]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/unit.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
core/scope: drop effectively unused unit_watch_pidref() calls (#38186)
[thirdparty/systemd.git] / src / core / unit.c
CommitLineData
db9ecf05 1/* SPDX-License-Identifier: LGPL-2.1-or-later */
a7334b09 2
6553db60 3#include <fnmatch.h>
836e4e7e 4#include <linux/capability.h>
4f5dd394 5#include <unistd.h>
87f0e418 6
836e4e7e 7#include "sd-bus.h"
718db961
LP		 8#include "sd-id128.h"
9#include "sd-messages.h"
4f5dd394 10
57b7a260 11#include "all-units.h"
d68c645b 12#include "alloc-util.h"
b7120388 13#include "ansi-color.h"
fab34748 14#include "bpf-firewall.h"
836e4e7e 15#include "bpf-restrict-fs.h"
4f5dd394 16#include "bus-common-errors.h"
8df433d7 17#include "bus-internal.h"
4f5dd394 18#include "bus-util.h"
fdb3deca 19#include "cgroup-setup.h"
c6c18be3 20#include "cgroup-util.h"
f461a28d 21#include "chase.h"
a89afe19 22#include "chattr-util.h"
836e4e7e 23#include "condition.h"
1cf40697 24#include "dbus-unit.h"
4f5dd394 25#include "dropin.h"
4ea4abb6 26#include "dynamic-user.h"
88e4bfa6 27#include "env-util.h"
4f5dd394 28#include "escape.h"
43962c30 29#include "exec-credential.h"
4f5dd394 30#include "execute.h"
6a48d82f 31#include "fd-util.h"
ee228be1 32#include "fileio.h"
f97b34a6 33#include "format-util.h"
836e4e7e 34#include "fs-util.h"
4b58153d 35#include "id128-util.h"
5cfa33e0 36#include "install.h"
bd1ae178 37#include "iovec-util.h"
0690160e 38#include "label-util.h"
4f5dd394
LP		 39#include "load-dropin.h"
40#include "load-fragment.h"
41#include "log.h"
8c41640a 42#include "logarithm.h"
35cd0ba5 43#include "mkdir-label.h"
836e4e7e
DDM		 44#include "manager.h"
45#include "mount-util.h"
276bd392 46#include "mountpoint-util.h"
4f5dd394 47#include "path-util.h"
0b452006 48#include "process-util.h"
a89afe19 49#include "quota-util.h"
810ef318 50#include "rm-rf.h"
48b92b37 51#include "serialize.h"
4f5dd394 52#include "set.h"
6eb7c172 53#include "signal-util.h"
836e4e7e 54#include "siphash24.h"
d3070fbd 55#include "sparse-endian.h"
e9db43d5 56#include "special.h"
2e59b241 57#include "specifier.h"
8fcde012 58#include "stat-util.h"
5afe510c 59#include "string-table.h"
07630cea 60#include "string-util.h"
4f5dd394 61#include "strv.h"
e4de7287 62#include "tmpfile-util.h"
4f4afc88 63#include "umask-util.h"
e9db43d5 64#include "unit.h"
1cf40697 65#include "unit-name.h"
b1d4f8e1 66#include "user-util.h"
bad578b1 67#include "varlink.h"
87f0e418 68
37109b85 69/* Thresholds for logging at INFO level about resource consumption */
b1b84bc5
MY		 70#define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
71#define MENTIONWORTHY_MEMORY_BYTES (64 * U64_MB)
72#define MENTIONWORTHY_IO_BYTES (1 * U64_MB)
73#define MENTIONWORTHY_IP_BYTES UINT64_C(0)
37109b85 74
b1b84bc5
MY		 75/* Thresholds for logging at NOTICE level about resource consumption */
76#define NOTICEWORTHY_CPU_NSEC (10 * NSEC_PER_MINUTE)
77#define NOTICEWORTHY_MEMORY_BYTES (512 * U64_MB)
78#define NOTICEWORTHY_IO_BYTES (10 * U64_MB)
79#define NOTICEWORTHY_IP_BYTES (128 * U64_MB)
37109b85 80
87f0e418 81const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
17f6b640
YW		 82 [UNIT_SERVICE] = &service_vtable,
83 [UNIT_SOCKET] = &socket_vtable,
84 [UNIT_TARGET] = &target_vtable,
85 [UNIT_DEVICE] = &device_vtable,
86 [UNIT_MOUNT] = &mount_vtable,
87f0e418 87 [UNIT_AUTOMOUNT] = &automount_vtable,
17f6b640
YW		 88 [UNIT_SWAP] = &swap_vtable,
89 [UNIT_TIMER] = &timer_vtable,
90 [UNIT_PATH] = &path_vtable,
91 [UNIT_SLICE] = &slice_vtable,
92 [UNIT_SCOPE] = &scope_vtable,
87f0e418
LP		 93};
94
75db809a 95Unit* unit_new(Manager *m, size_t size) {
87f0e418
LP		 96 Unit *u;
97
98 assert(m);
ac155bb8 99 assert(size >= sizeof(Unit));
87f0e418 100
7d17cfbc
MS		 101 u = malloc0(size);
102 if (!u)
87f0e418
LP		 103 return NULL;
104
ac155bb8
MS		 105 u->manager = m;
106 u->type = _UNIT_TYPE_INVALID;
ac155bb8
MS		 107 u->default_dependencies = true;
108 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
7cb7f8b8 109 u->unit_file_preset = _PRESET_ACTION_INVALID;
d420282b 110 u->on_failure_job_mode = JOB_REPLACE;
294446dc 111 u->on_success_job_mode = JOB_FAIL;
36c16a7c 112 u->job_timeout = USEC_INFINITY;
a2df3ea4 113 u->job_running_timeout = USEC_INFINITY;
00d9ef85
LP		 114 u->ref_uid = UID_INVALID;
115 u->ref_gid = GID_INVALID;
9824ab1f 116
7af67e9a 117 u->failure_action_exit_status = u->success_action_exit_status = -1;
87f0e418 118
2e59b241
LP		 119 u->last_section_private = -1;
120
14702b9c 121 u->start_ratelimit = m->defaults.start_limit;
c9e120e0 122
9cc54544
LP		 123 u->auto_start_stop_ratelimit = (const RateLimit) {
124 .interval = 10 * USEC_PER_SEC,
125 .burst = 16
126 };
127
87f0e418
LP		 128 return u;
129}
130
a581e45a 131int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
dc409696 132 _cleanup_(unit_freep) Unit *u = NULL;
a581e45a
LP		 133 int r;
134
135 u = unit_new(m, size);
136 if (!u)
137 return -ENOMEM;
138
139 r = unit_add_name(u, name);
dc409696 140 if (r < 0)
a581e45a 141 return r;
a581e45a 142
1cc6c93a
YW		 143 *ret = TAKE_PTR(u);
144
a581e45a
LP		 145 return r;
146}
147
303ee601 148bool unit_has_name(const Unit *u, const char *name) {
f278026d
LP		 149 assert(u);
150 assert(name);
151
4562c355
ZJS		 152 return streq_ptr(name, u->id) ||
153 set_contains(u->aliases, name);
f278026d
LP		 154}
155
598459ce
LP		 156static void unit_init(Unit *u) {
157 CGroupContext *cc;
158 ExecContext *ec;
159 KillContext *kc;
160
161 assert(u);
162 assert(u->manager);
163 assert(u->type >= 0);
164
165 cc = unit_get_cgroup_context(u);
166 if (cc) {
167 cgroup_context_init(cc);
168
169 /* Copy in the manager defaults into the cgroup
170 * context, _before_ the rest of the settings have
171 * been initialized */
172
c9e120e0 173 cc->io_accounting = u->manager->defaults.io_accounting;
c9e120e0
LP		 174 cc->memory_accounting = u->manager->defaults.memory_accounting;
175 cc->tasks_accounting = u->manager->defaults.tasks_accounting;
176 cc->ip_accounting = u->manager->defaults.ip_accounting;
0af20ea2
LP		 177
178 if (u->type != UNIT_SLICE)
c9e120e0 179 cc->tasks_max = u->manager->defaults.tasks_max;
6bb00842 180
c9e120e0
LP		 181 cc->memory_pressure_watch = u->manager->defaults.memory_pressure_watch;
182 cc->memory_pressure_threshold_usec = u->manager->defaults.memory_pressure_threshold_usec;
598459ce
LP		 183 }
184
185 ec = unit_get_exec_context(u);
b1edf445 186 if (ec) {
598459ce
LP		 187 exec_context_init(ec);
188
c9e120e0
LP		 189 if (u->manager->defaults.oom_score_adjust_set) {
190 ec->oom_score_adjust = u->manager->defaults.oom_score_adjust;
d4a402e4
LP		 191 ec->oom_score_adjust_set = true;
192 }
193
30bbdf07
G		 194 ec->restrict_suid_sgid = u->manager->defaults.restrict_suid_sgid;
195
5e37d193
FB		 196 if (MANAGER_IS_SYSTEM(u->manager))
197 ec->keyring_mode = EXEC_KEYRING_SHARED;
198 else {
199 ec->keyring_mode = EXEC_KEYRING_INHERIT;
200
201 /* User manager might have its umask redefined by PAM or UMask=. In this
202 * case let the units it manages inherit this value by default. They can
203 * still tune this value through their own unit file */
41beeb3e 204 (void) get_process_umask(0, &ec->umask);
5e37d193 205 }
b1edf445
LP		 206 }
207
598459ce
LP		 208 kc = unit_get_kill_context(u);
209 if (kc)
210 kill_context_init(kc);
211
212 if (UNIT_VTABLE(u)->init)
213 UNIT_VTABLE(u)->init(u);
214}
215
4562c355
ZJS		 216static int unit_add_alias(Unit *u, char *donated_name) {
217 int r;
218
219 /* Make sure that u->names is allocated. We may leave u->names
220 * empty if we fail later, but this is not a problem. */
5c6ea302 221 r = set_ensure_put(&u->aliases, &string_hash_ops_free, donated_name);
4562c355
ZJS		 222 if (r < 0)
223 return r;
224 assert(r > 0);
225
226 return 0;
227}
228
87f0e418 229int unit_add_name(Unit *u, const char *text) {
4562c355 230 _cleanup_free_ char *name = NULL, *instance = NULL;
87f0e418 231 UnitType t;
87f0e418
LP		 232 int r;
233
234 assert(u);
235 assert(text);
236
7410616c 237 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
ac155bb8 238 if (!u->instance)
acd1987a 239 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
4e494e6a 240 "Instance is not set when adding name '%s'.", text);
87f0e418 241
4562c355 242 r = unit_name_replace_instance(text, u->instance, &name);
7410616c 243 if (r < 0)
acd1987a 244 return log_unit_debug_errno(u, r,
4e494e6a 245 "Failed to build instance name from '%s': %m", text);
7410616c 246 } else {
4562c355
ZJS		 247 name = strdup(text);
248 if (!name)
7410616c
LP		 249 return -ENOMEM;
250 }
87f0e418 251
4562c355 252 if (unit_has_name(u, name))
7410616c 253 return 0;
4562c355
ZJS		 254
255 if (hashmap_contains(u->manager->units, name))
acd1987a 256 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
4e494e6a 257 "Unit already exist when adding name '%s'.", name);
7410616c 258
4562c355 259 if (!unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
acd1987a 260 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
4e494e6a 261 "Name '%s' is invalid.", name);
e537352b 262
4562c355 263 t = unit_name_to_type(name);
7410616c 264 if (t < 0)
acd1987a 265 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
4e494e6a 266 "failed to derive unit type from name '%s'.", name);
87f0e418 267
598459ce 268 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
acd1987a 269 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
4e494e6a 270 "Unit type is illegal: u->type(%d) and t(%d) for name '%s'.",
4562c355 271 u->type, t, name);
87f0e418 272
4562c355 273 r = unit_name_to_instance(name, &instance);
e48614c4 274 if (r < 0)
4e494e6a 275 return log_unit_debug_errno(u, r, "Failed to extract instance from name '%s': %m", name);
87f0e418 276
4562c355 277 if (instance && !unit_type_may_template(t))
4e494e6a 278 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), "Templates are not allowed for name '%s'.", name);
9e2f7c11 279
d383acad
ZJS		 280 /* Ensure that this unit either has no instance, or that the instance matches. */
281 if (u->type != _UNIT_TYPE_INVALID && !streq_ptr(u->instance, instance))
acd1987a 282 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
4e494e6a 283 "Cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
ada4b34e 284 name, instance, u->instance);
9e2f7c11 285
4562c355 286 if (u->id && !unit_type_may_alias(t))
ada4b34e 287 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
4e494e6a 288 "Cannot add name %s, aliases are not allowed for %s units.",
ada4b34e 289 name, unit_type_to_string(t));
9e2f7c11 290
598459ce 291 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
4e494e6a 292 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(E2BIG), "Cannot add name, manager has too many units.");
4f0f902f 293
4562c355
ZJS		 294 /* Add name to the global hashmap first, because that's easier to undo */
295 r = hashmap_put(u->manager->units, name, u);
7410616c 296 if (r < 0)
4e494e6a 297 return log_unit_debug_errno(u, r, "Add unit to hashmap failed for name '%s': %m", text);
87f0e418 298
4562c355
ZJS		 299 if (u->id) {
300 r = unit_add_alias(u, name); /* unit_add_alias() takes ownership of the name on success */
301 if (r < 0) {
302 hashmap_remove(u->manager->units, name);
303 return r;
304 }
305 TAKE_PTR(name);
306
307 } else {
308 /* A new name, we don't need the set yet. */
309 assert(u->type == _UNIT_TYPE_INVALID);
310 assert(!u->instance);
311
ac155bb8 312 u->type = t;
4562c355
ZJS		 313 u->id = TAKE_PTR(name);
314 u->instance = TAKE_PTR(instance);
9e2f7c11 315
71fda00f 316 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
598459ce 317 unit_init(u);
598459ce 318 }
9e2f7c11 319
598459ce
LP		 320 unit_add_to_dbus_queue(u);
321 return 0;
87f0e418
LP		 322}
323
0ae97ec1 324int unit_choose_id(Unit *u, const char *name) {
68eda4bd 325 _cleanup_free_ char *t = NULL;
4562c355 326 char *s;
276c3e78 327 int r;
0ae97ec1
LP		 328
329 assert(u);
330 assert(name);
331
7410616c 332 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 333 if (!u->instance)
9e2f7c11
LP		 334 return -EINVAL;
335
7410616c
LP		 336 r = unit_name_replace_instance(name, u->instance, &t);
337 if (r < 0)
338 return r;
9e2f7c11
LP		 339
340 name = t;
341 }
342
4562c355
ZJS		 343 if (streq_ptr(u->id, name))
344 return 0; /* Nothing to do. */
345
346 /* Selects one of the aliases of this unit as the id */
347 s = set_get(u->aliases, (char*) name);
9e2f7c11 348 if (!s)
0ae97ec1
LP		 349 return -ENOENT;
350
4562c355
ZJS		 351 if (u->id) {
352 r = set_remove_and_put(u->aliases, name, u->id);
353 if (r < 0)
354 return r;
355 } else
356 assert_se(set_remove(u->aliases, name)); /* see set_get() above… */
276c3e78 357
4562c355 358 u->id = s; /* Old u->id is now stored in the set, and s is not stored anywhere */
c1e1601e 359 unit_add_to_dbus_queue(u);
9e2f7c11 360
0ae97ec1
LP		 361 return 0;
362}
363
f50e0a01 364int unit_set_description(Unit *u, const char *description) {
84b26d51 365 int r;
f50e0a01
LP		 366
367 assert(u);
368
84b26d51
LP		 369 r = free_and_strdup(&u->description, empty_to_null(description));
370 if (r < 0)
371 return r;
372 if (r > 0)
373 unit_add_to_dbus_queue(u);
c1e1601e 374
f50e0a01
LP		 375 return 0;
376}
377
02de9614
ZJS		 378static bool unit_success_failure_handler_has_jobs(Unit *unit) {
379 Unit *other;
380
381 UNIT_FOREACH_DEPENDENCY(other, unit, UNIT_ATOM_ON_SUCCESS)
382 if (other->job || other->nop_job)
383 return true;
384
385 UNIT_FOREACH_DEPENDENCY(other, unit, UNIT_ATOM_ON_FAILURE)
386 if (other->job || other->nop_job)
387 return true;
388
389 return false;
390}
391
6ac62d61
LP		 392void unit_release_resources(Unit *u) {
393 UnitActiveState state;
1ba84fef 394 ExecContext *ec;
6ac62d61
LP		 395
396 assert(u);
397
398 if (u->job || u->nop_job)
399 return;
400
401 if (u->perpetual)
402 return;
403
404 state = unit_active_state(u);
468e8726 405 if (!UNIT_IS_INACTIVE_OR_FAILED(state))
6ac62d61
LP		 406 return;
407
408 if (unit_will_restart(u))
409 return;
410
1ba84fef
LP		 411 ec = unit_get_exec_context(u);
412 if (ec && ec->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART)
413 exec_context_destroy_runtime_directory(ec, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
414
6ac62d61
LP		 415 if (UNIT_VTABLE(u)->release_resources)
416 UNIT_VTABLE(u)->release_resources(u);
417}
418
f2f725e5 419bool unit_may_gc(Unit *u) {
a354329f 420 UnitActiveState state;
e98b2fbb 421 int r;
5afe510c 422
701cc384
LP		 423 assert(u);
424
6ac62d61
LP		 425 /* Checks whether the unit is ready to be unloaded for garbage collection. Returns true when the
426 * unit may be collected, and false if there's some reason to keep it loaded.
2641f02e 427 *
6ac62d61
LP		 428 * References from other units are *not* checked here. Instead, this is done in unit_gc_sweep(), but
429 * using markers to properly collect dependency loops.
2641f02e 430 */
5afe510c 431
02de9614 432 if (u->job || u->nop_job)
f2f725e5 433 return false;
6c073082 434
f5869324 435 if (u->perpetual)
f2f725e5 436 return false;
9d576438 437
935f8042
LP		 438 /* if we saw a cgroup empty event for this unit, stay around until we processed it so that we remove
439 * the empty cgroup if possible. Similar, process any pending OOM events if they are already queued
440 * before we release the unit. */
441 if (u->in_cgroup_empty_queue || u->in_cgroup_oom_queue)
8db99898
RP		 442 return false;
443
af05bb97
LP		 444 /* Make sure to send out D-Bus events before we unload the unit */
445 if (u->in_dbus_queue)
446 return false;
447
05a98afd 448 if (sd_bus_track_count(u->bus_track) > 0)
f2f725e5 449 return false;
05a98afd 450
6ac62d61
LP		 451 state = unit_active_state(u);
452
453 /* But we keep the unit object around for longer when it is referenced or configured to not be
454 * gc'ed */
5afe510c
LP		 455 switch (u->collect_mode) {
456
457 case COLLECT_INACTIVE:
458 if (state != UNIT_INACTIVE)
f2f725e5 459 return false;
5afe510c
LP		 460
461 break;
462
463 case COLLECT_INACTIVE_OR_FAILED:
fcd7aef7 464 if (!UNIT_IS_INACTIVE_OR_FAILED(state))
f2f725e5 465 return false;
5afe510c
LP		 466
467 break;
468
469 default:
04499a70 470 assert_not_reached();
5afe510c
LP		 471 }
472
02de9614
ZJS		 473 /* Check if any OnFailure= or on Success= jobs may be pending */
474 if (unit_success_failure_handler_has_jobs(u))
475 return false;
476
9cc54544
LP		 477 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
478 * around. Units with active processes should never be collected. */
479 r = unit_cgroup_is_empty(u);
4918f14a
MY		 480 if (r <= 0 && !IN_SET(r, -ENXIO, -EOWNERDEAD))
481 return false; /* ENXIO/EOWNERDEAD means: currently not realized */
e98b2fbb 482
6ac62d61
LP		 483 if (!UNIT_VTABLE(u)->may_gc)
484 return true;
701cc384 485
6ac62d61 486 return UNIT_VTABLE(u)->may_gc(u);
701cc384
LP		 487}
488
87f0e418
LP		 489void unit_add_to_load_queue(Unit *u) {
490 assert(u);
ac155bb8 491 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 492
ac155bb8 493 if (u->load_state != UNIT_STUB || u->in_load_queue)
87f0e418
LP		 494 return;
495
71fda00f 496 LIST_PREPEND(load_queue, u->manager->load_queue, u);
ac155bb8 497 u->in_load_queue = true;
87f0e418
LP		 498}
499
23a177ef
LP		 500void unit_add_to_cleanup_queue(Unit *u) {
501 assert(u);
502
ac155bb8 503 if (u->in_cleanup_queue)
23a177ef
LP		 504 return;
505
71fda00f 506 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
ac155bb8 507 u->in_cleanup_queue = true;
23a177ef
LP		 508}
509
701cc384
LP		 510void unit_add_to_gc_queue(Unit *u) {
511 assert(u);
512
ac155bb8 513 if (u->in_gc_queue || u->in_cleanup_queue)
701cc384
LP		 514 return;
515
f2f725e5 516 if (!unit_may_gc(u))
701cc384
LP		 517 return;
518
c5a97ed1 519 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
ac155bb8 520 u->in_gc_queue = true;
701cc384
LP		 521}
522
c1e1601e
LP		 523void unit_add_to_dbus_queue(Unit *u) {
524 assert(u);
ac155bb8 525 assert(u->type != _UNIT_TYPE_INVALID);
c1e1601e 526
ac155bb8 527 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
c1e1601e
LP		 528 return;
529
a567261a 530 /* Shortcut things if nobody cares */
8f8f05a9 531 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
ae572acd 532 sd_bus_track_count(u->bus_track) <= 0 &&
8f8f05a9 533 set_isempty(u->manager->private_buses)) {
ac155bb8 534 u->sent_dbus_new_signal = true;
94b6dfa2
LP		 535 return;
536 }
537
71fda00f 538 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
ac155bb8 539 u->in_dbus_queue = true;
c1e1601e
LP		 540}
541
fda09318 542void unit_submit_to_stop_when_unneeded_queue(Unit *u) {
a3c1168a
LP		 543 assert(u);
544
545 if (u->in_stop_when_unneeded_queue)
546 return;
547
548 if (!u->stop_when_unneeded)
549 return;
550
551 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
552 return;
553
554 LIST_PREPEND(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
555 u->in_stop_when_unneeded_queue = true;
556}
557
0bc488c9
LP		 558void unit_submit_to_start_when_upheld_queue(Unit *u) {
559 assert(u);
560
561 if (u->in_start_when_upheld_queue)
562 return;
563
564 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)))
565 return;
566
567 if (!unit_has_dependency(u, UNIT_ATOM_START_STEADILY, NULL))
568 return;
569
570 LIST_PREPEND(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
571 u->in_start_when_upheld_queue = true;
572}
573
56c59592
LP		 574void unit_submit_to_stop_when_bound_queue(Unit *u) {
575 assert(u);
576
577 if (u->in_stop_when_bound_queue)
578 return;
579
580 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
581 return;
582
583 if (!unit_has_dependency(u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT, NULL))
584 return;
585
586 LIST_PREPEND(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
587 u->in_stop_when_bound_queue = true;
588}
589
1ba84fef
LP		 590static bool unit_can_release_resources(Unit *u) {
591 ExecContext *ec;
592
593 assert(u);
594
595 if (UNIT_VTABLE(u)->release_resources)
596 return true;
597
598 ec = unit_get_exec_context(u);
599 if (ec && ec->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART)
600 return true;
601
602 return false;
603}
604
6ac62d61
LP		 605void unit_submit_to_release_resources_queue(Unit *u) {
606 assert(u);
607
608 if (u->in_release_resources_queue)
609 return;
610
611 if (u->job || u->nop_job)
612 return;
613
614 if (u->perpetual)
615 return;
616
1ba84fef 617 if (!unit_can_release_resources(u))
6ac62d61
LP		 618 return;
619
620 LIST_PREPEND(release_resources_queue, u->manager->release_resources_queue, u);
621 u->in_release_resources_queue = true;
622}
623
1b4ab5a2
MY		 624void unit_add_to_stop_notify_queue(Unit *u) {
625 assert(u);
626
627 if (u->in_stop_notify_queue)
628 return;
629
630 assert(UNIT_VTABLE(u)->stop_notify);
631
632 LIST_PREPEND(stop_notify_queue, u->manager->stop_notify_queue, u);
633 u->in_stop_notify_queue = true;
634}
635
636void unit_remove_from_stop_notify_queue(Unit *u) {
637 assert(u);
638
639 if (!u->in_stop_notify_queue)
640 return;
641
642 LIST_REMOVE(stop_notify_queue, u->manager->stop_notify_queue, u);
643 u->in_stop_notify_queue = false;
644}
645
15ed3c3a 646static void unit_clear_dependencies(Unit *u) {
87f0e418
LP		 647 assert(u);
648
15ed3c3a
LP		 649 /* Removes all dependencies configured on u and their reverse dependencies. */
650
651 for (Hashmap *deps; (deps = hashmap_steal_first(u->dependencies));) {
87f0e418 652
15ed3c3a
LP		 653 for (Unit *other; (other = hashmap_steal_first_key(deps));) {
654 Hashmap *other_deps;
701cc384 655
15ed3c3a
LP		 656 HASHMAP_FOREACH(other_deps, other->dependencies)
657 hashmap_remove(other_deps, u);
658
659 unit_add_to_gc_queue(other);
b7777d08 660 other->dependency_generation++;
15ed3c3a
LP		 661 }
662
663 hashmap_free(deps);
87f0e418
LP		 664 }
665
15ed3c3a 666 u->dependencies = hashmap_free(u->dependencies);
b7777d08 667 u->dependency_generation++;
87f0e418
LP		 668}
669
c2756a68 670static void unit_remove_transient(Unit *u) {
c2756a68 671 assert(u);
fce94c5c 672 assert(u->manager);
c2756a68
LP		 673
674 if (!u->transient)
675 return;
676
c2756a68 677 STRV_FOREACH(i, u->dropin_paths) {
39591351 678 _cleanup_free_ char *p = NULL, *pp = NULL;
c2756a68 679
45519d13 680 if (path_extract_directory(*i, &p) < 0) /* Get the drop-in directory from the drop-in file */
39591351
LP		 681 continue;
682
45519d13 683 if (path_extract_directory(p, &pp) < 0) /* Get the config directory from the drop-in directory */
39591351
LP		 684 continue;
685
686 /* Only drop transient drop-ins */
687 if (!path_equal(u->manager->lookup_paths.transient, pp))
688 continue;
c2756a68 689
39591351
LP		 690 (void) unlink(*i);
691 (void) rmdir(p);
c2756a68 692 }
fce94c5c
YW		 693
694 if (u->fragment_path) {
695 (void) unlink(u->fragment_path);
696 (void) unit_file_remove_from_name_map(
697 &u->manager->lookup_paths,
698 &u->manager->unit_cache_timestamp_hash,
699 &u->manager->unit_id_map,
700 &u->manager->unit_name_map,
701 &u->manager->unit_path_cache,
702 u->fragment_path);
703 }
c2756a68
LP		 704}
705
9e615fa3 706static void unit_free_mounts_for(Unit *u) {
eef85c4a 707 assert(u);
a57f7e2c 708
9e615fa3
LB		 709 for (UnitMountDependencyType t = 0; t < _UNIT_MOUNT_DEPENDENCY_TYPE_MAX; ++t) {
710 for (;;) {
711 _cleanup_free_ char *path = NULL;
712
713 path = hashmap_steal_first_key(u->mounts_for[t]);
714 if (!path)
715 break;
a57f7e2c 716
eef85c4a 717 char s[strlen(path) + 1];
a57f7e2c 718
eef85c4a
LP		 719 PATH_FOREACH_PREFIX_MORE(s, path) {
720 char *y;
721 Set *x;
722
9e615fa3 723 x = hashmap_get2(u->manager->units_needing_mounts_for[t], s, (void**) &y);
eef85c4a
LP		 724 if (!x)
725 continue;
a57f7e2c 726
eef85c4a 727 (void) set_remove(x, u);
a57f7e2c 728
eef85c4a 729 if (set_isempty(x)) {
9e615fa3 730 assert_se(hashmap_remove(u->manager->units_needing_mounts_for[t], y));
eef85c4a
LP		 731 free(y);
732 set_free(x);
733 }
a57f7e2c
LP		 734 }
735 }
a57f7e2c 736
9e615fa3
LB		 737 u->mounts_for[t] = hashmap_free(u->mounts_for[t]);
738 }
a57f7e2c
LP		 739}
740
598459ce
LP		 741static void unit_done(Unit *u) {
742 ExecContext *ec;
743 CGroupContext *cc;
744
745 assert(u);
746
747 if (u->type < 0)
748 return;
749
750 if (UNIT_VTABLE(u)->done)
751 UNIT_VTABLE(u)->done(u);
752
753 ec = unit_get_exec_context(u);
754 if (ec)
755 exec_context_done(ec);
756
757 cc = unit_get_cgroup_context(u);
758 if (cc)
759 cgroup_context_done(cc);
760}
761
75db809a 762Unit* unit_free(Unit *u) {
12f64221 763 Unit *slice;
87f0e418
LP		 764 char *t;
765
c9d5c9c0 766 if (!u)
75db809a 767 return NULL;
87f0e418 768
7223d500
LB		 769 sd_event_source_disable_unref(u->auto_start_stop_event_source);
770
50fb00b7 771 u->transient_file = safe_fclose(u->transient_file);
4f4afc88 772
2c289ea8 773 if (!MANAGER_IS_RELOADING(u->manager))
c2756a68
LP		 774 unit_remove_transient(u);
775
c1e1601e
LP		 776 bus_unit_send_removed_signal(u);
777
598459ce 778 unit_done(u);
a013b84b 779
73458283
YW		 780 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
781 u->bus_track = sd_bus_track_unref(u->bus_track);
05a98afd 782 u->deserialized_refs = strv_free(u->deserialized_refs);
af1e3365 783 u->pending_freezer_invocation = sd_bus_message_unref(u->pending_freezer_invocation);
05a98afd 784
9e615fa3 785 unit_free_mounts_for(u);
a57f7e2c 786
90e74a66 787 SET_FOREACH(t, u->aliases)
ac155bb8 788 hashmap_remove_value(u->manager->units, t, u);
4562c355
ZJS		 789 if (u->id)
790 hashmap_remove_value(u->manager->units, u->id, u);
87f0e418 791
4b58153d
LP		 792 if (!sd_id128_is_null(u->invocation_id))
793 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
794
97e7d748
MS		 795 if (u->job) {
796 Job *j = u->job;
797 job_uninstall(j);
798 job_free(j);
799 }
964e0949 800
e0209d83
MS		 801 if (u->nop_job) {
802 Job *j = u->nop_job;
803 job_uninstall(j);
804 job_free(j);
805 }
806
4c591f39
MK		 807 /* A unit is being dropped from the tree, make sure our family is realized properly. Do this after we
808 * detach the unit from slice tree in order to eliminate its effect on controller masks. */
12f64221 809 slice = UNIT_GET_SLICE(u);
d219a2b0 810 unit_clear_dependencies(u);
12f64221
LP		 811 if (slice)
812 unit_add_family_to_cgroup_realize_queue(slice);
fb46fca7 813
adefcf28
LP		 814 if (u->on_console)
815 manager_unref_console(u->manager);
816
4918f14a 817 unit_release_cgroup(u, /* drop_cgroup_runtime = */ true);
72673e86 818
d3070fbd
LP		 819 if (!MANAGER_IS_RELOADING(u->manager))
820 unit_unlink_state_files(u);
821
00d9ef85
LP		 822 unit_unref_uid_gid(u, false);
823
5269eb6b 824 (void) manager_update_failed_units(u->manager, u, false);
db785129 825 set_remove(u->manager->startup_units, u);
f755e3b7 826
a911bb9a
LP		 827 unit_unwatch_all_pids(u);
828
7f7d01ed
ZJS		 829 while (u->refs_by_target)
830 unit_ref_unset(u->refs_by_target);
57020a3a 831
ac155bb8 832 if (u->type != _UNIT_TYPE_INVALID)
71fda00f 833 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
ef734fd6 834
ac155bb8 835 if (u->in_load_queue)
71fda00f 836 LIST_REMOVE(load_queue, u->manager->load_queue, u);
87f0e418 837
ac155bb8 838 if (u->in_dbus_queue)
71fda00f 839 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
c1e1601e 840
13e72103
MK		 841 if (u->in_cleanup_queue)
842 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
843
a2d72e26 844 if (u->in_gc_queue)
c5a97ed1 845 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
701cc384 846
91a6073e
LP		 847 if (u->in_cgroup_realize_queue)
848 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
87f0e418 849
09e24654
LP		 850 if (u->in_cgroup_empty_queue)
851 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
852
13e72103
MK		 853 if (u->in_cgroup_oom_queue)
854 LIST_REMOVE(cgroup_oom_queue, u->manager->cgroup_oom_queue, u);
adefcf28 855
19496554
MS		 856 if (u->in_target_deps_queue)
857 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
858
a3c1168a
LP		 859 if (u->in_stop_when_unneeded_queue)
860 LIST_REMOVE(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
861
0bc488c9
LP		 862 if (u->in_start_when_upheld_queue)
863 LIST_REMOVE(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
864
56c59592
LP		 865 if (u->in_stop_when_bound_queue)
866 LIST_REMOVE(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
867
6ac62d61
LP		 868 if (u->in_release_resources_queue)
869 LIST_REMOVE(release_resources_queue, u->manager->release_resources_queue, u);
870
1b4ab5a2
MY		 871 unit_remove_from_stop_notify_queue(u);
872
a946fa9b
ZJS		 873 condition_free_list(u->conditions);
874 condition_free_list(u->asserts);
f755e3b7 875
ac155bb8 876 free(u->description);
49dbfa7b 877 strv_free(u->documentation);
ac155bb8 878 free(u->fragment_path);
1b64d026 879 free(u->source_path);
ae7a7182 880 strv_free(u->dropin_paths);
ac155bb8 881 free(u->instance);
87f0e418 882
f189ab18 883 free(u->job_timeout_reboot_arg);
6bf0f408
LP		 884 free(u->reboot_arg);
885
23e9a7dd
LP		 886 free(u->access_selinux_context);
887
5c6ea302 888 set_free(u->aliases);
4562c355
ZJS		 889 free(u->id);
890
48b92b37
LB		 891 activation_details_unref(u->activation_details);
892
75db809a 893 return mfree(u);
87f0e418
LP		 894}
895
896UnitActiveState unit_active_state(Unit *u) {
897 assert(u);
898
ac155bb8 899 if (u->load_state == UNIT_MERGED)
6124958c
LP		 900 return unit_active_state(unit_follow_merge(u));
901
902 /* After a reload it might happen that a unit is not correctly
903 * loaded but still has a process around. That's why we won't
fdf20a31 904 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
87f0e418
LP		 905
906 return UNIT_VTABLE(u)->active_state(u);
907}
908
10a94420
LP		 909const char* unit_sub_state_to_string(Unit *u) {
910 assert(u);
911
912 return UNIT_VTABLE(u)->sub_state_to_string(u);
913}
914
15ed3c3a 915static int unit_merge_names(Unit *u, Unit *other) {
4562c355 916 char *name;
7c0b05e5 917 int r;
87f0e418 918
23a177ef
LP		 919 assert(u);
920 assert(other);
921
4562c355 922 r = unit_add_alias(u, other->id);
7c0b05e5
MS		 923 if (r < 0)
924 return r;
23a177ef 925
4562c355
ZJS		 926 r = set_move(u->aliases, other->aliases);
927 if (r < 0) {
928 set_remove(u->aliases, other->id);
929 return r;
930 }
23a177ef 931
4562c355 932 TAKE_PTR(other->id);
5c6ea302 933 other->aliases = set_free(other->aliases);
23a177ef 934
90e74a66 935 SET_FOREACH(name, u->aliases)
4562c355 936 assert_se(hashmap_replace(u->manager->units, name, u) == 0);
7c0b05e5
MS		 937
938 return 0;
87f0e418
LP		 939}
940
15ed3c3a
LP		 941static int unit_reserve_dependencies(Unit *u, Unit *other) {
942 size_t n_reserve;
943 Hashmap* deps;
944 void *d;
945 int r;
09a65f92
MS		 946
947 assert(u);
948 assert(other);
09a65f92 949
15ed3c3a
LP		 950 /* Let's reserve some space in the dependency hashmaps so that later on merging the units cannot
951 * fail.
