]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/unit.c
projects / thirdparty / systemd.git / blob
? search:


b88e28d77edb4a0d0c9ed3ee9f8151150b20d6e5
[thirdparty/systemd.git] / src / core / unit.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include <errno.h>
4 #include <stdlib.h>
5 #include <sys/prctl.h>
6 #include <unistd.h>
7
8 #include "sd-id128.h"
9 #include "sd-messages.h"
10
11 #include "all-units.h"
12 #include "alloc-util.h"
13 #include "bpf-firewall.h"
14 #include "bpf-foreign.h"
15 #include "bpf-socket-bind.h"
16 #include "bus-common-errors.h"
17 #include "bus-internal.h"
18 #include "bus-util.h"
19 #include "cgroup-setup.h"
20 #include "cgroup-util.h"
21 #include "chase.h"
22 #include "core-varlink.h"
23 #include "dbus-unit.h"
24 #include "dbus.h"
25 #include "dropin.h"
26 #include "env-util.h"
27 #include "escape.h"
28 #include "exec-credential.h"
29 #include "execute.h"
30 #include "fd-util.h"
31 #include "fileio-label.h"
32 #include "fileio.h"
33 #include "format-util.h"
34 #include "id128-util.h"
35 #include "install.h"
36 #include "iovec-util.h"
37 #include "label-util.h"
38 #include "load-dropin.h"
39 #include "load-fragment.h"
40 #include "log.h"
41 #include "logarithm.h"
42 #include "macro.h"
43 #include "mkdir-label.h"
44 #include "path-util.h"
45 #include "process-util.h"
46 #include "rm-rf.h"
47 #include "serialize.h"
48 #include "set.h"
49 #include "signal-util.h"
50 #include "sparse-endian.h"
51 #include "special.h"
52 #include "specifier.h"
53 #include "stat-util.h"
54 #include "stdio-util.h"
55 #include "string-table.h"
56 #include "string-util.h"
57 #include "strv.h"
58 #include "terminal-util.h"
59 #include "tmpfile-util.h"
60 #include "umask-util.h"
61 #include "unit-name.h"
62 #include "unit.h"
63 #include "user-util.h"
64 #include "virt.h"
65 #if BPF_FRAMEWORK
66 #include "bpf-link.h"
67 #endif
68
69 /* Thresholds for logging at INFO level about resource consumption */
70 #define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
71 #define MENTIONWORTHY_IO_BYTES (1024 * 1024ULL)
72 #define MENTIONWORTHY_IP_BYTES (0ULL)
73
74 /* Thresholds for logging at INFO level about resource consumption */
75 #define NOTICEWORTHY_CPU_NSEC (10*60 * NSEC_PER_SEC) /* 10 minutes */
76 #define NOTICEWORTHY_IO_BYTES (10 * 1024 * 1024ULL) /* 10 MB */
77 #define NOTICEWORTHY_IP_BYTES (128 * 1024 * 1024ULL) /* 128 MB */
78
79 const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
80 [UNIT_SERVICE] = &service_vtable,
81 [UNIT_SOCKET] = &socket_vtable,
82 [UNIT_TARGET] = &target_vtable,
83 [UNIT_DEVICE] = &device_vtable,
84 [UNIT_MOUNT] = &mount_vtable,
85 [UNIT_AUTOMOUNT] = &automount_vtable,
86 [UNIT_SWAP] = &swap_vtable,
87 [UNIT_TIMER] = &timer_vtable,
88 [UNIT_PATH] = &path_vtable,
89 [UNIT_SLICE] = &slice_vtable,
90 [UNIT_SCOPE] = &scope_vtable,
91 };
92
93 Unit* unit_new(Manager *m, size_t size) {
94 Unit *u;
95
96 assert(m);
97 assert(size >= sizeof(Unit));
98
99 u = malloc0(size);
100 if (!u)
101 return NULL;
102
103 u->manager = m;
104 u->type = _UNIT_TYPE_INVALID;
105 u->default_dependencies = true;
106 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
107 u->unit_file_preset = -1;
108 u->on_failure_job_mode = JOB_REPLACE;
109 u->on_success_job_mode = JOB_FAIL;
110 u->cgroup_control_inotify_wd = -1;
111 u->cgroup_memory_inotify_wd = -1;
112 u->job_timeout = USEC_INFINITY;
113 u->job_running_timeout = USEC_INFINITY;
114 u->ref_uid = UID_INVALID;
115 u->ref_gid = GID_INVALID;
116 u->cpu_usage_last = NSEC_INFINITY;
117
118 FOREACH_ARRAY(i, u->memory_accounting_last, ELEMENTSOF(u->memory_accounting_last))
119 *i = UINT64_MAX;
120
121 u->cgroup_invalidated_mask |= CGROUP_MASK_BPF_FIREWALL;
122 u->failure_action_exit_status = u->success_action_exit_status = -1;
123
124 u->ip_accounting_ingress_map_fd = -EBADF;
125 u->ip_accounting_egress_map_fd = -EBADF;
126
127 FOREACH_ARRAY(i, u->io_accounting_last, _CGROUP_IO_ACCOUNTING_METRIC_MAX)
128 *i = UINT64_MAX;
129
130 u->ipv4_allow_map_fd = -EBADF;
131 u->ipv6_allow_map_fd = -EBADF;
132 u->ipv4_deny_map_fd = -EBADF;
133 u->ipv6_deny_map_fd = -EBADF;
134
135 u->last_section_private = -1;
136
137 u->start_ratelimit = (RateLimit) {
138 m->defaults.start_limit_interval,
139 m->defaults.start_limit_burst
140 };
141
142 u->auto_start_stop_ratelimit = (const RateLimit) {
143 10 * USEC_PER_SEC,
144 16
145 };
146
147 return u;
148 }
149
150 int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
151 _cleanup_(unit_freep) Unit *u = NULL;
152 int r;
153
154 u = unit_new(m, size);
155 if (!u)
156 return -ENOMEM;
157
158 r = unit_add_name(u, name);
159 if (r < 0)
160 return r;
161
162 *ret = TAKE_PTR(u);
163
164 return r;
165 }
166
167 bool unit_has_name(const Unit *u, const char *name) {
168 assert(u);
169 assert(name);
170
171 return streq_ptr(name, u->id) ||
172 set_contains(u->aliases, name);
173 }
174
175 static void unit_init(Unit *u) {
176 CGroupContext *cc;
177 ExecContext *ec;
178 KillContext *kc;
179
180 assert(u);
181 assert(u->manager);
182 assert(u->type >= 0);
183
184 cc = unit_get_cgroup_context(u);
185 if (cc) {
186 cgroup_context_init(cc);
187
188 /* Copy in the manager defaults into the cgroup
189 * context, _before_ the rest of the settings have
190 * been initialized */
191
192 cc->cpu_accounting = u->manager->defaults.cpu_accounting;
193 cc->io_accounting = u->manager->defaults.io_accounting;
194 cc->blockio_accounting = u->manager->defaults.blockio_accounting;
195 cc->memory_accounting = u->manager->defaults.memory_accounting;
196 cc->tasks_accounting = u->manager->defaults.tasks_accounting;
197 cc->ip_accounting = u->manager->defaults.ip_accounting;
198
199 if (u->type != UNIT_SLICE)
200 cc->tasks_max = u->manager->defaults.tasks_max;
201
202 cc->memory_pressure_watch = u->manager->defaults.memory_pressure_watch;
203 cc->memory_pressure_threshold_usec = u->manager->defaults.memory_pressure_threshold_usec;
204 }
205
206 ec = unit_get_exec_context(u);
207 if (ec) {
208 exec_context_init(ec);
209
210 if (u->manager->defaults.oom_score_adjust_set) {
211 ec->oom_score_adjust = u->manager->defaults.oom_score_adjust;
212 ec->oom_score_adjust_set = true;
213 }
214
215 if (MANAGER_IS_SYSTEM(u->manager))
216 ec->keyring_mode = EXEC_KEYRING_SHARED;
217 else {
218 ec->keyring_mode = EXEC_KEYRING_INHERIT;
219
220 /* User manager might have its umask redefined by PAM or UMask=. In this
221 * case let the units it manages inherit this value by default. They can
222 * still tune this value through their own unit file */
223 (void) get_process_umask(0, &ec->umask);
224 }
225 }
226
227 kc = unit_get_kill_context(u);
228 if (kc)
229 kill_context_init(kc);
230
231 if (UNIT_VTABLE(u)->init)
232 UNIT_VTABLE(u)->init(u);
233 }
234
235 static int unit_add_alias(Unit *u, char *donated_name) {
236 int r;
237
238 /* Make sure that u->names is allocated. We may leave u->names
239 * empty if we fail later, but this is not a problem. */
240 r = set_ensure_put(&u->aliases, &string_hash_ops, donated_name);
241 if (r < 0)
242 return r;
243 assert(r > 0);
244
245 return 0;
246 }
247
248 int unit_add_name(Unit *u, const char *text) {
249 _cleanup_free_ char *name = NULL, *instance = NULL;
250 UnitType t;
251 int r;
252
253 assert(u);
254 assert(text);
255
256 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
257 if (!u->instance)
258 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
259 "instance is not set when adding name '%s': %m", text);
260
261 r = unit_name_replace_instance(text, u->instance, &name);
262 if (r < 0)
263 return log_unit_debug_errno(u, r,
264 "failed to build instance name from '%s': %m", text);
265 } else {
266 name = strdup(text);
267 if (!name)
268 return -ENOMEM;
269 }
270
271 if (unit_has_name(u, name))
272 return 0;
273
274 if (hashmap_contains(u->manager->units, name))
275 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
276 "unit already exist when adding name '%s': %m", name);
277
278 if (!unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
279 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
280 "name '%s' is invalid: %m", name);
281
282 t = unit_name_to_type(name);
283 if (t < 0)
284 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
285 "failed to derive unit type from name '%s': %m", name);
286
287 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
288 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
289 "unit type is illegal: u->type(%d) and t(%d) for name '%s': %m",
290 u->type, t, name);
291
292 r = unit_name_to_instance(name, &instance);
293 if (r < 0)
294 return log_unit_debug_errno(u, r, "failed to extract instance from name '%s': %m", name);
295
296 if (instance && !unit_type_may_template(t))
297 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), "templates are not allowed for name '%s': %m", name);
298
299 /* Ensure that this unit either has no instance, or that the instance matches. */
300 if (u->type != _UNIT_TYPE_INVALID && !streq_ptr(u->instance, instance))
301 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
302 "cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
303 name, instance, u->instance);
304
305 if (u->id && !unit_type_may_alias(t))
306 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
307 "cannot add name %s, aliases are not allowed for %s units.",
308 name, unit_type_to_string(t));
309
310 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
311 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(E2BIG), "cannot add name, manager has too many units: %m");
312
313 /* Add name to the global hashmap first, because that's easier to undo */
314 r = hashmap_put(u->manager->units, name, u);
315 if (r < 0)
316 return log_unit_debug_errno(u, r, "add unit to hashmap failed for name '%s': %m", text);
317
318 if (u->id) {
319 r = unit_add_alias(u, name); /* unit_add_alias() takes ownership of the name on success */
320 if (r < 0) {
321 hashmap_remove(u->manager->units, name);
322 return r;
323 }
324 TAKE_PTR(name);
325
326 } else {
327 /* A new name, we don't need the set yet. */
328 assert(u->type == _UNIT_TYPE_INVALID);
329 assert(!u->instance);
330
331 u->type = t;
332 u->id = TAKE_PTR(name);
333 u->instance = TAKE_PTR(instance);
334
335 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
336 unit_init(u);
337 }
338
339 unit_add_to_dbus_queue(u);
340 return 0;
341 }
342
343 int unit_choose_id(Unit *u, const char *name) {
344 _cleanup_free_ char *t = NULL;
345 char *s;
346 int r;
347
348 assert(u);
349 assert(name);
350
351 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
352 if (!u->instance)
353 return -EINVAL;
354
355 r = unit_name_replace_instance(name, u->instance, &t);
356 if (r < 0)
357 return r;
358
359 name = t;
360 }
361
362 if (streq_ptr(u->id, name))
363 return 0; /* Nothing to do. */
364
365 /* Selects one of the aliases of this unit as the id */
366 s = set_get(u->aliases, (char*) name);
367 if (!s)
368 return -ENOENT;
369
370 if (u->id) {
371 r = set_remove_and_put(u->aliases, name, u->id);
372 if (r < 0)
373 return r;
374 } else
375 assert_se(set_remove(u->aliases, name)); /* see set_get() above… */
376
377 u->id = s; /* Old u->id is now stored in the set, and s is not stored anywhere */
378 unit_add_to_dbus_queue(u);
379
380 return 0;
381 }
382
383 int unit_set_description(Unit *u, const char *description) {
384 int r;
385
386 assert(u);
387
388 r = free_and_strdup(&u->description, empty_to_null(description));
389 if (r < 0)
390 return r;
391 if (r > 0)
392 unit_add_to_dbus_queue(u);
393
394 return 0;
395 }
396
397 static bool unit_success_failure_handler_has_jobs(Unit *unit) {
398 Unit *other;
399
400 UNIT_FOREACH_DEPENDENCY(other, unit, UNIT_ATOM_ON_SUCCESS)
401 if (other->job || other->nop_job)
402 return true;
403
404 UNIT_FOREACH_DEPENDENCY(other, unit, UNIT_ATOM_ON_FAILURE)
405 if (other->job || other->nop_job)
406 return true;
407
408 return false;
409 }
410
411 void unit_release_resources(Unit *u) {
412 UnitActiveState state;
413 ExecContext *ec;
414
415 assert(u);
416
417 if (u->job || u->nop_job)
418 return;
419
420 if (u->perpetual)
421 return;
422
423 state = unit_active_state(u);
424 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
425 return;
426
427 if (unit_will_restart(u))
428 return;
429
430 ec = unit_get_exec_context(u);
431 if (ec && ec->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART)
432 exec_context_destroy_runtime_directory(ec, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
433
434 if (UNIT_VTABLE(u)->release_resources)
435 UNIT_VTABLE(u)->release_resources(u);
436 }
437
438 bool unit_may_gc(Unit *u) {
439 UnitActiveState state;
440 int r;
441
442 assert(u);
443
444 /* Checks whether the unit is ready to be unloaded for garbage collection. Returns true when the
445 * unit may be collected, and false if there's some reason to keep it loaded.
446 *
447 * References from other units are *not* checked here. Instead, this is done in unit_gc_sweep(), but
448 * using markers to properly collect dependency loops.
449 */
450
451 if (u->job || u->nop_job)
452 return false;
453
454 if (u->perpetual)
455 return false;
456
457 /* if we saw a cgroup empty event for this unit, stay around until we processed it so that we remove
458 * the empty cgroup if possible. Similar, process any pending OOM events if they are already queued
459 * before we release the unit. */
460 if (u->in_cgroup_empty_queue || u->in_cgroup_oom_queue)
461 return false;
462
463 /* Make sure to send out D-Bus events before we unload the unit */
464 if (u->in_dbus_queue)
465 return false;
466
467 if (sd_bus_track_count(u->bus_track) > 0)
468 return false;
469
470 state = unit_active_state(u);
471
472 /* But we keep the unit object around for longer when it is referenced or configured to not be
473 * gc'ed */
474 switch (u->collect_mode) {
475
476 case COLLECT_INACTIVE:
477 if (state != UNIT_INACTIVE)
478 return false;
479
480 break;
481
482 case COLLECT_INACTIVE_OR_FAILED:
483 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
484 return false;
485
486 break;
487
488 default:
489 assert_not_reached();
490 }
491
492 /* Check if any OnFailure= or on Success= jobs may be pending */
493 if (unit_success_failure_handler_has_jobs(u))
494 return false;
495
496 if (u->cgroup_path) {
497 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
498 * around. Units with active processes should never be collected. */
499
500 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
501 if (r < 0)
502 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", empty_to_root(u->cgroup_path));
503 if (r <= 0)
504 return false;
505 }
506
507 if (!UNIT_VTABLE(u)->may_gc)
508 return true;
509
510 return UNIT_VTABLE(u)->may_gc(u);
511 }
512
513 void unit_add_to_load_queue(Unit *u) {
514 assert(u);
515 assert(u->type != _UNIT_TYPE_INVALID);
516
517 if (u->load_state != UNIT_STUB || u->in_load_queue)
518 return;
519
520 LIST_PREPEND(load_queue, u->manager->load_queue, u);
521 u->in_load_queue = true;
522 }
523
524 void unit_add_to_cleanup_queue(Unit *u) {
525 assert(u);
526
527 if (u->in_cleanup_queue)
528 return;
529
530 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
531 u->in_cleanup_queue = true;
532 }
533
534 void unit_add_to_gc_queue(Unit *u) {
535 assert(u);
536
537 if (u->in_gc_queue || u->in_cleanup_queue)
538 return;
539
540 if (!unit_may_gc(u))
541 return;
542
543 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
544 u->in_gc_queue = true;
545 }
546
547 void unit_add_to_dbus_queue(Unit *u) {
548 assert(u);
549 assert(u->type != _UNIT_TYPE_INVALID);
550
551 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
552 return;
553
554 /* Shortcut things if nobody cares */
555 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
556 sd_bus_track_count(u->bus_track) <= 0 &&
557 set_isempty(u->manager->private_buses)) {
558 u->sent_dbus_new_signal = true;
559 return;
560 }
561
562 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
563 u->in_dbus_queue = true;
564 }
565
566 void unit_submit_to_stop_when_unneeded_queue(Unit *u) {
567 assert(u);
568
569 if (u->in_stop_when_unneeded_queue)
570 return;
571
572 if (!u->stop_when_unneeded)
573 return;
574
575 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
576 return;
577
578 LIST_PREPEND(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
579 u->in_stop_when_unneeded_queue = true;
580 }
581
582 void unit_submit_to_start_when_upheld_queue(Unit *u) {
583 assert(u);
584
585 if (u->in_start_when_upheld_queue)
586 return;
587
588 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)))
589 return;
590
591 if (!unit_has_dependency(u, UNIT_ATOM_START_STEADILY, NULL))
592 return;
593
594 LIST_PREPEND(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
595 u->in_start_when_upheld_queue = true;
596 }
597
598 void unit_submit_to_stop_when_bound_queue(Unit *u) {
599 assert(u);
600
601 if (u->in_stop_when_bound_queue)
602 return;
603
604 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
605 return;
606
607 if (!unit_has_dependency(u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT, NULL))
608 return;
609
610 LIST_PREPEND(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
611 u->in_stop_when_bound_queue = true;
612 }
613
614 static bool unit_can_release_resources(Unit *u) {
615 ExecContext *ec;
616
617 assert(u);
618
619 if (UNIT_VTABLE(u)->release_resources)
620 return true;
621
622 ec = unit_get_exec_context(u);
623 if (ec && ec->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART)
624 return true;
625
626 return false;
627 }
628
629 void unit_submit_to_release_resources_queue(Unit *u) {
630 assert(u);
631
632 if (u->in_release_resources_queue)
633 return;
634
635 if (u->job || u->nop_job)
636 return;
637
638 if (u->perpetual)
639 return;
640
641 if (!unit_can_release_resources(u))
642 return;
643
644 LIST_PREPEND(release_resources_queue, u->manager->release_resources_queue, u);
645 u->in_release_resources_queue = true;
646 }
647
648 static void unit_clear_dependencies(Unit *u) {
649 assert(u);
650
651 /* Removes all dependencies configured on u and their reverse dependencies. */
652
653 for (Hashmap *deps; (deps = hashmap_steal_first(u->dependencies));) {
654
655 for (Unit *other; (other = hashmap_steal_first_key(deps));) {
656 Hashmap *other_deps;
657
658 HASHMAP_FOREACH(other_deps, other->dependencies)
659 hashmap_remove(other_deps, u);
660
661 unit_add_to_gc_queue(other);
662 }
663
664 hashmap_free(deps);
665 }
666
667 u->dependencies = hashmap_free(u->dependencies);
668 }
669
670 static void unit_remove_transient(Unit *u) {
671 assert(u);
672
673 if (!u->transient)
674 return;
675
676 if (u->fragment_path)
677 (void) unlink(u->fragment_path);
678
679 STRV_FOREACH(i, u->dropin_paths) {
680 _cleanup_free_ char *p = NULL, *pp = NULL;
681
682 if (path_extract_directory(*i, &p) < 0) /* Get the drop-in directory from the drop-in file */
683 continue;
684
685 if (path_extract_directory(p, &pp) < 0) /* Get the config directory from the drop-in directory */
686 continue;
687
688 /* Only drop transient drop-ins */
689 if (!path_equal(u->manager->lookup_paths.transient, pp))
690 continue;
691
692 (void) unlink(*i);
693 (void) rmdir(p);
694 }
695 }
696
697 static void unit_free_requires_mounts_for(Unit *u) {
698 assert(u);
699
700 for (;;) {
701 _cleanup_free_ char *path = NULL;
702
703 path = hashmap_steal_first_key(u->requires_mounts_for);
704 if (!path)
705 break;
706 else {
707 char s[strlen(path) + 1];
708
709 PATH_FOREACH_PREFIX_MORE(s, path) {
710 char *y;
711 Set *x;
712
713 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
714 if (!x)
715 continue;
716
717 (void) set_remove(x, u);
718
719 if (set_isempty(x)) {
720 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
721 free(y);
722 set_free(x);
723 }
724 }
725 }
726 }
727
728 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
729 }
730
731 static void unit_done(Unit *u) {
732 ExecContext *ec;
733 CGroupContext *cc;
734
735 assert(u);
736
737 if (u->type < 0)
738 return;
739
740 if (UNIT_VTABLE(u)->done)
741 UNIT_VTABLE(u)->done(u);
742
743 ec = unit_get_exec_context(u);
744 if (ec)
745 exec_context_done(ec);
746
747 cc = unit_get_cgroup_context(u);
748 if (cc)
749 cgroup_context_done(cc);
750 }
751
752 Unit* unit_free(Unit *u) {
753 Unit *slice;
754 char *t;
755
756 if (!u)
757 return NULL;
758
759 sd_event_source_disable_unref(u->auto_start_stop_event_source);
760
761 u->transient_file = safe_fclose(u->transient_file);
762
763 if (!MANAGER_IS_RELOADING(u->manager))
764 unit_remove_transient(u);
765
766 bus_unit_send_removed_signal(u);
767
768 unit_done(u);
769
770 unit_dequeue_rewatch_pids(u);
771
772 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
773 u->bus_track = sd_bus_track_unref(u->bus_track);
774 u->deserialized_refs = strv_free(u->deserialized_refs);
775 u->pending_freezer_invocation = sd_bus_message_unref(u->pending_freezer_invocation);
776
777 unit_free_requires_mounts_for(u);
778
779 SET_FOREACH(t, u->aliases)
780 hashmap_remove_value(u->manager->units, t, u);
781 if (u->id)
782 hashmap_remove_value(u->manager->units, u->id, u);
783
784 if (!sd_id128_is_null(u->invocation_id))
785 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
786
787 if (u->job) {
788 Job *j = u->job;
789 job_uninstall(j);
790 job_free(j);
791 }
792
793 if (u->nop_job) {
794 Job *j = u->nop_job;
795 job_uninstall(j);
796 job_free(j);
797 }
798
799 /* A unit is being dropped from the tree, make sure our family is realized properly. Do this after we
800 * detach the unit from slice tree in order to eliminate its effect on controller masks. */
801 slice = UNIT_GET_SLICE(u);
802 unit_clear_dependencies(u);
803 if (slice)
804 unit_add_family_to_cgroup_realize_queue(slice);
805
806 if (u->on_console)
807 manager_unref_console(u->manager);
808
809 fdset_free(u->initial_socket_bind_link_fds);
810 #if BPF_FRAMEWORK
811 bpf_link_free(u->ipv4_socket_bind_link);
812 bpf_link_free(u->ipv6_socket_bind_link);
813 #endif
814
815 unit_release_cgroup(u);
816
817 if (!MANAGER_IS_RELOADING(u->manager))
818 unit_unlink_state_files(u);
819
820 unit_unref_uid_gid(u, false);
821
822 (void) manager_update_failed_units(u->manager, u, false);
823 set_remove(u->manager->startup_units, u);
824
825 unit_unwatch_all_pids(u);
826
827 while (u->refs_by_target)
828 unit_ref_unset(u->refs_by_target);
829
830 if (u->type != _UNIT_TYPE_INVALID)
831 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
832
833 if (u->in_load_queue)
834 LIST_REMOVE(load_queue, u->manager->load_queue, u);
835
836 if (u->in_dbus_queue)
837 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
838
839 if (u->in_cleanup_queue)
840 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
841
842 if (u->in_gc_queue)
843 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
844
845 if (u->in_cgroup_realize_queue)
846 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
847
848 if (u->in_cgroup_empty_queue)
849 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
850
851 if (u->in_cgroup_oom_queue)
852 LIST_REMOVE(cgroup_oom_queue, u->manager->cgroup_oom_queue, u);
853
854 if (u->in_target_deps_queue)
855 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
856
857 if (u->in_stop_when_unneeded_queue)
858 LIST_REMOVE(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
859
860 if (u->in_start_when_upheld_queue)
861 LIST_REMOVE(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
862
863 if (u->in_stop_when_bound_queue)
864 LIST_REMOVE(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
865
866 if (u->in_release_resources_queue)
867 LIST_REMOVE(release_resources_queue, u->manager->release_resources_queue, u);
868
869 bpf_firewall_close(u);
870
871 hashmap_free(u->bpf_foreign_by_key);
872
873 bpf_program_free(u->bpf_device_control_installed);
874
875 #if BPF_FRAMEWORK
876 bpf_link_free(u->restrict_ifaces_ingress_bpf_link);
877 bpf_link_free(u->restrict_ifaces_egress_bpf_link);
878 #endif
879 fdset_free(u->initial_restric_ifaces_link_fds);
880
881 condition_free_list(u->conditions);
882 condition_free_list(u->asserts);
883
884 free(u->description);
885 strv_free(u->documentation);
886 free(u->fragment_path);
887 free(u->source_path);
888 strv_free(u->dropin_paths);
889 free(u->instance);
890
891 free(u->job_timeout_reboot_arg);
892 free(u->reboot_arg);
893
894 free(u->access_selinux_context);
895
896 set_free_free(u->aliases);
897 free(u->id);
898
899 activation_details_unref(u->activation_details);
900
901 return mfree(u);
902 }
903
904 FreezerState unit_freezer_state(Unit *u) {
905 assert(u);
906
907 return u->freezer_state;
908 }
909
910 int unit_freezer_state_kernel(Unit *u, FreezerState *ret) {
911 char *values[1] = {};
912 int r;
913
914 assert(u);
915
916 r = cg_get_keyed_attribute(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, "cgroup.events",
917 STRV_MAKE("frozen"), values);
918 if (r < 0)
919 return r;
920
921 r = _FREEZER_STATE_INVALID;
922
923 if (values[0]) {
924 if (streq(values[0], "0"))
925 r = FREEZER_RUNNING;
926 else if (streq(values[0], "1"))
927 r = FREEZER_FROZEN;
928 }
929
930 free(values[0]);
931 *ret = r;
932
933 return 0;
934 }
935
936 UnitActiveState unit_active_state(Unit *u) {
937 assert(u);
938
939 if (u->load_state == UNIT_MERGED)
940 return unit_active_state(unit_follow_merge(u));
941
942 /* After a reload it might happen that a unit is not correctly
943 * loaded but still has a process around. That's why we won't
944 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
945
946 return UNIT_VTABLE(u)->active_state(u);
947 }
948
949 const char* unit_sub_state_to_string(Unit *u) {
950 assert(u);
951
952 return UNIT_VTABLE(u)->sub_state_to_string(u);
953 }
954
955 static int unit_merge_names(Unit *u, Unit *other) {
956 char *name;
957 int r;
958
959 assert(u);
960 assert(other);
961
962 r = unit_add_alias(u, other->id);
963 if (r < 0)
964 return r;
965
966 r = set_move(u->aliases, other->aliases);
967 if (r < 0) {
968 set_remove(u->aliases, other->id);
969 return r;
970 }
971
972 TAKE_PTR(other->id);
973 other->aliases = set_free_free(other->aliases);
974
975 SET_FOREACH(name, u->aliases)
976 assert_se(hashmap_replace(u->manager->units, name, u) == 0);
977
978 return 0;
979 }
980
981 static int unit_reserve_dependencies(Unit *u, Unit *other) {
982 size_t n_reserve;
983 Hashmap* deps;
984 void *d;
985 int r;
986
987 assert(u);
988 assert(other);
989
990 /* Let's reserve some space in the dependency hashmaps so that later on merging the units cannot
991 * fail.
