]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/scope.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #20321 from bluca/state_dir_symlink
[thirdparty/systemd.git] / src / core / scope.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include <errno.h>
4 #include <unistd.h>
5
6 #include "alloc-util.h"
7 #include "dbus-scope.h"
8 #include "dbus-unit.h"
9 #include "load-dropin.h"
10 #include "log.h"
11 #include "process-util.h"
12 #include "random-util.h"
13 #include "scope.h"
14 #include "serialize.h"
15 #include "special.h"
16 #include "string-table.h"
17 #include "string-util.h"
18 #include "strv.h"
19 #include "unit-name.h"
20 #include "unit.h"
21
22 static const UnitActiveState state_translation_table[_SCOPE_STATE_MAX] = {
23 [SCOPE_DEAD] = UNIT_INACTIVE,
24 [SCOPE_RUNNING] = UNIT_ACTIVE,
25 [SCOPE_ABANDONED] = UNIT_ACTIVE,
26 [SCOPE_STOP_SIGTERM] = UNIT_DEACTIVATING,
27 [SCOPE_STOP_SIGKILL] = UNIT_DEACTIVATING,
28 [SCOPE_FAILED] = UNIT_FAILED
29 };
30
31 static int scope_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
32
33 static void scope_init(Unit *u) {
34 Scope *s = SCOPE(u);
35
36 assert(u);
37 assert(u->load_state == UNIT_STUB);
38
39 s->runtime_max_usec = USEC_INFINITY;
40 s->timeout_stop_usec = u->manager->default_timeout_stop_usec;
41 u->ignore_on_isolate = true;
42 }
43
44 static void scope_done(Unit *u) {
45 Scope *s = SCOPE(u);
46
47 assert(u);
48
49 s->controller = mfree(s->controller);
50 s->controller_track = sd_bus_track_unref(s->controller_track);
51
52 s->timer_event_source = sd_event_source_disable_unref(s->timer_event_source);
53 }
54
55 static usec_t scope_running_timeout(Scope *s) {
56 usec_t delta = 0;
57
58 assert(s);
59
60 if (s->runtime_rand_extra_usec != 0) {
61 delta = random_u64_range(s->runtime_rand_extra_usec);
62 log_unit_debug(UNIT(s), "Adding delta of %s sec to timeout", FORMAT_TIMESPAN(delta, USEC_PER_SEC));
63 }
64
65 return usec_add(usec_add(UNIT(s)->active_enter_timestamp.monotonic,
66 s->runtime_max_usec),
67 delta);
68 }
69
70 static int scope_arm_timer(Scope *s, usec_t usec) {
71 int r;
72
73 assert(s);
74
75 if (s->timer_event_source) {
76 r = sd_event_source_set_time(s->timer_event_source, usec);
77 if (r < 0)
78 return r;
79
80 return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
81 }
82
83 if (usec == USEC_INFINITY)
84 return 0;
85
86 r = sd_event_add_time(
87 UNIT(s)->manager->event,
88 &s->timer_event_source,
89 CLOCK_MONOTONIC,
90 usec, 0,
91 scope_dispatch_timer, s);
92 if (r < 0)
93 return r;
94
95 (void) sd_event_source_set_description(s->timer_event_source, "scope-timer");
96
97 return 0;
98 }
99
100 static void scope_set_state(Scope *s, ScopeState state) {
101 ScopeState old_state;
102 assert(s);
103
104 if (s->state != state)
105 bus_unit_send_pending_change_signal(UNIT(s), false);
106
107 old_state = s->state;
108 s->state = state;
109
110 if (!IN_SET(state, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
111 s->timer_event_source = sd_event_source_disable_unref(s->timer_event_source);
112
113 if (IN_SET(state, SCOPE_DEAD, SCOPE_FAILED)) {
114 unit_unwatch_all_pids(UNIT(s));
115 unit_dequeue_rewatch_pids(UNIT(s));
116 }
117
118 if (state != old_state)
119 log_debug("%s changed %s -> %s", UNIT(s)->id, scope_state_to_string(old_state), scope_state_to_string(state));
120
121 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], 0);
122 }
123
124 static int scope_add_default_dependencies(Scope *s) {
125 int r;
126
127 assert(s);
128
129 if (!UNIT(s)->default_dependencies)
130 return 0;
131
132 /* Make sure scopes are unloaded on shutdown */
133 r = unit_add_two_dependencies_by_name(
134 UNIT(s),
135 UNIT_BEFORE, UNIT_CONFLICTS,
136 SPECIAL_SHUTDOWN_TARGET, true,
137 UNIT_DEPENDENCY_DEFAULT);
138 if (r < 0)
139 return r;
