1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
9 #include "sd-messages.h"
11 #include "all-units.h"
12 #include "alloc-util.h"
13 #include "bpf-firewall.h"
14 #include "bpf-foreign.h"
15 #include "bpf-socket-bind.h"
16 #include "bus-common-errors.h"
18 #include "cgroup-setup.h"
19 #include "cgroup-util.h"
20 #include "chase-symlinks.h"
21 #include "core-varlink.h"
22 #include "dbus-unit.h"
28 #include "fileio-label.h"
30 #include "format-util.h"
31 #include "id128-util.h"
35 #include "load-dropin.h"
36 #include "load-fragment.h"
39 #include "missing_audit.h"
40 #include "mkdir-label.h"
41 #include "path-util.h"
42 #include "process-util.h"
45 #include "signal-util.h"
46 #include "sparse-endian.h"
48 #include "specifier.h"
49 #include "stat-util.h"
50 #include "stdio-util.h"
51 #include "string-table.h"
52 #include "string-util.h"
54 #include "terminal-util.h"
55 #include "tmpfile-util.h"
56 #include "umask-util.h"
57 #include "unit-name.h"
59 #include "user-util.h"
65 /* Thresholds for logging at INFO level about resource consumption */
66 #define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
67 #define MENTIONWORTHY_IO_BYTES (1024 * 1024ULL)
68 #define MENTIONWORTHY_IP_BYTES (0ULL)
70 /* Thresholds for logging at INFO level about resource consumption */
71 #define NOTICEWORTHY_CPU_NSEC (10*60 * NSEC_PER_SEC) /* 10 minutes */
72 #define NOTICEWORTHY_IO_BYTES (10 * 1024 * 1024ULL) /* 10 MB */
73 #define NOTICEWORTHY_IP_BYTES (128 * 1024 * 1024ULL) /* 128 MB */
75 const UnitVTable
* const unit_vtable
[_UNIT_TYPE_MAX
] = {
76 [UNIT_SERVICE
] = &service_vtable
,
77 [UNIT_SOCKET
] = &socket_vtable
,
78 [UNIT_TARGET
] = &target_vtable
,
79 [UNIT_DEVICE
] = &device_vtable
,
80 [UNIT_MOUNT
] = &mount_vtable
,
81 [UNIT_AUTOMOUNT
] = &automount_vtable
,
82 [UNIT_SWAP
] = &swap_vtable
,
83 [UNIT_TIMER
] = &timer_vtable
,
84 [UNIT_PATH
] = &path_vtable
,
85 [UNIT_SLICE
] = &slice_vtable
,
86 [UNIT_SCOPE
] = &scope_vtable
,
89 Unit
* unit_new(Manager
*m
, size_t size
) {
93 assert(size
>= sizeof(Unit
));
100 u
->type
= _UNIT_TYPE_INVALID
;
101 u
->default_dependencies
= true;
102 u
->unit_file_state
= _UNIT_FILE_STATE_INVALID
;
103 u
->unit_file_preset
= -1;
104 u
->on_failure_job_mode
= JOB_REPLACE
;
105 u
->on_success_job_mode
= JOB_FAIL
;
106 u
->cgroup_control_inotify_wd
= -1;
107 u
->cgroup_memory_inotify_wd
= -1;
108 u
->job_timeout
= USEC_INFINITY
;
109 u
->job_running_timeout
= USEC_INFINITY
;
110 u
->ref_uid
= UID_INVALID
;
111 u
->ref_gid
= GID_INVALID
;
112 u
->cpu_usage_last
= NSEC_INFINITY
;
113 u
->cgroup_invalidated_mask
|= CGROUP_MASK_BPF_FIREWALL
;
114 u
->failure_action_exit_status
= u
->success_action_exit_status
= -1;
116 u
->ip_accounting_ingress_map_fd
= -1;
117 u
->ip_accounting_egress_map_fd
= -1;
118 for (CGroupIOAccountingMetric i
= 0; i
< _CGROUP_IO_ACCOUNTING_METRIC_MAX
; i
++)
119 u
->io_accounting_last
[i
] = UINT64_MAX
;
121 u
->ipv4_allow_map_fd
= -1;
122 u
->ipv6_allow_map_fd
= -1;
123 u
->ipv4_deny_map_fd
= -1;
124 u
->ipv6_deny_map_fd
= -1;
126 u
->last_section_private
= -1;
128 u
->start_ratelimit
= (RateLimit
) { m
->default_start_limit_interval
, m
->default_start_limit_burst
};
129 u
->auto_start_stop_ratelimit
= (RateLimit
) { 10 * USEC_PER_SEC
, 16 };
134 int unit_new_for_name(Manager
*m
, size_t size
, const char *name
, Unit
**ret
) {
135 _cleanup_(unit_freep
) Unit
*u
= NULL
;
138 u
= unit_new(m
, size
);
142 r
= unit_add_name(u
, name
);
151 bool unit_has_name(const Unit
*u
, const char *name
) {
155 return streq_ptr(name
, u
->id
) ||
156 set_contains(u
->aliases
, name
);
159 static void unit_init(Unit
*u
) {
166 assert(u
->type
>= 0);
168 cc
= unit_get_cgroup_context(u
);
170 cgroup_context_init(cc
);
172 /* Copy in the manager defaults into the cgroup
173 * context, _before_ the rest of the settings have
174 * been initialized */
176 cc
->cpu_accounting
= u
->manager
->default_cpu_accounting
;
177 cc
->io_accounting
= u
->manager
->default_io_accounting
;
178 cc
->blockio_accounting
= u
->manager
->default_blockio_accounting
;
179 cc
->memory_accounting
= u
->manager
->default_memory_accounting
;
180 cc
->tasks_accounting
= u
->manager
->default_tasks_accounting
;
181 cc
->ip_accounting
= u
->manager
->default_ip_accounting
;
183 if (u
->type
!= UNIT_SLICE
)
184 cc
->tasks_max
= u
->manager
->default_tasks_max
;
187 ec
= unit_get_exec_context(u
);
189 exec_context_init(ec
);
191 if (u
->manager
->default_oom_score_adjust_set
) {
192 ec
->oom_score_adjust
= u
->manager
->default_oom_score_adjust
;
193 ec
->oom_score_adjust_set
= true;
196 if (MANAGER_IS_SYSTEM(u
->manager
))
197 ec
->keyring_mode
= EXEC_KEYRING_SHARED
;
199 ec
->keyring_mode
= EXEC_KEYRING_INHERIT
;
201 /* User manager might have its umask redefined by PAM or UMask=. In this
202 * case let the units it manages inherit this value by default. They can
203 * still tune this value through their own unit file */
204 (void) get_process_umask(getpid_cached(), &ec
->umask
);
208 kc
= unit_get_kill_context(u
);
210 kill_context_init(kc
);
212 if (UNIT_VTABLE(u
)->init
)
213 UNIT_VTABLE(u
)->init(u
);
216 static int unit_add_alias(Unit
*u
, char *donated_name
) {
219 /* Make sure that u->names is allocated. We may leave u->names
220 * empty if we fail later, but this is not a problem. */
221 r
= set_ensure_put(&u
->aliases
, &string_hash_ops
, donated_name
);
229 int unit_add_name(Unit
*u
, const char *text
) {
230 _cleanup_free_
char *name
= NULL
, *instance
= NULL
;
237 if (unit_name_is_valid(text
, UNIT_NAME_TEMPLATE
)) {
239 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
240 "instance is not set when adding name '%s': %m", text
);
242 r
= unit_name_replace_instance(text
, u
->instance
, &name
);
244 return log_unit_debug_errno(u
, r
,
245 "failed to build instance name from '%s': %m", text
);
252 if (unit_has_name(u
, name
))
255 if (hashmap_contains(u
->manager
->units
, name
))
256 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EEXIST
),
257 "unit already exist when adding name '%s': %m", name
);
259 if (!unit_name_is_valid(name
, UNIT_NAME_PLAIN
|UNIT_NAME_INSTANCE
))
260 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
261 "name '%s' is invalid: %m", name
);
263 t
= unit_name_to_type(name
);
265 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
266 "failed to derive unit type from name '%s': %m", name
);
268 if (u
->type
!= _UNIT_TYPE_INVALID
&& t
!= u
->type
)
269 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
270 "unit type is illegal: u->type(%d) and t(%d) for name '%s': %m",
273 r
= unit_name_to_instance(name
, &instance
);
275 return log_unit_debug_errno(u
, r
, "failed to extract instance from name '%s': %m", name
);
277 if (instance
&& !unit_type_may_template(t
))
278 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
), "templates are not allowed for name '%s': %m", name
);
280 /* Ensure that this unit either has no instance, or that the instance matches. */
281 if (u
->type
!= _UNIT_TYPE_INVALID
&& !streq_ptr(u
->instance
, instance
))
282 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
283 "cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
284 name
, instance
, u
->instance
);
286 if (u
->id
&& !unit_type_may_alias(t
))
287 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EEXIST
),
288 "cannot add name %s, aliases are not allowed for %s units.",
289 name
, unit_type_to_string(t
));
291 if (hashmap_size(u
->manager
->units
) >= MANAGER_MAX_NAMES
)
292 return log_unit_warning_errno(u
, SYNTHETIC_ERRNO(E2BIG
), "cannot add name, manager has too many units: %m");
294 /* Add name to the global hashmap first, because that's easier to undo */
295 r
= hashmap_put(u
->manager
->units
, name
, u
);
297 return log_unit_debug_errno(u
, r
, "add unit to hashmap failed for name '%s': %m", text
);
300 r
= unit_add_alias(u
, name
); /* unit_add_alias() takes ownership of the name on success */
302 hashmap_remove(u
->manager
->units
, name
);
308 /* A new name, we don't need the set yet. */
309 assert(u
->type
== _UNIT_TYPE_INVALID
);
310 assert(!u
->instance
);
313 u
->id
= TAKE_PTR(name
);
314 u
->instance
= TAKE_PTR(instance
);
316 LIST_PREPEND(units_by_type
, u
->manager
->units_by_type
[t
], u
);
320 unit_add_to_dbus_queue(u
);
324 int unit_choose_id(Unit
*u
, const char *name
) {
325 _cleanup_free_
char *t
= NULL
;
332 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
336 r
= unit_name_replace_instance(name
, u
->instance
, &t
);
343 if (streq_ptr(u
->id
, name
))
344 return 0; /* Nothing to do. */
346 /* Selects one of the aliases of this unit as the id */
347 s
= set_get(u
->aliases
, (char*) name
);
352 r
= set_remove_and_put(u
->aliases
, name
, u
->id
);
356 assert_se(set_remove(u
->aliases
, name
)); /* see set_get() above… */
358 u
->id
= s
; /* Old u->id is now stored in the set, and s is not stored anywhere */
359 unit_add_to_dbus_queue(u
);
364 int unit_set_description(Unit
*u
, const char *description
) {
369 r
= free_and_strdup(&u
->description
, empty_to_null(description
));
373 unit_add_to_dbus_queue(u
);
378 static bool unit_success_failure_handler_has_jobs(Unit
*unit
) {
381 UNIT_FOREACH_DEPENDENCY(other
, unit
, UNIT_ATOM_ON_SUCCESS
)
382 if (other
->job
|| other
->nop_job
)
385 UNIT_FOREACH_DEPENDENCY(other
, unit
, UNIT_ATOM_ON_FAILURE
)
386 if (other
->job
|| other
->nop_job
)
392 bool unit_may_gc(Unit
*u
) {
393 UnitActiveState state
;
398 /* Checks whether the unit is ready to be unloaded for garbage collection.
399 * Returns true when the unit may be collected, and false if there's some
400 * reason to keep it loaded.
402 * References from other units are *not* checked here. Instead, this is done
403 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
406 if (u
->job
|| u
->nop_job
)
409 state
= unit_active_state(u
);
411 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
412 if (UNIT_IS_INACTIVE_OR_FAILED(state
) &&
413 UNIT_VTABLE(u
)->release_resources
)
414 UNIT_VTABLE(u
)->release_resources(u
);
419 if (sd_bus_track_count(u
->bus_track
) > 0)
422 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
423 switch (u
->collect_mode
) {
425 case COLLECT_INACTIVE
:
426 if (state
!= UNIT_INACTIVE
)
431 case COLLECT_INACTIVE_OR_FAILED
:
432 if (!IN_SET(state
, UNIT_INACTIVE
, UNIT_FAILED
))
438 assert_not_reached();
441 /* Check if any OnFailure= or on Success= jobs may be pending */
442 if (unit_success_failure_handler_has_jobs(u
))
445 if (u
->cgroup_path
) {
446 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
447 * around. Units with active processes should never be collected. */
449 r
= cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
);
451 log_unit_debug_errno(u
, r
, "Failed to determine whether cgroup %s is empty: %m", empty_to_root(u
->cgroup_path
));
456 if (UNIT_VTABLE(u
)->may_gc
&& !UNIT_VTABLE(u
)->may_gc(u
))
462 void unit_add_to_load_queue(Unit
*u
) {
464 assert(u
->type
!= _UNIT_TYPE_INVALID
);
466 if (u
->load_state
!= UNIT_STUB
|| u
->in_load_queue
)
469 LIST_PREPEND(load_queue
, u
->manager
->load_queue
, u
);
470 u
->in_load_queue
= true;
473 void unit_add_to_cleanup_queue(Unit
*u
) {
476 if (u
->in_cleanup_queue
)
479 LIST_PREPEND(cleanup_queue
, u
->manager
->cleanup_queue
, u
);
480 u
->in_cleanup_queue
= true;
483 void unit_add_to_gc_queue(Unit
*u
) {
486 if (u
->in_gc_queue
|| u
->in_cleanup_queue
)
492 LIST_PREPEND(gc_queue
, u
->manager
->gc_unit_queue
, u
);
493 u
->in_gc_queue
= true;
496 void unit_add_to_dbus_queue(Unit
*u
) {
498 assert(u
->type
!= _UNIT_TYPE_INVALID
);
500 if (u
->load_state
== UNIT_STUB
|| u
->in_dbus_queue
)
503 /* Shortcut things if nobody cares */
504 if (sd_bus_track_count(u
->manager
->subscribed
) <= 0 &&
505 sd_bus_track_count(u
->bus_track
) <= 0 &&
506 set_isempty(u
->manager
->private_buses
)) {
507 u
->sent_dbus_new_signal
= true;
511 LIST_PREPEND(dbus_queue
, u
->manager
->dbus_unit_queue
, u
);
512 u
->in_dbus_queue
= true;
515 void unit_submit_to_stop_when_unneeded_queue(Unit
*u
) {
518 if (u
->in_stop_when_unneeded_queue
)
521 if (!u
->stop_when_unneeded
)
524 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
527 LIST_PREPEND(stop_when_unneeded_queue
, u
->manager
->stop_when_unneeded_queue
, u
);
528 u
->in_stop_when_unneeded_queue
= true;
531 void unit_submit_to_start_when_upheld_queue(Unit
*u
) {
534 if (u
->in_start_when_upheld_queue
)
537 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u
)))
540 if (!unit_has_dependency(u
, UNIT_ATOM_START_STEADILY
, NULL
))
543 LIST_PREPEND(start_when_upheld_queue
, u
->manager
->start_when_upheld_queue
, u
);
544 u
->in_start_when_upheld_queue
= true;
547 void unit_submit_to_stop_when_bound_queue(Unit
*u
) {
550 if (u
->in_stop_when_bound_queue
)
553 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
556 if (!unit_has_dependency(u
, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT
, NULL
))
559 LIST_PREPEND(stop_when_bound_queue
, u
->manager
->stop_when_bound_queue
, u
);
560 u
->in_stop_when_bound_queue
= true;
563 static void unit_clear_dependencies(Unit
*u
) {
566 /* Removes all dependencies configured on u and their reverse dependencies. */
568 for (Hashmap
*deps
; (deps
= hashmap_steal_first(u
->dependencies
));) {
570 for (Unit
*other
; (other
= hashmap_steal_first_key(deps
));) {
573 HASHMAP_FOREACH(other_deps
, other
->dependencies
)
574 hashmap_remove(other_deps
, u
);
576 unit_add_to_gc_queue(other
);
582 u
->dependencies
= hashmap_free(u
->dependencies
);
585 static void unit_remove_transient(Unit
*u
) {
591 if (u
->fragment_path
)
592 (void) unlink(u
->fragment_path
);
594 STRV_FOREACH(i
, u
->dropin_paths
) {
595 _cleanup_free_
char *p
= NULL
, *pp
= NULL
;
597 p
= dirname_malloc(*i
); /* Get the drop-in directory from the drop-in file */
601 pp
= dirname_malloc(p
); /* Get the config directory from the drop-in directory */
605 /* Only drop transient drop-ins */
606 if (!path_equal(u
->manager
->lookup_paths
.transient
, pp
))
614 static void unit_free_requires_mounts_for(Unit
*u
) {
618 _cleanup_free_
char *path
= NULL
;
620 path
= hashmap_steal_first_key(u
->requires_mounts_for
);
624 char s
[strlen(path
) + 1];
626 PATH_FOREACH_PREFIX_MORE(s
, path
) {
630 x
= hashmap_get2(u
->manager
->units_requiring_mounts_for
, s
, (void**) &y
);
634 (void) set_remove(x
, u
);
636 if (set_isempty(x
)) {
637 (void) hashmap_remove(u
->manager
->units_requiring_mounts_for
, y
);
645 u
->requires_mounts_for
= hashmap_free(u
->requires_mounts_for
);
648 static void unit_done(Unit
*u
) {
657 if (UNIT_VTABLE(u
)->done
)
658 UNIT_VTABLE(u
)->done(u
);
660 ec
= unit_get_exec_context(u
);
662 exec_context_done(ec
);
664 cc
= unit_get_cgroup_context(u
);
666 cgroup_context_done(cc
);
669 Unit
* unit_free(Unit
*u
) {
676 u
->transient_file
= safe_fclose(u
->transient_file
);
678 if (!MANAGER_IS_RELOADING(u
->manager
))
679 unit_remove_transient(u
);
681 bus_unit_send_removed_signal(u
);
685 unit_dequeue_rewatch_pids(u
);
687 sd_bus_slot_unref(u
->match_bus_slot
);
688 sd_bus_track_unref(u
->bus_track
);
689 u
->deserialized_refs
= strv_free(u
->deserialized_refs
);
690 u
->pending_freezer_message
= sd_bus_message_unref(u
->pending_freezer_message
);
692 unit_free_requires_mounts_for(u
);
694 SET_FOREACH(t
, u
->aliases
)
695 hashmap_remove_value(u
->manager
->units
, t
, u
);
697 hashmap_remove_value(u
->manager
->units
, u
->id
, u
);
699 if (!sd_id128_is_null(u
->invocation_id
))
700 hashmap_remove_value(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
714 /* A unit is being dropped from the tree, make sure our family is realized properly. Do this after we
715 * detach the unit from slice tree in order to eliminate its effect on controller masks. */
716 slice
= UNIT_GET_SLICE(u
);
717 unit_clear_dependencies(u
);
719 unit_add_family_to_cgroup_realize_queue(slice
);
722 manager_unref_console(u
->manager
);
725 fdset_free(u
->initial_socket_bind_link_fds
);
727 bpf_link_free(u
->ipv4_socket_bind_link
);
728 bpf_link_free(u
->ipv6_socket_bind_link
);
731 unit_release_cgroup(u
);
733 if (!MANAGER_IS_RELOADING(u
->manager
))
734 unit_unlink_state_files(u
);
736 unit_unref_uid_gid(u
, false);
738 (void) manager_update_failed_units(u
->manager
, u
, false);
739 set_remove(u
->manager
->startup_units
, u
);
741 unit_unwatch_all_pids(u
);
743 while (u
->refs_by_target
)
744 unit_ref_unset(u
->refs_by_target
);
746 if (u
->type
!= _UNIT_TYPE_INVALID
)
747 LIST_REMOVE(units_by_type
, u
->manager
->units_by_type
[u
->type
], u
);
749 if (u
->in_load_queue
)
750 LIST_REMOVE(load_queue
, u
->manager
->load_queue
, u
);
752 if (u
->in_dbus_queue
)
753 LIST_REMOVE(dbus_queue
, u
->manager
->dbus_unit_queue
, u
);
755 if (u
->in_cleanup_queue
)
756 LIST_REMOVE(cleanup_queue
, u
->manager
->cleanup_queue
, u
);
759 LIST_REMOVE(gc_queue
, u
->manager
->gc_unit_queue
, u
);
761 if (u
->in_cgroup_realize_queue
)
762 LIST_REMOVE(cgroup_realize_queue
, u
->manager
->cgroup_realize_queue
, u
);
764 if (u
->in_cgroup_empty_queue
)
765 LIST_REMOVE(cgroup_empty_queue
, u
->manager
->cgroup_empty_queue
, u
);
767 if (u
->in_cgroup_oom_queue
)
768 LIST_REMOVE(cgroup_oom_queue
, u
->manager
->cgroup_oom_queue
, u
);
770 if (u
->in_target_deps_queue
)
771 LIST_REMOVE(target_deps_queue
, u
->manager
->target_deps_queue
, u
);
773 if (u
->in_stop_when_unneeded_queue
)
774 LIST_REMOVE(stop_when_unneeded_queue
, u
->manager
->stop_when_unneeded_queue
, u
);
776 if (u
->in_start_when_upheld_queue
)
777 LIST_REMOVE(start_when_upheld_queue
, u
->manager
->start_when_upheld_queue
, u
);
779 if (u
->in_stop_when_bound_queue
)
780 LIST_REMOVE(stop_when_bound_queue
, u
->manager
->stop_when_bound_queue
, u
);
782 bpf_firewall_close(u
);
784 hashmap_free(u
->bpf_foreign_by_key
);
786 bpf_program_free(u
->bpf_device_control_installed
);
789 bpf_link_free(u
->restrict_ifaces_ingress_bpf_link
);
790 bpf_link_free(u
->restrict_ifaces_egress_bpf_link
);
792 fdset_free(u
->initial_restric_ifaces_link_fds
);
794 condition_free_list(u
->conditions
);
795 condition_free_list(u
->asserts
);
797 free(u
->description
);
798 strv_free(u
->documentation
);
799 free(u
->fragment_path
);
800 free(u
->source_path
);
801 strv_free(u
->dropin_paths
);
804 free(u
->job_timeout_reboot_arg
);
807 set_free_free(u
->aliases
);
813 FreezerState
unit_freezer_state(Unit
*u
) {
816 return u
->freezer_state
;
819 int unit_freezer_state_kernel(Unit
*u
, FreezerState
*ret
) {
820 char *values
[1] = {};
825 r
= cg_get_keyed_attribute(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, "cgroup.events",
826 STRV_MAKE("frozen"), values
);
830 r
= _FREEZER_STATE_INVALID
;
833 if (streq(values
[0], "0"))
835 else if (streq(values
[0], "1"))
845 UnitActiveState
unit_active_state(Unit
*u
) {
848 if (u
->load_state
== UNIT_MERGED
)
849 return unit_active_state(unit_follow_merge(u
));
851 /* After a reload it might happen that a unit is not correctly
852 * loaded but still has a process around. That's why we won't
853 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
855 return UNIT_VTABLE(u
)->active_state(u
);
858 const char* unit_sub_state_to_string(Unit
*u
) {
861 return UNIT_VTABLE(u
)->sub_state_to_string(u
);
864 static int unit_merge_names(Unit
*u
, Unit
*other
) {
871 r
= unit_add_alias(u
, other
->id
);
875 r
= set_move(u
->aliases
, other
->aliases
);
877 set_remove(u
->aliases
, other
->id
);
882 other
->aliases
= set_free_free(other
->aliases
);
884 SET_FOREACH(name
, u
->aliases
)
885 assert_se(hashmap_replace(u
->manager
->units
, name
, u
) == 0);
890 static int unit_reserve_dependencies(Unit
*u
, Unit
*other
) {
899 /* Let's reserve some space in the dependency hashmaps so that later on merging the units cannot
902 * First make some room in the per dependency type hashmaps. Using the summed size of both unit's
903 * hashmaps is an estimate that is likely too high since they probably use some of the same
904 * types. But it's never too low, and that's all we need. */
906 n_reserve
= MIN(hashmap_size(other
->dependencies
), LESS_BY((size_t) _UNIT_DEPENDENCY_MAX
, hashmap_size(u
->dependencies
)));
908 r
= hashmap_ensure_allocated(&u
->dependencies
, NULL
);
912 r
= hashmap_reserve(u
->dependencies
, n_reserve
);
917 /* Now, enlarge our per dependency type hashmaps by the number of entries in the same hashmap of the
918 * other unit's dependencies.
