]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/manager.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
rationalize interface for opening/closing logging
[thirdparty/systemd.git] / src / core / manager.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
11
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
16
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
19 ***/
20
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <linux/kd.h>
24 #include <signal.h>
25 #include <stdio_ext.h>
26 #include <string.h>
27 #include <sys/epoll.h>
28 #include <sys/inotify.h>
29 #include <sys/ioctl.h>
30 #include <sys/reboot.h>
31 #include <sys/timerfd.h>
32 #include <sys/wait.h>
33 #include <unistd.h>
34
35 #if HAVE_AUDIT
36 #include <libaudit.h>
37 #endif
38
39 #include "sd-daemon.h"
40 #include "sd-messages.h"
41 #include "sd-path.h"
42
43 #include "alloc-util.h"
44 #include "audit-fd.h"
45 #include "boot-timestamps.h"
46 #include "bus-common-errors.h"
47 #include "bus-error.h"
48 #include "bus-kernel.h"
49 #include "bus-util.h"
50 #include "clean-ipc.h"
51 #include "clock-util.h"
52 #include "dbus-job.h"
53 #include "dbus-manager.h"
54 #include "dbus-unit.h"
55 #include "dbus.h"
56 #include "dirent-util.h"
57 #include "env-util.h"
58 #include "escape.h"
59 #include "exec-util.h"
60 #include "execute.h"
61 #include "exit-status.h"
62 #include "fd-util.h"
63 #include "fileio.h"
64 #include "fs-util.h"
65 #include "hashmap.h"
66 #include "io-util.h"
67 #include "label.h"
68 #include "locale-setup.h"
69 #include "log.h"
70 #include "macro.h"
71 #include "manager.h"
72 #include "missing.h"
73 #include "mkdir.h"
74 #include "parse-util.h"
75 #include "path-lookup.h"
76 #include "path-util.h"
77 #include "process-util.h"
78 #include "ratelimit.h"
79 #include "rm-rf.h"
80 #include "signal-util.h"
81 #include "special.h"
82 #include "stat-util.h"
83 #include "string-table.h"
84 #include "string-util.h"
85 #include "strv.h"
86 #include "strxcpyx.h"
87 #include "terminal-util.h"
88 #include "time-util.h"
89 #include "transaction.h"
90 #include "umask-util.h"
91 #include "unit-name.h"
92 #include "user-util.h"
93 #include "util.h"
94 #include "virt.h"
95 #include "watchdog.h"
96
97 #define NOTIFY_RCVBUF_SIZE (8*1024*1024)
98 #define CGROUPS_AGENT_RCVBUF_SIZE (8*1024*1024)
99
100 /* Initial delay and the interval for printing status messages about running jobs */
101 #define JOBS_IN_PROGRESS_WAIT_USEC (5*USEC_PER_SEC)
102 #define JOBS_IN_PROGRESS_PERIOD_USEC (USEC_PER_SEC / 3)
103 #define JOBS_IN_PROGRESS_PERIOD_DIVISOR 3
104
105 static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
106 static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
107 static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
108 static int manager_dispatch_time_change_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
109 static int manager_dispatch_idle_pipe_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
110 static int manager_dispatch_user_lookup_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
111 static int manager_dispatch_jobs_in_progress(sd_event_source *source, usec_t usec, void *userdata);
112 static int manager_dispatch_run_queue(sd_event_source *source, void *userdata);
113 static int manager_dispatch_sigchld(sd_event_source *source, void *userdata);
114 static int manager_run_environment_generators(Manager *m);
115 static int manager_run_generators(Manager *m);
116
117 static void manager_watch_jobs_in_progress(Manager *m) {
118 usec_t next;
119 int r;
120
121 assert(m);
122
123 /* We do not want to show the cylon animation if the user
124 * needs to confirm service executions otherwise confirmation
125 * messages will be screwed by the cylon animation. */
126 if (!manager_is_confirm_spawn_disabled(m))
127 return;
128
129 if (m->jobs_in_progress_event_source)
130 return;
131
132 next = now(CLOCK_MONOTONIC) + JOBS_IN_PROGRESS_WAIT_USEC;
133 r = sd_event_add_time(
134 m->event,
135 &m->jobs_in_progress_event_source,
136 CLOCK_MONOTONIC,
137 next, 0,
138 manager_dispatch_jobs_in_progress, m);
139 if (r < 0)
140 return;
141
142 (void) sd_event_source_set_description(m->jobs_in_progress_event_source, "manager-jobs-in-progress");
143 }
144
145 #define CYLON_BUFFER_EXTRA (2*STRLEN(ANSI_RED) + STRLEN(ANSI_HIGHLIGHT_RED) + 2*STRLEN(ANSI_NORMAL))
146
147 static void draw_cylon(char buffer[], size_t buflen, unsigned width, unsigned pos) {
148 char *p = buffer;
149
150 assert(buflen >= CYLON_BUFFER_EXTRA + width + 1);
151 assert(pos <= width+1); /* 0 or width+1 mean that the center light is behind the corner */
152
153 if (pos > 1) {
154 if (pos > 2)
155 p = mempset(p, ' ', pos-2);
156 if (log_get_show_color())
157 p = stpcpy(p, ANSI_RED);
158 *p++ = '*';
159 }
160
161 if (pos > 0 && pos <= width) {
162 if (log_get_show_color())
163 p = stpcpy(p, ANSI_HIGHLIGHT_RED);
164 *p++ = '*';
165 }
166
167 if (log_get_show_color())
168 p = stpcpy(p, ANSI_NORMAL);
169
170 if (pos < width) {
171 if (log_get_show_color())
172 p = stpcpy(p, ANSI_RED);
173 *p++ = '*';
174 if (pos < width-1)
175 p = mempset(p, ' ', width-1-pos);
176 if (log_get_show_color())
177 strcpy(p, ANSI_NORMAL);
178 }
179 }
180
181 void manager_flip_auto_status(Manager *m, bool enable) {
182 assert(m);
183
184 if (enable) {
185 if (m->show_status == SHOW_STATUS_AUTO)
186 manager_set_show_status(m, SHOW_STATUS_TEMPORARY);
187 } else {
188 if (m->show_status == SHOW_STATUS_TEMPORARY)
189 manager_set_show_status(m, SHOW_STATUS_AUTO);
190 }
191 }
192
193 static void manager_print_jobs_in_progress(Manager *m) {
194 _cleanup_free_ char *job_of_n = NULL;
195 Iterator i;
196 Job *j;
197 unsigned counter = 0, print_nr;
198 char cylon[6 + CYLON_BUFFER_EXTRA + 1];
199 unsigned cylon_pos;
200 char time[FORMAT_TIMESPAN_MAX], limit[FORMAT_TIMESPAN_MAX] = "no limit";
201 uint64_t x;
202
203 assert(m);
204 assert(m->n_running_jobs > 0);
205
206 manager_flip_auto_status(m, true);
207
208 print_nr = (m->jobs_in_progress_iteration / JOBS_IN_PROGRESS_PERIOD_DIVISOR) % m->n_running_jobs;
209
210 HASHMAP_FOREACH(j, m->jobs, i)
211 if (j->state == JOB_RUNNING && counter++ == print_nr)
212 break;
213
214 /* m->n_running_jobs must be consistent with the contents of m->jobs,
215 * so the above loop must have succeeded in finding j. */
216 assert(counter == print_nr + 1);
217 assert(j);
218
219 cylon_pos = m->jobs_in_progress_iteration % 14;
220 if (cylon_pos >= 8)
221 cylon_pos = 14 - cylon_pos;
222 draw_cylon(cylon, sizeof(cylon), 6, cylon_pos);
223
224 m->jobs_in_progress_iteration++;
225
226 if (m->n_running_jobs > 1) {
227 if (asprintf(&job_of_n, "(%u of %u) ", counter, m->n_running_jobs) < 0)
228 job_of_n = NULL;
229 }
230
231 format_timespan(time, sizeof(time), now(CLOCK_MONOTONIC) - j->begin_usec, 1*USEC_PER_SEC);
232 if (job_get_timeout(j, &x) > 0)
233 format_timespan(limit, sizeof(limit), x - j->begin_usec, 1*USEC_PER_SEC);
234
235 manager_status_printf(m, STATUS_TYPE_EPHEMERAL, cylon,
236 "%sA %s job is running for %s (%s / %s)",
237 strempty(job_of_n),
238 job_type_to_string(j->type),
239 unit_description(j->unit),
240 time, limit);
241 }
242
243 static int have_ask_password(void) {
244 _cleanup_closedir_ DIR *dir;
245 struct dirent *de;
246
247 dir = opendir("/run/systemd/ask-password");
248 if (!dir) {
249 if (errno == ENOENT)
250 return false;
251 else
252 return -errno;
253 }
254
255 FOREACH_DIRENT_ALL(de, dir, return -errno) {
256 if (startswith(de->d_name, "ask."))
257 return true;
258 }
259 return false;
260 }
261
262 static int manager_dispatch_ask_password_fd(sd_event_source *source,
263 int fd, uint32_t revents, void *userdata) {
264 Manager *m = userdata;
265
266 assert(m);
267
268 (void) flush_fd(fd);
269
270 m->have_ask_password = have_ask_password();
271 if (m->have_ask_password < 0)
272 /* Log error but continue. Negative have_ask_password
273 * is treated as unknown status. */
274 log_error_errno(m->have_ask_password, "Failed to list /run/systemd/ask-password: %m");
275
276 return 0;
277 }
278
279 static void manager_close_ask_password(Manager *m) {
280 assert(m);
281
282 m->ask_password_event_source = sd_event_source_unref(m->ask_password_event_source);
283 m->ask_password_inotify_fd = safe_close(m->ask_password_inotify_fd);
284 m->have_ask_password = -EINVAL;
285 }
286
287 static int manager_check_ask_password(Manager *m) {
288 int r;
289
290 assert(m);
291
292 if (!m->ask_password_event_source) {
293 assert(m->ask_password_inotify_fd < 0);
294
295 mkdir_p_label("/run/systemd/ask-password", 0755);
296
297 m->ask_password_inotify_fd = inotify_init1(IN_NONBLOCK|IN_CLOEXEC);
298 if (m->ask_password_inotify_fd < 0)
299 return log_error_errno(errno, "inotify_init1() failed: %m");
300
301 if (inotify_add_watch(m->ask_password_inotify_fd, "/run/systemd/ask-password", IN_CREATE|IN_DELETE|IN_MOVE) < 0) {
302 log_error_errno(errno, "Failed to add watch on /run/systemd/ask-password: %m");
303 manager_close_ask_password(m);
304 return -errno;
305 }
306
307 r = sd_event_add_io(m->event, &m->ask_password_event_source,
308 m->ask_password_inotify_fd, EPOLLIN,
309 manager_dispatch_ask_password_fd, m);
310 if (r < 0) {
311 log_error_errno(errno, "Failed to add event source for /run/systemd/ask-password: %m");
312 manager_close_ask_password(m);
313 return -errno;
314 }
315
316 (void) sd_event_source_set_description(m->ask_password_event_source, "manager-ask-password");
317
318 /* Queries might have been added meanwhile... */
319 manager_dispatch_ask_password_fd(m->ask_password_event_source,
320 m->ask_password_inotify_fd, EPOLLIN, m);
321 }
322
323 return m->have_ask_password;
324 }
325
326 static int manager_watch_idle_pipe(Manager *m) {
327 int r;
328
329 assert(m);
330
331 if (m->idle_pipe_event_source)
332 return 0;
333
334 if (m->idle_pipe[2] < 0)
335 return 0;
336
337 r = sd_event_add_io(m->event, &m->idle_pipe_event_source, m->idle_pipe[2], EPOLLIN, manager_dispatch_idle_pipe_fd, m);
338 if (r < 0)
339 return log_error_errno(r, "Failed to watch idle pipe: %m");
340
341 (void) sd_event_source_set_description(m->idle_pipe_event_source, "manager-idle-pipe");
342
343 return 0;
344 }
345
346 static void manager_close_idle_pipe(Manager *m) {
347 assert(m);
348
349 m->idle_pipe_event_source = sd_event_source_unref(m->idle_pipe_event_source);
350
351 safe_close_pair(m->idle_pipe);
352 safe_close_pair(m->idle_pipe + 2);
353 }
354
355 static int manager_setup_time_change(Manager *m) {
356 int r;
357
358 /* We only care for the cancellation event, hence we set the
359 * timeout to the latest possible value. */
360 struct itimerspec its = {
361 .it_value.tv_sec = TIME_T_MAX,
362 };
363
364 assert(m);
365 assert_cc(sizeof(time_t) == sizeof(TIME_T_MAX));
366
367 if (m->test_run_flags)
368 return 0;
369
370 /* Uses TFD_TIMER_CANCEL_ON_SET to get notifications whenever
371 * CLOCK_REALTIME makes a jump relative to CLOCK_MONOTONIC */
372
373 m->time_change_fd = timerfd_create(CLOCK_REALTIME, TFD_NONBLOCK|TFD_CLOEXEC);
374 if (m->time_change_fd < 0)
375 return log_error_errno(errno, "Failed to create timerfd: %m");
376
377 if (timerfd_settime(m->time_change_fd, TFD_TIMER_ABSTIME|TFD_TIMER_CANCEL_ON_SET, &its, NULL) < 0) {
378 log_debug_errno(errno, "Failed to set up TFD_TIMER_CANCEL_ON_SET, ignoring: %m");
379 m->time_change_fd = safe_close(m->time_change_fd);
380 return 0;
381 }
382
383 r = sd_event_add_io(m->event, &m->time_change_event_source, m->time_change_fd, EPOLLIN, manager_dispatch_time_change_fd, m);
384 if (r < 0)
385 return log_error_errno(r, "Failed to create time change event source: %m");
386
387 (void) sd_event_source_set_description(m->time_change_event_source, "manager-time-change");
388
389 log_debug("Set up TFD_TIMER_CANCEL_ON_SET timerfd.");
390
391 return 0;
392 }
393
394 static int enable_special_signals(Manager *m) {
395 _cleanup_close_ int fd = -1;
396
397 assert(m);
398
399 if (m->test_run_flags)
400 return 0;
401
402 /* Enable that we get SIGINT on control-alt-del. In containers
403 * this will fail with EPERM (older) or EINVAL (newer), so
404 * ignore that. */
405 if (reboot(RB_DISABLE_CAD) < 0 && !IN_SET(errno, EPERM, EINVAL))
406 log_warning_errno(errno, "Failed to enable ctrl-alt-del handling: %m");
407
408 fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
409 if (fd < 0) {
410 /* Support systems without virtual console */
411 if (fd != -ENOENT)
412 log_warning_errno(errno, "Failed to open /dev/tty0: %m");
413 } else {
414 /* Enable that we get SIGWINCH on kbrequest */
415 if (ioctl(fd, KDSIGACCEPT, SIGWINCH) < 0)
416 log_warning_errno(errno, "Failed to enable kbrequest handling: %m");
417 }
418
419 return 0;
420 }
421
422 static int manager_setup_signals(Manager *m) {
423 struct sigaction sa = {
424 .sa_handler = SIG_DFL,
425 .sa_flags = SA_NOCLDSTOP|SA_RESTART,
426 };
427 sigset_t mask;
428 int r;
429
430 assert(m);
431
432 assert_se(sigaction(SIGCHLD, &sa, NULL) == 0);
433
434 /* We make liberal use of realtime signals here. On
435 * Linux/glibc we have 30 of them (with the exception of Linux
436 * on hppa, see below), between SIGRTMIN+0 ... SIGRTMIN+30
437 * (aka SIGRTMAX). */
438
439 assert_se(sigemptyset(&mask) == 0);
440 sigset_add_many(&mask,
441 SIGCHLD, /* Child died */
442 SIGTERM, /* Reexecute daemon */
443 SIGHUP, /* Reload configuration */
444 SIGUSR1, /* systemd/upstart: reconnect to D-Bus */
445 SIGUSR2, /* systemd: dump status */
446 SIGINT, /* Kernel sends us this on control-alt-del */
447 SIGWINCH, /* Kernel sends us this on kbrequest (alt-arrowup) */
448 SIGPWR, /* Some kernel drivers and upsd send us this on power failure */
449
450 SIGRTMIN+0, /* systemd: start default.target */
451 SIGRTMIN+1, /* systemd: isolate rescue.target */
452 SIGRTMIN+2, /* systemd: isolate emergency.target */
453 SIGRTMIN+3, /* systemd: start halt.target */
454 SIGRTMIN+4, /* systemd: start poweroff.target */
455 SIGRTMIN+5, /* systemd: start reboot.target */
456 SIGRTMIN+6, /* systemd: start kexec.target */
457
458 /* ... space for more special targets ... */
459
460 SIGRTMIN+13, /* systemd: Immediate halt */
461 SIGRTMIN+14, /* systemd: Immediate poweroff */
462 SIGRTMIN+15, /* systemd: Immediate reboot */
463 SIGRTMIN+16, /* systemd: Immediate kexec */
464
465 /* ... space for more immediate system state changes ... */
466
467 SIGRTMIN+20, /* systemd: enable status messages */
468 SIGRTMIN+21, /* systemd: disable status messages */
469 SIGRTMIN+22, /* systemd: set log level to LOG_DEBUG */
470 SIGRTMIN+23, /* systemd: set log level to LOG_INFO */
471 SIGRTMIN+24, /* systemd: Immediate exit (--user only) */
472
473 /* .. one free signal here ... */
474
475 #if !defined(__hppa64__) && !defined(__hppa__)
476 /* Apparently Linux on hppa has fewer RT
477 * signals (SIGRTMAX is SIGRTMIN+25 there),
478 * hence let's not try to make use of them
479 * here. Since these commands are accessible
480 * by different means and only really a safety
481 * net, the missing functionality on hppa
482 * shouldn't matter. */
483
484 SIGRTMIN+26, /* systemd: set log target to journal-or-kmsg */
485 SIGRTMIN+27, /* systemd: set log target to console */
486 SIGRTMIN+28, /* systemd: set log target to kmsg */
487 SIGRTMIN+29, /* systemd: set log target to syslog-or-kmsg (obsolete) */
488
489 /* ... one free signal here SIGRTMIN+30 ... */
490 #endif
491 -1);
492 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
493
494 m->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
495 if (m->signal_fd < 0)
496 return -errno;
497
498 r = sd_event_add_io(m->event, &m->signal_event_source, m->signal_fd, EPOLLIN, manager_dispatch_signal_fd, m);
499 if (r < 0)
500 return r;
501
502 (void) sd_event_source_set_description(m->signal_event_source, "manager-signal");
503
504 /* Process signals a bit earlier than the rest of things, but later than notify_fd processing, so that the
505 * notify processing can still figure out to which process/service a message belongs, before we reap the
506 * process. Also, process this before handling cgroup notifications, so that we always collect child exit
507 * status information before detecting that there's no process in a cgroup. */
508 r = sd_event_source_set_priority(m->signal_event_source, SD_EVENT_PRIORITY_NORMAL-6);
509 if (r < 0)
510 return r;
511
512 if (MANAGER_IS_SYSTEM(m))
513 return enable_special_signals(m);
514
515 return 0;
516 }
517
518 static void manager_sanitize_environment(Manager *m) {
519 assert(m);
520
521 /* Let's remove some environment variables that we need ourselves to communicate with our clients */
522 strv_env_unset_many(
523 m->environment,
524 "EXIT_CODE",
525 "EXIT_STATUS",
526 "INVOCATION_ID",
527 "JOURNAL_STREAM",
528 "LISTEN_FDNAMES",
529 "LISTEN_FDS",
530 "LISTEN_PID",
531 "MAINPID",
532 "MANAGERPID",
533 "NOTIFY_SOCKET",
534 "REMOTE_ADDR",
535 "REMOTE_PORT",
536 "SERVICE_RESULT",
537 "WATCHDOG_PID",
538 "WATCHDOG_USEC",
539 NULL);
540
541 /* Let's order the environment alphabetically, just to make it pretty */
542 strv_sort(m->environment);
543 }
544
545 static int manager_default_environment(Manager *m) {
546 assert(m);
547
548 if (MANAGER_IS_SYSTEM(m)) {
549 /* The system manager always starts with a clean
550 * environment for its children. It does not import
551 * the kernel's or the parents' exported variables.