140
141 return 0;
142 }
143
144 static int scope_verify(Scope *s) {
145 assert(s);
146 assert(UNIT(s)->load_state == UNIT_LOADED);
147
148 if (set_isempty(UNIT(s)->pids) &&
149 !MANAGER_IS_RELOADING(UNIT(s)->manager) &&
150 !unit_has_name(UNIT(s), SPECIAL_INIT_SCOPE))
151 return log_unit_error_errno(UNIT(s), SYNTHETIC_ERRNO(ENOENT), "Scope has no PIDs. Refusing.");
152
153 return 0;
154 }
155
156 static int scope_load_init_scope(Unit *u) {
157 assert(u);
158
159 if (!unit_has_name(u, SPECIAL_INIT_SCOPE))
160 return 0;
161
162 u->transient = true;
163 u->perpetual = true;
164
165 /* init.scope is a bit special, as it has to stick around forever. Because of its special semantics we
166 * synthesize it here, instead of relying on the unit file on disk. */
167
168 u->default_dependencies = false;
169
170 /* Prettify things, if we can. */
171 if (!u->description)
172 u->description = strdup("System and Service Manager");
173 if (!u->documentation)
174 (void) strv_extend(&u->documentation, "man:systemd(1)");
175
176 return 1;
177 }
178
179 static int scope_add_extras(Scope *s) {
180 int r;
181
182 r = unit_patch_contexts(UNIT(s));
183 if (r < 0)
184 return r;
185
186 r = unit_set_default_slice(UNIT(s));
187 if (r < 0)
188 return r;
189
190 return scope_add_default_dependencies(s);
191 }
192
193 static int scope_load(Unit *u) {
194 Scope *s = SCOPE(u);
195 int r;
196
197 assert(s);
198 assert(u->load_state == UNIT_STUB);
199
200 if (!u->transient && !MANAGER_IS_RELOADING(u->manager))
201 /* Refuse to load non-transient scope units, but allow them while reloading. */
202 return -ENOENT;
203
204 r = scope_load_init_scope(u);
205 if (r < 0)
206 return r;
207
208 r = unit_load_fragment_and_dropin(u, false);
209 if (r < 0)
210 return r;
211
212 if (u->load_state != UNIT_LOADED)
213 return 0;
214
215 r = scope_add_extras(s);
216 if (r < 0)
217 return r;
218
219 return scope_verify(s);
220 }
221
222 static usec_t scope_coldplug_timeout(Scope *s) {
223 assert(s);
224
225 switch (s->deserialized_state) {
226
227 case SCOPE_RUNNING:
228 return scope_running_timeout(s);
229
230 case SCOPE_STOP_SIGKILL:
231 case SCOPE_STOP_SIGTERM:
232 return usec_add(UNIT(s)->state_change_timestamp.monotonic, s->timeout_stop_usec);
233
234 default:
235 return USEC_INFINITY;
236 }
237 }
238
239 static int scope_coldplug(Unit *u) {
240 Scope *s = SCOPE(u);
241 int r;
242
243 assert(s);
244 assert(s->state == SCOPE_DEAD);
245
246 if (s->deserialized_state == s->state)
247 return 0;
248
249 r = scope_arm_timer(s, scope_coldplug_timeout(s));
250 if (r < 0)
251 return r;
252
253 if (!IN_SET(s->deserialized_state, SCOPE_DEAD, SCOPE_FAILED)) {
254 if (u->pids) {
255 void *pidp;
256
257 SET_FOREACH(pidp, u->pids) {
258 r = unit_watch_pid(u, PTR_TO_PID(pidp), false);
259 if (r < 0 && r != -EEXIST)
260 return r;
261 }
262 } else
263 (void) unit_enqueue_rewatch_pids(u);
264 }
265
266 bus_scope_track_controller(s);
267
268 scope_set_state(s, s->deserialized_state);
269 return 0;
270 }
271
272 static void scope_dump(Unit *u, FILE *f, const char *prefix) {
273 Scope *s = SCOPE(u);
274
275 assert(s);
276 assert(f);
277
278 fprintf(f,
279 "%sScope State: %s\n"
280 "%sResult: %s\n"
281 "%sRuntimeMaxSec: %s\n"
282 "%sRuntimeRandomizedExtraSec: %s\n",
283 prefix, scope_state_to_string(s->state),
284 prefix, scope_result_to_string(s->result),
285 prefix, FORMAT_TIMESPAN(s->runtime_max_usec, USEC_PER_SEC),
286 prefix, FORMAT_TIMESPAN(s->runtime_rand_extra_usec, USEC_PER_SEC));
287
288 cgroup_context_dump(UNIT(s), f, prefix);
289 kill_context_dump(&s->kill_context, f, prefix);
290 }
291
292 static void scope_enter_dead(Scope *s, ScopeResult f) {
293 assert(s);
294
295 if (s->result == SCOPE_SUCCESS)
296 s->result = f;
297
