]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/unit.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
update TODO
[thirdparty/systemd.git] / src / core / unit.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include <errno.h>
4 #include <stdlib.h>
5 #include <sys/prctl.h>
6 #include <unistd.h>
7
8 #include "sd-id128.h"
9 #include "sd-messages.h"
10
11 #include "all-units.h"
12 #include "alloc-util.h"
13 #include "bpf-firewall.h"
14 #include "bpf-foreign.h"
15 #include "bpf-socket-bind.h"
16 #include "bus-common-errors.h"
17 #include "bus-util.h"
18 #include "cgroup-setup.h"
19 #include "cgroup-util.h"
20 #include "chase.h"
21 #include "core-varlink.h"
22 #include "dbus-unit.h"
23 #include "dbus.h"
24 #include "dropin.h"
25 #include "env-util.h"
26 #include "escape.h"
27 #include "execute.h"
28 #include "fd-util.h"
29 #include "fileio-label.h"
30 #include "fileio.h"
31 #include "format-util.h"
32 #include "id128-util.h"
33 #include "install.h"
34 #include "io-util.h"
35 #include "label.h"
36 #include "load-dropin.h"
37 #include "load-fragment.h"
38 #include "log.h"
39 #include "macro.h"
40 #include "missing_audit.h"
41 #include "mkdir-label.h"
42 #include "path-util.h"
43 #include "process-util.h"
44 #include "rm-rf.h"
45 #include "serialize.h"
46 #include "set.h"
47 #include "signal-util.h"
48 #include "sparse-endian.h"
49 #include "special.h"
50 #include "specifier.h"
51 #include "stat-util.h"
52 #include "stdio-util.h"
53 #include "string-table.h"
54 #include "string-util.h"
55 #include "strv.h"
56 #include "terminal-util.h"
57 #include "tmpfile-util.h"
58 #include "umask-util.h"
59 #include "unit-name.h"
60 #include "unit.h"
61 #include "user-util.h"
62 #include "virt.h"
63 #if BPF_FRAMEWORK
64 #include "bpf-link.h"
65 #endif
66
67 /* Thresholds for logging at INFO level about resource consumption */
68 #define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
69 #define MENTIONWORTHY_IO_BYTES (1024 * 1024ULL)
70 #define MENTIONWORTHY_IP_BYTES (0ULL)
71
72 /* Thresholds for logging at INFO level about resource consumption */
73 #define NOTICEWORTHY_CPU_NSEC (10*60 * NSEC_PER_SEC) /* 10 minutes */
74 #define NOTICEWORTHY_IO_BYTES (10 * 1024 * 1024ULL) /* 10 MB */
75 #define NOTICEWORTHY_IP_BYTES (128 * 1024 * 1024ULL) /* 128 MB */
76
77 const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
78 [UNIT_SERVICE] = &service_vtable,
79 [UNIT_SOCKET] = &socket_vtable,
80 [UNIT_TARGET] = &target_vtable,
81 [UNIT_DEVICE] = &device_vtable,
82 [UNIT_MOUNT] = &mount_vtable,
83 [UNIT_AUTOMOUNT] = &automount_vtable,
84 [UNIT_SWAP] = &swap_vtable,
85 [UNIT_TIMER] = &timer_vtable,
86 [UNIT_PATH] = &path_vtable,
87 [UNIT_SLICE] = &slice_vtable,
88 [UNIT_SCOPE] = &scope_vtable,
89 };
90
91 Unit* unit_new(Manager *m, size_t size) {
92 Unit *u;
93
94 assert(m);
95 assert(size >= sizeof(Unit));
96
97 u = malloc0(size);
98 if (!u)
99 return NULL;
100
101 u->manager = m;
102 u->type = _UNIT_TYPE_INVALID;
103 u->default_dependencies = true;
104 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
105 u->unit_file_preset = -1;
106 u->on_failure_job_mode = JOB_REPLACE;
107 u->on_success_job_mode = JOB_FAIL;
108 u->cgroup_control_inotify_wd = -1;
109 u->cgroup_memory_inotify_wd = -1;
110 u->job_timeout = USEC_INFINITY;
111 u->job_running_timeout = USEC_INFINITY;
112 u->ref_uid = UID_INVALID;
113 u->ref_gid = GID_INVALID;
114 u->cpu_usage_last = NSEC_INFINITY;
115 u->cgroup_invalidated_mask |= CGROUP_MASK_BPF_FIREWALL;
116 u->failure_action_exit_status = u->success_action_exit_status = -1;
117
118 u->ip_accounting_ingress_map_fd = -EBADF;
119 u->ip_accounting_egress_map_fd = -EBADF;
120 for (CGroupIOAccountingMetric i = 0; i < _CGROUP_IO_ACCOUNTING_METRIC_MAX; i++)
121 u->io_accounting_last[i] = UINT64_MAX;
122
123 u->ipv4_allow_map_fd = -EBADF;
124 u->ipv6_allow_map_fd = -EBADF;
125 u->ipv4_deny_map_fd = -EBADF;
126 u->ipv6_deny_map_fd = -EBADF;
127
128 u->last_section_private = -1;
129
130 u->start_ratelimit = (RateLimit) { m->default_start_limit_interval, m->default_start_limit_burst };
131 u->auto_start_stop_ratelimit = (const RateLimit) { 10 * USEC_PER_SEC, 16 };
132
133 return u;
134 }
135
136 int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
137 _cleanup_(unit_freep) Unit *u = NULL;
138 int r;
139
140 u = unit_new(m, size);
141 if (!u)
142 return -ENOMEM;
143
144 r = unit_add_name(u, name);
145 if (r < 0)
146 return r;
147
148 *ret = TAKE_PTR(u);
149
150 return r;
151 }
152
153 bool unit_has_name(const Unit *u, const char *name) {
154 assert(u);
155 assert(name);
156
157 return streq_ptr(name, u->id) ||
158 set_contains(u->aliases, name);
159 }
160
161 static void unit_init(Unit *u) {
162 CGroupContext *cc;
163 ExecContext *ec;
164 KillContext *kc;
165
166 assert(u);
167 assert(u->manager);
168 assert(u->type >= 0);
169
170 cc = unit_get_cgroup_context(u);
171 if (cc) {
172 cgroup_context_init(cc);
173
174 /* Copy in the manager defaults into the cgroup
175 * context, _before_ the rest of the settings have
176 * been initialized */
177
178 cc->cpu_accounting = u->manager->default_cpu_accounting;
179 cc->io_accounting = u->manager->default_io_accounting;
180 cc->blockio_accounting = u->manager->default_blockio_accounting;
181 cc->memory_accounting = u->manager->default_memory_accounting;
182 cc->tasks_accounting = u->manager->default_tasks_accounting;
183 cc->ip_accounting = u->manager->default_ip_accounting;
184
185 if (u->type != UNIT_SLICE)
186 cc->tasks_max = u->manager->default_tasks_max;
187
188 cc->memory_pressure_watch = u->manager->default_memory_pressure_watch;
189 cc->memory_pressure_threshold_usec = u->manager->default_memory_pressure_threshold_usec;
190 }
191
192 ec = unit_get_exec_context(u);
193 if (ec) {
194 exec_context_init(ec);
195
196 if (u->manager->default_oom_score_adjust_set) {
197 ec->oom_score_adjust = u->manager->default_oom_score_adjust;
198 ec->oom_score_adjust_set = true;
199 }
200
201 if (MANAGER_IS_SYSTEM(u->manager))
202 ec->keyring_mode = EXEC_KEYRING_SHARED;
203 else {
204 ec->keyring_mode = EXEC_KEYRING_INHERIT;
205
206 /* User manager might have its umask redefined by PAM or UMask=. In this
207 * case let the units it manages inherit this value by default. They can
208 * still tune this value through their own unit file */
209 (void) get_process_umask(getpid_cached(), &ec->umask);
210 }
211 }
212
213 kc = unit_get_kill_context(u);
214 if (kc)
215 kill_context_init(kc);
216
217 if (UNIT_VTABLE(u)->init)
218 UNIT_VTABLE(u)->init(u);
219 }
220
221 static int unit_add_alias(Unit *u, char *donated_name) {
222 int r;
223
224 /* Make sure that u->names is allocated. We may leave u->names
225 * empty if we fail later, but this is not a problem. */
226 r = set_ensure_put(&u->aliases, &string_hash_ops, donated_name);
227 if (r < 0)
228 return r;
229 assert(r > 0);
230
231 return 0;
232 }
233
234 int unit_add_name(Unit *u, const char *text) {
235 _cleanup_free_ char *name = NULL, *instance = NULL;
236 UnitType t;
237 int r;
238
239 assert(u);
240 assert(text);
241
242 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
243 if (!u->instance)
244 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
245 "instance is not set when adding name '%s': %m", text);
246
247 r = unit_name_replace_instance(text, u->instance, &name);
248 if (r < 0)
249 return log_unit_debug_errno(u, r,
250 "failed to build instance name from '%s': %m", text);
251 } else {
252 name = strdup(text);
253 if (!name)
254 return -ENOMEM;
255 }
256
257 if (unit_has_name(u, name))
258 return 0;
259
260 if (hashmap_contains(u->manager->units, name))
261 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
262 "unit already exist when adding name '%s': %m", name);
263
264 if (!unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
265 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
266 "name '%s' is invalid: %m", name);
267
268 t = unit_name_to_type(name);
269 if (t < 0)
270 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
271 "failed to derive unit type from name '%s': %m", name);
272
273 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
274 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
275 "unit type is illegal: u->type(%d) and t(%d) for name '%s': %m",
276 u->type, t, name);
277
278 r = unit_name_to_instance(name, &instance);
279 if (r < 0)
280 return log_unit_debug_errno(u, r, "failed to extract instance from name '%s': %m", name);
281
282 if (instance && !unit_type_may_template(t))
283 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), "templates are not allowed for name '%s': %m", name);
284
285 /* Ensure that this unit either has no instance, or that the instance matches. */
286 if (u->type != _UNIT_TYPE_INVALID && !streq_ptr(u->instance, instance))
287 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
288 "cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
289 name, instance, u->instance);
290
291 if (u->id && !unit_type_may_alias(t))
292 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
293 "cannot add name %s, aliases are not allowed for %s units.",
294 name, unit_type_to_string(t));
295
296 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
297 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(E2BIG), "cannot add name, manager has too many units: %m");
298
299 /* Add name to the global hashmap first, because that's easier to undo */
300 r = hashmap_put(u->manager->units, name, u);
301 if (r < 0)
302 return log_unit_debug_errno(u, r, "add unit to hashmap failed for name '%s': %m", text);
303
304 if (u->id) {
305 r = unit_add_alias(u, name); /* unit_add_alias() takes ownership of the name on success */
306 if (r < 0) {
307 hashmap_remove(u->manager->units, name);
308 return r;
309 }
310 TAKE_PTR(name);
311
312 } else {
313 /* A new name, we don't need the set yet. */
314 assert(u->type == _UNIT_TYPE_INVALID);
315 assert(!u->instance);
316
317 u->type = t;
318 u->id = TAKE_PTR(name);
319 u->instance = TAKE_PTR(instance);
320
321 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
322 unit_init(u);
323 }
324
325 unit_add_to_dbus_queue(u);
326 return 0;
327 }
328
329 int unit_choose_id(Unit *u, const char *name) {
330 _cleanup_free_ char *t = NULL;
331 char *s;
332 int r;
333
334 assert(u);
335 assert(name);
336
337 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
338 if (!u->instance)
339 return -EINVAL;
340
341 r = unit_name_replace_instance(name, u->instance, &t);
342 if (r < 0)
343 return r;
344
345 name = t;
346 }
347
348 if (streq_ptr(u->id, name))
349 return 0; /* Nothing to do. */
350
351 /* Selects one of the aliases of this unit as the id */
352 s = set_get(u->aliases, (char*) name);
353 if (!s)
354 return -ENOENT;
355
356 if (u->id) {
357 r = set_remove_and_put(u->aliases, name, u->id);
358 if (r < 0)
359 return r;
360 } else
361 assert_se(set_remove(u->aliases, name)); /* see set_get() above… */
362
363 u->id = s; /* Old u->id is now stored in the set, and s is not stored anywhere */
364 unit_add_to_dbus_queue(u);
365
366 return 0;
367 }
368
369 int unit_set_description(Unit *u, const char *description) {
370 int r;
371
372 assert(u);
373
374 r = free_and_strdup(&u->description, empty_to_null(description));
375 if (r < 0)
376 return r;
377 if (r > 0)
378 unit_add_to_dbus_queue(u);
379
380 return 0;
381 }
382
383 static bool unit_success_failure_handler_has_jobs(Unit *unit) {
384 Unit *other;
385
386 UNIT_FOREACH_DEPENDENCY(other, unit, UNIT_ATOM_ON_SUCCESS)
387 if (other->job || other->nop_job)
388 return true;
389
390 UNIT_FOREACH_DEPENDENCY(other, unit, UNIT_ATOM_ON_FAILURE)
391 if (other->job || other->nop_job)
392 return true;
393
394 return false;
395 }
396
397 bool unit_may_gc(Unit *u) {
398 UnitActiveState state;
399 int r;
400
401 assert(u);
402
403 /* Checks whether the unit is ready to be unloaded for garbage collection.
404 * Returns true when the unit may be collected, and false if there's some
405 * reason to keep it loaded.
406 *
407 * References from other units are *not* checked here. Instead, this is done
408 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
409 */
410
411 if (u->job || u->nop_job)
412 return false;
413
414 state = unit_active_state(u);
415
416 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
417 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
418 UNIT_VTABLE(u)->release_resources)
419 UNIT_VTABLE(u)->release_resources(u);
420
421 if (u->perpetual)
422 return false;
423
424 if (sd_bus_track_count(u->bus_track) > 0)
425 return false;
426
427 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
428 switch (u->collect_mode) {
429
430 case COLLECT_INACTIVE:
431 if (state != UNIT_INACTIVE)
432 return false;
433
434 break;
435
436 case COLLECT_INACTIVE_OR_FAILED:
437 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
438 return false;
439
440 break;
441
442 default:
443 assert_not_reached();
444 }
445
446 /* Check if any OnFailure= or on Success= jobs may be pending */
447 if (unit_success_failure_handler_has_jobs(u))
448 return false;
449
450 if (u->cgroup_path) {
451 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
452 * around. Units with active processes should never be collected. */
453
454 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
455 if (r < 0)
456 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", empty_to_root(u->cgroup_path));
457 if (r <= 0)
458 return false;
459 }
460
461 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
462 return false;
463
464 return true;
465 }
466
467 void unit_add_to_load_queue(Unit *u) {
468 assert(u);
469 assert(u->type != _UNIT_TYPE_INVALID);
470
471 if (u->load_state != UNIT_STUB || u->in_load_queue)
472 return;
473
474 LIST_PREPEND(load_queue, u->manager->load_queue, u);
475 u->in_load_queue = true;
476 }
477
478 void unit_add_to_cleanup_queue(Unit *u) {
479 assert(u);
480
481 if (u->in_cleanup_queue)
482 return;
483
484 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
485 u->in_cleanup_queue = true;
486 }
487
488 void unit_add_to_gc_queue(Unit *u) {
489 assert(u);
490
491 if (u->in_gc_queue || u->in_cleanup_queue)
492 return;
493
494 if (!unit_may_gc(u))
495 return;
496
497 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
498 u->in_gc_queue = true;
499 }
500
501 void unit_add_to_dbus_queue(Unit *u) {
502 assert(u);
503 assert(u->type != _UNIT_TYPE_INVALID);
504
505 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
506 return;
507
508 /* Shortcut things if nobody cares */
509 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
510 sd_bus_track_count(u->bus_track) <= 0 &&
511 set_isempty(u->manager->private_buses)) {
512 u->sent_dbus_new_signal = true;
513 return;
514 }
515
516 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
517 u->in_dbus_queue = true;
518 }
519
520 void unit_submit_to_stop_when_unneeded_queue(Unit *u) {
521 assert(u);
522
523 if (u->in_stop_when_unneeded_queue)
524 return;
525
526 if (!u->stop_when_unneeded)
527 return;
528
529 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
530 return;
531
532 LIST_PREPEND(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
533 u->in_stop_when_unneeded_queue = true;
534 }
535
536 void unit_submit_to_start_when_upheld_queue(Unit *u) {
537 assert(u);
538
539 if (u->in_start_when_upheld_queue)
540 return;
541
542 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)))
543 return;
544
545 if (!unit_has_dependency(u, UNIT_ATOM_START_STEADILY, NULL))
546 return;
547
548 LIST_PREPEND(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
549 u->in_start_when_upheld_queue = true;
550 }
551
552 void unit_submit_to_stop_when_bound_queue(Unit *u) {
553 assert(u);
554
555 if (u->in_stop_when_bound_queue)
556 return;
557
558 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
559 return;
560
561 if (!unit_has_dependency(u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT, NULL))
562 return;
563
564 LIST_PREPEND(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
565 u->in_stop_when_bound_queue = true;
566 }
567
568 static void unit_clear_dependencies(Unit *u) {
569 assert(u);
570
571 /* Removes all dependencies configured on u and their reverse dependencies. */
572
573 for (Hashmap *deps; (deps = hashmap_steal_first(u->dependencies));) {
574
575 for (Unit *other; (other = hashmap_steal_first_key(deps));) {
576 Hashmap *other_deps;
577
578 HASHMAP_FOREACH(other_deps, other->dependencies)
579 hashmap_remove(other_deps, u);
580
581 unit_add_to_gc_queue(other);
582 }
583
584 hashmap_free(deps);
585 }
586
587 u->dependencies = hashmap_free(u->dependencies);
588 }
589
590 static void unit_remove_transient(Unit *u) {
591 assert(u);
592
593 if (!u->transient)
594 return;
595
596 if (u->fragment_path)
597 (void) unlink(u->fragment_path);
598
599 STRV_FOREACH(i, u->dropin_paths) {
600 _cleanup_free_ char *p = NULL, *pp = NULL;
601
602 if (path_extract_directory(*i, &p) < 0) /* Get the drop-in directory from the drop-in file */
603 continue;
604
605 if (path_extract_directory(p, &pp) < 0) /* Get the config directory from the drop-in directory */
606 continue;
607
608 /* Only drop transient drop-ins */
609 if (!path_equal(u->manager->lookup_paths.transient, pp))
610 continue;
611
612 (void) unlink(*i);
613 (void) rmdir(p);
614 }
615 }
616
617 static void unit_free_requires_mounts_for(Unit *u) {
618 assert(u);
619
620 for (;;) {
621 _cleanup_free_ char *path = NULL;
622
623 path = hashmap_steal_first_key(u->requires_mounts_for);
624 if (!path)
625 break;
626 else {
627 char s[strlen(path) + 1];
628
629 PATH_FOREACH_PREFIX_MORE(s, path) {
630 char *y;
631 Set *x;
632
633 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
634 if (!x)
635 continue;
636
637 (void) set_remove(x, u);
638
639 if (set_isempty(x)) {
640 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
641 free(y);
642 set_free(x);
643 }
644 }
645 }
646 }
647
648 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
649 }
650
651 static void unit_done(Unit *u) {
652 ExecContext *ec;
653 CGroupContext *cc;
654
655 assert(u);
656
657 if (u->type < 0)
658 return;
659
660 if (UNIT_VTABLE(u)->done)
661 UNIT_VTABLE(u)->done(u);
662
663 ec = unit_get_exec_context(u);
664 if (ec)
665 exec_context_done(ec);
666
667 cc = unit_get_cgroup_context(u);
668 if (cc)
669 cgroup_context_done(cc);
670 }
671
672 Unit* unit_free(Unit *u) {
673 Unit *slice;
674 char *t;
675
676 if (!u)
677 return NULL;
678
679 u->transient_file = safe_fclose(u->transient_file);
680
681 if (!MANAGER_IS_RELOADING(u->manager))
682 unit_remove_transient(u);
683
684 bus_unit_send_removed_signal(u);
685
686 unit_done(u);
687
688 unit_dequeue_rewatch_pids(u);
689
690 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
691 u->bus_track = sd_bus_track_unref(u->bus_track);
692 u->deserialized_refs = strv_free(u->deserialized_refs);
693 u->pending_freezer_invocation = sd_bus_message_unref(u->pending_freezer_invocation);
694
695 unit_free_requires_mounts_for(u);
696
697 SET_FOREACH(t, u->aliases)
698 hashmap_remove_value(u->manager->units, t, u);
699 if (u->id)
700 hashmap_remove_value(u->manager->units, u->id, u);
701
702 if (!sd_id128_is_null(u->invocation_id))
703 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
704
705 if (u->job) {
706 Job *j = u->job;
707 job_uninstall(j);
708 job_free(j);
709 }
710
711 if (u->nop_job) {
712 Job *j = u->nop_job;
713 job_uninstall(j);
714 job_free(j);
715 }
716
717 /* A unit is being dropped from the tree, make sure our family is realized properly. Do this after we
718 * detach the unit from slice tree in order to eliminate its effect on controller masks. */
719 slice = UNIT_GET_SLICE(u);
720 unit_clear_dependencies(u);
721 if (slice)
722 unit_add_family_to_cgroup_realize_queue(slice);
723
724 if (u->on_console)
725 manager_unref_console(u->manager);
726
727 fdset_free(u->initial_socket_bind_link_fds);
728 #if BPF_FRAMEWORK
729 bpf_link_free(u->ipv4_socket_bind_link);
730 bpf_link_free(u->ipv6_socket_bind_link);
731 #endif
732
733 unit_release_cgroup(u);
734
735 if (!MANAGER_IS_RELOADING(u->manager))
736 unit_unlink_state_files(u);
737
738 unit_unref_uid_gid(u, false);
739
740 (void) manager_update_failed_units(u->manager, u, false);
741 set_remove(u->manager->startup_units, u);
742
743 unit_unwatch_all_pids(u);
744
745 while (u->refs_by_target)
746 unit_ref_unset(u->refs_by_target);
747
748 if (u->type != _UNIT_TYPE_INVALID)
749 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
750
751 if (u->in_load_queue)
752 LIST_REMOVE(load_queue, u->manager->load_queue, u);
753
754 if (u->in_dbus_queue)
755 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
756
757 if (u->in_cleanup_queue)
758 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
759
760 if (u->in_gc_queue)
761 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
762
763 if (u->in_cgroup_realize_queue)
764 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
765
766 if (u->in_cgroup_empty_queue)
767 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
768
769 if (u->in_cgroup_oom_queue)
770 LIST_REMOVE(cgroup_oom_queue, u->manager->cgroup_oom_queue, u);
771
772 if (u->in_target_deps_queue)
773 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
774
775 if (u->in_stop_when_unneeded_queue)
776 LIST_REMOVE(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
777
778 if (u->in_start_when_upheld_queue)
779 LIST_REMOVE(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
780
781 if (u->in_stop_when_bound_queue)
782 LIST_REMOVE(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
783
784 bpf_firewall_close(u);
785
786 hashmap_free(u->bpf_foreign_by_key);
787
788 bpf_program_free(u->bpf_device_control_installed);
789
790 #if BPF_FRAMEWORK
791 bpf_link_free(u->restrict_ifaces_ingress_bpf_link);
792 bpf_link_free(u->restrict_ifaces_egress_bpf_link);
793 #endif
794 fdset_free(u->initial_restric_ifaces_link_fds);
795
796 condition_free_list(u->conditions);
797 condition_free_list(u->asserts);
798
799 free(u->description);
800 strv_free(u->documentation);
801 free(u->fragment_path);
802 free(u->source_path);
803 strv_free(u->dropin_paths);
804 free(u->instance);
805
806 free(u->job_timeout_reboot_arg);
807 free(u->reboot_arg);
808
809 free(u->access_selinux_context);
810
811 set_free_free(u->aliases);
812 free(u->id);
813
814 activation_details_unref(u->activation_details);
815
816 return mfree(u);
817 }
818
819 FreezerState unit_freezer_state(Unit *u) {
820 assert(u);
821
822 return u->freezer_state;
823 }
824
825 int unit_freezer_state_kernel(Unit *u, FreezerState *ret) {
826 char *values[1] = {};
827 int r;
828
829 assert(u);
830
831 r = cg_get_keyed_attribute(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, "cgroup.events",
832 STRV_MAKE("frozen"), values);
833 if (r < 0)
834 return r;
835
836 r = _FREEZER_STATE_INVALID;
837
838 if (values[0]) {
839 if (streq(values[0], "0"))
840 r = FREEZER_RUNNING;
841 else if (streq(values[0], "1"))
842 r = FREEZER_FROZEN;
843 }
844
845 free(values[0]);
846 *ret = r;
847
848 return 0;
849 }
850
851 UnitActiveState unit_active_state(Unit *u) {
852 assert(u);
853
854 if (u->load_state == UNIT_MERGED)
855 return unit_active_state(unit_follow_merge(u));
856
857 /* After a reload it might happen that a unit is not correctly
858 * loaded but still has a process around. That's why we won't
859 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
860
861 return UNIT_VTABLE(u)->active_state(u);
862 }
863
864 const char* unit_sub_state_to_string(Unit *u) {
865 assert(u);
866
867 return UNIT_VTABLE(u)->sub_state_to_string(u);
868 }
869
870 static int unit_merge_names(Unit *u, Unit *other) {
871 char *name;
872 int r;
873
874 assert(u);
875 assert(other);
876
877 r = unit_add_alias(u, other->id);
878 if (r < 0)
879 return r;
880
881 r = set_move(u->aliases, other->aliases);
882 if (r < 0) {
883 set_remove(u->aliases, other->id);
884 return r;
885 }
886
887 TAKE_PTR(other->id);
888 other->aliases = set_free_free(other->aliases);
889
890 SET_FOREACH(name, u->aliases)
891 assert_se(hashmap_replace(u->manager->units, name, u) == 0);
892
893 return 0;
894 }
895
896 static int unit_reserve_dependencies(Unit *u, Unit *other) {
897 size_t n_reserve;
898 Hashmap* deps;
899 void *d;
900 int r;
901
902 assert(u);
903 assert(other);
904
905 /* Let's reserve some space in the dependency hashmaps so that later on merging the units cannot
906 * fail.
