]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/socket.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
README: document what to do with the NSS modules
[thirdparty/systemd.git] / src / core / socket.c
CommitLineData
d6c9574f 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
5cb5a6ff 2
a7334b09
LP		 3/***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
a7334b09
LP		 11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 16 Lesser General Public License for more details.
a7334b09 17
5430f7f2 18 You should have received a copy of the GNU Lesser General Public License
a7334b09
LP		 19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20***/
21
83c60c9f
LP		 22#include <sys/types.h>
23#include <sys/stat.h>
24#include <unistd.h>
25#include <errno.h>
26#include <fcntl.h>
f94ea366 27#include <sys/epoll.h>
034c6ed7 28#include <signal.h>
4f2d528d 29#include <arpa/inet.h>
718db961 30#include <netinet/tcp.h>
916abb21 31#include <mqueue.h>
d2edfae0 32#include <sys/xattr.h>
83c60c9f 33
718db961 34#include "sd-event.h"
83c60c9f 35#include "log.h"
23a177ef
LP		 36#include "load-dropin.h"
37#include "load-fragment.h"
9e2f7c11 38#include "strv.h"
49e942b2 39#include "mkdir.h"
9eb977db 40#include "path-util.h"
4f2d528d 41#include "unit-name.h"
41f9172f 42#include "unit-printf.h"
4fd5948e 43#include "missing.h"
a40eb732 44#include "special.h"
e51bc1a2 45#include "label.h"
9a57c629 46#include "exit-status.h"
f6a6225e 47#include "def.h"
5a045dad 48#include "smack-util.h"
718db961
LP		 49#include "bus-util.h"
50#include "bus-error.h"
e821075a
LP		 51#include "dbus-socket.h"
52#include "unit.h"
53#include "socket.h"
83c60c9f 54
acbb0225 55static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
87f0e418
LP		 56 [SOCKET_DEAD] = UNIT_INACTIVE,
57 [SOCKET_START_PRE] = UNIT_ACTIVATING,
3900e5fd 58 [SOCKET_START_CHOWN] = UNIT_ACTIVATING,
87f0e418
LP		 59 [SOCKET_START_POST] = UNIT_ACTIVATING,
60 [SOCKET_LISTENING] = UNIT_ACTIVE,
61 [SOCKET_RUNNING] = UNIT_ACTIVE,
62 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
63 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
64 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
65 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
80876c20
LP		 66 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
67 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
fdf20a31 68 [SOCKET_FAILED] = UNIT_FAILED
83c60c9f 69};
5cb5a6ff 70
718db961
LP		 71static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata);
72static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
73
a16e1123
LP		 74static void socket_init(Unit *u) {
75 Socket *s = SOCKET(u);
76
77 assert(u);
ac155bb8 78 assert(u->load_state == UNIT_STUB);
a16e1123 79
a16e1123 80 s->backlog = SOMAXCONN;
1f19a534 81 s->timeout_usec = u->manager->default_timeout_start_usec;
a16e1123 82 s->directory_mode = 0755;
9131f660 83 s->socket_mode = 0666;
a16e1123 84
6cf6bbc2
LP		 85 s->max_connections = 64;
86
4fd5948e 87 s->priority = -1;
4fd5948e
LP		 88 s->ip_tos = -1;
89 s->ip_ttl = -1;
4fd5948e 90 s->mark = -1;
4fd5948e 91
ac155bb8
MS		 92 s->exec_context.std_output = u->manager->default_std_output;
93 s->exec_context.std_error = u->manager->default_std_error;
085afe36 94
a16e1123
LP		 95 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
96}
acbb0225 97
5e94833f
LP		 98static void socket_unwatch_control_pid(Socket *s) {
99 assert(s);
100
101 if (s->control_pid <= 0)
102 return;
103
104 unit_unwatch_pid(UNIT(s), s->control_pid);
105 s->control_pid = 0;
106}
107
74051b9b 108void socket_free_ports(Socket *s) {
034c6ed7
LP		 109 SocketPort *p;
110
111 assert(s);
112
113 while ((p = s->ports)) {
71fda00f 114 LIST_REMOVE(port, s->ports, p);
034c6ed7 115
718db961
LP		 116 sd_event_source_unref(p->event_source);
117
03e334a1 118 safe_close(p->fd);
034c6ed7
LP		 119 free(p->path);
120 free(p);
121 }
74051b9b
LP		 122}
123
124static void socket_done(Unit *u) {
125 Socket *s = SOCKET(u);
126
127 assert(s);
128
129 socket_free_ports(s);
034c6ed7 130
613b411c 131 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
e537352b 132 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
034c6ed7
LP		 133 s->control_command = NULL;
134
5e94833f 135 socket_unwatch_control_pid(s);
034c6ed7 136
57020a3a 137 unit_ref_unset(&s->service);
034c6ed7 138
cebf8b20
TT		 139 free(s->tcp_congestion);
140 s->tcp_congestion = NULL;
141
acbb0225 142 free(s->bind_to_device);
e537352b 143 s->bind_to_device = NULL;
acbb0225 144
0eb59ccf
AK		 145 free(s->smack);
146 free(s->smack_ip_in);
147 free(s->smack_ip_out);
148
811ba7a0
LP		 149 strv_free(s->symlinks);
150
3900e5fd
LP		 151 free(s->user);
152 free(s->group);
153
718db961
LP		 154 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
155}
156
157static int socket_arm_timer(Socket *s) {
158 int r;
159
160 assert(s);
161
162 if (s->timeout_usec <= 0) {
163 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
164 return 0;
165 }
166
167 if (s->timer_event_source) {
168 r = sd_event_source_set_time(s->timer_event_source, now(CLOCK_MONOTONIC) + s->timeout_usec);
169 if (r < 0)
170 return r;
171
172 return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
173 }
174
6a0f1f6d
LP		 175 return sd_event_add_time(
176 UNIT(s)->manager->event,
177 &s->timer_event_source,
178 CLOCK_MONOTONIC,
179 now(CLOCK_MONOTONIC) + s->timeout_usec, 0,
180 socket_dispatch_timer, s);
5cb5a6ff
LP		 181}
182
8b835fcc
ZJS		 183int socket_instantiate_service(Socket *s) {
184 _cleanup_free_ char *prefix = NULL, *name = NULL;
b15bdda8
LP		 185 int r;
186 Unit *u;
187
188 assert(s);
189
190 /* This fills in s->service if it isn't filled in yet. For
191 * Accept=yes sockets we create the next connection service
192 * here. For Accept=no this is mostly a NOP since the service
193 * is figured out at load time anyway. */
194
8b835fcc 195 if (UNIT_DEREF(s->service) || !s->accept)
b15bdda8
LP		 196 return 0;
197
315db1a8
ZJS		 198 prefix = unit_name_to_prefix(UNIT(s)->id);
199 if (!prefix)
b15bdda8
LP		 200 return -ENOMEM;
201
315db1a8 202 if (asprintf(&name, "%s@%u.service", prefix, s->n_accepted) < 0)
b15bdda8
LP		 203 return -ENOMEM;
204
1124fe6f 205 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
b15bdda8
LP		 206 if (r < 0)
207 return r;
208
ac155bb8 209 u->no_gc = true;
57020a3a
LP		 210 unit_ref_set(&s->service, u);
211
212 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
b15bdda8
LP		 213}
214
4f2d528d
LP		 215static bool have_non_accept_socket(Socket *s) {
216 SocketPort *p;
217
218 assert(s);
219
220 if (!s->accept)
221 return true;
222
dd5ad9d4
LP		 223 LIST_FOREACH(port, p, s->ports) {
224
225 if (p->type != SOCKET_SOCKET)
226 return true;
227
4f2d528d
LP		 228 if (!socket_address_can_accept(&p->address))
229 return true;
dd5ad9d4 230 }
4f2d528d
LP		 231
232 return false;
233}
234
a57f7e2c 235static int socket_add_mount_links(Socket *s) {
6e2ef85b 236 SocketPort *p;
6e2ef85b
LP		 237 int r;
238
239 assert(s);
6e2ef85b 240
a57f7e2c
LP		 241 LIST_FOREACH(port, p, s->ports) {
242 const char *path = NULL;
6e2ef85b 243
a57f7e2c
LP		 244 if (p->type == SOCKET_SOCKET)
245 path = socket_address_get_path(&p->address);
246 else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL)
247 path = p->path;
6e2ef85b 248
a57f7e2c
LP		 249 if (!path)
250 continue;
6e2ef85b 251
a57f7e2c 252 r = unit_require_mounts_for(UNIT(s), path);
b87705cd 253 if (r < 0)
6e2ef85b 254 return r;
b87705cd 255 }
6e2ef85b
LP		 256
257 return 0;
258}
259
260static int socket_add_device_link(Socket *s) {
261 char *t;
6e2ef85b
LP		 262
263 assert(s);
264
7d0c710d 265 if (!s->bind_to_device || streq(s->bind_to_device, "lo"))
6e2ef85b
LP		 266 return 0;
267
e821075a
LP		 268 t = strappenda("/sys/subsystem/net/devices/", s->bind_to_device);
269 return unit_add_node_link(UNIT(s), t, false);
6e2ef85b
LP		 270}
271
a40eb732
LP		 272static int socket_add_default_dependencies(Socket *s) {
273 int r;
274 assert(s);
275
e3d84721
LP		 276 r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true);
277 if (r < 0)
278 return r;
2a77d31d 279
e3d84721
LP		 280 if (UNIT(s)->manager->running_as == SYSTEMD_SYSTEM) {
281 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true);
282 if (r < 0)
a40eb732 283 return r;
2a77d31d 284 }
a40eb732 285
ead8e478 286 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
a40eb732
LP		 287}
288
44a6b1b6 289_pure_ static bool socket_has_exec(Socket *s) {
4cfc6dbe
LP		 290 unsigned i;
291 assert(s);
292
293 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
294 if (s->exec_command[i])
295 return true;
296
297 return false;
298}
299
e821075a
LP		 300static int socket_add_extras(Socket *s) {
301 Unit *u = UNIT(s);
e537352b 302 int r;
44d8db9e 303
e821075a 304 assert(s);
57020a3a 305
e821075a 306 if (have_non_accept_socket(s)) {
23a177ef 307
e821075a
LP		 308 if (!UNIT_DEREF(s->service)) {
309 Unit *x;
57020a3a 310
e821075a 311 r = unit_load_related_unit(u, ".service", &x);
57020a3a 312 if (r < 0)
4f2d528d 313 return r;
e821075a
LP		 314
315 unit_ref_set(&s->service, x);
4f2d528d 316 }
44d8db9e 317
e821075a
LP		 318 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
319 if (r < 0)
6e2ef85b 320 return r;
e821075a 321 }
6e2ef85b 322
e821075a
LP		 323 r = socket_add_mount_links(s);
324 if (r < 0)
325 return r;
6e2ef85b 326
e821075a
LP		 327 r = socket_add_device_link(s);
328 if (r < 0)
329 return r;
330
598459ce 331 r = unit_patch_contexts(u);
e821075a
LP		 332 if (r < 0)
333 return r;
334
335 if (socket_has_exec(s)) {
336 r = unit_add_exec_dependencies(u, &s->exec_context);
337 if (r < 0)
338 return r;
23a177ef 339
598459ce 340 r = unit_add_default_slice(u, &s->cgroup_context);
a016b922
LP		 341 if (r < 0)
342 return r;
e821075a 343 }
a016b922 344
e821075a
LP		 345 if (u->default_dependencies) {
346 r = socket_add_default_dependencies(s);
347 if (r < 0)
348 return r;
349 }
350
351 return 0;
352}
353
811ba7a0
LP		 354static const char *socket_find_symlink_target(Socket *s) {
355 const char *found = NULL;