298 unit_log_result(UNIT(s), s->result == SCOPE_SUCCESS, scope_result_to_string(s->result));
299 scope_set_state(s, s->result != SCOPE_SUCCESS ? SCOPE_FAILED : SCOPE_DEAD);
300 }
301
302 static void scope_enter_signal(Scope *s, ScopeState state, ScopeResult f) {
303 bool skip_signal = false;
304 int r;
305
306 assert(s);
307
308 if (s->result == SCOPE_SUCCESS)
309 s->result = f;
310
311 /* Before sending any signal, make sure we track all members of this cgroup */
312 (void) unit_watch_all_pids(UNIT(s));
313
314 /* Also, enqueue a job that we recheck all our PIDs a bit later, given that it's likely some processes have
315 * died now */
316 (void) unit_enqueue_rewatch_pids(UNIT(s));
317
318 /* If we have a controller set let's ask the controller nicely to terminate the scope, instead of us going
319 * directly into SIGTERM berserk mode */
320 if (state == SCOPE_STOP_SIGTERM)
321 skip_signal = bus_scope_send_request_stop(s) > 0;
322
323 if (skip_signal)
324 r = 1; /* wait */
325 else {
326 r = unit_kill_context(
327 UNIT(s),
328 &s->kill_context,
329 state != SCOPE_STOP_SIGTERM ? KILL_KILL :
330 s->was_abandoned ? KILL_TERMINATE_AND_LOG :
331 KILL_TERMINATE,
332 -1, -1, false);
333 if (r < 0)
334 goto fail;
335 }
336
337 if (r > 0) {
338 r = scope_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->timeout_stop_usec));
339 if (r < 0)
340 goto fail;
341
342 scope_set_state(s, state);
343 } else if (state == SCOPE_STOP_SIGTERM)
344 scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_SUCCESS);
345 else
346 scope_enter_dead(s, SCOPE_SUCCESS);
347
348 return;
349
350 fail:
351 log_unit_warning_errno(UNIT(s), r, "Failed to kill processes: %m");
352
353 scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
354 }
355
356 static int scope_start(Unit *u) {
357 Scope *s = SCOPE(u);
358 int r;
359
360 assert(s);
361
362 if (unit_has_name(u, SPECIAL_INIT_SCOPE))
363 return -EPERM;
364
365 if (s->state == SCOPE_FAILED)
366 return -EPERM;
367
368 /* We can't fulfill this right now, please try again later */
369 if (IN_SET(s->state, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
370 return -EAGAIN;
371
372 assert(s->state == SCOPE_DEAD);
373
374 if (!u->transient && !MANAGER_IS_RELOADING(u->manager))
375 return -ENOENT;
376
377 (void) bus_scope_track_controller(s);
378
379 r = unit_acquire_invocation_id(u);
380 if (r < 0)
381 return r;
382
383 (void) unit_realize_cgroup(u);
384 (void) unit_reset_accounting(u);
385
386 unit_export_state_files(u);
387
388 r = unit_attach_pids_to_cgroup(u, u->pids, NULL);
389 if (r < 0) {
390 log_unit_warning_errno(u, r, "Failed to add PIDs to scope's control group: %m");
391 scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
392 return r;
393 }
394
395 s->result = SCOPE_SUCCESS;
396
397 scope_set_state(s, SCOPE_RUNNING);
398
399 /* Set the maximum runtime timeout. */
400 scope_arm_timer(s, scope_running_timeout(s));
401
402 /* On unified we use proper notifications hence we can unwatch the PIDs
403 * we just attached to the scope. This can also be done on legacy as
404 * we're going to update the list of the processes we watch with the
405 * PIDs currently in the scope anyway. */
406 unit_unwatch_all_pids(u);
407
408 /* Start watching the PIDs currently in the scope (legacy hierarchy only) */
409 (void) unit_enqueue_rewatch_pids(u);
410 return 1;
411 }
412
413 static int scope_stop(Unit *u) {
414 Scope *s = SCOPE(u);
415
416 assert(s);
417
418 if (IN_SET(s->state, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
419 return 0;
420
421 assert(IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED));
422
423 scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_SUCCESS);
424 return 1;
425 }
426
427 static void scope_reset_failed(Unit *u) {
428 Scope *s = SCOPE(u);
429
430 assert(s);
431
432 if (s->state == SCOPE_FAILED)