920 * NB: If u does not have a dependency set allocated for some dependency type, there is no need to
921 * reserve anything for. In that case other's set will be transferred as a whole to u by
922 * complete_move(). */
924 HASHMAP_FOREACH_KEY(deps
, d
, u
->dependencies
) {
927 other_deps
= hashmap_get(other
->dependencies
, d
);
929 r
= hashmap_reserve(deps
, hashmap_size(other_deps
));
937 static void unit_maybe_warn_about_dependency(
939 const char *other_id
,
940 UnitDependency dependency
) {
944 /* Only warn about some unit types */
945 if (!IN_SET(dependency
,
956 if (streq_ptr(u
->id
, other_id
))
957 log_unit_warning(u
, "Dependency %s=%s dropped", unit_dependency_to_string(dependency
), u
->id
);
959 log_unit_warning(u
, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency
), strna(other_id
), u
->id
);
962 static int unit_per_dependency_type_hashmap_update(
965 UnitDependencyMask origin_mask
,
966 UnitDependencyMask destination_mask
) {
968 UnitDependencyInfo info
;
972 assert_cc(sizeof(void*) == sizeof(info
));
974 /* Acquire the UnitDependencyInfo entry for the Unit* we are interested in, and update it if it
975 * exists, or insert it anew if not. */
977 info
.data
= hashmap_get(per_type
, other
);
979 /* Entry already exists. Add in our mask. */
981 if (FLAGS_SET(origin_mask
, info
.origin_mask
) &&
982 FLAGS_SET(destination_mask
, info
.destination_mask
))
985 info
.origin_mask
|= origin_mask
;
986 info
.destination_mask
|= destination_mask
;
988 r
= hashmap_update(per_type
, other
, info
.data
);
990 info
= (UnitDependencyInfo
) {
991 .origin_mask
= origin_mask
,
992 .destination_mask
= destination_mask
,
995 r
= hashmap_put(per_type
, other
, info
.data
);
1004 static int unit_add_dependency_hashmap(
1005 Hashmap
**dependencies
,
1008 UnitDependencyMask origin_mask
,
1009 UnitDependencyMask destination_mask
) {
1014 assert(dependencies
);
1016 assert(origin_mask
< _UNIT_DEPENDENCY_MASK_FULL
);
1017 assert(destination_mask
< _UNIT_DEPENDENCY_MASK_FULL
);
1018 assert(origin_mask
> 0 || destination_mask
> 0);
1020 /* Ensure the top-level dependency hashmap exists that maps UnitDependency → Hashmap(Unit* →
1021 * UnitDependencyInfo) */
1022 r
= hashmap_ensure_allocated(dependencies
, NULL
);
1026 /* Acquire the inner hashmap, that maps Unit* → UnitDependencyInfo, for the specified dependency
1027 * type, and if it's missing allocate it and insert it. */
1028 per_type
= hashmap_get(*dependencies
, UNIT_DEPENDENCY_TO_PTR(d
));
1030 per_type
= hashmap_new(NULL
);
1034 r
= hashmap_put(*dependencies
, UNIT_DEPENDENCY_TO_PTR(d
), per_type
);
1036 hashmap_free(per_type
);
1041 return unit_per_dependency_type_hashmap_update(per_type
, other
, origin_mask
, destination_mask
);
1044 static void unit_merge_dependencies(
1057 _cleanup_(hashmap_freep
) Hashmap
*other_deps
= NULL
;
1058 UnitDependencyInfo di_back
;
1060 void *dt
; /* Actually of type UnitDependency, except that we don't bother casting it here,
1061 * since the hashmaps all want it as void pointer. */
1063 /* Let's focus on one dependency type at a time, that 'other' has defined. */
1064 other_deps
= hashmap_steal_first_key_and_value(other
->dependencies
, &dt
);
1068 /* Now iterate through all dependencies of this dependency type, of 'other'. We refer to the
1069 * referenced units as 'back'. */
1070 HASHMAP_FOREACH_KEY(di_back
.data
, back
, other_deps
) {
1075 /* This is a dependency pointing back to the unit we want to merge with?
1076 * Suppress it (but warn) */
1077 unit_maybe_warn_about_dependency(u
, other
->id
, UNIT_DEPENDENCY_FROM_PTR(dt
));
1081 /* Now iterate through all deps of 'back', and fix the ones pointing to 'other' to
1082 * point to 'u' instead. */
1083 HASHMAP_FOREACH_KEY(back_deps
, back_dt
, back
->dependencies
) {
1084 UnitDependencyInfo di_move
;
1086 di_move
.data
= hashmap_remove(back_deps
, other
);
1090 assert_se(unit_per_dependency_type_hashmap_update(
1093 di_move
.origin_mask
,
1094 di_move
.destination_mask
) >= 0);
1098 /* Now all references towards 'other' of the current type 'dt' are corrected to point to
1099 * 'u'. Lets's now move the deps of type 'dt' from 'other' to 'u'. First, let's try to move
1100 * them per type wholesale. */
1101 r
= hashmap_put(u
->dependencies
, dt
, other_deps
);
1105 /* The target unit already has dependencies of this type, let's then merge this individually. */
1107 assert_se(deps
= hashmap_get(u
->dependencies
, dt
));
1110 UnitDependencyInfo di_move
;
1113 di_move
.data
= hashmap_steal_first_key_and_value(other_deps
, (void**) &back
);
1117 /* Would point back to us, ignore */
1118 unit_maybe_warn_about_dependency(u
, other
->id
, UNIT_DEPENDENCY_FROM_PTR(dt
));
1122 assert_se(unit_per_dependency_type_hashmap_update(deps
, back
, di_move
.origin_mask
, di_move
.destination_mask
) >= 0);
1126 TAKE_PTR(other_deps
);
1128 if (hashmap_remove(other_deps
, u
))
1129 unit_maybe_warn_about_dependency(u
, other
->id
, UNIT_DEPENDENCY_FROM_PTR(dt
));
1133 other
->dependencies
= hashmap_free(other
->dependencies
);
1136 int unit_merge(Unit
*u
, Unit
*other
) {
1141 assert(u
->manager
== other
->manager
);
1142 assert(u
->type
!= _UNIT_TYPE_INVALID
);
1144 other
= unit_follow_merge(other
);
1149 if (u
->type
!= other
->type
)
1152 if (!unit_type_may_alias(u
->type
)) /* Merging only applies to unit names that support aliases */
1155 if (!IN_SET(other
->load_state
, UNIT_STUB
, UNIT_NOT_FOUND
))
1158 if (!streq_ptr(u
->instance
, other
->instance
))
1167 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
1170 /* Make reservations to ensure merge_dependencies() won't fail. We don't rollback reservations if we
1171 * fail. We don't have a way to undo reservations. A reservation is not a leak. */
1172 r
= unit_reserve_dependencies(u
, other
);
1177 r
= unit_merge_names(u
, other
);
1181 /* Redirect all references */
1182 while (other
->refs_by_target
)
1183 unit_ref_set(other
->refs_by_target
, other
->refs_by_target
->source
, u
);
1185 /* Merge dependencies */
1186 unit_merge_dependencies(u
, other
);
1188 other
->load_state
= UNIT_MERGED
;
1189 other
->merged_into
= u
;
1191 /* If there is still some data attached to the other node, we
1192 * don't need it anymore, and can free it. */
1193 if (other
->load_state
!= UNIT_STUB
)
1194 if (UNIT_VTABLE(other
)->done
)
1195 UNIT_VTABLE(other
)->done(other
);
1197 unit_add_to_dbus_queue(u
);
1198 unit_add_to_cleanup_queue(other
);
1203 int unit_merge_by_name(Unit
*u
, const char *name
) {
1204 _cleanup_free_
char *s
= NULL
;
1208 /* Either add name to u, or if a unit with name already exists, merge it with u.
1209 * If name is a template, do the same for name@instance, where instance is u's instance. */
1214 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
1218 r
= unit_name_replace_instance(name
, u
->instance
, &s
);
1225 other
= manager_get_unit(u
->manager
, name
);
1227 return unit_merge(u
, other
);
1229 return unit_add_name(u
, name
);
1232 Unit
* unit_follow_merge(Unit
*u
) {
1235 while (u
->load_state
== UNIT_MERGED
)
1236 assert_se(u
= u
->merged_into
);
1241 int unit_add_exec_dependencies(Unit
*u
, ExecContext
*c
) {
1247 if (c
->working_directory
&& !c
->working_directory_missing_ok
) {
1248 r
= unit_require_mounts_for(u
, c
->working_directory
, UNIT_DEPENDENCY_FILE
);
1253 if (c
->root_directory
) {
1254 r
= unit_require_mounts_for(u
, c
->root_directory
, UNIT_DEPENDENCY_FILE
);
1259 if (c
->root_image
) {
1260 r
= unit_require_mounts_for(u
, c
->root_image
, UNIT_DEPENDENCY_FILE
);
1265 for (ExecDirectoryType dt
= 0; dt
< _EXEC_DIRECTORY_TYPE_MAX
; dt
++) {
1266 if (!u
->manager
->prefix
[dt
])
1269 for (size_t i
= 0; i
< c
->directories
[dt
].n_items
; i
++) {
1270 _cleanup_free_
char *p
= NULL
;
1272 p
= path_join(u
->manager
->prefix
[dt
], c
->directories
[dt
].items
[i
].path
);
1276 r
= unit_require_mounts_for(u
, p
, UNIT_DEPENDENCY_FILE
);
1282 if (!MANAGER_IS_SYSTEM(u
->manager
))
1285 /* For the following three directory types we need write access, and /var/ is possibly on the root
1286 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
1287 if (c
->directories
[EXEC_DIRECTORY_STATE
].n_items
> 0 ||
1288 c
->directories
[EXEC_DIRECTORY_CACHE
].n_items
> 0 ||
1289 c
->directories
[EXEC_DIRECTORY_LOGS
].n_items
> 0) {
1290 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_REMOUNT_FS_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1295 if (c
->private_tmp
) {
1297 /* FIXME: for now we make a special case for /tmp and add a weak dependency on
1298 * tmp.mount so /tmp being masked is supported. However there's no reason to treat
1299 * /tmp specifically and masking other mount units should be handled more
1300 * gracefully too, see PR#16894. */
1301 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_WANTS
, "tmp.mount", true, UNIT_DEPENDENCY_FILE
);
1305 r
= unit_require_mounts_for(u
, "/var/tmp", UNIT_DEPENDENCY_FILE
);
1309 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_TMPFILES_SETUP_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1314 if (c
->root_image
) {
1315 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1316 * implicit dependency on udev */
1318 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_UDEVD_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1323 if (!IN_SET(c
->std_output
,
1324 EXEC_OUTPUT_JOURNAL
, EXEC_OUTPUT_JOURNAL_AND_CONSOLE
,
1325 EXEC_OUTPUT_KMSG
, EXEC_OUTPUT_KMSG_AND_CONSOLE
) &&
1326 !IN_SET(c
->std_error
,
1327 EXEC_OUTPUT_JOURNAL
, EXEC_OUTPUT_JOURNAL_AND_CONSOLE
,
1328 EXEC_OUTPUT_KMSG
, EXEC_OUTPUT_KMSG_AND_CONSOLE
) &&
1332 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1335 if (c
->log_namespace
) {
1336 _cleanup_free_
char *socket_unit
= NULL
, *varlink_socket_unit
= NULL
;
1338 r
= unit_name_build_from_type("systemd-journald", c
->log_namespace
, UNIT_SOCKET
, &socket_unit
);
1342 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, socket_unit
, true, UNIT_DEPENDENCY_FILE
);
1346 r
= unit_name_build_from_type("systemd-journald-varlink", c
->log_namespace
, UNIT_SOCKET
, &varlink_socket_unit
);
1350 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, varlink_socket_unit
, true, UNIT_DEPENDENCY_FILE
);
1354 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_JOURNALD_SOCKET
, true, UNIT_DEPENDENCY_FILE
);
1361 const char* unit_description(Unit
*u
) {
1365 return u
->description
;
1367 return strna(u
->id
);
1370 const char* unit_status_string(Unit
*u
, char **ret_combined_buffer
) {
1374 /* Return u->id, u->description, or "{u->id} - {u->description}".
1375 * Versions with u->description are only used if it is set.