952 *
18fe76eb 953 * First make some room in the per dependency type hashmaps. Using the summed size of both units'
15ed3c3a
LP		 954 * hashmaps is an estimate that is likely too high since they probably use some of the same
955 * types. But it's never too low, and that's all we need. */
956
957 n_reserve = MIN(hashmap_size(other->dependencies), LESS_BY((size_t) _UNIT_DEPENDENCY_MAX, hashmap_size(u->dependencies)));
958 if (n_reserve > 0) {
959 r = hashmap_ensure_allocated(&u->dependencies, NULL);
960 if (r < 0)
961 return r;
962
963 r = hashmap_reserve(u->dependencies, n_reserve);
964 if (r < 0)
965 return r;
966 }
967
968 /* Now, enlarge our per dependency type hashmaps by the number of entries in the same hashmap of the
969 * other unit's dependencies.
970 *
971 * NB: If u does not have a dependency set allocated for some dependency type, there is no need to
972 * reserve anything for. In that case other's set will be transferred as a whole to u by
973 * complete_move(). */
974
975 HASHMAP_FOREACH_KEY(deps, d, u->dependencies) {
976 Hashmap *other_deps;
977
978 other_deps = hashmap_get(other->dependencies, d);
979
980 r = hashmap_reserve(deps, hashmap_size(other_deps));
981 if (r < 0)
982 return r;
983 }
984
985 return 0;
986}
987
ed991163 988static bool unit_should_warn_about_dependency(UnitDependency dependency) {
15ed3c3a 989 /* Only warn about some unit types */
ed991163
YW		 990 return IN_SET(dependency,
991 UNIT_CONFLICTS,
992 UNIT_CONFLICTED_BY,
993 UNIT_BEFORE,
994 UNIT_AFTER,
995 UNIT_ON_SUCCESS,
996 UNIT_ON_FAILURE,
997 UNIT_TRIGGERS,
998 UNIT_TRIGGERED_BY);
15ed3c3a
LP		 999}
1000
1001static int unit_per_dependency_type_hashmap_update(
1002 Hashmap *per_type,
1003 Unit *other,
1004 UnitDependencyMask origin_mask,
1005 UnitDependencyMask destination_mask) {
1006
1007 UnitDependencyInfo info;
1008 int r;
1009
1010 assert(other);
1011 assert_cc(sizeof(void*) == sizeof(info));
1012
1013 /* Acquire the UnitDependencyInfo entry for the Unit* we are interested in, and update it if it
1014 * exists, or insert it anew if not. */
09a65f92 1015
15ed3c3a
LP		 1016 info.data = hashmap_get(per_type, other);
1017 if (info.data) {
1018 /* Entry already exists. Add in our mask. */
1019
1020 if (FLAGS_SET(origin_mask, info.origin_mask) &&
1021 FLAGS_SET(destination_mask, info.destination_mask))
1022 return 0; /* NOP */
1023
1024 info.origin_mask |= origin_mask;
1025 info.destination_mask |= destination_mask;
1026
1027 r = hashmap_update(per_type, other, info.data);
1028 } else {
1029 info = (UnitDependencyInfo) {
1030 .origin_mask = origin_mask,
1031 .destination_mask = destination_mask,
1032 };
09a65f92 1033
15ed3c3a
LP		 1034 r = hashmap_put(per_type, other, info.data);
1035 }
1036 if (r < 0)
1037 return r;
1038
15ed3c3a 1039 return 1;
09a65f92
MS		 1040}
1041
c8b3b524
YW		 1042static void unit_merge_dependencies(Unit *u, Unit *other) {
1043 Hashmap *deps;
1044 void *dt; /* Actually of type UnitDependency, except that we don't bother casting it here,
1045 * since the hashmaps all want it as void pointer. */
eef85c4a 1046
23a177ef
LP		 1047 assert(u);
1048 assert(other);
23a177ef 1049
15ed3c3a
LP		 1050 if (u == other)
1051 return;
1052
c8b3b524
YW		 1053 /* First, remove dependency to other. */
1054 HASHMAP_FOREACH_KEY(deps, dt, u->dependencies) {
ed991163
YW		 1055 if (hashmap_remove(deps, other) && unit_should_warn_about_dependency(UNIT_DEPENDENCY_FROM_PTR(dt)))
1056 log_unit_warning(u, "Dependency %s=%s is dropped, as %s is merged into %s.",
1057 unit_dependency_to_string(UNIT_DEPENDENCY_FROM_PTR(dt)),
1058 other->id, other->id, u->id);
c8b3b524
YW		 1059
1060 if (hashmap_isempty(deps))
1061 hashmap_free(hashmap_remove(u->dependencies, dt));
1062 }
1063
15ed3c3a 1064 for (;;) {
5d2a48da 1065 _cleanup_hashmap_free_ Hashmap *other_deps = NULL;
15ed3c3a
LP		 1066 UnitDependencyInfo di_back;
1067 Unit *back;
15ed3c3a
LP		 1068
1069 /* Let's focus on one dependency type at a time, that 'other' has defined. */
1070 other_deps = hashmap_steal_first_key_and_value(other->dependencies, &dt);
1071 if (!other_deps)
1072 break; /* done! */
1073
4b7918a6
YW		 1074 deps = hashmap_get(u->dependencies, dt);
1075
15ed3c3a
LP		 1076 /* Now iterate through all dependencies of this dependency type, of 'other'. We refer to the
1077 * referenced units as 'back'. */
1078 HASHMAP_FOREACH_KEY(di_back.data, back, other_deps) {
1079 Hashmap *back_deps;
1080 void *back_dt;
eef85c4a 1081
e66047ff 1082 if (back == u) {
15ed3c3a
LP		 1083 /* This is a dependency pointing back to the unit we want to merge with?
1084 * Suppress it (but warn) */
ed991163
YW		 1085 if (unit_should_warn_about_dependency(UNIT_DEPENDENCY_FROM_PTR(dt)))
1086 log_unit_warning(u, "Dependency %s=%s in %s is dropped, as %s is merged into %s.",
1087 unit_dependency_to_string(UNIT_DEPENDENCY_FROM_PTR(dt)),
1088 u->id, other->id, other->id, u->id);
1089
4b7918a6 1090 hashmap_remove(other_deps, back);
15ed3c3a
LP		 1091 continue;
1092 }
eef85c4a 1093
15ed3c3a
LP		 1094 /* Now iterate through all deps of 'back', and fix the ones pointing to 'other' to
1095 * point to 'u' instead. */
1096 HASHMAP_FOREACH_KEY(back_deps, back_dt, back->dependencies) {
1097 UnitDependencyInfo di_move;
eef85c4a 1098
15ed3c3a
LP		 1099 di_move.data = hashmap_remove(back_deps, other);
1100 if (!di_move.data)
1101 continue;
eef85c4a 1102
15ed3c3a
LP		 1103 assert_se(unit_per_dependency_type_hashmap_update(
1104 back_deps,
1105 u,
1106 di_move.origin_mask,
1107 di_move.destination_mask) >= 0);
1108 }
eef85c4a 1109
15ed3c3a 1110 /* The target unit already has dependencies of this type, let's then merge this individually. */
4b7918a6
YW		 1111 if (deps)
1112 assert_se(unit_per_dependency_type_hashmap_update(
1113 deps,
1114 back,
1115 di_back.origin_mask,
1116 di_back.destination_mask) >= 0);
15ed3c3a 1117 }
4b7918a6
YW		 1118
1119 /* Now all references towards 'other' of the current type 'dt' are corrected to point to 'u'.
1120 * Lets's now move the deps of type 'dt' from 'other' to 'u'. If the unit does not have
1121 * dependencies of this type, let's move them per type wholesale. */
1122 if (!deps)
1123 assert_se(hashmap_put(u->dependencies, dt, TAKE_PTR(other_deps)) >= 0);
15ed3c3a 1124 }
23a177ef 1125
15ed3c3a 1126 other->dependencies = hashmap_free(other->dependencies);
b7777d08
YW		 1127
1128 u->dependency_generation++;
1129 other->dependency_generation++;
23a177ef
LP		 1130}
1131
1132int unit_merge(Unit *u, Unit *other) {
09a65f92 1133 int r;
87f0e418
LP		 1134
1135 assert(u);
1136 assert(other);
ac155bb8
MS		 1137 assert(u->manager == other->manager);
1138 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 1139
cc916967
LP		 1140 other = unit_follow_merge(other);
1141
23a177ef
LP		 1142 if (other == u)
1143 return 0;
1144
ac155bb8 1145 if (u->type != other->type)
9e2f7c11
LP		 1146 return -EINVAL;
1147
8a993b61 1148 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
934e749e
LP		 1149 return -EEXIST;
1150
ec2ce0c5 1151 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
23a177ef 1152 return -EEXIST;
87f0e418 1153
d383acad
ZJS		 1154 if (!streq_ptr(u->instance, other->instance))
1155 return -EINVAL;
1156
ac155bb8 1157 if (other->job)
819e213f
LP		 1158 return -EEXIST;
1159
e0209d83
MS		 1160 if (other->nop_job)
1161 return -EEXIST;
1162
fdf20a31 1163 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
819e213f
LP		 1164 return -EEXIST;
1165
15ed3c3a
LP		 1166 /* Make reservations to ensure merge_dependencies() won't fail. We don't rollback reservations if we
1167 * fail. We don't have a way to undo reservations. A reservation is not a leak. */
1168 r = unit_reserve_dependencies(u, other);
1169 if (r < 0)
1170 return r;
09a65f92 1171
57020a3a 1172 /* Redirect all references */
7f7d01ed
ZJS		 1173 while (other->refs_by_target)
1174 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
57020a3a 1175
87f0e418 1176 /* Merge dependencies */
15ed3c3a 1177 unit_merge_dependencies(u, other);
87f0e418 1178
1d0c81a0
YW		 1179 /* Merge names. It is better to do that after merging deps, otherwise the log message contains n/a. */
1180 r = unit_merge_names(u, other);
1181 if (r < 0)
1182 return r;
1183
ac155bb8
MS		 1184 other->load_state = UNIT_MERGED;
1185 other->merged_into = u;
23a177ef 1186
48b92b37
LB		 1187 if (!u->activation_details)
1188 u->activation_details = activation_details_ref(other->activation_details);
1189
3616a49c
LP		 1190 /* If there is still some data attached to the other node, we
1191 * don't need it anymore, and can free it. */
ac155bb8 1192 if (other->load_state != UNIT_STUB)
3616a49c
LP		 1193 if (UNIT_VTABLE(other)->done)
1194 UNIT_VTABLE(other)->done(other);
1195
1196 unit_add_to_dbus_queue(u);
23a177ef
LP		 1197 unit_add_to_cleanup_queue(other);
1198
1199 return 0;
1200}
1201
1202int unit_merge_by_name(Unit *u, const char *name) {
934e749e 1203 _cleanup_free_ char *s = NULL;
23a177ef 1204 Unit *other;
9e2f7c11 1205 int r;
23a177ef 1206
e8630e69
ZJS		 1207 /* Either add name to u, or if a unit with name already exists, merge it with u.
1208 * If name is a template, do the same for name@instance, where instance is u's instance. */
1209
23a177ef
LP		 1210 assert(u);
1211 assert(name);
1212
7410616c 1213 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 1214 if (!u->instance)
9e2f7c11
LP		 1215 return -EINVAL;
1216
7410616c
LP		 1217 r = unit_name_replace_instance(name, u->instance, &s);
1218 if (r < 0)
1219 return r;
9e2f7c11
LP		 1220
1221 name = s;
1222 }
1223
c2756a68 1224 other = manager_get_unit(u->manager, name);
7410616c
LP		 1225 if (other)
1226 return unit_merge(u, other);
23a177ef 1227
7410616c 1228 return unit_add_name(u, name);
23a177ef
LP		 1229}
1230
1231Unit* unit_follow_merge(Unit *u) {
1232 assert(u);
1233
ac155bb8
MS		 1234 while (u->load_state == UNIT_MERGED)
1235 assert_se(u = u->merged_into);
23a177ef
LP		 1236
1237 return u;
1238}
1239
1240int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
1241 int r;
1242
1243 assert(u);
1244 assert(c);
1245
a8c5a4c6
YW		 1246 /* Unlike unit_add_dependency() or friends, this always returns 0 on success. */
1247
61aa5f70
LB		 1248 if (c->working_directory) {
1249 r = unit_add_mounts_for(
1250 u,
1251 c->working_directory,
1252 UNIT_DEPENDENCY_FILE,
1253 c->working_directory_missing_ok ? UNIT_MOUNT_WANTS : UNIT_MOUNT_REQUIRES);
36be24c8
ZJS		 1254 if (r < 0)
1255 return r;
1256 }
1257
1258 if (c->root_directory) {
ebc75103 1259 r = unit_add_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE, UNIT_MOUNT_WANTS);
36be24c8
ZJS		 1260 if (r < 0)
1261 return r;
1262 }
1263
915e6d16 1264 if (c->root_image) {
ebc75103 1265 r = unit_add_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE, UNIT_MOUNT_WANTS);
915e6d16
LP		 1266 if (r < 0)
1267 return r;
1268 }
1269
12375b95 1270 for (ExecDirectoryType dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
ada5e276
YW		 1271 if (!u->manager->prefix[dt])
1272 continue;
1273
5e702203 1274 FOREACH_ARRAY(i, c->directories[dt].items, c->directories[dt].n_items) {
c2b2df60 1275 _cleanup_free_ char *p = NULL;
ada5e276 1276
5e702203 1277 p = path_join(u->manager->prefix[dt], i->path);
ada5e276
YW		 1278 if (!p)
1279 return -ENOMEM;
1280
9e615fa3 1281 r = unit_add_mounts_for(u, p, UNIT_DEPENDENCY_FILE, UNIT_MOUNT_REQUIRES);
ada5e276
YW		 1282 if (r < 0)
1283 return r;
1284 }
1285 }
1286
463d0d15 1287 if (!MANAGER_IS_SYSTEM(u->manager))
b46a529c
LP		 1288 return 0;
1289
f3b7a79b
LP		 1290 /* For the following three directory types we need write access, and /var/ is possibly on the root
1291 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
211a3d87
LB		 1292 if (c->directories[EXEC_DIRECTORY_STATE].n_items > 0 ||
1293 c->directories[EXEC_DIRECTORY_CACHE].n_items > 0 ||
1294 c->directories[EXEC_DIRECTORY_LOGS].n_items > 0) {
f3b7a79b
LP		 1295 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_REMOUNT_FS_SERVICE, true, UNIT_DEPENDENCY_FILE);
1296 if (r < 0)
1297 return r;
1298 }
1299
6156bec7
YW		 1300 /* This must be already set in unit_patch_contexts(). */
1301 assert(c->private_var_tmp >= 0 && c->private_var_tmp < _PRIVATE_TMP_MAX);
1302
0e551b04 1303 if (c->private_tmp == PRIVATE_TMP_CONNECTED) {
6156bec7
YW		 1304 assert(c->private_var_tmp == PRIVATE_TMP_CONNECTED);
1305
a4b1232d 1306 r = unit_add_mounts_for(u, "/tmp/", UNIT_DEPENDENCY_FILE, UNIT_MOUNT_WANTS);
b2c7d1bb
FB		 1307 if (r < 0)
1308 return r;
1309
a4b1232d 1310 r = unit_add_mounts_for(u, "/var/tmp/", UNIT_DEPENDENCY_FILE, UNIT_MOUNT_WANTS);
b2c7d1bb
FB		 1311 if (r < 0)
1312 return r;
b46a529c 1313
35d8c19a 1314 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, true, UNIT_DEPENDENCY_FILE);
b46a529c
LP		 1315 if (r < 0)
1316 return r;
6156bec7
YW		 1317
1318 } else if (c->private_var_tmp == PRIVATE_TMP_DISCONNECTED && !exec_context_with_rootfs(c)) {
1319 /* Even if PrivateTmp=disconnected, we still require /var/tmp/ mountpoint to be present,
1320 * i.e. /var/ needs to be mounted. See comments in unit_patch_contexts(). */
1321 r = unit_add_mounts_for(u, "/var/", UNIT_DEPENDENCY_FILE, UNIT_MOUNT_WANTS);
1322 if (r < 0)
1323 return r;
b46a529c
LP		 1324 }
1325
33b58dfb
LP		 1326 if (c->root_image) {
1327 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1328 * implicit dependency on udev */
1329
1330 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_UDEVD_SERVICE, true, UNIT_DEPENDENCY_FILE);
1331 if (r < 0)
1332 return r;
1333 }
1334
91dd5f7c
LP		 1335 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1336 * is run first. */
91dd5f7c 1337 if (c->log_namespace) {
2b699c23
YW		 1338 static const struct {
1339 const char *template;
1340 UnitType type;
1341 } deps[] = {
1342 { "systemd-journald", UNIT_SOCKET, },
1343 { "systemd-journald-varlink", UNIT_SOCKET, },
1344 { "systemd-journald-sync", UNIT_SERVICE, },
1345 };
1346
1347 FOREACH_ELEMENT(i, deps) {
1348 _cleanup_free_ char *unit = NULL;
23a177ef 1349
2b699c23 1350 r = unit_name_build_from_type(i->template, c->log_namespace, i->type, &unit);
06c0f569
MY		 1351 if (r < 0)
1352 return r;
61628287 1353
2b699c23 1354 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, unit, true, UNIT_DEPENDENCY_FILE);
06c0f569
MY		 1355 if (r < 0)
1356 return r;
1357 }
813c96c0
MY		 1358 } else if (IN_SET(c->std_output, EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1359 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) ||
1360 IN_SET(c->std_error, EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1361 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE)) {
1362
91dd5f7c 1363 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, true, UNIT_DEPENDENCY_FILE);
ce18c396
LP		 1364 if (r < 0)
1365 return r;
1366 }
1367
87f0e418
LP		 1368 return 0;
1369}
1370
04d232d8 1371const char* unit_description(Unit *u) {
87f0e418
LP		 1372 assert(u);
1373
ac155bb8
MS		 1374 if (u->description)
1375 return u->description;
87f0e418 1376
ac155bb8 1377 return strna(u->id);
87f0e418
LP		 1378}
1379
e6a16a82 1380const char* unit_status_string(Unit *u, char **ret_combined_buffer) {
2a8f53c6 1381 assert(u);
04d232d8 1382 assert(u->id);
2a8f53c6 1383
04d232d8
ZJS		 1384 /* Return u->id, u->description, or "{u->id} - {u->description}".
1385 * Versions with u->description are only used if it is set.
e6a16a82
ZJS		 1386 * The last option is used if configured and the caller provided the 'ret_combined_buffer'
1387 * pointer.
1388 *
1389 * Note that *ret_combined_buffer may be set to NULL. */
04d232d8
ZJS		 1390
1391 if (!u->description ||
1392 u->manager->status_unit_format == STATUS_UNIT_FORMAT_NAME ||
e6a16a82
ZJS		 1393 (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && !ret_combined_buffer) ||
1394 streq(u->description, u->id)) {
1395
1396 if (ret_combined_buffer)
1397 *ret_combined_buffer = NULL;
2a8f53c6 1398 return u->id;
e6a16a82 1399 }
2a8f53c6 1400
e6a16a82
ZJS		 1401 if (ret_combined_buffer) {
1402 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED) {
1403 *ret_combined_buffer = strjoin(u->id, " - ", u->description);
1404 if (*ret_combined_buffer)
1405 return *ret_combined_buffer;
1406 log_oom(); /* Fall back to ->description */
04d232d8 1407 } else
e6a16a82 1408 *ret_combined_buffer = NULL;
04d232d8
ZJS		 1409 }
1410
1411 return u->description;
2a8f53c6
ZJS		 1412}
1413
87f0e418 1414/* Common implementation for multiple backends */
c3620770 1415int unit_load_fragment_and_dropin(Unit *u, bool fragment_required) {
23a177ef
LP		 1416 int r;
1417
1418 assert(u);
23a177ef 1419
e48614c4 1420 /* Load a .{service,socket,...} file */
4ad49000
LP		 1421 r = unit_load_fragment(u);
1422 if (r < 0)
23a177ef
LP		 1423 return r;
1424
c3620770
ZJS		 1425 if (u->load_state == UNIT_STUB) {
1426 if (fragment_required)
1427 return -ENOENT;
1428
1429 u->load_state = UNIT_LOADED;
1430 }
23a177ef 1431
740cd1e0
MY		 1432 u = unit_follow_merge(u);
1433
9e4ea9cc
ZJS		 1434 /* Load drop-in directory data. If u is an alias, we might be reloading the
1435 * target unit needlessly. But we cannot be sure which drops-ins have already
1436 * been loaded and which not, at least without doing complicated book-keeping,
1437 * so let's always reread all drop-ins. */
740cd1e0 1438 r = unit_load_dropin(u);
c9e06956
ZJS		 1439 if (r < 0)
1440 return r;
1441
1442 if (u->source_path) {
1443 struct stat st;
1444
1445 if (stat(u->source_path, &st) >= 0)
1446 u->source_mtime = timespec_load(&st.st_mtim);
1447 else
1448 u->source_mtime = 0;
1449 }
1450
1451 return 0;
23a177ef
LP		 1452}
1453
19496554 1454void unit_add_to_target_deps_queue(Unit *u) {
fbd747a4 1455 Manager *m = ASSERT_PTR(ASSERT_PTR(u)->manager);
c9958c4f 1456
19496554
MS		 1457 if (u->in_target_deps_queue)
1458 return;
1459
1460 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1461 u->in_target_deps_queue = true;
1462}
1463
bba34eed 1464int unit_add_default_target_dependency(Unit *u, Unit *target) {
98bc2000
LP		 1465 assert(u);
1466 assert(target);
1467
ac155bb8 1468 if (target->type != UNIT_TARGET)
98bc2000
LP		 1469 return 0;
1470
35b8ca3a 1471 /* Only add the dependency if both units are loaded, so that
bba34eed 1472 * that loop check below is reliable */
ac155bb8
MS		 1473 if (u->load_state != UNIT_LOADED ||
1474 target->load_state != UNIT_LOADED)
bba34eed
LP		 1475 return 0;
1476
21256a2b
LP		 1477 /* If either side wants no automatic dependencies, then let's
1478 * skip this */
ac155bb8
MS		 1479 if (!u->default_dependencies ||
1480 !target->default_dependencies)
21256a2b
LP		 1481 return 0;
1482
98bc2000 1483 /* Don't create loops */
15ed3c3a 1484 if (unit_has_dependency(target, UNIT_ATOM_BEFORE, u))
98bc2000
LP		 1485 return 0;
1486
eef85c4a 1487 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
98bc2000
LP		 1488}
1489
e954c9cf 1490static int unit_add_slice_dependencies(Unit *u) {
12f64221 1491 Unit *slice;
3b23501a 1492
e954c9cf 1493 assert(u);
b81884e7 1494
35b7ff80 1495 if (!UNIT_HAS_CGROUP_CONTEXT(u))
e954c9cf
LP		 1496 return 0;
1497
eef85c4a
LP		 1498 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1499 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1500 relationship). */
f6173cb9 1501 UnitDependencyMask mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
eef85c4a 1502
12f64221 1503 slice = UNIT_GET_SLICE(u);
3b23501a
MY		 1504 if (slice) {
1505 if (!IN_SET(slice->freezer_state, FREEZER_RUNNING, FREEZER_THAWING))
1506 u->freezer_state = FREEZER_FROZEN_BY_PARENT;
1507
12f64221 1508 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, slice, true, mask);
3b23501a 1509 }
e954c9cf 1510
8c8da0e0 1511 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
d1fab3fe
ZJS		 1512 return 0;
1513
5a724170 1514 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, true, mask);
98bc2000
LP		 1515}
1516
e954c9cf 1517static int unit_add_mount_dependencies(Unit *u) {
a8c5a4c6 1518 bool changed = false;
9588bc32
LP		 1519 int r;
1520
1521 assert(u);
1522
9e615fa3
LB		 1523 for (UnitMountDependencyType t = 0; t < _UNIT_MOUNT_DEPENDENCY_TYPE_MAX; ++t) {
1524 UnitDependencyInfo di;
1525 const char *path;
9588bc32 1526
9e615fa3 1527 HASHMAP_FOREACH_KEY(di.data, path, u->mounts_for[t]) {
9588bc32 1528
9e615fa3 1529 char prefix[strlen(ASSERT_PTR(path)) + 1];
c7c89abb 1530
9e615fa3
LB		 1531 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1532 _cleanup_free_ char *p = NULL;
1533 Unit *m;
9588bc32 1534
9e615fa3
LB		 1535 r = unit_name_from_path(prefix, ".mount", &p);
1536 if (r == -EINVAL)
1537 continue; /* If the path cannot be converted to a mount unit name,
1538 * then it's not manageable as a unit by systemd, and
1539 * hence we don't need a dependency on it. Let's thus
1540 * silently ignore the issue. */
1541 if (r < 0)
1542 return r;
9588bc32 1543
9e615fa3
LB		 1544 m = manager_get_unit(u->manager, p);
1545 if (!m) {
1546 /* Make sure to load the mount unit if it exists. If so the
1547 * dependencies on this unit will be added later during the loading
1548 * of the mount unit. */
1549 (void) manager_load_unit_prepare(
1550 u->manager,
1551 p,
1552 /* path= */NULL,
1553 /* e= */NULL,
1554 &m);
1555 continue;
1556 }
1557 if (m == u)
1558 continue;
1559
1560 if (m->load_state != UNIT_LOADED)
1561 continue;
9588bc32 1562
9e615fa3
LB		 1563 r = unit_add_dependency(
1564 u,
1565 UNIT_AFTER,
1566 m,
1567 /* add_reference= */ true,
1568 di.origin_mask);
9588bc32
LP		 1569 if (r < 0)
1570 return r;
a8c5a4c6 1571 changed = changed || r > 0;
9e615fa3
LB		 1572
1573 if (m->fragment_path) {
1574 r = unit_add_dependency(
1575 u,
1576 unit_mount_dependency_type_to_dependency_type(t),
1577 m,
1578 /* add_reference= */ true,
1579 di.origin_mask);
1580 if (r < 0)
1581 return r;
1582 changed = changed || r > 0;
1583 }
9588bc32
LP		 1584 }
1585 }
1586 }
1587
a8c5a4c6 1588 return changed;
9588bc32
LP		 1589}
1590
a2db0225
AZ		 1591static int unit_add_oomd_dependencies(Unit *u) {
1592 CGroupContext *c;
2a4efebb
ZJS		 1593 CGroupMask mask;
1594 int r;
a2db0225
AZ		 1595
1596 assert(u);
1597
1598 if (!u->default_dependencies)
1599 return 0;
1600
1601 c = unit_get_cgroup_context(u);
1602 if (!c)
1603 return 0;
1604
2a4efebb 1605 bool wants_oomd = c->moom_swap == MANAGED_OOM_KILL || c->moom_mem_pressure == MANAGED_OOM_KILL;
a2db0225
AZ		 1606 if (!wants_oomd)
1607 return 0;
1608
2a4efebb
ZJS		 1609 r = cg_mask_supported(&mask);
1610 if (r < 0)
1611 return log_debug_errno(r, "Failed to determine supported controllers: %m");
1612
1613 if (!FLAGS_SET(mask, CGROUP_MASK_MEMORY))
1614 return 0;
1615
a8c5a4c6 1616 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "systemd-oomd.service", true, UNIT_DEPENDENCY_FILE);
a2db0225
AZ		 1617}
1618
95ae05c0 1619static int unit_add_startup_units(Unit *u) {
9dfb6a3a 1620 if (!unit_has_startup_cgroup_constraints(u))
db785129
LP		 1621 return 0;
1622
de7fef4b 1623 return set_ensure_put(&u->manager->startup_units, NULL, u);
95ae05c0
WC		 1624}
1625
9faeb2d0
MY		 1626static const struct {
1627 UnitDependencyAtom atom;
1628 size_t job_mode_offset;
1629 const char *dependency_name;
1630 const char *job_mode_setting_name;
1631} on_termination_settings[] = {
1632 { UNIT_ATOM_ON_SUCCESS, offsetof(Unit, on_success_job_mode), "OnSuccess=", "OnSuccessJobMode=" },
1633 { UNIT_ATOM_ON_FAILURE, offsetof(Unit, on_failure_job_mode), "OnFailure=", "OnFailureJobMode=" },
1634};
294446dc 1635
9faeb2d0
MY		 1636static int unit_validate_on_termination_job_modes(Unit *u) {
1637 assert(u);
294446dc 1638
9faeb2d0 1639 /* Verify that if On{Success,Failure}JobMode=isolate, only one unit gets specified. */
294446dc 1640
9faeb2d0
MY		 1641 FOREACH_ELEMENT(setting, on_termination_settings) {
1642 JobMode job_mode = *(JobMode*) ((uint8_t*) u + setting->job_mode_offset);
1643
1644 if (job_mode != JOB_ISOLATE)
1645 continue;
1646
1647 Unit *other, *found = NULL;
1648 UNIT_FOREACH_DEPENDENCY(other, u, setting->atom) {
1649 if (!found)
1650 found = other;
1651 else if (found != other)
1652 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOEXEC),
1653 "More than one %s dependencies specified but %sisolate set. Refusing.",
1654 setting->dependency_name, setting->job_mode_setting_name);
1655 }
294446dc
LP		 1656 }
1657
1658 return 0;
1659}
1660
87f0e418
LP		 1661int unit_load(Unit *u) {
1662 int r;
1663
1664 assert(u);
1665
ac155bb8 1666 if (u->in_load_queue) {
71fda00f 1667 LIST_REMOVE(load_queue, u->manager->load_queue, u);
ac155bb8 1668 u->in_load_queue = false;
87f0e418
LP		 1669 }
1670
ac155bb8 1671 if (u->type == _UNIT_TYPE_INVALID)
e537352b
LP		 1672 return -EINVAL;
1673
ac155bb8 1674 if (u->load_state != UNIT_STUB)
87f0e418
LP		 1675 return 0;
1676
4f4afc88 1677 if (u->transient_file) {
66fa4bdd
LP		 1678 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1679 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1680
4f4afc88
LP		 1681 r = fflush_and_check(u->transient_file);
1682 if (r < 0)
1683 goto fail;
1684
50fb00b7 1685 u->transient_file = safe_fclose(u->transient_file);
f76707da 1686 u->fragment_mtime = now(CLOCK_REALTIME);
4f4afc88
LP		 1687 }
1688
c3784a7d
ZJS		 1689 r = UNIT_VTABLE(u)->load(u);
1690 if (r < 0)
23a177ef 1691 goto fail;
c3784a7d
ZJS		 1692
1693 assert(u->load_state != UNIT_STUB);
23a177ef 1694
7c8fa05c 1695 if (u->load_state == UNIT_LOADED) {
19496554 1696 unit_add_to_target_deps_queue(u);
e954c9cf
LP		 1697
1698 r = unit_add_slice_dependencies(u);
1699 if (r < 0)
1700 goto fail;
c2756a68 1701
e954c9cf 1702 r = unit_add_mount_dependencies(u);
7c8fa05c 1703 if (r < 0)
c2756a68 1704 goto fail;
7c8fa05c 1705
a2db0225
AZ		 1706 r = unit_add_oomd_dependencies(u);
1707 if (r < 0)
1708 goto fail;
1709
95ae05c0
WC		 1710 r = unit_add_startup_units(u);
1711 if (r < 0)
1712 goto fail;
1713
9faeb2d0 1714 r = unit_validate_on_termination_job_modes(u);
294446dc
LP		 1715 if (r < 0)
1716 goto fail;
bc432dc7 1717
a2df3ea4
MK		 1718 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1719 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1720
5af88058
LP		 1721 /* We finished loading, let's ensure our parents recalculate the members mask */
1722 unit_invalidate_cgroup_members_masks(u);
f68319bb
LP		 1723 }
1724
ac155bb8 1725 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
23a177ef
LP		 1726
1727 unit_add_to_dbus_queue(unit_follow_merge(u));
701cc384 1728 unit_add_to_gc_queue(u);
f561e8c6 1729 (void) manager_varlink_send_managed_oom_update(u);
87f0e418 1730
87f0e418
LP		 1731 return 0;
1732
1733fail:
81be2388
ZJS		 1734 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code
1735 * should hence return ENOEXEC to ensure units are placed in this state after loading. */
c4555ad8
LP		 1736
1737 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1738 r == -ENOEXEC ? UNIT_BAD_SETTING :
1739 UNIT_ERROR;
ac155bb8 1740 u->load_error = r;
c4555ad8 1741
c149d2b4
ZJS		 1742 /* Record the timestamp on the cache, so that if the cache gets updated between now and the next time
1743 * an attempt is made to load this unit, we know we need to check again. */
7233e91a 1744 if (u->load_state == UNIT_NOT_FOUND)
c2911d48 1745 u->fragment_not_found_timestamp_hash = u->manager->unit_cache_timestamp_hash;
7233e91a 1746
c1e1601e 1747 unit_add_to_dbus_queue(u);
9a46fc3b 1748 unit_add_to_gc_queue(u);
23a177ef 1749
c4555ad8 1750 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
87f0e418
LP		 1751}
1752
f9f88198
YW		 1753_printf_(7, 8)
1754static int log_unit_internal(void *userdata, int level, int error, const char *file, int line, const char *func, const char *format, ...) {
1755 Unit *u = userdata;
1756 va_list ap;
1757 int r;
49365733 1758
c2503e35
RH		 1759 if (u && !unit_log_level_test(u, level))
1760 return -ERRNO_VALUE(error);
1761
f9f88198
YW		 1762 va_start(ap, format);
1763 if (u)
1764 r = log_object_internalv(level, error, file, line, func,
64fd6ba9 1765 unit_log_field(u),
f9f88198 1766 u->id,
64fd6ba9 1767 unit_invocation_log_field(u),
f9f88198
YW		 1768 u->invocation_id_string,
1769 format, ap);
1770 else
1771 r = log_internalv(level, error, file, line, func, format, ap);
1772 va_end(ap);
49365733 1773
f9f88198 1774 return r;
49365733
LP		 1775}
1776
97a3f4ee 1777static bool unit_test_condition(Unit *u) {
a0b191b7
LP		 1778 _cleanup_strv_free_ char **env = NULL;
1779 int r;
1780
90bbc946
LP		 1781 assert(u);
1782
fa5a0251 1783 dual_timestamp_now(&u->condition_timestamp);
90bbc946 1784
a0b191b7
LP		 1785 r = manager_get_effective_environment(u->manager, &env);
1786 if (r < 0) {
1787 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
d52cc0a5 1788 u->condition_result = true;
a0b191b7
LP		 1789 } else
1790 u->condition_result = condition_test_list(
1791 u->conditions,
1792 env,
1793 condition_type_to_string,
1794 log_unit_internal,
1795 u);
e18f8852 1796
a0b191b7 1797 unit_add_to_dbus_queue(u);
ac155bb8 1798 return u->condition_result;
90bbc946
LP		 1799}
1800
97a3f4ee 1801static bool unit_test_assert(Unit *u) {
a0b191b7
LP		 1802 _cleanup_strv_free_ char **env = NULL;
1803 int r;
1804
59fccdc5
LP		 1805 assert(u);
1806
fa5a0251 1807 dual_timestamp_now(&u->assert_timestamp);
59fccdc5 1808
a0b191b7
LP		 1809 r = manager_get_effective_environment(u->manager, &env);
1810 if (r < 0) {
1811 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1812 u->assert_result = CONDITION_ERROR;
1813 } else
1814 u->assert_result = condition_test_list(
1815 u->asserts,
1816 env,
1817 assert_type_to_string,
1818 log_unit_internal,
1819 u);
e18f8852 1820
a0b191b7 1821 unit_add_to_dbus_queue(u);
59fccdc5
LP		 1822 return u->assert_result;
1823}
1824
04d232d8
ZJS		 1825void unit_status_printf(Unit *u, StatusType status_type, const char *status, const char *format, const char *ident) {
1826 if (log_get_show_color()) {
1827 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && strchr(ident, ' '))
1828 ident = strjoina(ANSI_HIGHLIGHT, u->id, ANSI_NORMAL, " - ", u->description);
1829 else
1830 ident = strjoina(ANSI_HIGHLIGHT, ident, ANSI_NORMAL);
1831 }
5b262f74 1832
df446f96 1833 DISABLE_WARNING_FORMAT_NONLITERAL;
04d232d8 1834 manager_status_printf(u->manager, status_type, status, format, ident);
df446f96
LP		 1835 REENABLE_WARNING;
1836}
1837
97a3f4ee 1838int unit_test_start_limit(Unit *u) {
429926e9
TR		 1839 const char *reason;
1840
6bf0f408
LP		 1841 assert(u);
1842
7bf081a1 1843 if (ratelimit_below(&u->start_ratelimit)) {
6bf0f408
LP		 1844 u->start_limit_hit = false;
1845 return 0;
1846 }
1847
1848 log_unit_warning(u, "Start request repeated too quickly.");
1849 u->start_limit_hit = true;
1850
429926e9
TR		 1851 reason = strjoina("unit ", u->id, " failed");
1852
96a0cfbf
LP		 1853 emergency_action(
1854 u->manager,
1855 u->start_limit_action,
1856 EMERGENCY_ACTION_IS_WATCHDOG|EMERGENCY_ACTION_WARN|EMERGENCY_ACTION_SLEEP_5S,
1857 u->reboot_arg,
1858 /* exit_status= */ -1,
1859 reason);
36c4dc08
LP		 1860
1861 return -ECANCELED;
6bf0f408
LP		 1862}
1863
631b676b
LP		 1864static bool unit_verify_deps(Unit *u) {
1865 Unit *other;
631b676b
LP		 1866
1867 assert(u);
1868
defe63b0
LP		 1869 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined
1870 * with After=. We do not check Requires= or Requisite= here as they only should have an effect on
1871 * the job processing, but do not have any effect afterwards. We don't check BindsTo= dependencies
1872 * that are not used in conjunction with After= as for them any such check would make things entirely
1873 * racy. */
631b676b 1874
15ed3c3a 1875 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
631b676b 1876
15ed3c3a 1877 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other))
631b676b
LP		 1878 continue;
1879
1880 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1881 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1882 return false;
1883 }
1884 }
1885
1886 return true;
1887}
1888
9adb6959 1889/* Errors that aren't really errors:
9ca16f6f
LP		 1890 * -EALREADY: Unit is already started.
