1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
9 #include "sd-messages.h"
11 #include "all-units.h"
12 #include "alloc-util.h"
13 #include "bpf-firewall.h"
14 #include "bpf-foreign.h"
15 #include "bpf-socket-bind.h"
16 #include "bus-common-errors.h"
17 #include "bus-internal.h"
19 #include "cgroup-setup.h"
20 #include "cgroup-util.h"
22 #include "core-varlink.h"
23 #include "dbus-unit.h"
28 #include "exec-credential.h"
31 #include "fileio-label.h"
33 #include "format-util.h"
34 #include "id128-util.h"
36 #include "iovec-util.h"
37 #include "label-util.h"
38 #include "load-dropin.h"
39 #include "load-fragment.h"
41 #include "logarithm.h"
43 #include "mkdir-label.h"
44 #include "path-util.h"
45 #include "process-util.h"
47 #include "serialize.h"
49 #include "signal-util.h"
50 #include "sparse-endian.h"
52 #include "specifier.h"
53 #include "stat-util.h"
54 #include "stdio-util.h"
55 #include "string-table.h"
56 #include "string-util.h"
58 #include "terminal-util.h"
59 #include "tmpfile-util.h"
60 #include "umask-util.h"
61 #include "unit-name.h"
63 #include "user-util.h"
69 /* Thresholds for logging at INFO level about resource consumption */
70 #define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
71 #define MENTIONWORTHY_IO_BYTES (1024 * 1024ULL)
72 #define MENTIONWORTHY_IP_BYTES (0ULL)
74 /* Thresholds for logging at INFO level about resource consumption */
75 #define NOTICEWORTHY_CPU_NSEC (10*60 * NSEC_PER_SEC) /* 10 minutes */
76 #define NOTICEWORTHY_IO_BYTES (10 * 1024 * 1024ULL) /* 10 MB */
77 #define NOTICEWORTHY_IP_BYTES (128 * 1024 * 1024ULL) /* 128 MB */
79 const UnitVTable
* const unit_vtable
[_UNIT_TYPE_MAX
] = {
80 [UNIT_SERVICE
] = &service_vtable
,
81 [UNIT_SOCKET
] = &socket_vtable
,
82 [UNIT_TARGET
] = &target_vtable
,
83 [UNIT_DEVICE
] = &device_vtable
,
84 [UNIT_MOUNT
] = &mount_vtable
,
85 [UNIT_AUTOMOUNT
] = &automount_vtable
,
86 [UNIT_SWAP
] = &swap_vtable
,
87 [UNIT_TIMER
] = &timer_vtable
,
88 [UNIT_PATH
] = &path_vtable
,
89 [UNIT_SLICE
] = &slice_vtable
,
90 [UNIT_SCOPE
] = &scope_vtable
,
93 Unit
* unit_new(Manager
*m
, size_t size
) {
97 assert(size
>= sizeof(Unit
));
104 u
->type
= _UNIT_TYPE_INVALID
;
105 u
->default_dependencies
= true;
106 u
->unit_file_state
= _UNIT_FILE_STATE_INVALID
;
107 u
->unit_file_preset
= -1;
108 u
->on_failure_job_mode
= JOB_REPLACE
;
109 u
->on_success_job_mode
= JOB_FAIL
;
110 u
->cgroup_control_inotify_wd
= -1;
111 u
->cgroup_memory_inotify_wd
= -1;
112 u
->job_timeout
= USEC_INFINITY
;
113 u
->job_running_timeout
= USEC_INFINITY
;
114 u
->ref_uid
= UID_INVALID
;
115 u
->ref_gid
= GID_INVALID
;
116 u
->cpu_usage_last
= NSEC_INFINITY
;
118 FOREACH_ARRAY(i
, u
->memory_accounting_last
, ELEMENTSOF(u
->memory_accounting_last
))
121 u
->cgroup_invalidated_mask
|= CGROUP_MASK_BPF_FIREWALL
;
122 u
->failure_action_exit_status
= u
->success_action_exit_status
= -1;
124 u
->ip_accounting_ingress_map_fd
= -EBADF
;
125 u
->ip_accounting_egress_map_fd
= -EBADF
;
127 FOREACH_ARRAY(i
, u
->io_accounting_last
, _CGROUP_IO_ACCOUNTING_METRIC_MAX
)
130 u
->ipv4_allow_map_fd
= -EBADF
;
131 u
->ipv6_allow_map_fd
= -EBADF
;
132 u
->ipv4_deny_map_fd
= -EBADF
;
133 u
->ipv6_deny_map_fd
= -EBADF
;
135 u
->last_section_private
= -1;
137 u
->start_ratelimit
= (RateLimit
) {
138 m
->defaults
.start_limit_interval
,
139 m
->defaults
.start_limit_burst
142 u
->auto_start_stop_ratelimit
= (const RateLimit
) {
150 int unit_new_for_name(Manager
*m
, size_t size
, const char *name
, Unit
**ret
) {
151 _cleanup_(unit_freep
) Unit
*u
= NULL
;
154 u
= unit_new(m
, size
);
158 r
= unit_add_name(u
, name
);
167 bool unit_has_name(const Unit
*u
, const char *name
) {
171 return streq_ptr(name
, u
->id
) ||
172 set_contains(u
->aliases
, name
);
175 static void unit_init(Unit
*u
) {
182 assert(u
->type
>= 0);
184 cc
= unit_get_cgroup_context(u
);
186 cgroup_context_init(cc
);
188 /* Copy in the manager defaults into the cgroup
189 * context, _before_ the rest of the settings have
190 * been initialized */
192 cc
->cpu_accounting
= u
->manager
->defaults
.cpu_accounting
;
193 cc
->io_accounting
= u
->manager
->defaults
.io_accounting
;
194 cc
->blockio_accounting
= u
->manager
->defaults
.blockio_accounting
;
195 cc
->memory_accounting
= u
->manager
->defaults
.memory_accounting
;
196 cc
->tasks_accounting
= u
->manager
->defaults
.tasks_accounting
;
197 cc
->ip_accounting
= u
->manager
->defaults
.ip_accounting
;
199 if (u
->type
!= UNIT_SLICE
)
200 cc
->tasks_max
= u
->manager
->defaults
.tasks_max
;
202 cc
->memory_pressure_watch
= u
->manager
->defaults
.memory_pressure_watch
;
203 cc
->memory_pressure_threshold_usec
= u
->manager
->defaults
.memory_pressure_threshold_usec
;
206 ec
= unit_get_exec_context(u
);
208 exec_context_init(ec
);
210 if (u
->manager
->defaults
.oom_score_adjust_set
) {
211 ec
->oom_score_adjust
= u
->manager
->defaults
.oom_score_adjust
;
212 ec
->oom_score_adjust_set
= true;
215 if (MANAGER_IS_SYSTEM(u
->manager
))
216 ec
->keyring_mode
= EXEC_KEYRING_SHARED
;
218 ec
->keyring_mode
= EXEC_KEYRING_INHERIT
;
220 /* User manager might have its umask redefined by PAM or UMask=. In this
221 * case let the units it manages inherit this value by default. They can
222 * still tune this value through their own unit file */
223 (void) get_process_umask(0, &ec
->umask
);
227 kc
= unit_get_kill_context(u
);
229 kill_context_init(kc
);
231 if (UNIT_VTABLE(u
)->init
)
232 UNIT_VTABLE(u
)->init(u
);
235 static int unit_add_alias(Unit
*u
, char *donated_name
) {
238 /* Make sure that u->names is allocated. We may leave u->names
239 * empty if we fail later, but this is not a problem. */
240 r
= set_ensure_put(&u
->aliases
, &string_hash_ops
, donated_name
);
248 int unit_add_name(Unit
*u
, const char *text
) {
249 _cleanup_free_
char *name
= NULL
, *instance
= NULL
;
256 if (unit_name_is_valid(text
, UNIT_NAME_TEMPLATE
)) {
258 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
259 "instance is not set when adding name '%s': %m", text
);
261 r
= unit_name_replace_instance(text
, u
->instance
, &name
);
263 return log_unit_debug_errno(u
, r
,
264 "failed to build instance name from '%s': %m", text
);
271 if (unit_has_name(u
, name
))
274 if (hashmap_contains(u
->manager
->units
, name
))
275 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EEXIST
),
276 "unit already exist when adding name '%s': %m", name
);
278 if (!unit_name_is_valid(name
, UNIT_NAME_PLAIN
|UNIT_NAME_INSTANCE
))
279 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
280 "name '%s' is invalid: %m", name
);
282 t
= unit_name_to_type(name
);
284 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
285 "failed to derive unit type from name '%s': %m", name
);
287 if (u
->type
!= _UNIT_TYPE_INVALID
&& t
!= u
->type
)
288 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
289 "unit type is illegal: u->type(%d) and t(%d) for name '%s': %m",
292 r
= unit_name_to_instance(name
, &instance
);
294 return log_unit_debug_errno(u
, r
, "failed to extract instance from name '%s': %m", name
);
296 if (instance
&& !unit_type_may_template(t
))
297 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
), "templates are not allowed for name '%s': %m", name
);
299 /* Ensure that this unit either has no instance, or that the instance matches. */
300 if (u
->type
!= _UNIT_TYPE_INVALID
&& !streq_ptr(u
->instance
, instance
))
301 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
302 "cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
303 name
, instance
, u
->instance
);
305 if (u
->id
&& !unit_type_may_alias(t
))
306 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EEXIST
),
307 "cannot add name %s, aliases are not allowed for %s units.",
308 name
, unit_type_to_string(t
));
310 if (hashmap_size(u
->manager
->units
) >= MANAGER_MAX_NAMES
)
311 return log_unit_warning_errno(u
, SYNTHETIC_ERRNO(E2BIG
), "cannot add name, manager has too many units: %m");
313 /* Add name to the global hashmap first, because that's easier to undo */
314 r
= hashmap_put(u
->manager
->units
, name
, u
);
316 return log_unit_debug_errno(u
, r
, "add unit to hashmap failed for name '%s': %m", text
);
319 r
= unit_add_alias(u
, name
); /* unit_add_alias() takes ownership of the name on success */
321 hashmap_remove(u
->manager
->units
, name
);
327 /* A new name, we don't need the set yet. */
328 assert(u
->type
== _UNIT_TYPE_INVALID
);
329 assert(!u
->instance
);
332 u
->id
= TAKE_PTR(name
);
333 u
->instance
= TAKE_PTR(instance
);
335 LIST_PREPEND(units_by_type
, u
->manager
->units_by_type
[t
], u
);
339 unit_add_to_dbus_queue(u
);
343 int unit_choose_id(Unit
*u
, const char *name
) {
344 _cleanup_free_
char *t
= NULL
;
351 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
355 r
= unit_name_replace_instance(name
, u
->instance
, &t
);
362 if (streq_ptr(u
->id
, name
))
363 return 0; /* Nothing to do. */
365 /* Selects one of the aliases of this unit as the id */
366 s
= set_get(u
->aliases
, (char*) name
);
371 r
= set_remove_and_put(u
->aliases
, name
, u
->id
);
375 assert_se(set_remove(u
->aliases
, name
)); /* see set_get() above… */
377 u
->id
= s
; /* Old u->id is now stored in the set, and s is not stored anywhere */
378 unit_add_to_dbus_queue(u
);
383 int unit_set_description(Unit
*u
, const char *description
) {
388 r
= free_and_strdup(&u
->description
, empty_to_null(description
));
392 unit_add_to_dbus_queue(u
);
397 static bool unit_success_failure_handler_has_jobs(Unit
*unit
) {
400 UNIT_FOREACH_DEPENDENCY(other
, unit
, UNIT_ATOM_ON_SUCCESS
)
401 if (other
->job
|| other
->nop_job
)
404 UNIT_FOREACH_DEPENDENCY(other
, unit
, UNIT_ATOM_ON_FAILURE
)
405 if (other
->job
|| other
->nop_job
)
411 void unit_release_resources(Unit
*u
) {
412 UnitActiveState state
;
417 if (u
->job
|| u
->nop_job
)
423 state
= unit_active_state(u
);
424 if (!IN_SET(state
, UNIT_INACTIVE
, UNIT_FAILED
))
427 if (unit_will_restart(u
))
430 ec
= unit_get_exec_context(u
);
431 if (ec
&& ec
->runtime_directory_preserve_mode
== EXEC_PRESERVE_RESTART
)
432 exec_context_destroy_runtime_directory(ec
, u
->manager
->prefix
[EXEC_DIRECTORY_RUNTIME
]);
434 if (UNIT_VTABLE(u
)->release_resources
)
435 UNIT_VTABLE(u
)->release_resources(u
);
438 bool unit_may_gc(Unit
*u
) {
439 UnitActiveState state
;
444 /* Checks whether the unit is ready to be unloaded for garbage collection. Returns true when the
445 * unit may be collected, and false if there's some reason to keep it loaded.
447 * References from other units are *not* checked here. Instead, this is done in unit_gc_sweep(), but
448 * using markers to properly collect dependency loops.
451 if (u
->job
|| u
->nop_job
)
457 /* if we saw a cgroup empty event for this unit, stay around until we processed it so that we remove
458 * the empty cgroup if possible. Similar, process any pending OOM events if they are already queued
459 * before we release the unit. */
460 if (u
->in_cgroup_empty_queue
|| u
->in_cgroup_oom_queue
)
463 /* Make sure to send out D-Bus events before we unload the unit */
464 if (u
->in_dbus_queue
)
467 if (sd_bus_track_count(u
->bus_track
) > 0)
470 state
= unit_active_state(u
);
472 /* But we keep the unit object around for longer when it is referenced or configured to not be
474 switch (u
->collect_mode
) {
476 case COLLECT_INACTIVE
:
477 if (state
!= UNIT_INACTIVE
)
482 case COLLECT_INACTIVE_OR_FAILED
:
483 if (!IN_SET(state
, UNIT_INACTIVE
, UNIT_FAILED
))
489 assert_not_reached();
492 /* Check if any OnFailure= or on Success= jobs may be pending */
493 if (unit_success_failure_handler_has_jobs(u
))
496 if (u
->cgroup_path
) {
497 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
498 * around. Units with active processes should never be collected. */
500 r
= cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
);
502 log_unit_debug_errno(u
, r
, "Failed to determine whether cgroup %s is empty: %m", empty_to_root(u
->cgroup_path
));
507 if (!UNIT_VTABLE(u
)->may_gc
)
510 return UNIT_VTABLE(u
)->may_gc(u
);
513 void unit_add_to_load_queue(Unit
*u
) {
515 assert(u
->type
!= _UNIT_TYPE_INVALID
);
517 if (u
->load_state
!= UNIT_STUB
|| u
->in_load_queue
)
520 LIST_PREPEND(load_queue
, u
->manager
->load_queue
, u
);
521 u
->in_load_queue
= true;
524 void unit_add_to_cleanup_queue(Unit
*u
) {
527 if (u
->in_cleanup_queue
)
530 LIST_PREPEND(cleanup_queue
, u
->manager
->cleanup_queue
, u
);
531 u
->in_cleanup_queue
= true;
534 void unit_add_to_gc_queue(Unit
*u
) {
537 if (u
->in_gc_queue
|| u
->in_cleanup_queue
)
543 LIST_PREPEND(gc_queue
, u
->manager
->gc_unit_queue
, u
);
544 u
->in_gc_queue
= true;
547 void unit_add_to_dbus_queue(Unit
*u
) {
549 assert(u
->type
!= _UNIT_TYPE_INVALID
);
551 if (u
->load_state
== UNIT_STUB
|| u
->in_dbus_queue
)
554 /* Shortcut things if nobody cares */
555 if (sd_bus_track_count(u
->manager
->subscribed
) <= 0 &&
556 sd_bus_track_count(u
->bus_track
) <= 0 &&
557 set_isempty(u
->manager
->private_buses
)) {
558 u
->sent_dbus_new_signal
= true;
562 LIST_PREPEND(dbus_queue
, u
->manager
->dbus_unit_queue
, u
);
563 u
->in_dbus_queue
= true;
566 void unit_submit_to_stop_when_unneeded_queue(Unit
*u
) {
569 if (u
->in_stop_when_unneeded_queue
)
572 if (!u
->stop_when_unneeded
)
575 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
578 LIST_PREPEND(stop_when_unneeded_queue
, u
->manager
->stop_when_unneeded_queue
, u
);
579 u
->in_stop_when_unneeded_queue
= true;
582 void unit_submit_to_start_when_upheld_queue(Unit
*u
) {
585 if (u
->in_start_when_upheld_queue
)
588 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u
)))
591 if (!unit_has_dependency(u
, UNIT_ATOM_START_STEADILY
, NULL
))
594 LIST_PREPEND(start_when_upheld_queue
, u
->manager
->start_when_upheld_queue
, u
);
595 u
->in_start_when_upheld_queue
= true;
598 void unit_submit_to_stop_when_bound_queue(Unit
*u
) {
601 if (u
->in_stop_when_bound_queue
)
604 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
607 if (!unit_has_dependency(u
, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT
, NULL
))
610 LIST_PREPEND(stop_when_bound_queue
, u
->manager
->stop_when_bound_queue
, u
);
611 u
->in_stop_when_bound_queue
= true;
614 static bool unit_can_release_resources(Unit
*u
) {
619 if (UNIT_VTABLE(u
)->release_resources
)
622 ec
= unit_get_exec_context(u
);
623 if (ec
&& ec
->runtime_directory_preserve_mode
== EXEC_PRESERVE_RESTART
)
629 void unit_submit_to_release_resources_queue(Unit
*u
) {
632 if (u
->in_release_resources_queue
)
635 if (u
->job
|| u
->nop_job
)
641 if (!unit_can_release_resources(u
))
644 LIST_PREPEND(release_resources_queue
, u
->manager
->release_resources_queue
, u
);
645 u
->in_release_resources_queue
= true;
648 static void unit_clear_dependencies(Unit
*u
) {
651 /* Removes all dependencies configured on u and their reverse dependencies. */
653 for (Hashmap
*deps
; (deps
= hashmap_steal_first(u
->dependencies
));) {
655 for (Unit
*other
; (other
= hashmap_steal_first_key(deps
));) {
658 HASHMAP_FOREACH(other_deps
, other
->dependencies
)
659 hashmap_remove(other_deps
, u
);
661 unit_add_to_gc_queue(other
);
667 u
->dependencies
= hashmap_free(u
->dependencies
);
670 static void unit_remove_transient(Unit
*u
) {
676 if (u
->fragment_path
)
677 (void) unlink(u
->fragment_path
);
679 STRV_FOREACH(i
, u
->dropin_paths
) {
680 _cleanup_free_
char *p
= NULL
, *pp
= NULL
;
682 if (path_extract_directory(*i
, &p
) < 0) /* Get the drop-in directory from the drop-in file */
685 if (path_extract_directory(p
, &pp
) < 0) /* Get the config directory from the drop-in directory */
688 /* Only drop transient drop-ins */
689 if (!path_equal(u
->manager
->lookup_paths
.transient
, pp
))
697 static void unit_free_requires_mounts_for(Unit
*u
) {
701 _cleanup_free_
char *path
= NULL
;
703 path
= hashmap_steal_first_key(u
->requires_mounts_for
);
707 char s
[strlen(path
) + 1];
709 PATH_FOREACH_PREFIX_MORE(s
, path
) {
713 x
= hashmap_get2(u
->manager
->units_requiring_mounts_for
, s
, (void**) &y
);
717 (void) set_remove(x
, u
);
719 if (set_isempty(x
)) {
720 (void) hashmap_remove(u
->manager
->units_requiring_mounts_for
, y
);
728 u
->requires_mounts_for
= hashmap_free(u
->requires_mounts_for
);
731 static void unit_done(Unit
*u
) {
740 if (UNIT_VTABLE(u
)->done
)
741 UNIT_VTABLE(u
)->done(u
);
743 ec
= unit_get_exec_context(u
);
745 exec_context_done(ec
);
747 cc
= unit_get_cgroup_context(u
);
749 cgroup_context_done(cc
);
752 Unit
* unit_free(Unit
*u
) {
759 sd_event_source_disable_unref(u
->auto_start_stop_event_source
);
761 u
->transient_file
= safe_fclose(u
->transient_file
);
763 if (!MANAGER_IS_RELOADING(u
->manager
))
764 unit_remove_transient(u
);
766 bus_unit_send_removed_signal(u
);
770 unit_dequeue_rewatch_pids(u
);
772 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
773 u
->bus_track
= sd_bus_track_unref(u
->bus_track
);
774 u
->deserialized_refs
= strv_free(u
->deserialized_refs
);
775 u
->pending_freezer_invocation
= sd_bus_message_unref(u
->pending_freezer_invocation
);
777 unit_free_requires_mounts_for(u
);
779 SET_FOREACH(t
, u
->aliases
)
780 hashmap_remove_value(u
->manager
->units
, t
, u
);
782 hashmap_remove_value(u
->manager
->units
, u
->id
, u
);
784 if (!sd_id128_is_null(u
->invocation_id
))
785 hashmap_remove_value(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
799 /* A unit is being dropped from the tree, make sure our family is realized properly. Do this after we
800 * detach the unit from slice tree in order to eliminate its effect on controller masks. */
801 slice
= UNIT_GET_SLICE(u
);
802 unit_clear_dependencies(u
);
804 unit_add_family_to_cgroup_realize_queue(slice
);
807 manager_unref_console(u
->manager
);
809 fdset_free(u
->initial_socket_bind_link_fds
);
811 bpf_link_free(u
->ipv4_socket_bind_link
);
812 bpf_link_free(u
->ipv6_socket_bind_link
);
815 unit_release_cgroup(u
);
817 if (!MANAGER_IS_RELOADING(u
->manager
))
818 unit_unlink_state_files(u
);
820 unit_unref_uid_gid(u
, false);
822 (void) manager_update_failed_units(u
->manager
, u
, false);
823 set_remove(u
->manager
->startup_units
, u
);
825 unit_unwatch_all_pids(u
);
827 while (u
->refs_by_target
)
828 unit_ref_unset(u
->refs_by_target
);
830 if (u
->type
!= _UNIT_TYPE_INVALID
)
831 LIST_REMOVE(units_by_type
, u
->manager
->units_by_type
[u
->type
], u
);
833 if (u
->in_load_queue
)
834 LIST_REMOVE(load_queue
, u
->manager
->load_queue
, u
);
836 if (u
->in_dbus_queue
)
837 LIST_REMOVE(dbus_queue
, u
->manager
->dbus_unit_queue
, u
);
839 if (u
->in_cleanup_queue
)
840 LIST_REMOVE(cleanup_queue
, u
->manager
->cleanup_queue
, u
);
843 LIST_REMOVE(gc_queue
, u
->manager
->gc_unit_queue
, u
);
845 if (u
->in_cgroup_realize_queue
)
846 LIST_REMOVE(cgroup_realize_queue
, u
->manager
->cgroup_realize_queue
, u
);
848 if (u
->in_cgroup_empty_queue
)
849 LIST_REMOVE(cgroup_empty_queue
, u
->manager
->cgroup_empty_queue
, u
);
851 if (u
->in_cgroup_oom_queue
)
852 LIST_REMOVE(cgroup_oom_queue
, u
->manager
->cgroup_oom_queue
, u
);
854 if (u
->in_target_deps_queue
)
855 LIST_REMOVE(target_deps_queue
, u
->manager
->target_deps_queue
, u
);
857 if (u
->in_stop_when_unneeded_queue
)
858 LIST_REMOVE(stop_when_unneeded_queue
, u
->manager
->stop_when_unneeded_queue
, u
);
860 if (u
->in_start_when_upheld_queue
)
861 LIST_REMOVE(start_when_upheld_queue
, u
->manager
->start_when_upheld_queue
, u
);
863 if (u
->in_stop_when_bound_queue
)
864 LIST_REMOVE(stop_when_bound_queue
, u
->manager
->stop_when_bound_queue
, u
);
866 if (u
->in_release_resources_queue
)
867 LIST_REMOVE(release_resources_queue
, u
->manager
->release_resources_queue
, u
);
869 bpf_firewall_close(u
);
871 hashmap_free(u
->bpf_foreign_by_key
);
873 bpf_program_free(u
->bpf_device_control_installed
);
876 bpf_link_free(u
->restrict_ifaces_ingress_bpf_link
);
877 bpf_link_free(u
->restrict_ifaces_egress_bpf_link
);
879 fdset_free(u
->initial_restric_ifaces_link_fds
);
881 condition_free_list(u
->conditions
);
882 condition_free_list(u
->asserts
);
884 free(u
->description
);
885 strv_free(u
->documentation
);
886 free(u
->fragment_path
);
887 free(u
->source_path
);
888 strv_free(u
->dropin_paths
);
891 free(u
->job_timeout_reboot_arg
);
894 free(u
->access_selinux_context
);
896 set_free_free(u
->aliases
);
899 activation_details_unref(u
->activation_details
);
904 FreezerState
unit_freezer_state(Unit
*u
) {
907 return u
->freezer_state
;
910 int unit_freezer_state_kernel(Unit
*u
, FreezerState
*ret
) {
911 char *values
[1] = {};
916 r
= cg_get_keyed_attribute(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, "cgroup.events",
917 STRV_MAKE("frozen"), values
);
921 r
= _FREEZER_STATE_INVALID
;
924 if (streq(values
[0], "0"))
926 else if (streq(values
[0], "1"))
936 UnitActiveState
unit_active_state(Unit
*u
) {
939 if (u
->load_state
== UNIT_MERGED
)
940 return unit_active_state(unit_follow_merge(u
));
942 /* After a reload it might happen that a unit is not correctly
943 * loaded but still has a process around. That's why we won't
944 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
946 return UNIT_VTABLE(u
)->active_state(u
);
949 const char* unit_sub_state_to_string(Unit
*u
) {
952 return UNIT_VTABLE(u
)->sub_state_to_string(u
);
955 static int unit_merge_names(Unit
*u
, Unit
*other
) {
962 r
= unit_add_alias(u
, other
->id
);
966 r
= set_move(u
->aliases
, other
->aliases
);
968 set_remove(u
->aliases
, other
->id
);
973 other
->aliases
= set_free_free(other
->aliases
);
975 SET_FOREACH(name
, u
->aliases
)
976 assert_se(hashmap_replace(u
->manager
->units
, name
, u
) == 0);
981 static int unit_reserve_dependencies(Unit
*u
, Unit
*other
) {
990 /* Let's reserve some space in the dependency hashmaps so that later on merging the units cannot
993 * First make some room in the per dependency type hashmaps. Using the summed size of both units'
994 * hashmaps is an estimate that is likely too high since they probably use some of the same
995 * types. But it's never too low, and that's all we need. */
997 n_reserve
= MIN(hashmap_size(other
->dependencies
), LESS_BY((size_t) _UNIT_DEPENDENCY_MAX
, hashmap_size(u
->dependencies
)));
999 r
= hashmap_ensure_allocated(&u
->dependencies
, NULL
);
1003 r
= hashmap_reserve(u
->dependencies
, n_reserve
);
1008 /* Now, enlarge our per dependency type hashmaps by the number of entries in the same hashmap of the
1009 * other unit's dependencies.