433 scope_set_state(s, SCOPE_DEAD);
434
435 s->result = SCOPE_SUCCESS;
436 }
437
438 static int scope_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
439 return unit_kill_common(u, who, signo, -1, -1, error);
440 }
441
442 static int scope_get_timeout(Unit *u, usec_t *timeout) {
443 Scope *s = SCOPE(u);
444 usec_t t;
445 int r;
446
447 if (!s->timer_event_source)
448 return 0;
449
450 r = sd_event_source_get_time(s->timer_event_source, &t);
451 if (r < 0)
452 return r;
453 if (t == USEC_INFINITY)
454 return 0;
455
456 *timeout = t;
457 return 1;
458 }
459
460 static int scope_serialize(Unit *u, FILE *f, FDSet *fds) {
461 Scope *s = SCOPE(u);
462 void *pidp;
463
464 assert(s);
465 assert(f);
466 assert(fds);
467
468 (void) serialize_item(f, "state", scope_state_to_string(s->state));
469 (void) serialize_bool(f, "was-abandoned", s->was_abandoned);
470
471 if (s->controller)
472 (void) serialize_item(f, "controller", s->controller);
473
474 SET_FOREACH(pidp, u->pids)
475 serialize_item_format(f, "pids", PID_FMT, PTR_TO_PID(pidp));
476
477 return 0;
478 }
479
480 static int scope_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
481 Scope *s = SCOPE(u);
482 int r;
483
484 assert(u);
485 assert(key);
486 assert(value);
487 assert(fds);
488
489 if (streq(key, "state")) {
490 ScopeState state;
491
492 state = scope_state_from_string(value);
493 if (state < 0)
494 log_unit_debug(u, "Failed to parse state value: %s", value);
495 else
496 s->deserialized_state = state;
497
498 } else if (streq(key, "was-abandoned")) {
499 int k;
500
501 k = parse_boolean(value);
502 if (k < 0)
503 log_unit_debug(u, "Failed to parse boolean value: %s", value);
504 else
505 s->was_abandoned = k;
506 } else if (streq(key, "controller")) {
507
508 r = free_and_strdup(&s->controller, value);
509 if (r < 0)
510 return log_oom();
511
512 } else if (streq(key, "pids")) {
513 pid_t pid;
514
515 if (parse_pid(value, &pid) < 0)
516 log_unit_debug(u, "Failed to parse pids value: %s", value);
517 else {
518 r = set_ensure_put(&u->pids, NULL, PID_TO_PTR(pid));
519 if (r < 0)
520 return r;
521 }
522 } else
523 log_unit_debug(u, "Unknown serialization key: %s", key);
524
525 return 0;
526 }
527
528 static void scope_notify_cgroup_empty_event(Unit *u) {
529 Scope *s = SCOPE(u);
530 assert(u);
531
532 log_unit_debug(u, "cgroup is empty");
533
534 if (IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
535 scope_enter_dead(s, SCOPE_SUCCESS);
536
537 /* If the cgroup empty notification comes when the unit is not active, we must have failed to clean
538 * up the cgroup earlier and should do it now. */
539 if (IN_SET(s->state, SCOPE_DEAD, SCOPE_FAILED))
540 unit_prune_cgroup(u);
541 }
542
543 static void scope_sigchld_event(Unit *u, pid_t pid, int code, int status) {
544 assert(u);
545
546 /* If we get a SIGCHLD event for one of the processes we were interested in, then we look for others to
547 * watch, under the assumption that we'll sooner or later get a SIGCHLD for them, as the original
548 * process we watched was probably the parent of them, and they are hence now our children. */
549
550 (void) unit_enqueue_rewatch_pids(u);
551 }
552
553 static int scope_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
554 Scope *s = SCOPE(userdata);
555
556 assert(s);
557 assert(s->timer_event_source == source);
558
559 switch (s->state) {
560
561 case SCOPE_RUNNING:
562 log_unit_warning(UNIT(s), "Scope reached runtime time limit. Stopping.");
563 scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_FAILURE_TIMEOUT);
564 break;
565
566 case SCOPE_STOP_SIGTERM:
567 if (s->kill_context.send_sigkill) {
568 log_unit_warning(UNIT(s), "Stopping timed out. Killing.");
569 scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_FAILURE_TIMEOUT);
