]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/manager.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
core: simplify manager_recheck_journal() a bit
[thirdparty/systemd.git] / src / core / manager.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
11
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
16
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
19 ***/
20
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <linux/kd.h>
24 #include <signal.h>
25 #include <stdio_ext.h>
26 #include <string.h>
27 #include <sys/epoll.h>
28 #include <sys/inotify.h>
29 #include <sys/ioctl.h>
30 #include <sys/reboot.h>
31 #include <sys/timerfd.h>
32 #include <sys/wait.h>
33 #include <unistd.h>
34
35 #if HAVE_AUDIT
36 #include <libaudit.h>
37 #endif
38
39 #include "sd-daemon.h"
40 #include "sd-messages.h"
41 #include "sd-path.h"
42
43 #include "alloc-util.h"
44 #include "audit-fd.h"
45 #include "boot-timestamps.h"
46 #include "bus-common-errors.h"
47 #include "bus-error.h"
48 #include "bus-kernel.h"
49 #include "bus-util.h"
50 #include "clean-ipc.h"
51 #include "clock-util.h"
52 #include "dbus-job.h"
53 #include "dbus-manager.h"
54 #include "dbus-unit.h"
55 #include "dbus.h"
56 #include "dirent-util.h"
57 #include "env-util.h"
58 #include "escape.h"
59 #include "exec-util.h"
60 #include "execute.h"
61 #include "exit-status.h"
62 #include "fd-util.h"
63 #include "fileio.h"
64 #include "fs-util.h"
65 #include "hashmap.h"
66 #include "io-util.h"
67 #include "label.h"
68 #include "locale-setup.h"
69 #include "log.h"
70 #include "macro.h"
71 #include "manager.h"
72 #include "missing.h"
73 #include "mkdir.h"
74 #include "parse-util.h"
75 #include "path-lookup.h"
76 #include "path-util.h"
77 #include "process-util.h"
78 #include "ratelimit.h"
79 #include "rm-rf.h"
80 #include "signal-util.h"
81 #include "special.h"
82 #include "stat-util.h"
83 #include "string-table.h"
84 #include "string-util.h"
85 #include "strv.h"
86 #include "strxcpyx.h"
87 #include "terminal-util.h"
88 #include "time-util.h"
89 #include "transaction.h"
90 #include "umask-util.h"
91 #include "unit-name.h"
92 #include "user-util.h"
93 #include "util.h"
94 #include "virt.h"
95 #include "watchdog.h"
96
97 #define NOTIFY_RCVBUF_SIZE (8*1024*1024)
98 #define CGROUPS_AGENT_RCVBUF_SIZE (8*1024*1024)
99
100 /* Initial delay and the interval for printing status messages about running jobs */
101 #define JOBS_IN_PROGRESS_WAIT_USEC (5*USEC_PER_SEC)
102 #define JOBS_IN_PROGRESS_PERIOD_USEC (USEC_PER_SEC / 3)
103 #define JOBS_IN_PROGRESS_PERIOD_DIVISOR 3
104
105 static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
106 static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
107 static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
108 static int manager_dispatch_time_change_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
109 static int manager_dispatch_idle_pipe_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
110 static int manager_dispatch_user_lookup_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
111 static int manager_dispatch_jobs_in_progress(sd_event_source *source, usec_t usec, void *userdata);
112 static int manager_dispatch_run_queue(sd_event_source *source, void *userdata);
113 static int manager_dispatch_sigchld(sd_event_source *source, void *userdata);
114 static int manager_run_environment_generators(Manager *m);
115 static int manager_run_generators(Manager *m);
116
117 static void manager_watch_jobs_in_progress(Manager *m) {
118 usec_t next;
119 int r;
120
121 assert(m);
122
123 /* We do not want to show the cylon animation if the user
124 * needs to confirm service executions otherwise confirmation
125 * messages will be screwed by the cylon animation. */
126 if (!manager_is_confirm_spawn_disabled(m))
127 return;
128
129 if (m->jobs_in_progress_event_source)
130 return;
131
132 next = now(CLOCK_MONOTONIC) + JOBS_IN_PROGRESS_WAIT_USEC;
133 r = sd_event_add_time(
134 m->event,
135 &m->jobs_in_progress_event_source,
136 CLOCK_MONOTONIC,
137 next, 0,
138 manager_dispatch_jobs_in_progress, m);
139 if (r < 0)
140 return;
141
142 (void) sd_event_source_set_description(m->jobs_in_progress_event_source, "manager-jobs-in-progress");
143 }
144
145 #define CYLON_BUFFER_EXTRA (2*STRLEN(ANSI_RED) + STRLEN(ANSI_HIGHLIGHT_RED) + 2*STRLEN(ANSI_NORMAL))
146
147 static void draw_cylon(char buffer[], size_t buflen, unsigned width, unsigned pos) {
148 char *p = buffer;
149
150 assert(buflen >= CYLON_BUFFER_EXTRA + width + 1);
151 assert(pos <= width+1); /* 0 or width+1 mean that the center light is behind the corner */
152
153 if (pos > 1) {
154 if (pos > 2)
155 p = mempset(p, ' ', pos-2);
156 if (log_get_show_color())
157 p = stpcpy(p, ANSI_RED);
158 *p++ = '*';
159 }
160
161 if (pos > 0 && pos <= width) {
162 if (log_get_show_color())
163 p = stpcpy(p, ANSI_HIGHLIGHT_RED);
164 *p++ = '*';
165 }
166
167 if (log_get_show_color())
168 p = stpcpy(p, ANSI_NORMAL);
169
170 if (pos < width) {
171 if (log_get_show_color())
172 p = stpcpy(p, ANSI_RED);
173 *p++ = '*';
174 if (pos < width-1)
175 p = mempset(p, ' ', width-1-pos);
176 if (log_get_show_color())
177 strcpy(p, ANSI_NORMAL);
178 }
179 }
180
181 void manager_flip_auto_status(Manager *m, bool enable) {
182 assert(m);
183
184 if (enable) {
185 if (m->show_status == SHOW_STATUS_AUTO)
186 manager_set_show_status(m, SHOW_STATUS_TEMPORARY);
187 } else {
188 if (m->show_status == SHOW_STATUS_TEMPORARY)
189 manager_set_show_status(m, SHOW_STATUS_AUTO);
190 }
191 }
192
193 static void manager_print_jobs_in_progress(Manager *m) {
194 _cleanup_free_ char *job_of_n = NULL;
195 Iterator i;
196 Job *j;
197 unsigned counter = 0, print_nr;
198 char cylon[6 + CYLON_BUFFER_EXTRA + 1];
199 unsigned cylon_pos;
200 char time[FORMAT_TIMESPAN_MAX], limit[FORMAT_TIMESPAN_MAX] = "no limit";
201 uint64_t x;
202
203 assert(m);
204 assert(m->n_running_jobs > 0);
205
206 manager_flip_auto_status(m, true);
207
208 print_nr = (m->jobs_in_progress_iteration / JOBS_IN_PROGRESS_PERIOD_DIVISOR) % m->n_running_jobs;
209
210 HASHMAP_FOREACH(j, m->jobs, i)
211 if (j->state == JOB_RUNNING && counter++ == print_nr)
212 break;
213
214 /* m->n_running_jobs must be consistent with the contents of m->jobs,
215 * so the above loop must have succeeded in finding j. */
216 assert(counter == print_nr + 1);
217 assert(j);
218
219 cylon_pos = m->jobs_in_progress_iteration % 14;
220 if (cylon_pos >= 8)
221 cylon_pos = 14 - cylon_pos;
222 draw_cylon(cylon, sizeof(cylon), 6, cylon_pos);
223
224 m->jobs_in_progress_iteration++;
225
226 if (m->n_running_jobs > 1) {
227 if (asprintf(&job_of_n, "(%u of %u) ", counter, m->n_running_jobs) < 0)
228 job_of_n = NULL;
229 }
230
231 format_timespan(time, sizeof(time), now(CLOCK_MONOTONIC) - j->begin_usec, 1*USEC_PER_SEC);
232 if (job_get_timeout(j, &x) > 0)
233 format_timespan(limit, sizeof(limit), x - j->begin_usec, 1*USEC_PER_SEC);
234
235 manager_status_printf(m, STATUS_TYPE_EPHEMERAL, cylon,
236 "%sA %s job is running for %s (%s / %s)",
237 strempty(job_of_n),
238 job_type_to_string(j->type),
239 unit_description(j->unit),
240 time, limit);
241 }
242
243 static int have_ask_password(void) {
244 _cleanup_closedir_ DIR *dir;
245 struct dirent *de;
246
247 dir = opendir("/run/systemd/ask-password");
248 if (!dir) {
249 if (errno == ENOENT)
250 return false;
251 else
252 return -errno;
253 }
254
255 FOREACH_DIRENT_ALL(de, dir, return -errno) {
256 if (startswith(de->d_name, "ask."))
257 return true;
258 }
259 return false;
260 }
261
262 static int manager_dispatch_ask_password_fd(sd_event_source *source,
263 int fd, uint32_t revents, void *userdata) {
264 Manager *m = userdata;
265
266 assert(m);
267
268 (void) flush_fd(fd);
269
270 m->have_ask_password = have_ask_password();
271 if (m->have_ask_password < 0)
272 /* Log error but continue. Negative have_ask_password
273 * is treated as unknown status. */
274 log_error_errno(m->have_ask_password, "Failed to list /run/systemd/ask-password: %m");
275
276 return 0;
277 }
278
279 static void manager_close_ask_password(Manager *m) {
280 assert(m);
281
282 m->ask_password_event_source = sd_event_source_unref(m->ask_password_event_source);
283 m->ask_password_inotify_fd = safe_close(m->ask_password_inotify_fd);
284 m->have_ask_password = -EINVAL;
285 }
286
287 static int manager_check_ask_password(Manager *m) {
288 int r;
289
290 assert(m);
291
292 if (!m->ask_password_event_source) {
293 assert(m->ask_password_inotify_fd < 0);
294
295 mkdir_p_label("/run/systemd/ask-password", 0755);
296
297 m->ask_password_inotify_fd = inotify_init1(IN_NONBLOCK|IN_CLOEXEC);
298 if (m->ask_password_inotify_fd < 0)
299 return log_error_errno(errno, "inotify_init1() failed: %m");
300
301 if (inotify_add_watch(m->ask_password_inotify_fd, "/run/systemd/ask-password", IN_CREATE|IN_DELETE|IN_MOVE) < 0) {
302 log_error_errno(errno, "Failed to add watch on /run/systemd/ask-password: %m");
303 manager_close_ask_password(m);
304 return -errno;
305 }
306
307 r = sd_event_add_io(m->event, &m->ask_password_event_source,
308 m->ask_password_inotify_fd, EPOLLIN,
309 manager_dispatch_ask_password_fd, m);
310 if (r < 0) {
311 log_error_errno(errno, "Failed to add event source for /run/systemd/ask-password: %m");
312 manager_close_ask_password(m);
313 return -errno;
314 }
315
316 (void) sd_event_source_set_description(m->ask_password_event_source, "manager-ask-password");
317
318 /* Queries might have been added meanwhile... */
319 manager_dispatch_ask_password_fd(m->ask_password_event_source,
320 m->ask_password_inotify_fd, EPOLLIN, m);
321 }
322
323 return m->have_ask_password;
324 }
325
326 static int manager_watch_idle_pipe(Manager *m) {
327 int r;
328
329 assert(m);
330
331 if (m->idle_pipe_event_source)
332 return 0;
333
334 if (m->idle_pipe[2] < 0)
335 return 0;
336
337 r = sd_event_add_io(m->event, &m->idle_pipe_event_source, m->idle_pipe[2], EPOLLIN, manager_dispatch_idle_pipe_fd, m);
338 if (r < 0)
339 return log_error_errno(r, "Failed to watch idle pipe: %m");
340
341 (void) sd_event_source_set_description(m->idle_pipe_event_source, "manager-idle-pipe");
342
343 return 0;
344 }
345
346 static void manager_close_idle_pipe(Manager *m) {
347 assert(m);
348
349 m->idle_pipe_event_source = sd_event_source_unref(m->idle_pipe_event_source);
350
351 safe_close_pair(m->idle_pipe);
352 safe_close_pair(m->idle_pipe + 2);
353 }
354
355 static int manager_setup_time_change(Manager *m) {
356 int r;
357
358 /* We only care for the cancellation event, hence we set the
359 * timeout to the latest possible value. */
360 struct itimerspec its = {
361 .it_value.tv_sec = TIME_T_MAX,
362 };
363
364 assert(m);
365 assert_cc(sizeof(time_t) == sizeof(TIME_T_MAX));
366
367 if (m->test_run_flags)
368 return 0;
369
370 /* Uses TFD_TIMER_CANCEL_ON_SET to get notifications whenever
371 * CLOCK_REALTIME makes a jump relative to CLOCK_MONOTONIC */
372
373 m->time_change_fd = timerfd_create(CLOCK_REALTIME, TFD_NONBLOCK|TFD_CLOEXEC);
374 if (m->time_change_fd < 0)
375 return log_error_errno(errno, "Failed to create timerfd: %m");
376
377 if (timerfd_settime(m->time_change_fd, TFD_TIMER_ABSTIME|TFD_TIMER_CANCEL_ON_SET, &its, NULL) < 0) {
378 log_debug_errno(errno, "Failed to set up TFD_TIMER_CANCEL_ON_SET, ignoring: %m");
379 m->time_change_fd = safe_close(m->time_change_fd);
380 return 0;
381 }
382
383 r = sd_event_add_io(m->event, &m->time_change_event_source, m->time_change_fd, EPOLLIN, manager_dispatch_time_change_fd, m);
384 if (r < 0)
385 return log_error_errno(r, "Failed to create time change event source: %m");
386
387 (void) sd_event_source_set_description(m->time_change_event_source, "manager-time-change");
388
389 log_debug("Set up TFD_TIMER_CANCEL_ON_SET timerfd.");
390
391 return 0;
392 }
393
394 static int enable_special_signals(Manager *m) {
395 _cleanup_close_ int fd = -1;
396
397 assert(m);
398
399 if (m->test_run_flags)
400 return 0;
401
402 /* Enable that we get SIGINT on control-alt-del. In containers
403 * this will fail with EPERM (older) or EINVAL (newer), so
404 * ignore that. */
405 if (reboot(RB_DISABLE_CAD) < 0 && !IN_SET(errno, EPERM, EINVAL))
406 log_warning_errno(errno, "Failed to enable ctrl-alt-del handling: %m");
407
408 fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
409 if (fd < 0) {
410 /* Support systems without virtual console */
411 if (fd != -ENOENT)
412 log_warning_errno(errno, "Failed to open /dev/tty0: %m");
413 } else {
414 /* Enable that we get SIGWINCH on kbrequest */
415 if (ioctl(fd, KDSIGACCEPT, SIGWINCH) < 0)
416 log_warning_errno(errno, "Failed to enable kbrequest handling: %m");
417 }
418
419 return 0;
420 }
421
422 static int manager_setup_signals(Manager *m) {
423 struct sigaction sa = {
424 .sa_handler = SIG_DFL,
425 .sa_flags = SA_NOCLDSTOP|SA_RESTART,
426 };
427 sigset_t mask;
428 int r;
429
430 assert(m);
431
432 assert_se(sigaction(SIGCHLD, &sa, NULL) == 0);
433
434 /* We make liberal use of realtime signals here. On
435 * Linux/glibc we have 30 of them (with the exception of Linux
436 * on hppa, see below), between SIGRTMIN+0 ... SIGRTMIN+30
437 * (aka SIGRTMAX). */
438
439 assert_se(sigemptyset(&mask) == 0);
440 sigset_add_many(&mask,
441 SIGCHLD, /* Child died */
442 SIGTERM, /* Reexecute daemon */
443 SIGHUP, /* Reload configuration */
444 SIGUSR1, /* systemd/upstart: reconnect to D-Bus */
445 SIGUSR2, /* systemd: dump status */
446 SIGINT, /* Kernel sends us this on control-alt-del */
447 SIGWINCH, /* Kernel sends us this on kbrequest (alt-arrowup) */
448 SIGPWR, /* Some kernel drivers and upsd send us this on power failure */
449
450 SIGRTMIN+0, /* systemd: start default.target */
451 SIGRTMIN+1, /* systemd: isolate rescue.target */
452 SIGRTMIN+2, /* systemd: isolate emergency.target */
453 SIGRTMIN+3, /* systemd: start halt.target */
454 SIGRTMIN+4, /* systemd: start poweroff.target */
455 SIGRTMIN+5, /* systemd: start reboot.target */
456 SIGRTMIN+6, /* systemd: start kexec.target */
457
458 /* ... space for more special targets ... */
459
460 SIGRTMIN+13, /* systemd: Immediate halt */
461 SIGRTMIN+14, /* systemd: Immediate poweroff */
462 SIGRTMIN+15, /* systemd: Immediate reboot */
463 SIGRTMIN+16, /* systemd: Immediate kexec */
464
465 /* ... space for more immediate system state changes ... */
466
467 SIGRTMIN+20, /* systemd: enable status messages */
468 SIGRTMIN+21, /* systemd: disable status messages */
469 SIGRTMIN+22, /* systemd: set log level to LOG_DEBUG */
470 SIGRTMIN+23, /* systemd: set log level to LOG_INFO */
471 SIGRTMIN+24, /* systemd: Immediate exit (--user only) */
472
473 /* .. one free signal here ... */
474
475 #if !defined(__hppa64__) && !defined(__hppa__)
476 /* Apparently Linux on hppa has fewer RT
477 * signals (SIGRTMAX is SIGRTMIN+25 there),
478 * hence let's not try to make use of them
479 * here. Since these commands are accessible
480 * by different means and only really a safety
481 * net, the missing functionality on hppa
482 * shouldn't matter. */
483
484 SIGRTMIN+26, /* systemd: set log target to journal-or-kmsg */
485 SIGRTMIN+27, /* systemd: set log target to console */
486 SIGRTMIN+28, /* systemd: set log target to kmsg */
487 SIGRTMIN+29, /* systemd: set log target to syslog-or-kmsg (obsolete) */
488
489 /* ... one free signal here SIGRTMIN+30 ... */
490 #endif
491 -1);
492 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
493
494 m->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
495 if (m->signal_fd < 0)
496 return -errno;
497
498 r = sd_event_add_io(m->event, &m->signal_event_source, m->signal_fd, EPOLLIN, manager_dispatch_signal_fd, m);
499 if (r < 0)
500 return r;
501
502 (void) sd_event_source_set_description(m->signal_event_source, "manager-signal");
503
504 /* Process signals a bit earlier than the rest of things, but later than notify_fd processing, so that the
505 * notify processing can still figure out to which process/service a message belongs, before we reap the
506 * process. Also, process this before handling cgroup notifications, so that we always collect child exit
507 * status information before detecting that there's no process in a cgroup. */
508 r = sd_event_source_set_priority(m->signal_event_source, SD_EVENT_PRIORITY_NORMAL-6);
509 if (r < 0)
510 return r;
511
512 if (MANAGER_IS_SYSTEM(m))
513 return enable_special_signals(m);
514
515 return 0;
516 }
517
518 static void manager_sanitize_environment(Manager *m) {
519 assert(m);
520
521 /* Let's remove some environment variables that we need ourselves to communicate with our clients */
522 strv_env_unset_many(
523 m->environment,
524 "EXIT_CODE",
525 "EXIT_STATUS",
526 "INVOCATION_ID",
527 "JOURNAL_STREAM",
528 "LISTEN_FDNAMES",
529 "LISTEN_FDS",
530 "LISTEN_PID",
531 "MAINPID",
532 "MANAGERPID",
533 "NOTIFY_SOCKET",
534 "REMOTE_ADDR",
535 "REMOTE_PORT",
536 "SERVICE_RESULT",
537 "WATCHDOG_PID",
538 "WATCHDOG_USEC",
539 NULL);
540
541 /* Let's order the environment alphabetically, just to make it pretty */
542 strv_sort(m->environment);
543 }
544
545 static int manager_default_environment(Manager *m) {
546 assert(m);
547
548 if (MANAGER_IS_SYSTEM(m)) {
549 /* The system manager always starts with a clean
550 * environment for its children. It does not import
551 * the kernel's or the parents' exported variables.