907 *
908 * First make some room in the per dependency type hashmaps. Using the summed size of both units'
909 * hashmaps is an estimate that is likely too high since they probably use some of the same
910 * types. But it's never too low, and that's all we need. */
911
912 n_reserve = MIN(hashmap_size(other->dependencies), LESS_BY((size_t) _UNIT_DEPENDENCY_MAX, hashmap_size(u->dependencies)));
913 if (n_reserve > 0) {
914 r = hashmap_ensure_allocated(&u->dependencies, NULL);
915 if (r < 0)
916 return r;
917
918 r = hashmap_reserve(u->dependencies, n_reserve);
919 if (r < 0)
920 return r;
921 }
922
923 /* Now, enlarge our per dependency type hashmaps by the number of entries in the same hashmap of the
924 * other unit's dependencies.
925 *
926 * NB: If u does not have a dependency set allocated for some dependency type, there is no need to
927 * reserve anything for. In that case other's set will be transferred as a whole to u by
928 * complete_move(). */
929
930 HASHMAP_FOREACH_KEY(deps, d, u->dependencies) {
931 Hashmap *other_deps;
932
933 other_deps = hashmap_get(other->dependencies, d);
934
935 r = hashmap_reserve(deps, hashmap_size(other_deps));
936 if (r < 0)
937 return r;
938 }
939
940 return 0;
941 }
942
943 static bool unit_should_warn_about_dependency(UnitDependency dependency) {
944 /* Only warn about some unit types */
945 return IN_SET(dependency,
946 UNIT_CONFLICTS,
947 UNIT_CONFLICTED_BY,
948 UNIT_BEFORE,
949 UNIT_AFTER,
950 UNIT_ON_SUCCESS,
951 UNIT_ON_FAILURE,
952 UNIT_TRIGGERS,
953 UNIT_TRIGGERED_BY);
954 }
955
956 static int unit_per_dependency_type_hashmap_update(
957 Hashmap *per_type,
958 Unit *other,
959 UnitDependencyMask origin_mask,
960 UnitDependencyMask destination_mask) {
961
962 UnitDependencyInfo info;
963 int r;
964
965 assert(other);
966 assert_cc(sizeof(void*) == sizeof(info));
967
968 /* Acquire the UnitDependencyInfo entry for the Unit* we are interested in, and update it if it
969 * exists, or insert it anew if not. */
970
971 info.data = hashmap_get(per_type, other);
972 if (info.data) {
973 /* Entry already exists. Add in our mask. */
974
975 if (FLAGS_SET(origin_mask, info.origin_mask) &&
976 FLAGS_SET(destination_mask, info.destination_mask))
977 return 0; /* NOP */
978
979 info.origin_mask |= origin_mask;
980 info.destination_mask |= destination_mask;
981
982 r = hashmap_update(per_type, other, info.data);
983 } else {
984 info = (UnitDependencyInfo) {
985 .origin_mask = origin_mask,
986 .destination_mask = destination_mask,
987 };
988
989 r = hashmap_put(per_type, other, info.data);
990 }
991 if (r < 0)
992 return r;
993
994
995 return 1;
996 }
997
998 static int unit_add_dependency_hashmap(
999 Hashmap **dependencies,
1000 UnitDependency d,
1001 Unit *other,
1002 UnitDependencyMask origin_mask,
1003 UnitDependencyMask destination_mask) {
1004
1005 Hashmap *per_type;
1006 int r;
1007
1008 assert(dependencies);
1009 assert(other);
1010 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
1011 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
1012 assert(origin_mask > 0 || destination_mask > 0);
1013
1014 /* Ensure the top-level dependency hashmap exists that maps UnitDependency → Hashmap(Unit* →
1015 * UnitDependencyInfo) */
1016 r = hashmap_ensure_allocated(dependencies, NULL);
1017 if (r < 0)
1018 return r;
1019
1020 /* Acquire the inner hashmap, that maps Unit* → UnitDependencyInfo, for the specified dependency
1021 * type, and if it's missing allocate it and insert it. */
1022 per_type = hashmap_get(*dependencies, UNIT_DEPENDENCY_TO_PTR(d));
1023 if (!per_type) {
1024 per_type = hashmap_new(NULL);
1025 if (!per_type)
1026 return -ENOMEM;
1027
1028 r = hashmap_put(*dependencies, UNIT_DEPENDENCY_TO_PTR(d), per_type);
1029 if (r < 0) {
1030 hashmap_free(per_type);
1031 return r;
1032 }
1033 }
1034
1035 return unit_per_dependency_type_hashmap_update(per_type, other, origin_mask, destination_mask);
1036 }
1037
1038 static void unit_merge_dependencies(Unit *u, Unit *other) {
1039 Hashmap *deps;
1040 void *dt; /* Actually of type UnitDependency, except that we don't bother casting it here,
1041 * since the hashmaps all want it as void pointer. */
1042
1043 assert(u);
1044 assert(other);
1045
1046 if (u == other)
1047 return;
1048
1049 /* First, remove dependency to other. */
1050 HASHMAP_FOREACH_KEY(deps, dt, u->dependencies) {
1051 if (hashmap_remove(deps, other) && unit_should_warn_about_dependency(UNIT_DEPENDENCY_FROM_PTR(dt)))
1052 log_unit_warning(u, "Dependency %s=%s is dropped, as %s is merged into %s.",
1053 unit_dependency_to_string(UNIT_DEPENDENCY_FROM_PTR(dt)),
1054 other->id, other->id, u->id);
1055
1056 if (hashmap_isempty(deps))
1057 hashmap_free(hashmap_remove(u->dependencies, dt));
1058 }
1059
1060 for (;;) {
1061 _cleanup_(hashmap_freep) Hashmap *other_deps = NULL;
1062 UnitDependencyInfo di_back;
1063 Unit *back;
1064
1065 /* Let's focus on one dependency type at a time, that 'other' has defined. */
1066 other_deps = hashmap_steal_first_key_and_value(other->dependencies, &dt);
1067 if (!other_deps)
1068 break; /* done! */
1069
1070 deps = hashmap_get(u->dependencies, dt);
1071
1072 /* Now iterate through all dependencies of this dependency type, of 'other'. We refer to the
1073 * referenced units as 'back'. */
1074 HASHMAP_FOREACH_KEY(di_back.data, back, other_deps) {
1075 Hashmap *back_deps;
1076 void *back_dt;
1077
1078 if (back == u) {
1079 /* This is a dependency pointing back to the unit we want to merge with?
1080 * Suppress it (but warn) */
1081 if (unit_should_warn_about_dependency(UNIT_DEPENDENCY_FROM_PTR(dt)))
1082 log_unit_warning(u, "Dependency %s=%s in %s is dropped, as %s is merged into %s.",
1083 unit_dependency_to_string(UNIT_DEPENDENCY_FROM_PTR(dt)),
1084 u->id, other->id, other->id, u->id);
1085
1086 hashmap_remove(other_deps, back);
1087 continue;
1088 }
1089
1090 /* Now iterate through all deps of 'back', and fix the ones pointing to 'other' to
1091 * point to 'u' instead. */
1092 HASHMAP_FOREACH_KEY(back_deps, back_dt, back->dependencies) {
1093 UnitDependencyInfo di_move;
1094
1095 di_move.data = hashmap_remove(back_deps, other);
1096 if (!di_move.data)
1097 continue;
1098
1099 assert_se(unit_per_dependency_type_hashmap_update(
1100 back_deps,
1101 u,
1102 di_move.origin_mask,
1103 di_move.destination_mask) >= 0);
1104 }
1105
1106 /* The target unit already has dependencies of this type, let's then merge this individually. */
1107 if (deps)
1108 assert_se(unit_per_dependency_type_hashmap_update(
1109 deps,
1110 back,
1111 di_back.origin_mask,
1112 di_back.destination_mask) >= 0);
1113 }
1114
1115 /* Now all references towards 'other' of the current type 'dt' are corrected to point to 'u'.
1116 * Lets's now move the deps of type 'dt' from 'other' to 'u'. If the unit does not have
1117 * dependencies of this type, let's move them per type wholesale. */
1118 if (!deps)
1119 assert_se(hashmap_put(u->dependencies, dt, TAKE_PTR(other_deps)) >= 0);
1120 }
1121
1122 other->dependencies = hashmap_free(other->dependencies);
1123 }
1124
1125 int unit_merge(Unit *u, Unit *other) {
1126 int r;
1127
1128 assert(u);
1129 assert(other);
1130 assert(u->manager == other->manager);
1131 assert(u->type != _UNIT_TYPE_INVALID);
1132
1133 other = unit_follow_merge(other);
1134
1135 if (other == u)
1136 return 0;
1137
1138 if (u->type != other->type)
1139 return -EINVAL;
1140
1141 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
1142 return -EEXIST;
1143
1144 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
1145 return -EEXIST;
1146
1147 if (!streq_ptr(u->instance, other->instance))
1148 return -EINVAL;
1149
1150 if (other->job)
1151 return -EEXIST;
1152
1153 if (other->nop_job)
1154 return -EEXIST;
1155
1156 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
1157 return -EEXIST;
1158
1159 /* Make reservations to ensure merge_dependencies() won't fail. We don't rollback reservations if we
1160 * fail. We don't have a way to undo reservations. A reservation is not a leak. */
1161 r = unit_reserve_dependencies(u, other);
1162 if (r < 0)
1163 return r;
1164
1165 /* Redirect all references */
1166 while (other->refs_by_target)
1167 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
1168
1169 /* Merge dependencies */
1170 unit_merge_dependencies(u, other);
1171
1172 /* Merge names. It is better to do that after merging deps, otherwise the log message contains n/a. */
1173 r = unit_merge_names(u, other);
1174 if (r < 0)
1175 return r;
1176
1177 other->load_state = UNIT_MERGED;
1178 other->merged_into = u;
1179
1180 if (!u->activation_details)
1181 u->activation_details = activation_details_ref(other->activation_details);
1182
1183 /* If there is still some data attached to the other node, we
1184 * don't need it anymore, and can free it. */
1185 if (other->load_state != UNIT_STUB)
1186 if (UNIT_VTABLE(other)->done)
1187 UNIT_VTABLE(other)->done(other);
1188
1189 unit_add_to_dbus_queue(u);
1190 unit_add_to_cleanup_queue(other);
1191
1192 return 0;
1193 }
1194
1195 int unit_merge_by_name(Unit *u, const char *name) {
1196 _cleanup_free_ char *s = NULL;
1197 Unit *other;
1198 int r;
1199
1200 /* Either add name to u, or if a unit with name already exists, merge it with u.
1201 * If name is a template, do the same for name@instance, where instance is u's instance. */
1202
1203 assert(u);
1204 assert(name);
1205
1206 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
1207 if (!u->instance)
1208 return -EINVAL;
1209
1210 r = unit_name_replace_instance(name, u->instance, &s);
1211 if (r < 0)
1212 return r;
1213
1214 name = s;
1215 }
1216
1217 other = manager_get_unit(u->manager, name);
1218 if (other)
1219 return unit_merge(u, other);
1220
1221 return unit_add_name(u, name);
1222 }
1223
1224 Unit* unit_follow_merge(Unit *u) {
1225 assert(u);
1226
1227 while (u->load_state == UNIT_MERGED)
1228 assert_se(u = u->merged_into);
1229
1230 return u;
1231 }
1232
1233 int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
1234 int r;
1235
1236 assert(u);
1237 assert(c);
1238
1239 /* Unlike unit_add_dependency() or friends, this always returns 0 on success. */
1240
1241 if (c->working_directory && !c->working_directory_missing_ok) {
1242 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
1243 if (r < 0)
1244 return r;
1245 }
1246
1247 if (c->root_directory) {
1248 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
1249 if (r < 0)
1250 return r;
1251 }
1252
1253 if (c->root_image) {
1254 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
1255 if (r < 0)
1256 return r;
1257 }
1258
1259 for (ExecDirectoryType dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
1260 if (!u->manager->prefix[dt])
1261 continue;
1262
1263 for (size_t i = 0; i < c->directories[dt].n_items; i++) {
1264 _cleanup_free_ char *p = NULL;
1265
1266 p = path_join(u->manager->prefix[dt], c->directories[dt].items[i].path);
1267 if (!p)
1268 return -ENOMEM;
1269
1270 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
1271 if (r < 0)
1272 return r;
1273 }
1274 }
1275
1276 if (!MANAGER_IS_SYSTEM(u->manager))
1277 return 0;
1278
1279 /* For the following three directory types we need write access, and /var/ is possibly on the root
1280 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
1281 if (c->directories[EXEC_DIRECTORY_STATE].n_items > 0 ||
1282 c->directories[EXEC_DIRECTORY_CACHE].n_items > 0 ||
1283 c->directories[EXEC_DIRECTORY_LOGS].n_items > 0) {
1284 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_REMOUNT_FS_SERVICE, true, UNIT_DEPENDENCY_FILE);
1285 if (r < 0)
1286 return r;
1287 }
1288
1289 if (c->private_tmp) {
1290
1291 /* FIXME: for now we make a special case for /tmp and add a weak dependency on
1292 * tmp.mount so /tmp being masked is supported. However there's no reason to treat
1293 * /tmp specifically and masking other mount units should be handled more
1294 * gracefully too, see PR#16894. */
1295 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "tmp.mount", true, UNIT_DEPENDENCY_FILE);
1296 if (r < 0)
1297 return r;
1298
1299 r = unit_require_mounts_for(u, "/var/tmp", UNIT_DEPENDENCY_FILE);
1300 if (r < 0)
1301 return r;
1302
1303 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, true, UNIT_DEPENDENCY_FILE);
1304 if (r < 0)
1305 return r;
1306 }
1307
1308 if (c->root_image) {
1309 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1310 * implicit dependency on udev */
1311
1312 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_UDEVD_SERVICE, true, UNIT_DEPENDENCY_FILE);
1313 if (r < 0)
1314 return r;
1315 }
1316
1317 if (!IN_SET(c->std_output,
1318 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1319 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
1320 !IN_SET(c->std_error,
1321 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1322 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
1323 !c->log_namespace)
1324 return 0;
1325
1326 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1327 * is run first. */
1328
1329 if (c->log_namespace) {
1330 _cleanup_free_ char *socket_unit = NULL, *varlink_socket_unit = NULL;
1331
1332 r = unit_name_build_from_type("systemd-journald", c->log_namespace, UNIT_SOCKET, &socket_unit);
1333 if (r < 0)
1334 return r;
1335
1336 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, socket_unit, true, UNIT_DEPENDENCY_FILE);
1337 if (r < 0)
1338 return r;
1339
1340 r = unit_name_build_from_type("systemd-journald-varlink", c->log_namespace, UNIT_SOCKET, &varlink_socket_unit);
1341 if (r < 0)
1342 return r;
1343
1344 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, varlink_socket_unit, true, UNIT_DEPENDENCY_FILE);
1345 if (r < 0)
1346 return r;
1347 } else
1348 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, true, UNIT_DEPENDENCY_FILE);
1349 if (r < 0)
1350 return r;
1351
1352 return 0;
1353 }
1354
1355 const char* unit_description(Unit *u) {
1356 assert(u);
1357
1358 if (u->description)
1359 return u->description;
1360
1361 return strna(u->id);
1362 }
1363
1364 const char* unit_status_string(Unit *u, char **ret_combined_buffer) {
1365 assert(u);
1366 assert(u->id);
1367
1368 /* Return u->id, u->description, or "{u->id} - {u->description}".
1369 * Versions with u->description are only used if it is set.
1370 * The last option is used if configured and the caller provided the 'ret_combined_buffer'
1371 * pointer.