1891 * -ECOMM: Condition failed
1892 * -EAGAIN: An operation is already in progress. Retry later.
9adb6959
LP		 1893 *
1894 * Errors that are real errors:
9ca16f6f
LP		 1895 * -EBADR: This unit type does not support starting.
1896 * -ECANCELED: Start limit hit, too many requests for now
1897 * -EPROTO: Assert failed
1898 * -EINVAL: Unit not loaded
1899 * -EOPNOTSUPP: Unit type not supported
1900 * -ENOLINK: The necessary dependencies are not fulfilled.
1901 * -ESTALE: This unit has been started before and can't be started a second time
1902 * -EDEADLK: This unit is frozen
1903 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
1904 * -ETOOMANYREFS: The hard concurrency limit of at least one of the slices the unit is contained in has been reached
87f0e418 1905 */
48b92b37 1906int unit_start(Unit *u, ActivationDetails *details) {
87f0e418 1907 UnitActiveState state;
92ab323c 1908 Unit *following;
5f37c1a9 1909 int r;
87f0e418
LP		 1910
1911 assert(u);
1912
47261967
LP		 1913 /* Let's hold off running start jobs for mount units when /proc/self/mountinfo monitor is ratelimited. */
1914 if (UNIT_VTABLE(u)->subsystem_ratelimited) {
1915 r = UNIT_VTABLE(u)->subsystem_ratelimited(u->manager);
1916 if (r < 0)
1917 return r;
1918 if (r > 0)
1919 return -EAGAIN;
1920 }
b161bc39 1921
5766aca8
LP		 1922 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1923 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1924 * waiting is finished. */
87f0e418
LP		 1925 state = unit_active_state(u);
1926 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1927 return -EALREADY;
380dc8b0
LP		 1928 if (state == UNIT_MAINTENANCE)
1929 return -EAGAIN;
87f0e418 1930
6bf0f408
LP		 1931 /* Units that aren't loaded cannot be started */
1932 if (u->load_state != UNIT_LOADED)
1933 return -EINVAL;
1934
d4fd1cf2
LP		 1935 /* Refuse starting scope units more than once */
1936 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1937 return -ESTALE;
1938
4e1ac54e 1939 /* If the conditions were unmet, don't do anything at all. If we already are activating this call might
5766aca8
LP		 1940 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1941 * recheck the condition in that case. */
a82e5507 1942 if (state != UNIT_ACTIVATING &&
5af6aa58 1943 !unit_test_condition(u))
4e1ac54e 1944 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(ECOMM), "Starting requested but condition not met. Not starting unit.");
52661efd 1945
59fccdc5
LP		 1946 /* If the asserts failed, fail the entire job */
1947 if (state != UNIT_ACTIVATING &&
5766aca8
LP		 1948 !unit_test_assert(u))
1949 return log_unit_notice_errno(u, SYNTHETIC_ERRNO(EPROTO), "Starting requested but asserts failed.");
59fccdc5 1950
5766aca8
LP		 1951 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1952 * condition checks, so that we rather return condition check errors (which are usually not
1953 * considered a true failure) than "not supported" errors (which are considered a failure).
d11a7645 1954 */
96cf3ec9 1955 if (!unit_type_supported(u->type))
d11a7645
LP		 1956 return -EOPNOTSUPP;
1957
5766aca8
LP		 1958 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1959 * should have taken care of this already, but let's check this here again. After all, our
413e8650 1960 * dependencies might not be in effect anymore, due to a reload or due to an unmet condition. */
631b676b
LP		 1961 if (!unit_verify_deps(u))
1962 return -ENOLINK;
1963
92ab323c 1964 /* Forward to the main object, if we aren't it. */
52990c2e
ZJS		 1965 following = unit_following(u);
1966 if (following) {
f2341e0a 1967 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
48b92b37 1968 return unit_start(following, details);
92ab323c
LP		 1969 }
1970
4cb2e6af
AV		 1971 /* Check to make sure the unit isn't frozen */
1972 if (u->freezer_state != FREEZER_RUNNING)
1973 return -EDEADLK;
1974
705578c3
MS		 1975 /* Check our ability to start early so that failure conditions don't cause us to enter a busy loop. */
1976 if (UNIT_VTABLE(u)->can_start) {
1977 r = UNIT_VTABLE(u)->can_start(u);
ce2146f5
DDM		 1978 if (r < 0)
1979 return r;
1980 }
1981
92ab323c
LP		 1982 /* If it is stopped, but we cannot start it, then fail */
1983 if (!UNIT_VTABLE(u)->start)
1984 return -EBADR;
1985
9ca16f6f
LP		 1986 if (UNIT_IS_INACTIVE_OR_FAILED(state)) {
1987 Slice *slice = SLICE(UNIT_GET_SLICE(u));
1988
1989 if (slice) {
1990 /* Check hard concurrency limit. Note this is partially redundant, we already checked
1991 * this when enqueuing jobs. However, between the time when we enqueued this and the
1992 * time we are dispatching the queue the configuration might have changed, hence
1993 * check here again */
1994 if (slice_concurrency_hard_max_reached(slice, u))
1995 return -ETOOMANYREFS;
1996
1997 /* Also check soft concurrenty limit, and return EAGAIN so that the job is kept in
1998 * the queue */
1999 if (slice_concurrency_soft_max_reached(slice, u))
2000 return -EAGAIN; /* Try again, keep in queue */
2001 }
2002 }
2003
5766aca8
LP		 2004 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
2005 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
2006 * waits for a holdoff timer to elapse before it will start again. */
87f0e418 2007
c1e1601e 2008 unit_add_to_dbus_queue(u);
9e58ff9c 2009
48b92b37
LB		 2010 if (!u->activation_details) /* Older details object wins */
2011 u->activation_details = activation_details_ref(details);
2012
d1a34ae9 2013 return UNIT_VTABLE(u)->start(u);
87f0e418
LP		 2014}
2015
2016bool unit_can_start(Unit *u) {
2017 assert(u);
2018
8ff4d2ab
LP		 2019 if (u->load_state != UNIT_LOADED)
2020 return false;
2021
96cf3ec9 2022 if (!unit_type_supported(u->type))
8ff4d2ab
LP		 2023 return false;
2024
d4fd1cf2
LP		 2025 /* Scope units may be started only once */
2026 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
2027 return false;
2028
87f0e418
LP		 2029 return !!UNIT_VTABLE(u)->start;
2030}
2031
2528a7a6
LP		 2032bool unit_can_isolate(Unit *u) {
2033 assert(u);
2034
2035 return unit_can_start(u) &&
ac155bb8 2036 u->allow_isolate;
2528a7a6
LP		 2037}
2038
87f0e418
LP		 2039/* Errors:
2040 * -EBADR: This unit type does not support stopping.
2041 * -EALREADY: Unit is already stopped.
2042 * -EAGAIN: An operation is already in progress. Retry later.
4cb2e6af 2043 * -EDEADLK: Unit is frozen
87f0e418
LP		 2044 */
2045int unit_stop(Unit *u) {
2046 UnitActiveState state;
92ab323c 2047 Unit *following;
87f0e418
LP		 2048
2049 assert(u);
2050
87f0e418 2051 state = unit_active_state(u);
fdf20a31 2052 if (UNIT_IS_INACTIVE_OR_FAILED(state))
87f0e418
LP		 2053 return -EALREADY;
2054
0faacd47
LP		 2055 following = unit_following(u);
2056 if (following) {
f2341e0a 2057 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
92ab323c
LP		 2058 return unit_stop(following);
2059 }
2060
4cb2e6af
AV		 2061 /* Check to make sure the unit isn't frozen */
2062 if (u->freezer_state != FREEZER_RUNNING)
2063 return -EDEADLK;
2064
7898b0cf
LP		 2065 if (!UNIT_VTABLE(u)->stop)
2066 return -EBADR;
2067
c1e1601e 2068 unit_add_to_dbus_queue(u);
9e58ff9c 2069
d1a34ae9 2070 return UNIT_VTABLE(u)->stop(u);
87f0e418
LP		 2071}
2072
f5869324
LP		 2073bool unit_can_stop(Unit *u) {
2074 assert(u);
2075
39c79477
ZJS		 2076 /* Note: if we return true here, it does not mean that the unit may be successfully stopped.
2077 * Extrinsic units follow external state and they may stop following external state changes
2078 * (hence we return true here), but an attempt to do this through the manager will fail. */
2079
96cf3ec9 2080 if (!unit_type_supported(u->type))
f5869324
LP		 2081 return false;
2082
2083 if (u->perpetual)
2084 return false;
2085
2086 return !!UNIT_VTABLE(u)->stop;
2087}
2088
87f0e418
LP		 2089/* Errors:
2090 * -EBADR: This unit type does not support reloading.
2091 * -ENOEXEC: Unit is not started.
2092 * -EAGAIN: An operation is already in progress. Retry later.
4cb2e6af 2093 * -EDEADLK: Unit is frozen.
87f0e418
LP		 2094 */
2095int unit_reload(Unit *u) {
2096 UnitActiveState state;
92ab323c 2097 Unit *following;
87f0e418
LP		 2098
2099 assert(u);
2100
ac155bb8 2101 if (u->load_state != UNIT_LOADED)
6124958c
LP		 2102 return -EINVAL;
2103
87f0e418
LP		 2104 if (!unit_can_reload(u))
2105 return -EBADR;
2106
2107 state = unit_active_state(u);
b8fa2305
MY		 2108 if (IN_SET(state, UNIT_RELOADING, UNIT_REFRESHING))
2109 /* "refreshing" means some resources in the unit namespace is being updated. Unlike reload,
2110 * the unit processes aren't made aware of refresh. Let's put the job back to queue
2111 * in both cases, as refresh typically takes place before reload and it's better to wait
2112 * for it rather than failing. */
6255af75 2113 return -EAGAIN;
87f0e418 2114
d85ff944
YW		 2115 if (state != UNIT_ACTIVE)
2116 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "Unit cannot be reloaded because it is inactive.");
87f0e418 2117
e48614c4
ZJS		 2118 following = unit_following(u);
2119 if (following) {
f2341e0a 2120 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
92ab323c
LP		 2121 return unit_reload(following);
2122 }
2123
4cb2e6af
AV		 2124 /* Check to make sure the unit isn't frozen */
2125 if (u->freezer_state != FREEZER_RUNNING)
2126 return -EDEADLK;
2127
c1e1601e 2128 unit_add_to_dbus_queue(u);
82a2b6bb 2129
f54bcca5
JR		 2130 if (!UNIT_VTABLE(u)->reload) {
2131 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
96b09de5 2132 unit_notify(u, unit_active_state(u), unit_active_state(u), /* reload_success = */ true);
f54bcca5
JR		 2133 return 0;
2134 }
2135
d1a34ae9 2136 return UNIT_VTABLE(u)->reload(u);
87f0e418
LP		 2137}
2138
2139bool unit_can_reload(Unit *u) {
2140 assert(u);
2141
f54bcca5
JR		 2142 if (UNIT_VTABLE(u)->can_reload)
2143 return UNIT_VTABLE(u)->can_reload(u);
87f0e418 2144
15ed3c3a 2145 if (unit_has_dependency(u, UNIT_ATOM_PROPAGATES_RELOAD_TO, NULL))
87f0e418
LP		 2146 return true;
2147
f54bcca5 2148 return UNIT_VTABLE(u)->reload;
87f0e418
LP		 2149}
2150
a3c1168a 2151bool unit_is_unneeded(Unit *u) {
15ed3c3a 2152 Unit *other;
f3bff0eb
LP		 2153 assert(u);
2154
ac155bb8 2155 if (!u->stop_when_unneeded)
a3c1168a 2156 return false;
f3bff0eb 2157
a3c1168a 2158 /* Don't clean up while the unit is transitioning or is even inactive. */
116654d2 2159 if (unit_active_state(u) != UNIT_ACTIVE)
a3c1168a
LP		 2160 return false;
2161 if (u->job)
2162 return false;
f3bff0eb 2163
15ed3c3a 2164 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_PINS_STOP_WHEN_UNNEEDED) {
fda09318 2165 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
a3c1168a 2166 * restart, then don't clean this one up. */
b81884e7 2167
15ed3c3a
LP		 2168 if (other->job)
2169 return false;
a3c1168a 2170
15ed3c3a
LP		 2171 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2172 return false;
a3c1168a 2173
15ed3c3a
LP		 2174 if (unit_will_restart(other))
2175 return false;
bea355da
LP		 2176 }
2177
a3c1168a
LP		 2178 return true;
2179}
f3bff0eb 2180
0bc488c9
LP		 2181bool unit_is_upheld_by_active(Unit *u, Unit **ret_culprit) {
2182 Unit *other;
2183
2184 assert(u);
2185
2186 /* Checks if the unit needs to be started because it currently is not running, but some other unit
2187 * that is active declared an Uphold= dependencies on it */
2188
2189 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)) || u->job) {
2190 if (ret_culprit)
2191 *ret_culprit = NULL;
2192 return false;
2193 }
2194
2195 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_START_STEADILY) {
2196 if (other->job)
2197 continue;
2198
2199 if (UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
2200 if (ret_culprit)
2201 *ret_culprit = other;
2202 return true;
2203 }
2204 }
2205
2206 if (ret_culprit)
2207 *ret_culprit = NULL;
2208 return false;
2209}
2210
56c59592
LP		 2211bool unit_is_bound_by_inactive(Unit *u, Unit **ret_culprit) {
2212 Unit *other;
2213
2214 assert(u);
2215
2216 /* Checks whether this unit is bound to another unit that is inactive, i.e. whether we should stop
7802194a 2217 * because the other unit is down. */
56c59592
LP		 2218
2219 if (unit_active_state(u) != UNIT_ACTIVE || u->job) {
2220 /* Don't clean up while the unit is transitioning or is even inactive. */
2221 if (ret_culprit)
2222 *ret_culprit = NULL;
2223 return false;
2224 }
2225
2226 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
2227 if (other->job)
2228 continue;
2229
2230 if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other))) {
3da36106 2231 if (ret_culprit)
56c59592
LP		 2232 *ret_culprit = other;
2233
2234 return true;
2235 }
2236 }
2237
2238 if (ret_culprit)
2239 *ret_culprit = NULL;
2240 return false;
2241}
2242
a3c1168a 2243static void check_unneeded_dependencies(Unit *u) {
15ed3c3a 2244 Unit *other;
a3c1168a
LP		 2245 assert(u);
2246
2247 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2248
15ed3c3a
LP		 2249 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_STOP_WHEN_UNNEEDED_QUEUE)
2250 unit_submit_to_stop_when_unneeded_queue(other);
f3bff0eb
LP		 2251}
2252
0bc488c9
LP		 2253static void check_uphold_dependencies(Unit *u) {
2254 Unit *other;
2255 assert(u);
2256
2257 /* Add all units this unit depends on to the queue that processes Uphold= behaviour. */
2258
2259 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_START_WHEN_UPHELD_QUEUE)
2260 unit_submit_to_start_when_upheld_queue(other);
2261}
2262
56c59592 2263static void check_bound_by_dependencies(Unit *u) {
ff502445 2264 Unit *other;
ff502445
LP		 2265 assert(u);
2266
56c59592 2267 /* Add all units this unit depends on to the queue that processes BindsTo= stop behaviour. */
ff502445 2268
56c59592
LP		 2269 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_CANNOT_BE_ACTIVE_WITHOUT_QUEUE)
2270 unit_submit_to_stop_when_bound_queue(other);
ff502445
LP		 2271}
2272
87f0e418 2273static void retroactively_start_dependencies(Unit *u) {
87f0e418
LP		 2274 Unit *other;
2275
2276 assert(u);
2277 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2278
15ed3c3a
LP		 2279 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_REPLACE) /* Requires= + BindsTo= */
2280 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
b81884e7 2281 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
d993ad6c 2282 (void) manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, /* error = */ NULL, /* ret = */ NULL);
b81884e7 2283
15ed3c3a
LP		 2284 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_FAIL) /* Wants= */
2285 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
b81884e7 2286 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
d993ad6c 2287 (void) manager_add_job(u->manager, JOB_START, other, JOB_FAIL, /* error = */ NULL, /* ret = */ NULL);
87f0e418 2288
15ed3c3a 2289 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_START) /* Conflicts= (and inverse) */
b81884e7 2290 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
d993ad6c 2291 (void) manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, /* error = */ NULL, /* ret = */ NULL);
87f0e418
LP		 2292}
2293
2294static void retroactively_stop_dependencies(Unit *u) {
87f0e418
LP		 2295 Unit *other;
2296
2297 assert(u);
2298 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2299
b81884e7 2300 /* Pull down units which are bound to us recursively if enabled */
15ed3c3a 2301 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_STOP) /* BoundBy= */
b81884e7 2302 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
d993ad6c 2303 (void) manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, /* error = */ NULL, /* ret = */ NULL);
cd0504d0
MS		 2304}
2305
9faeb2d0
MY		 2306void unit_start_on_termination_deps(Unit *u, UnitDependencyAtom atom) {
2307 const char *dependency_name = NULL;
2308 JobMode job_mode;
2309 unsigned n_jobs = 0;
7f66b026 2310 int r;
c0daa706 2311
9faeb2d0
MY		 2312 /* Act on OnFailure= and OnSuccess= dependencies */
2313
c0daa706 2314 assert(u);
9faeb2d0 2315 assert(u->manager);
294446dc
LP		 2316 assert(IN_SET(atom, UNIT_ATOM_ON_SUCCESS, UNIT_ATOM_ON_FAILURE));
2317
9faeb2d0
MY		 2318 FOREACH_ELEMENT(setting, on_termination_settings)
2319 if (atom == setting->atom) {
2320 job_mode = *(JobMode*) ((uint8_t*) u + setting->job_mode_offset);
2321 dependency_name = setting->dependency_name;
2322 break;
2323 }
2324
2325 assert(dependency_name);
c0daa706 2326
9faeb2d0 2327 Unit *other;
294446dc 2328 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
7f66b026 2329 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
222ae6a8 2330
9faeb2d0 2331 if (n_jobs == 0)
294446dc 2332 log_unit_info(u, "Triggering %s dependencies.", dependency_name);
15ed3c3a 2333
d993ad6c 2334 r = manager_add_job(u->manager, JOB_START, other, job_mode, &error, /* ret = */ NULL);
c1b6628d 2335 if (r < 0)
9faeb2d0
MY		 2336 log_unit_warning_errno(u, r, "Failed to enqueue %s%s job, ignoring: %s",
2337 dependency_name, other->id, bus_error_message(&error, r));
b3a9d980 2338 n_jobs++;
222ae6a8 2339 }
294446dc 2340
9faeb2d0
MY		 2341 if (n_jobs > 0)
2342 log_unit_debug(u, "Triggering %s dependencies done (%u %s).",
82acee14 2343 dependency_name, n_jobs, n_jobs == 1 ? "job" : "jobs");
c0daa706
LP		 2344}
2345
3ecaa09b
LP		 2346void unit_trigger_notify(Unit *u) {
2347 Unit *other;
3ecaa09b
LP		 2348
2349 assert(u);
2350
15ed3c3a 2351 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_TRIGGERED_BY)
3ecaa09b
LP		 2352 if (UNIT_VTABLE(other)->trigger_notify)
2353 UNIT_VTABLE(other)->trigger_notify(other, u);
2354}
2355
37109b85
ZJS		 2356static int raise_level(int log_level, bool condition_info, bool condition_notice) {
2357 if (condition_notice && log_level > LOG_NOTICE)
2358 return LOG_NOTICE;
2359 if (condition_info && log_level > LOG_INFO)
2360 return LOG_INFO;
2361 return log_level;
2362}
2363
915b1d01 2364static int unit_log_resources(Unit *u) {
3e5b96ee
MY		 2365
2366 static const struct {
2367 const char *journal_field;
2368 const char *message_suffix;
2369 } memory_fields[_CGROUP_MEMORY_ACCOUNTING_METRIC_CACHED_LAST + 1] = {
2370 [CGROUP_MEMORY_PEAK] = { "MEMORY_PEAK", "memory peak" },
2371 [CGROUP_MEMORY_SWAP_PEAK] = { "MEMORY_SWAP_PEAK", "memory swap peak" },
2372 }, ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2373 [CGROUP_IP_INGRESS_BYTES] = { "IP_METRIC_INGRESS_BYTES", "incoming IP traffic" },
2374 [CGROUP_IP_EGRESS_BYTES] = { "IP_METRIC_EGRESS_BYTES", "outgoing IP traffic" },
2375 [CGROUP_IP_INGRESS_PACKETS] = { "IP_METRIC_INGRESS_PACKETS", NULL },
2376 [CGROUP_IP_EGRESS_PACKETS] = { "IP_METRIC_EGRESS_PACKETS", NULL },
2377 }, io_fields[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
2378 [CGROUP_IO_READ_BYTES] = { "IO_METRIC_READ_BYTES", "read from disk" },
2379 [CGROUP_IO_WRITE_BYTES] = { "IO_METRIC_WRITE_BYTES", "written to disk" },
2380 [CGROUP_IO_READ_OPERATIONS] = { "IO_METRIC_READ_OPERATIONS", NULL },
2381 [CGROUP_IO_WRITE_OPERATIONS] = { "IO_METRIC_WRITE_OPERATIONS", NULL },
bc40a20e 2382 };
915b1d01 2383
3e5b96ee
MY		 2384 struct iovec *iovec = NULL;
2385 size_t n_iovec = 0;
2386 _cleanup_free_ char *message = NULL, *t = NULL;
2387 nsec_t cpu_nsec = NSEC_INFINITY;
2388 int log_level = LOG_DEBUG; /* May be raised if resources consumed over a threshold */
2389
915b1d01
LP		 2390 assert(u);
2391
3e5b96ee
MY		 2392 CLEANUP_ARRAY(iovec, n_iovec, iovec_array_free);
2393
2394 iovec = new(struct iovec, 1 + (_CGROUP_MEMORY_ACCOUNTING_METRIC_CACHED_LAST + 1) +
2395 _CGROUP_IP_ACCOUNTING_METRIC_MAX + _CGROUP_IO_ACCOUNTING_METRIC_MAX + 4);
2396 if (!iovec)
2397 return log_oom();
2398
915b1d01 2399 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
d03714e4 2400 * accounting was enabled for a unit. It does this in two ways: a friendly human-readable string with reduced
915b1d01
LP		 2401 * information and the complete data in structured fields. */
2402
3e5b96ee
MY		 2403 (void) unit_get_cpu_usage(u, &cpu_nsec);
2404 if (cpu_nsec != NSEC_INFINITY) {
915b1d01 2405 /* Format the CPU time for inclusion in the structured log message */
3e5b96ee
MY		 2406 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, cpu_nsec) < 0)
2407 return log_oom();
2408 iovec[n_iovec++] = IOVEC_MAKE_STRING(TAKE_PTR(t));
915b1d01
LP		 2409
2410 /* Format the CPU time for inclusion in the human language message string */
3e5b96ee
MY		 2411 if (strextendf_with_separator(&message, ", ",
2412 "Consumed %s CPU time",
2413 FORMAT_TIMESPAN(cpu_nsec / NSEC_PER_USEC, USEC_PER_MSEC)) < 0)
2414 return log_oom();
37109b85
ZJS		 2415
2416 log_level = raise_level(log_level,
3e5b96ee
MY		 2417 cpu_nsec > MENTIONWORTHY_CPU_NSEC,
2418 cpu_nsec > NOTICEWORTHY_CPU_NSEC);
915b1d01
LP		 2419 }
2420
3e5b96ee 2421 for (CGroupMemoryAccountingMetric metric = 0; metric <= _CGROUP_MEMORY_ACCOUNTING_METRIC_CACHED_LAST; metric++) {
245841a8 2422 uint64_t value = UINT64_MAX;
0531bded 2423
3e5b96ee
MY		 2424 assert(memory_fields[metric].journal_field);
2425 assert(memory_fields[metric].message_suffix);
b1b84bc5 2426
245841a8
MY		 2427 (void) unit_get_memory_accounting(u, metric, &value);
2428 if (value == UINT64_MAX)
3e5b96ee 2429 continue;
0531bded 2430
245841a8 2431 if (asprintf(&t, "%s=%" PRIu64, memory_fields[metric].journal_field, value) < 0)
3e5b96ee
MY		 2432 return log_oom();
2433 iovec[n_iovec++] = IOVEC_MAKE_STRING(TAKE_PTR(t));
aac3384e 2434
245841a8
MY		 2435 /* If value is 0, we don't log it in the MESSAGE= field. */
2436 if (value == 0)
2437 continue;
2438
3e5b96ee 2439 if (strextendf_with_separator(&message, ", ", "%s %s",
245841a8 2440 FORMAT_BYTES(value), memory_fields[metric].message_suffix) < 0)
3e5b96ee 2441 return log_oom();
b1b84bc5
MY		 2442
2443 log_level = raise_level(log_level,
245841a8
MY		 2444 value > MENTIONWORTHY_MEMORY_BYTES,
2445 value > NOTICEWORTHY_MEMORY_BYTES);
aac3384e
FS		 2446 }
2447
bc40a20e 2448 for (CGroupIOAccountingMetric k = 0; k < _CGROUP_IO_ACCOUNTING_METRIC_MAX; k++) {
bc40a20e
LP		 2449 uint64_t value = UINT64_MAX;
2450
3e5b96ee 2451 assert(io_fields[k].journal_field);
bc40a20e 2452
a0020ad8 2453 (void) unit_get_io_accounting(u, k, &value);
bc40a20e
LP		 2454 if (value == UINT64_MAX)
2455 continue;
2456
bc40a20e 2457 /* Format IO accounting data for inclusion in the structured log message */
3e5b96ee
MY		 2458 if (asprintf(&t, "%s=%" PRIu64, io_fields[k].journal_field, value) < 0)
2459 return log_oom();
2460 iovec[n_iovec++] = IOVEC_MAKE_STRING(TAKE_PTR(t));
bc40a20e 2461
245841a8
MY		 2462 /* If value is 0, we don't log it in the MESSAGE= field. */
2463 if (value == 0)
2464 continue;
2465
bc40a20e
LP		 2466 /* Format the IO accounting data for inclusion in the human language message string, but only
2467 * for the bytes counters (and not for the operations counters) */
3e5b96ee
MY		 2468 if (io_fields[k].message_suffix) {
2469 if (strextendf_with_separator(&message, ", ", "%s %s",
2470 FORMAT_BYTES(value), io_fields[k].message_suffix) < 0)
2471 return log_oom();
37109b85 2472
37109b85
ZJS		 2473 log_level = raise_level(log_level,
2474 value > MENTIONWORTHY_IO_BYTES,
2475 value > NOTICEWORTHY_IO_BYTES);
bc40a20e
LP		 2476 }
2477 }
2478
12375b95 2479 for (CGroupIPAccountingMetric m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
915b1d01
LP		 2480 uint64_t value = UINT64_MAX;
2481
3e5b96ee 2482 assert(ip_fields[m].journal_field);
915b1d01
LP		 2483
2484 (void) unit_get_ip_accounting(u, m, &value);
2485 if (value == UINT64_MAX)
2486 continue;
82044702 2487
915b1d01 2488 /* Format IP accounting data for inclusion in the structured log message */
3e5b96ee
MY		 2489 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m].journal_field, value) < 0)
2490 return log_oom();
2491 iovec[n_iovec++] = IOVEC_MAKE_STRING(TAKE_PTR(t));
2492
245841a8
MY		 2493 /* If value is 0, we don't log it in the MESSAGE= field. */
2494 if (value == 0)
2495 continue;
2496
3e5b96ee
MY		 2497 /* Format the IP accounting data for inclusion in the human language message string, but only
2498 * for the bytes counters (and not for the packets counters) */
2499 if (ip_fields[m].message_suffix) {
2500 if (strextendf_with_separator(&message, ", ", "%s %s",
2501 FORMAT_BYTES(value), ip_fields[m].message_suffix) < 0)
2502 return log_oom();
37109b85 2503
37109b85
ZJS		 2504 log_level = raise_level(log_level,
2505 value > MENTIONWORTHY_IP_BYTES,
2506 value > NOTICEWORTHY_IP_BYTES);
82044702 2507 }
915b1d01
LP		 2508 }
2509
3e5b96ee
MY		 2510 /* This check is here because it is the earliest point following all possible log_level assignments.