1376 * The last option is used if configured and the caller provided the 'ret_combined_buffer'
1379 * Note that *ret_combined_buffer may be set to NULL. */
1381 if (!u
->description
||
1382 u
->manager
->status_unit_format
== STATUS_UNIT_FORMAT_NAME
||
1383 (u
->manager
->status_unit_format
== STATUS_UNIT_FORMAT_COMBINED
&& !ret_combined_buffer
) ||
1384 streq(u
->description
, u
->id
)) {
1386 if (ret_combined_buffer
)
1387 *ret_combined_buffer
= NULL
;
1391 if (ret_combined_buffer
) {
1392 if (u
->manager
->status_unit_format
== STATUS_UNIT_FORMAT_COMBINED
) {
1393 *ret_combined_buffer
= strjoin(u
->id
, " - ", u
->description
);
1394 if (*ret_combined_buffer
)
1395 return *ret_combined_buffer
;
1396 log_oom(); /* Fall back to ->description */
1398 *ret_combined_buffer
= NULL
;
1401 return u
->description
;
1404 /* Common implementation for multiple backends */
1405 int unit_load_fragment_and_dropin(Unit
*u
, bool fragment_required
) {
1410 /* Load a .{service,socket,...} file */
1411 r
= unit_load_fragment(u
);
1415 if (u
->load_state
== UNIT_STUB
) {
1416 if (fragment_required
)
1419 u
->load_state
= UNIT_LOADED
;
1422 /* Load drop-in directory data. If u is an alias, we might be reloading the
1423 * target unit needlessly. But we cannot be sure which drops-ins have already
1424 * been loaded and which not, at least without doing complicated book-keeping,
1425 * so let's always reread all drop-ins. */
1426 r
= unit_load_dropin(unit_follow_merge(u
));
1430 if (u
->source_path
) {
1433 if (stat(u
->source_path
, &st
) >= 0)
1434 u
->source_mtime
= timespec_load(&st
.st_mtim
);
1436 u
->source_mtime
= 0;
1442 void unit_add_to_target_deps_queue(Unit
*u
) {
1443 Manager
*m
= u
->manager
;
1447 if (u
->in_target_deps_queue
)
1450 LIST_PREPEND(target_deps_queue
, m
->target_deps_queue
, u
);
1451 u
->in_target_deps_queue
= true;
1454 int unit_add_default_target_dependency(Unit
*u
, Unit
*target
) {
1458 if (target
->type
!= UNIT_TARGET
)
1461 /* Only add the dependency if both units are loaded, so that
1462 * that loop check below is reliable */
1463 if (u
->load_state
!= UNIT_LOADED
||
1464 target
->load_state
!= UNIT_LOADED
)
1467 /* If either side wants no automatic dependencies, then let's
1469 if (!u
->default_dependencies
||
1470 !target
->default_dependencies
)
1473 /* Don't create loops */
1474 if (unit_has_dependency(target
, UNIT_ATOM_BEFORE
, u
))
1477 return unit_add_dependency(target
, UNIT_AFTER
, u
, true, UNIT_DEPENDENCY_DEFAULT
);
1480 static int unit_add_slice_dependencies(Unit
*u
) {
1484 if (!UNIT_HAS_CGROUP_CONTEXT(u
))
1487 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1488 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1490 UnitDependencyMask mask
= u
->type
== UNIT_SLICE
? UNIT_DEPENDENCY_IMPLICIT
: UNIT_DEPENDENCY_FILE
;
1492 slice
= UNIT_GET_SLICE(u
);
1494 return unit_add_two_dependencies(u
, UNIT_AFTER
, UNIT_REQUIRES
, slice
, true, mask
);
1496 if (unit_has_name(u
, SPECIAL_ROOT_SLICE
))
1499 return unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, SPECIAL_ROOT_SLICE
, true, mask
);
1502 static int unit_add_mount_dependencies(Unit
*u
) {
1503 UnitDependencyInfo di
;
1509 HASHMAP_FOREACH_KEY(di
.data
, path
, u
->requires_mounts_for
) {
1510 char prefix
[strlen(path
) + 1];
1512 PATH_FOREACH_PREFIX_MORE(prefix
, path
) {
1513 _cleanup_free_
char *p
= NULL
;
1516 r
= unit_name_from_path(prefix
, ".mount", &p
);
1517 if (IN_SET(r
, -EINVAL
, -ENAMETOOLONG
))
1518 continue; /* If the path cannot be converted to a mount unit name, then it's
1519 * not manageable as a unit by systemd, and hence we don't need a
1520 * dependency on it. Let's thus silently ignore the issue. */
1524 m
= manager_get_unit(u
->manager
, p
);
1526 /* Make sure to load the mount unit if it exists. If so the dependencies on
1527 * this unit will be added later during the loading of the mount unit. */
1528 (void) manager_load_unit_prepare(u
->manager
, p
, NULL
, NULL
, &m
);
1534 if (m
->load_state
!= UNIT_LOADED
)
1537 r
= unit_add_dependency(u
, UNIT_AFTER
, m
, true, di
.origin_mask
);
1541 if (m
->fragment_path
) {
1542 r
= unit_add_dependency(u
, UNIT_REQUIRES
, m
, true, di
.origin_mask
);
1552 static int unit_add_oomd_dependencies(Unit
*u
) {
1559 if (!u
->default_dependencies
)
1562 c
= unit_get_cgroup_context(u
);
1566 wants_oomd
= (c
->moom_swap
== MANAGED_OOM_KILL
|| c
->moom_mem_pressure
== MANAGED_OOM_KILL
);
1570 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_WANTS
, "systemd-oomd.service", true, UNIT_DEPENDENCY_FILE
);
1577 static int unit_add_startup_units(Unit
*u
) {
1578 if (!unit_has_startup_cgroup_constraints(u
))
1581 return set_ensure_put(&u
->manager
->startup_units
, NULL
, u
);
1584 static int unit_validate_on_failure_job_mode(
1586 const char *job_mode_setting
,
1588 const char *dependency_name
,
1589 UnitDependencyAtom atom
) {
1591 Unit
*other
, *found
= NULL
;
1593 if (job_mode
!= JOB_ISOLATE
)
1596 UNIT_FOREACH_DEPENDENCY(other
, u
, atom
) {
1599 else if (found
!= other
)
1600 return log_unit_error_errno(
1601 u
, SYNTHETIC_ERRNO(ENOEXEC
),
1602 "More than one %s dependencies specified but %sisolate set. Refusing.",
1603 dependency_name
, job_mode_setting
);
1609 int unit_load(Unit
*u
) {
1614 if (u
->in_load_queue
) {
1615 LIST_REMOVE(load_queue
, u
->manager
->load_queue
, u
);
1616 u
->in_load_queue
= false;
1619 if (u
->type
== _UNIT_TYPE_INVALID
)
1622 if (u
->load_state
!= UNIT_STUB
)
1625 if (u
->transient_file
) {
1626 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1627 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1629 r
= fflush_and_check(u
->transient_file
);
1633 u
->transient_file
= safe_fclose(u
->transient_file
);
1634 u
->fragment_mtime
= now(CLOCK_REALTIME
);
1637 r
= UNIT_VTABLE(u
)->load(u
);
1641 assert(u
->load_state
!= UNIT_STUB
);
1643 if (u
->load_state
== UNIT_LOADED
) {
1644 unit_add_to_target_deps_queue(u
);
1646 r
= unit_add_slice_dependencies(u
);
1650 r
= unit_add_mount_dependencies(u
);
1654 r
= unit_add_oomd_dependencies(u
);
1658 r
= unit_add_startup_units(u
);
1662 r
= unit_validate_on_failure_job_mode(u
, "OnSuccessJobMode=", u
->on_success_job_mode
, "OnSuccess=", UNIT_ATOM_ON_SUCCESS
);
1666 r
= unit_validate_on_failure_job_mode(u
, "OnFailureJobMode=", u
->on_failure_job_mode
, "OnFailure=", UNIT_ATOM_ON_FAILURE
);
1670 if (u
->job_running_timeout
!= USEC_INFINITY
&& u
->job_running_timeout
> u
->job_timeout
)
1671 log_unit_warning(u
, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1673 /* We finished loading, let's ensure our parents recalculate the members mask */
1674 unit_invalidate_cgroup_members_masks(u
);
1677 assert((u
->load_state
!= UNIT_MERGED
) == !u
->merged_into
);
1679 unit_add_to_dbus_queue(unit_follow_merge(u
));
1680 unit_add_to_gc_queue(u
);
1681 (void) manager_varlink_send_managed_oom_update(u
);
1686 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code
1687 * should hence return ENOEXEC to ensure units are placed in this state after loading. */
1689 u
->load_state
= u
->load_state
== UNIT_STUB
? UNIT_NOT_FOUND
:
1690 r
== -ENOEXEC
? UNIT_BAD_SETTING
:
1694 /* Record the timestamp on the cache, so that if the cache gets updated between now and the next time
1695 * an attempt is made to load this unit, we know we need to check again. */
1696 if (u
->load_state
== UNIT_NOT_FOUND
)
1697 u
->fragment_not_found_timestamp_hash
= u
->manager
->unit_cache_timestamp_hash
;
1699 unit_add_to_dbus_queue(u
);
1700 unit_add_to_gc_queue(u
);
1702 return log_unit_debug_errno(u
, r
, "Failed to load configuration: %m");
1706 static int log_unit_internal(void *userdata
, int level
, int error
, const char *file
, int line
, const char *func
, const char *format
, ...) {
1711 if (u
&& !unit_log_level_test(u
, level
))
1712 return -ERRNO_VALUE(error
);
1714 va_start(ap
, format
);
1716 r
= log_object_internalv(level
, error
, file
, line
, func
,
1717 u
->manager
->unit_log_field
,
1719 u
->manager
->invocation_log_field
,
1720 u
->invocation_id_string
,
1723 r
= log_internalv(level
, error
, file
, line
, func
, format
, ap
);
1729 static bool unit_test_condition(Unit
*u
) {
1730 _cleanup_strv_free_
char **env
= NULL
;
1735 dual_timestamp_get(&u
->condition_timestamp
);
1737 r
= manager_get_effective_environment(u
->manager
, &env
);
1739 log_unit_error_errno(u
, r
, "Failed to determine effective environment: %m");
1740 u
->condition_result
= true;
1742 u
->condition_result
= condition_test_list(
1745 condition_type_to_string
,
1749 unit_add_to_dbus_queue(u
);
1750 return u
->condition_result
;
1753 static bool unit_test_assert(Unit
*u
) {
1754 _cleanup_strv_free_
char **env
= NULL
;
1759 dual_timestamp_get(&u
->assert_timestamp
);
1761 r
= manager_get_effective_environment(u
->manager
, &env
);
1763 log_unit_error_errno(u
, r
, "Failed to determine effective environment: %m");
1764 u
->assert_result
= CONDITION_ERROR
;
1766 u
->assert_result
= condition_test_list(
1769 assert_type_to_string
,
1773 unit_add_to_dbus_queue(u
);
1774 return u
->assert_result
;
1777 void unit_status_printf(Unit
*u
, StatusType status_type
, const char *status
, const char *format
, const char *ident
) {
1778 if (log_get_show_color()) {
1779 if (u
->manager
->status_unit_format
== STATUS_UNIT_FORMAT_COMBINED
&& strchr(ident
, ' '))
1780 ident
= strjoina(ANSI_HIGHLIGHT
, u
->id
, ANSI_NORMAL
, " - ", u
->description
);
1782 ident
= strjoina(ANSI_HIGHLIGHT
, ident
, ANSI_NORMAL
);
1785 DISABLE_WARNING_FORMAT_NONLITERAL
;
1786 manager_status_printf(u
->manager
, status_type
, status
, format
, ident
);
1790 int unit_test_start_limit(Unit
*u
) {
1795 if (ratelimit_below(&u
->start_ratelimit
)) {
1796 u
->start_limit_hit
= false;
1800 log_unit_warning(u
, "Start request repeated too quickly.");
1801 u
->start_limit_hit
= true;
1803 reason
= strjoina("unit ", u
->id
, " failed");
1805 emergency_action(u
->manager
, u
->start_limit_action
,
1806 EMERGENCY_ACTION_IS_WATCHDOG
|EMERGENCY_ACTION_WARN
,
1807 u
->reboot_arg
, -1, reason
);
1812 bool unit_shall_confirm_spawn(Unit
*u
) {
1815 if (manager_is_confirm_spawn_disabled(u
->manager
))
1818 /* For some reasons units remaining in the same process group
1819 * as PID 1 fail to acquire the console even if it's not used
1820 * by any process. So skip the confirmation question for them. */
1821 return !unit_get_exec_context(u
)->same_pgrp
;
1824 static bool unit_verify_deps(Unit
*u
) {
1829 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined
1830 * with After=. We do not check Requires= or Requisite= here as they only should have an effect on
1831 * the job processing, but do not have any effect afterwards. We don't check BindsTo= dependencies
1832 * that are not used in conjunction with After= as for them any such check would make things entirely
1835 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT
) {
1837 if (!unit_has_dependency(u
, UNIT_ATOM_AFTER
, other
))
1840 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other
))) {
1841 log_unit_notice(u
, "Bound to unit %s, but unit isn't active.", other
->id
);
1849 /* Errors that aren't really errors:
1850 * -EALREADY: Unit is already started.
1851 * -ECOMM: Condition failed
1852 * -EAGAIN: An operation is already in progress. Retry later.
1854 * Errors that are real errors:
1855 * -EBADR: This unit type does not support starting.
1856 * -ECANCELED: Start limit hit, too many requests for now
1857 * -EPROTO: Assert failed
1858 * -EINVAL: Unit not loaded
1859 * -EOPNOTSUPP: Unit type not supported
1860 * -ENOLINK: The necessary dependencies are not fulfilled.
1861 * -ESTALE: This unit has been started before and can't be started a second time
1862 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
1864 int unit_start(Unit
*u
) {
1865 UnitActiveState state
;
1871 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1872 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1873 * waiting is finished. */
1874 state
= unit_active_state(u
);
1875 if (UNIT_IS_ACTIVE_OR_RELOADING(state
))
1877 if (state
== UNIT_MAINTENANCE
)
1880 /* Units that aren't loaded cannot be started */
1881 if (u
->load_state
!= UNIT_LOADED
)
1884 /* Refuse starting scope units more than once */
1885 if (UNIT_VTABLE(u
)->once_only
&& dual_timestamp_is_set(&u
->inactive_enter_timestamp
))
1888 /* If the conditions failed, don't do anything at all. If we already are activating this call might
1889 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1890 * recheck the condition in that case. */
1891 if (state
!= UNIT_ACTIVATING
&&
1892 !unit_test_condition(u
))
1893 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(ECOMM
), "Starting requested but condition failed. Not starting unit.");
1895 /* If the asserts failed, fail the entire job */
1896 if (state
!= UNIT_ACTIVATING
&&
1897 !unit_test_assert(u
))
1898 return log_unit_notice_errno(u
, SYNTHETIC_ERRNO(EPROTO
), "Starting requested but asserts failed.");
1900 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1901 * condition checks, so that we rather return condition check errors (which are usually not
1902 * considered a true failure) than "not supported" errors (which are considered a failure).
1904 if (!unit_type_supported(u
->type
))
1907 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1908 * should have taken care of this already, but let's check this here again. After all, our
1909 * dependencies might not be in effect anymore, due to a reload or due to a failed condition. */
1910 if (!unit_verify_deps(u
))
1913 /* Forward to the main object, if we aren't it. */
1914 following
= unit_following(u
);
1916 log_unit_debug(u
, "Redirecting start request from %s to %s.", u
->id
, following
->id
);
1917 return unit_start(following
);
1920 /* Check our ability to start early so that failure conditions don't cause us to enter a busy loop. */
1921 if (UNIT_VTABLE(u
)->can_start
) {
1922 r
= UNIT_VTABLE(u
)->can_start(u
);
1927 /* If it is stopped, but we cannot start it, then fail */
1928 if (!UNIT_VTABLE(u
)->start
)
1931 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1932 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1933 * waits for a holdoff timer to elapse before it will start again. */
1935 unit_add_to_dbus_queue(u
);
1936 unit_cgroup_freezer_action(u
, FREEZER_THAW
);
1938 return UNIT_VTABLE(u
)->start(u
);
1941 bool unit_can_start(Unit
*u
) {
1944 if (u
->load_state
!= UNIT_LOADED
)
1947 if (!unit_type_supported(u
->type
))
1950 /* Scope units may be started only once */
1951 if (UNIT_VTABLE(u
)->once_only
&& dual_timestamp_is_set(&u
->inactive_exit_timestamp
))
1954 return !!UNIT_VTABLE(u
)->start
;
1957 bool unit_can_isolate(Unit
*u
) {
1960 return unit_can_start(u
) &&
1965 * -EBADR: This unit type does not support stopping.
1966 * -EALREADY: Unit is already stopped.
1967 * -EAGAIN: An operation is already in progress. Retry later.
1969 int unit_stop(Unit
*u
) {
1970 UnitActiveState state
;
1975 state
= unit_active_state(u
);
1976 if (UNIT_IS_INACTIVE_OR_FAILED(state
))
1979 following
= unit_following(u
);
1981 log_unit_debug(u
, "Redirecting stop request from %s to %s.", u
->id
, following
->id
);
1982 return unit_stop(following
);
1985 if (!UNIT_VTABLE(u
)->stop
)
1988 unit_add_to_dbus_queue(u
);
1989 unit_cgroup_freezer_action(u
, FREEZER_THAW
);
1991 return UNIT_VTABLE(u
)->stop(u
);
1994 bool unit_can_stop(Unit
*u
) {
1997 /* Note: if we return true here, it does not mean that the unit may be successfully stopped.
1998 * Extrinsic units follow external state and they may stop following external state changes
1999 * (hence we return true here), but an attempt to do this through the manager will fail. */
2001 if (!unit_type_supported(u
->type
))
2007 return !!UNIT_VTABLE(u
)->stop
;
2011 * -EBADR: This unit type does not support reloading.
2012 * -ENOEXEC: Unit is not started.
2013 * -EAGAIN: An operation is already in progress. Retry later.