1372 *
1373 * Note that *ret_combined_buffer may be set to NULL. */
1374
1375 if (!u->description ||
1376 u->manager->status_unit_format == STATUS_UNIT_FORMAT_NAME ||
1377 (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && !ret_combined_buffer) ||
1378 streq(u->description, u->id)) {
1379
1380 if (ret_combined_buffer)
1381 *ret_combined_buffer = NULL;
1382 return u->id;
1383 }
1384
1385 if (ret_combined_buffer) {
1386 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED) {
1387 *ret_combined_buffer = strjoin(u->id, " - ", u->description);
1388 if (*ret_combined_buffer)
1389 return *ret_combined_buffer;
1390 log_oom(); /* Fall back to ->description */
1391 } else
1392 *ret_combined_buffer = NULL;
1393 }
1394
1395 return u->description;
1396 }
1397
1398 /* Common implementation for multiple backends */
1399 int unit_load_fragment_and_dropin(Unit *u, bool fragment_required) {
1400 int r;
1401
1402 assert(u);
1403
1404 /* Load a .{service,socket,...} file */
1405 r = unit_load_fragment(u);
1406 if (r < 0)
1407 return r;
1408
1409 if (u->load_state == UNIT_STUB) {
1410 if (fragment_required)
1411 return -ENOENT;
1412
1413 u->load_state = UNIT_LOADED;
1414 }
1415
1416 /* Load drop-in directory data. If u is an alias, we might be reloading the
1417 * target unit needlessly. But we cannot be sure which drops-ins have already
1418 * been loaded and which not, at least without doing complicated book-keeping,
1419 * so let's always reread all drop-ins. */
1420 r = unit_load_dropin(unit_follow_merge(u));
1421 if (r < 0)
1422 return r;
1423
1424 if (u->source_path) {
1425 struct stat st;
1426
1427 if (stat(u->source_path, &st) >= 0)
1428 u->source_mtime = timespec_load(&st.st_mtim);
1429 else
1430 u->source_mtime = 0;
1431 }
1432
1433 return 0;
1434 }
1435
1436 void unit_add_to_target_deps_queue(Unit *u) {
1437 Manager *m = ASSERT_PTR(ASSERT_PTR(u)->manager);
1438
1439 if (u->in_target_deps_queue)
1440 return;
1441
1442 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1443 u->in_target_deps_queue = true;
1444 }
1445
1446 int unit_add_default_target_dependency(Unit *u, Unit *target) {
1447 assert(u);
1448 assert(target);
1449
1450 if (target->type != UNIT_TARGET)
1451 return 0;
1452
1453 /* Only add the dependency if both units are loaded, so that
1454 * that loop check below is reliable */
1455 if (u->load_state != UNIT_LOADED ||
1456 target->load_state != UNIT_LOADED)
1457 return 0;
1458
1459 /* If either side wants no automatic dependencies, then let's
1460 * skip this */
1461 if (!u->default_dependencies ||
1462 !target->default_dependencies)
1463 return 0;
1464
1465 /* Don't create loops */
1466 if (unit_has_dependency(target, UNIT_ATOM_BEFORE, u))
1467 return 0;
1468
1469 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
1470 }
1471
1472 static int unit_add_slice_dependencies(Unit *u) {
1473 Unit *slice;
1474 assert(u);
1475
1476 if (!UNIT_HAS_CGROUP_CONTEXT(u))
1477 return 0;
1478
1479 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1480 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1481 relationship). */
1482 UnitDependencyMask mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
1483
1484 slice = UNIT_GET_SLICE(u);
1485 if (slice)
1486 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, slice, true, mask);
1487
1488 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
1489 return 0;
1490
1491 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, true, mask);
1492 }
1493
1494 static int unit_add_mount_dependencies(Unit *u) {
1495 UnitDependencyInfo di;
1496 const char *path;
1497 bool changed = false;
1498 int r;
1499
1500 assert(u);
1501
1502 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for) {
1503 char prefix[strlen(path) + 1];
1504
1505 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1506 _cleanup_free_ char *p = NULL;
1507 Unit *m;
1508
1509 r = unit_name_from_path(prefix, ".mount", &p);
1510 if (r == -EINVAL)
1511 continue; /* If the path cannot be converted to a mount unit name, then it's
1512 * not manageable as a unit by systemd, and hence we don't need a
1513 * dependency on it. Let's thus silently ignore the issue. */
1514 if (r < 0)
1515 return r;
1516
1517 m = manager_get_unit(u->manager, p);
1518 if (!m) {
1519 /* Make sure to load the mount unit if it exists. If so the dependencies on
1520 * this unit will be added later during the loading of the mount unit. */
1521 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
1522 continue;
1523 }
1524 if (m == u)
1525 continue;
1526
1527 if (m->load_state != UNIT_LOADED)
1528 continue;
1529
1530 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
1531 if (r < 0)
1532 return r;
1533 changed = changed || r > 0;
1534
1535 if (m->fragment_path) {
1536 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
1537 if (r < 0)
1538 return r;
1539 changed = changed || r > 0;
1540 }
1541 }
1542 }
1543
1544 return changed;
1545 }
1546
1547 static int unit_add_oomd_dependencies(Unit *u) {
1548 CGroupContext *c;
1549 CGroupMask mask;
1550 int r;
1551
1552 assert(u);
1553
1554 if (!u->default_dependencies)
1555 return 0;
1556
1557 c = unit_get_cgroup_context(u);
1558 if (!c)
1559 return 0;
1560
1561 bool wants_oomd = c->moom_swap == MANAGED_OOM_KILL || c->moom_mem_pressure == MANAGED_OOM_KILL;
1562 if (!wants_oomd)
1563 return 0;
1564
1565 if (!cg_all_unified())
1566 return 0;
1567
1568 r = cg_mask_supported(&mask);
1569 if (r < 0)
1570 return log_debug_errno(r, "Failed to determine supported controllers: %m");
1571
1572 if (!FLAGS_SET(mask, CGROUP_MASK_MEMORY))
1573 return 0;
1574
1575 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "systemd-oomd.service", true, UNIT_DEPENDENCY_FILE);
1576 }
1577
1578 static int unit_add_startup_units(Unit *u) {
1579 if (!unit_has_startup_cgroup_constraints(u))
1580 return 0;
1581
1582 return set_ensure_put(&u->manager->startup_units, NULL, u);
1583 }
1584
1585 static int unit_validate_on_failure_job_mode(
1586 Unit *u,
1587 const char *job_mode_setting,
1588 JobMode job_mode,
1589 const char *dependency_name,
1590 UnitDependencyAtom atom) {
1591
1592 Unit *other, *found = NULL;
1593
1594 if (job_mode != JOB_ISOLATE)
1595 return 0;
1596
1597 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
1598 if (!found)
1599 found = other;
1600 else if (found != other)
1601 return log_unit_error_errno(
1602 u, SYNTHETIC_ERRNO(ENOEXEC),
1603 "More than one %s dependencies specified but %sisolate set. Refusing.",
1604 dependency_name, job_mode_setting);
1605 }
1606
1607 return 0;
1608 }
1609
1610 int unit_load(Unit *u) {
1611 int r;
1612
1613 assert(u);
1614
1615 if (u->in_load_queue) {
1616 LIST_REMOVE(load_queue, u->manager->load_queue, u);
1617 u->in_load_queue = false;
1618 }
1619
1620 if (u->type == _UNIT_TYPE_INVALID)
1621 return -EINVAL;
1622
1623 if (u->load_state != UNIT_STUB)
1624 return 0;
1625
1626 if (u->transient_file) {
1627 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1628 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1629
1630 r = fflush_and_check(u->transient_file);
1631 if (r < 0)
1632 goto fail;
1633
1634 u->transient_file = safe_fclose(u->transient_file);
1635 u->fragment_mtime = now(CLOCK_REALTIME);
1636 }
1637
1638 r = UNIT_VTABLE(u)->load(u);
1639 if (r < 0)
1640 goto fail;
1641
1642 assert(u->load_state != UNIT_STUB);
1643
1644 if (u->load_state == UNIT_LOADED) {
1645 unit_add_to_target_deps_queue(u);
1646
1647 r = unit_add_slice_dependencies(u);
1648 if (r < 0)
1649 goto fail;
1650
1651 r = unit_add_mount_dependencies(u);
1652 if (r < 0)
1653 goto fail;
1654
1655 r = unit_add_oomd_dependencies(u);
1656 if (r < 0)
1657 goto fail;
1658
1659 r = unit_add_startup_units(u);
1660 if (r < 0)
1661 goto fail;
1662
1663 r = unit_validate_on_failure_job_mode(u, "OnSuccessJobMode=", u->on_success_job_mode, "OnSuccess=", UNIT_ATOM_ON_SUCCESS);
1664 if (r < 0)
1665 goto fail;
1666
1667 r = unit_validate_on_failure_job_mode(u, "OnFailureJobMode=", u->on_failure_job_mode, "OnFailure=", UNIT_ATOM_ON_FAILURE);
1668 if (r < 0)
1669 goto fail;
1670
1671 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1672 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1673
1674 /* We finished loading, let's ensure our parents recalculate the members mask */
1675 unit_invalidate_cgroup_members_masks(u);
1676 }
1677
1678 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
1679
1680 unit_add_to_dbus_queue(unit_follow_merge(u));
1681 unit_add_to_gc_queue(u);
1682 (void) manager_varlink_send_managed_oom_update(u);
1683
1684 return 0;
1685
1686 fail:
1687 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code
1688 * should hence return ENOEXEC to ensure units are placed in this state after loading. */
1689
1690 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1691 r == -ENOEXEC ? UNIT_BAD_SETTING :
1692 UNIT_ERROR;
1693 u->load_error = r;
1694
1695 /* Record the timestamp on the cache, so that if the cache gets updated between now and the next time
1696 * an attempt is made to load this unit, we know we need to check again. */
1697 if (u->load_state == UNIT_NOT_FOUND)
1698 u->fragment_not_found_timestamp_hash = u->manager->unit_cache_timestamp_hash;
1699
1700 unit_add_to_dbus_queue(u);
1701 unit_add_to_gc_queue(u);
1702
1703 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
1704 }
1705
1706 _printf_(7, 8)
1707 static int log_unit_internal(void *userdata, int level, int error, const char *file, int line, const char *func, const char *format, ...) {
1708 Unit *u = userdata;
1709 va_list ap;
1710 int r;
1711
1712 if (u && !unit_log_level_test(u, level))
1713 return -ERRNO_VALUE(error);
1714
1715 va_start(ap, format);
1716 if (u)
1717 r = log_object_internalv(level, error, file, line, func,
1718 u->manager->unit_log_field,
1719 u->id,
1720 u->manager->invocation_log_field,
1721 u->invocation_id_string,
1722 format, ap);
1723 else
1724 r = log_internalv(level, error, file, line, func, format, ap);
1725 va_end(ap);
1726
1727 return r;
1728 }
1729
1730 static bool unit_test_condition(Unit *u) {
1731 _cleanup_strv_free_ char **env = NULL;
1732 int r;
1733
1734 assert(u);
1735
1736 dual_timestamp_get(&u->condition_timestamp);
1737
1738 r = manager_get_effective_environment(u->manager, &env);
1739 if (r < 0) {
1740 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1741 u->condition_result = true;
1742 } else
1743 u->condition_result = condition_test_list(
1744 u->conditions,
1745 env,
1746 condition_type_to_string,
1747 log_unit_internal,
1748 u);
1749
1750 unit_add_to_dbus_queue(u);
1751 return u->condition_result;
1752 }
1753
1754 static bool unit_test_assert(Unit *u) {
1755 _cleanup_strv_free_ char **env = NULL;
1756 int r;
1757
1758 assert(u);
1759
1760 dual_timestamp_get(&u->assert_timestamp);
1761
1762 r = manager_get_effective_environment(u->manager, &env);
1763 if (r < 0) {
1764 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1765 u->assert_result = CONDITION_ERROR;
1766 } else
1767 u->assert_result = condition_test_list(
1768 u->asserts,
1769 env,
1770 assert_type_to_string,
1771 log_unit_internal,
1772 u);
1773
1774 unit_add_to_dbus_queue(u);
1775 return u->assert_result;
1776 }
1777
1778 void unit_status_printf(Unit *u, StatusType status_type, const char *status, const char *format, const char *ident) {
1779 if (log_get_show_color()) {
1780 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && strchr(ident, ' '))
1781 ident = strjoina(ANSI_HIGHLIGHT, u->id, ANSI_NORMAL, " - ", u->description);
1782 else
1783 ident = strjoina(ANSI_HIGHLIGHT, ident, ANSI_NORMAL);
1784 }
1785
1786 DISABLE_WARNING_FORMAT_NONLITERAL;
1787 manager_status_printf(u->manager, status_type, status, format, ident);
1788 REENABLE_WARNING;
1789 }
1790
1791 int unit_test_start_limit(Unit *u) {
1792 const char *reason;
1793
1794 assert(u);
1795
1796 if (ratelimit_below(&u->start_ratelimit)) {
1797 u->start_limit_hit = false;
1798 return 0;
1799 }
1800
1801 log_unit_warning(u, "Start request repeated too quickly.");
1802 u->start_limit_hit = true;
1803
1804 reason = strjoina("unit ", u->id, " failed");
1805
1806 emergency_action(u->manager, u->start_limit_action,
1807 EMERGENCY_ACTION_IS_WATCHDOG|EMERGENCY_ACTION_WARN,
1808 u->reboot_arg, -1, reason);
1809
1810 return -ECANCELED;
1811 }
1812
1813 bool unit_shall_confirm_spawn(Unit *u) {
1814 assert(u);
1815
1816 if (manager_is_confirm_spawn_disabled(u->manager))
1817 return false;
1818
1819 /* For some reasons units remaining in the same process group
1820 * as PID 1 fail to acquire the console even if it's not used
1821 * by any process. So skip the confirmation question for them. */
1822 return !unit_get_exec_context(u)->same_pgrp;
1823 }
1824
1825 static bool unit_verify_deps(Unit *u) {
1826 Unit *other;
1827
1828 assert(u);
1829
1830 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined
1831 * with After=. We do not check Requires= or Requisite= here as they only should have an effect on
1832 * the job processing, but do not have any effect afterwards. We don't check BindsTo= dependencies
1833 * that are not used in conjunction with After= as for them any such check would make things entirely
1834 * racy. */
1835
1836 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
1837
1838 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other))
1839 continue;
1840
1841 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1842 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1843 return false;
1844 }
1845 }
1846
1847 return true;
1848 }
1849
1850 /* Errors that aren't really errors:
1851 * -EALREADY: Unit is already started.
1852 * -ECOMM: Condition failed
1853 * -EAGAIN: An operation is already in progress. Retry later.
1854 *
1855 * Errors that are real errors:
1856 * -EBADR: This unit type does not support starting.
1857 * -ECANCELED: Start limit hit, too many requests for now
1858 * -EPROTO: Assert failed
1859 * -EINVAL: Unit not loaded
1860 * -EOPNOTSUPP: Unit type not supported
1861 * -ENOLINK: The necessary dependencies are not fulfilled.
1862 * -ESTALE: This unit has been started before and can't be started a second time
1863 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
1864 */
1865 int unit_start(Unit *u, ActivationDetails *details) {
1866 UnitActiveState state;
1867 Unit *following;
1868 int r;
1869
1870 assert(u);
1871
1872 /* Let's hold off running start jobs for mount units when /proc/self/mountinfo monitor is rate limited. */
1873 if (u->type == UNIT_MOUNT && sd_event_source_is_ratelimited(u->manager->mount_event_source))
1874 return -EAGAIN;
1875
1876 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1877 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1878 * waiting is finished. */
1879 state = unit_active_state(u);
1880 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1881 return -EALREADY;
1882 if (state == UNIT_MAINTENANCE)
1883 return -EAGAIN;
1884
1885 /* Units that aren't loaded cannot be started */
1886 if (u->load_state != UNIT_LOADED)
1887 return -EINVAL;
1888
1889 /* Refuse starting scope units more than once */
1890 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1891 return -ESTALE;
1892
1893 /* If the conditions failed, don't do anything at all. If we already are activating this call might
1894 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1895 * recheck the condition in that case. */
1896 if (state != UNIT_ACTIVATING &&
1897 !unit_test_condition(u))
1898 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(ECOMM), "Starting requested but condition failed. Not starting unit.");
1899
1900 /* If the asserts failed, fail the entire job */
1901 if (state != UNIT_ACTIVATING &&
1902 !unit_test_assert(u))
1903 return log_unit_notice_errno(u, SYNTHETIC_ERRNO(EPROTO), "Starting requested but asserts failed.");
1904
1905 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1906 * condition checks, so that we rather return condition check errors (which are usually not
1907 * considered a true failure) than "not supported" errors (which are considered a failure).
1908 */
1909 if (!unit_type_supported(u->type))
1910 return -EOPNOTSUPP;
1911
1912 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1913 * should have taken care of this already, but let's check this here again. After all, our
1914 * dependencies might not be in effect anymore, due to a reload or due to an unmet condition. */
1915 if (!unit_verify_deps(u))
1916 return -ENOLINK;
1917
1918 /* Forward to the main object, if we aren't it. */
1919 following = unit_following(u);
1920 if (following) {
1921 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
1922 return unit_start(following, details);
1923 }
1924
1925 /* Check our ability to start early so that failure conditions don't cause us to enter a busy loop. */
1926 if (UNIT_VTABLE(u)->can_start) {
1927 r = UNIT_VTABLE(u)->can_start(u);
1928 if (r < 0)
1929 return r;
1930 }
1931
1932 /* If it is stopped, but we cannot start it, then fail */
1933 if (!UNIT_VTABLE(u)->start)
1934 return -EBADR;
1935
1936 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1937 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1938 * waits for a holdoff timer to elapse before it will start again. */
1939
1940 unit_add_to_dbus_queue(u);
1941 unit_cgroup_freezer_action(u, FREEZER_THAW);
1942
1943 if (!u->activation_details) /* Older details object wins */
1944 u->activation_details = activation_details_ref(details);
1945
1946 return UNIT_VTABLE(u)->start(u);
1947 }
1948
1949 bool unit_can_start(Unit *u) {
1950 assert(u);
1951
1952 if (u->load_state != UNIT_LOADED)
1953 return false;
1954
1955 if (!unit_type_supported(u->type))
1956 return false;
1957
1958 /* Scope units may be started only once */
1959 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1960 return false;
1961
1962 return !!UNIT_VTABLE(u)->start;
1963 }
1964
1965 bool unit_can_isolate(Unit *u) {
1966 assert(u);
1967
1968 return unit_can_start(u) &&
1969 u->allow_isolate;
1970 }
1971
1972 /* Errors:
1973 * -EBADR: This unit type does not support stopping.
1974 * -EALREADY: Unit is already stopped.
1975 * -EAGAIN: An operation is already in progress. Retry later.
1976 */
1977 int unit_stop(Unit *u) {
1978 UnitActiveState state;
1979 Unit *following;
1980
1981 assert(u);
1982
1983 state = unit_active_state(u);
1984 if (UNIT_IS_INACTIVE_OR_FAILED(state))
1985 return -EALREADY;
1986
1987 following = unit_following(u);
1988 if (following) {
1989 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
1990 return unit_stop(following);
1991 }
1992
1993 if (!UNIT_VTABLE(u)->stop)
1994 return -EBADR;
1995
1996 unit_add_to_dbus_queue(u);
1997 unit_cgroup_freezer_action(u, FREEZER_THAW);
1998
1999 return UNIT_VTABLE(u)->stop(u);
2000 }
2001
2002 bool unit_can_stop(Unit *u) {
2003 assert(u);
2004
2005 /* Note: if we return true here, it does not mean that the unit may be successfully stopped.
2006 * Extrinsic units follow external state and they may stop following external state changes
2007 * (hence we return true here), but an attempt to do this through the manager will fail. */
2008
2009 if (!unit_type_supported(u->type))
2010 return false;
2011
2012 if (u->perpetual)
2013 return false;
2014
2015 return !!UNIT_VTABLE(u)->stop;
2016 }
2017
2018 /* Errors:
2019 * -EBADR: This unit type does not support reloading.
2020 * -ENOEXEC: Unit is not started.
2021 * -EAGAIN: An operation is already in progress. Retry later.
2022 */
2023 int unit_reload(Unit *u) {
2024 UnitActiveState state;
2025 Unit *following;
2026
2027 assert(u);
2028
2029 if (u->load_state != UNIT_LOADED)
2030 return -EINVAL;
2031
2032 if (!unit_can_reload(u))
2033 return -EBADR;
2034
2035 state = unit_active_state(u);
2036 if (state == UNIT_RELOADING)
2037 return -EAGAIN;
2038
2039 if (state != UNIT_ACTIVE)
2040 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "Unit cannot be reloaded because it is inactive.");
2041
2042 following = unit_following(u);
2043 if (following) {
2044 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
2045 return unit_reload(following);
2046 }
2047
2048 unit_add_to_dbus_queue(u);
2049
2050 if (!UNIT_VTABLE(u)->reload) {
2051 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
2052 unit_notify(u, unit_active_state(u), unit_active_state(u), 0);
2053 return 0;
2054 }
2055
2056 unit_cgroup_freezer_action(u, FREEZER_THAW);
2057
2058 return UNIT_VTABLE(u)->reload(u);
2059 }
2060
2061 bool unit_can_reload(Unit *u) {
2062 assert(u);
2063
2064 if (UNIT_VTABLE(u)->can_reload)
2065 return UNIT_VTABLE(u)->can_reload(u);
2066
2067 if (unit_has_dependency(u, UNIT_ATOM_PROPAGATES_RELOAD_TO, NULL))
2068 return true;
2069
2070 return UNIT_VTABLE(u)->reload;
2071 }
2072
2073 bool unit_is_unneeded(Unit *u) {
2074 Unit *other;
2075 assert(u);
2076
2077 if (!u->stop_when_unneeded)
2078 return false;
2079
2080 /* Don't clean up while the unit is transitioning or is even inactive. */
2081 if (unit_active_state(u) != UNIT_ACTIVE)
2082 return false;
2083 if (u->job)
2084 return false;
2085
2086 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_PINS_STOP_WHEN_UNNEEDED) {
2087 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
2088 * restart, then don't clean this one up. */
2089
2090 if (other->job)
2091 return false;
2092
2093 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2094 return false;
2095
2096 if (unit_will_restart(other))
2097 return false;
2098 }
2099
2100 return true;
2101 }
2102
2103 bool unit_is_upheld_by_active(Unit *u, Unit **ret_culprit) {
2104 Unit *other;
2105
2106 assert(u);
2107
2108 /* Checks if the unit needs to be started because it currently is not running, but some other unit
2109 * that is active declared an Uphold= dependencies on it */
2110
2111 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)) || u->job) {
2112 if (ret_culprit)
2113 *ret_culprit = NULL;
2114 return false;
2115 }
2116
2117 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_START_STEADILY) {
2118 if (other->job)
2119 continue;
2120
2121 if (UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
2122 if (ret_culprit)
2123 *ret_culprit = other;
2124 return true;
2125 }
2126 }
2127
2128 if (ret_culprit)
2129 *ret_culprit = NULL;
2130 return false;
2131 }
2132
2133 bool unit_is_bound_by_inactive(Unit *u, Unit **ret_culprit) {
2134 Unit *other;
2135
2136 assert(u);
2137
2138 /* Checks whether this unit is bound to another unit that is inactive, i.e. whether we should stop
2139 * because the other unit is down. */
2140
2141 if (unit_active_state(u) != UNIT_ACTIVE || u->job) {
2142 /* Don't clean up while the unit is transitioning or is even inactive. */
2143 if (ret_culprit)
2144 *ret_culprit = NULL;
2145 return false;
2146 }
2147
2148 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
2149 if (other->job)
2150 continue;
2151
2152 if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other))) {
2153 if (ret_culprit)
2154 *ret_culprit = other;
2155
2156 return true;
2157 }
2158 }
2159
2160 if (ret_culprit)
2161 *ret_culprit = NULL;
2162 return false;
2163 }
2164
2165 static void check_unneeded_dependencies(Unit *u) {
2166 Unit *other;
2167 assert(u);
2168
2169 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2170
2171 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_STOP_WHEN_UNNEEDED_QUEUE)
2172 unit_submit_to_stop_when_unneeded_queue(other);
2173 }
2174
2175 static void check_uphold_dependencies(Unit *u) {
2176 Unit *other;
2177 assert(u);
2178
2179 /* Add all units this unit depends on to the queue that processes Uphold= behaviour. */
2180
2181 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_START_WHEN_UPHELD_QUEUE)
2182 unit_submit_to_start_when_upheld_queue(other);
2183 }
2184
2185 static void check_bound_by_dependencies(Unit *u) {
2186 Unit *other;
2187 assert(u);
2188
2189 /* Add all units this unit depends on to the queue that processes BindsTo= stop behaviour. */
2190
2191 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_CANNOT_BE_ACTIVE_WITHOUT_QUEUE)
2192 unit_submit_to_stop_when_bound_queue(other);
2193 }
2194
2195 static void retroactively_start_dependencies(Unit *u) {
2196 Unit *other;
2197
2198 assert(u);
2199 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2200
2201 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_REPLACE) /* Requires= + BindsTo= */
2202 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
2203 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2204 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL, NULL);