552 *
553 * The initial passed environment is untouched to keep
554 * /proc/self/environ valid; it is used for tagging
555 * the init process inside containers. */
556 m->environment = strv_new("PATH=" DEFAULT_PATH,
557 NULL);
558
559 /* Import locale variables LC_*= from configuration */
560 locale_setup(&m->environment);
561 } else
562 /* The user manager passes its own environment
563 * along to its children. */
564 m->environment = strv_copy(environ);
565
566 if (!m->environment)
567 return -ENOMEM;
568
569 manager_sanitize_environment(m);
570
571 return 0;
572 }
573
574 static int manager_setup_prefix(Manager *m) {
575 struct table_entry {
576 uint64_t type;
577 const char *suffix;
578 };
579
580 static const struct table_entry paths_system[_EXEC_DIRECTORY_TYPE_MAX] = {
581 [EXEC_DIRECTORY_RUNTIME] = { SD_PATH_SYSTEM_RUNTIME, NULL },
582 [EXEC_DIRECTORY_STATE] = { SD_PATH_SYSTEM_STATE_PRIVATE, NULL },
583 [EXEC_DIRECTORY_CACHE] = { SD_PATH_SYSTEM_STATE_CACHE, NULL },
584 [EXEC_DIRECTORY_LOGS] = { SD_PATH_SYSTEM_STATE_LOGS, NULL },
585 [EXEC_DIRECTORY_CONFIGURATION] = { SD_PATH_SYSTEM_CONFIGURATION, NULL },
586 };
587
588 static const struct table_entry paths_user[_EXEC_DIRECTORY_TYPE_MAX] = {
589 [EXEC_DIRECTORY_RUNTIME] = { SD_PATH_USER_RUNTIME, NULL },
590 [EXEC_DIRECTORY_STATE] = { SD_PATH_USER_CONFIGURATION, NULL },
591 [EXEC_DIRECTORY_CACHE] = { SD_PATH_USER_STATE_CACHE, NULL },
592 [EXEC_DIRECTORY_LOGS] = { SD_PATH_USER_CONFIGURATION, "log" },
593 [EXEC_DIRECTORY_CONFIGURATION] = { SD_PATH_USER_CONFIGURATION, NULL },
594 };
595
596 const struct table_entry *p;
597 ExecDirectoryType i;
598 int r;
599
600 assert(m);
601
602 if (MANAGER_IS_SYSTEM(m))
603 p = paths_system;
604 else
605 p = paths_user;
606
607 for (i = 0; i < _EXEC_DIRECTORY_TYPE_MAX; i++) {
608 r = sd_path_home(p[i].type, p[i].suffix, &m->prefix[i]);
609 if (r < 0)
610 return r;
611 }
612
613 return 0;
614 }
615
616 static int manager_setup_run_queue(Manager *m) {
617 int r;
618
619 assert(m);
620 assert(!m->run_queue_event_source);
621
622 r = sd_event_add_defer(m->event, &m->run_queue_event_source, manager_dispatch_run_queue, m);
623 if (r < 0)
624 return r;
625
626 r = sd_event_source_set_priority(m->run_queue_event_source, SD_EVENT_PRIORITY_IDLE);
627 if (r < 0)
628 return r;
629
630 r = sd_event_source_set_enabled(m->run_queue_event_source, SD_EVENT_OFF);
631 if (r < 0)
632 return r;
633
634 (void) sd_event_source_set_description(m->run_queue_event_source, "manager-run-queue");
635
636 return 0;
637 }
638
639 static int manager_setup_sigchld_event_source(Manager *m) {
640 int r;
641
642 assert(m);
643 assert(!m->sigchld_event_source);
644
645 r = sd_event_add_defer(m->event, &m->sigchld_event_source, manager_dispatch_sigchld, m);
646 if (r < 0)
647 return r;
648
649 r = sd_event_source_set_priority(m->sigchld_event_source, SD_EVENT_PRIORITY_NORMAL-7);
650 if (r < 0)
651 return r;
652
653 r = sd_event_source_set_enabled(m->sigchld_event_source, SD_EVENT_OFF);
654 if (r < 0)
655 return r;
656
657 (void) sd_event_source_set_description(m->sigchld_event_source, "manager-sigchld");
658
659 return 0;
660 }
661
662 int manager_new(UnitFileScope scope, unsigned test_run_flags, Manager **_m) {
663 Manager *m;
664 int r;
665
666 assert(_m);
667 assert(IN_SET(scope, UNIT_FILE_SYSTEM, UNIT_FILE_USER));
668
669 m = new0(Manager, 1);
670 if (!m)
671 return -ENOMEM;
672
673 m->unit_file_scope = scope;
674 m->exit_code = _MANAGER_EXIT_CODE_INVALID;
675 m->default_timer_accuracy_usec = USEC_PER_MINUTE;
676 m->default_tasks_accounting = true;
677 m->default_tasks_max = UINT64_MAX;
678 m->default_timeout_start_usec = DEFAULT_TIMEOUT_USEC;
679 m->default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC;
680 m->default_restart_usec = DEFAULT_RESTART_USEC;
681
682 #if ENABLE_EFI
683 if (MANAGER_IS_SYSTEM(m) && detect_container() <= 0)
684 boot_timestamps(m->timestamps + MANAGER_TIMESTAMP_USERSPACE,
685 m->timestamps + MANAGER_TIMESTAMP_FIRMWARE,
686 m->timestamps + MANAGER_TIMESTAMP_LOADER);
687 #endif
688
689 /* Prepare log fields we can use for structured logging */
690 if (MANAGER_IS_SYSTEM(m)) {
691 m->unit_log_field = "UNIT=";
692 m->unit_log_format_string = "UNIT=%s";
693
694 m->invocation_log_field = "INVOCATION_ID=";
695 m->invocation_log_format_string = "INVOCATION_ID=%s";
696 } else {
697 m->unit_log_field = "USER_UNIT=";
698 m->unit_log_format_string = "USER_UNIT=%s";
699
700 m->invocation_log_field = "USER_INVOCATION_ID=";
701 m->invocation_log_format_string = "USER_INVOCATION_ID=%s";
702 }
703
704 m->idle_pipe[0] = m->idle_pipe[1] = m->idle_pipe[2] = m->idle_pipe[3] = -1;
705
706 m->pin_cgroupfs_fd = m->notify_fd = m->cgroups_agent_fd = m->signal_fd = m->time_change_fd =
707 m->dev_autofs_fd = m->private_listen_fd = m->cgroup_inotify_fd =
708 m->ask_password_inotify_fd = -1;
709
710 m->user_lookup_fds[0] = m->user_lookup_fds[1] = -1;
711
712 m->current_job_id = 1; /* start as id #1, so that we can leave #0 around as "null-like" value */
713
714 m->have_ask_password = -EINVAL; /* we don't know */
715 m->first_boot = -1;
716
717 m->test_run_flags = test_run_flags;
718
719 /* Reboot immediately if the user hits C-A-D more often than 7x per 2s */
720 RATELIMIT_INIT(m->ctrl_alt_del_ratelimit, 2 * USEC_PER_SEC, 7);
721
722 r = manager_default_environment(m);
723 if (r < 0)
724 goto fail;
725
726 r = hashmap_ensure_allocated(&m->units, &string_hash_ops);
727 if (r < 0)
728 goto fail;
729
730 r = hashmap_ensure_allocated(&m->jobs, NULL);
731 if (r < 0)
732 goto fail;
733
734 r = hashmap_ensure_allocated(&m->cgroup_unit, &string_hash_ops);
735 if (r < 0)
736 goto fail;
737
738 r = hashmap_ensure_allocated(&m->watch_bus, &string_hash_ops);
739 if (r < 0)
740 goto fail;
741
742 r = sd_event_default(&m->event);
743 if (r < 0)
744 goto fail;
745
746 r = manager_setup_run_queue(m);
747 if (r < 0)
748 goto fail;
749
750 r = manager_setup_signals(m);
751 if (r < 0)
752 goto fail;
753
754 r = manager_setup_cgroup(m);
755 if (r < 0)
756 goto fail;
757
758 r = manager_setup_time_change(m);
759 if (r < 0)
760 goto fail;
761
762 r = manager_setup_sigchld_event_source(m);
763 if (r < 0)
764 goto fail;
765
766 m->udev = udev_new();
767 if (!m->udev) {
768 r = -ENOMEM;
769 goto fail;
770 }
771
772 r = manager_setup_prefix(m);
773 if (r < 0)
774 goto fail;
775
776 if (MANAGER_IS_SYSTEM(m) && test_run_flags == 0) {
777 r = mkdir_label("/run/systemd/units", 0755);
778 if (r < 0 && r != -EEXIST)
779 goto fail;
780 }
781
782 m->taint_usr =
783 !in_initrd() &&
784 dir_is_empty("/usr") > 0;
785
786 /* Note that we do not set up the notify fd here. We do that after deserialization,
787 * since they might have gotten serialized across the reexec. */
788
789 *_m = m;
790 return 0;
791
792 fail:
793 manager_free(m);
794 return r;
795 }
796
797 static int manager_setup_notify(Manager *m) {
798 int r;
799
800 if (m->test_run_flags)
801 return 0;
802
803 if (m->notify_fd < 0) {
804 _cleanup_close_ int fd = -1;
805 union sockaddr_union sa = {
806 .sa.sa_family = AF_UNIX,
807 };
808 static const int one = 1;
809
810 /* First free all secondary fields */
811 m->notify_socket = mfree(m->notify_socket);
812 m->notify_event_source = sd_event_source_unref(m->notify_event_source);
813
814 fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
815 if (fd < 0)
816 return log_error_errno(errno, "Failed to allocate notification socket: %m");
817
818 fd_inc_rcvbuf(fd, NOTIFY_RCVBUF_SIZE);
819
820 m->notify_socket = strappend(m->prefix[EXEC_DIRECTORY_RUNTIME], "/systemd/notify");
821 if (!m->notify_socket)
822 return log_oom();
823
824 (void) mkdir_parents_label(m->notify_socket, 0755);
825 (void) unlink(m->notify_socket);
826
827 strncpy(sa.un.sun_path, m->notify_socket, sizeof(sa.un.sun_path)-1);
828 r = bind(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
829 if (r < 0)
830 return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
831
832 r = setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
833 if (r < 0)
834 return log_error_errno(errno, "SO_PASSCRED failed: %m");
835
836 m->notify_fd = fd;
837 fd = -1;
838
839 log_debug("Using notification socket %s", m->notify_socket);
840 }
841
842 if (!m->notify_event_source) {
843 r = sd_event_add_io(m->event, &m->notify_event_source, m->notify_fd, EPOLLIN, manager_dispatch_notify_fd, m);
844 if (r < 0)
845 return log_error_errno(r, "Failed to allocate notify event source: %m");
846
847 /* Process notification messages a bit earlier than SIGCHLD, so that we can still identify to which
848 * service an exit message belongs. */
849 r = sd_event_source_set_priority(m->notify_event_source, SD_EVENT_PRIORITY_NORMAL-8);
850 if (r < 0)
851 return log_error_errno(r, "Failed to set priority of notify event source: %m");
852
853 (void) sd_event_source_set_description(m->notify_event_source, "manager-notify");
854 }
855
856 return 0;
857 }
858
859 static int manager_setup_cgroups_agent(Manager *m) {
860
861 static const union sockaddr_union sa = {
862 .un.sun_family = AF_UNIX,
863 .un.sun_path = "/run/systemd/cgroups-agent",
864 };
865 int r;
866
867 /* This creates a listening socket we receive cgroups agent messages on. We do not use D-Bus for delivering
868 * these messages from the cgroups agent binary to PID 1, as the cgroups agent binary is very short-living, and
869 * each instance of it needs a new D-Bus connection. Since D-Bus connections are SOCK_STREAM/AF_UNIX, on
870 * overloaded systems the backlog of the D-Bus socket becomes relevant, as not more than the configured number
871 * of D-Bus connections may be queued until the kernel will start dropping further incoming connections,
872 * possibly resulting in lost cgroups agent messages. To avoid this, we'll use a private SOCK_DGRAM/AF_UNIX
873 * socket, where no backlog is relevant as communication may take place without an actual connect() cycle, and
874 * we thus won't lose messages.
875 *
876 * Note that PID 1 will forward the agent message to system bus, so that the user systemd instance may listen
877 * to it. The system instance hence listens on this special socket, but the user instances listen on the system
878 * bus for these messages. */
879
880 if (m->test_run_flags)
881 return 0;
882
883 if (!MANAGER_IS_SYSTEM(m))
884 return 0;
885
886 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
887 if (r < 0)
888 return log_error_errno(r, "Failed to determine whether unified cgroups hierarchy is used: %m");
889 if (r > 0) /* We don't need this anymore on the unified hierarchy */
890 return 0;
891
892 if (m->cgroups_agent_fd < 0) {
893 _cleanup_close_ int fd = -1;
894
895 /* First free all secondary fields */
896 m->cgroups_agent_event_source = sd_event_source_unref(m->cgroups_agent_event_source);
897
898 fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
899 if (fd < 0)
900 return log_error_errno(errno, "Failed to allocate cgroups agent socket: %m");
901
902 fd_inc_rcvbuf(fd, CGROUPS_AGENT_RCVBUF_SIZE);
903
904 (void) unlink(sa.un.sun_path);
905
906 /* Only allow root to connect to this socket */
907 RUN_WITH_UMASK(0077)
908 r = bind(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
909 if (r < 0)
910 return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
911
912 m->cgroups_agent_fd = fd;
913 fd = -1;
914 }
915
916 if (!m->cgroups_agent_event_source) {
917 r = sd_event_add_io(m->event, &m->cgroups_agent_event_source, m->cgroups_agent_fd, EPOLLIN, manager_dispatch_cgroups_agent_fd, m);
918 if (r < 0)
919 return log_error_errno(r, "Failed to allocate cgroups agent event source: %m");
920
921 /* Process cgroups notifications early, but after having processed service notification messages or
922 * SIGCHLD signals, so that a cgroup running empty is always just the last safety net of notification,
923 * and we collected the metadata the notification and SIGCHLD stuff offers first. Also see handling of
924 * cgroup inotify for the unified cgroup stuff. */
925 r = sd_event_source_set_priority(m->cgroups_agent_event_source, SD_EVENT_PRIORITY_NORMAL-4);
926 if (r < 0)
927 return log_error_errno(r, "Failed to set priority of cgroups agent event source: %m");
928
929 (void) sd_event_source_set_description(m->cgroups_agent_event_source, "manager-cgroups-agent");
930 }
931
932 return 0;
933 }
934
935 static int manager_setup_user_lookup_fd(Manager *m) {
936 int r;
937
938 assert(m);
939
940 /* Set up the socket pair used for passing UID/GID resolution results from forked off processes to PID
941 * 1. Background: we can't do name lookups (NSS) from PID 1, since it might involve IPC and thus activation,
942 * and we might hence deadlock on ourselves. Hence we do all user/group lookups asynchronously from the forked
943 * off processes right before executing the binaries to start. In order to be able to clean up any IPC objects
944 * created by a unit (see RemoveIPC=) we need to know in PID 1 the used UID/GID of the executed processes,
945 * hence we establish this communication channel so that forked off processes can pass their UID/GID
946 * information back to PID 1. The forked off processes send their resolved UID/GID to PID 1 in a simple
947 * datagram, along with their unit name, so that we can share one communication socket pair among all units for
948 * this purpose.
949 *
950 * You might wonder why we need a communication channel for this that is independent of the usual notification
951 * socket scheme (i.e. $NOTIFY_SOCKET). The primary difference is about trust: data sent via the $NOTIFY_SOCKET
952 * channel is only accepted if it originates from the right unit and if reception was enabled for it. The user
953 * lookup socket OTOH is only accessible by PID 1 and its children until they exec(), and always available.