356 SocketPort *p;
357
358 LIST_FOREACH(port, p, s->ports) {
359 const char *f = NULL;
360
361 switch (p->type) {
362
363 case SOCKET_FIFO:
364 f = p->path;
365 break;
366
367 case SOCKET_SOCKET:
368 if (p->address.sockaddr.un.sun_path[0] != 0)
369 f = p->address.sockaddr.un.sun_path;
370 break;
371
372 default:
373 break;
374 }
375
376 if (f) {
377 if (found)
378 return NULL;
379
380 found = f;
381 }
382 }
383
384 return found;
385}
386
e821075a
LP		 387static int socket_verify(Socket *s) {
388 assert(s);
389
390 if (UNIT(s)->load_state != UNIT_LOADED)
391 return 0;
392
393 if (!s->ports) {
394 log_error_unit(UNIT(s)->id, "%s lacks Listen setting. Refusing.", UNIT(s)->id);
395 return -EINVAL;
396 }
397
398 if (s->accept && have_non_accept_socket(s)) {
399 log_error_unit(UNIT(s)->id, "%s configured for accepting sockets, but sockets are non-accepting. Refusing.",
400 UNIT(s)->id);
401 return -EINVAL;
402 }
403
404 if (s->accept && s->max_connections <= 0) {
405 log_error_unit(UNIT(s)->id, "%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
406 return -EINVAL;
407 }
e06c73cc 408
e821075a
LP		 409 if (s->accept && UNIT_DEREF(s->service)) {
410 log_error_unit(UNIT(s)->id, "Explicit service configuration for accepting sockets not supported on %s. Refusing.", UNIT(s)->id);
411 return -EINVAL;
412 }
413
414 if (s->exec_context.pam_name && s->kill_context.kill_mode != KILL_CONTROL_GROUP) {
415 log_error_unit(UNIT(s)->id, "%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", UNIT(s)->id);
416 return -EINVAL;
417 }
418
811ba7a0
LP		 419 if (!strv_isempty(s->symlinks) && !socket_find_symlink_target(s)) {
420 log_error_unit(UNIT(s)->id, "%s has symlinks set but none or more than one node in the file system. Refusing.", UNIT(s)->id);
421 return -EINVAL;
422 }
423
e821075a
LP		 424 return 0;
425}
426
427static int socket_load(Unit *u) {
428 Socket *s = SOCKET(u);
429 int r;
430
431 assert(u);
432 assert(u->load_state == UNIT_STUB);
433
434 r = unit_load_fragment_and_dropin(u);
435 if (r < 0)
436 return r;
437
438 if (u->load_state == UNIT_LOADED) {
439 /* This is a new unit? Then let's add in some extras */
440 r = socket_add_extras(s);
e06c73cc
LP		 441 if (r < 0)
442 return r;
23a177ef
LP		 443 }
444
4f2d528d 445 return socket_verify(s);
44d8db9e
LP		 446}
447
44a6b1b6 448_const_ static const char* listen_lookup(int family, int type) {
7a22745a
LP		 449
450 if (family == AF_NETLINK)
451 return "ListenNetlink";
542563ba
LP		 452
453 if (type == SOCK_STREAM)
454 return "ListenStream";
455 else if (type == SOCK_DGRAM)
456 return "ListenDatagram";
457 else if (type == SOCK_SEQPACKET)
458 return "ListenSequentialPacket";
459
034c6ed7 460 assert_not_reached("Unknown socket type");
542563ba
LP		 461 return NULL;
462}
463
87f0e418 464static void socket_dump(Unit *u, FILE *f, const char *prefix) {
209e9dcd 465 char time_string[FORMAT_TIMESPAN_MAX];
5cb5a6ff 466 SocketExecCommand c;
87f0e418 467 Socket *s = SOCKET(u);
542563ba 468 SocketPort *p;
82ba9f08 469 const char *prefix2;
5cb5a6ff
LP		 470
471 assert(s);
fa068367 472 assert(f);
5cb5a6ff 473
e821075a 474 prefix2 = strappenda(prefix, "\t");
c43d20a0 475
5cb5a6ff
LP		 476 fprintf(f,
477 "%sSocket State: %s\n"
81a5c6d0 478 "%sResult: %s\n"
542563ba 479 "%sBindIPv6Only: %s\n"
b5a0699f
LP		 480 "%sBacklog: %u\n"
481 "%sSocketMode: %04o\n"
4fd5948e
LP		 482 "%sDirectoryMode: %04o\n"
483 "%sKeepAlive: %s\n"
4427c3f4 484 "%sNoDelay: %s\n"
cebf8b20 485 "%sFreeBind: %s\n"
6b6d2dee 486 "%sTransparent: %s\n"
ec6370a2 487 "%sBroadcast: %s\n"
ede3deb4 488 "%sPassCredentials: %s\n"
54ecda32 489 "%sPassSecurity: %s\n"
bd1fe7c7 490 "%sTCPCongestion: %s\n"
3bb07b76 491 "%sRemoveOnStop: %s\n",
a16e1123 492 prefix, socket_state_to_string(s->state),
81a5c6d0 493 prefix, socket_result_to_string(s->result),
c0120d99 494 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
b5a0699f
LP		 495 prefix, s->backlog,
496 prefix, s->socket_mode,
4fd5948e
LP		 497 prefix, s->directory_mode,
498 prefix, yes_no(s->keep_alive),
4427c3f4 499 prefix, yes_no(s->no_delay),
cebf8b20 500 prefix, yes_no(s->free_bind),
6b6d2dee 501 prefix, yes_no(s->transparent),
ec6370a2 502 prefix, yes_no(s->broadcast),
d68af586 503 prefix, yes_no(s->pass_cred),
54ecda32 504 prefix, yes_no(s->pass_sec),
bd1fe7c7 505 prefix, strna(s->tcp_congestion),
3bb07b76 506 prefix, yes_no(s->remove_on_stop));
542563ba 507
70123e68
LP		 508 if (s->control_pid > 0)
509 fprintf(f,
de0671ee
ZJS		 510 "%sControl PID: "PID_FMT"\n",
511 prefix, s->control_pid);
70123e68 512
acbb0225
LP		 513 if (s->bind_to_device)
514 fprintf(f,
515 "%sBindToDevice: %s\n",
516 prefix, s->bind_to_device);
517
4f2d528d
LP		 518 if (s->accept)
519 fprintf(f,
6cf6bbc2
LP		 520 "%sAccepted: %u\n"
521 "%sNConnections: %u\n"
522 "%sMaxConnections: %u\n",
523 prefix, s->n_accepted,
524 prefix, s->n_connections,
525 prefix, s->max_connections);
4f2d528d 526
4fd5948e
LP		 527 if (s->priority >= 0)
528 fprintf(f,
529 "%sPriority: %i\n",
530 prefix, s->priority);
531
532 if (s->receive_buffer > 0)
533 fprintf(f,
534 "%sReceiveBuffer: %zu\n",
535 prefix, s->receive_buffer);
536
537 if (s->send_buffer > 0)
538 fprintf(f,
539 "%sSendBuffer: %zu\n",
540 prefix, s->send_buffer);
541
542 if (s->ip_tos >= 0)
543 fprintf(f,
544 "%sIPTOS: %i\n",
545 prefix, s->ip_tos);
546
547 if (s->ip_ttl >= 0)
548 fprintf(f,
549 "%sIPTTL: %i\n",
550 prefix, s->ip_ttl);
551
552 if (s->pipe_size > 0)
553 fprintf(f,
554 "%sPipeSize: %zu\n",
555 prefix, s->pipe_size);
556
557 if (s->mark >= 0)
558 fprintf(f,
559 "%sMark: %i\n",
560 prefix, s->mark);
561
916abb21
LP		 562 if (s->mq_maxmsg > 0)
563 fprintf(f,
564 "%sMessageQueueMaxMessages: %li\n",
565 prefix, s->mq_maxmsg);
566
567 if (s->mq_msgsize > 0)
568 fprintf(f,
569 "%sMessageQueueMessageSize: %li\n",
570 prefix, s->mq_msgsize);
571
718db961 572 if (s->reuse_port)
f7db7a69
SL		 573 fprintf(f,
574 "%sReusePort: %s\n",
718db961 575 prefix, yes_no(s->reuse_port));
f7db7a69 576
0eb59ccf
AK		 577 if (s->smack)
578 fprintf(f,
579 "%sSmackLabel: %s\n",
580 prefix, s->smack);
581
582 if (s->smack_ip_in)
583 fprintf(f,
584 "%sSmackLabelIPIn: %s\n",
585 prefix, s->smack_ip_in);
586
587 if (s->smack_ip_out)
588 fprintf(f,
589 "%sSmackLabelIPOut: %s\n",
590 prefix, s->smack_ip_out);
591
3900e5fd
LP		 592 if (!isempty(s->user) || !isempty(s->group))
593 fprintf(f,
594 "%sOwnerUser: %s\n"
595 "%sOwnerGroup: %s\n",
596 prefix, strna(s->user),
597 prefix, strna(s->group));
598
209e9dcd
SS		 599 if(s->keep_alive_time)
600 fprintf(f,
601 "%sKeepAliveTime: %s\n",
602 prefix, format_timespan(time_string, FORMAT_TIMESPAN_MAX,
603 s->keep_alive_time, USEC_PER_SEC));
604
605 if(s->keep_alive_interval)
606 fprintf(f,
607 "%sKeepAliveInterval: %s\n",
608 prefix, format_timespan(time_string, FORMAT_TIMESPAN_MAX,
609 s->keep_alive_interval, USEC_PER_SEC));
610
611 if(s->keep_alive_cnt)
612 fprintf(f,
613 "%sKeepAliveProbes: %u\n",
614 prefix, s->keep_alive_cnt);
615
cc567c9b
SS		 616 if(s->defer_accept)
617 fprintf(f,
618 "%sDeferAccept: %s\n",
619 prefix, format_timespan(time_string, FORMAT_TIMESPAN_MAX,
620 s->defer_accept, USEC_PER_SEC));
621
034c6ed7 622 LIST_FOREACH(port, p, s->ports) {
5cb5a6ff 623
542563ba
LP		 624 if (p->type == SOCKET_SOCKET) {
625 const char *t;
626 int r;
e364ad06 627 char *k = NULL;
542563ba
LP		 628
629 if ((r = socket_address_print(&p->address, &k)) < 0)
630 t = strerror(-r);
631 else
632 t = k;
633
7a22745a 634 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
542563ba 635 free(k);
b0a3f2bc
LP		 636 } else if (p->type == SOCKET_SPECIAL)
637 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
916abb21
LP		 638 else if (p->type == SOCKET_MQUEUE)
639 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
b0a3f2bc 640 else
542563ba
LP		 641 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
642 }
5cb5a6ff
LP		 643
644 exec_context_dump(&s->exec_context, f, prefix);
4819ff03 645 kill_context_dump(&s->kill_context, f, prefix);
5cb5a6ff 646
e537352b 647 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
c43d20a0
LP		 648 if (!s->exec_command[c])
649 continue;
5cb5a6ff 650
40d50879 651 fprintf(f, "%s-> %s:\n",
a16e1123 652 prefix, socket_exec_command_to_string(c));
c43d20a0
LP		 653
654 exec_command_dump_list(s->exec_command[c], f, prefix2);
5cb5a6ff
LP		 655 }
656}
657
4f2d528d
LP		 658static int instance_from_socket(int fd, unsigned nr, char **instance) {
659 socklen_t l;
660 char *r;
9d16d0c7 661 union sockaddr_union local, remote;
4f2d528d
LP		 662
663 assert(fd >= 0);
664 assert(instance);
665
666 l = sizeof(local);
667 if (getsockname(fd, &local.sa, &l) < 0)
668 return -errno;
669
670 l = sizeof(remote);
671 if (getpeername(fd, &remote.sa, &l) < 0)
672 return -errno;
673
674 switch (local.sa.sa_family) {
675
676 case AF_INET: {
677 uint32_t
678 a = ntohl(local.in.sin_addr.s_addr),
679 b = ntohl(remote.in.sin_addr.s_addr);
680
681 if (asprintf(&r,
77b088c2
LP		 682 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
683 nr,
4f2d528d
LP		 684 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
685 ntohs(local.in.sin_port),
686 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
687 ntohs(remote.in.sin_port)) < 0)
688 return -ENOMEM;
689
690 break;
691 }
692
693 case AF_INET6: {
c65a0b14 694 static const unsigned char ipv4_prefix[] = {
2b061f5a
LP		 695 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
696 };
697
698 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
699 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
700 const uint8_t
701 *a = local.in6.sin6_addr.s6_addr+12,
702 *b = remote.in6.sin6_addr.s6_addr+12;
703
704 if (asprintf(&r,
77b088c2
LP		 705 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
706 nr,
2b061f5a
LP		 707 a[0], a[1], a[2], a[3],
708 ntohs(local.in6.sin6_port),
709 b[0], b[1], b[2], b[3],
710 ntohs(remote.in6.sin6_port)) < 0)
711 return -ENOMEM;
712 } else {
713 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
714
715 if (asprintf(&r,
77b088c2
LP		 716 "%u-%s:%u-%s:%u",
