to find anything out about this entry, so
1081 * let's investigate it later */
1082 u->gc_marker = gc_marker + GC_OFFSET_UNSURE;
1083 unit_add_to_gc_queue(u);
1084 return;
1085
1086 bad:
1087 /* We definitely know that this one is not useful anymore, so
1088 * let's mark it for deletion */
1089 u->gc_marker = gc_marker + GC_OFFSET_BAD;
1090 unit_add_to_cleanup_queue(u);
1091 return;
1092
1093 good:
1094 unit_gc_mark_good(u, gc_marker);
1095 }
1096
1097 static unsigned manager_dispatch_gc_unit_queue(Manager *m) {
1098 unsigned n = 0, gc_marker;
1099 Unit *u;
1100
1101 assert(m);
1102
1103 /* log_debug("Running GC..."); */
1104
1105 m->gc_marker += _GC_OFFSET_MAX;
1106 if (m->gc_marker + _GC_OFFSET_MAX <= _GC_OFFSET_MAX)
1107 m->gc_marker = 1;
1108
1109 gc_marker = m->gc_marker;
1110
1111 while ((u = m->gc_unit_queue)) {
1112 assert(u->in_gc_queue);
1113
1114 unit_gc_sweep(u, gc_marker);
1115
1116 LIST_REMOVE(gc_queue, m->gc_unit_queue, u);
1117 u->in_gc_queue = false;
1118
1119 n++;
1120
1121 if (IN_SET(u->gc_marker - gc_marker,
1122 GC_OFFSET_BAD, GC_OFFSET_UNSURE)) {
1123 if (u->id)
1124 log_unit_debug(u, "Collecting.");
1125 u->gc_marker = gc_marker + GC_OFFSET_BAD;
1126 unit_add_to_cleanup_queue(u);
1127 }
1128 }
1129
1130 return n;
1131 }
1132
1133 static unsigned manager_dispatch_gc_job_queue(Manager *m) {
1134 unsigned n = 0;
1135 Job *j;
1136
1137 assert(m);
1138
1139 while ((j = m->gc_job_queue)) {
1140 assert(j->in_gc_queue);
1141
1142 LIST_REMOVE(gc_queue, m->gc_job_queue, j);
1143 j->in_gc_queue = false;
1144
1145 n++;
1146
1147 if (job_check_gc(j))
1148 continue;
1149
1150 log_unit_debug(j->unit, "Collecting job.");
1151 (void) job_finish_and_invalidate(j, JOB_COLLECTED, false, false);
1152 }
1153
1154 return n;
1155 }
1156
1157 static void manager_clear_jobs_and_units(Manager *m) {
1158 Unit *u;
1159
1160 assert(m);
1161
1162 while ((u = hashmap_first(m->units)))
1163 unit_free(u);
1164
1165 manager_dispatch_cleanup_queue(m);
1166
1167 assert(!m->load_queue);
1168 assert(!m->run_queue);
1169 assert(!m->dbus_unit_queue);
1170 assert(!m->dbus_job_queue);
1171 assert(!m->cleanup_queue);
1172 assert(!m->gc_unit_queue);
1173 assert(!m->gc_job_queue);
1174
1175 assert(hashmap_isempty(m->jobs));
1176 assert(hashmap_isempty(m->units));
1177
1178 m->n_on_console = 0;
1179 m->n_running_jobs = 0;
1180 }
1181
1182 Manager* manager_free(Manager *m) {
1183 UnitType c;
1184 int i;
1185 ExecDirectoryType dt;
1186
1187 if (!m)
1188 return NULL;
1189
1190 manager_clear_jobs_and_units(m);
1191
1192 for (c = 0; c < _UNIT_TYPE_MAX; c++)
1193 if (unit_vtable[c]->shutdown)
1194 unit_vtable[c]->shutdown(m);
1195
1196 /* If we reexecute ourselves, we keep the root cgroup around */
1197 manager_shutdown_cgroup(m, m->exit_code != MANAGER_REEXECUTE);
1198
1199 lookup_paths_flush_generator(&m->lookup_paths);
1200
1201 bus_done(m);
1202
1203 exec_runtime_vacuum(m);
1204 hashmap_free(m->exec_runtime_by_id);
1205
1206 dynamic_user_vacuum(m, false);
1207 hashmap_free(m->dynamic_users);
1208
1209 hashmap_free(m->units);
1210 hashmap_free(m->units_by_invocation_id);
1211 hashmap_free(m->jobs);
1212 hashmap_free(m->watch_pids);
1213 hashmap_free(m->watch_bus);
1214
1215 set_free(m->startup_units);
1216 set_free(m->failed_units);
1217
1218 sd_event_source_unref(m->signal_event_source);
1219 sd_event_source_unref(m->sigchld_event_source);
1220 sd_event_source_unref(m->notify_event_source);
1221 sd_event_source_unref(m->cgroups_agent_event_source);
1222 sd_event_source_unref(m->time_change_event_source);
1223 sd_event_source_unref(m->jobs_in_progress_event_source);
1224 sd_event_source_unref(m->run_queue_event_source);
1225 sd_event_source_unref(m->user_lookup_event_source);
1226
1227 safe_close(m->signal_fd);
1228 safe_close(m->notify_fd);
1229 safe_close(m->cgroups_agent_fd);
1230 safe_close(m->time_change_fd);
1231 safe_close_pair(m->user_lookup_fds);
1232
1233 manager_close_ask_password(m);
1234
1235 manager_close_idle_pipe(m);
1236
1237 udev_unref(m->udev);
1238 sd_event_unref(m->event);
1239
1240 free(m->notify_socket);
1241
1242 lookup_paths_free(&m->lookup_paths);
1243 strv_free(m->environment);
1244
1245 hashmap_free(m->cgroup_unit);
1246 set_free_free(m->unit_path_cache);
1247
1248 free(m->switch_root);
1249 free(m->switch_root_init);
1250
1251 for (i = 0; i < _RLIMIT_MAX; i++)
1252 m->rlimit[i] = mfree(m->rlimit[i]);
1253
1254 assert(hashmap_isempty(m->units_requiring_mounts_for));
1255 hashmap_free(m->units_requiring_mounts_for);
1256
1257 hashmap_free(m->uid_refs);
1258 hashmap_free(m->gid_refs);
1259
1260 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++)
1261 m->prefix[dt] = mfree(m->prefix[dt]);
1262
1263 return mfree(m);
1264 }
1265
1266 void manager_enumerate(Manager *m) {
1267 UnitType c;
1268
1269 assert(m);
1270
1271 /* Let's ask every type to load all units from disk/kernel
1272 * that it might know */
1273 for (c = 0; c < _UNIT_TYPE_MAX; c++) {
1274 if (!unit_type_supported(c)) {
1275 log_debug("Unit type .%s is not supported on this system.", unit_type_to_string(c));
1276 continue;
1277 }
1278
1279 if (!unit_vtable[c]->enumerate)
1280 continue;
1281
1282 unit_vtable[c]->enumerate(m);
1283 }
1284
1285 manager_dispatch_load_queue(m);
1286 }
1287
1288 static void manager_coldplug(Manager *m) {
1289 Iterator i;
1290 Unit *u;
1291 char *k;
1292 int r;
1293
1294 assert(m);
1295
1296 /* Then, let's set up their initial state. */
1297 HASHMAP_FOREACH_KEY(u, k, m->units, i) {
1298
1299 /* ignore aliases */
1300 if (u->id != k)
1301 continue;
1302
1303 r = unit_coldplug(u);
1304 if (r < 0)
1305 log_warning_errno(r, "We couldn't coldplug %s, proceeding anyway: %m", u->id);
1306 }
1307 }
1308
1309 static void manager_build_unit_path_cache(Manager *m) {
1310 char **i;
1311 int r;
1312
1313 assert(m);
1314
1315 set_free_free(m->unit_path_cache);
1316
1317 m->unit_path_cache = set_new(&path_hash_ops);
1318 if (!m->unit_path_cache) {
1319 r = -ENOMEM;
1320 goto fail;
1321 }
1322
1323 /* This simply builds a list of files we know exist, so that
1324 * we don't always have to go to disk */
1325
1326 STRV_FOREACH(i, m->lookup_paths.search_path) {
1327 _cleanup_closedir_ DIR *d = NULL;
1328 struct dirent *de;
1329
1330 d = opendir(*i);
1331 if (!d) {
1332 if (errno != ENOENT)
1333 log_warning_errno(errno, "Failed to open directory %s, ignoring: %m", *i);
1334 continue;
1335 }
1336
1337 FOREACH_DIRENT(de, d, r = -errno; goto fail) {
1338 char *p;
1339
1340 p = strjoin(streq(*i, "/") ? "" : *i, "/", de->d_name);
1341 if (!p) {
1342 r = -ENOMEM;
1343 goto fail;
1344 }
1345
1346 r = set_consume(m->unit_path_cache, p);
1347 if (r < 0)
1348 goto fail;
1349 }
1350 }
1351
1352 return;
1353
1354 fail:
1355 log_warning_errno(r, "Failed to build unit path cache, proceeding without: %m");
1356 m->unit_path_cache = set_free_free(m->unit_path_cache);
1357 }
1358
1359 static void manager_distribute_fds(Manager *m, FDSet *fds) {
1360 Iterator i;
1361 Unit *u;
1362
1363 assert(m);
1364
1365 HASHMAP_FOREACH(u, m->units, i) {
1366
1367 if (fdset_size(fds) <= 0)
1368 break;
1369
1370 if (!UNIT_VTABLE(u)->distribute_fds)
1371 continue;
1372
1373 UNIT_VTABLE(u)->distribute_fds(u, fds);
1374 }
1375 }
1376
1377 int manager_startup(Manager *m, FILE *serialization, FDSet *fds) {
1378 int r;
1379
1380 assert(m);
1381
1382 /* If we are running in test mode, we still want to run the generators,
1383 * but we should not touch the real generator directories. */
1384 r = lookup_paths_init(&m->lookup_paths, m->unit_file_scope,
1385 m->test_run_flags ? LOOKUP_PATHS_TEMPORARY_GENERATED : 0,
1386 NULL);
1387 if (r < 0)
1388 return r;
1389
1390 r = manager_run_environment_generators(m);
1391 if (r < 0)
1392 return r;
1393
1394 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_GENERATORS_START);
1395 r = manager_run_generators(m);
1396 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_GENERATORS_FINISH);
1397 if (r < 0)
1398 return r;
1399
1400 /* If this is the first boot, and we are in the host system, then preset everything */
1401 if (m->first_boot > 0 &&
1402 MANAGER_IS_SYSTEM(m) &&
1403 !m->test_run_flags) {
1404
1405 r = unit_file_preset_all(UNIT_FILE_SYSTEM, 0, NULL, UNIT_FILE_PRESET_ENABLE_ONLY, NULL, 0);
1406 if (r < 0)
1407 log_full_errno(r == -EEXIST ? LOG_NOTICE : LOG_WARNING, r,
1408 "Failed to populate /etc with preset unit settings, ignoring: %m");
1409 else
1410 log_info("Populated /etc with preset unit settings.");
1411 }
1412
1413 lookup_paths_reduce(&m->lookup_paths);
1414 manager_build_unit_path_cache(m);
1415
1416 /* If we will deserialize make sure that during enumeration
1417 * this is already known, so we increase the counter here
1418 * already */
1419 if (serialization)
1420 m->n_reloading++;
1421
1422 /* First, enumerate what we can from all config files */
1423 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_UNITS_LOAD_START);
1424 manager_enumerate(m);
1425 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_UNITS_LOAD_FINISH);
1426
1427 /* Second, deserialize if there is something to deserialize */
1428 if (serialization) {
1429 r = manager_deserialize(m, serialization, fds);
1430 if (r < 0)
1431 return log_error_errno(r, "Deserialization failed: %m");
1432 }
1433
1434 /* Any fds left? Find some unit which wants them. This is
1435 * useful to allow container managers to pass some file
1436 * descriptors to us pre-initialized. This enables
1437 * socket-based activation of entire containers. */
1438 manager_distribute_fds(m, fds);
1439
1440 /* We might have deserialized the notify fd, but if we didn't
1441 * then let's create the bus now */
1442 r = manager_setup_notify(m);
1443 if (r < 0)
1444 /* No sense to continue without notifications, our children would fail anyway. */
1445 return r;
1446
1447 r = manager_setup_cgroups_agent(m);
1448 if (r < 0)
1449 /* Likewise, no sense to continue without empty cgroup notifications. */
1450 return r;
1451
1452 r = manager_setup_user_lookup_fd(m);
1453 if (r < 0)
1454 /* This shouldn't fail, except if things are really broken. */
1455 return r;
1456
1457 /* Let's connect to the bus now. */
1458 (void) manager_connect_bus(m, !!serialization);
1459
1460 (void) bus_track_coldplug(m, &m->subscribed, false, m->deserialized_subscribed);
1461 m->deserialized_subscribed = strv_free(m->deserialized_subscribed);
1462
1463 /* Third, fire things up! */
1464 manager_coldplug(m);
1465
1466 /* Release any dynamic users no longer referenced */
1467 dynamic_user_vacuum(m, true);
1468
1469 exec_runtime_vacuum(m);
1470
1471 /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */
1472 manager_vacuum_uid_refs(m);
1473 manager_vacuum_gid_refs(m);
1474
1475 if (serialization) {
1476 assert(m->n_reloading > 0);
1477 m->n_reloading--;
1478
1479 /* Let's wait for the UnitNew/JobNew messages being