954 *
955 * Note that this function is called under two circumstances: when we first initialize (in which case we
956 * allocate both the socket pair and the event source to listen on it), and when we deserialize after a reload
957 * (in which case the socket pair already exists but we still need to allocate the event source for it). */
958
959 if (m->user_lookup_fds[0] < 0) {
960
961 /* Free all secondary fields */
962 safe_close_pair(m->user_lookup_fds);
963 m->user_lookup_event_source = sd_event_source_unref(m->user_lookup_event_source);
964
965 if (socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, m->user_lookup_fds) < 0)
966 return log_error_errno(errno, "Failed to allocate user lookup socket: %m");
967
968 (void) fd_inc_rcvbuf(m->user_lookup_fds[0], NOTIFY_RCVBUF_SIZE);
969 }
970
971 if (!m->user_lookup_event_source) {
972 r = sd_event_add_io(m->event, &m->user_lookup_event_source, m->user_lookup_fds[0], EPOLLIN, manager_dispatch_user_lookup_fd, m);
973 if (r < 0)
974 return log_error_errno(errno, "Failed to allocate user lookup event source: %m");
975
976 /* Process even earlier than the notify event source, so that we always know first about valid UID/GID
977 * resolutions */
978 r = sd_event_source_set_priority(m->user_lookup_event_source, SD_EVENT_PRIORITY_NORMAL-11);
979 if (r < 0)
980 return log_error_errno(errno, "Failed to set priority ot user lookup event source: %m");
981
982 (void) sd_event_source_set_description(m->user_lookup_event_source, "user-lookup");
983 }
984
985 return 0;
986 }
987
988 static unsigned manager_dispatch_cleanup_queue(Manager *m) {
989 Unit *u;
990 unsigned n = 0;
991
992 assert(m);
993
994 while ((u = m->cleanup_queue)) {
995 assert(u->in_cleanup_queue);
996
997 unit_free(u);
998 n++;
999 }
1000
1001 return n;
1002 }
1003
1004 enum {
1005 GC_OFFSET_IN_PATH, /* This one is on the path we were traveling */
1006 GC_OFFSET_UNSURE, /* No clue */
1007 GC_OFFSET_GOOD, /* We still need this unit */
1008 GC_OFFSET_BAD, /* We don't need this unit anymore */
1009 _GC_OFFSET_MAX
1010 };
1011
1012 static void unit_gc_mark_good(Unit *u, unsigned gc_marker) {
1013 Unit *other;
1014 Iterator i;
1015 void *v;
1016
1017 u->gc_marker = gc_marker + GC_OFFSET_GOOD;
1018
1019 /* Recursively mark referenced units as GOOD as well */
1020 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REFERENCES], i)
1021 if (other->gc_marker == gc_marker + GC_OFFSET_UNSURE)
1022 unit_gc_mark_good(other, gc_marker);
1023 }
1024
1025 static void unit_gc_sweep(Unit *u, unsigned gc_marker) {
1026 Unit *other;
1027 bool is_bad;
1028 Iterator i;
1029 void *v;
1030
1031 assert(u);
1032
1033 if (IN_SET(u->gc_marker - gc_marker,
1034 GC_OFFSET_GOOD, GC_OFFSET_BAD, GC_OFFSET_UNSURE, GC_OFFSET_IN_PATH))
1035 return;
1036
1037 if (u->in_cleanup_queue)
1038 goto bad;
1039
1040 if (unit_check_gc(u))
1041 goto good;
1042
1043 u->gc_marker = gc_marker + GC_OFFSET_IN_PATH;
1044
1045 is_bad = true;
1046
1047 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REFERENCED_BY], i) {
1048 unit_gc_sweep(other, gc_marker);
1049
1050 if (other->gc_marker == gc_marker + GC_OFFSET_GOOD)
1051 goto good;
1052
1053 if (other->gc_marker != gc_marker + GC_OFFSET_BAD)
1054 is_bad = false;
1055 }
1056
1057 if (is_bad)
1058 goto bad;
1059
1060 /* We were unable to find anything out about this entry, so
1061 * let's investigate it later */
1062 u->gc_marker = gc_marker + GC_OFFSET_UNSURE;
1063 unit_add_to_gc_queue(u);
1064 return;
1065
1066 bad:
1067 /* We definitely know that this one is not useful anymore, so
1068 * let's mark it for deletion */
1069 u->gc_marker = gc_marker + GC_OFFSET_BAD;
1070 unit_add_to_cleanup_queue(u);
1071 return;
1072
1073 good:
1074 unit_gc_mark_good(u, gc_marker);
1075 }
1076
1077 static unsigned manager_dispatch_gc_unit_queue(Manager *m) {
1078 unsigned n = 0, gc_marker;
1079 Unit *u;
1080
1081 assert(m);
1082
1083 /* log_debug("Running GC..."); */
1084
1085 m->gc_marker += _GC_OFFSET_MAX;
1086 if (m->gc_marker + _GC_OFFSET_MAX <= _GC_OFFSET_MAX)
1087 m->gc_marker = 1;
1088
1089 gc_marker = m->gc_marker;
1090
1091 while ((u = m->gc_unit_queue)) {
1092 assert(u->in_gc_queue);
1093
1094 unit_gc_sweep(u, gc_marker);
1095
1096 LIST_REMOVE(gc_queue, m->gc_unit_queue, u);
1097 u->in_gc_queue = false;
1098
1099 n++;
1100
1101 if (IN_SET(u->gc_marker - gc_marker,
1102 GC_OFFSET_BAD, GC_OFFSET_UNSURE)) {
1103 if (u->id)
1104 log_unit_debug(u, "Collecting.");
1105 u->gc_marker = gc_marker + GC_OFFSET_BAD;
1106 unit_add_to_cleanup_queue(u);
1107 }
1108 }
1109
1110 return n;
1111 }
1112
1113 static unsigned manager_dispatch_gc_job_queue(Manager *m) {
1114 unsigned n = 0;
1115 Job *j;
1116
1117 assert(m);
1118
1119 while ((j = m->gc_job_queue)) {
1120 assert(j->in_gc_queue);
1121
1122 LIST_REMOVE(gc_queue, m->gc_job_queue, j);
1123 j->in_gc_queue = false;
1124
1125 n++;
1126
1127 if (job_check_gc(j))
1128 continue;
1129
1130 log_unit_debug(j->unit, "Collecting job.");
1131 (void) job_finish_and_invalidate(j, JOB_COLLECTED, false, false);
1132 }
1133
1134 return n;
1135 }
1136
1137 static void manager_clear_jobs_and_units(Manager *m) {
1138 Unit *u;
1139
1140 assert(m);
1141
1142 while ((u = hashmap_first(m->units)))
1143 unit_free(u);
1144
1145 manager_dispatch_cleanup_queue(m);
1146
1147 assert(!m->load_queue);
1148 assert(!m->run_queue);
1149 assert(!m->dbus_unit_queue);
1150 assert(!m->dbus_job_queue);
1151 assert(!m->cleanup_queue);
1152 assert(!m->gc_unit_queue);
1153 assert(!m->gc_job_queue);
1154
1155 assert(hashmap_isempty(m->jobs));
1156 assert(hashmap_isempty(m->units));
1157
1158 m->n_on_console = 0;
1159 m->n_running_jobs = 0;
1160 }
1161
1162 Manager* manager_free(Manager *m) {
1163 UnitType c;
1164 int i;
1165 ExecDirectoryType dt;
1166
1167 if (!m)
1168 return NULL;
1169
1170 manager_clear_jobs_and_units(m);
1171
1172 for (c = 0; c < _UNIT_TYPE_MAX; c++)
1173 if (unit_vtable[c]->shutdown)
1174 unit_vtable[c]->shutdown(m);
1175
1176 /* If we reexecute ourselves, we keep the root cgroup around */
1177 manager_shutdown_cgroup(m, m->exit_code != MANAGER_REEXECUTE);
1178
1179 lookup_paths_flush_generator(&m->lookup_paths);
1180
1181 bus_done(m);
1182
1183 exec_runtime_vacuum(m);
1184 hashmap_free(m->exec_runtime_by_id);
1185
1186 dynamic_user_vacuum(m, false);
1187 hashmap_free(m->dynamic_users);
1188
1189 hashmap_free(m->units);
1190 hashmap_free(m->units_by_invocation_id);
1191 hashmap_free(m->jobs);
1192 hashmap_free(m->watch_pids);
1193 hashmap_free(m->watch_bus);
1194
1195 set_free(m->startup_units);
1196 set_free(m->failed_units);
1197
1198 sd_event_source_unref(m->signal_event_source);
1199 sd_event_source_unref(m->sigchld_event_source);
1200 sd_event_source_unref(m->notify_event_source);
1201 sd_event_source_unref(m->cgroups_agent_event_source);
1202 sd_event_source_unref(m->time_change_event_source);
1203 sd_event_source_unref(m->jobs_in_progress_event_source);
1204 sd_event_source_unref(m->run_queue_event_source);
1205 sd_event_source_unref(m->user_lookup_event_source);
1206
1207 safe_close(m->signal_fd);
1208 safe_close(m->notify_fd);
1209 safe_close(m->cgroups_agent_fd);
1210 safe_close(m->time_change_fd);
1211 safe_close_pair(m->user_lookup_fds);
1212
1213 manager_close_ask_password(m);
1214
1215 manager_close_idle_pipe(m);
1216
1217 udev_unref(m->udev);
1218 sd_event_unref(m->event);
1219
1220 free(m->notify_socket);
1221
1222 lookup_paths_free(&m->lookup_paths);
1223 strv_free(m->environment);
1224
1225 hashmap_free(m->cgroup_unit);
1226 set_free_free(m->unit_path_cache);
1227
1228 free(m->switch_root);
1229 free(m->switch_root_init);
1230
1231 for (i = 0; i < _RLIMIT_MAX; i++)
1232 m->rlimit[i] = mfree(m->rlimit[i]);
1233
1234 assert(hashmap_isempty(m->units_requiring_mounts_for));
1235 hashmap_free(m->units_requiring_mounts_for);
1236
1237 hashmap_free(m->uid_refs);
1238 hashmap_free(m->gid_refs);
1239
1240 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++)
1241 m->prefix[dt] = mfree(m->prefix[dt]);
1242
1243 return mfree(m);
1244 }
1245
1246 void manager_enumerate(Manager *m) {
1247 UnitType c;
1248
1249 assert(m);
1250
1251 /* Let's ask every type to load all units from disk/kernel
1252 * that it might know */
1253 for (c = 0; c < _UNIT_TYPE_MAX; c++) {
1254 if (!unit_type_supported(c)) {
1255 log_debug("Unit type .%s is not supported on this system.", unit_type_to_string(c));
1256 continue;
1257 }
1258
1259 if (!unit_vtable[c]->enumerate)
1260 continue;
1261
1262 unit_vtable[c]->enumerate(m);
1263 }
1264
1265 manager_dispatch_load_queue(m);
1266 }
1267
1268 static void manager_coldplug(Manager *m) {
1269 Iterator i;
1270 Unit *u;
1271 char *k;
1272 int r;
1273
1274 assert(m);
1275
1276 /* Then, let's set up their initial state. */
1277 HASHMAP_FOREACH_KEY(u, k, m->units, i) {
1278
1279 /* ignore aliases */
1280 if (u->id != k)
1281 continue;
1282
1283 r = unit_coldplug(u);
1284 if (r < 0)
1285 log_warning_errno(r, "We couldn't coldplug %s, proceeding anyway: %m", u->id);
1286 }
1287 }
1288
1289 static void manager_build_unit_path_cache(Manager *m) {
1290 char **i;
1291 int r;
1292
1293 assert(m);
1294
1295 set_free_free(m->unit_path_cache);
1296
1297 m->unit_path_cache = set_new(&string_hash_ops);
1298 if (!m->unit_path_cache) {
1299 r = -ENOMEM;
1300 goto fail;
1301 }
1302
1303 /* This simply builds a list of files we know exist, so that
1304 * we don't always have to go to disk */
1305
1306 STRV_FOREACH(i, m->lookup_paths.search_path) {
1307 _cleanup_closedir_ DIR *d = NULL;
1308 struct dirent *de;
1309
1310 d = opendir(*i);
1311 if (!d) {
1312 if (errno != ENOENT)
1313 log_warning_errno(errno, "Failed to open directory %s, ignoring: %m", *i);
1314 continue;
1315 }
1316
1317 FOREACH_DIRENT(de, d, r = -errno; goto fail) {
1318 char *p;
1319
1320 p = strjoin(streq(*i, "/") ? "" : *i, "/", de->d_name);
1321 if (!p) {
1322 r = -ENOMEM;
1323 goto fail;
1324 }
1325
1326 r = set_consume(m->unit_path_cache, p);
1327 if (r < 0)
1328 goto fail;
1329 }
1330 }
1331
1332 return;
1333
1334 fail:
1335 log_warning_errno(r, "Failed to build unit path cache, proceeding without: %m");
1336 m->unit_path_cache = set_free_free(m->unit_path_cache);
1337 }
1338
1339 static void manager_distribute_fds(Manager *m, FDSet *fds) {
1340 Iterator i;
1341 Unit *u;
1342
1343 assert(m);
1344
1345 HASHMAP_FOREACH(u, m->units, i) {
1346
1347 if (fdset_size(fds) <= 0)
1348 break;
1349
1350 if (!UNIT_VTABLE(u)->distribute_fds)
1351 continue;
1352
1353 UNIT_VTABLE(u)->distribute_fds(u, fds);
1354 }
1355 }
1356
1357 static bool manager_dbus_is_running(Manager *m, bool deserialized) {
1358 Unit *u;
1359
1360 assert(m);
1361
1362 /* This checks whether the dbus instance we are supposed to expose our APIs on is up. We check both the socket
1363 * and the service unit. If the 'deserialized' parameter is true we'll check the deserialized state of the unit
1364 * rather than the current one. */
1365
1366 if (m->test_run_flags != 0)
1367 return false;
1368
1369 /* If we are in the user instance, and the env var is already set for us, then this means D-Bus is ran
1370 * somewhere outside of our own logic. Let's use it */
1371 if (MANAGER_IS_USER(m) && getenv("DBUS_SESSION_BUS_ADDRESS"))
1372 return true;
1373
1374 u = manager_get_unit(m, SPECIAL_DBUS_SOCKET);
1375 if (!u)
1376 return false;
1377 if ((deserialized ? SOCKET(u)->deserialized_state : SOCKET(u)->state) != SOCKET_RUNNING)
1378 return false;
1379
1380 u = manager_get_unit(m, SPECIAL_DBUS_SERVICE);
1381 if (!u)
1382 return false;
1383 if (!IN_SET((deserialized ? SERVICE(u)->deserialized_state : SERVICE(u)->state), SERVICE_RUNNING, SERVICE_RELOAD))
1384 return false;
1385
1386 return true;
1387 }
1388
1389 int manager_startup(Manager *m, FILE *serialization, FDSet *fds) {
1390 int r;
1391
1392 assert(m);
1393
1394 /* If we are running in test mode, we still want to run the generators,
1395 * but we should not touch the real generator directories. */
1396 r = lookup_paths_init(&m->lookup_paths, m->unit_file_scope,
1397 m->test_run_flags ? LOOKUP_PATHS_TEMPORARY_GENERATED : 0,
1398 NULL);
1399 if (r < 0)
1400 return r;
1401
1402 r = manager_run_environment_generators(m);
1403 if (r < 0)
1404 return r;
1405
1406 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_GENERATORS_START);
1407 r = manager_run_generators(m);
1408 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_GENERATORS_FINISH);
1409 if (r < 0)
1410 return r;
1411
1412 /* If this is the first boot, and we are in the host system, then preset everything */
1413 if (m->first_boot > 0 &&
1414 MANAGER_IS_SYSTEM(m) &&
1415 !m->test_run_flags) {
1416
1417 r = unit_file_preset_all(UNIT_FILE_SYSTEM, 0, NULL, UNIT_FILE_PRESET_ENABLE_ONLY, NULL, 0);
1418 if (r < 0)
1419 log_full_errno(r == -EEXIST ? LOG_NOTICE : LOG_WARNING, r,
1420 "Failed to populate /etc with preset unit settings, ignoring: %m");
1421 else
1422 log_info("Populated /etc with preset unit settings.");
1423 }
1424
1425 lookup_paths_reduce(&m->lookup_paths);
1426 manager_build_unit_path_cache(m);
1427
1428 /* If we will deserialize make sure that during enumeration
1429 * this is already known, so we increase the counter here
1430 * already */
1431 if (serialization)
1432 m->n_reloading++;
1433
1434 /* First, enumerate what we can from all config files */
1435 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_UNITS_LOAD_START);
1436 manager_enumerate(m);
1437 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_UNITS_LOAD_FINISH);
1438
1439 /* Second, deserialize if there is something to deserialize */
1440 if (serialization) {
1441 r = manager_deserialize(m, serialization, fds);
1442 if (r < 0)
1443 return log_error_errno(r, "Deserialization failed: %m");
1444 }
1445
1446 /* Any fds left? Find some unit which wants them. This is
1447 * useful to allow container managers to pass some file
1448 * descriptors to us pre-initialized. This enables
1449 * socket-based activation of entire containers. */
1450 manager_distribute_fds(m, fds);
1451
1452 /* We might have deserialized the notify fd, but if we didn't
1453 * then let's create the bus now */
1454 r = manager_setup_notify(m);
1455 if (r < 0)
1456 /* No sense to continue without notifications, our children would fail anyway. */
1457 return r;
1458
1459 r = manager_setup_cgroups_agent(m);
1460 if (r < 0)
1461 /* Likewise, no sense to continue without empty cgroup notifications. */
1462 return r;
1463
1464 r = manager_setup_user_lookup_fd(m);
1465 if (r < 0)
1466 /* This shouldn't fail, except if things are really broken. */
1467 return r;
1468
1469 /* Let's set up our private bus connection now, unconditionally */
1470 (void) bus_init_private(m);
1471
1472 /* If we are in --user mode also connect to the system bus now */
1473 if (MANAGER_IS_USER(m))
1474 (void) bus_init_system(m);
1475
1476 /* Let's connect to the bus now, but only if the unit is supposed to be up */
1477 if (manager_dbus_is_running(m, !!serialization)) {
1478 (void) bus_init_api(m);
1479
1480 if (MANAGER_IS_SYSTEM(m))
1481 (void) bus_init_system(m);
1482 }
1483
1484 /* Now that we are connected to all possible busses, let's deserialize who is tracking us. */
1485 (void) bus_track_coldplug(m, &m->subscribed, false, m->deserialized_subscribed);
1486 m->deserialized_subscribed = strv_free(m->deserialized_subscribed);
1487
1488 /* Third, fire things up! */
1489 manager_coldplug(m);
1490
1491 /* Release any dynamic users no longer referenced */
1492 dynamic_user_vacuum(m, true);
1493
1494 exec_runtime_vacuum(m);
1495
1496 /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */
1497 manager_vacuum_uid_refs(m);
1498 manager_vacuum_gid_refs(m);
1499
1500 if (serialization) {
1501 assert(m->n_reloading > 0);
1502 m->n_reloading--;
1503
1504 /* Let's wait for the UnitNew/JobNew messages being
1505 * sent, before we notify that the reload is
1506 * finished */
1507 m->send_reloading_done = true;
1508 }
1509
1510 return 0;
1511 }
1512
1513 int manager_add_job(Manager *m, JobType type, Unit *unit, JobMode mode, sd_bus_error *e, Job **_ret) {
1514 int r;