2015 int unit_reload(Unit
*u
) {
2016 UnitActiveState state
;
2021 if (u
->load_state
!= UNIT_LOADED
)
2024 if (!unit_can_reload(u
))
2027 state
= unit_active_state(u
);
2028 if (state
== UNIT_RELOADING
)
2031 if (state
!= UNIT_ACTIVE
)
2032 return log_unit_warning_errno(u
, SYNTHETIC_ERRNO(ENOEXEC
), "Unit cannot be reloaded because it is inactive.");
2034 following
= unit_following(u
);
2036 log_unit_debug(u
, "Redirecting reload request from %s to %s.", u
->id
, following
->id
);
2037 return unit_reload(following
);
2040 unit_add_to_dbus_queue(u
);
2042 if (!UNIT_VTABLE(u
)->reload
) {
2043 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
2044 unit_notify(u
, unit_active_state(u
), unit_active_state(u
), 0);
2048 unit_cgroup_freezer_action(u
, FREEZER_THAW
);
2050 return UNIT_VTABLE(u
)->reload(u
);
2053 bool unit_can_reload(Unit
*u
) {
2056 if (UNIT_VTABLE(u
)->can_reload
)
2057 return UNIT_VTABLE(u
)->can_reload(u
);
2059 if (unit_has_dependency(u
, UNIT_ATOM_PROPAGATES_RELOAD_TO
, NULL
))
2062 return UNIT_VTABLE(u
)->reload
;
2065 bool unit_is_unneeded(Unit
*u
) {
2069 if (!u
->stop_when_unneeded
)
2072 /* Don't clean up while the unit is transitioning or is even inactive. */
2073 if (unit_active_state(u
) != UNIT_ACTIVE
)
2078 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_PINS_STOP_WHEN_UNNEEDED
) {
2079 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
2080 * restart, then don't clean this one up. */
2085 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
2088 if (unit_will_restart(other
))
2095 bool unit_is_upheld_by_active(Unit
*u
, Unit
**ret_culprit
) {
2100 /* Checks if the unit needs to be started because it currently is not running, but some other unit
2101 * that is active declared an Uphold= dependencies on it */
2103 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u
)) || u
->job
) {
2105 *ret_culprit
= NULL
;
2109 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_START_STEADILY
) {
2113 if (UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other
))) {
2115 *ret_culprit
= other
;
2121 *ret_culprit
= NULL
;
2125 bool unit_is_bound_by_inactive(Unit
*u
, Unit
**ret_culprit
) {
2130 /* Checks whether this unit is bound to another unit that is inactive, i.e. whether we should stop
2131 * because the other unit is down. */
2133 if (unit_active_state(u
) != UNIT_ACTIVE
|| u
->job
) {
2134 /* Don't clean up while the unit is transitioning or is even inactive. */
2136 *ret_culprit
= NULL
;
2140 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT
) {
2144 if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
))) {
2146 *ret_culprit
= other
;
2153 *ret_culprit
= NULL
;
2157 static void check_unneeded_dependencies(Unit
*u
) {
2161 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2163 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_ADD_STOP_WHEN_UNNEEDED_QUEUE
)
2164 unit_submit_to_stop_when_unneeded_queue(other
);
2167 static void check_uphold_dependencies(Unit
*u
) {
2171 /* Add all units this unit depends on to the queue that processes Uphold= behaviour. */
2173 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_ADD_START_WHEN_UPHELD_QUEUE
)
2174 unit_submit_to_start_when_upheld_queue(other
);
2177 static void check_bound_by_dependencies(Unit
*u
) {
2181 /* Add all units this unit depends on to the queue that processes BindsTo= stop behaviour. */
2183 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_ADD_CANNOT_BE_ACTIVE_WITHOUT_QUEUE
)
2184 unit_submit_to_stop_when_bound_queue(other
);
2187 static void retroactively_start_dependencies(Unit
*u
) {
2191 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)));
2193 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_RETROACTIVE_START_REPLACE
) /* Requires= + BindsTo= */
2194 if (!unit_has_dependency(u
, UNIT_ATOM_AFTER
, other
) &&
2195 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2196 manager_add_job(u
->manager
, JOB_START
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2198 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_RETROACTIVE_START_FAIL
) /* Wants= */
2199 if (!unit_has_dependency(u
, UNIT_ATOM_AFTER
, other
) &&
2200 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2201 manager_add_job(u
->manager
, JOB_START
, other
, JOB_FAIL
, NULL
, NULL
, NULL
);
2203 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_RETROACTIVE_STOP_ON_START
) /* Conflicts= (and inverse) */
2204 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2205 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2208 static void retroactively_stop_dependencies(Unit
*u
) {
2212 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u
)));
2214 /* Pull down units which are bound to us recursively if enabled */
2215 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_RETROACTIVE_STOP_ON_STOP
) /* BoundBy= */
2216 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2217 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2220 void unit_start_on_failure(
2222 const char *dependency_name
,
2223 UnitDependencyAtom atom
,
2231 assert(dependency_name
);
2232 assert(IN_SET(atom
, UNIT_ATOM_ON_SUCCESS
, UNIT_ATOM_ON_FAILURE
));
2234 /* Act on OnFailure= and OnSuccess= dependencies */
2236 UNIT_FOREACH_DEPENDENCY(other
, u
, atom
) {
2237 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
2240 log_unit_info(u
, "Triggering %s dependencies.", dependency_name
);
2244 r
= manager_add_job(u
->manager
, JOB_START
, other
, job_mode
, NULL
, &error
, NULL
);
2246 log_unit_warning_errno(
2247 u
, r
, "Failed to enqueue %s job, ignoring: %s",
2248 dependency_name
, bus_error_message(&error
, r
));
2253 log_unit_debug(u
, "Triggering %s dependencies done (%u %s).",
2254 dependency_name
, n_jobs
, n_jobs
== 1 ? "job" : "jobs");
2257 void unit_trigger_notify(Unit
*u
) {
2262 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_TRIGGERED_BY
)
2263 if (UNIT_VTABLE(other
)->trigger_notify
)
2264 UNIT_VTABLE(other
)->trigger_notify(other
, u
);
2267 static int raise_level(int log_level
, bool condition_info
, bool condition_notice
) {
2268 if (condition_notice
&& log_level
> LOG_NOTICE
)
2270 if (condition_info
&& log_level
> LOG_INFO
)
2275 static int unit_log_resources(Unit
*u
) {
2276 struct iovec iovec
[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX
+ _CGROUP_IO_ACCOUNTING_METRIC_MAX
+ 4];
2277 bool any_traffic
= false, have_ip_accounting
= false, any_io
= false, have_io_accounting
= false;
2278 _cleanup_free_
char *igress
= NULL
, *egress
= NULL
, *rr
= NULL
, *wr
= NULL
;
2279 int log_level
= LOG_DEBUG
; /* May be raised if resources consumed over a threshold */
2280 size_t n_message_parts
= 0, n_iovec
= 0;
2281 char* message_parts
[1 + 2 + 2 + 1], *t
;
2282 nsec_t nsec
= NSEC_INFINITY
;
2284 const char* const ip_fields
[_CGROUP_IP_ACCOUNTING_METRIC_MAX
] = {
2285 [CGROUP_IP_INGRESS_BYTES
] = "IP_METRIC_INGRESS_BYTES",
2286 [CGROUP_IP_INGRESS_PACKETS
] = "IP_METRIC_INGRESS_PACKETS",
2287 [CGROUP_IP_EGRESS_BYTES
] = "IP_METRIC_EGRESS_BYTES",
2288 [CGROUP_IP_EGRESS_PACKETS
] = "IP_METRIC_EGRESS_PACKETS",
2290 const char* const io_fields
[_CGROUP_IO_ACCOUNTING_METRIC_MAX
] = {
2291 [CGROUP_IO_READ_BYTES
] = "IO_METRIC_READ_BYTES",
2292 [CGROUP_IO_WRITE_BYTES
] = "IO_METRIC_WRITE_BYTES",
2293 [CGROUP_IO_READ_OPERATIONS
] = "IO_METRIC_READ_OPERATIONS",
2294 [CGROUP_IO_WRITE_OPERATIONS
] = "IO_METRIC_WRITE_OPERATIONS",
2299 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2300 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2301 * information and the complete data in structured fields. */
2303 (void) unit_get_cpu_usage(u
, &nsec
);
2304 if (nsec
!= NSEC_INFINITY
) {
2305 /* Format the CPU time for inclusion in the structured log message */
2306 if (asprintf(&t
, "CPU_USAGE_NSEC=%" PRIu64
, nsec
) < 0) {
2310 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2312 /* Format the CPU time for inclusion in the human language message string */
2313 t
= strjoin("consumed ", FORMAT_TIMESPAN(nsec
/ NSEC_PER_USEC
, USEC_PER_MSEC
), " CPU time");
2319 message_parts
[n_message_parts
++] = t
;
2321 log_level
= raise_level(log_level
,
2322 nsec
> MENTIONWORTHY_CPU_NSEC
,
2323 nsec
> NOTICEWORTHY_CPU_NSEC
);
2326 for (CGroupIOAccountingMetric k
= 0; k
< _CGROUP_IO_ACCOUNTING_METRIC_MAX
; k
++) {
2327 uint64_t value
= UINT64_MAX
;
2329 assert(io_fields
[k
]);
2331 (void) unit_get_io_accounting(u
, k
, k
> 0, &value
);
2332 if (value
== UINT64_MAX
)
2335 have_io_accounting
= true;
2339 /* Format IO accounting data for inclusion in the structured log message */
2340 if (asprintf(&t
, "%s=%" PRIu64
, io_fields
[k
], value
) < 0) {
2344 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2346 /* Format the IO accounting data for inclusion in the human language message string, but only
2347 * for the bytes counters (and not for the operations counters) */
2348 if (k
== CGROUP_IO_READ_BYTES
) {
2350 rr
= strjoin("read ", strna(FORMAT_BYTES(value
)), " from disk");
2355 } else if (k
== CGROUP_IO_WRITE_BYTES
) {
2357 wr
= strjoin("written ", strna(FORMAT_BYTES(value
)), " to disk");
2364 if (IN_SET(k
, CGROUP_IO_READ_BYTES
, CGROUP_IO_WRITE_BYTES
))
2365 log_level
= raise_level(log_level
,
2366 value
> MENTIONWORTHY_IO_BYTES
,
2367 value
> NOTICEWORTHY_IO_BYTES
);
2370 if (have_io_accounting
) {
2373 message_parts
[n_message_parts
++] = TAKE_PTR(rr
);
2375 message_parts
[n_message_parts
++] = TAKE_PTR(wr
);
2380 k
= strdup("no IO");
2386 message_parts
[n_message_parts
++] = k
;
2390 for (CGroupIPAccountingMetric m
= 0; m
< _CGROUP_IP_ACCOUNTING_METRIC_MAX
; m
++) {
2391 uint64_t value
= UINT64_MAX
;
2393 assert(ip_fields
[m
]);
2395 (void) unit_get_ip_accounting(u
, m
, &value
);
2396 if (value
== UINT64_MAX
)
2399 have_ip_accounting
= true;
2403 /* Format IP accounting data for inclusion in the structured log message */
2404 if (asprintf(&t
, "%s=%" PRIu64
, ip_fields
[m
], value
) < 0) {
2408 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2410 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2411 * bytes counters (and not for the packets counters) */
2412 if (m
== CGROUP_IP_INGRESS_BYTES
) {
2414 igress
= strjoin("received ", strna(FORMAT_BYTES(value
)), " IP traffic");
2419 } else if (m
== CGROUP_IP_EGRESS_BYTES
) {
2421 egress
= strjoin("sent ", strna(FORMAT_BYTES(value
)), " IP traffic");
2428 if (IN_SET(m
, CGROUP_IP_INGRESS_BYTES
, CGROUP_IP_EGRESS_BYTES
))
2429 log_level
= raise_level(log_level
,
2430 value
> MENTIONWORTHY_IP_BYTES
,
2431 value
> NOTICEWORTHY_IP_BYTES
);
2434 /* This check is here because it is the earliest point following all possible log_level assignments. If
2435 * log_level is assigned anywhere after this point, move this check. */
2436 if (!unit_log_level_test(u
, log_level
)) {
2441 if (have_ip_accounting
) {
2444 message_parts
[n_message_parts
++] = TAKE_PTR(igress
);
2446 message_parts
[n_message_parts
++] = TAKE_PTR(egress
);
2451 k
= strdup("no IP traffic");
2457 message_parts
[n_message_parts
++] = k
;
2461 /* Is there any accounting data available at all? */
2467 if (n_message_parts
== 0)
2468 t
= strjoina("MESSAGE=", u
->id
, ": Completed.");
2470 _cleanup_free_
char *joined
= NULL
;
2472 message_parts
[n_message_parts
] = NULL
;
2474 joined
= strv_join(message_parts
, ", ");
2480 joined
[0] = ascii_toupper(joined
[0]);
2481 t
= strjoina("MESSAGE=", u
->id
, ": ", joined
, ".");
2484 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2485 * and hence don't increase n_iovec for them */
2486 iovec
[n_iovec
] = IOVEC_MAKE_STRING(t
);
2487 iovec
[n_iovec
+ 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR
);
2489 t
= strjoina(u
->manager
->unit_log_field
, u
->id
);
2490 iovec
[n_iovec
+ 2] = IOVEC_MAKE_STRING(t
);
2492 t
= strjoina(u
->manager
->invocation_log_field
, u
->invocation_id_string
);
2493 iovec
[n_iovec
+ 3] = IOVEC_MAKE_STRING(t
);
2495 log_unit_struct_iovec(u
, log_level
, iovec
, n_iovec
+ 4);
2499 for (size_t i
= 0; i
< n_message_parts
; i
++)
2500 free(message_parts
[i
]);
2502 for (size_t i
= 0; i
< n_iovec
; i
++)
2503 free(iovec
[i
].iov_base
);
2509 static void unit_update_on_console(Unit
*u
) {
2514 b
= unit_needs_console(u
);
2515 if (u
->on_console
== b
)
2520 manager_ref_console(u
->manager
);
2522 manager_unref_console(u
->manager
);
2525 static void unit_emit_audit_start(Unit
*u
) {
2528 if (u
->type
!= UNIT_SERVICE
)
2531 /* Write audit record if we have just finished starting up */
2532 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_START
, true);
2536 static void unit_emit_audit_stop(Unit
*u
, UnitActiveState state
) {
2539 if (u
->type
!= UNIT_SERVICE
)
2543 /* Write audit record if we have just finished shutting down */
2544 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_STOP
, state
== UNIT_INACTIVE
);
2545 u
->in_audit
= false;
2547 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2548 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_START
, state
== UNIT_INACTIVE
);
2550 if (state
== UNIT_INACTIVE
)
2551 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_STOP
, true);
2555 static bool unit_process_job(Job
*j
, UnitActiveState ns
, UnitNotifyFlags flags
) {
2556 bool unexpected
= false;
2561 if (j
->state
== JOB_WAITING
)
2563 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2565 job_add_to_run_queue(j
);
2567 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2568 * hence needs to invalidate jobs. */
2573 case JOB_VERIFY_ACTIVE
:
2575 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2576 job_finish_and_invalidate(j
, JOB_DONE
, true, false);
2577 else if (j
->state
== JOB_RUNNING
&& ns
!= UNIT_ACTIVATING
) {
2580 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2581 if (ns
== UNIT_FAILED
)
2582 result
= JOB_FAILED
;
2586 job_finish_and_invalidate(j
, result
, true, false);
2593 case JOB_RELOAD_OR_START
:
2594 case JOB_TRY_RELOAD
:
2596 if (j
->state
== JOB_RUNNING
) {
2597 if (ns
== UNIT_ACTIVE
)
2598 job_finish_and_invalidate(j
, (flags
& UNIT_NOTIFY_RELOAD_FAILURE
) ? JOB_FAILED
: JOB_DONE
, true, false);
2599 else if (!IN_SET(ns
, UNIT_ACTIVATING
, UNIT_RELOADING
)) {
2602 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2603 job_finish_and_invalidate(j
, ns
== UNIT_FAILED
? JOB_FAILED
: JOB_DONE
, true, false);
2611 case JOB_TRY_RESTART
:
2613 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2614 job_finish_and_invalidate(j
, JOB_DONE
, true, false);
2615 else if (j
->state
== JOB_RUNNING
&& ns
!= UNIT_DEACTIVATING
) {
2617 job_finish_and_invalidate(j
, JOB_FAILED
, true, false);
2623 assert_not_reached();
2629 void unit_notify(Unit
*u
, UnitActiveState os
, UnitActiveState ns
, UnitNotifyFlags flags
) {
2634 assert(os
< _UNIT_ACTIVE_STATE_MAX
);
2635 assert(ns
< _UNIT_ACTIVE_STATE_MAX
);
2637 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2638 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2639 * remounted this function will be called too! */
2643 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2644 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2645 unit_add_to_dbus_queue(u
);
2647 /* Update systemd-oomd on the property/state change */
2649 /* Always send an update if the unit is going into an inactive state so systemd-oomd knows to stop
2651 * Also send an update whenever the unit goes active; this is to handle a case where an override file
2652 * sets one of the ManagedOOM*= properties to "kill", then later removes it. systemd-oomd needs to
2653 * know to stop monitoring when the unit changes from "kill" -> "auto" on daemon-reload, but we don't
2654 * have the information on the property. Thus, indiscriminately send an update. */
2655 if (UNIT_IS_INACTIVE_OR_FAILED(ns
) || UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2656 (void) manager_varlink_send_managed_oom_update(u
);
2659 /* Update timestamps for state changes */
2660 if (!MANAGER_IS_RELOADING(m
)) {
2661 dual_timestamp_get(&u
->state_change_timestamp
);
2663 if (UNIT_IS_INACTIVE_OR_FAILED(os
) && !UNIT_IS_INACTIVE_OR_FAILED(ns
))
2664 u
->inactive_exit_timestamp
= u
->state_change_timestamp
;
2665 else if (!UNIT_IS_INACTIVE_OR_FAILED(os
) && UNIT_IS_INACTIVE_OR_FAILED(ns
))
2666 u
->inactive_enter_timestamp
= u
->state_change_timestamp
;
2668 if (!UNIT_IS_ACTIVE_OR_RELOADING(os
) && UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2669 u
->active_enter_timestamp
= u
->state_change_timestamp
;
2670 else if (UNIT_IS_ACTIVE_OR_RELOADING(os
) && !UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2671 u
->active_exit_timestamp
= u
->state_change_timestamp
;
2674 /* Keep track of failed units */
2675 (void) manager_update_failed_units(m
, u
, ns
== UNIT_FAILED
);
2677 /* Make sure the cgroup and state files are always removed when we become inactive */
2678 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2679 SET_FLAG(u
->markers
,
2680 (1u << UNIT_MARKER_NEEDS_RELOAD
)|(1u << UNIT_MARKER_NEEDS_RESTART
),
2682 unit_prune_cgroup(u
);
2683 unit_unlink_state_files(u
);
2684 } else if (ns
!= os
&& ns
== UNIT_RELOADING
)
2685 SET_FLAG(u
->markers
, 1u << UNIT_MARKER_NEEDS_RELOAD
, false);
2687 unit_update_on_console(u
);
2689 if (!MANAGER_IS_RELOADING(m
)) {
2692 /* Let's propagate state changes to the job */
2694 unexpected
= unit_process_job(u
->job
, ns
, flags
);
2698 /* If this state change happened without being requested by a job, then let's retroactively start or
2699 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2700 * additional jobs just because something is already activated. */
2703 if (UNIT_IS_INACTIVE_OR_FAILED(os
) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns
))
2704 retroactively_start_dependencies(u
);
2705 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os
) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns
))
2706 retroactively_stop_dependencies(u
);
2709 if (ns
!= os
&& ns
== UNIT_FAILED
) {
2710 log_unit_debug(u
, "Unit entered failed state.");
2712 if (!(flags
& UNIT_NOTIFY_WILL_AUTO_RESTART
))
2713 unit_start_on_failure(u
, "OnFailure=", UNIT_ATOM_ON_FAILURE
, u
->on_failure_job_mode
);
2716 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
) && !UNIT_IS_ACTIVE_OR_RELOADING(os
)) {
2717 /* This unit just finished starting up */
2719 unit_emit_audit_start(u
);
2720 manager_send_unit_plymouth(m
, u
);
2723 if (UNIT_IS_INACTIVE_OR_FAILED(ns
) && !UNIT_IS_INACTIVE_OR_FAILED(os
)) {
2724 /* This unit just stopped/failed. */
2726 unit_emit_audit_stop(u
, ns
);
2727 unit_log_resources(u
);
2730 if (ns
== UNIT_INACTIVE
&& !IN_SET(os
, UNIT_FAILED
, UNIT_INACTIVE
, UNIT_MAINTENANCE
) &&
2731 !(flags
& UNIT_NOTIFY_WILL_AUTO_RESTART
))
2732 unit_start_on_failure(u
, "OnSuccess=", UNIT_ATOM_ON_SUCCESS
, u
->on_success_job_mode
);
2735 manager_recheck_journal(m
);
2736 manager_recheck_dbus(m
);
2738 unit_trigger_notify(u
);
2740 if (!MANAGER_IS_RELOADING(m
)) {
2741 if (os
!= UNIT_FAILED
&& ns
== UNIT_FAILED
) {
2742 reason
= strjoina("unit ", u
->id
, " failed");
2743 emergency_action(m
, u
->failure_action
, 0, u
->reboot_arg