552 *
553 * The initial passed environment is untouched to keep
554 * /proc/self/environ valid; it is used for tagging
555 * the init process inside containers. */
556 m->environment = strv_new("PATH=" DEFAULT_PATH,
557 NULL);
558
559 /* Import locale variables LC_*= from configuration */
560 locale_setup(&m->environment);
561 } else
562 /* The user manager passes its own environment
563 * along to its children. */
564 m->environment = strv_copy(environ);
565
566 if (!m->environment)
567 return -ENOMEM;
568
569 manager_sanitize_environment(m);
570
571 return 0;
572 }
573
574 static int manager_setup_prefix(Manager *m) {
575 struct table_entry {
576 uint64_t type;
577 const char *suffix;
578 };
579
580 static const struct table_entry paths_system[_EXEC_DIRECTORY_TYPE_MAX] = {
581 [EXEC_DIRECTORY_RUNTIME] = { SD_PATH_SYSTEM_RUNTIME, NULL },
582 [EXEC_DIRECTORY_STATE] = { SD_PATH_SYSTEM_STATE_PRIVATE, NULL },
583 [EXEC_DIRECTORY_CACHE] = { SD_PATH_SYSTEM_STATE_CACHE, NULL },
584 [EXEC_DIRECTORY_LOGS] = { SD_PATH_SYSTEM_STATE_LOGS, NULL },
585 [EXEC_DIRECTORY_CONFIGURATION] = { SD_PATH_SYSTEM_CONFIGURATION, NULL },
586 };
587
588 static const struct table_entry paths_user[_EXEC_DIRECTORY_TYPE_MAX] = {
589 [EXEC_DIRECTORY_RUNTIME] = { SD_PATH_USER_RUNTIME, NULL },
590 [EXEC_DIRECTORY_STATE] = { SD_PATH_USER_CONFIGURATION, NULL },
591 [EXEC_DIRECTORY_CACHE] = { SD_PATH_USER_STATE_CACHE, NULL },
592 [EXEC_DIRECTORY_LOGS] = { SD_PATH_USER_CONFIGURATION, "log" },
593 [EXEC_DIRECTORY_CONFIGURATION] = { SD_PATH_USER_CONFIGURATION, NULL },
594 };
595
596 const struct table_entry *p;
597 ExecDirectoryType i;
598 int r;
599
600 assert(m);
601
602 if (MANAGER_IS_SYSTEM(m))
603 p = paths_system;
604 else
605 p = paths_user;
606
607 for (i = 0; i < _EXEC_DIRECTORY_TYPE_MAX; i++) {
608 r = sd_path_home(p[i].type, p[i].suffix, &m->prefix[i]);
609 if (r < 0)
610 return r;
611 }
612
613 return 0;
614 }
615
616 static int manager_setup_run_queue(Manager *m) {
617 int r;
618
619 assert(m);
620 assert(!m->run_queue_event_source);
621
622 r = sd_event_add_defer(m->event, &m->run_queue_event_source, manager_dispatch_run_queue, m);
623 if (r < 0)
624 return r;
625
626 r = sd_event_source_set_priority(m->run_queue_event_source, SD_EVENT_PRIORITY_IDLE);
627 if (r < 0)
628 return r;
629
630 r = sd_event_source_set_enabled(m->run_queue_event_source, SD_EVENT_OFF);
631 if (r < 0)
632 return r;
633
634 (void) sd_event_source_set_description(m->run_queue_event_source, "manager-run-queue");
635
636 return 0;
637 }
638
639 static int manager_setup_sigchld_event_source(Manager *m) {
640 int r;
641
642 assert(m);
643 assert(!m->sigchld_event_source);
644
645 r = sd_event_add_defer(m->event, &m->sigchld_event_source, manager_dispatch_sigchld, m);
646 if (r < 0)
647 return r;
648
649 r = sd_event_source_set_priority(m->sigchld_event_source, SD_EVENT_PRIORITY_NORMAL-7);
650 if (r < 0)
651 return r;
652
653 r = sd_event_source_set_enabled(m->sigchld_event_source, SD_EVENT_OFF);
654 if (r < 0)
655 return r;
656
657 (void) sd_event_source_set_description(m->sigchld_event_source, "manager-sigchld");
658
659 return 0;
660 }
661
662 int manager_new(UnitFileScope scope, unsigned test_run_flags, Manager **_m) {
663 Manager *m;
664 int r;
665
666 assert(_m);
667 assert(IN_SET(scope, UNIT_FILE_SYSTEM, UNIT_FILE_USER));
668
669 m = new0(Manager, 1);
670 if (!m)
671 return -ENOMEM;
672
673 m->unit_file_scope = scope;
674 m->exit_code = _MANAGER_EXIT_CODE_INVALID;
675 m->default_timer_accuracy_usec = USEC_PER_MINUTE;
676 m->default_tasks_accounting = true;
677 m->default_tasks_max = UINT64_MAX;
678 m->default_timeout_start_usec = DEFAULT_TIMEOUT_USEC;
679 m->default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC;
680 m->default_restart_usec = DEFAULT_RESTART_USEC;
681
682 #if ENABLE_EFI
683 if (MANAGER_IS_SYSTEM(m) && detect_container() <= 0)
684 boot_timestamps(m->timestamps + MANAGER_TIMESTAMP_USERSPACE,
685 m->timestamps + MANAGER_TIMESTAMP_FIRMWARE,
686 m->timestamps + MANAGER_TIMESTAMP_LOADER);
687 #endif
688
689 /* Prepare log fields we can use for structured logging */
690 if (MANAGER_IS_SYSTEM(m)) {
691 m->unit_log_field = "UNIT=";
692 m->unit_log_format_string = "UNIT=%s";
693
694 m->invocation_log_field = "INVOCATION_ID=";
695 m->invocation_log_format_string = "INVOCATION_ID=%s";
696 } else {
697 m->unit_log_field = "USER_UNIT=";
698 m->unit_log_format_string = "USER_UNIT=%s";
699
700 m->invocation_log_field = "USER_INVOCATION_ID=";
701 m->invocation_log_format_string = "USER_INVOCATION_ID=%s";
702 }
703
704 m->idle_pipe[0] = m->idle_pipe[1] = m->idle_pipe[2] = m->idle_pipe[3] = -1;
705
706 m->pin_cgroupfs_fd = m->notify_fd = m->cgroups_agent_fd = m->signal_fd = m->time_change_fd =
707 m->dev_autofs_fd = m->private_listen_fd = m->cgroup_inotify_fd =
708 m->ask_password_inotify_fd = -1;
709
710 m->user_lookup_fds[0] = m->user_lookup_fds[1] = -1;
711
712 m->current_job_id = 1; /* start as id #1, so that we can leave #0 around as "null-like" value */
713
714 m->have_ask_password = -EINVAL; /* we don't know */
715 m->first_boot = -1;
716
717 m->test_run_flags = test_run_flags;
718
719 /* Reboot immediately if the user hits C-A-D more often than 7x per 2s */
720 RATELIMIT_INIT(m->ctrl_alt_del_ratelimit, 2 * USEC_PER_SEC, 7);
721
722 r = manager_default_environment(m);
723 if (r < 0)
724 goto fail;
725
726 r = hashmap_ensure_allocated(&m->units, &string_hash_ops);
727 if (r < 0)
728 goto fail;
729
730 r = hashmap_ensure_allocated(&m->jobs, NULL);
731 if (r < 0)
732 goto fail;
733
734 r = hashmap_ensure_allocated(&m->cgroup_unit, &string_hash_ops);
735 if (r < 0)
736 goto fail;
737
738 r = hashmap_ensure_allocated(&m->watch_bus, &string_hash_ops);
739 if (r < 0)
740 goto fail;
741
742 r = sd_event_default(&m->event);
743 if (r < 0)
744 goto fail;
745
746 r = manager_setup_run_queue(m);
747 if (r < 0)
748 goto fail;
749
750 r = manager_setup_signals(m);
751 if (r < 0)
752 goto fail;
753
754 r = manager_setup_cgroup(m);
755 if (r < 0)
756 goto fail;
757
758 r = manager_setup_time_change(m);
759 if (r < 0)
760 goto fail;
761
762 r = manager_setup_sigchld_event_source(m);
763 if (r < 0)
764 goto fail;
765
766 m->udev = udev_new();
767 if (!m->udev) {
768 r = -ENOMEM;
769 goto fail;
770 }
771
772 r = manager_setup_prefix(m);
773 if (r < 0)
774 goto fail;
775
776 if (MANAGER_IS_SYSTEM(m) && test_run_flags == 0) {
777 r = mkdir_label("/run/systemd/units", 0755);
778 if (r < 0 && r != -EEXIST)
779 goto fail;
780 }
781
782 m->taint_usr =
783 !in_initrd() &&
784 dir_is_empty("/usr") > 0;
785
786 /* Note that we do not set up the notify fd here. We do that after deserialization,
787 * since they might have gotten serialized across the reexec. */
788
789 *_m = m;
790 return 0;
791
792 fail:
793 manager_free(m);
794 return r;
795 }
796
797 static int manager_setup_notify(Manager *m) {
798 int r;
799
800 if (m->test_run_flags)
801 return 0;
802
803 if (m->notify_fd < 0) {
804 _cleanup_close_ int fd = -1;
805 union sockaddr_union sa = {
806 .sa.sa_family = AF_UNIX,
807 };
808 static const int one = 1;
809
810 /* First free all secondary fields */
811 m->notify_socket = mfree(m->notify_socket);
812 m->notify_event_source = sd_event_source_unref(m->notify_event_source);
813
814 fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
815 if (fd < 0)
816 return log_error_errno(errno, "Failed to allocate notification socket: %m");
817
818 fd_inc_rcvbuf(fd, NOTIFY_RCVBUF_SIZE);
819
820 m->notify_socket = strappend(m->prefix[EXEC_DIRECTORY_RUNTIME], "/systemd/notify");
821 if (!m->notify_socket)
822 return log_oom();
823
824 (void) mkdir_parents_label(m->notify_socket, 0755);
825 (void) unlink(m->notify_socket);
826
827 strncpy(sa.un.sun_path, m->notify_socket, sizeof(sa.un.sun_path)-1);
828 r = bind(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
829 if (r < 0)
830 return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
831
832 r = setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
833 if (r < 0)
834 return log_error_errno(errno, "SO_PASSCRED failed: %m");
835
836 m->notify_fd = fd;
837 fd = -1;
838
839 log_debug("Using notification socket %s", m->notify_socket);
840 }
841
842 if (!m->notify_event_source) {
843 r = sd_event_add_io(m->event, &m->notify_event_source, m->notify_fd, EPOLLIN, manager_dispatch_notify_fd, m);
844 if (r < 0)
845 return log_error_errno(r, "Failed to allocate notify event source: %m");
846
847 /* Process notification messages a bit earlier than SIGCHLD, so that we can still identify to which
848 * service an exit message belongs. */
849 r = sd_event_source_set_priority(m->notify_event_source, SD_EVENT_PRIORITY_NORMAL-8);
850 if (r < 0)
851 return log_error_errno(r, "Failed to set priority of notify event source: %m");
852
853 (void) sd_event_source_set_description(m->notify_event_source, "manager-notify");
854 }
855
856 return 0;
857 }
858
859 static int manager_setup_cgroups_agent(Manager *m) {
860
861 static const union sockaddr_union sa = {
862 .un.sun_family = AF_UNIX,
863 .un.sun_path = "/run/systemd/cgroups-agent",
864 };
865 int r;
866
867 /* This creates a listening socket we receive cgroups agent messages on. We do not use D-Bus for delivering
868 * these messages from the cgroups agent binary to PID 1, as the cgroups agent binary is very short-living, and
869 * each instance of it needs a new D-Bus connection. Since D-Bus connections are SOCK_STREAM/AF_UNIX, on
870 * overloaded systems the backlog of the D-Bus socket becomes relevant, as not more than the configured number
871 * of D-Bus connections may be queued until the kernel will start dropping further incoming connections,
872 * possibly resulting in lost cgroups agent messages. To avoid this, we'll use a private SOCK_DGRAM/AF_UNIX
873 * socket, where no backlog is relevant as communication may take place without an actual connect() cycle, and
874 * we thus won't lose messages.
875 *
876 * Note that PID 1 will forward the agent message to system bus, so that the user systemd instance may listen
877 * to it. The system instance hence listens on this special socket, but the user instances listen on the system
878 * bus for these messages. */
879
880 if (m->test_run_flags)
881 return 0;
882
883 if (!MANAGER_IS_SYSTEM(m))
884 return 0;
885
886 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
887 if (r < 0)
888 return log_error_errno(r, "Failed to determine whether unified cgroups hierarchy is used: %m");
889 if (r > 0) /* We don't need this anymore on the unified hierarchy */
890 return 0;
891
892 if (m->cgroups_agent_fd < 0) {
893 _cleanup_close_ int fd = -1;
894
895 /* First free all secondary fields */
896 m->cgroups_agent_event_source = sd_event_source_unref(m->cgroups_agent_event_source);
897
898 fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
899 if (fd < 0)
900 return log_error_errno(errno, "Failed to allocate cgroups agent socket: %m");
901
902 fd_inc_rcvbuf(fd, CGROUPS_AGENT_RCVBUF_SIZE);
903
904 (void) unlink(sa.un.sun_path);
905
906 /* Only allow root to connect to this socket */
907 RUN_WITH_UMASK(0077)
908 r = bind(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
909 if (r < 0)
910 return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
911
912 m->cgroups_agent_fd = fd;
913 fd = -1;
914 }
915
916 if (!m->cgroups_agent_event_source) {
917 r = sd_event_add_io(m->event, &m->cgroups_agent_event_source, m->cgroups_agent_fd, EPOLLIN, manager_dispatch_cgroups_agent_fd, m);
918 if (r < 0)
919 return log_error_errno(r, "Failed to allocate cgroups agent event source: %m");
920
921 /* Process cgroups notifications early, but after having processed service notification messages or
922 * SIGCHLD signals, so that a cgroup running empty is always just the last safety net of notification,
923 * and we collected the metadata the notification and SIGCHLD stuff offers first. Also see handling of
924 * cgroup inotify for the unified cgroup stuff. */
925 r = sd_event_source_set_priority(m->cgroups_agent_event_source, SD_EVENT_PRIORITY_NORMAL-4);
926 if (r < 0)
927 return log_error_errno(r, "Failed to set priority of cgroups agent event source: %m");
928
929 (void) sd_event_source_set_description(m->cgroups_agent_event_source, "manager-cgroups-agent");
930 }
931
932 return 0;
933 }
934
935 static int manager_setup_user_lookup_fd(Manager *m) {
936 int r;
937
938 assert(m);
939
940 /* Set up the socket pair used for passing UID/GID resolution results from forked off processes to PID
941 * 1. Background: we can't do name lookups (NSS) from PID 1, since it might involve IPC and thus activation,
942 * and we might hence deadlock on ourselves. Hence we do all user/group lookups asynchronously from the forked
943 * off processes right before executing the binaries to start. In order to be able to clean up any IPC objects
944 * created by a unit (see RemoveIPC=) we need to know in PID 1 the used UID/GID of the executed processes,
945 * hence we establish this communication channel so that forked off processes can pass their UID/GID
946 * information back to PID 1. The forked off processes send their resolved UID/GID to PID 1 in a simple
947 * datagram, along with their unit name, so that we can share one communication socket pair among all units for
948 * this purpose.
949 *
950 * You might wonder why we need a communication channel for this that is independent of the usual notification
951 * socket scheme (i.e. $NOTIFY_SOCKET). The primary difference is about trust: data sent via the $NOTIFY_SOCKET
952 * channel is only accepted if it originates from the right unit and if reception was enabled for it. The user
953 * lookup socket OTOH is only accessible by PID 1 and its children until they exec(), and always available.