2511 * (If log_level is assigned anywhere after this point, move this check.) */
2512 if (!unit_log_level_test(u, log_level))
2513 return 0;
2514
915b1d01
LP		 2515 /* Is there any accounting data available at all? */
2516 if (n_iovec == 0) {
3e5b96ee
MY		 2517 assert(!message);
2518 return 0;
915b1d01
LP		 2519 }
2520
3e5b96ee
MY		 2521 t = strjoin("MESSAGE=", u->id, ": ", message ?: "Completed", ".");
2522 if (!t)
2523 return log_oom();
2524 iovec[n_iovec++] = IOVEC_MAKE_STRING(TAKE_PTR(t));
915b1d01 2525
3e5b96ee
MY		 2526 if (!set_iovec_string_field(iovec, &n_iovec, "MESSAGE_ID=", SD_MESSAGE_UNIT_RESOURCES_STR))
2527 return log_oom();
915b1d01 2528
64fd6ba9 2529 if (!set_iovec_string_field(iovec, &n_iovec, unit_log_field(u), u->id))
3e5b96ee 2530 return log_oom();
915b1d01 2531
64fd6ba9 2532 if (!set_iovec_string_field(iovec, &n_iovec, unit_invocation_log_field(u), u->invocation_id_string))
3e5b96ee 2533 return log_oom();
915b1d01 2534
3e5b96ee 2535 log_unit_struct_iovec(u, log_level, iovec, n_iovec);
915b1d01 2536
3e5b96ee 2537 return 0;
915b1d01
LP		 2538}
2539
adefcf28
LP		 2540static void unit_update_on_console(Unit *u) {
2541 bool b;
2542
2543 assert(u);
2544
2545 b = unit_needs_console(u);
2546 if (u->on_console == b)
2547 return;
2548
2549 u->on_console = b;
2550 if (b)
2551 manager_ref_console(u->manager);
2552 else
2553 manager_unref_console(u->manager);
adefcf28
LP		 2554}
2555
6eb65e7c
LP		 2556static void unit_emit_audit_start(Unit *u) {
2557 assert(u);
2558
d52b8493 2559 if (UNIT_VTABLE(u)->audit_start_message_type <= 0)
6eb65e7c
LP		 2560 return;
2561
2562 /* Write audit record if we have just finished starting up */
d52b8493 2563 manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_start_message_type, /* success= */ true);
6eb65e7c
LP		 2564 u->in_audit = true;
2565}
2566
2567static void unit_emit_audit_stop(Unit *u, UnitActiveState state) {
2568 assert(u);
2569
d52b8493 2570 if (UNIT_VTABLE(u)->audit_start_message_type <= 0)
6eb65e7c
LP		 2571 return;
2572
2573 if (u->in_audit) {
2574 /* Write audit record if we have just finished shutting down */
d52b8493 2575 manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_stop_message_type, /* success= */ state == UNIT_INACTIVE);
6eb65e7c
LP		 2576 u->in_audit = false;
2577 } else {
2578 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
d52b8493 2579 manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_start_message_type, /* success= */ state == UNIT_INACTIVE);
6eb65e7c
LP		 2580
2581 if (state == UNIT_INACTIVE)
d52b8493 2582 manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_stop_message_type, /* success= */ true);
6eb65e7c
LP		 2583 }
2584}
2585
96b09de5 2586static bool unit_process_job(Job *j, UnitActiveState ns, bool reload_success) {
16c74914 2587 bool unexpected = false;
31cd5f63 2588 JobResult result;
16c74914
LP		 2589
2590 assert(j);
2591
2592 if (j->state == JOB_WAITING)
16c74914
LP		 2593 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2594 * due to EAGAIN. */
2595 job_add_to_run_queue(j);
2596
2597 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2598 * hence needs to invalidate jobs. */
2599
2600 switch (j->type) {
2601
2602 case JOB_START:
2603 case JOB_VERIFY_ACTIVE:
2604
2605 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2606 job_finish_and_invalidate(j, JOB_DONE, true, false);
2607 else if (j->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2608 unexpected = true;
2609
31cd5f63
AZ		 2610 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2611 if (ns == UNIT_FAILED)
2612 result = JOB_FAILED;
31cd5f63
AZ		 2613 else
2614 result = JOB_DONE;
2615
2616 job_finish_and_invalidate(j, result, true, false);
2617 }
16c74914
LP		 2618 }
2619
2620 break;
2621
2622 case JOB_RELOAD:
2623 case JOB_RELOAD_OR_START:
2624 case JOB_TRY_RELOAD:
2625
2626 if (j->state == JOB_RUNNING) {
2627 if (ns == UNIT_ACTIVE)
96b09de5 2628 job_finish_and_invalidate(j, reload_success ? JOB_DONE : JOB_FAILED, true, false);
5162829e 2629 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING, UNIT_REFRESHING)) {
16c74914
LP		 2630 unexpected = true;
2631
2632 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2633 job_finish_and_invalidate(j, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2634 }
2635 }
2636
2637 break;
2638
2639 case JOB_STOP:
2640 case JOB_RESTART:
2641 case JOB_TRY_RESTART:
2642
2643 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2644 job_finish_and_invalidate(j, JOB_DONE, true, false);
2645 else if (j->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2646 unexpected = true;
2647 job_finish_and_invalidate(j, JOB_FAILED, true, false);
2648 }
2649
2650 break;
2651
2652 default:
04499a70 2653 assert_not_reached();
16c74914
LP		 2654 }
2655
2656 return unexpected;
2657}
2658
9ca16f6f
LP		 2659static void unit_recursive_add_to_run_queue(Unit *u) {
2660 assert(u);
2661
2662 if (u->job)
2663 job_add_to_run_queue(u->job);
2664
2665 Unit *child;
2666 UNIT_FOREACH_DEPENDENCY(child, u, UNIT_ATOM_SLICE_OF) {
2667
2668 if (!child->job)
2669 continue;
2670
2671 unit_recursive_add_to_run_queue(child);
2672 }
2673}
2674
2675static void unit_check_concurrency_limit(Unit *u) {
2676 assert(u);
2677
2678 Unit *slice = UNIT_GET_SLICE(u);
2679 if (!slice)
2680 return;
2681
2682 /* If a unit was stopped, maybe it has pending siblings (or children thereof) that can be started now */
2683
2684 if (SLICE(slice)->concurrency_soft_max != UINT_MAX) {
2685 Unit *sibling;
2686 UNIT_FOREACH_DEPENDENCY(sibling, slice, UNIT_ATOM_SLICE_OF) {
2687 if (sibling == u)
2688 continue;
2689
2690 unit_recursive_add_to_run_queue(sibling);
2691 }
2692 }
2693
2694 /* Also go up the tree. */
2695 unit_check_concurrency_limit(slice);
2696}
2697
96b09de5 2698void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_success) {
87f0e418
LP		 2699 assert(u);
2700 assert(os < _UNIT_ACTIVE_STATE_MAX);
2701 assert(ns < _UNIT_ACTIVE_STATE_MAX);
87f0e418 2702
8559b3b7
LP		 2703 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2704 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2705 * remounted this function will be called too! */
87f0e418 2706
f6f271f0 2707 Manager *m = ASSERT_PTR(u->manager);
546ac4f0 2708
3c4832ad
LP		 2709 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2710 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2711 unit_add_to_dbus_queue(u);
2712
b984151e
MY		 2713 /* Update systemd-oomd on the property/state change.
2714 *
2715 * Always send an update if the unit is going into an inactive state so systemd-oomd knows to
2716 * stop monitoring.
2717 * Also send an update whenever the unit goes active; this is to handle a case where an override file
2718 * sets one of the ManagedOOM*= properties to "kill", then later removes it. systemd-oomd needs to
2719 * know to stop monitoring when the unit changes from "kill" -> "auto" on daemon-reload, but we don't
2720 * have the information on the property. Thus, indiscriminately send an update. */
2721 if (os != ns && (UNIT_IS_INACTIVE_OR_FAILED(ns) || UNIT_IS_ACTIVE_OR_RELOADING(ns)))
2722 (void) manager_varlink_send_managed_oom_update(u);
e30bbc90 2723
f755e3b7 2724 /* Update timestamps for state changes */
2c289ea8 2725 if (!MANAGER_IS_RELOADING(m)) {
fa5a0251 2726 dual_timestamp_now(&u->state_change_timestamp);
173e3821 2727
bdbf9951 2728 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2729 u->inactive_exit_timestamp = u->state_change_timestamp;
bdbf9951 2730 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2731 u->inactive_enter_timestamp = u->state_change_timestamp;
bdbf9951
LP		 2732
2733 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2734 u->active_enter_timestamp = u->state_change_timestamp;
bdbf9951 2735 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2736 u->active_exit_timestamp = u->state_change_timestamp;
bdbf9951 2737 }
87f0e418 2738
865cc19a 2739 /* Keep track of failed units */
8724defe 2740 (void) manager_update_failed_units(m, u, ns == UNIT_FAILED);
f755e3b7 2741
d3070fbd
LP		 2742 /* Make sure the cgroup and state files are always removed when we become inactive */
2743 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
ff68472a
ZJS		 2744 SET_FLAG(u->markers,
2745 (1u << UNIT_MARKER_NEEDS_RELOAD)|(1u << UNIT_MARKER_NEEDS_RESTART),
2746 false);
efdb0237 2747 unit_prune_cgroup(u);
d3070fbd 2748 unit_unlink_state_files(u);
ff68472a
ZJS		 2749 } else if (ns != os && ns == UNIT_RELOADING)
2750 SET_FLAG(u->markers, 1u << UNIT_MARKER_NEEDS_RELOAD, false);
fb385181 2751
adefcf28 2752 unit_update_on_console(u);
7ed9f6cd 2753
2c289ea8 2754 if (!MANAGER_IS_RELOADING(m)) {
a1c7334b
LP		 2755 bool unexpected;
2756
2757 /* Let's propagate state changes to the job */
2758 if (u->job)
96b09de5 2759 unexpected = unit_process_job(u->job, ns, reload_success);
a1c7334b
LP		 2760 else
2761 unexpected = true;
f3bff0eb 2762
a1c7334b
LP		 2763 /* If this state change happened without being requested by a job, then let's retroactively start or
2764 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2765 * additional jobs just because something is already activated. */
bdbf9951
LP		 2766
2767 if (unexpected) {
2768 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2769 retroactively_start_dependencies(u);
2770 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2771 retroactively_stop_dependencies(u);
2772 }
5de9682c 2773
256f65d0
LP		 2774 if (UNIT_IS_ACTIVE_OR_RELOADING(ns) && !UNIT_IS_ACTIVE_OR_RELOADING(os)) {
2775 /* This unit just finished starting up */
3b2775c5 2776
6eb65e7c 2777 unit_emit_audit_start(u);
546ac4f0 2778 manager_send_unit_plymouth(m, u);
b2d6bb5b 2779 manager_send_unit_supervisor(m, u, /* active= */ true);
bdbf9951 2780
8c4514b2 2781 } else if (UNIT_IS_INACTIVE_OR_FAILED(ns) && !UNIT_IS_INACTIVE_OR_FAILED(os)) {
915b1d01 2782 /* This unit just stopped/failed. */
256f65d0 2783
6eb65e7c 2784 unit_emit_audit_stop(u, ns);
b2d6bb5b 2785 manager_send_unit_supervisor(m, u, /* active= */ false);
915b1d01 2786 unit_log_resources(u);
cd6d0a45 2787 }
294446dc 2788
49b34f75 2789 if (ns == UNIT_INACTIVE && !IN_SET(os, UNIT_FAILED, UNIT_INACTIVE, UNIT_MAINTENANCE))
9faeb2d0 2790 unit_start_on_termination_deps(u, UNIT_ATOM_ON_SUCCESS);
8c4514b2 2791 else if (ns != os && ns == UNIT_FAILED)
9faeb2d0 2792 unit_start_on_termination_deps(u, UNIT_ATOM_ON_FAILURE);
f278026d
LP		 2793 }
2794
31dc1ca3
LP		 2795 manager_recheck_journal(m);
2796 manager_recheck_dbus(m);
e63ebf71 2797
3ecaa09b 2798 unit_trigger_notify(u);
3b2775c5 2799
8724defe 2800 if (!MANAGER_IS_RELOADING(m)) {
f6f271f0
MY		 2801 const char *reason;
2802
429926e9
TR		 2803 if (os != UNIT_FAILED && ns == UNIT_FAILED) {
2804 reason = strjoina("unit ", u->id, " failed");
96a0cfbf 2805 emergency_action(m, u->failure_action, EMERGENCY_ACTION_WARN|EMERGENCY_ACTION_SLEEP_5S, u->reboot_arg, unit_failure_action_exit_status(u), reason);
429926e9
TR		 2806 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE) {
2807 reason = strjoina("unit ", u->id, " succeeded");
96a0cfbf 2808 emergency_action(m, u->success_action, /* flags= */ 0, u->reboot_arg, unit_success_action_exit_status(u), reason);
429926e9 2809 }
ff502445
LP		 2810 }
2811
99e9af25 2812 /* And now, add the unit or depending units to various queues that will act on the new situation if
48008c1c 2813 * needed. These queues generally check for continuous state changes rather than events (like most of
99e9af25
LP		 2814 * the state propagation above), and do work deferred instead of instantly, since they typically
2815 * don't want to run during reloading, and usually involve checking combined state of multiple units
2816 * at once. */
2817
2818 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2819 /* Stop unneeded units and bound-by units regardless if going down was expected or not */
2820 check_unneeded_dependencies(u);
2821 check_bound_by_dependencies(u);
2822
2823 /* Maybe someone wants us to remain up? */
2824 unit_submit_to_start_when_upheld_queue(u);
2825
2826 /* Maybe the unit should be GC'ed now? */
2827 unit_add_to_gc_queue(u);
6ac62d61
LP		 2828
2829 /* Maybe we can release some resources now? */
2830 unit_submit_to_release_resources_queue(u);
99e9af25 2831
9ca16f6f
LP		 2832 /* Maybe the concurrency limits now allow dispatching of another start job in this slice? */
2833 unit_check_concurrency_limit(u);
2834
1b4ab5a2
MY		 2835 /* Maybe someone else has been waiting for us to stop? */
2836 m->may_dispatch_stop_notify_queue = true;
2837
b984151e 2838 } else if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
99e9af25
LP		 2839 /* Start uphold units regardless if going up was expected or not */
2840 check_uphold_dependencies(u);
2841
2842 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2843 unit_submit_to_stop_when_unneeded_queue(u);
2844
2845 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens
2846 * when something BindsTo= to a Type=oneshot unit, as these units go directly from starting to
2847 * inactive, without ever entering started.) */
2848 unit_submit_to_stop_when_bound_queue(u);
2849 }
87f0e418
LP		 2850}
2851
d70dfe1b 2852int unit_watch_pidref(Unit *u, const PidRef *pid, bool exclusive) {
495e75ed 2853 _cleanup_(pidref_freep) PidRef *pid_dup = NULL;
62a76913 2854 int r;
a911bb9a 2855
495e75ed 2856 /* Adds a specific PID to the set of PIDs this unit watches. */
87f0e418 2857
495e75ed
LP		 2858 assert(u);
2859 assert(pidref_is_set(pid));
5ba6985b 2860
f75f613d
FB		 2861 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2862 * opportunity to remove any stalled references to this PID as they can be created
2863 * easily (when watching a process which is not our direct child). */
2864 if (exclusive)
495e75ed
LP		 2865 manager_unwatch_pidref(u->manager, pid);
2866
c06b8d96
MY		 2867 if (set_contains(u->pids, pid)) { /* early exit if already being watched */
2868 assert(!exclusive);
495e75ed 2869 return 0;
c06b8d96 2870 }
f75f613d 2871
495e75ed 2872 r = pidref_dup(pid, &pid_dup);
5ba6985b
LP		 2873 if (r < 0)
2874 return r;
2875
495e75ed 2876 /* First, insert into the set of PIDs maintained by the unit */
4c8d5f02 2877 r = set_ensure_put(&u->pids, &pidref_hash_ops_free, pid_dup);
a911bb9a
LP		 2878 if (r < 0)
2879 return r;
2880
495e75ed 2881 pid = TAKE_PTR(pid_dup); /* continue with our copy now that we have installed it properly in our set */
05e343b7 2882
495e75ed 2883 /* Second, insert it into the simple global table, see if that works */
c06b8d96 2884 r = hashmap_ensure_put(&u->manager->watch_pids, &pidref_hash_ops, pid, u);
495e75ed
LP		 2885 if (r != -EEXIST)
2886 return r;
a911bb9a 2887
495e75ed
LP		 2888 /* OK, the key is already assigned to a different unit. That's fine, then add us via the second
2889 * hashmap that points to an array. */
a911bb9a 2890
495e75ed
LP		 2891 PidRef *old_pid = NULL;
2892 Unit **array = hashmap_get2(u->manager->watch_pids_more, pid, (void**) &old_pid);
62a76913 2893
495e75ed
LP		 2894 /* Count entries in array */
2895 size_t n = 0;
2896 for (; array && array[n]; n++)
2897 ;
62a76913 2898
495e75ed
LP		 2899 /* Allocate a new array */
2900 _cleanup_free_ Unit **new_array = new(Unit*, n + 2);
2901 if (!new_array)
2902 return -ENOMEM;
62a76913 2903
495e75ed
LP		 2904 /* Append us to the end */
2905 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2906 new_array[n] = u;
2907 new_array[n+1] = NULL;
62a76913 2908
495e75ed 2909 /* Add or replace the old array */
c06b8d96 2910 r = hashmap_ensure_replace(&u->manager->watch_pids_more, &pidref_hash_ops, old_pid ?: pid, new_array);
62a76913
LP		 2911 if (r < 0)
2912 return r;
2913
495e75ed
LP		 2914 TAKE_PTR(new_array); /* Now part of the hash table */
2915 free(array); /* Which means we can now delete the old version */
62a76913 2916 return 0;
87f0e418
LP		 2917}
2918
d70dfe1b 2919void unit_unwatch_pidref(Unit *u, const PidRef *pid) {
495e75ed
LP		 2920 assert(u);
2921 assert(pidref_is_set(pid));
2922
2923 /* Remove from the set we maintain for this unit. (And destroy the returned pid eventually) */
2924 _cleanup_(pidref_freep) PidRef *pid1 = set_remove(u->pids, pid);
2925 if (!pid1)
2926 return; /* Early exit if this PID was never watched by us */
2927
2928 /* First let's drop the unit from the simple hash table, if it is included there */
2929 PidRef *pid2 = NULL;
2930 Unit *uu = hashmap_get2(u->manager->watch_pids, pid, (void**) &pid2);
2931
2932 /* Quick validation: iff we are in the watch_pids table then the PidRef object must be the same as in our local pids set */
2933 assert((uu == u) == (pid1 == pid2));
2934
2935 if (uu == u)
2936 /* OK, we are in the first table. Let's remove it there then, and we are done already. */
1c2beeb0 2937 assert_se(hashmap_remove_value(u->manager->watch_pids, pid2, uu));
495e75ed
LP		 2938 else {
2939 /* We weren't in the first table, then let's consult the 2nd table that points to an array */
2940 PidRef *pid3 = NULL;
2941 Unit **array = hashmap_get2(u->manager->watch_pids_more, pid, (void**) &pid3);
2942
2943 /* Let's iterate through the array, dropping our own entry */
2944 size_t m = 0, n = 0;
2945 for (; array && array[n]; n++)
62a76913
LP		 2946 if (array[n] != u)
2947 array[m++] = array[n];
495e75ed
LP		 2948 if (n == m)
2949 return; /* Not there */
2950
2951 array[m] = NULL; /* set trailing NULL marker on the new end */
62a76913
LP		 2952
2953 if (m == 0) {
2954 /* The array is now empty, remove the entire entry */
1c2beeb0 2955 assert_se(hashmap_remove_value(u->manager->watch_pids_more, pid3, array));
62a76913 2956 free(array);
495e75ed
LP		 2957 } else {
2958 /* The array is not empty, but let's make sure the entry is not keyed by the PidRef
2959 * we will delete, but by the PidRef object of the Unit that is now first in the
2960 * array. */
2961
2962 PidRef *new_pid3 = ASSERT_PTR(set_get(array[0]->pids, pid));
2963 assert_se(hashmap_replace(u->manager->watch_pids_more, new_pid3, array) >= 0);
62a76913
LP		 2964 }
2965 }
495e75ed 2966}
87f0e418 2967
bd44e61b
LP		 2968void unit_unwatch_all_pids(Unit *u) {
2969 assert(u);
2970
2971 while (!set_isempty(u->pids))
495e75ed 2972 unit_unwatch_pidref(u, set_first(u->pids));
bd44e61b 2973
efdb0237 2974 u->pids = set_free(u->pids);
a911bb9a
LP		 2975}
2976
ea1e0bf1
YW		 2977void unit_unwatch_pidref_done(Unit *u, PidRef *pidref) {
2978 assert(u);
2979
2980 if (!pidref_is_set(pidref))
2981 return;
2982
2983 unit_unwatch_pidref(u, pidref);
2984 pidref_done(pidref);
2985}
2986
87f0e418
LP		 2987bool unit_job_is_applicable(Unit *u, JobType j) {
2988 assert(u);
2989 assert(j >= 0 && j < _JOB_TYPE_MAX);
2990
2991 switch (j) {
2992
2993 case JOB_VERIFY_ACTIVE:
2994 case JOB_START:
e0209d83 2995 case JOB_NOP:
f5869324 2996 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
86b52a39 2997 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
f5869324 2998 * jobs for it. */
87f0e418
LP		 2999 return true;
3000
f5869324
LP		 3001 case JOB_STOP:
3002 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
86b52a39 3003 * external events), hence it makes no sense to permit enqueuing such a request either. */
f5869324
LP		 3004 return !u->perpetual;
3005
87f0e418
LP		 3006 case JOB_RESTART:
3007 case JOB_TRY_RESTART:
f5869324 3008 return unit_can_stop(u) && unit_can_start(u);
87f0e418
LP		 3009
3010 case JOB_RELOAD:
3282591d 3011 case JOB_TRY_RELOAD:
87f0e418
LP		 3012 return unit_can_reload(u);
3013
3014 case JOB_RELOAD_OR_START:
3015 return unit_can_reload(u) && unit_can_start(u);
3016
3017 default:
04499a70 3018 assert_not_reached();
87f0e418
LP		 3019 }
3020}
3021
83110824
YW		 3022static Hashmap *unit_get_dependency_hashmap_per_type(Unit *u, UnitDependency d) {
3023 Hashmap *deps;
3024
3025 assert(u);
3026 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
3027
3028 deps = hashmap_get(u->dependencies, UNIT_DEPENDENCY_TO_PTR(d));
3029 if (!deps) {
3030 _cleanup_hashmap_free_ Hashmap *h = NULL;
3031
3032 h = hashmap_new(NULL);
3033 if (!h)
3034 return NULL;
3035
3036 if (hashmap_ensure_put(&u->dependencies, NULL, UNIT_DEPENDENCY_TO_PTR(d), h) < 0)
3037 return NULL;
3038
3039 deps = TAKE_PTR(h);
3040 }
3041
3042 return deps;
3043}
3044
3045typedef enum NotifyDependencyFlags {
3046 NOTIFY_DEPENDENCY_UPDATE_FROM = 1 << 0,
3047 NOTIFY_DEPENDENCY_UPDATE_TO = 1 << 1,
3048} NotifyDependencyFlags;
3049
3050static int unit_add_dependency_impl(
eef85c4a
LP		 3051 Unit *u,
3052 UnitDependency d,
3053 Unit *other,
eef85c4a 3054 UnitDependencyMask mask) {
87f0e418
LP		 3055
3056 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
fb138166
ZJS		 3057 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
3058 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
3059 [UNIT_WANTS] = UNIT_WANTED_BY,
3060 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
3061 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
3062 [UNIT_UPHOLDS] = UNIT_UPHELD_BY,
3063 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
3064 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
3065 [UNIT_WANTED_BY] = UNIT_WANTS,
3066 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
3067 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
3068 [UNIT_UPHELD_BY] = UNIT_UPHOLDS,
3069 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
3070 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
3071 [UNIT_BEFORE] = UNIT_AFTER,
3072 [UNIT_AFTER] = UNIT_BEFORE,
3073 [UNIT_ON_SUCCESS] = UNIT_ON_SUCCESS_OF,
3074 [UNIT_ON_SUCCESS_OF] = UNIT_ON_SUCCESS,
3075 [UNIT_ON_FAILURE] = UNIT_ON_FAILURE_OF,
3076 [UNIT_ON_FAILURE_OF] = UNIT_ON_FAILURE,
3077 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
3078 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
3079 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
85e9a101 3080 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
fb138166
ZJS		 3081 [UNIT_PROPAGATES_STOP_TO] = UNIT_STOP_PROPAGATED_FROM,
3082 [UNIT_STOP_PROPAGATED_FROM] = UNIT_PROPAGATES_STOP_TO,
3083 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF, /* symmetric! 👓 */
3084 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
3085 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
3086 [UNIT_IN_SLICE] = UNIT_SLICE_OF,
3087 [UNIT_SLICE_OF] = UNIT_IN_SLICE,
87f0e418 3088 };
83110824
YW		 3089
3090 Hashmap *u_deps, *other_deps;
3091 UnitDependencyInfo u_info, u_info_old, other_info, other_info_old;
3092 NotifyDependencyFlags flags = 0;
3093 int r;
3094
3095 assert(u);
3096 assert(other);
3097 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
3098 assert(inverse_table[d] >= 0 && inverse_table[d] < _UNIT_DEPENDENCY_MAX);
3099 assert(mask > 0 && mask < _UNIT_DEPENDENCY_MASK_FULL);
3100
3101 /* Ensure the following two hashmaps for each unit exist:
3102 * - the top-level dependency hashmap that maps UnitDependency → Hashmap(Unit* → UnitDependencyInfo),
3103 * - the inner hashmap, that maps Unit* → UnitDependencyInfo, for the specified dependency type. */
3104 u_deps = unit_get_dependency_hashmap_per_type(u, d);
3105 if (!u_deps)
3106 return -ENOMEM;
3107
3108 other_deps = unit_get_dependency_hashmap_per_type(other, inverse_table[d]);
3109 if (!other_deps)
3110 return -ENOMEM;
3111
3112 /* Save the original dependency info. */
3113 u_info.data = u_info_old.data = hashmap_get(u_deps, other);
3114 other_info.data = other_info_old.data = hashmap_get(other_deps, u);
3115
3116 /* Update dependency info. */
3117 u_info.origin_mask |= mask;
3118 other_info.destination_mask |= mask;
3119
3120 /* Save updated dependency info. */
3121 if (u_info.data != u_info_old.data) {
3122 r = hashmap_replace(u_deps, other, u_info.data);
3123 if (r < 0)
3124 return r;
3125
3126 flags = NOTIFY_DEPENDENCY_UPDATE_FROM;
b7777d08 3127 u->dependency_generation++;
83110824
YW		 3128 }
3129
3130 if (other_info.data != other_info_old.data) {
3131 r = hashmap_replace(other_deps, u, other_info.data);
3132 if (r < 0) {
3133 if (u_info.data != u_info_old.data) {
3134 /* Restore the old dependency. */
3135 if (u_info_old.data)
3136 (void) hashmap_update(u_deps, other, u_info_old.data);
3137 else
3138 hashmap_remove(u_deps, other);
3139 }
3140 return r;
3141 }
3142
3143 flags |= NOTIFY_DEPENDENCY_UPDATE_TO;
b7777d08 3144 other->dependency_generation++;
83110824
YW		 3145 }
3146
3147 return flags;
3148}
3149
3150int unit_add_dependency(
3151 Unit *u,
3152 UnitDependency d,
3153 Unit *other,
3154 bool add_reference,
3155 UnitDependencyMask mask) {
3156
15ed3c3a 3157 UnitDependencyAtom a;
eef85c4a 3158 int r;
15ed3c3a
LP		 3159
3160 /* Helper to know whether sending a notification is necessary or not: if the dependency is already
3161 * there, no need to notify! */
83110824 3162 NotifyDependencyFlags notify_flags;
87f0e418
LP		 3163
3164 assert(u);
3165 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
87f0e418
LP		 3166 assert(other);
3167
9f151f29
LP		 3168 u = unit_follow_merge(u);
3169 other = unit_follow_merge(other);
15ed3c3a
LP		 3170 a = unit_dependency_to_atom(d);
3171 assert(a >= 0);
9f151f29 3172
15ed3c3a 3173 /* We won't allow dependencies on ourselves. We will not consider them an error however. */
d1fab3fe 3174 if (u == other) {
ed991163
YW		 3175 if (unit_should_warn_about_dependency(d))
3176 log_unit_warning(u, "Dependency %s=%s is dropped.",
3177 unit_dependency_to_string(d), u->id);
87f0e418 3178 return 0;
d1fab3fe 3179 }
87f0e418 3180
f14d6810
MG		 3181 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3182 return 0;
3183
93df5217
LB		 3184 /* Note that ordering a device unit after a unit is permitted since it allows its job running
3185 * timeout to be started at a specific time. */
15ed3c3a 3186 if (FLAGS_SET(a, UNIT_ATOM_BEFORE) && other->type == UNIT_DEVICE) {
b862c257 3187 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
c80a9a33
LP		 3188 return 0;
3189 }
3190
15ed3c3a 3191 if (FLAGS_SET(a, UNIT_ATOM_ON_FAILURE) && !UNIT_VTABLE(u)->can_fail) {
c80a9a33
LP		 3192 log_unit_warning(u, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other->id, unit_type_to_string(u->type));
3193 return 0;
3194 }
3195
15ed3c3a 3196 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERS) && !UNIT_VTABLE(u)->can_trigger)
c80a9a33
LP		 3197 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3198 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(u->type));
15ed3c3a 3199 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERED_BY) && !UNIT_VTABLE(other)->can_trigger)
c80a9a33
LP		 3200 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3201 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(other->type));
3202
d219a2b0
LP		 3203 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && other->type != UNIT_SLICE)
3204 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3205 "Requested dependency Slice=%s refused (%s is not a slice unit).", other->id, other->id);
3206 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && u->type != UNIT_SLICE)
3207 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3208 "Requested dependency SliceOf=%s refused (%s is not a slice unit).", other->id, u->id);
3209
3210 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && !UNIT_HAS_CGROUP_CONTEXT(u))
3211 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3212 "Requested dependency Slice=%s refused (%s is not a cgroup unit).", other->id, u->id);
3213
3214 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && !UNIT_HAS_CGROUP_CONTEXT(other))
3215 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3216 "Requested dependency SliceOf=%s refused (%s is not a cgroup unit).", other->id, other->id);
3217
83110824 3218 r = unit_add_dependency_impl(u, d, other, mask);
613b411c 3219 if (r < 0)
87f0e418 3220 return r;
83110824 3221 notify_flags = r;
613b411c
LP		 3222
3223 if (add_reference) {
83110824 3224 r = unit_add_dependency_impl(u, UNIT_REFERENCES, other, mask);
613b411c 3225 if (r < 0)
701cc384 3226 return r;
83110824 3227 notify_flags |= r;
613b411c 3228 }
87f0e418 3229
83110824 3230 if (FLAGS_SET(notify_flags, NOTIFY_DEPENDENCY_UPDATE_FROM))
5177cb0a 3231 unit_add_to_dbus_queue(u);
83110824 3232 if (FLAGS_SET(notify_flags, NOTIFY_DEPENDENCY_UPDATE_TO))
ac17080c 3233 unit_add_to_dbus_queue(other);
15ed3c3a 3234
83110824 3235 return notify_flags != 0;
87f0e418 3236}
0301abf4 3237
eef85c4a 3238int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
5ee8e988 3239 int r = 0, s = 0;
2c966c03
LP		 3240
3241 assert(u);
5ee8e988 3242 assert(d >= 0 || e >= 0);
2c966c03 3243
5ee8e988
LB		 3244 if (d >= 0) {
3245 r = unit_add_dependency(u, d, other, add_reference, mask);
3246 if (r < 0)
3247 return r;
3248 }
2c966c03 3249
5ee8e988
LB		 3250 if (e >= 0) {
3251 s = unit_add_dependency(u, e, other, add_reference, mask);
3252 if (s < 0)
3253 return s;
3254 }
a8c5a4c6
YW		 3255
3256 return r > 0 || s > 0;
2c966c03
LP		 3257}
3258
23e8c796 3259static int resolve_template(Unit *u, const char *name, char **buf, const char **ret) {
7410616c 3260 int r;
9e2f7c11
LP		 3261
3262 assert(u);
23e8c796 3263 assert(name);
7410616c
LP		 3264 assert(buf);
3265 assert(ret);
9e2f7c11 3266
7410616c
LP		 3267 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
3268 *buf = NULL;
3269 *ret = name;
3270 return 0;
9e2f7c11
LP		 3271 }
3272
ac155bb8 3273 if (u->instance)
7410616c 3274 r = unit_name_replace_instance(name, u->instance, buf);
9e2f7c11 3275 else {
ae018d9b 3276 _cleanup_free_ char *i = NULL;
9e2f7c11 3277
7410616c
LP		 3278 r = unit_name_to_prefix(u->id, &i);
3279 if (r < 0)
3280 return r;
9e2f7c11 3281
7410616c 3282 r = unit_name_replace_instance(name, i, buf);
9e2f7c11 3283 }
7410616c
LP		 3284 if (r < 0)
3285 return r;
9e2f7c11 3286
7410616c
LP		 3287 *ret = *buf;
3288 return 0;
9e2f7c11
LP		 3289}
3290
35d8c19a 3291int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 3292 _cleanup_free_ char *buf = NULL;
09b6b09f
LP		 3293 Unit *other;
3294 int r;
3295
9e2f7c11 3296 assert(u);
35d8c19a 3297 assert(name);
09b6b09f 3298
23e8c796 3299 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 3300 if (r < 0)
3301 return r;
09b6b09f 3302
f14d6810
MG		 3303 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3304 return 0;
3305
35d8c19a 3306 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
8afbb8e1
LP		 3307 if (r < 0)
3308 return r;
9e2f7c11 3309
eef85c4a 3310 return unit_add_dependency(u, d, other, add_reference, mask);
09b6b09f
LP		 3311}
3312
5a724170 3313int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 3314 _cleanup_free_ char *buf = NULL;
2c966c03
LP		 3315 Unit *other;
3316 int r;
2c966c03
LP		 3317
3318 assert(u);
5a724170 3319 assert(name);
2c966c03 3320
23e8c796 3321 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 3322 if (r < 0)
3323 return r;
2c966c03 3324
f14d6810
MG		 3325 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3326 return 0;
3327
5a724170 3328 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3f3cc397 3329 if (r < 0)
68eda4bd 3330 return r;
2c966c03 3331
eef85c4a 3332 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2c966c03
LP		 3333}
3334
6c8ade30
MY		 3335int setenv_unit_path(const char *p) {
3336 assert(p);
3337
0301abf4 3338 /* This is mostly for debug purposes */
6c8ade30 3339 return RET_NERRNO(setenv("SYSTEMD_UNIT_PATH", p, /* overwrite = */ true));
0301abf4 3340}
88066b3a 3341
ff3f2953 3342char* unit_dbus_path(Unit *u) {
ea430986
LP		 3343 assert(u);
3344
ac155bb8 3345 if (!u->id)
04ade7d2
LP		 3346 return NULL;
3347
48899192 3348 return unit_dbus_path_from_name(u->id);
ea430986
LP		 3349}
3350
ff3f2953 3351char* unit_dbus_path_invocation_id(Unit *u) {
4b58153d
LP		 3352 assert(u);
3353
3354 if (sd_id128_is_null(u->invocation_id))
3355 return NULL;
3356
3357 return unit_dbus_path_from_name(u->invocation_id_string);
3358}
3359
2d3b784d 3360int unit_set_invocation_id(Unit *u, sd_id128_t id) {
db868d45
ZJS		 3361 int r;
3362
3363 assert(u);
3364
3365 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
3366
3367 if (sd_id128_equal(u->invocation_id, id))
3368 return 0;
3369
3370 if (!sd_id128_is_null(u->invocation_id))
3371 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
3372
3373 if (sd_id128_is_null(id)) {
3374 r = 0;
3375 goto reset;
3376 }
3377
3378 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
3379 if (r < 0)
3380 goto reset;
3381
3382 u->invocation_id = id;
3383 sd_id128_to_string(id, u->invocation_id_string);
3384
3385 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
3386 if (r < 0)
3387 goto reset;
3388
3389 return 0;
3390
3391reset:
3392 u->invocation_id = SD_ID128_NULL;
3393 u->invocation_id_string[0] = 0;
3394 return r;
3395}
3396
899acf5c 3397int unit_set_slice(Unit *u, Unit *slice) {
d219a2b0
LP		 3398 int r;
3399
d79200e2
LP		 3400 assert(u);
3401 assert(slice);
3402
d219a2b0
LP		 3403 /* Sets the unit slice if it has not been set before. Is extra careful, to only allow this for units
3404 * that actually have a cgroup context. Also, we don't allow to set this for slices (since the parent
3405 * slice is derived from the name). Make sure the unit we set is actually a slice. */
d79200e2
LP		 3406
3407 if (!UNIT_HAS_CGROUP_CONTEXT(u))
3408 return -EOPNOTSUPP;
3409
3410 if (u->type == UNIT_SLICE)
3411 return -EINVAL;
3412
102ef982
LP		 3413 if (unit_active_state(u) != UNIT_INACTIVE)
3414 return -EBUSY;
3415
d79200e2
LP		 3416 if (slice->type != UNIT_SLICE)
3417 return -EINVAL;
3418
efdb0237
LP		 3419 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3420 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3421 return -EPERM;
3422
12f64221 3423 if (UNIT_GET_SLICE(u) == slice)
d79200e2
LP		 3424 return 0;
3425
99e66921 3426 /* Disallow slice changes if @u is already bound to cgroups */
9cc54544
LP		 3427 if (UNIT_GET_SLICE(u)) {
3428 CGroupRuntime *crt = unit_get_cgroup_runtime(u);
23ac0811 3429 if (crt && crt->cgroup_path)
9cc54544
LP		 3430 return -EBUSY;
3431 }
d79200e2 3432
899acf5c
AZ		 3433 /* Remove any slices assigned prior; we should only have one UNIT_IN_SLICE dependency */
3434 if (UNIT_GET_SLICE(u))
3435 unit_remove_dependencies(u, UNIT_DEPENDENCY_SLICE_PROPERTY);
3436
3437 r = unit_add_dependency(u, UNIT_IN_SLICE, slice, true, UNIT_DEPENDENCY_SLICE_PROPERTY);
d219a2b0
LP		 3438 if (r < 0)
3439 return r;
3440
d79200e2
LP		 3441 return 1;
3442}
3443
3444int unit_set_default_slice(Unit *u) {
a8833944 3445 const char *slice_name;
a016b922
LP		 3446 Unit *slice;
3447 int r;
3448
3449 assert(u);
3450
f14d6810
MG		 3451 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3452 return 0;
3453
12f64221 3454 if (UNIT_GET_SLICE(u))
a016b922
LP		 3455 return 0;
3456
a8833944
LP		 3457 if (u->instance) {
3458 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
68eda4bd 3459
a8833944
LP		 3460 /* Implicitly place all instantiated units in their
3461 * own per-template slice */
3462
7410616c
LP		 3463 r = unit_name_to_prefix(u->id, &prefix);
3464 if (r < 0)
3465 return r;
a8833944
LP		 3466
3467 /* The prefix is already escaped, but it might include
3468 * "-" which has a special meaning for slice units,
3469 * hence escape it here extra. */
7410616c 3470 escaped = unit_name_escape(prefix);
a8833944
LP		 3471 if (!escaped)
3472 return -ENOMEM;
3473
463d0d15 3474 if (MANAGER_IS_SYSTEM(u->manager))
00e7b3c8 3475 slice_name = strjoina("system-", escaped, ".slice");
a8833944 3476 else
7f3b86a4 3477 slice_name = strjoina("app-", escaped, ".slice");
5ee24fa0
ZJS		 3478
3479 } else if (unit_is_extrinsic(u))
3480 /* Keep all extrinsic units (e.g. perpetual units and swap and mount units in user mode) in
3481 * the root slice. They don't really belong in one of the subslices. */
3482 slice_name = SPECIAL_ROOT_SLICE;
3483
3484 else if (MANAGER_IS_SYSTEM(u->manager))
3485 slice_name = SPECIAL_SYSTEM_SLICE;
3486 else
3487 slice_name = SPECIAL_APP_SLICE;
a8833944
LP		 3488
3489 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
a016b922
LP		 3490 if (r < 0)
3491 return r;
3492
899acf5c 3493 return unit_set_slice(u, slice);
a016b922
LP		 3494}
3495
bfd5a068 3496const char* unit_slice_name(Unit *u) {
12f64221 3497 Unit *slice;
9444b1f2
LP		 3498 assert(u);
3499
12f64221
LP		 3500 slice = UNIT_GET_SLICE(u);
3501 if (!slice)
9444b1f2
LP		 3502 return NULL;
3503
12f64221 3504 return slice->id;
9444b1f2
LP		 3505}
3506
f6ff8c29 3507int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
78edb35a 3508 _cleanup_free_ char *t = NULL;
f6ff8c29
LP		 3509 int r;
3510
3511 assert(u);
3512 assert(type);
3513 assert(_found);
3514
7410616c
LP		 3515 r = unit_name_change_suffix(u->id, type, &t);
3516 if (r < 0)
3517 return r;
3518 if (unit_has_name(u, t))
3519 return -EINVAL;
f6ff8c29 3520
ac155bb8 3521 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
9e2f7c11 3522 assert(r < 0 || *_found != u);
f6ff8c29
LP		 3523 return r;
3524}
3525
db6b214f
YW		 3526static int signal_name_owner_changed_install_handler(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3527 Unit *u = ASSERT_PTR(userdata);
3528 const sd_bus_error *e;
3529 int r;
3530
3531 e = sd_bus_message_get_error(message);
3532 if (!e) {
3533 log_unit_trace(u, "Successfully installed NameOwnerChanged signal match.");
3534 return 0;
3535 }
3536
3537 r = sd_bus_error_get_errno(e);
3538 log_unit_error_errno(u, r,
3539 "Unexpected error response on installing NameOwnerChanged signal match: %s",
3540 bus_error_message(e, r));
3541
3542 /* If we failed to install NameOwnerChanged signal, also unref the bus slot of GetNameOwner(). */
3543 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3544 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3545
3546 if (UNIT_VTABLE(u)->bus_name_owner_change)
3547 UNIT_VTABLE(u)->bus_name_owner_change(u, NULL);
3548
3549 return 0;
3550}
3551
bbc29086 3552static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
fc67a943 3553 const char *new_owner;
99534007 3554 Unit *u = ASSERT_PTR(userdata);
bbc29086
DM		 3555 int r;
3556
3557 assert(message);
bbc29086 3558
fc67a943 3559 r = sd_bus_message_read(message, "sss", NULL, NULL, &new_owner);
bbc29086
DM		 3560 if (r < 0) {
3561 bus_log_parse_error(r);
3562 return 0;
3563 }
3564
3565 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3566 UNIT_VTABLE(u)->bus_name_owner_change(u, empty_to_null(new_owner));
a5a8776a
MJ		 3567
3568 return 0;
3569}
3570
3571static int get_name_owner_handler(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3572 const sd_bus_error *e;
3573 const char *new_owner;
99534007 3574 Unit *u = ASSERT_PTR(userdata);
a5a8776a
MJ		 3575 int r;
3576
3577 assert(message);
a5a8776a
MJ		 3578
3579 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3580
a5a8776a 3581 e = sd_bus_message_get_error(message);
a5a8776a 3582 if (e) {
91053fc9 3583 if (!sd_bus_error_has_name(e, SD_BUS_ERROR_NAME_HAS_NO_OWNER)) {
33322185
YW		 3584 r = sd_bus_error_get_errno(e);
3585 log_unit_error_errno(u, r,
3586 "Unexpected error response from GetNameOwner(): %s",
3587 bus_error_message(e, r));
3588 }
a5a8776a 3589
fc67a943
LP		 3590 new_owner = NULL;
3591 } else {
3592 r = sd_bus_message_read(message, "s", &new_owner);
3593 if (r < 0)
3594 return bus_log_parse_error(r);
a5a8776a 3595
fc67a943
LP		 3596 assert(!isempty(new_owner));
3597 }
a5a8776a
MJ		 3598
3599 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3600 UNIT_VTABLE(u)->bus_name_owner_change(u, new_owner);
bbc29086
DM		 3601
3602 return 0;
3603}
3604
9806e87d 3605int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
8df433d7 3606 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
9806e87d 3607 const char *match;
8df433d7 3608 usec_t timeout_usec = 0;
a5b07847 3609 int r;
bbc29086 3610
9806e87d
LP		 3611 assert(u);
3612 assert(bus);
3613 assert(name);
bbc29086 3614
a5b07847 3615 if (u->match_bus_slot || u->get_name_owner_slot)
bbc29086
DM		 3616 return -EBUSY;
3617
8df433d7 3618 /* NameOwnerChanged and GetNameOwner is used to detect when a service finished starting up. The dbus
3619 * call timeout shouldn't be earlier than that. If we couldn't get the start timeout, use the default
3620 * value defined above. */
3621 if (UNIT_VTABLE(u)->get_timeout_start_usec)
3622 timeout_usec = UNIT_VTABLE(u)->get_timeout_start_usec(u);
3623
9806e87d 3624 match = strjoina("type='signal',"
81d62103
ZJS		 3625 "sender='org.freedesktop.DBus',"
3626 "path='/org/freedesktop/DBus',"
3627 "interface='org.freedesktop.DBus',"
3628 "member='NameOwnerChanged',"
3629 "arg0='", name, "'");
bbc29086 3630
8df433d7 3631 r = bus_add_match_full(
3632 bus,
3633 &u->match_bus_slot,
db6b214f 3634 /* asynchronous = */ true,
8df433d7 3635 match,
3636 signal_name_owner_changed,
db6b214f 3637 signal_name_owner_changed_install_handler,
8df433d7 3638 u,
3639 timeout_usec);
a5a8776a
MJ		 3640 if (r < 0)
3641 return r;
3642
8df433d7 3643 r = sd_bus_message_new_method_call(
a5b07847 3644 bus,
8df433d7 3645 &m,
a5b07847
LP		 3646 "org.freedesktop.DBus",
3647 "/org/freedesktop/DBus",
3648 "org.freedesktop.DBus",
8df433d7 3649 "GetNameOwner");
3650 if (r < 0)
3651 return r;
3652
3653 r = sd_bus_message_append(m, "s", name);
3654 if (r < 0)
3655 return r;
3656
3657 r = sd_bus_call_async(
3658 bus,
3659 &u->get_name_owner_slot,
3660 m,
a5b07847
LP		 3661 get_name_owner_handler,
3662 u,
8df433d7 3663 timeout_usec);
a5b07847
LP		 3664 if (r < 0) {
3665 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3666 return r;
3667 }
3668
3669 log_unit_debug(u, "Watching D-Bus name '%s'.", name);
3670 return 0;
bbc29086
DM		 3671}
3672
05e343b7 3673int unit_watch_bus_name(Unit *u, const char *name) {
bbc29086
DM		 3674 int r;
3675
05e343b7
LP		 3676 assert(u);
3677 assert(name);
3678
3679 /* Watch a specific name on the bus. We only support one unit
3680 * watching each name for now. */
3681
bbc29086
DM		 3682 if (u->manager->api_bus) {
3683 /* If the bus is already available, install the match directly.