1480 * sent, before we notify that the reload is
1481 * finished */
1482 m->send_reloading_done = true;
1483 }
1484
1485 return 0;
1486 }
1487
1488 int manager_add_job(Manager *m, JobType type, Unit *unit, JobMode mode, sd_bus_error *e, Job **_ret) {
1489 int r;
1490 Transaction *tr;
1491
1492 assert(m);
1493 assert(type < _JOB_TYPE_MAX);
1494 assert(unit);
1495 assert(mode < _JOB_MODE_MAX);
1496
1497 if (mode == JOB_ISOLATE && type != JOB_START)
1498 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Isolate is only valid for start.");
1499
1500 if (mode == JOB_ISOLATE && !unit->allow_isolate)
1501 return sd_bus_error_setf(e, BUS_ERROR_NO_ISOLATION, "Operation refused, unit may not be isolated.");
1502
1503 log_unit_debug(unit, "Trying to enqueue job %s/%s/%s", unit->id, job_type_to_string(type), job_mode_to_string(mode));
1504
1505 type = job_type_collapse(type, unit);
1506
1507 tr = transaction_new(mode == JOB_REPLACE_IRREVERSIBLY);
1508 if (!tr)
1509 return -ENOMEM;
1510
1511 r = transaction_add_job_and_dependencies(tr, type, unit, NULL, true, false,
1512 IN_SET(mode, JOB_IGNORE_DEPENDENCIES, JOB_IGNORE_REQUIREMENTS),
1513 mode == JOB_IGNORE_DEPENDENCIES, e);
1514 if (r < 0)
1515 goto tr_abort;
1516
1517 if (mode == JOB_ISOLATE) {
1518 r = transaction_add_isolate_jobs(tr, m);
1519 if (r < 0)
1520 goto tr_abort;
1521 }
1522
1523 r = transaction_activate(tr, m, mode, e);
1524 if (r < 0)
1525 goto tr_abort;
1526
1527 log_unit_debug(unit,
1528 "Enqueued job %s/%s as %u", unit->id,
1529 job_type_to_string(type), (unsigned) tr->anchor_job->id);
1530
1531 if (_ret)
1532 *_ret = tr->anchor_job;
1533
1534 transaction_free(tr);
1535 return 0;
1536
1537 tr_abort:
1538 transaction_abort(tr);
1539 transaction_free(tr);
1540 return r;
1541 }
1542
1543 int manager_add_job_by_name(Manager *m, JobType type, const char *name, JobMode mode, sd_bus_error *e, Job **ret) {
1544 Unit *unit = NULL; /* just to appease gcc, initialization is not really necessary */
1545 int r;
1546
1547 assert(m);
1548 assert(type < _JOB_TYPE_MAX);
1549 assert(name);
1550 assert(mode < _JOB_MODE_MAX);
1551
1552 r = manager_load_unit(m, name, NULL, NULL, &unit);
1553 if (r < 0)
1554 return r;
1555 assert(unit);
1556
1557 return manager_add_job(m, type, unit, mode, e, ret);
1558 }
1559
1560 int manager_add_job_by_name_and_warn(Manager *m, JobType type, const char *name, JobMode mode, Job **ret) {
1561 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1562 int r;
1563
1564 assert(m);
1565 assert(type < _JOB_TYPE_MAX);
1566 assert(name);
1567 assert(mode < _JOB_MODE_MAX);
1568
1569 r = manager_add_job_by_name(m, type, name, mode, &error, ret);
1570 if (r < 0)
1571 return log_warning_errno(r, "Failed to enqueue %s job for %s: %s", job_mode_to_string(mode), name, bus_error_message(&error, r));
1572
1573 return r;
1574 }
1575
1576 int manager_propagate_reload(Manager *m, Unit *unit, JobMode mode, sd_bus_error *e) {
1577 int r;
1578 Transaction *tr;
1579
1580 assert(m);
1581 assert(unit);
1582 assert(mode < _JOB_MODE_MAX);
1583 assert(mode != JOB_ISOLATE); /* Isolate is only valid for start */
1584
1585 tr = transaction_new(mode == JOB_REPLACE_IRREVERSIBLY);
1586 if (!tr)
1587 return -ENOMEM;
1588
1589 /* We need an anchor job */
1590 r = transaction_add_job_and_dependencies(tr, JOB_NOP, unit, NULL, false, false, true, true, e);
1591 if (r < 0)
1592 goto tr_abort;
1593
1594 /* Failure in adding individual dependencies is ignored, so this always succeeds. */
1595 transaction_add_propagate_reload_jobs(tr, unit, tr->anchor_job, mode == JOB_IGNORE_DEPENDENCIES, e);
1596
1597 r = transaction_activate(tr, m, mode, e);
1598 if (r < 0)
1599 goto tr_abort;
1600
1601 transaction_free(tr);
1602 return 0;
1603
1604 tr_abort:
1605 transaction_abort(tr);
1606 transaction_free(tr);
1607 return r;
1608 }
1609
1610 Job *manager_get_job(Manager *m, uint32_t id) {
1611 assert(m);
1612
1613 return hashmap_get(m->jobs, UINT32_TO_PTR(id));
1614 }
1615
1616 Unit *manager_get_unit(Manager *m, const char *name) {
1617 assert(m);
1618 assert(name);
1619
1620 return hashmap_get(m->units, name);
1621 }
1622
1623 unsigned manager_dispatch_load_queue(Manager *m) {
1624 Unit *u;
1625 unsigned n = 0;
1626
1627 assert(m);
1628
1629 /* Make sure we are not run recursively */
1630 if (m->dispatching_load_queue)
1631 return 0;
1632
1633 m->dispatching_load_queue = true;
1634
1635 /* Dispatches the load queue. Takes a unit from the queue and
1636 * tries to load its data until the queue is empty */
1637
1638 while ((u = m->load_queue)) {
1639 assert(u->in_load_queue);
1640
1641 unit_load(u);
1642 n++;
1643 }
1644
1645 m->dispatching_load_queue = false;
1646 return n;
1647 }
1648
1649 int manager_load_unit_prepare(
1650 Manager *m,
1651 const char *name,
1652 const char *path,
1653 sd_bus_error *e,
1654 Unit **_ret) {
1655
1656 Unit *ret;
1657 UnitType t;
1658 int r;
1659
1660 assert(m);
1661 assert(name || path);
1662 assert(_ret);
1663
1664 /* This will prepare the unit for loading, but not actually
1665 * load anything from disk. */
1666
1667 if (path && !is_path(path))
1668 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Path %s is not absolute.", path);
1669
1670 if (!name)
1671 name = basename(path);
1672
1673 t = unit_name_to_type(name);
1674
1675 if (t == _UNIT_TYPE_INVALID || !unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE)) {
1676 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE))
1677 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is missing the instance name.", name);
1678
1679 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is not valid.", name);
1680 }
1681
1682 ret = manager_get_unit(m, name);
1683 if (ret) {
1684 *_ret = ret;
1685 return 1;
1686 }
1687
1688 ret = unit_new(m, unit_vtable[t]->object_size);
1689 if (!ret)
1690 return -ENOMEM;
1691
1692 if (path) {
1693 ret->fragment_path = strdup(path);
1694 if (!ret->fragment_path) {
1695 unit_free(ret);
1696 return -ENOMEM;
1697 }
1698 }
1699
1700 r = unit_add_name(ret, name);
1701 if (r < 0) {
1702 unit_free(ret);
1703 return r;
1704 }
1705
1706 unit_add_to_load_queue(ret);
1707 unit_add_to_dbus_queue(ret);
1708 unit_add_to_gc_queue(ret);
1709
1710 *_ret = ret;
1711
1712 return 0;
1713 }
1714
1715 int manager_load_unit(
1716 Manager *m,
1717 const char *name,
1718 const char *path,
1719 sd_bus_error *e,
1720 Unit **_ret) {
1721
1722 int r;
1723
1724 assert(m);
1725 assert(_ret);
1726
1727 /* This will load the service information files, but not actually
1728 * start any services or anything. */
1729
1730 r = manager_load_unit_prepare(m, name, path, e, _ret);
1731 if (r != 0)
1732 return r;
1733
1734 manager_dispatch_load_queue(m);
1735
1736 *_ret = unit_follow_merge(*_ret);
1737
1738 return 0;
1739 }
1740
1741 void manager_dump_jobs(Manager *s, FILE *f, const char *prefix) {
1742 Iterator i;
1743 Job *j;
1744
1745 assert(s);
1746 assert(f);
1747
1748 HASHMAP_FOREACH(j, s->jobs, i)
1749 job_dump(j, f, prefix);
1750 }
1751
1752 void manager_dump_units(Manager *s, FILE *f, const char *prefix) {
1753 Iterator i;
1754 Unit *u;
1755 const char *t;
1756
1757 assert(s);
1758 assert(f);
1759
1760 HASHMAP_FOREACH_KEY(u, t, s->units, i)
1761 if (u->id == t)
1762 unit_dump(u, f, prefix);
1763 }
1764
1765 void manager_dump(Manager *m, FILE *f, const char *prefix) {
1766 ManagerTimestamp q;
1767
1768 assert(m);
1769 assert(f);
1770
1771 for (q = 0; q < _MANAGER_TIMESTAMP_MAX; q++) {
1772 char buf[FORMAT_TIMESTAMP_MAX];
1773
1774 if (dual_timestamp_is_set(m->timestamps + q))
1775 fprintf(f, "%sTimestamp %s: %s\n",
1776 strempty(prefix),
1777 manager_timestamp_to_string(q),
1778 format_timestamp(buf, sizeof(buf), m->timestamps[q].realtime));
1779 }
1780
1781 manager_dump_units(m, f, prefix);
1782 manager_dump_jobs(m, f, prefix);
1783 }
1784
1785 int manager_get_dump_string(Manager *m, char **ret) {
1786 _cleanup_free_ char *dump = NULL;
1787 _cleanup_fclose_ FILE *f = NULL;
1788 size_t size;
1789 int r;
1790
1791 assert(m);
1792 assert(ret);
1793
1794 f = open_memstream(&dump, &size);
1795 if (!f)
1796 return -errno;
1797
1798 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
1799
1800 manager_dump(m, f, NULL);
1801
1802 r = fflush_and_check(f);
1803 if (r < 0)
1804 return r;
1805
1806 f = safe_fclose(f);
1807
1808 *ret = dump;
1809 dump = NULL;
1810
1811 return 0;
1812 }
1813
1814 void manager_clear_jobs(Manager *m) {
1815 Job *j;
1816
1817 assert(m);
1818
1819 while ((j = hashmap_first(m->jobs)))
1820 /* No need to recurse. We're cancelling all jobs. */
1821 job_finish_and_invalidate(j, JOB_CANCELED, false, false);
1822 }
1823
1824 static int manager_dispatch_run_queue(sd_event_source *source, void *userdata) {
1825 Manager *m = userdata;
1826 Job *j;
1827
1828 assert(source);
1829 assert(m);
1830
1831 while ((j = m->run_queue)) {
1832 assert(j->installed);
1833 assert(j->in_run_queue);
1834
1835 job_run_and_invalidate(j);
1836 }
1837
1838 if (m->n_running_jobs > 0)
1839 manager_watch_jobs_in_progress(m);
1840
1841 if (m->n_on_console > 0)
1842 manager_watch_idle_pipe(m);
1843
1844 return 1;
1845 }
1846
1847 static unsigned manager_dispatch_dbus_queue(Manager *m) {
1848 Job *j;
1849 Unit *u;
1850 unsigned n = 0;
1851
1852 assert(m);
1853
1854 if (m->dispatching_dbus_queue)
1855 return 0;
1856
1857 m->dispatching_dbus_queue = true;
1858
1859 while ((u = m->dbus_unit_queue)) {
1860 assert(u->in_dbus_queue);
1861
1862 bus_unit_send_change_signal(u);
1863 n++;
1864 }
1865
1866 while ((j = m->dbus_job_queue)) {
1867 assert(j->in_dbus_queue);
1868
1869 bus_job_send_change_signal(j);
1870 n++;
1871 }
1872
1873 m->dispatching_dbus_queue = false;
1874
1875 if (m->send_reloading_done) {
1876 m->send_reloading_done = false;
1877
1878 bus_manager_send_reloading(m, false);
1879 }
1880
1881 if (m->queued_message)
1882 bus_send_queued_message(m);
1883
1884 return n;
1885 }
1886
1887 static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
1888 Manager *m = userdata;
1889 char buf[PATH_MAX+1];
1890 ssize_t n;
1891
1892 n = recv(fd, buf, sizeof(buf), 0);
1893 if (n < 0)
1894 return log_error_errno(errno, "Failed to read cgroups agent message: %m");
1895 if (n == 0) {
1896 log_error("Got zero-length cgroups agent message, ignoring.");
1897 return 0;
1898 }
1899 if ((size_t) n >= sizeof(buf)) {
1900 log_error("Got overly long cgroups agent message, ignoring.");
1901 return 0;
1902 }
1903
1904 if (memchr(buf, 0, n)) {
1905 log_error("Got cgroups agent message with embedded NUL byte, ignoring.");
1906 return 0;
1907 }
1908 buf[n] = 0;
1909
1910 manager_notify_cgroup_empty(m, buf);
1911 (void) bus_forward_agent_released(m, buf);
1912
1913 return 0;
1914 }
1915
1916 static void manager_invoke_notify_message(
1917 Manager *m,
1918 Unit *u,
1919 const struct ucred *ucred,
1920 const char *buf,
1921 FDSet *fds) {