1011 * NB: If u does not have a dependency set allocated for some dependency type, there is no need to
1012 * reserve anything for. In that case other's set will be transferred as a whole to u by
1013 * complete_move(). */
1015 HASHMAP_FOREACH_KEY(deps
, d
, u
->dependencies
) {
1016 Hashmap
*other_deps
;
1018 other_deps
= hashmap_get(other
->dependencies
, d
);
1020 r
= hashmap_reserve(deps
, hashmap_size(other_deps
));
1028 static bool unit_should_warn_about_dependency(UnitDependency dependency
) {
1029 /* Only warn about some unit types */
1030 return IN_SET(dependency
,
1041 static int unit_per_dependency_type_hashmap_update(
1044 UnitDependencyMask origin_mask
,
1045 UnitDependencyMask destination_mask
) {
1047 UnitDependencyInfo info
;
1051 assert_cc(sizeof(void*) == sizeof(info
));
1053 /* Acquire the UnitDependencyInfo entry for the Unit* we are interested in, and update it if it
1054 * exists, or insert it anew if not. */
1056 info
.data
= hashmap_get(per_type
, other
);
1058 /* Entry already exists. Add in our mask. */
1060 if (FLAGS_SET(origin_mask
, info
.origin_mask
) &&
1061 FLAGS_SET(destination_mask
, info
.destination_mask
))
1064 info
.origin_mask
|= origin_mask
;
1065 info
.destination_mask
|= destination_mask
;
1067 r
= hashmap_update(per_type
, other
, info
.data
);
1069 info
= (UnitDependencyInfo
) {
1070 .origin_mask
= origin_mask
,
1071 .destination_mask
= destination_mask
,
1074 r
= hashmap_put(per_type
, other
, info
.data
);
1082 static void unit_merge_dependencies(Unit
*u
, Unit
*other
) {
1084 void *dt
; /* Actually of type UnitDependency, except that we don't bother casting it here,
1085 * since the hashmaps all want it as void pointer. */
1093 /* First, remove dependency to other. */
1094 HASHMAP_FOREACH_KEY(deps
, dt
, u
->dependencies
) {
1095 if (hashmap_remove(deps
, other
) && unit_should_warn_about_dependency(UNIT_DEPENDENCY_FROM_PTR(dt
)))
1096 log_unit_warning(u
, "Dependency %s=%s is dropped, as %s is merged into %s.",
1097 unit_dependency_to_string(UNIT_DEPENDENCY_FROM_PTR(dt
)),
1098 other
->id
, other
->id
, u
->id
);
1100 if (hashmap_isempty(deps
))
1101 hashmap_free(hashmap_remove(u
->dependencies
, dt
));
1105 _cleanup_hashmap_free_ Hashmap
*other_deps
= NULL
;
1106 UnitDependencyInfo di_back
;
1109 /* Let's focus on one dependency type at a time, that 'other' has defined. */
1110 other_deps
= hashmap_steal_first_key_and_value(other
->dependencies
, &dt
);
1114 deps
= hashmap_get(u
->dependencies
, dt
);
1116 /* Now iterate through all dependencies of this dependency type, of 'other'. We refer to the
1117 * referenced units as 'back'. */
1118 HASHMAP_FOREACH_KEY(di_back
.data
, back
, other_deps
) {
1123 /* This is a dependency pointing back to the unit we want to merge with?
1124 * Suppress it (but warn) */
1125 if (unit_should_warn_about_dependency(UNIT_DEPENDENCY_FROM_PTR(dt
)))
1126 log_unit_warning(u
, "Dependency %s=%s in %s is dropped, as %s is merged into %s.",
1127 unit_dependency_to_string(UNIT_DEPENDENCY_FROM_PTR(dt
)),
1128 u
->id
, other
->id
, other
->id
, u
->id
);
1130 hashmap_remove(other_deps
, back
);
1134 /* Now iterate through all deps of 'back', and fix the ones pointing to 'other' to
1135 * point to 'u' instead. */
1136 HASHMAP_FOREACH_KEY(back_deps
, back_dt
, back
->dependencies
) {
1137 UnitDependencyInfo di_move
;
1139 di_move
.data
= hashmap_remove(back_deps
, other
);
1143 assert_se(unit_per_dependency_type_hashmap_update(
1146 di_move
.origin_mask
,
1147 di_move
.destination_mask
) >= 0);
1150 /* The target unit already has dependencies of this type, let's then merge this individually. */
1152 assert_se(unit_per_dependency_type_hashmap_update(
1155 di_back
.origin_mask
,
1156 di_back
.destination_mask
) >= 0);
1159 /* Now all references towards 'other' of the current type 'dt' are corrected to point to 'u'.
1160 * Lets's now move the deps of type 'dt' from 'other' to 'u'. If the unit does not have
1161 * dependencies of this type, let's move them per type wholesale. */
1163 assert_se(hashmap_put(u
->dependencies
, dt
, TAKE_PTR(other_deps
)) >= 0);
1166 other
->dependencies
= hashmap_free(other
->dependencies
);
1169 int unit_merge(Unit
*u
, Unit
*other
) {
1174 assert(u
->manager
== other
->manager
);
1175 assert(u
->type
!= _UNIT_TYPE_INVALID
);
1177 other
= unit_follow_merge(other
);
1182 if (u
->type
!= other
->type
)
1185 if (!unit_type_may_alias(u
->type
)) /* Merging only applies to unit names that support aliases */
1188 if (!IN_SET(other
->load_state
, UNIT_STUB
, UNIT_NOT_FOUND
))
1191 if (!streq_ptr(u
->instance
, other
->instance
))
1200 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
1203 /* Make reservations to ensure merge_dependencies() won't fail. We don't rollback reservations if we
1204 * fail. We don't have a way to undo reservations. A reservation is not a leak. */
1205 r
= unit_reserve_dependencies(u
, other
);
1209 /* Redirect all references */
1210 while (other
->refs_by_target
)
1211 unit_ref_set(other
->refs_by_target
, other
->refs_by_target
->source
, u
);
1213 /* Merge dependencies */
1214 unit_merge_dependencies(u
, other
);
1216 /* Merge names. It is better to do that after merging deps, otherwise the log message contains n/a. */
1217 r
= unit_merge_names(u
, other
);
1221 other
->load_state
= UNIT_MERGED
;
1222 other
->merged_into
= u
;
1224 if (!u
->activation_details
)
1225 u
->activation_details
= activation_details_ref(other
->activation_details
);
1227 /* If there is still some data attached to the other node, we
1228 * don't need it anymore, and can free it. */
1229 if (other
->load_state
!= UNIT_STUB
)
1230 if (UNIT_VTABLE(other
)->done
)
1231 UNIT_VTABLE(other
)->done(other
);
1233 unit_add_to_dbus_queue(u
);
1234 unit_add_to_cleanup_queue(other
);
1239 int unit_merge_by_name(Unit
*u
, const char *name
) {
1240 _cleanup_free_
char *s
= NULL
;
1244 /* Either add name to u, or if a unit with name already exists, merge it with u.
1245 * If name is a template, do the same for name@instance, where instance is u's instance. */
1250 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
1254 r
= unit_name_replace_instance(name
, u
->instance
, &s
);
1261 other
= manager_get_unit(u
->manager
, name
);
1263 return unit_merge(u
, other
);
1265 return unit_add_name(u
, name
);
1268 Unit
* unit_follow_merge(Unit
*u
) {
1271 while (u
->load_state
== UNIT_MERGED
)
1272 assert_se(u
= u
->merged_into
);
1277 int unit_add_exec_dependencies(Unit
*u
, ExecContext
*c
) {
1283 /* Unlike unit_add_dependency() or friends, this always returns 0 on success. */
1285 if (c
->working_directory
&& !c
->working_directory_missing_ok
) {
1286 r
= unit_require_mounts_for(u
, c
->working_directory
, UNIT_DEPENDENCY_FILE
);
1291 if (c
->root_directory
) {
1292 r
= unit_require_mounts_for(u
, c
->root_directory
, UNIT_DEPENDENCY_FILE
);
1297 if (c
->root_image
) {
1298 r
= unit_require_mounts_for(u
, c
->root_image
, UNIT_DEPENDENCY_FILE
);
1303 for (ExecDirectoryType dt
= 0; dt
< _EXEC_DIRECTORY_TYPE_MAX
; dt
++) {
1304 if (!u
->manager
->prefix
[dt
])
1307 for (size_t i
= 0; i
< c
->directories
[dt
].n_items
; i
++) {
1308 _cleanup_free_
char *p
= NULL
;
1310 p
= path_join(u
->manager
->prefix
[dt
], c
->directories
[dt
].items
[i
].path
);
1314 r
= unit_require_mounts_for(u
, p
, UNIT_DEPENDENCY_FILE
);
1320 if (!MANAGER_IS_SYSTEM(u
->manager
))
1323 /* For the following three directory types we need write access, and /var/ is possibly on the root
1324 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
1325 if (c
->directories
[EXEC_DIRECTORY_STATE
].n_items
> 0 ||
1326 c
->directories
[EXEC_DIRECTORY_CACHE
].n_items
> 0 ||
1327 c
->directories
[EXEC_DIRECTORY_LOGS
].n_items
> 0) {
1328 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_REMOUNT_FS_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1333 if (c
->private_tmp
) {
1335 /* FIXME: for now we make a special case for /tmp and add a weak dependency on
1336 * tmp.mount so /tmp being masked is supported. However there's no reason to treat
1337 * /tmp specifically and masking other mount units should be handled more
1338 * gracefully too, see PR#16894. */
1339 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_WANTS
, "tmp.mount", true, UNIT_DEPENDENCY_FILE
);
1343 r
= unit_require_mounts_for(u
, "/var/tmp", UNIT_DEPENDENCY_FILE
);
1347 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_TMPFILES_SETUP_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1352 if (c
->root_image
) {
1353 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1354 * implicit dependency on udev */
1356 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_UDEVD_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1361 if (!IN_SET(c
->std_output
,
1362 EXEC_OUTPUT_JOURNAL
, EXEC_OUTPUT_JOURNAL_AND_CONSOLE
,
1363 EXEC_OUTPUT_KMSG
, EXEC_OUTPUT_KMSG_AND_CONSOLE
) &&
1364 !IN_SET(c
->std_error
,
1365 EXEC_OUTPUT_JOURNAL
, EXEC_OUTPUT_JOURNAL_AND_CONSOLE
,
1366 EXEC_OUTPUT_KMSG
, EXEC_OUTPUT_KMSG_AND_CONSOLE
) &&
1370 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1373 if (c
->log_namespace
) {
1374 _cleanup_free_
char *socket_unit
= NULL
, *varlink_socket_unit
= NULL
;
1376 r
= unit_name_build_from_type("systemd-journald", c
->log_namespace
, UNIT_SOCKET
, &socket_unit
);
1380 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, socket_unit
, true, UNIT_DEPENDENCY_FILE
);
1384 r
= unit_name_build_from_type("systemd-journald-varlink", c
->log_namespace
, UNIT_SOCKET
, &varlink_socket_unit
);
1388 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, varlink_socket_unit
, true, UNIT_DEPENDENCY_FILE
);
1392 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_JOURNALD_SOCKET
, true, UNIT_DEPENDENCY_FILE
);
1397 r
= unit_add_default_credential_dependencies(u
, c
);
1404 const char* unit_description(Unit
*u
) {
1408 return u
->description
;
1410 return strna(u
->id
);
1413 const char* unit_status_string(Unit
*u
, char **ret_combined_buffer
) {
1417 /* Return u->id, u->description, or "{u->id} - {u->description}".
1418 * Versions with u->description are only used if it is set.
1419 * The last option is used if configured and the caller provided the 'ret_combined_buffer'
1422 * Note that *ret_combined_buffer may be set to NULL. */
1424 if (!u
->description
||
1425 u
->manager
->status_unit_format
== STATUS_UNIT_FORMAT_NAME
||
1426 (u
->manager
->status_unit_format
== STATUS_UNIT_FORMAT_COMBINED
&& !ret_combined_buffer
) ||
1427 streq(u
->description
, u
->id
)) {
1429 if (ret_combined_buffer
)
1430 *ret_combined_buffer
= NULL
;
1434 if (ret_combined_buffer
) {
1435 if (u
->manager
->status_unit_format
== STATUS_UNIT_FORMAT_COMBINED
) {
1436 *ret_combined_buffer
= strjoin(u
->id
, " - ", u
->description
);
1437 if (*ret_combined_buffer
)
1438 return *ret_combined_buffer
;
1439 log_oom(); /* Fall back to ->description */
1441 *ret_combined_buffer
= NULL
;
1444 return u
->description
;
1447 /* Common implementation for multiple backends */
1448 int unit_load_fragment_and_dropin(Unit
*u
, bool fragment_required
) {
1453 /* Load a .{service,socket,...} file */
1454 r
= unit_load_fragment(u
);
1458 if (u
->load_state
== UNIT_STUB
) {
1459 if (fragment_required
)
1462 u
->load_state
= UNIT_LOADED
;
1465 /* Load drop-in directory data. If u is an alias, we might be reloading the
1466 * target unit needlessly. But we cannot be sure which drops-ins have already
1467 * been loaded and which not, at least without doing complicated book-keeping,
1468 * so let's always reread all drop-ins. */
1469 r
= unit_load_dropin(unit_follow_merge(u
));
1473 if (u
->source_path
) {
1476 if (stat(u
->source_path
, &st
) >= 0)
1477 u
->source_mtime
= timespec_load(&st
.st_mtim
);
1479 u
->source_mtime
= 0;
1485 void unit_add_to_target_deps_queue(Unit
*u
) {
1486 Manager
*m
= ASSERT_PTR(ASSERT_PTR(u
)->manager
);
1488 if (u
->in_target_deps_queue
)
1491 LIST_PREPEND(target_deps_queue
, m
->target_deps_queue
, u
);
1492 u
->in_target_deps_queue
= true;
1495 int unit_add_default_target_dependency(Unit
*u
, Unit
*target
) {
1499 if (target
->type
!= UNIT_TARGET
)
1502 /* Only add the dependency if both units are loaded, so that
1503 * that loop check below is reliable */
1504 if (u
->load_state
!= UNIT_LOADED
||
1505 target
->load_state
!= UNIT_LOADED
)
1508 /* If either side wants no automatic dependencies, then let's
1510 if (!u
->default_dependencies
||
1511 !target
->default_dependencies
)
1514 /* Don't create loops */
1515 if (unit_has_dependency(target
, UNIT_ATOM_BEFORE
, u
))
1518 return unit_add_dependency(target
, UNIT_AFTER
, u
, true, UNIT_DEPENDENCY_DEFAULT
);
1521 static int unit_add_slice_dependencies(Unit
*u
) {
1525 if (!UNIT_HAS_CGROUP_CONTEXT(u
))
1528 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1529 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1531 UnitDependencyMask mask
= u
->type
== UNIT_SLICE
? UNIT_DEPENDENCY_IMPLICIT
: UNIT_DEPENDENCY_FILE
;
1533 slice
= UNIT_GET_SLICE(u
);
1535 return unit_add_two_dependencies(u
, UNIT_AFTER
, UNIT_REQUIRES
, slice
, true, mask
);
1537 if (unit_has_name(u
, SPECIAL_ROOT_SLICE
))
1540 return unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, SPECIAL_ROOT_SLICE
, true, mask
);
1543 static int unit_add_mount_dependencies(Unit
*u
) {
1544 UnitDependencyInfo di
;
1546 bool changed
= false;
1551 HASHMAP_FOREACH_KEY(di
.data
, path
, u
->requires_mounts_for
) {
1552 char prefix
[strlen(path
) + 1];
1554 PATH_FOREACH_PREFIX_MORE(prefix
, path
) {
1555 _cleanup_free_
char *p
= NULL
;
1558 r
= unit_name_from_path(prefix
, ".mount", &p
);
1560 continue; /* If the path cannot be converted to a mount unit name, then it's
1561 * not manageable as a unit by systemd, and hence we don't need a
1562 * dependency on it. Let's thus silently ignore the issue. */
1566 m
= manager_get_unit(u
->manager
, p
);
1568 /* Make sure to load the mount unit if it exists. If so the dependencies on
1569 * this unit will be added later during the loading of the mount unit. */
1570 (void) manager_load_unit_prepare(u
->manager
, p
, NULL
, NULL
, &m
);
1576 if (m
->load_state
!= UNIT_LOADED
)
1579 r
= unit_add_dependency(u
, UNIT_AFTER
, m
, true, di
.origin_mask
);
1582 changed
= changed
|| r
> 0;
1584 if (m
->fragment_path
) {
1585 r
= unit_add_dependency(u
, UNIT_REQUIRES
, m
, true, di
.origin_mask
);
1588 changed
= changed
|| r
> 0;
1596 static int unit_add_oomd_dependencies(Unit
*u
) {
1603 if (!u
->default_dependencies
)
1606 c
= unit_get_cgroup_context(u
);
1610 bool wants_oomd
= c
->moom_swap
== MANAGED_OOM_KILL
|| c
->moom_mem_pressure
== MANAGED_OOM_KILL
;
1614 if (!cg_all_unified())
1617 r
= cg_mask_supported(&mask
);
1619 return log_debug_errno(r
, "Failed to determine supported controllers: %m");
1621 if (!FLAGS_SET(mask
, CGROUP_MASK_MEMORY
))
1624 return unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_WANTS
, "systemd-oomd.service", true, UNIT_DEPENDENCY_FILE
);
1627 static int unit_add_startup_units(Unit
*u
) {
1628 if (!unit_has_startup_cgroup_constraints(u
))
1631 return set_ensure_put(&u
->manager
->startup_units
, NULL
, u
);
1634 static int unit_validate_on_failure_job_mode(
1636 const char *job_mode_setting
,
1638 const char *dependency_name
,
1639 UnitDependencyAtom atom
) {
1641 Unit
*other
, *found
= NULL
;
1643 if (job_mode
!= JOB_ISOLATE
)
1646 UNIT_FOREACH_DEPENDENCY(other
, u
, atom
) {
1649 else if (found
!= other
)
1650 return log_unit_error_errno(
1651 u
, SYNTHETIC_ERRNO(ENOEXEC
),
1652 "More than one %s dependencies specified but %sisolate set. Refusing.",
1653 dependency_name
, job_mode_setting
);
1659 int unit_load(Unit
*u
) {
1664 if (u
->in_load_queue
) {
1665 LIST_REMOVE(load_queue
, u
->manager
->load_queue
, u
);
1666 u
->in_load_queue
= false;
1669 if (u
->type
== _UNIT_TYPE_INVALID
)
1672 if (u
->load_state
!= UNIT_STUB
)
1675 if (u
->transient_file
) {
1676 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1677 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1679 r
= fflush_and_check(u
->transient_file
);
1683 u
->transient_file
= safe_fclose(u
->transient_file
);
1684 u
->fragment_mtime
= now(CLOCK_REALTIME
);
1687 r
= UNIT_VTABLE(u
)->load(u
);
1691 assert(u
->load_state
!= UNIT_STUB
);
1693 if (u
->load_state
== UNIT_LOADED
) {
1694 unit_add_to_target_deps_queue(u
);
1696 r
= unit_add_slice_dependencies(u
);
1700 r
= unit_add_mount_dependencies(u
);
1704 r
= unit_add_oomd_dependencies(u
);
1708 r
= unit_add_startup_units(u
);
1712 r
= unit_validate_on_failure_job_mode(u
, "OnSuccessJobMode=", u
->on_success_job_mode
, "OnSuccess=", UNIT_ATOM_ON_SUCCESS
);
1716 r
= unit_validate_on_failure_job_mode(u
, "OnFailureJobMode=", u
->on_failure_job_mode
, "OnFailure=", UNIT_ATOM_ON_FAILURE
);
1720 if (u
->job_running_timeout
!= USEC_INFINITY
&& u
->job_running_timeout
> u
->job_timeout
)
1721 log_unit_warning(u
, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1723 /* We finished loading, let's ensure our parents recalculate the members mask */
1724 unit_invalidate_cgroup_members_masks(u
);
1727 assert((u
->load_state
!= UNIT_MERGED
) == !u
->merged_into
);
1729 unit_add_to_dbus_queue(unit_follow_merge(u
));
1730 unit_add_to_gc_queue(u
);
1731 (void) manager_varlink_send_managed_oom_update(u
);
1736 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code
1737 * should hence return ENOEXEC to ensure units are placed in this state after loading. */
1739 u
->load_state
= u
->load_state
== UNIT_STUB
? UNIT_NOT_FOUND
:
1740 r
== -ENOEXEC
? UNIT_BAD_SETTING
:
1744 /* Record the timestamp on the cache, so that if the cache gets updated between now and the next time
1745 * an attempt is made to load this unit, we know we need to check again. */
1746 if (u
->load_state
== UNIT_NOT_FOUND
)
1747 u
->fragment_not_found_timestamp_hash
= u
->manager
->unit_cache_timestamp_hash
;
1749 unit_add_to_dbus_queue(u
);
1750 unit_add_to_gc_queue(u
);
1752 return log_unit_debug_errno(u
, r
, "Failed to load configuration: %m");
1756 static int log_unit_internal(void *userdata
, int level
, int error
, const char *file
, int line
, const char *func
, const char *format
, ...) {
1761 if (u
&& !unit_log_level_test(u
, level
))
1762 return -ERRNO_VALUE(error
);
1764 va_start(ap
, format
);
1766 r
= log_object_internalv(level
, error
, file
, line
, func
,
1767 u
->manager
->unit_log_field
,
1769 u
->manager
->invocation_log_field
,
1770 u
->invocation_id_string
,
1773 r
= log_internalv(level
, error
, file
, line
, func
, format
, ap
);
1779 static bool unit_test_condition(Unit
*u
) {
1780 _cleanup_strv_free_
char **env
= NULL
;
1785 dual_timestamp_now(&u
->condition_timestamp
);
1787 r
= manager_get_effective_environment(u
->manager
, &env
);
1789 log_unit_error_errno(u
, r
, "Failed to determine effective environment: %m");
1790 u
->condition_result
= true;
1792 u
->condition_result
= condition_test_list(
1795 condition_type_to_string
,
1799 unit_add_to_dbus_queue(u
);
1800 return u
->condition_result
;
1803 static bool unit_test_assert(Unit
*u
) {
1804 _cleanup_strv_free_
char **env
= NULL
;
1809 dual_timestamp_now(&u
->assert_timestamp
);
1811 r
= manager_get_effective_environment(u
->manager
, &env
);
1813 log_unit_error_errno(u
, r
, "Failed to determine effective environment: %m");
1814 u
->assert_result
= CONDITION_ERROR
;
1816 u
->assert_result
= condition_test_list(
1819 assert_type_to_string
,
1823 unit_add_to_dbus_queue(u
);
1824 return u
->assert_result
;
1827 void unit_status_printf(Unit
*u
, StatusType status_type
, const char *status
, const char *format
, const char *ident
) {
1828 if (log_get_show_color()) {
1829 if (u
->manager
->status_unit_format
== STATUS_UNIT_FORMAT_COMBINED
&& strchr(ident
, ' '))
1830 ident
= strjoina(ANSI_HIGHLIGHT
, u
->id
, ANSI_NORMAL
, " - ", u
->description
);
1832 ident
= strjoina(ANSI_HIGHLIGHT
, ident
, ANSI_NORMAL
);
1835 DISABLE_WARNING_FORMAT_NONLITERAL
;
1836 manager_status_printf(u
->manager
, status_type
, status
, format
, ident
);
1840 int unit_test_start_limit(Unit
*u
) {
1845 if (ratelimit_below(&u
->start_ratelimit
)) {
1846 u
->start_limit_hit
= false;
1850 log_unit_warning(u
, "Start request repeated too quickly.");
1851 u
->start_limit_hit
= true;
1853 reason
= strjoina("unit ", u
->id
, " failed");
1855 emergency_action(u
->manager
, u
->start_limit_action
,
1856 EMERGENCY_ACTION_IS_WATCHDOG
|EMERGENCY_ACTION_WARN
,
1857 u
->reboot_arg
, -1, reason
);
1862 static bool unit_verify_deps(Unit
*u
) {
1867 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined
1868 * with After=. We do not check Requires= or Requisite= here as they only should have an effect on
1869 * the job processing, but do not have any effect afterwards. We don't check BindsTo= dependencies
1870 * that are not used in conjunction with After= as for them any such check would make things entirely
1873 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT
) {
1875 if (!unit_has_dependency(u
, UNIT_ATOM_AFTER
, other
))
1878 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other
))) {
1879 log_unit_notice(u
, "Bound to unit %s, but unit isn't active.", other
->id
);
1887 /* Errors that aren't really errors:
1888 * -EALREADY: Unit is already started.