1515 Transaction *tr;
1516
1517 assert(m);
1518 assert(type < _JOB_TYPE_MAX);
1519 assert(unit);
1520 assert(mode < _JOB_MODE_MAX);
1521
1522 if (mode == JOB_ISOLATE && type != JOB_START)
1523 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Isolate is only valid for start.");
1524
1525 if (mode == JOB_ISOLATE && !unit->allow_isolate)
1526 return sd_bus_error_setf(e, BUS_ERROR_NO_ISOLATION, "Operation refused, unit may not be isolated.");
1527
1528 log_unit_debug(unit, "Trying to enqueue job %s/%s/%s", unit->id, job_type_to_string(type), job_mode_to_string(mode));
1529
1530 type = job_type_collapse(type, unit);
1531
1532 tr = transaction_new(mode == JOB_REPLACE_IRREVERSIBLY);
1533 if (!tr)
1534 return -ENOMEM;
1535
1536 r = transaction_add_job_and_dependencies(tr, type, unit, NULL, true, false,
1537 IN_SET(mode, JOB_IGNORE_DEPENDENCIES, JOB_IGNORE_REQUIREMENTS),
1538 mode == JOB_IGNORE_DEPENDENCIES, e);
1539 if (r < 0)
1540 goto tr_abort;
1541
1542 if (mode == JOB_ISOLATE) {
1543 r = transaction_add_isolate_jobs(tr, m);
1544 if (r < 0)
1545 goto tr_abort;
1546 }
1547
1548 r = transaction_activate(tr, m, mode, e);
1549 if (r < 0)
1550 goto tr_abort;
1551
1552 log_unit_debug(unit,
1553 "Enqueued job %s/%s as %u", unit->id,
1554 job_type_to_string(type), (unsigned) tr->anchor_job->id);
1555
1556 if (_ret)
1557 *_ret = tr->anchor_job;
1558
1559 transaction_free(tr);
1560 return 0;
1561
1562 tr_abort:
1563 transaction_abort(tr);
1564 transaction_free(tr);
1565 return r;
1566 }
1567
1568 int manager_add_job_by_name(Manager *m, JobType type, const char *name, JobMode mode, sd_bus_error *e, Job **ret) {
1569 Unit *unit = NULL; /* just to appease gcc, initialization is not really necessary */
1570 int r;
1571
1572 assert(m);
1573 assert(type < _JOB_TYPE_MAX);
1574 assert(name);
1575 assert(mode < _JOB_MODE_MAX);
1576
1577 r = manager_load_unit(m, name, NULL, NULL, &unit);
1578 if (r < 0)
1579 return r;
1580 assert(unit);
1581
1582 return manager_add_job(m, type, unit, mode, e, ret);
1583 }
1584
1585 int manager_add_job_by_name_and_warn(Manager *m, JobType type, const char *name, JobMode mode, Job **ret) {
1586 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1587 int r;
1588
1589 assert(m);
1590 assert(type < _JOB_TYPE_MAX);
1591 assert(name);
1592 assert(mode < _JOB_MODE_MAX);
1593
1594 r = manager_add_job_by_name(m, type, name, mode, &error, ret);
1595 if (r < 0)
1596 return log_warning_errno(r, "Failed to enqueue %s job for %s: %s", job_mode_to_string(mode), name, bus_error_message(&error, r));
1597
1598 return r;
1599 }
1600
1601 int manager_propagate_reload(Manager *m, Unit *unit, JobMode mode, sd_bus_error *e) {
1602 int r;
1603 Transaction *tr;
1604
1605 assert(m);
1606 assert(unit);
1607 assert(mode < _JOB_MODE_MAX);
1608 assert(mode != JOB_ISOLATE); /* Isolate is only valid for start */
1609
1610 tr = transaction_new(mode == JOB_REPLACE_IRREVERSIBLY);
1611 if (!tr)
1612 return -ENOMEM;
1613
1614 /* We need an anchor job */
1615 r = transaction_add_job_and_dependencies(tr, JOB_NOP, unit, NULL, false, false, true, true, e);
1616 if (r < 0)
1617 goto tr_abort;
1618
1619 /* Failure in adding individual dependencies is ignored, so this always succeeds. */
1620 transaction_add_propagate_reload_jobs(tr, unit, tr->anchor_job, mode == JOB_IGNORE_DEPENDENCIES, e);
1621
1622 r = transaction_activate(tr, m, mode, e);
1623 if (r < 0)
1624 goto tr_abort;
1625
1626 transaction_free(tr);
1627 return 0;
1628
1629 tr_abort:
1630 transaction_abort(tr);
1631 transaction_free(tr);
1632 return r;
1633 }
1634
1635 Job *manager_get_job(Manager *m, uint32_t id) {
1636 assert(m);
1637
1638 return hashmap_get(m->jobs, UINT32_TO_PTR(id));
1639 }
1640
1641 Unit *manager_get_unit(Manager *m, const char *name) {
1642 assert(m);
1643 assert(name);
1644
1645 return hashmap_get(m->units, name);
1646 }
1647
1648 unsigned manager_dispatch_load_queue(Manager *m) {
1649 Unit *u;
1650 unsigned n = 0;
1651
1652 assert(m);
1653
1654 /* Make sure we are not run recursively */
1655 if (m->dispatching_load_queue)
1656 return 0;
1657
1658 m->dispatching_load_queue = true;
1659
1660 /* Dispatches the load queue. Takes a unit from the queue and
1661 * tries to load its data until the queue is empty */
1662
1663 while ((u = m->load_queue)) {
1664 assert(u->in_load_queue);
1665
1666 unit_load(u);
1667 n++;
1668 }
1669
1670 m->dispatching_load_queue = false;
1671 return n;
1672 }
1673
1674 int manager_load_unit_prepare(
1675 Manager *m,
1676 const char *name,
1677 const char *path,
1678 sd_bus_error *e,
1679 Unit **_ret) {
1680
1681 Unit *ret;
1682 UnitType t;
1683 int r;
1684
1685 assert(m);
1686 assert(name || path);
1687 assert(_ret);
1688
1689 /* This will prepare the unit for loading, but not actually
1690 * load anything from disk. */
1691
1692 if (path && !is_path(path))
1693 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Path %s is not absolute.", path);
1694
1695 if (!name)
1696 name = basename(path);
1697
1698 t = unit_name_to_type(name);
1699
1700 if (t == _UNIT_TYPE_INVALID || !unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE)) {
1701 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE))
1702 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is missing the instance name.", name);
1703
1704 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is not valid.", name);
1705 }
1706
1707 ret = manager_get_unit(m, name);
1708 if (ret) {
1709 *_ret = ret;
1710 return 1;
1711 }
1712
1713 ret = unit_new(m, unit_vtable[t]->object_size);
1714 if (!ret)
1715 return -ENOMEM;
1716
1717 if (path) {
1718 ret->fragment_path = strdup(path);
1719 if (!ret->fragment_path) {
1720 unit_free(ret);
1721 return -ENOMEM;
1722 }
1723 }
1724
1725 r = unit_add_name(ret, name);
1726 if (r < 0) {
1727 unit_free(ret);
1728 return r;
1729 }
1730
1731 unit_add_to_load_queue(ret);
1732 unit_add_to_dbus_queue(ret);
1733 unit_add_to_gc_queue(ret);
1734
1735 *_ret = ret;
1736
1737 return 0;
1738 }
1739
1740 int manager_load_unit(
1741 Manager *m,
1742 const char *name,
1743 const char *path,
1744 sd_bus_error *e,
1745 Unit **_ret) {
1746
1747 int r;
1748
1749 assert(m);
1750 assert(_ret);
1751
1752 /* This will load the service information files, but not actually
1753 * start any services or anything. */
1754
1755 r = manager_load_unit_prepare(m, name, path, e, _ret);
1756 if (r != 0)
1757 return r;
1758
1759 manager_dispatch_load_queue(m);
1760
1761 *_ret = unit_follow_merge(*_ret);
1762
1763 return 0;
1764 }
1765
1766 void manager_dump_jobs(Manager *s, FILE *f, const char *prefix) {
1767 Iterator i;
1768 Job *j;
1769
1770 assert(s);
1771 assert(f);
1772
1773 HASHMAP_FOREACH(j, s->jobs, i)
1774 job_dump(j, f, prefix);
1775 }
1776
1777 void manager_dump_units(Manager *s, FILE *f, const char *prefix) {
1778 Iterator i;
1779 Unit *u;
1780 const char *t;
1781
1782 assert(s);
1783 assert(f);
1784
1785 HASHMAP_FOREACH_KEY(u, t, s->units, i)
1786 if (u->id == t)
1787 unit_dump(u, f, prefix);
1788 }
1789
1790 void manager_dump(Manager *m, FILE *f, const char *prefix) {
1791 ManagerTimestamp q;
1792
1793 assert(m);
1794 assert(f);
1795
1796 for (q = 0; q < _MANAGER_TIMESTAMP_MAX; q++) {
1797 char buf[FORMAT_TIMESTAMP_MAX];
1798
1799 if (dual_timestamp_is_set(m->timestamps + q))
1800 fprintf(f, "%sTimestamp %s: %s\n",
1801 strempty(prefix),
1802 manager_timestamp_to_string(q),
1803 format_timestamp(buf, sizeof(buf), m->timestamps[q].realtime));
1804 }
1805
1806 manager_dump_units(m, f, prefix);
1807 manager_dump_jobs(m, f, prefix);
1808 }
1809
1810 int manager_get_dump_string(Manager *m, char **ret) {
1811 _cleanup_free_ char *dump = NULL;
1812 _cleanup_fclose_ FILE *f = NULL;
1813 size_t size;
1814 int r;
1815
1816 assert(m);
1817 assert(ret);
1818
1819 f = open_memstream(&dump, &size);
1820 if (!f)
1821 return -errno;
1822
1823 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
1824
1825 manager_dump(m, f, NULL);
1826
1827 r = fflush_and_check(f);
1828 if (r < 0)
1829 return r;
1830
1831 f = safe_fclose(f);
1832
1833 *ret = dump;
1834 dump = NULL;
1835
1836 return 0;
1837 }
1838
1839 void manager_clear_jobs(Manager *m) {
1840 Job *j;
1841
1842 assert(m);
1843
1844 while ((j = hashmap_first(m->jobs)))
1845 /* No need to recurse. We're cancelling all jobs. */
1846 job_finish_and_invalidate(j, JOB_CANCELED, false, false);
1847 }
1848
1849 static int manager_dispatch_run_queue(sd_event_source *source, void *userdata) {
1850 Manager *m = userdata;
1851 Job *j;
1852
1853 assert(source);
1854 assert(m);
1855
1856 while ((j = m->run_queue)) {
1857 assert(j->installed);
1858 assert(j->in_run_queue);
1859
1860 job_run_and_invalidate(j);
1861 }
1862
1863 if (m->n_running_jobs > 0)
1864 manager_watch_jobs_in_progress(m);
1865
1866 if (m->n_on_console > 0)
1867 manager_watch_idle_pipe(m);
1868
1869 return 1;
1870 }
1871
1872 static unsigned manager_dispatch_dbus_queue(Manager *m) {
1873 Job *j;
1874 Unit *u;
1875 unsigned n = 0;
1876
1877 assert(m);
1878
1879 if (m->dispatching_dbus_queue)
1880 return 0;
1881
1882 m->dispatching_dbus_queue = true;
1883
1884 while ((u = m->dbus_unit_queue)) {
1885 assert(u->in_dbus_queue);
1886
1887 bus_unit_send_change_signal(u);
1888 n++;
1889 }
1890
1891 while ((j = m->dbus_job_queue)) {
1892 assert(j->in_dbus_queue);
1893
1894 bus_job_send_change_signal(j);
1895 n++;
1896 }
1897
1898 m->dispatching_dbus_queue = false;
1899
1900 if (m->send_reloading_done) {
1901 m->send_reloading_done = false;
1902
1903 bus_manager_send_reloading(m, false);
1904 }
1905
1906 if (m->queued_message)
1907 bus_send_queued_message(m);
1908
1909 return n;
1910 }
1911
1912 static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
1913 Manager *m = userdata;
1914 char buf[PATH_MAX+1];
1915 ssize_t n;
1916
1917 n = recv(fd, buf, sizeof(buf), 0);
1918 if (n < 0)
1919 return log_error_errno(errno, "Failed to read cgroups agent message: %m");
1920 if (n == 0) {
1921 log_error("Got zero-length cgroups agent message, ignoring.");
1922 return 0;
1923 }
1924 if ((size_t) n >= sizeof(buf)) {
1925 log_error("Got overly long cgroups agent message, ignoring.");
1926 return 0;
1927 }
1928
1929 if (memchr(buf, 0, n)) {
1930 log_error("Got cgroups agent message with embedded NUL byte, ignoring.");
1931 return 0;
1932 }
1933 buf[n] = 0;
1934
1935 manager_notify_cgroup_empty(m, buf);
1936 (void) bus_forward_agent_released(m, buf);
1937
1938 return 0;
1939 }
1940
1941 static void manager_invoke_notify_message(
1942 Manager *m,
1943 Unit *u,
1944 const struct ucred *ucred,
1945 const char *buf,
1946 FDSet *fds) {
1947
1948 assert(m);
1949 assert(u);
1950 assert(ucred);
1951 assert(buf);
1952
1953 if (u->notifygen == m->notifygen) /* Already invoked on this same unit in this same iteration? */
1954 return;
1955 u->notifygen = m->notifygen;
1956
1957 if (UNIT_VTABLE(u)->notify_message) {
1958 _cleanup_strv_free_ char **tags = NULL;
1959
1960 tags = strv_split(buf, NEWLINE);
1961 if (!tags) {
1962 log_oom();
1963 return;
1964 }
1965
1966 UNIT_VTABLE(u)->notify_message(u, ucred, tags, fds);
1967
1968 } else if (DEBUG_LOGGING) {
1969 _cleanup_free_ char *x = NULL, *y = NULL;
1970
1971 x = ellipsize(buf, 20, 90);
1972 if (x)
1973 y = cescape(x);
1974
1975 log_unit_debug(u, "Got notification message \"%s\", ignoring.", strnull(y));
1976 }
1977 }
1978
1979 static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
1980
1981 _cleanup_fdset_free_ FDSet *fds = NULL;
1982 Manager *m = userdata;
1983 char buf[NOTIFY_BUFFER_MAX+1];
1984 struct iovec iovec = {
1985 .iov_base = buf,
1986 .iov_len = sizeof(buf)-1,
1987 };
1988 union {
1989 struct cmsghdr cmsghdr;
1990 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1991 CMSG_SPACE(sizeof(int) * NOTIFY_FD_MAX)];
1992 } control = {};
1993 struct msghdr msghdr = {
1994 .msg_iov = &iovec,
1995 .msg_iovlen = 1,
1996 .msg_control = &control,
1997 .msg_controllen = sizeof(control),
1998 };
1999
2000 struct cmsghdr *cmsg;
2001 struct ucred *ucred = NULL;
2002 _cleanup_free_ Unit **array_copy = NULL;
2003 Unit *u1, *u2, **array;
2004 int r, *fd_array = NULL;
2005 unsigned n_fds = 0;
2006 bool found = false;
2007 ssize_t n;
2008
2009 assert(m);
2010 assert(m->notify_fd == fd);
2011
2012 if (revents != EPOLLIN) {
2013 log_warning("Got unexpected poll event for notify fd.");
2014 return 0;
2015 }
2016
2017 n = recvmsg(m->notify_fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC|MSG_TRUNC);
2018 if (n < 0) {
2019 if (IN_SET(errno, EAGAIN, EINTR))
2020 return 0; /* Spurious wakeup, try again */
2021
2022 /* If this is any other, real error, then let's stop processing this socket. This of course means we
2023 * won't take notification messages anymore, but that's still better than busy looping around this:
2024 * being woken up over and over again but being unable to actually read the message off the socket. */
2025 return log_error_errno(errno, "Failed to receive notification message: %m");
2026 }
2027
2028 CMSG_FOREACH(cmsg, &msghdr) {
2029 if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
2030
2031 fd_array = (int*) CMSG_DATA(cmsg);
2032 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2033
2034 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2035 cmsg->cmsg_type == SCM_CREDENTIALS &&
2036 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred))) {
2037
2038 ucred = (struct ucred*) CMSG_DATA(cmsg);
2039 }
2040 }
2041
2042 if (n_fds > 0) {
2043 assert(fd_array);
2044
2045 r = fdset_new_array(&fds, fd_array, n_fds);
2046 if (r < 0) {
2047 close_many(fd_array, n_fds);
2048 log_oom();
2049 return 0;
2050 }
2051 }
2052
2053 if (!ucred || !pid_is_valid(ucred->pid)) {
2054 log_warning("Received notify message without valid credentials. Ignoring.");
2055 return 0;
2056 }
2057
2058 if ((size_t) n >= sizeof(buf) || (msghdr.msg_flags & MSG_TRUNC)) {
2059 log_warning("Received notify message exceeded maximum size. Ignoring.");
2060 return 0;
2061 }
2062
2063 /* As extra safety check, let's make sure the string we get doesn't contain embedded NUL bytes. We permit one
2064 * trailing NUL byte in the message, but don't expect it. */
2065 if (n > 1 && memchr(buf, 0, n-1)) {
2066 log_warning("Received notify message with embedded NUL bytes. Ignoring.");
2067 return 0;
2068 }
2069
2070 /* Make sure it's NUL-terminated. */
2071 buf[n] = 0;
2072
2073 /* Increase the generation counter used for filtering out duplicate unit invocations. */
2074 m->notifygen++;
2075
2076 /* Notify every unit that might be interested, which might be multiple. */
2077 u1 = manager_get_unit_by_pid_cgroup(m, ucred->pid);
2078 u2 = hashmap_get(m->watch_pids, PID_TO_PTR(ucred->pid));
2079 array = hashmap_get(m->watch_pids, PID_TO_PTR(-ucred->pid));
2080 if (array) {
2081 size_t k = 0;
2082
2083 while (array[k])
2084 k++;
2085
2086 array_copy = newdup(Unit*, array, k+1);
2087 if (!array_copy)
2088 log_oom();
2089 }
2090 /* And now invoke the per-unit callbacks. Note that manager_invoke_notify_message() will handle duplicate units
2091 * make sure we only invoke each unit's handler once. */
2092 if (u1) {
2093 manager_invoke_notify_message(m, u1, ucred, buf, fds);
2094 found = true;
2095 }
2096 if (u2) {
2097 manager_invoke_notify_message(m, u2, ucred, buf, fds);
2098 found = true;
2099 }
2100 if (array_copy)
2101 for (size_t i = 0; array_copy[i]; i++) {
2102 manager_invoke_notify_message(m, array_copy[i], ucred, buf, fds);
2103 found = true;
2104 }
2105
2106 if (!found)
2107 log_warning("Cannot find unit for notify message of PID "PID_FMT", ignoring.", ucred->pid);
2108
2109 if (fdset_size(fds) > 0)
2110 log_warning("Got extra auxiliary fds with notification message, closing them.");
2111
2112 return 0;
2113 }
2114
2115 static void manager_invoke_sigchld_event(
2116 Manager *m,
2117 Unit *u,
2118 const siginfo_t *si) {
2119
2120 assert(m);
2121 assert(u);
2122 assert(si);
2123
2124 /* Already invoked the handler of this unit in this iteration? Then don't process this again */
2125 if (u->sigchldgen == m->sigchldgen)
2126 return;
2127 u->sigchldgen = m->sigchldgen;
2128