954 *
955 * Note that this function is called under two circumstances: when we first initialize (in which case we
956 * allocate both the socket pair and the event source to listen on it), and when we deserialize after a reload
957 * (in which case the socket pair already exists but we still need to allocate the event source for it). */
958
959 if (m->user_lookup_fds[0] < 0) {
960
961 /* Free all secondary fields */
962 safe_close_pair(m->user_lookup_fds);
963 m->user_lookup_event_source = sd_event_source_unref(m->user_lookup_event_source);
964
965 if (socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, m->user_lookup_fds) < 0)
966 return log_error_errno(errno, "Failed to allocate user lookup socket: %m");
967
968 (void) fd_inc_rcvbuf(m->user_lookup_fds[0], NOTIFY_RCVBUF_SIZE);
969 }
970
971 if (!m->user_lookup_event_source) {
972 r = sd_event_add_io(m->event, &m->user_lookup_event_source, m->user_lookup_fds[0], EPOLLIN, manager_dispatch_user_lookup_fd, m);
973 if (r < 0)
974 return log_error_errno(errno, "Failed to allocate user lookup event source: %m");
975
976 /* Process even earlier than the notify event source, so that we always know first about valid UID/GID
977 * resolutions */
978 r = sd_event_source_set_priority(m->user_lookup_event_source, SD_EVENT_PRIORITY_NORMAL-11);
979 if (r < 0)
980 return log_error_errno(errno, "Failed to set priority ot user lookup event source: %m");
981
982 (void) sd_event_source_set_description(m->user_lookup_event_source, "user-lookup");
983 }
984
985 return 0;
986 }
987
988 static int manager_connect_bus(Manager *m, bool reexecuting) {
989 bool try_bus_connect;
990 Unit *u = NULL;
991
992 assert(m);
993
994 if (m->test_run_flags)
995 return 0;
996
997 u = manager_get_unit(m, SPECIAL_DBUS_SERVICE);
998
999 try_bus_connect =
1000 (u && SERVICE(u)->deserialized_state == SERVICE_RUNNING) &&
1001 (reexecuting ||
1002 (MANAGER_IS_USER(m) && getenv("DBUS_SESSION_BUS_ADDRESS")));
1003
1004 /* Try to connect to the buses, if possible. */
1005 return bus_init(m, try_bus_connect);
1006 }
1007
1008 static unsigned manager_dispatch_cleanup_queue(Manager *m) {
1009 Unit *u;
1010 unsigned n = 0;
1011
1012 assert(m);
1013
1014 while ((u = m->cleanup_queue)) {
1015 assert(u->in_cleanup_queue);
1016
1017 unit_free(u);
1018 n++;
1019 }
1020
1021 return n;
1022 }
1023
1024 enum {
1025 GC_OFFSET_IN_PATH, /* This one is on the path we were traveling */
1026 GC_OFFSET_UNSURE, /* No clue */
1027 GC_OFFSET_GOOD, /* We still need this unit */
1028 GC_OFFSET_BAD, /* We don't need this unit anymore */
1029 _GC_OFFSET_MAX
1030 };
1031
1032 static void unit_gc_mark_good(Unit *u, unsigned gc_marker) {
1033 Unit *other;
1034 Iterator i;
1035 void *v;
1036
1037 u->gc_marker = gc_marker + GC_OFFSET_GOOD;
1038
1039 /* Recursively mark referenced units as GOOD as well */
1040 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REFERENCES], i)
1041 if (other->gc_marker == gc_marker + GC_OFFSET_UNSURE)
1042 unit_gc_mark_good(other, gc_marker);
1043 }
1044
1045 static void unit_gc_sweep(Unit *u, unsigned gc_marker) {
1046 Unit *other;
1047 bool is_bad;
1048 Iterator i;
1049 void *v;
1050
1051 assert(u);
1052
1053 if (IN_SET(u->gc_marker - gc_marker,
1054 GC_OFFSET_GOOD, GC_OFFSET_BAD, GC_OFFSET_UNSURE, GC_OFFSET_IN_PATH))
1055 return;
1056
1057 if (u->in_cleanup_queue)
1058 goto bad;
1059
1060 if (unit_check_gc(u))
1061 goto good;
1062
1063 u->gc_marker = gc_marker + GC_OFFSET_IN_PATH;
1064
1065 is_bad = true;
1066
1067 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REFERENCED_BY], i) {
1068 unit_gc_sweep(other, gc_marker);
1069
1070 if (other->gc_marker == gc_marker + GC_OFFSET_GOOD)
1071 goto good;
1072
1073 if (other->gc_marker != gc_marker + GC_OFFSET_BAD)
1074 is_bad = false;
1075 }
1076
1077 if (is_bad)
1078 goto bad;
1079
1080 /* We were unable to find anything out about this entry, so
1081 * let's investigate it later */
1082 u->gc_marker = gc_marker + GC_OFFSET_UNSURE;
1083 unit_add_to_gc_queue(u);
1084 return;
1085
1086 bad:
1087 /* We definitely know that this one is not useful anymore, so
1088 * let's mark it for deletion */
1089 u->gc_marker = gc_marker + GC_OFFSET_BAD;
1090 unit_add_to_cleanup_queue(u);
1091 return;
1092
1093 good:
1094 unit_gc_mark_good(u, gc_marker);
1095 }
1096
1097 static unsigned manager_dispatch_gc_unit_queue(Manager *m) {
1098 unsigned n = 0, gc_marker;
1099 Unit *u;
1100
1101 assert(m);
1102
1103 /* log_debug("Running GC..."); */
1104
1105 m->gc_marker += _GC_OFFSET_MAX;
1106 if (m->gc_marker + _GC_OFFSET_MAX <= _GC_OFFSET_MAX)
1107 m->gc_marker = 1;
1108
1109 gc_marker = m->gc_marker;
1110
1111 while ((u = m->gc_unit_queue)) {
1112 assert(u->in_gc_queue);
1113
1114 unit_gc_sweep(u, gc_marker);
1115
1116 LIST_REMOVE(gc_queue, m->gc_unit_queue, u);
1117 u->in_gc_queue = false;
1118
1119 n++;
1120
1121 if (IN_SET(u->gc_marker - gc_marker,
1122 GC_OFFSET_BAD, GC_OFFSET_UNSURE)) {
1123 if (u->id)
1124 log_unit_debug(u, "Collecting.");
1125 u->gc_marker = gc_marker + GC_OFFSET_BAD;
1126 unit_add_to_cleanup_queue(u);
1127 }
1128 }
1129
1130 return n;
1131 }
1132
1133 static unsigned manager_dispatch_gc_job_queue(Manager *m) {
1134 unsigned n = 0;
1135 Job *j;
1136
1137 assert(m);
1138
1139 while ((j = m->gc_job_queue)) {
1140 assert(j->in_gc_queue);
1141
1142 LIST_REMOVE(gc_queue, m->gc_job_queue, j);
1143 j->in_gc_queue = false;
1144
1145 n++;
1146
1147 if (job_check_gc(j))
1148 continue;
1149
1150 log_unit_debug(j->unit, "Collecting job.");
1151 (void) job_finish_and_invalidate(j, JOB_COLLECTED, false, false);
1152 }
1153
1154 return n;
1155 }
1156
1157 static void manager_clear_jobs_and_units(Manager *m) {
1158 Unit *u;
1159
1160 assert(m);
1161
1162 while ((u = hashmap_first(m->units)))
1163 unit_free(u);
1164
1165 manager_dispatch_cleanup_queue(m);
1166
1167 assert(!m->load_queue);
1168 assert(!m->run_queue);
1169 assert(!m->dbus_unit_queue);
1170 assert(!m->dbus_job_queue);
1171 assert(!m->cleanup_queue);
1172 assert(!m->gc_unit_queue);
1173 assert(!m->gc_job_queue);
1174
1175 assert(hashmap_isempty(m->jobs));
1176 assert(hashmap_isempty(m->units));
1177
1178 m->n_on_console = 0;
1179 m->n_running_jobs = 0;
1180 }
1181
1182 Manager* manager_free(Manager *m) {
1183 UnitType c;
1184 int i;
1185 ExecDirectoryType dt;
1186
1187 if (!m)
1188 return NULL;
1189
1190 manager_clear_jobs_and_units(m);
1191
1192 for (c = 0; c < _UNIT_TYPE_MAX; c++)
1193 if (unit_vtable[c]->shutdown)
1194 unit_vtable[c]->shutdown(m);
1195
1196 /* If we reexecute ourselves, we keep the root cgroup around */
1197 manager_shutdown_cgroup(m, m->exit_code != MANAGER_REEXECUTE);
1198
1199 lookup_paths_flush_generator(&m->lookup_paths);
1200
1201 bus_done(m);
1202
1203 dynamic_user_vacuum(m, false);
1204 hashmap_free(m->dynamic_users);
1205
1206 hashmap_free(m->units);
1207 hashmap_free(m->units_by_invocation_id);
1208 hashmap_free(m->jobs);
1209 hashmap_free(m->watch_pids);
1210 hashmap_free(m->watch_bus);
1211
1212 set_free(m->startup_units);
1213 set_free(m->failed_units);
1214
1215 sd_event_source_unref(m->signal_event_source);
1216 sd_event_source_unref(m->sigchld_event_source);
1217 sd_event_source_unref(m->notify_event_source);
1218 sd_event_source_unref(m->cgroups_agent_event_source);
1219 sd_event_source_unref(m->time_change_event_source);
1220 sd_event_source_unref(m->jobs_in_progress_event_source);
1221 sd_event_source_unref(m->run_queue_event_source);
1222 sd_event_source_unref(m->user_lookup_event_source);
1223
1224 safe_close(m->signal_fd);
1225 safe_close(m->notify_fd);
1226 safe_close(m->cgroups_agent_fd);
1227 safe_close(m->time_change_fd);
1228 safe_close_pair(m->user_lookup_fds);
1229
1230 manager_close_ask_password(m);
1231
1232 manager_close_idle_pipe(m);
1233
1234 udev_unref(m->udev);
1235 sd_event_unref(m->event);
1236
1237 free(m->notify_socket);
1238
1239 lookup_paths_free(&m->lookup_paths);
1240 strv_free(m->environment);
1241
1242 hashmap_free(m->cgroup_unit);
1243 set_free_free(m->unit_path_cache);
1244
1245 free(m->switch_root);
1246 free(m->switch_root_init);
1247
1248 for (i = 0; i < _RLIMIT_MAX; i++)
1249 m->rlimit[i] = mfree(m->rlimit[i]);
1250
1251 assert(hashmap_isempty(m->units_requiring_mounts_for));
1252 hashmap_free(m->units_requiring_mounts_for);
1253
1254 hashmap_free(m->uid_refs);
1255 hashmap_free(m->gid_refs);
1256
1257 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++)
1258 m->prefix[dt] = mfree(m->prefix[dt]);
1259
1260 return mfree(m);
1261 }
1262
1263 void manager_enumerate(Manager *m) {
1264 UnitType c;
1265
1266 assert(m);
1267
1268 /* Let's ask every type to load all units from disk/kernel
1269 * that it might know */
1270 for (c = 0; c < _UNIT_TYPE_MAX; c++) {
1271 if (!unit_type_supported(c)) {
1272 log_debug("Unit type .%s is not supported on this system.", unit_type_to_string(c));
1273 continue;
1274 }
1275
1276 if (!unit_vtable[c]->enumerate)
1277 continue;
1278
1279 unit_vtable[c]->enumerate(m);
1280 }
1281
1282 manager_dispatch_load_queue(m);
1283 }
1284
1285 static void manager_coldplug(Manager *m) {
1286 Iterator i;
1287 Unit *u;
1288 char *k;
1289 int r;
1290
1291 assert(m);
1292
1293 /* Then, let's set up their initial state. */
1294 HASHMAP_FOREACH_KEY(u, k, m->units, i) {
1295
1296 /* ignore aliases */
1297 if (u->id != k)
1298 continue;
1299
1300 r = unit_coldplug(u);
1301 if (r < 0)
1302 log_warning_errno(r, "We couldn't coldplug %s, proceeding anyway: %m", u->id);
1303 }
1304 }
1305
1306 static void manager_build_unit_path_cache(Manager *m) {
1307 char **i;
1308 int r;
1309
1310 assert(m);
1311
1312 set_free_free(m->unit_path_cache);
1313
1314 m->unit_path_cache = set_new(&string_hash_ops);
1315 if (!m->unit_path_cache) {
1316 r = -ENOMEM;
1317 goto fail;
1318 }
1319
1320 /* This simply builds a list of files we know exist, so that
1321 * we don't always have to go to disk */
1322
1323 STRV_FOREACH(i, m->lookup_paths.search_path) {
1324 _cleanup_closedir_ DIR *d = NULL;
1325 struct dirent *de;
1326
1327 d = opendir(*i);
1328 if (!d) {
1329 if (errno != ENOENT)
1330 log_warning_errno(errno, "Failed to open directory %s, ignoring: %m", *i);
1331 continue;
1332 }
1333
1334 FOREACH_DIRENT(de, d, r = -errno; goto fail) {
1335 char *p;
1336
1337 p = strjoin(streq(*i, "/") ? "" : *i, "/", de->d_name);
1338 if (!p) {
1339 r = -ENOMEM;
1340 goto fail;
1341 }
1342
1343 r = set_consume(m->unit_path_cache, p);
1344 if (r < 0)
1345 goto fail;
1346 }
1347 }
1348
1349 return;
1350
1351 fail:
1352 log_warning_errno(r, "Failed to build unit path cache, proceeding without: %m");
1353 m->unit_path_cache = set_free_free(m->unit_path_cache);
1354 }
1355
1356 static void manager_distribute_fds(Manager *m, FDSet *fds) {
1357 Iterator i;
1358 Unit *u;
1359
1360 assert(m);
1361
1362 HASHMAP_FOREACH(u, m->units, i) {
1363
1364 if (fdset_size(fds) <= 0)
1365 break;
1366
1367 if (!UNIT_VTABLE(u)->distribute_fds)
1368 continue;
1369
1370 UNIT_VTABLE(u)->distribute_fds(u, fds);
1371 }
1372 }
1373
1374 int manager_startup(Manager *m, FILE *serialization, FDSet *fds) {
1375 int r;
1376
1377 assert(m);
1378
1379 /* If we are running in test mode, we still want to run the generators,
1380 * but we should not touch the real generator directories. */
1381 r = lookup_paths_init(&m->lookup_paths, m->unit_file_scope,
1382 m->test_run_flags ? LOOKUP_PATHS_TEMPORARY_GENERATED : 0,
1383 NULL);
1384 if (r < 0)
1385 return r;
1386
1387 r = manager_run_environment_generators(m);
1388 if (r < 0)
1389 return r;
1390
1391 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_GENERATORS_START);
1392 r = manager_run_generators(m);
1393 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_GENERATORS_FINISH);
1394 if (r < 0)
1395 return r;
1396
1397 /* If this is the first boot, and we are in the host system, then preset everything */
1398 if (m->first_boot > 0 &&
1399 MANAGER_IS_SYSTEM(m) &&
1400 !m->test_run_flags) {
1401
1402 r = unit_file_preset_all(UNIT_FILE_SYSTEM, 0, NULL, UNIT_FILE_PRESET_ENABLE_ONLY, NULL, 0);
1403 if (r < 0)
1404 log_full_errno(r == -EEXIST ? LOG_NOTICE : LOG_WARNING, r,
1405 "Failed to populate /etc with preset unit settings, ignoring: %m");
1406 else
1407 log_info("Populated /etc with preset unit settings.");
1408 }
1409
1410 lookup_paths_reduce(&m->lookup_paths);
1411 manager_build_unit_path_cache(m);
1412
1413 /* If we will deserialize make sure that during enumeration
1414 * this is already known, so we increase the counter here
1415 * already */
1416 if (serialization)
1417 m->n_reloading++;
1418
1419 /* First, enumerate what we can from all config files */
1420 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_UNITS_LOAD_START);
1421 manager_enumerate(m);
1422 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_UNITS_LOAD_FINISH);
1423
1424 /* Second, deserialize if there is something to deserialize */
1425 if (serialization) {
1426 r = manager_deserialize(m, serialization, fds);
1427 if (r < 0)
1428 return log_error_errno(r, "Deserialization failed: %m");
1429 }
1430
1431 /* Any fds left? Find some unit which wants them. This is
1432 * useful to allow container managers to pass some file
1433 * descriptors to us pre-initialized. This enables
1434 * socket-based activation of entire containers. */
1435 manager_distribute_fds(m, fds);
1436
1437 /* We might have deserialized the notify fd, but if we didn't
1438 * then let's create the bus now */
1439 r = manager_setup_notify(m);
1440 if (r < 0)
1441 /* No sense to continue without notifications, our children would fail anyway. */
1442 return r;
1443
1444 r = manager_setup_cgroups_agent(m);
1445 if (r < 0)
1446 /* Likewise, no sense to continue without empty cgroup notifications. */
1447 return r;
1448
1449 r = manager_setup_user_lookup_fd(m);
1450 if (r < 0)
1451 /* This shouldn't fail, except if things are really broken. */
1452 return r;
1453
1454 /* Let's connect to the bus now. */
1455 (void) manager_connect_bus(m, !!serialization);
1456
1457 (void) bus_track_coldplug(m, &m->subscribed, false, m->deserialized_subscribed);
1458 m->deserialized_subscribed = strv_free(m->deserialized_subscribed);
1459
1460 /* Third, fire things up! */
1461 manager_coldplug(m);
1462
1463 /* Release any dynamic users no longer referenced */
1464 dynamic_user_vacuum(m, true);
1465
1466 /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */
1467 manager_vacuum_uid_refs(m);
1468 manager_vacuum_gid_refs(m);
1469
1470 if (serialization) {
1471 assert(m->n_reloading > 0);
1472 m->n_reloading--;
1473
1474 /* Let's wait for the UnitNew/JobNew messages being
1475 * sent, before we notify that the reload is
1476 * finished */
1477 m->send_reloading_done = true;
1478 }
1479
1480 return 0;
1481 }
1482
1483 int manager_add_job(Manager *m, JobType type, Unit *unit, JobMode mode, sd_bus_error *e, Job **_ret) {
1484 int r;
1485 Transaction *tr;
1486
1487 assert(m);
1488 assert(type < _JOB_TYPE_MAX);
1489 assert(unit);
1490 assert(mode < _JOB_MODE_MAX);
1491
1492 if (mode == JOB_ISOLATE && type != JOB_START)
1493 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Isolate is only valid for start.");
1494
1495 if (mode == JOB_ISOLATE && !unit->allow_isolate)
1496 return sd_bus_error_setf(e, BUS_ERROR_NO_ISOLATION, "Operation refused, unit may not be isolated.");
1497
1498 log_unit_debug(unit, "Trying to enqueue job %s/%s/%s", unit->id, job_type_to_string(type), job_mode_to_string(mode));
1499
1500 type = job_type_collapse(type, unit);
1501
1502 tr = transaction_new(mode == JOB_REPLACE_IRREVERSIBLY);
1503 if (!tr)
1504 return -ENOMEM;
1505
1506 r = transaction_add_job_and_dependencies(tr, type, unit, NULL, true, false,
1507 IN_SET(mode, JOB_IGNORE_DEPENDENCIES, JOB_IGNORE_REQUIREMENTS),