1922
1923 assert(m);
1924 assert(u);
1925 assert(ucred);
1926 assert(buf);
1927
1928 if (u->notifygen == m->notifygen) /* Already invoked on this same unit in this same iteration? */
1929 return;
1930 u->notifygen = m->notifygen;
1931
1932 if (UNIT_VTABLE(u)->notify_message) {
1933 _cleanup_strv_free_ char **tags = NULL;
1934
1935 tags = strv_split(buf, NEWLINE);
1936 if (!tags) {
1937 log_oom();
1938 return;
1939 }
1940
1941 UNIT_VTABLE(u)->notify_message(u, ucred, tags, fds);
1942
1943 } else if (DEBUG_LOGGING) {
1944 _cleanup_free_ char *x = NULL, *y = NULL;
1945
1946 x = ellipsize(buf, 20, 90);
1947 if (x)
1948 y = cescape(x);
1949
1950 log_unit_debug(u, "Got notification message \"%s\", ignoring.", strnull(y));
1951 }
1952 }
1953
1954 static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
1955
1956 _cleanup_fdset_free_ FDSet *fds = NULL;
1957 Manager *m = userdata;
1958 char buf[NOTIFY_BUFFER_MAX+1];
1959 struct iovec iovec = {
1960 .iov_base = buf,
1961 .iov_len = sizeof(buf)-1,
1962 };
1963 union {
1964 struct cmsghdr cmsghdr;
1965 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1966 CMSG_SPACE(sizeof(int) * NOTIFY_FD_MAX)];
1967 } control = {};
1968 struct msghdr msghdr = {
1969 .msg_iov = &iovec,
1970 .msg_iovlen = 1,
1971 .msg_control = &control,
1972 .msg_controllen = sizeof(control),
1973 };
1974
1975 struct cmsghdr *cmsg;
1976 struct ucred *ucred = NULL;
1977 _cleanup_free_ Unit **array_copy = NULL;
1978 Unit *u1, *u2, **array;
1979 int r, *fd_array = NULL;
1980 unsigned n_fds = 0;
1981 bool found = false;
1982 ssize_t n;
1983
1984 assert(m);
1985 assert(m->notify_fd == fd);
1986
1987 if (revents != EPOLLIN) {
1988 log_warning("Got unexpected poll event for notify fd.");
1989 return 0;
1990 }
1991
1992 n = recvmsg(m->notify_fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC|MSG_TRUNC);
1993 if (n < 0) {
1994 if (IN_SET(errno, EAGAIN, EINTR))
1995 return 0; /* Spurious wakeup, try again */
1996
1997 /* If this is any other, real error, then let's stop processing this socket. This of course means we
1998 * won't take notification messages anymore, but that's still better than busy looping around this:
1999 * being woken up over and over again but being unable to actually read the message off the socket. */
2000 return log_error_errno(errno, "Failed to receive notification message: %m");
2001 }
2002
2003 CMSG_FOREACH(cmsg, &msghdr) {
2004 if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
2005
2006 fd_array = (int*) CMSG_DATA(cmsg);
2007 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2008
2009 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2010 cmsg->cmsg_type == SCM_CREDENTIALS &&
2011 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred))) {
2012
2013 ucred = (struct ucred*) CMSG_DATA(cmsg);
2014 }
2015 }
2016
2017 if (n_fds > 0) {
2018 assert(fd_array);
2019
2020 r = fdset_new_array(&fds, fd_array, n_fds);
2021 if (r < 0) {
2022 close_many(fd_array, n_fds);
2023 log_oom();
2024 return 0;
2025 }
2026 }
2027
2028 if (!ucred || !pid_is_valid(ucred->pid)) {
2029 log_warning("Received notify message without valid credentials. Ignoring.");
2030 return 0;
2031 }
2032
2033 if ((size_t) n >= sizeof(buf) || (msghdr.msg_flags & MSG_TRUNC)) {
2034 log_warning("Received notify message exceeded maximum size. Ignoring.");
2035 return 0;
2036 }
2037
2038 /* As extra safety check, let's make sure the string we get doesn't contain embedded NUL bytes. We permit one
2039 * trailing NUL byte in the message, but don't expect it. */
2040 if (n > 1 && memchr(buf, 0, n-1)) {
2041 log_warning("Received notify message with embedded NUL bytes. Ignoring.");
2042 return 0;
2043 }
2044
2045 /* Make sure it's NUL-terminated. */
2046 buf[n] = 0;
2047
2048 /* Increase the generation counter used for filtering out duplicate unit invocations. */
2049 m->notifygen++;
2050
2051 /* Notify every unit that might be interested, which might be multiple. */
2052 u1 = manager_get_unit_by_pid_cgroup(m, ucred->pid);
2053 u2 = hashmap_get(m->watch_pids, PID_TO_PTR(ucred->pid));
2054 array = hashmap_get(m->watch_pids, PID_TO_PTR(-ucred->pid));
2055 if (array) {
2056 size_t k = 0;
2057
2058 while (array[k])
2059 k++;
2060
2061 array_copy = newdup(Unit*, array, k+1);
2062 if (!array_copy)
2063 log_oom();
2064 }
2065 /* And now invoke the per-unit callbacks. Note that manager_invoke_notify_message() will handle duplicate units
2066 * make sure we only invoke each unit's handler once. */
2067 if (u1) {
2068 manager_invoke_notify_message(m, u1, ucred, buf, fds);
2069 found = true;
2070 }
2071 if (u2) {
2072 manager_invoke_notify_message(m, u2, ucred, buf, fds);
2073 found = true;
2074 }
2075 if (array_copy)
2076 for (size_t i = 0; array_copy[i]; i++) {
2077 manager_invoke_notify_message(m, array_copy[i], ucred, buf, fds);
2078 found = true;
2079 }
2080
2081 if (!found)
2082 log_warning("Cannot find unit for notify message of PID "PID_FMT", ignoring.", ucred->pid);
2083
2084 if (fdset_size(fds) > 0)
2085 log_warning("Got extra auxiliary fds with notification message, closing them.");
2086
2087 return 0;
2088 }
2089
2090 static void manager_invoke_sigchld_event(
2091 Manager *m,
2092 Unit *u,
2093 const siginfo_t *si) {
2094
2095 assert(m);
2096 assert(u);
2097 assert(si);
2098
2099 /* Already invoked the handler of this unit in this iteration? Then don't process this again */
2100 if (u->sigchldgen == m->sigchldgen)
2101 return;
2102 u->sigchldgen = m->sigchldgen;
2103
2104 log_unit_debug(u, "Child "PID_FMT" belongs to %s.", si->si_pid, u->id);
2105 unit_unwatch_pid(u, si->si_pid);
2106
2107 if (UNIT_VTABLE(u)->sigchld_event)
2108 UNIT_VTABLE(u)->sigchld_event(u, si->si_pid, si->si_code, si->si_status);
2109 }
2110
2111 static int manager_dispatch_sigchld(sd_event_source *source, void *userdata) {
2112 Manager *m = userdata;
2113 siginfo_t si = {};
2114 int r;
2115
2116 assert(source);
2117 assert(m);
2118
2119 /* First we call waitd() for a PID and do not reap the zombie. That way we can still access /proc/$PID for it
2120 * while it is a zombie. */
2121
2122 if (waitid(P_ALL, 0, &si, WEXITED|WNOHANG|WNOWAIT) < 0) {
2123
2124 if (errno != ECHILD)
2125 log_error_errno(errno, "Failed to peek for child with waitid(), ignoring: %m");
2126
2127 goto turn_off;
2128 }
2129
2130 if (si.si_pid <= 0)
2131 goto turn_off;
2132
2133 if (IN_SET(si.si_code, CLD_EXITED, CLD_KILLED, CLD_DUMPED)) {
2134 _cleanup_free_ Unit **array_copy = NULL;
2135 _cleanup_free_ char *name = NULL;
2136 Unit *u1, *u2, **array;
2137
2138 (void) get_process_comm(si.si_pid, &name);
2139
2140 log_debug("Child "PID_FMT" (%s) died (code=%s, status=%i/%s)",
2141 si.si_pid, strna(name),
2142 sigchld_code_to_string(si.si_code),
2143 si.si_status,
2144 strna(si.si_code == CLD_EXITED
2145 ? exit_status_to_string(si.si_status, EXIT_STATUS_FULL)
2146 : signal_to_string(si.si_status)));
2147
2148 /* Increase the generation counter used for filtering out duplicate unit invocations */
2149 m->sigchldgen++;
2150
2151 /* And now figure out the unit this belongs to, it might be multiple... */
2152 u1 = manager_get_unit_by_pid_cgroup(m, si.si_pid);
2153 u2 = hashmap_get(m->watch_pids, PID_TO_PTR(si.si_pid));
2154 array = hashmap_get(m->watch_pids, PID_TO_PTR(-si.si_pid));
2155 if (array) {
2156 size_t n = 0;
2157
2158 /* Cound how many entries the array has */
2159 while (array[n])
2160 n++;
2161
2162 /* Make a copy of the array so that we don't trip up on the array changing beneath us */
2163 array_copy = newdup(Unit*, array, n+1);
2164 if (!array_copy)
2165 log_oom();
2166 }
2167
2168 /* Finally, execute them all. Note that u1, u2 and the array might contain duplicates, but
2169 * that's fine, manager_invoke_sigchld_event() will ensure we only invoke the handlers once for
2170 * each iteration. */
2171 if (u1)
2172 manager_invoke_sigchld_event(m, u1, &si);
2173 if (u2)
2174 manager_invoke_sigchld_event(m, u2, &si);
2175 if (array_copy)
2176 for (size_t i = 0; array_copy[i]; i++)
2177 manager_invoke_sigchld_event(m, array_copy[i], &si);
2178 }
2179
2180 /* And now, we actually reap the zombie. */
2181 if (waitid(P_PID, si.si_pid, &si, WEXITED) < 0) {
2182 log_error_errno(errno, "Failed to dequeue child, ignoring: %m");
2183 return 0;
2184 }
2185
2186 return 0;
2187
2188 turn_off:
2189 /* All children processed for now, turn off event source */
2190
2191 r = sd_event_source_set_enabled(m->sigchld_event_source, SD_EVENT_OFF);
2192 if (r < 0)
2193 return log_error_errno(r, "Failed to disable SIGCHLD event source: %m");
2194
2195 return 0;
2196 }
2197
2198 static void manager_start_target(Manager *m, const char *name, JobMode mode) {
2199 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2200 int r;
2201
2202 log_debug("Activating special unit %s", name);
2203
2204 r = manager_add_job_by_name(m, JOB_START, name, mode, &error, NULL);
2205 if (r < 0)
2206 log_error("Failed to enqueue %s job: %s", name, bus_error_message(&error, r));
2207 }
2208
2209 static void manager_handle_ctrl_alt_del(Manager *m) {
2210 /* If the user presses C-A-D more than
2211 * 7 times within 2s, we reboot/shutdown immediately,
2212 * unless it was disabled in system.conf */
2213
2214 if (ratelimit_test(&m->ctrl_alt_del_ratelimit) || m->cad_burst_action == EMERGENCY_ACTION_NONE)
2215 manager_start_target(m, SPECIAL_CTRL_ALT_DEL_TARGET, JOB_REPLACE_IRREVERSIBLY);
2216 else
2217 emergency_action(m, m->cad_burst_action, NULL,
2218 "Ctrl-Alt-Del was pressed more than 7 times within 2s");
2219 }
2220
2221 static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2222 Manager *m = userdata;
2223 ssize_t n;
2224 struct signalfd_siginfo sfsi;
2225 int r;
2226
2227 assert(m);
2228 assert(m->signal_fd == fd);
2229
2230 if (revents != EPOLLIN) {
2231 log_warning("Got unexpected events from signal file descriptor.");
2232 return 0;
2233 }
2234
2235 n = read(m->signal_fd, &sfsi, sizeof(sfsi));
2236 if (n != sizeof(sfsi)) {
2237 if (n >= 0) {
2238 log_warning("Truncated read from signal fd (%zu bytes), ignoring!", n);
2239 return 0;
2240 }
2241
2242 if (IN_SET(errno, EINTR, EAGAIN))
2243 return 0;
2244
2245 /* We return an error here, which will kill this handler,
2246 * to avoid a busy loop on read error. */
2247 return log_error_errno(errno, "Reading from signal fd failed: %m");
2248 }
2249
2250 log_received_signal(sfsi.ssi_signo == SIGCHLD ||
2251 (sfsi.ssi_signo == SIGTERM && MANAGER_IS_USER(m))
2252 ? LOG_DEBUG : LOG_INFO,
2253 &sfsi);
2254
2255 switch (sfsi.ssi_signo) {
2256
2257 case SIGCHLD:
2258 r = sd_event_source_set_enabled(m->sigchld_event_source, SD_EVENT_ON);
2259 if (r < 0)
2260 log_warning_errno(r, "Failed to enable SIGCHLD event source, ignoring: %m");
2261
2262 break;
2263
2264 case SIGTERM:
2265 if (MANAGER_IS_SYSTEM(m)) {
2266 /* This is for compatibility with the
2267 * original sysvinit */