2205
2206 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_FAIL) /* Wants= */
2207 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
2208 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2209 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL, NULL);
2210
2211 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_START) /* Conflicts= (and inverse) */
2212 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2213 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
2214 }
2215
2216 static void retroactively_stop_dependencies(Unit *u) {
2217 Unit *other;
2218
2219 assert(u);
2220 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2221
2222 /* Pull down units which are bound to us recursively if enabled */
2223 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_STOP) /* BoundBy= */
2224 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2225 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
2226 }
2227
2228 void unit_start_on_failure(
2229 Unit *u,
2230 const char *dependency_name,
2231 UnitDependencyAtom atom,
2232 JobMode job_mode) {
2233
2234 int n_jobs = -1;
2235 Unit *other;
2236 int r;
2237
2238 assert(u);
2239 assert(dependency_name);
2240 assert(IN_SET(atom, UNIT_ATOM_ON_SUCCESS, UNIT_ATOM_ON_FAILURE));
2241
2242 /* Act on OnFailure= and OnSuccess= dependencies */
2243
2244 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
2245 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2246
2247 if (n_jobs < 0) {
2248 log_unit_info(u, "Triggering %s dependencies.", dependency_name);
2249 n_jobs = 0;
2250 }
2251
2252 r = manager_add_job(u->manager, JOB_START, other, job_mode, NULL, &error, NULL);
2253 if (r < 0)
2254 log_unit_warning_errno(
2255 u, r, "Failed to enqueue %s job, ignoring: %s",
2256 dependency_name, bus_error_message(&error, r));
2257 n_jobs ++;
2258 }
2259
2260 if (n_jobs >= 0)
2261 log_unit_debug(u, "Triggering %s dependencies done (%i %s).",
2262 dependency_name, n_jobs, n_jobs == 1 ? "job" : "jobs");
2263 }
2264
2265 void unit_trigger_notify(Unit *u) {
2266 Unit *other;
2267
2268 assert(u);
2269
2270 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_TRIGGERED_BY)
2271 if (UNIT_VTABLE(other)->trigger_notify)
2272 UNIT_VTABLE(other)->trigger_notify(other, u);
2273 }
2274
2275 static int raise_level(int log_level, bool condition_info, bool condition_notice) {
2276 if (condition_notice && log_level > LOG_NOTICE)
2277 return LOG_NOTICE;
2278 if (condition_info && log_level > LOG_INFO)
2279 return LOG_INFO;
2280 return log_level;
2281 }
2282
2283 static int unit_log_resources(Unit *u) {
2284 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + _CGROUP_IO_ACCOUNTING_METRIC_MAX + 4];
2285 bool any_traffic = false, have_ip_accounting = false, any_io = false, have_io_accounting = false;
2286 _cleanup_free_ char *igress = NULL, *egress = NULL, *rr = NULL, *wr = NULL;
2287 int log_level = LOG_DEBUG; /* May be raised if resources consumed over a threshold */
2288 size_t n_message_parts = 0, n_iovec = 0;
2289 char* message_parts[1 + 2 + 2 + 1], *t;
2290 nsec_t nsec = NSEC_INFINITY;
2291 int r;
2292 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2293 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2294 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2295 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2296 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2297 };
2298 const char* const io_fields[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
2299 [CGROUP_IO_READ_BYTES] = "IO_METRIC_READ_BYTES",
2300 [CGROUP_IO_WRITE_BYTES] = "IO_METRIC_WRITE_BYTES",
2301 [CGROUP_IO_READ_OPERATIONS] = "IO_METRIC_READ_OPERATIONS",
2302 [CGROUP_IO_WRITE_OPERATIONS] = "IO_METRIC_WRITE_OPERATIONS",
2303 };
2304
2305 assert(u);
2306
2307 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2308 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2309 * information and the complete data in structured fields. */
2310
2311 (void) unit_get_cpu_usage(u, &nsec);
2312 if (nsec != NSEC_INFINITY) {
2313 /* Format the CPU time for inclusion in the structured log message */
2314 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2315 r = log_oom();
2316 goto finish;
2317 }
2318 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2319
2320 /* Format the CPU time for inclusion in the human language message string */
2321 t = strjoin("consumed ", FORMAT_TIMESPAN(nsec / NSEC_PER_USEC, USEC_PER_MSEC), " CPU time");
2322 if (!t) {
2323 r = log_oom();
2324 goto finish;
2325 }
2326
2327 message_parts[n_message_parts++] = t;
2328
2329 log_level = raise_level(log_level,
2330 nsec > MENTIONWORTHY_CPU_NSEC,
2331 nsec > NOTICEWORTHY_CPU_NSEC);
2332 }
2333
2334 for (CGroupIOAccountingMetric k = 0; k < _CGROUP_IO_ACCOUNTING_METRIC_MAX; k++) {
2335 uint64_t value = UINT64_MAX;
2336
2337 assert(io_fields[k]);
2338
2339 (void) unit_get_io_accounting(u, k, k > 0, &value);
2340 if (value == UINT64_MAX)
2341 continue;
2342
2343 have_io_accounting = true;
2344 if (value > 0)
2345 any_io = true;
2346
2347 /* Format IO accounting data for inclusion in the structured log message */
2348 if (asprintf(&t, "%s=%" PRIu64, io_fields[k], value) < 0) {
2349 r = log_oom();
2350 goto finish;
2351 }
2352 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2353
2354 /* Format the IO accounting data for inclusion in the human language message string, but only
2355 * for the bytes counters (and not for the operations counters) */
2356 if (k == CGROUP_IO_READ_BYTES) {
2357 assert(!rr);
2358 rr = strjoin("read ", strna(FORMAT_BYTES(value)), " from disk");
2359 if (!rr) {
2360 r = log_oom();
2361 goto finish;
2362 }
2363 } else if (k == CGROUP_IO_WRITE_BYTES) {
2364 assert(!wr);
2365 wr = strjoin("written ", strna(FORMAT_BYTES(value)), " to disk");
2366 if (!wr) {
2367 r = log_oom();
2368 goto finish;
2369 }
2370 }
2371
2372 if (IN_SET(k, CGROUP_IO_READ_BYTES, CGROUP_IO_WRITE_BYTES))
2373 log_level = raise_level(log_level,
2374 value > MENTIONWORTHY_IO_BYTES,
2375 value > NOTICEWORTHY_IO_BYTES);
2376 }
2377
2378 if (have_io_accounting) {
2379 if (any_io) {
2380 if (rr)
2381 message_parts[n_message_parts++] = TAKE_PTR(rr);
2382 if (wr)
2383 message_parts[n_message_parts++] = TAKE_PTR(wr);
2384
2385 } else {
2386 char *k;
2387
2388 k = strdup("no IO");
2389 if (!k) {
2390 r = log_oom();
2391 goto finish;
2392 }
2393
2394 message_parts[n_message_parts++] = k;
2395 }
2396 }
2397
2398 for (CGroupIPAccountingMetric m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
2399 uint64_t value = UINT64_MAX;
2400
2401 assert(ip_fields[m]);
2402
2403 (void) unit_get_ip_accounting(u, m, &value);
2404 if (value == UINT64_MAX)
2405 continue;
2406
2407 have_ip_accounting = true;
2408 if (value > 0)
2409 any_traffic = true;
2410
2411 /* Format IP accounting data for inclusion in the structured log message */
2412 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2413 r = log_oom();
2414 goto finish;
2415 }
2416 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2417
2418 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2419 * bytes counters (and not for the packets counters) */
2420 if (m == CGROUP_IP_INGRESS_BYTES) {
2421 assert(!igress);
2422 igress = strjoin("received ", strna(FORMAT_BYTES(value)), " IP traffic");
2423 if (!igress) {
2424 r = log_oom();
2425 goto finish;
2426 }
2427 } else if (m == CGROUP_IP_EGRESS_BYTES) {
2428 assert(!egress);
2429 egress = strjoin("sent ", strna(FORMAT_BYTES(value)), " IP traffic");
2430 if (!egress) {
2431 r = log_oom();
2432 goto finish;
2433 }
2434 }
2435
2436 if (IN_SET(m, CGROUP_IP_INGRESS_BYTES, CGROUP_IP_EGRESS_BYTES))
2437 log_level = raise_level(log_level,
2438 value > MENTIONWORTHY_IP_BYTES,
2439 value > NOTICEWORTHY_IP_BYTES);
2440 }
2441
2442 /* This check is here because it is the earliest point following all possible log_level assignments. If
2443 * log_level is assigned anywhere after this point, move this check. */
2444 if (!unit_log_level_test(u, log_level)) {
2445 r = 0;
2446 goto finish;
2447 }
2448
2449 if (have_ip_accounting) {
2450 if (any_traffic) {
2451 if (igress)
2452 message_parts[n_message_parts++] = TAKE_PTR(igress);
2453 if (egress)
2454 message_parts[n_message_parts++] = TAKE_PTR(egress);
2455
2456 } else {
2457 char *k;
2458
2459 k = strdup("no IP traffic");
2460 if (!k) {
2461 r = log_oom();
2462 goto finish;
2463 }
2464
2465 message_parts[n_message_parts++] = k;
2466 }
2467 }
2468
2469 /* Is there any accounting data available at all? */
2470 if (n_iovec == 0) {
2471 r = 0;
2472 goto finish;
2473 }
2474
2475 if (n_message_parts == 0)
2476 t = strjoina("MESSAGE=", u->id, ": Completed.");
2477 else {
2478 _cleanup_free_ char *joined = NULL;
2479
2480 message_parts[n_message_parts] = NULL;
2481
2482 joined = strv_join(message_parts, ", ");
2483 if (!joined) {
2484 r = log_oom();
2485 goto finish;
2486 }
2487
2488 joined[0] = ascii_toupper(joined[0]);
2489 t = strjoina("MESSAGE=", u->id, ": ", joined, ".");
2490 }
2491
2492 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2493 * and hence don't increase n_iovec for them */
2494 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2495 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2496
2497 t = strjoina(u->manager->unit_log_field, u->id);
2498 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2499
2500 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2501 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2502
2503 log_unit_struct_iovec(u, log_level, iovec, n_iovec + 4);
2504 r = 0;
2505
2506 finish:
2507 for (size_t i = 0; i < n_message_parts; i++)
2508 free(message_parts[i]);
2509
2510 for (size_t i = 0; i < n_iovec; i++)
2511 free(iovec[i].iov_base);
2512
2513 return r;
2514
2515 }
2516
2517 static void unit_update_on_console(Unit *u) {
2518 bool b;
2519
2520 assert(u);
2521
2522 b = unit_needs_console(u);
2523 if (u->on_console == b)
2524 return;
2525
2526 u->on_console = b;
2527 if (b)
2528 manager_ref_console(u->manager);
2529 else
2530 manager_unref_console(u->manager);
2531 }
2532
2533 static void unit_emit_audit_start(Unit *u) {
2534 assert(u);
2535
2536 if (u->type != UNIT_SERVICE)
2537 return;
2538
2539 /* Write audit record if we have just finished starting up */
2540 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, true);
2541 u->in_audit = true;
2542 }
2543
2544 static void unit_emit_audit_stop(Unit *u, UnitActiveState state) {
2545 assert(u);
2546
2547 if (u->type != UNIT_SERVICE)
2548 return;
2549
2550 if (u->in_audit) {
2551 /* Write audit record if we have just finished shutting down */
2552 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, state == UNIT_INACTIVE);
2553 u->in_audit = false;
2554 } else {
2555 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2556 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, state == UNIT_INACTIVE);
2557
2558 if (state == UNIT_INACTIVE)
2559 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, true);
2560 }
2561 }
2562
2563 static bool unit_process_job(Job *j, UnitActiveState ns, UnitNotifyFlags flags) {
2564 bool unexpected = false;
2565 JobResult result;
2566
2567 assert(j);
2568
2569 if (j->state == JOB_WAITING)
2570
2571 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2572 * due to EAGAIN. */
2573 job_add_to_run_queue(j);
2574
2575 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2576 * hence needs to invalidate jobs. */
2577
2578 switch (j->type) {
2579
2580 case JOB_START:
2581 case JOB_VERIFY_ACTIVE:
2582
2583 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2584 job_finish_and_invalidate(j, JOB_DONE, true, false);
2585 else if (j->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2586 unexpected = true;
2587
2588 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2589 if (ns == UNIT_FAILED)
2590 result = JOB_FAILED;
2591 else
2592 result = JOB_DONE;
2593
2594 job_finish_and_invalidate(j, result, true, false);
2595 }
2596 }
2597
2598 break;
2599
2600 case JOB_RELOAD:
2601 case JOB_RELOAD_OR_START:
2602 case JOB_TRY_RELOAD:
2603
2604 if (j->state == JOB_RUNNING) {
2605 if (ns == UNIT_ACTIVE)
2606 job_finish_and_invalidate(j, (flags & UNIT_NOTIFY_RELOAD_FAILURE) ? JOB_FAILED : JOB_DONE, true, false);
2607 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2608 unexpected = true;
2609
2610 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2611 job_finish_and_invalidate(j, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2612 }
2613 }
2614
2615 break;
2616
2617 case JOB_STOP:
2618 case JOB_RESTART:
2619 case JOB_TRY_RESTART:
2620
2621 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2622 job_finish_and_invalidate(j, JOB_DONE, true, false);
2623 else if (j->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2624 unexpected = true;
2625 job_finish_and_invalidate(j, JOB_FAILED, true, false);
2626 }
2627
2628 break;
2629
2630 default:
2631 assert_not_reached();
2632 }
2633
2634 return unexpected;
2635 }
2636
2637 void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, UnitNotifyFlags flags) {
2638 const char *reason;
2639 Manager *m;
2640
2641 assert(u);
2642 assert(os < _UNIT_ACTIVE_STATE_MAX);
2643 assert(ns < _UNIT_ACTIVE_STATE_MAX);
2644
2645 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2646 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2647 * remounted this function will be called too! */
2648
2649 m = u->manager;
2650
2651 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2652 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2653 unit_add_to_dbus_queue(u);
2654
2655 /* Update systemd-oomd on the property/state change */
2656 if (os != ns) {
2657 /* Always send an update if the unit is going into an inactive state so systemd-oomd knows to stop
2658 * monitoring.
2659 * Also send an update whenever the unit goes active; this is to handle a case where an override file
2660 * sets one of the ManagedOOM*= properties to "kill", then later removes it. systemd-oomd needs to
2661 * know to stop monitoring when the unit changes from "kill" -> "auto" on daemon-reload, but we don't
2662 * have the information on the property. Thus, indiscriminately send an update. */
2663 if (UNIT_IS_INACTIVE_OR_FAILED(ns) || UNIT_IS_ACTIVE_OR_RELOADING(ns))
2664 (void) manager_varlink_send_managed_oom_update(u);
2665 }
2666
2667 /* Update timestamps for state changes */
2668 if (!MANAGER_IS_RELOADING(m)) {
2669 dual_timestamp_get(&u->state_change_timestamp);
2670
2671 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
2672 u->inactive_exit_timestamp = u->state_change_timestamp;
2673 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
2674 u->inactive_enter_timestamp = u->state_change_timestamp;
2675
2676 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
2677 u->active_enter_timestamp = u->state_change_timestamp;
2678 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
2679 u->active_exit_timestamp = u->state_change_timestamp;
2680 }
2681
2682 /* Keep track of failed units */
2683 (void) manager_update_failed_units(m, u, ns == UNIT_FAILED);
2684
2685 /* Make sure the cgroup and state files are always removed when we become inactive */
2686 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2687 SET_FLAG(u->markers,
2688 (1u << UNIT_MARKER_NEEDS_RELOAD)|(1u << UNIT_MARKER_NEEDS_RESTART),
2689 false);
2690 unit_prune_cgroup(u);
2691 unit_unlink_state_files(u);
2692 } else if (ns != os && ns == UNIT_RELOADING)
2693 SET_FLAG(u->markers, 1u << UNIT_MARKER_NEEDS_RELOAD, false);
2694
2695 unit_update_on_console(u);
2696
2697 if (!MANAGER_IS_RELOADING(m)) {
2698 bool unexpected;
2699
2700 /* Let's propagate state changes to the job */
2701 if (u->job)
2702 unexpected = unit_process_job(u->job, ns, flags);
2703 else
2704 unexpected = true;
2705
2706 /* If this state change happened without being requested by a job, then let's retroactively start or
2707 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2708 * additional jobs just because something is already activated. */
2709
2710 if (unexpected) {
2711 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2712 retroactively_start_dependencies(u);
2713 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2714 retroactively_stop_dependencies(u);
2715 }
2716
2717 if (ns != os && ns == UNIT_FAILED) {
2718 log_unit_debug(u, "Unit entered failed state.");
2719
2720 if (!(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
2721 unit_start_on_failure(u, "OnFailure=", UNIT_ATOM_ON_FAILURE, u->on_failure_job_mode);
2722 }
2723
2724 if (UNIT_IS_ACTIVE_OR_RELOADING(ns) && !UNIT_IS_ACTIVE_OR_RELOADING(os)) {
2725 /* This unit just finished starting up */
2726
2727 unit_emit_audit_start(u);
2728 manager_send_unit_plymouth(m, u);
2729 }
2730
2731 if (UNIT_IS_INACTIVE_OR_FAILED(ns) && !UNIT_IS_INACTIVE_OR_FAILED(os)) {
2732 /* This unit just stopped/failed. */
2733
2734 unit_emit_audit_stop(u, ns);
2735 unit_log_resources(u);
2736 }
2737
2738 if (ns == UNIT_INACTIVE && !IN_SET(os, UNIT_FAILED, UNIT_INACTIVE, UNIT_MAINTENANCE) &&
2739 !(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
2740 unit_start_on_failure(u, "OnSuccess=", UNIT_ATOM_ON_SUCCESS, u->on_success_job_mode);
2741 }
2742
2743 manager_recheck_journal(m);
2744 manager_recheck_dbus(m);
2745
2746 unit_trigger_notify(u);
2747
2748 if (!MANAGER_IS_RELOADING(m)) {
2749 if (os != UNIT_FAILED && ns == UNIT_FAILED) {
2750 reason = strjoina("unit ", u->id, " failed");
2751 emergency_action(m, u->failure_action, 0, u->reboot_arg, unit_failure_action_exit_status(u), reason);
2752 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE) {
2753 reason = strjoina("unit ", u->id, " succeeded");
2754 emergency_action(m, u->success_action, 0, u->reboot_arg, unit_success_action_exit_status(u), reason);
2755 }
2756 }
2757
2758 /* And now, add the unit or depending units to various queues that will act on the new situation if
2759 * needed. These queues generally check for continuous state changes rather than events (like most of
2760 * the state propagation above), and do work deferred instead of instantly, since they typically
2761 * don't want to run during reloading, and usually involve checking combined state of multiple units
2762 * at once. */
2763
2764 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2765 /* Stop unneeded units and bound-by units regardless if going down was expected or not */
2766 check_unneeded_dependencies(u);
2767 check_bound_by_dependencies(u);
2768
2769 /* Maybe someone wants us to remain up? */
2770 unit_submit_to_start_when_upheld_queue(u);
2771
2772 /* Maybe the unit should be GC'ed now? */
2773 unit_add_to_gc_queue(u);
2774 }
2775
2776 if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
2777 /* Start uphold units regardless if going up was expected or not */
2778 check_uphold_dependencies(u);
2779
2780 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2781 unit_submit_to_stop_when_unneeded_queue(u);
2782
2783 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens
2784 * when something BindsTo= to a Type=oneshot unit, as these units go directly from starting to
2785 * inactive, without ever entering started.) */
2786 unit_submit_to_stop_when_bound_queue(u);
2787 }
2788 }
2789
2790 int unit_watch_pid(Unit *u, pid_t pid, bool exclusive) {
2791 int r;
2792
2793 assert(u);
2794 assert(pid_is_valid(pid));
2795
2796 /* Watch a specific PID */
2797
2798 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2799 * opportunity to remove any stalled references to this PID as they can be created
2800 * easily (when watching a process which is not our direct child). */
2801 if (exclusive)
2802 manager_unwatch_pid(u->manager, pid);
2803
2804 r = set_ensure_allocated(&u->pids, NULL);
2805 if (r < 0)
2806 return r;
2807
2808 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
2809 if (r < 0)
2810 return r;
2811
2812 /* First try, let's add the unit keyed by "pid". */
2813 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2814 if (r == -EEXIST) {
2815 Unit **array;
2816 bool found = false;
2817 size_t n = 0;
2818
2819 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2820 * to an array of Units rather than just a Unit), lists us already. */
2821
2822 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2823 if (array)
2824 for (; array[n]; n++)
2825 if (array[n] == u)
2826 found = true;
2827
2828 if (found) /* Found it already? if so, do nothing */
2829 r = 0;
2830 else {
2831 Unit **new_array;
2832
2833 /* Allocate a new array */
2834 new_array = new(Unit*, n + 2);
2835 if (!new_array)
2836 return -ENOMEM;
2837
2838 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2839 new_array[n] = u;
2840 new_array[n+1] = NULL;
2841
2842 /* Add or replace the old array */
2843 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2844 if (r < 0) {
2845 free(new_array);
2846 return r;
2847 }
2848
2849 free(array);
2850 }
2851 } else if (r < 0)
2852 return r;
2853
2854 r = set_put(u->pids, PID_TO_PTR(pid));
2855 if (r < 0)
2856 return r;
2857
2858 return 0;
2859 }
2860
2861 void unit_unwatch_pid(Unit *u, pid_t pid) {
2862 Unit **array;
2863
2864 assert(u);
2865 assert(pid_is_valid(pid));
2866
2867 /* First let's drop the unit in case it's keyed as "pid". */
2868 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2869
2870 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2871 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2872 if (array) {
2873 /* Let's iterate through the array, dropping our own entry */
2874
2875 size_t m = 0;
2876 for (size_t n = 0; array[n]; n++)
2877 if (array[n] != u)
2878 array[m++] = array[n];
2879 array[m] = NULL;
2880
2881 if (m == 0) {
2882 /* The array is now empty, remove the entire entry */
2883 assert_se(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
2884 free(array);
2885 }
2886 }
2887
2888 (void) set_remove(u->pids, PID_TO_PTR(pid));
2889 }
2890
2891 void unit_unwatch_all_pids(Unit *u) {
2892 assert(u);
2893
2894 while (!set_isempty(u->pids))
2895 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
2896
2897 u->pids = set_free(u->pids);
2898 }
2899
2900 static void unit_tidy_watch_pids(Unit *u) {
2901 pid_t except1, except2;
2902 void *e;
2903
2904 assert(u);
2905
2906 /* Cleans dead PIDs from our list */
2907
2908 except1 = unit_main_pid(u);
2909 except2 = unit_control_pid(u);
2910
2911 SET_FOREACH(e, u->pids) {
2912 pid_t pid = PTR_TO_PID(e);
2913
2914 if (pid == except1 || pid == except2)
2915 continue;
2916
2917 if (!pid_is_unwaited(pid))
2918 unit_unwatch_pid(u, pid);
2919 }
2920 }
2921
2922 static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
2923 Unit *u = ASSERT_PTR(userdata);
2924
2925 assert(s);
2926
2927 unit_tidy_watch_pids(u);
2928 unit_watch_all_pids(u);
2929
2930 /* If the PID set is empty now, then let's finish this off. */
2931 unit_synthesize_cgroup_empty_event(u);
2932
2933 return 0;
2934 }
2935
2936 int unit_enqueue_rewatch_pids(Unit *u) {
2937 int r;
2938
2939 assert(u);
2940
2941 if (!u->cgroup_path)
2942 return -ENOENT;
2943
2944 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
2945 if (r < 0)
2946 return r;
2947 if (r > 0) /* On unified we can use proper notifications */
2948 return 0;
2949
2950 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2951 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2952 * involves issuing kill(pid, 0) on all processes we watch. */
2953
2954 if (!u->rewatch_pids_event_source) {
2955 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
2956
2957 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
2958 if (r < 0)
2959 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
2960
2961 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
2962 if (r < 0)
2963 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: %m");
2964
2965 (void) sd_event_source_set_description(s, "tidy-watch-pids");
2966
2967 u->rewatch_pids_event_source = TAKE_PTR(s);
2968 }
2969
2970 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
2971 if (r < 0)
2972 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
2973
2974 return 0;
2975 }
2976
2977 void unit_dequeue_rewatch_pids(Unit *u) {
2978 int r;
2979 assert(u);
2980
2981 if (!u->rewatch_pids_event_source)
2982 return;
2983
2984 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
2985 if (r < 0)
2986 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2987
2988 u->rewatch_pids_event_source = sd_event_source_disable_unref(u->rewatch_pids_event_source);
2989 }
2990
2991 bool unit_job_is_applicable(Unit *u, JobType j) {