1508 mode == JOB_IGNORE_DEPENDENCIES, e);
1509 if (r < 0)
1510 goto tr_abort;
1511
1512 if (mode == JOB_ISOLATE) {
1513 r = transaction_add_isolate_jobs(tr, m);
1514 if (r < 0)
1515 goto tr_abort;
1516 }
1517
1518 r = transaction_activate(tr, m, mode, e);
1519 if (r < 0)
1520 goto tr_abort;
1521
1522 log_unit_debug(unit,
1523 "Enqueued job %s/%s as %u", unit->id,
1524 job_type_to_string(type), (unsigned) tr->anchor_job->id);
1525
1526 if (_ret)
1527 *_ret = tr->anchor_job;
1528
1529 transaction_free(tr);
1530 return 0;
1531
1532 tr_abort:
1533 transaction_abort(tr);
1534 transaction_free(tr);
1535 return r;
1536 }
1537
1538 int manager_add_job_by_name(Manager *m, JobType type, const char *name, JobMode mode, sd_bus_error *e, Job **ret) {
1539 Unit *unit = NULL; /* just to appease gcc, initialization is not really necessary */
1540 int r;
1541
1542 assert(m);
1543 assert(type < _JOB_TYPE_MAX);
1544 assert(name);
1545 assert(mode < _JOB_MODE_MAX);
1546
1547 r = manager_load_unit(m, name, NULL, NULL, &unit);
1548 if (r < 0)
1549 return r;
1550 assert(unit);
1551
1552 return manager_add_job(m, type, unit, mode, e, ret);
1553 }
1554
1555 int manager_add_job_by_name_and_warn(Manager *m, JobType type, const char *name, JobMode mode, Job **ret) {
1556 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1557 int r;
1558
1559 assert(m);
1560 assert(type < _JOB_TYPE_MAX);
1561 assert(name);
1562 assert(mode < _JOB_MODE_MAX);
1563
1564 r = manager_add_job_by_name(m, type, name, mode, &error, ret);
1565 if (r < 0)
1566 return log_warning_errno(r, "Failed to enqueue %s job for %s: %s", job_mode_to_string(mode), name, bus_error_message(&error, r));
1567
1568 return r;
1569 }
1570
1571 int manager_propagate_reload(Manager *m, Unit *unit, JobMode mode, sd_bus_error *e) {
1572 int r;
1573 Transaction *tr;
1574
1575 assert(m);
1576 assert(unit);
1577 assert(mode < _JOB_MODE_MAX);
1578 assert(mode != JOB_ISOLATE); /* Isolate is only valid for start */
1579
1580 tr = transaction_new(mode == JOB_REPLACE_IRREVERSIBLY);
1581 if (!tr)
1582 return -ENOMEM;
1583
1584 /* We need an anchor job */
1585 r = transaction_add_job_and_dependencies(tr, JOB_NOP, unit, NULL, false, false, true, true, e);
1586 if (r < 0)
1587 goto tr_abort;
1588
1589 /* Failure in adding individual dependencies is ignored, so this always succeeds. */
1590 transaction_add_propagate_reload_jobs(tr, unit, tr->anchor_job, mode == JOB_IGNORE_DEPENDENCIES, e);
1591
1592 r = transaction_activate(tr, m, mode, e);
1593 if (r < 0)
1594 goto tr_abort;
1595
1596 transaction_free(tr);
1597 return 0;
1598
1599 tr_abort:
1600 transaction_abort(tr);
1601 transaction_free(tr);
1602 return r;
1603 }
1604
1605 Job *manager_get_job(Manager *m, uint32_t id) {
1606 assert(m);
1607
1608 return hashmap_get(m->jobs, UINT32_TO_PTR(id));
1609 }
1610
1611 Unit *manager_get_unit(Manager *m, const char *name) {
1612 assert(m);
1613 assert(name);
1614
1615 return hashmap_get(m->units, name);
1616 }
1617
1618 unsigned manager_dispatch_load_queue(Manager *m) {
1619 Unit *u;
1620 unsigned n = 0;
1621
1622 assert(m);
1623
1624 /* Make sure we are not run recursively */
1625 if (m->dispatching_load_queue)
1626 return 0;
1627
1628 m->dispatching_load_queue = true;
1629
1630 /* Dispatches the load queue. Takes a unit from the queue and
1631 * tries to load its data until the queue is empty */
1632
1633 while ((u = m->load_queue)) {
1634 assert(u->in_load_queue);
1635
1636 unit_load(u);
1637 n++;
1638 }
1639
1640 m->dispatching_load_queue = false;
1641 return n;
1642 }
1643
1644 int manager_load_unit_prepare(
1645 Manager *m,
1646 const char *name,
1647 const char *path,
1648 sd_bus_error *e,
1649 Unit **_ret) {
1650
1651 Unit *ret;
1652 UnitType t;
1653 int r;
1654
1655 assert(m);
1656 assert(name || path);
1657 assert(_ret);
1658
1659 /* This will prepare the unit for loading, but not actually
1660 * load anything from disk. */
1661
1662 if (path && !is_path(path))
1663 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Path %s is not absolute.", path);
1664
1665 if (!name)
1666 name = basename(path);
1667
1668 t = unit_name_to_type(name);
1669
1670 if (t == _UNIT_TYPE_INVALID || !unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE)) {
1671 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE))
1672 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is missing the instance name.", name);
1673
1674 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is not valid.", name);
1675 }
1676
1677 ret = manager_get_unit(m, name);
1678 if (ret) {
1679 *_ret = ret;
1680 return 1;
1681 }
1682
1683 ret = unit_new(m, unit_vtable[t]->object_size);
1684 if (!ret)
1685 return -ENOMEM;
1686
1687 if (path) {
1688 ret->fragment_path = strdup(path);
1689 if (!ret->fragment_path) {
1690 unit_free(ret);
1691 return -ENOMEM;
1692 }
1693 }
1694
1695 r = unit_add_name(ret, name);
1696 if (r < 0) {
1697 unit_free(ret);
1698 return r;
1699 }
1700
1701 unit_add_to_load_queue(ret);
1702 unit_add_to_dbus_queue(ret);
1703 unit_add_to_gc_queue(ret);
1704
1705 *_ret = ret;
1706
1707 return 0;
1708 }
1709
1710 int manager_load_unit(
1711 Manager *m,
1712 const char *name,
1713 const char *path,
1714 sd_bus_error *e,
1715 Unit **_ret) {
1716
1717 int r;
1718
1719 assert(m);
1720 assert(_ret);
1721
1722 /* This will load the service information files, but not actually
1723 * start any services or anything. */
1724
1725 r = manager_load_unit_prepare(m, name, path, e, _ret);
1726 if (r != 0)
1727 return r;
1728
1729 manager_dispatch_load_queue(m);
1730
1731 *_ret = unit_follow_merge(*_ret);
1732
1733 return 0;
1734 }
1735
1736 void manager_dump_jobs(Manager *s, FILE *f, const char *prefix) {
1737 Iterator i;
1738 Job *j;
1739
1740 assert(s);
1741 assert(f);
1742
1743 HASHMAP_FOREACH(j, s->jobs, i)
1744 job_dump(j, f, prefix);
1745 }
1746
1747 void manager_dump_units(Manager *s, FILE *f, const char *prefix) {
1748 Iterator i;
1749 Unit *u;
1750 const char *t;
1751
1752 assert(s);
1753 assert(f);
1754
1755 HASHMAP_FOREACH_KEY(u, t, s->units, i)
1756 if (u->id == t)
1757 unit_dump(u, f, prefix);
1758 }
1759
1760 void manager_dump(Manager *m, FILE *f, const char *prefix) {
1761 ManagerTimestamp q;
1762
1763 assert(m);
1764 assert(f);
1765
1766 for (q = 0; q < _MANAGER_TIMESTAMP_MAX; q++) {
1767 char buf[FORMAT_TIMESTAMP_MAX];
1768
1769 if (dual_timestamp_is_set(m->timestamps + q))
1770 fprintf(f, "%sTimestamp %s: %s\n",
1771 strempty(prefix),
1772 manager_timestamp_to_string(q),
1773 format_timestamp(buf, sizeof(buf), m->timestamps[q].realtime));
1774 }
1775
1776 manager_dump_units(m, f, prefix);
1777 manager_dump_jobs(m, f, prefix);
1778 }
1779
1780 int manager_get_dump_string(Manager *m, char **ret) {
1781 _cleanup_free_ char *dump = NULL;
1782 _cleanup_fclose_ FILE *f = NULL;
1783 size_t size;
1784 int r;
1785
1786 assert(m);
1787 assert(ret);
1788
1789 f = open_memstream(&dump, &size);
1790 if (!f)
1791 return -errno;
1792
1793 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
1794
1795 manager_dump(m, f, NULL);
1796
1797 r = fflush_and_check(f);
1798 if (r < 0)
1799 return r;
1800
1801 f = safe_fclose(f);
1802
1803 *ret = dump;
1804 dump = NULL;
1805
1806 return 0;
1807 }
1808
1809 void manager_clear_jobs(Manager *m) {
1810 Job *j;
1811
1812 assert(m);
1813
1814 while ((j = hashmap_first(m->jobs)))
1815 /* No need to recurse. We're cancelling all jobs. */
1816 job_finish_and_invalidate(j, JOB_CANCELED, false, false);
1817 }
1818
1819 static int manager_dispatch_run_queue(sd_event_source *source, void *userdata) {
1820 Manager *m = userdata;
1821 Job *j;
1822
1823 assert(source);
1824 assert(m);
1825
1826 while ((j = m->run_queue)) {
1827 assert(j->installed);
1828 assert(j->in_run_queue);
1829
1830 job_run_and_invalidate(j);
1831 }
1832
1833 if (m->n_running_jobs > 0)
1834 manager_watch_jobs_in_progress(m);
1835
1836 if (m->n_on_console > 0)
1837 manager_watch_idle_pipe(m);
1838
1839 return 1;
1840 }
1841
1842 static unsigned manager_dispatch_dbus_queue(Manager *m) {
1843 Job *j;
1844 Unit *u;
1845 unsigned n = 0;
1846
1847 assert(m);
1848
1849 if (m->dispatching_dbus_queue)
1850 return 0;
1851
1852 m->dispatching_dbus_queue = true;
1853
1854 while ((u = m->dbus_unit_queue)) {
1855 assert(u->in_dbus_queue);
1856
1857 bus_unit_send_change_signal(u);
1858 n++;
1859 }
1860
1861 while ((j = m->dbus_job_queue)) {
1862 assert(j->in_dbus_queue);
1863
1864 bus_job_send_change_signal(j);
1865 n++;
1866 }
1867
1868 m->dispatching_dbus_queue = false;
1869
1870 if (m->send_reloading_done) {
1871 m->send_reloading_done = false;
1872
1873 bus_manager_send_reloading(m, false);
1874 }
1875
1876 if (m->queued_message)
1877 bus_send_queued_message(m);
1878
1879 return n;
1880 }
1881
1882 static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
1883 Manager *m = userdata;
1884 char buf[PATH_MAX+1];
1885 ssize_t n;
1886
1887 n = recv(fd, buf, sizeof(buf), 0);
1888 if (n < 0)
1889 return log_error_errno(errno, "Failed to read cgroups agent message: %m");
1890 if (n == 0) {
1891 log_error("Got zero-length cgroups agent message, ignoring.");
1892 return 0;
1893 }
1894 if ((size_t) n >= sizeof(buf)) {
1895 log_error("Got overly long cgroups agent message, ignoring.");
1896 return 0;
1897 }
1898
1899 if (memchr(buf, 0, n)) {
1900 log_error("Got cgroups agent message with embedded NUL byte, ignoring.");
1901 return 0;
1902 }
1903 buf[n] = 0;
1904
1905 manager_notify_cgroup_empty(m, buf);
1906 (void) bus_forward_agent_released(m, buf);
1907
1908 return 0;
1909 }
1910
1911 static void manager_invoke_notify_message(
1912 Manager *m,
1913 Unit *u,
1914 const struct ucred *ucred,
1915 const char *buf,
1916 FDSet *fds) {
1917
1918 assert(m);
1919 assert(u);
1920 assert(ucred);
1921 assert(buf);
1922
1923 if (u->notifygen == m->notifygen) /* Already invoked on this same unit in this same iteration? */
1924 return;
1925 u->notifygen = m->notifygen;
1926
1927 if (UNIT_VTABLE(u)->notify_message) {
1928 _cleanup_strv_free_ char **tags = NULL;
1929
1930 tags = strv_split(buf, NEWLINE);
1931 if (!tags) {
1932 log_oom();
1933 return;
1934 }
1935
1936 UNIT_VTABLE(u)->notify_message(u, ucred, tags, fds);
1937
1938 } else if (DEBUG_LOGGING) {
1939 _cleanup_free_ char *x = NULL, *y = NULL;
1940
1941 x = ellipsize(buf, 20, 90);
1942 if (x)
1943 y = cescape(x);
1944
1945 log_unit_debug(u, "Got notification message \"%s\", ignoring.", strnull(y));
1946 }
1947 }
1948
1949 static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
1950
1951 _cleanup_fdset_free_ FDSet *fds = NULL;
1952 Manager *m = userdata;
1953 char buf[NOTIFY_BUFFER_MAX+1];
1954 struct iovec iovec = {
1955 .iov_base = buf,
1956 .iov_len = sizeof(buf)-1,
1957 };
1958 union {
1959 struct cmsghdr cmsghdr;
1960 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1961 CMSG_SPACE(sizeof(int) * NOTIFY_FD_MAX)];
1962 } control = {};
1963 struct msghdr msghdr = {
1964 .msg_iov = &iovec,
1965 .msg_iovlen = 1,
1966 .msg_control = &control,
1967 .msg_controllen = sizeof(control),
1968 };
1969
1970 struct cmsghdr *cmsg;
1971 struct ucred *ucred = NULL;
1972 _cleanup_free_ Unit **array_copy = NULL;
1973 Unit *u1, *u2, **array;
1974 int r, *fd_array = NULL;
1975 unsigned n_fds = 0;
1976 bool found = false;
1977 ssize_t n;
1978
1979 assert(m);
1980 assert(m->notify_fd == fd);
1981
1982 if (revents != EPOLLIN) {
1983 log_warning("Got unexpected poll event for notify fd.");
1984 return 0;
1985 }
1986
1987 n = recvmsg(m->notify_fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC|MSG_TRUNC);
1988 if (n < 0) {
1989 if (IN_SET(errno, EAGAIN, EINTR))
1990 return 0; /* Spurious wakeup, try again */
1991
1992 /* If this is any other, real error, then let's stop processing this socket. This of course means we
1993 * won't take notification messages anymore, but that's still better than busy looping around this:
1994 * being woken up over and over again but being unable to actually read the message off the socket. */
1995 return log_error_errno(errno, "Failed to receive notification message: %m");
1996 }
1997
1998 CMSG_FOREACH(cmsg, &msghdr) {
1999 if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
2000
2001 fd_array = (int*) CMSG_DATA(cmsg);
2002 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2003
2004 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2005 cmsg->cmsg_type == SCM_CREDENTIALS &&
2006 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred))) {
2007
2008 ucred = (struct ucred*) CMSG_DATA(cmsg);
2009 }
2010 }
2011
2012 if (n_fds > 0) {
2013 assert(fd_array);
2014
2015 r = fdset_new_array(&fds, fd_array, n_fds);
2016 if (r < 0) {
2017 close_many(fd_array, n_fds);
2018 log_oom();
2019 return 0;
2020 }
2021 }
2022
2023 if (!ucred || !pid_is_valid(ucred->pid)) {
2024 log_warning("Received notify message without valid credentials. Ignoring.");
2025 return 0;
2026 }
2027
2028 if ((size_t) n >= sizeof(buf) || (msghdr.msg_flags & MSG_TRUNC)) {
2029 log_warning("Received notify message exceeded maximum size. Ignoring.");
2030 return 0;
2031 }
2032
2033 /* As extra safety check, let's make sure the string we get doesn't contain embedded NUL bytes. We permit one
2034 * trailing NUL byte in the message, but don't expect it. */
2035 if (n > 1 && memchr(buf, 0, n-1)) {
2036 log_warning("Received notify message with embedded NUL bytes. Ignoring.");
2037 return 0;
2038 }
2039
2040 /* Make sure it's NUL-terminated. */
2041 buf[n] = 0;
2042
2043 /* Increase the generation counter used for filtering out duplicate unit invocations. */
2044 m->notifygen++;
2045
2046 /* Notify every unit that might be interested, which might be multiple. */
2047 u1 = manager_get_unit_by_pid_cgroup(m, ucred->pid);
2048 u2 = hashmap_get(m->watch_pids, PID_TO_PTR(ucred->pid));
2049 array = hashmap_get(m->watch_pids, PID_TO_PTR(-ucred->pid));
2050 if (array) {
2051 size_t k = 0;
2052
2053 while (array[k])
2054 k++;
2055
2056 array_copy = newdup(Unit*, array, k+1);
2057 if (!array_copy)
2058 log_oom();
2059 }
2060 /* And now invoke the per-unit callbacks. Note that manager_invoke_notify_message() will handle duplicate units
2061 * make sure we only invoke each unit's handler once. */
2062 if (u1) {
2063 manager_invoke_notify_message(m, u1, ucred, buf, fds);
2064 found = true;
2065 }
2066 if (u2) {
2067 manager_invoke_notify_message(m, u2, ucred, buf, fds);
2068 found = true;
2069 }
2070 if (array_copy)
2071 for (size_t i = 0; array_copy[i]; i++) {
2072 manager_invoke_notify_message(m, array_copy[i], ucred, buf, fds);
2073 found = true;
2074 }
2075
2076 if (!found)
2077 log_warning("Cannot find unit for notify message of PID "PID_FMT", ignoring.", ucred->pid);
2078
2079 if (fdset_size(fds) > 0)
2080 log_warning("Got extra auxiliary fds with notification message, closing them.");
2081
2082 return 0;
2083 }
2084
2085 static void manager_invoke_sigchld_event(
2086 Manager *m,
2087 Unit *u,
2088 const siginfo_t *si) {
2089
2090 assert(m);
2091 assert(u);
2092 assert(si);
2093
2094 /* Already invoked the handler of this unit in this iteration? Then don't process this again */
2095 if (u->sigchldgen == m->sigchldgen)
2096 return;
2097 u->sigchldgen = m->sigchldgen;
2098
2099 log_unit_debug(u, "Child "PID_FMT" belongs to %s.", si->si_pid, u->id);
2100 unit_unwatch_pid(u, si->si_pid);
2101
2102 if (UNIT_VTABLE(u)->sigchld_event)
2103 UNIT_VTABLE(u)->sigchld_event(u, si->si_pid, si->si_code, si->si_status);
2104 }
2105
2106 static int manager_dispatch_sigchld(sd_event_source *source, void *userdata) {
2107 Manager *m = userdata;
2108 siginfo_t si = {};
2109 int r;
2110
2111 assert(source);
2112 assert(m);
2113
2114 /* First we call waitd() for a PID and do not reap the zombie. That way we can still access /proc/$PID for it