1889 * -ECOMM: Condition failed
1890 * -EAGAIN: An operation is already in progress. Retry later.
1892 * Errors that are real errors:
1893 * -EBADR: This unit type does not support starting.
1894 * -ECANCELED: Start limit hit, too many requests for now
1895 * -EPROTO: Assert failed
1896 * -EINVAL: Unit not loaded
1897 * -EOPNOTSUPP: Unit type not supported
1898 * -ENOLINK: The necessary dependencies are not fulfilled.
1899 * -ESTALE: This unit has been started before and can't be started a second time
1900 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
1902 int unit_start(Unit
*u
, ActivationDetails
*details
) {
1903 UnitActiveState state
;
1909 /* Let's hold off running start jobs for mount units when /proc/self/mountinfo monitor is ratelimited. */
1910 if (UNIT_VTABLE(u
)->subsystem_ratelimited
) {
1911 r
= UNIT_VTABLE(u
)->subsystem_ratelimited(u
->manager
);
1918 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1919 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1920 * waiting is finished. */
1921 state
= unit_active_state(u
);
1922 if (UNIT_IS_ACTIVE_OR_RELOADING(state
))
1924 if (state
== UNIT_MAINTENANCE
)
1927 /* Units that aren't loaded cannot be started */
1928 if (u
->load_state
!= UNIT_LOADED
)
1931 /* Refuse starting scope units more than once */
1932 if (UNIT_VTABLE(u
)->once_only
&& dual_timestamp_is_set(&u
->inactive_enter_timestamp
))
1935 /* If the conditions were unmet, don't do anything at all. If we already are activating this call might
1936 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1937 * recheck the condition in that case. */
1938 if (state
!= UNIT_ACTIVATING
&&
1939 !unit_test_condition(u
))
1940 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(ECOMM
), "Starting requested but condition not met. Not starting unit.");
1942 /* If the asserts failed, fail the entire job */
1943 if (state
!= UNIT_ACTIVATING
&&
1944 !unit_test_assert(u
))
1945 return log_unit_notice_errno(u
, SYNTHETIC_ERRNO(EPROTO
), "Starting requested but asserts failed.");
1947 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1948 * condition checks, so that we rather return condition check errors (which are usually not
1949 * considered a true failure) than "not supported" errors (which are considered a failure).
1951 if (!unit_type_supported(u
->type
))
1954 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1955 * should have taken care of this already, but let's check this here again. After all, our
1956 * dependencies might not be in effect anymore, due to a reload or due to an unmet condition. */
1957 if (!unit_verify_deps(u
))
1960 /* Forward to the main object, if we aren't it. */
1961 following
= unit_following(u
);
1963 log_unit_debug(u
, "Redirecting start request from %s to %s.", u
->id
, following
->id
);
1964 return unit_start(following
, details
);
1967 /* Check our ability to start early so that failure conditions don't cause us to enter a busy loop. */
1968 if (UNIT_VTABLE(u
)->can_start
) {
1969 r
= UNIT_VTABLE(u
)->can_start(u
);
1974 /* If it is stopped, but we cannot start it, then fail */
1975 if (!UNIT_VTABLE(u
)->start
)
1978 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1979 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1980 * waits for a holdoff timer to elapse before it will start again. */
1982 unit_add_to_dbus_queue(u
);
1983 unit_cgroup_freezer_action(u
, FREEZER_THAW
);
1985 if (!u
->activation_details
) /* Older details object wins */
1986 u
->activation_details
= activation_details_ref(details
);
1988 return UNIT_VTABLE(u
)->start(u
);
1991 bool unit_can_start(Unit
*u
) {
1994 if (u
->load_state
!= UNIT_LOADED
)
1997 if (!unit_type_supported(u
->type
))
2000 /* Scope units may be started only once */
2001 if (UNIT_VTABLE(u
)->once_only
&& dual_timestamp_is_set(&u
->inactive_exit_timestamp
))
2004 return !!UNIT_VTABLE(u
)->start
;
2007 bool unit_can_isolate(Unit
*u
) {
2010 return unit_can_start(u
) &&
2015 * -EBADR: This unit type does not support stopping.
2016 * -EALREADY: Unit is already stopped.
2017 * -EAGAIN: An operation is already in progress. Retry later.
2019 int unit_stop(Unit
*u
) {
2020 UnitActiveState state
;
2025 state
= unit_active_state(u
);
2026 if (UNIT_IS_INACTIVE_OR_FAILED(state
))
2029 following
= unit_following(u
);
2031 log_unit_debug(u
, "Redirecting stop request from %s to %s.", u
->id
, following
->id
);
2032 return unit_stop(following
);
2035 if (!UNIT_VTABLE(u
)->stop
)
2038 unit_add_to_dbus_queue(u
);
2039 unit_cgroup_freezer_action(u
, FREEZER_THAW
);
2041 return UNIT_VTABLE(u
)->stop(u
);
2044 bool unit_can_stop(Unit
*u
) {
2047 /* Note: if we return true here, it does not mean that the unit may be successfully stopped.
2048 * Extrinsic units follow external state and they may stop following external state changes
2049 * (hence we return true here), but an attempt to do this through the manager will fail. */
2051 if (!unit_type_supported(u
->type
))
2057 return !!UNIT_VTABLE(u
)->stop
;
2061 * -EBADR: This unit type does not support reloading.
2062 * -ENOEXEC: Unit is not started.
2063 * -EAGAIN: An operation is already in progress. Retry later.
2065 int unit_reload(Unit
*u
) {
2066 UnitActiveState state
;
2071 if (u
->load_state
!= UNIT_LOADED
)
2074 if (!unit_can_reload(u
))
2077 state
= unit_active_state(u
);
2078 if (state
== UNIT_RELOADING
)
2081 if (state
!= UNIT_ACTIVE
)
2082 return log_unit_warning_errno(u
, SYNTHETIC_ERRNO(ENOEXEC
), "Unit cannot be reloaded because it is inactive.");
2084 following
= unit_following(u
);
2086 log_unit_debug(u
, "Redirecting reload request from %s to %s.", u
->id
, following
->id
);
2087 return unit_reload(following
);
2090 unit_add_to_dbus_queue(u
);
2092 if (!UNIT_VTABLE(u
)->reload
) {
2093 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
2094 unit_notify(u
, unit_active_state(u
), unit_active_state(u
), /* reload_success = */ true);
2098 unit_cgroup_freezer_action(u
, FREEZER_THAW
);
2100 return UNIT_VTABLE(u
)->reload(u
);
2103 bool unit_can_reload(Unit
*u
) {
2106 if (UNIT_VTABLE(u
)->can_reload
)
2107 return UNIT_VTABLE(u
)->can_reload(u
);
2109 if (unit_has_dependency(u
, UNIT_ATOM_PROPAGATES_RELOAD_TO
, NULL
))
2112 return UNIT_VTABLE(u
)->reload
;
2115 bool unit_is_unneeded(Unit
*u
) {
2119 if (!u
->stop_when_unneeded
)
2122 /* Don't clean up while the unit is transitioning or is even inactive. */
2123 if (unit_active_state(u
) != UNIT_ACTIVE
)
2128 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_PINS_STOP_WHEN_UNNEEDED
) {
2129 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
2130 * restart, then don't clean this one up. */
2135 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
2138 if (unit_will_restart(other
))
2145 bool unit_is_upheld_by_active(Unit
*u
, Unit
**ret_culprit
) {
2150 /* Checks if the unit needs to be started because it currently is not running, but some other unit
2151 * that is active declared an Uphold= dependencies on it */
2153 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u
)) || u
->job
) {
2155 *ret_culprit
= NULL
;
2159 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_START_STEADILY
) {
2163 if (UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other
))) {
2165 *ret_culprit
= other
;
2171 *ret_culprit
= NULL
;
2175 bool unit_is_bound_by_inactive(Unit
*u
, Unit
**ret_culprit
) {
2180 /* Checks whether this unit is bound to another unit that is inactive, i.e. whether we should stop
2181 * because the other unit is down. */
2183 if (unit_active_state(u
) != UNIT_ACTIVE
|| u
->job
) {
2184 /* Don't clean up while the unit is transitioning or is even inactive. */
2186 *ret_culprit
= NULL
;
2190 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT
) {
2194 if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
))) {
2196 *ret_culprit
= other
;
2203 *ret_culprit
= NULL
;
2207 static void check_unneeded_dependencies(Unit
*u
) {
2211 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2213 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_ADD_STOP_WHEN_UNNEEDED_QUEUE
)
2214 unit_submit_to_stop_when_unneeded_queue(other
);
2217 static void check_uphold_dependencies(Unit
*u
) {
2221 /* Add all units this unit depends on to the queue that processes Uphold= behaviour. */
2223 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_ADD_START_WHEN_UPHELD_QUEUE
)
2224 unit_submit_to_start_when_upheld_queue(other
);
2227 static void check_bound_by_dependencies(Unit
*u
) {
2231 /* Add all units this unit depends on to the queue that processes BindsTo= stop behaviour. */
2233 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_ADD_CANNOT_BE_ACTIVE_WITHOUT_QUEUE
)
2234 unit_submit_to_stop_when_bound_queue(other
);
2237 static void retroactively_start_dependencies(Unit
*u
) {
2241 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)));
2243 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_RETROACTIVE_START_REPLACE
) /* Requires= + BindsTo= */
2244 if (!unit_has_dependency(u
, UNIT_ATOM_AFTER
, other
) &&
2245 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2246 manager_add_job(u
->manager
, JOB_START
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2248 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_RETROACTIVE_START_FAIL
) /* Wants= */
2249 if (!unit_has_dependency(u
, UNIT_ATOM_AFTER
, other
) &&
2250 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2251 manager_add_job(u
->manager
, JOB_START
, other
, JOB_FAIL
, NULL
, NULL
, NULL
);
2253 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_RETROACTIVE_STOP_ON_START
) /* Conflicts= (and inverse) */
2254 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2255 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2258 static void retroactively_stop_dependencies(Unit
*u
) {
2262 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u
)));
2264 /* Pull down units which are bound to us recursively if enabled */
2265 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_RETROACTIVE_STOP_ON_STOP
) /* BoundBy= */
2266 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2267 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2270 void unit_start_on_failure(
2272 const char *dependency_name
,
2273 UnitDependencyAtom atom
,
2281 assert(dependency_name
);
2282 assert(IN_SET(atom
, UNIT_ATOM_ON_SUCCESS
, UNIT_ATOM_ON_FAILURE
));
2284 /* Act on OnFailure= and OnSuccess= dependencies */
2286 UNIT_FOREACH_DEPENDENCY(other
, u
, atom
) {
2287 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
2290 log_unit_info(u
, "Triggering %s dependencies.", dependency_name
);
2294 r
= manager_add_job(u
->manager
, JOB_START
, other
, job_mode
, NULL
, &error
, NULL
);
2296 log_unit_warning_errno(
2297 u
, r
, "Failed to enqueue %s job, ignoring: %s",
2298 dependency_name
, bus_error_message(&error
, r
));
2303 log_unit_debug(u
, "Triggering %s dependencies done (%i %s).",
2304 dependency_name
, n_jobs
, n_jobs
== 1 ? "job" : "jobs");
2307 void unit_trigger_notify(Unit
*u
) {
2312 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_TRIGGERED_BY
)
2313 if (UNIT_VTABLE(other
)->trigger_notify
)
2314 UNIT_VTABLE(other
)->trigger_notify(other
, u
);
2317 static int raise_level(int log_level
, bool condition_info
, bool condition_notice
) {
2318 if (condition_notice
&& log_level
> LOG_NOTICE
)
2320 if (condition_info
&& log_level
> LOG_INFO
)
2325 static int unit_log_resources(Unit
*u
) {
2326 struct iovec iovec
[1 + 2 + _CGROUP_IP_ACCOUNTING_METRIC_MAX
+ _CGROUP_IO_ACCOUNTING_METRIC_MAX
+ 4];
2327 bool any_traffic
= false, have_ip_accounting
= false, any_io
= false, have_io_accounting
= false;
2328 _cleanup_free_
char *igress
= NULL
, *egress
= NULL
, *rr
= NULL
, *wr
= NULL
;
2329 int log_level
= LOG_DEBUG
; /* May be raised if resources consumed over a threshold */
2330 size_t n_message_parts
= 0, n_iovec
= 0;
2331 char* message_parts
[1 + 2 + 2 + 2 + 1], *t
;
2332 nsec_t nsec
= NSEC_INFINITY
;
2333 uint64_t memory_peak
= UINT64_MAX
, memory_swap_peak
= UINT64_MAX
;
2335 const char* const ip_fields
[_CGROUP_IP_ACCOUNTING_METRIC_MAX
] = {
2336 [CGROUP_IP_INGRESS_BYTES
] = "IP_METRIC_INGRESS_BYTES",
2337 [CGROUP_IP_INGRESS_PACKETS
] = "IP_METRIC_INGRESS_PACKETS",
2338 [CGROUP_IP_EGRESS_BYTES
] = "IP_METRIC_EGRESS_BYTES",
2339 [CGROUP_IP_EGRESS_PACKETS
] = "IP_METRIC_EGRESS_PACKETS",
2341 const char* const io_fields
[_CGROUP_IO_ACCOUNTING_METRIC_MAX
] = {
2342 [CGROUP_IO_READ_BYTES
] = "IO_METRIC_READ_BYTES",
2343 [CGROUP_IO_WRITE_BYTES
] = "IO_METRIC_WRITE_BYTES",
2344 [CGROUP_IO_READ_OPERATIONS
] = "IO_METRIC_READ_OPERATIONS",
2345 [CGROUP_IO_WRITE_OPERATIONS
] = "IO_METRIC_WRITE_OPERATIONS",
2350 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2351 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2352 * information and the complete data in structured fields. */
2354 (void) unit_get_cpu_usage(u
, &nsec
);
2355 if (nsec
!= NSEC_INFINITY
) {
2356 /* Format the CPU time for inclusion in the structured log message */
2357 if (asprintf(&t
, "CPU_USAGE_NSEC=%" PRIu64
, nsec
) < 0) {
2361 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2363 /* Format the CPU time for inclusion in the human language message string */
2364 t
= strjoin("consumed ", FORMAT_TIMESPAN(nsec
/ NSEC_PER_USEC
, USEC_PER_MSEC
), " CPU time");
2370 message_parts
[n_message_parts
++] = t
;
2372 log_level
= raise_level(log_level
,
2373 nsec
> MENTIONWORTHY_CPU_NSEC
,
2374 nsec
> NOTICEWORTHY_CPU_NSEC
);
2377 (void) unit_get_memory_accounting(u
, CGROUP_MEMORY_PEAK
, &memory_peak
);
2378 if (memory_peak
!= UINT64_MAX
) {
2379 /* Format peak memory for inclusion in the structured log message */
2380 if (asprintf(&t
, "MEMORY_PEAK=%" PRIu64
, memory_peak
) < 0) {
2384 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2386 /* Format peak memory for inclusion in the human language message string */
2387 t
= strjoin(FORMAT_BYTES(memory_peak
), " memory peak");
2392 message_parts
[n_message_parts
++] = t
;
2395 (void) unit_get_memory_accounting(u
, CGROUP_MEMORY_SWAP_PEAK
, &memory_swap_peak
);
2396 if (memory_swap_peak
!= UINT64_MAX
) {
2397 /* Format peak swap memory for inclusion in the structured log message */
2398 if (asprintf(&t
, "MEMORY_SWAP_PEAK=%" PRIu64
, memory_swap_peak
) < 0) {
2402 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2404 /* Format peak swap memory for inclusion in the human language message string */
2405 t
= strjoin(FORMAT_BYTES(memory_swap_peak
), " memory swap peak");
2410 message_parts
[n_message_parts
++] = t
;
2413 for (CGroupIOAccountingMetric k
= 0; k
< _CGROUP_IO_ACCOUNTING_METRIC_MAX
; k
++) {
2414 uint64_t value
= UINT64_MAX
;
2416 assert(io_fields
[k
]);
2418 (void) unit_get_io_accounting(u
, k
, k
> 0, &value
);
2419 if (value
== UINT64_MAX
)
2422 have_io_accounting
= true;
2426 /* Format IO accounting data for inclusion in the structured log message */
2427 if (asprintf(&t
, "%s=%" PRIu64
, io_fields
[k
], value
) < 0) {
2431 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2433 /* Format the IO accounting data for inclusion in the human language message string, but only
2434 * for the bytes counters (and not for the operations counters) */
2435 if (k
== CGROUP_IO_READ_BYTES
) {
2437 rr
= strjoin("read ", strna(FORMAT_BYTES(value
)), " from disk");
2442 } else if (k
== CGROUP_IO_WRITE_BYTES
) {
2444 wr
= strjoin("written ", strna(FORMAT_BYTES(value
)), " to disk");
2451 if (IN_SET(k
, CGROUP_IO_READ_BYTES
, CGROUP_IO_WRITE_BYTES
))
2452 log_level
= raise_level(log_level
,
2453 value
> MENTIONWORTHY_IO_BYTES
,
2454 value
> NOTICEWORTHY_IO_BYTES
);
2457 if (have_io_accounting
) {
2460 message_parts
[n_message_parts
++] = TAKE_PTR(rr
);
2462 message_parts
[n_message_parts
++] = TAKE_PTR(wr
);
2467 k
= strdup("no IO");
2473 message_parts
[n_message_parts
++] = k
;
2477 for (CGroupIPAccountingMetric m
= 0; m
< _CGROUP_IP_ACCOUNTING_METRIC_MAX
; m
++) {
2478 uint64_t value
= UINT64_MAX
;
2480 assert(ip_fields
[m
]);
2482 (void) unit_get_ip_accounting(u
, m
, &value
);
2483 if (value
== UINT64_MAX
)
2486 have_ip_accounting
= true;
2490 /* Format IP accounting data for inclusion in the structured log message */
2491 if (asprintf(&t
, "%s=%" PRIu64
, ip_fields
[m
], value
) < 0) {
2495 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2497 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2498 * bytes counters (and not for the packets counters) */
2499 if (m
== CGROUP_IP_INGRESS_BYTES
) {
2501 igress
= strjoin("received ", strna(FORMAT_BYTES(value
)), " IP traffic");
2506 } else if (m