992 *
993 * First make some room in the per dependency type hashmaps. Using the summed size of both units'
994 * hashmaps is an estimate that is likely too high since they probably use some of the same
995 * types. But it's never too low, and that's all we need. */
996
997 n_reserve = MIN(hashmap_size(other->dependencies), LESS_BY((size_t) _UNIT_DEPENDENCY_MAX, hashmap_size(u->dependencies)));
998 if (n_reserve > 0) {
999 r = hashmap_ensure_allocated(&u->dependencies, NULL);
1000 if (r < 0)
1001 return r;
1002
1003 r = hashmap_reserve(u->dependencies, n_reserve);
1004 if (r < 0)
1005 return r;
1006 }
1007
1008 /* Now, enlarge our per dependency type hashmaps by the number of entries in the same hashmap of the
1009 * other unit's dependencies.
1010 *
1011 * NB: If u does not have a dependency set allocated for some dependency type, there is no need to
1012 * reserve anything for. In that case other's set will be transferred as a whole to u by
1013 * complete_move(). */
1014
1015 HASHMAP_FOREACH_KEY(deps, d, u->dependencies) {
1016 Hashmap *other_deps;
1017
1018 other_deps = hashmap_get(other->dependencies, d);
1019
1020 r = hashmap_reserve(deps, hashmap_size(other_deps));
1021 if (r < 0)
1022 return r;
1023 }
1024
1025 return 0;
1026 }
1027
1028 static bool unit_should_warn_about_dependency(UnitDependency dependency) {
1029 /* Only warn about some unit types */
1030 return IN_SET(dependency,
1031 UNIT_CONFLICTS,
1032 UNIT_CONFLICTED_BY,
1033 UNIT_BEFORE,
1034 UNIT_AFTER,
1035 UNIT_ON_SUCCESS,
1036 UNIT_ON_FAILURE,
1037 UNIT_TRIGGERS,
1038 UNIT_TRIGGERED_BY);
1039 }
1040
1041 static int unit_per_dependency_type_hashmap_update(
1042 Hashmap *per_type,
1043 Unit *other,
1044 UnitDependencyMask origin_mask,
1045 UnitDependencyMask destination_mask) {
1046
1047 UnitDependencyInfo info;
1048 int r;
1049
1050 assert(other);
1051 assert_cc(sizeof(void*) == sizeof(info));
1052
1053 /* Acquire the UnitDependencyInfo entry for the Unit* we are interested in, and update it if it
1054 * exists, or insert it anew if not. */
1055
1056 info.data = hashmap_get(per_type, other);
1057 if (info.data) {
1058 /* Entry already exists. Add in our mask. */
1059
1060 if (FLAGS_SET(origin_mask, info.origin_mask) &&
1061 FLAGS_SET(destination_mask, info.destination_mask))
1062 return 0; /* NOP */
1063
1064 info.origin_mask |= origin_mask;
1065 info.destination_mask |= destination_mask;
1066
1067 r = hashmap_update(per_type, other, info.data);
1068 } else {
1069 info = (UnitDependencyInfo) {
1070 .origin_mask = origin_mask,
1071 .destination_mask = destination_mask,
1072 };
1073
1074 r = hashmap_put(per_type, other, info.data);
1075 }
1076 if (r < 0)
1077 return r;
1078
1079 return 1;
1080 }
1081
1082 static void unit_merge_dependencies(Unit *u, Unit *other) {
1083 Hashmap *deps;
1084 void *dt; /* Actually of type UnitDependency, except that we don't bother casting it here,
1085 * since the hashmaps all want it as void pointer. */
1086
1087 assert(u);
1088 assert(other);
1089
1090 if (u == other)
1091 return;
1092
1093 /* First, remove dependency to other. */
1094 HASHMAP_FOREACH_KEY(deps, dt, u->dependencies) {
1095 if (hashmap_remove(deps, other) && unit_should_warn_about_dependency(UNIT_DEPENDENCY_FROM_PTR(dt)))
1096 log_unit_warning(u, "Dependency %s=%s is dropped, as %s is merged into %s.",
1097 unit_dependency_to_string(UNIT_DEPENDENCY_FROM_PTR(dt)),
1098 other->id, other->id, u->id);
1099
1100 if (hashmap_isempty(deps))
1101 hashmap_free(hashmap_remove(u->dependencies, dt));
1102 }
1103
1104 for (;;) {
1105 _cleanup_hashmap_free_ Hashmap *other_deps = NULL;
1106 UnitDependencyInfo di_back;
1107 Unit *back;
1108
1109 /* Let's focus on one dependency type at a time, that 'other' has defined. */
1110 other_deps = hashmap_steal_first_key_and_value(other->dependencies, &dt);
1111 if (!other_deps)
1112 break; /* done! */
1113
1114 deps = hashmap_get(u->dependencies, dt);
1115
1116 /* Now iterate through all dependencies of this dependency type, of 'other'. We refer to the
1117 * referenced units as 'back'. */
1118 HASHMAP_FOREACH_KEY(di_back.data, back, other_deps) {
1119 Hashmap *back_deps;
1120 void *back_dt;
1121
1122 if (back == u) {
1123 /* This is a dependency pointing back to the unit we want to merge with?
1124 * Suppress it (but warn) */
1125 if (unit_should_warn_about_dependency(UNIT_DEPENDENCY_FROM_PTR(dt)))
1126 log_unit_warning(u, "Dependency %s=%s in %s is dropped, as %s is merged into %s.",
1127 unit_dependency_to_string(UNIT_DEPENDENCY_FROM_PTR(dt)),
1128 u->id, other->id, other->id, u->id);
1129
1130 hashmap_remove(other_deps, back);
1131 continue;
1132 }
1133
1134 /* Now iterate through all deps of 'back', and fix the ones pointing to 'other' to
1135 * point to 'u' instead. */
1136 HASHMAP_FOREACH_KEY(back_deps, back_dt, back->dependencies) {
1137 UnitDependencyInfo di_move;
1138
1139 di_move.data = hashmap_remove(back_deps, other);
1140 if (!di_move.data)
1141 continue;
1142
1143 assert_se(unit_per_dependency_type_hashmap_update(
1144 back_deps,
1145 u,
1146 di_move.origin_mask,
1147 di_move.destination_mask) >= 0);
1148 }
1149
1150 /* The target unit already has dependencies of this type, let's then merge this individually. */
1151 if (deps)
1152 assert_se(unit_per_dependency_type_hashmap_update(
1153 deps,
1154 back,
1155 di_back.origin_mask,
1156 di_back.destination_mask) >= 0);
1157 }
1158
1159 /* Now all references towards 'other' of the current type 'dt' are corrected to point to 'u'.
1160 * Lets's now move the deps of type 'dt' from 'other' to 'u'. If the unit does not have
1161 * dependencies of this type, let's move them per type wholesale. */
1162 if (!deps)
1163 assert_se(hashmap_put(u->dependencies, dt, TAKE_PTR(other_deps)) >= 0);
1164 }
1165
1166 other->dependencies = hashmap_free(other->dependencies);
1167 }
1168
1169 int unit_merge(Unit *u, Unit *other) {
1170 int r;
1171
1172 assert(u);
1173 assert(other);
1174 assert(u->manager == other->manager);
1175 assert(u->type != _UNIT_TYPE_INVALID);
1176
1177 other = unit_follow_merge(other);
1178
1179 if (other == u)
1180 return 0;
1181
1182 if (u->type != other->type)
1183 return -EINVAL;
1184
1185 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
1186 return -EEXIST;
1187
1188 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
1189 return -EEXIST;
1190
1191 if (!streq_ptr(u->instance, other->instance))
1192 return -EINVAL;
1193
1194 if (other->job)
1195 return -EEXIST;
1196
1197 if (other->nop_job)
1198 return -EEXIST;
1199
1200 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
1201 return -EEXIST;
1202
1203 /* Make reservations to ensure merge_dependencies() won't fail. We don't rollback reservations if we
1204 * fail. We don't have a way to undo reservations. A reservation is not a leak. */
1205 r = unit_reserve_dependencies(u, other);
1206 if (r < 0)
1207 return r;
1208
1209 /* Redirect all references */
1210 while (other->refs_by_target)
1211 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
1212
1213 /* Merge dependencies */
1214 unit_merge_dependencies(u, other);
1215
1216 /* Merge names. It is better to do that after merging deps, otherwise the log message contains n/a. */
1217 r = unit_merge_names(u, other);
1218 if (r < 0)
1219 return r;
1220
1221 other->load_state = UNIT_MERGED;
1222 other->merged_into = u;
1223
1224 if (!u->activation_details)
1225 u->activation_details = activation_details_ref(other->activation_details);
1226
1227 /* If there is still some data attached to the other node, we
1228 * don't need it anymore, and can free it. */
1229 if (other->load_state != UNIT_STUB)
1230 if (UNIT_VTABLE(other)->done)
1231 UNIT_VTABLE(other)->done(other);
1232
1233 unit_add_to_dbus_queue(u);
1234 unit_add_to_cleanup_queue(other);
1235
1236 return 0;
1237 }
1238
1239 int unit_merge_by_name(Unit *u, const char *name) {
1240 _cleanup_free_ char *s = NULL;
1241 Unit *other;
1242 int r;
1243
1244 /* Either add name to u, or if a unit with name already exists, merge it with u.
1245 * If name is a template, do the same for name@instance, where instance is u's instance. */
1246
1247 assert(u);
1248 assert(name);
1249
1250 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
1251 if (!u->instance)
1252 return -EINVAL;
1253
1254 r = unit_name_replace_instance(name, u->instance, &s);
1255 if (r < 0)
1256 return r;
1257
1258 name = s;
1259 }
1260
1261 other = manager_get_unit(u->manager, name);
1262 if (other)
1263 return unit_merge(u, other);
1264
1265 return unit_add_name(u, name);
1266 }
1267
1268 Unit* unit_follow_merge(Unit *u) {
1269 assert(u);
1270
1271 while (u->load_state == UNIT_MERGED)
1272 assert_se(u = u->merged_into);
1273
1274 return u;
1275 }
1276
1277 int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
1278 int r;
1279
1280 assert(u);
1281 assert(c);
1282
1283 /* Unlike unit_add_dependency() or friends, this always returns 0 on success. */
1284
1285 if (c->working_directory && !c->working_directory_missing_ok) {
1286 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
1287 if (r < 0)
1288 return r;
1289 }
1290
1291 if (c->root_directory) {
1292 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
1293 if (r < 0)
1294 return r;
1295 }
1296
1297 if (c->root_image) {
1298 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
1299 if (r < 0)
1300 return r;
1301 }
1302
1303 for (ExecDirectoryType dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
1304 if (!u->manager->prefix[dt])
1305 continue;
1306
1307 for (size_t i = 0; i < c->directories[dt].n_items; i++) {
1308 _cleanup_free_ char *p = NULL;
1309
1310 p = path_join(u->manager->prefix[dt], c->directories[dt].items[i].path);
1311 if (!p)
1312 return -ENOMEM;
1313
1314 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
1315 if (r < 0)
1316 return r;
1317 }
1318 }
1319
1320 if (!MANAGER_IS_SYSTEM(u->manager))
1321 return 0;
1322
1323 /* For the following three directory types we need write access, and /var/ is possibly on the root
1324 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
1325 if (c->directories[EXEC_DIRECTORY_STATE].n_items > 0 ||
1326 c->directories[EXEC_DIRECTORY_CACHE].n_items > 0 ||
1327 c->directories[EXEC_DIRECTORY_LOGS].n_items > 0) {
1328 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_REMOUNT_FS_SERVICE, true, UNIT_DEPENDENCY_FILE);
1329 if (r < 0)
1330 return r;
1331 }
1332
1333 if (c->private_tmp) {
1334
1335 /* FIXME: for now we make a special case for /tmp and add a weak dependency on
1336 * tmp.mount so /tmp being masked is supported. However there's no reason to treat
1337 * /tmp specifically and masking other mount units should be handled more
1338 * gracefully too, see PR#16894. */
1339 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "tmp.mount", true, UNIT_DEPENDENCY_FILE);
1340 if (r < 0)
1341 return r;
1342
1343 r = unit_require_mounts_for(u, "/var/tmp", UNIT_DEPENDENCY_FILE);
1344 if (r < 0)
1345 return r;
1346
1347 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, true, UNIT_DEPENDENCY_FILE);
1348 if (r < 0)
1349 return r;
1350 }
1351
1352 if (c->root_image) {
1353 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1354 * implicit dependency on udev */
1355
1356 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_UDEVD_SERVICE, true, UNIT_DEPENDENCY_FILE);
1357 if (r < 0)
1358 return r;
1359 }
1360
1361 if (!IN_SET(c->std_output,
1362 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1363 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
1364 !IN_SET(c->std_error,
1365 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1366 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
1367 !c->log_namespace)
1368 return 0;
1369
1370 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1371 * is run first. */
1372
1373 if (c->log_namespace) {
1374 _cleanup_free_ char *socket_unit = NULL, *varlink_socket_unit = NULL;
1375
1376 r = unit_name_build_from_type("systemd-journald", c->log_namespace, UNIT_SOCKET, &socket_unit);
1377 if (r < 0)
1378 return r;
1379
1380 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, socket_unit, true, UNIT_DEPENDENCY_FILE);
1381 if (r < 0)
1382 return r;
1383
1384 r = unit_name_build_from_type("systemd-journald-varlink", c->log_namespace, UNIT_SOCKET, &varlink_socket_unit);
1385 if (r < 0)
1386 return r;
1387
1388 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, varlink_socket_unit, true, UNIT_DEPENDENCY_FILE);
1389 if (r < 0)
1390 return r;
1391 } else {
1392 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, true, UNIT_DEPENDENCY_FILE);
1393 if (r < 0)
1394 return r;
1395 }
1396
1397 r = unit_add_default_credential_dependencies(u, c);
1398 if (r < 0)
1399 return r;
1400
1401 return 0;
1402 }
1403
1404 const char* unit_description(Unit *u) {
1405 assert(u);
1406
1407 if (u->description)
1408 return u->description;
1409
1410 return strna(u->id);
1411 }
1412
1413 const char* unit_status_string(Unit *u, char **ret_combined_buffer) {
1414 assert(u);
1415 assert(u->id);
1416
1417 /* Return u->id, u->description, or "{u->id} - {u->description}".
1418 * Versions with u->description are only used if it is set.
1419 * The last option is used if configured and the caller provided the 'ret_combined_buffer'
1420 * pointer.
1421 *
1422 * Note that *ret_combined_buffer may be set to NULL. */
1423
1424 if (!u->description ||
1425 u->manager->status_unit_format == STATUS_UNIT_FORMAT_NAME ||
1426 (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && !ret_combined_buffer) ||
1427 streq(u->description, u->id)) {
1428
1429 if (ret_combined_buffer)
1430 *ret_combined_buffer = NULL;
1431 return u->id;
1432 }
1433
1434 if (ret_combined_buffer) {
1435 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED) {
1436 *ret_combined_buffer = strjoin(u->id, " - ", u->description);
1437 if (*ret_combined_buffer)
1438 return *ret_combined_buffer;
1439 log_oom(); /* Fall back to ->description */
1440 } else
1441 *ret_combined_buffer = NULL;
1442 }
1443
1444 return u->description;
1445 }
1446
1447 /* Common implementation for multiple backends */
1448 int unit_load_fragment_and_dropin(Unit *u, bool fragment_required) {
1449 int r;
1450
1451 assert(u);
1452
1453 /* Load a .{service,socket,...} file */
1454 r = unit_load_fragment(u);
1455 if (r < 0)
1456 return r;
1457
1458 if (u->load_state == UNIT_STUB) {
1459 if (fragment_required)
1460 return -ENOENT;
1461
1462 u->load_state = UNIT_LOADED;
1463 }
1464
1465 /* Load drop-in directory data. If u is an alias, we might be reloading the
1466 * target unit needlessly. But we cannot be sure which drops-ins have already
1467 * been loaded and which not, at least without doing complicated book-keeping,
1468 * so let's always reread all drop-ins. */
1469 r = unit_load_dropin(unit_follow_merge(u));
1470 if (r < 0)
1471 return r;
1472
1473 if (u->source_path) {
1474 struct stat st;
1475
1476 if (stat(u->source_path, &st) >= 0)
1477 u->source_mtime = timespec_load(&st.st_mtim);
1478 else
1479 u->source_mtime = 0;
1480 }
1481
1482 return 0;
1483 }
1484
1485 void unit_add_to_target_deps_queue(Unit *u) {
1486 Manager *m = ASSERT_PTR(ASSERT_PTR(u)->manager);
1487
1488 if (u->in_target_deps_queue)
1489 return;
1490
1491 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1492 u->in_target_deps_queue = true;
1493 }
1494
1495 int unit_add_default_target_dependency(Unit *u, Unit *target) {
1496 assert(u);
1497 assert(target);
1498
1499 if (target->type != UNIT_TARGET)
1500 return 0;
1501
1502 /* Only add the dependency if both units are loaded, so that
1503 * that loop check below is reliable */
1504 if (u->load_state != UNIT_LOADED ||
1505 target->load_state != UNIT_LOADED)
1506 return 0;
1507
1508 /* If either side wants no automatic dependencies, then let's
1509 * skip this */
1510 if (!u->default_dependencies ||
1511 !target->default_dependencies)
1512 return 0;
1513
1514 /* Don't create loops */
1515 if (unit_has_dependency(target, UNIT_ATOM_BEFORE, u))
1516 return 0;
1517
1518 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
1519 }
1520
1521 static int unit_add_slice_dependencies(Unit *u) {
1522 Unit *slice;
1523 assert(u);
1524
1525 if (!UNIT_HAS_CGROUP_CONTEXT(u))
1526 return 0;
1527
1528 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1529 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1530 relationship). */
1531 UnitDependencyMask mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
1532
1533 slice = UNIT_GET_SLICE(u);
1534 if (slice)
1535 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, slice, true, mask);
1536
1537 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
1538 return 0;
1539
1540 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, true, mask);
1541 }
1542
1543 static int unit_add_mount_dependencies(Unit *u) {
1544 UnitDependencyInfo di;
1545 const char *path;
1546 bool changed = false;
1547 int r;
1548
1549 assert(u);
1550
1551 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for) {
1552 char prefix[strlen(path) + 1];
1553
1554 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1555 _cleanup_free_ char *p = NULL;
1556 Unit *m;
1557
1558 r = unit_name_from_path(prefix, ".mount", &p);
1559 if (r == -EINVAL)
1560 continue; /* If the path cannot be converted to a mount unit name, then it's
1561 * not manageable as a unit by systemd, and hence we don't need a
1562 * dependency on it. Let's thus silently ignore the issue. */
1563 if (r < 0)
1564 return r;
1565
1566 m = manager_get_unit(u->manager, p);
1567 if (!m) {
1568 /* Make sure to load the mount unit if it exists. If so the dependencies on
1569 * this unit will be added later during the loading of the mount unit. */
1570 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
1571 continue;
1572 }
1573 if (m == u)
1574 continue;
1575
1576 if (m->load_state != UNIT_LOADED)
1577 continue;
1578
1579 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
1580 if (r < 0)
1581 return r;
1582 changed = changed || r > 0;
1583
1584 if (m->fragment_path) {
1585 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
1586 if (r < 0)
1587 return r;
1588 changed = changed || r > 0;
1589 }
1590 }
1591 }
1592
1593 return changed;
1594 }
1595
1596 static int unit_add_oomd_dependencies(Unit *u) {
1597 CGroupContext *c;
1598 CGroupMask mask;
1599 int r;
1600
1601 assert(u);
1602
1603 if (!u->default_dependencies)
1604 return 0;
1605
1606 c = unit_get_cgroup_context(u);
1607 if (!c)
1608 return 0;
1609
1610 bool wants_oomd = c->moom_swap == MANAGED_OOM_KILL || c->moom_mem_pressure == MANAGED_OOM_KILL;
1611 if (!wants_oomd)
1612 return 0;
1613
1614 if (!cg_all_unified())
1615 return 0;
1616
1617 r = cg_mask_supported(&mask);
1618 if (r < 0)
1619 return log_debug_errno(r, "Failed to determine supported controllers: %m");
1620
1621 if (!FLAGS_SET(mask, CGROUP_MASK_MEMORY))
1622 return 0;
1623
1624 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "systemd-oomd.service", true, UNIT_DEPENDENCY_FILE);
1625 }
1626
1627 static int unit_add_startup_units(Unit *u) {
1628 if (!unit_has_startup_cgroup_constraints(u))
1629 return 0;
1630
1631 return set_ensure_put(&u->manager->startup_units, NULL, u);
1632 }
1633
1634 static int unit_validate_on_failure_job_mode(
1635 Unit *u,
1636 const char *job_mode_setting,
1637 JobMode job_mode,
1638 const char *dependency_name,
1639 UnitDependencyAtom atom) {
1640
1641 Unit *other, *found = NULL;
1642
1643 if (job_mode != JOB_ISOLATE)
1644 return 0;
1645
1646 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
1647 if (!found)
1648 found = other;
1649 else if (found != other)
1650 return log_unit_error_errno(
1651 u, SYNTHETIC_ERRNO(ENOEXEC),
1652 "More than one %s dependencies specified but %sisolate set. Refusing.",
1653 dependency_name, job_mode_setting);
1654 }
1655
1656 return 0;
1657 }
1658
1659 int unit_load(Unit *u) {
1660 int r;
1661
1662 assert(u);
1663
1664 if (u->in_load_queue) {
1665 LIST_REMOVE(load_queue, u->manager->load_queue, u);
1666 u->in_load_queue = false;
1667 }
1668
1669 if (u->type == _UNIT_TYPE_INVALID)
1670 return -EINVAL;
1671
1672 if (u->load_state != UNIT_STUB)
1673 return 0;
1674
1675 if (u->transient_file) {
1676 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1677 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1678
1679 r = fflush_and_check(u->transient_file);
1680 if (r < 0)
1681 goto fail;
1682
1683 u->transient_file = safe_fclose(u->transient_file);
1684 u->fragment_mtime = now(CLOCK_REALTIME);
1685 }
1686
1687 r = UNIT_VTABLE(u)->load(u);
1688 if (r < 0)
1689 goto fail;
1690
1691 assert(u->load_state != UNIT_STUB);
1692
1693 if (u->load_state == UNIT_LOADED) {
1694 unit_add_to_target_deps_queue(u);
1695
1696 r = unit_add_slice_dependencies(u);
1697 if (r < 0)
1698 goto fail;
1699
1700 r = unit_add_mount_dependencies(u);
1701 if (r < 0)
1702 goto fail;
1703
1704 r = unit_add_oomd_dependencies(u);
1705 if (r < 0)
1706 goto fail;
1707
1708 r = unit_add_startup_units(u);
1709 if (r < 0)
1710 goto fail;
1711
1712 r = unit_validate_on_failure_job_mode(u, "OnSuccessJobMode=", u->on_success_job_mode, "OnSuccess=", UNIT_ATOM_ON_SUCCESS);
1713 if (r < 0)
1714 goto fail;
1715
1716 r = unit_validate_on_failure_job_mode(u, "OnFailureJobMode=", u->on_failure_job_mode, "OnFailure=", UNIT_ATOM_ON_FAILURE);
1717 if (r < 0)
1718 goto fail;
1719
1720 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1721 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1722
1723 /* We finished loading, let's ensure our parents recalculate the members mask */
1724 unit_invalidate_cgroup_members_masks(u);
1725 }
1726
1727 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
1728
1729 unit_add_to_dbus_queue(unit_follow_merge(u));
1730 unit_add_to_gc_queue(u);
1731 (void) manager_varlink_send_managed_oom_update(u);
1732
1733 return 0;
1734
1735 fail:
1736 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code
1737 * should hence return ENOEXEC to ensure units are placed in this state after loading. */
1738
1739 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1740 r == -ENOEXEC ? UNIT_BAD_SETTING :
1741 UNIT_ERROR;
1742 u->load_error = r;
1743
1744 /* Record the timestamp on the cache, so that if the cache gets updated between now and the next time
1745 * an attempt is made to load this unit, we know we need to check again. */
1746 if (u->load_state == UNIT_NOT_FOUND)
1747 u->fragment_not_found_timestamp_hash = u->manager->unit_cache_timestamp_hash;
1748
1749 unit_add_to_dbus_queue(u);
1750 unit_add_to_gc_queue(u);
1751
1752 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
1753 }
1754
1755 _printf_(7, 8)
1756 static int log_unit_internal(void *userdata, int level, int error, const char *file, int line, const char *func, const char *format, ...) {
1757 Unit *u = userdata;
1758 va_list ap;
1759 int r;
1760
1761 if (u && !unit_log_level_test(u, level))
1762 return -ERRNO_VALUE(error);
1763
1764 va_start(ap, format);
1765 if (u)
1766 r = log_object_internalv(level, error, file, line, func,
1767 u->manager->unit_log_field,
1768 u->id,
1769 u->manager->invocation_log_field,
1770 u->invocation_id_string,
1771 format, ap);
1772 else
1773 r = log_internalv(level, error, file, line, func, format, ap);
1774 va_end(ap);
1775
1776 return r;
1777 }
1778
1779 static bool unit_test_condition(Unit *u) {
1780 _cleanup_strv_free_ char **env = NULL;
1781 int r;
1782
1783 assert(u);
1784
1785 dual_timestamp_now(&u->condition_timestamp);
1786
1787 r = manager_get_effective_environment(u->manager, &env);
1788 if (r < 0) {
1789 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1790 u->condition_result = true;
1791 } else
1792 u->condition_result = condition_test_list(
1793 u->conditions,
1794 env,
1795 condition_type_to_string,
1796 log_unit_internal,
1797 u);
1798
1799 unit_add_to_dbus_queue(u);
1800 return u->condition_result;
1801 }
1802
1803 static bool unit_test_assert(Unit *u) {
1804 _cleanup_strv_free_ char **env = NULL;
1805 int r;
1806
1807 assert(u);
1808
1809 dual_timestamp_now(&u->assert_timestamp);
1810
1811 r = manager_get_effective_environment(u->manager, &env);
1812 if (r < 0) {
1813 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1814 u->assert_result = CONDITION_ERROR;
1815 } else
1816 u->assert_result = condition_test_list(
1817 u->asserts,
1818 env,
1819 assert_type_to_string,
1820 log_unit_internal,
1821 u);
1822
1823 unit_add_to_dbus_queue(u);
1824 return u->assert_result;
1825 }
1826
1827 void unit_status_printf(Unit *u, StatusType status_type, const char *status, const char *format, const char *ident) {
1828 if (log_get_show_color()) {
1829 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && strchr(ident, ' '))
1830 ident = strjoina(ANSI_HIGHLIGHT, u->id, ANSI_NORMAL, " - ", u->description);
1831 else
1832 ident = strjoina(ANSI_HIGHLIGHT, ident, ANSI_NORMAL);
1833 }
1834
1835 DISABLE_WARNING_FORMAT_NONLITERAL;
1836 manager_status_printf(u->manager, status_type, status, format, ident);
1837 REENABLE_WARNING;
1838 }
1839
1840 int unit_test_start_limit(Unit *u) {
1841 const char *reason;
1842
1843 assert(u);
1844
1845 if (ratelimit_below(&u->start_ratelimit)) {
1846 u->start_limit_hit = false;
1847 return 0;
1848 }
1849
1850 log_unit_warning(u, "Start request repeated too quickly.");
1851 u->start_limit_hit = true;
1852
1853 reason = strjoina("unit ", u->id, " failed");
1854
1855 emergency_action(u->manager, u->start_limit_action,
1856 EMERGENCY_ACTION_IS_WATCHDOG|EMERGENCY_ACTION_WARN,
1857 u->reboot_arg, -1, reason);
1858
1859 return -ECANCELED;
1860 }
1861
1862 static bool unit_verify_deps(Unit *u) {
1863 Unit *other;
1864
1865 assert(u);
1866
1867 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined
1868 * with After=. We do not check Requires= or Requisite= here as they only should have an effect on
1869 * the job processing, but do not have any effect afterwards. We don't check BindsTo= dependencies
1870 * that are not used in conjunction with After= as for them any such check would make things entirely
1871 * racy. */
1872
1873 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
1874
1875 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other))
1876 continue;
1877
1878 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1879 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1880 return false;
1881 }
1882 }
1883
1884 return true;
1885 }
1886
1887 /* Errors that aren't really errors:
1888 * -EALREADY: Unit is already started.