2115 * while it is a zombie. */
2116
2117 if (waitid(P_ALL, 0, &si, WEXITED|WNOHANG|WNOWAIT) < 0) {
2118
2119 if (errno == ECHILD)
2120 goto turn_off;
2121
2122 log_error_errno(errno, "Failed to peek for child with waitid(), ignoring: %m");
2123 return 0;
2124 }
2125
2126 if (si.si_pid <= 0)
2127 goto turn_off;
2128
2129 if (IN_SET(si.si_code, CLD_EXITED, CLD_KILLED, CLD_DUMPED)) {
2130 _cleanup_free_ Unit **array_copy = NULL;
2131 _cleanup_free_ char *name = NULL;
2132 Unit *u1, *u2, **array;
2133
2134 (void) get_process_comm(si.si_pid, &name);
2135
2136 log_debug("Child "PID_FMT" (%s) died (code=%s, status=%i/%s)",
2137 si.si_pid, strna(name),
2138 sigchld_code_to_string(si.si_code),
2139 si.si_status,
2140 strna(si.si_code == CLD_EXITED
2141 ? exit_status_to_string(si.si_status, EXIT_STATUS_FULL)
2142 : signal_to_string(si.si_status)));
2143
2144 /* Increase the generation counter used for filtering out duplicate unit invocations */
2145 m->sigchldgen++;
2146
2147 /* And now figure out the unit this belongs to, it might be multiple... */
2148 u1 = manager_get_unit_by_pid_cgroup(m, si.si_pid);
2149 u2 = hashmap_get(m->watch_pids, PID_TO_PTR(si.si_pid));
2150 array = hashmap_get(m->watch_pids, PID_TO_PTR(-si.si_pid));
2151 if (array) {
2152 size_t n = 0;
2153
2154 /* Cound how many entries the array has */
2155 while (array[n])
2156 n++;
2157
2158 /* Make a copy of the array so that we don't trip up on the array changing beneath us */
2159 array_copy = newdup(Unit*, array, n+1);
2160 if (!array_copy)
2161 log_oom();
2162 }
2163
2164 /* Finally, execute them all. Note that u1, u2 and the array might contain duplicates, but
2165 * that's fine, manager_invoke_sigchld_event() will ensure we only invoke the handlers once for
2166 * each iteration. */
2167 if (u1)
2168 manager_invoke_sigchld_event(m, u1, &si);
2169 if (u2)
2170 manager_invoke_sigchld_event(m, u2, &si);
2171 if (array_copy)
2172 for (size_t i = 0; array_copy[i]; i++)
2173 manager_invoke_sigchld_event(m, array_copy[i], &si);
2174 }
2175
2176 /* And now, we actually reap the zombie. */
2177 if (waitid(P_PID, si.si_pid, &si, WEXITED) < 0) {
2178 log_error_errno(errno, "Failed to dequeue child, ignoring: %m");
2179 return 0;
2180 }
2181
2182 return 0;
2183
2184 turn_off:
2185 /* All children processed for now, turn off event source */
2186
2187 r = sd_event_source_set_enabled(m->sigchld_event_source, SD_EVENT_OFF);
2188 if (r < 0)
2189 return log_error_errno(r, "Failed to disable SIGCHLD event source: %m");
2190
2191 return 0;
2192 }
2193
2194 static void manager_start_target(Manager *m, const char *name, JobMode mode) {
2195 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2196 int r;
2197
2198 log_debug("Activating special unit %s", name);
2199
2200 r = manager_add_job_by_name(m, JOB_START, name, mode, &error, NULL);
2201 if (r < 0)
2202 log_error("Failed to enqueue %s job: %s", name, bus_error_message(&error, r));
2203 }
2204
2205 static void manager_handle_ctrl_alt_del(Manager *m) {
2206 /* If the user presses C-A-D more than
2207 * 7 times within 2s, we reboot/shutdown immediately,
2208 * unless it was disabled in system.conf */
2209
2210 if (ratelimit_test(&m->ctrl_alt_del_ratelimit) || m->cad_burst_action == EMERGENCY_ACTION_NONE)
2211 manager_start_target(m, SPECIAL_CTRL_ALT_DEL_TARGET, JOB_REPLACE_IRREVERSIBLY);
2212 else
2213 emergency_action(m, m->cad_burst_action, NULL,
2214 "Ctrl-Alt-Del was pressed more than 7 times within 2s");
2215 }
2216
2217 static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2218 Manager *m = userdata;
2219 ssize_t n;
2220 struct signalfd_siginfo sfsi;
2221 int r;
2222
2223 assert(m);
2224 assert(m->signal_fd == fd);
2225
2226 if (revents != EPOLLIN) {
2227 log_warning("Got unexpected events from signal file descriptor.");
2228 return 0;
2229 }
2230
2231 n = read(m->signal_fd, &sfsi, sizeof(sfsi));
2232 if (n != sizeof(sfsi)) {
2233 if (n >= 0) {
2234 log_warning("Truncated read from signal fd (%zu bytes), ignoring!", n);
2235 return 0;
2236 }
2237
2238 if (IN_SET(errno, EINTR, EAGAIN))
2239 return 0;
2240
2241 /* We return an error here, which will kill this handler,
2242 * to avoid a busy loop on read error. */
2243 return log_error_errno(errno, "Reading from signal fd failed: %m");
2244 }
2245
2246 log_received_signal(sfsi.ssi_signo == SIGCHLD ||
2247 (sfsi.ssi_signo == SIGTERM && MANAGER_IS_USER(m))
2248 ? LOG_DEBUG : LOG_INFO,
2249 &sfsi);
2250
2251 switch (sfsi.ssi_signo) {
2252
2253 case SIGCHLD:
2254 r = sd_event_source_set_enabled(m->sigchld_event_source, SD_EVENT_ON);
2255 if (r < 0)
2256 log_warning_errno(r, "Failed to enable SIGCHLD even source, ignoring: %m");
2257
2258 break;
2259
2260 case SIGTERM:
2261 if (MANAGER_IS_SYSTEM(m)) {
2262 /* This is for compatibility with the
2263 * original sysvinit */
2264 r = verify_run_space_and_log("Refusing to reexecute");
2265 if (r >= 0)
2266 m->exit_code = MANAGER_REEXECUTE;
2267 break;
2268 }
2269
2270 _fallthrough_;
2271 case SIGINT:
2272 if (MANAGER_IS_SYSTEM(m))
2273 manager_handle_ctrl_alt_del(m);
2274 else
2275 manager_start_target(m, SPECIAL_EXIT_TARGET,
2276 JOB_REPLACE_IRREVERSIBLY);
2277 break;
2278
2279 case SIGWINCH:
2280 if (MANAGER_IS_SYSTEM(m))
2281 manager_start_target(m, SPECIAL_KBREQUEST_TARGET, JOB_REPLACE);
2282
2283 /* This is a nop on non-init */
2284 break;
2285
2286 case SIGPWR:
2287 if (MANAGER_IS_SYSTEM(m))
2288 manager_start_target(m, SPECIAL_SIGPWR_TARGET, JOB_REPLACE);
2289
2290 /* This is a nop on non-init */
2291 break;
2292
2293 case SIGUSR1: {
2294 Unit *u;
2295
2296 u = manager_get_unit(m, SPECIAL_DBUS_SERVICE);
2297
2298 if (!u || UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u))) {
2299 log_info("Trying to reconnect to bus...");
2300 bus_init(m, true);
2301 }
2302
2303 if (!u || !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u))) {
2304 log_info("Loading D-Bus service...");
2305 manager_start_target(m, SPECIAL_DBUS_SERVICE, JOB_REPLACE);
2306 }
2307
2308 break;
2309 }
2310
2311 case SIGUSR2: {
2312 _cleanup_free_ char *dump = NULL;
2313
2314 r = manager_get_dump_string(m, &dump);
2315 if (r < 0) {
2316 log_warning_errno(errno, "Failed to acquire manager dump: %m");
2317 break;
2318 }
2319
2320 log_dump(LOG_INFO, dump);
2321 break;
2322 }
2323
2324 case SIGHUP:
2325 r = verify_run_space_and_log("Refusing to reload");
2326 if (r >= 0)
2327 m->exit_code = MANAGER_RELOAD;
2328 break;
2329
2330 default: {
2331
2332 /* Starting SIGRTMIN+0 */
2333 static const struct {
2334 const char *target;
2335 JobMode mode;
2336 } target_table[] = {
2337 [0] = { SPECIAL_DEFAULT_TARGET, JOB_ISOLATE },
2338 [1] = { SPECIAL_RESCUE_TARGET, JOB_ISOLATE },
2339 [2] = { SPECIAL_EMERGENCY_TARGET, JOB_ISOLATE },
2340 [3] = { SPECIAL_HALT_TARGET, JOB_REPLACE_IRREVERSIBLY },
2341 [4] = { SPECIAL_POWEROFF_TARGET, JOB_REPLACE_IRREVERSIBLY },
2342 [5] = { SPECIAL_REBOOT_TARGET, JOB_REPLACE_IRREVERSIBLY },
2343 [6] = { SPECIAL_KEXEC_TARGET, JOB_REPLACE_IRREVERSIBLY },
2344 };
2345
2346 /* Starting SIGRTMIN+13, so that target halt and system halt are 10 apart */
2347 static const ManagerExitCode code_table[] = {
2348 [0] = MANAGER_HALT,
2349 [1] = MANAGER_POWEROFF,
2350 [2] = MANAGER_REBOOT,
2351 [3] = MANAGER_KEXEC,
2352 };
2353
2354 if ((int) sfsi.ssi_signo >= SIGRTMIN+0 &&
2355 (int) sfsi.ssi_signo < SIGRTMIN+(int) ELEMENTSOF(target_table)) {
2356 int idx = (int) sfsi.ssi_signo - SIGRTMIN;
2357 manager_start_target(m, target_table[idx].target,
2358 target_table[idx].mode);
2359 break;
2360 }
2361
2362 if ((int) sfsi.ssi_signo >= SIGRTMIN+13 &&
2363 (int) sfsi.ssi_signo < SIGRTMIN+13+(int) ELEMENTSOF(code_table)) {
2364 m->exit_code = code_table[sfsi.ssi_signo - SIGRTMIN - 13];
2365 break;
2366 }
2367
2368 switch (sfsi.ssi_signo - SIGRTMIN) {
2369
2370 case 20:
2371 manager_set_show_status(m, SHOW_STATUS_YES);
2372 break;
2373
2374 case 21:
2375 manager_set_show_status(m, SHOW_STATUS_NO);
2376 break;
2377
2378 case 22:
2379 log_set_max_level(LOG_DEBUG);
2380 log_info("Setting log level to debug.");
2381 break;
2382
2383 case 23:
2384 log_set_max_level(LOG_INFO);
2385 log_info("Setting log level to info.");
2386 break;
2387
2388 case 24:
2389 if (MANAGER_IS_USER(m)) {
2390 m->exit_code = MANAGER_EXIT;
2391 return 0;
2392 }
2393
2394 /* This is a nop on init */
2395 break;
2396
2397 case 26:
2398 case 29: /* compatibility: used to be mapped to LOG_TARGET_SYSLOG_OR_KMSG */
2399 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
2400 log_notice("Setting log target to journal-or-kmsg.");
2401 break;
2402
2403 case 27:
2404 log_set_target(LOG_TARGET_CONSOLE);
2405 log_notice("Setting log target to console.");
2406 break;
2407
2408 case 28:
2409 log_set_target(LOG_TARGET_KMSG);
2410 log_notice("Setting log target to kmsg.");
2411 break;
2412
2413 default:
2414 log_warning("Got unhandled signal <%s>.", signal_to_string(sfsi.ssi_signo));
2415 }
2416 }}
2417
2418 return 0;
2419 }
2420
2421 static int manager_dispatch_time_change_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2422 Manager *m = userdata;
2423 Iterator i;
2424 Unit *u;
2425
2426 assert(m);
2427 assert(m->time_change_fd == fd);
2428
2429 log_struct(LOG_DEBUG,
2430 "MESSAGE_ID=" SD_MESSAGE_TIME_CHANGE_STR,
2431 LOG_MESSAGE("Time has been changed"),
2432 NULL);
2433
2434 /* Restart the watch */
2435 m->time_change_event_source = sd_event_source_unref(m->time_change_event_source);
2436 m->time_change_fd = safe_close(m->time_change_fd);
2437
2438 manager_setup_time_change(m);
2439
2440 HASHMAP_FOREACH(u, m->units, i)
2441 if (UNIT_VTABLE(u)->time_change)
2442 UNIT_VTABLE(u)->time_change(u);
2443
2444 return 0;
2445 }
2446
2447 static int manager_dispatch_idle_pipe_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2448 Manager *m = userdata;
2449
2450 assert(m);
2451 assert(m->idle_pipe[2] == fd);
2452
2453 /* There's at least one Type=idle child that just gave up on us waiting for the boot process to complete. Let's
2454 * now turn off any further console output if there's at least one service that needs console access, so that
2455 * from now on our own output should not spill into that service's output anymore. After all, we support
2456 * Type=idle only to beautify console output and it generally is set on services that want to own the console
2457 * exclusively without our interference. */
2458 m->no_console_output = m->n_on_console > 0;
2459
2460 /* Acknowledge the child's request, and let all all other children know too that they shouldn't wait any longer
2461 * by closing the pipes towards them, which is what they are waiting for. */
2462 manager_close_idle_pipe(m);
2463
2464 return 0;
2465 }
2466
2467 static int manager_dispatch_jobs_in_progress(sd_event_source *source, usec_t usec, void *userdata) {
2468 Manager *m = userdata;
2469 int r;
2470 uint64_t next;
2471
2472 assert(m);
2473 assert(source);
2474
2475 manager_print_jobs_in_progress(m);
2476
2477 next = now(CLOCK_MONOTONIC) + JOBS_IN_PROGRESS_PERIOD_USEC;
2478 r = sd_event_source_set_time(source, next);
2479 if (r < 0)
2480 return r;
2481
2482 return sd_event_source_set_enabled(source, SD_EVENT_ONESHOT);
2483 }
2484
2485 int manager_loop(Manager *m) {
2486 int r;
2487
2488 RATELIMIT_DEFINE(rl, 1*USEC_PER_SEC, 50000);
2489
2490 assert(m);
2491 m->exit_code = MANAGER_OK;
2492
2493 /* Release the path cache */
2494 m->unit_path_cache = set_free_free(m->unit_path_cache);
2495
2496 manager_check_finished(m);
2497
2498 /* There might still be some zombies hanging around from before we were exec()'ed. Let's reap them. */
2499 r = sd_event_source_set_enabled(m->sigchld_event_source, SD_EVENT_ON);
2500 if (r < 0)
2501 return log_error_errno(r, "Failed to enable SIGCHLD event source: %m");
2502
2503 while (m->exit_code == MANAGER_OK) {
2504 usec_t wait_usec;
2505
2506 if (m->runtime_watchdog > 0 && m->runtime_watchdog != USEC_INFINITY && MANAGER_IS_SYSTEM(m))
2507 watchdog_ping();
2508
2509 if (!ratelimit_test(&rl)) {
2510 /* Yay, something is going seriously wrong, pause a little */
2511 log_warning("Looping too fast. Throttling execution a little.");
2512 sleep(1);
2513 }
2514
2515 if (manager_dispatch_load_queue(m) > 0)
2516 continue;
2517
2518 if (manager_dispatch_gc_job_queue(m) > 0)
2519 continue;
2520
2521 if (manager_dispatch_gc_unit_queue(m) > 0)
2522 continue;
2523
2524 if (manager_dispatch_cleanup_queue(m) > 0)
2525 continue;
2526
2527 if (manager_dispatch_cgroup_realize_queue(m) > 0)
2528 continue;
2529
2530 if (manager_dispatch_dbus_queue(m) > 0)
2531 continue;
2532
2533 /* Sleep for half the watchdog time */
2534 if (m->runtime_watchdog > 0 && m->runtime_watchdog != USEC_INFINITY && MANAGER_IS_SYSTEM(m)) {
2535 wait_usec = m->runtime_watchdog / 2;
2536 if (wait_usec <= 0)
2537 wait_usec = 1;
2538 } else
2539 wait_usec = USEC_INFINITY;
2540
2541 r = sd_event_run(m->event, wait_usec);
2542 if (r < 0)
2543 return log_error_errno(r, "Failed to run event loop: %m");
2544 }
2545
2546 return m->exit_code;
2547 }
2548
2549 int manager_load_unit_from_dbus_path(Manager *m, const char *s, sd_bus_error *e, Unit **_u) {
2550 _cleanup_free_ char *n = NULL;
2551 sd_id128_t invocation_id;
2552 Unit *u;
2553 int r;
2554
2555 assert(m);
2556 assert(s);
2557 assert(_u);
2558
2559 r = unit_name_from_dbus_path(s, &n);
2560 if (r < 0)
2561 return r;
2562
2563 /* Permit addressing units by invocation ID: if the passed bus path is suffixed by a 128bit ID then we use it
2564 * as invocation ID. */
2565 r = sd_id128_from_string(n, &invocation_id);
2566 if (r >= 0) {
2567 u = hashmap_get(m->units_by_invocation_id, &invocation_id);
2568 if (u) {
2569 *_u = u;
2570 return 0;
2571 }
2572
2573 return sd_bus_error_setf(e, BUS_ERROR_NO_UNIT_FOR_INVOCATION_ID, "No unit with the specified invocation ID " SD_ID128_FORMAT_STR " known.", SD_ID128_FORMAT_VAL(invocation_id));
2574 }
2575
2576 /* If this didn't work, we check if this is a unit name */
2577 if (!unit_name_is_valid(n, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
2578 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is neither a valid invocation ID nor unit name.", n);
2579
2580 r = manager_load_unit(m, n, NULL, e, &u);
2581 if (r < 0)
2582 return r;
2583
2584 *_u = u;
2585 return 0;
2586 }
2587
2588 int manager_get_job_from_dbus_path(Manager *m, const char *s, Job **_j) {
2589 const char *p;
2590 unsigned id;
2591 Job *j;
2592 int r;
2593
2594 assert(m);
2595 assert(s);
2596 assert(_j);
2597
2598 p = startswith(s, "/org/freedesktop/systemd1/job/");
2599 if (!p)
2600 return -EINVAL;
2601
2602 r = safe_atou(p, &id);
2603 if (r < 0)
2604 return r;
2605
2606 j = manager_get_job(m, id);
2607 if (!j)
2608 return -ENOENT;
2609
2610 *_j = j;
2611
2612 return 0;
2613 }
2614
2615 void manager_send_unit_audit(Manager *m, Unit *u, int type, bool success) {
2616
2617 #if HAVE_AUDIT
2618 _cleanup_free_ char *p = NULL;
2619 const char *msg;
2620 int audit_fd, r;
2621
2622 if (!MANAGER_IS_SYSTEM(m))
2623 return;
2624
2625 audit_fd = get_audit_fd();
2626 if (audit_fd < 0)
2627 return;
2628
2629 /* Don't generate audit events if the service was already
2630 * started and we're just deserializing */
2631 if (MANAGER_IS_RELOADING(m))
2632 return;
2633
2634 if (u->type != UNIT_SERVICE)
2635 return;
2636
2637 r = unit_name_to_prefix_and_instance(u->id, &p);
2638 if (r < 0) {
2639 log_error_errno(r, "Failed to extract prefix and instance of unit name: %m");
2640 return;
2641 }
2642
2643 msg = strjoina("unit=", p);
2644 if (audit_log_user_comm_message(audit_fd, type, msg, "systemd", NULL, NULL, NULL, success) < 0) {
2645 if (errno == EPERM)
2646 /* We aren't allowed to send audit messages?