, unit_failure_action_exit_status(u
), reason
);
2744 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os
) && ns
== UNIT_INACTIVE
) {
2745 reason
= strjoina("unit ", u
->id
, " succeeded");
2746 emergency_action(m
, u
->success_action
, 0, u
->reboot_arg
, unit_success_action_exit_status(u
), reason
);
2750 /* And now, add the unit or depending units to various queues that will act on the new situation if
2751 * needed. These queues generally check for continuous state changes rather than events (like most of
2752 * the state propagation above), and do work deferred instead of instantly, since they typically
2753 * don't want to run during reloading, and usually involve checking combined state of multiple units
2756 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2757 /* Stop unneeded units and bound-by units regardless if going down was expected or not */
2758 check_unneeded_dependencies(u
);
2759 check_bound_by_dependencies(u
);
2761 /* Maybe someone wants us to remain up? */
2762 unit_submit_to_start_when_upheld_queue(u
);
2764 /* Maybe the unit should be GC'ed now? */
2765 unit_add_to_gc_queue(u
);
2768 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
)) {
2769 /* Start uphold units regardless if going up was expected or not */
2770 check_uphold_dependencies(u
);
2772 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2773 unit_submit_to_stop_when_unneeded_queue(u
);
2775 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens
2776 * when something BindsTo= to a Type=oneshot unit, as these units go directly from starting to
2777 * inactive, without ever entering started.) */
2778 unit_submit_to_stop_when_bound_queue(u
);
2782 int unit_watch_pid(Unit
*u
, pid_t pid
, bool exclusive
) {
2786 assert(pid_is_valid(pid
));
2788 /* Watch a specific PID */
2790 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2791 * opportunity to remove any stalled references to this PID as they can be created
2792 * easily (when watching a process which is not our direct child). */
2794 manager_unwatch_pid(u
->manager
, pid
);
2796 r
= set_ensure_allocated(&u
->pids
, NULL
);
2800 r
= hashmap_ensure_allocated(&u
->manager
->watch_pids
, NULL
);
2804 /* First try, let's add the unit keyed by "pid". */
2805 r
= hashmap_put(u
->manager
->watch_pids
, PID_TO_PTR(pid
), u
);
2811 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2812 * to an array of Units rather than just a Unit), lists us already. */
2814 array
= hashmap_get(u
->manager
->watch_pids
, PID_TO_PTR(-pid
));
2816 for (; array
[n
]; n
++)
2820 if (found
) /* Found it already? if so, do nothing */
2825 /* Allocate a new array */
2826 new_array
= new(Unit
*, n
+ 2);
2830 memcpy_safe(new_array
, array
, sizeof(Unit
*) * n
);
2832 new_array
[n
+1] = NULL
;
2834 /* Add or replace the old array */
2835 r
= hashmap_replace(u
->manager
->watch_pids
, PID_TO_PTR(-pid
), new_array
);
2846 r
= set_put(u
->pids
, PID_TO_PTR(pid
));
2853 void unit_unwatch_pid(Unit
*u
, pid_t pid
) {
2857 assert(pid_is_valid(pid
));
2859 /* First let's drop the unit in case it's keyed as "pid". */
2860 (void) hashmap_remove_value(u
->manager
->watch_pids
, PID_TO_PTR(pid
), u
);
2862 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2863 array
= hashmap_get(u
->manager
->watch_pids
, PID_TO_PTR(-pid
));
2865 /* Let's iterate through the array, dropping our own entry */
2868 for (size_t n
= 0; array
[n
]; n
++)
2870 array
[m
++] = array
[n
];
2874 /* The array is now empty, remove the entire entry */
2875 assert_se(hashmap_remove(u
->manager
->watch_pids
, PID_TO_PTR(-pid
)) == array
);
2880 (void) set_remove(u
->pids
, PID_TO_PTR(pid
));
2883 void unit_unwatch_all_pids(Unit
*u
) {
2886 while (!set_isempty(u
->pids
))
2887 unit_unwatch_pid(u
, PTR_TO_PID(set_first(u
->pids
)));
2889 u
->pids
= set_free(u
->pids
);
2892 static void unit_tidy_watch_pids(Unit
*u
) {
2893 pid_t except1
, except2
;
2898 /* Cleans dead PIDs from our list */
2900 except1
= unit_main_pid(u
);
2901 except2
= unit_control_pid(u
);
2903 SET_FOREACH(e
, u
->pids
) {
2904 pid_t pid
= PTR_TO_PID(e
);
2906 if (pid
== except1
|| pid
== except2
)
2909 if (!pid_is_unwaited(pid
))
2910 unit_unwatch_pid(u
, pid
);
2914 static int on_rewatch_pids_event(sd_event_source
*s
, void *userdata
) {
2920 unit_tidy_watch_pids(u
);
2921 unit_watch_all_pids(u
);
2923 /* If the PID set is empty now, then let's finish this off. */
2924 unit_synthesize_cgroup_empty_event(u
);
2929 int unit_enqueue_rewatch_pids(Unit
*u
) {
2934 if (!u
->cgroup_path
)
2937 r
= cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
);
2940 if (r
> 0) /* On unified we can use proper notifications */
2943 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2944 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2945 * involves issuing kill(pid, 0) on all processes we watch. */
2947 if (!u
->rewatch_pids_event_source
) {
2948 _cleanup_(sd_event_source_unrefp
) sd_event_source
*s
= NULL
;
2950 r
= sd_event_add_defer(u
->manager
->event
, &s
, on_rewatch_pids_event
, u
);
2952 return log_error_errno(r
, "Failed to allocate event source for tidying watched PIDs: %m");
2954 r
= sd_event_source_set_priority(s
, SD_EVENT_PRIORITY_IDLE
);
2956 return log_error_errno(r
, "Failed to adjust priority of event source for tidying watched PIDs: %m");
2958 (void) sd_event_source_set_description(s
, "tidy-watch-pids");
2960 u
->rewatch_pids_event_source
= TAKE_PTR(s
);
2963 r
= sd_event_source_set_enabled(u
->rewatch_pids_event_source
, SD_EVENT_ONESHOT
);
2965 return log_error_errno(r
, "Failed to enable event source for tidying watched PIDs: %m");
2970 void unit_dequeue_rewatch_pids(Unit
*u
) {
2974 if (!u
->rewatch_pids_event_source
)
2977 r
= sd_event_source_set_enabled(u
->rewatch_pids_event_source
, SD_EVENT_OFF
);
2979 log_warning_errno(r
, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2981 u
->rewatch_pids_event_source
= sd_event_source_disable_unref(u
->rewatch_pids_event_source
);
2984 bool unit_job_is_applicable(Unit
*u
, JobType j
) {
2986 assert(j
>= 0 && j
< _JOB_TYPE_MAX
);
2990 case JOB_VERIFY_ACTIVE
:
2993 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2994 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
2999 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
3000 * external events), hence it makes no sense to permit enqueuing such a request either. */
3001 return !u
->perpetual
;
3004 case JOB_TRY_RESTART
:
3005 return unit_can_stop(u
) && unit_can_start(u
);
3008 case JOB_TRY_RELOAD
:
3009 return unit_can_reload(u
);
3011 case JOB_RELOAD_OR_START
:
3012 return unit_can_reload(u
) && unit_can_start(u
);
3015 assert_not_reached();
3019 int unit_add_dependency(
3024 UnitDependencyMask mask
) {
3026 static const UnitDependency inverse_table
[_UNIT_DEPENDENCY_MAX
] = {
3027 [UNIT_REQUIRES
] = UNIT_REQUIRED_BY
,
3028 [UNIT_REQUISITE
] = UNIT_REQUISITE_OF
,
3029 [UNIT_WANTS
] = UNIT_WANTED_BY
,
3030 [UNIT_BINDS_TO
] = UNIT_BOUND_BY
,
3031 [UNIT_PART_OF
] = UNIT_CONSISTS_OF
,
3032 [UNIT_UPHOLDS
] = UNIT_UPHELD_BY
,
3033 [UNIT_REQUIRED_BY
] = UNIT_REQUIRES
,
3034 [UNIT_REQUISITE_OF
] = UNIT_REQUISITE
,
3035 [UNIT_WANTED_BY
] = UNIT_WANTS
,
3036 [UNIT_BOUND_BY
] = UNIT_BINDS_TO
,
3037 [UNIT_CONSISTS_OF
] = UNIT_PART_OF
,
3038 [UNIT_UPHELD_BY
] = UNIT_UPHOLDS
,
3039 [UNIT_CONFLICTS
] = UNIT_CONFLICTED_BY
,
3040 [UNIT_CONFLICTED_BY
] = UNIT_CONFLICTS
,
3041 [UNIT_BEFORE
] = UNIT_AFTER
,
3042 [UNIT_AFTER
] = UNIT_BEFORE
,
3043 [UNIT_ON_SUCCESS
] = UNIT_ON_SUCCESS_OF
,
3044 [UNIT_ON_SUCCESS_OF
] = UNIT_ON_SUCCESS
,
3045 [UNIT_ON_FAILURE
] = UNIT_ON_FAILURE_OF
,
3046 [UNIT_ON_FAILURE_OF
] = UNIT_ON_FAILURE
,
3047 [UNIT_TRIGGERS
] = UNIT_TRIGGERED_BY
,
3048 [UNIT_TRIGGERED_BY
] = UNIT_TRIGGERS
,
3049 [UNIT_PROPAGATES_RELOAD_TO
] = UNIT_RELOAD_PROPAGATED_FROM
,
3050 [UNIT_RELOAD_PROPAGATED_FROM
] = UNIT_PROPAGATES_RELOAD_TO
,
3051 [UNIT_PROPAGATES_STOP_TO
] = UNIT_STOP_PROPAGATED_FROM
,
3052 [UNIT_STOP_PROPAGATED_FROM
] = UNIT_PROPAGATES_STOP_TO
,
3053 [UNIT_JOINS_NAMESPACE_OF
] = UNIT_JOINS_NAMESPACE_OF
, /* symmetric! 👓 */
3054 [UNIT_REFERENCES
] = UNIT_REFERENCED_BY
,
3055 [UNIT_REFERENCED_BY
] = UNIT_REFERENCES
,
3056 [UNIT_IN_SLICE
] = UNIT_SLICE_OF
,
3057 [UNIT_SLICE_OF
] = UNIT_IN_SLICE
,
3059 Unit
*original_u
= u
, *original_other
= other
;
3060 UnitDependencyAtom a
;
3063 /* Helper to know whether sending a notification is necessary or not: if the dependency is already
3064 * there, no need to notify! */
3068 assert(d
>= 0 && d
< _UNIT_DEPENDENCY_MAX
);
3071 u
= unit_follow_merge(u
);
3072 other
= unit_follow_merge(other
);
3073 a
= unit_dependency_to_atom(d
);
3076 /* We won't allow dependencies on ourselves. We will not consider them an error however. */
3078 unit_maybe_warn_about_dependency(original_u
, original_other
->id
, d
);
3082 if (u
->manager
&& FLAGS_SET(u
->manager
->test_run_flags
, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES
))
3085 /* Note that ordering a device unit after a unit is permitted since it allows to start its job
3086 * running timeout at a specific time. */
3087 if (FLAGS_SET(a
, UNIT_ATOM_BEFORE
) && other
->type
== UNIT_DEVICE
) {
3088 log_unit_warning(u
, "Dependency Before=%s ignored (.device units cannot be delayed)", other
->id
);
3092 if (FLAGS_SET(a
, UNIT_ATOM_ON_FAILURE
) && !UNIT_VTABLE(u
)->can_fail
) {
3093 log_unit_warning(u
, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other
->id
, unit_type_to_string(u
->type
));
3097 if (FLAGS_SET(a
, UNIT_ATOM_TRIGGERS
) && !UNIT_VTABLE(u
)->can_trigger
)
3098 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3099 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other
->id
, unit_type_to_string(u
->type
));
3100 if (FLAGS_SET(a
, UNIT_ATOM_TRIGGERED_BY
) && !UNIT_VTABLE(other
)->can_trigger
)
3101 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3102 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other
->id
, unit_type_to_string(other
->type
));
3104 if (FLAGS_SET(a
, UNIT_ATOM_IN_SLICE
) && other
->type
!= UNIT_SLICE
)
3105 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3106 "Requested dependency Slice=%s refused (%s is not a slice unit).", other
->id
, other
->id
);
3107 if (FLAGS_SET(a
, UNIT_ATOM_SLICE_OF
) && u
->type
!= UNIT_SLICE
)
3108 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3109 "Requested dependency SliceOf=%s refused (%s is not a slice unit).", other
->id
, u
->id
);
3111 if (FLAGS_SET(a
, UNIT_ATOM_IN_SLICE
) && !UNIT_HAS_CGROUP_CONTEXT(u
))
3112 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3113 "Requested dependency Slice=%s refused (%s is not a cgroup unit).", other
->id
, u
->id
);
3115 if (FLAGS_SET(a
, UNIT_ATOM_SLICE_OF
) && !UNIT_HAS_CGROUP_CONTEXT(other
))
3116 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3117 "Requested dependency SliceOf=%s refused (%s is not a cgroup unit).", other
->id
, other
->id
);
3119 r
= unit_add_dependency_hashmap(&u
->dependencies
, d
, other
, mask
, 0);
3124 if (inverse_table
[d
] != _UNIT_DEPENDENCY_INVALID
&& inverse_table
[d
] != d
) {
3125 r
= unit_add_dependency_hashmap(&other
->dependencies
, inverse_table
[d
], u
, 0, mask
);
3132 if (add_reference
) {
3133 r
= unit_add_dependency_hashmap(&u
->dependencies
, UNIT_REFERENCES
, other
, mask
, 0);
3139 r
= unit_add_dependency_hashmap(&other
->dependencies
, UNIT_REFERENCED_BY
, u
, 0, mask
);
3147 unit_add_to_dbus_queue(u
);
3152 int unit_add_two_dependencies(Unit
*u
, UnitDependency d
, UnitDependency e
, Unit
*other
, bool add_reference
, UnitDependencyMask mask
) {
3157 r
= unit_add_dependency(u
, d
, other
, add_reference
, mask
);
3161 return unit_add_dependency(u
, e
, other
, add_reference
, mask
);
3164 static int resolve_template(Unit
*u
, const char *name
, char **buf
, const char **ret
) {
3172 if (!unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
3179 r
= unit_name_replace_instance(name
, u
->instance
, buf
);
3181 _cleanup_free_
char *i
= NULL
;
3183 r
= unit_name_to_prefix(u
->id
, &i
);
3187 r
= unit_name_replace_instance(name
, i
, buf
);
3196 int unit_add_dependency_by_name(Unit
*u
, UnitDependency d
, const char *name
, bool add_reference
, UnitDependencyMask mask
) {
3197 _cleanup_free_
char *buf
= NULL
;
3204 r
= resolve_template(u
, name
, &buf
, &name
);
3208 if (u
->manager
&& FLAGS_SET(u
->manager
->test_run_flags
, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES
))
3211 r
= manager_load_unit(u
->manager
, name
, NULL
, NULL
, &other
);
3215 return unit_add_dependency(u
, d
, other
, add_reference
, mask
);
3218 int unit_add_two_dependencies_by_name(Unit
*u
, UnitDependency d
, UnitDependency e
, const char *name
, bool add_reference
, UnitDependencyMask mask
) {
3219 _cleanup_free_
char *buf
= NULL
;
3226 r
= resolve_template(u
, name
, &buf
, &name
);
3230 if (u
->manager
&& FLAGS_SET(u
->manager
->test_run_flags
, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES
))
3233 r
= manager_load_unit(u
->manager
, name
, NULL
, NULL
, &other
);
3237 return unit_add_two_dependencies(u
, d
, e
, other
, add_reference
, mask
);
3240 int set_unit_path(const char *p
) {
3241 /* This is mostly for debug purposes */
3242 return RET_NERRNO(setenv("SYSTEMD_UNIT_PATH", p
, 1));
3245 char *unit_dbus_path(Unit
*u
) {
3251 return unit_dbus_path_from_name(u
->id
);
3254 char *unit_dbus_path_invocation_id(Unit
*u
) {
3257 if (sd_id128_is_null(u
->invocation_id
))
3260 return unit_dbus_path_from_name(u
->invocation_id_string
);
3263 int unit_set_invocation_id(Unit
*u
, sd_id128_t id
) {
3268 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
3270 if (sd_id128_equal(u
->invocation_id
, id
))
3273 if (!sd_id128_is_null(u
->invocation_id
))
3274 (void) hashmap_remove_value(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
3276 if (sd_id128_is_null(id
)) {
3281 r
= hashmap_ensure_allocated(&u
->manager
->units_by_invocation_id
, &id128_hash_ops
);
3285 u
->invocation_id
= id
;
3286 sd_id128_to_string(id
, u
->invocation_id_string
);
3288 r
= hashmap_put(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
3295 u
->invocation_id
= SD_ID128_NULL
;
3296 u
->invocation_id_string
[0] = 0;
3300 int unit_set_slice(Unit
*u
, Unit
*slice
) {
3306 /* Sets the unit slice if it has not been set before. Is extra careful, to only allow this for units
3307 * that actually have a cgroup context. Also, we don't allow to set this for slices (since the parent
3308 * slice is derived from the name). Make sure the unit we set is actually a slice. */
3310 if (!UNIT_HAS_CGROUP_CONTEXT(u
))
3313 if (u
->type
== UNIT_SLICE
)
3316 if (unit_active_state(u
) != UNIT_INACTIVE
)
3319 if (slice
->type
!= UNIT_SLICE
)
3322 if (unit_has_name(u
, SPECIAL_INIT_SCOPE
) &&
3323 !unit_has_name(slice
, SPECIAL_ROOT_SLICE
))
3326 if (UNIT_GET_SLICE(u
) == slice
)
3329 /* Disallow slice changes if @u is already bound to cgroups */
3330 if (UNIT_GET_SLICE(u
) && u
->cgroup_realized
)
3333 /* Remove any slices assigned prior; we should only have one UNIT_IN_SLICE dependency */
3334 if (UNIT_GET_SLICE(u
))
3335 unit_remove_dependencies(u
, UNIT_DEPENDENCY_SLICE_PROPERTY
);
3337 r
= unit_add_dependency(u
, UNIT_IN_SLICE
, slice
, true, UNIT_DEPENDENCY_SLICE_PROPERTY
);
3344 int unit_set_default_slice(Unit
*u
) {
3345 const char *slice_name
;
3351 if (u
->manager
&& FLAGS_SET(u
->manager
->test_run_flags
, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES
))
3354 if (UNIT_GET_SLICE(u
))
3358 _cleanup_free_
char *prefix
= NULL
, *escaped
= NULL
;
3360 /* Implicitly place all instantiated units in their
3361 * own per-template slice */
3363 r
= unit_name_to_prefix(u
->id
, &prefix
);
3367 /* The prefix is already escaped, but it might include
3368 * "-" which has a special meaning for slice units,
3369 * hence escape it here extra. */
3370 escaped
= unit_name_escape(prefix
);
3374 if (MANAGER_IS_SYSTEM(u
->manager
))
3375 slice_name
= strjoina("system-", escaped
, ".slice");
3377 slice_name
= strjoina("app-", escaped
, ".slice");
3379 } else if (unit_is_extrinsic(u
))
3380 /* Keep all extrinsic units (e.g. perpetual units and swap and mount units in user mode) in
3381 * the root slice. They don't really belong in one of the subslices. */
3382 slice_name
= SPECIAL_ROOT_SLICE
;
3384 else if (MANAGER_IS_SYSTEM(u
->manager
))
3385 slice_name
= SPECIAL_SYSTEM_SLICE
;
3387 slice_name
= SPECIAL_APP_SLICE
;
3389 r
= manager_load_unit(u
->manager
, slice_name
, NULL
, NULL
, &slice
);
3393 return unit_set_slice(u
, slice
);
3396 const char *unit_slice_name(Unit
*u
) {
3400 slice
= UNIT_GET_SLICE(u
);
3407 int unit_load_related_unit(Unit
*u
, const char *type
, Unit
**_found
) {
3408 _cleanup_free_
char *t
= NULL
;
3415 r
= unit_name_change_suffix(u
->id
, type
, &t
);
3418 if (unit_has_name(u
, t
))
3421 r
= manager_load_unit(u
->manager
, t
, NULL
, NULL
, _found
);
3422 assert(r
< 0 || *_found
!= u
);
3426 static int signal_name_owner_changed(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
3427 const char *new_owner
;
3434 r
= sd_bus_message_read(message
, "sss", NULL
, NULL
, &new_owner
);
3436 bus_log_parse_error(r
);
3440 if (UNIT_VTABLE(u
)->bus_name_owner_change
)
3441 UNIT_VTABLE(u
)->bus_name_owner_change(u
, empty_to_null(new_owner
));
3446 static int get_name_owner_handler(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
3447 const sd_bus_error
*e
;
3448 const char *new_owner
;
3455 u
->get_name_owner_slot
= sd_bus_slot_unref(u
->get_name_owner_slot
);
3457 e
= sd_bus_message_get_error(message
);
3459 if (!sd_bus_error_has_name(e
, "org.freedesktop.DBus.Error.NameHasNoOwner")) {
3460 r
= sd_bus_error_get_errno(e
);
3461 log_unit_error_errno(u
, r
,
3462 "Unexpected error response from GetNameOwner(): %s",
3463 bus_error_message(e
, r
));
3468 r
= sd_bus_message_read(message
, "s", &new_owner
);
3470 return bus_log_parse_error(r
);
3472 assert(!isempty(new_owner
));
3475 if (UNIT_VTABLE(u
)->bus_name_owner_change
)
3476 UNIT_VTABLE(u
)->bus_name_owner_change(u
, new_owner
);
3481 int unit_install_bus_match(Unit
*u
, sd_bus
*bus
, const char *name
) {
3489 if (u
->match_bus_slot
|| u
->get_name_owner_slot
)
3492 match
= strjoina("type='signal',"
3493 "sender='org.freedesktop.DBus',"
3494 "path='/org/freedesktop/DBus',"
3495 "interface='org.freedesktop.DBus',"
3496 "member='NameOwnerChanged',"
3497 "arg0='", name
, "'");
3499 r
= sd_bus_add_match_async(bus
, &u
->match_bus_slot
, match
, signal_name_owner_changed
, NULL
, u
);
3503 r
= sd_bus_call_method_async(
3505 &u
->get_name_owner_slot
,
3506 "org.freedesktop.DBus",
3507 "/org/freedesktop/DBus",
3508 "org.freedesktop.DBus",
3510 get_name_owner_handler
,
3514 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3518 log_unit_debug(u
, "Watching D-Bus name '%s'.", name
);
3522 int unit_watch_bus_name(Unit
*u
, const char *name
) {
3528 /* Watch a specific name on the bus. We only support one unit
3529 * watching each name for now. */
3531 if (u
->manager
->api_bus
) {
3532 /* If the bus is already available, install the match directly.