== CGROUP_IP_EGRESS_BYTES
) {
2508 egress
= strjoin("sent ", strna(FORMAT_BYTES(value
)), " IP traffic");
2515 if (IN_SET(m
, CGROUP_IP_INGRESS_BYTES
, CGROUP_IP_EGRESS_BYTES
))
2516 log_level
= raise_level(log_level
,
2517 value
> MENTIONWORTHY_IP_BYTES
,
2518 value
> NOTICEWORTHY_IP_BYTES
);
2521 /* This check is here because it is the earliest point following all possible log_level assignments. If
2522 * log_level is assigned anywhere after this point, move this check. */
2523 if (!unit_log_level_test(u
, log_level
)) {
2528 if (have_ip_accounting
) {
2531 message_parts
[n_message_parts
++] = TAKE_PTR(igress
);
2533 message_parts
[n_message_parts
++] = TAKE_PTR(egress
);
2538 k
= strdup("no IP traffic");
2544 message_parts
[n_message_parts
++] = k
;
2548 /* Is there any accounting data available at all? */
2554 if (n_message_parts
== 0)
2555 t
= strjoina("MESSAGE=", u
->id
, ": Completed.");
2557 _cleanup_free_
char *joined
= NULL
;
2559 message_parts
[n_message_parts
] = NULL
;
2561 joined
= strv_join(message_parts
, ", ");
2567 joined
[0] = ascii_toupper(joined
[0]);
2568 t
= strjoina("MESSAGE=", u
->id
, ": ", joined
, ".");
2571 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2572 * and hence don't increase n_iovec for them */
2573 iovec
[n_iovec
] = IOVEC_MAKE_STRING(t
);
2574 iovec
[n_iovec
+ 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR
);
2576 t
= strjoina(u
->manager
->unit_log_field
, u
->id
);
2577 iovec
[n_iovec
+ 2] = IOVEC_MAKE_STRING(t
);
2579 t
= strjoina(u
->manager
->invocation_log_field
, u
->invocation_id_string
);
2580 iovec
[n_iovec
+ 3] = IOVEC_MAKE_STRING(t
);
2582 log_unit_struct_iovec(u
, log_level
, iovec
, n_iovec
+ 4);
2586 free_many_charp(message_parts
, n_message_parts
);
2588 for (size_t i
= 0; i
< n_iovec
; i
++)
2589 free(iovec
[i
].iov_base
);
2595 static void unit_update_on_console(Unit
*u
) {
2600 b
= unit_needs_console(u
);
2601 if (u
->on_console
== b
)
2606 manager_ref_console(u
->manager
);
2608 manager_unref_console(u
->manager
);
2611 static void unit_emit_audit_start(Unit
*u
) {
2614 if (UNIT_VTABLE(u
)->audit_start_message_type
<= 0)
2617 /* Write audit record if we have just finished starting up */
2618 manager_send_unit_audit(u
->manager
, u
, UNIT_VTABLE(u
)->audit_start_message_type
, /* success= */ true);
2622 static void unit_emit_audit_stop(Unit
*u
, UnitActiveState state
) {
2625 if (UNIT_VTABLE(u
)->audit_start_message_type
<= 0)
2629 /* Write audit record if we have just finished shutting down */
2630 manager_send_unit_audit(u
->manager
, u
, UNIT_VTABLE(u
)->audit_stop_message_type
, /* success= */ state
== UNIT_INACTIVE
);
2631 u
->in_audit
= false;
2633 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2634 manager_send_unit_audit(u
->manager
, u
, UNIT_VTABLE(u
)->audit_start_message_type
, /* success= */ state
== UNIT_INACTIVE
);
2636 if (state
== UNIT_INACTIVE
)
2637 manager_send_unit_audit(u
->manager
, u
, UNIT_VTABLE(u
)->audit_stop_message_type
, /* success= */ true);
2641 static bool unit_process_job(Job
*j
, UnitActiveState ns
, bool reload_success
) {
2642 bool unexpected
= false;
2647 if (j
->state
== JOB_WAITING
)
2648 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2650 job_add_to_run_queue(j
);
2652 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2653 * hence needs to invalidate jobs. */
2658 case JOB_VERIFY_ACTIVE
:
2660 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2661 job_finish_and_invalidate(j
, JOB_DONE
, true, false);
2662 else if (j
->state
== JOB_RUNNING
&& ns
!= UNIT_ACTIVATING
) {
2665 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2666 if (ns
== UNIT_FAILED
)
2667 result
= JOB_FAILED
;
2671 job_finish_and_invalidate(j
, result
, true, false);
2678 case JOB_RELOAD_OR_START
:
2679 case JOB_TRY_RELOAD
:
2681 if (j
->state
== JOB_RUNNING
) {
2682 if (ns
== UNIT_ACTIVE
)
2683 job_finish_and_invalidate(j
, reload_success
? JOB_DONE
: JOB_FAILED
, true, false);
2684 else if (!IN_SET(ns
, UNIT_ACTIVATING
, UNIT_RELOADING
)) {
2687 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2688 job_finish_and_invalidate(j
, ns
== UNIT_FAILED
? JOB_FAILED
: JOB_DONE
, true, false);
2696 case JOB_TRY_RESTART
:
2698 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2699 job_finish_and_invalidate(j
, JOB_DONE
, true, false);
2700 else if (j
->state
== JOB_RUNNING
&& ns
!= UNIT_DEACTIVATING
) {
2702 job_finish_and_invalidate(j
, JOB_FAILED
, true, false);
2708 assert_not_reached();
2714 void unit_notify(Unit
*u
, UnitActiveState os
, UnitActiveState ns
, bool reload_success
) {
2719 assert(os
< _UNIT_ACTIVE_STATE_MAX
);
2720 assert(ns
< _UNIT_ACTIVE_STATE_MAX
);
2722 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2723 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2724 * remounted this function will be called too! */
2728 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2729 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2730 unit_add_to_dbus_queue(u
);
2732 /* Update systemd-oomd on the property/state change */
2734 /* Always send an update if the unit is going into an inactive state so systemd-oomd knows to stop
2736 * Also send an update whenever the unit goes active; this is to handle a case where an override file
2737 * sets one of the ManagedOOM*= properties to "kill", then later removes it. systemd-oomd needs to
2738 * know to stop monitoring when the unit changes from "kill" -> "auto" on daemon-reload, but we don't
2739 * have the information on the property. Thus, indiscriminately send an update. */
2740 if (UNIT_IS_INACTIVE_OR_FAILED(ns
) || UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2741 (void) manager_varlink_send_managed_oom_update(u
);
2744 /* Update timestamps for state changes */
2745 if (!MANAGER_IS_RELOADING(m
)) {
2746 dual_timestamp_now(&u
->state_change_timestamp
);
2748 if (UNIT_IS_INACTIVE_OR_FAILED(os
) && !UNIT_IS_INACTIVE_OR_FAILED(ns
))
2749 u
->inactive_exit_timestamp
= u
->state_change_timestamp
;
2750 else if (!UNIT_IS_INACTIVE_OR_FAILED(os
) && UNIT_IS_INACTIVE_OR_FAILED(ns
))
2751 u
->inactive_enter_timestamp
= u
->state_change_timestamp
;
2753 if (!UNIT_IS_ACTIVE_OR_RELOADING(os
) && UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2754 u
->active_enter_timestamp
= u
->state_change_timestamp
;
2755 else if (UNIT_IS_ACTIVE_OR_RELOADING(os
) && !UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2756 u
->active_exit_timestamp
= u
->state_change_timestamp
;
2759 /* Keep track of failed units */
2760 (void) manager_update_failed_units(m
, u
, ns
== UNIT_FAILED
);
2762 /* Make sure the cgroup and state files are always removed when we become inactive */
2763 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2764 SET_FLAG(u
->markers
,
2765 (1u << UNIT_MARKER_NEEDS_RELOAD
)|(1u << UNIT_MARKER_NEEDS_RESTART
),
2767 unit_prune_cgroup(u
);
2768 unit_unlink_state_files(u
);
2769 } else if (ns
!= os
&& ns
== UNIT_RELOADING
)
2770 SET_FLAG(u
->markers
, 1u << UNIT_MARKER_NEEDS_RELOAD
, false);
2772 unit_update_on_console(u
);
2774 if (!MANAGER_IS_RELOADING(m
)) {
2777 /* Let's propagate state changes to the job */
2779 unexpected
= unit_process_job(u
->job
, ns
, reload_success
);
2783 /* If this state change happened without being requested by a job, then let's retroactively start or
2784 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2785 * additional jobs just because something is already activated. */
2788 if (UNIT_IS_INACTIVE_OR_FAILED(os
) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns
))
2789 retroactively_start_dependencies(u
);
2790 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os
) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns
))
2791 retroactively_stop_dependencies(u
);
2794 if (ns
!= os
&& ns
== UNIT_FAILED
) {
2795 log_unit_debug(u
, "Unit entered failed state.");
2796 unit_start_on_failure(u
, "OnFailure=", UNIT_ATOM_ON_FAILURE
, u
->on_failure_job_mode
);
2799 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
) && !UNIT_IS_ACTIVE_OR_RELOADING(os
)) {
2800 /* This unit just finished starting up */
2802 unit_emit_audit_start(u
);
2803 manager_send_unit_plymouth(m
, u
);
2806 if (UNIT_IS_INACTIVE_OR_FAILED(ns
) && !UNIT_IS_INACTIVE_OR_FAILED(os
)) {
2807 /* This unit just stopped/failed. */
2809 unit_emit_audit_stop(u
, ns
);
2810 unit_log_resources(u
);
2813 if (ns
== UNIT_INACTIVE
&& !IN_SET(os
, UNIT_FAILED
, UNIT_INACTIVE
, UNIT_MAINTENANCE
))
2814 unit_start_on_failure(u
, "OnSuccess=", UNIT_ATOM_ON_SUCCESS
, u
->on_success_job_mode
);
2817 manager_recheck_journal(m
);
2818 manager_recheck_dbus(m
);
2820 unit_trigger_notify(u
);
2822 if (!MANAGER_IS_RELOADING(m
)) {
2823 if (os
!= UNIT_FAILED
&& ns
== UNIT_FAILED
) {
2824 reason
= strjoina("unit ", u
->id
, " failed");
2825 emergency_action(m
, u
->failure_action
, 0, u
->reboot_arg
, unit_failure_action_exit_status(u
), reason
);
2826 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os
) && ns
== UNIT_INACTIVE
) {
2827 reason
= strjoina("unit ", u
->id
, " succeeded");
2828 emergency_action(m
, u
->success_action
, 0, u
->reboot_arg
, unit_success_action_exit_status(u
), reason
);
2832 /* And now, add the unit or depending units to various queues that will act on the new situation if
2833 * needed. These queues generally check for continuous state changes rather than events (like most of
2834 * the state propagation above), and do work deferred instead of instantly, since they typically
2835 * don't want to run during reloading, and usually involve checking combined state of multiple units
2838 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2839 /* Stop unneeded units and bound-by units regardless if going down was expected or not */
2840 check_unneeded_dependencies(u
);
2841 check_bound_by_dependencies(u
);
2843 /* Maybe someone wants us to remain up? */
2844 unit_submit_to_start_when_upheld_queue(u
);
2846 /* Maybe the unit should be GC'ed now? */
2847 unit_add_to_gc_queue(u
);
2849 /* Maybe we can release some resources now? */
2850 unit_submit_to_release_resources_queue(u
);
2853 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
)) {
2854 /* Start uphold units regardless if going up was expected or not */
2855 check_uphold_dependencies(u
);
2857 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2858 unit_submit_to_stop_when_unneeded_queue(u
);
2860 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens
2861 * when something BindsTo= to a Type=oneshot unit, as these units go directly from starting to
2862 * inactive, without ever entering started.) */
2863 unit_submit_to_stop_when_bound_queue(u
);
2867 int unit_watch_pidref(Unit
*u
, PidRef
*pid
, bool exclusive
) {
2868 _cleanup_(pidref_freep
) PidRef
*pid_dup
= NULL
;
2871 /* Adds a specific PID to the set of PIDs this unit watches. */
2874 assert(pidref_is_set(pid
));
2876 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2877 * opportunity to remove any stalled references to this PID as they can be created
2878 * easily (when watching a process which is not our direct child). */
2880 manager_unwatch_pidref(u
->manager
, pid
);
2882 if (set_contains(u
->pids
, pid
)) /* early exit if already being watched */
2885 r
= pidref_dup(pid
, &pid_dup
);
2889 /* First, insert into the set of PIDs maintained by the unit */
2890 r
= set_ensure_put(&u
->pids
, &pidref_hash_ops_free
, pid_dup
);
2894 pid
= TAKE_PTR(pid_dup
); /* continue with our copy now that we have installed it properly in our set */
2896 /* Second, insert it into the simple global table, see if that works */
2897 r
= hashmap_ensure_put(&u
->manager
->watch_pids
, &pidref_hash_ops_free
, pid
, u
);
2901 /* OK, the key is already assigned to a different unit. That's fine, then add us via the second
2902 * hashmap that points to an array. */
2904 PidRef
*old_pid
= NULL
;
2905 Unit
**array
= hashmap_get2(u
->manager
->watch_pids_more
, pid
, (void**) &old_pid
);
2907 /* Count entries in array */
2909 for (; array
&& array
[n
]; n
++)
2912 /* Allocate a new array */
2913 _cleanup_free_ Unit
**new_array
= new(Unit
*, n
+ 2);
2917 /* Append us to the end */
2918 memcpy_safe(new_array
, array
, sizeof(Unit
*) * n
);
2920 new_array
[n
+1] = NULL
;
2922 /* Make sure the hashmap is allocated */
2923 r
= hashmap_ensure_allocated(&u
->manager
->watch_pids_more
, &pidref_hash_ops_free
);
2927 /* Add or replace the old array */
2928 r
= hashmap_replace(u
->manager
->watch_pids_more
, old_pid
?: pid
, new_array
);
2932 TAKE_PTR(new_array
); /* Now part of the hash table */
2933 free(array
); /* Which means we can now delete the old version */
2937 int unit_watch_pid(Unit
*u
, pid_t pid
, bool exclusive
) {
2938 _cleanup_(pidref_done
) PidRef pidref
= PIDREF_NULL
;
2942 assert(pid_is_valid(pid
));
2944 r
= pidref_set_pid(&pidref
, pid
);
2948 return unit_watch_pidref(u
, &pidref
, exclusive
);
2951 void unit_unwatch_pidref(Unit
*u
, PidRef
*pid
) {
2953 assert(pidref_is_set(pid
));
2955 /* Remove from the set we maintain for this unit. (And destroy the returned pid eventually) */
2956 _cleanup_(pidref_freep
) PidRef
*pid1
= set_remove(u
->pids
, pid
);
2958 return; /* Early exit if this PID was never watched by us */
2960 /* First let's drop the unit from the simple hash table, if it is included there */
2961 PidRef
*pid2
= NULL
;
2962 Unit
*uu
= hashmap_get2(u
->manager
->watch_pids
, pid
, (void**) &pid2
);
2964 /* Quick validation: iff we are in the watch_pids table then the PidRef object must be the same as in our local pids set */
2965 assert((uu
== u
) == (pid1
== pid2
));
2968 /* OK, we are in the first table. Let's remove it there then, and we are done already. */
2969 assert_se(hashmap_remove_value(u
->manager
->watch_pids
, pid2
, uu
));
2971 /* We weren't in the first table, then let's consult the 2nd table that points to an array */
2972 PidRef
*pid3
= NULL
;
2973 Unit
**array
= hashmap_get2(u
->manager
->watch_pids_more
, pid
, (void**) &pid3
);
2975 /* Let's iterate through the array, dropping our own entry */
2976 size_t m
= 0, n
= 0;
2977 for (; array
&& array
[n
]; n
++)
2979 array
[m
++] = array
[n
];
2981 return; /* Not there */
2983 array
[m
] = NULL
; /* set trailing NULL marker on the new end */
2986 /* The array is now empty, remove the entire entry */
2987 assert_se(hashmap_remove_value(u
->manager
->watch_pids_more
, pid3
, array
));
2990 /* The array is not empty, but let's make sure the entry is not keyed by the PidRef
2991 * we will delete, but by the PidRef object of the Unit that is now first in the
2994 PidRef
*new_pid3
= ASSERT_PTR(set_get(array
[0]->pids
, pid
));
2995 assert_se(hashmap_replace(u
->manager
->watch_pids_more
, new_pid3
, array
) >= 0);
3000 void unit_unwatch_pid(Unit
*u
, pid_t pid
) {
3001 return unit_unwatch_pidref(u
, &PIDREF_MAKE_FROM_PID(pid
));
3004 void unit_unwatch_all_pids(Unit
*u
) {
3007 while (!set_isempty(u
->pids
))
3008 unit_unwatch_pidref(u
, set_first(u
->pids
));
3010 u
->pids
= set_free(u
->pids
);
3013 static void unit_tidy_watch_pids(Unit
*u
) {
3014 PidRef
*except1
, *except2
, *e
;
3018 /* Cleans dead PIDs from our list */
3020 except1
= unit_main_pid(u
);
3021 except2
= unit_control_pid(u
);
3023 SET_FOREACH(e
, u
->pids
) {
3024 if (pidref_equal(except1
, e
) || pidref_equal(except2
, e
))
3027 if (pidref_is_unwaited(e
) <= 0)
3028 unit_unwatch_pidref(u
, e
);
3032 static int on_rewatch_pids_event(sd_event_source
*s
, void *userdata
) {
3033 Unit
*u
= ASSERT_PTR(userdata
);
3037 unit_tidy_watch_pids(u
);
3038 unit_watch_all_pids(u
);
3040 /* If the PID set is empty now, then let's finish this off. */
3041 unit_synthesize_cgroup_empty_event(u
);
3046 int unit_enqueue_rewatch_pids(Unit
*u
) {
3051 if (!u
->cgroup_path
)
3054 r
= cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
);
3057 if (r
> 0) /* On unified we can use proper notifications */
3060 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
3061 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
3062 * involves issuing kill(pid, 0) on all processes we watch. */
3064 if (!u
->rewatch_pids_event_source
) {
3065 _cleanup_(sd_event_source_unrefp
) sd_event_source
*s
= NULL
;
3067 r
= sd_event_add_defer(u
->manager
->event
, &s
, on_rewatch_pids_event
, u
);
3069 return log_error_errno(r
, "Failed to allocate event source for tidying watched PIDs: %m");
3071 r
= sd_event_source_set_priority(s
, SD_EVENT_PRIORITY_IDLE
);
3073 return log_error_errno(r
, "Failed to adjust priority of event source for tidying watched PIDs: %m");