1889 * -ECOMM: Condition failed
1890 * -EAGAIN: An operation is already in progress. Retry later.
1891 *
1892 * Errors that are real errors:
1893 * -EBADR: This unit type does not support starting.
1894 * -ECANCELED: Start limit hit, too many requests for now
1895 * -EPROTO: Assert failed
1896 * -EINVAL: Unit not loaded
1897 * -EOPNOTSUPP: Unit type not supported
1898 * -ENOLINK: The necessary dependencies are not fulfilled.
1899 * -ESTALE: This unit has been started before and can't be started a second time
1900 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
1901 */
1902 int unit_start(Unit *u, ActivationDetails *details) {
1903 UnitActiveState state;
1904 Unit *following;
1905 int r;
1906
1907 assert(u);
1908
1909 /* Let's hold off running start jobs for mount units when /proc/self/mountinfo monitor is ratelimited. */
1910 if (UNIT_VTABLE(u)->subsystem_ratelimited) {
1911 r = UNIT_VTABLE(u)->subsystem_ratelimited(u->manager);
1912 if (r < 0)
1913 return r;
1914 if (r > 0)
1915 return -EAGAIN;
1916 }
1917
1918 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1919 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1920 * waiting is finished. */
1921 state = unit_active_state(u);
1922 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1923 return -EALREADY;
1924 if (state == UNIT_MAINTENANCE)
1925 return -EAGAIN;
1926
1927 /* Units that aren't loaded cannot be started */
1928 if (u->load_state != UNIT_LOADED)
1929 return -EINVAL;
1930
1931 /* Refuse starting scope units more than once */
1932 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1933 return -ESTALE;
1934
1935 /* If the conditions were unmet, don't do anything at all. If we already are activating this call might
1936 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1937 * recheck the condition in that case. */
1938 if (state != UNIT_ACTIVATING &&
1939 !unit_test_condition(u))
1940 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(ECOMM), "Starting requested but condition not met. Not starting unit.");
1941
1942 /* If the asserts failed, fail the entire job */
1943 if (state != UNIT_ACTIVATING &&
1944 !unit_test_assert(u))
1945 return log_unit_notice_errno(u, SYNTHETIC_ERRNO(EPROTO), "Starting requested but asserts failed.");
1946
1947 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1948 * condition checks, so that we rather return condition check errors (which are usually not
1949 * considered a true failure) than "not supported" errors (which are considered a failure).
1950 */
1951 if (!unit_type_supported(u->type))
1952 return -EOPNOTSUPP;
1953
1954 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1955 * should have taken care of this already, but let's check this here again. After all, our
1956 * dependencies might not be in effect anymore, due to a reload or due to an unmet condition. */
1957 if (!unit_verify_deps(u))
1958 return -ENOLINK;
1959
1960 /* Forward to the main object, if we aren't it. */
1961 following = unit_following(u);
1962 if (following) {
1963 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
1964 return unit_start(following, details);
1965 }
1966
1967 /* Check our ability to start early so that failure conditions don't cause us to enter a busy loop. */
1968 if (UNIT_VTABLE(u)->can_start) {
1969 r = UNIT_VTABLE(u)->can_start(u);
1970 if (r < 0)
1971 return r;
1972 }
1973
1974 /* If it is stopped, but we cannot start it, then fail */
1975 if (!UNIT_VTABLE(u)->start)
1976 return -EBADR;
1977
1978 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1979 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1980 * waits for a holdoff timer to elapse before it will start again. */
1981
1982 unit_add_to_dbus_queue(u);
1983 unit_cgroup_freezer_action(u, FREEZER_THAW);
1984
1985 if (!u->activation_details) /* Older details object wins */
1986 u->activation_details = activation_details_ref(details);
1987
1988 return UNIT_VTABLE(u)->start(u);
1989 }
1990
1991 bool unit_can_start(Unit *u) {
1992 assert(u);
1993
1994 if (u->load_state != UNIT_LOADED)
1995 return false;
1996
1997 if (!unit_type_supported(u->type))
1998 return false;
1999
2000 /* Scope units may be started only once */
2001 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
2002 return false;
2003
2004 return !!UNIT_VTABLE(u)->start;
2005 }
2006
2007 bool unit_can_isolate(Unit *u) {
2008 assert(u);
2009
2010 return unit_can_start(u) &&
2011 u->allow_isolate;
2012 }
2013
2014 /* Errors:
2015 * -EBADR: This unit type does not support stopping.
2016 * -EALREADY: Unit is already stopped.
2017 * -EAGAIN: An operation is already in progress. Retry later.
2018 */
2019 int unit_stop(Unit *u) {
2020 UnitActiveState state;
2021 Unit *following;
2022
2023 assert(u);
2024
2025 state = unit_active_state(u);
2026 if (UNIT_IS_INACTIVE_OR_FAILED(state))
2027 return -EALREADY;
2028
2029 following = unit_following(u);
2030 if (following) {
2031 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
2032 return unit_stop(following);
2033 }
2034
2035 if (!UNIT_VTABLE(u)->stop)
2036 return -EBADR;
2037
2038 unit_add_to_dbus_queue(u);
2039 unit_cgroup_freezer_action(u, FREEZER_THAW);
2040
2041 return UNIT_VTABLE(u)->stop(u);
2042 }
2043
2044 bool unit_can_stop(Unit *u) {
2045 assert(u);
2046
2047 /* Note: if we return true here, it does not mean that the unit may be successfully stopped.
2048 * Extrinsic units follow external state and they may stop following external state changes
2049 * (hence we return true here), but an attempt to do this through the manager will fail. */
2050
2051 if (!unit_type_supported(u->type))
2052 return false;
2053
2054 if (u->perpetual)
2055 return false;
2056
2057 return !!UNIT_VTABLE(u)->stop;
2058 }
2059
2060 /* Errors:
2061 * -EBADR: This unit type does not support reloading.
2062 * -ENOEXEC: Unit is not started.
2063 * -EAGAIN: An operation is already in progress. Retry later.
2064 */
2065 int unit_reload(Unit *u) {
2066 UnitActiveState state;
2067 Unit *following;
2068
2069 assert(u);
2070
2071 if (u->load_state != UNIT_LOADED)
2072 return -EINVAL;
2073
2074 if (!unit_can_reload(u))
2075 return -EBADR;
2076
2077 state = unit_active_state(u);
2078 if (state == UNIT_RELOADING)
2079 return -EAGAIN;
2080
2081 if (state != UNIT_ACTIVE)
2082 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "Unit cannot be reloaded because it is inactive.");
2083
2084 following = unit_following(u);
2085 if (following) {
2086 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
2087 return unit_reload(following);
2088 }
2089
2090 unit_add_to_dbus_queue(u);
2091
2092 if (!UNIT_VTABLE(u)->reload) {
2093 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
2094 unit_notify(u, unit_active_state(u), unit_active_state(u), /* reload_success = */ true);
2095 return 0;
2096 }
2097
2098 unit_cgroup_freezer_action(u, FREEZER_THAW);
2099
2100 return UNIT_VTABLE(u)->reload(u);
2101 }
2102
2103 bool unit_can_reload(Unit *u) {
2104 assert(u);
2105
2106 if (UNIT_VTABLE(u)->can_reload)
2107 return UNIT_VTABLE(u)->can_reload(u);
2108
2109 if (unit_has_dependency(u, UNIT_ATOM_PROPAGATES_RELOAD_TO, NULL))
2110 return true;
2111
2112 return UNIT_VTABLE(u)->reload;
2113 }
2114
2115 bool unit_is_unneeded(Unit *u) {
2116 Unit *other;
2117 assert(u);
2118
2119 if (!u->stop_when_unneeded)
2120 return false;
2121
2122 /* Don't clean up while the unit is transitioning or is even inactive. */
2123 if (unit_active_state(u) != UNIT_ACTIVE)
2124 return false;
2125 if (u->job)
2126 return false;
2127
2128 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_PINS_STOP_WHEN_UNNEEDED) {
2129 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
2130 * restart, then don't clean this one up. */
2131
2132 if (other->job)
2133 return false;
2134
2135 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2136 return false;
2137
2138 if (unit_will_restart(other))
2139 return false;
2140 }
2141
2142 return true;
2143 }
2144
2145 bool unit_is_upheld_by_active(Unit *u, Unit **ret_culprit) {
2146 Unit *other;
2147
2148 assert(u);
2149
2150 /* Checks if the unit needs to be started because it currently is not running, but some other unit
2151 * that is active declared an Uphold= dependencies on it */
2152
2153 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)) || u->job) {
2154 if (ret_culprit)
2155 *ret_culprit = NULL;
2156 return false;
2157 }
2158
2159 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_START_STEADILY) {
2160 if (other->job)
2161 continue;
2162
2163 if (UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
2164 if (ret_culprit)
2165 *ret_culprit = other;
2166 return true;
2167 }
2168 }
2169
2170 if (ret_culprit)
2171 *ret_culprit = NULL;
2172 return false;
2173 }
2174
2175 bool unit_is_bound_by_inactive(Unit *u, Unit **ret_culprit) {
2176 Unit *other;
2177
2178 assert(u);
2179
2180 /* Checks whether this unit is bound to another unit that is inactive, i.e. whether we should stop
2181 * because the other unit is down. */
2182
2183 if (unit_active_state(u) != UNIT_ACTIVE || u->job) {
2184 /* Don't clean up while the unit is transitioning or is even inactive. */
2185 if (ret_culprit)
2186 *ret_culprit = NULL;
2187 return false;
2188 }
2189
2190 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
2191 if (other->job)
2192 continue;
2193
2194 if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other))) {
2195 if (ret_culprit)
2196 *ret_culprit = other;
2197
2198 return true;
2199 }
2200 }
2201
2202 if (ret_culprit)
2203 *ret_culprit = NULL;
2204 return false;
2205 }
2206
2207 static void check_unneeded_dependencies(Unit *u) {
2208 Unit *other;
2209 assert(u);
2210
2211 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2212
2213 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_STOP_WHEN_UNNEEDED_QUEUE)
2214 unit_submit_to_stop_when_unneeded_queue(other);
2215 }
2216
2217 static void check_uphold_dependencies(Unit *u) {
2218 Unit *other;
2219 assert(u);
2220
2221 /* Add all units this unit depends on to the queue that processes Uphold= behaviour. */
2222
2223 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_START_WHEN_UPHELD_QUEUE)
2224 unit_submit_to_start_when_upheld_queue(other);
2225 }
2226
2227 static void check_bound_by_dependencies(Unit *u) {
2228 Unit *other;
2229 assert(u);
2230
2231 /* Add all units this unit depends on to the queue that processes BindsTo= stop behaviour. */
2232
2233 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_CANNOT_BE_ACTIVE_WITHOUT_QUEUE)
2234 unit_submit_to_stop_when_bound_queue(other);
2235 }
2236
2237 static void retroactively_start_dependencies(Unit *u) {
2238 Unit *other;
2239
2240 assert(u);
2241 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2242
2243 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_REPLACE) /* Requires= + BindsTo= */
2244 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
2245 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2246 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL, NULL);
2247
2248 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_FAIL) /* Wants= */
2249 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
2250 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2251 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL, NULL);
2252
2253 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_START) /* Conflicts= (and inverse) */
2254 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2255 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
2256 }
2257
2258 static void retroactively_stop_dependencies(Unit *u) {
2259 Unit *other;
2260
2261 assert(u);
2262 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2263
2264 /* Pull down units which are bound to us recursively if enabled */
2265 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_STOP) /* BoundBy= */
2266 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2267 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
2268 }
2269
2270 void unit_start_on_failure(
2271 Unit *u,
2272 const char *dependency_name,
2273 UnitDependencyAtom atom,
2274 JobMode job_mode) {
2275
2276 int n_jobs = -1;
2277 Unit *other;
2278 int r;
2279
2280 assert(u);
2281 assert(dependency_name);
2282 assert(IN_SET(atom, UNIT_ATOM_ON_SUCCESS, UNIT_ATOM_ON_FAILURE));
2283
2284 /* Act on OnFailure= and OnSuccess= dependencies */
2285
2286 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
2287 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2288
2289 if (n_jobs < 0) {
2290 log_unit_info(u, "Triggering %s dependencies.", dependency_name);
2291 n_jobs = 0;
2292 }
2293
2294 r = manager_add_job(u->manager, JOB_START, other, job_mode, NULL, &error, NULL);
2295 if (r < 0)
2296 log_unit_warning_errno(
2297 u, r, "Failed to enqueue %s job, ignoring: %s",
2298 dependency_name, bus_error_message(&error, r));
2299 n_jobs ++;
2300 }
2301
2302 if (n_jobs >= 0)
2303 log_unit_debug(u, "Triggering %s dependencies done (%i %s).",
2304 dependency_name, n_jobs, n_jobs == 1 ? "job" : "jobs");
2305 }
2306
2307 void unit_trigger_notify(Unit *u) {
2308 Unit *other;
2309
2310 assert(u);
2311
2312 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_TRIGGERED_BY)
2313 if (UNIT_VTABLE(other)->trigger_notify)
2314 UNIT_VTABLE(other)->trigger_notify(other, u);
2315 }
2316
2317 static int raise_level(int log_level, bool condition_info, bool condition_notice) {
2318 if (condition_notice && log_level > LOG_NOTICE)
2319 return LOG_NOTICE;
2320 if (condition_info && log_level > LOG_INFO)
2321 return LOG_INFO;
2322 return log_level;
2323 }
2324
2325 static int unit_log_resources(Unit *u) {
2326 struct iovec iovec[1 + 2 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + _CGROUP_IO_ACCOUNTING_METRIC_MAX + 4];
2327 bool any_traffic = false, have_ip_accounting = false, any_io = false, have_io_accounting = false;
2328 _cleanup_free_ char *igress = NULL, *egress = NULL, *rr = NULL, *wr = NULL;
2329 int log_level = LOG_DEBUG; /* May be raised if resources consumed over a threshold */
2330 size_t n_message_parts = 0, n_iovec = 0;
2331 char* message_parts[1 + 2 + 2 + 2 + 1], *t;
2332 nsec_t nsec = NSEC_INFINITY;
2333 uint64_t memory_peak = UINT64_MAX, memory_swap_peak = UINT64_MAX;
2334 int r;
2335 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2336 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2337 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2338 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2339 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2340 };
2341 const char* const io_fields[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
2342 [CGROUP_IO_READ_BYTES] = "IO_METRIC_READ_BYTES",
2343 [CGROUP_IO_WRITE_BYTES] = "IO_METRIC_WRITE_BYTES",
2344 [CGROUP_IO_READ_OPERATIONS] = "IO_METRIC_READ_OPERATIONS",
2345 [CGROUP_IO_WRITE_OPERATIONS] = "IO_METRIC_WRITE_OPERATIONS",
2346 };
2347
2348 assert(u);
2349
2350 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2351 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2352 * information and the complete data in structured fields. */
2353
2354 (void) unit_get_cpu_usage(u, &nsec);
2355 if (nsec != NSEC_INFINITY) {
2356 /* Format the CPU time for inclusion in the structured log message */
2357 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2358 r = log_oom();
2359 goto finish;
2360 }
2361 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2362
2363 /* Format the CPU time for inclusion in the human language message string */
2364 t = strjoin("consumed ", FORMAT_TIMESPAN(nsec / NSEC_PER_USEC, USEC_PER_MSEC), " CPU time");
2365 if (!t) {
2366 r = log_oom();
2367 goto finish;
2368 }
2369
2370 message_parts[n_message_parts++] = t;
2371
2372 log_level = raise_level(log_level,
2373 nsec > MENTIONWORTHY_CPU_NSEC,
2374 nsec > NOTICEWORTHY_CPU_NSEC);
2375 }
2376
2377 (void) unit_get_memory_accounting(u, CGROUP_MEMORY_PEAK, &memory_peak);
2378 if (memory_peak != UINT64_MAX) {
2379 /* Format peak memory for inclusion in the structured log message */
2380 if (asprintf(&t, "MEMORY_PEAK=%" PRIu64, memory_peak) < 0) {
2381 r = log_oom();
2382 goto finish;
2383 }
2384 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2385
2386 /* Format peak memory for inclusion in the human language message string */
2387 t = strjoin(FORMAT_BYTES(memory_peak), " memory peak");
2388 if (!t) {
2389 r = log_oom();
2390 goto finish;
2391 }
2392 message_parts[n_message_parts++] = t;
2393 }
2394
2395 (void) unit_get_memory_accounting(u, CGROUP_MEMORY_SWAP_PEAK, &memory_swap_peak);
2396 if (memory_swap_peak != UINT64_MAX) {
2397 /* Format peak swap memory for inclusion in the structured log message */
2398 if (asprintf(&t, "MEMORY_SWAP_PEAK=%" PRIu64, memory_swap_peak) < 0) {
2399 r = log_oom();
2400 goto finish;
2401 }
2402 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2403
2404 /* Format peak swap memory for inclusion in the human language message string */
2405 t = strjoin(FORMAT_BYTES(memory_swap_peak), " memory swap peak");
2406 if (!t) {
2407 r = log_oom();
2408 goto finish;
2409 }
2410 message_parts[n_message_parts++] = t;
2411 }
2412
2413 for (CGroupIOAccountingMetric k = 0; k < _CGROUP_IO_ACCOUNTING_METRIC_MAX; k++) {
2414 uint64_t value = UINT64_MAX;
2415
2416 assert(io_fields[k]);
2417
2418 (void) unit_get_io_accounting(u, k, k > 0, &value);
2419 if (value == UINT64_MAX)
2420 continue;
2421
2422 have_io_accounting = true;
2423 if (value > 0)
2424 any_io = true;
2425
2426 /* Format IO accounting data for inclusion in the structured log message */
2427 if (asprintf(&t, "%s=%" PRIu64, io_fields[k], value) < 0) {
2428 r = log_oom();
2429 goto finish;
2430 }
2431 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2432
2433 /* Format the IO accounting data for inclusion in the human language message string, but only
2434 * for the bytes counters (and not for the operations counters) */
2435 if (k == CGROUP_IO_READ_BYTES) {
2436 assert(!rr);
2437 rr = strjoin("read ", strna(FORMAT_BYTES(value)), " from disk");
2438 if (!rr) {
2439 r = log_oom();
2440 goto finish;
2441 }
2442 } else if (k == CGROUP_IO_WRITE_BYTES) {
2443 assert(!wr);
2444 wr = strjoin("written ", strna(FORMAT_BYTES(value)), " to disk");
2445 if (!wr) {
2446 r = log_oom();
2447 goto finish;
2448 }
2449 }
2450
2451 if (IN_SET(k, CGROUP_IO_READ_BYTES, CGROUP_IO_WRITE_BYTES))
2452 log_level = raise_level(log_level,
2453 value > MENTIONWORTHY_IO_BYTES,
2454 value > NOTICEWORTHY_IO_BYTES);
2455 }
2456
2457 if (have_io_accounting) {
2458 if (any_io) {
2459 if (rr)
2460 message_parts[n_message_parts++] = TAKE_PTR(rr);
2461 if (wr)
2462 message_parts[n_message_parts++] = TAKE_PTR(wr);
2463
2464 } else {
2465 char *k;
2466
2467 k = strdup("no IO");
2468 if (!k) {
2469 r = log_oom();
2470 goto finish;
2471 }
2472
2473 message_parts[n_message_parts++] = k;
2474 }
2475 }
2476
2477 for (CGroupIPAccountingMetric m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
2478 uint64_t value = UINT64_MAX;
2479
2480 assert(ip_fields[m]);
2481
2482 (void) unit_get_ip_accounting(u, m, &value);
2483 if (value == UINT64_MAX)
2484 continue;
2485
2486 have_ip_accounting = true;
2487 if (value > 0)
2488 any_traffic = true;
2489
2490 /* Format IP accounting data for inclusion in the structured log message */
2491 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2492 r = log_oom();
2493 goto finish;
2494 }
2495 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2496
2497 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2498 * bytes counters (and not for the packets counters) */
2499 if (m == CGROUP_IP_INGRESS_BYTES) {
2500 assert(!igress);
2501 igress = strjoin("received ", strna(FORMAT_BYTES(value)), " IP traffic");
2502 if (!igress) {
2503 r = log_oom();
2504 goto finish;
2505 }
2506 } else if (m == CGROUP_IP_EGRESS_BYTES) {
2507 assert(!egress);
2508 egress = strjoin("sent ", strna(FORMAT_BYTES(value)), " IP traffic");
2509 if (!egress) {
2510 r = log_oom();
2511 goto finish;
2512 }
2513 }
2514
2515 if (IN_SET(m, CGROUP_IP_INGRESS_BYTES, CGROUP_IP_EGRESS_BYTES))
2516 log_level = raise_level(log_level,
2517 value > MENTIONWORTHY_IP_BYTES,
2518 value > NOTICEWORTHY_IP_BYTES);
2519 }
2520
2521 /* This check is here because it is the earliest point following all possible log_level assignments. If
2522 * log_level is assigned anywhere after this point, move this check. */
2523 if (!unit_log_level_test(u, log_level)) {
2524 r = 0;
2525 goto finish;
2526 }
2527
2528 if (have_ip_accounting) {
2529 if (any_traffic) {
2530 if (igress)
2531 message_parts[n_message_parts++] = TAKE_PTR(igress);
2532 if (egress)
2533 message_parts[n_message_parts++] = TAKE_PTR(egress);
2534
2535 } else {
2536 char *k;
2537
2538 k = strdup("no IP traffic");
2539 if (!k) {
2540 r = log_oom();
2541 goto finish;
2542 }
2543
2544 message_parts[n_message_parts++] = k;
2545 }
2546 }
2547
2548 /* Is there any accounting data available at all? */
2549 if (n_iovec == 0) {
2550 r = 0;
2551 goto finish;
2552 }
2553
2554 if (n_message_parts == 0)
2555 t = strjoina("MESSAGE=", u->id, ": Completed.");
2556 else {
2557 _cleanup_free_ char *joined = NULL;
2558
2559 message_parts[n_message_parts] = NULL;
2560
2561 joined = strv_join(message_parts, ", ");
2562 if (!joined) {
2563 r = log_oom();
2564 goto finish;
2565 }
2566
2567 joined[0] = ascii_toupper(joined[0]);
2568 t = strjoina("MESSAGE=", u->id, ": ", joined, ".");
2569 }
2570
2571 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2572 * and hence don't increase n_iovec for them */
2573 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2574 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2575
2576 t = strjoina(u->manager->unit_log_field, u->id);
2577 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2578
2579 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2580 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2581
2582 log_unit_struct_iovec(u, log_level, iovec, n_iovec + 4);
2583 r = 0;
2584
2585 finish:
2586 free_many_charp(message_parts, n_message_parts);
2587
2588 for (size_t i = 0; i < n_iovec; i++)
2589 free(iovec[i].iov_base);
2590
2591 return r;
2592
2593 }
2594
2595 static void unit_update_on_console(Unit *u) {
2596 bool b;
2597
2598 assert(u);
2599
2600 b = unit_needs_console(u);
2601 if (u->on_console == b)
2602 return;
2603
2604 u->on_console = b;
2605 if (b)
2606 manager_ref_console(u->manager);
2607 else
2608 manager_unref_console(u->manager);
2609 }
2610
2611 static void unit_emit_audit_start(Unit *u) {
2612 assert(u);
2613
2614 if (UNIT_VTABLE(u)->audit_start_message_type <= 0)
2615 return;
2616
2617 /* Write audit record if we have just finished starting up */
2618 manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_start_message_type, /* success= */ true);
2619 u->in_audit = true;
2620 }
2621
2622 static void unit_emit_audit_stop(Unit *u, UnitActiveState state) {
2623 assert(u);
2624
2625 if (UNIT_VTABLE(u)->audit_start_message_type <= 0)
2626 return;
2627
2628 if (u->in_audit) {
2629 /* Write audit record if we have just finished shutting down */
2630 manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_stop_message_type, /* success= */ state == UNIT_INACTIVE);
2631 u->in_audit = false;
2632 } else {
2633 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2634 manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_start_message_type, /* success= */ state == UNIT_INACTIVE);
2635
2636 if (state == UNIT_INACTIVE)
2637 manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_stop_message_type, /* success= */ true);
2638 }
2639 }
2640
2641 static bool unit_process_job(Job *j, UnitActiveState ns, bool reload_success) {
2642 bool unexpected = false;
2643 JobResult result;
2644
2645 assert(j);
2646
2647 if (j->state == JOB_WAITING)
2648 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2649 * due to EAGAIN. */
2650 job_add_to_run_queue(j);
2651
2652 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2653 * hence needs to invalidate jobs. */
2654
2655 switch (j->type) {
2656
2657 case JOB_START:
2658 case JOB_VERIFY_ACTIVE:
2659
2660 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2661 job_finish_and_invalidate(j, JOB_DONE, true, false);
2662 else if (j->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2663 unexpected = true;
2664
2665 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2666 if (ns == UNIT_FAILED)
2667 result = JOB_FAILED;
2668 else
2669 result = JOB_DONE;
2670
2671 job_finish_and_invalidate(j, result, true, false);
2672 }
2673 }
2674
2675 break;
2676
2677 case JOB_RELOAD:
2678 case JOB_RELOAD_OR_START:
2679 case JOB_TRY_RELOAD:
2680
2681 if (j->state == JOB_RUNNING) {
2682 if (ns == UNIT_ACTIVE)
2683 job_finish_and_invalidate(j, reload_success ? JOB_DONE : JOB_FAILED, true, false);
2684 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2685 unexpected = true;
2686
2687 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2688 job_finish_and_invalidate(j, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2689 }
2690 }
2691
2692 break;
2693
2694 case JOB_STOP:
2695 case JOB_RESTART:
2696 case JOB_TRY_RESTART:
2697
2698 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2699 job_finish_and_invalidate(j, JOB_DONE, true, false);
2700 else if (j->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2701 unexpected = true;
2702 job_finish_and_invalidate(j, JOB_FAILED, true, false);
2703 }
2704
2705 break;
2706
2707 default:
2708 assert_not_reached();
2709 }
2710
2711 return unexpected;
2712 }
2713
2714 void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_success) {
2715 const char *reason;
2716 Manager *m;
2717
2718 assert(u);
2719 assert(os < _UNIT_ACTIVE_STATE_MAX);
2720 assert(ns < _UNIT_ACTIVE_STATE_MAX);
2721
2722 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2723 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2724 * remounted this function will be called too! */
2725
2726 m = u->manager;
2727
2728 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2729 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2730 unit_add_to_dbus_queue(u);
2731
2732 /* Update systemd-oomd on the property/state change */
2733 if (os != ns) {
2734 /* Always send an update if the unit is going into an inactive state so systemd-oomd knows to stop
2735 * monitoring.