3533 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3534 r
= unit_install_bus_match(u
, u
->manager
->api_bus
, name
);
3536 return log_warning_errno(r
, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name
);
3539 r
= hashmap_put(u
->manager
->watch_bus
, name
, u
);
3541 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3542 u
->get_name_owner_slot
= sd_bus_slot_unref(u
->get_name_owner_slot
);
3543 return log_warning_errno(r
, "Failed to put bus name to hashmap: %m");
3549 void unit_unwatch_bus_name(Unit
*u
, const char *name
) {
3553 (void) hashmap_remove_value(u
->manager
->watch_bus
, name
, u
);
3554 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3555 u
->get_name_owner_slot
= sd_bus_slot_unref(u
->get_name_owner_slot
);
3558 int unit_add_node_dependency(Unit
*u
, const char *what
, UnitDependency dep
, UnitDependencyMask mask
) {
3559 _cleanup_free_
char *e
= NULL
;
3565 /* Adds in links to the device node that this unit is based on */
3569 if (!is_device_path(what
))
3572 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
3573 if (!unit_type_supported(UNIT_DEVICE
))
3576 r
= unit_name_from_path(what
, ".device", &e
);
3580 r
= manager_load_unit(u
->manager
, e
, NULL
, NULL
, &device
);
3584 if (dep
== UNIT_REQUIRES
&& device_shall_be_bound_by(device
, u
))
3585 dep
= UNIT_BINDS_TO
;
3587 return unit_add_two_dependencies(u
, UNIT_AFTER
,
3588 MANAGER_IS_SYSTEM(u
->manager
) ? dep
: UNIT_WANTS
,
3589 device
, true, mask
);
3592 int unit_add_blockdev_dependency(Unit
*u
, const char *what
, UnitDependencyMask mask
) {
3593 _cleanup_free_
char *escaped
= NULL
, *target
= NULL
;
3601 if (!path_startswith(what
, "/dev/"))
3604 /* If we don't support devices, then also don't bother with blockdev@.target */
3605 if (!unit_type_supported(UNIT_DEVICE
))
3608 r
= unit_name_path_escape(what
, &escaped
);
3612 r
= unit_name_build("blockdev", escaped
, ".target", &target
);
3616 return unit_add_dependency_by_name(u
, UNIT_AFTER
, target
, true, mask
);
3619 int unit_coldplug(Unit
*u
) {
3624 /* Make sure we don't enter a loop, when coldplugging recursively. */
3628 u
->coldplugged
= true;
3630 STRV_FOREACH(i
, u
->deserialized_refs
) {
3631 q
= bus_unit_track_add_name(u
, *i
);
3632 if (q
< 0 && r
>= 0)
3635 u
->deserialized_refs
= strv_free(u
->deserialized_refs
);
3637 if (UNIT_VTABLE(u
)->coldplug
) {
3638 q
= UNIT_VTABLE(u
)->coldplug(u
);
3639 if (q
< 0 && r
>= 0)
3644 q
= job_coldplug(u
->job
);
3645 if (q
< 0 && r
>= 0)
3649 q
= job_coldplug(u
->nop_job
);
3650 if (q
< 0 && r
>= 0)
3657 void unit_catchup(Unit
*u
) {
3660 if (UNIT_VTABLE(u
)->catchup
)
3661 UNIT_VTABLE(u
)->catchup(u
);
3663 unit_cgroup_catchup(u
);
3666 static bool fragment_mtime_newer(const char *path
, usec_t mtime
, bool path_masked
) {
3672 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3673 * are never out-of-date. */
3674 if (PATH_STARTSWITH_SET(path
, "/proc", "/sys"))
3677 if (stat(path
, &st
) < 0)
3678 /* What, cannot access this anymore? */
3682 /* For masked files check if they are still so */
3683 return !null_or_empty(&st
);
3685 /* For non-empty files check the mtime */
3686 return timespec_load(&st
.st_mtim
) > mtime
;
3691 bool unit_need_daemon_reload(Unit
*u
) {
3692 _cleanup_strv_free_
char **t
= NULL
;
3696 /* For unit files, we allow masking… */
3697 if (fragment_mtime_newer(u
->fragment_path
, u
->fragment_mtime
,
3698 u
->load_state
== UNIT_MASKED
))
3701 /* Source paths should not be masked… */
3702 if (fragment_mtime_newer(u
->source_path
, u
->source_mtime
, false))
3705 if (u
->load_state
== UNIT_LOADED
)
3706 (void) unit_find_dropin_paths(u
, &t
);
3707 if (!strv_equal(u
->dropin_paths
, t
))
3710 /* … any drop-ins that are masked are simply omitted from the list. */
3711 STRV_FOREACH(path
, u
->dropin_paths
)
3712 if (fragment_mtime_newer(*path
, u
->dropin_mtime
, false))
3718 void unit_reset_failed(Unit
*u
) {
3721 if (UNIT_VTABLE(u
)->reset_failed
)
3722 UNIT_VTABLE(u
)->reset_failed(u
);
3724 ratelimit_reset(&u
->start_ratelimit
);
3725 u
->start_limit_hit
= false;
3728 Unit
*unit_following(Unit
*u
) {
3731 if (UNIT_VTABLE(u
)->following
)
3732 return UNIT_VTABLE(u
)->following(u
);
3737 bool unit_stop_pending(Unit
*u
) {
3740 /* This call does check the current state of the unit. It's
3741 * hence useful to be called from state change calls of the
3742 * unit itself, where the state isn't updated yet. This is
3743 * different from unit_inactive_or_pending() which checks both
3744 * the current state and for a queued job. */
3746 return unit_has_job_type(u
, JOB_STOP
);
3749 bool unit_inactive_or_pending(Unit
*u
) {
3752 /* Returns true if the unit is inactive or going down */
3754 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u
)))
3757 if (unit_stop_pending(u
))
3763 bool unit_active_or_pending(Unit
*u
) {
3766 /* Returns true if the unit is active or going up */
3768 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)))
3772 IN_SET(u
->job
->type
, JOB_START
, JOB_RELOAD_OR_START
, JOB_RESTART
))
3778 bool unit_will_restart_default(Unit
*u
) {
3781 return unit_has_job_type(u
, JOB_START
);
3784 bool unit_will_restart(Unit
*u
) {
3787 if (!UNIT_VTABLE(u
)->will_restart
)
3790 return UNIT_VTABLE(u
)->will_restart(u
);
3793 int unit_kill(Unit
*u
, KillWho w
, int signo
, sd_bus_error
*error
) {
3795 assert(w
>= 0 && w
< _KILL_WHO_MAX
);
3796 assert(SIGNAL_VALID(signo
));
3798 if (!UNIT_VTABLE(u
)->kill
)
3801 return UNIT_VTABLE(u
)->kill(u
, w
, signo
, error
);
3804 void unit_notify_cgroup_oom(Unit
*u
, bool managed_oom
) {
3807 if (UNIT_VTABLE(u
)->notify_cgroup_oom
)
3808 UNIT_VTABLE(u
)->notify_cgroup_oom(u
, managed_oom
);
3811 static Set
*unit_pid_set(pid_t main_pid
, pid_t control_pid
) {
3812 _cleanup_set_free_ Set
*pid_set
= NULL
;
3815 pid_set
= set_new(NULL
);
3819 /* Exclude the main/control pids from being killed via the cgroup */
3821 r
= set_put(pid_set
, PID_TO_PTR(main_pid
));
3826 if (control_pid
> 0) {
3827 r
= set_put(pid_set
, PID_TO_PTR(control_pid
));
3832 return TAKE_PTR(pid_set
);
3835 static int kill_common_log(pid_t pid
, int signo
, void *userdata
) {
3836 _cleanup_free_
char *comm
= NULL
;
3841 (void) get_process_comm(pid
, &comm
);
3842 log_unit_info(u
, "Sending signal SIG%s to process " PID_FMT
" (%s) on client request.",
3843 signal_to_string(signo
), pid
, strna(comm
));
3848 int unit_kill_common(
3854 sd_bus_error
*error
) {
3857 bool killed
= false;
3859 /* This is the common implementation for explicit user-requested killing of unit processes, shared by
3860 * various unit types. Do not confuse with unit_kill_context(), which is what we use when we want to
3861 * stop a service ourselves. */
3863 if (IN_SET(who
, KILL_MAIN
, KILL_MAIN_FAIL
)) {
3865 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PROCESS
, "%s units have no main processes", unit_type_to_string(u
->type
));
3867 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No main process to kill");
3870 if (IN_SET(who
, KILL_CONTROL
, KILL_CONTROL_FAIL
)) {
3871 if (control_pid
< 0)
3872 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PROCESS
, "%s units have no control processes", unit_type_to_string(u
->type
));
3873 if (control_pid
== 0)
3874 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No control process to kill");
3877 if (IN_SET(who
, KILL_CONTROL
, KILL_CONTROL_FAIL
, KILL_ALL
, KILL_ALL_FAIL
))
3878 if (control_pid
> 0) {
3879 _cleanup_free_
char *comm
= NULL
;
3880 (void) get_process_comm(control_pid
, &comm
);
3882 if (kill(control_pid
, signo
) < 0) {
3883 /* Report this failure both to the logs and to the client */
3884 sd_bus_error_set_errnof(
3886 "Failed to send signal SIG%s to control process " PID_FMT
" (%s): %m",
3887 signal_to_string(signo
), control_pid
, strna(comm
));
3888 r
= log_unit_warning_errno(
3890 "Failed to send signal SIG%s to control process " PID_FMT
" (%s) on client request: %m",
3891 signal_to_string(signo
), control_pid
, strna(comm
));
3893 log_unit_info(u
, "Sent signal SIG%s to control process " PID_FMT
" (%s) on client request.",
3894 signal_to_string(signo
), control_pid
, strna(comm
));
3899 if (IN_SET(who
, KILL_MAIN
, KILL_MAIN_FAIL
, KILL_ALL
, KILL_ALL_FAIL
))
3901 _cleanup_free_
char *comm
= NULL
;
3902 (void) get_process_comm(main_pid
, &comm
);
3904 if (kill(main_pid
, signo
) < 0) {
3906 sd_bus_error_set_errnof(
3908 "Failed to send signal SIG%s to main process " PID_FMT
" (%s): %m",
3909 signal_to_string(signo
), main_pid
, strna(comm
));
3911 r
= log_unit_warning_errno(
3913 "Failed to send signal SIG%s to main process " PID_FMT
" (%s) on client request: %m",
3914 signal_to_string(signo
), main_pid
, strna(comm
));
3916 log_unit_info(u
, "Sent signal SIG%s to main process " PID_FMT
" (%s) on client request.",
3917 signal_to_string(signo
), main_pid
, strna(comm
));
3922 if (IN_SET(who
, KILL_ALL
, KILL_ALL_FAIL
) && u
->cgroup_path
) {
3923 _cleanup_set_free_ Set
*pid_set
= NULL
;
3926 /* Exclude the main/control pids from being killed via the cgroup */
3927 pid_set
= unit_pid_set(main_pid
, control_pid
);
3931 q
= cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, signo
, 0, pid_set
, kill_common_log
, u
);
3933 if (!IN_SET(q
, -ESRCH
, -ENOENT
)) {
3935 sd_bus_error_set_errnof(
3937 "Failed to send signal SIG%s to auxiliary processes: %m",
3938 signal_to_string(signo
));
3940 r
= log_unit_warning_errno(
3942 "Failed to send signal SIG%s to auxiliary processes on client request: %m",
3943 signal_to_string(signo
));
3949 /* If the "fail" versions of the operation are requested, then complain if the set of processes we killed is empty */
3950 if (r
== 0 && !killed
&& IN_SET(who
, KILL_ALL_FAIL
, KILL_CONTROL_FAIL
, KILL_MAIN_FAIL
))
3951 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No matching processes to kill");
3956 int unit_following_set(Unit
*u
, Set
**s
) {
3960 if (UNIT_VTABLE(u
)->following_set
)
3961 return UNIT_VTABLE(u
)->following_set(u
, s
);
3967 UnitFileState
unit_get_unit_file_state(Unit
*u
) {
3972 if (u
->unit_file_state
< 0 && u
->fragment_path
) {
3973 r
= unit_file_get_state(
3974 u
->manager
->unit_file_scope
,
3977 &u
->unit_file_state
);
3979 u
->unit_file_state
= UNIT_FILE_BAD
;
3982 return u
->unit_file_state
;
3985 int unit_get_unit_file_preset(Unit
*u
) {
3988 if (u
->unit_file_preset
< 0 && u
->fragment_path
)
3989 u
->unit_file_preset
= unit_file_query_preset(
3990 u
->manager
->unit_file_scope
,
3992 basename(u
->fragment_path
),
3995 return u
->unit_file_preset
;
3998 Unit
* unit_ref_set(UnitRef
*ref
, Unit
*source
, Unit
*target
) {
4004 unit_ref_unset(ref
);
4006 ref
->source
= source
;
4007 ref
->target
= target
;
4008 LIST_PREPEND(refs_by_target
, target
->refs_by_target
, ref
);
4012 void unit_ref_unset(UnitRef
*ref
) {
4018 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4019 * be unreferenced now. */
4020 unit_add_to_gc_queue(ref
->target
);
4022 LIST_REMOVE(refs_by_target
, ref
->target
->refs_by_target
, ref
);
4023 ref
->source
= ref
->target
= NULL
;
4026 static int user_from_unit_name(Unit
*u
, char **ret
) {
4028 static const uint8_t hash_key
[] = {
4029 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4030 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4033 _cleanup_free_
char *n
= NULL
;
4036 r
= unit_name_to_prefix(u
->id
, &n
);
4040 if (valid_user_group_name(n
, 0)) {
4045 /* If we can't use the unit name as a user name, then let's hash it and use that */
4046 if (asprintf(ret
, "_du%016" PRIx64
, siphash24(n
, strlen(n
), hash_key
)) < 0)
4052 int unit_patch_contexts(Unit
*u
) {
4059 /* Patch in the manager defaults into the exec and cgroup
4060 * contexts, _after_ the rest of the settings have been
4063 ec
= unit_get_exec_context(u
);
4065 /* This only copies in the ones that need memory */
4066 for (unsigned i
= 0; i
< _RLIMIT_MAX
; i
++)
4067 if (u
->manager
->rlimit
[i
] && !ec
->rlimit
[i
]) {
4068 ec
->rlimit
[i
] = newdup(struct rlimit
, u
->manager
->rlimit
[i
], 1);
4073 if (MANAGER_IS_USER(u
->manager
) &&
4074 !ec
->working_directory
) {
4076 r
= get_home_dir(&ec
->working_directory
);
4080 /* Allow user services to run, even if the
4081 * home directory is missing */
4082 ec
->working_directory_missing_ok
= true;
4085 if (ec
->private_devices
)
4086 ec
->capability_bounding_set
&= ~((UINT64_C(1) << CAP_MKNOD
) | (UINT64_C(1) << CAP_SYS_RAWIO
));
4088 if (ec
->protect_kernel_modules
)
4089 ec
->capability_bounding_set
&= ~(UINT64_C(1) << CAP_SYS_MODULE
);
4091 if (ec
->protect_kernel_logs
)
4092 ec
->capability_bounding_set
&= ~(UINT64_C(1) << CAP_SYSLOG
);
4094 if (ec
->protect_clock
)
4095 ec
->capability_bounding_set
&= ~((UINT64_C(1) << CAP_SYS_TIME
) | (UINT64_C(1) << CAP_WAKE_ALARM
));
4097 if (ec
->dynamic_user
) {
4099 r
= user_from_unit_name(u
, &ec
->user
);
4105 ec
->group
= strdup(ec
->user
);
4110 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4111 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4114 ec
->private_tmp
= true;
4115 ec
->remove_ipc
= true;
4116 ec
->protect_system
= PROTECT_SYSTEM_STRICT
;
4117 if (ec
->protect_home
== PROTECT_HOME_NO
)
4118 ec
->protect_home
= PROTECT_HOME_READ_ONLY
;
4120 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4122 ec
->no_new_privileges
= true;
4123 ec
->restrict_suid_sgid
= true;
4127 cc
= unit_get_cgroup_context(u
);
4130 if (ec
->private_devices
&&
4131 cc
->device_policy
== CGROUP_DEVICE_POLICY_AUTO
)
4132 cc
->device_policy
= CGROUP_DEVICE_POLICY_CLOSED
;
4134 if ((ec
->root_image
|| !LIST_IS_EMPTY(ec
->mount_images
)) &&
4135 (cc
->device_policy
!= CGROUP_DEVICE_POLICY_AUTO
|| cc
->device_allow
)) {
4138 /* When RootImage= or MountImages= is specified, the following devices are touched. */
4139 FOREACH_STRING(p
, "/dev/loop-control", "/dev/mapper/control") {
4140 r
= cgroup_add_device_allow(cc
, p
, "rw");
4144 FOREACH_STRING(p
, "block-loop", "block-blkext", "block-device-mapper") {
4145 r
= cgroup_add_device_allow(cc
, p
, "rwm");
4150 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices.