3075 (void) sd_event_source_set_description(s
, "tidy-watch-pids");
3077 u
->rewatch_pids_event_source
= TAKE_PTR(s
);
3080 r
= sd_event_source_set_enabled(u
->rewatch_pids_event_source
, SD_EVENT_ONESHOT
);
3082 return log_error_errno(r
, "Failed to enable event source for tidying watched PIDs: %m");
3087 void unit_dequeue_rewatch_pids(Unit
*u
) {
3091 if (!u
->rewatch_pids_event_source
)
3094 r
= sd_event_source_set_enabled(u
->rewatch_pids_event_source
, SD_EVENT_OFF
);
3096 log_warning_errno(r
, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
3098 u
->rewatch_pids_event_source
= sd_event_source_disable_unref(u
->rewatch_pids_event_source
);
3101 bool unit_job_is_applicable(Unit
*u
, JobType j
) {
3103 assert(j
>= 0 && j
< _JOB_TYPE_MAX
);
3107 case JOB_VERIFY_ACTIVE
:
3110 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
3111 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
3116 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
3117 * external events), hence it makes no sense to permit enqueuing such a request either. */
3118 return !u
->perpetual
;
3121 case JOB_TRY_RESTART
:
3122 return unit_can_stop(u
) && unit_can_start(u
);
3125 case JOB_TRY_RELOAD
:
3126 return unit_can_reload(u
);
3128 case JOB_RELOAD_OR_START
:
3129 return unit_can_reload(u
) && unit_can_start(u
);
3132 assert_not_reached();
3136 static Hashmap
*unit_get_dependency_hashmap_per_type(Unit
*u
, UnitDependency d
) {
3140 assert(d
>= 0 && d
< _UNIT_DEPENDENCY_MAX
);
3142 deps
= hashmap_get(u
->dependencies
, UNIT_DEPENDENCY_TO_PTR(d
));
3144 _cleanup_hashmap_free_ Hashmap
*h
= NULL
;
3146 h
= hashmap_new(NULL
);
3150 if (hashmap_ensure_put(&u
->dependencies
, NULL
, UNIT_DEPENDENCY_TO_PTR(d
), h
) < 0)
3159 typedef enum NotifyDependencyFlags
{
3160 NOTIFY_DEPENDENCY_UPDATE_FROM
= 1 << 0,
3161 NOTIFY_DEPENDENCY_UPDATE_TO
= 1 << 1,
3162 } NotifyDependencyFlags
;
3164 static int unit_add_dependency_impl(
3168 UnitDependencyMask mask
) {
3170 static const UnitDependency inverse_table
[_UNIT_DEPENDENCY_MAX
] = {
3171 [UNIT_REQUIRES
] = UNIT_REQUIRED_BY
,
3172 [UNIT_REQUISITE
] = UNIT_REQUISITE_OF
,
3173 [UNIT_WANTS
] = UNIT_WANTED_BY
,
3174 [UNIT_BINDS_TO
] = UNIT_BOUND_BY
,
3175 [UNIT_PART_OF
] = UNIT_CONSISTS_OF
,
3176 [UNIT_UPHOLDS
] = UNIT_UPHELD_BY
,
3177 [UNIT_REQUIRED_BY
] = UNIT_REQUIRES
,
3178 [UNIT_REQUISITE_OF
] = UNIT_REQUISITE
,
3179 [UNIT_WANTED_BY
] = UNIT_WANTS
,
3180 [UNIT_BOUND_BY
] = UNIT_BINDS_TO
,
3181 [UNIT_CONSISTS_OF
] = UNIT_PART_OF
,
3182 [UNIT_UPHELD_BY
] = UNIT_UPHOLDS
,
3183 [UNIT_CONFLICTS
] = UNIT_CONFLICTED_BY
,
3184 [UNIT_CONFLICTED_BY
] = UNIT_CONFLICTS
,
3185 [UNIT_BEFORE
] = UNIT_AFTER
,
3186 [UNIT_AFTER
] = UNIT_BEFORE
,
3187 [UNIT_ON_SUCCESS
] = UNIT_ON_SUCCESS_OF
,
3188 [UNIT_ON_SUCCESS_OF
] = UNIT_ON_SUCCESS
,
3189 [UNIT_ON_FAILURE
] = UNIT_ON_FAILURE_OF
,
3190 [UNIT_ON_FAILURE_OF
] = UNIT_ON_FAILURE
,
3191 [UNIT_TRIGGERS
] = UNIT_TRIGGERED_BY
,
3192 [UNIT_TRIGGERED_BY
] = UNIT_TRIGGERS
,
3193 [UNIT_PROPAGATES_RELOAD_TO
] = UNIT_RELOAD_PROPAGATED_FROM
,
3194 [UNIT_RELOAD_PROPAGATED_FROM
] = UNIT_PROPAGATES_RELOAD_TO
,
3195 [UNIT_PROPAGATES_STOP_TO
] = UNIT_STOP_PROPAGATED_FROM
,
3196 [UNIT_STOP_PROPAGATED_FROM
] = UNIT_PROPAGATES_STOP_TO
,
3197 [UNIT_JOINS_NAMESPACE_OF
] = UNIT_JOINS_NAMESPACE_OF
, /* symmetric! 👓 */
3198 [UNIT_REFERENCES
] = UNIT_REFERENCED_BY
,
3199 [UNIT_REFERENCED_BY
] = UNIT_REFERENCES
,
3200 [UNIT_IN_SLICE
] = UNIT_SLICE_OF
,
3201 [UNIT_SLICE_OF
] = UNIT_IN_SLICE
,
3204 Hashmap
*u_deps
, *other_deps
;
3205 UnitDependencyInfo u_info
, u_info_old
, other_info
, other_info_old
;
3206 NotifyDependencyFlags flags
= 0;
3211 assert(d
>= 0 && d
< _UNIT_DEPENDENCY_MAX
);
3212 assert(inverse_table
[d
] >= 0 && inverse_table
[d
] < _UNIT_DEPENDENCY_MAX
);
3213 assert(mask
> 0 && mask
< _UNIT_DEPENDENCY_MASK_FULL
);
3215 /* Ensure the following two hashmaps for each unit exist:
3216 * - the top-level dependency hashmap that maps UnitDependency → Hashmap(Unit* → UnitDependencyInfo),
3217 * - the inner hashmap, that maps Unit* → UnitDependencyInfo, for the specified dependency type. */
3218 u_deps
= unit_get_dependency_hashmap_per_type(u
, d
);
3222 other_deps
= unit_get_dependency_hashmap_per_type(other
, inverse_table
[d
]);
3226 /* Save the original dependency info. */
3227 u_info
.data
= u_info_old
.data
= hashmap_get(u_deps
, other
);
3228 other_info
.data
= other_info_old
.data
= hashmap_get(other_deps
, u
);
3230 /* Update dependency info. */
3231 u_info
.origin_mask
|= mask
;
3232 other_info
.destination_mask
|= mask
;
3234 /* Save updated dependency info. */
3235 if (u_info
.data
!= u_info_old
.data
) {
3236 r
= hashmap_replace(u_deps
, other
, u_info
.data
);
3240 flags
= NOTIFY_DEPENDENCY_UPDATE_FROM
;
3243 if (other_info
.data
!= other_info_old
.data
) {
3244 r
= hashmap_replace(other_deps
, u
, other_info
.data
);
3246 if (u_info
.data
!= u_info_old
.data
) {
3247 /* Restore the old dependency. */
3248 if (u_info_old
.data
)
3249 (void) hashmap_update(u_deps
, other
, u_info_old
.data
);
3251 hashmap_remove(u_deps
, other
);
3256 flags
|= NOTIFY_DEPENDENCY_UPDATE_TO
;
3262 int unit_add_dependency(
3267 UnitDependencyMask mask
) {
3269 UnitDependencyAtom a
;
3272 /* Helper to know whether sending a notification is necessary or not: if the dependency is already
3273 * there, no need to notify! */
3274 NotifyDependencyFlags notify_flags
;
3277 assert(d
>= 0 && d
< _UNIT_DEPENDENCY_MAX
);
3280 u
= unit_follow_merge(u
);
3281 other
= unit_follow_merge(other
);
3282 a
= unit_dependency_to_atom(d
);
3285 /* We won't allow dependencies on ourselves. We will not consider them an error however. */
3287 if (unit_should_warn_about_dependency(d
))
3288 log_unit_warning(u
, "Dependency %s=%s is dropped.",
3289 unit_dependency_to_string(d
), u
->id
);
3293 if (u
->manager
&& FLAGS_SET(u
->manager
->test_run_flags
, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES
))
3296 /* Note that ordering a device unit after a unit is permitted since it allows to start its job
3297 * running timeout at a specific time. */
3298 if (FLAGS_SET(a
, UNIT_ATOM_BEFORE
) && other
->type
== UNIT_DEVICE
) {
3299 log_unit_warning(u
, "Dependency Before=%s ignored (.device units cannot be delayed)", other
->id
);
3303 if (FLAGS_SET(a
, UNIT_ATOM_ON_FAILURE
) && !UNIT_VTABLE(u
)->can_fail
) {
3304 log_unit_warning(u
, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other
->id
, unit_type_to_string(u
->type
));
3308 if (FLAGS_SET(a
, UNIT_ATOM_TRIGGERS
) && !UNIT_VTABLE(u
)->can_trigger
)
3309 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3310 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other
->id
, unit_type_to_string(u
->type
));
3311 if (FLAGS_SET(a
, UNIT_ATOM_TRIGGERED_BY
) && !UNIT_VTABLE(other
)->can_trigger
)
3312 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3313 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other
->id
, unit_type_to_string(other
->type
));
3315 if (FLAGS_SET(a
, UNIT_ATOM_IN_SLICE
) && other
->type
!= UNIT_SLICE
)
3316 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3317 "Requested dependency Slice=%s refused (%s is not a slice unit).", other
->id
, other
->id
);
3318 if (FLAGS_SET(a
, UNIT_ATOM_SLICE_OF
) && u
->type
!= UNIT_SLICE
)
3319 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3320 "Requested dependency SliceOf=%s refused (%s is not a slice unit).", other
->id
, u
->id
);
3322 if (FLAGS_SET(a
, UNIT_ATOM_IN_SLICE
) && !UNIT_HAS_CGROUP_CONTEXT(u
))
3323 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3324 "Requested dependency Slice=%s refused (%s is not a cgroup unit).", other
->id
, u
->id
);
3326 if (FLAGS_SET(a
, UNIT_ATOM_SLICE_OF
) && !UNIT_HAS_CGROUP_CONTEXT(other
))
3327 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3328 "Requested dependency SliceOf=%s refused (%s is not a cgroup unit).", other
->id
, other
->id
);
3330 r
= unit_add_dependency_impl(u
, d
, other
, mask
);
3335 if (add_reference
) {
3336 r
= unit_add_dependency_impl(u
, UNIT_REFERENCES
, other
, mask
);
3342 if (FLAGS_SET(notify_flags
, NOTIFY_DEPENDENCY_UPDATE_FROM
))
3343 unit_add_to_dbus_queue(u
);
3344 if (FLAGS_SET(notify_flags
, NOTIFY_DEPENDENCY_UPDATE_TO
))
3345 unit_add_to_dbus_queue(other
);
3347 return notify_flags
!= 0;
3350 int unit_add_two_dependencies(Unit
*u
, UnitDependency d
, UnitDependency e
, Unit
*other
, bool add_reference
, UnitDependencyMask mask
) {
3354 assert(d
>= 0 || e
>= 0);
3357 r
= unit_add_dependency(u
, d
, other
, add_reference
, mask
);
3363 s
= unit_add_dependency(u
, e
, other
, add_reference
, mask
);
3368 return r
> 0 || s
> 0;
3371 static int resolve_template(Unit
*u
, const char *name
, char **buf
, const char **ret
) {
3379 if (!unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
3386 r
= unit_name_replace_instance(name
, u
->instance
, buf
);
3388 _cleanup_free_
char *i
= NULL
;
3390 r
= unit_name_to_prefix(u
->id
, &i
);
3394 r
= unit_name_replace_instance(name
, i
, buf
);
3403 int unit_add_dependency_by_name(Unit
*u
, UnitDependency d
, const char *name
, bool add_reference
, UnitDependencyMask mask
) {
3404 _cleanup_free_
char *buf
= NULL
;
3411 r
= resolve_template(u
, name
, &buf
, &name
);
3415 if (u
->manager
&& FLAGS_SET(u
->manager
->test_run_flags
, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES
))
3418 r
= manager_load_unit(u
->manager
, name
, NULL
, NULL
, &other
);
3422 return unit_add_dependency(u
, d
, other
, add_reference
, mask
);
3425 int unit_add_two_dependencies_by_name(Unit
*u
, UnitDependency d
, UnitDependency e
, const char *name
, bool add_reference
, UnitDependencyMask mask
) {
3426 _cleanup_free_
char *buf
= NULL
;
3433 r
= resolve_template(u
, name
, &buf
, &name
);
3437 if (u
->manager
&& FLAGS_SET(u
->manager
->test_run_flags
, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES
))
3440 r
= manager_load_unit(u
->manager
, name
, NULL
, NULL
, &other
);
3444 return unit_add_two_dependencies(u
, d
, e
, other
, add_reference
, mask
);
3447 int set_unit_path(const char *p
) {
3448 /* This is mostly for debug purposes */
3449 return RET_NERRNO(setenv("SYSTEMD_UNIT_PATH", p
, 1));
3452 char *unit_dbus_path(Unit
*u
) {
3458 return unit_dbus_path_from_name(u
->id
);
3461 char *unit_dbus_path_invocation_id(Unit
*u
) {
3464 if (sd_id128_is_null(u
->invocation_id
))
3467 return unit_dbus_path_from_name(u
->invocation_id_string
);
3470 int unit_set_invocation_id(Unit
*u
, sd_id128_t id
) {
3475 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
3477 if (sd_id128_equal(u
->invocation_id
, id
))
3480 if (!sd_id128_is_null(u
->invocation_id
))
3481 (void) hashmap_remove_value(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
3483 if (sd_id128_is_null(id
)) {
3488 r
= hashmap_ensure_allocated(&u
->manager
->units_by_invocation_id
, &id128_hash_ops
);
3492 u
->invocation_id
= id
;
3493 sd_id128_to_string(id
, u
->invocation_id_string
);
3495 r
= hashmap_put(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
3502 u
->invocation_id
= SD_ID128_NULL
;
3503 u
->invocation_id_string
[0] = 0;
3507 int unit_set_slice(Unit
*u
, Unit
*slice
) {
3513 /* Sets the unit slice if it has not been set before. Is extra careful, to only allow this for units
3514 * that actually have a cgroup context. Also, we don't allow to set this for slices (since the parent
3515 * slice is derived from the name). Make sure the unit we set is actually a slice. */
3517 if (!UNIT_HAS_CGROUP_CONTEXT(u
))
3520 if (u
->type
== UNIT_SLICE
)
3523 if (unit_active_state(u
) != UNIT_INACTIVE
)
3526 if (slice
->type
!= UNIT_SLICE
)
3529 if (unit_has_name(u
, SPECIAL_INIT_SCOPE
) &&
3530 !unit_has_name(slice
, SPECIAL_ROOT_SLICE
))
3533 if (UNIT_GET_SLICE(u
) == slice
)
3536 /* Disallow slice changes if @u is already bound to cgroups */
3537 if (UNIT_GET_SLICE(u
) && u
->cgroup_realized
)
3540 /* Remove any slices assigned prior; we should only have one UNIT_IN_SLICE dependency */
3541 if (UNIT_GET_SLICE(u
))
3542 unit_remove_dependencies(u
, UNIT_DEPENDENCY_SLICE_PROPERTY
);
3544 r
= unit_add_dependency(u
, UNIT_IN_SLICE
, slice
, true, UNIT_DEPENDENCY_SLICE_PROPERTY
);
3551 int unit_set_default_slice(Unit
*u
) {
3552 const char *slice_name
;
3558 if (u
->manager
&& FLAGS_SET(u
->manager
->test_run_flags
, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES
))
3561 if (UNIT_GET_SLICE(u
))
3565 _cleanup_free_
char *prefix
= NULL
, *escaped
= NULL
;
3567 /* Implicitly place all instantiated units in their
3568 * own per-template slice */
3570 r
= unit_name_to_prefix(u
->id
, &prefix
);
3574 /* The prefix is already escaped, but it might include
3575 * "-" which has a special meaning for slice units,
3576 * hence escape it here extra. */
3577 escaped
= unit_name_escape(prefix
);
3581 if (MANAGER_IS_SYSTEM(u
->manager
))
3582 slice_name
= strjoina("system-", escaped
, ".slice");
3584 slice_name
= strjoina("app-", escaped
, ".slice");
3586 } else if (unit_is_extrinsic(u
))
3587 /* Keep all extrinsic units (e.g. perpetual units and swap and mount units in user mode) in
3588 * the root slice. They don't really belong in one of the subslices. */
3589 slice_name
= SPECIAL_ROOT_SLICE
;
3591 else if (MANAGER_IS_SYSTEM(u
->manager
))
3592 slice_name
= SPECIAL_SYSTEM_SLICE
;
3594 slice_name
= SPECIAL_APP_SLICE
;
3596 r
= manager_load_unit(u
->manager
, slice_name
, NULL
, NULL
, &slice
);
3600 return unit_set_slice(u
, slice
);
3603 const char *unit_slice_name(Unit
*u
) {
3607 slice
= UNIT_GET_SLICE(u
);
3614 int unit_load_related_unit(Unit
*u
, const char *type
, Unit
**_found
) {
3615 _cleanup_free_
char *t
= NULL
;
3622 r
= unit_name_change_suffix(u
->id
, type
, &t
);
3625 if (unit_has_name(u
, t
))
3628 r
= manager_load_unit(u
->manager
, t
, NULL
, NULL
, _found
);
3629 assert(r
< 0 || *_found
!= u
);
3633 static int signal_name_owner_changed(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
3634 const char *new_owner
;
3635 Unit
*u
= ASSERT_PTR(userdata
);
3640 r
= sd_bus_message_read(message
, "sss", NULL
, NULL
, &new_owner
);
3642 bus_log_parse_error(r
);
3646 if (UNIT_VTABLE(u
)->bus_name_owner_change
)
3647 UNIT_VTABLE(u
)->bus_name_owner_change(u
, empty_to_null(new_owner
));
3652 static int get_name_owner_handler(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
3653 const sd_bus_error
*e
;
3654 const char *new_owner
;
3655 Unit
*u
= ASSERT_PTR(userdata
);
3660 u
->get_name_owner_slot
= sd_bus_slot_unref(u
->get_name_owner_slot
);
3662 e
= sd_bus_message_get_error(message
);
3664 if (!sd_bus_error_has_name(e
, SD_BUS_ERROR_NAME_HAS_NO_OWNER
)) {
3665 r
= sd_bus_error_get_errno(e
);
3666 log_unit_error_errno(u
, r
,
3667 "Unexpected error response from GetNameOwner(): %s",
3668 bus_error_message(e
, r
));
3673 r
= sd_bus_message_read(message
, "s", &new_owner
);
3675 return bus_log_parse_error(r
);
3677 assert(!isempty(new_owner
));
3680 if (UNIT_VTABLE(u
)->bus_name_owner_change
)
3681 UNIT_VTABLE(u
)->bus_name_owner_change(u
, new_owner
);
3686 int unit_install_bus_match(Unit
*u
, sd_bus
*bus
, const char *name
) {
3687 _cleanup_(sd_bus_message_unrefp
) sd_bus_message
*m
= NULL
;
3689 usec_t timeout_usec
= 0;
3696 if (u
->match_bus_slot
|| u
->get_name_owner_slot
)
3699 /* NameOwnerChanged and GetNameOwner is used to detect when a service finished starting up. The dbus
3700 * call timeout shouldn't be earlier than that. If we couldn't get the start timeout, use the default
3701 * value defined above. */
3702 if (UNIT_VTABLE(u
)->get_timeout_start_usec
)
3703 timeout_usec
= UNIT_VTABLE(u
)->get_timeout_start_usec(u
);
3705 match
= strjoina("type='signal',"
3706 "sender='org.freedesktop.DBus',"
3707 "path='/org/freedesktop/DBus',"
3708 "interface='org.freedesktop.DBus',"
3709 "member='NameOwnerChanged',"
3710 "arg0='", name
, "'");
3712 r
= bus_add_match_full(
3717 signal_name_owner_changed
,
3724 r
= sd_bus_message_new_method_call(
3727 "org.freedesktop.DBus",
3728 "/org/freedesktop/DBus",
3729 "org.freedesktop.DBus",
3734 r
= sd_bus_message_append(m
, "s", name
);
3738 r
= sd_bus_call_async(
3740 &u
->get_name_owner_slot
,
3742 get_name_owner_handler
,
3747 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3751 log_unit_debug(u
, "Watching D-Bus name '%s'.", name
);
3755 int unit_watch_bus_name(Unit
*u
, const char *name
) {
3761 /* Watch a specific name on the bus. We only support one unit
3762 * watching each name for now. */
3764 if (u
->manager
->api_bus
) {
3765 /* If the bus is already available, install the match directly.