717 nr,
2b061f5a
LP		 718 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
719 ntohs(local.in6.sin6_port),
720 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
721 ntohs(remote.in6.sin6_port)) < 0)
722 return -ENOMEM;
723 }
4f2d528d
LP		 724
725 break;
726 }
727
728 case AF_UNIX: {
729 struct ucred ucred;
eff05270 730 int k;
4f2d528d 731
eff05270 732 k = getpeercred(fd, &ucred);
d38f6e34
ZJS		 733 if (k >= 0) {
734 if (asprintf(&r,
735 "%u-"PID_FMT"-"UID_FMT,
736 nr, ucred.pid, ucred.uid) < 0)
737 return -ENOMEM;
738 } else if (k == -ENODATA) {
739 /* This handles the case where somebody is
740 * connecting from another pid/uid namespace
741 * (e.g. from outside of our container). */
742 if (asprintf(&r,
743 "%u-unknown",
744 nr) < 0)
745 return -ENOMEM;
746 } else
eff05270 747 return k;
2f20a8eb 748
2f20a8eb 749 break;
4f2d528d
LP		 750 }
751
752 default:
753 assert_not_reached("Unhandled socket type.");
754 }
755
756 *instance = r;
757 return 0;
758}
759
034c6ed7 760static void socket_close_fds(Socket *s) {
83c60c9f 761 SocketPort *p;
811ba7a0 762 char **i;
83c60c9f
LP		 763
764 assert(s);
765
034c6ed7 766 LIST_FOREACH(port, p, s->ports) {
718db961
LP		 767
768 p->event_source = sd_event_source_unref(p->event_source);
769
83c60c9f
LP		 770 if (p->fd < 0)
771 continue;
772
03e334a1 773 p->fd = safe_close(p->fd);
a16e1123 774
bd1fe7c7
LP		 775 /* One little note: we should normally not delete any
776 * sockets in the file system here! After all some
777 * other process we spawned might still have a
778 * reference of this fd and wants to continue to use
779 * it. Therefore we delete sockets in the file system
780 * before we create a new one, not after we stopped
781 * using one! */
782
783 if (s->remove_on_stop) {
784 switch (p->type) {
785
786 case SOCKET_FIFO:
787 unlink(p->path);
788 break;
789
790 case SOCKET_MQUEUE:
791 mq_unlink(p->path);
792 break;
793
794 case SOCKET_SOCKET:
795 socket_address_unlink(&p->address);
796 break;
797
798 default:
799 break;
800 }
801 }
83c60c9f 802 }
811ba7a0
LP		 803
804 if (s->remove_on_stop)
805 STRV_FOREACH(i, s->symlinks)
806 unlink(*i);
83c60c9f
LP		 807}
808
4fd5948e
LP		 809static void socket_apply_socket_options(Socket *s, int fd) {
810 assert(s);
811 assert(fd >= 0);
812
813 if (s->keep_alive) {
814 int b = s->keep_alive;
815 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
66870f90 816 log_warning_unit(UNIT(s)->id, "SO_KEEPALIVE failed: %m");
4fd5948e
LP		 817 }
818
209e9dcd
SS		 819 if (s->keep_alive_time) {
820 int value = s->keep_alive_time / USEC_PER_SEC;
821 if (setsockopt(fd, SOL_TCP, TCP_KEEPIDLE, &value, sizeof(value)) < 0)
822 log_warning_unit(UNIT(s)->id, "TCP_KEEPIDLE failed: %m");
823 }
824
825 if (s->keep_alive_interval) {
826 int value = s->keep_alive_interval / USEC_PER_SEC;
827 if (setsockopt(fd, SOL_TCP, TCP_KEEPINTVL, &value, sizeof(value)) < 0)
828 log_warning_unit(UNIT(s)->id, "TCP_KEEPINTVL failed: %m");
829 }
830
831 if (s->keep_alive_cnt) {
832 int value = s->keep_alive_cnt;
833 if (setsockopt(fd, SOL_SOCKET, TCP_KEEPCNT, &value, sizeof(value)) < 0)
834 log_warning_unit(UNIT(s)->id, "TCP_KEEPCNT failed: %m");
835 }
836
cc567c9b
SS		 837 if (s->defer_accept) {
838 int value = s->defer_accept / USEC_PER_SEC;
839 if (setsockopt(fd, SOL_TCP, TCP_DEFER_ACCEPT, &value, sizeof(value)) < 0)
840 log_warning_unit(UNIT(s)->id, "TCP_DEFER_ACCEPT failed: %m");
841 }
842
4427c3f4
SS		 843 if (s->no_delay) {
844 int b = s->no_delay;
845 if (setsockopt(fd, SOL_TCP, TCP_NODELAY, &b, sizeof(b)) < 0)
846 log_warning_unit(UNIT(s)->id, "TCP_NODELAY failed: %m");
847 }
848
ec6370a2
LP		 849 if (s->broadcast) {
850 int one = 1;
851 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
66870f90 852 log_warning_unit(UNIT(s)->id, "SO_BROADCAST failed: %m");
ec6370a2
LP		 853 }
854
d68af586
MS		 855 if (s->pass_cred) {
856 int one = 1;
857 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
66870f90 858 log_warning_unit(UNIT(s)->id, "SO_PASSCRED failed: %m");
d68af586
MS		 859 }
860
54ecda32
LP		 861 if (s->pass_sec) {
862 int one = 1;
863 if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
66870f90 864 log_warning_unit(UNIT(s)->id, "SO_PASSSEC failed: %m");
54ecda32
LP		 865 }
866
4fd5948e
LP		 867 if (s->priority >= 0)
868 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
66870f90 869 log_warning_unit(UNIT(s)->id, "SO_PRIORITY failed: %m");
4fd5948e
LP		 870
871 if (s->receive_buffer > 0) {
872 int value = (int) s->receive_buffer;
7d9eaa84
LP		 873
874 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
875
b8cef44e 876 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
7d9eaa84 877 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
66870f90 878 log_warning_unit(UNIT(s)->id, "SO_RCVBUF failed: %m");
4fd5948e
LP		 879 }
880
881 if (s->send_buffer > 0) {
882 int value = (int) s->send_buffer;
b8cef44e 883 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
7d9eaa84 884 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
66870f90 885 log_warning_unit(UNIT(s)->id, "SO_SNDBUF failed: %m");
4fd5948e
LP		 886 }
887
888 if (s->mark >= 0)
889 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
66870f90 890 log_warning_unit(UNIT(s)->id, "SO_MARK failed: %m");
4fd5948e
LP		 891
892 if (s->ip_tos >= 0)
893 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
66870f90 894 log_warning_unit(UNIT(s)->id, "IP_TOS failed: %m");
4fd5948e 895
46925ac5
LP		 896 if (s->ip_ttl >= 0) {
897 int r, x;
898
899 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
5bfcc1c6
FF		 900
901 if (socket_ipv6_is_supported())
902 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
903 else {
904 x = -1;
905 errno = EAFNOSUPPORT;
906 }
46925ac5
LP		 907
908 if (r < 0 && x < 0)
66870f90
ZJS		 909 log_warning_unit(UNIT(s)->id,
910 "IP_TTL/IPV6_UNICAST_HOPS failed: %m");
46925ac5 911 }
cebf8b20
TT		 912
913 if (s->tcp_congestion)
914 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
66870f90 915 log_warning_unit(UNIT(s)->id, "TCP_CONGESTION failed: %m");
0eb59ccf 916
718db961
LP		 917 if (s->reuse_port) {
918 int b = s->reuse_port;
f0511bd7 919 if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &b, sizeof(b)) < 0)
f7db7a69
SL		 920 log_warning_unit(UNIT(s)->id, "SO_REUSEPORT failed: %m");
921 }
922
9a4e038c
KS		 923 if (s->smack_ip_in)
924 if (smack_label_ip_in_fd(fd, s->smack_ip_in) < 0)
925 log_error_unit(UNIT(s)->id, "smack_label_ip_in_fd: %m");
926
927 if (s->smack_ip_out)
928 if (smack_label_ip_out_fd(fd, s->smack_ip_out) < 0)
929 log_error_unit(UNIT(s)->id, "smack_label_ip_out_fd: %m");
4fd5948e
LP		 930}
931
b15bdda8 932static void socket_apply_fifo_options(Socket *s, int fd) {
4fd5948e
LP		 933 assert(s);
934 assert(fd >= 0);
935
936 if (s->pipe_size > 0)
937 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
66870f90
ZJS		 938 log_warning_unit(UNIT(s)->id,
939 "F_SETPIPE_SZ: %m");
0eb59ccf 940
9a4e038c
KS		 941 if (s->smack)
942 if (smack_label_fd(fd, s->smack) < 0)
943 log_error_unit(UNIT(s)->id, "smack_label_fd: %m");
4fd5948e
LP		 944}
945
b15bdda8
LP		 946static int fifo_address_create(
947 const char *path,
948 mode_t directory_mode,
949 mode_t socket_mode,
b15bdda8
LP		 950 int *_fd) {
951
7a58bfa4 952 int fd = -1, r = 0;
b15bdda8
LP		 953 struct stat st;
954 mode_t old_mask;
955
956 assert(path);
957 assert(_fd);
958
d2e54fae 959 mkdir_parents_label(path, directory_mode);
b15bdda8 960
e9a5ef7c
KS		 961 r = label_context_set(path, S_IFIFO);
962 if (r < 0)
56cf987f 963 goto fail;
b15bdda8
LP		 964
965 /* Enforce the right access mode for the fifo */
966 old_mask = umask(~ socket_mode);
967
968 /* Include the original umask in our mask */
969 umask(~socket_mode | old_mask);
970
971 r = mkfifo(path, socket_mode);
972 umask(old_mask);
973
94bc2731 974 if (r < 0 && errno != EEXIST) {
b15bdda8
LP		 975 r = -errno;
976 goto fail;
977 }
978
e4f44e73 979 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
b15bdda8
LP		 980 r = -errno;
981 goto fail;
982 }
983
e9a5ef7c 984 label_context_clear();
7a58bfa4 985
b15bdda8
LP		 986 if (fstat(fd, &st) < 0) {
987 r = -errno;
988 goto fail;
989 }
990
991 if (!S_ISFIFO(st.st_mode) ||
de0200fc 992 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
e4f44e73
DR		 993 st.st_uid != getuid() ||
994 st.st_gid != getgid()) {
b15bdda8
LP		 995
996 r = -EEXIST;
997 goto fail;
998 }
999
1000 *_fd = fd;
1001 return 0;
1002
1003fail:
e9a5ef7c 1004 label_context_clear();
03e334a1 1005 safe_close(fd);
b15bdda8
LP		 1006
1007 return r;
1008}
1009
b0a3f2bc
LP		 1010static int special_address_create(
1011 const char *path,
1012 int *_fd) {
1013
1014 int fd = -1, r = 0;
1015 struct stat st;
1016
1017 assert(path);
1018 assert(_fd);
1019
811ba7a0
LP		 1020 fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW);
1021 if (fd < 0) {
b0a3f2bc
LP		 1022 r = -errno;
1023 goto fail;
1024 }
1025
1026 if (fstat(fd, &st) < 0) {
1027 r = -errno;
1028 goto fail;
1029 }
1030
1031 /* Check whether this is a /proc, /sys or /dev file or char device */
1032 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
1033 r = -EEXIST;
1034 goto fail;
1035 }
1036
1037 *_fd = fd;
1038 return 0;
1039
1040fail:
03e334a1 1041 safe_close(fd);
b0a3f2bc
LP		 1042
1043 return r;
1044}
1045
916abb21
LP		 1046static int mq_address_create(
1047 const char *path,
1048 mode_t mq_mode,
1049 long maxmsg,
1050 long msgsize,
1051 int *_fd) {
1052
1053 int fd = -1, r = 0;
1054 struct stat st;
1055 mode_t old_mask;
1056 struct mq_attr _attr, *attr = NULL;
1057
1058 assert(path);
1059 assert(_fd);
1060
1061 if (maxmsg > 0 && msgsize > 0) {
1062 zero(_attr);
1063 _attr.mq_flags = O_NONBLOCK;
1064 _attr.mq_maxmsg = maxmsg;
1065 _attr.mq_msgsize = msgsize;
1066 attr = &_attr;
1067 }
1068
1069 /* Enforce the right access mode for the mq */
1070 old_mask = umask(~ mq_mode);
1071
1072 /* Include the original umask in our mask */
1073 umask(~mq_mode | old_mask);
916abb21
LP		 1074 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
1075 umask(old_mask);