3684 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
9806e87d 3685 r = unit_install_bus_match(u, u->manager->api_bus, name);
bbc29086 3686 if (r < 0)
8ea823b6 3687 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
bbc29086
DM		 3688 }
3689
3690 r = hashmap_put(u->manager->watch_bus, name, u);
3691 if (r < 0) {
3692 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5b07847 3693 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
bbc29086
DM		 3694 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3695 }
3696
3697 return 0;
05e343b7
LP		 3698}
3699
3700void unit_unwatch_bus_name(Unit *u, const char *name) {
3701 assert(u);
3702 assert(name);
3703
8367fea5 3704 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
bbc29086 3705 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5a8776a 3706 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
05e343b7
LP		 3707}
3708
d336ba9f 3709int unit_add_node_dependency(Unit *u, const char *what, UnitDependency dep, UnitDependencyMask mask) {
68eda4bd 3710 _cleanup_free_ char *e = NULL;
44b0d1fd 3711 Unit *device;
6e2ef85b
LP		 3712 int r;
3713
3714 assert(u);
3715
6e2ef85b 3716 /* Adds in links to the device node that this unit is based on */
47bc12e1
LP		 3717 if (isempty(what))
3718 return 0;
6e2ef85b 3719
8407a5d0 3720 if (!is_device_path(what))
6e2ef85b
LP		 3721 return 0;
3722
44b0d1fd 3723 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
1c2e9646 3724 if (!unit_type_supported(UNIT_DEVICE))
47bc12e1
LP		 3725 return 0;
3726
7410616c
LP		 3727 r = unit_name_from_path(what, ".device", &e);
3728 if (r < 0)
3729 return r;
6e2ef85b 3730
ac155bb8 3731 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
6e2ef85b
LP		 3732 if (r < 0)
3733 return r;
3734
ebc8968b
FB		 3735 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3736 dep = UNIT_BINDS_TO;
3737
d336ba9f
FB		 3738 return unit_add_two_dependencies(u, UNIT_AFTER,
3739 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3740 device, true, mask);
6e2ef85b 3741}
a16e1123 3742
44b0d1fd
LP		 3743int unit_add_blockdev_dependency(Unit *u, const char *what, UnitDependencyMask mask) {
3744 _cleanup_free_ char *escaped = NULL, *target = NULL;
3745 int r;
3746
3747 assert(u);
3748
3749 if (isempty(what))
3750 return 0;
3751
3752 if (!path_startswith(what, "/dev/"))
3753 return 0;
3754
3755 /* If we don't support devices, then also don't bother with blockdev@.target */
3756 if (!unit_type_supported(UNIT_DEVICE))
3757 return 0;
3758
3759 r = unit_name_path_escape(what, &escaped);
3760 if (r < 0)
3761 return r;
3762
3763 r = unit_name_build("blockdev", escaped, ".target", &target);
3764 if (r < 0)
3765 return r;
3766
3767 return unit_add_dependency_by_name(u, UNIT_AFTER, target, true, mask);
3768}
3769
be847e82 3770int unit_coldplug(Unit *u) {
95f74928 3771 int r = 0;
cca098b0
LP		 3772
3773 assert(u);
3774
f0831ed2 3775 /* Make sure we don't enter a loop, when coldplugging recursively. */
f78f265f
LP		 3776 if (u->coldplugged)
3777 return 0;
3778
3779 u->coldplugged = true;
3780
95f74928
MY		 3781 STRV_FOREACH(i, u->deserialized_refs)
3782 RET_GATHER(r, bus_unit_track_add_name(u, *i));
3783
05a98afd 3784 u->deserialized_refs = strv_free(u->deserialized_refs);
cca098b0 3785
95f74928
MY		 3786 if (UNIT_VTABLE(u)->coldplug)
3787 RET_GATHER(r, UNIT_VTABLE(u)->coldplug(u));
5a6158b6 3788
95f74928
MY		 3789 if (u->job)
3790 RET_GATHER(r, job_coldplug(u->job));
3791 if (u->nop_job)
3792 RET_GATHER(r, job_coldplug(u->nop_job));
cca098b0 3793
49b6babb 3794 unit_modify_nft_set(u, /* add = */ true);
05a98afd 3795 return r;
cca098b0
LP		 3796}
3797
f0831ed2
LP		 3798void unit_catchup(Unit *u) {
3799 assert(u);
3800
3801 if (UNIT_VTABLE(u)->catchup)
3802 UNIT_VTABLE(u)->catchup(u);
869f52f2
DS		 3803
3804 unit_cgroup_catchup(u);
f0831ed2
LP		 3805}
3806
ba25d39e 3807static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
21b95806
ZJS		 3808 struct stat st;
3809
3810 if (!path)
3811 return false;
3812
77969722
LP		 3813 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3814 * are never out-of-date. */
3815 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3816 return false;
3817
21b95806
ZJS		 3818 if (stat(path, &st) < 0)
3819 /* What, cannot access this anymore? */
3820 return true;
3821
ba25d39e
ZJS		 3822 if (path_masked)
3823 /* For masked files check if they are still so */
3824 return !null_or_empty(&st);
3825 else
3a8db9fe 3826 /* For non-empty files check the mtime */
87ec20ef 3827 return timespec_load(&st.st_mtim) > mtime;
21b95806
ZJS		 3828
3829 return false;
3830}
3831
45fb0699 3832bool unit_need_daemon_reload(Unit *u) {
45fb0699 3833 assert(u);
a82b8b3d
MY		 3834 assert(u->manager);
3835
3836 if (u->manager->unit_file_state_outdated)
3837 return true;
45fb0699 3838
ba25d39e
ZJS		 3839 /* For unit files, we allow masking… */
3840 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3841 u->load_state == UNIT_MASKED))
21b95806 3842 return true;
5f4b19f4 3843
ba25d39e
ZJS		 3844 /* Source paths should not be masked… */
3845 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
ab932a62 3846 return true;
ae7a7182 3847
11b3775f
MY		 3848 if (u->load_state == UNIT_LOADED) {
3849 _cleanup_strv_free_ char **dropins = NULL;
3850
82c482d5 3851 (void) unit_find_dropin_paths(u, /* use_unit_path_cache = */ false, &dropins);
6d10d308 3852
11b3775f 3853 if (!strv_equal(u->dropin_paths, dropins))
ab932a62 3854 return true;
21b95806 3855
11b3775f
MY		 3856 /* … any drop-ins that are masked are simply omitted from the list. */
3857 STRV_FOREACH(path, u->dropin_paths)
3858 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
3859 return true;
3860 }
3861
ab932a62 3862 return false;
45fb0699
LP		 3863}
3864
fdf20a31 3865void unit_reset_failed(Unit *u) {
5632e374
LP		 3866 assert(u);
3867
fdf20a31
MM		 3868 if (UNIT_VTABLE(u)->reset_failed)
3869 UNIT_VTABLE(u)->reset_failed(u);
6bf0f408 3870
7bf081a1 3871 ratelimit_reset(&u->start_ratelimit);
6bf0f408 3872 u->start_limit_hit = false;
a364ebd4
MY		 3873
3874 (void) unit_set_debug_invocation(u, /* enable= */ false);
5632e374
LP		 3875}
3876
a7f241db
LP		 3877Unit *unit_following(Unit *u) {
3878 assert(u);
3879
3880 if (UNIT_VTABLE(u)->following)
3881 return UNIT_VTABLE(u)->following(u);
3882
3883 return NULL;
3884}
3885
31afa0a4 3886bool unit_stop_pending(Unit *u) {
18ffdfda
LP		 3887 assert(u);
3888
31afa0a4
LP		 3889 /* This call does check the current state of the unit. It's
3890 * hence useful to be called from state change calls of the
3891 * unit itself, where the state isn't updated yet. This is
3892 * different from unit_inactive_or_pending() which checks both
3893 * the current state and for a queued job. */
18ffdfda 3894
28a2dfe8 3895 return unit_has_job_type(u, JOB_STOP);
31afa0a4
LP		 3896}
3897
3898bool unit_inactive_or_pending(Unit *u) {
3899 assert(u);
3900
3901 /* Returns true if the unit is inactive or going down */
18ffdfda 3902
d956ac29
LP		 3903 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3904 return true;
3905
31afa0a4 3906 if (unit_stop_pending(u))
18ffdfda
LP		 3907 return true;
3908
3909 return false;
3910}
3911
31afa0a4 3912bool unit_active_or_pending(Unit *u) {
f976f3f6
LP		 3913 assert(u);
3914
f60c2665 3915 /* Returns true if the unit is active or going up */
f976f3f6
LP		 3916
3917 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3918 return true;
3919
ac155bb8 3920 if (u->job &&
3742095b 3921 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
f976f3f6
LP		 3922 return true;
3923
3924 return false;
3925}
3926
52a12341
YW		 3927bool unit_will_restart_default(Unit *u) {
3928 assert(u);
3929
28a2dfe8 3930 return unit_has_job_type(u, JOB_START);
52a12341
YW		 3931}
3932
deb4e708
MK		 3933bool unit_will_restart(Unit *u) {
3934 assert(u);
3935
3936 if (!UNIT_VTABLE(u)->will_restart)
3937 return false;
3938
3939 return UNIT_VTABLE(u)->will_restart(u);
3940}
3941
38c41427
NK		 3942void unit_notify_cgroup_oom(Unit *u, bool managed_oom) {
3943 assert(u);
3944
3945 if (UNIT_VTABLE(u)->notify_cgroup_oom)
3946 UNIT_VTABLE(u)->notify_cgroup_oom(u, managed_oom);
3947}
3948
ae6a9e65 3949static int unit_pid_set(Unit *u, Set **pid_set) {
82659fd7
LP		 3950 int r;
3951
ae6a9e65
YW		 3952 assert(u);
3953 assert(pid_set);
3954
3955 set_clear(*pid_set); /* This updates input. */
82659fd7
LP		 3956
3957 /* Exclude the main/control pids from being killed via the cgroup */
82659fd7 3958
ae6a9e65 3959 PidRef *pid;
2d708781 3960 FOREACH_ARGUMENT(pid, unit_main_pid(u), unit_control_pid(u))
ae6a9e65
YW		 3961 if (pidref_is_set(pid)) {
3962 r = set_ensure_put(pid_set, NULL, PID_TO_PTR(pid->pid));
3963 if (r < 0)
3964 return r;
3965 }
82659fd7 3966
ae6a9e65 3967 return 0;
82659fd7
LP		 3968}
3969
4d1b2df1 3970static int kill_common_log(const PidRef *pid, int signo, void *userdata) {
d9911002 3971 _cleanup_free_ char *comm = NULL;
99534007 3972 Unit *u = ASSERT_PTR(userdata);
d9911002 3973
4d1b2df1
LP		 3974 (void) pidref_get_comm(pid, &comm);
3975
d9911002 3976 log_unit_info(u, "Sending signal SIG%s to process " PID_FMT " (%s) on client request.",
4d1b2df1 3977 signal_to_string(signo), pid->pid, strna(comm));
d9911002
LP		 3978
3979 return 1;
3980}
3981
ba16a93d 3982static int kill_or_sigqueue(PidRef *pidref, int signo, int code, int value) {
37eb258e 3983 assert(pidref_is_set(pidref));
a721cd00
LP		 3984 assert(SIGNAL_VALID(signo));
3985
3986 switch (code) {
3987
3988 case SI_USER:
37eb258e
LP		 3989 log_debug("Killing " PID_FMT " with signal SIG%s.", pidref->pid, signal_to_string(signo));
3990 return pidref_kill(pidref, signo);
a721cd00
LP		 3991
3992 case SI_QUEUE:
37eb258e
LP		 3993 log_debug("Enqueuing value %i to " PID_FMT " on signal SIG%s.", value, pidref->pid, signal_to_string(signo));
3994 return pidref_sigqueue(pidref, signo, value);
a721cd00
LP		 3995
3996 default:
3997 assert_not_reached();
3998 }
3999}
4000
ec5e2a13
YW		 4001static int unit_kill_one(
4002 Unit *u,
4003 PidRef *pidref,
4004 const char *type,
4005 int signo,
4006 int code,
4007 int value,
4008 sd_bus_error *ret_error) {
4009
4010 int r;
4011
4012 assert(u);
4013 assert(type);
4014
4015 if (!pidref_is_set(pidref))
4016 return 0;
4017
4018 _cleanup_free_ char *comm = NULL;
4019 (void) pidref_get_comm(pidref, &comm);
4020
4021 r = kill_or_sigqueue(pidref, signo, code, value);
4022 if (r == -ESRCH)
4023 return 0;
4024 if (r < 0) {
4025 /* Report this failure both to the logs and to the client */
4026 if (ret_error)
4027 sd_bus_error_set_errnof(
4028 ret_error, r,
4029 "Failed to send signal SIG%s to %s process " PID_FMT " (%s): %m",
4030 signal_to_string(signo), type, pidref->pid, strna(comm));
4031
4032 return log_unit_warning_errno(
4033 u, r,
4034 "Failed to send signal SIG%s to %s process " PID_FMT " (%s) on client request: %m",
4035 signal_to_string(signo), type, pidref->pid, strna(comm));
4036 }
4037
4038 log_unit_info(u, "Sent signal SIG%s to %s process " PID_FMT " (%s) on client request.",
4039 signal_to_string(signo), type, pidref->pid, strna(comm));
4040 return 1; /* killed */
4041}
4042
37eb258e 4043int unit_kill(
d91c34f2 4044 Unit *u,
cd2fb049 4045 KillWhom whom,
0f23564a 4046 const char *subgroup,
d91c34f2 4047 int signo,
a721cd00
LP		 4048 int code,
4049 int value,
ec5e2a13 4050 sd_bus_error *ret_error) {
d91c34f2 4051
37eb258e 4052 PidRef *main_pid, *control_pid;
ac5e3a50 4053 bool killed = false;
a721cd00 4054 int ret = 0, r;
814cc562 4055
8aff7ac4
LP		 4056 /* This is the common implementation for explicit user-requested killing of unit processes, shared by
4057 * various unit types. Do not confuse with unit_kill_context(), which is what we use when we want to
4058 * stop a service ourselves. */
4059
a721cd00 4060 assert(u);
cd2fb049
ZJS		 4061 assert(whom >= 0);
4062 assert(whom < _KILL_WHOM_MAX);
a721cd00
LP		 4063 assert(SIGNAL_VALID(signo));
4064 assert(IN_SET(code, SI_USER, SI_QUEUE));
4065
0f23564a
LP		 4066 if (subgroup) {
4067 if (!IN_SET(whom, KILL_CGROUP, KILL_CGROUP_FAIL))
03b4a607
LP		 4068 return sd_bus_error_set(ret_error, SD_BUS_ERROR_NOT_SUPPORTED,
4069 "Killing by subgroup is only supported for 'cgroup' or 'cgroup-kill' modes.");
0f23564a
LP		 4070
4071 if (!unit_cgroup_delegate(u))
03b4a607
LP		 4072 return sd_bus_error_set(ret_error, SD_BUS_ERROR_NOT_SUPPORTED,
4073 "Killing by subgroup is only available for units with control group delegation enabled.");
0f23564a
LP		 4074 }
4075
37eb258e
LP		 4076 main_pid = unit_main_pid(u);
4077 control_pid = unit_control_pid(u);
4078
4079 if (!UNIT_HAS_CGROUP_CONTEXT(u) && !main_pid && !control_pid)
0f23564a 4080 return sd_bus_error_set(ret_error, SD_BUS_ERROR_NOT_SUPPORTED, "Unit type does not support process killing.");
37eb258e 4081
cd2fb049 4082 if (IN_SET(whom, KILL_MAIN, KILL_MAIN_FAIL)) {
37eb258e 4083 if (!main_pid)
ec5e2a13 4084 return sd_bus_error_setf(ret_error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
37eb258e 4085 if (!pidref_is_set(main_pid))
ec5e2a13 4086 return sd_bus_error_set_const(ret_error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
814cc562
MS		 4087 }
4088
cd2fb049 4089 if (IN_SET(whom, KILL_CONTROL, KILL_CONTROL_FAIL)) {
37eb258e 4090 if (!control_pid)
ec5e2a13 4091 return sd_bus_error_setf(ret_error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
37eb258e 4092 if (!pidref_is_set(control_pid))
ec5e2a13 4093 return sd_bus_error_set_const(ret_error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
814cc562
MS		 4094 }
4095
cd2fb049 4096 if (IN_SET(whom, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL)) {
ec5e2a13
YW		 4097 r = unit_kill_one(u, control_pid, "control", signo, code, value, ret_error);
4098 RET_GATHER(ret, r);
4099 killed = killed || r > 0;
a721cd00 4100 }
814cc562 4101
cd2fb049 4102 if (IN_SET(whom, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL)) {
ec5e2a13
YW		 4103 r = unit_kill_one(u, main_pid, "main", signo, code, value, ret >= 0 ? ret_error : NULL);
4104 RET_GATHER(ret, r);
4105 killed = killed || r > 0;
a721cd00 4106 }
814cc562 4107
a721cd00
LP		 4108 /* Note: if we shall enqueue rather than kill we won't do this via the cgroup mechanism, since it
4109 * doesn't really make much sense (and given that enqueued values are a relatively expensive
4110 * resource, and we shouldn't allow us to be subjects for such allocation sprees) */
0f23564a 4111 if (IN_SET(whom, KILL_ALL, KILL_ALL_FAIL, KILL_CGROUP, KILL_CGROUP_FAIL) && code == SI_USER) {
9cc54544 4112 CGroupRuntime *crt = unit_get_cgroup_runtime(u);
9cc54544
LP		 4113 if (crt && crt->cgroup_path) {
4114 _cleanup_set_free_ Set *pid_set = NULL;
0f23564a
LP		 4115 _cleanup_free_ char *joined = NULL;
4116 const char *p;
4117
4118 if (empty_or_root(subgroup))
4119 p = crt->cgroup_path;
4120 else {
4121 joined = path_join(crt->cgroup_path, subgroup);
4122 if (!joined)
4123 return -ENOMEM;
4124
4125 p = joined;
4126 }
d9911002 4127
ba16a93d 4128 if (signo == SIGKILL) {
0f23564a 4129 r = cg_kill_kernel_sigkill(p);
ba16a93d
MY		 4130 if (r >= 0) {
4131 killed = true;
0f23564a 4132 log_unit_info(u, "Killed unit cgroup '%s' with SIGKILL on client request.", p);
ba16a93d
MY		 4133 goto finish;
4134 }
4135 if (r != -EOPNOTSUPP) {
4136 if (ret >= 0)
4137 sd_bus_error_set_errnof(ret_error, r,
4138 "Failed to kill unit cgroup: %m");
0f23564a 4139 RET_GATHER(ret, log_unit_warning_errno(u, r, "Failed to kill unit cgroup '%s': %m", p));
ba16a93d
MY		 4140 goto finish;
4141 }
4142 /* Fall back to manual enumeration */
0f23564a
LP		 4143 } else if (IN_SET(whom, KILL_ALL, KILL_ALL_FAIL)) {
4144 /* Exclude the main/control pids from being killed via the cgroup if not
4145 * SIGKILL */
ba16a93d
MY		 4146 r = unit_pid_set(u, &pid_set);
4147 if (r < 0)
4148 return log_oom();
4149 }
9cc54544 4150
0f23564a 4151 r = cg_kill_recursive(p, signo, /* flags= */ 0, pid_set, kill_common_log, u);
9cc54544
LP		 4152 if (r < 0 && !IN_SET(r, -ESRCH, -ENOENT)) {
4153 if (ret >= 0)
4154 sd_bus_error_set_errnof(
4155 ret_error, r,
0f23564a
LP		 4156 "Failed to send signal SIG%s to processes in unit cgroup '%s': %m",
4157 signal_to_string(signo), p);
9cc54544 4158
ba16a93d
MY		 4159 RET_GATHER(ret, log_unit_warning_errno(
4160 u, r,
0f23564a
LP		 4161 "Failed to send signal SIG%s to processes in unit cgroup '%s' on client request: %m",
4162 signal_to_string(signo), p));
9cc54544 4163 }
9afe65d9 4164 killed = killed || r > 0;
ec5e2a13 4165 }
814cc562
MS		 4166 }
4167
ba16a93d 4168finish:
2ae0508e 4169 /* If the "fail" versions of the operation are requested, then complain if the set of processes we killed is empty */
0f23564a 4170 if (ret >= 0 && !killed && IN_SET(whom, KILL_ALL_FAIL, KILL_CONTROL_FAIL, KILL_MAIN_FAIL, KILL_CGROUP_FAIL))
ec5e2a13 4171 return sd_bus_error_set_const(ret_error, BUS_ERROR_NO_SUCH_PROCESS, "No matching processes to kill");
ac5e3a50 4172
a721cd00 4173 return ret;
814cc562
MS		 4174}
4175
6210e7fc
LP		 4176int unit_following_set(Unit *u, Set **s) {
4177 assert(u);
4178 assert(s);
4179
4180 if (UNIT_VTABLE(u)->following_set)
4181 return UNIT_VTABLE(u)->following_set(u, s);
4182
4183 *s = NULL;
4184 return 0;
4185}
4186
a4375746 4187UnitFileState unit_get_unit_file_state(Unit *u) {
0ec0deaa
LP		 4188 int r;
4189
a4375746
LP		 4190 assert(u);
4191
e735bc49
LP		 4192 if (u->unit_file_state >= 0 || !u->fragment_path)
4193 return u->unit_file_state;
4194
4195 /* If we know this is a transient unit no need to ask the unit file state for details. Let's bypass
4196 * the more expensive on-disk check. */
4197 if (u->transient)
4198 return (u->unit_file_state = UNIT_FILE_TRANSIENT);
4199
4200 r = unit_file_get_state(
4201 u->manager->runtime_scope,
4202 /* root_dir= */ NULL,
4203 u->id,
4204 &u->unit_file_state);
4205 if (r < 0)
4206 u->unit_file_state = UNIT_FILE_BAD;
a4375746 4207
ac155bb8 4208 return u->unit_file_state;
a4375746
LP		 4209}
4210
e77e07f6 4211PresetAction unit_get_unit_file_preset(Unit *u) {
a99626c1
LP		 4212 int r;
4213
d2dc52db
LP		 4214 assert(u);
4215
cb16d391 4216 if (u->unit_file_preset >= 0)
e735bc49 4217 return u->unit_file_preset;
a99626c1 4218
e735bc49
LP		 4219 /* If this is a transient or perpetual unit file it doesn't make much sense to ask the preset
4220 * database about this, because enabling/disabling makes no sense for either. Hence don't. */
cb16d391 4221 if (!u->fragment_path || u->transient || u->perpetual)
e735bc49 4222 return (u->unit_file_preset = -ENOEXEC);
a99626c1 4223
e735bc49
LP		 4224 _cleanup_free_ char *bn = NULL;
4225 r = path_extract_filename(u->fragment_path, &bn);
4226 if (r < 0)
4227 return (u->unit_file_preset = r);
4228 if (r == O_DIRECTORY)
4229 return (u->unit_file_preset = -EISDIR);
a99626c1 4230
e735bc49 4231 return (u->unit_file_preset = unit_file_query_preset(
4870133b 4232 u->manager->runtime_scope,
e735bc49 4233 /* root_dir= */ NULL,
a99626c1 4234 bn,
396b3a1e 4235 /* cached= */ NULL));
d2dc52db
LP		 4236}
4237
7f7d01ed 4238Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
57020a3a 4239 assert(ref);
7f7d01ed
ZJS		 4240 assert(source);
4241 assert(target);
57020a3a 4242
7f7d01ed 4243 if (ref->target)
57020a3a
LP		 4244 unit_ref_unset(ref);
4245
7f7d01ed
ZJS		 4246 ref->source = source;
4247 ref->target = target;
4248 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
4249 return target;
57020a3a
LP		 4250}
4251
4252void unit_ref_unset(UnitRef *ref) {
4253 assert(ref);
4254
7f7d01ed 4255 if (!ref->target)
57020a3a
LP		 4256 return;
4257
b75102e5
LP		 4258 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4259 * be unreferenced now. */
7f7d01ed 4260 unit_add_to_gc_queue(ref->target);
b75102e5 4261
7f7d01ed
ZJS		 4262 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
4263 ref->source = ref->target = NULL;
57020a3a
LP		 4264}
4265
29206d46
LP		 4266static int user_from_unit_name(Unit *u, char **ret) {
4267
4268 static const uint8_t hash_key[] = {
4269 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4270 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4271 };
4272
4273 _cleanup_free_ char *n = NULL;
4274 int r;
4275
4276 r = unit_name_to_prefix(u->id, &n);
4277 if (r < 0)
4278 return r;
4279
7a8867ab 4280 if (valid_user_group_name(n, 0)) {
ae2a15bc 4281 *ret = TAKE_PTR(n);
29206d46
LP		 4282 return 0;
4283 }
4284
4285 /* If we can't use the unit name as a user name, then let's hash it and use that */
4286 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4287 return -ENOMEM;
4288
4289 return 0;
4290}
4291
2234032c 4292static int unit_verify_contexts(const Unit *u) {
52d8ba71
MY		 4293 assert(u);
4294
2234032c 4295 const ExecContext *ec = unit_get_exec_context(u);
52d8ba71
MY		 4296 if (!ec)
4297 return 0;
4298
4299 if (MANAGER_IS_USER(u->manager) && ec->dynamic_user)
4300 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "DynamicUser= enabled for user unit, which is not supported. Refusing.");
4301
4302 if (ec->dynamic_user && ec->working_directory_home)
4303 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "WorkingDirectory=~ is not allowed under DynamicUser=yes. Refusing.");
4304
276bd392
MY		 4305 if (ec->working_directory && path_below_api_vfs(ec->working_directory) &&
4306 exec_needs_mount_namespace(ec, /* params = */ NULL, /* runtime = */ NULL))
4307 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "WorkingDirectory= may not be below /proc/, /sys/ or /dev/ when using mount namespacing. Refusing.");
4308
2d8191f4 4309 if (exec_needs_pid_namespace(ec, /* params= */ NULL) && !UNIT_VTABLE(u)->notify_pidref)
406f1775
DDM		 4310 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "PrivatePIDs= setting is only supported for service units. Refusing.");
4311
2234032c
MY		 4312 const KillContext *kc = unit_get_kill_context(u);
4313
4314 if (ec->pam_name && kc && !IN_SET(kc->kill_mode, KILL_CONTROL_GROUP, KILL_MIXED))
4315 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "Unit has PAM enabled. Kill mode must be set to 'control-group' or 'mixed'. Refusing.");
4316
52d8ba71
MY		 4317 return 0;
4318}
4319
6156bec7
YW		 4320static PrivateTmp unit_get_private_var_tmp(const Unit *u, const ExecContext *c) {
4321 assert(u);
4322 assert(c);
4323 assert(c->private_tmp >= 0 && c->private_tmp < _PRIVATE_TMP_MAX);
4324
4325 /* Disable disconnected private tmpfs on /var/tmp/ when DefaultDependencies=no and
4326 * RootImage=/RootDirectory= are not set, as /var/ may be a separated partition.