2992 assert(u);
2993 assert(j >= 0 && j < _JOB_TYPE_MAX);
2994
2995 switch (j) {
2996
2997 case JOB_VERIFY_ACTIVE:
2998 case JOB_START:
2999 case JOB_NOP:
3000 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
3001 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
3002 * jobs for it. */
3003 return true;
3004
3005 case JOB_STOP:
3006 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
3007 * external events), hence it makes no sense to permit enqueuing such a request either. */
3008 return !u->perpetual;
3009
3010 case JOB_RESTART:
3011 case JOB_TRY_RESTART:
3012 return unit_can_stop(u) && unit_can_start(u);
3013
3014 case JOB_RELOAD:
3015 case JOB_TRY_RELOAD:
3016 return unit_can_reload(u);
3017
3018 case JOB_RELOAD_OR_START:
3019 return unit_can_reload(u) && unit_can_start(u);
3020
3021 default:
3022 assert_not_reached();
3023 }
3024 }
3025
3026 int unit_add_dependency(
3027 Unit *u,
3028 UnitDependency d,
3029 Unit *other,
3030 bool add_reference,
3031 UnitDependencyMask mask) {
3032
3033 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
3034 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
3035 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
3036 [UNIT_WANTS] = UNIT_WANTED_BY,
3037 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
3038 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
3039 [UNIT_UPHOLDS] = UNIT_UPHELD_BY,
3040 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
3041 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
3042 [UNIT_WANTED_BY] = UNIT_WANTS,
3043 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
3044 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
3045 [UNIT_UPHELD_BY] = UNIT_UPHOLDS,
3046 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
3047 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
3048 [UNIT_BEFORE] = UNIT_AFTER,
3049 [UNIT_AFTER] = UNIT_BEFORE,
3050 [UNIT_ON_SUCCESS] = UNIT_ON_SUCCESS_OF,
3051 [UNIT_ON_SUCCESS_OF] = UNIT_ON_SUCCESS,
3052 [UNIT_ON_FAILURE] = UNIT_ON_FAILURE_OF,
3053 [UNIT_ON_FAILURE_OF] = UNIT_ON_FAILURE,
3054 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
3055 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
3056 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
3057 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
3058 [UNIT_PROPAGATES_STOP_TO] = UNIT_STOP_PROPAGATED_FROM,
3059 [UNIT_STOP_PROPAGATED_FROM] = UNIT_PROPAGATES_STOP_TO,
3060 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF, /* symmetric! 👓 */
3061 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
3062 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
3063 [UNIT_IN_SLICE] = UNIT_SLICE_OF,
3064 [UNIT_SLICE_OF] = UNIT_IN_SLICE,
3065 };
3066 UnitDependencyAtom a;
3067 int r;
3068
3069 /* Helper to know whether sending a notification is necessary or not: if the dependency is already
3070 * there, no need to notify! */
3071 bool notify, notify_other = false;
3072
3073 assert(u);
3074 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
3075 assert(other);
3076
3077 u = unit_follow_merge(u);
3078 other = unit_follow_merge(other);
3079 a = unit_dependency_to_atom(d);
3080 assert(a >= 0);
3081
3082 /* We won't allow dependencies on ourselves. We will not consider them an error however. */
3083 if (u == other) {
3084 if (unit_should_warn_about_dependency(d))
3085 log_unit_warning(u, "Dependency %s=%s is dropped.",
3086 unit_dependency_to_string(d), u->id);
3087 return 0;
3088 }
3089
3090 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3091 return 0;
3092
3093 /* Note that ordering a device unit after a unit is permitted since it allows to start its job
3094 * running timeout at a specific time. */
3095 if (FLAGS_SET(a, UNIT_ATOM_BEFORE) && other->type == UNIT_DEVICE) {
3096 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
3097 return 0;
3098 }
3099
3100 if (FLAGS_SET(a, UNIT_ATOM_ON_FAILURE) && !UNIT_VTABLE(u)->can_fail) {
3101 log_unit_warning(u, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other->id, unit_type_to_string(u->type));
3102 return 0;
3103 }
3104
3105 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERS) && !UNIT_VTABLE(u)->can_trigger)
3106 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3107 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(u->type));
3108 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERED_BY) && !UNIT_VTABLE(other)->can_trigger)
3109 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3110 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(other->type));
3111
3112 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && other->type != UNIT_SLICE)
3113 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3114 "Requested dependency Slice=%s refused (%s is not a slice unit).", other->id, other->id);
3115 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && u->type != UNIT_SLICE)
3116 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3117 "Requested dependency SliceOf=%s refused (%s is not a slice unit).", other->id, u->id);
3118
3119 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && !UNIT_HAS_CGROUP_CONTEXT(u))
3120 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3121 "Requested dependency Slice=%s refused (%s is not a cgroup unit).", other->id, u->id);
3122
3123 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && !UNIT_HAS_CGROUP_CONTEXT(other))
3124 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3125 "Requested dependency SliceOf=%s refused (%s is not a cgroup unit).", other->id, other->id);
3126
3127 r = unit_add_dependency_hashmap(&u->dependencies, d, other, mask, 0);
3128 if (r < 0)
3129 return r;
3130 notify = r > 0;
3131
3132 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
3133 r = unit_add_dependency_hashmap(&other->dependencies, inverse_table[d], u, 0, mask);
3134 if (r < 0)
3135 return r;
3136 notify_other = r > 0;
3137 }
3138
3139 if (add_reference) {
3140 r = unit_add_dependency_hashmap(&u->dependencies, UNIT_REFERENCES, other, mask, 0);
3141 if (r < 0)
3142 return r;
3143 notify = notify || r > 0;
3144
3145 r = unit_add_dependency_hashmap(&other->dependencies, UNIT_REFERENCED_BY, u, 0, mask);
3146 if (r < 0)
3147 return r;
3148 notify_other = notify_other || r > 0;
3149 }
3150
3151 if (notify)
3152 unit_add_to_dbus_queue(u);
3153 if (notify_other)
3154 unit_add_to_dbus_queue(other);
3155
3156 return notify || notify_other;
3157 }
3158
3159 int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
3160 int r, s;
3161
3162 assert(u);
3163
3164 r = unit_add_dependency(u, d, other, add_reference, mask);
3165 if (r < 0)
3166 return r;
3167
3168 s = unit_add_dependency(u, e, other, add_reference, mask);
3169 if (s < 0)
3170 return s;
3171
3172 return r > 0 || s > 0;
3173 }
3174
3175 static int resolve_template(Unit *u, const char *name, char **buf, const char **ret) {
3176 int r;
3177
3178 assert(u);
3179 assert(name);
3180 assert(buf);
3181 assert(ret);
3182
3183 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
3184 *buf = NULL;
3185 *ret = name;
3186 return 0;
3187 }
3188
3189 if (u->instance)
3190 r = unit_name_replace_instance(name, u->instance, buf);
3191 else {
3192 _cleanup_free_ char *i = NULL;
3193
3194 r = unit_name_to_prefix(u->id, &i);
3195 if (r < 0)
3196 return r;
3197
3198 r = unit_name_replace_instance(name, i, buf);
3199 }
3200 if (r < 0)
3201 return r;
3202
3203 *ret = *buf;
3204 return 0;
3205 }
3206
3207 int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, bool add_reference, UnitDependencyMask mask) {
3208 _cleanup_free_ char *buf = NULL;
3209 Unit *other;
3210 int r;
3211
3212 assert(u);
3213 assert(name);
3214
3215 r = resolve_template(u, name, &buf, &name);
3216 if (r < 0)
3217 return r;
3218
3219 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3220 return 0;
3221
3222 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3223 if (r < 0)
3224 return r;
3225
3226 return unit_add_dependency(u, d, other, add_reference, mask);
3227 }
3228
3229 int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, bool add_reference, UnitDependencyMask mask) {
3230 _cleanup_free_ char *buf = NULL;
3231 Unit *other;
3232 int r;
3233
3234 assert(u);
3235 assert(name);
3236
3237 r = resolve_template(u, name, &buf, &name);
3238 if (r < 0)
3239 return r;
3240
3241 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3242 return 0;
3243
3244 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3245 if (r < 0)
3246 return r;
3247
3248 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
3249 }
3250
3251 int set_unit_path(const char *p) {
3252 /* This is mostly for debug purposes */
3253 return RET_NERRNO(setenv("SYSTEMD_UNIT_PATH", p, 1));
3254 }
3255
3256 char *unit_dbus_path(Unit *u) {
3257 assert(u);
3258
3259 if (!u->id)
3260 return NULL;
3261
3262 return unit_dbus_path_from_name(u->id);
3263 }
3264
3265 char *unit_dbus_path_invocation_id(Unit *u) {
3266 assert(u);
3267
3268 if (sd_id128_is_null(u->invocation_id))
3269 return NULL;
3270
3271 return unit_dbus_path_from_name(u->invocation_id_string);
3272 }
3273
3274 int unit_set_invocation_id(Unit *u, sd_id128_t id) {
3275 int r;
3276
3277 assert(u);
3278
3279 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
3280
3281 if (sd_id128_equal(u->invocation_id, id))
3282 return 0;
3283
3284 if (!sd_id128_is_null(u->invocation_id))
3285 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
3286
3287 if (sd_id128_is_null(id)) {
3288 r = 0;
3289 goto reset;
3290 }
3291
3292 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
3293 if (r < 0)
3294 goto reset;
3295
3296 u->invocation_id = id;
3297 sd_id128_to_string(id, u->invocation_id_string);
3298
3299 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
3300 if (r < 0)
3301 goto reset;
3302
3303 return 0;
3304
3305 reset:
3306 u->invocation_id = SD_ID128_NULL;
3307 u->invocation_id_string[0] = 0;
3308 return r;
3309 }
3310
3311 int unit_set_slice(Unit *u, Unit *slice) {
3312 int r;
3313
3314 assert(u);
3315 assert(slice);
3316
3317 /* Sets the unit slice if it has not been set before. Is extra careful, to only allow this for units
3318 * that actually have a cgroup context. Also, we don't allow to set this for slices (since the parent
3319 * slice is derived from the name). Make sure the unit we set is actually a slice. */
3320
3321 if (!UNIT_HAS_CGROUP_CONTEXT(u))
3322 return -EOPNOTSUPP;
3323
3324 if (u->type == UNIT_SLICE)
3325 return -EINVAL;
3326
3327 if (unit_active_state(u) != UNIT_INACTIVE)
3328 return -EBUSY;
3329
3330 if (slice->type != UNIT_SLICE)
3331 return -EINVAL;
3332
3333 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3334 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3335 return -EPERM;
3336
3337 if (UNIT_GET_SLICE(u) == slice)
3338 return 0;
3339
3340 /* Disallow slice changes if @u is already bound to cgroups */
3341 if (UNIT_GET_SLICE(u) && u->cgroup_realized)
3342 return -EBUSY;
3343
3344 /* Remove any slices assigned prior; we should only have one UNIT_IN_SLICE dependency */
3345 if (UNIT_GET_SLICE(u))
3346 unit_remove_dependencies(u, UNIT_DEPENDENCY_SLICE_PROPERTY);
3347
3348 r = unit_add_dependency(u, UNIT_IN_SLICE, slice, true, UNIT_DEPENDENCY_SLICE_PROPERTY);
3349 if (r < 0)
3350 return r;
3351
3352 return 1;
3353 }
3354
3355 int unit_set_default_slice(Unit *u) {
3356 const char *slice_name;
3357 Unit *slice;
3358 int r;
3359
3360 assert(u);
3361
3362 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3363 return 0;
3364
3365 if (UNIT_GET_SLICE(u))
3366 return 0;
3367
3368 if (u->instance) {
3369 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
3370
3371 /* Implicitly place all instantiated units in their
3372 * own per-template slice */
3373
3374 r = unit_name_to_prefix(u->id, &prefix);
3375 if (r < 0)
3376 return r;
3377
3378 /* The prefix is already escaped, but it might include
3379 * "-" which has a special meaning for slice units,
3380 * hence escape it here extra. */
3381 escaped = unit_name_escape(prefix);
3382 if (!escaped)
3383 return -ENOMEM;
3384
3385 if (MANAGER_IS_SYSTEM(u->manager))
3386 slice_name = strjoina("system-", escaped, ".slice");
3387 else
3388 slice_name = strjoina("app-", escaped, ".slice");
3389
3390 } else if (unit_is_extrinsic(u))
3391 /* Keep all extrinsic units (e.g. perpetual units and swap and mount units in user mode) in
3392 * the root slice. They don't really belong in one of the subslices. */
3393 slice_name = SPECIAL_ROOT_SLICE;
3394
3395 else if (MANAGER_IS_SYSTEM(u->manager))
3396 slice_name = SPECIAL_SYSTEM_SLICE;
3397 else
3398 slice_name = SPECIAL_APP_SLICE;
3399
3400 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
3401 if (r < 0)
3402 return r;
3403
3404 return unit_set_slice(u, slice);
3405 }
3406
3407 const char *unit_slice_name(Unit *u) {
3408 Unit *slice;
3409 assert(u);
3410
3411 slice = UNIT_GET_SLICE(u);
3412 if (!slice)
3413 return NULL;
3414
3415 return slice->id;
3416 }
3417
3418 int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
3419 _cleanup_free_ char *t = NULL;
3420 int r;
3421
3422 assert(u);
3423 assert(type);
3424 assert(_found);
3425
3426 r = unit_name_change_suffix(u->id, type, &t);
3427 if (r < 0)
3428 return r;
3429 if (unit_has_name(u, t))
3430 return -EINVAL;
3431
3432 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
3433 assert(r < 0 || *_found != u);
3434 return r;
3435 }
3436
3437 static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3438 const char *new_owner;
3439 Unit *u = ASSERT_PTR(userdata);
3440 int r;
3441
3442 assert(message);
3443
3444 r = sd_bus_message_read(message, "sss", NULL, NULL, &new_owner);
3445 if (r < 0) {
3446 bus_log_parse_error(r);
3447 return 0;
3448 }
3449
3450 if (UNIT_VTABLE(u)->bus_name_owner_change)
3451 UNIT_VTABLE(u)->bus_name_owner_change(u, empty_to_null(new_owner));
3452
3453 return 0;
3454 }
3455
3456 static int get_name_owner_handler(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3457 const sd_bus_error *e;
3458 const char *new_owner;
3459 Unit *u = ASSERT_PTR(userdata);
3460 int r;
3461
3462 assert(message);
3463
3464 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3465
3466 e = sd_bus_message_get_error(message);
3467 if (e) {
3468 if (!sd_bus_error_has_name(e, SD_BUS_ERROR_NAME_HAS_NO_OWNER)) {
3469 r = sd_bus_error_get_errno(e);
3470 log_unit_error_errno(u, r,
3471 "Unexpected error response from GetNameOwner(): %s",
3472 bus_error_message(e, r));
3473 }
3474
3475 new_owner = NULL;
3476 } else {
3477 r = sd_bus_message_read(message, "s", &new_owner);
3478 if (r < 0)
3479 return bus_log_parse_error(r);
3480
3481 assert(!isempty(new_owner));
3482 }
3483
3484 if (UNIT_VTABLE(u)->bus_name_owner_change)
3485 UNIT_VTABLE(u)->bus_name_owner_change(u, new_owner);
3486
3487 return 0;
3488 }
3489
3490 int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3491 const char *match;
3492 int r;
3493
3494 assert(u);
3495 assert(bus);
3496 assert(name);
3497
3498 if (u->match_bus_slot || u->get_name_owner_slot)
3499 return -EBUSY;
3500
3501 match = strjoina("type='signal',"
3502 "sender='org.freedesktop.DBus',"
3503 "path='/org/freedesktop/DBus',"
3504 "interface='org.freedesktop.DBus',"
3505 "member='NameOwnerChanged',"
3506 "arg0='", name, "'");
3507
3508 r = sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
3509 if (r < 0)
3510 return r;
3511
3512 r = sd_bus_call_method_async(
3513 bus,
3514 &u->get_name_owner_slot,
3515 "org.freedesktop.DBus",
3516 "/org/freedesktop/DBus",
3517 "org.freedesktop.DBus",
3518 "GetNameOwner",
3519 get_name_owner_handler,
3520 u,
3521 "s", name);
3522 if (r < 0) {
3523 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3524 return r;
3525 }
3526
3527 log_unit_debug(u, "Watching D-Bus name '%s'.", name);
3528 return 0;
3529 }
3530
3531 int unit_watch_bus_name(Unit *u, const char *name) {
3532 int r;
3533
3534 assert(u);
3535 assert(name);
3536
3537 /* Watch a specific name on the bus. We only support one unit
3538 * watching each name for now. */
3539
3540 if (u->manager->api_bus) {
3541 /* If the bus is already available, install the match directly.
3542 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3543 r = unit_install_bus_match(u, u->manager->api_bus, name);
3544 if (r < 0)
3545 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
3546 }
3547
3548 r = hashmap_put(u->manager->watch_bus, name, u);
3549 if (r < 0) {
3550 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3551 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3552 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3553 }
3554
3555 return 0;
3556 }
3557
3558 void unit_unwatch_bus_name(Unit *u, const char *name) {
3559 assert(u);
3560 assert(name);
3561
3562 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
3563 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3564 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3565 }
3566
3567 int unit_add_node_dependency(Unit *u, const char *what, UnitDependency dep, UnitDependencyMask mask) {
3568 _cleanup_free_ char *e = NULL;
3569 Unit *device;
3570 int r;
3571
3572 assert(u);
3573
3574 /* Adds in links to the device node that this unit is based on */
3575 if (isempty(what))
3576 return 0;
3577
3578 if (!is_device_path(what))
3579 return 0;
3580
3581 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
3582 if (!unit_type_supported(UNIT_DEVICE))
3583 return 0;
3584
3585 r = unit_name_from_path(what, ".device", &e);
3586 if (r < 0)
3587 return r;
3588
3589 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
3590 if (r < 0)
3591 return r;
3592
3593 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3594 dep = UNIT_BINDS_TO;
3595
3596 return unit_add_two_dependencies(u, UNIT_AFTER,
3597 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3598 device, true, mask);
3599 }
3600
3601 int unit_add_blockdev_dependency(Unit *u, const char *what, UnitDependencyMask mask) {
3602 _cleanup_free_ char *escaped = NULL, *target = NULL;
3603 int r;
3604
3605 assert(u);
3606
3607 if (isempty(what))
3608 return 0;
3609
3610 if (!path_startswith(what, "/dev/"))
3611 return 0;
3612
3613 /* If we don't support devices, then also don't bother with blockdev@.target */
3614 if (!unit_type_supported(UNIT_DEVICE))
3615 return 0;
3616
3617 r = unit_name_path_escape(what, &escaped);
3618 if (r < 0)
3619 return r;
3620
3621 r = unit_name_build("blockdev", escaped, ".target", &target);
3622 if (r < 0)
3623 return r;
3624
3625 return unit_add_dependency_by_name(u, UNIT_AFTER, target, true, mask);
3626 }
3627
3628 int unit_coldplug(Unit *u) {
3629 int r = 0, q;
3630
3631 assert(u);
3632
3633 /* Make sure we don't enter a loop, when coldplugging recursively. */
3634 if (u->coldplugged)
3635 return 0;
3636
3637 u->coldplugged = true;
3638
3639 STRV_FOREACH(i, u->deserialized_refs) {
3640 q = bus_unit_track_add_name(u, *i);
3641 if (q < 0 && r >= 0)
3642 r = q;
3643 }
3644 u->deserialized_refs = strv_free(u->deserialized_refs);
3645
3646 if (UNIT_VTABLE(u)->coldplug) {
3647 q = UNIT_VTABLE(u)->coldplug(u);
3648 if (q < 0 && r >= 0)
3649 r = q;
3650 }
3651
3652 if (u->job) {
3653 q = job_coldplug(u->job);
3654 if (q < 0 && r >= 0)
3655 r = q;
3656 }
3657 if (u->nop_job) {
3658 q = job_coldplug(u->nop_job);
3659 if (q < 0 && r >= 0)
3660 r = q;
3661 }
3662
3663 return r;
3664 }
3665
3666 void unit_catchup(Unit *u) {
3667 assert(u);
3668
3669 if (UNIT_VTABLE(u)->catchup)
3670 UNIT_VTABLE(u)->catchup(u);
3671
3672 unit_cgroup_catchup(u);
3673 }
3674
3675 static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
3676 struct stat st;
3677
3678 if (!path)
3679 return false;
3680
3681 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3682 * are never out-of-date. */
3683 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3684 return false;
3685
3686 if (stat(path, &st) < 0)
3687 /* What, cannot access this anymore? */
3688 return true;
3689
3690 if (path_masked)
3691 /* For masked files check if they are still so */
3692 return !null_or_empty(&st);
3693 else
3694 /* For non-empty files check the mtime */
3695 return timespec_load(&st.st_mtim) > mtime;
3696
3697 return false;
3698 }
3699
3700 bool unit_need_daemon_reload(Unit *u) {
3701 _cleanup_strv_free_ char **t = NULL;
3702
3703 assert(u);
3704
3705 /* For unit files, we allow masking… */
3706 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3707 u->load_state == UNIT_MASKED))
3708 return true;
3709
3710 /* Source paths should not be masked… */
3711 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
3712 return true;
3713
3714 if (u->load_state == UNIT_LOADED)
3715 (void) unit_find_dropin_paths(u, &t);
3716 if (!strv_equal(u->dropin_paths, t))
3717 return true;
3718
3719 /* … any drop-ins that are masked are simply omitted from the list. */
3720 STRV_FOREACH(path, u->dropin_paths)
3721 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
3722 return true;
3723
3724 return false;
3725 }
3726
3727 void unit_reset_failed(Unit *u) {
3728 assert(u);
3729
3730 if (UNIT_VTABLE(u)->reset_failed)
3731 UNIT_VTABLE(u)->reset_failed(u);
3732
3733 ratelimit_reset(&u->start_ratelimit);
3734 u->start_limit_hit = false;
3735 }
3736
3737 Unit *unit_following(Unit *u) {
3738 assert(u);
3739
3740 if (UNIT_VTABLE(u)->following)
3741 return UNIT_VTABLE(u)->following(u);
3742
3743 return NULL;
3744 }
3745
3746 bool unit_stop_pending(Unit *u) {
3747 assert(u);
3748
3749 /* This call does check the current state of the unit. It's
3750 * hence useful to be called from state change calls of the
3751 * unit itself, where the state isn't updated yet. This is
3752 * different from unit_inactive_or_pending() which checks both
3753 * the current state and for a queued job. */
3754
3755 return unit_has_job_type(u, JOB_STOP);
3756 }
3757
3758 bool unit_inactive_or_pending(Unit *u) {
3759 assert(u);
3760
3761 /* Returns true if the unit is inactive or going down */
3762
3763 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3764 return true;
3765
3766 if (unit_stop_pending(u))
3767 return true;
3768
3769 return false;
3770 }
3771
3772 bool unit_active_or_pending(Unit *u) {
3773 assert(u);
3774
3775 /* Returns true if the unit is active or going up */
3776
3777 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3778 return true;
3779
3780 if (u->job &&
3781 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
3782 return true;
3783
3784 return false;
3785 }
3786
3787 bool unit_will_restart_default(Unit *u) {
3788 assert(u);
3789
3790 return unit_has_job_type(u, JOB_START);
3791 }
3792
3793 bool unit_will_restart(Unit *u) {
3794 assert(u);
3795
3796 if (!UNIT_VTABLE(u)->will_restart)
3797 return false;
3798
3799 return UNIT_VTABLE(u)->will_restart(u);
3800 }
3801
3802 int unit_kill(Unit *u, KillWho w, int signo, int code, int value, sd_bus_error *error) {
3803 assert(u);
3804 assert(w >= 0 && w < _KILL_WHO_MAX);
3805 assert(SIGNAL_VALID(signo));
3806 assert(IN_SET(code, SI_USER, SI_QUEUE));
3807
3808 if (!UNIT_VTABLE(u)->kill)
3809 return -EOPNOTSUPP;
3810
3811 return UNIT_VTABLE(u)->kill(u, w, signo, code, value, error);
3812 }
3813
3814 void unit_notify_cgroup_oom(Unit *u, bool managed_oom) {
3815 assert(u);
3816
3817 if (UNIT_VTABLE(u)->notify_cgroup_oom)
3818 UNIT_VTABLE(u)->notify_cgroup_oom(u, managed_oom);
3819 }
3820
3821 static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
3822 _cleanup_set_free_ Set *pid_set = NULL;
3823 int r;
3824
3825 pid_set = set_new(NULL);
3826 if (!pid_set)
3827 return NULL;
3828
3829 /* Exclude the main/control pids from being killed via the cgroup */
3830 if (main_pid > 0) {
3831 r = set_put(pid_set, PID_TO_PTR(main_pid));
3832 if (r < 0)
3833 return NULL;
3834 }
3835
3836 if (control_pid > 0) {
3837 r = set_put(pid_set, PID_TO_PTR(control_pid));
3838 if (r < 0)
3839 return NULL;
3840 }
3841
3842 return TAKE_PTR(pid_set);
3843 }
3844
3845 static int kill_common_log(pid_t pid, int signo, void *userdata) {
3846 _cleanup_free_ char *comm = NULL;
3847 Unit *u = ASSERT_PTR(userdata);
3848
3849 (void) get_process_comm(pid, &comm);
3850 log_unit_info(u, "Sending signal SIG%s to process " PID_FMT " (%s) on client request.",
3851 signal_to_string(signo), pid, strna(comm));
3852
3853 return 1;
3854 }
3855
3856 static int kill_or_sigqueue(pid_t pid, int signo, int code, int value) {
3857 assert(pid > 0);
3858 assert(SIGNAL_VALID(signo));
3859
3860 switch (code) {
3861
3862 case SI_USER:
3863 log_debug("Killing " PID_FMT " with signal SIG%s.", pid, signal_to_string(signo));
3864 return RET_NERRNO(kill(pid, signo));
3865