1076
8ea913b2 1077 if (fd < 0) {
916abb21
LP		 1078 r = -errno;
1079 goto fail;
1080 }
1081
1082 if (fstat(fd, &st) < 0) {
1083 r = -errno;
1084 goto fail;
1085 }
1086
1087 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
1088 st.st_uid != getuid() ||
1089 st.st_gid != getgid()) {
1090
1091 r = -EEXIST;
1092 goto fail;
1093 }
1094
1095 *_fd = fd;
1096 return 0;
1097
1098fail:
03e334a1 1099 safe_close(fd);
916abb21
LP		 1100 return r;
1101}
1102
811ba7a0
LP		 1103static int socket_symlink(Socket *s) {
1104 const char *p;
1105 char **i;
1106
1107 assert(s);
1108
1109 p = socket_find_symlink_target(s);
1110 if (!p)
1111 return 0;
1112
1113 STRV_FOREACH(i, s->symlinks)
1114 symlink(p, *i);
1115
1116 return 0;
1117}
1118
034c6ed7 1119static int socket_open_fds(Socket *s) {
83c60c9f
LP		 1120 SocketPort *p;
1121 int r;
56cf987f 1122 char *label = NULL;
049f8642 1123 bool know_label = false;
83c60c9f
LP		 1124
1125 assert(s);
1126
034c6ed7 1127 LIST_FOREACH(port, p, s->ports) {
83c60c9f 1128
034c6ed7
LP		 1129 if (p->fd >= 0)
1130 continue;
83c60c9f
LP		 1131
1132 if (p->type == SOCKET_SOCKET) {
3bb07b76 1133
049f8642
LP		 1134 if (!know_label) {
1135
bd1fe7c7
LP		 1136 r = socket_instantiate_service(s);
1137 if (r < 0)
049f8642
LP		 1138 return r;
1139
9444b1f2 1140 if (UNIT_ISSET(s->service) &&
57020a3a
LP		 1141 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
1142 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
bd1fe7c7
LP		 1143 if (r < 0 && r != -EPERM)
1144 return r;
189583d7 1145 }
049f8642
LP		 1146
1147 know_label = true;
1148 }
1149
175a3d25
LP		 1150 r = socket_address_listen(
1151 &p->address,
1152 SOCK_CLOEXEC|SOCK_NONBLOCK,
1153 s->backlog,
1154 s->bind_ipv6_only,
1155 s->bind_to_device,
1156 s->free_bind,
1157 s->transparent,
1158 s->directory_mode,
1159 s->socket_mode,
1160 label);
1161 if (r < 0)
83c60c9f
LP		 1162 goto rollback;
1163
175a3d25 1164 p->fd = r;
4fd5948e 1165 socket_apply_socket_options(s, p->fd);
811ba7a0 1166 socket_symlink(s);
4fd5948e 1167
b0a3f2bc
LP		 1168 } else if (p->type == SOCKET_SPECIAL) {
1169
175a3d25
LP		 1170 r = special_address_create(
1171 p->path,
1172 &p->fd);
1173 if (r < 0)
b0a3f2bc
LP		 1174 goto rollback;
1175
b15bdda8 1176 } else if (p->type == SOCKET_FIFO) {
83c60c9f 1177
175a3d25
LP		 1178 r = fifo_address_create(
1179 p->path,
1180 s->directory_mode,
1181 s->socket_mode,
1182 &p->fd);
1183 if (r < 0)
83c60c9f 1184 goto rollback;
83c60c9f 1185
b15bdda8 1186 socket_apply_fifo_options(s, p->fd);
811ba7a0
LP		 1187 socket_symlink(s);
1188
916abb21 1189 } else if (p->type == SOCKET_MQUEUE) {
83c60c9f 1190
175a3d25
LP		 1191 r = mq_address_create(
1192 p->path,
1193 s->socket_mode,
1194 s->mq_maxmsg,
1195 s->mq_msgsize,
1196 &p->fd);
1197 if (r < 0)
916abb21 1198 goto rollback;
b15bdda8
LP		 1199 } else
1200 assert_not_reached("Unknown port type");
034c6ed7
LP		 1201 }
1202
56cf987f 1203 label_free(label);
034c6ed7
LP		 1204 return 0;
1205
1206rollback:
1207 socket_close_fds(s);
56cf987f 1208 label_free(label);
034c6ed7
LP		 1209 return r;
1210}
1211
1212static void socket_unwatch_fds(Socket *s) {
1213 SocketPort *p;
718db961 1214 int r;
9152c765 1215
034c6ed7
LP		 1216 assert(s);
1217
1218 LIST_FOREACH(port, p, s->ports) {
1219 if (p->fd < 0)
1220 continue;
1221
a4152e3f
LP		 1222 if (!p->event_source)
1223 continue;
1224
1225 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_OFF);
1226 if (r < 0)
1227 log_debug_unit(UNIT(s)->id, "Failed to disable event source.");
83c60c9f 1228 }
034c6ed7
LP		 1229}
1230
1231static int socket_watch_fds(Socket *s) {
1232 SocketPort *p;
1233 int r;
1234
1235 assert(s);
83c60c9f 1236
034c6ed7
LP		 1237 LIST_FOREACH(port, p, s->ports) {
1238 if (p->fd < 0)
1239 continue;
1240
718db961
LP		 1241 if (p->event_source)
1242 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_ON);
1243 else
151b9b96 1244 r = sd_event_add_io(UNIT(s)->manager->event, &p->event_source, p->fd, EPOLLIN, socket_dispatch_io, p);
4f2d528d 1245
718db961
LP		 1246 if (r < 0) {
1247 log_warning_unit(UNIT(s)->id, "Failed to watch listening fds: %s", strerror(-r));
034c6ed7 1248 goto fail;
718db961 1249 }
034c6ed7 1250 }
83c60c9f 1251
542563ba 1252 return 0;
83c60c9f 1253
034c6ed7
LP		 1254fail:
1255 socket_unwatch_fds(s);
1256 return r;
1257}
1258
1259static void socket_set_state(Socket *s, SocketState state) {
1260 SocketState old_state;
1261 assert(s);
1262
1263 old_state = s->state;
1264 s->state = state;
1265
bd1fe7c7
LP		 1266 if (!IN_SET(state,
1267 SOCKET_START_PRE,
3900e5fd 1268 SOCKET_START_CHOWN,
bd1fe7c7
LP		 1269 SOCKET_START_POST,
1270 SOCKET_STOP_PRE,
1271 SOCKET_STOP_PRE_SIGTERM,
1272 SOCKET_STOP_PRE_SIGKILL,
1273 SOCKET_STOP_POST,
1274 SOCKET_FINAL_SIGTERM,
1275 SOCKET_FINAL_SIGKILL)) {
718db961
LP		 1276
1277 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
5e94833f 1278 socket_unwatch_control_pid(s);
034c6ed7 1279 s->control_command = NULL;
a16e1123 1280 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
e537352b 1281 }
034c6ed7 1282
a16e1123
LP		 1283 if (state != SOCKET_LISTENING)
1284 socket_unwatch_fds(s);
1285
bd1fe7c7 1286 if (!IN_SET(state,
3900e5fd 1287 SOCKET_START_CHOWN,
bd1fe7c7
LP		 1288 SOCKET_START_POST,
1289 SOCKET_LISTENING,
1290 SOCKET_RUNNING,
1291 SOCKET_STOP_PRE,
1292 SOCKET_STOP_PRE_SIGTERM,
1293 SOCKET_STOP_PRE_SIGKILL))
034c6ed7
LP		 1294 socket_close_fds(s);
1295
e537352b 1296 if (state != old_state)
e821075a
LP		 1297 log_debug_unit(UNIT(s)->id, "%s changed %s -> %s",
1298 UNIT(s)->id, socket_state_to_string(old_state), socket_state_to_string(state));
acbb0225 1299
e2f3b44c 1300 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
034c6ed7
LP		 1301}
1302
a16e1123
LP		 1303static int socket_coldplug(Unit *u) {
1304 Socket *s = SOCKET(u);
1305 int r;
1306
1307 assert(s);
1308 assert(s->state == SOCKET_DEAD);
1309
e821075a
LP		 1310 if (s->deserialized_state == s->state)
1311 return 0;
a16e1123 1312
3900e5fd
LP		 1313 if (IN_SET(s->deserialized_state,
1314 SOCKET_START_PRE,
1315 SOCKET_START_CHOWN,
1316 SOCKET_START_POST,
1317 SOCKET_STOP_PRE,
1318 SOCKET_STOP_PRE_SIGTERM,
1319 SOCKET_STOP_PRE_SIGKILL,
1320 SOCKET_STOP_POST,
1321 SOCKET_FINAL_SIGTERM,
1322 SOCKET_FINAL_SIGKILL)) {
a16e1123 1323
e821075a
LP		 1324 if (s->control_pid <= 0)
1325 return -EBADMSG;
a16e1123 1326
e821075a
LP		 1327 r = unit_watch_pid(UNIT(s), s->control_pid);
1328 if (r < 0)
1329 return r;
a16e1123 1330
e821075a
LP		 1331 r = socket_arm_timer(s);
1332 if (r < 0)
1333 return r;
1334 }
a16e1123 1335
3900e5fd
LP		 1336 if (IN_SET(s->deserialized_state,
1337 SOCKET_START_CHOWN,
1338 SOCKET_START_POST,
1339 SOCKET_LISTENING,
1340 SOCKET_RUNNING,
1341 SOCKET_STOP_PRE,
1342 SOCKET_STOP_PRE_SIGTERM,
1343 SOCKET_STOP_PRE_SIGKILL)) {
e821075a
LP		 1344 r = socket_open_fds(s);
1345 if (r < 0)
1346 return r;
1347 }
a16e1123 1348
e821075a
LP		 1349 if (s->deserialized_state == SOCKET_LISTENING) {
1350 r = socket_watch_fds(s);
1351 if (r < 0)
1352 return r;
a16e1123
LP		 1353 }
1354
e821075a 1355 socket_set_state(s, s->deserialized_state);
a16e1123
LP		 1356 return 0;
1357}
1358
e537352b 1359static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
3900e5fd 1360 _cleanup_free_ char **argv = NULL;
034c6ed7
LP		 1361 pid_t pid;
1362 int r;
1363
1364 assert(s);
1365 assert(c);
1366 assert(_pid);
1367
4ad49000
LP		 1368 unit_realize_cgroup(UNIT(s));
1369
613b411c
LP		 1370 r = unit_setup_exec_runtime(UNIT(s));
1371 if (r < 0)
1372 goto fail;
1373
718db961 1374 r = socket_arm_timer(s);
36697dc0 1375 if (r < 0)
e537352b 1376 goto fail;
034c6ed7 1377
19f6d710
LP		 1378 r = unit_full_printf_strv(UNIT(s), c->argv, &argv);
1379 if (r < 0)
9e2f7c11 1380 goto fail;
9e2f7c11
LP		 1381
1382 r = exec_spawn(c,
1383 argv,
1384 &s->exec_context,
1385 NULL, 0,
1124fe6f 1386 UNIT(s)->manager->environment,
9e2f7c11
LP		 1387 true,
1388 true,
1e3ad081 1389 true,
1124fe6f 1390 UNIT(s)->manager->confirm_spawn,
13b84ec7 1391 UNIT(s)->manager->cgroup_supported,
4ad49000 1392 UNIT(s)->cgroup_path,
e66cf1a3 1393 manager_get_runtime_prefix(UNIT(s)->manager),
62bca2c6 1394 UNIT(s)->id,
09812eb7 1395 0,
f2b68789 1396 NULL,
613b411c 1397 s->exec_runtime,
9e2f7c11 1398 &pid);
cee288ad
TA		 1399 if (r < 0)
1400 goto fail;
9e2f7c11 1401
3900e5fd 1402 r = unit_watch_pid(UNIT(s), pid);
9e2f7c11 1403 if (r < 0)
3900e5fd 1404 /* FIXME: we need to do something here */
034c6ed7
LP		 1405 goto fail;
1406
3900e5fd
LP		 1407 *_pid = pid;
1408 return 0;
1409
1410fail:
1411 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1412 return r;
1413}
1414
1415static int socket_chown(Socket *s, pid_t *_pid) {
1416 pid_t pid;
1417 int r;
1418
1419 r = socket_arm_timer(s);
1420 if (r < 0)
1421 goto fail;
1422
1423 /* We have to resolve the user names out-of-process, hence
1424 * let's fork here. It's messy, but well, what can we do? */
1425
1426 pid = fork();
1427 if (pid < 0)
1428 return -errno;
1429
1430 if (pid == 0) {
1431 SocketPort *p;
1432 uid_t uid = (uid_t) -1;
1433 gid_t gid = (gid_t) -1;
1434 int ret;
1435
1436 default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
1437 ignore_signals(SIGPIPE, -1);
1438 log_forget_fds();
1439
1440 if (!isempty(s->user)) {
1441 const char *user = s->user;
1442
1443 r = get_user_creds(&user, &uid, &gid, NULL, NULL);
1444 if (r < 0) {
1445 ret = EXIT_USER;
1446 goto fail_child;
1447 }
1448 }
1449
1450 if (!isempty(s->group)) {
1451 const char *group = s->group;
1452
1453 r = get_group_creds(&group, &gid);
1454 if (r < 0) {
1455 ret = EXIT_GROUP;
1456 goto fail_child;
1457 }
1458 }
1459
1460 LIST_FOREACH(port, p, s->ports) {
e5a1c18d 1461 const char *path = NULL;
3900e5fd
LP		 1462
1463 if (p->type == SOCKET_SOCKET)
1464 path = socket_address_get_path(&p->address);
1465 else if (p->type == SOCKET_FIFO)
1466 path = p->path;
1467
1468 if (!path)
1469 continue;
1470
1471 if (chown(path, uid, gid) < 0) {
1472 r = -errno;
1473 ret = EXIT_CHOWN;
1474 goto fail_child;
1475 }
1476 }
1477
1478 _exit(0);
1479
1480 fail_child:
1481 log_open();
1482 log_error("Failed to chown socket at step %s: %s", exit_status_to_string(ret, EXIT_STATUS_SYSTEMD), strerror(-r));
1483
1484 _exit(ret);
1485 }
1486
718db961
LP		 1487 r = unit_watch_pid(UNIT(s), pid);
1488 if (r < 0)
034c6ed7 1489 goto fail;
83c60c9f 1490
034c6ed7 1491 *_pid = pid;
034c6ed7
LP		 1492 return 0;
1493
1494fail:
718db961 1495 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
83c60c9f 1496 return r;
542563ba
LP		 1497}
1498
cfc4eb4c 1499static void socket_enter_dead(Socket *s, SocketResult f) {
034c6ed7
LP		 1500 assert(s);
1501
cfc4eb4c
LP		 1502 if (f != SOCKET_SUCCESS)
1503 s->result = f;
034c6ed7 1504
613b411c
LP		 1505 exec_runtime_destroy(s->exec_runtime);
1506 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
1507
e66cf1a3
LP		 1508 exec_context_destroy_runtime_directory(&s->exec_context, manager_get_runtime_prefix(UNIT(s)->manager));
1509
cfc4eb4c 1510 socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
034c6ed7
LP		 1511}
1512
cfc4eb4c 1513static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
80876c20 1514
cfc4eb4c 1515static void socket_enter_stop_post(Socket *s, SocketResult f) {
034c6ed7
LP		 1516 int r;
1517 assert(s);
1518
cfc4eb4c
LP		 1519 if (f != SOCKET_SUCCESS)
1520 s->result = f;
034c6ed7 1521
5e94833f 1522 socket_unwatch_control_pid(s);
a16e1123 1523 s->control_command_id = SOCKET_EXEC_STOP_POST;
3900e5fd 1524 s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST];
a16e1123 1525
3900e5fd
LP		 1526 if (s->control_command) {
1527 r = socket_spawn(s, s->control_command, &s->control_pid);
1528 if (r < 0)
034c6ed7
LP		 1529 goto fail;
1530
80876c20
LP		 1531 socket_set_state(s, SOCKET_STOP_POST);
1532 } else
cfc4eb4c 1533 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
034c6ed7
LP		 1534
1535 return;
1536
1537fail:
66870f90
ZJS		 1538 log_warning_unit(UNIT(s)->id,
1539 "%s failed to run 'stop-post' task: %s",
1540 UNIT(s)->id, strerror(-r));
cfc4eb4c 1541 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1542}
1543
cfc4eb4c 1544static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
034c6ed7
LP		 1545 int r;
1546
1547 assert(s);
1548
cfc4eb4c
LP		 1549 if (f != SOCKET_SUCCESS)
1550 s->result = f;
034c6ed7 1551
cd2086fe
LP		 1552 r = unit_kill_context(
1553 UNIT(s),
1554 &s->kill_context,
1555 state != SOCKET_STOP_PRE_SIGTERM && state != SOCKET_FINAL_SIGTERM,
1556 -1,
1557 s->control_pid,
1558 false);
1559 if (r < 0)
1560 goto fail;
034c6ed7 1561
cd2086fe 1562 if (r > 0) {
718db961 1563 r = socket_arm_timer(s);
36697dc0 1564 if (r < 0)
80876c20 1565 goto fail;
d6ea93e3 1566
80876c20 1567 socket_set_state(s, state);
ac84d1fb
LP		 1568 } else if (state == SOCKET_STOP_PRE_SIGTERM)
1569 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_SUCCESS);
1570 else if (state == SOCKET_STOP_PRE_SIGKILL)
cfc4eb4c 1571 socket_enter_stop_post(s, SOCKET_SUCCESS);
ac84d1fb
LP		 1572 else if (state == SOCKET_FINAL_SIGTERM)
1573 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_SUCCESS);
80876c20 1574 else
cfc4eb4c 1575 socket_enter_dead(s, SOCKET_SUCCESS);
034c6ed7
LP		 1576
1577 return;
1578
1579fail:
e821075a 1580 log_warning_unit(UNIT(s)->id, "%s failed to kill processes: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1581
1582 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
cfc4eb4c 1583 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1584 else
cfc4eb4c 1585 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1586}
1587
cfc4eb4c 1588static void socket_enter_stop_pre(Socket *s, SocketResult f) {
034c6ed7
LP		 1589 int r;
1590 assert(s);
1591
cfc4eb4c
LP		 1592 if (f != SOCKET_SUCCESS)
1593 s->result = f;
034c6ed7 1594
5e94833f 1595 socket_unwatch_control_pid(s);
a16e1123 1596 s->control_command_id = SOCKET_EXEC_STOP_PRE;
3900e5fd 1597 s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE];
a16e1123 1598
3900e5fd
LP		 1599 if (s->control_command) {
1600 r = socket_spawn(s, s->control_command, &s->control_pid);
1601 if (r < 0)
034c6ed7
LP		 1602 goto fail;
1603
80876c20
LP		 1604 socket_set_state(s, SOCKET_STOP_PRE);
1605 } else
cfc4eb4c 1606 socket_enter_stop_post(s, SOCKET_SUCCESS);
034c6ed7
LP		 1607
1608 return;
1609
1610fail:
e821075a 1611 log_warning_unit(UNIT(s)->id, "%s failed to run 'stop-pre' task: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1612 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1613}
1614
e9af15c3
LP		 1615static void socket_enter_listening(Socket *s) {
1616 int r;
1617 assert(s);
1618
cfc4eb4c
LP		 1619 r = socket_watch_fds(s);
1620 if (r < 0) {
e821075a 1621 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
e9af15c3
LP		 1622 goto fail;
1623 }
1624
1625 socket_set_state(s, SOCKET_LISTENING);
1626 return;
1627
1628fail:
cfc4eb4c 1629 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
e9af15c3
LP		 1630}
1631
034c6ed7
LP		 1632static void socket_enter_start_post(Socket *s) {
1633 int r;
1634 assert(s);
1635
3900e5fd
LP		 1636 socket_unwatch_control_pid(s);
1637 s->control_command_id = SOCKET_EXEC_START_POST;
1638 s->control_command = s->exec_command[SOCKET_EXEC_START_POST];
1639
1640 if (s->control_command) {
1641 r = socket_spawn(s, s->control_command, &s->control_pid);
1642 if (r < 0) {
1643 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-post' task: %s", UNIT(s)->id, strerror(-r));
1644 goto fail;
1645 }
1646
1647 socket_set_state(s, SOCKET_START_POST);
1648 } else
1649 socket_enter_listening(s);
1650
1651 return;
1652
1653fail:
1654 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1655}
1656
1657static void socket_enter_start_chown(Socket *s) {
1658 int r;
1659
1660 assert(s);
1661
cfc4eb4c
LP		 1662 r = socket_open_fds(s);
1663 if (r < 0) {
e821075a 1664 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1665 goto fail;
1666 }
1667
3900e5fd 1668 if (!isempty(s->user) || !isempty(s->group)) {
5e94833f 1669
3900e5fd
LP		 1670 socket_unwatch_control_pid(s);
1671 s->control_command_id = SOCKET_EXEC_START_CHOWN;
1672 s->control_command = NULL;
a16e1123 1673
3900e5fd 1674 r = socket_chown(s, &s->control_pid);
cfc4eb4c 1675 if (r < 0) {
3900e5fd 1676 log_warning_unit(UNIT(s)->id, "%s failed to fork 'start-chown' task: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1677 goto fail;
1678 }
1679
3900e5fd 1680 socket_set_state(s, SOCKET_START_CHOWN);
80876c20 1681 } else
3900e5fd 1682 socket_enter_start_post(s);
034c6ed7
LP		 1683
1684 return;
1685
1686fail:
cfc4eb4c 1687 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1688}
1689
1690static void socket_enter_start_pre(Socket *s) {
1691 int r;
1692 assert(s);
1693
5e94833f 1694 socket_unwatch_control_pid(s);
a16e1123 1695 s->control_command_id = SOCKET_EXEC_START_PRE;
3900e5fd 1696 s->control_command = s->exec_command[SOCKET_EXEC_START_PRE];
a16e1123 1697
3900e5fd 1698 if (s->control_command) {
e821075a 1699 r = socket_spawn(s, s->control_command, &s->control_pid);
3900e5fd
LP		 1700 if (r < 0) {
1701 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-pre' task: %s", UNIT(s)->id, strerror(-r));
034c6ed7 1702 goto fail;
3900e5fd 1703 }
034c6ed7 1704
80876c20
LP		 1705 socket_set_state(s, SOCKET_START_PRE);
1706 } else
3900e5fd 1707 socket_enter_start_chown(s);
034c6ed7
LP		 1708
1709 return;
1710
1711fail:
cfc4eb4c 1712 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1713}
1714
4f2d528d 1715static void socket_enter_running(Socket *s, int cfd) {
718db961 1716 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
034c6ed7
LP		 1717 int r;
1718
1719 assert(s);
1720
ba3e67a7
LP		 1721 /* We don't take connections anymore if we are supposed to
1722 * shut down anyway */
31afa0a4 1723 if (unit_stop_pending(UNIT(s))) {
e821075a
LP		 1724
1725 log_debug_unit(UNIT(s)->id, "Suppressing connection request on %s since unit stop is scheduled.", UNIT(s)->id);
5d909e3e 1726
7c610628 1727 if (cfd >= 0)
03e334a1 1728 safe_close(cfd);
7c610628
LP		 1729 else {
1730 /* Flush all sockets by closing and reopening them */
1731 socket_close_fds(s);
1732
16ac4014
LP		 1733 r = socket_open_fds(s);
1734 if (r < 0) {
1735 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1736 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1737 return;
1738 }
1739
1a710b43
MS		 1740 r = socket_watch_fds(s);
1741 if (r < 0) {
e821075a 1742 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1743 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
7c610628
LP		 1744 }
1745 }
1746
ba3e67a7
LP		 1747 return;
1748 }
1749
4f2d528d 1750 if (cfd < 0) {
57020a3a 1751 Iterator i;
e821075a 1752 Unit *other;
f976f3f6 1753 bool pending = false;
f976f3f6
LP		 1754
1755 /* If there's already a start pending don't bother to
1756 * do anything */
e821075a
LP		 1757 SET_FOREACH(other, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
1758 if (unit_active_or_pending(other)) {
57020a3a
LP		 1759 pending = true;
1760 break;
1761 }
f976f3f6 1762
1a710b43 1763 if (!pending) {
640ace4a
LP		 1764 if (!UNIT_ISSET(s->service)) {
1765 log_error_unit(UNIT(s)->id, "%s: service to activate vanished, refusing activation.", UNIT(s)->id);
1766 r = -ENOENT;
1767 goto fail;
1768 }
1769
1a710b43
MS		 1770 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1771 if (r < 0)
f976f3f6 1772 goto fail;
1a710b43 1773 }
4f2d528d
LP		 1774
1775 socket_set_state(s, SOCKET_RUNNING);
1776 } else {
e55001eb 1777 _cleanup_free_ char *prefix = NULL, *instance = NULL, *name = NULL;
b15bdda8 1778 Service *service;
4f2d528d 1779
6cf6bbc2 1780 if (s->n_connections >= s->max_connections) {
e821075a 1781 log_warning_unit(UNIT(s)->id, "%s: Too many incoming connections (%u)", UNIT(s)->id, s->n_connections);
03e334a1 1782 safe_close(cfd);
6cf6bbc2
LP		 1783 return;
1784 }
1785
1a710b43
MS		 1786 r = socket_instantiate_service(s);
1787 if (r < 0)
b15bdda8
LP		 1788 goto fail;
1789
1a710b43
MS		 1790 r = instance_from_socket(cfd, s->n_accepted, &instance);
1791 if (r < 0) {
1792 if (r != -ENOTCONN)
1793 goto fail;
1794
1795 /* ENOTCONN is legitimate if TCP RST was received.