4327 * See issue #37258. */
4328
4329 /* PrivateTmp=yes/no also enables/disables private tmpfs on /var/tmp/. */
4330 if (c->private_tmp != PRIVATE_TMP_DISCONNECTED)
4331 return c->private_tmp;
4332
4333 /* When DefaultDependencies=yes, disconnected tmpfs is also enabled on /var/tmp/, and an explicit
4334 * dependency to the mount on /var/ will be added in unit_add_exec_dependencies(). */
4335 if (u->default_dependencies)
4336 return PRIVATE_TMP_DISCONNECTED;
4337
4338 /* When RootImage=/RootDirectory= is enabled, /var/ should be prepared by the image or directory,
4339 * hence we can mount a disconnected tmpfs on /var/tmp/. */
4340 if (exec_context_with_rootfs(c))
4341 return PRIVATE_TMP_DISCONNECTED;
4342
4343 /* Even if DefaultDependencies=no, enable disconnected tmpfs when
4344 * RequiresMountsFor=/WantsMountsFor=/var/ is explicitly set. */
4345 for (UnitMountDependencyType t = 0; t < _UNIT_MOUNT_DEPENDENCY_TYPE_MAX; t++)
4346 if (hashmap_contains(u->mounts_for[t], "/var/"))
4347 return PRIVATE_TMP_DISCONNECTED;
4348
4349 /* Check the same but for After= with Requires=/Requisite=/Wants= or friends. */
4350 Unit *m = manager_get_unit(u->manager, "var.mount");
4351 if (!m)
4352 return PRIVATE_TMP_NO;
4353
4354 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, m))
4355 return PRIVATE_TMP_NO;
4356
4357 if (unit_has_dependency(u, UNIT_ATOM_PULL_IN_START, m) ||
4358 unit_has_dependency(u, UNIT_ATOM_PULL_IN_VERIFY, m) ||
4359 unit_has_dependency(u, UNIT_ATOM_PULL_IN_START_IGNORED, m))
4360 return PRIVATE_TMP_DISCONNECTED;
4361
4362 return PRIVATE_TMP_NO;
4363}
4364
598459ce
LP		 4365int unit_patch_contexts(Unit *u) {
4366 CGroupContext *cc;
4367 ExecContext *ec;
cba6e062
LP		 4368 int r;
4369
e06c73cc 4370 assert(u);
e06c73cc 4371
598459ce
LP		 4372 /* Patch in the manager defaults into the exec and cgroup
4373 * contexts, _after_ the rest of the settings have been
4374 * initialized */
085afe36 4375
598459ce
LP		 4376 ec = unit_get_exec_context(u);
4377 if (ec) {
4378 /* This only copies in the ones that need memory */
12375b95 4379 for (unsigned i = 0; i < _RLIMIT_MAX; i++)
c9e120e0
LP		 4380 if (u->manager->defaults.rlimit[i] && !ec->rlimit[i]) {
4381 ec->rlimit[i] = newdup(struct rlimit, u->manager->defaults.rlimit[i], 1);
598459ce
LP		 4382 if (!ec->rlimit[i])
4383 return -ENOMEM;
4384 }
4385
4dd884af 4386 if (MANAGER_IS_USER(u->manager) && !ec->working_directory) {
598459ce
LP		 4387 r = get_home_dir(&ec->working_directory);
4388 if (r < 0)
4389 return r;
4c08c824 4390
4dd884af
MY		 4391 if (!ec->working_directory_home)
4392 /* If home directory is implied by us, allow it to be missing. */
4393 ec->working_directory_missing_ok = true;
cba6e062
LP		 4394 }
4395
598459ce 4396 if (ec->private_devices)
2cd0a735 4397 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
502d704e
DH		 4398
4399 if (ec->protect_kernel_modules)
4400 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
29206d46 4401
84703040
KK		 4402 if (ec->protect_kernel_logs)
4403 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYSLOG);
4404
fc64760d
KK		 4405 if (ec->protect_clock)
4406 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_SYS_TIME) | (UINT64_C(1) << CAP_WAKE_ALARM));
4407
29206d46
LP		 4408 if (ec->dynamic_user) {
4409 if (!ec->user) {
4410 r = user_from_unit_name(u, &ec->user);
4411 if (r < 0)
4412 return r;
4413 }
4414
4415 if (!ec->group) {
4416 ec->group = strdup(ec->user);
4417 if (!ec->group)
4418 return -ENOMEM;
4419 }
4420
bf65b7e0
LP		 4421 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4422 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4423 * sandbox. */
63bb64a0 4424
0e551b04
LB		 4425 /* With DynamicUser= we want private directories, so if the user hasn't manually
4426 * selected PrivateTmp=, enable it, but to a fully private (disconnected) tmpfs
4427 * instance. */
2e8a581b 4428 if (ec->private_tmp == PRIVATE_TMP_NO)
0e551b04 4429 ec->private_tmp = PRIVATE_TMP_DISCONNECTED;
00d9ef85 4430 ec->remove_ipc = true;
63bb64a0
LP		 4431 ec->protect_system = PROTECT_SYSTEM_STRICT;
4432 if (ec->protect_home == PROTECT_HOME_NO)
4433 ec->protect_home = PROTECT_HOME_READ_ONLY;
bf65b7e0
LP		 4434
4435 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4436 * them. */
4437 ec->no_new_privileges = true;
4438 ec->restrict_suid_sgid = true;
29206d46 4439 }
a2ab603c 4440
6156bec7
YW		 4441 ec->private_var_tmp = unit_get_private_var_tmp(u, ec);
4442
7b89efda
MY		 4443 FOREACH_ARRAY(d, ec->directories, _EXEC_DIRECTORY_TYPE_MAX)
4444 exec_directory_sort(d);
cba6e062
LP		 4445 }
4446
598459ce 4447 cc = unit_get_cgroup_context(u);
fe65e88b 4448 if (cc && ec) {
f513e420 4449
fe65e88b 4450 if (ec->private_devices &&
084870f9
ZJS		 4451 cc->device_policy == CGROUP_DEVICE_POLICY_AUTO)
4452 cc->device_policy = CGROUP_DEVICE_POLICY_CLOSED;
fe65e88b 4453
63857bf4 4454 /* Only add these if needed, as they imply that everything else is blocked. */
f3393148 4455 if (cgroup_context_has_device_policy(cc)) {
63857bf4
LB		 4456 if (ec->root_image || ec->mount_images) {
4457
4458 /* When RootImage= or MountImages= is specified, the following devices are touched. */
4459 FOREACH_STRING(p, "/dev/loop-control", "/dev/mapper/control") {
a1044811 4460 r = cgroup_context_add_device_allow(cc, p, CGROUP_DEVICE_READ|CGROUP_DEVICE_WRITE);
63857bf4
LB		 4461 if (r < 0)
4462 return r;
4463 }
4464 FOREACH_STRING(p, "block-loop", "block-blkext", "block-device-mapper") {
a1044811 4465 r = cgroup_context_add_device_allow(cc, p, CGROUP_DEVICE_READ|CGROUP_DEVICE_WRITE|CGROUP_DEVICE_MKNOD);
63857bf4
LB		 4466 if (r < 0)
4467 return r;
4468 }
fe65e88b 4469
63857bf4
LB		 4470 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices.
4471 * Same for mapper and verity. */
4472 FOREACH_STRING(p, "modprobe@loop.service", "modprobe@dm_mod.service", "modprobe@dm_verity.service") {
4473 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, p, true, UNIT_DEPENDENCY_FILE);
4474 if (r < 0)
4475 return r;
4476 }
0cffae95 4477 }
867af728 4478
63857bf4 4479 if (ec->protect_clock) {
a1044811 4480 r = cgroup_context_add_device_allow(cc, "char-rtc", CGROUP_DEVICE_READ);
0cffae95
LB		 4481 if (r < 0)
4482 return r;
4483 }
fe65e88b 4484 }
598459ce 4485 }
f1660f96 4486
2234032c 4487 return unit_verify_contexts(u);
e06c73cc
LP		 4488}
4489
c2503e35 4490ExecContext *unit_get_exec_context(const Unit *u) {
3ef63c31
LP		 4491 size_t offset;
4492 assert(u);
4493
598459ce
LP		 4494 if (u->type < 0)
4495 return NULL;
4496
3ef63c31
LP		 4497 offset = UNIT_VTABLE(u)->exec_context_offset;
4498 if (offset <= 0)
4499 return NULL;
4500
4501 return (ExecContext*) ((uint8_t*) u + offset);
4502}
4503
9cc54544 4504KillContext *unit_get_kill_context(const Unit *u) {
718db961
LP		 4505 size_t offset;
4506 assert(u);
4507
598459ce
LP		 4508 if (u->type < 0)
4509 return NULL;
4510
718db961
LP		 4511 offset = UNIT_VTABLE(u)->kill_context_offset;
4512 if (offset <= 0)
4513 return NULL;
4514
4515 return (KillContext*) ((uint8_t*) u + offset);
4516}
4517
9cc54544 4518CGroupContext *unit_get_cgroup_context(const Unit *u) {
4ad49000
LP		 4519 size_t offset;
4520
598459ce
LP		 4521 if (u->type < 0)
4522 return NULL;
4523
4ad49000
LP		 4524 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4525 if (offset <= 0)
4526 return NULL;
4527
4528 return (CGroupContext*) ((uint8_t*) u + offset);
4529}
4530
9cc54544 4531ExecRuntime *unit_get_exec_runtime(const Unit *u) {
613b411c
LP		 4532 size_t offset;
4533
598459ce
LP		 4534 if (u->type < 0)
4535 return NULL;
4536
613b411c
LP		 4537 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4538 if (offset <= 0)
4539 return NULL;
4540
28135da3 4541 return *(ExecRuntime**) ((uint8_t*) u + offset);
613b411c
LP		 4542}
4543
9cc54544
LP		 4544CGroupRuntime *unit_get_cgroup_runtime(const Unit *u) {
4545 size_t offset;
4546
4547 if (u->type < 0)
4548 return NULL;
4549
4550 offset = UNIT_VTABLE(u)->cgroup_runtime_offset;
4551 if (offset <= 0)
4552 return NULL;
4553
4554 return *(CGroupRuntime**) ((uint8_t*) u + offset);
4555}
4556
2e59b241 4557static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
3f5e8115
LP		 4558 assert(u);
4559
2e59b241 4560 if (UNIT_WRITE_FLAGS_NOOP(flags))
4f4afc88
LP		 4561 return NULL;
4562
39591351
LP		 4563 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4564 return u->manager->lookup_paths.transient;
26d04f86 4565
2e59b241 4566 if (flags & UNIT_PERSISTENT)
4f4afc88 4567 return u->manager->lookup_paths.persistent_control;
26d04f86 4568
2e59b241
LP		 4569 if (flags & UNIT_RUNTIME)
4570 return u->manager->lookup_paths.runtime_control;
4571
39591351 4572 return NULL;
71645aca
LP		 4573}
4574
68ecb48b
ZJS		 4575const char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4576 assert(s);
8c41640a 4577 assert(popcount(flags & (UNIT_ESCAPE_EXEC_SYNTAX_ENV | UNIT_ESCAPE_EXEC_SYNTAX | UNIT_ESCAPE_C)) <= 1);
68ecb48b 4578 assert(buf);
24536beb
ZJS		 4579
4580 _cleanup_free_ char *t = NULL;
2e59b241 4581
68ecb48b
ZJS		 4582 /* Returns a string with any escaping done. If no escaping was necessary, *buf is set to NULL, and
4583 * the input pointer is returned as-is. If an allocation was needed, the return buffer pointer is
4584 * written to *buf. This means the return value always contains a properly escaped version, but *buf
4585 * only contains a pointer if an allocation was made. Callers can use this to optimize memory
4586 * allocations. */
2e59b241
LP		 4587
4588 if (flags & UNIT_ESCAPE_SPECIFIERS) {
24536beb
ZJS		 4589 t = specifier_escape(s);
4590 if (!t)
2e59b241
LP		 4591 return NULL;
4592
24536beb 4593 s = t;
2e59b241
LP		 4594 }
4595
4a055e5a 4596 /* We either do C-escaping or shell-escaping, to additionally escape characters that we parse for
e7416db1 4597 * ExecStart= and friends, i.e. '$' and quotes. */
24536beb 4598
8c41640a 4599 if (flags & (UNIT_ESCAPE_EXEC_SYNTAX_ENV | UNIT_ESCAPE_EXEC_SYNTAX)) {
e7416db1
ZJS		 4600 char *t2;
4601
8c41640a
ZJS		 4602 if (flags & UNIT_ESCAPE_EXEC_SYNTAX_ENV) {
4603 t2 = strreplace(s, "$", "$$");
4604 if (!t2)
4605 return NULL;
4606 free_and_replace(t, t2);
4607 }
e7416db1 4608
8c41640a 4609 t2 = shell_escape(t ?: s, "\"");
24536beb
ZJS		 4610 if (!t2)
4611 return NULL;
4612 free_and_replace(t, t2);
4613
4614 s = t;
2e59b241 4615
24536beb 4616 } else if (flags & UNIT_ESCAPE_C) {
e7416db1
ZJS		 4617 char *t2;
4618
4619 t2 = cescape(s);
24536beb 4620 if (!t2)
2e59b241 4621 return NULL;
24536beb 4622 free_and_replace(t, t2);
2e59b241 4623
24536beb 4624 s = t;
2e59b241
LP		 4625 }
4626
68ecb48b
ZJS		 4627 *buf = TAKE_PTR(t);
4628 return s;
2e59b241
LP		 4629}
4630
4631char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4632 _cleanup_free_ char *result = NULL;
319a4f4b 4633 size_t n = 0;
2e59b241 4634
24536beb
ZJS		 4635 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command
4636 * lines in a way suitable for ExecStart= stanzas. */
2e59b241
LP		 4637
4638 STRV_FOREACH(i, l) {
4639 _cleanup_free_ char *buf = NULL;
4640 const char *p;
4641 size_t a;
4642 char *q;
4643
4644 p = unit_escape_setting(*i, flags, &buf);
4645 if (!p)
4646 return NULL;
4647
4648 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
319a4f4b 4649 if (!GREEDY_REALLOC(result, n + a + 1))
2e59b241
LP		 4650 return NULL;
4651
4652 q = result + n;
4653 if (n > 0)
4654 *(q++) = ' ';
4655
4656 *(q++) = '"';
4657 q = stpcpy(q, p);
4658 *(q++) = '"';
4659
4660 n += a;
4661 }
4662
319a4f4b 4663 if (!GREEDY_REALLOC(result, n + 1))
2e59b241
LP		 4664 return NULL;
4665
4666 result[n] = 0;
4667
ae2a15bc 4668 return TAKE_PTR(result);
2e59b241
LP		 4669}
4670
4671int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4672 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
2a9a6f8a 4673 const char *dir, *wrapped;
26d04f86 4674 int r;
71645aca
LP		 4675
4676 assert(u);
2e59b241
LP		 4677 assert(name);
4678 assert(data);
4679
4680 if (UNIT_WRITE_FLAGS_NOOP(flags))
4681 return 0;
4682
4683 data = unit_escape_setting(data, flags, &escaped);
4684 if (!data)
4685 return -ENOMEM;
4686
4687 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4688 * previous section header is the same */
4689
4690 if (flags & UNIT_PRIVATE) {
4691 if (!UNIT_VTABLE(u)->private_section)
4692 return -EINVAL;
4693
4694 if (!u->transient_file || u->last_section_private < 0)
4695 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4696 else if (u->last_section_private == 0)
4697 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4698 } else {
4699 if (!u->transient_file || u->last_section_private < 0)
4700 data = strjoina("[Unit]\n", data);
4701 else if (u->last_section_private > 0)
4702 data = strjoina("\n[Unit]\n", data);
4703 }
71645aca 4704
4f4afc88 4705 if (u->transient_file) {
0160a1db
MY		 4706 /* When this is a transient unit file in creation, then let's not create a new drop-in,
4707 * but instead write to the transient unit file. */
4708 fputs_with_newline(u->transient_file, data);
2e59b241
LP		 4709
4710 /* Remember which section we wrote this entry to */
4711 u->last_section_private = !!(flags & UNIT_PRIVATE);
8e2af478 4712 return 0;
2e59b241 4713 }
8e2af478 4714
2e59b241 4715 dir = unit_drop_in_dir(u, flags);
39591351
LP		 4716 if (!dir)
4717 return -EINVAL;
71645aca 4718
2a9a6f8a 4719 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
3f71dec5 4720 "# or an equivalent operation. Do not edit.\n",
2a9a6f8a
ZJS		 4721 data,
4722 "\n");
e20b2a86 4723
815b09d3 4724 r = drop_in_file(dir, u->id, 50, name, &p, &q);
adb76a70
WC		 4725 if (r < 0)
4726 return r;
4727
45639f1b 4728 (void) mkdir_p_label(p, 0755);
4dba44a5
ZJS		 4729
4730 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4731 * recreate the cache after every drop-in we write. */
4732 if (u->manager->unit_path_cache) {
16c7555e 4733 r = set_put_strdup_full(&u->manager->unit_path_cache, &path_hash_ops_free, p);
4dba44a5
ZJS		 4734 if (r < 0)
4735 return r;
4736 }
4737
8eeb8709 4738 r = write_string_file(q, wrapped, WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC|WRITE_STRING_FILE_LABEL);
adb76a70
WC		 4739 if (r < 0)
4740 return r;
4741
815b09d3 4742 r = strv_push(&u->dropin_paths, q);
adb76a70
WC		 4743 if (r < 0)
4744 return r;
815b09d3 4745 q = NULL;
adb76a70 4746
adb76a70
WC		 4747 strv_uniq(u->dropin_paths);
4748
4749 u->dropin_mtime = now(CLOCK_REALTIME);
4750
4751 return 0;
26d04f86 4752}
71645aca 4753
2e59b241 4754int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
b9ec9359
LP		 4755 _cleanup_free_ char *p = NULL;
4756 va_list ap;
4757 int r;
4758
4759 assert(u);
4760 assert(name);
4761 assert(format);
4762
2e59b241 4763 if (UNIT_WRITE_FLAGS_NOOP(flags))
b9ec9359
LP		 4764 return 0;
4765
4766 va_start(ap, format);
4767 r = vasprintf(&p, format, ap);
4768 va_end(ap);
4769
4770 if (r < 0)
4771 return -ENOMEM;
4772
2e59b241 4773 return unit_write_setting(u, flags, name, p);
b9ec9359 4774}
71645aca 4775
c2756a68 4776int unit_make_transient(Unit *u) {
0126c8f3 4777 _cleanup_free_ char *path = NULL;
4f4afc88 4778 FILE *f;
4f4afc88 4779
c2756a68
LP		 4780 assert(u);
4781
3f5e8115
LP		 4782 if (!UNIT_VTABLE(u)->can_transient)
4783 return -EOPNOTSUPP;
4784
45639f1b
LP		 4785 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4786
657ee2d8 4787 path = path_join(u->manager->lookup_paths.transient, u->id);
4f4afc88
LP		 4788 if (!path)
4789 return -ENOMEM;
4790
4791 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4792 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4793
2053593f 4794 WITH_UMASK(0022) {
4f4afc88 4795 f = fopen(path, "we");
0126c8f3 4796 if (!f)
78e334b5 4797 return -errno;
4f4afc88
LP		 4798 }
4799
0126c8f3 4800 safe_fclose(u->transient_file);
4f4afc88
LP		 4801 u->transient_file = f;
4802
0126c8f3 4803 free_and_replace(u->fragment_path, path);
7c65093a 4804
7c65093a
LP		 4805 u->source_path = mfree(u->source_path);
4806 u->dropin_paths = strv_free(u->dropin_paths);
4807 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4808
4f4afc88
LP		 4809 u->load_state = UNIT_STUB;
4810 u->load_error = 0;
4811 u->transient = true;
4812
7c65093a
LP		 4813 unit_add_to_dbus_queue(u);
4814 unit_add_to_gc_queue(u);
c2756a68 4815
4f4afc88
LP		 4816 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4817 u->transient_file);
4818
3f5e8115 4819 return 0;
c2756a68
LP		 4820}
4821
5ffa9490
MY		 4822static bool ignore_leftover_process(const char *comm) {
4823 return comm && comm[0] == '('; /* Most likely our own helper process (PAM?), ignore */
4824}
4825
4d1b2df1 4826static int log_kill(const PidRef *pid, int sig, void *userdata) {
5ffa9490 4827 const Unit *u = ASSERT_PTR(userdata);
1d98fef1
LP		 4828 _cleanup_free_ char *comm = NULL;
4829
4d1b2df1
LP		 4830 assert(pidref_is_set(pid));
4831
4832 (void) pidref_get_comm(pid, &comm);
1d98fef1 4833
5ffa9490 4834 if (ignore_leftover_process(comm))
500cd2e8 4835 /* Although we didn't log anything, as this callback is used in unit_kill_context we must return 1
4836 * here to let the manager know that a process was killed. */
4837 return 1;
1d98fef1 4838
5ffa9490 4839 log_unit_notice(u,
1d98fef1 4840 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4d1b2df1 4841 pid->pid,
1d98fef1
LP		 4842 strna(comm),
4843 signal_to_string(sig));
c53d2d54
DB		 4844
4845 return 1;
1d98fef1
LP		 4846}
4847
efa75d70
LP		 4848static int operation_to_signal(
4849 const KillContext *c,
4850 KillOperation k,
4851 bool *ret_noteworthy) {
4852
1d98fef1 4853 assert(c);
5ffa9490 4854 assert(ret_noteworthy);
1d98fef1
LP		 4855
4856 switch (k) {
4857
4858 case KILL_TERMINATE:
4859 case KILL_TERMINATE_AND_LOG:
efa75d70 4860 *ret_noteworthy = false;
1d98fef1
LP		 4861 return c->kill_signal;
4862
a232ebcc 4863 case KILL_RESTART:
efa75d70 4864 *ret_noteworthy = false;
a232ebcc
ZJS		 4865 return restart_kill_signal(c);
4866
1d98fef1 4867 case KILL_KILL:
efa75d70 4868 *ret_noteworthy = true;
fbb48d4c 4869 return c->final_kill_signal;
1d98fef1 4870
c87700a1 4871 case KILL_WATCHDOG:
efa75d70 4872 *ret_noteworthy = true;
c87700a1 4873 return c->watchdog_signal;
1d98fef1
LP		 4874
4875 default:
04499a70 4876 assert_not_reached();
1d98fef1
LP		 4877 }
4878}
4879
fe80d626
YW		 4880static int unit_kill_context_one(
4881 Unit *u,
4882 const PidRef *pidref,
4883 const char *type,
4884 bool is_alien,
4885 int sig,
4886 bool send_sighup,
4887 cg_kill_log_func_t log_func) {
4888
4889 int r;
4890
4891 assert(u);
4892 assert(type);
4893
4894 /* This returns > 0 if it makes sense to wait for SIGCHLD for the process, == 0 if not. */
4895
4896 if (!pidref_is_set(pidref))
4897 return 0;
4898
4899 if (log_func)
4900 log_func(pidref, sig, u);
4901
4902 r = pidref_kill_and_sigcont(pidref, sig);
4903 if (r == -ESRCH)
4904 return !is_alien;
4905 if (r < 0) {
4906 _cleanup_free_ char *comm = NULL;
4907
4908 (void) pidref_get_comm(pidref, &comm);
4909 return log_unit_warning_errno(u, r, "Failed to kill %s process " PID_FMT " (%s), ignoring: %m", type, pidref->pid, strna(comm));
4910 }
4911
4912 if (send_sighup)
4913 (void) pidref_kill(pidref, SIGHUP);
4914
4915 return !is_alien;
4916}
4917
b826e317 4918int unit_kill_context(Unit *u, KillOperation k) {
1d98fef1 4919 bool wait_for_exit = false, send_sighup;
59ec09a8 4920 cg_kill_log_func_t log_func = NULL;
b821a397 4921 int sig, r;
cd2086fe
LP		 4922
4923 assert(u);
cd2086fe 4924
8aff7ac4
LP		 4925 /* Kill the processes belonging to this unit, in preparation for shutting the unit down. Returns > 0
4926 * if we killed something worth waiting for, 0 otherwise. Do not confuse with unit_kill_common()
4927 * which is used for user-requested killing of unit processes. */
1d98fef1 4928
b826e317
YW		 4929 KillContext *c = unit_get_kill_context(u);
4930 if (!c || c->kill_mode == KILL_NONE)
cd2086fe
LP		 4931 return 0;
4932
4ab1670f
ZJS		 4933 bool noteworthy;
4934 sig = operation_to_signal(c, k, &noteworthy);
4935 if (noteworthy)
4936 log_func = log_kill;
1d98fef1
LP		 4937
4938 send_sighup =
4939 c->send_sighup &&
4940 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4941 sig != SIGHUP;
4942
b826e317
YW		 4943 bool is_alien;
4944 PidRef *main_pid = unit_main_pid_full(u, &is_alien);
fe80d626
YW		 4945 r = unit_kill_context_one(u, main_pid, "main", is_alien, sig, send_sighup, log_func);
4946 wait_for_exit = wait_for_exit || r > 0;
cd2086fe 4947
fe80d626
YW		 4948 r = unit_kill_context_one(u, unit_control_pid(u), "control", /* is_alien = */ false, sig, send_sighup, log_func);
4949 wait_for_exit = wait_for_exit || r > 0;
cd2086fe 4950
9cc54544
LP		 4951 CGroupRuntime *crt = unit_get_cgroup_runtime(u);
4952 if (crt && crt->cgroup_path &&
b821a397 4953 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
cd2086fe
LP		 4954 _cleanup_set_free_ Set *pid_set = NULL;
4955
82659fd7 4956 /* Exclude the main/control pids from being killed via the cgroup */
ae6a9e65
YW		 4957 r = unit_pid_set(u, &pid_set);
4958 if (r < 0)
4959 return r;
cd2086fe 4960
bd1791b5 4961 r = cg_kill_recursive(
9cc54544 4962 crt->cgroup_path,
bd1791b5
LP		 4963 sig,
4964 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4965 pid_set,
4966 log_func, u);
cd2086fe 4967 if (r < 0) {
4c701096 4968 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
9cc54544 4969 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", empty_to_root(crt->cgroup_path));
b821a397 4970
82659fd7 4971 } else if (r > 0) {
bc6aed7b 4972
3988e248 4973 wait_for_exit = true;
58ea275a 4974
1d98fef1 4975 if (send_sighup) {
ae6a9e65
YW		 4976 r = unit_pid_set(u, &pid_set);
4977 if (r < 0)
4978 return r;
82659fd7 4979
bd1791b5 4980 (void) cg_kill_recursive(
9cc54544 4981 crt->cgroup_path,
bd1791b5
LP		 4982 SIGHUP,
4983 CGROUP_IGNORE_SELF,
4984 pid_set,
3ce64b0f 4985 /* log_kill= */ NULL,
bd1791b5 4986 /* userdata= */ NULL);
82659fd7
LP		 4987 }
4988 }
cd2086fe
LP		 4989 }
4990
4991 return wait_for_exit;
4992}
4993
9e615fa3
LB		 4994int unit_add_mounts_for(Unit *u, const char *path, UnitDependencyMask mask, UnitMountDependencyType type) {
4995 Hashmap **unit_map, **manager_map;
a57f7e2c
LP		 4996 int r;
4997
4998 assert(u);
4999 assert(path);
9e615fa3
LB		 5000 assert(type >= 0 && type < _UNIT_MOUNT_DEPENDENCY_TYPE_MAX);
5001
5002 unit_map = &u->mounts_for[type];
5003 manager_map = &u->manager->units_needing_mounts_for[type];
a57f7e2c 5004
ac19bdd0
ZJS		 5005 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these
5006 * paths in the unit (from the path to the UnitDependencyInfo structure indicating how to the
5007 * dependency came to be). However, we build a prefix table for all possible prefixes so that new
5008 * appearing mount units can easily determine which units to make themselves a dependency of. */
a57f7e2c 5009
70b64bd3
ZJS		 5010 if (!path_is_absolute(path))
5011 return -EINVAL;
5012
9e615fa3 5013 if (hashmap_contains(*unit_map, path)) /* Exit quickly if the path is already covered. */
ac19bdd0 5014 return 0;
eef85c4a 5015
ac19bdd0
ZJS		 5016 /* Use the canonical form of the path as the stored key. We call path_is_normalized()
5017 * only after simplification, since path_is_normalized() rejects paths with '.'.
5018 * path_is_normalized() also verifies that the path fits in PATH_MAX. */
cf3d95b2
YW		 5019 _cleanup_free_ char *p = NULL;
5020 r = path_simplify_alloc(path, &p);
5021 if (r < 0)
5022 return r;
5023 path = p;
a57f7e2c 5024
ca8700e9 5025 if (!path_is_normalized(path))
a57f7e2c 5026 return -EPERM;
a57f7e2c 5027
ac19bdd0 5028 UnitDependencyInfo di = {
eef85c4a
LP		 5029 .origin_mask = mask
5030 };
5031
9e615fa3 5032 r = hashmap_ensure_put(unit_map, &path_hash_ops, p, di.data);
ca8700e9 5033 if (r < 0)
a57f7e2c 5034 return r;
ac19bdd0
ZJS		 5035 assert(r > 0);
5036 TAKE_PTR(p); /* path remains a valid pointer to the string stored in the hashmap */
a57f7e2c 5037
4cb06c59 5038 char prefix[strlen(path) + 1];
ca8700e9 5039 PATH_FOREACH_PREFIX_MORE(prefix, path) {
a57f7e2c
LP		 5040 Set *x;
5041
9e615fa3 5042 x = hashmap_get(*manager_map, prefix);
a57f7e2c 5043 if (!x) {
ca8700e9 5044 _cleanup_free_ char *q = NULL;
a57f7e2c 5045
9e615fa3 5046 r = hashmap_ensure_allocated(manager_map, &path_hash_ops);
742f41ad
LP		 5047 if (r < 0)
5048 return r;
a57f7e2c
LP		 5049
5050 q = strdup(prefix);
5051 if (!q)
5052 return -ENOMEM;
5053
d5099efc 5054 x = set_new(NULL);
ca8700e9 5055 if (!x)
a57f7e2c 5056 return -ENOMEM;
a57f7e2c 5057
9e615fa3 5058 r = hashmap_put(*manager_map, q, x);
a57f7e2c 5059 if (r < 0) {
a57f7e2c
LP		 5060 set_free(x);
5061 return r;
5062 }
ca8700e9 5063 q = NULL;
a57f7e2c
LP		 5064 }
5065
5066 r = set_put(x, u);
5067 if (r < 0)
5068 return r;
5069 }
5070
5071 return 0;
5072}
5073
613b411c 5074int unit_setup_exec_runtime(Unit *u) {
28135da3 5075 _cleanup_(exec_shared_runtime_unrefp) ExecSharedRuntime *esr = NULL;
15220772 5076 _cleanup_(dynamic_creds_unrefp) DynamicCreds *dcreds = NULL;
83123a44 5077 _cleanup_set_free_ Set *units = NULL;
28135da3 5078 ExecRuntime **rt;
15220772 5079 ExecContext *ec;
613b411c 5080 size_t offset;
613b411c 5081 Unit *other;
e8a565cb 5082 int r;
613b411c
LP		 5083
5084 offset = UNIT_VTABLE(u)->exec_runtime_offset;
5085 assert(offset > 0);
5086
28135da3
DDM		 5087 /* Check if there already is an ExecRuntime for this unit? */
5088 rt = (ExecRuntime**) ((uint8_t*) u + offset);
613b411c
LP		 5089 if (*rt)
5090 return 0;
5091
a5801e97 5092 ec = ASSERT_PTR(unit_get_exec_context(u));
15220772 5093
83123a44
YW		 5094 r = unit_get_transitive_dependency_set(u, UNIT_ATOM_JOINS_NAMESPACE_OF, &units);
5095 if (r < 0)
5096 return r;
5097
613b411c 5098 /* Try to get it from somebody else */
83123a44 5099 SET_FOREACH(other, units) {
28135da3
DDM		 5100 r = exec_shared_runtime_acquire(u->manager, NULL, other->id, false, &esr);
5101 if (r < 0)
5102 return r;
5103 if (r > 0)
5104 break;
5105 }
5106
5107 if (!esr) {
15220772 5108 r = exec_shared_runtime_acquire(u->manager, ec, u->id, true, &esr);
28135da3
DDM		 5109 if (r < 0)
5110 return r;
613b411c
LP		 5111 }
5112
15220772
DDM		 5113 if (ec->dynamic_user) {
5114 r = dynamic_creds_make(u->manager, ec->user, ec->group, &dcreds);
5115 if (r < 0)
5116 return r;
5117 }
5118
9c0c6701 5119 r = exec_runtime_make(u, ec, esr, dcreds, rt);
28135da3
DDM		 5120 if (r < 0)
5121 return r;
5122
5123 TAKE_PTR(esr);
15220772 5124 TAKE_PTR(dcreds);
28135da3
DDM		 5125
5126 return r;
613b411c
LP		 5127}
5128
9cc54544
LP		 5129CGroupRuntime *unit_setup_cgroup_runtime(Unit *u) {
5130 size_t offset;
5131
5132 assert(u);
5133
5134 offset = UNIT_VTABLE(u)->cgroup_runtime_offset;
5135 assert(offset > 0);
5136
5137 CGroupRuntime **rt = (CGroupRuntime**) ((uint8_t*) u + offset);
5138 if (*rt)
5139 return *rt;
5140
5141 return (*rt = cgroup_runtime_new());
5142}
5143
1c2e9646 5144bool unit_type_supported(UnitType t) {
88e4bfa6
MS		 5145 static int8_t cache[_UNIT_TYPE_MAX] = {}; /* -1: disabled, 1: enabled: 0: don't know */
5146 int r;
5147
ffcf54d4 5148 assert(t >= 0 && t < _UNIT_TYPE_MAX);
1c2e9646 5149
88e4bfa6
MS		 5150 if (cache[t] == 0) {
5151 char *e;
5152
5153 e = strjoina("SYSTEMD_SUPPORT_", unit_type_to_string(t));
5154
5155 r = getenv_bool(ascii_strupper(e));
5156 if (r < 0 && r != -ENXIO)
5157 log_debug_errno(r, "Failed to parse $%s, ignoring: %m", e);
5158
5159 cache[t] = r == 0 ? -1 : 1;
5160 }
5161 if (cache[t] < 0)
5162 return false;
5163
1c2e9646
LP		 5164 if (!unit_vtable[t]->supported)
5165 return true;
5166
5167 return unit_vtable[t]->supported();
5168}
5169
8b4305c7
LP		 5170void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
5171 int r;
5172
5173 assert(u);
5174 assert(where);
5175
c2503e35
RH		 5176 if (!unit_log_level_test(u, LOG_NOTICE))
5177 return;
5178
db55bbf2 5179 r = dir_is_empty(where, /* ignore_hidden_or_backup= */ false);
3f602115 5180 if (r > 0 || r == -ENOTDIR)
8b4305c7
LP		 5181 return;
5182 if (r < 0) {
5183 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
5184 return;
5185 }
5186
c2503e35 5187 log_unit_struct(u, LOG_NOTICE,
3cf6a3a3 5188 LOG_MESSAGE_ID(SD_MESSAGE_OVERMOUNTING_STR),
c2503e35
RH		 5189 LOG_UNIT_INVOCATION_ID(u),
5190 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
3cf6a3a3 5191 LOG_ITEM("WHERE=%s", where));
8b4305c7
LP		 5192}
5193
38c35970
LP		 5194int unit_log_noncanonical_mount_path(Unit *u, const char *where) {
5195 assert(u);
5196 assert(where);
5197
5198 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
5199 log_unit_struct(u, LOG_ERR,
3cf6a3a3 5200 LOG_MESSAGE_ID(SD_MESSAGE_NON_CANONICAL_MOUNT_STR),
38c35970
LP		 5201 LOG_UNIT_INVOCATION_ID(u),
5202 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
3cf6a3a3 5203 LOG_ITEM("WHERE=%s", where));
38c35970
LP		 5204
5205 return -ELOOP;
5206}
5207
5208int unit_fail_if_noncanonical_mount_path(Unit *u, const char* where) {
8b4305c7
LP		 5209 int r;
5210
5211 assert(u);
5212 assert(where);
5213
38c35970
LP		 5214 _cleanup_free_ char *canonical_where = NULL;
5215 r = chase(where, /* root= */ NULL, CHASE_NONEXISTENT, &canonical_where, /* ret_fd= */ NULL);
8b4305c7 5216 if (r < 0) {
25cd4964 5217 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
8b4305c7
LP		 5218 return 0;
5219 }
25cd4964
AJ		 5220
5221 /* We will happily ignore a trailing slash (or any redundant slashes) */
5222 if (path_equal(where, canonical_where))
8b4305c7
LP		 5223 return 0;
5224
38c35970 5225 return unit_log_noncanonical_mount_path(u, where);
8b4305c7 5226}
0f13f3bd
LP		 5227
5228bool unit_is_pristine(Unit *u) {
5229 assert(u);
5230
1f832446
ZJS		 5231 /* Check if the unit already exists or is already around, in a number of different ways. Note that to
5232 * cater for unit types such as slice, we are generally fine with units that are marked UNIT_LOADED
5233 * even though nothing was actually loaded, as those unit types don't require a file on disk.