2736 * Also send an update whenever the unit goes active; this is to handle a case where an override file
2737 * sets one of the ManagedOOM*= properties to "kill", then later removes it. systemd-oomd needs to
2738 * know to stop monitoring when the unit changes from "kill" -> "auto" on daemon-reload, but we don't
2739 * have the information on the property. Thus, indiscriminately send an update. */
2740 if (UNIT_IS_INACTIVE_OR_FAILED(ns) || UNIT_IS_ACTIVE_OR_RELOADING(ns))
2741 (void) manager_varlink_send_managed_oom_update(u);
2742 }
2743
2744 /* Update timestamps for state changes */
2745 if (!MANAGER_IS_RELOADING(m)) {
2746 dual_timestamp_now(&u->state_change_timestamp);
2747
2748 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
2749 u->inactive_exit_timestamp = u->state_change_timestamp;
2750 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
2751 u->inactive_enter_timestamp = u->state_change_timestamp;
2752
2753 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
2754 u->active_enter_timestamp = u->state_change_timestamp;
2755 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
2756 u->active_exit_timestamp = u->state_change_timestamp;
2757 }
2758
2759 /* Keep track of failed units */
2760 (void) manager_update_failed_units(m, u, ns == UNIT_FAILED);
2761
2762 /* Make sure the cgroup and state files are always removed when we become inactive */
2763 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2764 SET_FLAG(u->markers,
2765 (1u << UNIT_MARKER_NEEDS_RELOAD)|(1u << UNIT_MARKER_NEEDS_RESTART),
2766 false);
2767 unit_prune_cgroup(u);
2768 unit_unlink_state_files(u);
2769 } else if (ns != os && ns == UNIT_RELOADING)
2770 SET_FLAG(u->markers, 1u << UNIT_MARKER_NEEDS_RELOAD, false);
2771
2772 unit_update_on_console(u);
2773
2774 if (!MANAGER_IS_RELOADING(m)) {
2775 bool unexpected;
2776
2777 /* Let's propagate state changes to the job */
2778 if (u->job)
2779 unexpected = unit_process_job(u->job, ns, reload_success);
2780 else
2781 unexpected = true;
2782
2783 /* If this state change happened without being requested by a job, then let's retroactively start or
2784 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2785 * additional jobs just because something is already activated. */
2786
2787 if (unexpected) {
2788 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2789 retroactively_start_dependencies(u);
2790 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2791 retroactively_stop_dependencies(u);
2792 }
2793
2794 if (ns != os && ns == UNIT_FAILED) {
2795 log_unit_debug(u, "Unit entered failed state.");
2796 unit_start_on_failure(u, "OnFailure=", UNIT_ATOM_ON_FAILURE, u->on_failure_job_mode);
2797 }
2798
2799 if (UNIT_IS_ACTIVE_OR_RELOADING(ns) && !UNIT_IS_ACTIVE_OR_RELOADING(os)) {
2800 /* This unit just finished starting up */
2801
2802 unit_emit_audit_start(u);
2803 manager_send_unit_plymouth(m, u);
2804 }
2805
2806 if (UNIT_IS_INACTIVE_OR_FAILED(ns) && !UNIT_IS_INACTIVE_OR_FAILED(os)) {
2807 /* This unit just stopped/failed. */
2808
2809 unit_emit_audit_stop(u, ns);
2810 unit_log_resources(u);
2811 }
2812
2813 if (ns == UNIT_INACTIVE && !IN_SET(os, UNIT_FAILED, UNIT_INACTIVE, UNIT_MAINTENANCE))
2814 unit_start_on_failure(u, "OnSuccess=", UNIT_ATOM_ON_SUCCESS, u->on_success_job_mode);
2815 }
2816
2817 manager_recheck_journal(m);
2818 manager_recheck_dbus(m);
2819
2820 unit_trigger_notify(u);
2821
2822 if (!MANAGER_IS_RELOADING(m)) {
2823 if (os != UNIT_FAILED && ns == UNIT_FAILED) {
2824 reason = strjoina("unit ", u->id, " failed");
2825 emergency_action(m, u->failure_action, 0, u->reboot_arg, unit_failure_action_exit_status(u), reason);
2826 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE) {
2827 reason = strjoina("unit ", u->id, " succeeded");
2828 emergency_action(m, u->success_action, 0, u->reboot_arg, unit_success_action_exit_status(u), reason);
2829 }
2830 }
2831
2832 /* And now, add the unit or depending units to various queues that will act on the new situation if
2833 * needed. These queues generally check for continuous state changes rather than events (like most of
2834 * the state propagation above), and do work deferred instead of instantly, since they typically
2835 * don't want to run during reloading, and usually involve checking combined state of multiple units
2836 * at once. */
2837
2838 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2839 /* Stop unneeded units and bound-by units regardless if going down was expected or not */
2840 check_unneeded_dependencies(u);
2841 check_bound_by_dependencies(u);
2842
2843 /* Maybe someone wants us to remain up? */
2844 unit_submit_to_start_when_upheld_queue(u);
2845
2846 /* Maybe the unit should be GC'ed now? */
2847 unit_add_to_gc_queue(u);
2848
2849 /* Maybe we can release some resources now? */
2850 unit_submit_to_release_resources_queue(u);
2851 }
2852
2853 if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
2854 /* Start uphold units regardless if going up was expected or not */
2855 check_uphold_dependencies(u);
2856
2857 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2858 unit_submit_to_stop_when_unneeded_queue(u);
2859
2860 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens
2861 * when something BindsTo= to a Type=oneshot unit, as these units go directly from starting to
2862 * inactive, without ever entering started.) */
2863 unit_submit_to_stop_when_bound_queue(u);
2864 }
2865 }
2866
2867 int unit_watch_pidref(Unit *u, PidRef *pid, bool exclusive) {
2868 _cleanup_(pidref_freep) PidRef *pid_dup = NULL;
2869 int r;
2870
2871 /* Adds a specific PID to the set of PIDs this unit watches. */
2872
2873 assert(u);
2874 assert(pidref_is_set(pid));
2875
2876 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2877 * opportunity to remove any stalled references to this PID as they can be created
2878 * easily (when watching a process which is not our direct child). */
2879 if (exclusive)
2880 manager_unwatch_pidref(u->manager, pid);
2881
2882 if (set_contains(u->pids, pid)) /* early exit if already being watched */
2883 return 0;
2884
2885 r = pidref_dup(pid, &pid_dup);
2886 if (r < 0)
2887 return r;
2888
2889 /* First, insert into the set of PIDs maintained by the unit */
2890 r = set_ensure_put(&u->pids, &pidref_hash_ops_free, pid_dup);
2891 if (r < 0)
2892 return r;
2893
2894 pid = TAKE_PTR(pid_dup); /* continue with our copy now that we have installed it properly in our set */
2895
2896 /* Second, insert it into the simple global table, see if that works */
2897 r = hashmap_ensure_put(&u->manager->watch_pids, &pidref_hash_ops_free, pid, u);
2898 if (r != -EEXIST)
2899 return r;
2900
2901 /* OK, the key is already assigned to a different unit. That's fine, then add us via the second
2902 * hashmap that points to an array. */
2903
2904 PidRef *old_pid = NULL;
2905 Unit **array = hashmap_get2(u->manager->watch_pids_more, pid, (void**) &old_pid);
2906
2907 /* Count entries in array */
2908 size_t n = 0;
2909 for (; array && array[n]; n++)
2910 ;
2911
2912 /* Allocate a new array */
2913 _cleanup_free_ Unit **new_array = new(Unit*, n + 2);
2914 if (!new_array)
2915 return -ENOMEM;
2916
2917 /* Append us to the end */
2918 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2919 new_array[n] = u;
2920 new_array[n+1] = NULL;
2921
2922 /* Make sure the hashmap is allocated */
2923 r = hashmap_ensure_allocated(&u->manager->watch_pids_more, &pidref_hash_ops_free);
2924 if (r < 0)
2925 return r;
2926
2927 /* Add or replace the old array */
2928 r = hashmap_replace(u->manager->watch_pids_more, old_pid ?: pid, new_array);
2929 if (r < 0)
2930 return r;
2931
2932 TAKE_PTR(new_array); /* Now part of the hash table */
2933 free(array); /* Which means we can now delete the old version */
2934 return 0;
2935 }
2936
2937 int unit_watch_pid(Unit *u, pid_t pid, bool exclusive) {
2938 _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
2939 int r;
2940
2941 assert(u);
2942 assert(pid_is_valid(pid));
2943
2944 r = pidref_set_pid(&pidref, pid);
2945 if (r < 0)
2946 return r;
2947
2948 return unit_watch_pidref(u, &pidref, exclusive);
2949 }
2950
2951 void unit_unwatch_pidref(Unit *u, PidRef *pid) {
2952 assert(u);
2953 assert(pidref_is_set(pid));
2954
2955 /* Remove from the set we maintain for this unit. (And destroy the returned pid eventually) */
2956 _cleanup_(pidref_freep) PidRef *pid1 = set_remove(u->pids, pid);
2957 if (!pid1)
2958 return; /* Early exit if this PID was never watched by us */
2959
2960 /* First let's drop the unit from the simple hash table, if it is included there */
2961 PidRef *pid2 = NULL;
2962 Unit *uu = hashmap_get2(u->manager->watch_pids, pid, (void**) &pid2);
2963
2964 /* Quick validation: iff we are in the watch_pids table then the PidRef object must be the same as in our local pids set */
2965 assert((uu == u) == (pid1 == pid2));
2966
2967 if (uu == u)
2968 /* OK, we are in the first table. Let's remove it there then, and we are done already. */
2969 assert_se(hashmap_remove_value(u->manager->watch_pids, pid2, uu));
2970 else {
2971 /* We weren't in the first table, then let's consult the 2nd table that points to an array */
2972 PidRef *pid3 = NULL;
2973 Unit **array = hashmap_get2(u->manager->watch_pids_more, pid, (void**) &pid3);
2974
2975 /* Let's iterate through the array, dropping our own entry */
2976 size_t m = 0, n = 0;
2977 for (; array && array[n]; n++)
2978 if (array[n] != u)
2979 array[m++] = array[n];
2980 if (n == m)
2981 return; /* Not there */
2982
2983 array[m] = NULL; /* set trailing NULL marker on the new end */
2984
2985 if (m == 0) {
2986 /* The array is now empty, remove the entire entry */
2987 assert_se(hashmap_remove_value(u->manager->watch_pids_more, pid3, array));
2988 free(array);
2989 } else {
2990 /* The array is not empty, but let's make sure the entry is not keyed by the PidRef
2991 * we will delete, but by the PidRef object of the Unit that is now first in the
2992 * array. */
2993
2994 PidRef *new_pid3 = ASSERT_PTR(set_get(array[0]->pids, pid));
2995 assert_se(hashmap_replace(u->manager->watch_pids_more, new_pid3, array) >= 0);
2996 }
2997 }
2998 }
2999
3000 void unit_unwatch_pid(Unit *u, pid_t pid) {
3001 return unit_unwatch_pidref(u, &PIDREF_MAKE_FROM_PID(pid));
3002 }
3003
3004 void unit_unwatch_all_pids(Unit *u) {
3005 assert(u);
3006
3007 while (!set_isempty(u->pids))
3008 unit_unwatch_pidref(u, set_first(u->pids));
3009
3010 u->pids = set_free(u->pids);
3011 }
3012
3013 static void unit_tidy_watch_pids(Unit *u) {
3014 PidRef *except1, *except2, *e;
3015
3016 assert(u);
3017
3018 /* Cleans dead PIDs from our list */
3019
3020 except1 = unit_main_pid(u);
3021 except2 = unit_control_pid(u);
3022
3023 SET_FOREACH(e, u->pids) {
3024 if (pidref_equal(except1, e) || pidref_equal(except2, e))
3025 continue;
3026
3027 if (pidref_is_unwaited(e) <= 0)
3028 unit_unwatch_pidref(u, e);
3029 }
3030 }
3031
3032 static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
3033 Unit *u = ASSERT_PTR(userdata);
3034
3035 assert(s);
3036
3037 unit_tidy_watch_pids(u);
3038 unit_watch_all_pids(u);
3039
3040 /* If the PID set is empty now, then let's finish this off. */
3041 unit_synthesize_cgroup_empty_event(u);
3042
3043 return 0;
3044 }
3045
3046 int unit_enqueue_rewatch_pids(Unit *u) {
3047 int r;
3048
3049 assert(u);
3050
3051 if (!u->cgroup_path)
3052 return -ENOENT;
3053
3054 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
3055 if (r < 0)
3056 return r;
3057 if (r > 0) /* On unified we can use proper notifications */
3058 return 0;
3059
3060 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
3061 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
3062 * involves issuing kill(pid, 0) on all processes we watch. */
3063
3064 if (!u->rewatch_pids_event_source) {
3065 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
3066
3067 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
3068 if (r < 0)
3069 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
3070
3071 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
3072 if (r < 0)
3073 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: %m");
3074
3075 (void) sd_event_source_set_description(s, "tidy-watch-pids");
3076
3077 u->rewatch_pids_event_source = TAKE_PTR(s);
3078 }
3079
3080 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
3081 if (r < 0)
3082 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
3083
3084 return 0;
3085 }
3086
3087 void unit_dequeue_rewatch_pids(Unit *u) {
3088 int r;
3089 assert(u);
3090
3091 if (!u->rewatch_pids_event_source)
3092 return;
3093
3094 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
3095 if (r < 0)
3096 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
3097
3098 u->rewatch_pids_event_source = sd_event_source_disable_unref(u->rewatch_pids_event_source);
3099 }
3100
3101 bool unit_job_is_applicable(Unit *u, JobType j) {
3102 assert(u);
3103 assert(j >= 0 && j < _JOB_TYPE_MAX);
3104
3105 switch (j) {
3106
3107 case JOB_VERIFY_ACTIVE:
3108 case JOB_START:
3109 case JOB_NOP:
3110 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
3111 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
3112 * jobs for it. */
3113 return true;
3114
3115 case JOB_STOP:
3116 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
3117 * external events), hence it makes no sense to permit enqueuing such a request either. */
3118 return !u->perpetual;
3119
3120 case JOB_RESTART:
3121 case JOB_TRY_RESTART:
3122 return unit_can_stop(u) && unit_can_start(u);
3123
3124 case JOB_RELOAD:
3125 case JOB_TRY_RELOAD:
3126 return unit_can_reload(u);
3127
3128 case JOB_RELOAD_OR_START:
3129 return unit_can_reload(u) && unit_can_start(u);
3130
3131 default:
3132 assert_not_reached();
3133 }
3134 }
3135
3136 static Hashmap *unit_get_dependency_hashmap_per_type(Unit *u, UnitDependency d) {
3137 Hashmap *deps;
3138
3139 assert(u);
3140 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
3141
3142 deps = hashmap_get(u->dependencies, UNIT_DEPENDENCY_TO_PTR(d));
3143 if (!deps) {
3144 _cleanup_hashmap_free_ Hashmap *h = NULL;
3145
3146 h = hashmap_new(NULL);
3147 if (!h)
3148 return NULL;
3149
3150 if (hashmap_ensure_put(&u->dependencies, NULL, UNIT_DEPENDENCY_TO_PTR(d), h) < 0)
3151 return NULL;
3152
3153 deps = TAKE_PTR(h);
3154 }
3155
3156 return deps;
3157 }
3158
3159 typedef enum NotifyDependencyFlags {
3160 NOTIFY_DEPENDENCY_UPDATE_FROM = 1 << 0,
3161 NOTIFY_DEPENDENCY_UPDATE_TO = 1 << 1,
3162 } NotifyDependencyFlags;
3163
3164 static int unit_add_dependency_impl(
3165 Unit *u,
3166 UnitDependency d,
3167 Unit *other,
3168 UnitDependencyMask mask) {
3169
3170 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
3171 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
3172 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
3173 [UNIT_WANTS] = UNIT_WANTED_BY,
3174 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
3175 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
3176 [UNIT_UPHOLDS] = UNIT_UPHELD_BY,
3177 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
3178 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
3179 [UNIT_WANTED_BY] = UNIT_WANTS,
3180 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
3181 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
3182 [UNIT_UPHELD_BY] = UNIT_UPHOLDS,
3183 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
3184 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
3185 [UNIT_BEFORE] = UNIT_AFTER,
3186 [UNIT_AFTER] = UNIT_BEFORE,
3187 [UNIT_ON_SUCCESS] = UNIT_ON_SUCCESS_OF,
3188 [UNIT_ON_SUCCESS_OF] = UNIT_ON_SUCCESS,
3189 [UNIT_ON_FAILURE] = UNIT_ON_FAILURE_OF,
3190 [UNIT_ON_FAILURE_OF] = UNIT_ON_FAILURE,
3191 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
3192 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
3193 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
3194 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
3195 [UNIT_PROPAGATES_STOP_TO] = UNIT_STOP_PROPAGATED_FROM,
3196 [UNIT_STOP_PROPAGATED_FROM] = UNIT_PROPAGATES_STOP_TO,
3197 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF, /* symmetric! 👓 */
3198 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
3199 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
3200 [UNIT_IN_SLICE] = UNIT_SLICE_OF,
3201 [UNIT_SLICE_OF] = UNIT_IN_SLICE,
3202 };
3203
3204 Hashmap *u_deps, *other_deps;
3205 UnitDependencyInfo u_info, u_info_old, other_info, other_info_old;
3206 NotifyDependencyFlags flags = 0;
3207 int r;
3208
3209 assert(u);
3210 assert(other);
3211 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
3212 assert(inverse_table[d] >= 0 && inverse_table[d] < _UNIT_DEPENDENCY_MAX);
3213 assert(mask > 0 && mask < _UNIT_DEPENDENCY_MASK_FULL);
3214
3215 /* Ensure the following two hashmaps for each unit exist:
3216 * - the top-level dependency hashmap that maps UnitDependency → Hashmap(Unit* → UnitDependencyInfo),
3217 * - the inner hashmap, that maps Unit* → UnitDependencyInfo, for the specified dependency type. */
3218 u_deps = unit_get_dependency_hashmap_per_type(u, d);
3219 if (!u_deps)
3220 return -ENOMEM;
3221
3222 other_deps = unit_get_dependency_hashmap_per_type(other, inverse_table[d]);
3223 if (!other_deps)
3224 return -ENOMEM;
3225
3226 /* Save the original dependency info. */
3227 u_info.data = u_info_old.data = hashmap_get(u_deps, other);
3228 other_info.data = other_info_old.data = hashmap_get(other_deps, u);
3229
3230 /* Update dependency info. */
3231 u_info.origin_mask |= mask;
3232 other_info.destination_mask |= mask;
3233
3234 /* Save updated dependency info. */
3235 if (u_info.data != u_info_old.data) {
3236 r = hashmap_replace(u_deps, other, u_info.data);
3237 if (r < 0)
3238 return r;
3239
3240 flags = NOTIFY_DEPENDENCY_UPDATE_FROM;
3241 }
3242
3243 if (other_info.data != other_info_old.data) {
3244 r = hashmap_replace(other_deps, u, other_info.data);
3245 if (r < 0) {
3246 if (u_info.data != u_info_old.data) {
3247 /* Restore the old dependency. */
3248 if (u_info_old.data)
3249 (void) hashmap_update(u_deps, other, u_info_old.data);
3250 else
3251 hashmap_remove(u_deps, other);
3252 }
3253 return r;
3254 }
3255
3256 flags |= NOTIFY_DEPENDENCY_UPDATE_TO;
3257 }
3258
3259 return flags;
3260 }
3261
3262 int unit_add_dependency(
3263 Unit *u,
3264 UnitDependency d,
3265 Unit *other,
3266 bool add_reference,
3267 UnitDependencyMask mask) {
3268
3269 UnitDependencyAtom a;
3270 int r;
3271
3272 /* Helper to know whether sending a notification is necessary or not: if the dependency is already
3273 * there, no need to notify! */
3274 NotifyDependencyFlags notify_flags;
3275
3276 assert(u);
3277 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
3278 assert(other);
3279
3280 u = unit_follow_merge(u);
3281 other = unit_follow_merge(other);
3282 a = unit_dependency_to_atom(d);
3283 assert(a >= 0);
3284
3285 /* We won't allow dependencies on ourselves. We will not consider them an error however. */
3286 if (u == other) {
3287 if (unit_should_warn_about_dependency(d))
3288 log_unit_warning(u, "Dependency %s=%s is dropped.",
3289 unit_dependency_to_string(d), u->id);
3290 return 0;
3291 }
3292
3293 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3294 return 0;
3295
3296 /* Note that ordering a device unit after a unit is permitted since it allows to start its job
3297 * running timeout at a specific time. */
3298 if (FLAGS_SET(a, UNIT_ATOM_BEFORE) && other->type == UNIT_DEVICE) {
3299 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
3300 return 0;
3301 }
3302
3303 if (FLAGS_SET(a, UNIT_ATOM_ON_FAILURE) && !UNIT_VTABLE(u)->can_fail) {
3304 log_unit_warning(u, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other->id, unit_type_to_string(u->type));
3305 return 0;
3306 }
3307
3308 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERS) && !UNIT_VTABLE(u)->can_trigger)
3309 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3310 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(u->type));
3311 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERED_BY) && !UNIT_VTABLE(other)->can_trigger)
3312 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3313 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(other->type));
3314
3315 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && other->type != UNIT_SLICE)
3316 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3317 "Requested dependency Slice=%s refused (%s is not a slice unit).", other->id, other->id);
3318 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && u->type != UNIT_SLICE)
3319 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3320 "Requested dependency SliceOf=%s refused (%s is not a slice unit).", other->id, u->id);
3321
3322 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && !UNIT_HAS_CGROUP_CONTEXT(u))
3323 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3324 "Requested dependency Slice=%s refused (%s is not a cgroup unit).", other->id, u->id);
3325
3326 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && !UNIT_HAS_CGROUP_CONTEXT(other))
3327 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3328 "Requested dependency SliceOf=%s refused (%s is not a cgroup unit).", other->id, other->id);
3329
3330 r = unit_add_dependency_impl(u, d, other, mask);
3331 if (r < 0)
3332 return r;
3333 notify_flags = r;
3334
3335 if (add_reference) {
3336 r = unit_add_dependency_impl(u, UNIT_REFERENCES, other, mask);
3337 if (r < 0)
3338 return r;
3339 notify_flags |= r;
3340 }
3341
3342 if (FLAGS_SET(notify_flags, NOTIFY_DEPENDENCY_UPDATE_FROM))
3343 unit_add_to_dbus_queue(u);
3344 if (FLAGS_SET(notify_flags, NOTIFY_DEPENDENCY_UPDATE_TO))
3345 unit_add_to_dbus_queue(other);
3346
3347 return notify_flags != 0;
3348 }
3349
3350 int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
3351 int r = 0, s = 0;
3352
3353 assert(u);
3354 assert(d >= 0 || e >= 0);
3355
3356 if (d >= 0) {
3357 r = unit_add_dependency(u, d, other, add_reference, mask);