3866 case SI_QUEUE:
3867 log_debug("Enqueuing value %i to " PID_FMT " on signal SIG%s.", value, pid, signal_to_string(signo));
3868 return RET_NERRNO(sigqueue(pid, signo, (const union sigval) { .sival_int = value }));
3869
3870 default:
3871 assert_not_reached();
3872 }
3873 }
3874
3875 int unit_kill_common(
3876 Unit *u,
3877 KillWho who,
3878 int signo,
3879 int code,
3880 int value,
3881 pid_t main_pid,
3882 pid_t control_pid,
3883 sd_bus_error *error) {
3884
3885 bool killed = false;
3886 int ret = 0, r;
3887
3888 /* This is the common implementation for explicit user-requested killing of unit processes, shared by
3889 * various unit types. Do not confuse with unit_kill_context(), which is what we use when we want to
3890 * stop a service ourselves. */
3891
3892 assert(u);
3893 assert(who >= 0);
3894 assert(who < _KILL_WHO_MAX);
3895 assert(SIGNAL_VALID(signo));
3896 assert(IN_SET(code, SI_USER, SI_QUEUE));
3897
3898 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
3899 if (main_pid < 0)
3900 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
3901 if (main_pid == 0)
3902 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
3903 }
3904
3905 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
3906 if (control_pid < 0)
3907 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
3908 if (control_pid == 0)
3909 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
3910 }
3911
3912 if (control_pid > 0 &&
3913 IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL)) {
3914 _cleanup_free_ char *comm = NULL;
3915 (void) get_process_comm(control_pid, &comm);
3916
3917 r = kill_or_sigqueue(control_pid, signo, code, value);
3918 if (r < 0) {
3919 ret = r;
3920
3921 /* Report this failure both to the logs and to the client */
3922 sd_bus_error_set_errnof(
3923 error, r,
3924 "Failed to send signal SIG%s to control process " PID_FMT " (%s): %m",
3925 signal_to_string(signo), control_pid, strna(comm));
3926 log_unit_warning_errno(
3927 u, r,
3928 "Failed to send signal SIG%s to control process " PID_FMT " (%s) on client request: %m",
3929 signal_to_string(signo), control_pid, strna(comm));
3930 } else {
3931 log_unit_info(u, "Sent signal SIG%s to control process " PID_FMT " (%s) on client request.",
3932 signal_to_string(signo), control_pid, strna(comm));
3933 killed = true;
3934 }
3935 }
3936
3937 if (main_pid > 0 &&
3938 IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL)) {
3939
3940 _cleanup_free_ char *comm = NULL;
3941 (void) get_process_comm(main_pid, &comm);
3942
3943 r = kill_or_sigqueue(main_pid, signo, code, value);
3944 if (r < 0) {
3945 if (ret == 0) {
3946 ret = r;
3947
3948 sd_bus_error_set_errnof(
3949 error, r,
3950 "Failed to send signal SIG%s to main process " PID_FMT " (%s): %m",
3951 signal_to_string(signo), main_pid, strna(comm));
3952 }
3953
3954 log_unit_warning_errno(
3955 u, r,
3956 "Failed to send signal SIG%s to main process " PID_FMT " (%s) on client request: %m",
3957 signal_to_string(signo), main_pid, strna(comm));
3958
3959 } else {
3960 log_unit_info(u, "Sent signal SIG%s to main process " PID_FMT " (%s) on client request.",
3961 signal_to_string(signo), main_pid, strna(comm));
3962 killed = true;
3963 }
3964 }
3965
3966 /* Note: if we shall enqueue rather than kill we won't do this via the cgroup mechanism, since it
3967 * doesn't really make much sense (and given that enqueued values are a relatively expensive
3968 * resource, and we shouldn't allow us to be subjects for such allocation sprees) */
3969 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path && code == SI_USER) {
3970 _cleanup_set_free_ Set *pid_set = NULL;
3971
3972 /* Exclude the main/control pids from being killed via the cgroup */
3973 pid_set = unit_pid_set(main_pid, control_pid);
3974 if (!pid_set)
3975 return log_oom();
3976
3977 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, kill_common_log, u);
3978 if (r < 0) {
3979 if (!IN_SET(r, -ESRCH, -ENOENT)) {
3980 if (ret == 0) {
3981 ret = r;
3982
3983 sd_bus_error_set_errnof(
3984 error, r,
3985 "Failed to send signal SIG%s to auxiliary processes: %m",
3986 signal_to_string(signo));
3987 }
3988
3989 log_unit_warning_errno(
3990 u, r,
3991 "Failed to send signal SIG%s to auxiliary processes on client request: %m",
3992 signal_to_string(signo));
3993 }
3994 } else
3995 killed = true;
3996 }
3997
3998 /* If the "fail" versions of the operation are requested, then complain if the set of processes we killed is empty */
3999 if (ret == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL, KILL_MAIN_FAIL))
4000 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No matching processes to kill");
4001
4002 return ret;
4003 }
4004
4005 int unit_following_set(Unit *u, Set **s) {
4006 assert(u);
4007 assert(s);
4008
4009 if (UNIT_VTABLE(u)->following_set)
4010 return UNIT_VTABLE(u)->following_set(u, s);
4011
4012 *s = NULL;
4013 return 0;
4014 }
4015
4016 UnitFileState unit_get_unit_file_state(Unit *u) {
4017 int r;
4018
4019 assert(u);
4020
4021 if (u->unit_file_state < 0 && u->fragment_path) {
4022 r = unit_file_get_state(
4023 u->manager->runtime_scope,
4024 NULL,
4025 u->id,
4026 &u->unit_file_state);
4027 if (r < 0)
4028 u->unit_file_state = UNIT_FILE_BAD;
4029 }
4030
4031 return u->unit_file_state;
4032 }
4033
4034 int unit_get_unit_file_preset(Unit *u) {
4035 int r;
4036
4037 assert(u);
4038
4039 if (u->unit_file_preset < 0 && u->fragment_path) {
4040 _cleanup_free_ char *bn = NULL;
4041
4042 r = path_extract_filename(u->fragment_path, &bn);
4043 if (r < 0)
4044 return (u->unit_file_preset = r);
4045
4046 if (r == O_DIRECTORY)
4047 return (u->unit_file_preset = -EISDIR);
4048
4049 u->unit_file_preset = unit_file_query_preset(
4050 u->manager->runtime_scope,
4051 NULL,
4052 bn,
4053 NULL);
4054 }
4055
4056 return u->unit_file_preset;
4057 }
4058
4059 Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
4060 assert(ref);
4061 assert(source);
4062 assert(target);
4063
4064 if (ref->target)
4065 unit_ref_unset(ref);
4066
4067 ref->source = source;
4068 ref->target = target;
4069 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
4070 return target;
4071 }
4072
4073 void unit_ref_unset(UnitRef *ref) {
4074 assert(ref);
4075
4076 if (!ref->target)
4077 return;
4078
4079 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4080 * be unreferenced now. */
4081 unit_add_to_gc_queue(ref->target);
4082
4083 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
4084 ref->source = ref->target = NULL;
4085 }
4086
4087 static int user_from_unit_name(Unit *u, char **ret) {
4088
4089 static const uint8_t hash_key[] = {
4090 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4091 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4092 };
4093
4094 _cleanup_free_ char *n = NULL;
4095 int r;
4096
4097 r = unit_name_to_prefix(u->id, &n);
4098 if (r < 0)
4099 return r;
4100
4101 if (valid_user_group_name(n, 0)) {
4102 *ret = TAKE_PTR(n);
4103 return 0;
4104 }
4105
4106 /* If we can't use the unit name as a user name, then let's hash it and use that */
4107 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4108 return -ENOMEM;
4109
4110 return 0;
4111 }
4112
4113 int unit_patch_contexts(Unit *u) {
4114 CGroupContext *cc;
4115 ExecContext *ec;
4116 int r;
4117
4118 assert(u);
4119
4120 /* Patch in the manager defaults into the exec and cgroup
4121 * contexts, _after_ the rest of the settings have been
4122 * initialized */
4123
4124 ec = unit_get_exec_context(u);
4125 if (ec) {
4126 /* This only copies in the ones that need memory */
4127 for (unsigned i = 0; i < _RLIMIT_MAX; i++)
4128 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4129 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4130 if (!ec->rlimit[i])
4131 return -ENOMEM;
4132 }
4133
4134 if (MANAGER_IS_USER(u->manager) &&
4135 !ec->working_directory) {
4136
4137 r = get_home_dir(&ec->working_directory);
4138 if (r < 0)
4139 return r;
4140
4141 /* Allow user services to run, even if the
4142 * home directory is missing */
4143 ec->working_directory_missing_ok = true;
4144 }
4145
4146 if (ec->private_devices)
4147 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
4148
4149 if (ec->protect_kernel_modules)
4150 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
4151
4152 if (ec->protect_kernel_logs)
4153 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYSLOG);
4154
4155 if (ec->protect_clock)
4156 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_SYS_TIME) | (UINT64_C(1) << CAP_WAKE_ALARM));
4157
4158 if (ec->dynamic_user) {
4159 if (!ec->user) {
4160 r = user_from_unit_name(u, &ec->user);
4161 if (r < 0)
4162 return r;
4163 }
4164
4165 if (!ec->group) {
4166 ec->group = strdup(ec->user);
4167 if (!ec->group)
4168 return -ENOMEM;
4169 }
4170
4171 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4172 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4173 * sandbox. */
4174
4175 ec->private_tmp = true;
4176 ec->remove_ipc = true;
4177 ec->protect_system = PROTECT_SYSTEM_STRICT;
4178 if (ec->protect_home == PROTECT_HOME_NO)
4179 ec->protect_home = PROTECT_HOME_READ_ONLY;
4180
4181 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4182 * them. */
4183 ec->no_new_privileges = true;
4184 ec->restrict_suid_sgid = true;
4185 }
4186
4187 for (ExecDirectoryType dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++)
4188 exec_directory_sort(ec->directories + dt);
4189 }
4190
4191 cc = unit_get_cgroup_context(u);
4192 if (cc && ec) {
4193
4194 if (ec->private_devices &&
4195 cc->device_policy == CGROUP_DEVICE_POLICY_AUTO)
4196 cc->device_policy = CGROUP_DEVICE_POLICY_CLOSED;
4197
4198 /* Only add these if needed, as they imply that everything else is blocked. */
4199 if (cc->device_policy != CGROUP_DEVICE_POLICY_AUTO || cc->device_allow) {
4200 if (ec->root_image || ec->mount_images) {
4201
4202 /* When RootImage= or MountImages= is specified, the following devices are touched. */
4203 FOREACH_STRING(p, "/dev/loop-control", "/dev/mapper/control") {
4204 r = cgroup_add_device_allow(cc, p, "rw");
4205 if (r < 0)
4206 return r;
4207 }
4208 FOREACH_STRING(p, "block-loop", "block-blkext", "block-device-mapper") {
4209 r = cgroup_add_device_allow(cc, p, "rwm");
4210 if (r < 0)
4211 return r;
4212 }
4213
4214 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices.
4215 * Same for mapper and verity. */
4216 FOREACH_STRING(p, "modprobe@loop.service", "modprobe@dm_mod.service", "modprobe@dm_verity.service") {
4217 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, p, true, UNIT_DEPENDENCY_FILE);
4218 if (r < 0)
4219 return r;
4220 }
4221 }
4222
4223 if (ec->protect_clock) {
4224 r = cgroup_add_device_allow(cc, "char-rtc", "r");
4225 if (r < 0)
4226 return r;
4227 }
4228
4229 /* If there are encrypted credentials we might need to access the TPM. */
4230 if (exec_context_has_encrypted_credentials(ec)) {
4231 r = cgroup_add_device_allow(cc, "char-tpm", "rw");
4232 if (r < 0)
4233 return r;
4234 }
4235 }
4236 }
4237
4238 return 0;
4239 }
4240
4241 ExecContext *unit_get_exec_context(const Unit *u) {
4242 size_t offset;
4243 assert(u);
4244
4245 if (u->type < 0)
4246 return NULL;
4247
4248 offset = UNIT_VTABLE(u)->exec_context_offset;
4249 if (offset <= 0)
4250 return NULL;
4251
4252 return (ExecContext*) ((uint8_t*) u + offset);
4253 }
4254
4255 KillContext *unit_get_kill_context(Unit *u) {
4256 size_t offset;
4257 assert(u);
4258
4259 if (u->type < 0)
4260 return NULL;
4261
4262 offset = UNIT_VTABLE(u)->kill_context_offset;
4263 if (offset <= 0)
4264 return NULL;
4265
4266 return (KillContext*) ((uint8_t*) u + offset);
4267 }
4268
4269 CGroupContext *unit_get_cgroup_context(Unit *u) {
4270 size_t offset;
4271
4272 if (u->type < 0)
4273 return NULL;
4274
4275 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4276 if (offset <= 0)
4277 return NULL;
4278
4279 return (CGroupContext*) ((uint8_t*) u + offset);
4280 }
4281
4282 ExecRuntime *unit_get_exec_runtime(Unit *u) {
4283 size_t offset;
4284
4285 if (u->type < 0)
4286 return NULL;
4287
4288 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4289 if (offset <= 0)
4290 return NULL;
4291
4292 return *(ExecRuntime**) ((uint8_t*) u + offset);
4293 }
4294
4295 static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
4296 assert(u);
4297
4298 if (UNIT_WRITE_FLAGS_NOOP(flags))
4299 return NULL;
4300
4301 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4302 return u->manager->lookup_paths.transient;
4303
4304 if (flags & UNIT_PERSISTENT)
4305 return u->manager->lookup_paths.persistent_control;
4306
4307 if (flags & UNIT_RUNTIME)
4308 return u->manager->lookup_paths.runtime_control;
4309
4310 return NULL;
4311 }
4312
4313 const char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4314 assert(s);
4315 assert(!FLAGS_SET(flags, UNIT_ESCAPE_EXEC_SYNTAX | UNIT_ESCAPE_C));
4316 assert(buf);
4317
4318 _cleanup_free_ char *t = NULL;
4319
4320 /* Returns a string with any escaping done. If no escaping was necessary, *buf is set to NULL, and
4321 * the input pointer is returned as-is. If an allocation was needed, the return buffer pointer is
4322 * written to *buf. This means the return value always contains a properly escaped version, but *buf
4323 * only contains a pointer if an allocation was made. Callers can use this to optimize memory
4324 * allocations. */
4325
4326 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4327 t = specifier_escape(s);
4328 if (!t)
4329 return NULL;
4330
4331 s = t;
4332 }
4333
4334 /* We either do C-escaping or shell-escaping, to additionally escape characters that we parse for
4335 * ExecStart= and friends, i.e. '$' and ';' and quotes. */
4336
4337 if (flags & UNIT_ESCAPE_EXEC_SYNTAX) {
4338 char *t2 = shell_escape(s, "$;'\"");
4339 if (!t2)
4340 return NULL;
4341 free_and_replace(t, t2);
4342
4343 s = t;
4344
4345 } else if (flags & UNIT_ESCAPE_C) {
4346 char *t2 = cescape(s);
4347 if (!t2)
4348 return NULL;
4349 free_and_replace(t, t2);
4350
4351 s = t;
4352 }
4353
4354 *buf = TAKE_PTR(t);
4355 return s;
4356 }
4357
4358 char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4359 _cleanup_free_ char *result = NULL;
4360 size_t n = 0;
4361
4362 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command
4363 * lines in a way suitable for ExecStart= stanzas. */
4364
4365 STRV_FOREACH(i, l) {
4366 _cleanup_free_ char *buf = NULL;
4367 const char *p;
4368 size_t a;
4369 char *q;
4370
4371 p = unit_escape_setting(*i, flags, &buf);
4372 if (!p)
4373 return NULL;
4374
4375 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
4376 if (!GREEDY_REALLOC(result, n + a + 1))
4377 return NULL;
4378
4379 q = result + n;
4380 if (n > 0)
4381 *(q++) = ' ';
4382
4383 *(q++) = '"';
4384 q = stpcpy(q, p);
4385 *(q++) = '"';
4386
4387 n += a;
4388 }
4389
4390 if (!GREEDY_REALLOC(result, n + 1))
4391 return NULL;
4392
4393 result[n] = 0;
4394
4395 return TAKE_PTR(result);
4396 }
4397
4398 int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4399 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
4400 const char *dir, *wrapped;
4401 int r;
4402
4403 assert(u);
4404 assert(name);
4405 assert(data);
4406
4407 if (UNIT_WRITE_FLAGS_NOOP(flags))
4408 return 0;
4409
4410 data = unit_escape_setting(data, flags, &escaped);
4411 if (!data)
4412 return -ENOMEM;
4413
4414 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4415 * previous section header is the same */
4416
4417 if (flags & UNIT_PRIVATE) {
4418 if (!UNIT_VTABLE(u)->private_section)
4419 return -EINVAL;
4420
4421 if (!u->transient_file || u->last_section_private < 0)
4422 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4423 else if (u->last_section_private == 0)
4424 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4425 } else {
4426 if (!u->transient_file || u->last_section_private < 0)
4427 data = strjoina("[Unit]\n", data);
4428 else if (u->last_section_private > 0)
4429 data = strjoina("\n[Unit]\n", data);
4430 }
4431
4432 if (u->transient_file) {
4433 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4434 * write to the transient unit file. */
4435 fputs(data, u->transient_file);
4436
4437 if (!endswith(data, "\n"))
4438 fputc('\n', u->transient_file);
4439
4440 /* Remember which section we wrote this entry to */
4441 u->last_section_private = !!(flags & UNIT_PRIVATE);
4442 return 0;
4443 }
4444
4445 dir = unit_drop_in_dir(u, flags);
4446 if (!dir)
4447 return -EINVAL;
4448
4449 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4450 "# or an equivalent operation. Do not edit.\n",
4451 data,
4452 "\n");
4453
4454 r = drop_in_file(dir, u->id, 50, name, &p, &q);
4455 if (r < 0)
4456 return r;
4457
4458 (void) mkdir_p_label(p, 0755);
4459
4460 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4461 * recreate the cache after every drop-in we write. */
4462 if (u->manager->unit_path_cache) {
4463 r = set_put_strdup(&u->manager->unit_path_cache, p);
4464 if (r < 0)
4465 return r;
4466 }
4467
4468 r = write_string_file_atomic_label(q, wrapped);
4469 if (r < 0)
4470 return r;
4471
4472 r = strv_push(&u->dropin_paths, q);
4473 if (r < 0)
4474 return r;
4475 q = NULL;
4476
4477 strv_uniq(u->dropin_paths);
4478
4479 u->dropin_mtime = now(CLOCK_REALTIME);
4480
4481 return 0;
4482 }
4483
4484 int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
4485 _cleanup_free_ char *p = NULL;
4486 va_list ap;
4487 int r;
4488
4489 assert(u);
4490 assert(name);
4491 assert(format);
4492
4493 if (UNIT_WRITE_FLAGS_NOOP(flags))
4494 return 0;
4495
4496 va_start(ap, format);
4497 r = vasprintf(&p, format, ap);
4498 va_end(ap);
4499
4500 if (r < 0)
4501 return -ENOMEM;
4502
4503 return unit_write_setting(u, flags, name, p);
4504 }
4505
4506 int unit_make_transient(Unit *u) {
4507 _cleanup_free_ char *path = NULL;
4508 FILE *f;
4509
4510 assert(u);
4511
4512 if (!UNIT_VTABLE(u)->can_transient)
4513 return -EOPNOTSUPP;
4514
4515 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4516
4517 path = path_join(u->manager->lookup_paths.transient, u->id);
4518 if (!path)
4519 return -ENOMEM;
4520
4521 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4522 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4523
4524 WITH_UMASK(0022) {
4525 f = fopen(path, "we");
4526 if (!f)
4527 return -errno;
4528 }
4529
4530 safe_fclose(u->transient_file);
4531 u->transient_file = f;
4532
4533 free_and_replace(u->fragment_path, path);
4534
4535 u->source_path = mfree(u->source_path);
4536 u->dropin_paths = strv_free(u->dropin_paths);
4537 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4538
4539 u->load_state = UNIT_STUB;
4540 u->load_error = 0;
4541 u->transient = true;
4542
4543 unit_add_to_dbus_queue(u);
4544 unit_add_to_gc_queue(u);
4545
4546 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4547 u->transient_file);
4548
4549 return 0;
4550 }
4551
4552 static int log_kill(pid_t pid, int sig, void *userdata) {
4553 _cleanup_free_ char *comm = NULL;
4554
4555 (void) get_process_comm(pid, &comm);
4556
4557 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4558 only, like for example systemd's own PAM stub process. */
4559 if (comm && comm[0] == '(')
4560 /* Although we didn't log anything, as this callback is used in unit_kill_context we must return 1
4561 * here to let the manager know that a process was killed. */
4562 return 1;
4563
4564 log_unit_notice(userdata,
4565 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4566 pid,
4567 strna(comm),
4568 signal_to_string(sig));
4569
4570 return 1;
4571 }
4572
4573 static int operation_to_signal(
4574 const KillContext *c,
4575 KillOperation k,
4576 bool *ret_noteworthy) {
4577
4578 assert(c);
4579
4580 switch (k) {
4581
4582 case KILL_TERMINATE:
4583 case KILL_TERMINATE_AND_LOG:
4584 *ret_noteworthy = false;
4585 return c->kill_signal;
4586
4587 case KILL_RESTART:
4588 *ret_noteworthy = false;
4589 return restart_kill_signal(c);
4590
4591 case KILL_KILL:
4592 *ret_noteworthy = true;
4593 return c->final_kill_signal;
4594
4595 case KILL_WATCHDOG:
4596 *ret_noteworthy = true;
4597 return c->watchdog_signal;
4598
4599 default:
4600 assert_not_reached();
4601 }
4602 }
4603
4604 int unit_kill_context(
4605 Unit *u,
4606 KillContext *c,
4607 KillOperation k,
4608 pid_t main_pid,
4609 pid_t control_pid,
4610 bool main_pid_alien) {
4611
4612 bool wait_for_exit = false, send_sighup;
4613 cg_kill_log_func_t log_func = NULL;
4614 int sig, r;
4615
4616 assert(u);
4617 assert(c);
4618
4619 /* Kill the processes belonging to this unit, in preparation for shutting the unit down. Returns > 0
4620 * if we killed something worth waiting for, 0 otherwise. Do not confuse with unit_kill_common()
4621 * which is used for user-requested killing of unit processes. */
4622
4623 if (c->kill_mode == KILL_NONE)
4624 return 0;
4625
4626 bool noteworthy;
4627 sig = operation_to_signal(c, k, &noteworthy);
4628 if (noteworthy)
4629 log_func = log_kill;
4630
4631 send_sighup =
4632 c->send_sighup &&
4633 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4634 sig != SIGHUP;
4635
4636 if (main_pid > 0) {
4637 if (log_func)
4638 log_func(main_pid, sig, u);
4639
4640 r = kill_and_sigcont(main_pid, sig);
4641 if (r < 0 && r != -ESRCH) {
4642 _cleanup_free_ char *comm = NULL;
4643 (void) get_process_comm(main_pid, &comm);
4644
4645 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
4646 } else {
4647 if (!main_pid_alien)
4648 wait_for_exit = true;
4649
4650 if (r != -ESRCH && send_sighup)
4651 (void) kill(main_pid, SIGHUP);
4652 }
4653 }
4654
4655 if (control_pid > 0) {
4656 if (log_func)
4657 log_func(control_pid, sig, u);
4658
4659 r = kill_and_sigcont(control_pid, sig);
4660 if (r < 0 && r != -ESRCH) {
4661 _cleanup_free_ char *comm = NULL;
4662 (void) get_process_comm(control_pid, &comm);
4663
4664 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
4665 } else {
4666 wait_for_exit = true;
4667
4668 if (r != -ESRCH && send_sighup)
4669 (void) kill(control_pid, SIGHUP);
4670 }
4671 }
4672
4673 if (u->cgroup_path &&
4674 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
4675 _cleanup_set_free_ Set *pid_set = NULL;
4676
4677 /* Exclude the main/control pids from being killed via the cgroup */
4678 pid_set = unit_pid_set(main_pid, control_pid);
4679 if (!pid_set)
4680 return -ENOMEM;
4681
4682 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4683 sig,
4684 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4685 pid_set,
4686 log_func, u);
4687 if (r < 0) {
4688 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
4689 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", empty_to_root(u->cgroup_path));
4690
4691 } else if (r > 0) {
4692
4693 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4694 * we are running in a container or if this is a delegation unit, simply because cgroup
4695 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4696 * of containers it can be confused easily by left-over directories in the cgroup — which
4697 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4698 * there we get proper events. Hence rely on them. */
4699
4700 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
4701 (detect_container() == 0 && !unit_cgroup_delegate(u)))
4702 wait_for_exit = true;
4703
4704 if (send_sighup) {
4705 set_free(pid_set);
4706
4707 pid_set = unit_pid_set(main_pid, control_pid);
4708 if (!pid_set)
4709 return -ENOMEM;
4710
4711 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4712 SIGHUP,
4713 CGROUP_IGNORE_SELF,
4714 pid_set,
4715 NULL, NULL);
4716 }
4717 }
4718 }
4719
4720 return wait_for_exit;
4721 }
4722
4723 int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
4724 int r;
4725
4726 assert(u);
4727 assert(path);
4728
4729 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these
4730 * paths in the unit (from the path to the UnitDependencyInfo structure indicating how to the
4731 * dependency came to be). However, we build a prefix table for all possible prefixes so that new
4732 * appearing mount units can easily determine which units to make themselves a dependency of. */
4733
4734 if (!path_is_absolute(path))
4735 return -EINVAL;
4736
4737 if (hashmap_contains(u->requires_mounts_for, path)) /* Exit quickly if the path is already covered. */
4738 return 0;
4739
4740 _cleanup_free_ char *p = strdup(path);
4741 if (!p)
4742 return -ENOMEM;
4743
4744 /* Use the canonical form of the path as the stored key. We call path_is_normalized()
4745 * only after simplification, since path_is_normalized() rejects paths with '.'.