5234 *
5235 * Note that we don't check for drop-ins here, because we allow drop-ins for transient units
5236 * identically to non-transient units, both unit-specific and hierarchical. E.g. for a-b-c.service:
5237 * service.d/….conf, a-.service.d/….conf, a-b-.service.d/….conf, a-b-c.service.d/….conf.
5238 */
0f13f3bd 5239
b146a734
ZJS		 5240 return IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) &&
5241 !u->fragment_path &&
5242 !u->source_path &&
b146a734
ZJS		 5243 !u->job &&
5244 !u->merged_into;
0f13f3bd 5245}
291d565a 5246
37eb258e 5247PidRef* unit_control_pid(Unit *u) {
291d565a
LP		 5248 assert(u);
5249
5250 if (UNIT_VTABLE(u)->control_pid)
5251 return UNIT_VTABLE(u)->control_pid(u);
5252
37eb258e 5253 return NULL;
291d565a
LP		 5254}
5255
3e22239d 5256PidRef* unit_main_pid_full(Unit *u, bool *ret_is_alien) {
291d565a
LP		 5257 assert(u);
5258
5259 if (UNIT_VTABLE(u)->main_pid)
3e22239d 5260 return UNIT_VTABLE(u)->main_pid(u, ret_is_alien);
291d565a 5261
3e22239d
YW		 5262 if (ret_is_alien)
5263 *ret_is_alien = false;
37eb258e 5264 return NULL;
291d565a 5265}
00d9ef85 5266
3bb48b19
TM		 5267static void unit_modify_user_nft_set(Unit *u, bool add, NFTSetSource source, uint32_t element) {
5268 int r;
5269
5270 assert(u);
5271
5272 if (!MANAGER_IS_SYSTEM(u->manager))
5273 return;
5274
5275 CGroupContext *c;
5276 c = unit_get_cgroup_context(u);
5277 if (!c)
5278 return;
5279
5280 if (!u->manager->fw_ctx) {
5281 r = fw_ctx_new_full(&u->manager->fw_ctx, /* init_tables= */ false);
5282 if (r < 0)
5283 return;
5284
5285 assert(u->manager->fw_ctx);
5286 }
5287
5288 FOREACH_ARRAY(nft_set, c->nft_set_context.sets, c->nft_set_context.n_sets) {
5289 if (nft_set->source != source)
5290 continue;
5291
5292 r = nft_set_element_modify_any(u->manager->fw_ctx, add, nft_set->nfproto, nft_set->table, nft_set->set, &element, sizeof(element));
5293 if (r < 0)
5294 log_warning_errno(r, "Failed to %s NFT set: family %s, table %s, set %s, ID %u, ignoring: %m",
5295 add? "add" : "delete", nfproto_to_string(nft_set->nfproto), nft_set->table, nft_set->set, element);
5296 else
5297 log_debug("%s NFT set: family %s, table %s, set %s, ID %u",
5298 add? "Added" : "Deleted", nfproto_to_string(nft_set->nfproto), nft_set->table, nft_set->set, element);
5299 }
5300}
5301
00d9ef85
LP		 5302static void unit_unref_uid_internal(
5303 Unit *u,
5304 uid_t *ref_uid,
5305 bool destroy_now,
5306 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
5307
5308 assert(u);
5309 assert(ref_uid);
5310 assert(_manager_unref_uid);
5311
5312 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
5313 * gid_t are actually the same time, with the same validity rules.
5314 *
5315 * Drops a reference to UID/GID from a unit. */
5316
5317 assert_cc(sizeof(uid_t) == sizeof(gid_t));
5318 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
5319
5320 if (!uid_is_valid(*ref_uid))
5321 return;
5322
5323 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
5324 *ref_uid = UID_INVALID;
5325}
5326
b90cf102 5327static void unit_unref_uid(Unit *u, bool destroy_now) {
3bb48b19
TM		 5328 assert(u);
5329
5330 unit_modify_user_nft_set(u, /* add = */ false, NFT_SET_SOURCE_USER, u->ref_uid);
5331
00d9ef85
LP		 5332 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
5333}
5334
b90cf102 5335static void unit_unref_gid(Unit *u, bool destroy_now) {
3bb48b19
TM		 5336 assert(u);
5337
5338 unit_modify_user_nft_set(u, /* add = */ false, NFT_SET_SOURCE_GROUP, u->ref_gid);
5339
00d9ef85
LP		 5340 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
5341}
5342
b90cf102
LP		 5343void unit_unref_uid_gid(Unit *u, bool destroy_now) {
5344 assert(u);
5345
5346 unit_unref_uid(u, destroy_now);
5347 unit_unref_gid(u, destroy_now);
5348}
5349
00d9ef85
LP		 5350static int unit_ref_uid_internal(
5351 Unit *u,
5352 uid_t *ref_uid,
5353 uid_t uid,
5354 bool clean_ipc,
5355 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
5356
5357 int r;
5358
5359 assert(u);
5360 assert(ref_uid);
5361 assert(uid_is_valid(uid));
5362 assert(_manager_ref_uid);
5363
5364 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
5365 * are actually the same type, and have the same validity rules.
5366 *
5367 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
5368 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
5369 * drops to zero. */
5370
5371 assert_cc(sizeof(uid_t) == sizeof(gid_t));
5372 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
5373
5374 if (*ref_uid == uid)
5375 return 0;
5376
5377 if (uid_is_valid(*ref_uid)) /* Already set? */
5378 return -EBUSY;
5379
5380 r = _manager_ref_uid(u->manager, uid, clean_ipc);
5381 if (r < 0)
5382 return r;
5383
5384 *ref_uid = uid;
5385 return 1;
5386}
5387
b90cf102 5388static int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
00d9ef85
LP		 5389 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
5390}
5391
b90cf102 5392static int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
00d9ef85
LP		 5393 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
5394}
5395
5396static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
5397 int r = 0, q = 0;
5398
5399 assert(u);
5400
5401 /* Reference both a UID and a GID in one go. Either references both, or neither. */
5402
5403 if (uid_is_valid(uid)) {
5404 r = unit_ref_uid(u, uid, clean_ipc);
5405 if (r < 0)
5406 return r;
5407 }
5408
5409 if (gid_is_valid(gid)) {
5410 q = unit_ref_gid(u, gid, clean_ipc);
5411 if (q < 0) {
5412 if (r > 0)
5413 unit_unref_uid(u, false);
5414
5415 return q;
5416 }
5417 }
5418
5419 return r > 0 || q > 0;
5420}
5421
5422int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
5423 ExecContext *c;
5424 int r;
5425
5426 assert(u);
5427
5428 c = unit_get_exec_context(u);
5429
5430 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
5431 if (r < 0)
5432 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
5433
3bb48b19
TM		 5434 unit_modify_user_nft_set(u, /* add = */ true, NFT_SET_SOURCE_USER, uid);
5435 unit_modify_user_nft_set(u, /* add = */ true, NFT_SET_SOURCE_GROUP, gid);
5436
00d9ef85
LP		 5437 return r;
5438}
5439
00d9ef85
LP		 5440void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
5441 int r;
5442
5443 assert(u);
5444
5445 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
5446 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
5447 * objects when no service references the UID/GID anymore. */
5448
5449 r = unit_ref_uid_gid(u, uid, gid);
5450 if (r > 0)
37d0b962 5451 unit_add_to_dbus_queue(u);
00d9ef85 5452}
4b58153d 5453
4b58153d
LP		 5454int unit_acquire_invocation_id(Unit *u) {
5455 sd_id128_t id;
5456 int r;
5457
5458 assert(u);
5459
5460 r = sd_id128_randomize(&id);
5461 if (r < 0)
5462 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
5463
5464 r = unit_set_invocation_id(u, id);
5465 if (r < 0)
5466 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
5467
af92c603 5468 unit_add_to_dbus_queue(u);
4b58153d
LP		 5469 return 0;
5470}
f0d47797 5471
1ad6e8b3
LP		 5472int unit_set_exec_params(Unit *u, ExecParameters *p) {
5473 int r;
5474
7960b0c7
LP		 5475 assert(u);
5476 assert(p);
f0d47797 5477
004c7f16 5478 /* Copy parameters from manager */
1ad6e8b3
LP		 5479 r = manager_get_effective_environment(u->manager, &p->environment);
5480 if (r < 0)
5481 return r;
5482
170d978b
LP		 5483 p->runtime_scope = u->manager->runtime_scope;
5484
6a705f12 5485 r = strdup_to(&p->confirm_spawn, manager_get_confirm_spawn(u->manager));
a5801e97
MY		 5486 if (r < 0)
5487 return r;
bb5232b6 5488
004c7f16
LP		 5489 p->cgroup_supported = u->manager->cgroup_supported;
5490 p->prefix = u->manager->prefix;
5491 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5492
5238e957 5493 /* Copy parameters from unit */
9cc54544
LP		 5494 CGroupRuntime *crt = unit_get_cgroup_runtime(u);
5495 p->cgroup_path = crt ? crt->cgroup_path : NULL;
1d9cc876 5496 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
1ad6e8b3 5497
2ad591a3
LP		 5498 p->received_credentials_directory = u->manager->received_credentials_directory;
5499 p->received_encrypted_credentials_directory = u->manager->received_encrypted_credentials_directory;
bb0c0d6f 5500
c8ccd444 5501 p->shall_confirm_spawn = u->manager->confirm_spawn;
154eb43f
LB		 5502
5503 p->fallback_smack_process_label = u->manager->defaults.smack_process_label;
5504
352ec23c
LP		 5505 if (u->manager->restrict_fs && p->bpf_restrict_fs_map_fd < 0) {
5506 int fd = bpf_restrict_fs_map_fd(u);
154eb43f
LB		 5507 if (fd < 0)
5508 return fd;
5509
352ec23c 5510 p->bpf_restrict_fs_map_fd = fd;
154eb43f
LB		 5511 }
5512
b646fc32 5513 p->user_lookup_fd = u->manager->user_lookup_fds[1];
12001b1b 5514 p->handoff_timestamp_fd = u->manager->handoff_timestamp_fds[1];
406f1775
DDM		 5515 if (UNIT_VTABLE(u)->notify_pidref)
5516 p->pidref_transport_fd = u->manager->pidref_transport_fds[1];
b646fc32 5517
9cc54544 5518 p->cgroup_id = crt ? crt->cgroup_id : 0;
b646fc32
LB		 5519 p->invocation_id = u->invocation_id;
5520 sd_id128_to_string(p->invocation_id, p->invocation_id_string);
5521 p->unit_id = strdup(u->id);
5522 if (!p->unit_id)
5523 return -ENOMEM;
154eb43f 5524
7d8bbfbe
LB		 5525 p->debug_invocation = u->debug_invocation;
5526
1ad6e8b3 5527 return 0;
f0d47797 5528}
a79279c7 5529
5162829e
LB		 5530int unit_fork_helper_process(Unit *u, const char *name, bool into_cgroup, PidRef *ret) {
5531 CGroupRuntime *crt = NULL;
4775b55d 5532 pid_t pid;
a79279c7
LP		 5533 int r;
5534
5535 assert(u);
5536 assert(ret);
5537
5162829e
LB		 5538 /* Forks off a helper process and makes sure it is a member of the unit's cgroup, if configured to
5539 * do so. Returns == 0 in the child, and > 0 in the parent. The pid parameter is always filled in
5540 * with the child's PID. */
a79279c7 5541
5162829e
LB		 5542 if (into_cgroup) {
5543 (void) unit_realize_cgroup(u);
a79279c7 5544
5162829e
LB		 5545 crt = unit_setup_cgroup_runtime(u);
5546 if (!crt)
5547 return -ENOMEM;
5548 }
9cc54544 5549
e9ccae31 5550 r = safe_fork(name, FORK_REOPEN_LOG|FORK_DEATHSIG_SIGTERM, &pid);
4775b55d
LP		 5551 if (r < 0)
5552 return r;
5553 if (r > 0) {
5554 _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
5555 int q;
5556
5557 /* Parent */
5558
5559 q = pidref_set_pid(&pidref, pid);
5560 if (q < 0)
5561 return q;
5562
5563 *ret = TAKE_PIDREF(pidref);
4c253ed1 5564 return r;
4775b55d
LP		 5565 }
5566
5567 /* Child */
a79279c7 5568
9c274488
LP		 5569 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE);
5570 (void) ignore_signals(SIGPIPE);
a79279c7 5571
5162829e 5572 if (crt && crt->cgroup_path) {
188286ee 5573 r = cg_attach(crt->cgroup_path, 0);
4c253ed1 5574 if (r < 0) {
9cc54544 5575 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", empty_to_root(crt->cgroup_path));
4c253ed1 5576 _exit(EXIT_CGROUP);
a79279c7 5577 }
a79279c7
LP		 5578 }
5579
4c253ed1 5580 return 0;
a79279c7 5581}
c999cf38 5582
4775b55d
LP		 5583int unit_fork_and_watch_rm_rf(Unit *u, char **paths, PidRef *ret_pid) {
5584 _cleanup_(pidref_done) PidRef pid = PIDREF_NULL;
810ef318
YW		 5585 int r;
5586
5587 assert(u);
5588 assert(ret_pid);
5589
5162829e 5590 r = unit_fork_helper_process(u, "(sd-rmrf)", /* into_cgroup= */ true, &pid);
810ef318
YW		 5591 if (r < 0)
5592 return r;
5593 if (r == 0) {
5594 int ret = EXIT_SUCCESS;
810ef318
YW		 5595
5596 STRV_FOREACH(i, paths) {
5597 r = rm_rf(*i, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_MISSING_OK);
5598 if (r < 0) {
5599 log_error_errno(r, "Failed to remove '%s': %m", *i);
5600 ret = EXIT_FAILURE;
5601 }
5602 }
5603
5604 _exit(ret);
5605 }
5606
495e75ed 5607 r = unit_watch_pidref(u, &pid, /* exclusive= */ true);
810ef318
YW		 5608 if (r < 0)
5609 return r;
5610
4775b55d 5611 *ret_pid = TAKE_PIDREF(pid);
810ef318
YW		 5612 return 0;
5613}
5614
15ed3c3a
LP		 5615static void unit_update_dependency_mask(Hashmap *deps, Unit *other, UnitDependencyInfo di) {
5616 assert(deps);
c999cf38
LP		 5617 assert(other);
5618
15ed3c3a 5619 if (di.origin_mask == 0 && di.destination_mask == 0)
c999cf38 5620 /* No bit set anymore, let's drop the whole entry */
15ed3c3a
LP		 5621 assert_se(hashmap_remove(deps, other));
5622 else
c999cf38 5623 /* Mask was reduced, let's update the entry */
15ed3c3a 5624 assert_se(hashmap_update(deps, other, di.data) == 0);
c999cf38
LP		 5625}
5626
5627void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
15ed3c3a 5628 Hashmap *deps;
c999cf38
LP		 5629 assert(u);
5630
5631 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5632
5633 if (mask == 0)
5634 return;
5635
15ed3c3a 5636 HASHMAP_FOREACH(deps, u->dependencies) {
c999cf38
LP		 5637 bool done;
5638
5639 do {
5640 UnitDependencyInfo di;
5641 Unit *other;
c999cf38
LP		 5642
5643 done = true;
5644
15ed3c3a
LP		 5645 HASHMAP_FOREACH_KEY(di.data, other, deps) {
5646 Hashmap *other_deps;
5647
1d6cc5d0 5648 if (FLAGS_SET(~mask, di.origin_mask))
c999cf38 5649 continue;
15ed3c3a 5650
c999cf38 5651 di.origin_mask &= ~mask;
15ed3c3a 5652 unit_update_dependency_mask(deps, other, di);
c999cf38 5653
defe63b0
LP		 5654 /* We updated the dependency from our unit to the other unit now. But most
5655 * dependencies imply a reverse dependency. Hence, let's delete that one
5656 * too. For that we go through all dependency types on the other unit and
5657 * delete all those which point to us and have the right mask set. */
c999cf38 5658
15ed3c3a 5659 HASHMAP_FOREACH(other_deps, other->dependencies) {
c999cf38
LP		 5660 UnitDependencyInfo dj;
5661
15ed3c3a 5662 dj.data = hashmap_get(other_deps, u);
1d6cc5d0 5663 if (FLAGS_SET(~mask, dj.destination_mask))
c999cf38 5664 continue;
c999cf38 5665
15ed3c3a
LP		 5666 dj.destination_mask &= ~mask;
5667 unit_update_dependency_mask(other_deps, u, dj);
c999cf38
LP		 5668 }
5669
5670 unit_add_to_gc_queue(other);
5671
156ba52b
YW		 5672 /* The unit 'other' may not be wanted by the unit 'u'. */
5673 unit_submit_to_stop_when_unneeded_queue(other);
5674
b7777d08
YW		 5675 u->dependency_generation++;
5676 other->dependency_generation++;
5677
c999cf38
LP		 5678 done = false;
5679 break;
5680 }
5681
5682 } while (!done);
5683 }
5684}
d3070fbd 5685
2f8c48b6
AZ		 5686static int unit_get_invocation_path(Unit *u, char **ret) {
5687 char *p;
5688 int r;
5689
5690 assert(u);
5691 assert(ret);
5692
5693 if (MANAGER_IS_SYSTEM(u->manager))
5694 p = strjoin("/run/systemd/units/invocation:", u->id);
5695 else {
5696 _cleanup_free_ char *user_path = NULL;
60cd6deb
MY		 5697
5698 r = xdg_user_runtime_dir("/systemd/units/invocation:", &user_path);
2f8c48b6
AZ		 5699 if (r < 0)
5700 return r;
60cd6deb 5701
2f8c48b6
AZ		 5702 p = strjoin(user_path, u->id);
5703 }
2f8c48b6
AZ		 5704 if (!p)
5705 return -ENOMEM;
5706
5707 *ret = p;
5708 return 0;
5709}
5710
d3070fbd 5711static int unit_export_invocation_id(Unit *u) {
2f8c48b6 5712 _cleanup_free_ char *p = NULL;
d3070fbd
LP		 5713 int r;
5714
5715 assert(u);
5716
5717 if (u->exported_invocation_id)
5718 return 0;
5719
5720 if (sd_id128_is_null(u->invocation_id))
5721 return 0;
5722
2f8c48b6
AZ		 5723 r = unit_get_invocation_path(u, &p);
5724 if (r < 0)
5725 return log_unit_debug_errno(u, r, "Failed to get invocation path: %m");
5726
9ea5a6e7 5727 r = symlinkat_atomic_full(u->invocation_id_string, AT_FDCWD, p, SYMLINK_LABEL);
d3070fbd
LP		 5728 if (r < 0)
5729 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5730
5731 u->exported_invocation_id = true;
5732 return 0;
5733}
5734
7d8bbfbe 5735static int unit_export_log_level_max(Unit *u, int log_level_max, bool overwrite) {
d3070fbd
LP		 5736 const char *p;
5737 char buf[2];
5738 int r;
5739
5740 assert(u);
d3070fbd 5741
7d8bbfbe
LB		 5742 /* When the debug_invocation logic runs, overwrite will be true as we always want to switch the max
5743 * log level that the journal applies, and we want to always restore the previous level once done */
5744
5745 if (!overwrite && u->exported_log_level_max)
d3070fbd
LP		 5746 return 0;
5747
7d8bbfbe 5748 if (log_level_max < 0)
d3070fbd
LP		 5749 return 0;
5750
7d8bbfbe 5751 assert(log_level_max <= 7);
d3070fbd 5752
7d8bbfbe 5753 buf[0] = '0' + log_level_max;
d3070fbd
LP		 5754 buf[1] = 0;
5755
5756 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5757 r = symlink_atomic(buf, p);
5758 if (r < 0)
5759 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5760
5761 u->exported_log_level_max = true;
5762 return 0;
5763}
5764
5765static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
254d1313 5766 _cleanup_close_ int fd = -EBADF;
d3070fbd
LP		 5767 struct iovec *iovec;
5768 const char *p;
5769 char *pattern;
5770 le64_t *sizes;
5771 ssize_t n;
d3070fbd
LP		 5772 int r;
5773
5774 if (u->exported_log_extra_fields)
5775 return 0;
5776
5777 if (c->n_log_extra_fields <= 0)
5778 return 0;
5779
5780 sizes = newa(le64_t, c->n_log_extra_fields);
5781 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5782
12375b95 5783 for (size_t i = 0; i < c->n_log_extra_fields; i++) {
d3070fbd
LP		 5784 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5785
5786 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5787 iovec[i*2+1] = c->log_extra_fields[i];
5788 }
5789
5790 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5791 pattern = strjoina(p, ".XXXXXX");
5792
5793 fd = mkostemp_safe(pattern);
5794 if (fd < 0)
5795 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5796
5797 n = writev(fd, iovec, c->n_log_extra_fields*2);
5798 if (n < 0) {
5799 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5800 goto fail;
5801 }
5802
5803 (void) fchmod(fd, 0644);
5804
5805 if (rename(pattern, p) < 0) {
5806 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5807 goto fail;
5808 }
5809
5810 u->exported_log_extra_fields = true;
5811 return 0;
5812
5813fail:
5814 (void) unlink(pattern);
5815 return r;
5816}
5817
5ac1530e 5818static int unit_export_log_ratelimit_interval(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5819 _cleanup_free_ char *buf = NULL;
5820 const char *p;
5821 int r;
5822
5823 assert(u);
5824 assert(c);
5825
5ac1530e 5826 if (u->exported_log_ratelimit_interval)
90fc172e
AZ		 5827 return 0;
5828
14702b9c 5829 if (c->log_ratelimit.interval == 0)
90fc172e
AZ		 5830 return 0;
5831
5832 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5833
14702b9c 5834 if (asprintf(&buf, "%" PRIu64, c->log_ratelimit.interval) < 0)
90fc172e
AZ		 5835 return log_oom();
5836
5837 r = symlink_atomic(buf, p);
5838 if (r < 0)
5839 return log_unit_debug_errno(u, r, "Failed to create log rate limit interval symlink %s: %m", p);
5840
5ac1530e 5841 u->exported_log_ratelimit_interval = true;
90fc172e
AZ		 5842 return 0;
5843}
5844
5ac1530e 5845static int unit_export_log_ratelimit_burst(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5846 _cleanup_free_ char *buf = NULL;
5847 const char *p;
5848 int r;
5849
5850 assert(u);
5851 assert(c);
5852
5ac1530e 5853 if (u->exported_log_ratelimit_burst)
90fc172e
AZ		 5854 return 0;
5855
14702b9c 5856 if (c->log_ratelimit.burst == 0)
90fc172e
AZ		 5857 return 0;
5858
5859 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5860
14702b9c 5861 if (asprintf(&buf, "%u", c->log_ratelimit.burst) < 0)
90fc172e
AZ		 5862 return log_oom();
5863
5864 r = symlink_atomic(buf, p);
5865 if (r < 0)
5866 return log_unit_debug_errno(u, r, "Failed to create log rate limit burst symlink %s: %m", p);
5867
5ac1530e 5868 u->exported_log_ratelimit_burst = true;
90fc172e
AZ		 5869 return 0;
5870}
5871
d3070fbd
LP		 5872void unit_export_state_files(Unit *u) {
5873 const ExecContext *c;
5874
5875 assert(u);
5876
5877 if (!u->id)
5878 return;
5879
638cece4 5880 if (MANAGER_IS_TEST_RUN(u->manager))
8f632531
LP		 5881 return;
5882
d3070fbd
LP		 5883 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5884 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5885 * the IPC system itself and PID 1 also log to the journal.
5886 *
5887 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5888 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5889 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5890 * namespace at least.
5891 *
5892 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5893 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5894 * them with one. */
5895
5896 (void) unit_export_invocation_id(u);
5897
2f8c48b6
AZ		 5898 if (!MANAGER_IS_SYSTEM(u->manager))
5899 return;
5900
d3070fbd
LP		 5901 c = unit_get_exec_context(u);
5902 if (c) {
7d8bbfbe 5903 (void) unit_export_log_level_max(u, c->log_level_max, /* overwrite= */ false);
d3070fbd 5904 (void) unit_export_log_extra_fields(u, c);
5ac1530e
ZJS		 5905 (void) unit_export_log_ratelimit_interval(u, c);
5906 (void) unit_export_log_ratelimit_burst(u, c);
d3070fbd
LP		 5907 }
5908}
5909
5910void unit_unlink_state_files(Unit *u) {
5911 const char *p;
5912
5913 assert(u);
5914
5915 if (!u->id)
5916 return;
5917
d3070fbd
LP		 5918 /* Undoes the effect of unit_export_state() */
5919
5920 if (u->exported_invocation_id) {
2f8c48b6
AZ		 5921 _cleanup_free_ char *invocation_path = NULL;
5922 int r = unit_get_invocation_path(u, &invocation_path);
5923 if (r >= 0) {
5924 (void) unlink(invocation_path);
5925 u->exported_invocation_id = false;
5926 }
d3070fbd
LP		 5927 }
5928
2f8c48b6
AZ		 5929 if (!MANAGER_IS_SYSTEM(u->manager))
5930 return;
5931
d3070fbd
LP		 5932 if (u->exported_log_level_max) {
5933 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5934 (void) unlink(p);
5935
5936 u->exported_log_level_max = false;
5937 }
5938
5939 if (u->exported_log_extra_fields) {
5940 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5941 (void) unlink(p);
5942
5943 u->exported_log_extra_fields = false;
5944 }
90fc172e 5945
5ac1530e 5946 if (u->exported_log_ratelimit_interval) {
90fc172e
AZ		 5947 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5948 (void) unlink(p);
5949
5ac1530e 5950 u->exported_log_ratelimit_interval = false;
90fc172e
AZ		 5951 }
5952
5ac1530e 5953 if (u->exported_log_ratelimit_burst) {
90fc172e
AZ		 5954 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5955 (void) unlink(p);
5956
5ac1530e 5957 u->exported_log_ratelimit_burst = false;
90fc172e 5958 }
d3070fbd 5959}
5afe510c 5960
7f2a7ccf
MY		 5961int unit_set_debug_invocation(Unit *u, bool enable) {
5962 int r;
5963
7d8bbfbe
LB		 5964 assert(u);
5965
7f2a7ccf 5966 if (u->debug_invocation == enable)
7d8bbfbe
LB		 5967 return 0; /* Nothing to do */
5968
7f2a7ccf
MY		 5969 u->debug_invocation = enable;
5970
7d8bbfbe 5971 /* Ensure that the new log level is exported for the journal, in place of the previous one */
7f2a7ccf
MY		 5972 if (u->exported_log_level_max) {
5973 const ExecContext *ec = unit_get_exec_context(u);
5974 if (ec) {
5975 r = unit_export_log_level_max(u, enable ? LOG_PRI(LOG_DEBUG) : ec->log_level_max, /* overwrite= */ true);
5976 if (r < 0)
5977 return r;
5978 }
5979 }
5980
5981 return 1;
7d8bbfbe
LB		 5982}
5983
3c7416b6
LP		 5984int unit_prepare_exec(Unit *u) {
5985 int r;
5986
5987 assert(u);
5988
fab34748
KL		 5989 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5990 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5991 r = bpf_firewall_load_custom(u);
5992 if (r < 0)
5993 return r;
5994
3c7416b6
LP		 5995 /* Prepares everything so that we can fork of a process for this unit */
5996
5997 (void) unit_realize_cgroup(u);
5998
9cc54544 5999 CGroupRuntime *crt = unit_get_cgroup_runtime(u);
ad48cc6f 6000 if (crt && crt->reset_accounting) {
9b2559a1 6001 (void) unit_reset_accounting(u);
9cc54544 6002 crt->reset_accounting = false;
3c7416b6
LP		 6003 }
6004
6005 unit_export_state_files(u);
6006
6007 r = unit_setup_exec_runtime(u);
6008 if (r < 0)
6009 return r;
6010
3c7416b6
LP		 6011 return 0;
6012}
6013
95e631da
MY		 6014static int unit_log_leftover_process_start(const PidRef *pid, int sig, void *userdata) {
6015 const Unit *u = ASSERT_PTR(userdata);
a4634b21
LP		 6016 _cleanup_free_ char *comm = NULL;
6017
4d1b2df1
LP		 6018 assert(pidref_is_set(pid));
6019
6020 (void) pidref_get_comm(pid, &comm);
a4634b21 6021
4c425434 6022 if (ignore_leftover_process(comm))
c53d2d54 6023 return 0;
a4634b21 6024
4c425434
LP		 6025 /* During start we print a warning */
6026
95e631da 6027 log_unit_warning(u,
a4634b21
LP		 6028 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
6029 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
4d1b2df1 6030 pid->pid, strna(comm));
c53d2d54
DB		 6031
6032 return 1;
a4634b21
LP		 6033}
6034
95e631da
MY		 6035static int unit_log_leftover_process_stop(const PidRef *pid, int sig, void *userdata) {
6036 const Unit *u = ASSERT_PTR(userdata);
4c425434
LP		 6037 _cleanup_free_ char *comm = NULL;
6038
4d1b2df1
LP		 6039 assert(pidref_is_set(pid));
6040
6041 (void) pidref_get_comm(pid, &comm);
4c425434
LP		 6042
6043 if (ignore_leftover_process(comm))
6044 return 0;
6045
6046 /* During stop we only print an informational message */
6047
95e631da 6048 log_unit_info(u,
4c425434 6049 "Unit process " PID_FMT " (%s) remains running after unit stopped.",
4d1b2df1 6050 pid->pid, strna(comm));
4c425434
LP		 6051
6052 return 1;
6053}
6054
95e631da 6055int unit_warn_leftover_processes(Unit *u, bool start) {
23ac0811
MY		 6056 _cleanup_free_ char *cgroup = NULL;
6057 int r;
a4634b21 6058
23ac0811 6059 assert(u);
a4634b21 6060
23ac0811
MY		 6061 r = unit_get_cgroup_path_with_fallback(u, &cgroup);
6062 if (r < 0)
6063 return r;
a4634b21 6064
bd1791b5 6065 return cg_kill_recursive(
23ac0811 6066 cgroup,
bd1791b5
LP		 6067 /* sig= */ 0,
6068 /* flags= */ 0,
684cd01f 6069 /* killed_pids= */ NULL,
95e631da 6070 start ? unit_log_leftover_process_start : unit_log_leftover_process_stop,
bd1791b5 6071 u);
a4634b21
LP		 6072}
6073
bb2c7685
LP		 6074bool unit_needs_console(Unit *u) {
6075 ExecContext *ec;
6076 UnitActiveState state;
6077
6078 assert(u);
6079
6080 state = unit_active_state(u);
6081
6082 if (UNIT_IS_INACTIVE_OR_FAILED(state))
6083 return false;
6084
6085 if (UNIT_VTABLE(u)->needs_console)
6086 return UNIT_VTABLE(u)->needs_console(u);
6087
6088 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
6089 ec = unit_get_exec_context(u);
6090 if (!ec)
6091 return false;
6092
6093 return exec_context_may_touch_console(ec);
6094}
6095
4ace93da 6096int unit_pid_attachable(Unit *u, PidRef *pid, sd_bus_error *error) {
6592b975
LP		 6097 int r;
6098
6099 assert(u);
6100
6101 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
6102 * and not a kernel thread either */
6103
6104 /* First, a simple range check */
495e75ed 6105 if (!pidref_is_set(pid))
a5ddad27 6106 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier is not valid.");
6592b975
LP		 6107
6108 /* Some extra safety check */
a7a87769 6109 if (pid->pid == 1 || pidref_is_self(pid))
495e75ed 6110 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid->pid);
6592b975
LP		 6111
6112 /* Don't even begin to bother with kernel threads */
fc87713b 6113 r = pidref_is_kernel_thread(pid);
6592b975 6114 if (r == -ESRCH)
495e75ed 6115 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid->pid);
6592b975 6116 if (r < 0)
495e75ed 6117 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid->pid);
6592b975 6118 if (r > 0)
495e75ed 6119 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid->pid);
6592b975
LP		 6120
6121 return 0;
6122}
6123
836e4e7e
DDM		 6124int unit_get_log_level_max(const Unit *u) {
6125 if (u) {
6126 if (u->debug_invocation)
6127 return LOG_DEBUG;
6128
6129 ExecContext *ec = unit_get_exec_context(u);
6130 if (ec && ec->log_level_max >= 0)
6131 return ec->log_level_max;
6132 }
6133
6134 return log_get_max_level();
6135}
6136
6137bool unit_log_level_test(const Unit *u, int level) {
6138 assert(u);
6139 return LOG_PRI(level) <= unit_get_log_level_max(u);
6140}
6141
523ee2d4
LP		 6142void unit_log_success(Unit *u) {
6143 assert(u);
6144
edf2ee22
JM		 6145 /* Let's show message "Deactivated successfully" in debug mode (when manager is user) rather than in info mode.