2268 r = verify_run_space_and_log("Refusing to reexecute");
2269 if (r >= 0)
2270 m->exit_code = MANAGER_REEXECUTE;
2271 break;
2272 }
2273
2274 _fallthrough_;
2275 case SIGINT:
2276 if (MANAGER_IS_SYSTEM(m))
2277 manager_handle_ctrl_alt_del(m);
2278 else
2279 manager_start_target(m, SPECIAL_EXIT_TARGET,
2280 JOB_REPLACE_IRREVERSIBLY);
2281 break;
2282
2283 case SIGWINCH:
2284 if (MANAGER_IS_SYSTEM(m))
2285 manager_start_target(m, SPECIAL_KBREQUEST_TARGET, JOB_REPLACE);
2286
2287 /* This is a nop on non-init */
2288 break;
2289
2290 case SIGPWR:
2291 if (MANAGER_IS_SYSTEM(m))
2292 manager_start_target(m, SPECIAL_SIGPWR_TARGET, JOB_REPLACE);
2293
2294 /* This is a nop on non-init */
2295 break;
2296
2297 case SIGUSR1: {
2298 Unit *u;
2299
2300 u = manager_get_unit(m, SPECIAL_DBUS_SERVICE);
2301
2302 if (!u || UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u))) {
2303 log_info("Trying to reconnect to bus...");
2304 bus_init(m, true);
2305 }
2306
2307 if (!u || !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u))) {
2308 log_info("Loading D-Bus service...");
2309 manager_start_target(m, SPECIAL_DBUS_SERVICE, JOB_REPLACE);
2310 }
2311
2312 break;
2313 }
2314
2315 case SIGUSR2: {
2316 _cleanup_free_ char *dump = NULL;
2317
2318 r = manager_get_dump_string(m, &dump);
2319 if (r < 0) {
2320 log_warning_errno(errno, "Failed to acquire manager dump: %m");
2321 break;
2322 }
2323
2324 log_dump(LOG_INFO, dump);
2325 break;
2326 }
2327
2328 case SIGHUP:
2329 r = verify_run_space_and_log("Refusing to reload");
2330 if (r >= 0)
2331 m->exit_code = MANAGER_RELOAD;
2332 break;
2333
2334 default: {
2335
2336 /* Starting SIGRTMIN+0 */
2337 static const struct {
2338 const char *target;
2339 JobMode mode;
2340 } target_table[] = {
2341 [0] = { SPECIAL_DEFAULT_TARGET, JOB_ISOLATE },
2342 [1] = { SPECIAL_RESCUE_TARGET, JOB_ISOLATE },
2343 [2] = { SPECIAL_EMERGENCY_TARGET, JOB_ISOLATE },
2344 [3] = { SPECIAL_HALT_TARGET, JOB_REPLACE_IRREVERSIBLY },
2345 [4] = { SPECIAL_POWEROFF_TARGET, JOB_REPLACE_IRREVERSIBLY },
2346 [5] = { SPECIAL_REBOOT_TARGET, JOB_REPLACE_IRREVERSIBLY },
2347 [6] = { SPECIAL_KEXEC_TARGET, JOB_REPLACE_IRREVERSIBLY },
2348 };
2349
2350 /* Starting SIGRTMIN+13, so that target halt and system halt are 10 apart */
2351 static const ManagerExitCode code_table[] = {
2352 [0] = MANAGER_HALT,
2353 [1] = MANAGER_POWEROFF,
2354 [2] = MANAGER_REBOOT,
2355 [3] = MANAGER_KEXEC,
2356 };
2357
2358 if ((int) sfsi.ssi_signo >= SIGRTMIN+0 &&
2359 (int) sfsi.ssi_signo < SIGRTMIN+(int) ELEMENTSOF(target_table)) {
2360 int idx = (int) sfsi.ssi_signo - SIGRTMIN;
2361 manager_start_target(m, target_table[idx].target,
2362 target_table[idx].mode);
2363 break;
2364 }
2365
2366 if ((int) sfsi.ssi_signo >= SIGRTMIN+13 &&
2367 (int) sfsi.ssi_signo < SIGRTMIN+13+(int) ELEMENTSOF(code_table)) {
2368 m->exit_code = code_table[sfsi.ssi_signo - SIGRTMIN - 13];
2369 break;
2370 }
2371
2372 switch (sfsi.ssi_signo - SIGRTMIN) {
2373
2374 case 20:
2375 manager_set_show_status(m, SHOW_STATUS_YES);
2376 break;
2377
2378 case 21:
2379 manager_set_show_status(m, SHOW_STATUS_NO);
2380 break;
2381
2382 case 22:
2383 log_set_max_level(LOG_DEBUG);
2384 log_info("Setting log level to debug.");
2385 break;
2386
2387 case 23:
2388 log_set_max_level(LOG_INFO);
2389 log_info("Setting log level to info.");
2390 break;
2391
2392 case 24:
2393 if (MANAGER_IS_USER(m)) {
2394 m->exit_code = MANAGER_EXIT;
2395 return 0;
2396 }
2397
2398 /* This is a nop on init */
2399 break;
2400
2401 case 26:
2402 case 29: /* compatibility: used to be mapped to LOG_TARGET_SYSLOG_OR_KMSG */
2403 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
2404 log_notice("Setting log target to journal-or-kmsg.");
2405 break;
2406
2407 case 27:
2408 log_set_target(LOG_TARGET_CONSOLE);
2409 log_notice("Setting log target to console.");
2410 break;
2411
2412 case 28:
2413 log_set_target(LOG_TARGET_KMSG);
2414 log_notice("Setting log target to kmsg.");
2415 break;
2416
2417 default:
2418 log_warning("Got unhandled signal <%s>.", signal_to_string(sfsi.ssi_signo));
2419 }
2420 }}
2421
2422 return 0;
2423 }
2424
2425 static int manager_dispatch_time_change_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2426 Manager *m = userdata;
2427 Iterator i;
2428 Unit *u;
2429
2430 assert(m);
2431 assert(m->time_change_fd == fd);
2432
2433 log_struct(LOG_DEBUG,
2434 "MESSAGE_ID=" SD_MESSAGE_TIME_CHANGE_STR,
2435 LOG_MESSAGE("Time has been changed"),
2436 NULL);
2437
2438 /* Restart the watch */
2439 m->time_change_event_source = sd_event_source_unref(m->time_change_event_source);
2440 m->time_change_fd = safe_close(m->time_change_fd);
2441
2442 manager_setup_time_change(m);
2443
2444 HASHMAP_FOREACH(u, m->units, i)
2445 if (UNIT_VTABLE(u)->time_change)
2446 UNIT_VTABLE(u)->time_change(u);
2447
2448 return 0;
2449 }
2450
2451 static int manager_dispatch_idle_pipe_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2452 Manager *m = userdata;
2453
2454 assert(m);
2455 assert(m->idle_pipe[2] == fd);
2456
2457 /* There's at least one Type=idle child that just gave up on us waiting for the boot process to complete. Let's
2458 * now turn off any further console output if there's at least one service that needs console access, so that
2459 * from now on our own output should not spill into that service's output anymore. After all, we support
2460 * Type=idle only to beautify console output and it generally is set on services that want to own the console
2461 * exclusively without our interference. */
2462 m->no_console_output = m->n_on_console > 0;
2463
2464 /* Acknowledge the child's request, and let all all other children know too that they shouldn't wait any longer
2465 * by closing the pipes towards them, which is what they are waiting for. */
2466 manager_close_idle_pipe(m);
2467
2468 return 0;
2469 }
2470
2471 static int manager_dispatch_jobs_in_progress(sd_event_source *source, usec_t usec, void *userdata) {
2472 Manager *m = userdata;
2473 int r;
2474 uint64_t next;
2475
2476 assert(m);
2477 assert(source);
2478
2479 manager_print_jobs_in_progress(m);
2480
2481 next = now(CLOCK_MONOTONIC) + JOBS_IN_PROGRESS_PERIOD_USEC;
2482 r = sd_event_source_set_time(source, next);
2483 if (r < 0)
2484 return r;
2485
2486 return sd_event_source_set_enabled(source, SD_EVENT_ONESHOT);
2487 }
2488
2489 int manager_loop(Manager *m) {
2490 int r;
2491
2492 RATELIMIT_DEFINE(rl, 1*USEC_PER_SEC, 50000);
2493
2494 assert(m);
2495 m->exit_code = MANAGER_OK;
2496
2497 /* Release the path cache */
2498 m->unit_path_cache = set_free_free(m->unit_path_cache);
2499
2500 manager_check_finished(m);
2501
2502 /* There might still be some zombies hanging around from before we were exec()'ed. Let's reap them. */
2503 r = sd_event_source_set_enabled(m->sigchld_event_source, SD_EVENT_ON);
2504 if (r < 0)
2505 return log_error_errno(r, "Failed to enable SIGCHLD event source: %m");
2506
2507 while (m->exit_code == MANAGER_OK) {
2508 usec_t wait_usec;
2509
2510 if (m->runtime_watchdog > 0 && m->runtime_watchdog != USEC_INFINITY && MANAGER_IS_SYSTEM(m))
2511 watchdog_ping();
2512
2513 if (!ratelimit_test(&rl)) {
2514 /* Yay, something is going seriously wrong, pause a little */
2515 log_warning("Looping too fast. Throttling execution a little.");
2516 sleep(1);
2517 }
2518
2519 if (manager_dispatch_load_queue(m) > 0)
2520 continue;
2521
2522 if (manager_dispatch_gc_job_queue(m) > 0)
2523 continue;
2524
2525 if (manager_dispatch_gc_unit_queue(m) > 0)
2526 continue;
2527
2528 if (manager_dispatch_cleanup_queue(m) > 0)
2529 continue;
2530
2531 if (manager_dispatch_cgroup_realize_queue(m) > 0)
2532 continue;
2533
2534 if (manager_dispatch_dbus_queue(m) > 0)
2535 continue;
2536
2537 /* Sleep for half the watchdog time */
2538 if (m->runtime_watchdog > 0 && m->runtime_watchdog != USEC_INFINITY && MANAGER_IS_SYSTEM(m)) {
2539 wait_usec = m->runtime_watchdog / 2;
2540 if (wait_usec <= 0)
2541 wait_usec = 1;
2542 } else
2543 wait_usec = USEC_INFINITY;
2544
2545 r = sd_event_run(m->event, wait_usec);
2546 if (r < 0)
2547 return log_error_errno(r, "Failed to run event loop: %m");
2548 }
2549
2550 return m->exit_code;
2551 }
2552
2553 int manager_load_unit_from_dbus_path(Manager *m, const char *s, sd_bus_error *e, Unit **_u) {
2554 _cleanup_free_ char *n = NULL;
2555 sd_id128_t invocation_id;
2556 Unit *u;
2557 int r;
2558
2559 assert(m);
2560 assert(s);
2561 assert(_u);
2562
2563 r = unit_name_from_dbus_path(s, &n);
2564 if (r < 0)
2565 return r;
2566
2567 /* Permit addressing units by invocation ID: if the passed bus path is suffixed by a 128bit ID then we use it
2568 * as invocation ID. */
2569 r = sd_id128_from_string(n, &invocation_id);
2570 if (r >= 0) {
2571 u = hashmap_get(m->units_by_invocation_id, &invocation_id);
2572 if (u) {
2573 *_u = u;
2574 return 0;
2575 }
2576
2577 return sd_bus_error_setf(e, BUS_ERROR_NO_UNIT_FOR_INVOCATION_ID, "No unit with the specified invocation ID " SD_ID128_FORMAT_STR " known.", SD_ID128_FORMAT_VAL(invocation_id));
2578 }
2579
2580 /* If this didn't work, we check if this is a unit name */
2581 if (!unit_name_is_valid(n, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
2582 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is neither a valid invocation ID nor unit name.", n);
2583
2584 r = manager_load_unit(m, n, NULL, e, &u);
2585 if (r < 0)
2586 return r;
2587
2588 *_u = u;
2589 return 0;
2590 }
2591
2592 int manager_get_job_from_dbus_path(Manager *m, const char *s, Job **_j) {
2593 const char *p;
2594 unsigned id;
2595 Job *j;
2596 int r;
2597
2598 assert(m);
2599 assert(s);
2600 assert(_j);
2601
2602 p = startswith(s, "/org/freedesktop/systemd1/job/");
2603 if (!p)
2604 return -EINVAL;
2605
2606 r = safe_atou(p, &id);
2607 if (r < 0)
2608 return r;
2609
2610 j = manager_get_job(m, id);
2611 if (!j)
2612 return -ENOENT;
2613
2614 *_j = j;
2615
2616 return 0;
2617 }
2618
2619 void manager_send_unit_audit(Manager *m, Unit *u, int type, bool success) {
2620
2621 #if HAVE_AUDIT
2622 _cleanup_free_ char *p = NULL;
2623 const char *msg;
2624 int audit_fd, r;
2625
2626 if (!MANAGER_IS_SYSTEM(m))
2627 return;
2628
2629 audit_fd = get_audit_fd();
2630 if (audit_fd < 0)
2631 return;
2632
2633 /* Don't generate audit events if the service was already
2634 * started and we're just deserializing */
2635 if (MANAGER_IS_RELOADING(m))
2636 return;
2637
2638 if (u->type != UNIT_SERVICE)
2639 return;
2640
2641 r = unit_name_to_prefix_and_instance(u->id, &p);
2642 if (r < 0) {
2643 log_error_errno(r, "Failed to extract prefix and instance of unit name: %m");
2644 return;
2645 }
2646
2647 msg = strjoina("unit=", p);
2648 if (audit_log_user_comm_message(audit_fd, type, msg, "systemd", NULL, NULL, NULL, success) < 0) {
2649 if (errno == EPERM)
2650 /* We aren't allowed to send audit messages?