3358 if (r < 0)
3359 return r;
3360 }
3361
3362 if (e >= 0) {
3363 s = unit_add_dependency(u, e, other, add_reference, mask);
3364 if (s < 0)
3365 return s;
3366 }
3367
3368 return r > 0 || s > 0;
3369 }
3370
3371 static int resolve_template(Unit *u, const char *name, char **buf, const char **ret) {
3372 int r;
3373
3374 assert(u);
3375 assert(name);
3376 assert(buf);
3377 assert(ret);
3378
3379 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
3380 *buf = NULL;
3381 *ret = name;
3382 return 0;
3383 }
3384
3385 if (u->instance)
3386 r = unit_name_replace_instance(name, u->instance, buf);
3387 else {
3388 _cleanup_free_ char *i = NULL;
3389
3390 r = unit_name_to_prefix(u->id, &i);
3391 if (r < 0)
3392 return r;
3393
3394 r = unit_name_replace_instance(name, i, buf);
3395 }
3396 if (r < 0)
3397 return r;
3398
3399 *ret = *buf;
3400 return 0;
3401 }
3402
3403 int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, bool add_reference, UnitDependencyMask mask) {
3404 _cleanup_free_ char *buf = NULL;
3405 Unit *other;
3406 int r;
3407
3408 assert(u);
3409 assert(name);
3410
3411 r = resolve_template(u, name, &buf, &name);
3412 if (r < 0)
3413 return r;
3414
3415 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3416 return 0;
3417
3418 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3419 if (r < 0)
3420 return r;
3421
3422 return unit_add_dependency(u, d, other, add_reference, mask);
3423 }
3424
3425 int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, bool add_reference, UnitDependencyMask mask) {
3426 _cleanup_free_ char *buf = NULL;
3427 Unit *other;
3428 int r;
3429
3430 assert(u);
3431 assert(name);
3432
3433 r = resolve_template(u, name, &buf, &name);
3434 if (r < 0)
3435 return r;
3436
3437 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3438 return 0;
3439
3440 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3441 if (r < 0)
3442 return r;
3443
3444 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
3445 }
3446
3447 int set_unit_path(const char *p) {
3448 /* This is mostly for debug purposes */
3449 return RET_NERRNO(setenv("SYSTEMD_UNIT_PATH", p, 1));
3450 }
3451
3452 char *unit_dbus_path(Unit *u) {
3453 assert(u);
3454
3455 if (!u->id)
3456 return NULL;
3457
3458 return unit_dbus_path_from_name(u->id);
3459 }
3460
3461 char *unit_dbus_path_invocation_id(Unit *u) {
3462 assert(u);
3463
3464 if (sd_id128_is_null(u->invocation_id))
3465 return NULL;
3466
3467 return unit_dbus_path_from_name(u->invocation_id_string);
3468 }
3469
3470 int unit_set_invocation_id(Unit *u, sd_id128_t id) {
3471 int r;
3472
3473 assert(u);
3474
3475 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
3476
3477 if (sd_id128_equal(u->invocation_id, id))
3478 return 0;
3479
3480 if (!sd_id128_is_null(u->invocation_id))
3481 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
3482
3483 if (sd_id128_is_null(id)) {
3484 r = 0;
3485 goto reset;
3486 }
3487
3488 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
3489 if (r < 0)
3490 goto reset;
3491
3492 u->invocation_id = id;
3493 sd_id128_to_string(id, u->invocation_id_string);
3494
3495 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
3496 if (r < 0)
3497 goto reset;
3498
3499 return 0;
3500
3501 reset:
3502 u->invocation_id = SD_ID128_NULL;
3503 u->invocation_id_string[0] = 0;
3504 return r;
3505 }
3506
3507 int unit_set_slice(Unit *u, Unit *slice) {
3508 int r;
3509
3510 assert(u);
3511 assert(slice);
3512
3513 /* Sets the unit slice if it has not been set before. Is extra careful, to only allow this for units
3514 * that actually have a cgroup context. Also, we don't allow to set this for slices (since the parent
3515 * slice is derived from the name). Make sure the unit we set is actually a slice. */
3516
3517 if (!UNIT_HAS_CGROUP_CONTEXT(u))
3518 return -EOPNOTSUPP;
3519
3520 if (u->type == UNIT_SLICE)
3521 return -EINVAL;
3522
3523 if (unit_active_state(u) != UNIT_INACTIVE)
3524 return -EBUSY;
3525
3526 if (slice->type != UNIT_SLICE)
3527 return -EINVAL;
3528
3529 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3530 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3531 return -EPERM;
3532
3533 if (UNIT_GET_SLICE(u) == slice)
3534 return 0;
3535
3536 /* Disallow slice changes if @u is already bound to cgroups */
3537 if (UNIT_GET_SLICE(u) && u->cgroup_realized)
3538 return -EBUSY;
3539
3540 /* Remove any slices assigned prior; we should only have one UNIT_IN_SLICE dependency */
3541 if (UNIT_GET_SLICE(u))
3542 unit_remove_dependencies(u, UNIT_DEPENDENCY_SLICE_PROPERTY);
3543
3544 r = unit_add_dependency(u, UNIT_IN_SLICE, slice, true, UNIT_DEPENDENCY_SLICE_PROPERTY);
3545 if (r < 0)
3546 return r;
3547
3548 return 1;
3549 }
3550
3551 int unit_set_default_slice(Unit *u) {
3552 const char *slice_name;
3553 Unit *slice;
3554 int r;
3555
3556 assert(u);
3557
3558 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3559 return 0;
3560
3561 if (UNIT_GET_SLICE(u))
3562 return 0;
3563
3564 if (u->instance) {
3565 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
3566
3567 /* Implicitly place all instantiated units in their
3568 * own per-template slice */
3569
3570 r = unit_name_to_prefix(u->id, &prefix);
3571 if (r < 0)
3572 return r;
3573
3574 /* The prefix is already escaped, but it might include
3575 * "-" which has a special meaning for slice units,
3576 * hence escape it here extra. */
3577 escaped = unit_name_escape(prefix);
3578 if (!escaped)
3579 return -ENOMEM;
3580
3581 if (MANAGER_IS_SYSTEM(u->manager))
3582 slice_name = strjoina("system-", escaped, ".slice");
3583 else
3584 slice_name = strjoina("app-", escaped, ".slice");
3585
3586 } else if (unit_is_extrinsic(u))
3587 /* Keep all extrinsic units (e.g. perpetual units and swap and mount units in user mode) in
3588 * the root slice. They don't really belong in one of the subslices. */
3589 slice_name = SPECIAL_ROOT_SLICE;
3590
3591 else if (MANAGER_IS_SYSTEM(u->manager))
3592 slice_name = SPECIAL_SYSTEM_SLICE;
3593 else
3594 slice_name = SPECIAL_APP_SLICE;
3595
3596 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
3597 if (r < 0)
3598 return r;
3599
3600 return unit_set_slice(u, slice);
3601 }
3602
3603 const char *unit_slice_name(Unit *u) {
3604 Unit *slice;
3605 assert(u);
3606
3607 slice = UNIT_GET_SLICE(u);
3608 if (!slice)
3609 return NULL;
3610
3611 return slice->id;
3612 }
3613
3614 int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
3615 _cleanup_free_ char *t = NULL;
3616 int r;
3617
3618 assert(u);
3619 assert(type);
3620 assert(_found);
3621
3622 r = unit_name_change_suffix(u->id, type, &t);
3623 if (r < 0)
3624 return r;
3625 if (unit_has_name(u, t))
3626 return -EINVAL;
3627
3628 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
3629 assert(r < 0 || *_found != u);
3630 return r;
3631 }
3632
3633 static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3634 const char *new_owner;
3635 Unit *u = ASSERT_PTR(userdata);
3636 int r;
3637
3638 assert(message);
3639
3640 r = sd_bus_message_read(message, "sss", NULL, NULL, &new_owner);
3641 if (r < 0) {
3642 bus_log_parse_error(r);
3643 return 0;
3644 }
3645
3646 if (UNIT_VTABLE(u)->bus_name_owner_change)
3647 UNIT_VTABLE(u)->bus_name_owner_change(u, empty_to_null(new_owner));
3648
3649 return 0;
3650 }
3651
3652 static int get_name_owner_handler(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3653 const sd_bus_error *e;
3654 const char *new_owner;
3655 Unit *u = ASSERT_PTR(userdata);
3656 int r;
3657
3658 assert(message);
3659
3660 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3661
3662 e = sd_bus_message_get_error(message);
3663 if (e) {
3664 if (!sd_bus_error_has_name(e, SD_BUS_ERROR_NAME_HAS_NO_OWNER)) {
3665 r = sd_bus_error_get_errno(e);
3666 log_unit_error_errno(u, r,
3667 "Unexpected error response from GetNameOwner(): %s",
3668 bus_error_message(e, r));
3669 }
3670
3671 new_owner = NULL;
3672 } else {
3673 r = sd_bus_message_read(message, "s", &new_owner);
3674 if (r < 0)
3675 return bus_log_parse_error(r);
3676
3677 assert(!isempty(new_owner));
3678 }
3679
3680 if (UNIT_VTABLE(u)->bus_name_owner_change)
3681 UNIT_VTABLE(u)->bus_name_owner_change(u, new_owner);
3682
3683 return 0;
3684 }
3685
3686 int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3687 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
3688 const char *match;
3689 usec_t timeout_usec = 0;
3690 int r;
3691
3692 assert(u);
3693 assert(bus);
3694 assert(name);
3695
3696 if (u->match_bus_slot || u->get_name_owner_slot)
3697 return -EBUSY;
3698
3699 /* NameOwnerChanged and GetNameOwner is used to detect when a service finished starting up. The dbus
3700 * call timeout shouldn't be earlier than that. If we couldn't get the start timeout, use the default
3701 * value defined above. */
3702 if (UNIT_VTABLE(u)->get_timeout_start_usec)
3703 timeout_usec = UNIT_VTABLE(u)->get_timeout_start_usec(u);
3704
3705 match = strjoina("type='signal',"
3706 "sender='org.freedesktop.DBus',"
3707 "path='/org/freedesktop/DBus',"
3708 "interface='org.freedesktop.DBus',"
3709 "member='NameOwnerChanged',"
3710 "arg0='", name, "'");
3711
3712 r = bus_add_match_full(
3713 bus,
3714 &u->match_bus_slot,
3715 true,
3716 match,
3717 signal_name_owner_changed,
3718 NULL,
3719 u,
3720 timeout_usec);
3721 if (r < 0)
3722 return r;
3723
3724 r = sd_bus_message_new_method_call(
3725 bus,
3726 &m,
3727 "org.freedesktop.DBus",
3728 "/org/freedesktop/DBus",
3729 "org.freedesktop.DBus",
3730 "GetNameOwner");
3731 if (r < 0)
3732 return r;
3733
3734 r = sd_bus_message_append(m, "s", name);
3735 if (r < 0)
3736 return r;
3737
3738 r = sd_bus_call_async(
3739 bus,
3740 &u->get_name_owner_slot,
3741 m,
3742 get_name_owner_handler,
3743 u,
3744 timeout_usec);
3745
3746 if (r < 0) {
3747 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3748 return r;
3749 }
3750
3751 log_unit_debug(u, "Watching D-Bus name '%s'.", name);
3752 return 0;
3753 }
3754
3755 int unit_watch_bus_name(Unit *u, const char *name) {
3756 int r;
3757
3758 assert(u);
3759 assert(name);
3760
3761 /* Watch a specific name on the bus. We only support one unit
3762 * watching each name for now. */
3763
3764 if (u->manager->api_bus) {
3765 /* If the bus is already available, install the match directly.
3766 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3767 r = unit_install_bus_match(u, u->manager->api_bus, name);
3768 if (r < 0)
3769 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
3770 }
3771
3772 r = hashmap_put(u->manager->watch_bus, name, u);
3773 if (r < 0) {
3774 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3775 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3776 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3777 }
3778
3779 return 0;
3780 }
3781
3782 void unit_unwatch_bus_name(Unit *u, const char *name) {
3783 assert(u);
3784 assert(name);
3785
3786 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
3787 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3788 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3789 }
3790
3791 int unit_add_node_dependency(Unit *u, const char *what, UnitDependency dep, UnitDependencyMask mask) {
3792 _cleanup_free_ char *e = NULL;
3793 Unit *device;
3794 int r;
3795
3796 assert(u);
3797
3798 /* Adds in links to the device node that this unit is based on */
3799 if (isempty(what))
3800 return 0;
3801
3802 if (!is_device_path(what))
3803 return 0;
3804
3805 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
3806 if (!unit_type_supported(UNIT_DEVICE))
3807 return 0;
3808
3809 r = unit_name_from_path(what, ".device", &e);
3810 if (r < 0)
3811 return r;
3812
3813 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
3814 if (r < 0)
3815 return r;
3816
3817 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3818 dep = UNIT_BINDS_TO;
3819
3820 return unit_add_two_dependencies(u, UNIT_AFTER,
3821 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3822 device, true, mask);
3823 }
3824
3825 int unit_add_blockdev_dependency(Unit *u, const char *what, UnitDependencyMask mask) {
3826 _cleanup_free_ char *escaped = NULL, *target = NULL;
3827 int r;
3828
3829 assert(u);
3830
3831 if (isempty(what))
3832 return 0;
3833
3834 if (!path_startswith(what, "/dev/"))
3835 return 0;
3836
3837 /* If we don't support devices, then also don't bother with blockdev@.target */
3838 if (!unit_type_supported(UNIT_DEVICE))
3839 return 0;
3840
3841 r = unit_name_path_escape(what, &escaped);
3842 if (r < 0)
3843 return r;
3844
3845 r = unit_name_build("blockdev", escaped, ".target", &target);
3846 if (r < 0)
3847 return r;
3848
3849 return unit_add_dependency_by_name(u, UNIT_AFTER, target, true, mask);
3850 }
3851
3852 int unit_coldplug(Unit *u) {
3853 int r = 0;
3854
3855 assert(u);
3856
3857 /* Make sure we don't enter a loop, when coldplugging recursively. */
3858 if (u->coldplugged)
3859 return 0;
3860
3861 u->coldplugged = true;
3862
3863 STRV_FOREACH(i, u->deserialized_refs)
3864 RET_GATHER(r, bus_unit_track_add_name(u, *i));
3865
3866 u->deserialized_refs = strv_free(u->deserialized_refs);
3867
3868 if (UNIT_VTABLE(u)->coldplug)
3869 RET_GATHER(r, UNIT_VTABLE(u)->coldplug(u));
3870
3871 if (u->job)
3872 RET_GATHER(r, job_coldplug(u->job));
3873 if (u->nop_job)
3874 RET_GATHER(r, job_coldplug(u->nop_job));
3875
3876 unit_modify_nft_set(u, /* add = */ true);
3877 return r;
3878 }
3879
3880 void unit_catchup(Unit *u) {
3881 assert(u);
3882
3883 if (UNIT_VTABLE(u)->catchup)
3884 UNIT_VTABLE(u)->catchup(u);
3885
3886 unit_cgroup_catchup(u);
3887 }
3888
3889 static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
3890 struct stat st;
3891
3892 if (!path)
3893 return false;
3894
3895 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3896 * are never out-of-date. */
3897 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3898 return false;
3899
3900 if (stat(path, &st) < 0)
3901 /* What, cannot access this anymore? */
3902 return true;
3903
3904 if (path_masked)
3905 /* For masked files check if they are still so */
3906 return !null_or_empty(&st);
3907 else
3908 /* For non-empty files check the mtime */
3909 return timespec_load(&st.st_mtim) > mtime;
3910
3911 return false;
3912 }
3913
3914 bool unit_need_daemon_reload(Unit *u) {
3915 _cleanup_strv_free_ char **dropins = NULL;
3916
3917 assert(u);
3918 assert(u->manager);
3919
3920 if (u->manager->unit_file_state_outdated)
3921 return true;
3922
3923 /* For unit files, we allow masking… */
3924 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3925 u->load_state == UNIT_MASKED))
3926 return true;
3927
3928 /* Source paths should not be masked… */
3929 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
3930 return true;
3931
3932 if (u->load_state == UNIT_LOADED)
3933 (void) unit_find_dropin_paths(u, &dropins);
3934 if (!strv_equal(u->dropin_paths, dropins))
3935 return true;
3936
3937 /* … any drop-ins that are masked are simply omitted from the list. */
3938 STRV_FOREACH(path, u->dropin_paths)
3939 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
3940 return true;
3941
3942 return false;
3943 }
3944
3945 void unit_reset_failed(Unit *u) {
3946 assert(u);
3947
3948 if (UNIT_VTABLE(u)->reset_failed)
3949 UNIT_VTABLE(u)->reset_failed(u);
3950
3951 ratelimit_reset(&u->start_ratelimit);
3952 u->start_limit_hit = false;
3953 }
3954
3955 Unit *unit_following(Unit *u) {
3956 assert(u);
3957
3958 if (UNIT_VTABLE(u)->following)
3959 return UNIT_VTABLE(u)->following(u);
3960
3961 return NULL;
3962 }
3963
3964 bool unit_stop_pending(Unit *u) {
3965 assert(u);
3966
3967 /* This call does check the current state of the unit. It's
3968 * hence useful to be called from state change calls of the
3969 * unit itself, where the state isn't updated yet. This is
3970 * different from unit_inactive_or_pending() which checks both
3971 * the current state and for a queued job. */
3972
3973 return unit_has_job_type(u, JOB_STOP);
3974 }
3975
3976 bool unit_inactive_or_pending(Unit *u) {
3977 assert(u);
3978
3979 /* Returns true if the unit is inactive or going down */
3980
3981 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3982 return true;
3983
3984 if (unit_stop_pending(u))
3985 return true;
3986
3987 return false;
3988 }
3989
3990 bool unit_active_or_pending(Unit *u) {
3991 assert(u);
3992
3993 /* Returns true if the unit is active or going up */
3994
3995 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3996 return true;
3997
3998 if (u->job &&
3999 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
4000 return true;
4001
4002 return false;
4003 }
4004
4005 bool unit_will_restart_default(Unit *u) {
4006 assert(u);
4007
4008 return unit_has_job_type(u, JOB_START);
4009 }
4010
4011 bool unit_will_restart(Unit *u) {
4012 assert(u);
4013
4014 if (!UNIT_VTABLE(u)->will_restart)
4015 return false;
4016
4017 return UNIT_VTABLE(u)->will_restart(u);
4018 }
4019
4020 void unit_notify_cgroup_oom(Unit *u, bool managed_oom) {
4021 assert(u);
4022
4023 if (UNIT_VTABLE(u)->notify_cgroup_oom)
4024 UNIT_VTABLE(u)->notify_cgroup_oom(u, managed_oom);
4025 }
4026
4027 static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
4028 _cleanup_set_free_ Set *pid_set = NULL;
4029 int r;
4030
4031 pid_set = set_new(NULL);
4032 if (!pid_set)
4033 return NULL;
4034
4035 /* Exclude the main/control pids from being killed via the cgroup */
4036 if (main_pid > 0) {
4037 r = set_put(pid_set, PID_TO_PTR(main_pid));
4038 if (r < 0)
4039 return NULL;
4040 }
4041
4042 if (control_pid > 0) {
4043 r = set_put(pid_set, PID_TO_PTR(control_pid));
4044 if (r < 0)
4045 return NULL;
4046 }
4047
4048 return TAKE_PTR(pid_set);
4049 }
4050
4051 static int kill_common_log(const PidRef *pid, int signo, void *userdata) {
4052 _cleanup_free_ char *comm = NULL;
4053 Unit *u = ASSERT_PTR(userdata);
4054
4055 (void) pidref_get_comm(pid, &comm);
4056
4057 log_unit_info(u, "Sending signal SIG%s to process " PID_FMT " (%s) on client request.",
4058 signal_to_string(signo), pid->pid, strna(comm));
4059
4060 return 1;
4061 }
4062
4063 static int kill_or_sigqueue(PidRef* pidref, int signo, int code, int value) {
4064 assert(pidref_is_set(pidref));
4065 assert(SIGNAL_VALID(signo));
4066
4067 switch (code) {
4068
4069 case SI_USER:
4070 log_debug("Killing " PID_FMT " with signal SIG%s.", pidref->pid, signal_to_string(signo));
4071 return pidref_kill(pidref, signo);
4072
4073 case SI_QUEUE:
4074 log_debug("Enqueuing value %i to " PID_FMT " on signal SIG%s.", value, pidref->pid, signal_to_string(signo));
4075 return pidref_sigqueue(pidref, signo, value);
4076
4077 default:
4078 assert_not_reached();
4079 }
4080 }
4081
4082 int unit_kill(
4083 Unit *u,
4084 KillWho who,
4085 int signo,
4086 int code,
4087 int value,
4088 sd_bus_error *error) {
4089
4090 PidRef *main_pid, *control_pid;
4091 bool killed = false;
4092 int ret = 0, r;
4093
4094 /* This is the common implementation for explicit user-requested killing of unit processes, shared by
4095 * various unit types. Do not confuse with unit_kill_context(), which is what we use when we want to
4096 * stop a service ourselves. */
4097
4098 assert(u);
4099 assert(who >= 0);
4100 assert(who < _KILL_WHO_MAX);
4101 assert(SIGNAL_VALID(signo));
4102 assert(IN_SET(code, SI_USER, SI_QUEUE));
4103
4104 main_pid = unit_main_pid(u);
4105 control_pid = unit_control_pid(u);
4106
4107 if (!UNIT_HAS_CGROUP_CONTEXT(u) && !main_pid && !control_pid)
4108 return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Unit type does not support process killing.");
4109
4110 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
4111 if (!main_pid)
4112 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
4113 if (!pidref_is_set(main_pid))
4114 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
4115 }
4116
4117 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
4118 if (!control_pid)
4119 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
4120 if (!pidref_is_set(control_pid))
4121 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
4122 }
4123
4124 if (pidref_is_set(control_pid) &&
4125 IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL)) {
4126 _cleanup_free_ char *comm = NULL;
4127 (void) pidref_get_comm(control_pid, &comm);
4128
4129 r = kill_or_sigqueue(control_pid, signo, code, value);
4130 if (r < 0) {
4131 ret = r;
4132
4133 /* Report this failure both to the logs and to the client */
4134 sd_bus_error_set_errnof(
4135 error, r,
4136 "Failed to send signal SIG%s to control process " PID_FMT " (%s): %m",
4137 signal_to_string(signo), control_pid->pid, strna(comm));
4138 log_unit_warning_errno(
4139 u, r,
4140 "Failed to send signal SIG%s to control process " PID_FMT " (%s) on client request: %m",
4141 signal_to_string(signo), control_pid->pid, strna(comm));
4142 } else {
4143 log_unit_info(u, "Sent signal SIG%s to control process " PID_FMT " (%s) on client request.",
4144 signal_to_string(signo), control_pid->pid, strna(comm));
4145 killed = true;
4146 }
4147 }
4148
4149 if (pidref_is_set(main_pid) &&
4150 IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL)) {
4151 _cleanup_free_ char *comm = NULL;
4152 (void) pidref_get_comm(main_pid, &comm);
4153
4154 r = kill_or_sigqueue(main_pid, signo, code, value);
4155 if (r < 0) {
4156 if (ret == 0) {
4157 ret = r;
4158
4159 sd_bus_error_set_errnof(
4160 error, r,
4161 "Failed to send signal SIG%s to main process " PID_FMT " (%s): %m",
4162 signal_to_string(signo), main_pid->pid, strna(comm));
4163 }
4164
4165 log_unit_warning_errno(
4166 u, r,
4167 "Failed to send signal SIG%s to main process " PID_FMT " (%s) on client request: %m",
4168 signal_to_string(signo), main_pid->pid, strna(comm));
4169
4170 } else {
4171 log_unit_info(u, "Sent signal SIG%s to main process " PID_FMT " (%s) on client request.",
4172 signal_to_string(signo), main_pid->pid, strna(comm));
4173 killed = true;
4174 }
4175 }
4176