2129 log_unit_debug(u, "Child "PID_FMT" belongs to %s.", si->si_pid, u->id);
2130 unit_unwatch_pid(u, si->si_pid);
2131
2132 if (UNIT_VTABLE(u)->sigchld_event)
2133 UNIT_VTABLE(u)->sigchld_event(u, si->si_pid, si->si_code, si->si_status);
2134 }
2135
2136 static int manager_dispatch_sigchld(sd_event_source *source, void *userdata) {
2137 Manager *m = userdata;
2138 siginfo_t si = {};
2139 int r;
2140
2141 assert(source);
2142 assert(m);
2143
2144 /* First we call waitd() for a PID and do not reap the zombie. That way we can still access /proc/$PID for it
2145 * while it is a zombie. */
2146
2147 if (waitid(P_ALL, 0, &si, WEXITED|WNOHANG|WNOWAIT) < 0) {
2148
2149 if (errno == ECHILD)
2150 goto turn_off;
2151
2152 log_error_errno(errno, "Failed to peek for child with waitid(), ignoring: %m");
2153 return 0;
2154 }
2155
2156 if (si.si_pid <= 0)
2157 goto turn_off;
2158
2159 if (IN_SET(si.si_code, CLD_EXITED, CLD_KILLED, CLD_DUMPED)) {
2160 _cleanup_free_ Unit **array_copy = NULL;
2161 _cleanup_free_ char *name = NULL;
2162 Unit *u1, *u2, **array;
2163
2164 (void) get_process_comm(si.si_pid, &name);
2165
2166 log_debug("Child "PID_FMT" (%s) died (code=%s, status=%i/%s)",
2167 si.si_pid, strna(name),
2168 sigchld_code_to_string(si.si_code),
2169 si.si_status,
2170 strna(si.si_code == CLD_EXITED
2171 ? exit_status_to_string(si.si_status, EXIT_STATUS_FULL)
2172 : signal_to_string(si.si_status)));
2173
2174 /* Increase the generation counter used for filtering out duplicate unit invocations */
2175 m->sigchldgen++;
2176
2177 /* And now figure out the unit this belongs to, it might be multiple... */
2178 u1 = manager_get_unit_by_pid_cgroup(m, si.si_pid);
2179 u2 = hashmap_get(m->watch_pids, PID_TO_PTR(si.si_pid));
2180 array = hashmap_get(m->watch_pids, PID_TO_PTR(-si.si_pid));
2181 if (array) {
2182 size_t n = 0;
2183
2184 /* Cound how many entries the array has */
2185 while (array[n])
2186 n++;
2187
2188 /* Make a copy of the array so that we don't trip up on the array changing beneath us */
2189 array_copy = newdup(Unit*, array, n+1);
2190 if (!array_copy)
2191 log_oom();
2192 }
2193
2194 /* Finally, execute them all. Note that u1, u2 and the array might contain duplicates, but
2195 * that's fine, manager_invoke_sigchld_event() will ensure we only invoke the handlers once for
2196 * each iteration. */
2197 if (u1)
2198 manager_invoke_sigchld_event(m, u1, &si);
2199 if (u2)
2200 manager_invoke_sigchld_event(m, u2, &si);
2201 if (array_copy)
2202 for (size_t i = 0; array_copy[i]; i++)
2203 manager_invoke_sigchld_event(m, array_copy[i], &si);
2204 }
2205
2206 /* And now, we actually reap the zombie. */
2207 if (waitid(P_PID, si.si_pid, &si, WEXITED) < 0) {
2208 log_error_errno(errno, "Failed to dequeue child, ignoring: %m");
2209 return 0;
2210 }
2211
2212 return 0;
2213
2214 turn_off:
2215 /* All children processed for now, turn off event source */
2216
2217 r = sd_event_source_set_enabled(m->sigchld_event_source, SD_EVENT_OFF);
2218 if (r < 0)
2219 return log_error_errno(r, "Failed to disable SIGCHLD event source: %m");
2220
2221 return 0;
2222 }
2223
2224 static void manager_start_target(Manager *m, const char *name, JobMode mode) {
2225 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2226 int r;
2227
2228 log_debug("Activating special unit %s", name);
2229
2230 r = manager_add_job_by_name(m, JOB_START, name, mode, &error, NULL);
2231 if (r < 0)
2232 log_error("Failed to enqueue %s job: %s", name, bus_error_message(&error, r));
2233 }
2234
2235 static void manager_handle_ctrl_alt_del(Manager *m) {
2236 /* If the user presses C-A-D more than
2237 * 7 times within 2s, we reboot/shutdown immediately,
2238 * unless it was disabled in system.conf */
2239
2240 if (ratelimit_test(&m->ctrl_alt_del_ratelimit) || m->cad_burst_action == EMERGENCY_ACTION_NONE)
2241 manager_start_target(m, SPECIAL_CTRL_ALT_DEL_TARGET, JOB_REPLACE_IRREVERSIBLY);
2242 else
2243 emergency_action(m, m->cad_burst_action, NULL,
2244 "Ctrl-Alt-Del was pressed more than 7 times within 2s");
2245 }
2246
2247 static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2248 Manager *m = userdata;
2249 ssize_t n;
2250 struct signalfd_siginfo sfsi;
2251 int r;
2252
2253 assert(m);
2254 assert(m->signal_fd == fd);
2255
2256 if (revents != EPOLLIN) {
2257 log_warning("Got unexpected events from signal file descriptor.");
2258 return 0;
2259 }
2260
2261 n = read(m->signal_fd, &sfsi, sizeof(sfsi));
2262 if (n != sizeof(sfsi)) {
2263 if (n >= 0) {
2264 log_warning("Truncated read from signal fd (%zu bytes), ignoring!", n);
2265 return 0;
2266 }
2267
2268 if (IN_SET(errno, EINTR, EAGAIN))
2269 return 0;
2270
2271 /* We return an error here, which will kill this handler,
2272 * to avoid a busy loop on read error. */
2273 return log_error_errno(errno, "Reading from signal fd failed: %m");
2274 }
2275
2276 log_received_signal(sfsi.ssi_signo == SIGCHLD ||
2277 (sfsi.ssi_signo == SIGTERM && MANAGER_IS_USER(m))
2278 ? LOG_DEBUG : LOG_INFO,
2279 &sfsi);
2280
2281 switch (sfsi.ssi_signo) {
2282
2283 case SIGCHLD:
2284 r = sd_event_source_set_enabled(m->sigchld_event_source, SD_EVENT_ON);
2285 if (r < 0)
2286 log_warning_errno(r, "Failed to enable SIGCHLD even source, ignoring: %m");
2287
2288 break;
2289
2290 case SIGTERM:
2291 if (MANAGER_IS_SYSTEM(m)) {
2292 /* This is for compatibility with the
2293 * original sysvinit */
2294 r = verify_run_space_and_log("Refusing to reexecute");
2295 if (r >= 0)
2296 m->exit_code = MANAGER_REEXECUTE;
2297 break;
2298 }
2299
2300 _fallthrough_;
2301 case SIGINT:
2302 if (MANAGER_IS_SYSTEM(m))
2303 manager_handle_ctrl_alt_del(m);
2304 else
2305 manager_start_target(m, SPECIAL_EXIT_TARGET,
2306 JOB_REPLACE_IRREVERSIBLY);
2307 break;
2308
2309 case SIGWINCH:
2310 if (MANAGER_IS_SYSTEM(m))
2311 manager_start_target(m, SPECIAL_KBREQUEST_TARGET, JOB_REPLACE);
2312
2313 /* This is a nop on non-init */
2314 break;
2315
2316 case SIGPWR:
2317 if (MANAGER_IS_SYSTEM(m))
2318 manager_start_target(m, SPECIAL_SIGPWR_TARGET, JOB_REPLACE);
2319
2320 /* This is a nop on non-init */
2321 break;
2322
2323 case SIGUSR1:
2324
2325 if (manager_dbus_is_running(m, false)) {
2326 log_info("Trying to reconnect to bus...");
2327
2328 (void) bus_init_api(m);
2329
2330 if (MANAGER_IS_SYSTEM(m))
2331 (void) bus_init_system(m);
2332 } else {
2333 log_info("Starting D-Bus service...");
2334 manager_start_target(m, SPECIAL_DBUS_SERVICE, JOB_REPLACE);
2335 }
2336
2337 break;
2338
2339 case SIGUSR2: {
2340 _cleanup_free_ char *dump = NULL;
2341
2342 r = manager_get_dump_string(m, &dump);
2343 if (r < 0) {
2344 log_warning_errno(errno, "Failed to acquire manager dump: %m");
2345 break;
2346 }
2347
2348 log_dump(LOG_INFO, dump);
2349 break;
2350 }
2351
2352 case SIGHUP:
2353 r = verify_run_space_and_log("Refusing to reload");
2354 if (r >= 0)
2355 m->exit_code = MANAGER_RELOAD;
2356 break;
2357
2358 default: {
2359
2360 /* Starting SIGRTMIN+0 */
2361 static const struct {
2362 const char *target;
2363 JobMode mode;
2364 } target_table[] = {
2365 [0] = { SPECIAL_DEFAULT_TARGET, JOB_ISOLATE },
2366 [1] = { SPECIAL_RESCUE_TARGET, JOB_ISOLATE },
2367 [2] = { SPECIAL_EMERGENCY_TARGET, JOB_ISOLATE },
2368 [3] = { SPECIAL_HALT_TARGET, JOB_REPLACE_IRREVERSIBLY },
2369 [4] = { SPECIAL_POWEROFF_TARGET, JOB_REPLACE_IRREVERSIBLY },
2370 [5] = { SPECIAL_REBOOT_TARGET, JOB_REPLACE_IRREVERSIBLY },
2371 [6] = { SPECIAL_KEXEC_TARGET, JOB_REPLACE_IRREVERSIBLY },
2372 };
2373
2374 /* Starting SIGRTMIN+13, so that target halt and system halt are 10 apart */
2375 static const ManagerExitCode code_table[] = {
2376 [0] = MANAGER_HALT,
2377 [1] = MANAGER_POWEROFF,
2378 [2] = MANAGER_REBOOT,
2379 [3] = MANAGER_KEXEC,
2380 };
2381
2382 if ((int) sfsi.ssi_signo >= SIGRTMIN+0 &&
2383 (int) sfsi.ssi_signo < SIGRTMIN+(int) ELEMENTSOF(target_table)) {
2384 int idx = (int) sfsi.ssi_signo - SIGRTMIN;
2385 manager_start_target(m, target_table[idx].target,
2386 target_table[idx].mode);
2387 break;
2388 }
2389
2390 if ((int) sfsi.ssi_signo >= SIGRTMIN+13 &&
2391 (int) sfsi.ssi_signo < SIGRTMIN+13+(int) ELEMENTSOF(code_table)) {
2392 m->exit_code = code_table[sfsi.ssi_signo - SIGRTMIN - 13];
2393 break;
2394 }
2395
2396 switch (sfsi.ssi_signo - SIGRTMIN) {
2397
2398 case 20:
2399 manager_set_show_status(m, SHOW_STATUS_YES);
2400 break;
2401
2402 case 21:
2403 manager_set_show_status(m, SHOW_STATUS_NO);
2404 break;
2405
2406 case 22:
2407 log_set_max_level(LOG_DEBUG);
2408 log_info("Setting log level to debug.");
2409 break;
2410
2411 case 23:
2412 log_set_max_level(LOG_INFO);
2413 log_info("Setting log level to info.");
2414 break;
2415
2416 case 24:
2417 if (MANAGER_IS_USER(m)) {
2418 m->exit_code = MANAGER_EXIT;
2419 return 0;
2420 }
2421
2422 /* This is a nop on init */
2423 break;
2424
2425 case 26:
2426 case 29: /* compatibility: used to be mapped to LOG_TARGET_SYSLOG_OR_KMSG */
2427 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
2428 log_notice("Setting log target to journal-or-kmsg.");
2429 break;
2430
2431 case 27:
2432 log_set_target(LOG_TARGET_CONSOLE);
2433 log_notice("Setting log target to console.");
2434 break;
2435
2436 case 28:
2437 log_set_target(LOG_TARGET_KMSG);
2438 log_notice("Setting log target to kmsg.");
2439 break;
2440
2441 default:
2442 log_warning("Got unhandled signal <%s>.", signal_to_string(sfsi.ssi_signo));
2443 }
2444 }}
2445
2446 return 0;
2447 }
2448
2449 static int manager_dispatch_time_change_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2450 Manager *m = userdata;
2451 Iterator i;
2452 Unit *u;
2453
2454 assert(m);
2455 assert(m->time_change_fd == fd);
2456
2457 log_struct(LOG_DEBUG,
2458 "MESSAGE_ID=" SD_MESSAGE_TIME_CHANGE_STR,
2459 LOG_MESSAGE("Time has been changed"),
2460 NULL);
2461
2462 /* Restart the watch */
2463 m->time_change_event_source = sd_event_source_unref(m->time_change_event_source);
2464 m->time_change_fd = safe_close(m->time_change_fd);
2465
2466 manager_setup_time_change(m);
2467
2468 HASHMAP_FOREACH(u, m->units, i)
2469 if (UNIT_VTABLE(u)->time_change)
2470 UNIT_VTABLE(u)->time_change(u);
2471
2472 return 0;
2473 }
2474
2475 static int manager_dispatch_idle_pipe_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2476 Manager *m = userdata;
2477
2478 assert(m);
2479 assert(m->idle_pipe[2] == fd);
2480
2481 /* There's at least one Type=idle child that just gave up on us waiting for the boot process to complete. Let's
2482 * now turn off any further console output if there's at least one service that needs console access, so that
2483 * from now on our own output should not spill into that service's output anymore. After all, we support
2484 * Type=idle only to beautify console output and it generally is set on services that want to own the console
2485 * exclusively without our interference. */
2486 m->no_console_output = m->n_on_console > 0;
2487
2488 /* Acknowledge the child's request, and let all all other children know too that they shouldn't wait any longer
2489 * by closing the pipes towards them, which is what they are waiting for. */
2490 manager_close_idle_pipe(m);
2491
2492 return 0;
2493 }
2494
2495 static int manager_dispatch_jobs_in_progress(sd_event_source *source, usec_t usec, void *userdata) {
2496 Manager *m = userdata;
2497 int r;
2498 uint64_t next;
2499
2500 assert(m);
2501 assert(source);
2502
2503 manager_print_jobs_in_progress(m);
2504
2505 next = now(CLOCK_MONOTONIC) + JOBS_IN_PROGRESS_PERIOD_USEC;
2506 r = sd_event_source_set_time(source, next);
2507 if (r < 0)
2508 return r;
2509
2510 return sd_event_source_set_enabled(source, SD_EVENT_ONESHOT);
2511 }
2512
2513 int manager_loop(Manager *m) {
2514 int r;
2515
2516 RATELIMIT_DEFINE(rl, 1*USEC_PER_SEC, 50000);
2517
2518 assert(m);
2519 m->exit_code = MANAGER_OK;
2520
2521 /* Release the path cache */
2522 m->unit_path_cache = set_free_free(m->unit_path_cache);
2523
2524 manager_check_finished(m);
2525
2526 /* There might still be some zombies hanging around from before we were exec()'ed. Let's reap them. */
2527 r = sd_event_source_set_enabled(m->sigchld_event_source, SD_EVENT_ON);
2528 if (r < 0)
2529 return log_error_errno(r, "Failed to enable SIGCHLD event source: %m");
2530
2531 while (m->exit_code == MANAGER_OK) {
2532 usec_t wait_usec;
2533
2534 if (m->runtime_watchdog > 0 && m->runtime_watchdog != USEC_INFINITY && MANAGER_IS_SYSTEM(m))
2535 watchdog_ping();
2536
2537 if (!ratelimit_test(&rl)) {
2538 /* Yay, something is going seriously wrong, pause a little */
2539 log_warning("Looping too fast. Throttling execution a little.");
2540 sleep(1);
2541 }
2542
2543 if (manager_dispatch_load_queue(m) > 0)
2544 continue;
2545
2546 if (manager_dispatch_gc_job_queue(m) > 0)
2547 continue;
2548
2549 if (manager_dispatch_gc_unit_queue(m) > 0)
2550 continue;
2551
2552 if (manager_dispatch_cleanup_queue(m) > 0)
2553 continue;
2554
2555 if (manager_dispatch_cgroup_realize_queue(m) > 0)
2556 continue;
2557
2558 if (manager_dispatch_dbus_queue(m) > 0)
2559 continue;
2560
2561 /* Sleep for half the watchdog time */
2562 if (m->runtime_watchdog > 0 && m->runtime_watchdog != USEC_INFINITY && MANAGER_IS_SYSTEM(m)) {
2563 wait_usec = m->runtime_watchdog / 2;
2564 if (wait_usec <= 0)
2565 wait_usec = 1;
2566 } else
2567 wait_usec = USEC_INFINITY;
2568
2569 r = sd_event_run(m->event, wait_usec);
2570 if (r < 0)
2571 return log_error_errno(r, "Failed to run event loop: %m");
2572 }
2573
2574 return m->exit_code;
2575 }
2576
2577 int manager_load_unit_from_dbus_path(Manager *m, const char *s, sd_bus_error *e, Unit **_u) {
2578 _cleanup_free_ char *n = NULL;
2579 sd_id128_t invocation_id;
2580 Unit *u;
2581 int r;
2582
2583 assert(m);
2584 assert(s);
2585 assert(_u);
2586
2587 r = unit_name_from_dbus_path(s, &n);
2588 if (r < 0)
2589 return r;
2590
2591 /* Permit addressing units by invocation ID: if the passed bus path is suffixed by a 128bit ID then we use it
2592 * as invocation ID. */
2593 r = sd_id128_from_string(n, &invocation_id);
2594 if (r >= 0) {
2595 u = hashmap_get(m->units_by_invocation_id, &invocation_id);
2596 if (u) {
2597 *_u = u;
2598 return 0;
2599 }
2600
2601 return sd_bus_error_setf(e, BUS_ERROR_NO_UNIT_FOR_INVOCATION_ID, "No unit with the specified invocation ID " SD_ID128_FORMAT_STR " known.", SD_ID128_FORMAT_VAL(invocation_id));
2602 }
2603
2604 /* If this didn't work, we check if this is a unit name */
2605 if (!unit_name_is_valid(n, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
2606 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is neither a valid invocation ID nor unit name.", n);
2607
2608 r = manager_load_unit(m, n, NULL, e, &u);
2609 if (r < 0)
2610 return r;
2611
2612 *_u = u;
2613 return 0;
2614 }
2615
2616 int manager_get_job_from_dbus_path(Manager *m, const char *s, Job **_j) {
2617 const char *p;
2618 unsigned id;
2619 Job *j;
2620 int r;
2621
2622 assert(m);
2623 assert(s);
2624 assert(_j);
2625
2626 p = startswith(s, "/org/freedesktop/systemd1/job/");
2627 if (!p)
2628 return -EINVAL;
2629
2630 r = safe_atou(p, &id);
2631 if (r < 0)
2632 return r;
2633
2634 j = manager_get_job(m, id);
2635 if (!j)
2636 return -ENOENT;
2637
2638 *_j = j;
2639
2640 return 0;
2641 }
2642
2643 void manager_send_unit_audit(Manager *m, Unit *u, int type, bool success) {
2644
2645 #if HAVE_AUDIT
2646 _cleanup_free_ char *p = NULL;
2647 const char *msg;
2648 int audit_fd, r;
2649
2650 if (!MANAGER_IS_SYSTEM(m))
2651 return;
2652
2653 audit_fd = get_audit_fd();
2654 if (audit_fd < 0)
2655 return;
2656
2657 /* Don't generate audit events if the service was already
2658 * started and we're just deserializing */
2659 if (MANAGER_IS_RELOADING(m))
2660 return;
2661
2662 if (u->type != UNIT_SERVICE)
2663 return;
2664
2665 r = unit_name_to_prefix_and_instance(u->id, &p);
2666 if (r < 0) {
2667 log_error_errno(r, "Failed to extract prefix and instance of unit name: %m");
2668 return;
2669 }
2670
2671 msg = strjoina("unit=", p);
2672 if (audit_log_user_comm_message(audit_fd, type, msg, "systemd", NULL, NULL, NULL, success) < 0) {
2673 if (errno == EPERM)
2674 /* We aren't allowed to send audit messages?