4746 * path_is_normalized() also verifies that the path fits in PATH_MAX. */
4747 path = path_simplify(p);
4748
4749 if (!path_is_normalized(path))
4750 return -EPERM;
4751
4752 UnitDependencyInfo di = {
4753 .origin_mask = mask
4754 };
4755
4756 r = hashmap_ensure_put(&u->requires_mounts_for, &path_hash_ops, p, di.data);
4757 if (r < 0)
4758 return r;
4759 assert(r > 0);
4760 TAKE_PTR(p); /* path remains a valid pointer to the string stored in the hashmap */
4761
4762 char prefix[strlen(path) + 1];
4763 PATH_FOREACH_PREFIX_MORE(prefix, path) {
4764 Set *x;
4765
4766 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4767 if (!x) {
4768 _cleanup_free_ char *q = NULL;
4769
4770 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
4771 if (r < 0)
4772 return r;
4773
4774 q = strdup(prefix);
4775 if (!q)
4776 return -ENOMEM;
4777
4778 x = set_new(NULL);
4779 if (!x)
4780 return -ENOMEM;
4781
4782 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4783 if (r < 0) {
4784 set_free(x);
4785 return r;
4786 }
4787 q = NULL;
4788 }
4789
4790 r = set_put(x, u);
4791 if (r < 0)
4792 return r;
4793 }
4794
4795 return 0;
4796 }
4797
4798 int unit_setup_exec_runtime(Unit *u) {
4799 _cleanup_(exec_shared_runtime_unrefp) ExecSharedRuntime *esr = NULL;
4800 _cleanup_(dynamic_creds_unrefp) DynamicCreds *dcreds = NULL;
4801 ExecRuntime **rt;
4802 ExecContext *ec;
4803 size_t offset;
4804 Unit *other;
4805 int r;
4806
4807 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4808 assert(offset > 0);
4809
4810 /* Check if there already is an ExecRuntime for this unit? */
4811 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4812 if (*rt)
4813 return 0;
4814
4815 ec = unit_get_exec_context(u);
4816 assert(ec);
4817
4818 /* Try to get it from somebody else */
4819 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_JOINS_NAMESPACE_OF) {
4820 r = exec_shared_runtime_acquire(u->manager, NULL, other->id, false, &esr);
4821 if (r < 0)
4822 return r;
4823 if (r > 0)
4824 break;
4825 }
4826
4827 if (!esr) {
4828 r = exec_shared_runtime_acquire(u->manager, ec, u->id, true, &esr);
4829 if (r < 0)
4830 return r;
4831 }
4832
4833 if (ec->dynamic_user) {
4834 r = dynamic_creds_make(u->manager, ec->user, ec->group, &dcreds);
4835 if (r < 0)
4836 return r;
4837 }
4838
4839 r = exec_runtime_make(esr, dcreds, rt);
4840 if (r < 0)
4841 return r;
4842
4843 TAKE_PTR(esr);
4844 TAKE_PTR(dcreds);
4845
4846 return r;
4847 }
4848
4849 bool unit_type_supported(UnitType t) {
4850 static int8_t cache[_UNIT_TYPE_MAX] = {}; /* -1: disabled, 1: enabled: 0: don't know */
4851 int r;
4852
4853 if (_unlikely_(t < 0))
4854 return false;
4855 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4856 return false;
4857
4858 if (cache[t] == 0) {
4859 char *e;
4860
4861 e = strjoina("SYSTEMD_SUPPORT_", unit_type_to_string(t));
4862
4863 r = getenv_bool(ascii_strupper(e));
4864 if (r < 0 && r != -ENXIO)
4865 log_debug_errno(r, "Failed to parse $%s, ignoring: %m", e);
4866
4867 cache[t] = r == 0 ? -1 : 1;
4868 }
4869 if (cache[t] < 0)
4870 return false;
4871
4872 if (!unit_vtable[t]->supported)
4873 return true;
4874
4875 return unit_vtable[t]->supported();
4876 }
4877
4878 void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4879 int r;
4880
4881 assert(u);
4882 assert(where);
4883
4884 if (!unit_log_level_test(u, LOG_NOTICE))
4885 return;
4886
4887 r = dir_is_empty(where, /* ignore_hidden_or_backup= */ false);
4888 if (r > 0 || r == -ENOTDIR)
4889 return;
4890 if (r < 0) {
4891 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4892 return;
4893 }
4894
4895 log_unit_struct(u, LOG_NOTICE,
4896 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4897 LOG_UNIT_INVOCATION_ID(u),
4898 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4899 "WHERE=%s", where);
4900 }
4901
4902 int unit_fail_if_noncanonical(Unit *u, const char* where) {
4903 _cleanup_free_ char *canonical_where = NULL;
4904 int r;
4905
4906 assert(u);
4907 assert(where);
4908
4909 r = chase(where, NULL, CHASE_NONEXISTENT, &canonical_where, NULL);
4910 if (r < 0) {
4911 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
4912 return 0;
4913 }
4914
4915 /* We will happily ignore a trailing slash (or any redundant slashes) */
4916 if (path_equal(where, canonical_where))
4917 return 0;
4918
4919 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
4920 log_unit_struct(u, LOG_ERR,
4921 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4922 LOG_UNIT_INVOCATION_ID(u),
4923 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
4924 "WHERE=%s", where);
4925
4926 return -ELOOP;
4927 }
4928
4929 bool unit_is_pristine(Unit *u) {
4930 assert(u);
4931
4932 /* Check if the unit already exists or is already around, in a number of different ways. Note that to
4933 * cater for unit types such as slice, we are generally fine with units that are marked UNIT_LOADED
4934 * even though nothing was actually loaded, as those unit types don't require a file on disk.
4935 *
4936 * Note that we don't check for drop-ins here, because we allow drop-ins for transient units
4937 * identically to non-transient units, both unit-specific and hierarchical. E.g. for a-b-c.service:
4938 * service.d/….conf, a-.service.d/….conf, a-b-.service.d/….conf, a-b-c.service.d/….conf.
4939 */
4940
4941 return IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) &&
4942 !u->fragment_path &&
4943 !u->source_path &&
4944 !u->job &&
4945 !u->merged_into;
4946 }
4947
4948 pid_t unit_control_pid(Unit *u) {
4949 assert(u);
4950
4951 if (UNIT_VTABLE(u)->control_pid)
4952 return UNIT_VTABLE(u)->control_pid(u);
4953
4954 return 0;
4955 }
4956
4957 pid_t unit_main_pid(Unit *u) {
4958 assert(u);
4959
4960 if (UNIT_VTABLE(u)->main_pid)
4961 return UNIT_VTABLE(u)->main_pid(u);
4962
4963 return 0;
4964 }
4965
4966 static void unit_unref_uid_internal(
4967 Unit *u,
4968 uid_t *ref_uid,
4969 bool destroy_now,
4970 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4971
4972 assert(u);
4973 assert(ref_uid);
4974 assert(_manager_unref_uid);
4975
4976 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4977 * gid_t are actually the same time, with the same validity rules.
4978 *
4979 * Drops a reference to UID/GID from a unit. */
4980
4981 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4982 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4983
4984 if (!uid_is_valid(*ref_uid))
4985 return;
4986
4987 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4988 *ref_uid = UID_INVALID;
4989 }
4990
4991 static void unit_unref_uid(Unit *u, bool destroy_now) {
4992 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4993 }
4994
4995 static void unit_unref_gid(Unit *u, bool destroy_now) {
4996 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4997 }
4998
4999 void unit_unref_uid_gid(Unit *u, bool destroy_now) {
5000 assert(u);
5001
5002 unit_unref_uid(u, destroy_now);
5003 unit_unref_gid(u, destroy_now);
5004 }
5005
5006 static int unit_ref_uid_internal(
5007 Unit *u,
5008 uid_t *ref_uid,
5009 uid_t uid,
5010 bool clean_ipc,
5011 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
5012
5013 int r;
5014
5015 assert(u);
5016 assert(ref_uid);
5017 assert(uid_is_valid(uid));
5018 assert(_manager_ref_uid);
5019
5020 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
5021 * are actually the same type, and have the same validity rules.
5022 *
5023 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
5024 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
5025 * drops to zero. */
5026
5027 assert_cc(sizeof(uid_t) == sizeof(gid_t));
5028 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
5029
5030 if (*ref_uid == uid)
5031 return 0;
5032
5033 if (uid_is_valid(*ref_uid)) /* Already set? */
5034 return -EBUSY;
5035
5036 r = _manager_ref_uid(u->manager, uid, clean_ipc);
5037 if (r < 0)
5038 return r;
5039
5040 *ref_uid = uid;
5041 return 1;
5042 }
5043
5044 static int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
5045 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
5046 }
5047
5048 static int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
5049 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
5050 }
5051
5052 static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
5053 int r = 0, q = 0;
5054
5055 assert(u);
5056
5057 /* Reference both a UID and a GID in one go. Either references both, or neither. */
5058
5059 if (uid_is_valid(uid)) {
5060 r = unit_ref_uid(u, uid, clean_ipc);
5061 if (r < 0)
5062 return r;
5063 }
5064
5065 if (gid_is_valid(gid)) {
5066 q = unit_ref_gid(u, gid, clean_ipc);
5067 if (q < 0) {
5068 if (r > 0)
5069 unit_unref_uid(u, false);
5070
5071 return q;
5072 }
5073 }
5074
5075 return r > 0 || q > 0;
5076 }
5077
5078 int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
5079 ExecContext *c;
5080 int r;
5081
5082 assert(u);
5083
5084 c = unit_get_exec_context(u);
5085
5086 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
5087 if (r < 0)
5088 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
5089
5090 return r;
5091 }
5092
5093 void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
5094 int r;
5095
5096 assert(u);
5097
5098 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
5099 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
5100 * objects when no service references the UID/GID anymore. */
5101
5102 r = unit_ref_uid_gid(u, uid, gid);
5103 if (r > 0)
5104 unit_add_to_dbus_queue(u);
5105 }
5106
5107 int unit_acquire_invocation_id(Unit *u) {
5108 sd_id128_t id;
5109 int r;
5110
5111 assert(u);
5112
5113 r = sd_id128_randomize(&id);
5114 if (r < 0)
5115 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
5116
5117 r = unit_set_invocation_id(u, id);
5118 if (r < 0)
5119 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
5120
5121 unit_add_to_dbus_queue(u);
5122 return 0;
5123 }
5124
5125 int unit_set_exec_params(Unit *u, ExecParameters *p) {
5126 int r;
5127
5128 assert(u);
5129 assert(p);
5130
5131 /* Copy parameters from manager */
5132 r = manager_get_effective_environment(u->manager, &p->environment);
5133 if (r < 0)
5134 return r;
5135
5136 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
5137 p->cgroup_supported = u->manager->cgroup_supported;
5138 p->prefix = u->manager->prefix;
5139 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5140
5141 /* Copy parameters from unit */
5142 p->cgroup_path = u->cgroup_path;
5143 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
5144
5145 p->received_credentials_directory = u->manager->received_credentials_directory;
5146 p->received_encrypted_credentials_directory = u->manager->received_encrypted_credentials_directory;
5147
5148 return 0;
5149 }
5150
5151 int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
5152 int r;
5153
5154 assert(u);
5155 assert(ret);
5156
5157 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5158 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5159
5160 (void) unit_realize_cgroup(u);
5161
5162 r = safe_fork(name, FORK_REOPEN_LOG, ret);
5163 if (r != 0)
5164 return r;
5165
5166 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE);
5167 (void) ignore_signals(SIGPIPE);
5168
5169 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
5170
5171 if (u->cgroup_path) {
5172 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5173 if (r < 0) {
5174 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", empty_to_root(u->cgroup_path));
5175 _exit(EXIT_CGROUP);
5176 }
5177 }
5178
5179 return 0;
5180 }
5181
5182 int unit_fork_and_watch_rm_rf(Unit *u, char **paths, pid_t *ret_pid) {
5183 pid_t pid;
5184 int r;
5185
5186 assert(u);
5187 assert(ret_pid);
5188
5189 r = unit_fork_helper_process(u, "(sd-rmrf)", &pid);
5190 if (r < 0)
5191 return r;
5192 if (r == 0) {
5193 int ret = EXIT_SUCCESS;
5194
5195 STRV_FOREACH(i, paths) {
5196 r = rm_rf(*i, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_MISSING_OK);
5197 if (r < 0) {
5198 log_error_errno(r, "Failed to remove '%s': %m", *i);
5199 ret = EXIT_FAILURE;
5200 }
5201 }
5202
5203 _exit(ret);
5204 }
5205
5206 r = unit_watch_pid(u, pid, true);
5207 if (r < 0)
5208 return r;
5209
5210 *ret_pid = pid;
5211 return 0;
5212 }
5213
5214 static void unit_update_dependency_mask(Hashmap *deps, Unit *other, UnitDependencyInfo di) {
5215 assert(deps);
5216 assert(other);
5217
5218 if (di.origin_mask == 0 && di.destination_mask == 0)
5219 /* No bit set anymore, let's drop the whole entry */
5220 assert_se(hashmap_remove(deps, other));
5221 else
5222 /* Mask was reduced, let's update the entry */
5223 assert_se(hashmap_update(deps, other, di.data) == 0);
5224 }
5225
5226 void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
5227 Hashmap *deps;
5228 assert(u);
5229
5230 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5231
5232 if (mask == 0)
5233 return;
5234
5235 HASHMAP_FOREACH(deps, u->dependencies) {
5236 bool done;
5237
5238 do {
5239 UnitDependencyInfo di;
5240 Unit *other;
5241
5242 done = true;
5243
5244 HASHMAP_FOREACH_KEY(di.data, other, deps) {
5245 Hashmap *other_deps;
5246
5247 if (FLAGS_SET(~mask, di.origin_mask))
5248 continue;
5249
5250 di.origin_mask &= ~mask;
5251 unit_update_dependency_mask(deps, other, di);
5252
5253 /* We updated the dependency from our unit to the other unit now. But most
5254 * dependencies imply a reverse dependency. Hence, let's delete that one
5255 * too. For that we go through all dependency types on the other unit and
5256 * delete all those which point to us and have the right mask set. */
5257
5258 HASHMAP_FOREACH(other_deps, other->dependencies) {
5259 UnitDependencyInfo dj;
5260
5261 dj.data = hashmap_get(other_deps, u);
5262 if (FLAGS_SET(~mask, dj.destination_mask))
5263 continue;
5264
5265 dj.destination_mask &= ~mask;
5266 unit_update_dependency_mask(other_deps, u, dj);
5267 }
5268
5269 unit_add_to_gc_queue(other);
5270
5271 /* The unit 'other' may not be wanted by the unit 'u'. */
5272 unit_submit_to_stop_when_unneeded_queue(other);
5273
5274 done = false;
5275 break;
5276 }
5277
5278 } while (!done);
5279 }
5280 }
5281
5282 static int unit_get_invocation_path(Unit *u, char **ret) {
5283 char *p;
5284 int r;
5285
5286 assert(u);
5287 assert(ret);
5288
5289 if (MANAGER_IS_SYSTEM(u->manager))
5290 p = strjoin("/run/systemd/units/invocation:", u->id);
5291 else {
5292 _cleanup_free_ char *user_path = NULL;
5293 r = xdg_user_runtime_dir(&user_path, "/systemd/units/invocation:");
5294 if (r < 0)
5295 return r;
5296 p = strjoin(user_path, u->id);
5297 }
5298
5299 if (!p)
5300 return -ENOMEM;
5301
5302 *ret = p;
5303 return 0;
5304 }
5305
5306 static int unit_export_invocation_id(Unit *u) {
5307 _cleanup_free_ char *p = NULL;
5308 int r;
5309
5310 assert(u);
5311
5312 if (u->exported_invocation_id)
5313 return 0;
5314
5315 if (sd_id128_is_null(u->invocation_id))
5316 return 0;
5317
5318 r = unit_get_invocation_path(u, &p);
5319 if (r < 0)
5320 return log_unit_debug_errno(u, r, "Failed to get invocation path: %m");
5321
5322 r = symlink_atomic_label(u->invocation_id_string, p);
5323 if (r < 0)
5324 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5325
5326 u->exported_invocation_id = true;
5327 return 0;
5328 }
5329
5330 static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5331 const char *p;
5332 char buf[2];
5333 int r;
5334
5335 assert(u);
5336 assert(c);
5337
5338 if (u->exported_log_level_max)
5339 return 0;
5340
5341 if (c->log_level_max < 0)
5342 return 0;
5343
5344 assert(c->log_level_max <= 7);
5345
5346 buf[0] = '0' + c->log_level_max;
5347 buf[1] = 0;
5348
5349 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5350 r = symlink_atomic(buf, p);
5351 if (r < 0)
5352 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5353
5354 u->exported_log_level_max = true;
5355 return 0;
5356 }
5357
5358 static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5359 _cleanup_close_ int fd = -EBADF;
5360 struct iovec *iovec;
5361 const char *p;
5362 char *pattern;
5363 le64_t *sizes;
5364 ssize_t n;
5365 int r;
5366
5367 if (u->exported_log_extra_fields)
5368 return 0;
5369
5370 if (c->n_log_extra_fields <= 0)
5371 return 0;
5372
5373 sizes = newa(le64_t, c->n_log_extra_fields);
5374 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5375
5376 for (size_t i = 0; i < c->n_log_extra_fields; i++) {
5377 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5378
5379 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5380 iovec[i*2+1] = c->log_extra_fields[i];
5381 }
5382
5383 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5384 pattern = strjoina(p, ".XXXXXX");
5385
5386 fd = mkostemp_safe(pattern);
5387 if (fd < 0)
5388 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5389
5390 n = writev(fd, iovec, c->n_log_extra_fields*2);
5391 if (n < 0) {
5392 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5393 goto fail;
5394 }
5395
5396 (void) fchmod(fd, 0644);
5397
5398 if (rename(pattern, p) < 0) {
5399 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5400 goto fail;
5401 }
5402
5403 u->exported_log_extra_fields = true;
5404 return 0;
5405
5406 fail:
5407 (void) unlink(pattern);
5408 return r;
5409 }
5410
5411 static int unit_export_log_ratelimit_interval(Unit *u, const ExecContext *c) {
5412 _cleanup_free_ char *buf = NULL;
5413 const char *p;
5414 int r;
5415
5416 assert(u);
5417 assert(c);
5418
5419 if (u->exported_log_ratelimit_interval)
5420 return 0;
5421
5422 if (c->log_ratelimit_interval_usec == 0)
5423 return 0;
5424
5425 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5426
5427 if (asprintf(&buf, "%" PRIu64, c->log_ratelimit_interval_usec) < 0)
5428 return log_oom();
5429
5430 r = symlink_atomic(buf, p);
5431 if (r < 0)
5432 return log_unit_debug_errno(u, r, "Failed to create log rate limit interval symlink %s: %m", p);
5433
5434 u->exported_log_ratelimit_interval = true;
5435 return 0;
5436 }
5437
5438 static int unit_export_log_ratelimit_burst(Unit *u, const ExecContext *c) {
5439 _cleanup_free_ char *buf = NULL;
5440 const char *p;
5441 int r;
5442
5443 assert(u);
5444 assert(c);
5445
5446 if (u->exported_log_ratelimit_burst)
5447 return 0;
5448
5449 if (c->log_ratelimit_burst == 0)
5450 return 0;
5451
5452 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5453
5454 if (asprintf(&buf, "%u", c->log_ratelimit_burst) < 0)
5455 return log_oom();
5456
5457 r = symlink_atomic(buf, p);
5458 if (r < 0)
5459 return log_unit_debug_errno(u, r, "Failed to create log rate limit burst symlink %s: %m", p);
5460
5461 u->exported_log_ratelimit_burst = true;
5462 return 0;
5463 }
5464
5465 void unit_export_state_files(Unit *u) {
5466 const ExecContext *c;
5467
5468 assert(u);
5469
5470 if (!u->id)
5471 return;
5472
5473 if (MANAGER_IS_TEST_RUN(u->manager))
5474 return;
5475
5476 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5477 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5478 * the IPC system itself and PID 1 also log to the journal.