4177 /* Note: if we shall enqueue rather than kill we won't do this via the cgroup mechanism, since it
4178 * doesn't really make much sense (and given that enqueued values are a relatively expensive
4179 * resource, and we shouldn't allow us to be subjects for such allocation sprees) */
4180 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path && code == SI_USER) {
4181 _cleanup_set_free_ Set *pid_set = NULL;
4182
4183 /* Exclude the main/control pids from being killed via the cgroup */
4184 pid_set = unit_pid_set(main_pid ? main_pid->pid : 0, control_pid ? control_pid->pid : 0);
4185 if (!pid_set)
4186 return log_oom();
4187
4188 r = cg_kill_recursive(u->cgroup_path, signo, 0, pid_set, kill_common_log, u);
4189 if (r < 0) {
4190 if (!IN_SET(r, -ESRCH, -ENOENT)) {
4191 if (ret == 0) {
4192 ret = r;
4193
4194 sd_bus_error_set_errnof(
4195 error, r,
4196 "Failed to send signal SIG%s to auxiliary processes: %m",
4197 signal_to_string(signo));
4198 }
4199
4200 log_unit_warning_errno(
4201 u, r,
4202 "Failed to send signal SIG%s to auxiliary processes on client request: %m",
4203 signal_to_string(signo));
4204 }
4205 } else
4206 killed = true;
4207 }
4208
4209 /* If the "fail" versions of the operation are requested, then complain if the set of processes we killed is empty */
4210 if (ret == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL, KILL_MAIN_FAIL))
4211 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No matching processes to kill");
4212
4213 return ret;
4214 }
4215
4216 int unit_following_set(Unit *u, Set **s) {
4217 assert(u);
4218 assert(s);
4219
4220 if (UNIT_VTABLE(u)->following_set)
4221 return UNIT_VTABLE(u)->following_set(u, s);
4222
4223 *s = NULL;
4224 return 0;
4225 }
4226
4227 UnitFileState unit_get_unit_file_state(Unit *u) {
4228 int r;
4229
4230 assert(u);
4231
4232 if (u->unit_file_state < 0 && u->fragment_path) {
4233 r = unit_file_get_state(
4234 u->manager->runtime_scope,
4235 NULL,
4236 u->id,
4237 &u->unit_file_state);
4238 if (r < 0)
4239 u->unit_file_state = UNIT_FILE_BAD;
4240 }
4241
4242 return u->unit_file_state;
4243 }
4244
4245 PresetAction unit_get_unit_file_preset(Unit *u) {
4246 int r;
4247
4248 assert(u);
4249
4250 if (u->unit_file_preset < 0 && u->fragment_path) {
4251 _cleanup_free_ char *bn = NULL;
4252
4253 r = path_extract_filename(u->fragment_path, &bn);
4254 if (r < 0)
4255 return (u->unit_file_preset = r);
4256
4257 if (r == O_DIRECTORY)
4258 return (u->unit_file_preset = -EISDIR);
4259
4260 u->unit_file_preset = unit_file_query_preset(
4261 u->manager->runtime_scope,
4262 NULL,
4263 bn,
4264 NULL);
4265 }
4266
4267 return u->unit_file_preset;
4268 }
4269
4270 Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
4271 assert(ref);
4272 assert(source);
4273 assert(target);
4274
4275 if (ref->target)
4276 unit_ref_unset(ref);
4277
4278 ref->source = source;
4279 ref->target = target;
4280 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
4281 return target;
4282 }
4283
4284 void unit_ref_unset(UnitRef *ref) {
4285 assert(ref);
4286
4287 if (!ref->target)
4288 return;
4289
4290 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4291 * be unreferenced now. */
4292 unit_add_to_gc_queue(ref->target);
4293
4294 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
4295 ref->source = ref->target = NULL;
4296 }
4297
4298 static int user_from_unit_name(Unit *u, char **ret) {
4299
4300 static const uint8_t hash_key[] = {
4301 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4302 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4303 };
4304
4305 _cleanup_free_ char *n = NULL;
4306 int r;
4307
4308 r = unit_name_to_prefix(u->id, &n);
4309 if (r < 0)
4310 return r;
4311
4312 if (valid_user_group_name(n, 0)) {
4313 *ret = TAKE_PTR(n);
4314 return 0;
4315 }
4316
4317 /* If we can't use the unit name as a user name, then let's hash it and use that */
4318 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4319 return -ENOMEM;
4320
4321 return 0;
4322 }
4323
4324 int unit_patch_contexts(Unit *u) {
4325 CGroupContext *cc;
4326 ExecContext *ec;
4327 int r;
4328
4329 assert(u);
4330
4331 /* Patch in the manager defaults into the exec and cgroup
4332 * contexts, _after_ the rest of the settings have been
4333 * initialized */
4334
4335 ec = unit_get_exec_context(u);
4336 if (ec) {
4337 /* This only copies in the ones that need memory */
4338 for (unsigned i = 0; i < _RLIMIT_MAX; i++)
4339 if (u->manager->defaults.rlimit[i] && !ec->rlimit[i]) {
4340 ec->rlimit[i] = newdup(struct rlimit, u->manager->defaults.rlimit[i], 1);
4341 if (!ec->rlimit[i])
4342 return -ENOMEM;
4343 }
4344
4345 if (MANAGER_IS_USER(u->manager) &&
4346 !ec->working_directory) {
4347
4348 r = get_home_dir(&ec->working_directory);
4349 if (r < 0)
4350 return r;
4351
4352 /* Allow user services to run, even if the
4353 * home directory is missing */
4354 ec->working_directory_missing_ok = true;
4355 }
4356
4357 if (ec->private_devices)
4358 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
4359
4360 if (ec->protect_kernel_modules)
4361 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
4362
4363 if (ec->protect_kernel_logs)
4364 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYSLOG);
4365
4366 if (ec->protect_clock)
4367 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_SYS_TIME) | (UINT64_C(1) << CAP_WAKE_ALARM));
4368
4369 if (ec->dynamic_user) {
4370 if (!ec->user) {
4371 r = user_from_unit_name(u, &ec->user);
4372 if (r < 0)
4373 return r;
4374 }
4375
4376 if (!ec->group) {
4377 ec->group = strdup(ec->user);
4378 if (!ec->group)
4379 return -ENOMEM;
4380 }
4381
4382 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4383 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4384 * sandbox. */
4385
4386 ec->private_tmp = true;
4387 ec->remove_ipc = true;
4388 ec->protect_system = PROTECT_SYSTEM_STRICT;
4389 if (ec->protect_home == PROTECT_HOME_NO)
4390 ec->protect_home = PROTECT_HOME_READ_ONLY;
4391
4392 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4393 * them. */
4394 ec->no_new_privileges = true;
4395 ec->restrict_suid_sgid = true;
4396 }
4397
4398 for (ExecDirectoryType dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++)
4399 exec_directory_sort(ec->directories + dt);
4400 }
4401
4402 cc = unit_get_cgroup_context(u);
4403 if (cc && ec) {
4404
4405 if (ec->private_devices &&
4406 cc->device_policy == CGROUP_DEVICE_POLICY_AUTO)
4407 cc->device_policy = CGROUP_DEVICE_POLICY_CLOSED;
4408
4409 /* Only add these if needed, as they imply that everything else is blocked. */
4410 if (cc->device_policy != CGROUP_DEVICE_POLICY_AUTO || cc->device_allow) {
4411 if (ec->root_image || ec->mount_images) {
4412
4413 /* When RootImage= or MountImages= is specified, the following devices are touched. */
4414 FOREACH_STRING(p, "/dev/loop-control", "/dev/mapper/control") {
4415 r = cgroup_context_add_device_allow(cc, p, CGROUP_DEVICE_READ|CGROUP_DEVICE_WRITE);
4416 if (r < 0)
4417 return r;
4418 }
4419 FOREACH_STRING(p, "block-loop", "block-blkext", "block-device-mapper") {
4420 r = cgroup_context_add_device_allow(cc, p, CGROUP_DEVICE_READ|CGROUP_DEVICE_WRITE|CGROUP_DEVICE_MKNOD);
4421 if (r < 0)
4422 return r;
4423 }
4424
4425 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices.
4426 * Same for mapper and verity. */
4427 FOREACH_STRING(p, "modprobe@loop.service", "modprobe@dm_mod.service", "modprobe@dm_verity.service") {
4428 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, p, true, UNIT_DEPENDENCY_FILE);
4429 if (r < 0)
4430 return r;
4431 }
4432 }
4433
4434 if (ec->protect_clock) {
4435 r = cgroup_context_add_device_allow(cc, "char-rtc", CGROUP_DEVICE_READ);
4436 if (r < 0)
4437 return r;
4438 }
4439
4440 /* If there are encrypted credentials we might need to access the TPM. */
4441 if (exec_context_has_encrypted_credentials(ec)) {
4442 r = cgroup_context_add_device_allow(cc, "char-tpm", CGROUP_DEVICE_READ|CGROUP_DEVICE_WRITE);
4443 if (r < 0)
4444 return r;
4445 }
4446 }
4447 }
4448
4449 return 0;
4450 }
4451
4452 ExecContext *unit_get_exec_context(const Unit *u) {
4453 size_t offset;
4454 assert(u);
4455
4456 if (u->type < 0)
4457 return NULL;
4458
4459 offset = UNIT_VTABLE(u)->exec_context_offset;
4460 if (offset <= 0)
4461 return NULL;
4462
4463 return (ExecContext*) ((uint8_t*) u + offset);
4464 }
4465
4466 KillContext *unit_get_kill_context(Unit *u) {
4467 size_t offset;
4468 assert(u);
4469
4470 if (u->type < 0)
4471 return NULL;
4472
4473 offset = UNIT_VTABLE(u)->kill_context_offset;
4474 if (offset <= 0)
4475 return NULL;
4476
4477 return (KillContext*) ((uint8_t*) u + offset);
4478 }
4479
4480 CGroupContext *unit_get_cgroup_context(Unit *u) {
4481 size_t offset;
4482
4483 if (u->type < 0)
4484 return NULL;
4485
4486 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4487 if (offset <= 0)
4488 return NULL;
4489
4490 return (CGroupContext*) ((uint8_t*) u + offset);
4491 }
4492
4493 ExecRuntime *unit_get_exec_runtime(Unit *u) {
4494 size_t offset;
4495
4496 if (u->type < 0)
4497 return NULL;
4498
4499 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4500 if (offset <= 0)
4501 return NULL;
4502
4503 return *(ExecRuntime**) ((uint8_t*) u + offset);
4504 }
4505
4506 static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
4507 assert(u);
4508
4509 if (UNIT_WRITE_FLAGS_NOOP(flags))
4510 return NULL;
4511
4512 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4513 return u->manager->lookup_paths.transient;
4514
4515 if (flags & UNIT_PERSISTENT)
4516 return u->manager->lookup_paths.persistent_control;
4517
4518 if (flags & UNIT_RUNTIME)
4519 return u->manager->lookup_paths.runtime_control;
4520
4521 return NULL;
4522 }
4523
4524 const char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4525 assert(s);
4526 assert(popcount(flags & (UNIT_ESCAPE_EXEC_SYNTAX_ENV | UNIT_ESCAPE_EXEC_SYNTAX | UNIT_ESCAPE_C)) <= 1);
4527 assert(buf);
4528
4529 _cleanup_free_ char *t = NULL;
4530
4531 /* Returns a string with any escaping done. If no escaping was necessary, *buf is set to NULL, and
4532 * the input pointer is returned as-is. If an allocation was needed, the return buffer pointer is
4533 * written to *buf. This means the return value always contains a properly escaped version, but *buf
4534 * only contains a pointer if an allocation was made. Callers can use this to optimize memory
4535 * allocations. */
4536
4537 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4538 t = specifier_escape(s);
4539 if (!t)
4540 return NULL;
4541
4542 s = t;
4543 }
4544
4545 /* We either do C-escaping or shell-escaping, to additionally escape characters that we parse for
4546 * ExecStart= and friends, i.e. '$' and quotes. */
4547
4548 if (flags & (UNIT_ESCAPE_EXEC_SYNTAX_ENV | UNIT_ESCAPE_EXEC_SYNTAX)) {
4549 char *t2;
4550
4551 if (flags & UNIT_ESCAPE_EXEC_SYNTAX_ENV) {
4552 t2 = strreplace(s, "$", "$$");
4553 if (!t2)
4554 return NULL;
4555 free_and_replace(t, t2);
4556 }
4557
4558 t2 = shell_escape(t ?: s, "\"");
4559 if (!t2)
4560 return NULL;
4561 free_and_replace(t, t2);
4562
4563 s = t;
4564
4565 } else if (flags & UNIT_ESCAPE_C) {
4566 char *t2;
4567
4568 t2 = cescape(s);
4569 if (!t2)
4570 return NULL;
4571 free_and_replace(t, t2);
4572
4573 s = t;
4574 }
4575
4576 *buf = TAKE_PTR(t);
4577 return s;
4578 }
4579
4580 char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4581 _cleanup_free_ char *result = NULL;
4582 size_t n = 0;
4583
4584 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command
4585 * lines in a way suitable for ExecStart= stanzas. */
4586
4587 STRV_FOREACH(i, l) {
4588 _cleanup_free_ char *buf = NULL;
4589 const char *p;
4590 size_t a;
4591 char *q;
4592
4593 p = unit_escape_setting(*i, flags, &buf);
4594 if (!p)
4595 return NULL;
4596
4597 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
4598 if (!GREEDY_REALLOC(result, n + a + 1))
4599 return NULL;
4600
4601 q = result + n;
4602 if (n > 0)
4603 *(q++) = ' ';
4604
4605 *(q++) = '"';
4606 q = stpcpy(q, p);
4607 *(q++) = '"';
4608
4609 n += a;
4610 }
4611
4612 if (!GREEDY_REALLOC(result, n + 1))
4613 return NULL;
4614
4615 result[n] = 0;
4616
4617 return TAKE_PTR(result);
4618 }
4619
4620 int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4621 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
4622 const char *dir, *wrapped;
4623 int r;
4624
4625 assert(u);
4626 assert(name);
4627 assert(data);
4628
4629 if (UNIT_WRITE_FLAGS_NOOP(flags))
4630 return 0;
4631
4632 data = unit_escape_setting(data, flags, &escaped);
4633 if (!data)
4634 return -ENOMEM;
4635
4636 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4637 * previous section header is the same */
4638
4639 if (flags & UNIT_PRIVATE) {
4640 if (!UNIT_VTABLE(u)->private_section)
4641 return -EINVAL;
4642
4643 if (!u->transient_file || u->last_section_private < 0)
4644 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4645 else if (u->last_section_private == 0)
4646 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4647 } else {
4648 if (!u->transient_file || u->last_section_private < 0)
4649 data = strjoina("[Unit]\n", data);
4650 else if (u->last_section_private > 0)
4651 data = strjoina("\n[Unit]\n", data);
4652 }
4653
4654 if (u->transient_file) {
4655 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4656 * write to the transient unit file. */
4657 fputs(data, u->transient_file);
4658
4659 if (!endswith(data, "\n"))
4660 fputc('\n', u->transient_file);
4661
4662 /* Remember which section we wrote this entry to */
4663 u->last_section_private = !!(flags & UNIT_PRIVATE);
4664 return 0;
4665 }
4666
4667 dir = unit_drop_in_dir(u, flags);
4668 if (!dir)
4669 return -EINVAL;
4670
4671 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4672 "# or an equivalent operation. Do not edit.\n",
4673 data,
4674 "\n");
4675
4676 r = drop_in_file(dir, u->id, 50, name, &p, &q);
4677 if (r < 0)
4678 return r;
4679
4680 (void) mkdir_p_label(p, 0755);
4681
4682 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4683 * recreate the cache after every drop-in we write. */
4684 if (u->manager->unit_path_cache) {
4685 r = set_put_strdup(&u->manager->unit_path_cache, p);
4686 if (r < 0)
4687 return r;
4688 }
4689
4690 r = write_string_file_atomic_label(q, wrapped);
4691 if (r < 0)
4692 return r;
4693
4694 r = strv_push(&u->dropin_paths, q);
4695 if (r < 0)
4696 return r;
4697 q = NULL;
4698
4699 strv_uniq(u->dropin_paths);
4700
4701 u->dropin_mtime = now(CLOCK_REALTIME);
4702
4703 return 0;
4704 }
4705
4706 int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
4707 _cleanup_free_ char *p = NULL;
4708 va_list ap;
4709 int r;
4710
4711 assert(u);
4712 assert(name);
4713 assert(format);
4714
4715 if (UNIT_WRITE_FLAGS_NOOP(flags))
4716 return 0;
4717
4718 va_start(ap, format);
4719 r = vasprintf(&p, format, ap);
4720 va_end(ap);
4721
4722 if (r < 0)
4723 return -ENOMEM;
4724
4725 return unit_write_setting(u, flags, name, p);
4726 }
4727
4728 int unit_make_transient(Unit *u) {
4729 _cleanup_free_ char *path = NULL;
4730 FILE *f;
4731
4732 assert(u);
4733
4734 if (!UNIT_VTABLE(u)->can_transient)
4735 return -EOPNOTSUPP;
4736
4737 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4738
4739 path = path_join(u->manager->lookup_paths.transient, u->id);
4740 if (!path)
4741 return -ENOMEM;
4742
4743 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4744 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4745
4746 WITH_UMASK(0022) {
4747 f = fopen(path, "we");
4748 if (!f)
4749 return -errno;
4750 }
4751
4752 safe_fclose(u->transient_file);
4753 u->transient_file = f;
4754
4755 free_and_replace(u->fragment_path, path);
4756
4757 u->source_path = mfree(u->source_path);
4758 u->dropin_paths = strv_free(u->dropin_paths);
4759 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4760
4761 u->load_state = UNIT_STUB;
4762 u->load_error = 0;
4763 u->transient = true;
4764
4765 unit_add_to_dbus_queue(u);
4766 unit_add_to_gc_queue(u);
4767
4768 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4769 u->transient_file);
4770
4771 return 0;
4772 }
4773
4774 static int log_kill(const PidRef *pid, int sig, void *userdata) {
4775 _cleanup_free_ char *comm = NULL;
4776
4777 assert(pidref_is_set(pid));
4778
4779 (void) pidref_get_comm(pid, &comm);
4780
4781 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4782 only, like for example systemd's own PAM stub process. */
4783 if (comm && comm[0] == '(')
4784 /* Although we didn't log anything, as this callback is used in unit_kill_context we must return 1
4785 * here to let the manager know that a process was killed. */
4786 return 1;
4787
4788 log_unit_notice(userdata,
4789 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4790 pid->pid,
4791 strna(comm),
4792 signal_to_string(sig));
4793
4794 return 1;
4795 }
4796
4797 static int operation_to_signal(
4798 const KillContext *c,
4799 KillOperation k,
4800 bool *ret_noteworthy) {
4801
4802 assert(c);
4803
4804 switch (k) {
4805
4806 case KILL_TERMINATE:
4807 case KILL_TERMINATE_AND_LOG:
4808 *ret_noteworthy = false;
4809 return c->kill_signal;
4810
4811 case KILL_RESTART:
4812 *ret_noteworthy = false;
4813 return restart_kill_signal(c);
4814
4815 case KILL_KILL:
4816 *ret_noteworthy = true;
4817 return c->final_kill_signal;
4818
4819 case KILL_WATCHDOG:
4820 *ret_noteworthy = true;
4821 return c->watchdog_signal;
4822
4823 default:
4824 assert_not_reached();
4825 }
4826 }
4827
4828 int unit_kill_context(
4829 Unit *u,
4830 KillContext *c,
4831 KillOperation k,
4832 PidRef* main_pid,
4833 PidRef* control_pid,
4834 bool main_pid_alien) {
4835
4836 bool wait_for_exit = false, send_sighup;
4837 cg_kill_log_func_t log_func = NULL;
4838 int sig, r;
4839
4840 assert(u);
4841 assert(c);
4842
4843 /* Kill the processes belonging to this unit, in preparation for shutting the unit down. Returns > 0
4844 * if we killed something worth waiting for, 0 otherwise. Do not confuse with unit_kill_common()
4845 * which is used for user-requested killing of unit processes. */
4846
4847 if (c->kill_mode == KILL_NONE)
4848 return 0;
4849
4850 bool noteworthy;
4851 sig = operation_to_signal(c, k, &noteworthy);
4852 if (noteworthy)
4853 log_func = log_kill;
4854
4855 send_sighup =
4856 c->send_sighup &&
4857 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4858 sig != SIGHUP;
4859
4860 if (pidref_is_set(main_pid)) {
4861 if (log_func)
4862 log_func(main_pid, sig, u);
4863
4864 r = pidref_kill_and_sigcont(main_pid, sig);
4865 if (r < 0 && r != -ESRCH) {
4866 _cleanup_free_ char *comm = NULL;
4867 (void) pidref_get_comm(main_pid, &comm);
4868
4869 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid->pid, strna(comm));
4870 } else {
4871 if (!main_pid_alien)
4872 wait_for_exit = true;
4873
4874 if (r != -ESRCH && send_sighup)
4875 (void) pidref_kill(main_pid, SIGHUP);
4876 }
4877 }
4878
4879 if (pidref_is_set(control_pid)) {
4880 if (log_func)
4881 log_func(control_pid, sig, u);
4882
4883 r = pidref_kill_and_sigcont(control_pid, sig);
4884 if (r < 0 && r != -ESRCH) {
4885 _cleanup_free_ char *comm = NULL;
4886 (void) pidref_get_comm(control_pid, &comm);
4887
4888 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid->pid, strna(comm));
4889 } else {
4890 wait_for_exit = true;
4891
4892 if (r != -ESRCH && send_sighup)
4893 (void) pidref_kill(control_pid, SIGHUP);
4894 }
4895 }
4896
4897 if (u->cgroup_path &&
4898 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
4899 _cleanup_set_free_ Set *pid_set = NULL;
4900
4901 /* Exclude the main/control pids from being killed via the cgroup */
4902 pid_set = unit_pid_set(main_pid ? main_pid->pid : 0, control_pid ? control_pid->pid : 0);
4903 if (!pid_set)
4904 return -ENOMEM;
4905
4906 r = cg_kill_recursive(
4907 u->cgroup_path,
4908 sig,
4909 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4910 pid_set,
4911 log_func, u);
4912 if (r < 0) {
4913 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
4914 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", empty_to_root(u->cgroup_path));
4915
4916 } else if (r > 0) {
4917
4918 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4919 * we are running in a container or if this is a delegation unit, simply because cgroup
4920 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4921 * of containers it can be confused easily by left-over directories in the cgroup — which
4922 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4923 * there we get proper events. Hence rely on them. */
4924
4925 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
4926 (detect_container() == 0 && !unit_cgroup_delegate(u)))
4927 wait_for_exit = true;
4928
4929 if (send_sighup) {
4930 set_free(pid_set);
4931
4932 pid_set = unit_pid_set(main_pid ? main_pid->pid : 0, control_pid ? control_pid->pid : 0);
4933 if (!pid_set)
4934 return -ENOMEM;
4935
4936 (void) cg_kill_recursive(
4937 u->cgroup_path,
4938 SIGHUP,
4939 CGROUP_IGNORE_SELF,
4940 pid_set,
4941 /* kill_log= */ NULL,
4942 /* userdata= */ NULL);
4943 }
4944 }
4945 }
4946
4947 return wait_for_exit;
4948 }
4949
4950 int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
4951 int r;
4952
4953 assert(u);
4954 assert(path);
4955
4956 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these
4957 * paths in the unit (from the path to the UnitDependencyInfo structure indicating how to the
4958 * dependency came to be). However, we build a prefix table for all possible prefixes so that new
4959 * appearing mount units can easily determine which units to make themselves a dependency of. */
4960
4961 if (!path_is_absolute(path))
4962 return -EINVAL;
4963
4964 if (hashmap_contains(u->requires_mounts_for, path)) /* Exit quickly if the path is already covered. */
4965 return 0;
4966
4967 /* Use the canonical form of the path as the stored key. We call path_is_normalized()
4968 * only after simplification, since path_is_normalized() rejects paths with '.'.