6146 * This message has low information value for regular users and it might be a bit overwhelming on a system with
6147 * a lot of devices. */
6148 log_unit_struct(u,
6149 MANAGER_IS_USER(u->manager) ? LOG_DEBUG : LOG_INFO,
3cf6a3a3 6150 LOG_MESSAGE_ID(SD_MESSAGE_UNIT_SUCCESS_STR),
c2503e35
RH		 6151 LOG_UNIT_INVOCATION_ID(u),
6152 LOG_UNIT_MESSAGE(u, "Deactivated successfully."));
523ee2d4
LP		 6153}
6154
7c047d74
LP		 6155void unit_log_failure(Unit *u, const char *result) {
6156 assert(u);
6157 assert(result);
6158
c2503e35 6159 log_unit_struct(u, LOG_WARNING,
3cf6a3a3 6160 LOG_MESSAGE_ID(SD_MESSAGE_UNIT_FAILURE_RESULT_STR),
c2503e35
RH		 6161 LOG_UNIT_INVOCATION_ID(u),
6162 LOG_UNIT_MESSAGE(u, "Failed with result '%s'.", result),
3cf6a3a3 6163 LOG_ITEM("UNIT_RESULT=%s", result));
7c047d74
LP		 6164}
6165
31cd5f63
AZ		 6166void unit_log_skip(Unit *u, const char *result) {
6167 assert(u);
6168 assert(result);
6169
c2503e35 6170 log_unit_struct(u, LOG_INFO,
3cf6a3a3 6171 LOG_MESSAGE_ID(SD_MESSAGE_UNIT_SKIPPED_STR),
c2503e35
RH		 6172 LOG_UNIT_INVOCATION_ID(u),
6173 LOG_UNIT_MESSAGE(u, "Skipped due to '%s'.", result),
3cf6a3a3 6174 LOG_ITEM("UNIT_RESULT=%s", result));
31cd5f63
AZ		 6175}
6176
91bbd9b7
LP		 6177void unit_log_process_exit(
6178 Unit *u,
91bbd9b7
LP		 6179 const char *kind,
6180 const char *command,
5cc2cd1c 6181 bool success,
91bbd9b7
LP		 6182 int code,
6183 int status) {
6184
5cc2cd1c
ZJS		 6185 int level;
6186
91bbd9b7
LP		 6187 assert(u);
6188 assert(kind);
6189
5cc2cd1c
ZJS		 6190 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
6191 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
6192 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
6193 * WARNING. */
6194 if (success)
6195 level = LOG_DEBUG;
6196 else if (code == CLD_EXITED)
6197 level = LOG_NOTICE;
6198 else
91bbd9b7
LP		 6199 level = LOG_WARNING;
6200
c2503e35 6201 log_unit_struct(u, level,
3cf6a3a3 6202 LOG_MESSAGE_ID(SD_MESSAGE_UNIT_PROCESS_EXIT_STR),
58441bc1 6203 LOG_UNIT_MESSAGE(u, "%s exited, code=%s, status=%i/%s%s",
c2503e35
RH		 6204 kind,
6205 sigchld_code_to_string(code), status,
6206 strna(code == CLD_EXITED
6207 ? exit_status_to_string(status, EXIT_STATUS_FULL)
58441bc1
ZJS		 6208 : signal_to_string(status)),
6209 success ? " (success)" : ""),
3cf6a3a3
YW		 6210 LOG_ITEM("EXIT_CODE=%s", sigchld_code_to_string(code)),
6211 LOG_ITEM("EXIT_STATUS=%i", status),
6212 LOG_ITEM("COMMAND=%s", strna(command)),
c2503e35 6213 LOG_UNIT_INVOCATION_ID(u));
91bbd9b7
LP		 6214}
6215
7af67e9a
LP		 6216int unit_exit_status(Unit *u) {
6217 assert(u);
6218
6219 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
6220 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
6221 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
6222 * service process has exited abnormally (signal/coredump). */
6223
6224 if (!UNIT_VTABLE(u)->exit_status)
6225 return -EOPNOTSUPP;
6226
6227 return UNIT_VTABLE(u)->exit_status(u);
6228}
6229
6230int unit_failure_action_exit_status(Unit *u) {
6231 int r;
6232
6233 assert(u);
6234
6235 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
6236
6237 if (u->failure_action_exit_status >= 0)
6238 return u->failure_action_exit_status;
6239
6240 r = unit_exit_status(u);
6241 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
6242 return 255;
6243
6244 return r;
6245}
6246
6247int unit_success_action_exit_status(Unit *u) {
6248 int r;
6249
6250 assert(u);
6251
6252 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
6253
6254 if (u->success_action_exit_status >= 0)
6255 return u->success_action_exit_status;
6256
6257 r = unit_exit_status(u);
6258 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
6259 return 255;
6260
6261 return r;
6262}
6263
a4191c9f
LP		 6264int unit_test_trigger_loaded(Unit *u) {
6265 Unit *trigger;
6266
6267 /* Tests whether the unit to trigger is loaded */
6268
6269 trigger = UNIT_TRIGGER(u);
6270 if (!trigger)
e7b9f4d9
ZJS		 6271 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
6272 "Refusing to start, no unit to trigger.");
a4191c9f 6273 if (trigger->load_state != UNIT_LOADED)
e7b9f4d9
ZJS		 6274 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
6275 "Refusing to start, unit %s to trigger not loaded.", trigger->id);
a4191c9f
LP		 6276
6277 return 0;
6278}
6279
703b1b7f 6280void unit_destroy_runtime_data(Unit *u, const ExecContext *context, bool destroy_runtime_dir) {
bb0c0d6f 6281 assert(u);
8b17371b 6282 assert(u->manager);
bb0c0d6f
LP		 6283 assert(context);
6284
1ba84fef 6285 /* EXEC_PRESERVE_RESTART is handled via unit_release_resources()! */
703b1b7f 6286 if (destroy_runtime_dir && context->runtime_directory_preserve_mode == EXEC_PRESERVE_NO)
95939aed 6287 exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
bb0c0d6f 6288
c5087ef5 6289 exec_context_destroy_credentials(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME], u->id);
b9f976fb 6290 exec_context_destroy_mount_ns_dir(u);
95939aed
YW		 6291}
6292
380dc8b0
LP		 6293int unit_clean(Unit *u, ExecCleanMask mask) {
6294 UnitActiveState state;
6295
6296 assert(u);
6297
6298 /* Special return values:
6299 *
6300 * -EOPNOTSUPP → cleaning not supported for this unit type
6301 * -EUNATCH → cleaning not defined for this resource type
6302 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
6303 * a job queued or similar
6304 */
6305
6306 if (!UNIT_VTABLE(u)->clean)
6307 return -EOPNOTSUPP;
6308
6309 if (mask == 0)
6310 return -EUNATCH;
6311
6312 if (u->load_state != UNIT_LOADED)
6313 return -EBUSY;
6314
6315 if (u->job)
6316 return -EBUSY;
6317
6318 state = unit_active_state(u);
4f06325c 6319 if (state != UNIT_INACTIVE)
380dc8b0
LP		 6320 return -EBUSY;
6321
6322 return UNIT_VTABLE(u)->clean(u, mask);
6323}
6324
6325int unit_can_clean(Unit *u, ExecCleanMask *ret) {
6326 assert(u);
6327
6328 if (!UNIT_VTABLE(u)->clean ||
6329 u->load_state != UNIT_LOADED) {
6330 *ret = 0;
6331 return 0;
6332 }
6333
6334 /* When the clean() method is set, can_clean() really should be set too */
6335 assert(UNIT_VTABLE(u)->can_clean);
6336
6337 return UNIT_VTABLE(u)->can_clean(u, ret);
6338}
6339
f882c102
DDM		 6340bool unit_can_start_refuse_manual(Unit *u) {
6341 return unit_can_start(u) && !u->refuse_manual_start;
6342}
6343
6344bool unit_can_stop_refuse_manual(Unit *u) {
6345 return unit_can_stop(u) && !u->refuse_manual_stop;
6346}
6347
6348bool unit_can_isolate_refuse_manual(Unit *u) {
6349 return unit_can_isolate(u) && !u->refuse_manual_start;
6350}
6351
54e1f676
MY		 6352void unit_next_freezer_state(Unit *u, FreezerAction action, FreezerState *ret_next, FreezerState *ret_objective) {
6353 FreezerState current, parent, next, objective;
16b6af6a
AV		 6354
6355 assert(u);
21fed6ea
MY		 6356 assert(action >= 0);
6357 assert(action < _FREEZER_ACTION_MAX);
54e1f676 6358 assert(ret_next);
f27f461b 6359 assert(ret_objective);
16b6af6a 6360
197e77c5 6361 /* This function determines the correct freezer state transitions for a unit
f27f461b 6362 * given the action being requested. It returns the next state, and also the "objective",
16b6af6a
AV		 6363 * which is either FREEZER_FROZEN or FREEZER_RUNNING, depending on what actual state we
6364 * ultimately want to achieve. */
6365
54e1f676 6366 current = u->freezer_state;
f27f461b
MY		 6367
6368 Unit *slice = UNIT_GET_SLICE(u);
6369 if (slice)
16b6af6a 6370 parent = slice->freezer_state;
f27f461b 6371 else
16b6af6a
AV		 6372 parent = FREEZER_RUNNING;
6373
aba5e466
MY		 6374 switch (action) {
6375
6376 case FREEZER_FREEZE:
16b6af6a 6377 /* We always "promote" a freeze initiated by parent into a normal freeze */
54e1f676 6378 if (IN_SET(current, FREEZER_FROZEN, FREEZER_FROZEN_BY_PARENT))
16b6af6a
AV		 6379 next = FREEZER_FROZEN;
6380 else
6381 next = FREEZER_FREEZING;
aba5e466
MY		 6382 break;
6383
6384 case FREEZER_THAW:
16b6af6a
AV		 6385 /* Thawing is the most complicated operation here, because we can't thaw a unit
6386 * if its parent is frozen. So we instead "demote" a normal freeze into a freeze
6387 * initiated by parent if the parent is frozen */
54e1f676 6388 if (IN_SET(current, FREEZER_RUNNING, FREEZER_THAWING,
7732cecb 6389 FREEZER_FREEZING_BY_PARENT, FREEZER_FROZEN_BY_PARENT)) /* Should usually be refused by unit_freezer_action */
54e1f676
MY		 6390 next = current;
6391 else if (current == FREEZER_FREEZING) {
16b6af6a
AV		 6392 if (IN_SET(parent, FREEZER_RUNNING, FREEZER_THAWING))
6393 next = FREEZER_THAWING;
6394 else
6395 next = FREEZER_FREEZING_BY_PARENT;
54e1f676 6396 } else if (current == FREEZER_FROZEN) {
16b6af6a
AV		 6397 if (IN_SET(parent, FREEZER_RUNNING, FREEZER_THAWING))
6398 next = FREEZER_THAWING;
6399 else
6400 next = FREEZER_FROZEN_BY_PARENT;
aba5e466
MY		 6401 } else
6402 assert_not_reached();
6403 break;
6404
6405 case FREEZER_PARENT_FREEZE:
16b6af6a 6406 /* We need to avoid accidentally demoting units frozen manually */
54e1f676
MY		 6407 if (IN_SET(current, FREEZER_FREEZING, FREEZER_FROZEN, FREEZER_FROZEN_BY_PARENT))
6408 next = current;
16b6af6a
AV		 6409 else
6410 next = FREEZER_FREEZING_BY_PARENT;
aba5e466 6411 break;
16b6af6a 6412
aba5e466 6413 case FREEZER_PARENT_THAW:
16b6af6a
AV		 6414 /* We don't want to thaw units from a parent if they were frozen
6415 * manually, so for such units this action is a no-op */
54e1f676
MY		 6416 if (IN_SET(current, FREEZER_RUNNING, FREEZER_FREEZING, FREEZER_FROZEN))
6417 next = current;
16b6af6a
AV		 6418 else
6419 next = FREEZER_THAWING;
aba5e466
MY		 6420 break;
6421
6422 default:
6423 assert_not_reached();
16b6af6a
AV		 6424 }
6425
f27f461b
MY		 6426 objective = freezer_state_finish(next);
6427 if (objective == FREEZER_FROZEN_BY_PARENT)
6428 objective = FREEZER_FROZEN;
6429 assert(IN_SET(objective, FREEZER_RUNNING, FREEZER_FROZEN));
16b6af6a 6430
54e1f676 6431 *ret_next = next;
f27f461b 6432 *ret_objective = objective;
16b6af6a
AV		 6433}
6434
b21bebbe 6435bool unit_can_freeze(const Unit *u) {
d9e45bc3
MS		 6436 assert(u);
6437
16b6af6a
AV		 6438 if (unit_has_name(u, SPECIAL_ROOT_SLICE) || unit_has_name(u, SPECIAL_INIT_SCOPE))
6439 return false;
6440
d9e45bc3
MS		 6441 if (UNIT_VTABLE(u)->can_freeze)
6442 return UNIT_VTABLE(u)->can_freeze(u);
6443
16b6af6a 6444 return UNIT_VTABLE(u)->freezer_action;
d9e45bc3
MS		 6445}
6446
0064290a
MY		 6447void unit_set_freezer_state(Unit *u, FreezerState state) {
6448 assert(u);
6449 assert(state >= 0);
6450 assert(state < _FREEZER_STATE_MAX);
6451
6452 if (u->freezer_state == state)
6453 return;
6454
6455 log_unit_debug(u, "Freezer state changed %s -> %s",
6456 freezer_state_to_string(u->freezer_state), freezer_state_to_string(state));
6457
6458 u->freezer_state = state;
6459
6460 unit_add_to_dbus_queue(u);
6461}
6462
e1ac5259
MY		 6463void unit_freezer_complete(Unit *u, FreezerState kernel_state) {
6464 bool expected;
d9e45bc3 6465
d9e45bc3 6466 assert(u);
e1ac5259 6467 assert(IN_SET(kernel_state, FREEZER_RUNNING, FREEZER_FROZEN));
d9e45bc3 6468
e1ac5259 6469 expected = IN_SET(u->freezer_state, FREEZER_RUNNING, FREEZER_THAWING) == (kernel_state == FREEZER_RUNNING);
d9e45bc3 6470
e1ac5259
MY		 6471 unit_set_freezer_state(u, expected ? freezer_state_finish(u->freezer_state) : kernel_state);
6472 log_unit_info(u, "Unit now %s.", u->freezer_state == FREEZER_RUNNING ? "thawed" :
6473 freezer_state_to_string(u->freezer_state));
16b6af6a 6474
e1ac5259
MY		 6475 /* If the cgroup's final state is against what's requested by us, report as canceled. */
6476 bus_unit_send_pending_freezer_message(u, /* canceled = */ !expected);
d9e45bc3
MS		 6477}
6478
16b6af6a 6479int unit_freezer_action(Unit *u, FreezerAction action) {
d9e45bc3 6480 UnitActiveState s;
d9e45bc3
MS		 6481 int r;
6482
6483 assert(u);
6484 assert(IN_SET(action, FREEZER_FREEZE, FREEZER_THAW));
6485
3c86a935 6486 if (!unit_can_freeze(u))
d9e45bc3
MS		 6487 return -EOPNOTSUPP;
6488
6489 if (u->job)
6490 return -EBUSY;
6491
6492 if (u->load_state != UNIT_LOADED)
6493 return -EHOSTDOWN;
6494
6495 s = unit_active_state(u);
6496 if (s != UNIT_ACTIVE)
6497 return -EHOSTDOWN;
6498
16b6af6a
AV		 6499 if (action == FREEZER_FREEZE && IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_FREEZING_BY_PARENT))
6500 return -EALREADY;
6501 if (action == FREEZER_THAW && u->freezer_state == FREEZER_THAWING)
d9e45bc3 6502 return -EALREADY;
16b6af6a 6503 if (action == FREEZER_THAW && IN_SET(u->freezer_state, FREEZER_FREEZING_BY_PARENT, FREEZER_FROZEN_BY_PARENT))
6798fa11 6504 return -EDEADLK;
d9e45bc3 6505
16b6af6a 6506 r = UNIT_VTABLE(u)->freezer_action(u, action);
d9e45bc3
MS		 6507 if (r <= 0)
6508 return r;
6509
16b6af6a 6510 assert(IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_FREEZING_BY_PARENT, FREEZER_THAWING));
d9e45bc3
MS		 6511 return 1;
6512}
6513
6e548561 6514Condition *unit_find_failed_condition(Unit *u) {
03677889 6515 Condition *failed_trigger = NULL;
6e548561
DDM		 6516 bool has_succeeded_trigger = false;
6517
6518 if (u->condition_result)
6519 return NULL;
6520
6521 LIST_FOREACH(conditions, c, u->conditions)
6522 if (c->trigger) {
6523 if (c->result == CONDITION_SUCCEEDED)
6524 has_succeeded_trigger = true;
6525 else if (!failed_trigger)
6526 failed_trigger = c;
6527 } else if (c->result != CONDITION_SUCCEEDED)
6528 return c;
6529
6530 return failed_trigger && !has_succeeded_trigger ? failed_trigger : NULL;
6531}
6532
f19afb21 6533int unit_can_live_mount(Unit *u, sd_bus_error *error) {
5162829e
LB		 6534 assert(u);
6535
d24d546d 6536 if (!UNIT_VTABLE(u)->live_mount)
5162829e
LB		 6537 return sd_bus_error_setf(
6538 error,
f19afb21
MY		 6539 SD_BUS_ERROR_NOT_SUPPORTED,
6540 "Live mounting not supported by unit type '%s'",
6541 unit_type_to_string(u->type));
5162829e 6542
d24d546d 6543 if (u->load_state != UNIT_LOADED)
5162829e
LB		 6544 return sd_bus_error_setf(
6545 error,
6546 BUS_ERROR_NO_SUCH_UNIT,
f19afb21 6547 "Unit '%s' not loaded, cannot live mount",
5162829e 6548 u->id);
5162829e
LB		 6549
6550 if (!UNIT_VTABLE(u)->can_live_mount)
6551 return 0;
6552
6553 return UNIT_VTABLE(u)->can_live_mount(u, error);
6554}
6555
6556int unit_live_mount(
6557 Unit *u,
6558 const char *src,
6559 const char *dst,
6560 sd_bus_message *message,
6561 MountInNamespaceFlags flags,
6562 const MountOptions *options,
6563 sd_bus_error *error) {
6564
6565 assert(u);
6566 assert(UNIT_VTABLE(u)->live_mount);
6567
6568 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u))) {
f19afb21 6569 log_unit_debug(u, "Unit not active, cannot perform live mount.");
5162829e
LB		 6570 return sd_bus_error_setf(
6571 error,
6572 BUS_ERROR_UNIT_INACTIVE,
6573 "Live mounting '%s' on '%s' for unit '%s' cannot be scheduled: unit not active",
6574 src,
6575 dst,
6576 u->id);
6577 }
6578
6579 if (unit_active_state(u) == UNIT_REFRESHING) {
f19afb21 6580 log_unit_debug(u, "Unit already live mounting, refusing further requests.");
5162829e
LB		 6581 return sd_bus_error_setf(
6582 error,
6583 BUS_ERROR_UNIT_BUSY,
6584 "Live mounting '%s' on '%s' for unit '%s' cannot be scheduled: another live mount in progress",
6585 src,
6586 dst,
6587 u->id);
6588 }
6589
6590 if (u->job) {
6591 log_unit_debug(u, "Unit already has a job in progress, cannot live mount");
6592 return sd_bus_error_setf(
6593 error,
6594 BUS_ERROR_UNIT_BUSY,
6595 "Live mounting '%s' on '%s' for unit '%s' cannot be scheduled: another operation in progress",
6596 src,
6597 dst,
6598 u->id);
6599 }
6600
6601 return UNIT_VTABLE(u)->live_mount(u, src, dst, message, flags, options, error);
6602}
6603
5afe510c 6604static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
17f6b640 6605 [COLLECT_INACTIVE] = "inactive",
5afe510c
LP		 6606 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
6607};
6608
6609DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
15ed3c3a
LP		 6610
6611Unit* unit_has_dependency(const Unit *u, UnitDependencyAtom atom, Unit *other) {
6612 Unit *i;
6613
6614 assert(u);
6615
6616 /* Checks if the unit has a dependency on 'other' with the specified dependency atom. If 'other' is
6617 * NULL checks if the unit has *any* dependency of that atom. Returns 'other' if found (or if 'other'
6618 * is NULL the first entry found), or NULL if not found. */
6619
6620 UNIT_FOREACH_DEPENDENCY(i, u, atom)
6621 if (!other || other == i)
6622 return i;
6623
6624 return NULL;
6625}
6626
6627int unit_get_dependency_array(const Unit *u, UnitDependencyAtom atom, Unit ***ret_array) {
6628 _cleanup_free_ Unit **array = NULL;
6629 size_t n = 0;
6630 Unit *other;
6631
6632 assert(u);
6633 assert(ret_array);
6634
6635 /* Gets a list of units matching a specific atom as array. This is useful when iterating through
6636 * dependencies while modifying them: the array is an "atomic snapshot" of sorts, that can be read
48008c1c 6637 * while the dependency table is continuously updated. */
15ed3c3a
LP		 6638
6639 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
6640 if (!GREEDY_REALLOC(array, n + 1))
6641 return -ENOMEM;
6642
6643 array[n++] = other;
6644 }
6645
6646 *ret_array = TAKE_PTR(array);
6647
6648 assert(n <= INT_MAX);
6649 return (int) n;
6650}
48b92b37 6651
83123a44
YW		 6652int unit_get_transitive_dependency_set(Unit *u, UnitDependencyAtom atom, Set **ret) {
6653 _cleanup_set_free_ Set *units = NULL, *queue = NULL;
6654 Unit *other;
6655 int r;
6656
6657 assert(u);
6658 assert(ret);
6659
6660 /* Similar to unit_get_dependency_array(), but also search the same dependency in other units. */
6661
6662 do {
6663 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
6664 r = set_ensure_put(&units, NULL, other);
6665 if (r < 0)
6666 return r;
6667 if (r == 0)
6668 continue;
6669 r = set_ensure_put(&queue, NULL, other);
6670 if (r < 0)
6671 return r;
6672 }
6673 } while ((u = set_steal_first(queue)));
6674
6675 *ret = TAKE_PTR(units);
6676 return 0;
6677}
6678
e9276800
LP		 6679int unit_arm_timer(
6680 Unit *u,
6681 sd_event_source **source,
6682 bool relative,
6683 usec_t usec,
6684 sd_event_time_handler_t handler) {
6685
6686 int r;
6687
6688 assert(u);
6689 assert(source);
6690 assert(handler);
6691
6692 if (*source) {
6693 if (usec == USEC_INFINITY)
6694 return sd_event_source_set_enabled(*source, SD_EVENT_OFF);
6695
6696 r = (relative ? sd_event_source_set_time_relative : sd_event_source_set_time)(*source, usec);
6697 if (r < 0)
6698 return r;
6699
6700 return sd_event_source_set_enabled(*source, SD_EVENT_ONESHOT);
6701 }
6702
6703 if (usec == USEC_INFINITY)
6704 return 0;
6705
6706 r = (relative ? sd_event_add_time_relative : sd_event_add_time)(
6707 u->manager->event,
6708 source,
6709 CLOCK_MONOTONIC,
6710 usec, 0,
6711 handler,
6712 u);
6713 if (r < 0)
6714 return r;
6715
6716 const char *d = strjoina(unit_type_to_string(u->type), "-timer");
6717 (void) sd_event_source_set_description(*source, d);
6718
6719 return 0;
6720}
6721
6e0f9593 6722bool unit_passes_filter(Unit *u, char * const *states, char * const *patterns) {
6d2984d2
DDM		 6723 assert(u);
6724
6725 if (!strv_isempty(states)) {
6e0f9593 6726 char * const *unit_states = STRV_MAKE(
6d2984d2
DDM		 6727 unit_load_state_to_string(u->load_state),
6728 unit_active_state_to_string(unit_active_state(u)),
6729 unit_sub_state_to_string(u));
6730
6731 if (!strv_overlap(states, unit_states))
6e0f9593 6732 return false;
6d2984d2
DDM		 6733 }
6734
6e0f9593 6735 return strv_fnmatch_or_empty(patterns, u->id, FNM_NOESCAPE);
6d2984d2
DDM		 6736}
6737
a8157796
LP		 6738static int unit_get_nice(Unit *u) {
6739 ExecContext *ec;
6740
6741 ec = unit_get_exec_context(u);
6742 return ec ? ec->nice : 0;
6743}
6744
6745static uint64_t unit_get_cpu_weight(Unit *u) {
6746 CGroupContext *cc;
6747
6748 cc = unit_get_cgroup_context(u);
6749 return cc ? cgroup_context_cpu_weight(cc, manager_state(u->manager)) : CGROUP_WEIGHT_DEFAULT;
6750}
6751
a89afe19
AB		 6752int unit_get_exec_quota_stats(Unit *u, ExecContext *c, ExecDirectoryType dt, uint64_t *ret_usage, uint64_t *ret_limit) {
6753 int r;
6754 _cleanup_close_ int fd = -EBADF;
6755 _cleanup_free_ char *p = NULL, *pp = NULL;
6756
6757 assert(u);
6758 assert(c);
6759
6760 if (c->directories[dt].n_items == 0) {
6761 *ret_usage = UINT64_MAX;
6762 *ret_limit = UINT64_MAX;
6763 return 0;
6764 }
6765
6766 ExecDirectoryItem *i = &c->directories[dt].items[0];
6767 p = path_join(u->manager->prefix[dt], i->path);
6768 if (!p)
6769 return log_oom_debug();
6770
6771 if (exec_directory_is_private(c, dt)) {
6772 pp = path_join(u->manager->prefix[dt], "private", i->path);
6773 if (!pp)
6774 return log_oom_debug();
6775 }
6776
6777 const char *target_dir = pp ?: p;
6778 fd = open(target_dir, O_PATH | O_CLOEXEC | O_DIRECTORY);
6779 if (fd < 0)
6780 return log_unit_debug_errno(u, errno, "Failed to get exec quota stats: %m");
6781
6782 uint32_t proj_id;
6783 r = read_fs_xattr_fd(fd, /* ret_xflags = */ NULL, &proj_id);
6784 if (r < 0)
6785 return log_unit_debug_errno(u, r, "Failed to get project ID for exec quota stats: %m");
6786
6787 struct dqblk req;
6788 r = quota_query_proj_id(fd, proj_id, &req);
6789 if (r <= 0)
6790 return log_unit_debug_errno(u, r, "Failed to query project ID for exec quota stats: %m");
6791
6792 *ret_usage = req.dqb_curspace;
6793 *ret_limit = req.dqb_bhardlimit * QIF_DQBLKSIZE;
6794
6795 return r;
6796}
6797
a8157796
LP		 6798int unit_compare_priority(Unit *a, Unit *b) {
6799 int ret;
6800
6801 ret = CMP(a->type, b->type);
6802 if (ret != 0)
6803 return -ret;
6804
6805 ret = CMP(unit_get_cpu_weight(a), unit_get_cpu_weight(b));
6806 if (ret != 0)
6807 return -ret;
6808
6809 ret = CMP(unit_get_nice(a), unit_get_nice(b));
6810 if (ret != 0)
6811 return ret;
6812
6813 return strcmp(a->id, b->id);
6814}
6815
64fd6ba9
DDM		 6816const char* unit_log_field(const Unit *u) {
6817 return MANAGER_IS_SYSTEM(ASSERT_PTR(u)->manager) ? "UNIT=" : "USER_UNIT=";
6818}
6819
6820const char* unit_invocation_log_field(const Unit *u) {
6821 return MANAGER_IS_SYSTEM(ASSERT_PTR(u)->manager) ? "INVOCATION_ID=" : "USER_INVOCATION_ID=";
6822}
6823
48b92b37 6824const ActivationDetailsVTable * const activation_details_vtable[_UNIT_TYPE_MAX] = {
17f6b640 6825 [UNIT_PATH] = &activation_details_path_vtable,
c8bc7519 6826 [UNIT_TIMER] = &activation_details_timer_vtable,
48b92b37
LB		 6827};
6828
6829ActivationDetails *activation_details_new(Unit *trigger_unit) {
6830 _cleanup_free_ ActivationDetails *details = NULL;
6831
6832 assert(trigger_unit);
6833 assert(trigger_unit->type != _UNIT_TYPE_INVALID);
6834 assert(trigger_unit->id);
6835
6836 details = malloc0(activation_details_vtable[trigger_unit->type]->object_size);
6837 if (!details)
6838 return NULL;
6839
6840 *details = (ActivationDetails) {
6841 .n_ref = 1,
6842 .trigger_unit_type = trigger_unit->type,
6843 };
6844
6845 details->trigger_unit_name = strdup(trigger_unit->id);
6846 if (!details->trigger_unit_name)
6847 return NULL;
6848
6849 if (ACTIVATION_DETAILS_VTABLE(details)->init)
6850 ACTIVATION_DETAILS_VTABLE(details)->init(details, trigger_unit);
6851
6852 return TAKE_PTR(details);
6853}
6854
6855static ActivationDetails *activation_details_free(ActivationDetails *details) {
6856 if (!details)
6857 return NULL;
6858
6859 if (ACTIVATION_DETAILS_VTABLE(details)->done)
6860 ACTIVATION_DETAILS_VTABLE(details)->done(details);
6861
6862 free(details->trigger_unit_name);
6863
6864 return mfree(details);
6865}
6866
acca52ab 6867void activation_details_serialize(const ActivationDetails *details, FILE *f) {
48b92b37
LB		 6868 if (!details || details->trigger_unit_type == _UNIT_TYPE_INVALID)
6869 return;
6870
6871 (void) serialize_item(f, "activation-details-unit-type", unit_type_to_string(details->trigger_unit_type));
6872 if (details->trigger_unit_name)
6873 (void) serialize_item(f, "activation-details-unit-name", details->trigger_unit_name);
6874 if (ACTIVATION_DETAILS_VTABLE(details)->serialize)
6875 ACTIVATION_DETAILS_VTABLE(details)->serialize(details, f);
6876}
6877
6878int activation_details_deserialize(const char *key, const char *value, ActivationDetails **details) {
e8dba806
FS		 6879 int r;
6880
48b92b37
LB		 6881 assert(key);
6882 assert(value);
6883 assert(details);
6884
6885 if (!*details) {
6886 UnitType t;
6887
6888 if (!streq(key, "activation-details-unit-type"))
6889 return -EINVAL;
6890
6891 t = unit_type_from_string(value);
210cb8d6
YW		 6892 if (t < 0)
6893 return t;
6894
6895 /* The activation details vtable has defined ops only for path and timer units */
6896 if (!activation_details_vtable[t])
48b92b37
LB		 6897 return -EINVAL;
6898
6899 *details = malloc0(activation_details_vtable[t]->object_size);
6900 if (!*details)
6901 return -ENOMEM;
6902
6903 **details = (ActivationDetails) {
6904 .n_ref = 1,
6905 .trigger_unit_type = t,
6906 };
6907
6908 return 0;
6909 }
6910
6911 if (streq(key, "activation-details-unit-name")) {
e8dba806
FS		 6912 r = free_and_strdup(&(*details)->trigger_unit_name, value);
6913 if (r < 0)
6914 return r;
48b92b37
LB		 6915
6916 return 0;
6917 }
6918
6919 if (ACTIVATION_DETAILS_VTABLE(*details)->deserialize)
6920 return ACTIVATION_DETAILS_VTABLE(*details)->deserialize(key, value, details);
6921
6922 return -EINVAL;
6923}
6924
acca52ab 6925int activation_details_append_env(const ActivationDetails *details, char ***strv) {
48b92b37
LB		 6926 int r = 0;
6927
6928 assert(strv);
6929
6930 if (!details)
6931 return 0;
6932
6933 if (!isempty(details->trigger_unit_name)) {
6934 char *s = strjoin("TRIGGER_UNIT=", details->trigger_unit_name);
6935 if (!s)
6936 return -ENOMEM;
6937
6938 r = strv_consume(strv, TAKE_PTR(s));
6939 if (r < 0)
6940 return r;
6941 }
6942
6943 if (ACTIVATION_DETAILS_VTABLE(details)->append_env) {
6944 r = ACTIVATION_DETAILS_VTABLE(details)->append_env(details, strv);
6945 if (r < 0)
6946 return r;
6947 }
6948
6949 return r + !isempty(details->trigger_unit_name); /* Return the number of variables added to the env block */
6950}
6951
acca52ab 6952int activation_details_append_pair(const ActivationDetails *details, char ***strv) {
48b92b37
LB		 6953 int r = 0;
6954
6955 assert(strv);
6956
6957 if (!details)
6958 return 0;
6959
6960 if (!isempty(details->trigger_unit_name)) {
69f3c619 6961 r = strv_extend_many(strv, "trigger_unit", details->trigger_unit_name);
48b92b37
LB		 6962 if (r < 0)
6963 return r;
6964 }
6965
18cf8411 6966 if (ACTIVATION_DETAILS_VTABLE(details)->append_pair) {
48b92b37
LB		 6967 r = ACTIVATION_DETAILS_VTABLE(details)->append_pair(details, strv);
6968 if (r < 0)
6969 return r;
6970 }
6971
6972 return r + !isempty(details->trigger_unit_name); /* Return the number of pairs added to the strv */
6973}
6974
6975DEFINE_TRIVIAL_REF_UNREF_FUNC(ActivationDetails, activation_details, activation_details_free);
9e615fa3
LB		 6976
6977static const char* const unit_mount_dependency_type_table[_UNIT_MOUNT_DEPENDENCY_TYPE_MAX] = {
6978 [UNIT_MOUNT_WANTS] = "WantsMountsFor",
6979 [UNIT_MOUNT_REQUIRES] = "RequiresMountsFor",
6980};
6981
6982DEFINE_STRING_TABLE_LOOKUP(unit_mount_dependency_type, UnitMountDependencyType);
6983
4ea4abb6
DDM		 6984static const char* const oom_policy_table[_OOM_POLICY_MAX] = {
6985 [OOM_CONTINUE] = "continue",
6986 [OOM_STOP] = "stop",
6987 [OOM_KILL] = "kill",
6988};
6989
6990DEFINE_STRING_TABLE_LOOKUP(oom_policy, OOMPolicy);
6991
9e615fa3
LB		 6992UnitDependency unit_mount_dependency_type_to_dependency_type(UnitMountDependencyType t) {
6993 switch (t) {
6994
6995 case UNIT_MOUNT_WANTS:
6996 return UNIT_WANTS;
6997
6998 case UNIT_MOUNT_REQUIRES:
6999 return UNIT_REQUIRES;
7000
7001 default:
7002 assert_not_reached();
7003 }
7004}
Unnamed repository; edit this file 'description' to name the repository.