5479 *
5480 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5481 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5482 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5483 * namespace at least.
5484 *
5485 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5486 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5487 * them with one. */
5488
5489 (void) unit_export_invocation_id(u);
5490
5491 if (!MANAGER_IS_SYSTEM(u->manager))
5492 return;
5493
5494 c = unit_get_exec_context(u);
5495 if (c) {
5496 (void) unit_export_log_level_max(u, c);
5497 (void) unit_export_log_extra_fields(u, c);
5498 (void) unit_export_log_ratelimit_interval(u, c);
5499 (void) unit_export_log_ratelimit_burst(u, c);
5500 }
5501 }
5502
5503 void unit_unlink_state_files(Unit *u) {
5504 const char *p;
5505
5506 assert(u);
5507
5508 if (!u->id)
5509 return;
5510
5511 /* Undoes the effect of unit_export_state() */
5512
5513 if (u->exported_invocation_id) {
5514 _cleanup_free_ char *invocation_path = NULL;
5515 int r = unit_get_invocation_path(u, &invocation_path);
5516 if (r >= 0) {
5517 (void) unlink(invocation_path);
5518 u->exported_invocation_id = false;
5519 }
5520 }
5521
5522 if (!MANAGER_IS_SYSTEM(u->manager))
5523 return;
5524
5525 if (u->exported_log_level_max) {
5526 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5527 (void) unlink(p);
5528
5529 u->exported_log_level_max = false;
5530 }
5531
5532 if (u->exported_log_extra_fields) {
5533 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5534 (void) unlink(p);
5535
5536 u->exported_log_extra_fields = false;
5537 }
5538
5539 if (u->exported_log_ratelimit_interval) {
5540 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5541 (void) unlink(p);
5542
5543 u->exported_log_ratelimit_interval = false;
5544 }
5545
5546 if (u->exported_log_ratelimit_burst) {
5547 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5548 (void) unlink(p);
5549
5550 u->exported_log_ratelimit_burst = false;
5551 }
5552 }
5553
5554 int unit_prepare_exec(Unit *u) {
5555 int r;
5556
5557 assert(u);
5558
5559 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5560 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5561 r = bpf_firewall_load_custom(u);
5562 if (r < 0)
5563 return r;
5564
5565 /* Prepares everything so that we can fork of a process for this unit */
5566
5567 (void) unit_realize_cgroup(u);
5568
5569 if (u->reset_accounting) {
5570 (void) unit_reset_accounting(u);
5571 u->reset_accounting = false;
5572 }
5573
5574 unit_export_state_files(u);
5575
5576 r = unit_setup_exec_runtime(u);
5577 if (r < 0)
5578 return r;
5579
5580 return 0;
5581 }
5582
5583 static bool ignore_leftover_process(const char *comm) {
5584 return comm && comm[0] == '('; /* Most likely our own helper process (PAM?), ignore */
5585 }
5586
5587 int unit_log_leftover_process_start(pid_t pid, int sig, void *userdata) {
5588 _cleanup_free_ char *comm = NULL;
5589
5590 (void) get_process_comm(pid, &comm);
5591
5592 if (ignore_leftover_process(comm))
5593 return 0;
5594
5595 /* During start we print a warning */
5596
5597 log_unit_warning(userdata,
5598 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5599 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5600 pid, strna(comm));
5601
5602 return 1;
5603 }
5604
5605 int unit_log_leftover_process_stop(pid_t pid, int sig, void *userdata) {
5606 _cleanup_free_ char *comm = NULL;
5607
5608 (void) get_process_comm(pid, &comm);
5609
5610 if (ignore_leftover_process(comm))
5611 return 0;
5612
5613 /* During stop we only print an informational message */
5614
5615 log_unit_info(userdata,
5616 "Unit process " PID_FMT " (%s) remains running after unit stopped.",
5617 pid, strna(comm));
5618
5619 return 1;
5620 }
5621
5622 int unit_warn_leftover_processes(Unit *u, cg_kill_log_func_t log_func) {
5623 assert(u);
5624
5625 (void) unit_pick_cgroup_path(u);
5626
5627 if (!u->cgroup_path)
5628 return 0;
5629
5630 return cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_func, u);
5631 }
5632
5633 bool unit_needs_console(Unit *u) {
5634 ExecContext *ec;
5635 UnitActiveState state;
5636
5637 assert(u);
5638
5639 state = unit_active_state(u);
5640
5641 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5642 return false;
5643
5644 if (UNIT_VTABLE(u)->needs_console)
5645 return UNIT_VTABLE(u)->needs_console(u);
5646
5647 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5648 ec = unit_get_exec_context(u);
5649 if (!ec)
5650 return false;
5651
5652 return exec_context_may_touch_console(ec);
5653 }
5654
5655 int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5656 int r;
5657
5658 assert(u);
5659
5660 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5661 * and not a kernel thread either */
5662
5663 /* First, a simple range check */
5664 if (!pid_is_valid(pid))
5665 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5666
5667 /* Some extra safety check */
5668 if (pid == 1 || pid == getpid_cached())
5669 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid);
5670
5671 /* Don't even begin to bother with kernel threads */
5672 r = is_kernel_thread(pid);
5673 if (r == -ESRCH)
5674 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5675 if (r < 0)
5676 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5677 if (r > 0)
5678 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5679
5680 return 0;
5681 }
5682
5683 void unit_log_success(Unit *u) {
5684 assert(u);
5685
5686 /* Let's show message "Deactivated successfully" in debug mode (when manager is user) rather than in info mode.
5687 * This message has low information value for regular users and it might be a bit overwhelming on a system with
5688 * a lot of devices. */
5689 log_unit_struct(u,
5690 MANAGER_IS_USER(u->manager) ? LOG_DEBUG : LOG_INFO,
5691 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR,
5692 LOG_UNIT_INVOCATION_ID(u),
5693 LOG_UNIT_MESSAGE(u, "Deactivated successfully."));
5694 }
5695
5696 void unit_log_failure(Unit *u, const char *result) {
5697 assert(u);
5698 assert(result);
5699
5700 log_unit_struct(u, LOG_WARNING,
5701 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR,
5702 LOG_UNIT_INVOCATION_ID(u),
5703 LOG_UNIT_MESSAGE(u, "Failed with result '%s'.", result),
5704 "UNIT_RESULT=%s", result);
5705 }
5706
5707 void unit_log_skip(Unit *u, const char *result) {
5708 assert(u);
5709 assert(result);
5710
5711 log_unit_struct(u, LOG_INFO,
5712 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR,
5713 LOG_UNIT_INVOCATION_ID(u),
5714 LOG_UNIT_MESSAGE(u, "Skipped due to '%s'.", result),
5715 "UNIT_RESULT=%s", result);
5716 }
5717
5718 void unit_log_process_exit(
5719 Unit *u,
5720 const char *kind,
5721 const char *command,
5722 bool success,
5723 int code,
5724 int status) {
5725
5726 int level;
5727
5728 assert(u);
5729 assert(kind);
5730
5731 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
5732 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
5733 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
5734 * WARNING. */
5735 if (success)
5736 level = LOG_DEBUG;
5737 else if (code == CLD_EXITED)
5738 level = LOG_NOTICE;
5739 else
5740 level = LOG_WARNING;
5741
5742 log_unit_struct(u, level,
5743 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR,
5744 LOG_UNIT_MESSAGE(u, "%s exited, code=%s, status=%i/%s%s",
5745 kind,
5746 sigchld_code_to_string(code), status,
5747 strna(code == CLD_EXITED
5748 ? exit_status_to_string(status, EXIT_STATUS_FULL)
5749 : signal_to_string(status)),
5750 success ? " (success)" : ""),
5751 "EXIT_CODE=%s", sigchld_code_to_string(code),
5752 "EXIT_STATUS=%i", status,
5753 "COMMAND=%s", strna(command),
5754 LOG_UNIT_INVOCATION_ID(u));
5755 }
5756
5757 int unit_exit_status(Unit *u) {
5758 assert(u);
5759
5760 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
5761 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
5762 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
5763 * service process has exited abnormally (signal/coredump). */
5764
5765 if (!UNIT_VTABLE(u)->exit_status)
5766 return -EOPNOTSUPP;
5767
5768 return UNIT_VTABLE(u)->exit_status(u);
5769 }
5770
5771 int unit_failure_action_exit_status(Unit *u) {
5772 int r;
5773
5774 assert(u);
5775
5776 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
5777
5778 if (u->failure_action_exit_status >= 0)
5779 return u->failure_action_exit_status;
5780
5781 r = unit_exit_status(u);
5782 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5783 return 255;
5784
5785 return r;
5786 }
5787
5788 int unit_success_action_exit_status(Unit *u) {
5789 int r;
5790
5791 assert(u);
5792
5793 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
5794
5795 if (u->success_action_exit_status >= 0)
5796 return u->success_action_exit_status;
5797
5798 r = unit_exit_status(u);
5799 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5800 return 255;
5801
5802 return r;
5803 }
5804
5805 int unit_test_trigger_loaded(Unit *u) {
5806 Unit *trigger;
5807
5808 /* Tests whether the unit to trigger is loaded */
5809
5810 trigger = UNIT_TRIGGER(u);
5811 if (!trigger)
5812 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
5813 "Refusing to start, no unit to trigger.");
5814 if (trigger->load_state != UNIT_LOADED)
5815 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
5816 "Refusing to start, unit %s to trigger not loaded.", trigger->id);
5817
5818 return 0;
5819 }
5820
5821 void unit_destroy_runtime_data(Unit *u, const ExecContext *context) {
5822 assert(u);
5823 assert(context);
5824
5825 if (context->runtime_directory_preserve_mode == EXEC_PRESERVE_NO ||
5826 (context->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART && !unit_will_restart(u)))
5827 exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
5828
5829 exec_context_destroy_credentials(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME], u->id);
5830 exec_context_destroy_mount_ns_dir(u);
5831 }
5832
5833 int unit_clean(Unit *u, ExecCleanMask mask) {
5834 UnitActiveState state;
5835
5836 assert(u);
5837
5838 /* Special return values:
5839 *
5840 * -EOPNOTSUPP → cleaning not supported for this unit type
5841 * -EUNATCH → cleaning not defined for this resource type
5842 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
5843 * a job queued or similar
5844 */
5845
5846 if (!UNIT_VTABLE(u)->clean)
5847 return -EOPNOTSUPP;
5848
5849 if (mask == 0)
5850 return -EUNATCH;
5851
5852 if (u->load_state != UNIT_LOADED)
5853 return -EBUSY;
5854
5855 if (u->job)
5856 return -EBUSY;
5857
5858 state = unit_active_state(u);
5859 if (state != UNIT_INACTIVE)
5860 return -EBUSY;
5861
5862 return UNIT_VTABLE(u)->clean(u, mask);
5863 }
5864
5865 int unit_can_clean(Unit *u, ExecCleanMask *ret) {
5866 assert(u);
5867
5868 if (!UNIT_VTABLE(u)->clean ||
5869 u->load_state != UNIT_LOADED) {
5870 *ret = 0;
5871 return 0;
5872 }
5873
5874 /* When the clean() method is set, can_clean() really should be set too */
5875 assert(UNIT_VTABLE(u)->can_clean);
5876
5877 return UNIT_VTABLE(u)->can_clean(u, ret);
5878 }
5879
5880 bool unit_can_freeze(Unit *u) {
5881 assert(u);
5882
5883 if (UNIT_VTABLE(u)->can_freeze)
5884 return UNIT_VTABLE(u)->can_freeze(u);
5885
5886 return UNIT_VTABLE(u)->freeze;
5887 }
5888
5889 void unit_frozen(Unit *u) {
5890 assert(u);
5891
5892 u->freezer_state = FREEZER_FROZEN;
5893
5894 bus_unit_send_pending_freezer_message(u, false);
5895 }
5896
5897 void unit_thawed(Unit *u) {
5898 assert(u);
5899
5900 u->freezer_state = FREEZER_RUNNING;
5901
5902 bus_unit_send_pending_freezer_message(u, false);
5903 }
5904
5905 static int unit_freezer_action(Unit *u, FreezerAction action) {
5906 UnitActiveState s;
5907 int (*method)(Unit*);
5908 int r;
5909
5910 assert(u);
5911 assert(IN_SET(action, FREEZER_FREEZE, FREEZER_THAW));
5912
5913 method = action == FREEZER_FREEZE ? UNIT_VTABLE(u)->freeze : UNIT_VTABLE(u)->thaw;
5914 if (!method || !cg_freezer_supported())
5915 return -EOPNOTSUPP;
5916
5917 if (u->job)
5918 return -EBUSY;
5919
5920 if (u->load_state != UNIT_LOADED)
5921 return -EHOSTDOWN;
5922
5923 s = unit_active_state(u);
5924 if (s != UNIT_ACTIVE)
5925 return -EHOSTDOWN;
5926
5927 if ((IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING) && action == FREEZER_FREEZE) ||
5928 (u->freezer_state == FREEZER_THAWING && action == FREEZER_THAW))
5929 return -EALREADY;
5930
5931 r = method(u);
5932 if (r <= 0)
5933 return r;
5934
5935 assert(IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING));
5936
5937 return 1;
5938 }
5939
5940 int unit_freeze(Unit *u) {
5941 return unit_freezer_action(u, FREEZER_FREEZE);
5942 }
5943
5944 int unit_thaw(Unit *u) {
5945 return unit_freezer_action(u, FREEZER_THAW);
5946 }
5947
5948 /* Wrappers around low-level cgroup freezer operations common for service and scope units */
5949 int unit_freeze_vtable_common(Unit *u) {
5950 return unit_cgroup_freezer_action(u, FREEZER_FREEZE);
5951 }
5952
5953 int unit_thaw_vtable_common(Unit *u) {
5954 return unit_cgroup_freezer_action(u, FREEZER_THAW);
5955 }
5956
5957 Condition *unit_find_failed_condition(Unit *u) {
5958 Condition *failed_trigger = NULL;
5959 bool has_succeeded_trigger = false;
5960
5961 if (u->condition_result)
5962 return NULL;
5963
5964 LIST_FOREACH(conditions, c, u->conditions)
5965 if (c->trigger) {
5966 if (c->result == CONDITION_SUCCEEDED)
5967 has_succeeded_trigger = true;
5968 else if (!failed_trigger)
5969 failed_trigger = c;
5970 } else if (c->result != CONDITION_SUCCEEDED)
5971 return c;
5972
5973 return failed_trigger && !has_succeeded_trigger ? failed_trigger : NULL;
5974 }
5975
5976 static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5977 [COLLECT_INACTIVE] = "inactive",
5978 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5979 };
5980
5981 DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
5982
5983 Unit* unit_has_dependency(const Unit *u, UnitDependencyAtom atom, Unit *other) {
5984 Unit *i;
5985
5986 assert(u);
5987
5988 /* Checks if the unit has a dependency on 'other' with the specified dependency atom. If 'other' is
5989 * NULL checks if the unit has *any* dependency of that atom. Returns 'other' if found (or if 'other'
5990 * is NULL the first entry found), or NULL if not found. */
5991
5992 UNIT_FOREACH_DEPENDENCY(i, u, atom)
5993 if (!other || other == i)
5994 return i;
5995
5996 return NULL;
5997 }
5998
5999 int unit_get_dependency_array(const Unit *u, UnitDependencyAtom atom, Unit ***ret_array) {
6000 _cleanup_free_ Unit **array = NULL;
6001 size_t n = 0;
6002 Unit *other;
6003
6004 assert(u);
6005 assert(ret_array);
6006
6007 /* Gets a list of units matching a specific atom as array. This is useful when iterating through
6008 * dependencies while modifying them: the array is an "atomic snapshot" of sorts, that can be read
6009 * while the dependency table is continuously updated. */
6010
6011 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
6012 if (!GREEDY_REALLOC(array, n + 1))
6013 return -ENOMEM;
6014
6015 array[n++] = other;
6016 }
6017
6018 *ret_array = TAKE_PTR(array);
6019
6020 assert(n <= INT_MAX);
6021 return (int) n;
6022 }
6023
6024 const ActivationDetailsVTable * const activation_details_vtable[_UNIT_TYPE_MAX] = {
6025 [UNIT_PATH] = &activation_details_path_vtable,
6026 [UNIT_TIMER] = &activation_details_timer_vtable,
6027 };
6028
6029 ActivationDetails *activation_details_new(Unit *trigger_unit) {
6030 _cleanup_free_ ActivationDetails *details = NULL;
6031
6032 assert(trigger_unit);
6033 assert(trigger_unit->type != _UNIT_TYPE_INVALID);
6034 assert(trigger_unit->id);
6035
6036 details = malloc0(activation_details_vtable[trigger_unit->type]->object_size);
6037 if (!details)
6038 return NULL;
6039
6040 *details = (ActivationDetails) {
6041 .n_ref = 1,
6042 .trigger_unit_type = trigger_unit->type,
6043 };
6044
6045 details->trigger_unit_name = strdup(trigger_unit->id);
6046 if (!details->trigger_unit_name)
6047 return NULL;
6048
6049 if (ACTIVATION_DETAILS_VTABLE(details)->init)
6050 ACTIVATION_DETAILS_VTABLE(details)->init(details, trigger_unit);
6051
6052 return TAKE_PTR(details);
6053 }
6054
6055 static ActivationDetails *activation_details_free(ActivationDetails *details) {
6056 if (!details)
6057 return NULL;
6058
6059 if (ACTIVATION_DETAILS_VTABLE(details)->done)
6060 ACTIVATION_DETAILS_VTABLE(details)->done(details);
6061
6062 free(details->trigger_unit_name);
6063
6064 return mfree(details);
6065 }
6066
6067 void activation_details_serialize(ActivationDetails *details, FILE *f) {
6068 if (!details || details->trigger_unit_type == _UNIT_TYPE_INVALID)
6069 return;
6070
6071 (void) serialize_item(f, "activation-details-unit-type", unit_type_to_string(details->trigger_unit_type));
6072 if (details->trigger_unit_name)
6073 (void) serialize_item(f, "activation-details-unit-name", details->trigger_unit_name);
6074 if (ACTIVATION_DETAILS_VTABLE(details)->serialize)
6075 ACTIVATION_DETAILS_VTABLE(details)->serialize(details, f);
6076 }
6077
6078 int activation_details_deserialize(const char *key, const char *value, ActivationDetails **details) {
6079 assert(key);
6080 assert(value);
6081 assert(details);
6082
6083 if (!*details) {
6084 UnitType t;
6085
6086 if (!streq(key, "activation-details-unit-type"))
6087 return -EINVAL;
6088
6089 t = unit_type_from_string(value);
6090 if (t == _UNIT_TYPE_INVALID)
6091 return -EINVAL;
6092
6093 *details = malloc0(activation_details_vtable[t]->object_size);
6094 if (!*details)
6095 return -ENOMEM;
6096
6097 **details = (ActivationDetails) {
6098 .n_ref = 1,
6099 .trigger_unit_type = t,
6100 };
6101
6102 return 0;
6103 }
6104
6105 if (streq(key, "activation-details-unit-name")) {
6106 (*details)->trigger_unit_name = strdup(value);
6107 if (!(*details)->trigger_unit_name)
6108 return -ENOMEM;
6109
6110 return 0;
6111 }
6112
6113 if (ACTIVATION_DETAILS_VTABLE(*details)->deserialize)
6114 return ACTIVATION_DETAILS_VTABLE(*details)->deserialize(key, value, details);
6115
6116 return -EINVAL;
6117 }
6118
6119 int activation_details_append_env(ActivationDetails *details, char ***strv) {
6120 int r = 0;
6121
6122 assert(strv);
6123
6124 if (!details)
6125 return 0;
6126
6127 if (!isempty(details->trigger_unit_name)) {
6128 char *s = strjoin("TRIGGER_UNIT=", details->trigger_unit_name);
6129 if (!s)
6130 return -ENOMEM;
6131
6132 r = strv_consume(strv, TAKE_PTR(s));
6133 if (r < 0)
6134 return r;
6135 }
6136
6137 if (ACTIVATION_DETAILS_VTABLE(details)->append_env) {
6138 r = ACTIVATION_DETAILS_VTABLE(details)->append_env(details, strv);
6139 if (r < 0)
6140 return r;
6141 }
6142
6143 return r + !isempty(details->trigger_unit_name); /* Return the number of variables added to the env block */
6144 }
6145
6146 int activation_details_append_pair(ActivationDetails *details, char ***strv) {
6147 int r = 0;
6148
6149 assert(strv);
6150
6151 if (!details)
6152 return 0;
6153
6154 if (!isempty(details->trigger_unit_name)) {
6155 r = strv_extend(strv, "trigger_unit");
6156 if (r < 0)
6157 return r;
6158
6159 r = strv_extend(strv, details->trigger_unit_name);
6160 if (r < 0)
6161 return r;
6162 }
6163
6164 if (ACTIVATION_DETAILS_VTABLE(details)->append_env) {
6165 r = ACTIVATION_DETAILS_VTABLE(details)->append_pair(details, strv);
6166 if (r < 0)
6167 return r;
6168 }
6169
6170 return r + !isempty(details->trigger_unit_name); /* Return the number of pairs added to the strv */
6171 }
6172
6173 DEFINE_TRIVIAL_REF_UNREF_FUNC(ActivationDetails, activation_details, activation_details_free);
Unnamed repository; edit this file 'description' to name the repository.