570 } else {
571 log_unit_warning(UNIT(s), "Stopping timed out. Skipping SIGKILL.");
572 scope_enter_dead(s, SCOPE_FAILURE_TIMEOUT);
573 }
574
575 break;
576
577 case SCOPE_STOP_SIGKILL:
578 log_unit_warning(UNIT(s), "Still around after SIGKILL. Ignoring.");
579 scope_enter_dead(s, SCOPE_FAILURE_TIMEOUT);
580 break;
581
582 default:
583 assert_not_reached();
584 }
585
586 return 0;
587 }
588
589 int scope_abandon(Scope *s) {
590 assert(s);
591
592 if (unit_has_name(UNIT(s), SPECIAL_INIT_SCOPE))
593 return -EPERM;
594
595 if (!IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED))
596 return -ESTALE;
597
598 s->was_abandoned = true;
599
600 s->controller = mfree(s->controller);
601 s->controller_track = sd_bus_track_unref(s->controller_track);
602
603 scope_set_state(s, SCOPE_ABANDONED);
604
605 /* The client is no longer watching the remaining processes, so let's step in here, under the assumption that
606 * the remaining processes will be sooner or later reassigned to us as parent. */
607 (void) unit_enqueue_rewatch_pids(UNIT(s));
608
609 return 0;
610 }
611
612 _pure_ static UnitActiveState scope_active_state(Unit *u) {
613 assert(u);
614
615 return state_translation_table[SCOPE(u)->state];
616 }
617
618 _pure_ static const char *scope_sub_state_to_string(Unit *u) {
619 assert(u);
620
621 return scope_state_to_string(SCOPE(u)->state);
622 }
623
624 static void scope_enumerate_perpetual(Manager *m) {
625 Unit *u;
626 int r;
627
628 assert(m);
629
630 /* Let's unconditionally add the "init.scope" special unit
631 * that encapsulates PID 1. Note that PID 1 already is in the
632 * cgroup for this, we hence just need to allocate the object
633 * for it and that's it. */
634
635 u = manager_get_unit(m, SPECIAL_INIT_SCOPE);
636 if (!u) {
637 r = unit_new_for_name(m, sizeof(Scope), SPECIAL_INIT_SCOPE, &u);
638 if (r < 0) {
639 log_error_errno(r, "Failed to allocate the special " SPECIAL_INIT_SCOPE " unit: %m");
640 return;
641 }
642 }
643
644 u->transient = true;
645 u->perpetual = true;
646 SCOPE(u)->deserialized_state = SCOPE_RUNNING;
647
648 unit_add_to_load_queue(u);
649 unit_add_to_dbus_queue(u);
650 }
651
652 static const char* const scope_result_table[_SCOPE_RESULT_MAX] = {
653 [SCOPE_SUCCESS] = "success",
654 [SCOPE_FAILURE_RESOURCES] = "resources",
655 [SCOPE_FAILURE_TIMEOUT] = "timeout",
656 };
657
658 DEFINE_STRING_TABLE_LOOKUP(scope_result, ScopeResult);
659
660 const UnitVTable scope_vtable = {
661 .object_size = sizeof(Scope),
662 .cgroup_context_offset = offsetof(Scope, cgroup_context),
663 .kill_context_offset = offsetof(Scope, kill_context),
664
665 .sections =
666 "Unit\0"
667 "Scope\0"
668 "Install\0",
669 .private_section = "Scope",
670
671 .can_transient = true,
672 .can_delegate = true,
673 .can_fail = true,
674 .once_only = true,
675 .can_set_managed_oom = true,
676
677 .init = scope_init,
678 .load = scope_load,
679 .done = scope_done,
680
681 .coldplug = scope_coldplug,
682
683 .dump = scope_dump,
684
685 .start = scope_start,
686 .stop = scope_stop,
687
688 .kill = scope_kill,
689
690 .freeze = unit_freeze_vtable_common,
691 .thaw = unit_thaw_vtable_common,
692
693 .get_timeout = scope_get_timeout,
694
695 .serialize = scope_serialize,
696 .deserialize_item = scope_deserialize_item,
697
698 .active_state = scope_active_state,
699 .sub_state_to_string = scope_sub_state_to_string,
700
701 .sigchld_event = scope_sigchld_event,
702
703 .reset_failed = scope_reset_failed,
704
705 .notify_cgroup_empty = scope_notify_cgroup_empty_event,
706
707 .bus_set_property = bus_scope_set_property,
708 .bus_commit_properties = bus_scope_commit_properties,
709
710 .enumerate_perpetual = scope_enumerate_perpetual,
711 };
Unnamed repository; edit this file 'description' to name the repository.