2675 * Then let's not retry again. */
2676 close_audit_fd();
2677 else
2678 log_warning_errno(errno, "Failed to send audit message: %m");
2679 }
2680 #endif
2681
2682 }
2683
2684 void manager_send_unit_plymouth(Manager *m, Unit *u) {
2685 static const union sockaddr_union sa = PLYMOUTH_SOCKET;
2686 _cleanup_free_ char *message = NULL;
2687 _cleanup_close_ int fd = -1;
2688 int n = 0;
2689
2690 /* Don't generate plymouth events if the service was already
2691 * started and we're just deserializing */
2692 if (MANAGER_IS_RELOADING(m))
2693 return;
2694
2695 if (!MANAGER_IS_SYSTEM(m))
2696 return;
2697
2698 if (detect_container() > 0)
2699 return;
2700
2701 if (!IN_SET(u->type, UNIT_SERVICE, UNIT_MOUNT, UNIT_SWAP))
2702 return;
2703
2704 /* We set SOCK_NONBLOCK here so that we rather drop the
2705 * message then wait for plymouth */
2706 fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2707 if (fd < 0) {
2708 log_error_errno(errno, "socket() failed: %m");
2709 return;
2710 }
2711
2712 if (connect(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un)) < 0) {
2713
2714 if (!IN_SET(errno, EPIPE, EAGAIN, ENOENT, ECONNREFUSED, ECONNRESET, ECONNABORTED))
2715 log_error_errno(errno, "connect() failed: %m");
2716 return;
2717 }
2718
2719 if (asprintf(&message, "U\002%c%s%n", (int) (strlen(u->id) + 1), u->id, &n) < 0) {
2720 log_oom();
2721 return;
2722 }
2723
2724 errno = 0;
2725 if (write(fd, message, n + 1) != n + 1)
2726 if (!IN_SET(errno, EPIPE, EAGAIN, ENOENT, ECONNREFUSED, ECONNRESET, ECONNABORTED))
2727 log_error_errno(errno, "Failed to write Plymouth message: %m");
2728 }
2729
2730 int manager_open_serialization(Manager *m, FILE **_f) {
2731 int fd;
2732 FILE *f;
2733
2734 assert(_f);
2735
2736 fd = open_serialization_fd("systemd-state");
2737 if (fd < 0)
2738 return fd;
2739
2740 f = fdopen(fd, "w+");
2741 if (!f) {
2742 safe_close(fd);
2743 return -errno;
2744 }
2745
2746 *_f = f;
2747 return 0;
2748 }
2749
2750 int manager_serialize(Manager *m, FILE *f, FDSet *fds, bool switching_root) {
2751 ManagerTimestamp q;
2752 const char *t;
2753 Iterator i;
2754 Unit *u;
2755 int r;
2756
2757 assert(m);
2758 assert(f);
2759 assert(fds);
2760
2761 m->n_reloading++;
2762
2763 fprintf(f, "current-job-id=%"PRIu32"\n", m->current_job_id);
2764 fprintf(f, "n-installed-jobs=%u\n", m->n_installed_jobs);
2765 fprintf(f, "n-failed-jobs=%u\n", m->n_failed_jobs);
2766 fprintf(f, "taint-usr=%s\n", yes_no(m->taint_usr));
2767 fprintf(f, "ready-sent=%s\n", yes_no(m->ready_sent));
2768 fprintf(f, "taint-logged=%s\n", yes_no(m->taint_logged));
2769 fprintf(f, "service-watchdogs=%s\n", yes_no(m->service_watchdogs));
2770
2771 for (q = 0; q < _MANAGER_TIMESTAMP_MAX; q++) {
2772 /* The userspace and finish timestamps only apply to the host system, hence only serialize them there */
2773 if (in_initrd() && IN_SET(q, MANAGER_TIMESTAMP_USERSPACE, MANAGER_TIMESTAMP_FINISH))
2774 continue;
2775
2776 t = manager_timestamp_to_string(q);
2777 {
2778 char field[strlen(t) + STRLEN("-timestamp") + 1];
2779 strcpy(stpcpy(field, t), "-timestamp");
2780 dual_timestamp_serialize(f, field, m->timestamps + q);
2781 }
2782 }
2783
2784 if (!switching_root)
2785 (void) serialize_environment(f, m->environment);
2786
2787 if (m->notify_fd >= 0) {
2788 int copy;
2789
2790 copy = fdset_put_dup(fds, m->notify_fd);
2791 if (copy < 0)
2792 return copy;
2793
2794 fprintf(f, "notify-fd=%i\n", copy);
2795 fprintf(f, "notify-socket=%s\n", m->notify_socket);
2796 }
2797
2798 if (m->cgroups_agent_fd >= 0) {
2799 int copy;
2800
2801 copy = fdset_put_dup(fds, m->cgroups_agent_fd);
2802 if (copy < 0)
2803 return copy;
2804
2805 fprintf(f, "cgroups-agent-fd=%i\n", copy);
2806 }
2807
2808 if (m->user_lookup_fds[0] >= 0) {
2809 int copy0, copy1;
2810
2811 copy0 = fdset_put_dup(fds, m->user_lookup_fds[0]);
2812 if (copy0 < 0)
2813 return copy0;
2814
2815 copy1 = fdset_put_dup(fds, m->user_lookup_fds[1]);
2816 if (copy1 < 0)
2817 return copy1;
2818
2819 fprintf(f, "user-lookup=%i %i\n", copy0, copy1);
2820 }
2821
2822 bus_track_serialize(m->subscribed, f, "subscribed");
2823
2824 r = dynamic_user_serialize(m, f, fds);
2825 if (r < 0)
2826 return r;
2827
2828 manager_serialize_uid_refs(m, f);
2829 manager_serialize_gid_refs(m, f);
2830
2831 r = exec_runtime_serialize(m, f, fds);
2832 if (r < 0)
2833 return r;
2834
2835 (void) fputc('\n', f);
2836
2837 HASHMAP_FOREACH_KEY(u, t, m->units, i) {
2838 if (u->id != t)
2839 continue;
2840
2841 /* Start marker */
2842 fputs(u->id, f);
2843 fputc('\n', f);
2844
2845 r = unit_serialize(u, f, fds, !switching_root);
2846 if (r < 0) {
2847 m->n_reloading--;
2848 return r;
2849 }
2850 }
2851
2852 assert(m->n_reloading > 0);
2853 m->n_reloading--;
2854
2855 if (ferror(f))
2856 return -EIO;
2857
2858 r = bus_fdset_add_all(m, fds);
2859 if (r < 0)
2860 return r;
2861
2862 return 0;
2863 }
2864
2865 int manager_deserialize(Manager *m, FILE *f, FDSet *fds) {
2866 int r = 0;
2867
2868 assert(m);
2869 assert(f);
2870
2871 log_debug("Deserializing state...");
2872
2873 m->n_reloading++;
2874
2875 for (;;) {
2876 char line[LINE_MAX];
2877 const char *val, *l;
2878
2879 if (!fgets(line, sizeof(line), f)) {
2880 if (feof(f))
2881 r = 0;
2882 else
2883 r = -errno;
2884
2885 goto finish;
2886 }
2887
2888 char_array_0(line);
2889 l = strstrip(line);
2890
2891 if (l[0] == 0)
2892 break;
2893
2894 if ((val = startswith(l, "current-job-id="))) {
2895 uint32_t id;
2896
2897 if (safe_atou32(val, &id) < 0)
2898 log_notice("Failed to parse current job id value %s", val);
2899 else
2900 m->current_job_id = MAX(m->current_job_id, id);
2901
2902 } else if ((val = startswith(l, "n-installed-jobs="))) {
2903 uint32_t n;
2904
2905 if (safe_atou32(val, &n) < 0)
2906 log_notice("Failed to parse installed jobs counter %s", val);
2907 else
2908 m->n_installed_jobs += n;
2909
2910 } else if ((val = startswith(l, "n-failed-jobs="))) {
2911 uint32_t n;
2912
2913 if (safe_atou32(val, &n) < 0)
2914 log_notice("Failed to parse failed jobs counter %s", val);
2915 else
2916 m->n_failed_jobs += n;
2917
2918 } else if ((val = startswith(l, "taint-usr="))) {
2919 int b;
2920
2921 b = parse_boolean(val);
2922 if (b < 0)
2923 log_notice("Failed to parse taint /usr flag %s", val);
2924 else
2925 m->taint_usr = m->taint_usr || b;
2926
2927 } else if ((val = startswith(l, "ready-sent="))) {
2928 int b;
2929
2930 b = parse_boolean(val);
2931 if (b < 0)
2932 log_notice("Failed to parse ready-sent flag %s", val);
2933 else
2934 m->ready_sent = m->ready_sent || b;
2935
2936 } else if ((val = startswith(l, "taint-logged="))) {
2937 int b;
2938
2939 b = parse_boolean(val);
2940 if (b < 0)
2941 log_notice("Failed to parse taint-logged flag %s", val);
2942 else
2943 m->taint_logged = m->taint_logged || b;
2944
2945 } else if ((val = startswith(l, "service-watchdogs="))) {
2946 int b;
2947
2948 b = parse_boolean(val);
2949 if (b < 0)
2950 log_notice("Failed to parse service-watchdogs flag %s", val);
2951 else
2952 m->service_watchdogs = b;
2953
2954 } else if (startswith(l, "env=")) {
2955 r = deserialize_environment(&m->environment, l);
2956 if (r == -ENOMEM)
2957 goto finish;
2958 if (r < 0)
2959 log_notice_errno(r, "Failed to parse environment entry: \"%s\": %m", l);
2960
2961 } else if ((val = startswith(l, "notify-fd="))) {
2962 int fd;
2963
2964 if (safe_atoi(val, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
2965 log_notice("Failed to parse notify fd: \"%s\"", val);
2966 else {
2967 m->notify_event_source = sd_event_source_unref(m->notify_event_source);
2968 safe_close(m->notify_fd);
2969 m->notify_fd = fdset_remove(fds, fd);
2970 }
2971
2972 } else if ((val = startswith(l, "notify-socket="))) {
2973 char *n;
2974
2975 n = strdup(val);
2976 if (!n) {
2977 r = -ENOMEM;
2978 goto finish;
2979 }
2980
2981 free(m->notify_socket);
2982 m->notify_socket = n;
2983
2984 } else if ((val = startswith(l, "cgroups-agent-fd="))) {
2985 int fd;
2986
2987 if (safe_atoi(val, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
2988 log_notice("Failed to parse cgroups agent fd: %s", val);
2989 else {
2990 m->cgroups_agent_event_source = sd_event_source_unref(m->cgroups_agent_event_source);
2991 safe_close(m->cgroups_agent_fd);
2992 m->cgroups_agent_fd = fdset_remove(fds, fd);
2993 }
2994
2995 } else if ((val = startswith(l, "user-lookup="))) {
2996 int fd0, fd1;
2997
2998 if (sscanf(val, "%i %i", &fd0, &fd1) != 2 || fd0 < 0 || fd1 < 0 || fd0 == fd1 || !fdset_contains(fds, fd0) || !fdset_contains(fds, fd1))
2999 log_notice("Failed to parse user lookup fd: %s", val);
3000 else {
3001 m->user_lookup_event_source = sd_event_source_unref(m->user_lookup_event_source);
3002 safe_close_pair(m->user_lookup_fds);
3003 m->user_lookup_fds[0] = fdset_remove(fds, fd0);
3004 m->user_lookup_fds[1] = fdset_remove(fds, fd1);
3005 }
3006
3007 } else if ((val = startswith(l, "dynamic-user=")))
3008 dynamic_user_deserialize_one(m, val, fds);
3009 else if ((val = startswith(l, "destroy-ipc-uid=")))
3010 manager_deserialize_uid_refs_one(m, val);
3011 else if ((val = startswith(l, "destroy-ipc-gid=")))
3012 manager_deserialize_gid_refs_one(m, val);
3013 else if ((val = startswith(l, "exec-runtime=")))
3014 exec_runtime_deserialize_one(m, val, fds);
3015 else if ((val = startswith(l, "subscribed="))) {
3016
3017 if (strv_extend(&m->deserialized_subscribed, val) < 0)
3018 log_oom();
3019 } else {
3020 ManagerTimestamp q;
3021
3022 for (q = 0; q < _MANAGER_TIMESTAMP_MAX; q++) {
3023 val = startswith(l, manager_timestamp_to_string(q));
3024 if (!val)
3025 continue;
3026
3027 val = startswith(val, "-timestamp=");
3028 if (val)
3029 break;
3030 }
3031
3032 if (q < _MANAGER_TIMESTAMP_MAX) /* found it */
3033 dual_timestamp_deserialize(val, m->timestamps + q);
3034 else if (!startswith(l, "kdbus-fd=")) /* ignore kdbus */
3035 log_notice("Unknown serialization item '%s'", l);
3036 }
3037 }
3038
3039 for (;;) {
3040 Unit *u;
3041 char name[UNIT_NAME_MAX+2];
3042 const char* unit_name;
3043
3044 /* Start marker */
3045 if (!fgets(name, sizeof(name), f)) {
3046 if (feof(f))
3047 r = 0;
3048 else
3049 r = -errno;
3050
3051 goto finish;
3052 }
3053
3054 char_array_0(name);
3055 unit_name = strstrip(name);
3056
3057 r = manager_load_unit(m, unit_name, NULL, NULL, &u);
3058 if (r < 0) {
3059 log_notice_errno(r, "Failed to load unit \"%s\", skipping deserialization: %m", unit_name);
3060 if (r == -ENOMEM)
3061 goto finish;
3062 unit_deserialize_skip(f);
3063 continue;
3064 }
3065
3066 r = unit_deserialize(u, f, fds);
3067 if (r < 0) {
3068 log_notice_errno(r, "Failed to deserialize unit \"%s\": %m", unit_name);
3069 if (r == -ENOMEM)
3070 goto finish;
3071 }
3072 }
3073
3074 finish:
3075 if (ferror(f))
3076 r = -EIO;
3077
3078 assert(m->n_reloading > 0);
3079 m->n_reloading--;
3080
3081 return r;
3082 }
3083
3084 int manager_reload(Manager *m) {
3085 int r, q;
3086 _cleanup_fclose_ FILE *f = NULL;
3087 _cleanup_fdset_free_ FDSet *fds = NULL;
3088
3089 assert(m);
3090
3091 r = manager_open_serialization(m, &f);
3092 if (r < 0)
3093 return r;
3094
3095 m->n_reloading++;
3096 bus_manager_send_reloading(m, true);
3097
3098 fds = fdset_new();
3099 if (!fds) {
3100 m->n_reloading--;
3101 return -ENOMEM;
3102 }
3103
3104 r = manager_serialize(m, f, fds, false);
3105 if (r < 0) {
3106 m->n_reloading--;
3107 return r;
3108 }
3109
3110 if (fseeko(f, 0, SEEK_SET) < 0) {
3111 m->n_reloading--;
3112 return -errno;
3113 }
3114
3115 /* From here on there is no way back. */
3116 manager_clear_jobs_and_units(m);
3117 lookup_paths_flush_generator(&m->lookup_paths);
3118 lookup_paths_free(&m->lookup_paths);
3119 exec_runtime_vacuum(m);
3120 dynamic_user_vacuum(m, false);
3121 m->uid_refs = hashmap_free(m->uid_refs);
3122 m->gid_refs = hashmap_free(m->gid_refs);
3123
3124 q = lookup_paths_init(&m->lookup_paths, m->unit_file_scope, 0, NULL);
3125 if (q < 0 && r >= 0)
3126 r = q;
3127
3128 q = manager_run_environment_generators(m);
3129 if (q < 0 && r >= 0)
3130 r = q;
3131
3132 /* Find new unit paths */
3133 q = manager_run_generators(m);
3134 if (q < 0 && r >= 0)
3135 r = q;
3136
3137 lookup_paths_reduce(&m->lookup_paths);
3138 manager_build_unit_path_cache(m);
3139
3140 /* First, enumerate what we can from all config files */
3141 manager_enumerate(m);
3142
3143 /* Second, deserialize our stored data */
3144 q = manager_deserialize(m, f, fds);
3145 if (q < 0) {
3146 log_error_errno(q, "Deserialization failed: %m");
3147
3148 if (r >= 0)
3149 r = q;
3150 }
3151
3152 fclose(f);
3153 f = NULL;
3154
3155 /* Re-register notify_fd as event source */
3156 q = manager_setup_notify(m);
3157 if (q < 0 && r >= 0)
3158 r = q;
3159
3160 q = manager_setup_cgroups_agent(m);
3161 if (q < 0 && r >= 0)
3162 r = q;
3163
3164 q = manager_setup_user_lookup_fd(m);
3165 if (q < 0 && r >= 0)
3166 r = q;
3167
3168 /* Third, fire things up! */
3169 manager_coldplug(m);
3170
3171 /* Release any dynamic users no longer referenced */
3172 dynamic_user_vacuum(m, true);
3173
3174 /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */
3175 manager_vacuum_uid_refs(m);
3176 manager_vacuum_gid_refs(m);
3177
3178 exec_runtime_vacuum(m);
3179
3180 /* It might be safe to log to the journal now and connect to dbus */
3181 manager_recheck_journal(m);
3182 manager_recheck_dbus(m);
3183
3184 /* Sync current state of bus names with our set of listening units */
3185 if (m->api_bus)
3186 manager_sync_bus_names(m, m->api_bus);
3187
3188 assert(m->n_reloading > 0);
3189 m->n_reloading--;
3190
3191 m->send_reloading_done = true;
3192
3193 return r;
3194 }
3195
3196 void manager_reset_failed(Manager *m) {
3197 Unit *u;
3198 Iterator i;
3199
3200 assert(m);
3201
3202 HASHMAP_FOREACH(u, m->units, i)
3203 unit_reset_failed(u);
3204 }
3205
3206 bool manager_unit_inactive_or_pending(Manager *m, const char *name) {
3207 Unit *u;
3208
3209 assert(m);
3210 assert(name);
3211
3212 /* Returns true if the unit is inactive or going down */
3213 u = manager_get_unit(m, name);
3214 if (!u)
3215 return true;
3216
3217 return unit_inactive_or_pending(u);
3218 }
3219
3220 static void log_taint_string(Manager *m) {
3221 _cleanup_free_ char *taint = NULL;
3222
3223 assert(m);
3224
3225 if (MANAGER_IS_USER(m) || m->taint_logged)
3226 return;
3227
3228 m->taint_logged = true; /* only check for taint once */
3229
3230 taint = manager_taint_string(m);