4969 * path_is_normalized() also verifies that the path fits in PATH_MAX. */
4970 _cleanup_free_ char *p = NULL;
4971 r = path_simplify_alloc(path, &p);
4972 if (r < 0)
4973 return r;
4974 path = p;
4975
4976 if (!path_is_normalized(path))
4977 return -EPERM;
4978
4979 UnitDependencyInfo di = {
4980 .origin_mask = mask
4981 };
4982
4983 r = hashmap_ensure_put(&u->requires_mounts_for, &path_hash_ops, p, di.data);
4984 if (r < 0)
4985 return r;
4986 assert(r > 0);
4987 TAKE_PTR(p); /* path remains a valid pointer to the string stored in the hashmap */
4988
4989 char prefix[strlen(path) + 1];
4990 PATH_FOREACH_PREFIX_MORE(prefix, path) {
4991 Set *x;
4992
4993 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4994 if (!x) {
4995 _cleanup_free_ char *q = NULL;
4996
4997 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
4998 if (r < 0)
4999 return r;
5000
5001 q = strdup(prefix);
5002 if (!q)
5003 return -ENOMEM;
5004
5005 x = set_new(NULL);
5006 if (!x)
5007 return -ENOMEM;
5008
5009 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
5010 if (r < 0) {
5011 set_free(x);
5012 return r;
5013 }
5014 q = NULL;
5015 }
5016
5017 r = set_put(x, u);
5018 if (r < 0)
5019 return r;
5020 }
5021
5022 return 0;
5023 }
5024
5025 int unit_setup_exec_runtime(Unit *u) {
5026 _cleanup_(exec_shared_runtime_unrefp) ExecSharedRuntime *esr = NULL;
5027 _cleanup_(dynamic_creds_unrefp) DynamicCreds *dcreds = NULL;
5028 _cleanup_set_free_ Set *units = NULL;
5029 ExecRuntime **rt;
5030 ExecContext *ec;
5031 size_t offset;
5032 Unit *other;
5033 int r;
5034
5035 offset = UNIT_VTABLE(u)->exec_runtime_offset;
5036 assert(offset > 0);
5037
5038 /* Check if there already is an ExecRuntime for this unit? */
5039 rt = (ExecRuntime**) ((uint8_t*) u + offset);
5040 if (*rt)
5041 return 0;
5042
5043 ec = unit_get_exec_context(u);
5044 assert(ec);
5045
5046 r = unit_get_transitive_dependency_set(u, UNIT_ATOM_JOINS_NAMESPACE_OF, &units);
5047 if (r < 0)
5048 return r;
5049
5050 /* Try to get it from somebody else */
5051 SET_FOREACH(other, units) {
5052 r = exec_shared_runtime_acquire(u->manager, NULL, other->id, false, &esr);
5053 if (r < 0)
5054 return r;
5055 if (r > 0)
5056 break;
5057 }
5058
5059 if (!esr) {
5060 r = exec_shared_runtime_acquire(u->manager, ec, u->id, true, &esr);
5061 if (r < 0)
5062 return r;
5063 }
5064
5065 if (ec->dynamic_user) {
5066 r = dynamic_creds_make(u->manager, ec->user, ec->group, &dcreds);
5067 if (r < 0)
5068 return r;
5069 }
5070
5071 r = exec_runtime_make(u, ec, esr, dcreds, rt);
5072 if (r < 0)
5073 return r;
5074
5075 TAKE_PTR(esr);
5076 TAKE_PTR(dcreds);
5077
5078 return r;
5079 }
5080
5081 bool unit_type_supported(UnitType t) {
5082 static int8_t cache[_UNIT_TYPE_MAX] = {}; /* -1: disabled, 1: enabled: 0: don't know */
5083 int r;
5084
5085 assert(t >= 0 && t < _UNIT_TYPE_MAX);
5086
5087 if (cache[t] == 0) {
5088 char *e;
5089
5090 e = strjoina("SYSTEMD_SUPPORT_", unit_type_to_string(t));
5091
5092 r = getenv_bool(ascii_strupper(e));
5093 if (r < 0 && r != -ENXIO)
5094 log_debug_errno(r, "Failed to parse $%s, ignoring: %m", e);
5095
5096 cache[t] = r == 0 ? -1 : 1;
5097 }
5098 if (cache[t] < 0)
5099 return false;
5100
5101 if (!unit_vtable[t]->supported)
5102 return true;
5103
5104 return unit_vtable[t]->supported();
5105 }
5106
5107 void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
5108 int r;
5109
5110 assert(u);
5111 assert(where);
5112
5113 if (!unit_log_level_test(u, LOG_NOTICE))
5114 return;
5115
5116 r = dir_is_empty(where, /* ignore_hidden_or_backup= */ false);
5117 if (r > 0 || r == -ENOTDIR)
5118 return;
5119 if (r < 0) {
5120 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
5121 return;
5122 }
5123
5124 log_unit_struct(u, LOG_NOTICE,
5125 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
5126 LOG_UNIT_INVOCATION_ID(u),
5127 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
5128 "WHERE=%s", where);
5129 }
5130
5131 int unit_fail_if_noncanonical(Unit *u, const char* where) {
5132 _cleanup_free_ char *canonical_where = NULL;
5133 int r;
5134
5135 assert(u);
5136 assert(where);
5137
5138 r = chase(where, NULL, CHASE_NONEXISTENT, &canonical_where, NULL);
5139 if (r < 0) {
5140 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
5141 return 0;
5142 }
5143
5144 /* We will happily ignore a trailing slash (or any redundant slashes) */
5145 if (path_equal(where, canonical_where))
5146 return 0;
5147
5148 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
5149 log_unit_struct(u, LOG_ERR,
5150 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
5151 LOG_UNIT_INVOCATION_ID(u),
5152 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
5153 "WHERE=%s", where);
5154
5155 return -ELOOP;
5156 }
5157
5158 bool unit_is_pristine(Unit *u) {
5159 assert(u);
5160
5161 /* Check if the unit already exists or is already around, in a number of different ways. Note that to
5162 * cater for unit types such as slice, we are generally fine with units that are marked UNIT_LOADED
5163 * even though nothing was actually loaded, as those unit types don't require a file on disk.
5164 *
5165 * Note that we don't check for drop-ins here, because we allow drop-ins for transient units
5166 * identically to non-transient units, both unit-specific and hierarchical. E.g. for a-b-c.service:
5167 * service.d/….conf, a-.service.d/….conf, a-b-.service.d/….conf, a-b-c.service.d/….conf.
5168 */
5169
5170 return IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) &&
5171 !u->fragment_path &&
5172 !u->source_path &&
5173 !u->job &&
5174 !u->merged_into;
5175 }
5176
5177 PidRef* unit_control_pid(Unit *u) {
5178 assert(u);
5179
5180 if (UNIT_VTABLE(u)->control_pid)
5181 return UNIT_VTABLE(u)->control_pid(u);
5182
5183 return NULL;
5184 }
5185
5186 PidRef* unit_main_pid(Unit *u) {
5187 assert(u);
5188
5189 if (UNIT_VTABLE(u)->main_pid)
5190 return UNIT_VTABLE(u)->main_pid(u);
5191
5192 return NULL;
5193 }
5194
5195 static void unit_modify_user_nft_set(Unit *u, bool add, NFTSetSource source, uint32_t element) {
5196 int r;
5197
5198 assert(u);
5199
5200 if (!MANAGER_IS_SYSTEM(u->manager))
5201 return;
5202
5203 CGroupContext *c;
5204 c = unit_get_cgroup_context(u);
5205 if (!c)
5206 return;
5207
5208 if (!u->manager->fw_ctx) {
5209 r = fw_ctx_new_full(&u->manager->fw_ctx, /* init_tables= */ false);
5210 if (r < 0)
5211 return;
5212
5213 assert(u->manager->fw_ctx);
5214 }
5215
5216 FOREACH_ARRAY(nft_set, c->nft_set_context.sets, c->nft_set_context.n_sets) {
5217 if (nft_set->source != source)
5218 continue;
5219
5220 r = nft_set_element_modify_any(u->manager->fw_ctx, add, nft_set->nfproto, nft_set->table, nft_set->set, &element, sizeof(element));
5221 if (r < 0)
5222 log_warning_errno(r, "Failed to %s NFT set: family %s, table %s, set %s, ID %u, ignoring: %m",
5223 add? "add" : "delete", nfproto_to_string(nft_set->nfproto), nft_set->table, nft_set->set, element);
5224 else
5225 log_debug("%s NFT set: family %s, table %s, set %s, ID %u",
5226 add? "Added" : "Deleted", nfproto_to_string(nft_set->nfproto), nft_set->table, nft_set->set, element);
5227 }
5228 }
5229
5230 static void unit_unref_uid_internal(
5231 Unit *u,
5232 uid_t *ref_uid,
5233 bool destroy_now,
5234 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
5235
5236 assert(u);
5237 assert(ref_uid);
5238 assert(_manager_unref_uid);
5239
5240 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
5241 * gid_t are actually the same time, with the same validity rules.
5242 *
5243 * Drops a reference to UID/GID from a unit. */
5244
5245 assert_cc(sizeof(uid_t) == sizeof(gid_t));
5246 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
5247
5248 if (!uid_is_valid(*ref_uid))
5249 return;
5250
5251 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
5252 *ref_uid = UID_INVALID;
5253 }
5254
5255 static void unit_unref_uid(Unit *u, bool destroy_now) {
5256 assert(u);
5257
5258 unit_modify_user_nft_set(u, /* add = */ false, NFT_SET_SOURCE_USER, u->ref_uid);
5259
5260 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
5261 }
5262
5263 static void unit_unref_gid(Unit *u, bool destroy_now) {
5264 assert(u);
5265
5266 unit_modify_user_nft_set(u, /* add = */ false, NFT_SET_SOURCE_GROUP, u->ref_gid);
5267
5268 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
5269 }
5270
5271 void unit_unref_uid_gid(Unit *u, bool destroy_now) {
5272 assert(u);
5273
5274 unit_unref_uid(u, destroy_now);
5275 unit_unref_gid(u, destroy_now);
5276 }
5277
5278 static int unit_ref_uid_internal(
5279 Unit *u,
5280 uid_t *ref_uid,
5281 uid_t uid,
5282 bool clean_ipc,
5283 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
5284
5285 int r;
5286
5287 assert(u);
5288 assert(ref_uid);
5289 assert(uid_is_valid(uid));
5290 assert(_manager_ref_uid);
5291
5292 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
5293 * are actually the same type, and have the same validity rules.
5294 *
5295 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
5296 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
5297 * drops to zero. */
5298
5299 assert_cc(sizeof(uid_t) == sizeof(gid_t));
5300 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
5301
5302 if (*ref_uid == uid)
5303 return 0;
5304
5305 if (uid_is_valid(*ref_uid)) /* Already set? */
5306 return -EBUSY;
5307
5308 r = _manager_ref_uid(u->manager, uid, clean_ipc);
5309 if (r < 0)
5310 return r;
5311
5312 *ref_uid = uid;
5313 return 1;
5314 }
5315
5316 static int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
5317 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
5318 }
5319
5320 static int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
5321 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
5322 }
5323
5324 static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
5325 int r = 0, q = 0;
5326
5327 assert(u);
5328
5329 /* Reference both a UID and a GID in one go. Either references both, or neither. */
5330
5331 if (uid_is_valid(uid)) {
5332 r = unit_ref_uid(u, uid, clean_ipc);
5333 if (r < 0)
5334 return r;
5335 }
5336
5337 if (gid_is_valid(gid)) {
5338 q = unit_ref_gid(u, gid, clean_ipc);
5339 if (q < 0) {
5340 if (r > 0)
5341 unit_unref_uid(u, false);
5342
5343 return q;
5344 }
5345 }
5346
5347 return r > 0 || q > 0;
5348 }
5349
5350 int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
5351 ExecContext *c;
5352 int r;
5353
5354 assert(u);
5355
5356 c = unit_get_exec_context(u);
5357
5358 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
5359 if (r < 0)
5360 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
5361
5362 unit_modify_user_nft_set(u, /* add = */ true, NFT_SET_SOURCE_USER, uid);
5363 unit_modify_user_nft_set(u, /* add = */ true, NFT_SET_SOURCE_GROUP, gid);
5364
5365 return r;
5366 }
5367
5368 void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
5369 int r;
5370
5371 assert(u);
5372
5373 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
5374 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
5375 * objects when no service references the UID/GID anymore. */
5376
5377 r = unit_ref_uid_gid(u, uid, gid);
5378 if (r > 0)
5379 unit_add_to_dbus_queue(u);
5380 }
5381
5382 int unit_acquire_invocation_id(Unit *u) {
5383 sd_id128_t id;
5384 int r;
5385
5386 assert(u);
5387
5388 r = sd_id128_randomize(&id);
5389 if (r < 0)
5390 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
5391
5392 r = unit_set_invocation_id(u, id);
5393 if (r < 0)
5394 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
5395
5396 unit_add_to_dbus_queue(u);
5397 return 0;
5398 }
5399
5400 int unit_set_exec_params(Unit *u, ExecParameters *p) {
5401 const char *confirm_spawn;
5402 int r;
5403
5404 assert(u);
5405 assert(p);
5406
5407 /* Copy parameters from manager */
5408 r = manager_get_effective_environment(u->manager, &p->environment);
5409 if (r < 0)
5410 return r;
5411
5412 p->runtime_scope = u->manager->runtime_scope;
5413
5414 confirm_spawn = manager_get_confirm_spawn(u->manager);
5415 if (confirm_spawn) {
5416 p->confirm_spawn = strdup(confirm_spawn);
5417 if (!p->confirm_spawn)
5418 return -ENOMEM;
5419 }
5420
5421 p->cgroup_supported = u->manager->cgroup_supported;
5422 p->prefix = u->manager->prefix;
5423 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5424
5425 /* Copy parameters from unit */
5426 p->cgroup_path = u->cgroup_path;
5427 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
5428
5429 p->received_credentials_directory = u->manager->received_credentials_directory;
5430 p->received_encrypted_credentials_directory = u->manager->received_encrypted_credentials_directory;
5431
5432 p->shall_confirm_spawn = u->manager->confirm_spawn;
5433
5434 p->fallback_smack_process_label = u->manager->defaults.smack_process_label;
5435
5436 if (u->manager->restrict_fs && p->bpf_outer_map_fd < 0) {
5437 int fd = lsm_bpf_map_restrict_fs_fd(u);
5438 if (fd < 0)
5439 return fd;
5440
5441 p->bpf_outer_map_fd = fd;
5442 }
5443
5444 p->user_lookup_fd = u->manager->user_lookup_fds[1];
5445
5446 p->cgroup_id = u->cgroup_id;
5447 p->invocation_id = u->invocation_id;
5448 sd_id128_to_string(p->invocation_id, p->invocation_id_string);
5449 p->unit_id = strdup(u->id);
5450 if (!p->unit_id)
5451 return -ENOMEM;
5452
5453 return 0;
5454 }
5455
5456 int unit_fork_helper_process(Unit *u, const char *name, PidRef *ret) {
5457 pid_t pid;
5458 int r;
5459
5460 assert(u);
5461 assert(ret);
5462
5463 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5464 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5465
5466 (void) unit_realize_cgroup(u);
5467
5468 r = safe_fork(name, FORK_REOPEN_LOG|FORK_DEATHSIG_SIGTERM, &pid);
5469 if (r < 0)
5470 return r;
5471 if (r > 0) {
5472 _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
5473 int q;
5474
5475 /* Parent */
5476
5477 q = pidref_set_pid(&pidref, pid);
5478 if (q < 0)
5479 return q;
5480
5481 *ret = TAKE_PIDREF(pidref);
5482 return r;
5483 }
5484
5485 /* Child */
5486
5487 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE);
5488 (void) ignore_signals(SIGPIPE);
5489
5490 if (u->cgroup_path) {
5491 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5492 if (r < 0) {
5493 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", empty_to_root(u->cgroup_path));
5494 _exit(EXIT_CGROUP);
5495 }
5496 }
5497
5498 return 0;
5499 }
5500
5501 int unit_fork_and_watch_rm_rf(Unit *u, char **paths, PidRef *ret_pid) {
5502 _cleanup_(pidref_done) PidRef pid = PIDREF_NULL;
5503 int r;
5504
5505 assert(u);
5506 assert(ret_pid);
5507
5508 r = unit_fork_helper_process(u, "(sd-rmrf)", &pid);
5509 if (r < 0)
5510 return r;
5511 if (r == 0) {
5512 int ret = EXIT_SUCCESS;
5513
5514 STRV_FOREACH(i, paths) {
5515 r = rm_rf(*i, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_MISSING_OK);
5516 if (r < 0) {
5517 log_error_errno(r, "Failed to remove '%s': %m", *i);
5518 ret = EXIT_FAILURE;
5519 }
5520 }
5521
5522 _exit(ret);
5523 }
5524
5525 r = unit_watch_pidref(u, &pid, /* exclusive= */ true);
5526 if (r < 0)
5527 return r;
5528
5529 *ret_pid = TAKE_PIDREF(pid);
5530 return 0;
5531 }
5532
5533 static void unit_update_dependency_mask(Hashmap *deps, Unit *other, UnitDependencyInfo di) {
5534 assert(deps);
5535 assert(other);
5536
5537 if (di.origin_mask == 0 && di.destination_mask == 0)
5538 /* No bit set anymore, let's drop the whole entry */
5539 assert_se(hashmap_remove(deps, other));
5540 else
5541 /* Mask was reduced, let's update the entry */
5542 assert_se(hashmap_update(deps, other, di.data) == 0);
5543 }
5544
5545 void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
5546 Hashmap *deps;
5547 assert(u);
5548
5549 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5550
5551 if (mask == 0)
5552 return;
5553
5554 HASHMAP_FOREACH(deps, u->dependencies) {
5555 bool done;
5556
5557 do {
5558 UnitDependencyInfo di;
5559 Unit *other;
5560
5561 done = true;
5562
5563 HASHMAP_FOREACH_KEY(di.data, other, deps) {
5564 Hashmap *other_deps;
5565
5566 if (FLAGS_SET(~mask, di.origin_mask))
5567 continue;
5568
5569 di.origin_mask &= ~mask;
5570 unit_update_dependency_mask(deps, other, di);
5571
5572 /* We updated the dependency from our unit to the other unit now. But most
5573 * dependencies imply a reverse dependency. Hence, let's delete that one
5574 * too. For that we go through all dependency types on the other unit and
5575 * delete all those which point to us and have the right mask set. */
5576
5577 HASHMAP_FOREACH(other_deps, other->dependencies) {
5578 UnitDependencyInfo dj;
5579
5580 dj.data = hashmap_get(other_deps, u);
5581 if (FLAGS_SET(~mask, dj.destination_mask))
5582 continue;
5583
5584 dj.destination_mask &= ~mask;
5585 unit_update_dependency_mask(other_deps, u, dj);
5586 }
5587
5588 unit_add_to_gc_queue(other);
5589
5590 /* The unit 'other' may not be wanted by the unit 'u'. */
5591 unit_submit_to_stop_when_unneeded_queue(other);
5592
5593 done = false;
5594 break;
5595 }
5596
5597 } while (!done);
5598 }
5599 }
5600
5601 static int unit_get_invocation_path(Unit *u, char **ret) {
5602 char *p;
5603 int r;
5604
5605 assert(u);
5606 assert(ret);
5607
5608 if (MANAGER_IS_SYSTEM(u->manager))
5609 p = strjoin("/run/systemd/units/invocation:", u->id);
5610 else {
5611 _cleanup_free_ char *user_path = NULL;
5612 r = xdg_user_runtime_dir(&user_path, "/systemd/units/invocation:");
5613 if (r < 0)
5614 return r;
5615 p = strjoin(user_path, u->id);
5616 }
5617
5618 if (!p)
5619 return -ENOMEM;
5620
5621 *ret = p;
5622 return 0;
5623 }
5624
5625 static int unit_export_invocation_id(Unit *u) {
5626 _cleanup_free_ char *p = NULL;
5627 int r;
5628
5629 assert(u);
5630
5631 if (u->exported_invocation_id)
5632 return 0;
5633
5634 if (sd_id128_is_null(u->invocation_id))
5635 return 0;
5636
5637 r = unit_get_invocation_path(u, &p);
5638 if (r < 0)
5639 return log_unit_debug_errno(u, r, "Failed to get invocation path: %m");
5640
5641 r = symlink_atomic_label(u->invocation_id_string, p);
5642 if (r < 0)
5643 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5644
5645 u->exported_invocation_id = true;
5646 return 0;
5647 }
5648
5649 static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5650 const char *p;
5651 char buf[2];
5652 int r;
5653
5654 assert(u);
5655 assert(c);
5656
5657 if (u->exported_log_level_max)
5658 return 0;
5659
5660 if (c->log_level_max < 0)
5661 return 0;
5662
5663 assert(c->log_level_max <= 7);
5664
5665 buf[0] = '0' + c->log_level_max;
5666 buf[1] = 0;
5667
5668 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5669 r = symlink_atomic(buf, p);
5670 if (r < 0)
5671 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5672
5673 u->exported_log_level_max = true;
5674 return 0;
5675 }
5676
5677 static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5678 _cleanup_close_ int fd = -EBADF;
5679 struct iovec *iovec;
5680 const char *p;
5681 char *pattern;
5682 le64_t *sizes;
5683 ssize_t n;
5684 int r;
5685
5686 if (u->exported_log_extra_fields)
5687 return 0;
5688
5689 if (c->n_log_extra_fields <= 0)
5690 return 0;
5691
5692 sizes = newa(le64_t, c->n_log_extra_fields);
5693 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5694
5695 for (size_t i = 0; i < c->n_log_extra_fields; i++) {
5696 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5697
5698 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5699 iovec[i*2+1] = c->log_extra_fields[i];
5700 }
5701
5702 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5703 pattern = strjoina(p, ".XXXXXX");
5704
5705 fd = mkostemp_safe(pattern);
5706 if (fd < 0)
5707 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5708
5709 n = writev(fd, iovec, c->n_log_extra_fields*2);
5710 if (n < 0) {
5711 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5712 goto fail;
5713 }
5714
5715 (void) fchmod(fd, 0644);
5716
5717 if (rename(pattern, p) < 0) {
5718 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5719 goto fail;
5720 }
5721
5722 u->exported_log_extra_fields = true;
5723 return 0;
5724
5725 fail:
5726 (void) unlink(pattern);
5727 return r;
5728 }
5729
5730 static int unit_export_log_ratelimit_interval(Unit *u, const ExecContext *c) {
5731 _cleanup_free_ char *buf = NULL;
5732 const char *p;
5733 int r;
5734
5735 assert(u);
5736 assert(c);
5737
5738 if (u->exported_log_ratelimit_interval)
5739 return 0;
5740
5741 if (c->log_ratelimit_interval_usec == 0)
5742 return 0;
5743
5744 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5745
5746 if (asprintf(&buf, "%" PRIu64, c->log_ratelimit_interval_usec) < 0)
5747 return log_oom();
5748
5749 r = symlink_atomic(buf, p);
5750 if (r < 0)
5751 return log_unit_debug_errno(u, r, "Failed to create log rate limit interval symlink %s: %m", p);
5752
5753 u->exported_log_ratelimit_interval = true;
5754 return 0;
5755 }
5756
5757 static int unit_export_log_ratelimit_burst(Unit *u, const ExecContext *c) {
5758 _cleanup_free_ char *buf = NULL;
5759 const char *p;
5760 int r;
5761
5762 assert(u);
5763 assert(c);
5764
5765 if (u->exported_log_ratelimit_burst)
5766 return 0;
5767
5768 if (c->log_ratelimit_burst == 0)
5769 return 0;
5770
5771 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5772
5773 if (asprintf(&buf, "%u", c->log_ratelimit_burst) < 0)
5774 return log_oom();
5775
5776 r = symlink_atomic(buf, p);
5777 if (r < 0)
5778 return log_unit_debug_errno(u, r, "Failed to create log rate limit burst symlink %s: %m", p);
5779
5780 u->exported_log_ratelimit_burst = true;
5781 return 0;
5782 }
5783
5784 void unit_export_state_files(Unit *u) {
5785 const ExecContext *c;
5786
5787 assert(u);
5788
5789 if (!u->id)
5790 return;
5791
5792 if (MANAGER_IS_TEST_RUN(u->manager))
5793 return;
5794
5795 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5796 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5797 * the IPC system itself and PID 1 also log to the journal.