1796 * This connection is over, but the socket unit lives on. */
03e334a1 1797 safe_close(cfd);
1a710b43
MS		 1798 return;
1799 }
4f2d528d 1800
1a710b43
MS		 1801 prefix = unit_name_to_prefix(UNIT(s)->id);
1802 if (!prefix) {
4f2d528d
LP		 1803 r = -ENOMEM;
1804 goto fail;
1805 }
1806
1807 name = unit_name_build(prefix, instance, ".service");
b6dbbe1c 1808 if (!name) {
4f2d528d 1809 r = -ENOMEM;
b6dbbe1c
LP		 1810 goto fail;
1811 }
4f2d528d 1812
1a710b43 1813 r = unit_add_name(UNIT_DEREF(s->service), name);
e55001eb 1814 if (r < 0)
4f2d528d 1815 goto fail;
b15bdda8 1816
57020a3a
LP		 1817 service = SERVICE(UNIT_DEREF(s->service));
1818 unit_ref_unset(&s->service);
b15bdda8 1819 s->n_accepted ++;
4f2d528d 1820
1124fe6f 1821 UNIT(service)->no_gc = false;
6c073082 1822
b15bdda8 1823 unit_choose_id(UNIT(service), name);
b15bdda8 1824
1a710b43
MS		 1825 r = service_set_socket_fd(service, cfd, s);
1826 if (r < 0)
4f2d528d
LP		 1827 goto fail;
1828
1829 cfd = -1;
6cf6bbc2
LP		 1830 s->n_connections ++;
1831
1a710b43
MS		 1832 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1833 if (r < 0)
4f2d528d 1834 goto fail;
c4e2ceae
LP		 1835
1836 /* Notify clients about changed counters */
1837 unit_add_to_dbus_queue(UNIT(s));
4f2d528d 1838 }
034c6ed7 1839
034c6ed7
LP		 1840 return;
1841
1842fail:
e821075a
LP		 1843 log_warning_unit(UNIT(s)->id, "%s failed to queue service startup job (Maybe the service file is missing or not a %s unit?): %s",
1844 UNIT(s)->id, cfd >= 0 ? "template" : "non-template",
718db961 1845 bus_error_message(&error, r));
e821075a 1846
60089004 1847 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
03e334a1 1848 safe_close(cfd);
034c6ed7
LP		 1849}
1850
cfc4eb4c 1851static void socket_run_next(Socket *s) {
034c6ed7
LP		 1852 int r;
1853
1854 assert(s);
1855 assert(s->control_command);
1856 assert(s->control_command->command_next);
1857
5e94833f
LP		 1858 socket_unwatch_control_pid(s);
1859
034c6ed7
LP		 1860 s->control_command = s->control_command->command_next;
1861
e821075a
LP		 1862 r = socket_spawn(s, s->control_command, &s->control_pid);
1863 if (r < 0)
034c6ed7
LP		 1864 goto fail;
1865
1866 return;
1867
1868fail:
e821075a 1869 log_warning_unit(UNIT(s)->id, "%s failed to run next task: %s", UNIT(s)->id, strerror(-r));
80876c20
LP		 1870
1871 if (s->state == SOCKET_START_POST)
cfc4eb4c 1872 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1873 else if (s->state == SOCKET_STOP_POST)
cfc4eb4c 1874 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1875 else
cfc4eb4c 1876 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1877}
1878
87f0e418
LP		 1879static int socket_start(Unit *u) {
1880 Socket *s = SOCKET(u);
83c60c9f
LP		 1881
1882 assert(s);
1883
034c6ed7
LP		 1884 /* We cannot fulfill this request right now, try again later
1885 * please! */
3900e5fd
LP		 1886 if (IN_SET(s->state,
1887 SOCKET_STOP_PRE,
1888 SOCKET_STOP_PRE_SIGKILL,
1889 SOCKET_STOP_PRE_SIGTERM,
1890 SOCKET_STOP_POST,
1891 SOCKET_FINAL_SIGTERM,
1892 SOCKET_FINAL_SIGKILL))
034c6ed7
LP		 1893 return -EAGAIN;
1894
a4152e3f 1895 /* Already on it! */
3900e5fd
LP		 1896 if (IN_SET(s->state,
1897 SOCKET_START_PRE,
1898 SOCKET_START_CHOWN,
1899 SOCKET_START_POST))
034c6ed7 1900 return 0;
83c60c9f 1901
034c6ed7 1902 /* Cannot run this without the service being around */
9444b1f2 1903 if (UNIT_ISSET(s->service)) {
57020a3a
LP		 1904 Service *service;
1905
1906 service = SERVICE(UNIT_DEREF(s->service));
1907
1124fe6f 1908 if (UNIT(service)->load_state != UNIT_LOADED) {
e821075a 1909 log_error_unit(u->id, "Socket service %s not loaded, refusing.", UNIT(service)->id);
4f2d528d 1910 return -ENOENT;
4ac9236f 1911 }
4f2d528d 1912
35b8ca3a 1913 /* If the service is already active we cannot start the
4f2d528d 1914 * socket */
57020a3a
LP		 1915 if (service->state != SERVICE_DEAD &&
1916 service->state != SERVICE_FAILED &&
1917 service->state != SERVICE_AUTO_RESTART) {
e821075a 1918 log_error_unit(u->id, "Socket service %s already active, refusing.", UNIT(service)->id);
4f2d528d 1919 return -EBUSY;
4ac9236f 1920 }
4f2d528d 1921 }
e537352b 1922
fdf20a31 1923 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
83c60c9f 1924
cfc4eb4c 1925 s->result = SOCKET_SUCCESS;
034c6ed7 1926 socket_enter_start_pre(s);
e821075a 1927
034c6ed7
LP		 1928 return 0;
1929}
83c60c9f 1930
87f0e418
LP		 1931static int socket_stop(Unit *u) {
1932 Socket *s = SOCKET(u);
034c6ed7
LP		 1933
1934 assert(s);
1935
e537352b 1936 /* Already on it */
3900e5fd
LP		 1937 if (IN_SET(s->state,
1938 SOCKET_STOP_PRE,
1939 SOCKET_STOP_PRE_SIGTERM,
1940 SOCKET_STOP_PRE_SIGKILL,
1941 SOCKET_STOP_POST,
1942 SOCKET_FINAL_SIGTERM,
1943 SOCKET_FINAL_SIGKILL))
e537352b
LP		 1944 return 0;
1945
3f6c78dc
LP		 1946 /* If there's already something running we go directly into
1947 * kill mode. */
3900e5fd
LP		 1948 if (IN_SET(s->state,
1949 SOCKET_START_PRE,
1950 SOCKET_START_CHOWN,
1951 SOCKET_START_POST)) {
cfc4eb4c 1952 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
3f6c78dc
LP		 1953 return -EAGAIN;
1954 }
1955
034c6ed7 1956 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
83c60c9f 1957
cfc4eb4c 1958 socket_enter_stop_pre(s, SOCKET_SUCCESS);
542563ba
LP		 1959 return 0;
1960}
1961
a16e1123
LP		 1962static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1963 Socket *s = SOCKET(u);
1964 SocketPort *p;
1965 int r;
1966
1967 assert(u);
1968 assert(f);
1969 assert(fds);
1970
1971 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
cfc4eb4c 1972 unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
a16e1123
LP		 1973 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1974
1975 if (s->control_pid > 0)
de0671ee 1976 unit_serialize_item_format(u, f, "control-pid", PID_FMT, s->control_pid);
a16e1123
LP		 1977
1978 if (s->control_command_id >= 0)
1979 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1980
1981 LIST_FOREACH(port, p, s->ports) {
1982 int copy;
1983
1984 if (p->fd < 0)
1985 continue;
1986
613b411c
LP		 1987 copy = fdset_put_dup(fds, p->fd);
1988 if (copy < 0)
a16e1123
LP		 1989 return copy;
1990
1991 if (p->type == SOCKET_SOCKET) {
613b411c 1992 _cleanup_free_ char *t = NULL;
a16e1123 1993
ee092817
LP		 1994 r = socket_address_print(&p->address, &t);
1995 if (r < 0)
a16e1123
LP		 1996 return r;
1997
7a22745a
LP		 1998 if (socket_address_family(&p->address) == AF_NETLINK)
1999 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
2000 else
2001 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
613b411c 2002
b0a3f2bc
LP		 2003 } else if (p->type == SOCKET_SPECIAL)
2004 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
ee092817
LP		 2005 else if (p->type == SOCKET_MQUEUE)
2006 unit_serialize_item_format(u, f, "mqueue", "%i %s", copy, p->path);
b0a3f2bc 2007 else {
a16e1123
LP		 2008 assert(p->type == SOCKET_FIFO);
2009 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
2010 }
2011 }
2012
2013 return 0;
2014}
2015
2016static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
2017 Socket *s = SOCKET(u);
a16e1123
LP		 2018
2019 assert(u);
2020 assert(key);
2021 assert(value);
a16e1123
LP		 2022
2023 if (streq(key, "state")) {
2024 SocketState state;
2025
ee092817
LP		 2026 state = socket_state_from_string(value);
2027 if (state < 0)
e821075a 2028 log_debug_unit(u->id, "Failed to parse state value %s", value);
a16e1123
LP		 2029 else
2030 s->deserialized_state = state;
cfc4eb4c
LP		 2031 } else if (streq(key, "result")) {
2032 SocketResult f;
a16e1123 2033
cfc4eb4c
LP		 2034 f = socket_result_from_string(value);
2035 if (f < 0)
e821075a 2036 log_debug_unit(u->id, "Failed to parse result value %s", value);
cfc4eb4c
LP		 2037 else if (f != SOCKET_SUCCESS)
2038 s->result = f;
a16e1123
LP		 2039
2040 } else if (streq(key, "n-accepted")) {
2041 unsigned k;
2042
e364ad06 2043 if (safe_atou(value, &k) < 0)
e821075a 2044 log_debug_unit(u->id, "Failed to parse n-accepted value %s", value);
a16e1123
LP		 2045 else
2046 s->n_accepted += k;
2047 } else if (streq(key, "control-pid")) {
5925dd3c 2048 pid_t pid;
a16e1123 2049
e364ad06 2050 if (parse_pid(value, &pid) < 0)
e821075a 2051 log_debug_unit(u->id, "Failed to parse control-pid value %s", value);
a16e1123 2052 else
5925dd3c 2053 s->control_pid = pid;
a16e1123
LP		 2054 } else if (streq(key, "control-command")) {
2055 SocketExecCommand id;
2056
66870f90
ZJS		 2057 id = socket_exec_command_from_string(value);
2058 if (id < 0)
e821075a 2059 log_debug_unit(u->id, "Failed to parse exec-command value %s", value);
a16e1123
LP		 2060 else {
2061 s->control_command_id = id;
2062 s->control_command = s->exec_command[id];
2063 }
2064 } else if (streq(key, "fifo")) {
2065 int fd, skip = 0;
2066 SocketPort *p;
2067
2068 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
e821075a 2069 log_debug_unit(u->id, "Failed to parse fifo value %s", value);
a16e1123
LP		 2070 else {
2071
2072 LIST_FOREACH(port, p, s->ports)
b0a3f2bc
LP		 2073 if (p->type == SOCKET_FIFO &&
2074 streq_ptr(p->path, value+skip))
2075 break;
2076
2077 if (p) {
03e334a1 2078 safe_close(p->fd);
b0a3f2bc
LP		 2079 p->fd = fdset_remove(fds, fd);
2080 }
2081 }
2082
2083 } else if (streq(key, "special")) {
2084 int fd, skip = 0;
2085 SocketPort *p;
2086
2087 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
e821075a 2088 log_debug_unit(u->id, "Failed to parse special value %s", value);
b0a3f2bc
LP		 2089 else {
2090
2091 LIST_FOREACH(port, p, s->ports)
2092 if (p->type == SOCKET_SPECIAL &&
2093 streq_ptr(p->path, value+skip))
a16e1123
LP		 2094 break;
2095
2096 if (p) {