3766 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3767 r
= unit_install_bus_match(u
, u
->manager
->api_bus
, name
);
3769 return log_warning_errno(r
, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name
);
3772 r
= hashmap_put(u
->manager
->watch_bus
, name
, u
);
3774 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3775 u
->get_name_owner_slot
= sd_bus_slot_unref(u
->get_name_owner_slot
);
3776 return log_warning_errno(r
, "Failed to put bus name to hashmap: %m");
3782 void unit_unwatch_bus_name(Unit
*u
, const char *name
) {
3786 (void) hashmap_remove_value(u
->manager
->watch_bus
, name
, u
);
3787 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3788 u
->get_name_owner_slot
= sd_bus_slot_unref(u
->get_name_owner_slot
);
3791 int unit_add_node_dependency(Unit
*u
, const char *what
, UnitDependency dep
, UnitDependencyMask mask
) {
3792 _cleanup_free_
char *e
= NULL
;
3798 /* Adds in links to the device node that this unit is based on */
3802 if (!is_device_path(what
))
3805 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
3806 if (!unit_type_supported(UNIT_DEVICE
))
3809 r
= unit_name_from_path(what
, ".device", &e
);
3813 r
= manager_load_unit(u
->manager
, e
, NULL
, NULL
, &device
);
3817 if (dep
== UNIT_REQUIRES
&& device_shall_be_bound_by(device
, u
))
3818 dep
= UNIT_BINDS_TO
;
3820 return unit_add_two_dependencies(u
, UNIT_AFTER
,
3821 MANAGER_IS_SYSTEM(u
->manager
) ? dep
: UNIT_WANTS
,
3822 device
, true, mask
);
3825 int unit_add_blockdev_dependency(Unit
*u
, const char *what
, UnitDependencyMask mask
) {
3826 _cleanup_free_
char *escaped
= NULL
, *target
= NULL
;
3834 if (!path_startswith(what
, "/dev/"))
3837 /* If we don't support devices, then also don't bother with blockdev@.target */
3838 if (!unit_type_supported(UNIT_DEVICE
))
3841 r
= unit_name_path_escape(what
, &escaped
);
3845 r
= unit_name_build("blockdev", escaped
, ".target", &target
);
3849 return unit_add_dependency_by_name(u
, UNIT_AFTER
, target
, true, mask
);
3852 int unit_coldplug(Unit
*u
) {
3857 /* Make sure we don't enter a loop, when coldplugging recursively. */
3861 u
->coldplugged
= true;
3863 STRV_FOREACH(i
, u
->deserialized_refs
)
3864 RET_GATHER(r
, bus_unit_track_add_name(u
, *i
));
3866 u
->deserialized_refs
= strv_free(u
->deserialized_refs
);
3868 if (UNIT_VTABLE(u
)->coldplug
)
3869 RET_GATHER(r
, UNIT_VTABLE(u
)->coldplug(u
));
3872 RET_GATHER(r
, job_coldplug(u
->job
));
3874 RET_GATHER(r
, job_coldplug(u
->nop_job
));
3876 unit_modify_nft_set(u
, /* add = */ true);
3880 void unit_catchup(Unit
*u
) {
3883 if (UNIT_VTABLE(u
)->catchup
)
3884 UNIT_VTABLE(u
)->catchup(u
);
3886 unit_cgroup_catchup(u
);
3889 static bool fragment_mtime_newer(const char *path
, usec_t mtime
, bool path_masked
) {
3895 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3896 * are never out-of-date. */
3897 if (PATH_STARTSWITH_SET(path
, "/proc", "/sys"))
3900 if (stat(path
, &st
) < 0)
3901 /* What, cannot access this anymore? */
3905 /* For masked files check if they are still so */
3906 return !null_or_empty(&st
);
3908 /* For non-empty files check the mtime */
3909 return timespec_load(&st
.st_mtim
) > mtime
;
3914 bool unit_need_daemon_reload(Unit
*u
) {
3915 _cleanup_strv_free_
char **dropins
= NULL
;
3920 if (u
->manager
->unit_file_state_outdated
)
3923 /* For unit files, we allow masking… */
3924 if (fragment_mtime_newer(u
->fragment_path
, u
->fragment_mtime
,
3925 u
->load_state
== UNIT_MASKED
))
3928 /* Source paths should not be masked… */
3929 if (fragment_mtime_newer(u
->source_path
, u
->source_mtime
, false))
3932 if (u
->load_state
== UNIT_LOADED
)
3933 (void) unit_find_dropin_paths(u
, &dropins
);
3934 if (!strv_equal(u
->dropin_paths
, dropins
))
3937 /* … any drop-ins that are masked are simply omitted from the list. */
3938 STRV_FOREACH(path
, u
->dropin_paths
)
3939 if (fragment_mtime_newer(*path
, u
->dropin_mtime
, false))
3945 void unit_reset_failed(Unit
*u
) {
3948 if (UNIT_VTABLE(u
)->reset_failed
)
3949 UNIT_VTABLE(u
)->reset_failed(u
);
3951 ratelimit_reset(&u
->start_ratelimit
);
3952 u
->start_limit_hit
= false;
3955 Unit
*unit_following(Unit
*u
) {
3958 if (UNIT_VTABLE(u
)->following
)
3959 return UNIT_VTABLE(u
)->following(u
);
3964 bool unit_stop_pending(Unit
*u
) {
3967 /* This call does check the current state of the unit. It's
3968 * hence useful to be called from state change calls of the
3969 * unit itself, where the state isn't updated yet. This is
3970 * different from unit_inactive_or_pending() which checks both
3971 * the current state and for a queued job. */
3973 return unit_has_job_type(u
, JOB_STOP
);
3976 bool unit_inactive_or_pending(Unit
*u
) {
3979 /* Returns true if the unit is inactive or going down */
3981 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u
)))
3984 if (unit_stop_pending(u
))
3990 bool unit_active_or_pending(Unit
*u
) {
3993 /* Returns true if the unit is active or going up */
3995 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)))
3999 IN_SET(u
->job
->type
, JOB_START
, JOB_RELOAD_OR_START
, JOB_RESTART
))
4005 bool unit_will_restart_default(Unit
*u
) {
4008 return unit_has_job_type(u
, JOB_START
);
4011 bool unit_will_restart(Unit
*u
) {
4014 if (!UNIT_VTABLE(u
)->will_restart
)
4017 return UNIT_VTABLE(u
)->will_restart(u
);
4020 void unit_notify_cgroup_oom(Unit
*u
, bool managed_oom
) {
4023 if (UNIT_VTABLE(u
)->notify_cgroup_oom
)
4024 UNIT_VTABLE(u
)->notify_cgroup_oom(u
, managed_oom
);
4027 static Set
*unit_pid_set(pid_t main_pid
, pid_t control_pid
) {
4028 _cleanup_set_free_ Set
*pid_set
= NULL
;
4031 pid_set
= set_new(NULL
);
4035 /* Exclude the main/control pids from being killed via the cgroup */
4037 r
= set_put(pid_set
, PID_TO_PTR(main_pid
));
4042 if (control_pid
> 0) {
4043 r
= set_put(pid_set
, PID_TO_PTR(control_pid
));
4048 return TAKE_PTR(pid_set
);
4051 static int kill_common_log(const PidRef
*pid
, int signo
, void *userdata
) {
4052 _cleanup_free_
char *comm
= NULL
;
4053 Unit
*u
= ASSERT_PTR(userdata
);
4055 (void) pidref_get_comm(pid
, &comm
);
4057 log_unit_info(u
, "Sending signal SIG%s to process " PID_FMT
" (%s) on client request.",
4058 signal_to_string(signo
), pid
->pid
, strna(comm
));
4063 static int kill_or_sigqueue(PidRef
* pidref
, int signo
, int code
, int value
) {
4064 assert(pidref_is_set(pidref
));
4065 assert(SIGNAL_VALID(signo
));
4070 log_debug("Killing " PID_FMT
" with signal SIG%s.", pidref
->pid
, signal_to_string(signo
));
4071 return pidref_kill(pidref
, signo
);
4074 log_debug("Enqueuing value %i to " PID_FMT
" on signal SIG%s.", value
, pidref
->pid
, signal_to_string(signo
));
4075 return pidref_sigqueue(pidref
, signo
, value
);
4078 assert_not_reached();
4088 sd_bus_error
*error
) {
4090 PidRef
*main_pid
, *control_pid
;
4091 bool killed
= false;
4094 /* This is the common implementation for explicit user-requested killing of unit processes, shared by
4095 * various unit types. Do not confuse with unit_kill_context(), which is what we use when we want to
4096 * stop a service ourselves. */
4100 assert(who
< _KILL_WHO_MAX
);
4101 assert(SIGNAL_VALID(signo
));
4102 assert(IN_SET(code
, SI_USER
, SI_QUEUE
));
4104 main_pid
= unit_main_pid(u
);
4105 control_pid
= unit_control_pid(u
);
4107 if (!UNIT_HAS_CGROUP_CONTEXT(u
) && !main_pid
&& !control_pid
)
4108 return sd_bus_error_setf(error
, SD_BUS_ERROR_NOT_SUPPORTED
, "Unit type does not support process killing.");
4110 if (IN_SET(who
, KILL_MAIN
, KILL_MAIN_FAIL
)) {
4112 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PROCESS
, "%s units have no main processes", unit_type_to_string(u
->type
));
4113 if (!pidref_is_set(main_pid
))
4114 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No main process to kill");
4117 if (IN_SET(who
, KILL_CONTROL
, KILL_CONTROL_FAIL
)) {
4119 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PROCESS
, "%s units have no control processes", unit_type_to_string(u
->type
));
4120 if (!pidref_is_set(control_pid
))
4121 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No control process to kill");
4124 if (pidref_is_set(control_pid
) &&
4125 IN_SET(who
, KILL_CONTROL
, KILL_CONTROL_FAIL
, KILL_ALL
, KILL_ALL_FAIL
)) {
4126 _cleanup_free_
char *comm
= NULL
;
4127 (void) pidref_get_comm(control_pid
, &comm
);
4129 r
= kill_or_sigqueue(control_pid
, signo
, code
, value
);
4133 /* Report this failure both to the logs and to the client */
4134 sd_bus_error_set_errnof(
4136 "Failed to send signal SIG%s to control process " PID_FMT
" (%s): %m",
4137 signal_to_string(signo
), control_pid
->pid
, strna(comm
));
4138 log_unit_warning_errno(
4140 "Failed to send signal SIG%s to control process " PID_FMT
" (%s) on client request: %m",
4141 signal_to_string(signo
), control_pid
->pid
, strna(comm
));
4143 log_unit_info(u
, "Sent signal SIG%s to control process " PID_FMT
" (%s) on client request.",
4144 signal_to_string(signo
), control_pid
->pid
, strna(comm
));
4149 if (pidref_is_set(main_pid
) &&
4150 IN_SET(who
, KILL_MAIN
, KILL_MAIN_FAIL
, KILL_ALL
, KILL_ALL_FAIL
)) {
4151 _cleanup_free_
char *comm
= NULL
;
4152 (void) pidref_get_comm(main_pid
, &comm
);
4154 r
= kill_or_sigqueue(main_pid
, signo
, code
, value
);
4159 sd_bus_error_set_errnof(
4161 "Failed to send signal SIG%s to main process " PID_FMT
" (%s): %m",
4162 signal_to_string(signo
), main_pid
->pid
, strna(comm
));
4165 log_unit_warning_errno(
4167 "Failed to send signal SIG%s to main process " PID_FMT
" (%s) on client request: %m",
4168 signal_to_string(signo
), main_pid
->pid
, strna(comm
));
4171 log_unit_info(u
, "Sent signal SIG%s to main process " PID_FMT
" (%s) on client request.",
4172 signal_to_string(signo
), main_pid
->pid
, strna(comm
));
4177 /* Note: if we shall enqueue rather than kill we won't do this via the cgroup mechanism, since it
4178 * doesn't really make much sense (and given that enqueued values are a relatively expensive
4179 * resource, and we shouldn't allow us to be subjects for such allocation sprees) */
4180 if (IN_SET(who
, KILL_ALL
, KILL_ALL_FAIL
) && u
->cgroup_path
&& code
== SI_USER
) {
4181 _cleanup_set_free_ Set
*pid_set
= NULL
;
4183 /* Exclude the main/control pids from being killed via the cgroup */
4184 pid_set
= unit_pid_set(main_pid
? main_pid
->pid
: 0, control_pid
? control_pid
->pid
: 0);
4188 r
= cg_kill_recursive(u
->cgroup_path
, signo
, 0, pid_set
, kill_common_log
, u
);
4190 if (!IN_SET(r
, -ESRCH
, -ENOENT
)) {
4194 sd_bus_error_set_errnof(
4196 "Failed to send signal SIG%s to auxiliary processes: %m",
4197 signal_to_string(signo
));
4200 log_unit_warning_errno(
4202 "Failed to send signal SIG%s to auxiliary processes on client request: %m",
4203 signal_to_string(signo
));
4209 /* If the "fail" versions of the operation are requested, then complain if the set of processes we killed is empty */
4210 if (ret
== 0 && !killed
&& IN_SET(who
, KILL_ALL_FAIL
, KILL_CONTROL_FAIL
, KILL_MAIN_FAIL
))
4211 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No matching processes to kill");
4216 int unit_following_set(Unit
*u
, Set
**s
) {
4220 if (UNIT_VTABLE(u
)->following_set
)
4221 return UNIT_VTABLE(u
)->following_set(u
, s
);
4227 UnitFileState
unit_get_unit_file_state(Unit
*u
) {
4232 if (u
->unit_file_state
< 0 && u
->fragment_path
) {
4233 r
= unit_file_get_state(
4234 u
->manager
->runtime_scope
,
4237 &u
->unit_file_state
);
4239 u
->unit_file_state
= UNIT_FILE_BAD
;
4242 return u
->unit_file_state
;
4245 PresetAction
unit_get_unit_file_preset(Unit
*u
) {
4250 if (u
->unit_file_preset
< 0 && u
->fragment_path
) {
4251 _cleanup_free_
char *bn
= NULL
;
4253 r
= path_extract_filename(u
->fragment_path
, &bn
);
4255 return (u
->unit_file_preset
= r
);
4257 if (r
== O_DIRECTORY
)
4258 return (u
->unit_file_preset
= -EISDIR
);
4260 u
->unit_file_preset
= unit_file_query_preset(
4261 u
->manager
->runtime_scope
,
4267 return u
->unit_file_preset
;
4270 Unit
* unit_ref_set(UnitRef
*ref
, Unit
*source
, Unit
*target
) {
4276 unit_ref_unset(ref
);
4278 ref
->source
= source
;
4279 ref
->target
= target
;
4280 LIST_PREPEND(refs_by_target
, target
->refs_by_target
, ref
);
4284 void unit_ref_unset(UnitRef
*ref
) {
4290 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4291 * be unreferenced now. */
4292 unit_add_to_gc_queue(ref
->target
);
4294 LIST_REMOVE(refs_by_target
, ref
->target
->refs_by_target
, ref
);
4295 ref
->source
= ref
->target
= NULL
;
4298 static int user_from_unit_name(Unit
*u
, char **ret
) {
4300 static const uint8_t hash_key
[] = {
4301 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4302 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4305 _cleanup_free_
char *n
= NULL
;
4308 r
= unit_name_to_prefix(u
->id
, &n
);
4312 if (valid_user_group_name(n
, 0)) {
4317 /* If we can't use the unit name as a user name, then let's hash it and use that */
4318 if (asprintf(ret
, "_du%016" PRIx64
, siphash24(n
, strlen(n
), hash_key
)) < 0)
4324 int unit_patch_contexts(Unit
*u
) {
4331 /* Patch in the manager defaults into the exec and cgroup
4332 * contexts, _after_ the rest of the settings have been
4335 ec
= unit_get_exec_context(u
);
4337 /* This only copies in the ones that need memory */
4338 for (unsigned i
= 0; i
< _RLIMIT_MAX
; i
++)
4339 if (u
->manager
->defaults
.rlimit
[i
] && !ec
->rlimit
[i
]) {
4340 ec
->rlimit
[i
] = newdup(struct rlimit
, u
->manager
->defaults
.rlimit
[i
], 1);
4345 if (MANAGER_IS_USER(u
->manager
) &&
4346 !ec
->working_directory
) {
4348 r
= get_home_dir(&ec
->working_directory
);
4352 /* Allow user services to run, even if the
4353 * home directory is missing */
4354 ec
->working_directory_missing_ok
= true;
4357 if (ec
->private_devices
)
4358 ec
->capability_bounding_set
&= ~((UINT64_C(1) << CAP_MKNOD
) | (UINT64_C(1) << CAP_SYS_RAWIO
));
4360 if (ec
->protect_kernel_modules
)
4361 ec
->capability_bounding_set
&= ~(UINT64_C(1) << CAP_SYS_MODULE
);
4363 if (ec
->protect_kernel_logs
)
4364 ec
->capability_bounding_set
&= ~(UINT64_C(1) << CAP_SYSLOG
);
4366 if (ec
->protect_clock
)
4367 ec
->capability_bounding_set
&= ~((UINT64_C(1) << CAP_SYS_TIME
) | (UINT64_C(1) << CAP_WAKE_ALARM
));
4369 if (ec
->dynamic_user
) {
4371 r
= user_from_unit_name(u
, &ec
->user
);
4377 ec
->group
= strdup(ec
->user
);
4382 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4383 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4386 ec
->private_tmp
= true;
4387 ec
->remove_ipc
= true;
4388 ec
->protect_system
= PROTECT_SYSTEM_STRICT
;
4389 if (ec
->protect_home
== PROTECT_HOME_NO
)
4390 ec
->protect_home
= PROTECT_HOME_READ_ONLY
;
4392 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4394 ec
->no_new_privileges
= true;
4395 ec
->restrict_suid_sgid
= true;
4398 for (ExecDirectoryType dt
= 0; dt
< _EXEC_DIRECTORY_TYPE_MAX
; dt
++)
4399 exec_directory_sort(ec
->directories
+ dt
);
4402 cc
= unit_get_cgroup_context(u
);
4405 if (ec
->private_devices
&&
4406 cc
->device_policy
== CGROUP_DEVICE_POLICY_AUTO
)
4407 cc
->device_policy
= CGROUP_DEVICE_POLICY_CLOSED
;
4409 /* Only add these if needed, as they imply that everything else is blocked. */
4410 if (cc
->device_policy
!= CGROUP_DEVICE_POLICY_AUTO
|| cc
->device_allow
) {
4411 if (ec
->root_image
|| ec
->mount_images
) {
4413 /* When RootImage= or MountImages= is specified, the following devices are touched. */
4414 FOREACH_STRING(p
, "/dev/loop-control", "/dev/mapper/control") {
4415 r
= cgroup_context_add_device_allow(cc
, p
, CGROUP_DEVICE_READ
|CGROUP_DEVICE_WRITE
);
4419 FOREACH_STRING(p
, "block-loop", "block-blkext", "block-device-mapper") {
4420 r
= cgroup_context_add_device_allow(cc
, p
, CGROUP_DEVICE_READ
|CGROUP_DEVICE_WRITE
|CGROUP_DEVICE_MKNOD
);
4425 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices.
4426 * Same for mapper and verity. */
4427 FOREACH_STRING(p
, "modprobe@loop.service", "modprobe@dm_mod.service", "modprobe@dm_verity.service") {
4428 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_WANTS
, p
, true, UNIT_DEPENDENCY_FILE
);
4434 if (ec
->protect_clock
) {
4435 r
= cgroup_context_add_device_allow(cc
, "char-rtc", CGROUP_DEVICE_READ
);
4440 /* If there are encrypted credentials we might need to access the TPM. */
4441 if (exec_context_has_encrypted_credentials(ec
)) {
4442 r
= cgroup_context_add_device_allow(cc
, "char-tpm", CGROUP_DEVICE_READ
|CGROUP_DEVICE_WRITE
);
4452 ExecContext
*unit_get_exec_context(const Unit
*u
) {
4459 offset
= UNIT_VTABLE(u
)->exec_context_offset
;
4463 return (ExecContext
*) ((uint8_t*) u
+ offset
);
4466 KillContext
*unit_get_kill_context(Unit
*u
) {
4473 offset
= UNIT_VTABLE(u
)->kill_context_offset
;
4477 return (KillContext
*) ((uint8_t*) u
+ offset
);
4480 CGroupContext
*unit_get_cgroup_context(Unit
*u
) {
4486 offset
= UNIT_VTABLE(u
)->cgroup_context_offset
;
4490 return (CGroupContext
*) ((uint8_t*) u
+ offset
);
4493 ExecRuntime
*unit_get_exec_runtime(Unit
*u
) {
4499 offset
= UNIT_VTABLE(u
)->exec_runtime_offset
;
4503 return *(ExecRuntime
**) ((uint8_t*) u
+ offset
);
4506 static const char* unit_drop_in_dir(Unit
*u
, UnitWriteFlags flags
) {
4509 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4512 if (u
->transient
) /* Redirect drop-ins for transient units always into the transient directory. */
4513 return u
->manager
->lookup_paths
.transient
;
4515 if (flags
& UNIT_PERSISTENT
)
4516 return u
->manager
->lookup_paths
.persistent_control
;
4518 if (flags
& UNIT_RUNTIME
)
4519 return u
->manager
->lookup_paths
.runtime_control
;
4524 const char* unit_escape_setting(const char *s
, UnitWriteFlags flags
, char **buf
) {
4526 assert(popcount(flags
& (UNIT_ESCAPE_EXEC_SYNTAX_ENV
| UNIT_ESCAPE_EXEC_SYNTAX
| UNIT_ESCAPE_C
)) <= 1);
4529 _cleanup_free_
char *t
= NULL
;
4531 /* Returns a string with any escaping done. If no escaping was necessary, *buf is set to NULL, and
4532 * the input pointer is returned as-is. If an allocation was needed, the return buffer pointer is
4533 * written to *buf. This means the return value always contains a properly escaped version, but *buf
4534 * only contains a pointer if an allocation was made. Callers can use this to optimize memory
4537 if (flags
& UNIT_ESCAPE_SPECIFIERS
) {
4538 t
= specifier_escape(s
);
4545 /* We either do C-escaping or shell-escaping, to additionally escape characters that we parse for
4546 * ExecStart= and friends, i.e. '$' and quotes. */
4548 if (flags
& (UNIT_ESCAPE_EXEC_SYNTAX_ENV
| UNIT_ESCAPE_EXEC_SYNTAX
)) {
4551 if (flags
& UNIT_ESCAPE_EXEC_SYNTAX_ENV
) {
4552 t2
= strreplace(s
, "$", "$$");
4555 free_and_replace(t
, t2
);
4558 t2
= shell_escape(t
?: s
, "\"");
4561 free_and_replace(t
, t2
);
4565 } else if (flags
& UNIT_ESCAPE_C
) {
4571 free_and_replace(t
, t2
);
4580 char* unit_concat_strv(char **l
, UnitWriteFlags flags
) {
4581 _cleanup_free_
char *result
= NULL
;
4584 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command
4585 * lines in a way suitable for ExecStart= stanzas. */
4587 STRV_FOREACH(i
, l
) {
4588 _cleanup_free_
char *buf
= NULL
;
4593 p
= unit_escape_setting(*i
, flags
, &buf
);
4597 a
= (n
> 0) + 1 + strlen(p
) + 1; /* separating space + " + entry + " */
4598 if (!GREEDY_REALLOC(result
, n
+ a
+ 1))
4612 if (!GREEDY_REALLOC(result
, n
+ 1))
4617 return TAKE_PTR(result
);
4620 int unit_write_setting(Unit
*u
, UnitWriteFlags flags
, const char *name
, const char *data
) {
4621 _cleanup_free_
char *p
= NULL
, *q
= NULL
, *escaped
= NULL
;
4622 const char *dir
, *wrapped
;
4629 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4632 data
= unit_escape_setting(data
, flags
, &escaped
);
4636 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4637 * previous section header is the same */
4639 if (flags
& UNIT_PRIVATE
) {
4640 if (!UNIT_VTABLE(u
)->private_section
)
4643 if (!u
->transient_file
|| u
->last_section_private
< 0)
4644 data
= strjoina("[", UNIT_VTABLE(u
)->private_section
, "]\n", data
);
4645 else if (u
->last_section_private
== 0)
4646 data
= strjoina("\n[", UNIT_VTABLE(u
)->private_section
, "]\n", data
);
4648 if (!u
->transient_file
|| u
->last_section_private
< 0)
4649 data
= strjoina("[Unit]\n", data
);
4650 else if (u
->last_section_private
> 0)
4651 data
= strjoina("\n[Unit]\n", data
);
4654 if (u
->transient_file
) {
4655 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4656 * write to the transient unit file. */
4657 fputs(data
, u
->transient_file
);
4659 if (!endswith(data
, "\n"))
4660 fputc('\n', u
->transient_file
);
4662 /* Remember which section we wrote this entry to */
4663 u
->last_section_private
= !!(flags
& UNIT_PRIVATE
);
4667 dir
= unit_drop_in_dir(u
, flags
);
4671 wrapped
= strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4672 "# or an equivalent operation. Do not edit.\n",
4676 r
= drop_in_file(dir
, u
->id
, 50, name
, &p
, &q
);
4680 (void) mkdir_p_label(p
, 0755);
4682 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4683 * recreate the cache after every drop-in we write. */
4684 if (u
->manager
->unit_path_cache
) {
4685 r
= set_put_strdup(&u
->manager
->unit_path_cache
, p
);
4690 r
= write_string_file_atomic_label(q
, wrapped
);
4694 r
= strv_push(&u
->dropin_paths
, q
);
4699 strv_uniq(u
->dropin_paths
);
4701 u
->dropin_mtime
= now(CLOCK_REALTIME
);
4706 int unit_write_settingf(Unit
*u
, UnitWriteFlags flags
, const char *name
, const char *format
, ...) {
4707 _cleanup_free_
char *p
= NULL
;
4715 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4718 va_start(ap
, format
);
4719 r
= vasprintf(&p
, format
, ap
);
4725 return unit_write_setting(u
, flags
, name
, p
);
4728 int unit_make_transient(Unit
*u
) {
4729 _cleanup_free_
char *path
= NULL
;
4734 if (!UNIT_VTABLE(u
)->can_transient
)
4737 (void) mkdir_p_label(u
->manager
->lookup_paths
.transient
, 0755);
4739 path
= path_join(u
->manager
->lookup_paths
.transient
, u
->id
);
4743 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4744 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4747 f
= fopen(path
, "we");
4752 safe_fclose(u
->transient_file
);
4753 u
->transient_file
= f
;
4755 free_and_replace(u
->fragment_path
, path
);
4757 u
->source_path
= mfree(u
->source_path
);
4758 u
->dropin_paths
= strv_free(u
->dropin_paths
);
4759 u
->fragment_mtime
= u
->source_mtime
= u
->dropin_mtime
= 0;
4761 u
->load_state
= UNIT_STUB
;
4763 u
->transient
= true;
4765 unit_add_to_dbus_queue(u
);
4766 unit_add_to_gc_queue(u
);
4768 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4774 static int log_kill(const PidRef
*pid
, int sig
, void *userdata
) {
4775 _cleanup_free_
char *comm
= NULL
;
4777 assert(pidref_is_set(pid
));
4779 (void) pidref_get_comm(pid
, &comm
);
4781 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4782 only, like for example systemd's own PAM stub process. */
4783 if (comm
&& comm
[0] == '(')
4784 /* Although we didn't log anything, as this callback is used in unit_kill_context we must return 1
4785 * here to let the manager know that a process was killed. */
4788 log_unit_notice(userdata
,
4789 "Killing process " PID_FMT
" (%s) with signal SIG%s.",
4792 signal_to_string(sig
));
4797 static int operation_to_signal(
4798 const KillContext
*c
,
4800 bool *ret_noteworthy
) {
4806 case KILL_TERMINATE
:
4807 case KILL_TERMINATE_AND_LOG
:
4808 *ret_noteworthy
= false;
4809 return c
->kill_signal
;
4812 *ret_noteworthy
= false;
4813 return restart_kill_signal(c
);
4816 *ret_noteworthy
= true;
4817 return c
->final_kill_signal
;
4820 *ret_noteworthy
= true;
4821 return c
->watchdog_signal
;
4824 assert_not_reached();
4828 int unit_kill_context(
4833 PidRef
* control_pid
,
4834 bool main_pid_alien
) {
4836 bool wait_for_exit
= false, send_sighup
;
4837 cg_kill_log_func_t log_func
= NULL
;
4843 /* Kill the processes belonging to this unit, in preparation for shutting the unit down. Returns > 0
4844 * if we killed something worth waiting for, 0 otherwise. Do not confuse with unit_kill_common()
4845 * which is used for user-requested killing of unit processes. */
4847 if (c
->kill_mode
== KILL_NONE
)
4851 sig
= operation_to_signal(c
, k
, ¬eworthy
);
4853 log_func
= log_kill
;
4857 IN_SET(k
, KILL_TERMINATE
, KILL_TERMINATE_AND_LOG
) &&
4860 if (pidref_is_set(main_pid
)) {
4862 log_func(main_pid
, sig
, u
);
4864 r
= pidref_kill_and_sigcont(main_pid
, sig
);
4865 if (r
< 0 && r
!= -ESRCH
) {
4866 _cleanup_free_
char *comm
= NULL
;
4867 (void) pidref_get_comm(main_pid
, &comm
);
4869 log_unit_warning_errno(u
, r
, "Failed to kill main process " PID_FMT
" (%s), ignoring: %m", main_pid
->pid
, strna(comm
));
4871 if (!main_pid_alien
)
4872 wait_for_exit
= true;
4874 if (r
!= -ESRCH
&& send_sighup
)
4875 (void) pidref_kill(main_pid
, SIGHUP
);
4879 if (pidref_is_set(control_pid
)) {
4881 log_func(control_pid
, sig
, u
);
4883 r
= pidref_kill_and_sigcont(control_pid
, sig
);
4884 if (r
< 0 && r
!= -ESRCH
) {
4885 _cleanup_free_
char *comm
= NULL
;
4886 (void) pidref_get_comm(control_pid
, &comm
);
4888 log_unit_warning_errno(u
, r
, "Failed to kill control process " PID_FMT
" (%s), ignoring: %m", control_pid
->pid
, strna(comm
));
4890 wait_for_exit
= true;
4892 if (r
!= -ESRCH
&& send_sighup
)
4893 (void) pidref_kill(control_pid
, SIGHUP
);
4897 if (u
->cgroup_path
&&
4898 (c
->kill_mode
== KILL_CONTROL_GROUP
|| (c
->kill_mode
== KILL_MIXED
&& k
== KILL_KILL
))) {
4899 _cleanup_set_free_ Set
*pid_set
= NULL
;
4901 /* Exclude the main/control pids from being killed via the cgroup */
4902 pid_set
= unit_pid_set(main_pid
? main_pid
->pid
: 0, control_pid
? control_pid
->pid
: 0);
4906 r
= cg_kill_recursive(
4909 CGROUP_SIGCONT
|CGROUP_IGNORE_SELF
,
4913 if (!IN_SET(r
, -EAGAIN
, -ESRCH
, -ENOENT
))
4914 log_unit_warning_errno(u
, r
, "Failed to kill control group %s, ignoring: %m", empty_to_root(u
->cgroup_path
));
4918 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4919 * we are running in a container or if this is a delegation unit, simply because cgroup
4920 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4921 * of containers it can be confused easily by left-over directories in the cgroup — which
4922 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4923 * there we get proper events. Hence rely on them. */
4925 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
) > 0 ||
4926 (detect_container() == 0 && !unit_cgroup_delegate(u
)))
4927 wait_for_exit
= true;
4932 pid_set
= unit_pid_set(main_pid
? main_pid
->pid
: 0, control_pid
? control_pid
->pid
: 0);
4936 (void) cg_kill_recursive(
4941 /* kill_log= */ NULL
,
4942 /* userdata= */ NULL
);
4947 return wait_for_exit
;
4950 int unit_require_mounts_for(Unit
*u
, const char *path
, UnitDependencyMask mask
) {
4956 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these
4957 * paths in the unit (from the path to the UnitDependencyInfo structure indicating how to the
4958 * dependency came to be). However, we build a prefix table for all possible prefixes so that new
4959 * appearing mount units can easily determine which units to make themselves a dependency of. */
4961 if (!path_is_absolute(path
))
4964 if (hashmap_contains(u
->requires_mounts_for
, path
)) /* Exit quickly if the path is already covered. */
4967 /* Use the canonical form of the path as the stored key. We call path_is_normalized()
4968 * only after simplification, since path_is_normalized() rejects paths with '.'.