4151 * Same for mapper and verity. */
4152 FOREACH_STRING(p
, "modprobe@loop.service", "modprobe@dm_mod.service", "modprobe@dm_verity.service") {
4153 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_WANTS
, p
, true, UNIT_DEPENDENCY_FILE
);
4159 if (ec
->protect_clock
) {
4160 r
= cgroup_add_device_allow(cc
, "char-rtc", "r");
4169 ExecContext
*unit_get_exec_context(const Unit
*u
) {
4176 offset
= UNIT_VTABLE(u
)->exec_context_offset
;
4180 return (ExecContext
*) ((uint8_t*) u
+ offset
);
4183 KillContext
*unit_get_kill_context(Unit
*u
) {
4190 offset
= UNIT_VTABLE(u
)->kill_context_offset
;
4194 return (KillContext
*) ((uint8_t*) u
+ offset
);
4197 CGroupContext
*unit_get_cgroup_context(Unit
*u
) {
4203 offset
= UNIT_VTABLE(u
)->cgroup_context_offset
;
4207 return (CGroupContext
*) ((uint8_t*) u
+ offset
);
4210 ExecRuntime
*unit_get_exec_runtime(Unit
*u
) {
4216 offset
= UNIT_VTABLE(u
)->exec_runtime_offset
;
4220 return *(ExecRuntime
**) ((uint8_t*) u
+ offset
);
4223 static const char* unit_drop_in_dir(Unit
*u
, UnitWriteFlags flags
) {
4226 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4229 if (u
->transient
) /* Redirect drop-ins for transient units always into the transient directory. */
4230 return u
->manager
->lookup_paths
.transient
;
4232 if (flags
& UNIT_PERSISTENT
)
4233 return u
->manager
->lookup_paths
.persistent_control
;
4235 if (flags
& UNIT_RUNTIME
)
4236 return u
->manager
->lookup_paths
.runtime_control
;
4241 char* unit_escape_setting(const char *s
, UnitWriteFlags flags
, char **buf
) {
4247 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4248 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4249 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4250 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4251 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4254 if (flags
& UNIT_ESCAPE_SPECIFIERS
) {
4255 ret
= specifier_escape(s
);
4262 if (flags
& UNIT_ESCAPE_C
) {
4275 return ret
?: (char*) s
;
4278 return ret
?: strdup(s
);
4281 char* unit_concat_strv(char **l
, UnitWriteFlags flags
) {
4282 _cleanup_free_
char *result
= NULL
;
4285 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4286 * way suitable for ExecStart= stanzas */
4288 STRV_FOREACH(i
, l
) {
4289 _cleanup_free_
char *buf
= NULL
;
4294 p
= unit_escape_setting(*i
, flags
, &buf
);
4298 a
= (n
> 0) + 1 + strlen(p
) + 1; /* separating space + " + entry + " */
4299 if (!GREEDY_REALLOC(result
, n
+ a
+ 1))
4313 if (!GREEDY_REALLOC(result
, n
+ 1))
4318 return TAKE_PTR(result
);
4321 int unit_write_setting(Unit
*u
, UnitWriteFlags flags
, const char *name
, const char *data
) {
4322 _cleanup_free_
char *p
= NULL
, *q
= NULL
, *escaped
= NULL
;
4323 const char *dir
, *wrapped
;
4330 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4333 data
= unit_escape_setting(data
, flags
, &escaped
);
4337 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4338 * previous section header is the same */
4340 if (flags
& UNIT_PRIVATE
) {
4341 if (!UNIT_VTABLE(u
)->private_section
)
4344 if (!u
->transient_file
|| u
->last_section_private
< 0)
4345 data
= strjoina("[", UNIT_VTABLE(u
)->private_section
, "]\n", data
);
4346 else if (u
->last_section_private
== 0)
4347 data
= strjoina("\n[", UNIT_VTABLE(u
)->private_section
, "]\n", data
);
4349 if (!u
->transient_file
|| u
->last_section_private
< 0)
4350 data
= strjoina("[Unit]\n", data
);
4351 else if (u
->last_section_private
> 0)
4352 data
= strjoina("\n[Unit]\n", data
);
4355 if (u
->transient_file
) {
4356 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4357 * write to the transient unit file. */
4358 fputs(data
, u
->transient_file
);
4360 if (!endswith(data
, "\n"))
4361 fputc('\n', u
->transient_file
);
4363 /* Remember which section we wrote this entry to */
4364 u
->last_section_private
= !!(flags
& UNIT_PRIVATE
);
4368 dir
= unit_drop_in_dir(u
, flags
);
4372 wrapped
= strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4373 "# or an equivalent operation. Do not edit.\n",
4377 r
= drop_in_file(dir
, u
->id
, 50, name
, &p
, &q
);
4381 (void) mkdir_p_label(p
, 0755);
4383 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4384 * recreate the cache after every drop-in we write. */
4385 if (u
->manager
->unit_path_cache
) {
4386 r
= set_put_strdup(&u
->manager
->unit_path_cache
, p
);
4391 r
= write_string_file_atomic_label(q
, wrapped
);
4395 r
= strv_push(&u
->dropin_paths
, q
);
4400 strv_uniq(u
->dropin_paths
);
4402 u
->dropin_mtime
= now(CLOCK_REALTIME
);
4407 int unit_write_settingf(Unit
*u
, UnitWriteFlags flags
, const char *name
, const char *format
, ...) {
4408 _cleanup_free_
char *p
= NULL
;
4416 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4419 va_start(ap
, format
);
4420 r
= vasprintf(&p
, format
, ap
);
4426 return unit_write_setting(u
, flags
, name
, p
);
4429 int unit_make_transient(Unit
*u
) {
4430 _cleanup_free_
char *path
= NULL
;
4435 if (!UNIT_VTABLE(u
)->can_transient
)
4438 (void) mkdir_p_label(u
->manager
->lookup_paths
.transient
, 0755);
4440 path
= path_join(u
->manager
->lookup_paths
.transient
, u
->id
);
4444 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4445 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4447 RUN_WITH_UMASK(0022) {
4448 f
= fopen(path
, "we");
4453 safe_fclose(u
->transient_file
);
4454 u
->transient_file
= f
;
4456 free_and_replace(u
->fragment_path
, path
);
4458 u
->source_path
= mfree(u
->source_path
);
4459 u
->dropin_paths
= strv_free(u
->dropin_paths
);
4460 u
->fragment_mtime
= u
->source_mtime
= u
->dropin_mtime
= 0;
4462 u
->load_state
= UNIT_STUB
;
4464 u
->transient
= true;
4466 unit_add_to_dbus_queue(u
);
4467 unit_add_to_gc_queue(u
);
4469 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4475 static int log_kill(pid_t pid
, int sig
, void *userdata
) {
4476 _cleanup_free_
char *comm
= NULL
;
4478 (void) get_process_comm(pid
, &comm
);
4480 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4481 only, like for example systemd's own PAM stub process. */
4482 if (comm
&& comm
[0] == '(')
4485 log_unit_notice(userdata
,
4486 "Killing process " PID_FMT
" (%s) with signal SIG%s.",
4489 signal_to_string(sig
));
4494 static int operation_to_signal(const KillContext
*c
, KillOperation k
, bool *noteworthy
) {
4499 case KILL_TERMINATE
:
4500 case KILL_TERMINATE_AND_LOG
:
4501 *noteworthy
= false;
4502 return c
->kill_signal
;
4505 *noteworthy
= false;
4506 return restart_kill_signal(c
);
4510 return c
->final_kill_signal
;
4514 return c
->watchdog_signal
;
4517 assert_not_reached();
4521 int unit_kill_context(
4527 bool main_pid_alien
) {
4529 bool wait_for_exit
= false, send_sighup
;
4530 cg_kill_log_func_t log_func
= NULL
;
4536 /* Kill the processes belonging to this unit, in preparation for shutting the unit down. Returns > 0
4537 * if we killed something worth waiting for, 0 otherwise. Do not confuse with unit_kill_common()
4538 * which is used for user-requested killing of unit processes. */
4540 if (c
->kill_mode
== KILL_NONE
)
4544 sig
= operation_to_signal(c
, k
, ¬eworthy
);
4546 log_func
= log_kill
;
4550 IN_SET(k
, KILL_TERMINATE
, KILL_TERMINATE_AND_LOG
) &&
4555 log_func(main_pid
, sig
, u
);
4557 r
= kill_and_sigcont(main_pid
, sig
);
4558 if (r
< 0 && r
!= -ESRCH
) {
4559 _cleanup_free_
char *comm
= NULL
;
4560 (void) get_process_comm(main_pid
, &comm
);
4562 log_unit_warning_errno(u
, r
, "Failed to kill main process " PID_FMT
" (%s), ignoring: %m", main_pid
, strna(comm
));
4564 if (!main_pid_alien
)
4565 wait_for_exit
= true;
4567 if (r
!= -ESRCH
&& send_sighup
)
4568 (void) kill(main_pid
, SIGHUP
);
4572 if (control_pid
> 0) {
4574 log_func(control_pid
, sig
, u
);
4576 r
= kill_and_sigcont(control_pid
, sig
);
4577 if (r
< 0 && r
!= -ESRCH
) {
4578 _cleanup_free_
char *comm
= NULL
;
4579 (void) get_process_comm(control_pid
, &comm
);
4581 log_unit_warning_errno(u
, r
, "Failed to kill control process " PID_FMT
" (%s), ignoring: %m", control_pid
, strna(comm
));
4583 wait_for_exit
= true;
4585 if (r
!= -ESRCH
&& send_sighup
)
4586 (void) kill(control_pid
, SIGHUP
);
4590 if (u
->cgroup_path
&&
4591 (c
->kill_mode
== KILL_CONTROL_GROUP
|| (c
->kill_mode
== KILL_MIXED
&& k
== KILL_KILL
))) {
4592 _cleanup_set_free_ Set
*pid_set
= NULL
;
4594 /* Exclude the main/control pids from being killed via the cgroup */
4595 pid_set
= unit_pid_set(main_pid
, control_pid
);
4599 r
= cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
,
4601 CGROUP_SIGCONT
|CGROUP_IGNORE_SELF
,
4605 if (!IN_SET(r
, -EAGAIN
, -ESRCH
, -ENOENT
))
4606 log_unit_warning_errno(u
, r
, "Failed to kill control group %s, ignoring: %m", empty_to_root(u
->cgroup_path
));
4610 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4611 * we are running in a container or if this is a delegation unit, simply because cgroup
4612 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4613 * of containers it can be confused easily by left-over directories in the cgroup — which
4614 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4615 * there we get proper events. Hence rely on them. */
4617 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
) > 0 ||
4618 (detect_container() == 0 && !unit_cgroup_delegate(u
)))
4619 wait_for_exit
= true;
4624 pid_set
= unit_pid_set(main_pid
, control_pid
);
4628 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
,
4637 return wait_for_exit
;
4640 int unit_require_mounts_for(Unit
*u
, const char *path
, UnitDependencyMask mask
) {
4646 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these
4647 * paths in the unit (from the path to the UnitDependencyInfo structure indicating how to the
4648 * dependency came to be). However, we build a prefix table for all possible prefixes so that new
4649 * appearing mount units can easily determine which units to make themselves a dependency of. */
4651 if (!path_is_absolute(path
))
4654 if (hashmap_contains(u
->requires_mounts_for
, path
)) /* Exit quickly if the path is already covered. */
4657 _cleanup_free_
char *p
= strdup(path
);
4661 /* Use the canonical form of the path as the stored key. We call path_is_normalized()
4662 * only after simplification, since path_is_normalized() rejects paths with '.'.
4663 * path_is_normalized() also verifies that the path fits in PATH_MAX. */
4664 path
= path_simplify(p
);
4666 if (!path_is_normalized(path
))
4669 UnitDependencyInfo di
= {
4673 r
= hashmap_ensure_put(&u
->requires_mounts_for
, &path_hash_ops
, p
, di
.data
);
4677 TAKE_PTR(p
); /* path remains a valid pointer to the string stored in the hashmap */
4679 char prefix
[strlen(path
) + 1];
4680 PATH_FOREACH_PREFIX_MORE(prefix
, path
) {
4683 x
= hashmap_get(u
->manager
->units_requiring_mounts_for
, prefix
);
4685 _cleanup_free_
char *q
= NULL
;
4687 r
= hashmap_ensure_allocated(&u
->manager
->units_requiring_mounts_for
, &path_hash_ops
);
4699 r
= hashmap_put(u
->manager
->units_requiring_mounts_for
, q
, x
);
4715 int unit_setup_exec_runtime(Unit
*u
) {
4721 offset
= UNIT_VTABLE(u
)->exec_runtime_offset
;
4724 /* Check if there already is an ExecRuntime for this unit? */
4725 rt
= (ExecRuntime
**) ((uint8_t*) u
+ offset
);
4729 /* Try to get it from somebody else */
4730 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_JOINS_NAMESPACE_OF
) {
4731 r
= exec_runtime_acquire(u
->manager
, NULL
, other
->id
, false, rt
);
4736 return exec_runtime_acquire(u
->manager
, unit_get_exec_context(u
), u
->id
, true, rt
);
4739 int unit_setup_dynamic_creds(Unit
*u
) {
4741 DynamicCreds
*dcreds
;
4746 offset
= UNIT_VTABLE(u
)->dynamic_creds_offset
;
4748 dcreds
= (DynamicCreds
*) ((uint8_t*) u
+ offset
);
4750 ec
= unit_get_exec_context(u
);
4753 if (!ec
->dynamic_user
)
4756 return dynamic_creds_acquire(dcreds
, u
->manager
, ec
->user
, ec
->group
);
4759 bool unit_type_supported(UnitType t
) {
4760 if (_unlikely_(t
< 0))
4762 if (_unlikely_(t
>= _UNIT_TYPE_MAX
))
4765 if (!unit_vtable
[t
]->supported
)
4768 return unit_vtable
[t
]->supported();
4771 void unit_warn_if_dir_nonempty(Unit
*u
, const char* where
) {
4777 if (!unit_log_level_test(u
, LOG_NOTICE
))
4780 r
= dir_is_empty(where
);
4781 if (r
> 0 || r
== -ENOTDIR
)
4784 log_unit_warning_errno(u
, r
, "Failed to check directory %s: %m", where
);
4788 log_unit_struct(u
, LOG_NOTICE
,
4789 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR
,
4790 LOG_UNIT_INVOCATION_ID(u
),
4791 LOG_UNIT_MESSAGE(u
, "Directory %s to mount over is not empty, mounting anyway.", where
),
4795 int unit_fail_if_noncanonical(Unit
*u
, const char* where
) {
4796 _cleanup_free_
char *canonical_where
= NULL
;
4802 r
= chase_symlinks(where
, NULL
, CHASE_NONEXISTENT
, &canonical_where
, NULL
);
4804 log_unit_debug_errno(u
, r
, "Failed to check %s for symlinks, ignoring: %m", where
);
4808 /* We will happily ignore a trailing slash (or any redundant slashes) */
4809 if (path_equal(where
, canonical_where
))
4812 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
4813 log_unit_struct(u
, LOG_ERR
,
4814 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR
,
4815 LOG_UNIT_INVOCATION_ID(u
),
4816 LOG_UNIT_MESSAGE(u
, "Mount path %s is not canonical (contains a symlink).", where
),
4822 bool unit_is_pristine(Unit
*u
) {
4825 /* Check if the unit already exists or is already around,
4826 * in a number of different ways. Note that to cater for unit
4827 * types such as slice, we are generally fine with units that
4828 * are marked UNIT_LOADED even though nothing was actually
4829 * loaded, as those unit types don't require a file on disk. */
4831 return !(!IN_SET(u
->load_state
, UNIT_NOT_FOUND
, UNIT_LOADED
) ||
4834 !strv_isempty(u
->dropin_paths
) ||
4839 pid_t
unit_control_pid(Unit
*u
) {
4842 if (UNIT_VTABLE(u
)->control_pid
)
4843 return UNIT_VTABLE(u
)->control_pid(u
);
4848 pid_t
unit_main_pid(Unit
*u
) {
4851 if (UNIT_VTABLE(u
)->main_pid
)
4852 return UNIT_VTABLE(u
)->main_pid(u
);
4857 static void unit_unref_uid_internal(
4861 void (*_manager_unref_uid
)(Manager
*m
, uid_t uid
, bool destroy_now
)) {
4865 assert(_manager_unref_uid
);
4867 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4868 * gid_t are actually the same time, with the same validity rules.
4870 * Drops a reference to UID/GID from a unit. */
4872 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
4873 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
4875 if (!uid_is_valid(*ref_uid
))
4878 _manager_unref_uid(u
->manager
, *ref_uid
, destroy_now
);
4879 *ref_uid
= UID_INVALID
;
4882 static void unit_unref_uid(Unit
*u
, bool destroy_now
) {
4883 unit_unref_uid_internal(u
, &u
->ref_uid
, destroy_now
, manager_unref_uid
);
4886 static void unit_unref_gid(Unit
*u
, bool destroy_now
) {
4887 unit_unref_uid_internal(u
, (uid_t
*) &u
->ref_gid
, destroy_now
, manager_unref_gid
);
4890 void unit_unref_uid_gid(Unit
*u
, bool destroy_now
) {
4893 unit_unref_uid(u
, destroy_now
);
4894 unit_unref_gid(u
, destroy_now
);
4897 static int unit_ref_uid_internal(
4902 int (*_manager_ref_uid
)(Manager
*m
, uid_t uid
, bool clean_ipc
)) {
4908 assert(uid_is_valid(uid
));
4909 assert(_manager_ref_uid
);
4911 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4912 * are actually the same type, and have the same validity rules.
4914 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4915 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4918 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
4919 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
4921 if (*ref_uid
== uid
)
4924 if (uid_is_valid(*ref_uid
)) /* Already set? */
4927 r
= _manager_ref_uid(u
->manager
, uid
, clean_ipc
);
4935 static int unit_ref_uid(Unit
*u
, uid_t uid
, bool clean_ipc
) {
4936 return unit_ref_uid_internal(u
, &u
->ref_uid
, uid
, clean_ipc
, manager_ref_uid
);
4939 static int unit_ref_gid(Unit
*u
, gid_t gid
, bool clean_ipc
) {
4940 return unit_ref_uid_internal(u
, (uid_t
*) &u
->ref_gid
, (uid_t
) gid
, clean_ipc
, manager_ref_gid
);
4943 static int unit_ref_uid_gid_internal(Unit
*u
, uid_t uid
, gid_t gid
, bool clean_ipc
) {
4948 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4950 if (uid_is_valid(uid
)) {
4951 r
= unit_ref_uid(u
, uid
, clean_ipc
);
4956 if (gid_is_valid(gid
)) {
4957 q
= unit_ref_gid(u
, gid
, clean_ipc
);
4960 unit_unref_uid(u
, false);
4966 return r
> 0 || q
> 0;
4969 int unit_ref_uid_gid(Unit
*u
, uid_t uid
, gid_t gid
) {
4975 c
= unit_get_exec_context(u
);
4977 r
= unit_ref_uid_gid_internal(u
, uid
, gid
, c
? c
->remove_ipc
: false);
4979 return log_unit_warning_errno(u
, r
, "Couldn't add UID/GID reference to unit, proceeding without: %m");
4984 void unit_notify_user_lookup(Unit
*u
, uid_t uid
, gid_t gid
) {
4989 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
4990 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
4991 * objects when no service references the UID/GID anymore. */
4993 r
= unit_ref_uid_gid(u
, uid
, gid
);
4995 unit_add_to_dbus_queue(u
);
4998 int unit_acquire_invocation_id(Unit
*u
) {
5004 r
= sd_id128_randomize(&id
);
5006 return log_unit_error_errno(u
, r
, "Failed to generate invocation ID for unit: %m");
5008 r
= unit_set_invocation_id(u
, id
);
5010 return log_unit_error_errno(u
, r
, "Failed to set invocation ID for unit: %m");
5012 unit_add_to_dbus_queue(u
);
5016 int unit_set_exec_params(Unit
*u
, ExecParameters
*p
) {
5022 /* Copy parameters from manager */
5023 r
= manager_get_effective_environment(u
->manager
, &p
->environment
);
5027 p
->confirm_spawn
= manager_get_confirm_spawn(u
->manager
);
5028 p
->cgroup_supported
= u
->manager
->cgroup_supported
;
5029 p
->prefix
= u
->manager
->prefix
;
5030 SET_FLAG(p
->flags
, EXEC_PASS_LOG_UNIT
|EXEC_CHOWN_DIRECTORIES
, MANAGER_IS_SYSTEM(u
->manager
));
5032 /* Copy parameters from unit */
5033 p
->cgroup_path
= u
->cgroup_path
;
5034 SET_FLAG(p
->flags
, EXEC_CGROUP_DELEGATE
, unit_cgroup_delegate(u
));
5036 p
->received_credentials
= u
->manager
->received_credentials
;
5041 int unit_fork_helper_process(Unit
*u
, const char *name
, pid_t
*ret
) {
5047 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5048 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5050 (void) unit_realize_cgroup(u
);
5052 r
= safe_fork(name
, FORK_REOPEN_LOG
, ret
);
5056 (void) default_signals(SIGNALS_CRASH_HANDLER
, SIGNALS_IGNORE
);
5057 (void) ignore_signals(SIGPIPE
);
5059 (void) prctl(PR_SET_PDEATHSIG
, SIGTERM
);
5061 if (u
->cgroup_path
) {
5062 r
= cg_attach_everywhere(u
->manager
->cgroup_supported
, u
->cgroup_path
, 0, NULL
, NULL
);
5064 log_unit_error_errno(u
, r
, "Failed to join unit cgroup %s: %m", empty_to_root(u
->cgroup_path
));
5072 int unit_fork_and_watch_rm_rf(Unit
*u
, char **paths
, pid_t
*ret_pid
) {
5079 r
= unit_fork_helper_process(u
, "(sd-rmrf)", &pid
);
5083 int ret
= EXIT_SUCCESS
;
5085 STRV_FOREACH(i
, paths
) {
5086 r
= rm_rf(*i
, REMOVE_ROOT
|REMOVE_PHYSICAL
|REMOVE_MISSING_OK
);
5088 log_error_errno(r
, "Failed to remove '%s': %m", *i
);
5096 r
= unit_watch_pid(u
, pid
, true);
5104 static void unit_update_dependency_mask(Hashmap
*deps
, Unit
*other
, UnitDependencyInfo di
) {
5108 if (di
.origin_mask
== 0 && di
.destination_mask
== 0)
5109 /* No bit set anymore, let's drop the whole entry */
5110 assert_se(hashmap_remove(deps
, other
));
5112 /* Mask was reduced, let's update the entry */
5113 assert_se(hashmap_update(deps
, other
, di
.data
) == 0);
5116 void unit_remove_dependencies(Unit
*u
, UnitDependencyMask mask
) {
5120 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5125 HASHMAP_FOREACH(deps
, u
->dependencies
) {
5129 UnitDependencyInfo di
;
5134 HASHMAP_FOREACH_KEY(di
.data
, other
, deps
) {
5135 Hashmap
*other_deps
;
5137 if (FLAGS_SET(~mask
, di
.origin_mask
))
5140 di
.origin_mask
&= ~mask
;
5141 unit_update_dependency_mask(deps
, other
, di
);
5143 /* We updated the dependency from our unit to the other unit now. But most
5144 * dependencies imply a reverse dependency. Hence, let's delete that one
5145 * too. For that we go through all dependency types on the other unit and
5146 * delete all those which point to us and have the right mask set. */
5148 HASHMAP_FOREACH(other_deps
, other
->dependencies
) {
5149 UnitDependencyInfo dj
;
5151 dj
.data
= hashmap_get(other_deps
, u
);
5152 if (FLAGS_SET(~mask
, dj
.destination_mask
))
5155 dj
.destination_mask
&= ~mask
;
5156 unit_update_dependency_mask(other_deps
, u
, dj
);
5159 unit_add_to_gc_queue(other
);
5169 static int unit_get_invocation_path(Unit
*u
, char **ret
) {
5176 if (MANAGER_IS_SYSTEM(u
->manager
))
5177 p
= strjoin("/run/systemd/units/invocation:", u
->id
);
5179 _cleanup_free_
char *user_path
= NULL
;
5180 r
= xdg_user_runtime_dir(&user_path
, "/systemd/units/invocation:");
5183 p
= strjoin(user_path
, u
->id
);
5193 static int unit_export_invocation_id(Unit
*u
) {
5194 _cleanup_free_
char *p
= NULL
;
5199 if (u
->exported_invocation_id
)
5202 if (sd_id128_is_null(u
->invocation_id
))
5205 r
= unit_get_invocation_path(u
, &p
);
5207 return log_unit_debug_errno(u
, r
, "Failed to get invocation path: %m");
5209 r
= symlink_atomic_label(u
->invocation_id_string
, p
);
5211 return log_unit_debug_errno(u
, r
, "Failed to create invocation ID symlink %s: %m", p
);
5213 u
->exported_invocation_id
= true;
5217 static int unit_export_log_level_max(Unit
*u
, const ExecContext
*c
) {
5225 if (u
->exported_log_level_max
)
5228 if (c
->log_level_max
< 0)
5231 assert(c
->log_level_max
<= 7);
5233 buf
[0] = '0' + c
->log_level_max
;
5236 p
= strjoina("/run/systemd/units/log-level-max:", u
->id
);
5237 r
= symlink_atomic(buf
, p
);
5239 return log_unit_debug_errno(u
, r
, "Failed to create maximum log level symlink %s: %m", p
);
5241 u
->exported_log_level_max
= true;
5245 static int unit_export_log_extra_fields(Unit
*u
, const ExecContext
*c
) {
5246 _cleanup_close_
int fd
= -1;
5247 struct iovec
*iovec
;
5254 if (u
->exported_log_extra_fields
)
5257 if (c
->n_log_extra_fields
<= 0)
5260 sizes
= newa(le64_t
, c
->n_log_extra_fields
);
5261 iovec
= newa(struct iovec
, c
->n_log_extra_fields
* 2);
5263 for (size_t i
= 0; i
< c
->n_log_extra_fields
; i
++) {
5264 sizes
[i
] = htole64(c
->log_extra_fields
[i
].iov_len
);
5266 iovec
[i
*2] = IOVEC_MAKE(sizes
+ i
, sizeof(le64_t
));
5267 iovec
[i
*2+1] = c
->log_extra_fields
[i
];
5270 p
= strjoina("/run/systemd/units/log-extra-fields:", u
->id
);
5271 pattern
= strjoina(p
, ".XXXXXX");
5273 fd
= mkostemp_safe(pattern
);
5275 return log_unit_debug_errno(u
, fd
, "Failed to create extra fields file %s: %m", p
);
5277 n
= writev(fd
, iovec
, c
->n_log_extra_fields
*2);
5279 r
= log_unit_debug_errno(u
, errno
, "Failed to write extra fields: %m");
5283 (void) fchmod(fd
, 0644);
5285 if (rename(pattern
, p
) < 0) {
5286 r
= log_unit_debug_errno(u
, errno
, "Failed to rename extra fields file: %m");
5290 u
->exported_log_extra_fields
= true;
5294 (void) unlink(pattern
);
5298 static int unit_export_log_ratelimit_interval(Unit
*u
, const ExecContext
*c
) {
5299 _cleanup_free_
char *buf
= NULL
;
5306 if (u
->exported_log_ratelimit_interval
)
5309 if (c
->log_ratelimit_interval_usec
== 0)
5312 p
= strjoina("/run/systemd/units/log-rate-limit-interval:", u
->id
);
5314 if (asprintf(&buf
, "%" PRIu64
, c
->log_ratelimit_interval_usec
) < 0)
5317 r
= symlink_atomic(buf
, p
);
5319 return log_unit_debug_errno(u
, r
, "Failed to create log rate limit interval symlink %s: %m", p
);
5321 u
->exported_log_ratelimit_interval
= true;
5325 static int unit_export_log_ratelimit_burst(Unit
*u
, const ExecContext
*c
) {
5326 _cleanup_free_
char *buf
= NULL
;
5333 if (u
->exported_log_ratelimit_burst
)
5336 if (c
->log_ratelimit_burst
== 0)
5339 p
= strjoina("/run/systemd/units/log-rate-limit-burst:", u
->id
);
5341 if (asprintf(&buf
, "%u", c
->log_ratelimit_burst
) < 0)
5344 r
= symlink_atomic(buf
, p
);
5346 return log_unit_debug_errno(u
, r
, "Failed to create log rate limit burst symlink %s: %m", p
);
5348 u
->exported_log_ratelimit_burst
= true;
5352 void unit_export_state_files(Unit
*u
) {
5353 const ExecContext
*c
;
5360 if (MANAGER_IS_TEST_RUN(u
->manager
))
5363 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5364 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5365 * the IPC system itself and PID 1 also log to the journal.