2651 * Then let's not retry again. */
2652 close_audit_fd();
2653 else
2654 log_warning_errno(errno, "Failed to send audit message: %m");
2655 }
2656 #endif
2657
2658 }
2659
2660 void manager_send_unit_plymouth(Manager *m, Unit *u) {
2661 static const union sockaddr_union sa = PLYMOUTH_SOCKET;
2662 _cleanup_free_ char *message = NULL;
2663 _cleanup_close_ int fd = -1;
2664 int n = 0;
2665
2666 /* Don't generate plymouth events if the service was already
2667 * started and we're just deserializing */
2668 if (MANAGER_IS_RELOADING(m))
2669 return;
2670
2671 if (!MANAGER_IS_SYSTEM(m))
2672 return;
2673
2674 if (detect_container() > 0)
2675 return;
2676
2677 if (!IN_SET(u->type, UNIT_SERVICE, UNIT_MOUNT, UNIT_SWAP))
2678 return;
2679
2680 /* We set SOCK_NONBLOCK here so that we rather drop the
2681 * message then wait for plymouth */
2682 fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2683 if (fd < 0) {
2684 log_error_errno(errno, "socket() failed: %m");
2685 return;
2686 }
2687
2688 if (connect(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un)) < 0) {
2689
2690 if (!IN_SET(errno, EPIPE, EAGAIN, ENOENT, ECONNREFUSED, ECONNRESET, ECONNABORTED))
2691 log_error_errno(errno, "connect() failed: %m");
2692 return;
2693 }
2694
2695 if (asprintf(&message, "U\002%c%s%n", (int) (strlen(u->id) + 1), u->id, &n) < 0) {
2696 log_oom();
2697 return;
2698 }
2699
2700 errno = 0;
2701 if (write(fd, message, n + 1) != n + 1)
2702 if (!IN_SET(errno, EPIPE, EAGAIN, ENOENT, ECONNREFUSED, ECONNRESET, ECONNABORTED))
2703 log_error_errno(errno, "Failed to write Plymouth message: %m");
2704 }
2705
2706 int manager_open_serialization(Manager *m, FILE **_f) {
2707 int fd;
2708 FILE *f;
2709
2710 assert(_f);
2711
2712 fd = open_serialization_fd("systemd-state");
2713 if (fd < 0)
2714 return fd;
2715
2716 f = fdopen(fd, "w+");
2717 if (!f) {
2718 safe_close(fd);
2719 return -errno;
2720 }
2721
2722 *_f = f;
2723 return 0;
2724 }
2725
2726 int manager_serialize(Manager *m, FILE *f, FDSet *fds, bool switching_root) {
2727 ManagerTimestamp q;
2728 const char *t;
2729 Iterator i;
2730 Unit *u;
2731 int r;
2732
2733 assert(m);
2734 assert(f);
2735 assert(fds);
2736
2737 m->n_reloading++;
2738
2739 fprintf(f, "current-job-id=%"PRIu32"\n", m->current_job_id);
2740 fprintf(f, "n-installed-jobs=%u\n", m->n_installed_jobs);
2741 fprintf(f, "n-failed-jobs=%u\n", m->n_failed_jobs);
2742 fprintf(f, "taint-usr=%s\n", yes_no(m->taint_usr));
2743 fprintf(f, "ready-sent=%s\n", yes_no(m->ready_sent));
2744 fprintf(f, "taint-logged=%s\n", yes_no(m->taint_logged));
2745 fprintf(f, "service-watchdogs=%s\n", yes_no(m->service_watchdogs));
2746
2747 for (q = 0; q < _MANAGER_TIMESTAMP_MAX; q++) {
2748 /* The userspace and finish timestamps only apply to the host system, hence only serialize them there */
2749 if (in_initrd() && IN_SET(q, MANAGER_TIMESTAMP_USERSPACE, MANAGER_TIMESTAMP_FINISH))
2750 continue;
2751
2752 t = manager_timestamp_to_string(q);
2753 {
2754 char field[strlen(t) + STRLEN("-timestamp") + 1];
2755 strcpy(stpcpy(field, t), "-timestamp");
2756 dual_timestamp_serialize(f, field, m->timestamps + q);
2757 }
2758 }
2759
2760 if (!switching_root)
2761 (void) serialize_environment(f, m->environment);
2762
2763 if (m->notify_fd >= 0) {
2764 int copy;
2765
2766 copy = fdset_put_dup(fds, m->notify_fd);
2767 if (copy < 0)
2768 return copy;
2769
2770 fprintf(f, "notify-fd=%i\n", copy);
2771 fprintf(f, "notify-socket=%s\n", m->notify_socket);
2772 }
2773
2774 if (m->cgroups_agent_fd >= 0) {
2775 int copy;
2776
2777 copy = fdset_put_dup(fds, m->cgroups_agent_fd);
2778 if (copy < 0)
2779 return copy;
2780
2781 fprintf(f, "cgroups-agent-fd=%i\n", copy);
2782 }
2783
2784 if (m->user_lookup_fds[0] >= 0) {
2785 int copy0, copy1;
2786
2787 copy0 = fdset_put_dup(fds, m->user_lookup_fds[0]);
2788 if (copy0 < 0)
2789 return copy0;
2790
2791 copy1 = fdset_put_dup(fds, m->user_lookup_fds[1]);
2792 if (copy1 < 0)
2793 return copy1;
2794
2795 fprintf(f, "user-lookup=%i %i\n", copy0, copy1);
2796 }
2797
2798 bus_track_serialize(m->subscribed, f, "subscribed");
2799
2800 r = dynamic_user_serialize(m, f, fds);
2801 if (r < 0)
2802 return r;
2803
2804 manager_serialize_uid_refs(m, f);
2805 manager_serialize_gid_refs(m, f);
2806
2807 r = exec_runtime_serialize(m, f, fds);
2808 if (r < 0)
2809 return r;
2810
2811 (void) fputc('\n', f);
2812
2813 HASHMAP_FOREACH_KEY(u, t, m->units, i) {
2814 if (u->id != t)
2815 continue;
2816
2817 /* Start marker */
2818 fputs(u->id, f);
2819 fputc('\n', f);
2820
2821 r = unit_serialize(u, f, fds, !switching_root);
2822 if (r < 0) {
2823 m->n_reloading--;
2824 return r;
2825 }
2826 }
2827
2828 assert(m->n_reloading > 0);
2829 m->n_reloading--;
2830
2831 if (ferror(f))
2832 return -EIO;
2833
2834 r = bus_fdset_add_all(m, fds);
2835 if (r < 0)
2836 return r;
2837
2838 return 0;
2839 }
2840
2841 int manager_deserialize(Manager *m, FILE *f, FDSet *fds) {
2842 int r = 0;
2843
2844 assert(m);
2845 assert(f);
2846
2847 log_debug("Deserializing state...");
2848
2849 m->n_reloading++;
2850
2851 for (;;) {
2852 char line[LINE_MAX];
2853 const char *val, *l;
2854
2855 if (!fgets(line, sizeof(line), f)) {
2856 if (feof(f))
2857 r = 0;
2858 else
2859 r = -errno;
2860
2861 goto finish;
2862 }
2863
2864 char_array_0(line);
2865 l = strstrip(line);
2866
2867 if (l[0] == 0)
2868 break;
2869
2870 if ((val = startswith(l, "current-job-id="))) {
2871 uint32_t id;
2872
2873 if (safe_atou32(val, &id) < 0)
2874 log_notice("Failed to parse current job id value %s", val);
2875 else
2876 m->current_job_id = MAX(m->current_job_id, id);
2877
2878 } else if ((val = startswith(l, "n-installed-jobs="))) {
2879 uint32_t n;
2880
2881 if (safe_atou32(val, &n) < 0)
2882 log_notice("Failed to parse installed jobs counter %s", val);
2883 else
2884 m->n_installed_jobs += n;
2885
2886 } else if ((val = startswith(l, "n-failed-jobs="))) {
2887 uint32_t n;
2888
2889 if (safe_atou32(val, &n) < 0)
2890 log_notice("Failed to parse failed jobs counter %s", val);
2891 else
2892 m->n_failed_jobs += n;
2893
2894 } else if ((val = startswith(l, "taint-usr="))) {
2895 int b;
2896
2897 b = parse_boolean(val);
2898 if (b < 0)
2899 log_notice("Failed to parse taint /usr flag %s", val);
2900 else
2901 m->taint_usr = m->taint_usr || b;
2902
2903 } else if ((val = startswith(l, "ready-sent="))) {
2904 int b;
2905
2906 b = parse_boolean(val);
2907 if (b < 0)
2908 log_notice("Failed to parse ready-sent flag %s", val);
2909 else
2910 m->ready_sent = m->ready_sent || b;
2911
2912 } else if ((val = startswith(l, "taint-logged="))) {
2913 int b;
2914
2915 b = parse_boolean(val);
2916 if (b < 0)
2917 log_notice("Failed to parse taint-logged flag %s", val);
2918 else
2919 m->taint_logged = m->taint_logged || b;
2920
2921 } else if ((val = startswith(l, "service-watchdogs="))) {
2922 int b;
2923
2924 b = parse_boolean(val);
2925 if (b < 0)
2926 log_notice("Failed to parse service-watchdogs flag %s", val);
2927 else
2928 m->service_watchdogs = b;
2929
2930 } else if (startswith(l, "env=")) {
2931 r = deserialize_environment(&m->environment, l);
2932 if (r == -ENOMEM)
2933 goto finish;
2934 if (r < 0)
2935 log_notice_errno(r, "Failed to parse environment entry: \"%s\": %m", l);
2936
2937 } else if ((val = startswith(l, "notify-fd="))) {
2938 int fd;
2939
2940 if (safe_atoi(val, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
2941 log_notice("Failed to parse notify fd: \"%s\"", val);
2942 else {
2943 m->notify_event_source = sd_event_source_unref(m->notify_event_source);
2944 safe_close(m->notify_fd);
2945 m->notify_fd = fdset_remove(fds, fd);
2946 }
2947
2948 } else if ((val = startswith(l, "notify-socket="))) {
2949 char *n;
2950
2951 n = strdup(val);
2952 if (!n) {
2953 r = -ENOMEM;
2954 goto finish;
2955 }
2956
2957 free(m->notify_socket);
2958 m->notify_socket = n;
2959
2960 } else if ((val = startswith(l, "cgroups-agent-fd="))) {
2961 int fd;
2962
2963 if (safe_atoi(val, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
2964 log_notice("Failed to parse cgroups agent fd: %s", val);
2965 else {
2966 m->cgroups_agent_event_source = sd_event_source_unref(m->cgroups_agent_event_source);
2967 safe_close(m->cgroups_agent_fd);
2968 m->cgroups_agent_fd = fdset_remove(fds, fd);
2969 }
2970
2971 } else if ((val = startswith(l, "user-lookup="))) {
2972 int fd0, fd1;
2973
2974 if (sscanf(val, "%i %i", &fd0, &fd1) != 2 || fd0 < 0 || fd1 < 0 || fd0 == fd1 || !fdset_contains(fds, fd0) || !fdset_contains(fds, fd1))
2975 log_notice("Failed to parse user lookup fd: %s", val);
2976 else {
2977 m->user_lookup_event_source = sd_event_source_unref(m->user_lookup_event_source);
2978 safe_close_pair(m->user_lookup_fds);
2979 m->user_lookup_fds[0] = fdset_remove(fds, fd0);
2980 m->user_lookup_fds[1] = fdset_remove(fds, fd1);
2981 }
2982
2983 } else if ((val = startswith(l, "dynamic-user=")))
2984 dynamic_user_deserialize_one(m, val, fds);
2985 else if ((val = startswith(l, "destroy-ipc-uid=")))
2986 manager_deserialize_uid_refs_one(m, val);
2987 else if ((val = startswith(l, "destroy-ipc-gid=")))
2988 manager_deserialize_gid_refs_one(m, val);
2989 else if ((val = startswith(l, "exec-runtime=")))
2990 exec_runtime_deserialize_one(m, val, fds);
2991 else if ((val = startswith(l, "subscribed="))) {
2992
2993 if (strv_extend(&m->deserialized_subscribed, val) < 0)
2994 log_oom();
2995 } else {
2996 ManagerTimestamp q;
2997
2998 for (q = 0; q < _MANAGER_TIMESTAMP_MAX; q++) {
2999 val = startswith(l, manager_timestamp_to_string(q));
3000 if (!val)
3001 continue;
3002
3003 val = startswith(val, "-timestamp=");
3004 if (val)
3005 break;
3006 }
3007
3008 if (q < _MANAGER_TIMESTAMP_MAX) /* found it */
3009 dual_timestamp_deserialize(val, m->timestamps + q);
3010 else if (!startswith(l, "kdbus-fd=")) /* ignore kdbus */
3011 log_notice("Unknown serialization item '%s'", l);
3012 }
3013 }
3014
3015 for (;;) {
3016 Unit *u;
3017 char name[UNIT_NAME_MAX+2];
3018 const char* unit_name;
3019
3020 /* Start marker */
3021 if (!fgets(name, sizeof(name), f)) {
3022 if (feof(f))
3023 r = 0;
3024 else
3025 r = -errno;
3026
3027 goto finish;
3028 }
3029
3030 char_array_0(name);
3031 unit_name = strstrip(name);
3032
3033 r = manager_load_unit(m, unit_name, NULL, NULL, &u);
3034 if (r < 0) {
3035 log_notice_errno(r, "Failed to load unit \"%s\", skipping deserialization: %m", unit_name);
3036 if (r == -ENOMEM)
3037 goto finish;
3038 unit_deserialize_skip(f);
3039 continue;
3040 }
3041
3042 r = unit_deserialize(u, f, fds);
3043 if (r < 0) {
3044 log_notice_errno(r, "Failed to deserialize unit \"%s\": %m", unit_name);
3045 if (r == -ENOMEM)
3046 goto finish;
3047 }
3048 }
3049
3050 finish:
3051 if (ferror(f))
3052 r = -EIO;
3053
3054 assert(m->n_reloading > 0);
3055 m->n_reloading--;
3056
3057 return r;
3058 }
3059
3060 int manager_reload(Manager *m) {
3061 int r, q;
3062 _cleanup_fclose_ FILE *f = NULL;
3063 _cleanup_fdset_free_ FDSet *fds = NULL;
3064
3065 assert(m);