3231 if (isempty(taint))
3232 return;
3233
3234 log_struct(LOG_NOTICE,
3235 LOG_MESSAGE("System is tainted: %s", taint),
3236 "TAINT=%s", taint,
3237 "MESSAGE_ID=" SD_MESSAGE_TAINTED_STR,
3238 NULL);
3239 }
3240
3241 static void manager_notify_finished(Manager *m) {
3242 char userspace[FORMAT_TIMESPAN_MAX], initrd[FORMAT_TIMESPAN_MAX], kernel[FORMAT_TIMESPAN_MAX], sum[FORMAT_TIMESPAN_MAX];
3243 usec_t firmware_usec, loader_usec, kernel_usec, initrd_usec, userspace_usec, total_usec;
3244
3245 if (m->test_run_flags)
3246 return;
3247
3248 if (MANAGER_IS_SYSTEM(m) && detect_container() <= 0) {
3249 char ts[FORMAT_TIMESPAN_MAX];
3250 char buf[FORMAT_TIMESPAN_MAX + STRLEN(" (firmware) + ") + FORMAT_TIMESPAN_MAX + STRLEN(" (loader) + ")]
3251 = {};
3252 char *p = buf;
3253 size_t size = sizeof buf;
3254
3255 /* Note that MANAGER_TIMESTAMP_KERNEL's monotonic value is always at 0, and
3256 * MANAGER_TIMESTAMP_FIRMWARE's and MANAGER_TIMESTAMP_LOADER's monotonic value should be considered
3257 * negative values. */
3258
3259 firmware_usec = m->timestamps[MANAGER_TIMESTAMP_FIRMWARE].monotonic - m->timestamps[MANAGER_TIMESTAMP_LOADER].monotonic;
3260 loader_usec = m->timestamps[MANAGER_TIMESTAMP_LOADER].monotonic - m->timestamps[MANAGER_TIMESTAMP_KERNEL].monotonic;
3261 userspace_usec = m->timestamps[MANAGER_TIMESTAMP_FINISH].monotonic - m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic;
3262 total_usec = m->timestamps[MANAGER_TIMESTAMP_FIRMWARE].monotonic + m->timestamps[MANAGER_TIMESTAMP_FINISH].monotonic;
3263
3264 if (firmware_usec > 0)
3265 size = strpcpyf(&p, size, "%s (firmware) + ", format_timespan(ts, sizeof(ts), firmware_usec, USEC_PER_MSEC));
3266 if (loader_usec > 0)
3267 size = strpcpyf(&p, size, "%s (loader) + ", format_timespan(ts, sizeof(ts), loader_usec, USEC_PER_MSEC));
3268
3269 if (dual_timestamp_is_set(&m->timestamps[MANAGER_TIMESTAMP_INITRD])) {
3270
3271 /* The initrd case on bare-metal*/
3272 kernel_usec = m->timestamps[MANAGER_TIMESTAMP_INITRD].monotonic - m->timestamps[MANAGER_TIMESTAMP_KERNEL].monotonic;
3273 initrd_usec = m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic - m->timestamps[MANAGER_TIMESTAMP_INITRD].monotonic;
3274
3275 log_struct(LOG_INFO,
3276 "MESSAGE_ID=" SD_MESSAGE_STARTUP_FINISHED_STR,
3277 "KERNEL_USEC="USEC_FMT, kernel_usec,
3278 "INITRD_USEC="USEC_FMT, initrd_usec,
3279 "USERSPACE_USEC="USEC_FMT, userspace_usec,
3280 LOG_MESSAGE("Startup finished in %s%s (kernel) + %s (initrd) + %s (userspace) = %s.",
3281 buf,
3282 format_timespan(kernel, sizeof(kernel), kernel_usec, USEC_PER_MSEC),
3283 format_timespan(initrd, sizeof(initrd), initrd_usec, USEC_PER_MSEC),
3284 format_timespan(userspace, sizeof(userspace), userspace_usec, USEC_PER_MSEC),
3285 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC)),
3286 NULL);
3287 } else {
3288 /* The initrd-less case on bare-metal*/
3289
3290 kernel_usec = m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic - m->timestamps[MANAGER_TIMESTAMP_KERNEL].monotonic;
3291 initrd_usec = 0;
3292
3293 log_struct(LOG_INFO,
3294 "MESSAGE_ID=" SD_MESSAGE_STARTUP_FINISHED_STR,
3295 "KERNEL_USEC="USEC_FMT, kernel_usec,
3296 "USERSPACE_USEC="USEC_FMT, userspace_usec,
3297 LOG_MESSAGE("Startup finished in %s%s (kernel) + %s (userspace) = %s.",
3298 buf,
3299 format_timespan(kernel, sizeof(kernel), kernel_usec, USEC_PER_MSEC),
3300 format_timespan(userspace, sizeof(userspace), userspace_usec, USEC_PER_MSEC),
3301 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC)),
3302 NULL);
3303 }
3304 } else {
3305 /* The container and --user case */
3306 firmware_usec = loader_usec = initrd_usec = kernel_usec = 0;
3307 total_usec = userspace_usec = m->timestamps[MANAGER_TIMESTAMP_FINISH].monotonic - m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic;
3308
3309 log_struct(LOG_INFO,
3310 "MESSAGE_ID=" SD_MESSAGE_USER_STARTUP_FINISHED_STR,
3311 "USERSPACE_USEC="USEC_FMT, userspace_usec,
3312 LOG_MESSAGE("Startup finished in %s.",
3313 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC)),
3314 NULL);
3315 }
3316
3317 bus_manager_send_finished(m, firmware_usec, loader_usec, kernel_usec, initrd_usec, userspace_usec, total_usec);
3318
3319 sd_notifyf(false,
3320 m->ready_sent ? "STATUS=Startup finished in %s."
3321 : "READY=1\n"
3322 "STATUS=Startup finished in %s.",
3323 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC));
3324 m->ready_sent = true;
3325
3326 log_taint_string(m);
3327 }
3328
3329 static void manager_send_ready(Manager *m) {
3330 assert(m);
3331
3332 /* We send READY=1 on reaching basic.target only when running in --user mode. */
3333 if (!MANAGER_IS_USER(m) || m->ready_sent)
3334 return;
3335
3336 m->ready_sent = true;
3337
3338 sd_notifyf(false,
3339 "READY=1\n"
3340 "STATUS=Reached " SPECIAL_BASIC_TARGET ".");
3341 }
3342
3343 static void manager_check_basic_target(Manager *m) {
3344 Unit *u;
3345
3346 assert(m);
3347
3348 /* Small shortcut */
3349 if (m->ready_sent && m->taint_logged)
3350 return;
3351
3352 u = manager_get_unit(m, SPECIAL_BASIC_TARGET);
3353 if (!u || !UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
3354 return;
3355
3356 /* For user managers, send out READY=1 as soon as we reach basic.target */
3357 manager_send_ready(m);
3358
3359 /* Log the taint string as soon as we reach basic.target */
3360 log_taint_string(m);
3361 }
3362
3363 void manager_check_finished(Manager *m) {
3364 assert(m);
3365
3366 if (MANAGER_IS_RELOADING(m))
3367 return;
3368
3369 /* Verify that we have entered the event loop already, and not left it again. */
3370 if (!MANAGER_IS_RUNNING(m))
3371 return;
3372
3373 manager_check_basic_target(m);
3374
3375 if (hashmap_size(m->jobs) > 0) {
3376 if (m->jobs_in_progress_event_source)
3377 /* Ignore any failure, this is only for feedback */
3378 (void) sd_event_source_set_time(m->jobs_in_progress_event_source, now(CLOCK_MONOTONIC) + JOBS_IN_PROGRESS_WAIT_USEC);
3379
3380 return;
3381 }
3382
3383 manager_flip_auto_status(m, false);
3384
3385 /* Notify Type=idle units that we are done now */
3386 manager_close_idle_pipe(m);
3387
3388 /* Turn off confirm spawn now */
3389 m->confirm_spawn = NULL;
3390
3391 /* No need to update ask password status when we're going non-interactive */
3392 manager_close_ask_password(m);
3393
3394 /* This is no longer the first boot */
3395 manager_set_first_boot(m, false);
3396
3397 if (MANAGER_IS_FINISHED(m))
3398 return;
3399
3400 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_FINISH);
3401
3402 manager_notify_finished(m);
3403
3404 manager_invalidate_startup_units(m);
3405 }
3406
3407 static bool generator_path_any(const char* const* paths) {
3408 char **path;
3409 bool found = false;
3410
3411 /* Optimize by skipping the whole process by not creating output directories
3412 * if no generators are found. */
3413 STRV_FOREACH(path, (char**) paths)
3414 if (access(*path, F_OK) == 0)
3415 found = true;
3416 else if (errno != ENOENT)
3417 log_warning_errno(errno, "Failed to open generator directory %s: %m", *path);
3418
3419 return found;
3420 }
3421
3422 static const char* system_env_generator_binary_paths[] = {
3423 "/run/systemd/system-environment-generators",
3424 "/etc/systemd/system-environment-generators",
3425 "/usr/local/lib/systemd/system-environment-generators",
3426 SYSTEM_ENV_GENERATOR_PATH,
3427 NULL
3428 };
3429
3430 static const char* user_env_generator_binary_paths[] = {
3431 "/run/systemd/user-environment-generators",
3432 "/etc/systemd/user-environment-generators",
3433 "/usr/local/lib/systemd/user-environment-generators",
3434 USER_ENV_GENERATOR_PATH,
3435 NULL
3436 };
3437
3438 static int manager_run_environment_generators(Manager *m) {
3439 char **tmp = NULL; /* this is only used in the forked process, no cleanup here */
3440 const char **paths;
3441 void* args[] = {&tmp, &tmp, &m->environment};
3442
3443 if (m->test_run_flags && !(m->test_run_flags & MANAGER_TEST_RUN_ENV_GENERATORS))
3444 return 0;
3445
3446 paths = MANAGER_IS_SYSTEM(m) ? system_env_generator_binary_paths : user_env_generator_binary_paths;
3447
3448 if (!generator_path_any(paths))
3449 return 0;
3450
3451 return execute_directories(paths, DEFAULT_TIMEOUT_USEC, gather_environment, args, NULL);
3452 }
3453
3454 static int manager_run_generators(Manager *m) {
3455 _cleanup_strv_free_ char **paths = NULL;
3456 const char *argv[5];
3457 int r;
3458
3459 assert(m);
3460
3461 if (m->test_run_flags && !(m->test_run_flags & MANAGER_TEST_RUN_GENERATORS))
3462 return 0;
3463
3464 paths = generator_binary_paths(m->unit_file_scope);
3465 if (!paths)
3466 return log_oom();
3467
3468 if (!generator_path_any((const char* const*) paths))
3469 return 0;
3470
3471 r = lookup_paths_mkdir_generator(&m->lookup_paths);
3472 if (r < 0)
3473 goto finish;
3474
3475 argv[0] = NULL; /* Leave this empty, execute_directory() will fill something in */
3476 argv[1] = m->lookup_paths.generator;
3477 argv[2] = m->lookup_paths.generator_early;
3478 argv[3] = m->lookup_paths.generator_late;
3479 argv[4] = NULL;
3480
3481 RUN_WITH_UMASK(0022)
3482 execute_directories((const char* const*) paths, DEFAULT_TIMEOUT_USEC,
3483 NULL, NULL, (char**) argv);
3484
3485 finish:
3486 lookup_paths_trim_generator(&m->lookup_paths);
3487 return r;
3488 }
3489
3490 int manager_environment_add(Manager *m, char **minus, char **plus) {
3491 char **a = NULL, **b = NULL, **l;
3492 assert(m);
3493
3494 l = m->environment;
3495
3496 if (!strv_isempty(minus)) {
3497 a = strv_env_delete(l, 1, minus);
3498 if (!a)
3499 return -ENOMEM;
3500
3501 l = a;
3502 }
3503
3504 if (!strv_isempty(plus)) {
3505 b = strv_env_merge(2, l, plus);
3506 if (!b) {
3507 strv_free(a);
3508 return -ENOMEM;
3509 }
3510
3511 l = b;
3512 }
3513
3514 if (m->environment != l)
3515 strv_free(m->environment);
3516 if (a != l)
3517 strv_free(a);
3518 if (b != l)
3519 strv_free(b);
3520
3521 m->environment = l;
3522 manager_sanitize_environment(m);
3523
3524 return 0;
3525 }
3526
3527 int manager_set_default_rlimits(Manager *m, struct rlimit **default_rlimit) {
3528 int i;
3529
3530 assert(m);
3531
3532 for (i = 0; i < _RLIMIT_MAX; i++) {
3533 m->rlimit[i] = mfree(m->rlimit[i]);
3534
3535 if (!default_rlimit[i])
3536 continue;
3537
3538 m->rlimit[i] = newdup(struct rlimit, default_rlimit[i], 1);
3539 if (!m->rlimit[i])
3540 return log_oom();
3541 }
3542
3543 return 0;
3544 }
3545
3546 void manager_recheck_dbus(Manager *m) {
3547 assert(m);
3548
3549 /* Connects to the bus if the dbus service and socket are running. If we are running in user mode this is all
3550 * it does. In system mode we'll also connect to the system bus (which will most likely just reuse the
3551 * connection of the API bus). That's because the system bus after all runs as service of the system instance,
3552 * while in the user instance we can assume it's already there. */
3553
3554 if (manager_dbus_is_running(m, false)) {
3555 (void) bus_init_api(m);
3556
3557 if (MANAGER_IS_SYSTEM(m))
3558 (void) bus_init_system(m);
3559 } else {
3560 (void) bus_done_api(m);
3561
3562 if (MANAGER_IS_SYSTEM(m))
3563 (void) bus_done_system(m);
3564 }
3565 }
3566
3567 static bool manager_journal_is_running(Manager *m) {
3568 Unit *u;
3569
3570 assert(m);
3571
3572 if (m->test_run_flags != 0)
3573 return false;
3574
3575 /* If we are the user manager we can safely assume that the journal is up */
3576 if (!MANAGER_IS_SYSTEM(m))
3577 return true;
3578
3579 /* Check that the socket is not only up, but in RUNNING state */
3580 u = manager_get_unit(m, SPECIAL_JOURNALD_SOCKET);
3581 if (!u)
3582 return false;
3583 if (SOCKET(u)->state != SOCKET_RUNNING)
3584 return false;
3585
3586 /* Similar, check if the daemon itself is fully up, too */
3587 u = manager_get_unit(m, SPECIAL_JOURNALD_SERVICE);
3588 if (!u)
3589 return false;
3590 if (!IN_SET(SERVICE(u)->state, SERVICE_RELOAD, SERVICE_RUNNING))
3591 return false;
3592
3593 return true;
3594 }
3595
3596 void manager_recheck_journal(Manager *m) {
3597
3598 assert(m);
3599
3600 /* Don't bother with this unless we are in the special situation of being PID 1 */
3601 if (getpid_cached() != 1)
3602 return;
3603
3604 /* The journal is fully and entirely up? If so, let's permit logging to it, if that's configured. If the
3605 * journal is down, don't ever log to it, otherwise we might end up deadlocking ourselves as we might trigger
3606 * an activation ourselves we can't fulfill. */
3607 log_set_prohibit_ipc(!manager_journal_is_running(m));
3608 log_open();
3609 }
3610
3611 void manager_set_show_status(Manager *m, ShowStatus mode) {
3612 assert(m);
3613 assert(IN_SET(mode, SHOW_STATUS_AUTO, SHOW_STATUS_NO, SHOW_STATUS_YES, SHOW_STATUS_TEMPORARY));
3614
3615 if (!MANAGER_IS_SYSTEM(m))
3616 return;
3617
3618 if (m->show_status != mode)
3619 log_debug("%s showing of status.",
3620 mode == SHOW_STATUS_NO ? "Disabling" : "Enabling");
3621 m->show_status = mode;
3622
3623 if (mode > 0)
3624 (void) touch("/run/systemd/show-status");
3625 else
3626 (void) unlink("/run/systemd/show-status");
3627 }
3628
3629 static bool manager_get_show_status(Manager *m, StatusType type) {
3630 assert(m);
3631
3632 if (!MANAGER_IS_SYSTEM(m))
3633 return false;
3634
3635 if (m->no_console_output)
3636 return false;
3637
3638 if (!IN_SET(manager_state(m), MANAGER_INITIALIZING, MANAGER_STARTING, MANAGER_STOPPING))
3639 return false;
3640
3641 /* If we cannot find out the status properly, just proceed. */
3642 if (type != STATUS_TYPE_EMERGENCY && manager_check_ask_password(m) > 0)
3643 return false;
3644
3645 return m->show_status > 0;
3646 }
3647
3648 const char *manager_get_confirm_spawn(Manager *m) {
3649 static int last_errno = 0;
3650 const char *vc = m->confirm_spawn;
3651 struct stat st;
3652 int r;
3653
3654 /* Here's the deal: we want to test the validity of the console but don't want
3655 * PID1 to go through the whole console process which might block. But we also
3656 * want to warn the user only once if something is wrong with the console so we
3657 * cannot do the sanity checks after spawning our children. So here we simply do
3658 * really basic tests to hopefully trap common errors.
3659 *
3660 * If the console suddenly disappear at the time our children will really it
3661 * then they will simply fail to acquire it and a positive answer will be
3662 * assumed. New children will fallback to /dev/console though.