5367 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5368 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5369 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5370 * namespace at least.
5372 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5373 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5376 (void) unit_export_invocation_id(u
);
5378 if (!MANAGER_IS_SYSTEM(u
->manager
))
5381 c
= unit_get_exec_context(u
);
5383 (void) unit_export_log_level_max(u
, c
);
5384 (void) unit_export_log_extra_fields(u
, c
);
5385 (void) unit_export_log_ratelimit_interval(u
, c
);
5386 (void) unit_export_log_ratelimit_burst(u
, c
);
5390 void unit_unlink_state_files(Unit
*u
) {
5398 /* Undoes the effect of unit_export_state() */
5400 if (u
->exported_invocation_id
) {
5401 _cleanup_free_
char *invocation_path
= NULL
;
5402 int r
= unit_get_invocation_path(u
, &invocation_path
);
5404 (void) unlink(invocation_path
);
5405 u
->exported_invocation_id
= false;
5409 if (!MANAGER_IS_SYSTEM(u
->manager
))
5412 if (u
->exported_log_level_max
) {
5413 p
= strjoina("/run/systemd/units/log-level-max:", u
->id
);
5416 u
->exported_log_level_max
= false;
5419 if (u
->exported_log_extra_fields
) {
5420 p
= strjoina("/run/systemd/units/extra-fields:", u
->id
);
5423 u
->exported_log_extra_fields
= false;
5426 if (u
->exported_log_ratelimit_interval
) {
5427 p
= strjoina("/run/systemd/units/log-rate-limit-interval:", u
->id
);
5430 u
->exported_log_ratelimit_interval
= false;
5433 if (u
->exported_log_ratelimit_burst
) {
5434 p
= strjoina("/run/systemd/units/log-rate-limit-burst:", u
->id
);
5437 u
->exported_log_ratelimit_burst
= false;
5441 int unit_prepare_exec(Unit
*u
) {
5446 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5447 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5448 r
= bpf_firewall_load_custom(u
);
5452 /* Prepares everything so that we can fork of a process for this unit */
5454 (void) unit_realize_cgroup(u
);
5456 if (u
->reset_accounting
) {
5457 (void) unit_reset_accounting(u
);
5458 u
->reset_accounting
= false;
5461 unit_export_state_files(u
);
5463 r
= unit_setup_exec_runtime(u
);
5467 r
= unit_setup_dynamic_creds(u
);
5474 static bool ignore_leftover_process(const char *comm
) {
5475 return comm
&& comm
[0] == '('; /* Most likely our own helper process (PAM?), ignore */
5478 int unit_log_leftover_process_start(pid_t pid
, int sig
, void *userdata
) {
5479 _cleanup_free_
char *comm
= NULL
;
5481 (void) get_process_comm(pid
, &comm
);
5483 if (ignore_leftover_process(comm
))
5486 /* During start we print a warning */
5488 log_unit_warning(userdata
,
5489 "Found left-over process " PID_FMT
" (%s) in control group while starting unit. Ignoring.\n"
5490 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5496 int unit_log_leftover_process_stop(pid_t pid
, int sig
, void *userdata
) {
5497 _cleanup_free_
char *comm
= NULL
;
5499 (void) get_process_comm(pid
, &comm
);
5501 if (ignore_leftover_process(comm
))
5504 /* During stop we only print an informational message */
5506 log_unit_info(userdata
,
5507 "Unit process " PID_FMT
" (%s) remains running after unit stopped.",
5513 int unit_warn_leftover_processes(Unit
*u
, cg_kill_log_func_t log_func
) {
5516 (void) unit_pick_cgroup_path(u
);
5518 if (!u
->cgroup_path
)
5521 return cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, 0, 0, NULL
, log_func
, u
);
5524 bool unit_needs_console(Unit
*u
) {
5526 UnitActiveState state
;
5530 state
= unit_active_state(u
);
5532 if (UNIT_IS_INACTIVE_OR_FAILED(state
))
5535 if (UNIT_VTABLE(u
)->needs_console
)
5536 return UNIT_VTABLE(u
)->needs_console(u
);
5538 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5539 ec
= unit_get_exec_context(u
);
5543 return exec_context_may_touch_console(ec
);
5546 const char *unit_label_path(const Unit
*u
) {
5551 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5552 * when validating access checks. */
5554 if (IN_SET(u
->load_state
, UNIT_MASKED
, UNIT_NOT_FOUND
, UNIT_MERGED
))
5555 return NULL
; /* Shortcut things if we know there is no real, relevant unit file around */
5557 p
= u
->source_path
?: u
->fragment_path
;
5561 if (IN_SET(u
->load_state
, UNIT_LOADED
, UNIT_BAD_SETTING
, UNIT_ERROR
))
5562 return p
; /* Shortcut things, if we successfully loaded at least some stuff from the unit file */
5564 /* Not loaded yet, we need to go to disk */
5565 assert(u
->load_state
== UNIT_STUB
);
5567 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5568 if (null_or_empty_path(p
) > 0)
5574 int unit_pid_attachable(Unit
*u
, pid_t pid
, sd_bus_error
*error
) {
5579 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5580 * and not a kernel thread either */
5582 /* First, a simple range check */
5583 if (!pid_is_valid(pid
))
5584 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process identifier " PID_FMT
" is not valid.", pid
);
5586 /* Some extra safety check */
5587 if (pid
== 1 || pid
== getpid_cached())
5588 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process " PID_FMT
" is a manager process, refusing.", pid
);
5590 /* Don't even begin to bother with kernel threads */
5591 r
= is_kernel_thread(pid
);
5593 return sd_bus_error_setf(error
, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN
, "Process with ID " PID_FMT
" does not exist.", pid
);
5595 return sd_bus_error_set_errnof(error
, r
, "Failed to determine whether process " PID_FMT
" is a kernel thread: %m", pid
);
5597 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process " PID_FMT
" is a kernel thread, refusing.", pid
);
5602 void unit_log_success(Unit
*u
) {
5605 /* Let's show message "Deactivated successfully" in debug mode (when manager is user) rather than in info mode.
5606 * This message has low information value for regular users and it might be a bit overwhelming on a system with
5607 * a lot of devices. */
5609 MANAGER_IS_USER(u
->manager
) ? LOG_DEBUG
: LOG_INFO
,
5610 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR
,
5611 LOG_UNIT_INVOCATION_ID(u
),
5612 LOG_UNIT_MESSAGE(u
, "Deactivated successfully."));
5615 void unit_log_failure(Unit
*u
, const char *result
) {
5619 log_unit_struct(u
, LOG_WARNING
,
5620 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR
,
5621 LOG_UNIT_INVOCATION_ID(u
),
5622 LOG_UNIT_MESSAGE(u
, "Failed with result '%s'.", result
),
5623 "UNIT_RESULT=%s", result
);
5626 void unit_log_skip(Unit
*u
, const char *result
) {
5630 log_unit_struct(u
, LOG_INFO
,
5631 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR
,
5632 LOG_UNIT_INVOCATION_ID(u
),
5633 LOG_UNIT_MESSAGE(u
, "Skipped due to '%s'.", result
),
5634 "UNIT_RESULT=%s", result
);
5637 void unit_log_process_exit(
5640 const char *command
,
5650 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
5651 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
5652 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
5656 else if (code
== CLD_EXITED
)
5659 level
= LOG_WARNING
;
5661 log_unit_struct(u
, level
,
5662 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR
,
5663 LOG_UNIT_MESSAGE(u
, "%s exited, code=%s, status=%i/%s%s",
5665 sigchld_code_to_string(code
), status
,
5666 strna(code
== CLD_EXITED
5667 ? exit_status_to_string(status
, EXIT_STATUS_FULL
)
5668 : signal_to_string(status
)),
5669 success
? " (success)" : ""),
5670 "EXIT_CODE=%s", sigchld_code_to_string(code
),
5671 "EXIT_STATUS=%i", status
,
5672 "COMMAND=%s", strna(command
),
5673 LOG_UNIT_INVOCATION_ID(u
));
5676 int unit_exit_status(Unit
*u
) {
5679 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
5680 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
5681 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
5682 * service process has exited abnormally (signal/coredump). */
5684 if (!UNIT_VTABLE(u
)->exit_status
)
5687 return UNIT_VTABLE(u
)->exit_status(u
);
5690 int unit_failure_action_exit_status(Unit
*u
) {
5695 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
5697 if (u
->failure_action_exit_status
>= 0)
5698 return u
->failure_action_exit_status
;
5700 r
= unit_exit_status(u
);
5701 if (r
== -EBADE
) /* Exited, but not cleanly (i.e. by signal or such) */
5707 int unit_success_action_exit_status(Unit
*u
) {
5712 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
5714 if (u
->success_action_exit_status
>= 0)
5715 return u
->success_action_exit_status
;
5717 r
= unit_exit_status(u
);
5718 if (r
== -EBADE
) /* Exited, but not cleanly (i.e. by signal or such) */
5724 int unit_test_trigger_loaded(Unit
*u
) {
5727 /* Tests whether the unit to trigger is loaded */
5729 trigger
= UNIT_TRIGGER(u
);
5731 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(ENOENT
),
5732 "Refusing to start, no unit to trigger.");
5733 if (trigger
->load_state
!= UNIT_LOADED
)
5734 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(ENOENT
),
5735 "Refusing to start, unit %s to trigger not loaded.", trigger
->id
);
5740 void unit_destroy_runtime_data(Unit
*u
, const ExecContext
*context
) {
5744 if (context
->runtime_directory_preserve_mode
== EXEC_PRESERVE_NO
||
5745 (context
->runtime_directory_preserve_mode
== EXEC_PRESERVE_RESTART
&& !unit_will_restart(u
)))
5746 exec_context_destroy_runtime_directory(context
, u
->manager
->prefix
[EXEC_DIRECTORY_RUNTIME
]);
5748 exec_context_destroy_credentials(context
, u
->manager
->prefix
[EXEC_DIRECTORY_RUNTIME
], u
->id
);
5751 int unit_clean(Unit
*u
, ExecCleanMask mask
) {
5752 UnitActiveState state
;
5756 /* Special return values:
5758 * -EOPNOTSUPP → cleaning not supported for this unit type
5759 * -EUNATCH → cleaning not defined for this resource type
5760 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
5761 * a job queued or similar
5764 if (!UNIT_VTABLE(u
)->clean
)
5770 if (u
->load_state
!= UNIT_LOADED
)
5776 state
= unit_active_state(u
);
5777 if (!IN_SET(state
, UNIT_INACTIVE
))
5780 return UNIT_VTABLE(u
)->clean(u
, mask
);
5783 int unit_can_clean(Unit
*u
, ExecCleanMask
*ret
) {
5786 if (!UNIT_VTABLE(u
)->clean
||
5787 u
->load_state
!= UNIT_LOADED
) {
5792 /* When the clean() method is set, can_clean() really should be set too */
5793 assert(UNIT_VTABLE(u
)->can_clean
);
5795 return UNIT_VTABLE(u
)->can_clean(u
, ret
);
5798 bool unit_can_freeze(Unit
*u
) {
5801 if (UNIT_VTABLE(u
)->can_freeze
)
5802 return UNIT_VTABLE(u
)->can_freeze(u
);
5804 return UNIT_VTABLE(u
)->freeze
;
5807 void unit_frozen(Unit
*u
) {
5810 u
->freezer_state
= FREEZER_FROZEN
;
5812 bus_unit_send_pending_freezer_message(u
);
5815 void unit_thawed(Unit
*u
) {
5818 u
->freezer_state
= FREEZER_RUNNING
;
5820 bus_unit_send_pending_freezer_message(u
);
5823 static int unit_freezer_action(Unit
*u
, FreezerAction action
) {
5825 int (*method
)(Unit
*);
5829 assert(IN_SET(action
, FREEZER_FREEZE
, FREEZER_THAW
));
5831 method
= action
== FREEZER_FREEZE
? UNIT_VTABLE(u
)->freeze
: UNIT_VTABLE(u
)->thaw
;
5832 if (!method
|| !cg_freezer_supported())
5838 if (u
->load_state
!= UNIT_LOADED
)
5841 s
= unit_active_state(u
);
5842 if (s
!= UNIT_ACTIVE
)
5845 if (IN_SET(u
->freezer_state
, FREEZER_FREEZING
, FREEZER_THAWING
))
5855 int unit_freeze(Unit
*u
) {
5856 return unit_freezer_action(u
, FREEZER_FREEZE
);
5859 int unit_thaw(Unit
*u
) {
5860 return unit_freezer_action(u
, FREEZER_THAW
);
5863 /* Wrappers around low-level cgroup freezer operations common for service and scope units */
5864 int unit_freeze_vtable_common(Unit
*u
) {
5865 return unit_cgroup_freezer_action(u
, FREEZER_FREEZE
);
5868 int unit_thaw_vtable_common(Unit
*u
) {
5869 return unit_cgroup_freezer_action(u
, FREEZER_THAW
);
5872 Condition
*unit_find_failed_condition(Unit
*u
) {
5873 Condition
*failed_trigger
= NULL
;
5874 bool has_succeeded_trigger
= false;
5876 if (u
->condition_result
)
5879 LIST_FOREACH(conditions
, c
, u
->conditions
)
5881 if (c
->result
== CONDITION_SUCCEEDED
)
5882 has_succeeded_trigger
= true;
5883 else if (!failed_trigger
)
5885 } else if (c
->result
!= CONDITION_SUCCEEDED
)
5888 return failed_trigger
&& !has_succeeded_trigger
? failed_trigger
: NULL
;
5891 static const char* const collect_mode_table
[_COLLECT_MODE_MAX
] = {
5892 [COLLECT_INACTIVE
] = "inactive",
5893 [COLLECT_INACTIVE_OR_FAILED
] = "inactive-or-failed",
5896 DEFINE_STRING_TABLE_LOOKUP(collect_mode
, CollectMode
);
5898 Unit
* unit_has_dependency(const Unit
*u
, UnitDependencyAtom atom
, Unit
*other
) {
5903 /* Checks if the unit has a dependency on 'other' with the specified dependency atom. If 'other' is
5904 * NULL checks if the unit has *any* dependency of that atom. Returns 'other' if found (or if 'other'
5905 * is NULL the first entry found), or NULL if not found. */
5907 UNIT_FOREACH_DEPENDENCY(i
, u
, atom
)
5908 if (!other
|| other
== i
)
5914 int unit_get_dependency_array(const Unit
*u
, UnitDependencyAtom atom
, Unit
***ret_array
) {
5915 _cleanup_free_ Unit
**array
= NULL
;
5922 /* Gets a list of units matching a specific atom as array. This is useful when iterating through
5923 * dependencies while modifying them: the array is an "atomic snapshot" of sorts, that can be read
5924 * while the dependency table is continuously updated. */
5926 UNIT_FOREACH_DEPENDENCY(other
, u
, atom
) {
5927 if (!GREEDY_REALLOC(array
, n
+ 1))
5933 *ret_array
= TAKE_PTR(array
);
5935 assert(n
<= INT_MAX
);