3066
3067 r = manager_open_serialization(m, &f);
3068 if (r < 0)
3069 return r;
3070
3071 m->n_reloading++;
3072 bus_manager_send_reloading(m, true);
3073
3074 fds = fdset_new();
3075 if (!fds) {
3076 m->n_reloading--;
3077 return -ENOMEM;
3078 }
3079
3080 r = manager_serialize(m, f, fds, false);
3081 if (r < 0) {
3082 m->n_reloading--;
3083 return r;
3084 }
3085
3086 if (fseeko(f, 0, SEEK_SET) < 0) {
3087 m->n_reloading--;
3088 return -errno;
3089 }
3090
3091 /* From here on there is no way back. */
3092 manager_clear_jobs_and_units(m);
3093 lookup_paths_flush_generator(&m->lookup_paths);
3094 lookup_paths_free(&m->lookup_paths);
3095 exec_runtime_vacuum(m);
3096 dynamic_user_vacuum(m, false);
3097 m->uid_refs = hashmap_free(m->uid_refs);
3098 m->gid_refs = hashmap_free(m->gid_refs);
3099
3100 q = lookup_paths_init(&m->lookup_paths, m->unit_file_scope, 0, NULL);
3101 if (q < 0 && r >= 0)
3102 r = q;
3103
3104 q = manager_run_environment_generators(m);
3105 if (q < 0 && r >= 0)
3106 r = q;
3107
3108 /* Find new unit paths */
3109 q = manager_run_generators(m);
3110 if (q < 0 && r >= 0)
3111 r = q;
3112
3113 lookup_paths_reduce(&m->lookup_paths);
3114 manager_build_unit_path_cache(m);
3115
3116 /* First, enumerate what we can from all config files */
3117 manager_enumerate(m);
3118
3119 /* Second, deserialize our stored data */
3120 q = manager_deserialize(m, f, fds);
3121 if (q < 0) {
3122 log_error_errno(q, "Deserialization failed: %m");
3123
3124 if (r >= 0)
3125 r = q;
3126 }
3127
3128 fclose(f);
3129 f = NULL;
3130
3131 /* Re-register notify_fd as event source */
3132 q = manager_setup_notify(m);
3133 if (q < 0 && r >= 0)
3134 r = q;
3135
3136 q = manager_setup_cgroups_agent(m);
3137 if (q < 0 && r >= 0)
3138 r = q;
3139
3140 q = manager_setup_user_lookup_fd(m);
3141 if (q < 0 && r >= 0)
3142 r = q;
3143
3144 /* Third, fire things up! */
3145 manager_coldplug(m);
3146
3147 /* Release any dynamic users no longer referenced */
3148 dynamic_user_vacuum(m, true);
3149
3150 /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */
3151 manager_vacuum_uid_refs(m);
3152 manager_vacuum_gid_refs(m);
3153
3154 exec_runtime_vacuum(m);
3155
3156 /* It might be safe to log to the journal now. */
3157 manager_recheck_journal(m);
3158
3159 /* Sync current state of bus names with our set of listening units */
3160 if (m->api_bus)
3161 manager_sync_bus_names(m, m->api_bus);
3162
3163 assert(m->n_reloading > 0);
3164 m->n_reloading--;
3165
3166 m->send_reloading_done = true;
3167
3168 return r;
3169 }
3170
3171 void manager_reset_failed(Manager *m) {
3172 Unit *u;
3173 Iterator i;
3174
3175 assert(m);
3176
3177 HASHMAP_FOREACH(u, m->units, i)
3178 unit_reset_failed(u);
3179 }
3180
3181 bool manager_unit_inactive_or_pending(Manager *m, const char *name) {
3182 Unit *u;
3183
3184 assert(m);
3185 assert(name);
3186
3187 /* Returns true if the unit is inactive or going down */
3188 u = manager_get_unit(m, name);
3189 if (!u)
3190 return true;
3191
3192 return unit_inactive_or_pending(u);
3193 }
3194
3195 static void log_taint_string(Manager *m) {
3196 _cleanup_free_ char *taint = NULL;
3197
3198 assert(m);
3199
3200 if (MANAGER_IS_USER(m) || m->taint_logged)
3201 return;
3202
3203 m->taint_logged = true; /* only check for taint once */
3204
3205 taint = manager_taint_string(m);
3206 if (isempty(taint))
3207 return;
3208
3209 log_struct(LOG_NOTICE,
3210 LOG_MESSAGE("System is tainted: %s", taint),
3211 "TAINT=%s", taint,
3212 "MESSAGE_ID=" SD_MESSAGE_TAINTED_STR,
3213 NULL);
3214 }
3215
3216 static void manager_notify_finished(Manager *m) {
3217 char userspace[FORMAT_TIMESPAN_MAX], initrd[FORMAT_TIMESPAN_MAX], kernel[FORMAT_TIMESPAN_MAX], sum[FORMAT_TIMESPAN_MAX];
3218 usec_t firmware_usec, loader_usec, kernel_usec, initrd_usec, userspace_usec, total_usec;
3219
3220 if (m->test_run_flags)
3221 return;
3222
3223 if (MANAGER_IS_SYSTEM(m) && detect_container() <= 0) {
3224 char ts[FORMAT_TIMESPAN_MAX];
3225 char buf[FORMAT_TIMESPAN_MAX + STRLEN(" (firmware) + ") + FORMAT_TIMESPAN_MAX + STRLEN(" (loader) + ")]
3226 = {};
3227 char *p = buf;
3228 size_t size = sizeof buf;
3229
3230 /* Note that MANAGER_TIMESTAMP_KERNEL's monotonic value is always at 0, and
3231 * MANAGER_TIMESTAMP_FIRMWARE's and MANAGER_TIMESTAMP_LOADER's monotonic value should be considered
3232 * negative values. */
3233
3234 firmware_usec = m->timestamps[MANAGER_TIMESTAMP_FIRMWARE].monotonic - m->timestamps[MANAGER_TIMESTAMP_LOADER].monotonic;
3235 loader_usec = m->timestamps[MANAGER_TIMESTAMP_LOADER].monotonic - m->timestamps[MANAGER_TIMESTAMP_KERNEL].monotonic;
3236 userspace_usec = m->timestamps[MANAGER_TIMESTAMP_FINISH].monotonic - m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic;
3237 total_usec = m->timestamps[MANAGER_TIMESTAMP_FIRMWARE].monotonic + m->timestamps[MANAGER_TIMESTAMP_FINISH].monotonic;
3238
3239 if (firmware_usec > 0)
3240 size = strpcpyf(&p, size, "%s (firmware) + ", format_timespan(ts, sizeof(ts), firmware_usec, USEC_PER_MSEC));
3241 if (loader_usec > 0)
3242 size = strpcpyf(&p, size, "%s (loader) + ", format_timespan(ts, sizeof(ts), loader_usec, USEC_PER_MSEC));
3243
3244 if (dual_timestamp_is_set(&m->timestamps[MANAGER_TIMESTAMP_INITRD])) {
3245
3246 /* The initrd case on bare-metal*/
3247 kernel_usec = m->timestamps[MANAGER_TIMESTAMP_INITRD].monotonic - m->timestamps[MANAGER_TIMESTAMP_KERNEL].monotonic;
3248 initrd_usec = m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic - m->timestamps[MANAGER_TIMESTAMP_INITRD].monotonic;
3249
3250 log_struct(LOG_INFO,
3251 "MESSAGE_ID=" SD_MESSAGE_STARTUP_FINISHED_STR,
3252 "KERNEL_USEC="USEC_FMT, kernel_usec,
3253 "INITRD_USEC="USEC_FMT, initrd_usec,
3254 "USERSPACE_USEC="USEC_FMT, userspace_usec,
3255 LOG_MESSAGE("Startup finished in %s%s (kernel) + %s (initrd) + %s (userspace) = %s.",
3256 buf,
3257 format_timespan(kernel, sizeof(kernel), kernel_usec, USEC_PER_MSEC),
3258 format_timespan(initrd, sizeof(initrd), initrd_usec, USEC_PER_MSEC),
3259 format_timespan(userspace, sizeof(userspace), userspace_usec, USEC_PER_MSEC),
3260 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC)),
3261 NULL);
3262 } else {
3263 /* The initrd-less case on bare-metal*/
3264
3265 kernel_usec = m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic - m->timestamps[MANAGER_TIMESTAMP_KERNEL].monotonic;
3266 initrd_usec = 0;
3267
3268 log_struct(LOG_INFO,
3269 "MESSAGE_ID=" SD_MESSAGE_STARTUP_FINISHED_STR,
3270 "KERNEL_USEC="USEC_FMT, kernel_usec,
3271 "USERSPACE_USEC="USEC_FMT, userspace_usec,
3272 LOG_MESSAGE("Startup finished in %s%s (kernel) + %s (userspace) = %s.",
3273 buf,
3274 format_timespan(kernel, sizeof(kernel), kernel_usec, USEC_PER_MSEC),
3275 format_timespan(userspace, sizeof(userspace), userspace_usec, USEC_PER_MSEC),
3276 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC)),
3277 NULL);
3278 }
3279 } else {
3280 /* The container and --user case */
3281 firmware_usec = loader_usec = initrd_usec = kernel_usec = 0;
3282 total_usec = userspace_usec = m->timestamps[MANAGER_TIMESTAMP_FINISH].monotonic - m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic;
3283
3284 log_struct(LOG_INFO,
3285 "MESSAGE_ID=" SD_MESSAGE_USER_STARTUP_FINISHED_STR,
3286 "USERSPACE_USEC="USEC_FMT, userspace_usec,
3287 LOG_MESSAGE("Startup finished in %s.",
3288 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC)),
3289 NULL);
3290 }
3291
3292 bus_manager_send_finished(m, firmware_usec, loader_usec, kernel_usec, initrd_usec, userspace_usec, total_usec);
3293
3294 sd_notifyf(false,
3295 m->ready_sent ? "STATUS=Startup finished in %s."
3296 : "READY=1\n"
3297 "STATUS=Startup finished in %s.",
3298 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC));
3299 m->ready_sent = true;
3300
3301 log_taint_string(m);
3302 }
3303
3304 static void manager_send_ready(Manager *m) {
3305 assert(m);
3306
3307 /* We send READY=1 on reaching basic.target only when running in --user mode. */
3308 if (!MANAGER_IS_USER(m) || m->ready_sent)
3309 return;
3310
3311 m->ready_sent = true;
3312
3313 sd_notifyf(false,
3314 "READY=1\n"
3315 "STATUS=Reached " SPECIAL_BASIC_TARGET ".");
3316 }
3317
3318 static void manager_check_basic_target(Manager *m) {
3319 Unit *u;
3320
3321 assert(m);
3322
3323 /* Small shortcut */
3324 if (m->ready_sent && m->taint_logged)
3325 return;
3326
3327 u = manager_get_unit(m, SPECIAL_BASIC_TARGET);
3328 if (!u || !UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
3329 return;
3330
3331 /* For user managers, send out READY=1 as soon as we reach basic.target */
3332 manager_send_ready(m);
3333
3334 /* Log the taint string as soon as we reach basic.target */
3335 log_taint_string(m);
3336 }
3337
3338 void manager_check_finished(Manager *m) {
3339 assert(m);
3340
3341 if (MANAGER_IS_RELOADING(m))
3342 return;
3343
3344 /* Verify that we have entered the event loop already, and not left it again. */
3345 if (!MANAGER_IS_RUNNING(m))
3346 return;
3347
3348 manager_check_basic_target(m);
3349
3350 if (hashmap_size(m->jobs) > 0) {
3351 if (m->jobs_in_progress_event_source)
3352 /* Ignore any failure, this is only for feedback */
3353 (void) sd_event_source_set_time(m->jobs_in_progress_event_source, now(CLOCK_MONOTONIC) + JOBS_IN_PROGRESS_WAIT_USEC);
3354
3355 return;
3356 }
3357
3358 manager_flip_auto_status(m, false);
3359
3360 /* Notify Type=idle units that we are done now */
3361 manager_close_idle_pipe(m);
3362
3363 /* Turn off confirm spawn now */
3364 m->confirm_spawn = NULL;
3365
3366 /* No need to update ask password status when we're going non-interactive */
3367 manager_close_ask_password(m);
3368
3369 /* This is no longer the first boot */
3370 manager_set_first_boot(m, false);
3371
3372 if (MANAGER_IS_FINISHED(m))
3373 return;
3374
3375 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_FINISH);
3376
3377 manager_notify_finished(m);
3378
3379 manager_invalidate_startup_units(m);
3380 }
3381
3382 static bool generator_path_any(const char* const* paths) {
3383 char **path;
3384 bool found = false;
3385
3386 /* Optimize by skipping the whole process by not creating output directories
3387 * if no generators are found. */
3388 STRV_FOREACH(path, (char**) paths)
3389 if (access(*path, F_OK) == 0)
3390 found = true;
3391 else if (errno != ENOENT)
3392 log_warning_errno(errno, "Failed to open generator directory %s: %m", *path);
3393
3394 return found;
3395 }
3396
3397 static const char* system_env_generator_binary_paths[] = {
3398 "/run/systemd/system-environment-generators",
3399 "/etc/systemd/system-environment-generators",
3400 "/usr/local/lib/systemd/system-environment-generators",
3401 SYSTEM_ENV_GENERATOR_PATH,
3402 NULL
3403 };
3404
3405 static const char* user_env_generator_binary_paths[] = {
3406 "/run/systemd/user-environment-generators",
3407 "/etc/systemd/user-environment-generators",
3408 "/usr/local/lib/systemd/user-environment-generators",
3409 USER_ENV_GENERATOR_PATH,
3410 NULL
3411 };
3412