2647 * Then let's not retry again. */
2648 close_audit_fd();
2649 else
2650 log_warning_errno(errno, "Failed to send audit message: %m");
2651 }
2652 #endif
2653
2654 }
2655
2656 void manager_send_unit_plymouth(Manager *m, Unit *u) {
2657 static const union sockaddr_union sa = PLYMOUTH_SOCKET;
2658 _cleanup_free_ char *message = NULL;
2659 _cleanup_close_ int fd = -1;
2660 int n = 0;
2661
2662 /* Don't generate plymouth events if the service was already
2663 * started and we're just deserializing */
2664 if (MANAGER_IS_RELOADING(m))
2665 return;
2666
2667 if (!MANAGER_IS_SYSTEM(m))
2668 return;
2669
2670 if (detect_container() > 0)
2671 return;
2672
2673 if (!IN_SET(u->type, UNIT_SERVICE, UNIT_MOUNT, UNIT_SWAP))
2674 return;
2675
2676 /* We set SOCK_NONBLOCK here so that we rather drop the
2677 * message then wait for plymouth */
2678 fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2679 if (fd < 0) {
2680 log_error_errno(errno, "socket() failed: %m");
2681 return;
2682 }
2683
2684 if (connect(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un)) < 0) {
2685
2686 if (!IN_SET(errno, EPIPE, EAGAIN, ENOENT, ECONNREFUSED, ECONNRESET, ECONNABORTED))
2687 log_error_errno(errno, "connect() failed: %m");
2688 return;
2689 }
2690
2691 if (asprintf(&message, "U\002%c%s%n", (int) (strlen(u->id) + 1), u->id, &n) < 0) {
2692 log_oom();
2693 return;
2694 }
2695
2696 errno = 0;
2697 if (write(fd, message, n + 1) != n + 1)
2698 if (!IN_SET(errno, EPIPE, EAGAIN, ENOENT, ECONNREFUSED, ECONNRESET, ECONNABORTED))
2699 log_error_errno(errno, "Failed to write Plymouth message: %m");
2700 }
2701
2702 int manager_open_serialization(Manager *m, FILE **_f) {
2703 int fd;
2704 FILE *f;
2705
2706 assert(_f);
2707
2708 fd = open_serialization_fd("systemd-state");
2709 if (fd < 0)
2710 return fd;
2711
2712 f = fdopen(fd, "w+");
2713 if (!f) {
2714 safe_close(fd);
2715 return -errno;
2716 }
2717
2718 *_f = f;
2719 return 0;
2720 }
2721
2722 int manager_serialize(Manager *m, FILE *f, FDSet *fds, bool switching_root) {
2723 ManagerTimestamp q;
2724 const char *t;
2725 Iterator i;
2726 Unit *u;
2727 int r;
2728
2729 assert(m);
2730 assert(f);
2731 assert(fds);
2732
2733 m->n_reloading++;
2734
2735 fprintf(f, "current-job-id=%"PRIu32"\n", m->current_job_id);
2736 fprintf(f, "n-installed-jobs=%u\n", m->n_installed_jobs);
2737 fprintf(f, "n-failed-jobs=%u\n", m->n_failed_jobs);
2738 fprintf(f, "taint-usr=%s\n", yes_no(m->taint_usr));
2739 fprintf(f, "ready-sent=%s\n", yes_no(m->ready_sent));
2740 fprintf(f, "taint-logged=%s\n", yes_no(m->taint_logged));
2741 fprintf(f, "service-watchdogs=%s\n", yes_no(m->service_watchdogs));
2742
2743 for (q = 0; q < _MANAGER_TIMESTAMP_MAX; q++) {
2744 /* The userspace and finish timestamps only apply to the host system, hence only serialize them there */
2745 if (in_initrd() && IN_SET(q, MANAGER_TIMESTAMP_USERSPACE, MANAGER_TIMESTAMP_FINISH))
2746 continue;
2747
2748 t = manager_timestamp_to_string(q);
2749 {
2750 char field[strlen(t) + STRLEN("-timestamp") + 1];
2751 strcpy(stpcpy(field, t), "-timestamp");
2752 dual_timestamp_serialize(f, field, m->timestamps + q);
2753 }
2754 }
2755
2756 if (!switching_root)
2757 (void) serialize_environment(f, m->environment);
2758
2759 if (m->notify_fd >= 0) {
2760 int copy;
2761
2762 copy = fdset_put_dup(fds, m->notify_fd);
2763 if (copy < 0)
2764 return copy;
2765
2766 fprintf(f, "notify-fd=%i\n", copy);
2767 fprintf(f, "notify-socket=%s\n", m->notify_socket);
2768 }
2769
2770 if (m->cgroups_agent_fd >= 0) {
2771 int copy;
2772
2773 copy = fdset_put_dup(fds, m->cgroups_agent_fd);
2774 if (copy < 0)
2775 return copy;
2776
2777 fprintf(f, "cgroups-agent-fd=%i\n", copy);
2778 }
2779
2780 if (m->user_lookup_fds[0] >= 0) {
2781 int copy0, copy1;
2782
2783 copy0 = fdset_put_dup(fds, m->user_lookup_fds[0]);
2784 if (copy0 < 0)
2785 return copy0;
2786
2787 copy1 = fdset_put_dup(fds, m->user_lookup_fds[1]);
2788 if (copy1 < 0)
2789 return copy1;
2790
2791 fprintf(f, "user-lookup=%i %i\n", copy0, copy1);
2792 }
2793
2794 bus_track_serialize(m->subscribed, f, "subscribed");
2795
2796 r = dynamic_user_serialize(m, f, fds);
2797 if (r < 0)
2798 return r;
2799
2800 manager_serialize_uid_refs(m, f);
2801 manager_serialize_gid_refs(m, f);
2802
2803 (void) fputc('\n', f);
2804
2805 HASHMAP_FOREACH_KEY(u, t, m->units, i) {
2806 if (u->id != t)
2807 continue;
2808
2809 /* Start marker */
2810 fputs(u->id, f);
2811 fputc('\n', f);
2812
2813 r = unit_serialize(u, f, fds, !switching_root);
2814 if (r < 0) {
2815 m->n_reloading--;
2816 return r;
2817 }
2818 }
2819
2820 assert(m->n_reloading > 0);
2821 m->n_reloading--;
2822
2823 if (ferror(f))
2824 return -EIO;
2825
2826 r = bus_fdset_add_all(m, fds);
2827 if (r < 0)
2828 return r;
2829
2830 return 0;
2831 }
2832
2833 int manager_deserialize(Manager *m, FILE *f, FDSet *fds) {
2834 int r = 0;
2835
2836 assert(m);
2837 assert(f);
2838
2839 log_debug("Deserializing state...");
2840
2841 m->n_reloading++;
2842
2843 for (;;) {
2844 char line[LINE_MAX];
2845 const char *val, *l;
2846
2847 if (!fgets(line, sizeof(line), f)) {
2848 if (feof(f))
2849 r = 0;
2850 else
2851 r = -errno;
2852
2853 goto finish;
2854 }
2855
2856 char_array_0(line);
2857 l = strstrip(line);
2858
2859 if (l[0] == 0)
2860 break;
2861
2862 if ((val = startswith(l, "current-job-id="))) {
2863 uint32_t id;
2864
2865 if (safe_atou32(val, &id) < 0)
2866 log_notice("Failed to parse current job id value %s", val);
2867 else
2868 m->current_job_id = MAX(m->current_job_id, id);
2869
2870 } else if ((val = startswith(l, "n-installed-jobs="))) {
2871 uint32_t n;
2872
2873 if (safe_atou32(val, &n) < 0)
2874 log_notice("Failed to parse installed jobs counter %s", val);
2875 else
2876 m->n_installed_jobs += n;
2877
2878 } else if ((val = startswith(l, "n-failed-jobs="))) {
2879 uint32_t n;
2880
2881 if (safe_atou32(val, &n) < 0)
2882 log_notice("Failed to parse failed jobs counter %s", val);
2883 else
2884 m->n_failed_jobs += n;
2885
2886 } else if ((val = startswith(l, "taint-usr="))) {
2887 int b;
2888
2889 b = parse_boolean(val);
2890 if (b < 0)
2891 log_notice("Failed to parse taint /usr flag %s", val);
2892 else
2893 m->taint_usr = m->taint_usr || b;
2894
2895 } else if ((val = startswith(l, "ready-sent="))) {
2896 int b;
2897
2898 b = parse_boolean(val);
2899 if (b < 0)
2900 log_notice("Failed to parse ready-sent flag %s", val);
2901 else
2902 m->ready_sent = m->ready_sent || b;
2903
2904 } else if ((val = startswith(l, "taint-logged="))) {
2905 int b;
2906
2907 b = parse_boolean(val);
2908 if (b < 0)
2909 log_notice("Failed to parse taint-logged flag %s", val);
2910 else
2911 m->taint_logged = m->taint_logged || b;
2912
2913 } else if ((val = startswith(l, "service-watchdogs="))) {
2914 int b;
2915
2916 b = parse_boolean(val);
2917 if (b < 0)
2918 log_notice("Failed to parse service-watchdogs flag %s", val);
2919 else
2920 m->service_watchdogs = b;
2921
2922 } else if (startswith(l, "env=")) {
2923 r = deserialize_environment(&m->environment, l);
2924 if (r == -ENOMEM)
2925 goto finish;
2926 if (r < 0)
2927 log_notice_errno(r, "Failed to parse environment entry: \"%s\": %m", l);
2928
2929 } else if ((val = startswith(l, "notify-fd="))) {
2930 int fd;
2931
2932 if (safe_atoi(val, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
2933 log_notice("Failed to parse notify fd: \"%s\"", val);
2934 else {
2935 m->notify_event_source = sd_event_source_unref(m->notify_event_source);
2936 safe_close(m->notify_fd);
2937 m->notify_fd = fdset_remove(fds, fd);
2938 }
2939
2940 } else if ((val = startswith(l, "notify-socket="))) {
2941 char *n;
2942
2943 n = strdup(val);
2944 if (!n) {
2945 r = -ENOMEM;
2946 goto finish;
2947 }
2948
2949 free(m->notify_socket);
2950 m->notify_socket = n;
2951
2952 } else if ((val = startswith(l, "cgroups-agent-fd="))) {
2953 int fd;
2954
2955 if (safe_atoi(val, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
2956 log_notice("Failed to parse cgroups agent fd: %s", val);
2957 else {
2958 m->cgroups_agent_event_source = sd_event_source_unref(m->cgroups_agent_event_source);
2959 safe_close(m->cgroups_agent_fd);
2960 m->cgroups_agent_fd = fdset_remove(fds, fd);
2961 }
2962
2963 } else if ((val = startswith(l, "user-lookup="))) {
2964 int fd0, fd1;
2965
2966 if (sscanf(val, "%i %i", &fd0, &fd1) != 2 || fd0 < 0 || fd1 < 0 || fd0 == fd1 || !fdset_contains(fds, fd0) || !fdset_contains(fds, fd1))
2967 log_notice("Failed to parse user lookup fd: %s", val);
2968 else {
2969 m->user_lookup_event_source = sd_event_source_unref(m->user_lookup_event_source);
2970 safe_close_pair(m->user_lookup_fds);
2971 m->user_lookup_fds[0] = fdset_remove(fds, fd0);
2972 m->user_lookup_fds[1] = fdset_remove(fds, fd1);
2973 }
2974
2975 } else if ((val = startswith(l, "dynamic-user=")))
2976 dynamic_user_deserialize_one(m, val, fds);
2977 else if ((val = startswith(l, "destroy-ipc-uid=")))
2978 manager_deserialize_uid_refs_one(m, val);
2979 else if ((val = startswith(l, "destroy-ipc-gid=")))
2980 manager_deserialize_gid_refs_one(m, val);
2981 else if ((val = startswith(l, "subscribed="))) {
2982
2983 if (strv_extend(&m->deserialized_subscribed, val) < 0)
2984 log_oom();
2985 } else {
2986 ManagerTimestamp q;
2987
2988 for (q = 0; q < _MANAGER_TIMESTAMP_MAX; q++) {
2989 val = startswith(l, manager_timestamp_to_string(q));
2990 if (!val)
2991 continue;
2992
2993 val = startswith(val, "-timestamp=");
2994 if (val)
2995 break;
2996 }
2997
2998 if (q < _MANAGER_TIMESTAMP_MAX) /* found it */
2999 dual_timestamp_deserialize(val, m->timestamps + q);
3000 else if (!startswith(l, "kdbus-fd=")) /* ignore kdbus */
3001 log_notice("Unknown serialization item '%s'", l);
3002 }
3003 }
3004
3005 for (;;) {
3006 Unit *u;
3007 char name[UNIT_NAME_MAX+2];
3008 const char* unit_name;
3009
3010 /* Start marker */
3011 if (!fgets(name, sizeof(name), f)) {
3012 if (feof(f))
3013 r = 0;
3014 else
3015 r = -errno;
3016
3017 goto finish;
3018 }
3019
3020 char_array_0(name);
3021 unit_name = strstrip(name);
3022
3023 r = manager_load_unit(m, unit_name, NULL, NULL, &u);
3024 if (r < 0) {
3025 log_notice_errno(r, "Failed to load unit \"%s\", skipping deserialization: %m", unit_name);
3026 if (r == -ENOMEM)
3027 goto finish;
3028 unit_deserialize_skip(f);
3029 continue;
3030 }
3031
3032 r = unit_deserialize(u, f, fds);
3033 if (r < 0) {
3034 log_notice_errno(r, "Failed to deserialize unit \"%s\": %m", unit_name);
3035 if (r == -ENOMEM)
3036 goto finish;
3037 }
3038 }
3039
3040 finish:
3041 if (ferror(f))
3042 r = -EIO;
3043
3044 assert(m->n_reloading > 0);
3045 m->n_reloading--;
3046
3047 return r;
3048 }
3049
3050 int manager_reload(Manager *m) {
3051 int r, q;
3052 _cleanup_fclose_ FILE *f = NULL;
3053 _cleanup_fdset_free_ FDSet *fds = NULL;
3054
3055 assert(m);
3056
3057 r = manager_open_serialization(m, &f);
3058 if (r < 0)
3059 return r;
3060
3061 m->n_reloading++;
3062 bus_manager_send_reloading(m, true);
3063
3064 fds = fdset_new();
3065 if (!fds) {
3066 m->n_reloading--;
3067 return -ENOMEM;
3068 }
3069
3070 r = manager_serialize(m, f, fds, false);
3071 if (r < 0) {
3072 m->n_reloading--;
3073 return r;
3074 }
3075
3076 if (fseeko(f, 0, SEEK_SET) < 0) {
3077 m->n_reloading--;
3078 return -errno;
3079 }
3080
3081 /* From here on there is no way back. */
3082 manager_clear_jobs_and_units(m);
3083 lookup_paths_flush_generator(&m->lookup_paths);
3084 lookup_paths_free(&m->lookup_paths);
3085 dynamic_user_vacuum(m, false);
3086 m->uid_refs = hashmap_free(m->uid_refs);
3087 m->gid_refs = hashmap_free(m->gid_refs);
3088
3089 q = lookup_paths_init(&m->lookup_paths, m->unit_file_scope, 0, NULL);
3090 if (q < 0 && r >= 0)
3091 r = q;
3092
3093 q = manager_run_environment_generators(m);
3094 if (q < 0 && r >= 0)
3095 r = q;
3096
3097 /* Find new unit paths */
3098 q = manager_run_generators(m);
3099 if (q < 0 && r >= 0)
3100 r = q;
3101
3102 lookup_paths_reduce(&m->lookup_paths);
3103 manager_build_unit_path_cache(m);
3104
3105 /* First, enumerate what we can from all config files */
3106 manager_enumerate(m);
3107
3108 /* Second, deserialize our stored data */
3109 q = manager_deserialize(m, f, fds);
3110 if (q < 0) {
3111 log_error_errno(q, "Deserialization failed: %m");
3112
3113 if (r >= 0)
3114 r = q;
3115 }
3116
3117 fclose(f);
3118 f = NULL;
3119
3120 /* Re-register notify_fd as event source */
3121 q = manager_setup_notify(m);
3122 if (q < 0 && r >= 0)
3123 r = q;
3124
3125 q = manager_setup_cgroups_agent(m);
3126 if (q < 0 && r >= 0)
3127 r = q;
3128
3129 q = manager_setup_user_lookup_fd(m);
3130 if (q < 0 && r >= 0)
3131 r = q;
3132
3133 /* Third, fire things up! */
3134 manager_coldplug(m);
3135
3136 /* Release any dynamic users no longer referenced */
3137 dynamic_user_vacuum(m, true);
3138
3139 /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */
3140 manager_vacuum_uid_refs(m);
3141 manager_vacuum_gid_refs(m);
3142
3143 /* It might be safe to log to the journal now. */
3144 manager_recheck_journal(m);
3145
3146 /* Sync current state of bus names with our set of listening units */
3147 if (m->api_bus)
3148 manager_sync_bus_names(m, m->api_bus);
3149
3150 assert(m->n_reloading > 0);
3151 m->n_reloading--;
3152
3153 m->send_reloading_done = true;
3154
3155 return r;
3156 }
3157
3158 void manager_reset_failed(Manager *m) {
3159 Unit *u;
3160 Iterator i;
3161
3162 assert(m);
3163
3164 HASHMAP_FOREACH(u, m->units, i)
3165 unit_reset_failed(u);
3166 }
3167
3168 bool manager_unit_inactive_or_pending(Manager *m, const char *name) {
3169 Unit *u;
3170
3171 assert(m);
3172 assert(name);
3173
3174 /* Returns true if the unit is inactive or going down */
3175 u = manager_get_unit(m, name);
3176 if (!u)
3177 return true;
3178
3179 return unit_inactive_or_pending(u);
3180 }
3181
3182 static void log_taint_string(Manager *m) {