3663 *
3664 * Note: TTYs are devices that can come and go any time, and frequently aren't
3665 * available yet during early boot (consider a USB rs232 dongle...). If for any
3666 * reason the configured console is not ready, we fallback to the default
3667 * console. */
3668
3669 if (!vc || path_equal(vc, "/dev/console"))
3670 return vc;
3671
3672 r = stat(vc, &st);
3673 if (r < 0)
3674 goto fail;
3675
3676 if (!S_ISCHR(st.st_mode)) {
3677 errno = ENOTTY;
3678 goto fail;
3679 }
3680
3681 last_errno = 0;
3682 return vc;
3683 fail:
3684 if (last_errno != errno) {
3685 last_errno = errno;
3686 log_warning_errno(errno, "Failed to open %s: %m, using default console", vc);
3687 }
3688 return "/dev/console";
3689 }
3690
3691 void manager_set_first_boot(Manager *m, bool b) {
3692 assert(m);
3693
3694 if (!MANAGER_IS_SYSTEM(m))
3695 return;
3696
3697 if (m->first_boot != (int) b) {
3698 if (b)
3699 (void) touch("/run/systemd/first-boot");
3700 else
3701 (void) unlink("/run/systemd/first-boot");
3702 }
3703
3704 m->first_boot = b;
3705 }
3706
3707 void manager_disable_confirm_spawn(void) {
3708 (void) touch("/run/systemd/confirm_spawn_disabled");
3709 }
3710
3711 bool manager_is_confirm_spawn_disabled(Manager *m) {
3712 if (!m->confirm_spawn)
3713 return true;
3714
3715 return access("/run/systemd/confirm_spawn_disabled", F_OK) >= 0;
3716 }
3717
3718 void manager_status_printf(Manager *m, StatusType type, const char *status, const char *format, ...) {
3719 va_list ap;
3720
3721 /* If m is NULL, assume we're after shutdown and let the messages through. */
3722
3723 if (m && !manager_get_show_status(m, type))
3724 return;
3725
3726 /* XXX We should totally drop the check for ephemeral here
3727 * and thus effectively make 'Type=idle' pointless. */
3728 if (type == STATUS_TYPE_EPHEMERAL && m && m->n_on_console > 0)
3729 return;
3730
3731 va_start(ap, format);
3732 status_vprintf(status, true, type == STATUS_TYPE_EPHEMERAL, format, ap);
3733 va_end(ap);
3734 }
3735
3736 Set *manager_get_units_requiring_mounts_for(Manager *m, const char *path) {
3737 char p[strlen(path)+1];
3738
3739 assert(m);
3740 assert(path);
3741
3742 strcpy(p, path);
3743 path_kill_slashes(p);
3744
3745 return hashmap_get(m->units_requiring_mounts_for, streq(p, "/") ? "" : p);
3746 }
3747
3748 int manager_update_failed_units(Manager *m, Unit *u, bool failed) {
3749 unsigned size;
3750 int r;
3751
3752 assert(m);
3753 assert(u->manager == m);
3754
3755 size = set_size(m->failed_units);
3756
3757 if (failed) {
3758 r = set_ensure_allocated(&m->failed_units, NULL);
3759 if (r < 0)
3760 return log_oom();
3761
3762 if (set_put(m->failed_units, u) < 0)
3763 return log_oom();
3764 } else
3765 (void) set_remove(m->failed_units, u);
3766
3767 if (set_size(m->failed_units) != size)
3768 bus_manager_send_change_signal(m);
3769
3770 return 0;
3771 }
3772
3773 ManagerState manager_state(Manager *m) {
3774 Unit *u;
3775
3776 assert(m);
3777
3778 /* Did we ever finish booting? If not then we are still starting up */
3779 if (!MANAGER_IS_FINISHED(m)) {
3780
3781 u = manager_get_unit(m, SPECIAL_BASIC_TARGET);
3782 if (!u || !UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
3783 return MANAGER_INITIALIZING;
3784
3785 return MANAGER_STARTING;
3786 }
3787
3788 /* Is the special shutdown target active or queued? If so, we are in shutdown state */
3789 u = manager_get_unit(m, SPECIAL_SHUTDOWN_TARGET);
3790 if (u && unit_active_or_pending(u))
3791 return MANAGER_STOPPING;
3792
3793 if (MANAGER_IS_SYSTEM(m)) {
3794 /* Are the rescue or emergency targets active or queued? If so we are in maintenance state */
3795 u = manager_get_unit(m, SPECIAL_RESCUE_TARGET);
3796 if (u && unit_active_or_pending(u))
3797 return MANAGER_MAINTENANCE;
3798
3799 u = manager_get_unit(m, SPECIAL_EMERGENCY_TARGET);
3800 if (u && unit_active_or_pending(u))
3801 return MANAGER_MAINTENANCE;
3802 }
3803
3804 /* Are there any failed units? If so, we are in degraded mode */
3805 if (set_size(m->failed_units) > 0)
3806 return MANAGER_DEGRADED;
3807
3808 return MANAGER_RUNNING;
3809 }
3810
3811 #define DESTROY_IPC_FLAG (UINT32_C(1) << 31)
3812
3813 static void manager_unref_uid_internal(
3814 Manager *m,
3815 Hashmap **uid_refs,
3816 uid_t uid,
3817 bool destroy_now,
3818 int (*_clean_ipc)(uid_t uid)) {
3819
3820 uint32_t c, n;
3821
3822 assert(m);
3823 assert(uid_refs);
3824 assert(uid_is_valid(uid));
3825 assert(_clean_ipc);
3826
3827 /* A generic implementation, covering both manager_unref_uid() and manager_unref_gid(), under the assumption
3828 * that uid_t and gid_t are actually defined the same way, with the same validity rules.
3829 *
3830 * We store a hashmap where the UID/GID is they key and the value is a 32bit reference counter, whose highest
3831 * bit is used as flag for marking UIDs/GIDs whose IPC objects to remove when the last reference to the UID/GID
3832 * is dropped. The flag is set to on, once at least one reference from a unit where RemoveIPC= is set is added
3833 * on a UID/GID. It is reset when the UID's/GID's reference counter drops to 0 again. */
3834
3835 assert_cc(sizeof(uid_t) == sizeof(gid_t));
3836 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
3837
3838 if (uid == 0) /* We don't keep track of root, and will never destroy it */
3839 return;
3840
3841 c = PTR_TO_UINT32(hashmap_get(*uid_refs, UID_TO_PTR(uid)));
3842
3843 n = c & ~DESTROY_IPC_FLAG;
3844 assert(n > 0);
3845 n--;
3846
3847 if (destroy_now && n == 0) {
3848 hashmap_remove(*uid_refs, UID_TO_PTR(uid));
3849
3850 if (c & DESTROY_IPC_FLAG) {
3851 log_debug("%s " UID_FMT " is no longer referenced, cleaning up its IPC.",
3852 _clean_ipc == clean_ipc_by_uid ? "UID" : "GID",
3853 uid);
3854 (void) _clean_ipc(uid);
3855 }
3856 } else {
3857 c = n | (c & DESTROY_IPC_FLAG);
3858 assert_se(hashmap_update(*uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c)) >= 0);
3859 }
3860 }
3861
3862 void manager_unref_uid(Manager *m, uid_t uid, bool destroy_now) {
3863 manager_unref_uid_internal(m, &m->uid_refs, uid, destroy_now, clean_ipc_by_uid);
3864 }
3865
3866 void manager_unref_gid(Manager *m, gid_t gid, bool destroy_now) {
3867 manager_unref_uid_internal(m, &m->gid_refs, (uid_t) gid, destroy_now, clean_ipc_by_gid);
3868 }
3869
3870 static int manager_ref_uid_internal(
3871 Manager *m,
3872 Hashmap **uid_refs,
3873 uid_t uid,
3874 bool clean_ipc) {
3875
3876 uint32_t c, n;
3877 int r;
3878
3879 assert(m);
3880 assert(uid_refs);
3881 assert(uid_is_valid(uid));
3882
3883 /* A generic implementation, covering both manager_ref_uid() and manager_ref_gid(), under the assumption
3884 * that uid_t and gid_t are actually defined the same way, with the same validity rules. */
3885
3886 assert_cc(sizeof(uid_t) == sizeof(gid_t));
3887 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
3888
3889 if (uid == 0) /* We don't keep track of root, and will never destroy it */
3890 return 0;
3891
3892 r = hashmap_ensure_allocated(uid_refs, &trivial_hash_ops);
3893 if (r < 0)
3894 return r;
3895
3896 c = PTR_TO_UINT32(hashmap_get(*uid_refs, UID_TO_PTR(uid)));
3897
3898 n = c & ~DESTROY_IPC_FLAG;
3899 n++;
3900
3901 if (n & DESTROY_IPC_FLAG) /* check for overflow */
3902 return -EOVERFLOW;
3903
3904 c = n | (c & DESTROY_IPC_FLAG) | (clean_ipc ? DESTROY_IPC_FLAG : 0);
3905
3906 return hashmap_replace(*uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c));
3907 }
3908
3909 int manager_ref_uid(Manager *m, uid_t uid, bool clean_ipc) {
3910 return manager_ref_uid_internal(m, &m->uid_refs, uid, clean_ipc);
3911 }
3912
3913 int manager_ref_gid(Manager *m, gid_t gid, bool clean_ipc) {
3914 return manager_ref_uid_internal(m, &m->gid_refs, (uid_t) gid, clean_ipc);
3915 }
3916
3917 static void manager_vacuum_uid_refs_internal(
3918 Manager *m,
3919 Hashmap **uid_refs,
3920 int (*_clean_ipc)(uid_t uid)) {
3921
3922 Iterator i;
3923 void *p, *k;
3924
3925 assert(m);
3926 assert(uid_refs);
3927 assert(_clean_ipc);
3928
3929 HASHMAP_FOREACH_KEY(p, k, *uid_refs, i) {
3930 uint32_t c, n;
3931 uid_t uid;
3932
3933 uid = PTR_TO_UID(k);
3934 c = PTR_TO_UINT32(p);
3935
3936 n = c & ~DESTROY_IPC_FLAG;
3937 if (n > 0)
3938 continue;
3939
3940 if (c & DESTROY_IPC_FLAG) {
3941 log_debug("Found unreferenced %s " UID_FMT " after reload/reexec. Cleaning up.",
3942 _clean_ipc == clean_ipc_by_uid ? "UID" : "GID",
3943 uid);
3944 (void) _clean_ipc(uid);
3945 }
3946
3947 assert_se(hashmap_remove(*uid_refs, k) == p);
3948 }
3949 }
3950
3951 void manager_vacuum_uid_refs(Manager *m) {
3952 manager_vacuum_uid_refs_internal(m, &m->uid_refs, clean_ipc_by_uid);
3953 }
3954
3955 void manager_vacuum_gid_refs(Manager *m) {
3956 manager_vacuum_uid_refs_internal(m, &m->gid_refs, clean_ipc_by_gid);
3957 }
3958
3959 static void manager_serialize_uid_refs_internal(
3960 Manager *m,
3961 FILE *f,
3962 Hashmap **uid_refs,
3963 const char *field_name) {
3964
3965 Iterator i;
3966 void *p, *k;
3967
3968 assert(m);
3969 assert(f);
3970 assert(uid_refs);
3971 assert(field_name);
3972
3973 /* Serialize the UID reference table. Or actually, just the IPC destruction flag of it, as the actual counter
3974 * of it is better rebuild after a reload/reexec. */
3975
3976 HASHMAP_FOREACH_KEY(p, k, *uid_refs, i) {
3977 uint32_t c;
3978 uid_t uid;
3979
3980 uid = PTR_TO_UID(k);
3981 c = PTR_TO_UINT32(p);
3982
3983 if (!(c & DESTROY_IPC_FLAG))
3984 continue;
3985
3986 fprintf(f, "%s=" UID_FMT "\n", field_name, uid);
3987 }
3988 }
3989
3990 void manager_serialize_uid_refs(Manager *m, FILE *f) {
3991 manager_serialize_uid_refs_internal(m, f, &m->uid_refs, "destroy-ipc-uid");
3992 }
3993
3994 void manager_serialize_gid_refs(Manager *m, FILE *f) {
3995 manager_serialize_uid_refs_internal(m, f, &m->gid_refs, "destroy-ipc-gid");
3996 }
3997
3998 static void manager_deserialize_uid_refs_one_internal(
3999 Manager *m,
4000 Hashmap** uid_refs,
4001 const char *value) {
4002
4003 uid_t uid;
4004 uint32_t c;
4005 int r;
4006
4007 assert(m);
4008 assert(uid_refs);
4009 assert(value);
4010
4011 r = parse_uid(value, &uid);
4012 if (r < 0 || uid == 0) {
4013 log_debug("Unable to parse UID reference serialization");
4014 return;
4015 }
4016
4017 r = hashmap_ensure_allocated(uid_refs, &trivial_hash_ops);
4018 if (r < 0) {
4019 log_oom();
4020 return;
4021 }
4022
4023 c = PTR_TO_UINT32(hashmap_get(*uid_refs, UID_TO_PTR(uid)));
4024 if (c & DESTROY_IPC_FLAG)
4025 return;
4026
4027 c |= DESTROY_IPC_FLAG;
4028
4029 r = hashmap_replace(*uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c));
4030 if (r < 0) {
4031 log_debug("Failed to add UID reference entry");
4032 return;
4033 }
4034 }
4035
4036 void manager_deserialize_uid_refs_one(Manager *m, const char *value) {
4037 manager_deserialize_uid_refs_one_internal(m, &m->uid_refs, value);
4038 }
4039
4040 void manager_deserialize_gid_refs_one(Manager *m, const char *value) {
4041 manager_deserialize_uid_refs_one_internal(m, &m->gid_refs, value);
4042 }
4043
4044 int manager_dispatch_user_lookup_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
4045 struct buffer {
4046 uid_t uid;
4047 gid_t gid;
4048 char unit_name[UNIT_NAME_MAX+1];
4049 } _packed_ buffer;
4050
4051 Manager *m = userdata;
4052 ssize_t l;
4053 size_t n;
4054 Unit *u;
4055
4056 assert_se(source);
4057 assert_se(m);
4058
4059 /* Invoked whenever a child process succeeded resolving its user/group to use and sent us the resulting UID/GID
4060 * in a datagram. We parse the datagram here and pass it off to the unit, so that it can add a reference to the
4061 * UID/GID so that it can destroy the UID/GID's IPC objects when the reference counter drops to 0. */
4062
4063 l = recv(fd, &buffer, sizeof(buffer), MSG_DONTWAIT);
4064 if (l < 0) {
4065 if (IN_SET(errno, EINTR, EAGAIN))
4066 return 0;
4067
4068 return log_error_errno(errno, "Failed to read from user lookup fd: %m");
4069 }
4070
4071 if ((size_t) l <= offsetof(struct buffer, unit_name)) {
4072 log_warning("Received too short user lookup message, ignoring.");
4073 return 0;
4074 }
4075
4076 if ((size_t) l > offsetof(struct buffer, unit_name) + UNIT_NAME_MAX) {
4077 log_warning("Received too long user lookup message, ignoring.");
4078 return 0;
4079 }
4080
4081 if (!uid_is_valid(buffer.uid) && !gid_is_valid(buffer.gid)) {
4082 log_warning("Got user lookup message with invalid UID/GID pair, ignoring.");
4083 return 0;
4084 }
4085
4086 n = (size_t) l - offsetof(struct buffer, unit_name);
4087 if (memchr(buffer.unit_name, 0, n)) {
4088 log_warning("Received lookup message with embedded NUL character, ignoring.");
4089 return 0;
4090 }
4091
4092 buffer.unit_name[n] = 0;
4093 u = manager_get_unit(m, buffer.unit_name);
4094 if (!u) {
4095 log_debug("Got user lookup message but unit doesn't exist, ignoring.");
4096 return 0;
4097 }
4098
4099 log_unit_debug(u, "User lookup succeeded: uid=" UID_FMT " gid=" GID_FMT, buffer.uid, buffer.gid);
4100
4101 unit_notify_user_lookup(u, buffer.uid, buffer.gid);
4102 return 0;
4103 }
4104
4105 char *manager_taint_string(Manager *m) {
4106 _cleanup_free_ char *destination = NULL, *overflowuid = NULL, *overflowgid = NULL;
4107 char *buf, *e;
4108 int r;
4109
4110 /* Returns a "taint string", e.g. "local-hwclock:var-run-bad".
4111 * Only things that are detected at runtime should be tagged
4112 * here. For stuff that is set during compilation, emit a warning
4113 * in the configuration phase. */
4114
4115 assert(m);
4116
4117 buf = new(char, sizeof("split-usr:"
4118 "cgroups-missing:"
4119 "local-hwclock:"
4120 "var-run-bad:"
4121 "overflowuid-not-65534:"
4122 "overflowgid-not-65534:"));
4123 if (!buf)
4124 return NULL;
4125
4126 e = buf;
4127 buf[0] = 0;
4128
4129 if (m->taint_usr)
4130 e = stpcpy(e, "split-usr:");
4131
4132 if (access("/proc/cgroups", F_OK) < 0)
4133 e = stpcpy(e, "cgroups-missing:");
4134
4135 if (clock_is_localtime(NULL) > 0)
4136 e = stpcpy(e, "local-hwclock:");
4137
4138 r = readlink_malloc("/var/run", &destination);
4139 if (r < 0 || !PATH_IN_SET(destination, "../run", "/run"))
4140 e = stpcpy(e, "var-run-bad:");
4141
4142 r = read_one_line_file("/proc/sys/kernel/overflowuid", &overflowuid);
4143 if (r >= 0 && !streq(overflowuid, "65534"))
4144 e = stpcpy(e, "overflowuid-not-65534:");
4145
4146 r = read_one_line_file("/proc/sys/kernel/overflowgid", &overflowgid);
4147 if (r >= 0 && !streq(overflowgid, "65534"))
4148 e = stpcpy(e, "overflowgid-not-65534:");
4149
4150 /* remove the last ':' */
4151 if (e != buf)
4152 e[-1] = 0;
4153
4154 return buf;
4155 }
4156
4157 void manager_ref_console(Manager *m) {
4158 assert(m);
4159
4160 m->n_on_console++;
4161 }
4162
4163 void manager_unref_console(Manager *m) {
4164
4165 assert(m->n_on_console > 0);
4166 m->n_on_console--;
4167
4168 if (m->n_on_console == 0)
4169 m->no_console_output = false; /* unset no_console_output flag, since the console is definitely free now */
4170 }
4171
4172 static const char *const manager_state_table[_MANAGER_STATE_MAX] = {
4173 [MANAGER_INITIALIZING] = "initializing",
4174 [MANAGER_STARTING] = "starting",
4175 [MANAGER_RUNNING] = "running",
4176 [MANAGER_DEGRADED] = "degraded",
4177 [MANAGER_MAINTENANCE] = "maintenance",
4178 [MANAGER_STOPPING] = "stopping",
4179 };
4180
4181 DEFINE_STRING_TABLE_LOOKUP(manager_state, ManagerState);
4182
4183 static const char *const manager_timestamp_table[_MANAGER_TIMESTAMP_MAX] = {
4184 [MANAGER_TIMESTAMP_FIRMWARE] = "firmware",
4185 [MANAGER_TIMESTAMP_LOADER] = "loader",
4186 [MANAGER_TIMESTAMP_KERNEL] = "kernel",
4187 [MANAGER_TIMESTAMP_INITRD] = "initrd",
4188 [MANAGER_TIMESTAMP_USERSPACE] = "userspace",
4189 [MANAGER_TIMESTAMP_FINISH] = "finish",
4190 [MANAGER_TIMESTAMP_SECURITY_START] = "security-start",
4191 [MANAGER_TIMESTAMP_SECURITY_FINISH] = "security-finish",
4192 [MANAGER_TIMESTAMP_GENERATORS_START] = "generators-start",
4193 [MANAGER_TIMESTAMP_GENERATORS_FINISH] = "generators-finish",
4194 [MANAGER_TIMESTAMP_UNITS_LOAD_START] = "units-load-start",
4195 [MANAGER_TIMESTAMP_UNITS_LOAD_FINISH] = "units-load-finish",
4196 };
4197
4198 DEFINE_STRING_TABLE_LOOKUP(manager_timestamp, ManagerTimestamp);
Unnamed repository; edit this file 'description' to name the repository.