3413 static int manager_run_environment_generators(Manager *m) {
3414 char **tmp = NULL; /* this is only used in the forked process, no cleanup here */
3415 const char **paths;
3416 void* args[] = {&tmp, &tmp, &m->environment};
3417
3418 if (m->test_run_flags && !(m->test_run_flags & MANAGER_TEST_RUN_ENV_GENERATORS))
3419 return 0;
3420
3421 paths = MANAGER_IS_SYSTEM(m) ? system_env_generator_binary_paths : user_env_generator_binary_paths;
3422
3423 if (!generator_path_any(paths))
3424 return 0;
3425
3426 return execute_directories(paths, DEFAULT_TIMEOUT_USEC, gather_environment, args, NULL);
3427 }
3428
3429 static int manager_run_generators(Manager *m) {
3430 _cleanup_strv_free_ char **paths = NULL;
3431 const char *argv[5];
3432 int r;
3433
3434 assert(m);
3435
3436 if (m->test_run_flags && !(m->test_run_flags & MANAGER_TEST_RUN_GENERATORS))
3437 return 0;
3438
3439 paths = generator_binary_paths(m->unit_file_scope);
3440 if (!paths)
3441 return log_oom();
3442
3443 if (!generator_path_any((const char* const*) paths))
3444 return 0;
3445
3446 r = lookup_paths_mkdir_generator(&m->lookup_paths);
3447 if (r < 0)
3448 goto finish;
3449
3450 argv[0] = NULL; /* Leave this empty, execute_directory() will fill something in */
3451 argv[1] = m->lookup_paths.generator;
3452 argv[2] = m->lookup_paths.generator_early;
3453 argv[3] = m->lookup_paths.generator_late;
3454 argv[4] = NULL;
3455
3456 RUN_WITH_UMASK(0022)
3457 execute_directories((const char* const*) paths, DEFAULT_TIMEOUT_USEC,
3458 NULL, NULL, (char**) argv);
3459
3460 finish:
3461 lookup_paths_trim_generator(&m->lookup_paths);
3462 return r;
3463 }
3464
3465 int manager_environment_add(Manager *m, char **minus, char **plus) {
3466 char **a = NULL, **b = NULL, **l;
3467 assert(m);
3468
3469 l = m->environment;
3470
3471 if (!strv_isempty(minus)) {
3472 a = strv_env_delete(l, 1, minus);
3473 if (!a)
3474 return -ENOMEM;
3475
3476 l = a;
3477 }
3478
3479 if (!strv_isempty(plus)) {
3480 b = strv_env_merge(2, l, plus);
3481 if (!b) {
3482 strv_free(a);
3483 return -ENOMEM;
3484 }
3485
3486 l = b;
3487 }
3488
3489 if (m->environment != l)
3490 strv_free(m->environment);
3491 if (a != l)
3492 strv_free(a);
3493 if (b != l)
3494 strv_free(b);
3495
3496 m->environment = l;
3497 manager_sanitize_environment(m);
3498
3499 return 0;
3500 }
3501
3502 int manager_set_default_rlimits(Manager *m, struct rlimit **default_rlimit) {
3503 int i;
3504
3505 assert(m);
3506
3507 for (i = 0; i < _RLIMIT_MAX; i++) {
3508 m->rlimit[i] = mfree(m->rlimit[i]);
3509
3510 if (!default_rlimit[i])
3511 continue;
3512
3513 m->rlimit[i] = newdup(struct rlimit, default_rlimit[i], 1);
3514 if (!m->rlimit[i])
3515 return log_oom();
3516 }
3517
3518 return 0;
3519 }
3520
3521 static bool manager_journal_is_running(Manager *m) {
3522 Unit *u;
3523
3524 assert(m);
3525
3526 /* If we are the user manager we can safely assume that the journal is up */
3527 if (!MANAGER_IS_SYSTEM(m))
3528 return true;
3529
3530 /* Check that the socket is not only up, but in RUNNING state */
3531 u = manager_get_unit(m, SPECIAL_JOURNALD_SOCKET);
3532 if (!u)
3533 return false;
3534 if (SOCKET(u)->state != SOCKET_RUNNING)
3535 return false;
3536
3537 /* Similar, check if the daemon itself is fully up, too */
3538 u = manager_get_unit(m, SPECIAL_JOURNALD_SERVICE);
3539 if (!u)
3540 return false;
3541 if (SERVICE(u)->state != SERVICE_RUNNING)
3542 return false;
3543
3544 return true;
3545 }
3546
3547 void manager_recheck_journal(Manager *m) {
3548
3549 assert(m);
3550
3551 /* Don't bother with this unless we are in the special situation of being PID 1 */
3552 if (getpid_cached() != 1)
3553 return;
3554
3555 if (manager_journal_is_running(m)) {
3556
3557 /* The journal is fully and entirely up? If so, let's permit logging to it, if that's configured. */
3558 log_set_prohibit_ipc(false);
3559 } else {
3560
3561 /* If the journal is down, don't ever log to it, otherwise we might end up deadlocking ourselves as we
3562 * might trigger an activation ourselves we can't fulfill */
3563 log_set_prohibit_ipc(true);
3564 }
3565 log_open();
3566 }
3567
3568 void manager_set_show_status(Manager *m, ShowStatus mode) {
3569 assert(m);
3570 assert(IN_SET(mode, SHOW_STATUS_AUTO, SHOW_STATUS_NO, SHOW_STATUS_YES, SHOW_STATUS_TEMPORARY));
3571
3572 if (!MANAGER_IS_SYSTEM(m))
3573 return;
3574
3575 if (m->show_status != mode)
3576 log_debug("%s showing of status.",
3577 mode == SHOW_STATUS_NO ? "Disabling" : "Enabling");
3578 m->show_status = mode;
3579
3580 if (mode > 0)
3581 (void) touch("/run/systemd/show-status");
3582 else
3583 (void) unlink("/run/systemd/show-status");
3584 }
3585
3586 static bool manager_get_show_status(Manager *m, StatusType type) {
3587 assert(m);
3588
3589 if (!MANAGER_IS_SYSTEM(m))
3590 return false;
3591
3592 if (m->no_console_output)
3593 return false;
3594
3595 if (!IN_SET(manager_state(m), MANAGER_INITIALIZING, MANAGER_STARTING, MANAGER_STOPPING))
3596 return false;
3597
3598 /* If we cannot find out the status properly, just proceed. */
3599 if (type != STATUS_TYPE_EMERGENCY && manager_check_ask_password(m) > 0)
3600 return false;
3601
3602 return m->show_status > 0;
3603 }
3604
3605 const char *manager_get_confirm_spawn(Manager *m) {
3606 static int last_errno = 0;
3607 const char *vc = m->confirm_spawn;
3608 struct stat st;
3609 int r;
3610
3611 /* Here's the deal: we want to test the validity of the console but don't want
3612 * PID1 to go through the whole console process which might block. But we also
3613 * want to warn the user only once if something is wrong with the console so we
3614 * cannot do the sanity checks after spawning our children. So here we simply do
3615 * really basic tests to hopefully trap common errors.
3616 *
3617 * If the console suddenly disappear at the time our children will really it
3618 * then they will simply fail to acquire it and a positive answer will be
3619 * assumed. New children will fallback to /dev/console though.
3620 *
3621 * Note: TTYs are devices that can come and go any time, and frequently aren't
3622 * available yet during early boot (consider a USB rs232 dongle...). If for any
3623 * reason the configured console is not ready, we fallback to the default
3624 * console. */
3625
3626 if (!vc || path_equal(vc, "/dev/console"))
3627 return vc;
3628
3629 r = stat(vc, &st);
3630 if (r < 0)
3631 goto fail;
3632
3633 if (!S_ISCHR(st.st_mode)) {
3634 errno = ENOTTY;
3635 goto fail;
3636 }
3637
3638 last_errno = 0;
3639 return vc;
3640 fail:
3641 if (last_errno != errno) {
3642 last_errno = errno;
3643 log_warning_errno(errno, "Failed to open %s: %m, using default console", vc);
3644 }
3645 return "/dev/console";
3646 }
3647
3648 void manager_set_first_boot(Manager *m, bool b) {
3649 assert(m);
3650
3651 if (!MANAGER_IS_SYSTEM(m))
3652 return;
3653
3654 if (m->first_boot != (int) b) {
3655 if (b)
3656 (void) touch("/run/systemd/first-boot");
3657 else
3658 (void) unlink("/run/systemd/first-boot");
3659 }
3660
3661 m->first_boot = b;
3662 }
3663
3664 void manager_disable_confirm_spawn(void) {
3665 (void) touch("/run/systemd/confirm_spawn_disabled");
3666 }
3667
3668 bool manager_is_confirm_spawn_disabled(Manager *m) {
3669 if (!m->confirm_spawn)
3670 return true;
3671
3672 return access("/run/systemd/confirm_spawn_disabled", F_OK) >= 0;
3673 }
3674
3675 void manager_status_printf(Manager *m, StatusType type, const char *status, const char *format, ...) {
3676 va_list ap;
3677
3678 /* If m is NULL, assume we're after shutdown and let the messages through. */
3679
3680 if (m && !manager_get_show_status(m, type))
3681 return;
3682
3683 /* XXX We should totally drop the check for ephemeral here
3684 * and thus effectively make 'Type=idle' pointless. */
3685 if (type == STATUS_TYPE_EPHEMERAL && m && m->n_on_console > 0)
3686 return;
3687
3688 va_start(ap, format);
3689 status_vprintf(status, true, type == STATUS_TYPE_EPHEMERAL, format, ap);
3690 va_end(ap);
3691 }
3692
3693 Set *manager_get_units_requiring_mounts_for(Manager *m, const char *path) {
3694 char p[strlen(path)+1];
3695
3696 assert(m);
3697 assert(path);
3698
3699 strcpy(p, path);
3700 path_kill_slashes(p);
3701
3702 return hashmap_get(m->units_requiring_mounts_for, streq(p, "/") ? "" : p);
3703 }
3704
3705 void manager_set_exec_params(Manager *m, ExecParameters *p) {
3706 assert(m);
3707 assert(p);
3708
3709 p->environment = m->environment;
3710 p->confirm_spawn = manager_get_confirm_spawn(m);
3711 p->cgroup_supported = m->cgroup_supported;
3712 p->prefix = m->prefix;
3713
3714 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(m));
3715 }
3716
3717 int manager_update_failed_units(Manager *m, Unit *u, bool failed) {
3718 unsigned size;
3719 int r;
3720
3721 assert(m);
3722 assert(u->manager == m);
3723
3724 size = set_size(m->failed_units);
3725
3726 if (failed) {
3727 r = set_ensure_allocated(&m->failed_units, NULL);
3728 if (r < 0)
3729 return log_oom();
3730
3731 if (set_put(m->failed_units, u) < 0)
3732 return log_oom();
3733 } else
3734 (void) set_remove(m->failed_units, u);
3735
3736 if (set_size(m->failed_units) != size)
3737 bus_manager_send_change_signal(m);
3738
3739 return 0;
3740 }
3741
3742 ManagerState manager_state(Manager *m) {
3743 Unit *u;
3744
3745 assert(m);
3746
3747 /* Did we ever finish booting? If not then we are still starting up */
3748 if (!MANAGER_IS_FINISHED(m)) {
3749
3750 u = manager_get_unit(m, SPECIAL_BASIC_TARGET);
3751 if (!u || !UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
3752 return MANAGER_INITIALIZING;
3753
3754 return MANAGER_STARTING;
3755 }
3756
3757 /* Is the special shutdown target active or queued? If so, we are in shutdown state */
3758 u = manager_get_unit(m, SPECIAL_SHUTDOWN_TARGET);
3759 if (u && unit_active_or_pending(u))
3760 return MANAGER_STOPPING;
3761
3762 if (MANAGER_IS_SYSTEM(m)) {
3763 /* Are the rescue or emergency targets active or queued? If so we are in maintenance state */
3764 u = manager_get_unit(m, SPECIAL_RESCUE_TARGET);
3765 if (u && unit_active_or_pending(u))
3766 return MANAGER_MAINTENANCE;
3767
3768 u = manager_get_unit(m, SPECIAL_EMERGENCY_TARGET);
3769 if (u && unit_active_or_pending(u))
3770 return MANAGER_MAINTENANCE;
3771 }
3772
3773 /* Are there any failed units? If so, we are in degraded mode */
3774 if (set_size(m->failed_units) > 0)
3775 return MANAGER_DEGRADED;
3776
3777 return MANAGER_RUNNING;
3778 }
3779
3780 #define DESTROY_IPC_FLAG (UINT32_C(1) << 31)
3781
3782 static void manager_unref_uid_internal(
3783 Manager *m,
3784 Hashmap **uid_refs,
3785 uid_t uid,
3786 bool destroy_now,
3787 int (*_clean_ipc)(uid_t uid)) {
3788
3789 uint32_t c, n;
3790
3791 assert(m);
3792 assert(uid_refs);
3793 assert(uid_is_valid(uid));
3794 assert(_clean_ipc);
3795
3796 /* A generic implementation, covering both manager_unref_uid() and manager_unref_gid(), under the assumption
3797 * that uid_t and gid_t are actually defined the same way, with the same validity rules.