3183 _cleanup_free_ char *taint = NULL;
3184
3185 assert(m);
3186
3187 if (MANAGER_IS_USER(m) || m->taint_logged)
3188 return;
3189
3190 m->taint_logged = true; /* only check for taint once */
3191
3192 taint = manager_taint_string(m);
3193 if (isempty(taint))
3194 return;
3195
3196 log_struct(LOG_NOTICE,
3197 LOG_MESSAGE("System is tainted: %s", taint),
3198 "TAINT=%s", taint,
3199 "MESSAGE_ID=" SD_MESSAGE_TAINTED_STR,
3200 NULL);
3201 }
3202
3203 static void manager_notify_finished(Manager *m) {
3204 char userspace[FORMAT_TIMESPAN_MAX], initrd[FORMAT_TIMESPAN_MAX], kernel[FORMAT_TIMESPAN_MAX], sum[FORMAT_TIMESPAN_MAX];
3205 usec_t firmware_usec, loader_usec, kernel_usec, initrd_usec, userspace_usec, total_usec;
3206
3207 if (m->test_run_flags)
3208 return;
3209
3210 if (MANAGER_IS_SYSTEM(m) && detect_container() <= 0) {
3211 char ts[FORMAT_TIMESPAN_MAX];
3212 char buf[FORMAT_TIMESPAN_MAX + STRLEN(" (firmware) + ") + FORMAT_TIMESPAN_MAX + STRLEN(" (loader) + ")]
3213 = {};
3214 char *p = buf;
3215 size_t size = sizeof buf;
3216
3217 /* Note that MANAGER_TIMESTAMP_KERNEL's monotonic value is always at 0, and
3218 * MANAGER_TIMESTAMP_FIRMWARE's and MANAGER_TIMESTAMP_LOADER's monotonic value should be considered
3219 * negative values. */
3220
3221 firmware_usec = m->timestamps[MANAGER_TIMESTAMP_FIRMWARE].monotonic - m->timestamps[MANAGER_TIMESTAMP_LOADER].monotonic;
3222 loader_usec = m->timestamps[MANAGER_TIMESTAMP_LOADER].monotonic - m->timestamps[MANAGER_TIMESTAMP_KERNEL].monotonic;
3223 userspace_usec = m->timestamps[MANAGER_TIMESTAMP_FINISH].monotonic - m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic;
3224 total_usec = m->timestamps[MANAGER_TIMESTAMP_FIRMWARE].monotonic + m->timestamps[MANAGER_TIMESTAMP_FINISH].monotonic;
3225
3226 if (firmware_usec > 0)
3227 size = strpcpyf(&p, size, "%s (firmware) + ", format_timespan(ts, sizeof(ts), firmware_usec, USEC_PER_MSEC));
3228 if (loader_usec > 0)
3229 size = strpcpyf(&p, size, "%s (loader) + ", format_timespan(ts, sizeof(ts), loader_usec, USEC_PER_MSEC));
3230
3231 if (dual_timestamp_is_set(&m->timestamps[MANAGER_TIMESTAMP_INITRD])) {
3232
3233 /* The initrd case on bare-metal*/
3234 kernel_usec = m->timestamps[MANAGER_TIMESTAMP_INITRD].monotonic - m->timestamps[MANAGER_TIMESTAMP_KERNEL].monotonic;
3235 initrd_usec = m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic - m->timestamps[MANAGER_TIMESTAMP_INITRD].monotonic;
3236
3237 log_struct(LOG_INFO,
3238 "MESSAGE_ID=" SD_MESSAGE_STARTUP_FINISHED_STR,
3239 "KERNEL_USEC="USEC_FMT, kernel_usec,
3240 "INITRD_USEC="USEC_FMT, initrd_usec,
3241 "USERSPACE_USEC="USEC_FMT, userspace_usec,
3242 LOG_MESSAGE("Startup finished in %s%s (kernel) + %s (initrd) + %s (userspace) = %s.",
3243 buf,
3244 format_timespan(kernel, sizeof(kernel), kernel_usec, USEC_PER_MSEC),
3245 format_timespan(initrd, sizeof(initrd), initrd_usec, USEC_PER_MSEC),
3246 format_timespan(userspace, sizeof(userspace), userspace_usec, USEC_PER_MSEC),
3247 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC)),
3248 NULL);
3249 } else {
3250 /* The initrd-less case on bare-metal*/
3251
3252 kernel_usec = m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic - m->timestamps[MANAGER_TIMESTAMP_KERNEL].monotonic;
3253 initrd_usec = 0;
3254
3255 log_struct(LOG_INFO,
3256 "MESSAGE_ID=" SD_MESSAGE_STARTUP_FINISHED_STR,
3257 "KERNEL_USEC="USEC_FMT, kernel_usec,
3258 "USERSPACE_USEC="USEC_FMT, userspace_usec,
3259 LOG_MESSAGE("Startup finished in %s%s (kernel) + %s (userspace) = %s.",
3260 buf,
3261 format_timespan(kernel, sizeof(kernel), kernel_usec, USEC_PER_MSEC),
3262 format_timespan(userspace, sizeof(userspace), userspace_usec, USEC_PER_MSEC),
3263 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC)),
3264 NULL);
3265 }
3266 } else {
3267 /* The container and --user case */
3268 firmware_usec = loader_usec = initrd_usec = kernel_usec = 0;
3269 total_usec = userspace_usec = m->timestamps[MANAGER_TIMESTAMP_FINISH].monotonic - m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic;
3270
3271 log_struct(LOG_INFO,
3272 "MESSAGE_ID=" SD_MESSAGE_USER_STARTUP_FINISHED_STR,
3273 "USERSPACE_USEC="USEC_FMT, userspace_usec,
3274 LOG_MESSAGE("Startup finished in %s.",
3275 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC)),
3276 NULL);
3277 }
3278
3279 bus_manager_send_finished(m, firmware_usec, loader_usec, kernel_usec, initrd_usec, userspace_usec, total_usec);
3280
3281 sd_notifyf(false,
3282 m->ready_sent ? "STATUS=Startup finished in %s."
3283 : "READY=1\n"
3284 "STATUS=Startup finished in %s.",
3285 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC));
3286 m->ready_sent = true;
3287
3288 log_taint_string(m);
3289 }
3290
3291 static void manager_send_ready(Manager *m) {
3292 assert(m);
3293
3294 /* We send READY=1 on reaching basic.target only when running in --user mode. */
3295 if (!MANAGER_IS_USER(m) || m->ready_sent)
3296 return;
3297
3298 m->ready_sent = true;
3299
3300 sd_notifyf(false,
3301 "READY=1\n"
3302 "STATUS=Reached " SPECIAL_BASIC_TARGET ".");
3303 }
3304
3305 static void manager_check_basic_target(Manager *m) {
3306 Unit *u;
3307
3308 assert(m);
3309
3310 /* Small shortcut */
3311 if (m->ready_sent && m->taint_logged)
3312 return;
3313
3314 u = manager_get_unit(m, SPECIAL_BASIC_TARGET);
3315 if (!u || !UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
3316 return;
3317
3318 /* For user managers, send out READY=1 as soon as we reach basic.target */
3319 manager_send_ready(m);
3320
3321 /* Log the taint string as soon as we reach basic.target */
3322 log_taint_string(m);
3323 }
3324
3325 void manager_check_finished(Manager *m) {
3326 assert(m);
3327
3328 if (MANAGER_IS_RELOADING(m))
3329 return;
3330
3331 /* Verify that we have entered the event loop already, and not left it again. */
3332 if (!MANAGER_IS_RUNNING(m))
3333 return;
3334
3335 manager_check_basic_target(m);
3336
3337 if (hashmap_size(m->jobs) > 0) {
3338 if (m->jobs_in_progress_event_source)
3339 /* Ignore any failure, this is only for feedback */
3340 (void) sd_event_source_set_time(m->jobs_in_progress_event_source, now(CLOCK_MONOTONIC) + JOBS_IN_PROGRESS_WAIT_USEC);
3341
3342 return;
3343 }
3344
3345 manager_flip_auto_status(m, false);
3346
3347 /* Notify Type=idle units that we are done now */
3348 manager_close_idle_pipe(m);
3349
3350 /* Turn off confirm spawn now */
3351 m->confirm_spawn = NULL;
3352
3353 /* No need to update ask password status when we're going non-interactive */
3354 manager_close_ask_password(m);
3355
3356 /* This is no longer the first boot */
3357 manager_set_first_boot(m, false);
3358
3359 if (MANAGER_IS_FINISHED(m))
3360 return;
3361
3362 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_FINISH);
3363
3364 manager_notify_finished(m);
3365
3366 manager_invalidate_startup_units(m);
3367 }
3368
3369 static bool generator_path_any(const char* const* paths) {
3370 char **path;
3371 bool found = false;
3372
3373 /* Optimize by skipping the whole process by not creating output directories
3374 * if no generators are found. */
3375 STRV_FOREACH(path, (char**) paths)
3376 if (access(*path, F_OK) == 0)
3377 found = true;
3378 else if (errno != ENOENT)
3379 log_warning_errno(errno, "Failed to open generator directory %s: %m", *path);
3380
3381 return found;
3382 }
3383
3384 static const char* system_env_generator_binary_paths[] = {
3385 "/run/systemd/system-environment-generators",
3386 "/etc/systemd/system-environment-generators",
3387 "/usr/local/lib/systemd/system-environment-generators",
3388 SYSTEM_ENV_GENERATOR_PATH,
3389 NULL
3390 };
3391
3392 static const char* user_env_generator_binary_paths[] = {
3393 "/run/systemd/user-environment-generators",
3394 "/etc/systemd/user-environment-generators",
3395 "/usr/local/lib/systemd/user-environment-generators",
3396 USER_ENV_GENERATOR_PATH,
3397 NULL
3398 };
3399
3400 static int manager_run_environment_generators(Manager *m) {
3401 char **tmp = NULL; /* this is only used in the forked process, no cleanup here */
3402 const char **paths;
3403 void* args[] = {&tmp, &tmp, &m->environment};
3404
3405 if (m->test_run_flags && !(m->test_run_flags & MANAGER_TEST_RUN_ENV_GENERATORS))
3406 return 0;
3407
3408 paths = MANAGER_IS_SYSTEM(m) ? system_env_generator_binary_paths : user_env_generator_binary_paths;
3409
3410 if (!generator_path_any(paths))
3411 return 0;
3412
3413 return execute_directories(paths, DEFAULT_TIMEOUT_USEC, gather_environment, args, NULL);
3414 }
3415
3416 static int manager_run_generators(Manager *m) {
3417 _cleanup_strv_free_ char **paths = NULL;
3418 const char *argv[5];
3419 int r;
3420
3421 assert(m);
3422
3423 if (m->test_run_flags && !(m->test_run_flags & MANAGER_TEST_RUN_GENERATORS))
3424 return 0;
3425
3426 paths = generator_binary_paths(m->unit_file_scope);
3427 if (!paths)
3428 return log_oom();
3429
3430 if (!generator_path_any((const char* const*) paths))
3431 return 0;
3432
3433 r = lookup_paths_mkdir_generator(&m->lookup_paths);
3434 if (r < 0)
3435 goto finish;
3436
3437 argv[0] = NULL; /* Leave this empty, execute_directory() will fill something in */
3438 argv[1] = m->lookup_paths.generator;
3439 argv[2] = m->lookup_paths.generator_early;
3440 argv[3] = m->lookup_paths.generator_late;
3441 argv[4] = NULL;
3442
3443 RUN_WITH_UMASK(0022)
3444 execute_directories((const char* const*) paths, DEFAULT_TIMEOUT_USEC,
3445 NULL, NULL, (char**) argv);
3446
3447 finish:
3448 lookup_paths_trim_generator(&m->lookup_paths);
3449 return r;
3450 }
3451
3452 int manager_environment_add(Manager *m, char **minus, char **plus) {
3453 char **a = NULL, **b = NULL, **l;
3454 assert(m);
3455
3456 l = m->environment;
3457
3458 if (!strv_isempty(minus)) {
3459 a = strv_env_delete(l, 1, minus);
3460 if (!a)
3461 return -ENOMEM;
3462
3463 l = a;
3464 }
3465
3466 if (!strv_isempty(plus)) {
3467 b = strv_env_merge(2, l, plus);
3468 if (!b) {
3469 strv_free(a);
3470 return -ENOMEM;
3471 }
3472
3473 l = b;
3474 }
3475
3476 if (m->environment != l)
3477 strv_free(m->environment);
3478 if (a != l)
3479 strv_free(a);
3480 if (b != l)
3481 strv_free(b);
3482
3483 m->environment = l;
3484 manager_sanitize_environment(m);
3485
3486 return 0;
3487 }
3488
3489 int manager_set_default_rlimits(Manager *m, struct rlimit **default_rlimit) {
3490 int i;
3491
3492 assert(m);
3493
3494 for (i = 0; i < _RLIMIT_MAX; i++) {
3495 m->rlimit[i] = mfree(m->rlimit[i]);
3496
3497 if (!default_rlimit[i])
3498 continue;
3499
3500 m->rlimit[i] = newdup(struct rlimit, default_rlimit[i], 1);
3501 if (!m->rlimit[i])
3502 return log_oom();
3503 }
3504
3505 return 0;
3506 }
3507
3508 static bool manager_journal_is_running(Manager *m) {
3509 Unit *u;
3510
3511 assert(m);
3512
3513 /* If we are the user manager we can safely assume that the journal is up */
3514 if (!MANAGER_IS_SYSTEM(m))
3515 return true;
3516
3517 /* Check that the socket is not only up, but in RUNNING state */
3518 u = manager_get_unit(m, SPECIAL_JOURNALD_SOCKET);
3519 if (!u)
3520 return false;
3521 if (SOCKET(u)->state != SOCKET_RUNNING)
3522 return false;
3523
3524 /* Similar, check if the daemon itself is fully up, too */
3525 u = manager_get_unit(m, SPECIAL_JOURNALD_SERVICE);
3526 if (!u)
3527 return false;
3528 if (SERVICE(u)->state != SERVICE_RUNNING)
3529 return false;
3530
3531 return true;
3532 }
3533
3534 void manager_recheck_journal(Manager *m) {
3535
3536 assert(m);
3537
3538 /* Don't bother with this unless we are in the special situation of being PID 1 */
3539 if (getpid_cached() != 1)
3540 return;
3541
3542 if (manager_journal_is_running(m)) {
3543
3544 /* The journal is fully and entirely up? If so, let's permit logging to it, if that's configured. */
3545 log_set_prohibit_ipc(false);
3546 } else {
3547
3548 /* If the journal is down, don't ever log to it, otherwise we might end up deadlocking ourselves as we
3549 * might trigger an activation ourselves we can't fulfill */
3550 log_set_prohibit_ipc(true);
3551 }
3552 log_open();
3553 }
3554
3555 void manager_set_show_status(Manager *m, ShowStatus mode) {
3556 assert(m);
3557 assert(IN_SET(mode, SHOW_STATUS_AUTO, SHOW_STATUS_NO, SHOW_STATUS_YES, SHOW_STATUS_TEMPORARY));
3558
3559 if (!MANAGER_IS_SYSTEM(m))
3560 return;
3561
3562 if (m->show_status != mode)
3563 log_debug("%s showing of status.",
3564 mode == SHOW_STATUS_NO ? "Disabling" : "Enabling");
3565 m->show_status = mode;
3566
3567 if (mode > 0)
3568 (void) touch("/run/systemd/show-status");
3569 else
3570 (void) unlink("/run/systemd/show-status");
3571 }
3572
3573 static bool manager_get_show_status(Manager *m, StatusType type) {
3574 assert(m);
3575
3576 if (!MANAGER_IS_SYSTEM(m))
3577 return false;
3578
3579 if (m->no_console_output)
3580 return false;
3581
3582 if (!IN_SET(manager_state(m), MANAGER_INITIALIZING, MANAGER_STARTING, MANAGER_STOPPING))
3583 return false;
3584
3585 /* If we cannot find out the status properly, just proceed. */
3586 if (type != STATUS_TYPE_EMERGENCY && manager_check_ask_password(m) > 0)
3587 return false;
3588
3589 return m->show_status > 0;
3590 }
3591
3592 const char *manager_get_confirm_spawn(Manager *m) {
3593 static int last_errno = 0;
3594 const char *vc = m->confirm_spawn;
3595 struct stat st;
3596 int r;
3597
3598 /* Here's the deal: we want to test the validity of the console but don't want
3599 * PID1 to go through the whole console process which might block. But we also
3600 * want to warn the user only once if something is wrong with the console so we
3601 * cannot do the sanity checks after spawning our children. So here we simply do
3602 * really basic tests to hopefully trap common errors.
3603 *
3604 * If the console suddenly disappear at the time our children will really it
3605 * then they will simply fail to acquire it and a positive answer will be
3606 * assumed. New children will fallback to /dev/console though.