5798 *
5799 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5800 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5801 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5802 * namespace at least.
5803 *
5804 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5805 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5806 * them with one. */
5807
5808 (void) unit_export_invocation_id(u);
5809
5810 if (!MANAGER_IS_SYSTEM(u->manager))
5811 return;
5812
5813 c = unit_get_exec_context(u);
5814 if (c) {
5815 (void) unit_export_log_level_max(u, c);
5816 (void) unit_export_log_extra_fields(u, c);
5817 (void) unit_export_log_ratelimit_interval(u, c);
5818 (void) unit_export_log_ratelimit_burst(u, c);
5819 }
5820 }
5821
5822 void unit_unlink_state_files(Unit *u) {
5823 const char *p;
5824
5825 assert(u);
5826
5827 if (!u->id)
5828 return;
5829
5830 /* Undoes the effect of unit_export_state() */
5831
5832 if (u->exported_invocation_id) {
5833 _cleanup_free_ char *invocation_path = NULL;
5834 int r = unit_get_invocation_path(u, &invocation_path);
5835 if (r >= 0) {
5836 (void) unlink(invocation_path);
5837 u->exported_invocation_id = false;
5838 }
5839 }
5840
5841 if (!MANAGER_IS_SYSTEM(u->manager))
5842 return;
5843
5844 if (u->exported_log_level_max) {
5845 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5846 (void) unlink(p);
5847
5848 u->exported_log_level_max = false;
5849 }
5850
5851 if (u->exported_log_extra_fields) {
5852 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5853 (void) unlink(p);
5854
5855 u->exported_log_extra_fields = false;
5856 }
5857
5858 if (u->exported_log_ratelimit_interval) {
5859 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5860 (void) unlink(p);
5861
5862 u->exported_log_ratelimit_interval = false;
5863 }
5864
5865 if (u->exported_log_ratelimit_burst) {
5866 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5867 (void) unlink(p);
5868
5869 u->exported_log_ratelimit_burst = false;
5870 }
5871 }
5872
5873 int unit_prepare_exec(Unit *u) {
5874 int r;
5875
5876 assert(u);
5877
5878 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5879 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5880 r = bpf_firewall_load_custom(u);
5881 if (r < 0)
5882 return r;
5883
5884 /* Prepares everything so that we can fork of a process for this unit */
5885
5886 (void) unit_realize_cgroup(u);
5887
5888 if (u->reset_accounting) {
5889 (void) unit_reset_accounting(u);
5890 u->reset_accounting = false;
5891 }
5892
5893 unit_export_state_files(u);
5894
5895 r = unit_setup_exec_runtime(u);
5896 if (r < 0)
5897 return r;
5898
5899 return 0;
5900 }
5901
5902 static bool ignore_leftover_process(const char *comm) {
5903 return comm && comm[0] == '('; /* Most likely our own helper process (PAM?), ignore */
5904 }
5905
5906 int unit_log_leftover_process_start(const PidRef *pid, int sig, void *userdata) {
5907 _cleanup_free_ char *comm = NULL;
5908
5909 assert(pidref_is_set(pid));
5910
5911 (void) pidref_get_comm(pid, &comm);
5912
5913 if (ignore_leftover_process(comm))
5914 return 0;
5915
5916 /* During start we print a warning */
5917
5918 log_unit_warning(userdata,
5919 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5920 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5921 pid->pid, strna(comm));
5922
5923 return 1;
5924 }
5925
5926 int unit_log_leftover_process_stop(const PidRef *pid, int sig, void *userdata) {
5927 _cleanup_free_ char *comm = NULL;
5928
5929 assert(pidref_is_set(pid));
5930
5931 (void) pidref_get_comm(pid, &comm);
5932
5933 if (ignore_leftover_process(comm))
5934 return 0;
5935
5936 /* During stop we only print an informational message */
5937
5938 log_unit_info(userdata,
5939 "Unit process " PID_FMT " (%s) remains running after unit stopped.",
5940 pid->pid, strna(comm));
5941
5942 return 1;
5943 }
5944
5945 int unit_warn_leftover_processes(Unit *u, cg_kill_log_func_t log_func) {
5946 assert(u);
5947
5948 (void) unit_pick_cgroup_path(u);
5949
5950 if (!u->cgroup_path)
5951 return 0;
5952
5953 return cg_kill_recursive(
5954 u->cgroup_path,
5955 /* sig= */ 0,
5956 /* flags= */ 0,
5957 /* set= */ NULL,
5958 log_func,
5959 u);
5960 }
5961
5962 bool unit_needs_console(Unit *u) {
5963 ExecContext *ec;
5964 UnitActiveState state;
5965
5966 assert(u);
5967
5968 state = unit_active_state(u);
5969
5970 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5971 return false;
5972
5973 if (UNIT_VTABLE(u)->needs_console)
5974 return UNIT_VTABLE(u)->needs_console(u);
5975
5976 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5977 ec = unit_get_exec_context(u);
5978 if (!ec)
5979 return false;
5980
5981 return exec_context_may_touch_console(ec);
5982 }
5983
5984 int unit_pid_attachable(Unit *u, PidRef *pid, sd_bus_error *error) {
5985 int r;
5986
5987 assert(u);
5988
5989 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5990 * and not a kernel thread either */
5991
5992 /* First, a simple range check */
5993 if (!pidref_is_set(pid))
5994 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier is not valid.");
5995
5996 /* Some extra safety check */
5997 if (pid->pid == 1 || pidref_is_self(pid))
5998 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid->pid);
5999
6000 /* Don't even begin to bother with kernel threads */
6001 r = pidref_is_kernel_thread(pid);
6002 if (r == -ESRCH)
6003 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid->pid);
6004 if (r < 0)
6005 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid->pid);
6006 if (r > 0)
6007 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid->pid);
6008
6009 return 0;
6010 }
6011
6012 void unit_log_success(Unit *u) {
6013 assert(u);
6014
6015 /* Let's show message "Deactivated successfully" in debug mode (when manager is user) rather than in info mode.
6016 * This message has low information value for regular users and it might be a bit overwhelming on a system with
6017 * a lot of devices. */
6018 log_unit_struct(u,
6019 MANAGER_IS_USER(u->manager) ? LOG_DEBUG : LOG_INFO,
6020 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR,
6021 LOG_UNIT_INVOCATION_ID(u),
6022 LOG_UNIT_MESSAGE(u, "Deactivated successfully."));
6023 }
6024
6025 void unit_log_failure(Unit *u, const char *result) {
6026 assert(u);
6027 assert(result);
6028
6029 log_unit_struct(u, LOG_WARNING,
6030 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR,
6031 LOG_UNIT_INVOCATION_ID(u),
6032 LOG_UNIT_MESSAGE(u, "Failed with result '%s'.", result),
6033 "UNIT_RESULT=%s", result);
6034 }
6035
6036 void unit_log_skip(Unit *u, const char *result) {
6037 assert(u);
6038 assert(result);
6039
6040 log_unit_struct(u, LOG_INFO,
6041 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR,
6042 LOG_UNIT_INVOCATION_ID(u),
6043 LOG_UNIT_MESSAGE(u, "Skipped due to '%s'.", result),
6044 "UNIT_RESULT=%s", result);
6045 }
6046
6047 void unit_log_process_exit(
6048 Unit *u,
6049 const char *kind,
6050 const char *command,
6051 bool success,
6052 int code,
6053 int status) {
6054
6055 int level;
6056
6057 assert(u);
6058 assert(kind);
6059
6060 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
6061 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
6062 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
6063 * WARNING. */
6064 if (success)
6065 level = LOG_DEBUG;
6066 else if (code == CLD_EXITED)
6067 level = LOG_NOTICE;
6068 else
6069 level = LOG_WARNING;
6070
6071 log_unit_struct(u, level,
6072 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR,
6073 LOG_UNIT_MESSAGE(u, "%s exited, code=%s, status=%i/%s%s",
6074 kind,
6075 sigchld_code_to_string(code), status,
6076 strna(code == CLD_EXITED
6077 ? exit_status_to_string(status, EXIT_STATUS_FULL)
6078 : signal_to_string(status)),
6079 success ? " (success)" : ""),
6080 "EXIT_CODE=%s", sigchld_code_to_string(code),
6081 "EXIT_STATUS=%i", status,
6082 "COMMAND=%s", strna(command),
6083 LOG_UNIT_INVOCATION_ID(u));
6084 }
6085
6086 int unit_exit_status(Unit *u) {
6087 assert(u);
6088
6089 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
6090 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
6091 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
6092 * service process has exited abnormally (signal/coredump). */
6093
6094 if (!UNIT_VTABLE(u)->exit_status)
6095 return -EOPNOTSUPP;
6096
6097 return UNIT_VTABLE(u)->exit_status(u);
6098 }
6099
6100 int unit_failure_action_exit_status(Unit *u) {
6101 int r;
6102
6103 assert(u);
6104
6105 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
6106
6107 if (u->failure_action_exit_status >= 0)
6108 return u->failure_action_exit_status;
6109
6110 r = unit_exit_status(u);
6111 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
6112 return 255;
6113
6114 return r;
6115 }
6116
6117 int unit_success_action_exit_status(Unit *u) {
6118 int r;
6119
6120 assert(u);
6121
6122 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
6123
6124 if (u->success_action_exit_status >= 0)
6125 return u->success_action_exit_status;
6126
6127 r = unit_exit_status(u);
6128 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
6129 return 255;
6130
6131 return r;
6132 }
6133
6134 int unit_test_trigger_loaded(Unit *u) {
6135 Unit *trigger;
6136
6137 /* Tests whether the unit to trigger is loaded */
6138
6139 trigger = UNIT_TRIGGER(u);
6140 if (!trigger)
6141 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
6142 "Refusing to start, no unit to trigger.");
6143 if (trigger->load_state != UNIT_LOADED)
6144 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
6145 "Refusing to start, unit %s to trigger not loaded.", trigger->id);
6146
6147 return 0;
6148 }
6149
6150 void unit_destroy_runtime_data(Unit *u, const ExecContext *context) {
6151 assert(u);
6152 assert(context);
6153
6154 /* EXEC_PRESERVE_RESTART is handled via unit_release_resources()! */
6155 if (context->runtime_directory_preserve_mode == EXEC_PRESERVE_NO)
6156 exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
6157
6158 exec_context_destroy_credentials(u);
6159 exec_context_destroy_mount_ns_dir(u);
6160 }
6161
6162 int unit_clean(Unit *u, ExecCleanMask mask) {
6163 UnitActiveState state;
6164
6165 assert(u);
6166
6167 /* Special return values:
6168 *
6169 * -EOPNOTSUPP → cleaning not supported for this unit type
6170 * -EUNATCH → cleaning not defined for this resource type
6171 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
6172 * a job queued or similar
6173 */
6174
6175 if (!UNIT_VTABLE(u)->clean)
6176 return -EOPNOTSUPP;
6177
6178 if (mask == 0)
6179 return -EUNATCH;
6180
6181 if (u->load_state != UNIT_LOADED)
6182 return -EBUSY;
6183
6184 if (u->job)
6185 return -EBUSY;
6186
6187 state = unit_active_state(u);
6188 if (state != UNIT_INACTIVE)
6189 return -EBUSY;
6190
6191 return UNIT_VTABLE(u)->clean(u, mask);
6192 }
6193
6194 int unit_can_clean(Unit *u, ExecCleanMask *ret) {
6195 assert(u);
6196
6197 if (!UNIT_VTABLE(u)->clean ||
6198 u->load_state != UNIT_LOADED) {
6199 *ret = 0;
6200 return 0;
6201 }
6202
6203 /* When the clean() method is set, can_clean() really should be set too */
6204 assert(UNIT_VTABLE(u)->can_clean);
6205
6206 return UNIT_VTABLE(u)->can_clean(u, ret);
6207 }
6208
6209 bool unit_can_start_refuse_manual(Unit *u) {
6210 return unit_can_start(u) && !u->refuse_manual_start;
6211 }
6212
6213 bool unit_can_stop_refuse_manual(Unit *u) {
6214 return unit_can_stop(u) && !u->refuse_manual_stop;
6215 }
6216
6217 bool unit_can_isolate_refuse_manual(Unit *u) {
6218 return unit_can_isolate(u) && !u->refuse_manual_start;
6219 }
6220
6221 bool unit_can_freeze(Unit *u) {
6222 assert(u);
6223
6224 if (UNIT_VTABLE(u)->can_freeze)
6225 return UNIT_VTABLE(u)->can_freeze(u);
6226
6227 return UNIT_VTABLE(u)->freeze;
6228 }
6229
6230 void unit_frozen(Unit *u) {
6231 assert(u);
6232
6233 u->freezer_state = FREEZER_FROZEN;
6234
6235 bus_unit_send_pending_freezer_message(u, false);
6236 }
6237
6238 void unit_thawed(Unit *u) {
6239 assert(u);
6240
6241 u->freezer_state = FREEZER_RUNNING;
6242
6243 bus_unit_send_pending_freezer_message(u, false);
6244 }
6245
6246 static int unit_freezer_action(Unit *u, FreezerAction action) {
6247 UnitActiveState s;
6248 int (*method)(Unit*);
6249 int r;
6250
6251 assert(u);
6252 assert(IN_SET(action, FREEZER_FREEZE, FREEZER_THAW));
6253
6254 method = action == FREEZER_FREEZE ? UNIT_VTABLE(u)->freeze : UNIT_VTABLE(u)->thaw;
6255 if (!method || !cg_freezer_supported())
6256 return -EOPNOTSUPP;
6257
6258 if (u->job)
6259 return -EBUSY;
6260
6261 if (u->load_state != UNIT_LOADED)
6262 return -EHOSTDOWN;
6263
6264 s = unit_active_state(u);
6265 if (s != UNIT_ACTIVE)
6266 return -EHOSTDOWN;
6267
6268 if ((IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING) && action == FREEZER_FREEZE) ||
6269 (u->freezer_state == FREEZER_THAWING && action == FREEZER_THAW))
6270 return -EALREADY;
6271
6272 r = method(u);
6273 if (r <= 0)
6274 return r;
6275
6276 assert(IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING));
6277
6278 return 1;
6279 }
6280
6281 int unit_freeze(Unit *u) {
6282 return unit_freezer_action(u, FREEZER_FREEZE);
6283 }
6284
6285 int unit_thaw(Unit *u) {
6286 return unit_freezer_action(u, FREEZER_THAW);
6287 }
6288
6289 /* Wrappers around low-level cgroup freezer operations common for service and scope units */
6290 int unit_freeze_vtable_common(Unit *u) {
6291 return unit_cgroup_freezer_action(u, FREEZER_FREEZE);
6292 }
6293
6294 int unit_thaw_vtable_common(Unit *u) {
6295 return unit_cgroup_freezer_action(u, FREEZER_THAW);
6296 }
6297
6298 Condition *unit_find_failed_condition(Unit *u) {
6299 Condition *failed_trigger = NULL;
6300 bool has_succeeded_trigger = false;
6301
6302 if (u->condition_result)
6303 return NULL;
6304
6305 LIST_FOREACH(conditions, c, u->conditions)
6306 if (c->trigger) {
6307 if (c->result == CONDITION_SUCCEEDED)
6308 has_succeeded_trigger = true;
6309 else if (!failed_trigger)
6310 failed_trigger = c;
6311 } else if (c->result != CONDITION_SUCCEEDED)
6312 return c;
6313
6314 return failed_trigger && !has_succeeded_trigger ? failed_trigger : NULL;
6315 }
6316
6317 static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
6318 [COLLECT_INACTIVE] = "inactive",
6319 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
6320 };
6321
6322 DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
6323
6324 Unit* unit_has_dependency(const Unit *u, UnitDependencyAtom atom, Unit *other) {
6325 Unit *i;
6326
6327 assert(u);
6328
6329 /* Checks if the unit has a dependency on 'other' with the specified dependency atom. If 'other' is
6330 * NULL checks if the unit has *any* dependency of that atom. Returns 'other' if found (or if 'other'
6331 * is NULL the first entry found), or NULL if not found. */
6332
6333 UNIT_FOREACH_DEPENDENCY(i, u, atom)
6334 if (!other || other == i)
6335 return i;
6336
6337 return NULL;
6338 }
6339
6340 int unit_get_dependency_array(const Unit *u, UnitDependencyAtom atom, Unit ***ret_array) {
6341 _cleanup_free_ Unit **array = NULL;
6342 size_t n = 0;
6343 Unit *other;
6344
6345 assert(u);
6346 assert(ret_array);
6347
6348 /* Gets a list of units matching a specific atom as array. This is useful when iterating through
6349 * dependencies while modifying them: the array is an "atomic snapshot" of sorts, that can be read
6350 * while the dependency table is continuously updated. */
6351
6352 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
6353 if (!GREEDY_REALLOC(array, n + 1))
6354 return -ENOMEM;
6355
6356 array[n++] = other;
6357 }
6358
6359 *ret_array = TAKE_PTR(array);
6360
6361 assert(n <= INT_MAX);
6362 return (int) n;
6363 }
6364
6365 int unit_get_transitive_dependency_set(Unit *u, UnitDependencyAtom atom, Set **ret) {
6366 _cleanup_set_free_ Set *units = NULL, *queue = NULL;
6367 Unit *other;
6368 int r;
6369
6370 assert(u);
6371 assert(ret);
6372
6373 /* Similar to unit_get_dependency_array(), but also search the same dependency in other units. */
6374
6375 do {
6376 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
6377 r = set_ensure_put(&units, NULL, other);
6378 if (r < 0)
6379 return r;
6380 if (r == 0)
6381 continue;
6382 r = set_ensure_put(&queue, NULL, other);
6383 if (r < 0)
6384 return r;
6385 }
6386 } while ((u = set_steal_first(queue)));
6387
6388 *ret = TAKE_PTR(units);
6389 return 0;
6390 }
6391
6392 int unit_arm_timer(
6393 Unit *u,
6394 sd_event_source **source,
6395 bool relative,
6396 usec_t usec,
6397 sd_event_time_handler_t handler) {
6398
6399 int r;
6400
6401 assert(u);
6402 assert(source);
6403 assert(handler);
6404
6405 if (*source) {
6406 if (usec == USEC_INFINITY)
6407 return sd_event_source_set_enabled(*source, SD_EVENT_OFF);
6408
6409 r = (relative ? sd_event_source_set_time_relative : sd_event_source_set_time)(*source, usec);
6410 if (r < 0)
6411 return r;
6412
6413 return sd_event_source_set_enabled(*source, SD_EVENT_ONESHOT);
6414 }
6415
6416 if (usec == USEC_INFINITY)
6417 return 0;
6418
6419 r = (relative ? sd_event_add_time_relative : sd_event_add_time)(
6420 u->manager->event,
6421 source,
6422 CLOCK_MONOTONIC,
6423 usec, 0,
6424 handler,
6425 u);
6426 if (r < 0)
6427 return r;
6428
6429 const char *d = strjoina(unit_type_to_string(u->type), "-timer");
6430 (void) sd_event_source_set_description(*source, d);
6431
6432 return 0;
6433 }
6434
6435 static int unit_get_nice(Unit *u) {
6436 ExecContext *ec;
6437
6438 ec = unit_get_exec_context(u);
6439 return ec ? ec->nice : 0;
6440 }
6441
6442 static uint64_t unit_get_cpu_weight(Unit *u) {
6443 CGroupContext *cc;
6444
6445 cc = unit_get_cgroup_context(u);
6446 return cc ? cgroup_context_cpu_weight(cc, manager_state(u->manager)) : CGROUP_WEIGHT_DEFAULT;
6447 }
6448
6449 int unit_compare_priority(Unit *a, Unit *b) {
6450 int ret;
6451
6452 ret = CMP(a->type, b->type);
6453 if (ret != 0)
6454 return -ret;
6455
6456 ret = CMP(unit_get_cpu_weight(a), unit_get_cpu_weight(b));
6457 if (ret != 0)
6458 return -ret;
6459
6460 ret = CMP(unit_get_nice(a), unit_get_nice(b));
6461 if (ret != 0)
6462 return ret;
6463
6464 return strcmp(a->id, b->id);
6465 }
6466
6467 const ActivationDetailsVTable * const activation_details_vtable[_UNIT_TYPE_MAX] = {
6468 [UNIT_PATH] = &activation_details_path_vtable,
6469 [UNIT_TIMER] = &activation_details_timer_vtable,
6470 };
6471
6472 ActivationDetails *activation_details_new(Unit *trigger_unit) {
6473 _cleanup_free_ ActivationDetails *details = NULL;
6474
6475 assert(trigger_unit);
6476 assert(trigger_unit->type != _UNIT_TYPE_INVALID);
6477 assert(trigger_unit->id);
6478
6479 details = malloc0(activation_details_vtable[trigger_unit->type]->object_size);
6480 if (!details)
6481 return NULL;
6482
6483 *details = (ActivationDetails) {
6484 .n_ref = 1,
6485 .trigger_unit_type = trigger_unit->type,
6486 };
6487
6488 details->trigger_unit_name = strdup(trigger_unit->id);
6489 if (!details->trigger_unit_name)
6490 return NULL;
6491
6492 if (ACTIVATION_DETAILS_VTABLE(details)->init)
6493 ACTIVATION_DETAILS_VTABLE(details)->init(details, trigger_unit);
6494
6495 return TAKE_PTR(details);
6496 }
6497
6498 static ActivationDetails *activation_details_free(ActivationDetails *details) {
6499 if (!details)
6500 return NULL;
6501
6502 if (ACTIVATION_DETAILS_VTABLE(details)->done)
6503 ACTIVATION_DETAILS_VTABLE(details)->done(details);
6504
6505 free(details->trigger_unit_name);
6506
6507 return mfree(details);
6508 }
6509
6510 void activation_details_serialize(ActivationDetails *details, FILE *f) {
6511 if (!details || details->trigger_unit_type == _UNIT_TYPE_INVALID)
6512 return;
6513
6514 (void) serialize_item(f, "activation-details-unit-type", unit_type_to_string(details->trigger_unit_type));
6515 if (details->trigger_unit_name)
6516 (void) serialize_item(f, "activation-details-unit-name", details->trigger_unit_name);
6517 if (ACTIVATION_DETAILS_VTABLE(details)->serialize)
6518 ACTIVATION_DETAILS_VTABLE(details)->serialize(details, f);
6519 }
6520
6521 int activation_details_deserialize(const char *key, const char *value, ActivationDetails **details) {
6522 int r;
6523
6524 assert(key);
6525 assert(value);
6526 assert(details);
6527
6528 if (!*details) {
6529 UnitType t;
6530
6531 if (!streq(key, "activation-details-unit-type"))
6532 return -EINVAL;
6533
6534 t = unit_type_from_string(value);
6535 if (t < 0)
6536 return t;
6537
6538 /* The activation details vtable has defined ops only for path and timer units */
6539 if (!activation_details_vtable[t])
6540 return -EINVAL;
6541
6542 *details = malloc0(activation_details_vtable[t]->object_size);
6543 if (!*details)
6544 return -ENOMEM;
6545
6546 **details = (ActivationDetails) {
6547 .n_ref = 1,
6548 .trigger_unit_type = t,
6549 };
6550
6551 return 0;
6552 }
6553
6554 if (streq(key, "activation-details-unit-name")) {
6555 r = free_and_strdup(&(*details)->trigger_unit_name, value);
6556 if (r < 0)
6557 return r;
6558
6559 return 0;
6560 }
6561
6562 if (ACTIVATION_DETAILS_VTABLE(*details)->deserialize)
6563 return ACTIVATION_DETAILS_VTABLE(*details)->deserialize(key, value, details);
6564
6565 return -EINVAL;
6566 }
6567
6568 int activation_details_append_env(ActivationDetails *details, char ***strv) {
6569 int r = 0;
6570
6571 assert(strv);
6572
6573 if (!details)
6574 return 0;
6575
6576 if (!isempty(details->trigger_unit_name)) {
6577 char *s = strjoin("TRIGGER_UNIT=", details->trigger_unit_name);
6578 if (!s)
6579 return -ENOMEM;
6580
6581 r = strv_consume(strv, TAKE_PTR(s));
6582 if (r < 0)
6583 return r;
6584 }
6585
6586 if (ACTIVATION_DETAILS_VTABLE(details)->append_env) {
6587 r = ACTIVATION_DETAILS_VTABLE(details)->append_env(details, strv);
6588 if (r < 0)
6589 return r;
6590 }
6591
6592 return r + !isempty(details->trigger_unit_name); /* Return the number of variables added to the env block */
6593 }
6594
6595 int activation_details_append_pair(ActivationDetails *details, char ***strv) {
6596 int r = 0;
6597
6598 assert(strv);
6599
6600 if (!details)
6601 return 0;
6602
6603 if (!isempty(details->trigger_unit_name)) {
6604 r = strv_extend(strv, "trigger_unit");
6605 if (r < 0)
6606 return r;
6607
6608 r = strv_extend(strv, details->trigger_unit_name);
6609 if (r < 0)
6610 return r;
6611 }
6612
6613 if (ACTIVATION_DETAILS_VTABLE(details)->append_env) {
6614 r = ACTIVATION_DETAILS_VTABLE(details)->append_pair(details, strv);
6615 if (r < 0)
6616 return r;
6617 }
6618
6619 return r + !isempty(details->trigger_unit_name); /* Return the number of pairs added to the strv */
6620 }
6621
6622 DEFINE_TRIVIAL_REF_UNREF_FUNC(ActivationDetails, activation_details, activation_details_free);
Unnamed repository; edit this file 'description' to name the repository.