4969 * path_is_normalized() also verifies that the path fits in PATH_MAX. */
4970 _cleanup_free_
char *p
= NULL
;
4971 r
= path_simplify_alloc(path
, &p
);
4976 if (!path_is_normalized(path
))
4979 UnitDependencyInfo di
= {
4983 r
= hashmap_ensure_put(&u
->requires_mounts_for
, &path_hash_ops
, p
, di
.data
);
4987 TAKE_PTR(p
); /* path remains a valid pointer to the string stored in the hashmap */
4989 char prefix
[strlen(path
) + 1];
4990 PATH_FOREACH_PREFIX_MORE(prefix
, path
) {
4993 x
= hashmap_get(u
->manager
->units_requiring_mounts_for
, prefix
);
4995 _cleanup_free_
char *q
= NULL
;
4997 r
= hashmap_ensure_allocated(&u
->manager
->units_requiring_mounts_for
, &path_hash_ops
);
5009 r
= hashmap_put(u
->manager
->units_requiring_mounts_for
, q
, x
);
5025 int unit_setup_exec_runtime(Unit
*u
) {
5026 _cleanup_(exec_shared_runtime_unrefp
) ExecSharedRuntime
*esr
= NULL
;
5027 _cleanup_(dynamic_creds_unrefp
) DynamicCreds
*dcreds
= NULL
;
5028 _cleanup_set_free_ Set
*units
= NULL
;
5035 offset
= UNIT_VTABLE(u
)->exec_runtime_offset
;
5038 /* Check if there already is an ExecRuntime for this unit? */
5039 rt
= (ExecRuntime
**) ((uint8_t*) u
+ offset
);
5043 ec
= unit_get_exec_context(u
);
5046 r
= unit_get_transitive_dependency_set(u
, UNIT_ATOM_JOINS_NAMESPACE_OF
, &units
);
5050 /* Try to get it from somebody else */
5051 SET_FOREACH(other
, units
) {
5052 r
= exec_shared_runtime_acquire(u
->manager
, NULL
, other
->id
, false, &esr
);
5060 r
= exec_shared_runtime_acquire(u
->manager
, ec
, u
->id
, true, &esr
);
5065 if (ec
->dynamic_user
) {
5066 r
= dynamic_creds_make(u
->manager
, ec
->user
, ec
->group
, &dcreds
);
5071 r
= exec_runtime_make(u
, ec
, esr
, dcreds
, rt
);
5081 bool unit_type_supported(UnitType t
) {
5082 static int8_t cache
[_UNIT_TYPE_MAX
] = {}; /* -1: disabled, 1: enabled: 0: don't know */
5085 assert(t
>= 0 && t
< _UNIT_TYPE_MAX
);
5087 if (cache
[t
] == 0) {
5090 e
= strjoina("SYSTEMD_SUPPORT_", unit_type_to_string(t
));
5092 r
= getenv_bool(ascii_strupper(e
));
5093 if (r
< 0 && r
!= -ENXIO
)
5094 log_debug_errno(r
, "Failed to parse $%s, ignoring: %m", e
);
5096 cache
[t
] = r
== 0 ? -1 : 1;
5101 if (!unit_vtable
[t
]->supported
)
5104 return unit_vtable
[t
]->supported();
5107 void unit_warn_if_dir_nonempty(Unit
*u
, const char* where
) {
5113 if (!unit_log_level_test(u
, LOG_NOTICE
))
5116 r
= dir_is_empty(where
, /* ignore_hidden_or_backup= */ false);
5117 if (r
> 0 || r
== -ENOTDIR
)
5120 log_unit_warning_errno(u
, r
, "Failed to check directory %s: %m", where
);
5124 log_unit_struct(u
, LOG_NOTICE
,
5125 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR
,
5126 LOG_UNIT_INVOCATION_ID(u
),
5127 LOG_UNIT_MESSAGE(u
, "Directory %s to mount over is not empty, mounting anyway.", where
),
5131 int unit_fail_if_noncanonical(Unit
*u
, const char* where
) {
5132 _cleanup_free_
char *canonical_where
= NULL
;
5138 r
= chase(where
, NULL
, CHASE_NONEXISTENT
, &canonical_where
, NULL
);
5140 log_unit_debug_errno(u
, r
, "Failed to check %s for symlinks, ignoring: %m", where
);
5144 /* We will happily ignore a trailing slash (or any redundant slashes) */
5145 if (path_equal(where
, canonical_where
))
5148 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
5149 log_unit_struct(u
, LOG_ERR
,
5150 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR
,
5151 LOG_UNIT_INVOCATION_ID(u
),
5152 LOG_UNIT_MESSAGE(u
, "Mount path %s is not canonical (contains a symlink).", where
),
5158 bool unit_is_pristine(Unit
*u
) {
5161 /* Check if the unit already exists or is already around, in a number of different ways. Note that to
5162 * cater for unit types such as slice, we are generally fine with units that are marked UNIT_LOADED
5163 * even though nothing was actually loaded, as those unit types don't require a file on disk.
5165 * Note that we don't check for drop-ins here, because we allow drop-ins for transient units
5166 * identically to non-transient units, both unit-specific and hierarchical. E.g. for a-b-c.service:
5167 * service.d/….conf, a-.service.d/….conf, a-b-.service.d/….conf, a-b-c.service.d/….conf.
5170 return IN_SET(u
->load_state
, UNIT_NOT_FOUND
, UNIT_LOADED
) &&
5171 !u
->fragment_path
&&
5177 PidRef
* unit_control_pid(Unit
*u
) {
5180 if (UNIT_VTABLE(u
)->control_pid
)
5181 return UNIT_VTABLE(u
)->control_pid(u
);
5186 PidRef
* unit_main_pid(Unit
*u
) {
5189 if (UNIT_VTABLE(u
)->main_pid
)
5190 return UNIT_VTABLE(u
)->main_pid(u
);
5195 static void unit_modify_user_nft_set(Unit
*u
, bool add
, NFTSetSource source
, uint32_t element
) {
5200 if (!MANAGER_IS_SYSTEM(u
->manager
))
5204 c
= unit_get_cgroup_context(u
);
5208 if (!u
->manager
->fw_ctx
) {
5209 r
= fw_ctx_new_full(&u
->manager
->fw_ctx
, /* init_tables= */ false);
5213 assert(u
->manager
->fw_ctx
);
5216 FOREACH_ARRAY(nft_set
, c
->nft_set_context
.sets
, c
->nft_set_context
.n_sets
) {
5217 if (nft_set
->source
!= source
)
5220 r
= nft_set_element_modify_any(u
->manager
->fw_ctx
, add
, nft_set
->nfproto
, nft_set
->table
, nft_set
->set
, &element
, sizeof(element
));
5222 log_warning_errno(r
, "Failed to %s NFT set: family %s, table %s, set %s, ID %u, ignoring: %m",
5223 add
? "add" : "delete", nfproto_to_string(nft_set
->nfproto
), nft_set
->table
, nft_set
->set
, element
);
5225 log_debug("%s NFT set: family %s, table %s, set %s, ID %u",
5226 add
? "Added" : "Deleted", nfproto_to_string(nft_set
->nfproto
), nft_set
->table
, nft_set
->set
, element
);
5230 static void unit_unref_uid_internal(
5234 void (*_manager_unref_uid
)(Manager
*m
, uid_t uid
, bool destroy_now
)) {
5238 assert(_manager_unref_uid
);
5240 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
5241 * gid_t are actually the same time, with the same validity rules.
5243 * Drops a reference to UID/GID from a unit. */
5245 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
5246 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
5248 if (!uid_is_valid(*ref_uid
))
5251 _manager_unref_uid(u
->manager
, *ref_uid
, destroy_now
);
5252 *ref_uid
= UID_INVALID
;
5255 static void unit_unref_uid(Unit
*u
, bool destroy_now
) {
5258 unit_modify_user_nft_set(u
, /* add = */ false, NFT_SET_SOURCE_USER
, u
->ref_uid
);
5260 unit_unref_uid_internal(u
, &u
->ref_uid
, destroy_now
, manager_unref_uid
);
5263 static void unit_unref_gid(Unit
*u
, bool destroy_now
) {
5266 unit_modify_user_nft_set(u
, /* add = */ false, NFT_SET_SOURCE_GROUP
, u
->ref_gid
);
5268 unit_unref_uid_internal(u
, (uid_t
*) &u
->ref_gid
, destroy_now
, manager_unref_gid
);
5271 void unit_unref_uid_gid(Unit
*u
, bool destroy_now
) {
5274 unit_unref_uid(u
, destroy_now
);
5275 unit_unref_gid(u
, destroy_now
);
5278 static int unit_ref_uid_internal(
5283 int (*_manager_ref_uid
)(Manager
*m
, uid_t uid
, bool clean_ipc
)) {
5289 assert(uid_is_valid(uid
));
5290 assert(_manager_ref_uid
);
5292 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
5293 * are actually the same type, and have the same validity rules.
5295 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
5296 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
5299 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
5300 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
5302 if (*ref_uid
== uid
)
5305 if (uid_is_valid(*ref_uid
)) /* Already set? */
5308 r
= _manager_ref_uid(u
->manager
, uid
, clean_ipc
);
5316 static int unit_ref_uid(Unit
*u
, uid_t uid
, bool clean_ipc
) {
5317 return unit_ref_uid_internal(u
, &u
->ref_uid
, uid
, clean_ipc
, manager_ref_uid
);
5320 static int unit_ref_gid(Unit
*u
, gid_t gid
, bool clean_ipc
) {
5321 return unit_ref_uid_internal(u
, (uid_t
*) &u
->ref_gid
, (uid_t
) gid
, clean_ipc
, manager_ref_gid
);
5324 static int unit_ref_uid_gid_internal(Unit
*u
, uid_t uid
, gid_t gid
, bool clean_ipc
) {
5329 /* Reference both a UID and a GID in one go. Either references both, or neither. */
5331 if (uid_is_valid(uid
)) {
5332 r
= unit_ref_uid(u
, uid
, clean_ipc
);
5337 if (gid_is_valid(gid
)) {
5338 q
= unit_ref_gid(u
, gid
, clean_ipc
);
5341 unit_unref_uid(u
, false);
5347 return r
> 0 || q
> 0;
5350 int unit_ref_uid_gid(Unit
*u
, uid_t uid
, gid_t gid
) {
5356 c
= unit_get_exec_context(u
);
5358 r
= unit_ref_uid_gid_internal(u
, uid
, gid
, c
? c
->remove_ipc
: false);
5360 return log_unit_warning_errno(u
, r
, "Couldn't add UID/GID reference to unit, proceeding without: %m");
5362 unit_modify_user_nft_set(u
, /* add = */ true, NFT_SET_SOURCE_USER
, uid
);
5363 unit_modify_user_nft_set(u
, /* add = */ true, NFT_SET_SOURCE_GROUP
, gid
);
5368 void unit_notify_user_lookup(Unit
*u
, uid_t uid
, gid_t gid
) {
5373 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
5374 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
5375 * objects when no service references the UID/GID anymore. */
5377 r
= unit_ref_uid_gid(u
, uid
, gid
);
5379 unit_add_to_dbus_queue(u
);
5382 int unit_acquire_invocation_id(Unit
*u
) {
5388 r
= sd_id128_randomize(&id
);
5390 return log_unit_error_errno(u
, r
, "Failed to generate invocation ID for unit: %m");
5392 r
= unit_set_invocation_id(u
, id
);
5394 return log_unit_error_errno(u
, r
, "Failed to set invocation ID for unit: %m");
5396 unit_add_to_dbus_queue(u
);
5400 int unit_set_exec_params(Unit
*u
, ExecParameters
*p
) {
5401 const char *confirm_spawn
;
5407 /* Copy parameters from manager */
5408 r
= manager_get_effective_environment(u
->manager
, &p
->environment
);
5412 p
->runtime_scope
= u
->manager
->runtime_scope
;
5414 confirm_spawn
= manager_get_confirm_spawn(u
->manager
);
5415 if (confirm_spawn
) {
5416 p
->confirm_spawn
= strdup(confirm_spawn
);
5417 if (!p
->confirm_spawn
)
5421 p
->cgroup_supported
= u
->manager
->cgroup_supported
;
5422 p
->prefix
= u
->manager
->prefix
;
5423 SET_FLAG(p
->flags
, EXEC_PASS_LOG_UNIT
|EXEC_CHOWN_DIRECTORIES
, MANAGER_IS_SYSTEM(u
->manager
));
5425 /* Copy parameters from unit */
5426 p
->cgroup_path
= u
->cgroup_path
;
5427 SET_FLAG(p
->flags
, EXEC_CGROUP_DELEGATE
, unit_cgroup_delegate(u
));
5429 p
->received_credentials_directory
= u
->manager
->received_credentials_directory
;
5430 p
->received_encrypted_credentials_directory
= u
->manager
->received_encrypted_credentials_directory
;
5432 p
->shall_confirm_spawn
= u
->manager
->confirm_spawn
;
5434 p
->fallback_smack_process_label
= u
->manager
->defaults
.smack_process_label
;
5436 if (u
->manager
->restrict_fs
&& p
->bpf_outer_map_fd
< 0) {
5437 int fd
= lsm_bpf_map_restrict_fs_fd(u
);
5441 p
->bpf_outer_map_fd
= fd
;
5444 p
->user_lookup_fd
= u
->manager
->user_lookup_fds
[1];
5446 p
->cgroup_id
= u
->cgroup_id
;
5447 p
->invocation_id
= u
->invocation_id
;
5448 sd_id128_to_string(p
->invocation_id
, p
->invocation_id_string
);
5449 p
->unit_id
= strdup(u
->id
);
5456 int unit_fork_helper_process(Unit
*u
, const char *name
, PidRef
*ret
) {
5463 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5464 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5466 (void) unit_realize_cgroup(u
);
5468 r
= safe_fork(name
, FORK_REOPEN_LOG
|FORK_DEATHSIG_SIGTERM
, &pid
);
5472 _cleanup_(pidref_done
) PidRef pidref
= PIDREF_NULL
;
5477 q
= pidref_set_pid(&pidref
, pid
);
5481 *ret
= TAKE_PIDREF(pidref
);
5487 (void) default_signals(SIGNALS_CRASH_HANDLER
, SIGNALS_IGNORE
);
5488 (void) ignore_signals(SIGPIPE
);
5490 if (u
->cgroup_path
) {
5491 r
= cg_attach_everywhere(u
->manager
->cgroup_supported
, u
->cgroup_path
, 0, NULL
, NULL
);
5493 log_unit_error_errno(u
, r
, "Failed to join unit cgroup %s: %m", empty_to_root(u
->cgroup_path
));
5501 int unit_fork_and_watch_rm_rf(Unit
*u
, char **paths
, PidRef
*ret_pid
) {
5502 _cleanup_(pidref_done
) PidRef pid
= PIDREF_NULL
;
5508 r
= unit_fork_helper_process(u
, "(sd-rmrf)", &pid
);
5512 int ret
= EXIT_SUCCESS
;
5514 STRV_FOREACH(i
, paths
) {
5515 r
= rm_rf(*i
, REMOVE_ROOT
|REMOVE_PHYSICAL
|REMOVE_MISSING_OK
);
5517 log_error_errno(r
, "Failed to remove '%s': %m", *i
);
5525 r
= unit_watch_pidref(u
, &pid
, /* exclusive= */ true);
5529 *ret_pid
= TAKE_PIDREF(pid
);
5533 static void unit_update_dependency_mask(Hashmap
*deps
, Unit
*other
, UnitDependencyInfo di
) {
5537 if (di
.origin_mask
== 0 && di
.destination_mask
== 0)
5538 /* No bit set anymore, let's drop the whole entry */
5539 assert_se(hashmap_remove(deps
, other
));
5541 /* Mask was reduced, let's update the entry */
5542 assert_se(hashmap_update(deps
, other
, di
.data
) == 0);
5545 void unit_remove_dependencies(Unit
*u
, UnitDependencyMask mask
) {
5549 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5554 HASHMAP_FOREACH(deps
, u
->dependencies
) {
5558 UnitDependencyInfo di
;
5563 HASHMAP_FOREACH_KEY(di
.data
, other
, deps
) {
5564 Hashmap
*other_deps
;
5566 if (FLAGS_SET(~mask
, di
.origin_mask
))
5569 di
.origin_mask
&= ~mask
;
5570 unit_update_dependency_mask(deps
, other
, di
);
5572 /* We updated the dependency from our unit to the other unit now. But most
5573 * dependencies imply a reverse dependency. Hence, let's delete that one
5574 * too. For that we go through all dependency types on the other unit and
5575 * delete all those which point to us and have the right mask set. */
5577 HASHMAP_FOREACH(other_deps
, other
->dependencies
) {
5578 UnitDependencyInfo dj
;
5580 dj
.data
= hashmap_get(other_deps
, u
);
5581 if (FLAGS_SET(~mask
, dj
.destination_mask
))
5584 dj
.destination_mask
&= ~mask
;
5585 unit_update_dependency_mask(other_deps
, u
, dj
);
5588 unit_add_to_gc_queue(other
);
5590 /* The unit 'other' may not be wanted by the unit 'u'. */
5591 unit_submit_to_stop_when_unneeded_queue(other
);
5601 static int unit_get_invocation_path(Unit
*u
, char **ret
) {
5608 if (MANAGER_IS_SYSTEM(u
->manager
))
5609 p
= strjoin("/run/systemd/units/invocation:", u
->id
);
5611 _cleanup_free_
char *user_path
= NULL
;
5612 r
= xdg_user_runtime_dir(&user_path
, "/systemd/units/invocation:");
5615 p
= strjoin(user_path
, u
->id
);
5625 static int unit_export_invocation_id(Unit
*u
) {
5626 _cleanup_free_
char *p
= NULL
;
5631 if (u
->exported_invocation_id
)
5634 if (sd_id128_is_null(u
->invocation_id
))
5637 r
= unit_get_invocation_path(u
, &p
);
5639 return log_unit_debug_errno(u
, r
, "Failed to get invocation path: %m");
5641 r
= symlink_atomic_label(u
->invocation_id_string
, p
);
5643 return log_unit_debug_errno(u
, r
, "Failed to create invocation ID symlink %s: %m", p
);
5645 u
->exported_invocation_id
= true;
5649 static int unit_export_log_level_max(Unit
*u
, const ExecContext
*c
) {
5657 if (u
->exported_log_level_max
)
5660 if (c
->log_level_max
< 0)
5663 assert(c
->log_level_max
<= 7);
5665 buf
[0] = '0' + c
->log_level_max
;
5668 p
= strjoina("/run/systemd/units/log-level-max:", u
->id
);
5669 r
= symlink_atomic(buf
, p
);
5671 return log_unit_debug_errno(u
, r
, "Failed to create maximum log level symlink %s: %m", p
);
5673 u
->exported_log_level_max
= true;
5677 static int unit_export_log_extra_fields(Unit
*u
, const ExecContext
*c
) {
5678 _cleanup_close_
int fd
= -EBADF
;
5679 struct iovec
*iovec
;
5686 if (u
->exported_log_extra_fields
)
5689 if (c
->n_log_extra_fields
<= 0)
5692 sizes
= newa(le64_t
, c
->n_log_extra_fields
);
5693 iovec
= newa(struct iovec
, c
->n_log_extra_fields
* 2);
5695 for (size_t i
= 0; i
< c
->n_log_extra_fields
; i
++) {
5696 sizes
[i
] = htole64(c
->log_extra_fields
[i
].iov_len
);
5698 iovec
[i
*2] = IOVEC_MAKE(sizes
+ i
, sizeof(le64_t
));
5699 iovec
[i
*2+1] = c
->log_extra_fields
[i
];
5702 p
= strjoina("/run/systemd/units/log-extra-fields:", u
->id
);
5703 pattern
= strjoina(p
, ".XXXXXX");
5705 fd
= mkostemp_safe(pattern
);
5707 return log_unit_debug_errno(u
, fd
, "Failed to create extra fields file %s: %m", p
);
5709 n
= writev(fd
, iovec
, c
->n_log_extra_fields
*2);
5711 r
= log_unit_debug_errno(u
, errno
, "Failed to write extra fields: %m");
5715 (void) fchmod(fd
, 0644);
5717 if (rename(pattern
, p
) < 0) {
5718 r
= log_unit_debug_errno(u
, errno
, "Failed to rename extra fields file: %m");
5722 u
->exported_log_extra_fields
= true;
5726 (void) unlink(pattern
);
5730 static int unit_export_log_ratelimit_interval(Unit
*u
, const ExecContext
*c
) {
5731 _cleanup_free_
char *buf
= NULL
;
5738 if (u
->exported_log_ratelimit_interval
)
5741 if (c
->log_ratelimit_interval_usec
== 0)
5744 p
= strjoina("/run/systemd/units/log-rate-limit-interval:", u
->id
);
5746 if (asprintf(&buf
, "%" PRIu64
, c
->log_ratelimit_interval_usec
) < 0)
5749 r
= symlink_atomic(buf
, p
);
5751 return log_unit_debug_errno(u
, r
, "Failed to create log rate limit interval symlink %s: %m", p
);
5753 u
->exported_log_ratelimit_interval
= true;
5757 static int unit_export_log_ratelimit_burst(Unit
*u
, const ExecContext
*c
) {
5758 _cleanup_free_
char *buf
= NULL
;
5765 if (u
->exported_log_ratelimit_burst
)
5768 if (c
->log_ratelimit_burst
== 0)
5771 p
= strjoina("/run/systemd/units/log-rate-limit-burst:", u
->id
);
5773 if (asprintf(&buf
, "%u", c
->log_ratelimit_burst
) < 0)
5776 r
= symlink_atomic(buf
, p
);
5778 return log_unit_debug_errno(u
, r
, "Failed to create log rate limit burst symlink %s: %m", p
);
5780 u
->exported_log_ratelimit_burst
= true;
5784 void unit_export_state_files(Unit
*u
) {
5785 const ExecContext
*c
;
5792 if (MANAGER_IS_TEST_RUN(u
->manager
))
5795 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5796 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5797 * the IPC system itself and PID 1 also log to the journal.