3607 *
3608 * Note: TTYs are devices that can come and go any time, and frequently aren't
3609 * available yet during early boot (consider a USB rs232 dongle...). If for any
3610 * reason the configured console is not ready, we fallback to the default
3611 * console. */
3612
3613 if (!vc || path_equal(vc, "/dev/console"))
3614 return vc;
3615
3616 r = stat(vc, &st);
3617 if (r < 0)
3618 goto fail;
3619
3620 if (!S_ISCHR(st.st_mode)) {
3621 errno = ENOTTY;
3622 goto fail;
3623 }
3624
3625 last_errno = 0;
3626 return vc;
3627 fail:
3628 if (last_errno != errno) {
3629 last_errno = errno;
3630 log_warning_errno(errno, "Failed to open %s: %m, using default console", vc);
3631 }
3632 return "/dev/console";
3633 }
3634
3635 void manager_set_first_boot(Manager *m, bool b) {
3636 assert(m);
3637
3638 if (!MANAGER_IS_SYSTEM(m))
3639 return;
3640
3641 if (m->first_boot != (int) b) {
3642 if (b)
3643 (void) touch("/run/systemd/first-boot");
3644 else
3645 (void) unlink("/run/systemd/first-boot");
3646 }
3647
3648 m->first_boot = b;
3649 }
3650
3651 void manager_disable_confirm_spawn(void) {
3652 (void) touch("/run/systemd/confirm_spawn_disabled");
3653 }
3654
3655 bool manager_is_confirm_spawn_disabled(Manager *m) {
3656 if (!m->confirm_spawn)
3657 return true;
3658
3659 return access("/run/systemd/confirm_spawn_disabled", F_OK) >= 0;
3660 }
3661
3662 void manager_status_printf(Manager *m, StatusType type, const char *status, const char *format, ...) {
3663 va_list ap;
3664
3665 /* If m is NULL, assume we're after shutdown and let the messages through. */
3666
3667 if (m && !manager_get_show_status(m, type))
3668 return;
3669
3670 /* XXX We should totally drop the check for ephemeral here
3671 * and thus effectively make 'Type=idle' pointless. */
3672 if (type == STATUS_TYPE_EPHEMERAL && m && m->n_on_console > 0)
3673 return;
3674
3675 va_start(ap, format);
3676 status_vprintf(status, true, type == STATUS_TYPE_EPHEMERAL, format, ap);
3677 va_end(ap);
3678 }
3679
3680 Set *manager_get_units_requiring_mounts_for(Manager *m, const char *path) {
3681 char p[strlen(path)+1];
3682
3683 assert(m);
3684 assert(path);
3685
3686 strcpy(p, path);
3687 path_kill_slashes(p);
3688
3689 return hashmap_get(m->units_requiring_mounts_for, streq(p, "/") ? "" : p);
3690 }
3691
3692 void manager_set_exec_params(Manager *m, ExecParameters *p) {
3693 assert(m);
3694 assert(p);
3695
3696 p->environment = m->environment;
3697 p->confirm_spawn = manager_get_confirm_spawn(m);
3698 p->cgroup_supported = m->cgroup_supported;
3699 p->prefix = m->prefix;
3700
3701 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(m));
3702 }
3703
3704 int manager_update_failed_units(Manager *m, Unit *u, bool failed) {
3705 unsigned size;
3706 int r;
3707
3708 assert(m);
3709 assert(u->manager == m);
3710
3711 size = set_size(m->failed_units);
3712
3713 if (failed) {
3714 r = set_ensure_allocated(&m->failed_units, NULL);
3715 if (r < 0)
3716 return log_oom();
3717
3718 if (set_put(m->failed_units, u) < 0)
3719 return log_oom();
3720 } else
3721 (void) set_remove(m->failed_units, u);
3722
3723 if (set_size(m->failed_units) != size)
3724 bus_manager_send_change_signal(m);
3725
3726 return 0;
3727 }
3728
3729 ManagerState manager_state(Manager *m) {
3730 Unit *u;
3731
3732 assert(m);
3733
3734 /* Did we ever finish booting? If not then we are still starting up */
3735 if (!MANAGER_IS_FINISHED(m)) {
3736
3737 u = manager_get_unit(m, SPECIAL_BASIC_TARGET);
3738 if (!u || !UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
3739 return MANAGER_INITIALIZING;
3740
3741 return MANAGER_STARTING;
3742 }
3743
3744 /* Is the special shutdown target active or queued? If so, we are in shutdown state */
3745 u = manager_get_unit(m, SPECIAL_SHUTDOWN_TARGET);
3746 if (u && unit_active_or_pending(u))
3747 return MANAGER_STOPPING;
3748
3749 if (MANAGER_IS_SYSTEM(m)) {
3750 /* Are the rescue or emergency targets active or queued? If so we are in maintenance state */
3751 u = manager_get_unit(m, SPECIAL_RESCUE_TARGET);
3752 if (u && unit_active_or_pending(u))
3753 return MANAGER_MAINTENANCE;
3754
3755 u = manager_get_unit(m, SPECIAL_EMERGENCY_TARGET);
3756 if (u && unit_active_or_pending(u))
3757 return MANAGER_MAINTENANCE;
3758 }
3759
3760 /* Are there any failed units? If so, we are in degraded mode */
3761 if (set_size(m->failed_units) > 0)
3762 return MANAGER_DEGRADED;
3763
3764 return MANAGER_RUNNING;
3765 }
3766
3767 #define DESTROY_IPC_FLAG (UINT32_C(1) << 31)
3768
3769 static void manager_unref_uid_internal(
3770 Manager *m,
3771 Hashmap **uid_refs,
3772 uid_t uid,
3773 bool destroy_now,
3774 int (*_clean_ipc)(uid_t uid)) {
3775
3776 uint32_t c, n;
3777
3778 assert(m);
3779 assert(uid_refs);
3780 assert(uid_is_valid(uid));
3781 assert(_clean_ipc);
3782
3783 /* A generic implementation, covering both manager_unref_uid() and manager_unref_gid(), under the assumption
3784 * that uid_t and gid_t are actually defined the same way, with the same validity rules.
3785 *
3786 * We store a hashmap where the UID/GID is they key and the value is a 32bit reference counter, whose highest
3787 * bit is used as flag for marking UIDs/GIDs whose IPC objects to remove when the last reference to the UID/GID
3788 * is dropped. The flag is set to on, once at least one reference from a unit where RemoveIPC= is set is added
3789 * on a UID/GID. It is reset when the UID's/GID's reference counter drops to 0 again. */
3790
3791 assert_cc(sizeof(uid_t) == sizeof(gid_t));
3792 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
3793
3794 if (uid == 0) /* We don't keep track of root, and will never destroy it */
3795 return;
3796
3797 c = PTR_TO_UINT32(hashmap_get(*uid_refs, UID_TO_PTR(uid)));
3798
3799 n = c & ~DESTROY_IPC_FLAG;
3800 assert(n > 0);
3801 n--;
3802
3803 if (destroy_now && n == 0) {
3804 hashmap_remove(*uid_refs, UID_TO_PTR(uid));
3805
3806 if (c & DESTROY_IPC_FLAG) {
3807 log_debug("%s " UID_FMT " is no longer referenced, cleaning up its IPC.",
3808 _clean_ipc == clean_ipc_by_uid ? "UID" : "GID",
3809 uid);
3810 (void) _clean_ipc(uid);
3811 }
3812 } else {
3813 c = n | (c & DESTROY_IPC_FLAG);
3814 assert_se(hashmap_update(*uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c)) >= 0);
3815 }
3816 }
3817
3818 void manager_unref_uid(Manager *m, uid_t uid, bool destroy_now) {
3819 manager_unref_uid_internal(m, &m->uid_refs, uid, destroy_now, clean_ipc_by_uid);
3820 }
3821
3822 void manager_unref_gid(Manager *m, gid_t gid, bool destroy_now) {
3823 manager_unref_uid_internal(m, &m->gid_refs, (uid_t) gid, destroy_now, clean_ipc_by_gid);
3824 }
3825
3826 static int manager_ref_uid_internal(
3827 Manager *m,
3828 Hashmap **uid_refs,
3829 uid_t uid,
3830 bool clean_ipc) {
3831
3832 uint32_t c, n;
3833 int r;
3834
3835 assert(m);
3836 assert(uid_refs);
3837 assert(uid_is_valid(uid));
3838
3839 /* A generic implementation, covering both manager_ref_uid() and manager_ref_gid(), under the assumption
3840 * that uid_t and gid_t are actually defined the same way, with the same validity rules. */
3841
3842 assert_cc(sizeof(uid_t) == sizeof(gid_t));
3843 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
3844
3845 if (uid == 0) /* We don't keep track of root, and will never destroy it */
3846 return 0;
3847
3848 r = hashmap_ensure_allocated(uid_refs, &trivial_hash_ops);
3849 if (r < 0)
3850 return r;
3851
3852 c = PTR_TO_UINT32(hashmap_get(*uid_refs, UID_TO_PTR(uid)));
3853
3854 n = c & ~DESTROY_IPC_FLAG;
3855 n++;
3856
3857 if (n & DESTROY_IPC_FLAG) /* check for overflow */
3858 return -EOVERFLOW;
3859
3860 c = n | (c & DESTROY_IPC_FLAG) | (clean_ipc ? DESTROY_IPC_FLAG : 0);
3861
3862 return hashmap_replace(*uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c));
3863 }
3864
3865 int manager_ref_uid(Manager *m, uid_t uid, bool clean_ipc) {
3866 return manager_ref_uid_internal(m, &m->uid_refs, uid, clean_ipc);
3867 }
3868
3869 int manager_ref_gid(Manager *m, gid_t gid, bool clean_ipc) {
3870 return manager_ref_uid_internal(m, &m->gid_refs, (uid_t) gid, clean_ipc);
3871 }
3872
3873 static void manager_vacuum_uid_refs_internal(
3874 Manager *m,
3875 Hashmap **uid_refs,
3876 int (*_clean_ipc)(uid_t uid)) {
3877
3878 Iterator i;
3879 void *p, *k;
3880
3881 assert(m);
3882 assert(uid_refs);
3883 assert(_clean_ipc);
3884
3885 HASHMAP_FOREACH_KEY(p, k, *uid_refs, i) {
3886 uint32_t c, n;
3887 uid_t uid;
3888
3889 uid = PTR_TO_UID(k);
3890 c = PTR_TO_UINT32(p);
3891
3892 n = c & ~DESTROY_IPC_FLAG;
3893 if (n > 0)
3894 continue;
3895
3896 if (c & DESTROY_IPC_FLAG) {
3897 log_debug("Found unreferenced %s " UID_FMT " after reload/reexec. Cleaning up.",
3898 _clean_ipc == clean_ipc_by_uid ? "UID" : "GID",
3899 uid);
3900 (void) _clean_ipc(uid);
3901 }
3902
3903 assert_se(hashmap_remove(*uid_refs, k) == p);
3904 }
3905 }
3906
3907 void manager_vacuum_uid_refs(Manager *m) {
3908 manager_vacuum_uid_refs_internal(m, &m->uid_refs, clean_ipc_by_uid);
3909 }
3910
3911 void manager_vacuum_gid_refs(Manager *m) {
3912 manager_vacuum_uid_refs_internal(m, &m->gid_refs, clean_ipc_by_gid);
3913 }
3914
3915 static void manager_serialize_uid_refs_internal(
3916 Manager *m,
3917 FILE *f,
3918 Hashmap **uid_refs,
3919 const char *field_name) {
3920
3921 Iterator i;
3922 void *p, *k;
3923
3924 assert(m);
3925 assert(f);
3926 assert(uid_refs);
3927 assert(field_name);
3928
3929 /* Serialize the UID reference table. Or actually, just the IPC destruction flag of it, as the actual counter
3930 * of it is better rebuild after a reload/reexec. */
3931
3932 HASHMAP_FOREACH_KEY(p, k, *uid_refs, i) {
3933 uint32_t c;
3934 uid_t uid;
3935
3936 uid = PTR_TO_UID(k);
3937 c = PTR_TO_UINT32(p);
3938
3939 if (!(c & DESTROY_IPC_FLAG))
3940 continue;
3941
3942 fprintf(f, "%s=" UID_FMT "\n", field_name, uid);
3943 }
3944 }
3945
3946 void manager_serialize_uid_refs(Manager *m, FILE *f) {
3947 manager_serialize_uid_refs_internal(m, f, &m->uid_refs, "destroy-ipc-uid");
3948 }
3949
3950 void manager_serialize_gid_refs(Manager *m, FILE *f) {
3951 manager_serialize_uid_refs_internal(m, f, &m->gid_refs, "destroy-ipc-gid");
3952 }
3953
3954 static void manager_deserialize_uid_refs_one_internal(
3955 Manager *m,
3956 Hashmap** uid_refs,
3957 const char *value) {
3958
3959 uid_t uid;
3960 uint32_t c;
3961 int r;
3962
3963 assert(m);
3964 assert(uid_refs);
3965 assert(value);
3966
3967 r = parse_uid(value, &uid);
3968 if (r < 0 || uid == 0) {
3969 log_debug("Unable to parse UID reference serialization");
3970 return;
3971 }
3972
3973 r = hashmap_ensure_allocated(uid_refs, &trivial_hash_ops);
3974 if (r < 0) {
3975 log_oom();
3976 return;
3977 }
3978
3979 c = PTR_TO_UINT32(hashmap_get(*uid_refs, UID_TO_PTR(uid)));
3980 if (c & DESTROY_IPC_FLAG)
3981 return;
3982
3983 c |= DESTROY_IPC_FLAG;
3984
3985 r = hashmap_replace(*uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c));
3986 if (r < 0) {
3987 log_debug("Failed to add UID reference entry");
3988 return;
3989 }
3990 }
3991
3992 void manager_deserialize_uid_refs_one(Manager *m, const char *value) {
3993 manager_deserialize_uid_refs_one_internal(m, &m->uid_refs, value);
3994 }
3995
3996 void manager_deserialize_gid_refs_one(Manager *m, const char *value) {
3997 manager_deserialize_uid_refs_one_internal(m, &m->gid_refs, value);
3998 }
3999
4000 int manager_dispatch_user_lookup_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
4001 struct buffer {
4002 uid_t uid;
4003 gid_t gid;
4004 char unit_name[UNIT_NAME_MAX+1];
4005 } _packed_ buffer;
4006
4007 Manager *m = userdata;
4008 ssize_t l;
4009 size_t n;
4010 Unit *u;
4011
4012 assert_se(source);
4013 assert_se(m);
4014
4015 /* Invoked whenever a child process succeeded resolving its user/group to use and sent us the resulting UID/GID
4016 * in a datagram. We parse the datagram here and pass it off to the unit, so that it can add a reference to the
4017 * UID/GID so that it can destroy the UID/GID's IPC objects when the reference counter drops to 0. */
4018
4019 l = recv(fd, &buffer, sizeof(buffer), MSG_DONTWAIT);
4020 if (l < 0) {
4021 if (IN_SET(errno, EINTR, EAGAIN))
4022 return 0;
4023
4024 return log_error_errno(errno, "Failed to read from user lookup fd: %m");
4025 }
4026
4027 if ((size_t) l <= offsetof(struct buffer, unit_name)) {
4028 log_warning("Received too short user lookup message, ignoring.");
4029 return 0;
4030 }
4031
4032 if ((size_t) l > offsetof(struct buffer, unit_name) + UNIT_NAME_MAX) {
4033 log_warning("Received too long user lookup message, ignoring.");
4034 return 0;
4035 }
4036
4037 if (!uid_is_valid(buffer.uid) && !gid_is_valid(buffer.gid)) {
4038 log_warning("Got user lookup message with invalid UID/GID pair, ignoring.");
4039 return 0;
4040 }
4041
4042 n = (size_t) l - offsetof(struct buffer, unit_name);
4043 if (memchr(buffer.unit_name, 0, n)) {
4044 log_warning("Received lookup message with embedded NUL character, ignoring.");
4045 return 0;
4046 }
4047
4048 buffer.unit_name[n] = 0;
4049 u = manager_get_unit(m, buffer.unit_name);
4050 if (!u) {
4051 log_debug("Got user lookup message but unit doesn't exist, ignoring.");
4052 return 0;
4053 }
4054
4055 log_unit_debug(u, "User lookup succeeded: uid=" UID_FMT " gid=" GID_FMT, buffer.uid, buffer.gid);
4056
4057 unit_notify_user_lookup(u, buffer.uid, buffer.gid);
4058 return 0;
4059 }
4060
4061 char *manager_taint_string(Manager *m) {
4062 _cleanup_free_ char *destination = NULL, *overflowuid = NULL, *overflowgid = NULL;
4063 char *buf, *e;
4064 int r;
4065
4066 /* Returns a "taint string", e.g. "local-hwclock:var-run-bad".
4067 * Only things that are detected at runtime should be tagged
4068 * here. For stuff that is set during compilation, emit a warning
4069 * in the configuration phase. */
4070
4071 assert(m);
4072
4073 buf = new(char, sizeof("split-usr:"
4074 "cgroups-missing:"
4075 "local-hwclock:"
4076 "var-run-bad:"
4077 "overflowuid-not-65534:"
4078 "overflowgid-not-65534:"));
4079 if (!buf)
4080 return NULL;
4081
4082 e = buf;
4083 buf[0] = 0;
4084
4085 if (m->taint_usr)
4086 e = stpcpy(e, "split-usr:");
4087
4088 if (access("/proc/cgroups", F_OK) < 0)
4089 e = stpcpy(e, "cgroups-missing:");
4090
4091 if (clock_is_localtime(NULL) > 0)
4092 e = stpcpy(e, "local-hwclock:");
4093
4094 r = readlink_malloc("/var/run", &destination);
4095 if (r < 0 || !PATH_IN_SET(destination, "../run", "/run"))
4096 e = stpcpy(e, "var-run-bad:");
4097
4098 r = read_one_line_file("/proc/sys/kernel/overflowuid", &overflowuid);
4099 if (r >= 0 && !streq(overflowuid, "65534"))
4100 e = stpcpy(e, "overflowuid-not-65534:");
4101
4102 r = read_one_line_file("/proc/sys/kernel/overflowgid", &overflowgid);
4103 if (r >= 0 && !streq(overflowgid, "65534"))
4104 e = stpcpy(e, "overflowgid-not-65534:");
4105
4106 /* remove the last ':' */
4107 if (e != buf)
4108 e[-1] = 0;
4109
4110 return buf;
4111 }
4112
4113 void manager_ref_console(Manager *m) {
4114 assert(m);
4115
4116 m->n_on_console++;
4117 }
4118
4119 void manager_unref_console(Manager *m) {
4120
4121 assert(m->n_on_console > 0);
4122 m->n_on_console--;
4123
4124 if (m->n_on_console == 0)
4125 m->no_console_output = false; /* unset no_console_output flag, since the console is definitely free now */
4126 }
4127
4128 static const char *const manager_state_table[_MANAGER_STATE_MAX] = {
4129 [MANAGER_INITIALIZING] = "initializing",
4130 [MANAGER_STARTING] = "starting",
4131 [MANAGER_RUNNING] = "running",
4132 [MANAGER_DEGRADED] = "degraded",
4133 [MANAGER_MAINTENANCE] = "maintenance",
4134 [MANAGER_STOPPING] = "stopping",
4135 };
4136
4137 DEFINE_STRING_TABLE_LOOKUP(manager_state, ManagerState);
4138
4139 static const char *const manager_timestamp_table[_MANAGER_TIMESTAMP_MAX] = {
4140 [MANAGER_TIMESTAMP_FIRMWARE] = "firmware",
4141 [MANAGER_TIMESTAMP_LOADER] = "loader",
4142 [MANAGER_TIMESTAMP_KERNEL] = "kernel",
4143 [MANAGER_TIMESTAMP_INITRD] = "initrd",
4144 [MANAGER_TIMESTAMP_USERSPACE] = "userspace",
4145 [MANAGER_TIMESTAMP_FINISH] = "finish",
4146 [MANAGER_TIMESTAMP_SECURITY_START] = "security-start",
4147 [MANAGER_TIMESTAMP_SECURITY_FINISH] = "security-finish",
4148 [MANAGER_TIMESTAMP_GENERATORS_START] = "generators-start",
4149 [MANAGER_TIMESTAMP_GENERATORS_FINISH] = "generators-finish",
4150 [MANAGER_TIMESTAMP_UNITS_LOAD_START] = "units-load-start",
4151 [MANAGER_TIMESTAMP_UNITS_LOAD_FINISH] = "units-load-finish",
4152 };
4153
4154 DEFINE_STRING_TABLE_LOOKUP(manager_timestamp, ManagerTimestamp);
Unnamed repository; edit this file 'description' to name the repository.