03e334a1 2097 safe_close(p->fd);
a16e1123
LP		 2098 p->fd = fdset_remove(fds, fd);
2099 }
2100 }
2101
ee092817
LP		 2102 } else if (streq(key, "mqueue")) {
2103 int fd, skip = 0;
2104 SocketPort *p;
2105
2106 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
e821075a 2107 log_debug_unit(u->id, "Failed to parse mqueue value %s", value);
ee092817
LP		 2108 else {
2109
2110 LIST_FOREACH(port, p, s->ports)
2111 if (p->type == SOCKET_MQUEUE &&
2112 streq_ptr(p->path, value+skip))
2113 break;
2114
2115 if (p) {
03e334a1 2116 safe_close(p->fd);
ee092817
LP		 2117 p->fd = fdset_remove(fds, fd);
2118 }
2119 }
2120
a16e1123 2121 } else if (streq(key, "socket")) {
27ca8d7a 2122 int fd, type, skip = 0;
a16e1123
LP		 2123 SocketPort *p;
2124
27ca8d7a 2125 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
e821075a 2126 log_debug_unit(u->id, "Failed to parse socket value %s", value);
a16e1123
LP		 2127 else {
2128
2129 LIST_FOREACH(port, p, s->ports)
27ca8d7a 2130 if (socket_address_is(&p->address, value+skip, type))
a16e1123
LP		 2131 break;
2132
2133 if (p) {
03e334a1 2134 safe_close(p->fd);
a16e1123
LP		 2135 p->fd = fdset_remove(fds, fd);
2136 }
2137 }
2138
7a22745a
LP		 2139 } else if (streq(key, "netlink")) {
2140 int fd, skip = 0;
2141 SocketPort *p;
2142
2143 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
e821075a 2144 log_debug_unit(u->id, "Failed to parse socket value %s", value);
7a22745a
LP		 2145 else {
2146
2147 LIST_FOREACH(port, p, s->ports)
2148 if (socket_address_is_netlink(&p->address, value+skip))
2149 break;
2150
2151 if (p) {
03e334a1 2152 safe_close(p->fd);
7a22745a
LP		 2153 p->fd = fdset_remove(fds, fd);
2154 }
2155 }
a16e1123 2156 } else
e821075a 2157 log_debug_unit(UNIT(s)->id, "Unknown serialization key '%s'", key);
a16e1123
LP		 2158
2159 return 0;
2160}
2161
01e10de3
LP		 2162static int socket_distribute_fds(Unit *u, FDSet *fds) {
2163 Socket *s = SOCKET(u);
2164 SocketPort *p;
2165
2166 assert(u);
2167
2168 LIST_FOREACH(port, p, s->ports) {
2169 Iterator i;
2170 int fd;
2171
2172 if (p->type != SOCKET_SOCKET)
2173 continue;
2174
2175 if (p->fd >= 0)
2176 continue;
2177
2178 FDSET_FOREACH(fd, fds, i) {
2179 if (socket_address_matches_fd(&p->address, fd)) {
2180 p->fd = fdset_remove(fds, fd);
2181 s->deserialized_state = SOCKET_LISTENING;
2182 break;
2183 }
2184 }
2185 }
2186
2187 return 0;
2188}
2189
44a6b1b6 2190_pure_ static UnitActiveState socket_active_state(Unit *u) {
87f0e418 2191 assert(u);
5cb5a6ff 2192
acbb0225 2193 return state_translation_table[SOCKET(u)->state];
5cb5a6ff
LP		 2194}
2195
44a6b1b6 2196_pure_ static const char *socket_sub_state_to_string(Unit *u) {
10a94420
LP		 2197 assert(u);
2198
a16e1123 2199 return socket_state_to_string(SOCKET(u)->state);
10a94420
LP		 2200}
2201
67419600
OS		 2202const char* socket_port_type_to_string(SocketPort *p) {
2203
2204 assert(p);
2205
2206 switch (p->type) {
718db961
LP		 2207
2208 case SOCKET_SOCKET:
2209
2210 switch (p->address.type) {
2211
2212 case SOCK_STREAM:
2213 return "Stream";
2214
2215 case SOCK_DGRAM:
2216 return "Datagram";
2217
2218 case SOCK_SEQPACKET:
2219 return "SequentialPacket";
2220
2221 case SOCK_RAW:
2222 if (socket_address_family(&p->address) == AF_NETLINK)
2223 return "Netlink";
2224
2225 default:
2226 return NULL;
2227 }
2228
2229 case SOCKET_SPECIAL:
2230 return "Special";
2231
2232 case SOCKET_MQUEUE:
2233 return "MessageQueue";
2234
2235 case SOCKET_FIFO:
2236 return "FIFO";
2237
2238 default:
2239 return NULL;
67419600
OS		 2240 }
2241}
2242
44a6b1b6 2243_pure_ static bool socket_check_gc(Unit *u) {
6cf6bbc2
LP		 2244 Socket *s = SOCKET(u);
2245
2246 assert(u);
2247
2248 return s->n_connections > 0;
2249}
2250
718db961
LP		 2251static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2252 SocketPort *p = userdata;
4f2d528d 2253 int cfd = -1;
9152c765 2254
718db961 2255 assert(p);
8d567588 2256 assert(fd >= 0);
9152c765 2257
718db961
LP		 2258 if (p->socket->state != SOCKET_LISTENING)
2259 return 0;
871d7de4 2260
718db961 2261 log_debug_unit(UNIT(p->socket)->id, "Incoming traffic on %s", UNIT(p->socket)->id);
9152c765 2262
718db961 2263 if (revents != EPOLLIN) {
641e01dc 2264
718db961 2265 if (revents & EPOLLHUP)
e821075a 2266 log_error_unit(UNIT(p->socket)->id, "%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.",
718db961 2267 UNIT(p->socket)->id);
641e01dc 2268 else
e821075a 2269 log_error_unit(UNIT(p->socket)->id, "%s: Got unexpected poll event (0x%x) on socket.",
718db961 2270 UNIT(p->socket)->id, revents);
641e01dc 2271
8d567588 2272 goto fail;
4f2d528d
LP		 2273 }
2274
718db961
LP		 2275 if (p->socket->accept &&
2276 p->type == SOCKET_SOCKET &&
2277 socket_address_can_accept(&p->address)) {
2278
4f2d528d
LP		 2279 for (;;) {
2280
b14eda96
LP		 2281 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK);
2282 if (cfd < 0) {
4f2d528d
LP		 2283
2284 if (errno == EINTR)
2285 continue;
2286
718db961 2287 log_error_unit(UNIT(p->socket)->id,
66870f90 2288 "Failed to accept socket: %m");
8d567588 2289 goto fail;
4f2d528d
LP		 2290 }
2291
2292 break;
2293 }
4fd5948e 2294
718db961 2295 socket_apply_socket_options(p->socket, cfd);
4f2d528d 2296 }
9152c765 2297
718db961
LP		 2298 socket_enter_running(p->socket, cfd);
2299 return 0;
8d567588
LP		 2300
2301fail:
718db961
LP		 2302 socket_enter_stop_pre(p->socket, SOCKET_FAILURE_RESOURCES);
2303 return 0;
9152c765
LP		 2304}
2305
87f0e418
LP		 2306static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
2307 Socket *s = SOCKET(u);
cfc4eb4c 2308 SocketResult f;
5cb5a6ff
LP		 2309
2310 assert(s);
034c6ed7 2311 assert(pid >= 0);
5cb5a6ff 2312
8c47c732
LP		 2313 if (pid != s->control_pid)
2314 return;
542563ba 2315
034c6ed7
LP		 2316 s->control_pid = 0;
2317
96342de6 2318 if (is_clean_exit(code, status, NULL))
cfc4eb4c
LP		 2319 f = SOCKET_SUCCESS;
2320 else if (code == CLD_EXITED)
2321 f = SOCKET_FAILURE_EXIT_CODE;
2322 else if (code == CLD_KILLED)
2323 f = SOCKET_FAILURE_SIGNAL;
2324 else if (code == CLD_DUMPED)
2325 f = SOCKET_FAILURE_CORE_DUMP;
2326 else
a4152e3f 2327 assert_not_reached("Unknown sigchld code");
8c47c732 2328
b708e7ce 2329 if (s->control_command) {
6ea832a2 2330 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
a16e1123 2331
b708e7ce 2332 if (s->control_command->ignore)
cfc4eb4c 2333 f = SOCKET_SUCCESS;
b708e7ce
LP		 2334 }
2335
66870f90
ZJS		 2336 log_full_unit(f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE,
2337 u->id,
2338 "%s control process exited, code=%s status=%i",
2339 u->id, sigchld_code_to_string(code), status);
034c6ed7 2340
cfc4eb4c
LP		 2341 if (f != SOCKET_SUCCESS)
2342 s->result = f;
2343
2344 if (s->control_command &&
2345 s->control_command->command_next &&
2346 f == SOCKET_SUCCESS) {
2347
66870f90
ZJS		 2348 log_debug_unit(u->id,
2349 "%s running next command for state %s",
2350 u->id, socket_state_to_string(s->state));
cfc4eb4c 2351 socket_run_next(s);
acbb0225 2352 } else {
a16e1123
LP		 2353 s->control_command = NULL;
2354 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
2355
034c6ed7
LP		 2356 /* No further commands for this step, so let's figure
2357 * out what to do next */
5cb5a6ff 2358
66870f90
ZJS		 2359 log_debug_unit(u->id,
2360 "%s got final SIGCHLD for state %s",
2361 u->id, socket_state_to_string(s->state));
acbb0225 2362
034c6ed7
LP		 2363 switch (s->state) {
2364
2365 case SOCKET_START_PRE:
cfc4eb4c 2366 if (f == SOCKET_SUCCESS)
3900e5fd 2367 socket_enter_start_chown(s);
034c6ed7 2368 else
cfc4eb4c 2369 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
034c6ed7
LP		 2370 break;
2371
3900e5fd
LP		 2372 case SOCKET_START_CHOWN:
2373 if (f == SOCKET_SUCCESS)
2374 socket_enter_start_post(s);
2375 else
2376 socket_enter_stop_pre(s, f);
2377 break;
2378
034c6ed7 2379 case SOCKET_START_POST:
cfc4eb4c 2380 if (f == SOCKET_SUCCESS)
e9af15c3 2381 socket_enter_listening(s);
034c6ed7 2382 else
cfc4eb4c 2383 socket_enter_stop_pre(s, f);
034c6ed7
LP		 2384 break;
2385
2386 case SOCKET_STOP_PRE:
2387 case SOCKET_STOP_PRE_SIGTERM:
2388 case SOCKET_STOP_PRE_SIGKILL:
cfc4eb4c 2389 socket_enter_stop_post(s, f);
034c6ed7
LP		 2390 break;
2391
2392 case SOCKET_STOP_POST:
80876c20
LP		 2393 case SOCKET_FINAL_SIGTERM:
2394 case SOCKET_FINAL_SIGKILL:
cfc4eb4c 2395 socket_enter_dead(s, f);
034c6ed7
LP		 2396 break;
2397
2398 default:
2399 assert_not_reached("Uh, control process died at wrong time.");
2400 }
2401 }
c4e2ceae
LP		 2402
2403 /* Notify clients about changed exit status */
2404 unit_add_to_dbus_queue(u);
034c6ed7 2405}
5cb5a6ff 2406
718db961
LP		 2407static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
2408 Socket *s = SOCKET(userdata);
5cb5a6ff 2409
034c6ed7 2410 assert(s);
718db961 2411 assert(s->timer_event_source == source);
034c6ed7
LP		 2412
2413 switch (s->state) {
2414
2415 case SOCKET_START_PRE:
3900e5fd 2416 log_warning_unit(UNIT(s)->id, "%s starting timed out. Terminating.", UNIT(s)->id);
cfc4eb4c 2417 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
da19d5c1 2418 break;
80876c20 2419
3900e5fd 2420 case SOCKET_START_CHOWN:
034c6ed7 2421 case SOCKET_START_POST:
3900e5fd 2422 log_warning_unit(UNIT(s)->id, "%s starting timed out. Stopping.", UNIT(s)->id);
cfc4eb4c 2423 socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2424 break;
2425
2426 case SOCKET_STOP_PRE:
3900e5fd 2427 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Terminating.", UNIT(s)->id);
cfc4eb4c 2428 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2429 break;
2430
2431 case SOCKET_STOP_PRE_SIGTERM:
4819ff03 2432 if (s->kill_context.send_sigkill) {
3900e5fd 2433 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Killing.", UNIT(s)->id);
cfc4eb4c 2434 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
ba035df2 2435 } else {
3900e5fd 2436 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Skipping SIGKILL. Ignoring.", UNIT(s)->id);
cfc4eb4c 2437 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
ba035df2 2438 }
034c6ed7
LP		 2439 break;
2440
2441 case SOCKET_STOP_PRE_SIGKILL:
3900e5fd 2442 log_warning_unit(UNIT(s)->id, "%s still around after SIGKILL. Ignoring.", UNIT(s)->id);
cfc4eb4c 2443 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2444 break;
2445
2446 case SOCKET_STOP_POST:
3900e5fd 2447 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Terminating.", UNIT(s)->id);
cfc4eb4c 2448 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2449 break;
2450
80876c20 2451 case SOCKET_FINAL_SIGTERM:
4819ff03 2452 if (s->kill_context.send_sigkill) {
3900e5fd 2453 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Killing.", UNIT(s)->id);
cfc4eb4c 2454 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
ba035df2 2455 } else {
3900e5fd 2456 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Skipping SIGKILL. Ignoring.", UNIT(s)->id);
cfc4eb4c 2457 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
ba035df2 2458 }
034c6ed7
LP		 2459 break;
2460
80876c20 2461 case SOCKET_FINAL_SIGKILL:
3900e5fd 2462 log_warning_unit(UNIT(s)->id, "%s still around after SIGKILL (2). Entering failed mode.", UNIT(s)->id);
cfc4eb4c 2463 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2464 break;
2465
2466 default:
2467 assert_not_reached("Timeout at wrong time.");
2468 }
718db961
LP		 2469
2470 return 0;
5cb5a6ff
LP		 2471}
2472
44d8db9e
LP		 2473int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
2474 int *rfds;
2475 unsigned rn_fds, k;
2476 SocketPort *p;
2477
2478 assert(s);
2479 assert(fds);
2480 assert(n_fds);
2481
2482 /* Called from the service code for requesting our fds */
2483
2484 rn_fds = 0;
2485 LIST_FOREACH(port, p, s->ports)
2486 if (p->fd >= 0)
2487 rn_fds++;
2488
de3756ab
LP		 2489 if (rn_fds <= 0) {
2490 *fds = NULL;
2491 *n_fds = 0;
2492 return 0;
2493 }
2494
e364ad06 2495 if (!(rfds = new(int, rn_fds)))
44d8db9e
LP		 2496 return -ENOMEM;
2497
2498 k = 0;
2499 LIST_FOREACH(port, p, s->ports)
2500 if (p->fd >= 0)
2501 rfds[k++] = p->fd;
2502
2503 assert(k == rn_fds);
2504
2505 *fds = rfds;
2506 *n_fds = rn_fds;
2507
2508 return 0;
2509}
2510
e821075a
LP		 2511static void socket_reset_failed(Unit *u) {
2512 Socket *s = SOCKET(u);
2513
2514 assert(s);
2515
2516 if (s->state == SOCKET_FAILED)
2517 socket_set_state(s, SOCKET_DEAD);
2518
2519 s->result = SOCKET_SUCCESS;
2520}
2521
d137a488 2522static void socket_notify_service_dead(Socket *s, bool failed_permanent) {
ceee3d82
LP		 2523 assert(s);
2524
6cf6bbc2
LP		 2525 /* The service is dead. Dang!
2526 *
2527 * This is strictly for one-instance-for-all-connections
2528 * services. */
ceee3d82
LP		 2529
2530 if (s->state == SOCKET_RUNNING) {
e821075a 2531 log_debug_unit(UNIT(s)->id, "%s got notified about service death (failed permanently: %s)", UNIT(s)->id, yes_no(failed_permanent));
6bda96a0
LP		 2532 if (failed_permanent)
2533 socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT);
c2f34808
MS		 2534 else
2535 socket_enter_listening(s);
ceee3d82
LP		 2536 }
2537}
2538
6cf6bbc2
LP		 2539void socket_connection_unref(Socket *s) {
2540 assert(s);
2541
2542 /* The service is dead. Yay!
2543 *
35b8ca3a 2544 * This is strictly for one-instance-per-connection
6cf6bbc2
LP		 2545 * services. */
2546
2547 assert(s->n_connections > 0);
2548 s->n_connections--;
2549
e821075a 2550 log_debug_unit(UNIT(s)->id, "%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
5632e374
LP		 2551}
2552
d137a488
UTL		 2553static void socket_trigger_notify(Unit *u, Unit *other) {
2554 Socket *s = SOCKET(u);
e821075a 2555 Service *se;
d137a488
UTL		 2556
2557 assert(u);
2558 assert(other);
2559
2560 /* Don't propagate state changes from the service if we are
2561 already down or accepting connections */
2562 if ((s->state != SOCKET_RUNNING &&
2563 s->state != SOCKET_LISTENING) ||
2564 s->accept)
2565 return;
2566
2567 if (other->load_state != UNIT_LOADED ||
2568 other->type != UNIT_SERVICE)
2569 return;
2570
e821075a
LP		 2571 se = SERVICE(other);
2572
d137a488
UTL		 2573 if (se->state == SERVICE_FAILED)
2574 socket_notify_service_dead(s, se->result == SERVICE_FAILURE_START_LIMIT);
2575
2576 if (se->state == SERVICE_DEAD ||
2577 se->state == SERVICE_STOP ||
2578 se->state == SERVICE_STOP_SIGTERM ||
2579 se->state == SERVICE_STOP_SIGKILL ||
2580 se->state == SERVICE_STOP_POST ||
2581 se->state == SERVICE_FINAL_SIGTERM ||
2582 se->state == SERVICE_FINAL_SIGKILL ||
2583 se->state == SERVICE_AUTO_RESTART)
2584 socket_notify_service_dead(s, false);
2585
2586 if (se->state == SERVICE_RUNNING)
2587 socket_set_state(s, SOCKET_RUNNING);
2588}
2589
718db961 2590static int socket_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
814cc562 2591 return unit_kill_common(u, who, signo, -1, SOCKET(u)->control_pid, error);
8a0867d6
LP		 2592}
2593
68db7a3b
ZJS		 2594static int socket_get_timeout(Unit *u, uint64_t *timeout) {
2595 Socket *s = SOCKET(u);
2596 int r;
2597
2598 if (!s->timer_event_source)
2599 return 0;
2600
2601 r = sd_event_source_get_time(s->timer_event_source, timeout);
2602 if (r < 0)
2603 return r;
2604
2605 return 1;
2606}
2607
a16e1123
LP		 2608static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2609 [SOCKET_DEAD] = "dead",
2610 [SOCKET_START_PRE] = "start-pre",
3900e5fd 2611 [SOCKET_START_CHOWN] = "start-chown",
a16e1123
LP		 2612 [SOCKET_START_POST] = "start-post",
2613 [SOCKET_LISTENING] = "listening",
2614 [SOCKET_RUNNING] = "running",
2615 [SOCKET_STOP_PRE] = "stop-pre",
2616 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2617 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2618 [SOCKET_STOP_POST] = "stop-post",
2619 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2620 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
fdf20a31 2621 [SOCKET_FAILED] = "failed"
a16e1123
LP		 2622};
2623
2624DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2625
2626static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2627 [SOCKET_EXEC_START_PRE] = "StartPre",
3900e5fd 2628 [SOCKET_EXEC_START_CHOWN] = "StartChown",
a16e1123
LP		 2629 [SOCKET_EXEC_START_POST] = "StartPost",
2630 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2631 [SOCKET_EXEC_STOP_POST] = "StopPost"
2632};
2633
2634DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2635
cfc4eb4c
LP		 2636static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
2637 [SOCKET_SUCCESS] = "success",
2638 [SOCKET_FAILURE_RESOURCES] = "resources",
2639 [SOCKET_FAILURE_TIMEOUT] = "timeout",
2640 [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
2641 [SOCKET_FAILURE_SIGNAL] = "signal",
c2f34808 2642 [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
6bda96a0 2643 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT] = "service-failed-permanent"
cfc4eb4c
LP		 2644};
2645
2646DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
2647
87f0e418 2648const UnitVTable socket_vtable = {
7d17cfbc 2649 .object_size = sizeof(Socket),
718db961
LP		 2650 .exec_context_offset = offsetof(Socket, exec_context),
2651 .cgroup_context_offset = offsetof(Socket, cgroup_context),
2652 .kill_context_offset = offsetof(Socket, kill_context),
613b411c 2653 .exec_runtime_offset = offsetof(Socket, exec_runtime),
3ef63c31 2654
f975e971
LP		 2655 .sections =
2656 "Unit\0"
2657 "Socket\0"
2658 "Install\0",
4ad49000 2659 .private_section = "Socket",
71645aca 2660
034c6ed7
LP		 2661 .init = socket_init,
2662 .done = socket_done,
a16e1123
LP		 2663 .load = socket_load,
2664
2665 .coldplug = socket_coldplug,
034c6ed7 2666
5cb5a6ff
LP		 2667 .dump = socket_dump,
2668
542563ba
LP		 2669 .start = socket_start,
2670 .stop = socket_stop,
5cb5a6ff 2671
718db961
LP		 2672 .kill = socket_kill,
2673
68db7a3b
ZJS		 2674 .get_timeout = socket_get_timeout,
2675
a16e1123
LP		 2676 .serialize = socket_serialize,
2677 .deserialize_item = socket_deserialize_item,
01e10de3 2678 .distribute_fds = socket_distribute_fds,
a16e1123 2679
5cb5a6ff 2680 .active_state = socket_active_state,
10a94420 2681 .sub_state_to_string = socket_sub_state_to_string,
5cb5a6ff 2682
6cf6bbc2
LP		 2683 .check_gc = socket_check_gc,
2684
034c6ed7 2685 .sigchld_event = socket_sigchld_event,
4139c1b2 2686
d137a488
UTL		 2687 .trigger_notify = socket_trigger_notify,
2688
fdf20a31 2689 .reset_failed = socket_reset_failed,
5632e374 2690
c4e2ceae 2691 .bus_interface = "org.freedesktop.systemd1.Socket",
718db961 2692 .bus_vtable = bus_socket_vtable,
74c964d3
LP		 2693 .bus_set_property = bus_socket_set_property,
2694 .bus_commit_properties = bus_socket_commit_properties,
c6918296
MS		 2695
2696 .status_message_formats = {
2697 /*.starting_stopping = {
2698 [0] = "Starting socket %s...",
2699 [1] = "Stopping socket %s...",
2700 },*/
2701 .finished_start_job = {
2702 [JOB_DONE] = "Listening on %s.",
2703 [JOB_FAILED] = "Failed to listen on %s.",
2704 [JOB_DEPENDENCY] = "Dependency failed for %s.",
2705 [JOB_TIMEOUT] = "Timed out starting %s.",
2706 },
2707 .finished_stop_job = {
2708 [JOB_DONE] = "Closed %s.",
2709 [JOB_FAILED] = "Failed stopping %s.",
2710 [JOB_TIMEOUT] = "Timed out stopping %s.",
2711 },
2712 },
5cb5a6ff 2713};
Unnamed repository; edit this file 'description' to name the repository.