5799 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5800 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5801 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5802 * namespace at least.
5804 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5805 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5808 (void) unit_export_invocation_id(u
);
5810 if (!MANAGER_IS_SYSTEM(u
->manager
))
5813 c
= unit_get_exec_context(u
);
5815 (void) unit_export_log_level_max(u
, c
);
5816 (void) unit_export_log_extra_fields(u
, c
);
5817 (void) unit_export_log_ratelimit_interval(u
, c
);
5818 (void) unit_export_log_ratelimit_burst(u
, c
);
5822 void unit_unlink_state_files(Unit
*u
) {
5830 /* Undoes the effect of unit_export_state() */
5832 if (u
->exported_invocation_id
) {
5833 _cleanup_free_
char *invocation_path
= NULL
;
5834 int r
= unit_get_invocation_path(u
, &invocation_path
);
5836 (void) unlink(invocation_path
);
5837 u
->exported_invocation_id
= false;
5841 if (!MANAGER_IS_SYSTEM(u
->manager
))
5844 if (u
->exported_log_level_max
) {
5845 p
= strjoina("/run/systemd/units/log-level-max:", u
->id
);
5848 u
->exported_log_level_max
= false;
5851 if (u
->exported_log_extra_fields
) {
5852 p
= strjoina("/run/systemd/units/extra-fields:", u
->id
);
5855 u
->exported_log_extra_fields
= false;
5858 if (u
->exported_log_ratelimit_interval
) {
5859 p
= strjoina("/run/systemd/units/log-rate-limit-interval:", u
->id
);
5862 u
->exported_log_ratelimit_interval
= false;
5865 if (u
->exported_log_ratelimit_burst
) {
5866 p
= strjoina("/run/systemd/units/log-rate-limit-burst:", u
->id
);
5869 u
->exported_log_ratelimit_burst
= false;
5873 int unit_prepare_exec(Unit
*u
) {
5878 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5879 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5880 r
= bpf_firewall_load_custom(u
);
5884 /* Prepares everything so that we can fork of a process for this unit */
5886 (void) unit_realize_cgroup(u
);
5888 if (u
->reset_accounting
) {
5889 (void) unit_reset_accounting(u
);
5890 u
->reset_accounting
= false;
5893 unit_export_state_files(u
);
5895 r
= unit_setup_exec_runtime(u
);
5902 static bool ignore_leftover_process(const char *comm
) {
5903 return comm
&& comm
[0] == '('; /* Most likely our own helper process (PAM?), ignore */
5906 int unit_log_leftover_process_start(const PidRef
*pid
, int sig
, void *userdata
) {
5907 _cleanup_free_
char *comm
= NULL
;
5909 assert(pidref_is_set(pid
));
5911 (void) pidref_get_comm(pid
, &comm
);
5913 if (ignore_leftover_process(comm
))
5916 /* During start we print a warning */
5918 log_unit_warning(userdata
,
5919 "Found left-over process " PID_FMT
" (%s) in control group while starting unit. Ignoring.\n"
5920 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5921 pid
->pid
, strna(comm
));
5926 int unit_log_leftover_process_stop(const PidRef
*pid
, int sig
, void *userdata
) {
5927 _cleanup_free_
char *comm
= NULL
;
5929 assert(pidref_is_set(pid
));
5931 (void) pidref_get_comm(pid
, &comm
);
5933 if (ignore_leftover_process(comm
))
5936 /* During stop we only print an informational message */
5938 log_unit_info(userdata
,
5939 "Unit process " PID_FMT
" (%s) remains running after unit stopped.",
5940 pid
->pid
, strna(comm
));
5945 int unit_warn_leftover_processes(Unit
*u
, cg_kill_log_func_t log_func
) {
5948 (void) unit_pick_cgroup_path(u
);
5950 if (!u
->cgroup_path
)
5953 return cg_kill_recursive(
5962 bool unit_needs_console(Unit
*u
) {
5964 UnitActiveState state
;
5968 state
= unit_active_state(u
);
5970 if (UNIT_IS_INACTIVE_OR_FAILED(state
))
5973 if (UNIT_VTABLE(u
)->needs_console
)
5974 return UNIT_VTABLE(u
)->needs_console(u
);
5976 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5977 ec
= unit_get_exec_context(u
);
5981 return exec_context_may_touch_console(ec
);
5984 int unit_pid_attachable(Unit
*u
, PidRef
*pid
, sd_bus_error
*error
) {
5989 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5990 * and not a kernel thread either */
5992 /* First, a simple range check */
5993 if (!pidref_is_set(pid
))
5994 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process identifier is not valid.");
5996 /* Some extra safety check */
5997 if (pid
->pid
== 1 || pidref_is_self(pid
))
5998 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process " PID_FMT
" is a manager process, refusing.", pid
->pid
);
6000 /* Don't even begin to bother with kernel threads */
6001 r
= pidref_is_kernel_thread(pid
);
6003 return sd_bus_error_setf(error
, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN
, "Process with ID " PID_FMT
" does not exist.", pid
->pid
);
6005 return sd_bus_error_set_errnof(error
, r
, "Failed to determine whether process " PID_FMT
" is a kernel thread: %m", pid
->pid
);
6007 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process " PID_FMT
" is a kernel thread, refusing.", pid
->pid
);
6012 void unit_log_success(Unit
*u
) {
6015 /* Let's show message "Deactivated successfully" in debug mode (when manager is user) rather than in info mode.
6016 * This message has low information value for regular users and it might be a bit overwhelming on a system with
6017 * a lot of devices. */
6019 MANAGER_IS_USER(u
->manager
) ? LOG_DEBUG
: LOG_INFO
,
6020 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR
,
6021 LOG_UNIT_INVOCATION_ID(u
),
6022 LOG_UNIT_MESSAGE(u
, "Deactivated successfully."));
6025 void unit_log_failure(Unit
*u
, const char *result
) {
6029 log_unit_struct(u
, LOG_WARNING
,
6030 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR
,
6031 LOG_UNIT_INVOCATION_ID(u
),
6032 LOG_UNIT_MESSAGE(u
, "Failed with result '%s'.", result
),
6033 "UNIT_RESULT=%s", result
);
6036 void unit_log_skip(Unit
*u
, const char *result
) {
6040 log_unit_struct(u
, LOG_INFO
,
6041 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR
,
6042 LOG_UNIT_INVOCATION_ID(u
),
6043 LOG_UNIT_MESSAGE(u
, "Skipped due to '%s'.", result
),
6044 "UNIT_RESULT=%s", result
);
6047 void unit_log_process_exit(
6050 const char *command
,
6060 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
6061 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
6062 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
6066 else if (code
== CLD_EXITED
)
6069 level
= LOG_WARNING
;
6071 log_unit_struct(u
, level
,
6072 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR
,
6073 LOG_UNIT_MESSAGE(u
, "%s exited, code=%s, status=%i/%s%s",
6075 sigchld_code_to_string(code
), status
,
6076 strna(code
== CLD_EXITED
6077 ? exit_status_to_string(status
, EXIT_STATUS_FULL
)
6078 : signal_to_string(status
)),
6079 success
? " (success)" : ""),
6080 "EXIT_CODE=%s", sigchld_code_to_string(code
),
6081 "EXIT_STATUS=%i", status
,
6082 "COMMAND=%s", strna(command
),
6083 LOG_UNIT_INVOCATION_ID(u
));
6086 int unit_exit_status(Unit
*u
) {
6089 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
6090 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
6091 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
6092 * service process has exited abnormally (signal/coredump). */
6094 if (!UNIT_VTABLE(u
)->exit_status
)
6097 return UNIT_VTABLE(u
)->exit_status(u
);
6100 int unit_failure_action_exit_status(Unit
*u
) {
6105 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
6107 if (u
->failure_action_exit_status
>= 0)
6108 return u
->failure_action_exit_status
;
6110 r
= unit_exit_status(u
);
6111 if (r
== -EBADE
) /* Exited, but not cleanly (i.e. by signal or such) */
6117 int unit_success_action_exit_status(Unit
*u
) {
6122 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
6124 if (u
->success_action_exit_status
>= 0)
6125 return u
->success_action_exit_status
;
6127 r
= unit_exit_status(u
);
6128 if (r
== -EBADE
) /* Exited, but not cleanly (i.e. by signal or such) */
6134 int unit_test_trigger_loaded(Unit
*u
) {
6137 /* Tests whether the unit to trigger is loaded */
6139 trigger
= UNIT_TRIGGER(u
);
6141 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(ENOENT
),
6142 "Refusing to start, no unit to trigger.");
6143 if (trigger
->load_state
!= UNIT_LOADED
)
6144 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(ENOENT
),
6145 "Refusing to start, unit %s to trigger not loaded.", trigger
->id
);
6150 void unit_destroy_runtime_data(Unit
*u
, const ExecContext
*context
) {
6154 /* EXEC_PRESERVE_RESTART is handled via unit_release_resources()! */
6155 if (context
->runtime_directory_preserve_mode
== EXEC_PRESERVE_NO
)
6156 exec_context_destroy_runtime_directory(context
, u
->manager
->prefix
[EXEC_DIRECTORY_RUNTIME
]);
6158 exec_context_destroy_credentials(u
);
6159 exec_context_destroy_mount_ns_dir(u
);
6162 int unit_clean(Unit
*u
, ExecCleanMask mask
) {
6163 UnitActiveState state
;
6167 /* Special return values:
6169 * -EOPNOTSUPP → cleaning not supported for this unit type
6170 * -EUNATCH → cleaning not defined for this resource type
6171 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
6172 * a job queued or similar
6175 if (!UNIT_VTABLE(u
)->clean
)
6181 if (u
->load_state
!= UNIT_LOADED
)
6187 state
= unit_active_state(u
);
6188 if (state
!= UNIT_INACTIVE
)
6191 return UNIT_VTABLE(u
)->clean(u
, mask
);
6194 int unit_can_clean(Unit
*u
, ExecCleanMask
*ret
) {
6197 if (!UNIT_VTABLE(u
)->clean
||
6198 u
->load_state
!= UNIT_LOADED
) {
6203 /* When the clean() method is set, can_clean() really should be set too */
6204 assert(UNIT_VTABLE(u
)->can_clean
);
6206 return UNIT_VTABLE(u
)->can_clean(u
, ret
);
6209 bool unit_can_start_refuse_manual(Unit
*u
) {
6210 return unit_can_start(u
) && !u
->refuse_manual_start
;
6213 bool unit_can_stop_refuse_manual(Unit
*u
) {
6214 return unit_can_stop(u
) && !u
->refuse_manual_stop
;
6217 bool unit_can_isolate_refuse_manual(Unit
*u
) {
6218 return unit_can_isolate(u
) && !u
->refuse_manual_start
;
6221 bool unit_can_freeze(Unit
*u
) {
6224 if (UNIT_VTABLE(u
)->can_freeze
)
6225 return UNIT_VTABLE(u
)->can_freeze(u
);
6227 return UNIT_VTABLE(u
)->freeze
;
6230 void unit_frozen(Unit
*u
) {
6233 u
->freezer_state
= FREEZER_FROZEN
;
6235 bus_unit_send_pending_freezer_message(u
, false);
6238 void unit_thawed(Unit
*u
) {
6241 u
->freezer_state
= FREEZER_RUNNING
;
6243 bus_unit_send_pending_freezer_message(u
, false);
6246 static int unit_freezer_action(Unit
*u
, FreezerAction action
) {
6248 int (*method
)(Unit
*);
6252 assert(IN_SET(action
, FREEZER_FREEZE
, FREEZER_THAW
));
6254 method
= action
== FREEZER_FREEZE
? UNIT_VTABLE(u
)->freeze
: UNIT_VTABLE(u
)->thaw
;
6255 if (!method
|| !cg_freezer_supported())
6261 if (u
->load_state
!= UNIT_LOADED
)
6264 s
= unit_active_state(u
);
6265 if (s
!= UNIT_ACTIVE
)
6268 if ((IN_SET(u
->freezer_state
, FREEZER_FREEZING
, FREEZER_THAWING
) && action
== FREEZER_FREEZE
) ||
6269 (u
->freezer_state
== FREEZER_THAWING
&& action
== FREEZER_THAW
))
6276 assert(IN_SET(u
->freezer_state
, FREEZER_FREEZING
, FREEZER_THAWING
));
6281 int unit_freeze(Unit
*u
) {
6282 return unit_freezer_action(u
, FREEZER_FREEZE
);
6285 int unit_thaw(Unit
*u
) {
6286 return unit_freezer_action(u
, FREEZER_THAW
);
6289 /* Wrappers around low-level cgroup freezer operations common for service and scope units */
6290 int unit_freeze_vtable_common(Unit
*u
) {
6291 return unit_cgroup_freezer_action(u
, FREEZER_FREEZE
);
6294 int unit_thaw_vtable_common(Unit
*u
) {
6295 return unit_cgroup_freezer_action(u
, FREEZER_THAW
);
6298 Condition
*unit_find_failed_condition(Unit
*u
) {
6299 Condition
*failed_trigger
= NULL
;
6300 bool has_succeeded_trigger
= false;
6302 if (u
->condition_result
)
6305 LIST_FOREACH(conditions
, c
, u
->conditions
)
6307 if (c
->result
== CONDITION_SUCCEEDED
)
6308 has_succeeded_trigger
= true;
6309 else if (!failed_trigger
)
6311 } else if (c
->result
!= CONDITION_SUCCEEDED
)
6314 return failed_trigger
&& !has_succeeded_trigger
? failed_trigger
: NULL
;
6317 static const char* const collect_mode_table
[_COLLECT_MODE_MAX
] = {
6318 [COLLECT_INACTIVE
] = "inactive",
6319 [COLLECT_INACTIVE_OR_FAILED
] = "inactive-or-failed",
6322 DEFINE_STRING_TABLE_LOOKUP(collect_mode
, CollectMode
);
6324 Unit
* unit_has_dependency(const Unit
*u
, UnitDependencyAtom atom
, Unit
*other
) {
6329 /* Checks if the unit has a dependency on 'other' with the specified dependency atom. If 'other' is
6330 * NULL checks if the unit has *any* dependency of that atom. Returns 'other' if found (or if 'other'
6331 * is NULL the first entry found), or NULL if not found. */
6333 UNIT_FOREACH_DEPENDENCY(i
, u
, atom
)
6334 if (!other
|| other
== i
)
6340 int unit_get_dependency_array(const Unit
*u
, UnitDependencyAtom atom
, Unit
***ret_array
) {
6341 _cleanup_free_ Unit
**array
= NULL
;
6348 /* Gets a list of units matching a specific atom as array. This is useful when iterating through
6349 * dependencies while modifying them: the array is an "atomic snapshot" of sorts, that can be read
6350 * while the dependency table is continuously updated. */
6352 UNIT_FOREACH_DEPENDENCY(other
, u
, atom
) {
6353 if (!GREEDY_REALLOC(array
, n
+ 1))
6359 *ret_array
= TAKE_PTR(array
);
6361 assert(n
<= INT_MAX
);
6365 int unit_get_transitive_dependency_set(Unit
*u
, UnitDependencyAtom atom
, Set
**ret
) {
6366 _cleanup_set_free_ Set
*units
= NULL
, *queue
= NULL
;
6373 /* Similar to unit_get_dependency_array(), but also search the same dependency in other units. */
6376 UNIT_FOREACH_DEPENDENCY(other
, u
, atom
) {
6377 r
= set_ensure_put(&units
, NULL
, other
);
6382 r
= set_ensure_put(&queue
, NULL
, other
);
6386 } while ((u
= set_steal_first(queue
)));
6388 *ret
= TAKE_PTR(units
);
6394 sd_event_source
**source
,
6397 sd_event_time_handler_t handler
) {
6406 if (usec
== USEC_INFINITY
)
6407 return sd_event_source_set_enabled(*source
, SD_EVENT_OFF
);
6409 r
= (relative
? sd_event_source_set_time_relative
: sd_event_source_set_time
)(*source
, usec
);
6413 return sd_event_source_set_enabled(*source
, SD_EVENT_ONESHOT
);
6416 if (usec
== USEC_INFINITY
)
6419 r
= (relative
? sd_event_add_time_relative
: sd_event_add_time
)(
6429 const char *d
= strjoina(unit_type_to_string(u
->type
), "-timer");
6430 (void) sd_event_source_set_description(*source
, d
);
6435 static int unit_get_nice(Unit
*u
) {
6438 ec
= unit_get_exec_context(u
);
6439 return ec
? ec
->nice
: 0;
6442 static uint64_t unit_get_cpu_weight(Unit
*u
) {
6445 cc
= unit_get_cgroup_context(u
);
6446 return cc
? cgroup_context_cpu_weight(cc
, manager_state(u
->manager
)) : CGROUP_WEIGHT_DEFAULT
;
6449 int unit_compare_priority(Unit
*a
, Unit
*b
) {
6452 ret
= CMP(a
->type
, b
->type
);
6456 ret
= CMP(unit_get_cpu_weight(a
), unit_get_cpu_weight(b
));
6460 ret
= CMP(unit_get_nice(a
), unit_get_nice(b
));
6464 return strcmp(a
->id
, b
->id
);
6467 const ActivationDetailsVTable
* const activation_details_vtable
[_UNIT_TYPE_MAX
] = {
6468 [UNIT_PATH
] = &activation_details_path_vtable
,
6469 [UNIT_TIMER
] = &activation_details_timer_vtable
,
6472 ActivationDetails
*activation_details_new(Unit
*trigger_unit
) {
6473 _cleanup_free_ ActivationDetails
*details
= NULL
;
6475 assert(trigger_unit
);
6476 assert(trigger_unit
->type
!= _UNIT_TYPE_INVALID
);
6477 assert(trigger_unit
->id
);
6479 details
= malloc0(activation_details_vtable
[trigger_unit
->type
]->object_size
);
6483 *details
= (ActivationDetails
) {
6485 .trigger_unit_type
= trigger_unit
->type
,
6488 details
->trigger_unit_name
= strdup(trigger_unit
->id
);
6489 if (!details
->trigger_unit_name
)
6492 if (ACTIVATION_DETAILS_VTABLE(details
)->init
)
6493 ACTIVATION_DETAILS_VTABLE(details
)->init(details
, trigger_unit
);
6495 return TAKE_PTR(details
);
6498 static ActivationDetails
*activation_details_free(ActivationDetails
*details
) {
6502 if (ACTIVATION_DETAILS_VTABLE(details
)->done
)
6503 ACTIVATION_DETAILS_VTABLE(details
)->done(details
);
6505 free(details
->trigger_unit_name
);
6507 return mfree(details
);
6510 void activation_details_serialize(ActivationDetails
*details
, FILE *f
) {
6511 if (!details
|| details
->trigger_unit_type
== _UNIT_TYPE_INVALID
)
6514 (void) serialize_item(f
, "activation-details-unit-type", unit_type_to_string(details
->trigger_unit_type
));
6515 if (details
->trigger_unit_name
)
6516 (void) serialize_item(f
, "activation-details-unit-name", details
->trigger_unit_name
);
6517 if (ACTIVATION_DETAILS_VTABLE(details
)->serialize
)
6518 ACTIVATION_DETAILS_VTABLE(details
)->serialize(details
, f
);
6521 int activation_details_deserialize(const char *key
, const char *value
, ActivationDetails
**details
) {
6531 if (!streq(key
, "activation-details-unit-type"))
6534 t
= unit_type_from_string(value
);
6538 /* The activation details vtable has defined ops only for path and timer units */
6539 if (!activation_details_vtable
[t
])
6542 *details
= malloc0(activation_details_vtable
[t
]->object_size
);
6546 **details
= (ActivationDetails
) {
6548 .trigger_unit_type
= t
,
6554 if (streq(key
, "activation-details-unit-name")) {
6555 r
= free_and_strdup(&(*details
)->trigger_unit_name
, value
);
6562 if (ACTIVATION_DETAILS_VTABLE(*details
)->deserialize
)
6563 return ACTIVATION_DETAILS_VTABLE(*details
)->deserialize(key
, value
, details
);
6568 int activation_details_append_env(ActivationDetails
*details
, char ***strv
) {
6576 if (!isempty(details
->trigger_unit_name
)) {
6577 char *s
= strjoin("TRIGGER_UNIT=", details
->trigger_unit_name
);
6581 r
= strv_consume(strv
, TAKE_PTR(s
));
6586 if (ACTIVATION_DETAILS_VTABLE(details
)->append_env
) {
6587 r
= ACTIVATION_DETAILS_VTABLE(details
)->append_env(details
, strv
);
6592 return r
+ !isempty(details
->trigger_unit_name
); /* Return the number of variables added to the env block */
6595 int activation_details_append_pair(ActivationDetails
*details
, char ***strv
) {
6603 if (!isempty(details
->trigger_unit_name
)) {
6604 r
= strv_extend(strv
, "trigger_unit");
6608 r
= strv_extend(strv
, details
->trigger_unit_name
);
6613 if (ACTIVATION_DETAILS_VTABLE(details
)->append_env
) {
6614 r
= ACTIVATION_DETAILS_VTABLE(details
)->append_pair(details
, strv
);
6619 return r
+ !isempty(details
->trigger_unit_name
); /* Return the number of pairs added to the strv */
6622 DEFINE_TRIVIAL_REF_UNREF_FUNC(ActivationDetails
, activation_details
, activation_details_free
);