3798 *
3799 * We store a hashmap where the UID/GID is they key and the value is a 32bit reference counter, whose highest
3800 * bit is used as flag for marking UIDs/GIDs whose IPC objects to remove when the last reference to the UID/GID
3801 * is dropped. The flag is set to on, once at least one reference from a unit where RemoveIPC= is set is added
3802 * on a UID/GID. It is reset when the UID's/GID's reference counter drops to 0 again. */
3803
3804 assert_cc(sizeof(uid_t) == sizeof(gid_t));
3805 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
3806
3807 if (uid == 0) /* We don't keep track of root, and will never destroy it */
3808 return;
3809
3810 c = PTR_TO_UINT32(hashmap_get(*uid_refs, UID_TO_PTR(uid)));
3811
3812 n = c & ~DESTROY_IPC_FLAG;
3813 assert(n > 0);
3814 n--;
3815
3816 if (destroy_now && n == 0) {
3817 hashmap_remove(*uid_refs, UID_TO_PTR(uid));
3818
3819 if (c & DESTROY_IPC_FLAG) {
3820 log_debug("%s " UID_FMT " is no longer referenced, cleaning up its IPC.",
3821 _clean_ipc == clean_ipc_by_uid ? "UID" : "GID",
3822 uid);
3823 (void) _clean_ipc(uid);
3824 }
3825 } else {
3826 c = n | (c & DESTROY_IPC_FLAG);
3827 assert_se(hashmap_update(*uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c)) >= 0);
3828 }
3829 }
3830
3831 void manager_unref_uid(Manager *m, uid_t uid, bool destroy_now) {
3832 manager_unref_uid_internal(m, &m->uid_refs, uid, destroy_now, clean_ipc_by_uid);
3833 }
3834
3835 void manager_unref_gid(Manager *m, gid_t gid, bool destroy_now) {
3836 manager_unref_uid_internal(m, &m->gid_refs, (uid_t) gid, destroy_now, clean_ipc_by_gid);
3837 }
3838
3839 static int manager_ref_uid_internal(
3840 Manager *m,
3841 Hashmap **uid_refs,
3842 uid_t uid,
3843 bool clean_ipc) {
3844
3845 uint32_t c, n;
3846 int r;
3847
3848 assert(m);
3849 assert(uid_refs);
3850 assert(uid_is_valid(uid));
3851
3852 /* A generic implementation, covering both manager_ref_uid() and manager_ref_gid(), under the assumption
3853 * that uid_t and gid_t are actually defined the same way, with the same validity rules. */
3854
3855 assert_cc(sizeof(uid_t) == sizeof(gid_t));
3856 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
3857
3858 if (uid == 0) /* We don't keep track of root, and will never destroy it */
3859 return 0;
3860
3861 r = hashmap_ensure_allocated(uid_refs, &trivial_hash_ops);
3862 if (r < 0)
3863 return r;
3864
3865 c = PTR_TO_UINT32(hashmap_get(*uid_refs, UID_TO_PTR(uid)));
3866
3867 n = c & ~DESTROY_IPC_FLAG;
3868 n++;
3869
3870 if (n & DESTROY_IPC_FLAG) /* check for overflow */
3871 return -EOVERFLOW;
3872
3873 c = n | (c & DESTROY_IPC_FLAG) | (clean_ipc ? DESTROY_IPC_FLAG : 0);
3874
3875 return hashmap_replace(*uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c));
3876 }
3877
3878 int manager_ref_uid(Manager *m, uid_t uid, bool clean_ipc) {
3879 return manager_ref_uid_internal(m, &m->uid_refs, uid, clean_ipc);
3880 }
3881
3882 int manager_ref_gid(Manager *m, gid_t gid, bool clean_ipc) {
3883 return manager_ref_uid_internal(m, &m->gid_refs, (uid_t) gid, clean_ipc);
3884 }
3885
3886 static void manager_vacuum_uid_refs_internal(
3887 Manager *m,
3888 Hashmap **uid_refs,
3889 int (*_clean_ipc)(uid_t uid)) {
3890
3891 Iterator i;
3892 void *p, *k;
3893
3894 assert(m);
3895 assert(uid_refs);
3896 assert(_clean_ipc);
3897
3898 HASHMAP_FOREACH_KEY(p, k, *uid_refs, i) {
3899 uint32_t c, n;
3900 uid_t uid;
3901
3902 uid = PTR_TO_UID(k);
3903 c = PTR_TO_UINT32(p);
3904
3905 n = c & ~DESTROY_IPC_FLAG;
3906 if (n > 0)
3907 continue;
3908
3909 if (c & DESTROY_IPC_FLAG) {
3910 log_debug("Found unreferenced %s " UID_FMT " after reload/reexec. Cleaning up.",
3911 _clean_ipc == clean_ipc_by_uid ? "UID" : "GID",
3912 uid);
3913 (void) _clean_ipc(uid);
3914 }
3915
3916 assert_se(hashmap_remove(*uid_refs, k) == p);
3917 }
3918 }
3919
3920 void manager_vacuum_uid_refs(Manager *m) {
3921 manager_vacuum_uid_refs_internal(m, &m->uid_refs, clean_ipc_by_uid);
3922 }
3923
3924 void manager_vacuum_gid_refs(Manager *m) {
3925 manager_vacuum_uid_refs_internal(m, &m->gid_refs, clean_ipc_by_gid);
3926 }
3927
3928 static void manager_serialize_uid_refs_internal(
3929 Manager *m,
3930 FILE *f,
3931 Hashmap **uid_refs,
3932 const char *field_name) {
3933
3934 Iterator i;
3935 void *p, *k;
3936
3937 assert(m);
3938 assert(f);
3939 assert(uid_refs);
3940 assert(field_name);
3941
3942 /* Serialize the UID reference table. Or actually, just the IPC destruction flag of it, as the actual counter
3943 * of it is better rebuild after a reload/reexec. */
3944
3945 HASHMAP_FOREACH_KEY(p, k, *uid_refs, i) {
3946 uint32_t c;
3947 uid_t uid;
3948
3949 uid = PTR_TO_UID(k);
3950 c = PTR_TO_UINT32(p);
3951
3952 if (!(c & DESTROY_IPC_FLAG))
3953 continue;
3954
3955 fprintf(f, "%s=" UID_FMT "\n", field_name, uid);
3956 }
3957 }
3958
3959 void manager_serialize_uid_refs(Manager *m, FILE *f) {
3960 manager_serialize_uid_refs_internal(m, f, &m->uid_refs, "destroy-ipc-uid");
3961 }
3962
3963 void manager_serialize_gid_refs(Manager *m, FILE *f) {
3964 manager_serialize_uid_refs_internal(m, f, &m->gid_refs, "destroy-ipc-gid");
3965 }
3966
3967 static void manager_deserialize_uid_refs_one_internal(
3968 Manager *m,
3969 Hashmap** uid_refs,
3970 const char *value) {
3971
3972 uid_t uid;
3973 uint32_t c;
3974 int r;
3975
3976 assert(m);
3977 assert(uid_refs);
3978 assert(value);
3979
3980 r = parse_uid(value, &uid);
3981 if (r < 0 || uid == 0) {
3982 log_debug("Unable to parse UID reference serialization");
3983 return;
3984 }
3985
3986 r = hashmap_ensure_allocated(uid_refs, &trivial_hash_ops);
3987 if (r < 0) {
3988 log_oom();
3989 return;
3990 }
3991
3992 c = PTR_TO_UINT32(hashmap_get(*uid_refs, UID_TO_PTR(uid)));
3993 if (c & DESTROY_IPC_FLAG)
3994 return;
3995
3996 c |= DESTROY_IPC_FLAG;
3997
3998 r = hashmap_replace(*uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c));
3999 if (r < 0) {
4000 log_debug("Failed to add UID reference entry");
4001 return;
4002 }
4003 }
4004
4005 void manager_deserialize_uid_refs_one(Manager *m, const char *value) {
4006 manager_deserialize_uid_refs_one_internal(m, &m->uid_refs, value);
4007 }
4008
4009 void manager_deserialize_gid_refs_one(Manager *m, const char *value) {
4010 manager_deserialize_uid_refs_one_internal(m, &m->gid_refs, value);
4011 }
4012
4013 int manager_dispatch_user_lookup_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
4014 struct buffer {
4015 uid_t uid;
4016 gid_t gid;
4017 char unit_name[UNIT_NAME_MAX+1];
4018 } _packed_ buffer;
4019
4020 Manager *m = userdata;
4021 ssize_t l;
4022 size_t n;
4023 Unit *u;
4024
4025 assert_se(source);
4026 assert_se(m);
4027
4028 /* Invoked whenever a child process succeeded resolving its user/group to use and sent us the resulting UID/GID
4029 * in a datagram. We parse the datagram here and pass it off to the unit, so that it can add a reference to the
4030 * UID/GID so that it can destroy the UID/GID's IPC objects when the reference counter drops to 0. */
4031
4032 l = recv(fd, &buffer, sizeof(buffer), MSG_DONTWAIT);
4033 if (l < 0) {
4034 if (IN_SET(errno, EINTR, EAGAIN))
4035 return 0;
4036
4037 return log_error_errno(errno, "Failed to read from user lookup fd: %m");
4038 }
4039
4040 if ((size_t) l <= offsetof(struct buffer, unit_name)) {
4041 log_warning("Received too short user lookup message, ignoring.");
4042 return 0;
4043 }
4044
4045 if ((size_t) l > offsetof(struct buffer, unit_name) + UNIT_NAME_MAX) {
4046 log_warning("Received too long user lookup message, ignoring.");
4047 return 0;
4048 }
4049
4050 if (!uid_is_valid(buffer.uid) && !gid_is_valid(buffer.gid)) {
4051 log_warning("Got user lookup message with invalid UID/GID pair, ignoring.");
4052 return 0;
4053 }
4054
4055 n = (size_t) l - offsetof(struct buffer, unit_name);
4056 if (memchr(buffer.unit_name, 0, n)) {
4057 log_warning("Received lookup message with embedded NUL character, ignoring.");
4058 return 0;
4059 }
4060
4061 buffer.unit_name[n] = 0;
4062 u = manager_get_unit(m, buffer.unit_name);
4063 if (!u) {
4064 log_debug("Got user lookup message but unit doesn't exist, ignoring.");
4065 return 0;
4066 }
4067
4068 log_unit_debug(u, "User lookup succeeded: uid=" UID_FMT " gid=" GID_FMT, buffer.uid, buffer.gid);
4069
4070 unit_notify_user_lookup(u, buffer.uid, buffer.gid);
4071 return 0;
4072 }
4073
4074 char *manager_taint_string(Manager *m) {
4075 _cleanup_free_ char *destination = NULL, *overflowuid = NULL, *overflowgid = NULL;
4076 char *buf, *e;
4077 int r;
4078
4079 /* Returns a "taint string", e.g. "local-hwclock:var-run-bad".
4080 * Only things that are detected at runtime should be tagged
4081 * here. For stuff that is set during compilation, emit a warning
4082 * in the configuration phase. */
4083
4084 assert(m);
4085
4086 buf = new(char, sizeof("split-usr:"
4087 "cgroups-missing:"
4088 "local-hwclock:"
4089 "var-run-bad:"
4090 "overflowuid-not-65534:"
4091 "overflowgid-not-65534:"));
4092 if (!buf)
4093 return NULL;
4094
4095 e = buf;
4096 buf[0] = 0;
4097
4098 if (m->taint_usr)
4099 e = stpcpy(e, "split-usr:");
4100
4101 if (access("/proc/cgroups", F_OK) < 0)
4102 e = stpcpy(e, "cgroups-missing:");
4103
4104 if (clock_is_localtime(NULL) > 0)
4105 e = stpcpy(e, "local-hwclock:");
4106
4107 r = readlink_malloc("/var/run", &destination);
4108 if (r < 0 || !PATH_IN_SET(destination, "../run", "/run"))
4109 e = stpcpy(e, "var-run-bad:");
4110
4111 r = read_one_line_file("/proc/sys/kernel/overflowuid", &overflowuid);
4112 if (r >= 0 && !streq(overflowuid, "65534"))
4113 e = stpcpy(e, "overflowuid-not-65534:");
4114
4115 r = read_one_line_file("/proc/sys/kernel/overflowgid", &overflowgid);
4116 if (r >= 0 && !streq(overflowgid, "65534"))
4117 e = stpcpy(e, "overflowgid-not-65534:");
4118
4119 /* remove the last ':' */
4120 if (e != buf)
4121 e[-1] = 0;
4122
4123 return buf;
4124 }
4125
4126 void manager_ref_console(Manager *m) {
4127 assert(m);
4128
4129 m->n_on_console++;
4130 }
4131
4132 void manager_unref_console(Manager *m) {
4133
4134 assert(m->n_on_console > 0);
4135 m->n_on_console--;
4136
4137 if (m->n_on_console == 0)
4138 m->no_console_output = false; /* unset no_console_output flag, since the console is definitely free now */
4139 }
4140
4141 static const char *const manager_state_table[_MANAGER_STATE_MAX] = {
4142 [MANAGER_INITIALIZING] = "initializing",
4143 [MANAGER_STARTING] = "starting",
4144 [MANAGER_RUNNING] = "running",
4145 [MANAGER_DEGRADED] = "degraded",
4146 [MANAGER_MAINTENANCE] = "maintenance",
4147 [MANAGER_STOPPING] = "stopping",
4148 };
4149
4150 DEFINE_STRING_TABLE_LOOKUP(manager_state, ManagerState);
4151
4152 static const char *const manager_timestamp_table[_MANAGER_TIMESTAMP_MAX] = {
4153 [MANAGER_TIMESTAMP_FIRMWARE] = "firmware",
4154 [MANAGER_TIMESTAMP_LOADER] = "loader",
4155 [MANAGER_TIMESTAMP_KERNEL] = "kernel",
4156 [MANAGER_TIMESTAMP_INITRD] = "initrd",
4157 [MANAGER_TIMESTAMP_USERSPACE] = "userspace",
4158 [MANAGER_TIMESTAMP_FINISH] = "finish",
4159 [MANAGER_TIMESTAMP_SECURITY_START] = "security-start",
4160 [MANAGER_TIMESTAMP_SECURITY_FINISH] = "security-finish",
4161 [MANAGER_TIMESTAMP_GENERATORS_START] = "generators-start",
4162 [MANAGER_TIMESTAMP_GENERATORS_FINISH] = "generators-finish",
4163 [MANAGER_TIMESTAMP_UNITS_LOAD_START] = "units-load-start",
4164 [MANAGER_TIMESTAMP_UNITS_LOAD_FINISH] = "units-load-finish",
4165 };
4166
4167 DEFINE_STRING_TABLE_LOOKUP(manager_timestamp, ManagerTimestamp);
Unnamed repository; edit this file 'description' to name the repository.